github
/
openvpn-gui
mirror of https://github.com/OpenVPN/openvpn-gui
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #22 from selvanair/cherry-picked 

Cherry picked for release/10
pull/68/head
Samuli Seppänen 2016-03-04 09:53:01 +02:00
parent ac2d8a23c6 19afc9f70b
commit bdeeecf2df
3 changed files with 36 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
misc.c
View File

@ -190,3 +190,29 @@ ForceForegroundWindow(HWND hWnd)
return ret; return ret;
} }
/*
* Check user has admin rights
* Taken from https://msdn.microsoft.com/en-us/library/windows/desktop/aa376389(v=vs.85).aspx
* Returns true if the calling process token has the local Administrators group enabled
* in its SID. Assumes the caller is not impersonating and has access to open its own
* process token.
*/
BOOL IsUserAdmin(VOID)
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
PSID AdministratorsGroup;
b = AllocateAndInitializeSid (&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if(b)
{
if (!CheckTokenMembership(NULL, AdministratorsGroup, &b))
b = FALSE;
FreeSid(AdministratorsGroup);
}
return(b);
}

2
misc.h
View File

@ -30,4 +30,6 @@ BOOL streq(LPCSTR, LPCSTR);
BOOL wcsbegins(LPCWSTR, LPCWSTR); BOOL wcsbegins(LPCWSTR, LPCWSTR);
BOOL ForceForegroundWindow(HWND); BOOL ForceForegroundWindow(HWND);
BOOL IsUserAdmin(VOID);
#endif #endif

12
openvpn.c
View File

@ -682,20 +682,22 @@ StartOpenVPN(connection_t *c)
/* Create a management interface password */ /* Create a management interface password */
GetRandomPassword(c->manage.password, sizeof(c->manage.password) - 1); GetRandomPassword(c->manage.password, sizeof(c->manage.password) - 1);
/* Construct command line */ /* Construct command line -- put log first */
_sntprintf_0(cmdline, _T("openvpn --config \"%s\" " _sntprintf_0(cmdline, _T("openvpn --log%s \"%s\" --config \"%s\" "
"--setenv IV_GUI_VER \"%S\" --service %s 0 --log%s \"%s\" --auth-retry interact " "--setenv IV_GUI_VER \"%S\" --service %s 0 --auth-retry interact "
"--management %S %hd stdin --management-query-passwords %s" "--management %S %hd stdin --management-query-passwords %s"
"--management-hold"), c->config_file, PACKAGE_STRING, exit_event_name, "--management-hold"),
(o.append_string[0] == '1' ? _T("-append") : _T("")), c->log_path, (o.append_string[0] == '1' ? _T("-append") : _T("")), c->log_path,
c->config_file, PACKAGE_STRING, exit_event_name,
inet_ntoa(c->manage.skaddr.sin_addr), ntohs(c->manage.skaddr.sin_port), inet_ntoa(c->manage.skaddr.sin_addr), ntohs(c->manage.skaddr.sin_port),
(o.proxy_source != config ? _T("--management-query-proxy ") : _T(""))); (o.proxy_source != config ? _T("--management-query-proxy ") : _T("")));
/* Try to open the service pipe */ /* Try to open the service pipe */
if (!IsUserAdmin())
service = CreateFile(_T("\\\\.\\pipe\\openvpn\\service"), service = CreateFile(_T("\\\\.\\pipe\\openvpn\\service"),
GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
if (service != INVALID_HANDLE_VALUE) if (service && service != INVALID_HANDLE_VALUE)
{ {
DWORD size = _tcslen(c->config_dir) + _tcslen(options) + sizeof(c->manage.password) + 3; DWORD size = _tcslen(c->config_dir) + _tcslen(options) + sizeof(c->manage.password) + 3;
TCHAR startup_info[1024]; TCHAR startup_info[1024];