diff options
| author |   Simon Rozman <simon@rozman.si> | 2021-03-08 13:48:29 +0100 |
|---|---|---|
| committer | Simon Rozman <simon@rozman.si> | 2021-03-08 13:48:29 +0100 |
| commit | cef79225560bd454cb5c49d8d2b0cfac869de8d3 (patch) | |
| tree | 9196e23668f0ae06498442b73a6797f7d4fe52d8 | |
| parent | api: upgrade logging (diff) | |
| download | wintun-cef79225560bd454cb5c49d8d2b0cfac869de8d3.tar.xz wintun-cef79225560bd454cb5c49d8d2b0cfac869de8d3.zip | |
api: elevate to SYSTEM in WintunEnumAdapters()
The WintunEnumAdapters() requires namespace mutex. However,
NamespaceTakePoolMutex() works as SYSTEM user only.
WireGuard is using the WintunEnumAdapters() in its manager service to
cleanup stale adapters. As the WireGuard manager service is running as
SYSTEM, this requirement was not apparent before.
This commit also extends the example project to list its existing
adapters at start.
Signed-off-by: Simon Rozman <simon@rozman.si>
| -rw-r--r-- | api/adapter.c | 13 | ||||
| -rw-r--r-- | example/example.c | 11 |
2 files changed, 21 insertions, 3 deletions
diff --git a/api/adapter.c b/api/adapter.c index 984af03..8fc757e 100644 --- a/api/adapter.c +++ b/api/adapter.c @@ -1983,13 +1983,18 @@ cleanupToken: _Return_type_success_(return != FALSE) BOOL WINAPI WintunEnumAdapters(_In_z_ const WCHAR *Pool, _In_ WINTUN_ENUM_CALLBACK Func, _In_ LPARAM Param) { - HANDLE Mutex = NamespaceTakePoolMutex(Pool); - if (!Mutex) + if (!ElevateToSystem()) { - LOG(WINTUN_LOG_ERR, L"Failed to take %s pool mutex", Pool); + LOG(WINTUN_LOG_ERR, L"Failed to impersonate SYSTEM user"); return FALSE; } DWORD LastError = ERROR_SUCCESS; + HANDLE Mutex = NamespaceTakePoolMutex(Pool); + if (!Mutex) + { + LastError = LOG(WINTUN_LOG_ERR, L"Failed to take %s pool mutex", Pool); + goto cleanupToken; + } HDEVINFO DevInfo = SetupDiGetClassDevsExW(&GUID_DEVCLASS_NET, NULL, NULL, DIGCF_PRESENT, NULL, NULL, NULL); if (DevInfo == INVALID_HANDLE_VALUE) { @@ -2022,5 +2027,7 @@ _Return_type_success_(return != FALSE) BOOL WINAPI SetupDiDestroyDeviceInfoList(DevInfo); cleanupMutex: NamespaceReleaseMutex(Mutex); +cleanupToken: + RevertToSelf(); return RET_ERROR(TRUE, LastError); } diff --git a/example/example.c b/example/example.c index d36c2d4..9e5f2e8 100644 --- a/example/example.c +++ b/example/example.c @@ -293,6 +293,16 @@ SendPackets(_Inout_ DWORD_PTR SessionPtr) return ERROR_SUCCESS;
}
+static BOOL CALLBACK
+PrintAdapter(_In_ WINTUN_ADAPTER_HANDLE Adapter, _In_ LPARAM Param)
+{
+ UNREFERENCED_PARAMETER(Param);
+ WCHAR szAdapterName[MAX_ADAPTER_NAME];
+ if (WintunGetAdapterName(Adapter, szAdapterName))
+ Log(WINTUN_LOG_INFO, L"Existing Wintun adapter: %s", szAdapterName);
+ return TRUE;
+}
+
int
main(void)
{
@@ -301,6 +311,7 @@ main(void) return LogError(L"Failed to initialize Wintun", GetLastError());
WintunSetLogger(ConsoleLogger);
Log(WINTUN_LOG_INFO, L"Wintun library loaded");
+ WintunEnumAdapters(L"Example", PrintAdapter, 0);
DWORD LastError;
HaveQuit = FALSE;
|