diff --git a/Info.plist b/Info.plist new file mode 100755 index 0000000..d2d7d01 --- /dev/null +++ b/Info.plist @@ -0,0 +1,41 @@ + + + + + CFBundleDisplayName + VPN.ht (Development) + CFBundleExecutable + Atom + CFBundleIconFile + atom.icns + CFBundleIdentifier + ht.vpn.development + CFBundleInfoDictionaryVersion + 6.0 + CFBundleName + VPN.ht (Development) + CFBundlePackageType + APPL + CFBundleVersion + 0.0 + LSMinimumSystemVersion + 10.8.0 + NSMainNibFile + MainMenu + NSPrincipalClass + AtomApplication + NSSupportsAutomaticGraphicsSwitching + + CFBundleURLTypes + + + CFBundleURLSchemes + + vpnht + + CFBundleURLName + OpenVPN App Protocol + + + + diff --git a/README.md b/README.md new file mode 100644 index 0000000..fd250fa --- /dev/null +++ b/README.md @@ -0,0 +1,8 @@ +# KEEP PRIVATE ! + +All utilities used to build the final desktop APP + +### includes + + * PKG Builder for Mac OSX + * NSIS Scripts and all required plugins for building the installer diff --git a/loading.gif b/loading.gif new file mode 100755 index 0000000..199632b Binary files /dev/null and b/loading.gif differ diff --git a/mac/mac-dist b/mac/mac-dist new file mode 100755 index 0000000..f7af2a1 --- /dev/null +++ b/mac/mac-dist @@ -0,0 +1,85 @@ +#!/bin/bash +CURRENTDIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) +ROOTDIR="${CURRENTDIR}/../../" +BUILD_DIR="${ROOTDIR}/dist/VPN.ht-darwin-x64/" +BASE_DIR="${ROOTDIR}/dist" +PKG_DIR="${ROOTDIR}/util/mac/pkg" +VERSION="0.0.1" +IDENTIFIER="ht.vpn.desktop" +APPNAME="VPN.ht" + +rm -rf "$BASE_DIR/darwin" +mkdir -p "$BASE_DIR/darwin/flat/Resources/en.lproj" +mkdir -p "$BASE_DIR/darwin/flat/base.pkg" +mkdir -p "$BASE_DIR/darwin/scripts" +mkdir -p "$BASE_DIR/darwin/root/Applications" +cp -R $BUILD_DIR/VPN.ht.app $BASE_DIR/darwin/root/Applications +cp -R $PKG_DIR/* $BASE_DIR/darwin/scripts +NUM_FILES=$(find ${BASE_DIR}/darwin/root | wc -l) +INSTALL_KB_SIZE=$(du -k -s ${BASE_DIR}/darwin/root | awk '{print $1}') + +cat < ${BASE_DIR}/darwin/flat/base.pkg/PackageInfo + + + + + + + + + + + + + + + + + + + + + + + +EOF + +cat < ${BASE_DIR}/darwin/flat/Distribution + + + + + + + + + + + + VPN.ht + + + + + + + + + + + + + + + + #base.pkg + +EOF + +PKG_LOCATION="${ROOTDIR}/dist/${APPNAME}-${VERSION}.pkg" + +( cd ${BASE_DIR}/darwin/root && find . | cpio -o --format odc --owner 0:80 | gzip -c ) > ${BASE_DIR}/darwin/flat/base.pkg/Payload +( cd ${BASE_DIR}/darwin/scripts && find . | cpio -o --format odc --owner 0:80 | gzip -c ) > ${BASE_DIR}/darwin/flat/base.pkg/Scripts +mkbom ${BASE_DIR}/darwin/root ${BASE_DIR}/darwin/flat/base.pkg/Bom +( cd ${BASE_DIR}/darwin/flat/ && xar --compression none -cf "${PKG_LOCATION}" * ) +echo "osx package has been built: ${PKG_LOCATION}" diff --git a/mac/pkg/postinstall b/mac/pkg/postinstall new file mode 100755 index 0000000..bff2738 --- /dev/null +++ b/mac/pkg/postinstall @@ -0,0 +1,168 @@ +#!/bin/sh +#touch ~/from-pkg-installer + +LOGFILE=~/Library/Logs/VPN.ht/installer.log +PATH_DIR_VPNHT_APP='/Applications/VPN.ht.app' + +source ./shared/common + +#################################################################### +# Log function adapters specific to this script: +#################################################################### + +function log_text +{ + log_text_base "$1" "$LOGFILE" +} + +function log_command +{ + command_output=$($1) + log_command_base "$command_output" "$LOGFILE" +} + +function permissions_set_vpnclients +{ + log_text "Setting permissions on VpnClient binaries..." + current_directory_print + + DIR_VPN_CLIENTS='/Applications/VPN.ht.app/Contents/Resources/bin' + + if [ ! -d "$DIR_VPN_CLIENTS" ]; then + log_text "Directory \"$DIR_VPN_CLIENTS\" does not exist" + exit 1 + fi + + cd "$DIR_VPN_CLIENTS" + log_text "Current directory: " + log_command "pwd" + + log_text "ls -la before changing permissions: " + log_command "ls -la" + bin_path=. + + openvpn_module_name="openvpn" + + full_openvpn_module_path="$bin_path/$openvpn_module_name" + + log_text "openvpn path is \"$full_openvpn_module_path\"" + + if [ -f "$full_openvpn_module_path" ]; then + log_text "openvpn details: " + log_command "ls -la $full_openvpn_module_path" + log_text "Setting root:admin as openvpn owner..." + sudo chown root:admin "$full_openvpn_module_path" + log_text "Setting execute permissions for openvpn..." + sudo chmod a+x "$full_openvpn_module_path" + log_text "Setting setuid on openvpn..." + sudo chmod u+s "$full_openvpn_module_path" + log_text "openvpn details: " + log_command "ls -la $full_openvpn_module_path" + else + log_text "WARNING: File not found: \"$full_openvpn_module_path\"" + return 1 + fi + +} + +function permissions_set_applications +{ + + log_text "Setting permissions on helper application binaries..." + current_directory_print + + DIR_APPLICATIONS='/Applications/VPN.ht.app/Contents/Frameworks/' + + if [ ! -d "$DIR_APPLICATIONS" ]; then + log_text "Directory \"$DIR_APPLICATIONS\" does not exist" + exit 1 + fi + + cd "$DIR_APPLICATIONS" + log_text "Current directory: " + log_command "pwd" + + log_text "ls -la before changing permissions: " + log_command "ls -la" + bin_path=. + + VPNHTHELPER_NAME="VPN.ht Helper.app" + + PATH_VPNHTHELPER="$bin_path/$VPNHTHELPER_NAME" + + if [ -d "$PATH_VPNHTHELPER" ]; then + VPNHTHELPER_NAME="VPN.ht\ Helper.app" + PATH_VPNHTHELPER="$bin_path/$VPNHTHELPER_NAME" + log_text "VPN.ht Helper.APP details: " + log_command "ls -la $PATH_VPNHTHELPER" + log_text "Setting root:admin as VPNHTHelper.APP owner..." + sudo chown -R root:admin "$PATH_VPNHTHELPER" + log_text "Setting execute permissions for VPNHTHelper.APP..." + sudo chmod -R a+x "$PATH_VPNHTHELPER" + log_text "Setting setuid on VPNHTHelper.APP..." + sudo chmod -R u+s "$PATH_VPNHTHELPER" + log_text "VPNHTHelper.APP details: " + log_command "ls -la $PATH_VPNHTHELPER" + else + log_text "WARNING: Directory not found: \"$PATH_VPNHTHELPER\"" + exit 2 + fi +} + +function permissions_set_scripts +{ + log_text "Setting permissions on up/down script..." + current_directory_print + + SCRIPTS_PATH='/Applications/VPN.ht.app/Contents/Resources/bin/' + + if [ ! -d "$SCRIPTS_PATH" ]; then + log_text "Directory \"$SCRIPTS_PATH\" does not exist" + exit 1 + fi + + cd "$SCRIPTS_PATH" + + log_text "Current directory: " + log_command "pwd" + + log_text "ls -la before changing permissions: " + log_command "ls -la script.*" + + SCRIPTS_NAME="script.*" + + log_text "\"$SCRIPTS_NAME\" details: " + log_command "ls -la $SCRIPTS_NAME" + + log_text "Setting root:admin as owner..." + sudo chown -R root:admin $SCRIPTS_NAME + + log_text "Setting execute permissions..." + sudo chmod -R a+x $SCRIPTS_NAME + + log_text "Setting setuid on up down scripts..." + sudo chmod -R u+s $SCRIPTS_NAME + + log_text "\"$SCRIPTS_NAME\" details: " + log_command "ls -la $SCRIPTS_NAME" + +} + +#################################################################### +# Main script body: +#################################################################### + +log_text "===================" +log_text "=== postinstall ===" +log_text "===================" + +log_text "Setting wheel group on VPN.ht whole application..." +sudo chown -R root:wheel "$PATH_DIR_VPNHT_APP" + +permissions_set_vpnclients +permissions_set_applications +permissions_set_scripts + +log_text "Installation completed successfully..." + +exit 0 diff --git a/mac/pkg/preinstall b/mac/pkg/preinstall new file mode 100755 index 0000000..f691e6f --- /dev/null +++ b/mac/pkg/preinstall @@ -0,0 +1,107 @@ +#!/bin/sh + +# When this script is executed, all messages printed with echo command directly +# appear in the Terminal and in /var/log/install.log + +PATH_DIR_LOG=~/'Library/Logs/VPN.ht' +LOGFILE="$PATH_DIR_LOG/installer.log" + +LOGIN_USER=`ls -l /dev/console | awk '{ print $3 }'` +source ./shared/common + +#################################################################### +# Log function adapters specific to this script: +#################################################################### + +function log_text +{ + log_text_base "$1" "$LOGFILE" +} + +function log_command +{ + command_output=$($1) + log_command_base "$command_output" "$LOGFILE" +} + +#################################################################### +# Functions specific to this script: +#################################################################### + +function log_dir_create +{ + directory_create_as_user "$PATH_DIR_LOG" "$LOGIN_USER" + local error_code=$? + + if [ $error_code -ne 0 ]; then + exit 1 + fi +} + +function log_file_create +{ + file_create_as_user "$LOGFILE" "$LOGIN_USER" + local error_code=$? + + if [ $error_code -ne 0 ]; then + exit 1 + fi +} + + +function tuntap_installed +{ + local installed=0 + + if [ -d "/Library/Extensions/tap.kext" ]; then + if [ -d "/Library/Extensions/tun.kext" ]; then + if [ -d "/Library/StartupItems/tap" ]; then + if [ -d "/Library/StartupItems/tun" ]; then + local installed=1 + fi + fi + fi + fi + + return $installed +} + +function tuntap_install +{ + tuntap_installed + local installed=$? + + if [ $installed -eq 0 ]; then + log_text "TUN/TAP drivers not found. Installing TUN/TAP drivers Installer Package..." + sudo installer -pkg ./tuntap_20111101.pkg -target / + + tuntap_installed + installed=$? + if [ $installed -eq 0 ]; then + log_text "Failed to install TUN/TAP drivers" + exit 1 + else + log_text "TUN/TAP drivers installed." + fi + else + log_text "TUN/TAP drivers already installed" + fi +} + +#################################################################### +# Main script body: +#################################################################### + +log_dir_create + +log_text "==================" +log_text "=== preinstall ===" +log_text "==================" + +print_environment_info "$1" "$2" "$3" "$4" +current_directory_print +tuntap_install + +log_text "Terminating preinstall..." + +exit 0 diff --git a/mac/pkg/shared/common b/mac/pkg/shared/common new file mode 100644 index 0000000..7fd1083 --- /dev/null +++ b/mac/pkg/shared/common @@ -0,0 +1,181 @@ +#################################################################### +# Common functions: +#################################################################### + +function log_text_base +{ + local timestamp=$(date +"%D %T") + local msg="$timestamp $1" + echo "$msg" >> "$2" +} + +function log_command_base +{ + echo "$1" >> "$2" +} + +function print_environment_info +{ + log_text "Full path to the installation package the Installer application is processing: " + log_text "$1" + + log_text "Full path to the installation destination: " + log_text "$2" + + log_text "Installation volume (or mount point) to receive the payload: " + log_text "$3" + + log_text "The root directory for the system: " + log_text "$4" + + log_text "Filename of the operation executable: " + log_text "$SCRIPT_NAME" + + log_text "Full path to the installation package: " + log_text "$PACKAGE_PATH" + + log_text "Scratch directory used by Installer to place its temporary work files: " + log_text "$INSTALLER_TEMP" + log_command "ls -la $INSTALLER_TEMP" +} + +function current_directory_print +{ + log_text "Current directory: " + log_command pwd + log_command "ls -la" +} + +function file_delete +{ + local error_code=0 + + if [ -f "$1" ]; then + log_text "Removing '$1'..." + rm "$1" + + if [ -f "$1" ]; then + log_text "Failed to delete file '$1'" + error_code=1 + fi + else + log_text "File '$1' does not exist" + fi + + return $error_code +} + +# +# Creates specified directory as user +# +# Arguments: +# 1) full path to the directory to be created +# 2) username +# +# Return value: +# 0 - directory successfully created +# 1 - error occured; directory not created +# +function directory_create_as_user +{ + local error_code=0 + + if [ ! -d "$1" ]; then + echo Creating directory "$1" as user "$2"... + sudo -u "$2" mkdir -v "$1" + + if [ ! -d "$1" ]; then + echo Failed to create directory "$1" + error_code=1 + fi + fi + + return $error_code +} + +# +# Removes given directory (including all its content). +# +# Arguments: +# 1) full path to the directory to be removed +# +# Return value: +# 0 - directory successfully removed +# 1 - error occurred; directory not removed +# +function directory_remove +{ + local error_code=0 + + if [ -d "$1" ]; then + log_text "Removing '$1'..." + rm -rf "$1" + + if [ -d "$1" ]; then + log_text "Failed to delete directory '$1'" + error_code=1 + fi + else + log_text "Directory '$1' does not exist" + fi + + return $error_code +} + +# arg1 - source +# arg2 - destination +function directory_move +{ + local error_code=0 + + if [ -d "$1" ]; then + if [ -d "$2" ]; then + log_text "Moving '$1' to '$2'..." + mv -f "$1" "$2" + + if [ -d "$1" ]; then + log_text "Failed to delete directory '$1'" + error_code=1 + fi + + if [ ! -d "$2" ]; then + log_text "Directory '$2' not created" + error_code=2 + fi + else + log_text "Directory '$2' does not exist" + fi + else + log_text "Directory '$1' does not exist" + fi + + return $error_code +} + +# +# Creates specified file as user +# +# Arguments: +# 1) full path to the file to be created +# 2) username +# +# Return value: +# 0 - file successfully created +# 1 - error occured; file not created +# +function file_create_as_user +{ + local error_code=0 + + if [ ! -f "$1" ]; then + echo Creating file "$1" as user "$2"... + sudo -u "$2" touch "$1" + + if [ ! -f "$1" ]; then + echo Failed to create file "$1" + error_code=1 + fi + fi + + return $error_code +} diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Archive.bom b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Archive.bom new file mode 100644 index 0000000..b236970 Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Archive.bom differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Archive.pax.gz b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Archive.pax.gz new file mode 100644 index 0000000..9f8ba60 Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Archive.pax.gz differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Info.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Info.plist new file mode 100644 index 0000000..ed1288e --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Info.plist @@ -0,0 +1,40 @@ + + + + + CFBundleIdentifier + tuntap.startup_item.tap + CFBundleShortVersionString + 1 + IFMajorVersion + 1 + IFMinorVersion + 0 + IFPkgFlagAllowBackRev + + IFPkgFlagAuthorizationAction + RootAuthorization + IFPkgFlagDefaultLocation + /Library/StartupItems + IFPkgFlagFollowLinks + + IFPkgFlagInstallFat + + IFPkgFlagInstalledSize + 12 + IFPkgFlagIsRequired + + IFPkgFlagOverwritePermissions + + IFPkgFlagRelocatable + + IFPkgFlagRestartAction + None + IFPkgFlagRootVolumeOnly + + IFPkgFlagUpdateInstalledLanguages + + IFPkgFormatVersion + 0.10000000149011612 + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/PkgInfo b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/PkgInfo new file mode 100644 index 0000000..4cd3119 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/PkgInfo @@ -0,0 +1 @@ +pmkrpkg1 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/en.lproj/Description.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/en.lproj/Description.plist new file mode 100644 index 0000000..2de07c8 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/en.lproj/Description.plist @@ -0,0 +1,10 @@ + + + + + IFPkgDescriptionDescription + + IFPkgDescriptionTitle + tap + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/package_version b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/package_version new file mode 100644 index 0000000..c052336 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/package_version @@ -0,0 +1,2 @@ +major: 1 +minor: 0 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/postflight b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/postflight new file mode 100755 index 0000000..f7d2089 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/postflight @@ -0,0 +1,12 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/StartupItems/tap + +# Fix ownership and permissions. PackageMaker gets this wrong *sigh* +chown -R root:wheel /Library/StartupItems/tap +chmod -R u=rwX,g=rX,o=rX /Library/StartupItems/tap + +# exit successfully +exit 0 + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/postinstall b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/postinstall new file mode 100755 index 0000000..f7d2089 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap-1.pkg/Contents/Resources/postinstall @@ -0,0 +1,12 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/StartupItems/tap + +# Fix ownership and permissions. PackageMaker gets this wrong *sigh* +chown -R root:wheel /Library/StartupItems/tap +chmod -R u=rwX,g=rX,o=rX /Library/StartupItems/tap + +# exit successfully +exit 0 + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Archive.bom b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Archive.bom new file mode 100644 index 0000000..5e2eec1 Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Archive.bom differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Archive.pax.gz b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Archive.pax.gz new file mode 100644 index 0000000..2031e4d Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Archive.pax.gz differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Info.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Info.plist new file mode 100644 index 0000000..4580b54 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Info.plist @@ -0,0 +1,40 @@ + + + + + CFBundleIdentifier + tuntap.tap + CFBundleShortVersionString + 1 + IFMajorVersion + 1 + IFMinorVersion + 0 + IFPkgFlagAllowBackRev + + IFPkgFlagAuthorizationAction + RootAuthorization + IFPkgFlagDefaultLocation + /Library/Extensions + IFPkgFlagFollowLinks + + IFPkgFlagInstallFat + + IFPkgFlagInstalledSize + 84 + IFPkgFlagIsRequired + + IFPkgFlagOverwritePermissions + + IFPkgFlagRelocatable + + IFPkgFlagRestartAction + None + IFPkgFlagRootVolumeOnly + + IFPkgFlagUpdateInstalledLanguages + + IFPkgFormatVersion + 0.10000000149011612 + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/PkgInfo b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/PkgInfo new file mode 100644 index 0000000..4cd3119 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/PkgInfo @@ -0,0 +1 @@ +pmkrpkg1 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/en.lproj/Description.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/en.lproj/Description.plist new file mode 100644 index 0000000..2de07c8 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/en.lproj/Description.plist @@ -0,0 +1,10 @@ + + + + + IFPkgDescriptionDescription + + IFPkgDescriptionTitle + tap + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/package_version b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/package_version new file mode 100644 index 0000000..c052336 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/package_version @@ -0,0 +1,2 @@ +major: 1 +minor: 0 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/postflight b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/postflight new file mode 100755 index 0000000..6c8b5c9 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/postflight @@ -0,0 +1,15 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/Extensions/tap.kext + +# unload an old extension (might fail) +kextunload /Library/Extensions/tap.kext + +# Fix ownership and permissions. PackageMaker gets this wrong *sigh* +chown -R root:wheel /Library/Extensions/tap.kext +chmod -R u=rwX,g=rX,o=rX /Library/Extensions/tap.kext + +# load the new version +kextload /Library/Extensions/tap.kext + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/postinstall b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/postinstall new file mode 100755 index 0000000..6c8b5c9 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tap.pkg/Contents/Resources/postinstall @@ -0,0 +1,15 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/Extensions/tap.kext + +# unload an old extension (might fail) +kextunload /Library/Extensions/tap.kext + +# Fix ownership and permissions. PackageMaker gets this wrong *sigh* +chown -R root:wheel /Library/Extensions/tap.kext +chmod -R u=rwX,g=rX,o=rX /Library/Extensions/tap.kext + +# load the new version +kextload /Library/Extensions/tap.kext + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Archive.bom b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Archive.bom new file mode 100644 index 0000000..0940117 Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Archive.bom differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Archive.pax.gz b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Archive.pax.gz new file mode 100644 index 0000000..ae662c7 Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Archive.pax.gz differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Info.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Info.plist new file mode 100644 index 0000000..6ab898c --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Info.plist @@ -0,0 +1,40 @@ + + + + + CFBundleIdentifier + tuntap.startup_item.tun + CFBundleShortVersionString + 1 + IFMajorVersion + 1 + IFMinorVersion + 0 + IFPkgFlagAllowBackRev + + IFPkgFlagAuthorizationAction + RootAuthorization + IFPkgFlagDefaultLocation + /Library/StartupItems + IFPkgFlagFollowLinks + + IFPkgFlagInstallFat + + IFPkgFlagInstalledSize + 12 + IFPkgFlagIsRequired + + IFPkgFlagOverwritePermissions + + IFPkgFlagRelocatable + + IFPkgFlagRestartAction + None + IFPkgFlagRootVolumeOnly + + IFPkgFlagUpdateInstalledLanguages + + IFPkgFormatVersion + 0.10000000149011612 + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/PkgInfo b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/PkgInfo new file mode 100644 index 0000000..4cd3119 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/PkgInfo @@ -0,0 +1 @@ +pmkrpkg1 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/en.lproj/Description.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/en.lproj/Description.plist new file mode 100644 index 0000000..f4c0ac4 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/en.lproj/Description.plist @@ -0,0 +1,10 @@ + + + + + IFPkgDescriptionDescription + + IFPkgDescriptionTitle + tun + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/package_version b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/package_version new file mode 100644 index 0000000..c052336 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/package_version @@ -0,0 +1,2 @@ +major: 1 +minor: 0 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/postflight b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/postflight new file mode 100755 index 0000000..63373f3 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/postflight @@ -0,0 +1,12 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/StartupItems/tun + +# Fix ownership and permissions. PackageMaker gets this wrong *sigh* +chown -R root:wheel /Library/StartupItems/tun +chmod -R u=rwX,g=rX,o=rX /Library/StartupItems/tun + +# exit successfully +exit 0 + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/postinstall b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/postinstall new file mode 100755 index 0000000..63373f3 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun-1.pkg/Contents/Resources/postinstall @@ -0,0 +1,12 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/StartupItems/tun + +# Fix ownership and permissions. PackageMaker gets this wrong *sigh* +chown -R root:wheel /Library/StartupItems/tun +chmod -R u=rwX,g=rX,o=rX /Library/StartupItems/tun + +# exit successfully +exit 0 + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Archive.bom b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Archive.bom new file mode 100644 index 0000000..42ba37b Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Archive.bom differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Archive.pax.gz b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Archive.pax.gz new file mode 100644 index 0000000..adbfea1 Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Archive.pax.gz differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Info.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Info.plist new file mode 100644 index 0000000..a2ace87 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Info.plist @@ -0,0 +1,40 @@ + + + + + CFBundleIdentifier + tuntap.tun + CFBundleShortVersionString + 1 + IFMajorVersion + 1 + IFMinorVersion + 0 + IFPkgFlagAllowBackRev + + IFPkgFlagAuthorizationAction + RootAuthorization + IFPkgFlagDefaultLocation + /Library/Extensions + IFPkgFlagFollowLinks + + IFPkgFlagInstallFat + + IFPkgFlagInstalledSize + 88 + IFPkgFlagIsRequired + + IFPkgFlagOverwritePermissions + + IFPkgFlagRelocatable + + IFPkgFlagRestartAction + None + IFPkgFlagRootVolumeOnly + + IFPkgFlagUpdateInstalledLanguages + + IFPkgFormatVersion + 0.10000000149011612 + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/PkgInfo b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/PkgInfo new file mode 100644 index 0000000..4cd3119 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/PkgInfo @@ -0,0 +1 @@ +pmkrpkg1 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/en.lproj/Description.plist b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/en.lproj/Description.plist new file mode 100644 index 0000000..f4c0ac4 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/en.lproj/Description.plist @@ -0,0 +1,10 @@ + + + + + IFPkgDescriptionDescription + + IFPkgDescriptionTitle + tun + + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/package_version b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/package_version new file mode 100644 index 0000000..c052336 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/package_version @@ -0,0 +1,2 @@ +major: 1 +minor: 0 \ No newline at end of file diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/postflight b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/postflight new file mode 100755 index 0000000..a3228eb --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/postflight @@ -0,0 +1,15 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/Extensions/tun.kext + +# unload an old extension (might fail) +kextunload /Library/Extensions/tun.kext + +# Fix ownership. The installer gets this wrong *sigh* +chown -R root:wheel /Library/Extensions/tun.kext +chmod -R u=rwX,g=rX,o=rX /Library/Extensions/tun.kext + +# load the new version +kextload /Library/Extensions/tun.kext + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/postinstall b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/postinstall new file mode 100755 index 0000000..a3228eb --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Packages/tun.pkg/Contents/Resources/postinstall @@ -0,0 +1,15 @@ +#!/bin/sh + +# old versions resided in /System/Library, remove. +rm -r /System/Library/Extensions/tun.kext + +# unload an old extension (might fail) +kextunload /Library/Extensions/tun.kext + +# Fix ownership. The installer gets this wrong *sigh* +chown -R root:wheel /Library/Extensions/tun.kext +chmod -R u=rwX,g=rX,o=rX /Library/Extensions/tun.kext + +# load the new version +kextload /Library/Extensions/tun.kext + diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/License.rtfd/TXT.rtf b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/License.rtfd/TXT.rtf new file mode 100644 index 0000000..79b50dc --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/License.rtfd/TXT.rtf @@ -0,0 +1,18 @@ +{\rtf1\ansi\ansicpg1252\cocoartf949 +{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +{\*\listtable{\list\listtemplateid1\listhybrid{\listlevel\levelnfc0\levelnfcn0\leveljc2\leveljcn2\levelfollow0\levelstartat1\levelspace360\levelindent0{\*\levelmarker \{decimal\}.}{\leveltext\leveltemplateid0\'02\'05.;}{\levelnumbers\'01;}}{\listname ;}\listid1}} +{\*\listoverridetable{\listoverride\listid1\listoverridecount0\ls1}} +\paperw11900\paperh16840\margl1440\margr1440\vieww9000\viewh8400\viewkind0 +\deftab720 +\pard\pardeftab720\sa320\ql\qnatural + +\f0\fs28 \cf0 tun/tap driver for Mac OS X\uc0\u8232 Copyright (c) 2011 Mattias Nissler \ +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\ +\pard\tx220\tx720\pardeftab720\li720\fi-720\ql\qnatural +\ls1\ilvl0\cf0 {\listtext 1. }Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\ +{\listtext 2. }Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\ +{\listtext 3. }The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission.\ +\ +\pard\pardeftab720\sa320\ql\qnatural +\cf0 THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.} diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/License.rtfd/TXT.rtf-e b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/License.rtfd/TXT.rtf-e new file mode 100644 index 0000000..5e62120 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/License.rtfd/TXT.rtf-e @@ -0,0 +1,18 @@ +{\rtf1\ansi\ansicpg1252\cocoartf949 +{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +{\*\listtable{\list\listtemplateid1\listhybrid{\listlevel\levelnfc0\levelnfcn0\leveljc2\leveljcn2\levelfollow0\levelstartat1\levelspace360\levelindent0{\*\levelmarker \{decimal\}.}{\leveltext\leveltemplateid0\'02\'05.;}{\levelnumbers\'01;}}{\listname ;}\listid1}} +{\*\listoverridetable{\listoverride\listid1\listoverridecount0\ls1}} +\paperw11900\paperh16840\margl1440\margr1440\vieww9000\viewh8400\viewkind0 +\deftab720 +\pard\pardeftab720\sa320\ql\qnatural + +\f0\fs28 \cf0 tun/tap driver for Mac OS X\uc0\u8232 Copyright (c) 2004, 2005, 2006, 2007, 2008, 2009 Mattias Nissler \ +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\ +\pard\tx220\tx720\pardeftab720\li720\fi-720\ql\qnatural +\ls1\ilvl0\cf0 {\listtext 1. }Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\ +{\listtext 2. }Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\ +{\listtext 3. }The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission.\ +\ +\pard\pardeftab720\sa320\ql\qnatural +\cf0 THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.} diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/Welcome.rtfd/TXT.rtf b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/Welcome.rtfd/TXT.rtf new file mode 100644 index 0000000..feba31f --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/Welcome.rtfd/TXT.rtf @@ -0,0 +1,14 @@ +{\rtf1\ansi\ansicpg1252\cocoartf949 +{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\paperw11900\paperh16840\margl1440\margr1440\vieww9000\viewh8400\viewkind0 +\pard\tx566\tx1133\tx1700\tx2267\tx2834\tx3401\tx3968\tx4535\tx5102\tx5669\tx6236\tx6803\tx9000\ri500\ql\qnatural\pardirnatural + +\f0\fs28 \cf0 This will install the TunTap software on your computer. It provides IP Tunnel and ethertap kernel extensions.\ +\ +TunTap software is free (as in "free beer" as well as "freedom"). If you like it, you can support further development by donating money. In order to do so just click the image below.\ +\ +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\ql\qnatural\pardirnatural +{\field{\*\fldinst{HYPERLINK "https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=mattias%2enissler%40gmx%2ede&item_name=TunTap%20driver%20development%20donations&no_shipping=1&no_note=1&tax=0¤cy_code=EUR&bn=PP%2dDonationsBF&charset=UTF%2d8"}}{\fldrslt +\fs24 \cf0 {{\NeXTGraphic paypal_button.gif \width1240 \height620 +}¬}}}} diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/Welcome.rtfd/paypal_button.gif b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/Welcome.rtfd/paypal_button.gif new file mode 100644 index 0000000..14c37d3 Binary files /dev/null and b/mac/pkg/tuntap_20111101.pkg/Contents/Resources/en.lproj/Welcome.rtfd/paypal_button.gif differ diff --git a/mac/pkg/tuntap_20111101.pkg/Contents/distribution.dist b/mac/pkg/tuntap_20111101.pkg/Contents/distribution.dist new file mode 100644 index 0000000..19da978 --- /dev/null +++ b/mac/pkg/tuntap_20111101.pkg/Contents/distribution.dist @@ -0,0 +1,69 @@ + + + TunTap Installer package + + + + + + + + + + + + + + + + + + + + + file:./Contents/Packages/tun.pkg + file:./Contents/Packages/tap.pkg + file:./Contents/Packages/tap-1.pkg + file:./Contents/Packages/tun-1.pkg + \ No newline at end of file diff --git a/reset b/reset new file mode 100755 index 0000000..916a300 --- /dev/null +++ b/reset @@ -0,0 +1,4 @@ +#!/bin/bash + +rm -rf ~/Library/Application\ Support/VPN.ht/ +rm -rf ~/VPN.ht diff --git a/setup.ico b/setup.ico new file mode 100644 index 0000000..a18c557 Binary files /dev/null and b/setup.ico differ diff --git a/vpnht.icns b/vpnht.icns new file mode 100644 index 0000000..243b15e Binary files /dev/null and b/vpnht.icns differ diff --git a/vpnht.ico b/vpnht.ico new file mode 100644 index 0000000..a18c557 Binary files /dev/null and b/vpnht.ico differ diff --git a/windows/AccessControl.dll b/windows/AccessControl.dll new file mode 100755 index 0000000..0de0324 Binary files /dev/null and b/windows/AccessControl.dll differ diff --git a/windows/SpecialGroupsSIDs.nsh b/windows/SpecialGroupsSIDs.nsh new file mode 100755 index 0000000..f4d1bb7 --- /dev/null +++ b/windows/SpecialGroupsSIDs.nsh @@ -0,0 +1,13 @@ +!define SG_ADMINISTRATORS "S-1-5-32-544" +!define SG_USERS "S-1-5-32-545" +!define SG_POWERUSERS "S-1-5-32-547" +!define SG_GUESTS "S-1-5-32-546" + +!define SG_EVERYONE "S-1-1-0" +!define SG_CREATOROWNER "S-1-3-0" +!define SG_NTAUTHORITY_NETWORK "S-1-5-2" +!define SG_NTAUTHORITY_INTERACTIVE "S-1-5-4" +!define SG_NTAUTHORITY_SYSTEM "S-1-5-18" +!define SG_NTAUTHORITY_AUTHENTICATEDUSERS "S-1-5-11" +!define SG_NTAUTHORITY_LOCALSERVICE "S-1-5-19" +!define SG_NTAUTHORITY_NETWORKSERVICE "S-1-5-20" \ No newline at end of file diff --git a/windows/UserMgr.dll b/windows/UserMgr.dll new file mode 100755 index 0000000..d740fc3 Binary files /dev/null and b/windows/UserMgr.dll differ diff --git a/windows/UserMgr.dsp b/windows/UserMgr.dsp new file mode 100755 index 0000000..fee2fbc --- /dev/null +++ b/windows/UserMgr.dsp @@ -0,0 +1,117 @@ +# Microsoft Developer Studio Project File - Name="UserMgr" - Package Owner=<4> +# Microsoft Developer Studio Generated Build File, Format Version 6.00 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +CFG=UserMgr - Win32 Debug +!MESSAGE This is not a valid makefile. To build this project using NMAKE, +!MESSAGE use the Export Makefile command and run +!MESSAGE +!MESSAGE NMAKE /f "UserMgr.mak". +!MESSAGE +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "UserMgr.mak" CFG="UserMgr - Win32 Debug" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "UserMgr - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "UserMgr - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE + +# Begin Project +# PROP AllowPerConfigDependencies 0 +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" +CPP=cl.exe +MTL=midl.exe +RSC=rc.exe + +!IF "$(CFG)" == "UserMgr - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "Release" +# PROP BASE Intermediate_Dir "Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "UserMgr_EXPORTS" /YX /FD /c +# ADD CPP /nologo /MT /W3 /GX /O1 /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "UserMgr_EXPORTS" /D _UNICODE=1 /FR /FD /c +# SUBTRACT CPP /YX +# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /d "NDEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /machine:I386 +# ADD LINK32 kernel32.lib user32.lib gdi32.lib advapi32.lib shell32.lib uuid.lib netapi32.lib userenv.lib /nologo /dll /machine:I386 /out:"./Release/UserMgr.dll" /opt:nowin98 +# SUBTRACT LINK32 /pdb:none /nodefaultlib + +!ELSEIF "$(CFG)" == "UserMgr - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "Debug" +# PROP BASE Intermediate_Dir "Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "UserMgr_EXPORTS" /YX /FD /GZ /c +# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "UserMgr_EXPORTS" /D _UNICODE=1 /FR /YX /FD /GZ /c +# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /d "_DEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept +# ADD LINK32 kernel32.lib user32.lib gdi32.lib advapi32.lib shell32.lib uuid.lib netapi32.lib userenv.lib /nologo /dll /debug /machine:I386 /out:"C:\Program Files\NSIS\Plugins\UserMgr.dll" /pdbtype:sept + +!ENDIF + +# Begin Target + +# Name "UserMgr - Win32 Release" +# Name "UserMgr - Win32 Debug" +# Begin Group "Source Files" + +# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" +# Begin Source File + +SOURCE=.\UserMgr.c +# End Source File +# End Group +# Begin Group "Header Files" + +# PROP Default_Filter "h;hpp;hxx;hm;inl" +# Begin Source File + +SOURCE=.\UserMgr.h +# End Source File +# End Group +# Begin Group "Resource Files" + +# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" +# End Group +# Begin Source File + +SOURCE=.\pluginapi.lib +# End Source File +# End Target +# End Project diff --git a/windows/UserMgr.plg b/windows/UserMgr.plg new file mode 100755 index 0000000..77e5346 --- /dev/null +++ b/windows/UserMgr.plg @@ -0,0 +1,36 @@ + + +
+

Build Log

+

+--------------------Configuration: UserMgr - Win32 Release-------------------- +

+

Command Lines

+Creating temporary file "C:\DOCUME~1\Admin\LOCALS~1\Temp\RSP9F9.tmp" with contents +[ +/nologo /MT /W3 /GX /O1 /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "UserMgr_EXPORTS" /D _UNICODE=1 /FR"Release/" /Fo"Release/" /Fd"Release/" /FD /c +"D:\Projects\Visual Studio\NSIS Plugins\UserMgr\UserMgr.c" +] +Creating command line "cl.exe @C:\DOCUME~1\Admin\LOCALS~1\Temp\RSP9F9.tmp" +Creating temporary file "C:\DOCUME~1\Admin\LOCALS~1\Temp\RSP9FA.tmp" with contents +[ +kernel32.lib user32.lib gdi32.lib advapi32.lib shell32.lib uuid.lib netapi32.lib userenv.lib /nologo /dll /incremental:no /pdb:"Release/UserMgr.pdb" /machine:I386 /out:"./Release/UserMgr.dll" /implib:"Release/UserMgr.lib" /opt:nowin98 +".\Release\UserMgr.obj" +".\pluginapi.lib" +] +Creating command line "link.exe @C:\DOCUME~1\Admin\LOCALS~1\Temp\RSP9FA.tmp" +

Output Window

+Compiling... +UserMgr.c +Linking... + Creating library Release/UserMgr.lib and object Release/UserMgr.exp +LINK : warning LNK4098: defaultlib "LIBC" conflicts with use of other libs; use /NODEFAULTLIB:library +LINK : warning LNK4089: all references to "USER32.dll" discarded by /OPT:REF + + + +

Results

+UserMgr.dll - 0 error(s), 2 warning(s) +
+ + diff --git a/windows/api.h b/windows/api.h new file mode 100755 index 0000000..89da956 --- /dev/null +++ b/windows/api.h @@ -0,0 +1,83 @@ +/* + * apih + * + * This file is a part of NSIS. + * + * Copyright (C) 1999-2008 Nullsoft and Contributors + * + * Licensed under the zlib/libpng license (the "License"); + * you may not use this file except in compliance with the License. + * + * Licence details can be found in the file COPYING. + * + * This software is provided 'as-is', without any express or implied + * warranty. + */ + +#ifndef _NSIS_EXEHEAD_API_H_ +#define _NSIS_EXEHEAD_API_H_ + +// Starting with NSIS 2.42, you can check the version of the plugin API in exec_flags->plugin_api_version +// The format is 0xXXXXYYYY where X is the major version and Y is the minor version (MAKELONG(y,x)) +// When doing version checks, always remember to use >=, ex: if (pX->exec_flags->plugin_api_version >= NSISPIAPIVER_1_0) {} + +#define NSISPIAPIVER_1_0 0x00010000 +#define NSISPIAPIVER_CURR NSISPIAPIVER_1_0 + +// NSIS Plug-In Callback Messages +enum NSPIM +{ + NSPIM_UNLOAD, // This is the last message a plugin gets, do final cleanup + NSPIM_GUIUNLOAD, // Called after .onGUIEnd +}; + +// Prototype for callbacks registered with extra_parameters->RegisterPluginCallback() +// Return NULL for unknown messages +// Should always be __cdecl for future expansion possibilities +typedef UINT_PTR (*NSISPLUGINCALLBACK)(enum NSPIM); + +// extra_parameters data structures containing other interesting stuff +// but the stack, variables and HWND passed on to plug-ins. +typedef struct +{ + int autoclose; + int all_user_var; + int exec_error; + int abort; + int exec_reboot; // NSIS_SUPPORT_REBOOT + int reboot_called; // NSIS_SUPPORT_REBOOT + int XXX_cur_insttype; // depreacted + int plugin_api_version; // see NSISPIAPIVER_CURR + // used to be XXX_insttype_changed + int silent; // NSIS_CONFIG_SILENT_SUPPORT + int instdir_error; + int rtl; + int errlvl; + int alter_reg_view; + int status_update; +} exec_flags_t; + +#ifndef NSISCALL +# define NSISCALL __stdcall +#endif + +typedef struct { + exec_flags_t *exec_flags; + int (NSISCALL *ExecuteCodeSegment)(int, HWND); + void (NSISCALL *validate_filename)(TCHAR *); + BOOL (NSISCALL *RegisterPluginCallback)(HMODULE, NSISPLUGINCALLBACK); +} extra_parameters; + +// Definitions for page showing plug-ins +// See Ui.c to understand better how they're used + +// sent to the outer window to tell it to go to the next inner window +#define WM_NOTIFY_OUTER_NEXT (WM_USER+0x8) + +// custom pages should send this message to let NSIS know they're ready +#define WM_NOTIFY_CUSTOM_READY (WM_USER+0xd) + +// sent as wParam with WM_NOTIFY_OUTER_NEXT when user cancels - heed its warning +#define NOTIFY_BYE_BYE 'x' + +#endif /* _PLUGIN_H_ */ diff --git a/windows/codesign.cmd b/windows/codesign.cmd new file mode 100644 index 0000000..0d076cd --- /dev/null +++ b/windows/codesign.cmd @@ -0,0 +1 @@ +signtool sign /t http://timestamp.digicert.com "%*" diff --git a/windows/installer.nsi b/windows/installer.nsi new file mode 100644 index 0000000..4e5df89 --- /dev/null +++ b/windows/installer.nsi @@ -0,0 +1,149 @@ +;Enable Unicode encoding +Unicode False + +!define REG_KEY "HKLM SOFTWARE\OpenVPN" +var loggedInUser + +;Include Modern UI +!include "MUI2.nsh" +!include "x64.nsh" + +!searchparse /file "..\..\package.json" '"name": "' APP_NAME '",' +!searchparse /file "..\..\package.json" '"version": "' APP_VERSION '",' +!searchreplace APP_VERSION_CLEAN "${APP_VERSION}" "-" ".0" + +!addplugindir . +!include "nsProcess.nsh" + +!define APP_DIR "${APP_NAME}" + +Name "${APP_NAME}" +Caption "${APP_NAME} ${APP_VERSION}" +!include "MUI2.nsh" +!define MUI_ICON "..\setup.ico" + +SetCompressor /SOLID lzma + +# define the resulting installer's name +OutFile "..\..\dist\${APP_NAME}-${APP_VERSION}-Setup.exe" + +# set the installation directory +InstallDir "$PROGRAMFILES\${APP_NAME}\" + +# app dialogs +!insertmacro MUI_PAGE_WELCOME +!insertmacro MUI_PAGE_INSTFILES + +!define MUI_FINISHPAGE_RUN_TEXT "Start ${APP_NAME}" +!define MUI_FINISHPAGE_RUN "$INSTDIR\${APP_NAME}.exe" + +!insertmacro MUI_PAGE_FINISH +!insertmacro MUI_LANGUAGE "English" + +Function .onInit + ; Check if we're running on 64-bit Windows + ${If} ${RunningX64} + SetRegView 32 + ${EndIf} +FunctionEnd + +Function un.onInit + ${If} ${RunningX64} + SetRegView 32 + ${EndIf} +FunctionEnd + +# default section start +Section + SetShellVarContext all + RMDir /r $INSTDIR + SetOutPath $INSTDIR + + File /r "..\..\dist\VPN.ht-win32-ia32\*" + + WriteUninstaller "$INSTDIR\Uninstall ${APP_NAME}.exe" + + CreateDirectory "$SMPROGRAMS\${APP_DIR}" + CreateShortCut "$SMPROGRAMS\${APP_DIR}\${APP_NAME}.lnk" "$INSTDIR\${APP_NAME}.exe" + CreateShortCut "$SMPROGRAMS\${APP_DIR}\Uninstall ${APP_NAME}.lnk" "$INSTDIR\Uninstall ${APP_NAME}.exe" + CreateShortCut "$DESKTOP\${APP_NAME}.lnk" "$INSTDIR\${APP_NAME}.exe" + + WriteRegStr HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\${APP_NAME}" \ + "DisplayName" "${APP_NAME}" + WriteRegStr HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\${APP_NAME}" \ + "UninstallString" "$INSTDIR\Uninstall ${APP_NAME}.exe" + WriteRegStr HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\${APP_NAME}" \ + "DisplayIcon" "$INSTDIR\icon.ico" + + ${nsProcess::FindProcess} "openvpn.exe" $R0 + ${If} $R0 == 0 + MessageBox MB_OK|MB_ICONEXCLAMATION "The installation cannot continue as OpenVPN is currently running. Please close all OpenVPN instances and re-run the installer." + Quit + ${EndIf} + + DetailPrint "Removing any previous OpenVPN service..." + nsExec::ExecToLog '"$INSTDIR\resources\bin\openvpnserv.exe" -remove' + + Sleep 3000 + + DetailPrint "Installing TAP (may need confirmation)..." + nsExec::ExecToLog '"$INSTDIR\resources\bin\tap.exe" /S /SELECT_UTILITIES=1' + + Sleep 3000 + + DetailPrint "Installing OpenVPN Service..." + nsExec::ExecToLog '"$INSTDIR\resources\bin\openvpnserv.exe" -install' + + Sleep 3000 + + DetailPrint "Settings OpenVPN Service permissions..." + UserMgr::GetCurrentUserName + Pop $0 + StrCpy $loggedInUser "$0" + nsExec::Exec '"$INSTDIR\resources\bin\subinacl.exe" /service openvpnservice /grant=$loggedInUser=QSTOP' + + Sleep 3000 + + DeleteRegValue ${REG_KEY} "config_dir" + DeleteRegValue ${REG_KEY} "config_ext" + DeleteRegValue ${REG_KEY} "exe_path" + DeleteRegValue ${REG_KEY} "log_dir" + DeleteRegValue ${REG_KEY} "log_append" + DeleteRegValue ${REG_KEY} "priority" + WriteRegStr ${REG_KEY} "config_dir" "$INSTDIR\resources\config" + WriteRegStr ${REG_KEY} "config_ext" "ovpn" + WriteRegStr ${REG_KEY} "exe_path" "$INSTDIR\resources\bin\openvpn.exe" + WriteRegStr ${REG_KEY} "log_dir" "$INSTDIR\resources\log" + WriteRegStr ${REG_KEY} "log_append" "0" + WriteRegStr ${REG_KEY} "priority" "NORMAL_PRIORITY_CLASS" + + Sleep 3000 + + AccessControl::GrantOnFile "$INSTDIR\resources\config" "(S-1-5-32-545)" "FullAccess" + AccessControl::GrantOnFile "$INSTDIR\resources\log" "(S-1-5-32-545)" "FullAccess" + + Sleep 3000 + DetailPrint "Make sure firewall allow VPN.ht" + nsisFirewall::AddAuthorizedApplication "$INSTDIR\VPN.ht.exe" "VPN.ht" + +SectionEnd + +# create a section to define what the uninstaller does +Section "Uninstall" + + SetShellVarContext all + + # delete the installed files + RMDir /r $INSTDIR + + # delete the shortcuts + delete "$SMPROGRAMS\${APP_DIR}\${APP_NAME}.lnk" + delete "$SMPROGRAMS\${APP_DIR}\Uninstall ${APP_NAME}.lnk" + rmDir "$SMPROGRAMS\${APP_DIR}" + delete "$DESKTOP\${APP_NAME}.lnk" + + DeleteRegKey HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\${APP_NAME}" + + nsisFirewall::RemoveAuthorizedApplication "$INSTDIR\VPN.ht.exe" + +SectionEnd diff --git a/windows/nsProcess.dll b/windows/nsProcess.dll new file mode 100755 index 0000000..064097a Binary files /dev/null and b/windows/nsProcess.dll differ diff --git a/windows/nsProcess.nsh b/windows/nsProcess.nsh new file mode 100755 index 0000000..76642e0 --- /dev/null +++ b/windows/nsProcess.nsh @@ -0,0 +1,21 @@ +!define nsProcess::FindProcess `!insertmacro nsProcess::FindProcess` + +!macro nsProcess::FindProcess _FILE _ERR + nsProcess::_FindProcess /NOUNLOAD `${_FILE}` + Pop ${_ERR} +!macroend + + +!define nsProcess::KillProcess `!insertmacro nsProcess::KillProcess` + +!macro nsProcess::KillProcess _FILE _ERR + nsProcess::_KillProcess /NOUNLOAD `${_FILE}` + Pop ${_ERR} +!macroend + + +!define nsProcess::Unload `!insertmacro nsProcess::Unload` + +!macro nsProcess::Unload + nsProcess::_Unload +!macroend diff --git a/windows/nsisFirewall.dll b/windows/nsisFirewall.dll new file mode 100755 index 0000000..69f6d1e Binary files /dev/null and b/windows/nsisFirewall.dll differ diff --git a/windows/nsisFirewallW.dll b/windows/nsisFirewallW.dll new file mode 100755 index 0000000..c38da79 Binary files /dev/null and b/windows/nsisFirewallW.dll differ diff --git a/windows/pluginapi.h b/windows/pluginapi.h new file mode 100755 index 0000000..1beea8e --- /dev/null +++ b/windows/pluginapi.h @@ -0,0 +1,77 @@ +#ifndef ___NSIS_PLUGIN__H___ +#define ___NSIS_PLUGIN__H___ + +#ifdef __cplusplus +extern "C" { +#endif + +#include "tchar.h" +#include "api.h" + +#ifndef NSISCALL +# define NSISCALL __stdcall +#endif + +#define PLUGIN_INIT() { \ + g_stringsize=string_size; \ + g_stacktop=stacktop; \ + g_variables=variables; } + +#define NSISFunction(funcname) void __declspec(dllexport) funcname(HWND hwndParent, int string_size, TCHAR *variables, stack_t **stacktop, extra_parameters *extra) + +typedef struct _stack_t { + struct _stack_t *next; + TCHAR text[1]; // this should be the length of string_size +} stack_t; + +enum +{ +INST_0, // $0 +INST_1, // $1 +INST_2, // $2 +INST_3, // $3 +INST_4, // $4 +INST_5, // $5 +INST_6, // $6 +INST_7, // $7 +INST_8, // $8 +INST_9, // $9 +INST_R0, // $R0 +INST_R1, // $R1 +INST_R2, // $R2 +INST_R3, // $R3 +INST_R4, // $R4 +INST_R5, // $R5 +INST_R6, // $R6 +INST_R7, // $R7 +INST_R8, // $R8 +INST_R9, // $R9 +INST_CMDLINE, // $CMDLINE +INST_INSTDIR, // $INSTDIR +INST_OUTDIR, // $OUTDIR +INST_EXEDIR, // $EXEDIR +INST_LANG, // $LANGUAGE +__INST_LAST +}; + +extern unsigned int g_stringsize; +extern stack_t **g_stacktop; +extern TCHAR *g_variables; + +int NSISCALL popstring(TCHAR *str); // 0 on success, 1 on empty stack +int NSISCALL popstringn(TCHAR *str, int maxlen); // with length limit, pass 0 for g_stringsize +int NSISCALL popint(); // pops an integer +int NSISCALL popint_or(); // with support for or'ing (2|4|8) +int NSISCALL myatoi(const TCHAR *s); // converts a string to an integer +unsigned NSISCALL myatou(const TCHAR *s); // converts a string to an unsigned integer, decimal only +int NSISCALL myatoi_or(const TCHAR *s); // with support for or'ing (2|4|8) +void NSISCALL pushstring(const TCHAR *str); +void NSISCALL pushint(int value); +TCHAR * NSISCALL getuservariable(const int varnum); +void NSISCALL setuservariable(const int varnum, const TCHAR *var); + +#ifdef __cplusplus +} +#endif + +#endif//!___NSIS_PLUGIN__H___ diff --git a/windows/pluginapi.lib b/windows/pluginapi.lib new file mode 100755 index 0000000..9ccbb02 Binary files /dev/null and b/windows/pluginapi.lib differ diff --git a/windows/usermgr.c b/windows/usermgr.c new file mode 100755 index 0000000..4131fcb --- /dev/null +++ b/windows/usermgr.c @@ -0,0 +1,1758 @@ +#include +#include "pluginapi.h" +#include "UserMgr.h" +// JPR 123007: Added Userenv.h for the new BuiltAccountEnv function (Also Added Userenv.lib in the Link->Object/Library modules in the project settings) +// NOTE Platform SDK is needed for this header (The February 2003 build is the latest version which work with VC6) +#include +#include +#include +#include +#define _WIN32_WINNT 0x0501 +#include +#include + +HINSTANCE g_hInstance; + +HWND g_hwndParent; + +void ShowError (char *Errormessage); + +BOOL WINAPI DllMain(HANDLE hInst, ULONG ul_reason_for_call, LPVOID lpReserved) +{ + g_hInstance = hInst; + return TRUE; +} + +static UINT_PTR PluginCallback(enum NSPIM msg) +{ + return 0; +} + +NTSTATUS AddPrivileges(PSID AccountSID, LSA_HANDLE PolicyHandle, LSA_UNICODE_STRING lucPrivilege) +{ + NTSTATUS ntsResult; + + // Create an LSA_UNICODE_STRING for the privilege name(s). + + ntsResult = LsaAddAccountRights(PolicyHandle, // An open policy handle. + AccountSID, // The target SID. + &lucPrivilege, // The privilege(s). + 1); // Number of privileges. + + return ntsResult; + +} + +NTSTATUS RemovePrivileges(PSID AccountSID, LSA_HANDLE PolicyHandle, LSA_UNICODE_STRING lucPrivilege) +{ + NTSTATUS ntsResult; + + // Create an LSA_UNICODE_STRING for the privilege name(s). + + ntsResult = LsaRemoveAccountRights( PolicyHandle, // An open policy handle. + AccountSID, // The target SID. + FALSE, // Delete all rights? We should not even think about that... + &lucPrivilege, // The privilege(s). + 1); // Number of privileges. + + return ntsResult; + +} + +NET_API_STATUS EnablePrivilege(LPCTSTR dwPrivilege) +{ + HANDLE hProcessToken = NULL; + + TOKEN_PRIVILEGES tkp; + + NET_API_STATUS nStatus; + + if (!OpenProcessToken(GetCurrentProcess(), + TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY, + &hProcessToken)) + { + nStatus=GetLastError(); + return nStatus; + } + + tkp.PrivilegeCount = 1; + tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; + + if (!LookupPrivilegeValue(NULL, + dwPrivilege, + &tkp.Privileges[0].Luid)) + { + nStatus=GetLastError(); + CloseHandle(hProcessToken); + return nStatus; + } + if (!AdjustTokenPrivileges(hProcessToken, + FALSE, + &tkp, + 0, + NULL, + 0)) + { + nStatus=GetLastError(); + CloseHandle(hProcessToken); + return nStatus; + } + + CloseHandle(hProcessToken); + return 0; +} + +LSA_HANDLE GetPolicyHandle() +{ + LSA_OBJECT_ATTRIBUTES ObjectAttributes; + NTSTATUS ntsResult; + LSA_HANDLE lsahPolicyHandle; + + // Object attributes are reserved, so initialize to zeroes. + ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes)); + + // Get a handle to the Policy object. + ntsResult = LsaOpenPolicy(NULL, //only localhost + &ObjectAttributes, //Object attributes. + POLICY_ALL_ACCESS, //Desired access permissions. + &lsahPolicyHandle);//Receives the policy handle. + + + if (ntsResult != STATUS_SUCCESS) + { + // An error occurred. Display it as a win32 error code. + return NULL; + } + return lsahPolicyHandle; +} + +BOOL InitLsaString(PLSA_UNICODE_STRING pLsaString, LPCWSTR pwszString) +{ + DWORD dwLen = 0; + + if (NULL == pLsaString) + return FALSE; + + if (NULL != pwszString) + { + dwLen = wcslen(pwszString); + if (dwLen > 0x7ffe) // String is too large + return FALSE; + } + + // Store the string. + pLsaString->Buffer = (WCHAR *)pwszString; + pLsaString->Length = (USHORT)dwLen * sizeof(WCHAR); + pLsaString->MaximumLength= (USHORT)(dwLen+1) * sizeof(WCHAR); + + return TRUE; +} + +BOOL GetAccountSid(LPTSTR SystemName, LPTSTR AccountName, PSID *Sid) +{ + LPTSTR ReferencedDomain = NULL; + DWORD cbSid = 128; /* initial allocation attempt */ + DWORD cbReferencedDomain = 16; /* initial allocation size */ + SID_NAME_USE peUse; + BOOL bSuccess = FALSE; /* assume this function will fail */ + + __try { + /* + * initial memory allocations + */ + if ((*Sid = HeapAlloc(GetProcessHeap(), 0, cbSid)) == NULL) + __leave; + + if ((ReferencedDomain = (LPTSTR) HeapAlloc(GetProcessHeap(), 0, + cbReferencedDomain)) == NULL) __leave; + + /* + * Obtain the SID of the specified account on the specified system. + */ + while (!LookupAccountName(SystemName, AccountName, *Sid, &cbSid, + ReferencedDomain, &cbReferencedDomain, + &peUse)) + { + if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) { + /* reallocate memory */ + if ((*Sid = HeapReAlloc(GetProcessHeap(), 0, + *Sid, cbSid)) == NULL) __leave; + + if ((ReferencedDomain= (LPTSTR) HeapReAlloc( + GetProcessHeap(), 0, ReferencedDomain, + cbReferencedDomain)) == NULL) + __leave; + } + else + __leave; + } + bSuccess = TRUE; + } /* finally */ + __finally { + + /* Cleanup and indicate failure, if appropriate. */ + + HeapFree(GetProcessHeap(), 0, ReferencedDomain); + + if (!bSuccess) { + if (*Sid != NULL) { + HeapFree(GetProcessHeap(), 0, *Sid); + *Sid = NULL; + } + } + + } + + return (bSuccess); +} + +NSISFunction(CreateAccount) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + USER_INFO_1 ui; + DWORD dwLevel = 1; + DWORD dwError = 0; + NET_API_STATUS nStatus; + + static char userid[256]; + static char passwd[256]; + static char comment[1024]; + + static WCHAR u_userid[256]; + static WCHAR u_passwd[256]; + static WCHAR u_comment[1024]; + + memset( u_userid, 0, sizeof( u_userid ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(passwd); + swprintf(u_passwd, L"%S", passwd); + + popstring(comment); + swprintf(u_comment, L"%S", comment); + + ui.usri1_name = u_userid; + ui.usri1_password = u_passwd; + ui.usri1_password_age = 0; + ui.usri1_priv = USER_PRIV_USER; + ui.usri1_home_dir = NULL; + ui.usri1_comment = u_comment; + ui.usri1_flags = UF_DONT_EXPIRE_PASSWD | UF_SCRIPT; + + + // + // Call the NetUserAdd function, specifying level 1. + // + nStatus = NetUserAdd(NULL, + dwLevel, + (LPBYTE)&ui, + &dwError); + + // + // If the call succeeds, inform the user. + // + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + + +// JPR 123007: Added CreateAccountEx function +NSISFunction(CreateAccountEx) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + USER_INFO_2 ui; + DWORD dwLevel = 2; + DWORD dwError = 0; + NET_API_STATUS nStatus; + + static char userid[256]; + static char passwd[256]; + static char comment[1024]; + static char fullname[256]; + static char usr_comment[1024]; + static char flags[1024]; + + static WCHAR u_userid[256]; + static WCHAR u_passwd[256]; + static WCHAR u_comment[1024]; + static WCHAR u_fullname[256]; + static WCHAR u_usr_comment[1024]; + + memset( u_userid, 0, sizeof( u_userid ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(passwd); + swprintf(u_passwd, L"%S", passwd); + + popstring(comment); + swprintf(u_comment, L"%S", comment); + + popstring(fullname); + swprintf(u_fullname, L"%S", fullname); + + popstring(usr_comment); + swprintf(u_usr_comment, L"%S", usr_comment); + + popstring(flags); + + ui.usri2_name=u_userid; + ui.usri2_password=u_passwd; + ui.usri2_priv=USER_PRIV_USER; + ui.usri2_home_dir=NULL; + ui.usri2_comment=u_comment; + ui.usri2_flags=UF_SCRIPT | UF_NORMAL_ACCOUNT; + if(strstr(flags,"UF_ACCOUNTDISABLE")) + { + ui.usri2_flags|=UF_ACCOUNTDISABLE; + } + if(strstr(flags,"UF_PASSWD_NOTREQD")) + { + ui.usri2_flags|=UF_PASSWD_NOTREQD; + } + if(strstr(flags,"UF_PASSWD_CANT_CHANGE")) + { + ui.usri2_flags|=UF_PASSWD_CANT_CHANGE; + } + if(strstr(flags,"UF_DONT_EXPIRE_PASSWD")) + { + ui.usri2_flags|=UF_DONT_EXPIRE_PASSWD; + } + ui.usri2_script_path=NULL; + ui.usri2_auth_flags=0; + ui.usri2_full_name=u_fullname; + ui.usri2_usr_comment=u_usr_comment; + ui.usri2_parms=NULL; + ui.usri2_workstations=NULL; + ui.usri2_acct_expires=TIMEQ_FOREVER; + ui.usri2_max_storage=USER_MAXSTORAGE_UNLIMITED; + ui.usri2_logon_hours=NULL; + ui.usri2_country_code=0; + ui.usri2_code_page=0; + + // + // Call the NetUserAdd function, specifying level 2. + // + nStatus = NetUserAdd(NULL, + dwLevel, + (LPBYTE)&ui, + &dwError); + + // + // If the call succeeds, inform the user. + // + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + + +// JPR 123007: Added BuiltAccountEnv function +NSISFunction(BuiltAccountEnv) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + HANDLE hLogonToken = NULL; + + PROFILEINFO PI; + + static char userid[256]; + static char passwd[256]; + + g_hwndParent=hwndParent; + + popstring(userid); + + popstring(passwd); + + nStatus=EnablePrivilege(SE_RESTORE_NAME); + if (nStatus) + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + + if(!LogonUser(userid, + ".", + passwd, + LOGON32_LOGON_INTERACTIVE, + LOGON32_PROVIDER_DEFAULT, + &hLogonToken)) + { + nStatus=GetLastError(); + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + + PI.dwSize=sizeof(PROFILEINFO); + PI.dwFlags=0; + PI.lpUserName=userid; + PI.lpProfilePath=NULL; + PI.lpDefaultPath=NULL; + PI.lpServerName=NULL; + PI.lpPolicyPath=NULL; + PI.hProfile=HKEY_CURRENT_USER; + + if(!LoadUserProfile(hLogonToken,&PI)) + { + nStatus=GetLastError(); + CloseHandle(hLogonToken); + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + + if(!UnloadUserProfile(hLogonToken,PI.hProfile)) + { + nStatus=GetLastError(); + CloseHandle(hLogonToken); + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + + CloseHandle(hLogonToken); + + pushstring("OK"); + return; + } +} + + +// JPR 123007: Added RegLoadUserHive function +NSISFunction(RegLoadUserHive) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char userid[256]; + + HKEY hKey; + DWORD valueSize; + + static char NTUser_dat[256]; + static char DocumentsAndSettings[256]; + static char DocumentsAndSettingsT[256]; + static char SYSTEMDRIVE[256]; + + PSID user_sid; + + LPTSTR strSid; + + g_hwndParent=hwndParent; + + popstring(userid); + + nStatus=EnablePrivilege(SE_RESTORE_NAME); + if (nStatus) + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + + GetEnvironmentVariable("SYSTEMDRIVE",SYSTEMDRIVE,512); + if (!GetAccountSid(NULL,userid,&user_sid)) + { + sprintf(userid, "ERROR %d", GetLastError()); + pushstring(userid); + return; + } + + if (!ConvertSidToStringSid(user_sid,&strSid)) + { + sprintf(userid, "ERROR %d", GetLastError()); + pushstring(userid); + return; + } + else + { + sprintf(DocumentsAndSettings,"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\%s",strSid); + } + RegOpenKeyEx(HKEY_LOCAL_MACHINE,DocumentsAndSettings,0,KEY_READ,&hKey); +// JPR 011508 Get localized "Documents and Settings" string + RegQueryValueEx(hKey,"ProfileImagePath",NULL,NULL,(LPVOID)DocumentsAndSettingsT,&valueSize); +// JPR 011508 Remove "%SystemDrive%\" + sprintf(DocumentsAndSettings, "%s", &DocumentsAndSettingsT[14]); + sprintf(NTUser_dat, "%s\\%s\\NTUSER.DAT", SYSTEMDRIVE,DocumentsAndSettings); + RegCloseKey(hKey); + nStatus = RegLoadKey(HKEY_USERS, userid, NTUser_dat); + + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + + +// JPR 123007: Added RegUnLoadUserHive function +NSISFunction(RegUnLoadUserHive) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char userid[256]; + + static char NTUSER_DAT[256]; + static char SYSTEMDRIVE[256]; + + g_hwndParent=hwndParent; + + popstring(userid); + + nStatus = RegUnLoadKey(HKEY_USERS, userid); + + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + +NSISFunction(DeleteAccount) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char userid[256]; + static WCHAR u_userid[256]; + + memset( u_userid, 0, sizeof( u_userid ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + nStatus = NetUserDel(NULL, u_userid); + + // + // If the call succeeds, inform the user. + // + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + + +// JPR 011208: Added GetCurrentUserName function +NSISFunction(GetCurrentUserName) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char userid[256]; + DWORD Size=256; + + g_hwndParent=hwndParent; + + nStatus = GetUserName(userid, &Size); + + // + // If the call succeeds, inform the user. + // + if (nStatus) + { + pushstring(userid); + return; + } + else + { + sprintf(userid, "ERROR %d", GetLastError()); + pushstring(userid); + return; + } + } +} + + +// JPR 012109: Added GetCurrentDomain function +NSISFunction(GetCurrentDomain) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + LPWKSTA_USER_INFO_1 wksta_info; + + static char userdomain[256]; + + g_hwndParent=hwndParent; + + nStatus = NetWkstaUserGetInfo(NULL, 1, (LPBYTE *)&wksta_info); + + // + // If the call succeeds, inform the user. + // + if (nStatus == NERR_Success) + { + sprintf(userdomain, "%S", wksta_info->wkui1_logon_domain); + pushstring(userdomain); + if (wksta_info != NULL)NetApiBufferFree(wksta_info); + return; + } + else + { + sprintf(userdomain, "ERROR %d", GetLastError()); + pushstring(userdomain); + return; + } + } +} + +// JPR 011208: Added GetLocalizedStdAccountName function +NSISFunction(GetLocalizedStdAccountName) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + static char pid[256]; + + PSID pSid = NULL; + + char username[256]; + char domain[256]; + + DWORD usize=256; + DWORD dsize=256; + + DWORD SidSize = SECURITY_MAX_SID_SIZE; + + SID_NAME_USE snu; + + g_hwndParent=hwndParent; + + popstring(pid); + + pSid=LocalAlloc(LMEM_FIXED, SidSize); + if(!ConvertStringSidToSid(pid,&pSid)) + { + if (pSid != NULL)LocalFree(pSid); + sprintf(pid,"ERROR"); + pushstring(pid); + return; + } + if(!LookupAccountSid(NULL,pSid,username, &usize, domain, &dsize, &snu)) + { + if (pSid != NULL)LocalFree(pSid); + sprintf(pid,"ERROR"); + pushstring(pid); + return; + } + if (pSid != NULL)LocalFree(pSid); + sprintf(pid,"%s\\%s",domain,username); + pushstring(pid); + return; + } +} + +// JPR 020909: Added GetUserNameFromSID function +NSISFunction(GetUserNameFromSID) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + static char pid[256]; + + PSID pSid = NULL; + + char username[256]; + char domain[256]; + + DWORD usize=256; + DWORD dsize=256; + + DWORD SidSize = SECURITY_MAX_SID_SIZE; + + SID_NAME_USE snu; + + g_hwndParent=hwndParent; + + popstring(pid); + + pSid=LocalAlloc(LMEM_FIXED, SidSize); + if(!ConvertStringSidToSid(pid,&pSid)) + { + if (pSid != NULL)LocalFree(pSid); + sprintf(pid,"ERROR"); + pushstring(pid); + return; + } + if(!LookupAccountSid(NULL,pSid,username, &usize, domain, &dsize, &snu)) + { + if (pSid != NULL)LocalFree(pSid); + sprintf(pid,"ERROR"); + pushstring(pid); + return; + } + if (pSid != NULL)LocalFree(pSid); + sprintf(pid,"%s",domain); + if ( strcmp(domain,"") != 0 )sprintf(pid,"%s\\%s",domain,username); + else sprintf(pid,"%s",username); + pushstring(pid); + return; + } +} + +// JPR 020909: Added GetSIDFromUserName function +NSISFunction(GetSIDFromUserName) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + PSID user_sid; + + static char userid[256]; + static char domain[256]; + LPTSTR strSid; + + g_hwndParent=hwndParent; + + popstring(domain); + + popstring(userid); + + if (!GetAccountSid(domain,userid,&user_sid)) + { + pushstring("ERROR GetAccountSid"); + return; + } + + if (!ConvertSidToStringSid(user_sid,&strSid)) + { + pushstring("ERROR ConvertSidToStringSid"); + return; + } + else + { + sprintf(userid,"%s",strSid); + pushstring(userid); + return; + } + } +} + +NSISFunction(GetUserInfo) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + LPUSER_INFO_2 ui; + DWORD dwLevel = 2; + DWORD dwError = 0; + NET_API_STATUS nStatus; + + static char userid[256]; + static char field[256]; + static char response[1024]; + + static WCHAR u_userid[256]; + static WCHAR u_field[256]; + + memset( u_userid, 0, sizeof( u_userid ) ); + memset( u_field, 0, sizeof( u_field ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(field); + _strupr(field); + + swprintf(u_field, L"%S", field); + + // + // Set up the USER_INFO_1 structure. + // USER_PRIV_USER: name identifies a user, + // rather than an administrator or a guest. + // UF_SCRIPT: required for LAN Manager 2.0 and + // Windows NT and later. + // + + nStatus = NetUserGetInfo(NULL, + u_userid, + dwLevel, + (LPBYTE *)&ui ); + + if (nStatus != NERR_Success) + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); +// JPR 011208: Freeing ui buffer properly + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + if ( strcmp(field,"EXISTS") == 0 ) + { + pushstring("OK"); + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + if ( strcmp(field,"FULLNAME") == 0 ) + { + sprintf(response, "%S", ui->usri2_full_name); + pushstring(response); + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + + if ( strcmp(field,"COMMENT") == 0 ) + { + sprintf(response, "%S", ui->usri2_comment); + pushstring(response); + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + if ( strcmp(field,"NAME") == 0 ) + { + sprintf(response, "%S", ui->usri2_name); + pushstring(response); + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + if ( strcmp(field,"HOMEDIR") == 0 ) + { + sprintf(response, "%S", ui->usri2_home_dir); + pushstring(response); + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + if ( strcmp(field,"PASSWD_STATUS") == 0 ) + { + if ( ui->usri2_flags & UF_DONT_EXPIRE_PASSWD ) pushstring("NEVEREXPIRES"); + else + { + if ( ui->usri2_flags & UF_PASSWD_CANT_CHANGE ) + pushstring ("CANTCHANGE"); + } + if (ui != NULL)NetApiBufferFree(ui); + return; + } + if (ui != NULL)NetApiBufferFree(ui); + pushstring("ERROR"); + return; + } +} + +NSISFunction(SetUserInfo) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + LPUSER_INFO_2 ui; + LPUSER_INFO_2 uiTemp; +// JPR 123007: Needed to change a user password + USER_INFO_1003 ui1003; +// JPR 020108: Use USER_INFO_1011 to change the users fullname instead of USER_INFO_1 + USER_INFO_1011 ui1011; + DWORD dwLevel = 2; + DWORD dwError = 0; + NET_API_STATUS nStatus; + + static char userid[256]; + static char field[256]; + static char newvalue[256]; + static char response[1024]; + + static WCHAR u_userid[256]; + static WCHAR u_field[256]; + static WCHAR u_pwd[256]; + static WCHAR u_fullname[256]; + + memset( u_userid, 0, sizeof( u_userid ) ); + memset( u_field, 0, sizeof( u_field ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(field); + _strupr(field); + + popstring(newvalue); + + swprintf(u_field, L"%S", field); + + + nStatus = NetUserGetInfo(NULL, + u_userid, + dwLevel, + (LPBYTE *)&ui ); + + if (nStatus != NERR_Success) + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); +// JPR 011208: Freeing ui buffer properly + if (ui != NULL)NetApiBufferFree(ui); + return; + } + +// JPR 011208: Copy ui buffer to a temp buffer so original buffer will not be invalidated + if ((uiTemp = ui) == NULL) + { + sprintf(userid, "ERROR INVALID USERINFO"); + pushstring(userid); + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + if ( strcmp(field,"FULLNAME") == 0 ) + { + swprintf(u_fullname, L"%S", newvalue); + ui1011.usri1011_full_name=u_fullname; + dwLevel=1011; + } + +// JPR 123007: Added PASSWORD field + if ( strcmp(field,"PASSWORD") == 0 ) + { + swprintf(u_pwd, L"%S", newvalue); + ui1003.usri1003_password=u_pwd; + dwLevel=1003; + } + + if ( strcmp(field,"COMMENT") == 0 ) + { + swprintf(uiTemp->usri2_comment, L"%S", newvalue); + } + + if ( strcmp(field,"NAME") == 0 ) + { + swprintf(uiTemp->usri2_name, L"%S", newvalue); + } + + if ( strcmp(field,"HOMEDIR") == 0 ) + { + swprintf(uiTemp->usri2_home_dir, L"%S", newvalue); + } + + if ( strcmp(field,"PASSWD_NEVER_EXPIRES") == 0 ) + { + if (strcmp(newvalue, "YES") == 0) + uiTemp->usri2_flags |= UF_DONT_EXPIRE_PASSWD; + else + uiTemp->usri2_flags |=~ UF_DONT_EXPIRE_PASSWD; + } + +// JPR 123007: Different for changing a user password + if(dwLevel==1003) + { + nStatus = NetUserSetInfo(NULL, + u_userid, + dwLevel, + (LPBYTE) &ui1003, + NULL ); + } +// JPR 020108: Different for changing a user fullname + else if(dwLevel==1011) + { + nStatus = NetUserSetInfo(NULL, + u_userid, + dwLevel, + (LPBYTE) &ui1011, + NULL ); + } + else + { + nStatus = NetUserSetInfo(NULL, + u_userid, + dwLevel, + (LPBYTE) uiTemp, + NULL ); + } + + if (nStatus != NERR_Success) + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + if (ui != NULL)NetApiBufferFree(ui); + return; + } + + pushstring("OK"); + if (ui != NULL)NetApiBufferFree(ui); + return; + } +} + + +// JPR 123007: Added ChangeUserPassword function +NSISFunction(ChangeUserPassword) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char userid[256]; + static char oldpwd[256]; + static char newpwd[256]; + + static WCHAR u_userid[256]; + static WCHAR u_oldpwd[256]; + static WCHAR u_newpwd[256]; + + memset( userid, 0, sizeof( userid ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(oldpwd); + swprintf(u_oldpwd, L"%S", oldpwd); + + popstring(newpwd); + swprintf(u_newpwd, L"%S", newpwd); + + nStatus = NetUserChangePassword (NULL, u_userid, u_oldpwd, u_newpwd ); + + // + // If the call succeeds, inform the user. + // + + if (nStatus != NERR_Success) + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + + pushstring("OK"); + return; + } +} + +NSISFunction(DeleteGroup) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char groupid[256]; + static WCHAR u_groupid[256]; + DWORD dwError = 0; + + memset( u_groupid, 0, sizeof( u_groupid ) ); + + g_hwndParent=hwndParent; + + popstring(groupid); + swprintf(u_groupid, L"%S", groupid); + + nStatus = NetLocalGroupDel(NULL, u_groupid ); + + // + // If the call succeeds, inform the user. + // + + if (nStatus == NERR_Success) + { + #ifdef _USRDLL + pushstring("OK"); + #endif + return; + } + else + { + #ifdef _USRDLL + sprintf(groupid, "ERROR %d %d", nStatus, dwError); + pushstring(groupid); + #endif + return; + } + } +} + +NSISFunction(CreateGroup) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char groupid[256]; + static WCHAR u_groupid[256]; + static char comment[1024]; + static WCHAR u_comment[1024]; + DWORD dwError = 0; + LOCALGROUP_INFO_1 ginfo; + + memset( u_groupid, 0, sizeof( u_groupid ) ); + memset( u_comment, 0, sizeof( u_comment) ); + + g_hwndParent=hwndParent; + + popstring(groupid); + popstring(comment); + + memset (&ginfo,0,sizeof(ginfo)); + + swprintf(u_groupid, L"%S", groupid); + swprintf(u_comment, L"%S", comment); + + ginfo.lgrpi1_name = u_groupid; + ginfo.lgrpi1_comment= u_comment; + + nStatus = NetLocalGroupAdd(NULL, 1, (LPBYTE)&ginfo, &dwError); + + // + // If the call succeeds, inform the user. + // + + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(groupid, "ERROR %d %d", nStatus, dwError); + pushstring(groupid); + return; + } + } +} + +NSISFunction(AddToGroup) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + LOCALGROUP_MEMBERS_INFO_3 LMI; + + static char userid[256]; + static WCHAR u_userid[256]; + static char groupid[256]; + static WCHAR u_groupid[256]; + + memset( u_userid, 0, sizeof( u_userid ) ); + memset( u_groupid, 0, sizeof( u_groupid ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(groupid); + swprintf(u_groupid, L"%S", groupid); + +// JPR 123007: Changed to NetLocalGroupAddMembers to make this function work + LMI.lgrmi3_domainandname = u_userid; + nStatus = NetLocalGroupAddMembers(NULL, u_groupid,3,(LPBYTE)&LMI,1); + + // + // If the call succeeds, inform the user. + // + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + + +// JPR 011208: Added function IsMemberOfGroup +NSISFunction(IsMemberOfGroup) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + LPLOCALGROUP_MEMBERS_INFO_1 pBuf = NULL; + + DWORD dwLevel = 1; + DWORD dwPrefMaxLen = MAX_PREFERRED_LENGTH; + DWORD dwEntriesRead = 0; + DWORD dwTotalEntries = 0; + DWORD dwResumeHandle = 0; + + static char userid[256]; + static char userid2[256]; + static char groupid[256]; + static WCHAR u_groupid[256]; + static char groupid2[256]; + + memset( u_groupid, 0, sizeof( u_groupid ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + + popstring(groupid); + + // + // Call the NetLocalGroupGetMembers function + // specifying information level 1. + // + swprintf(u_groupid, L"%S", groupid); + nStatus = NetLocalGroupGetMembers(NULL, + u_groupid, + dwLevel, + (LPBYTE *) &pBuf, + dwPrefMaxLen, + &dwEntriesRead, + &dwTotalEntries,&dwResumeHandle); + // + // If the call succeeds, + // + if (nStatus == NERR_Success) + { + LPLOCALGROUP_MEMBERS_INFO_1 pTmpBuf; + DWORD i; + DWORD dwTotalCount = 0; + + if ((pTmpBuf = pBuf) != NULL) + { + // + // Loop through the entries and + // print the names of the local groups + // to which the user belongs. + // + for (i = 0; i < dwEntriesRead; i++) + { + + if (pTmpBuf == NULL) + { + if (pBuf != NULL)NetApiBufferFree(pBuf); + sprintf(userid, "ERROR: An access violation has occurred"); + pushstring(userid); + return; + } + + sprintf(userid2, "%S", pTmpBuf->lgrmi1_name); + if(strcmp(userid2,userid) == 0) + { + if (pBuf != NULL)NetApiBufferFree(pBuf); + pushstring("TRUE"); + return; + } + pTmpBuf++; + dwTotalCount++; + } + } + if (pBuf != NULL)NetApiBufferFree(pBuf); + pushstring("FALSE"); + return; + } + else + { + if (pBuf != NULL)NetApiBufferFree(pBuf); + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + + +NSISFunction(RemoveFromGroup) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + NET_API_STATUS nStatus; + + static char userid[256]; + static WCHAR u_userid[256]; + static char groupid[256]; + static WCHAR u_groupid[256]; + + memset( u_userid, 0, sizeof( u_userid ) ); + memset( u_groupid, 0, sizeof( u_groupid ) ); + + g_hwndParent=hwndParent; + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(groupid); + swprintf(u_groupid, L"%S", groupid); + + nStatus = NetGroupDelUser(NULL, u_groupid, u_userid); + + // + // If the call succeeds, inform the user. + // + if (nStatus == NERR_Success) + { + pushstring("OK"); + return; + } + else + { + sprintf(userid, "ERROR %d", nStatus); + pushstring(userid); + return; + } + } +} + +NSISFunction(AddPrivilege) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + DWORD dwLevel = 1; + DWORD dwError = 0; + PSID user_sid; + LSA_HANDLE my_policy_handle; + LSA_UNICODE_STRING lucPrivilege; + + static char tempbuf[1024]; + static char userid[256]; + static char privilege[256]; + + static WCHAR u_userid[256]; + static WCHAR u_privilege[256]; + + g_hwndParent=hwndParent; + + memset (u_userid,0, sizeof(u_userid)); + memset (u_privilege,0, sizeof(u_privilege)); + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(privilege); + swprintf(u_privilege, L"%S", privilege); + + if (!GetAccountSid(NULL,userid,&user_sid)) + { + pushstring("ERROR GetAccountSid"); + return; + } + + my_policy_handle = GetPolicyHandle(); + + if (my_policy_handle == NULL) + { + pushstring("ERROR GetPolicyHandle"); + return; + } + + if (!InitLsaString(&lucPrivilege, u_privilege)) + { + LsaClose(my_policy_handle); + pushstring("ERROR InitLsaString"); + return; + } + + if (AddPrivileges(user_sid, my_policy_handle, lucPrivilege) != STATUS_SUCCESS) + { + LsaClose(my_policy_handle); + pushstring("ERROR AddPrivileges"); + return; + } + + LsaClose(my_policy_handle); + pushstring("OK"); + return; + } +} + +NSISFunction(SetRegKeyAccess) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + unsigned int i = 0; + + INT grant_or_revoke = GRANT_ACCESS; + DWORD dwLevel = 1; + DWORD dwError = 0; + DWORD dwRes; + PSID user_sid; + PACL pDacl=NULL; + PACL pNewDacl=NULL; + EXPLICIT_ACCESS ea; + PSECURITY_DESCRIPTOR pSD=NULL; + + static char tempbuf[1024]; + static char userid[256]; + static char hive[128]; + static char regkey[512]; + static char rights[8]; + char myhive[32]; + char myregkey[512]; + + static WCHAR u_userid[256]; + unsigned long accessrights = 0; + unsigned long aclentries = 64; + + g_hwndParent=hwndParent; + + memset (u_userid,0, sizeof(u_userid)); + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(hive); + popstring(regkey); + popstring(rights); + + strcpy (myhive,""); + + if ( strcmp(hive,"HKLM") == 0 ) + strcpy(myhive,"MACHINE"); + + if ( strcmp(hive,"HKCU") == 0 ) + strcpy(myhive,"CURRENT_USER"); + + if ( strcmp(hive,"HKU") == 0 ) + strcpy(myhive,"USERS"); + + if ( strcmp(hive,"HKCR") == 0 ) + strcpy(myhive,"CLASSES_ROOT"); + + if ( strcmp (myhive,"") == 0 ) + { + pushstring("ERROR Illegal Root Key (use HKLM|HKCU|HKU|HKCR)"); + return; + } + + _snprintf(myregkey,sizeof(myregkey)-1,"%s\\%s",myhive,regkey); + if ( strlen(rights) <= 0 ) + { + grant_or_revoke = REVOKE_ACCESS; + } + + if (!GetAccountSid(NULL,userid,&user_sid)) + { + pushstring("ERROR GetAccountSid"); + return; + } + + if(dwRes=GetNamedSecurityInfo(myregkey,SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION, + NULL,NULL,&pDacl,NULL,&pSD)!=ERROR_SUCCESS) + { + sprintf(tempbuf,"ERROR GetSecurityInfo %d", dwRes); + pushstring( tempbuf); + return; + } + + ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS)); + + for (i=0;i<=strlen(rights);i++) + { + switch(rights[i]) + { + case '+': + grant_or_revoke = GRANT_ACCESS; + break; + case '-': + grant_or_revoke = DENY_ACCESS; + break; + case '=': + grant_or_revoke = SET_ACCESS; + break; + case 'r': + accessrights |= KEY_READ; + break; + case 'w': + accessrights |= KEY_WRITE; + break; + case 'a': + accessrights |= KEY_ALL_ACCESS; + break; + case 'x': + accessrights |= KEY_EXECUTE; + break; + default: + break; + } + } + + ea.grfAccessPermissions = accessrights; + ea.grfAccessMode = grant_or_revoke; + ea.grfInheritance= SUB_CONTAINERS_ONLY_INHERIT; + ea.Trustee.TrusteeForm = TRUSTEE_IS_SID; + ea.Trustee.TrusteeType = TRUSTEE_IS_USER; + ea.Trustee.ptstrName = user_sid; + + if(dwRes=SetEntriesInAcl(1,&ea,pDacl,&pNewDacl)!=ERROR_SUCCESS) + { + sprintf(tempbuf,"ERROR SetEntriesInAcl Error %d", dwRes); + pushstring( tempbuf); + return; + } + + if (dwRes = SetNamedSecurityInfo(myregkey, SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION,NULL,NULL,pNewDacl,NULL) != ERROR_SUCCESS) + { + sprintf(tempbuf,"ERROR SetNamedSecurityInfo %d", dwRes); + pushstring( tempbuf); + return; + } + + sprintf(tempbuf,"OK"); + pushstring(tempbuf); + return; + } +} + +NSISFunction(RemovePrivilege) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + DWORD dwLevel = 1; + DWORD dwError = 0; + PSID user_sid; + LSA_HANDLE my_policy_handle; + LSA_UNICODE_STRING lucPrivilege; + + static char tempbuf[1024]; + static char userid[256]; + static char privilege[256]; + + static WCHAR u_userid[256]; + static WCHAR u_privilege[256]; + + g_hwndParent=hwndParent; + + memset (u_userid,0, sizeof(u_userid)); + memset (u_privilege,0, sizeof(u_privilege)); + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(privilege); + swprintf(u_privilege, L"%S", privilege); + + if (!GetAccountSid(NULL,userid,&user_sid)) + { + pushstring("ERROR GetAccountSid"); + return; + } + + my_policy_handle = GetPolicyHandle(); + + if (my_policy_handle == NULL) + { + pushstring("ERROR GetPolicyHandle"); + return; + } + + if (!InitLsaString(&lucPrivilege, u_privilege)) + { + LsaClose(my_policy_handle); + pushstring("ERROR InitLsaString"); + return; + } + + + if (RemovePrivileges(user_sid, my_policy_handle, lucPrivilege) != STATUS_SUCCESS) + { + LsaClose(my_policy_handle); + pushstring("ERROR RemovePrivileges"); + return; + } + + LsaClose(my_policy_handle); + pushstring("OK"); + return; + } +} + + +// JPR 020108: Added function HasPrivilege +NSISFunction(HasPrivilege) +{ + PLUGIN_INIT(); + extra->RegisterPluginCallback(g_hInstance, PluginCallback); + { + DWORD dwLevel = 1; + DWORD dwError = 0; + PSID user_sid; + LSA_HANDLE my_policy_handle; + LSA_UNICODE_STRING *lucPrivilege; + LSA_UNICODE_STRING *pTmpBuf; + ULONG count; + DWORD i; + NTSTATUS ntStatus; + + static char tempbuf[1024]; + static char userid[256]; + static char privilege[256]; + static char privilege2[256]; + + static WCHAR u_userid[256]; + static WCHAR u_privilege[256]; + + g_hwndParent=hwndParent; + + memset (u_userid,0, sizeof(u_userid)); + memset (u_privilege,0, sizeof(u_privilege)); + + popstring(userid); + swprintf(u_userid, L"%S", userid); + + popstring(privilege); + swprintf(u_privilege, L"%S", privilege); + + if (EnablePrivilege(SE_RESTORE_NAME)) + { + pushstring("ERROR EnablePrivilege"); + return; + } + + if (!GetAccountSid(NULL,userid,&user_sid)) + { + pushstring("ERROR GetAccountSid"); + return; + } + + my_policy_handle = GetPolicyHandle(); + + if (my_policy_handle == NULL) + { + pushstring("ERROR GetPolicyHandle"); + return; + } + + if (ntStatus = LsaEnumerateAccountRights(my_policy_handle, user_sid, (LSA_UNICODE_STRING **) &lucPrivilege, &count) != STATUS_SUCCESS) + { + dwError = LsaNtStatusToWinError(ntStatus); + if(dwError == ERROR_FILE_NOT_FOUND)sprintf(tempbuf,"FALSE"); + else if(dwError == ERROR_MR_MID_NOT_FOUND)sprintf(tempbuf,"ERROR LsaEnumerateAccountRights n%ld", ntStatus); + else sprintf(tempbuf,"ERROR LsaEnumerateAccountRights w%lu", dwError); + if (lucPrivilege != NULL)LsaFreeMemory(&lucPrivilege); + LsaClose(my_policy_handle); + pushstring(tempbuf); + return; + } + + if ((pTmpBuf = lucPrivilege) != NULL) + { + for (i = 0; i < count; i++) + { + if (pTmpBuf == NULL) + { + if (lucPrivilege != NULL)LsaFreeMemory(&lucPrivilege); + LsaClose(my_policy_handle); + sprintf(userid, "ERROR: An access violation has occurred"); + pushstring(userid); + return; + } + + sprintf(privilege2, "%S", pTmpBuf->Buffer); + if(strcmp(privilege2,privilege) == 0) + { + if (lucPrivilege != NULL)LsaFreeMemory(&lucPrivilege); + LsaClose(my_policy_handle); + pushstring("TRUE"); + return; + } + pTmpBuf++; + } + } + if (lucPrivilege != NULL)LsaFreeMemory(&lucPrivilege); + LsaClose(my_policy_handle); + pushstring("FALSE"); + return; + } +} + +void ShowError (char *Errormessage) +{ + char buf[1024]; + wsprintf(buf,"%s",Errormessage); + +#ifdef _USRDLL + MessageBox(g_hwndParent,buf,0,MB_OK); +#else + printf(buf); +#endif + +} + +#ifdef _USRDLL + +#endif \ No newline at end of file diff --git a/windows/usermgr.dsw b/windows/usermgr.dsw new file mode 100755 index 0000000..685f1d8 --- /dev/null +++ b/windows/usermgr.dsw @@ -0,0 +1,29 @@ +Microsoft Developer Studio Workspace File, Format Version 6.00 +# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! + +############################################################################### + +Project: "UserMgr"=.\UserMgr.dsp - Package Owner=<4> + +Package=<5> +{{{ +}}} + +Package=<4> +{{{ +}}} + +############################################################################### + +Global: + +Package=<5> +{{{ +}}} + +Package=<3> +{{{ +}}} + +############################################################################### + diff --git a/windows/usermgr.h b/windows/usermgr.h new file mode 100755 index 0000000..069ed98 --- /dev/null +++ b/windows/usermgr.h @@ -0,0 +1,22 @@ +/** + + **/ + +#include +#include +#include +#include +#include + + +#ifndef STATUS_SUCCESS +#define STATUS_SUCCESS ((NTSTATUS)0x00000000L) +#endif + + +BOOL InitLsaString( PLSA_UNICODE_STRING pLsaString, LPCWSTR pwszString ); +LSA_HANDLE GetPolicyHandle(); +NTSTATUS AddPrivileges(PSID AccountSID, LSA_HANDLE PolicyHandle, LSA_UNICODE_STRING lucPrivilege); +NTSTATUS RemovePrivileges(PSID AccountSID, LSA_HANDLE PolicyHandle, LSA_UNICODE_STRING lucPrivilege); +BOOL GetAccountSid(LPTSTR SystemName, LPTSTR AccountName, PSID *Sid); + diff --git a/windows/usermgr.ncb b/windows/usermgr.ncb new file mode 100755 index 0000000..a97da6e Binary files /dev/null and b/windows/usermgr.ncb differ diff --git a/windows/usermgr.opt b/windows/usermgr.opt new file mode 100755 index 0000000..014071d Binary files /dev/null and b/windows/usermgr.opt differ