From a935ce44c26a4f8ef33ba4610ca13833e4a34095 Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Thu, 29 Aug 2019 11:04:07 +0200 Subject: main: display localized "Administrators" group name Signed-off-by: Simon Rozman --- elevate/membership.go | 18 +++++++++++++++--- main.go | 12 ++++++++---- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/elevate/membership.go b/elevate/membership.go index 131c6d97..0c090271 100644 --- a/elevate/membership.go +++ b/elevate/membership.go @@ -15,7 +15,7 @@ func isAdmin(token windows.Token) bool { return false } var checkableToken windows.Token - err = windows.DuplicateTokenEx(token, windows.TOKEN_QUERY | windows.TOKEN_IMPERSONATE, nil, windows.SecurityIdentification, windows.TokenImpersonation, &checkableToken) + err = windows.DuplicateTokenEx(token, windows.TOKEN_QUERY|windows.TOKEN_IMPERSONATE, nil, windows.SecurityIdentification, windows.TokenImpersonation, &checkableToken) if err != nil { return false } @@ -52,10 +52,22 @@ func IsAdminDesktop() (bool, error) { } defer windows.CloseHandle(process) var token windows.Token - err = windows.OpenProcessToken(process, windows.TOKEN_QUERY | windows.TOKEN_IMPERSONATE, &token) + err = windows.OpenProcessToken(process, windows.TOKEN_QUERY|windows.TOKEN_IMPERSONATE, &token) if err != nil { return false, err } defer token.Close() return TokenIsElevatedOrElevatable(token), nil -} \ No newline at end of file +} + +func AdminGroupName() string { + builtinAdminsGroup, err := windows.CreateWellKnownSid(windows.WinBuiltinAdministratorsSid) + if err != nil { + return "Administrators" + } + name, _, _, err := builtinAdminsGroup.LookupAccount("") + if err != nil { + return "Administrators" + } + return name +} diff --git a/main.go b/main.go index ef14afde..d32ea7f7 100644 --- a/main.go +++ b/main.go @@ -40,6 +40,10 @@ func fatal(v ...interface{}) { os.Exit(1) } +func fatalf(format string, v ...interface{}) { + fatal(fmt.Sprintf(format, v...)) +} + func info(title string, format string, v ...interface{}) { windows.MessageBox(0, windows.StringToUTF16Ptr(fmt.Sprintf(format, v...)), windows.StringToUTF16Ptr(title), windows.MB_ICONINFORMATION) } @@ -61,7 +65,7 @@ func checkForWow64() { } err = windows.IsWow64Process(p, &b) if err != nil { - fatal("Unable to determine whether the process is running under WOW64: ", err) + fatalf("Unable to determine whether the process is running under WOW64: %v", err) } if b { fatal("You must use the 64-bit version of WireGuard on this computer.") @@ -72,18 +76,18 @@ func checkForAdminGroup() { // This is not a security check, but rather a user-confusion one. processToken, err := windows.OpenCurrentProcessToken() if err != nil { - fatal("Unable to open current process token: ", err) + fatalf("Unable to open current process token: %v", err) } defer processToken.Close() if !elevate.TokenIsElevatedOrElevatable(processToken) { - fatal("WireGuard may only be used by users who are a member of the Builtin Administrators group.") + fatalf("WireGuard may only be used by users who are a member of the Builtin %s group.", elevate.AdminGroupName()) } } func checkForAdminDesktop() { adminDesktop, err := elevate.IsAdminDesktop() if !adminDesktop && err == nil { - fatal("WireGuard is running, but the UI is only accessible from desktops of the Builtin Administrators group.") + fatalf("WireGuard is running, but the UI is only accessible from desktops of the Builtin %s group.", elevate.AdminGroupName()) } } -- cgit v1.2.3-59-g8ed1b