diff --git a/src/PanelSwCustomActions/ExecOnComponent.cpp b/src/PanelSwCustomActions/ExecOnComponent.cpp index d0e0a7f..9dab628 100644 --- a/src/PanelSwCustomActions/ExecOnComponent.cpp +++ b/src/PanelSwCustomActions/ExecOnComponent.cpp @@ -655,7 +655,7 @@ HRESULT CExecOnComponent::ExecuteOne(const com::panelsw::ca::ExecOnDetails& deta ExitOnFailure(hr, "Failed setting environment"); // By default, exitCode is what the process returned. If couldn't execute the process, use failure code is result. - hr = LaunchProcess((LPWSTR)szCommand, szWorkingDirectory, (LPCWSTR)szEnvironmentMultiSz, &hProc, &hStdOut); + hr = LaunchProcess(&ctxImpersonation, (LPWSTR)szCommand, szWorkingDirectory, (LPCWSTR)szEnvironmentMultiSz, &hProc, &hStdOut); if (details.async()) { @@ -1004,7 +1004,7 @@ HRESULT CExecOnComponent::SetEnvironment(CWixString* pszEnvironmentMultiSz, cons return hr; } -HRESULT CExecOnComponent::LaunchProcess(LPWSTR szCommand, LPCWSTR szWorkingDirectory, LPCWSTR rgszEnvironment, HANDLE* phProcess, HANDLE* phStdOut) +HRESULT CExecOnComponent::LaunchProcess(IMPERSONATION_CONTEXT* pctxImpersonation, LPWSTR szCommand, LPCWSTR szWorkingDirectory, LPCWSTR rgszEnvironment, HANDLE* phProcess, HANDLE* phStdOut) { const UINT OUTPUT_BUFFER_SIZE = 1024; HRESULT hr = S_OK; @@ -1081,8 +1081,16 @@ HRESULT CExecOnComponent::LaunchProcess(LPWSTR szCommand, LPCWSTR szWorkingDirec si.hStdOutput = hOutWrite; si.hStdError = hErrWrite; - bRes = ::CreateProcessW(nullptr, szCommand, nullptr, nullptr, TRUE, ::GetPriorityClass(::GetCurrentProcess()) | CREATE_NO_WINDOW | CREATE_UNICODE_ENVIRONMENT, (LPVOID)rgszEnvironment, szWorkingDirectory, &si, &pi); - ExitOnNullWithLastError(bRes, hr, "Failed to create process"); + if (pctxImpersonation->hUserToken) + { + bRes = ::CreateProcessAsUser(pctxImpersonation->hUserToken, nullptr, szCommand, nullptr, nullptr, TRUE, ::GetPriorityClass(::GetCurrentProcess()) | CREATE_NO_WINDOW | CREATE_UNICODE_ENVIRONMENT, (LPVOID)rgszEnvironment, szWorkingDirectory, &si, &pi); + ExitOnNullWithLastError(bRes, hr, "Failed to create process"); + } + else + { + bRes = ::CreateProcess(nullptr, szCommand, nullptr, nullptr, TRUE, ::GetPriorityClass(::GetCurrentProcess()) | CREATE_NO_WINDOW | CREATE_UNICODE_ENVIRONMENT, (LPVOID)rgszEnvironment, szWorkingDirectory, &si, &pi); + ExitOnNullWithLastError(bRes, hr, "Failed to create process"); + } WcaLog(LOGLEVEL::LOGMSG_VERBOSE, "Launched process '%ls'", szCommand); if (phStdOut) @@ -1176,13 +1184,6 @@ HRESULT CExecOnComponent::Impersonate(LPCWSTR szDomain, LPCWSTR szUser, LPCWSTR bRes = ::CreateEnvironmentBlock(&pEnvironment, hUserToken, FALSE); ExitOnNullWithLastError(bRes, hr, "Failed to get environment block"); - if (hUserToken) - { - bRes = ::ImpersonateLoggedOnUser(hUserToken); - ExitOnNullWithLastError(bRes, hr, "Failed to impersonate user"); - bImpersonated = TRUE; - } - for (LPCWSTR sz = (LPCWSTR)pEnvironment; sz && *sz; sz += 1 + wcslen(sz)) { hr = pszEnvironmentMultiSz->MultiStringInsertString(sz); diff --git a/src/PanelSwCustomActions/ExecOnComponent.h b/src/PanelSwCustomActions/ExecOnComponent.h index 0bf4a7f..5928da1 100644 --- a/src/PanelSwCustomActions/ExecOnComponent.h +++ b/src/PanelSwCustomActions/ExecOnComponent.h @@ -41,7 +41,7 @@ class CExecOnComponent : HRESULT LogProcessOutput(HANDLE hProc, HANDLE hStdErrOut, LPWSTR *pszText); - HRESULT LaunchProcess(LPWSTR szCommand, LPCWSTR szWorkingDirectory, LPCWSTR rgszEnvironment, HANDLE* phProcess, HANDLE* phStdOut); + HRESULT LaunchProcess(IMPERSONATION_CONTEXT* pctxImpersonation, LPWSTR szCommand, LPCWSTR szWorkingDirectory, LPCWSTR rgszEnvironment, HANDLE* phProcess, HANDLE* phStdOut); // S_FALSE: Had no matches, go on with error handling. // S_OK: Ignore errors and continue diff --git a/src/TidyBuild.custom.props b/src/TidyBuild.custom.props index 07009e4..1f774b0 100644 --- a/src/TidyBuild.custom.props +++ b/src/TidyBuild.custom.props @@ -2,7 +2,7 @@ - 3.18.12 + 3.18.13 $(FullVersion).$(GITHUB_RUN_NUMBER) PanelSwWixExtension Panel::Software