prosody
c0eea4f6c739
util-src/windows.c
Software / code / prosody
File
util-src/windows.c @ 12659:c0eea4f6c739
usermanager: Add back temporary is_admin to warn about deprecated API usage
Goal: Introduce role-auth with minimal disruption
is_admin() is unsafe in a system with per-session permissions, so it has been
deprecated.
Roll-out approach:
1) First, log a warning when is_admin() is used. It should continue to
function normally, backed by the new role API. Nothing is really using
per-session authz yet, so there is minimal security concern.
The 'strict_deprecate_is_admin' global setting can be set to 'true' to
force a hard failure of is_admin() attempts (it will log an error and
always return false).
2) In some time (at least 1 week), but possibly longer depending on the number
of affected deployments: switch 'strict_deprecate_is_admin' to 'true' by
default. It can still be disabled for systems that need it.
3) Further in the future, before the next release, the option will be removed
and is_admin() will be permanently disabled.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 15 Aug 2022 15:25:07 +0100 |
| parent | 12575:1f6f05a98fcd |
line wrap: on
line source
/* Prosody IM -- Copyright (C) 2008-2010 Matthew Wild -- Copyright (C) 2008-2010 Waqas Hussain -- -- This project is MIT/X11 licensed. Please see the -- COPYING file in the source package for more information. -- */ /* * windows.c * Windows support functions for Lua */ #include <stdio.h> #include <windows.h> #include <windns.h> #include "lua.h" #include "lauxlib.h" #if (LUA_VERSION_NUM < 504) #define luaL_pushfail lua_pushnil #endif static int Lget_nameservers(lua_State *L) { char stack_buffer[1024]; // stack allocated buffer IP4_ARRAY *ips = (IP4_ARRAY *) stack_buffer; DWORD len = sizeof(stack_buffer); DNS_STATUS status; status = DnsQueryConfig(DnsConfigDnsServerList, FALSE, NULL, NULL, ips, &len); if(status == 0) { DWORD i; lua_createtable(L, ips->AddrCount, 0); for(i = 0; i < ips->AddrCount; i++) { DWORD ip = ips->AddrArray[i]; char ip_str[16] = ""; sprintf_s(ip_str, sizeof(ip_str), "%d.%d.%d.%d", (ip >> 0) & 255, (ip >> 8) & 255, (ip >> 16) & 255, (ip >> 24) & 255); lua_pushstring(L, ip_str); lua_rawseti(L, -2, i + 1); } return 1; } else { luaL_pushfail(L); lua_pushfstring(L, "DnsQueryConfig returned %d", status); return 2; } } static int lerror(lua_State *L, char *string) { luaL_pushfail(L); lua_pushfstring(L, "%s: %d", string, GetLastError()); return 2; } static int Lget_consolecolor(lua_State *L) { HWND console = GetStdHandle(STD_OUTPUT_HANDLE); WORD color; DWORD read_len; CONSOLE_SCREEN_BUFFER_INFO info; if(console == INVALID_HANDLE_VALUE) { return lerror(L, "GetStdHandle"); } if(!GetConsoleScreenBufferInfo(console, &info)) { return lerror(L, "GetConsoleScreenBufferInfo"); } if(!ReadConsoleOutputAttribute(console, &color, 1, info.dwCursorPosition, &read_len)) { return lerror(L, "ReadConsoleOutputAttribute"); } lua_pushnumber(L, color); return 1; } static int Lset_consolecolor(lua_State *L) { int color = luaL_checkint(L, 1); HWND console = GetStdHandle(STD_OUTPUT_HANDLE); if(console == INVALID_HANDLE_VALUE) { return lerror(L, "GetStdHandle"); } if(!SetConsoleTextAttribute(console, color)) { return lerror(L, "SetConsoleTextAttribute"); } lua_pushboolean(L, 1); return 1; } static const luaL_Reg Reg[] = { { "get_nameservers", Lget_nameservers }, { "get_consolecolor", Lget_consolecolor }, { "set_consolecolor", Lset_consolecolor }, { NULL, NULL } }; LUALIB_API int luaopen_util_windows(lua_State *L) { luaL_checkversion(L); lua_newtable(L); luaL_setfuncs(L, Reg, 0); lua_pushliteral(L, "-3.14"); lua_setfield(L, -2, "version"); return 1; }
