Merge pull request #22 from selvanair/cherry-picked

Cherry picked for release/10
2016-03-04 09:53:01 +02:00 · 2016-03-04 09:53:01 +02:00 · bdeeecf2df
parent ac2d8a23c6 19afc9f70b
commit bdeeecf2df
3 changed files with 36 additions and 6 deletions
--- a/misc.c
+++ b/misc.c
@ -190,3 +190,29 @@ ForceForegroundWindow(HWND hWnd)

    return ret;
 }
+
+/*
+ * Check user has admin rights
+ * Taken from https://msdn.microsoft.com/en-us/library/windows/desktop/aa376389(v=vs.85).aspx
+ * Returns true if the calling process token has the local Administrators group enabled
+ * in its SID.  Assumes the caller is not impersonating and has access to open its own 
+ * process token.
+ */
+BOOL IsUserAdmin(VOID)
+{
+    BOOL b;
+    SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
+    PSID AdministratorsGroup;
+
+    b = AllocateAndInitializeSid (&NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
+                                  DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0,
+                                  &AdministratorsGroup);
+    if(b)
+    {
+        if (!CheckTokenMembership(NULL, AdministratorsGroup, &b))
+            b = FALSE;
+        FreeSid(AdministratorsGroup);
+    }
+
+    return(b);
+}
--- a/misc.h
+++ b/misc.h
@ -30,4 +30,6 @@ BOOL streq(LPCSTR, LPCSTR);
 BOOL wcsbegins(LPCWSTR, LPCWSTR);

 BOOL ForceForegroundWindow(HWND);
+
+BOOL IsUserAdmin(VOID);
 #endif
--- a/openvpn.c
+++ b/openvpn.c
@ -682,20 +682,22 @@ StartOpenVPN(connection_t *c)
    /* Create a management interface password */
    GetRandomPassword(c->manage.password, sizeof(c->manage.password) - 1);

-    /* Construct command line */
-    _sntprintf_0(cmdline, _T("openvpn --config \"%s\" "
-        "--setenv IV_GUI_VER \"%S\" --service %s 0 --log%s \"%s\" --auth-retry interact "
+    /* Construct command line -- put log first */
+    _sntprintf_0(cmdline, _T("openvpn --log%s \"%s\" --config \"%s\" "
+        "--setenv IV_GUI_VER \"%S\" --service %s 0 --auth-retry interact "
        "--management %S %hd stdin --management-query-passwords %s"
-        "--management-hold"), c->config_file, PACKAGE_STRING, exit_event_name,
+        "--management-hold"),
        (o.append_string[0] == '1' ? _T("-append") : _T("")), c->log_path,
+        c->config_file, PACKAGE_STRING, exit_event_name,
        inet_ntoa(c->manage.skaddr.sin_addr), ntohs(c->manage.skaddr.sin_port),
        (o.proxy_source != config ? _T("--management-query-proxy ") : _T("")));

    /* Try to open the service pipe */
+    if (!IsUserAdmin())
      service = CreateFile(_T("\\\\.\\pipe\\openvpn\\service"),
                GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);

-    if (service != INVALID_HANDLE_VALUE)
+    if (service && service != INVALID_HANDLE_VALUE)
    {
        DWORD size = _tcslen(c->config_dir) + _tcslen(options) + sizeof(c->manage.password) + 3;
        TCHAR startup_info[1024];