1.11.0b
This commit is contained in:
parent
f04c98fba2
commit
dbb01ef7cf
|
@ -778,22 +778,32 @@ _FX PROCESS *Process_Create(
|
|||
exclusive_setting = L"NoSecurityIsolation";
|
||||
else if (proc->protect_host_images)
|
||||
exclusive_setting = L"ProtectHostImages";
|
||||
else if (proc->confidential_box)
|
||||
exclusive_setting = L"ConfidentialBox";
|
||||
|
||||
if (exclusive_setting) {
|
||||
|
||||
Log_Msg_Process(MSG_6004, proc->box->name, exclusive_setting, box->session_id, proc->pid);
|
||||
|
||||
//Pool_Delete(pool);
|
||||
//Process_CreateTerminated(ProcessId, box->session_id);
|
||||
//return NULL;
|
||||
|
||||
// allow the process to run for a sort while to allow the features to be evaluated
|
||||
Process_ScheduleKill(proc, 5*60*1000); // 5 minutes
|
||||
}
|
||||
}
|
||||
|
||||
if (!CERT_IS_LEVEL(Verify_CertInfo, eCertStandard2) && !proc->image_sbie) {
|
||||
|
||||
const WCHAR* exclusive_setting = NULL;
|
||||
if (proc->confidential_box)
|
||||
exclusive_setting = L"ConfidentialBox";
|
||||
|
||||
if (exclusive_setting) {
|
||||
|
||||
Log_Msg_Process(MSG_6009, proc->box->name, exclusive_setting, box->session_id, proc->pid);
|
||||
|
||||
Pool_Delete(pool);
|
||||
Process_CreateTerminated(ProcessId, box->session_id);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// configure monitor options
|
||||
//
|
||||
|
|
|
@ -762,9 +762,9 @@ _FX NTSTATUS KphValidateCertificate()
|
|||
Verify_CertInfo.level = eCertStandard;
|
||||
else if (level && _wcsicmp(level, L"ADVANCED") == 0)
|
||||
Verify_CertInfo.level = eCertAdvanced;
|
||||
// scheme 1.1 >>>
|
||||
else if (CERT_IS_TYPE(Verify_CertInfo, eCertPersonal) || CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
|
||||
{
|
||||
// scheme 1.1 >>>
|
||||
if (level && _wcsicmp(level, L"HUGE") == 0) {
|
||||
Verify_CertInfo.type = eCertEternal;
|
||||
Verify_CertInfo.level = eCertMaxLevel;
|
||||
|
@ -774,24 +774,24 @@ _FX NTSTATUS KphValidateCertificate()
|
|||
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 0, 2); // 2 years
|
||||
}
|
||||
else if (level && _wcsicmp(level, L"MEDIUM") == 0) { // 1 year - personal
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
Verify_CertInfo.level = eCertStandard2;
|
||||
}
|
||||
else if (level && _wcsicmp(level, L"ENTRY") == 0) { // PATREON-ENTRY new patreons get only 3 montgs for start
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
Verify_CertInfo.level = eCertStandard2;
|
||||
if(CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
|
||||
Verify_CertInfo.type = eCertEntryPatreon;
|
||||
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 3, 0);
|
||||
}
|
||||
else if (level && _wcsicmp(level, L"SMALL") == 0) { // 1 year - subscription
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
Verify_CertInfo.level = eCertStandard2;
|
||||
Verify_CertInfo.type = eCertSubscription;
|
||||
}
|
||||
else
|
||||
// <<< scheme 1.1
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
}
|
||||
else if (CERT_IS_TYPE(Verify_CertInfo, eCertBusiness))
|
||||
Verify_CertInfo.level = eCertStandard;
|
||||
// <<< scheme 1.1
|
||||
|
||||
if(CertDbg) DbgPrint("Sbie Cert level: %X\n", Verify_CertInfo.level);
|
||||
|
||||
|
|
|
@ -78,7 +78,8 @@ enum ECertType {
|
|||
enum ECertLevel {
|
||||
eCertNoLevel = 0b000,
|
||||
eCertStandard = 0b010,
|
||||
eCertAdvanced = 0b100,
|
||||
eCertStandard2 = 0b011,
|
||||
eCertAdvanced = 0b101,
|
||||
eCertMaxLevel = 0b111,
|
||||
};
|
||||
|
||||
|
|
|
@ -980,9 +980,10 @@ bool MountManager::AcquireBoxRoot(const WCHAR* boxname, const WCHAR* reg_root, c
|
|||
std::wstring TargetNtPath;
|
||||
|
||||
SCertInfo CertInfo = { 0 };
|
||||
if (UseFileImage && (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, eCertAdvanced))) {
|
||||
const WCHAR* strings[] = { boxname, L"UseFileImage", NULL };
|
||||
SbieApi_LogMsgExt(session_id, 6009, strings);
|
||||
//if ((UseFileImage || UseRamDisk) && (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, (UseFileImage ? eCertAdvanced : eCertStandard)))) {
|
||||
if ((UseFileImage || UseRamDisk) && (!NT_SUCCESS(SbieApi_Call(API_QUERY_DRIVER_INFO, 3, -1, (ULONG_PTR)&CertInfo, sizeof(CertInfo))) || !CERT_IS_LEVEL(CertInfo, (UseFileImage ? 0b100 : eCertStandard)))) {
|
||||
const WCHAR* strings[] = { boxname, UseFileImage ? L"UseFileImage" : L"UseRamDisk" , NULL };
|
||||
SbieApi_LogMsgExt(session_id, UseFileImage ? 6009 : 6008, strings);
|
||||
errlvl = 0x66;
|
||||
} else
|
||||
|
||||
|
|
|
@ -87,15 +87,18 @@ void COptionsWindow::CreateGeneral()
|
|||
}
|
||||
}
|
||||
|
||||
if (g_Certificate.isEmpty()) {
|
||||
if (!CERT_IS_LEVEL(g_CertInfo, eCertStandard)) {
|
||||
QWidget* ExWidgets[] = { ui.chkSecurityMode, ui.chkLockDown, ui.chkRestrictDevices,
|
||||
ui.chkPrivacy, ui.chkUseSpecificity,
|
||||
ui.chkNoSecurityIsolation, ui.chkNoSecurityFiltering, ui.chkConfidential, ui.chkHostProtect, NULL };
|
||||
ui.chkNoSecurityIsolation, ui.chkNoSecurityFiltering, ui.chkHostProtect, NULL };
|
||||
for (QWidget** ExWidget = ExWidgets; *ExWidget != NULL; ExWidget++)
|
||||
COptionsWindow__AddCertIcon(*ExWidget);
|
||||
}
|
||||
if (!CERT_IS_LEVEL(g_CertInfo, eCertStandard2))
|
||||
COptionsWindow__AddCertIcon(ui.chkConfidential, true);
|
||||
if (!CERT_IS_LEVEL(g_CertInfo, eCertAdvanced)) {
|
||||
COptionsWindow__AddCertIcon(ui.chkEncrypt, true);
|
||||
COptionsWindow__AddCertIcon(ui.chkAllowEfs, true);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -523,6 +523,7 @@ CSettingsWindow::CSettingsWindow(QWidget* parent)
|
|||
|
||||
//COptionsWindow__AddCertIcon(ui.chkUpdateTemplates);
|
||||
COptionsWindow__AddCertIcon(ui.chkUpdateIssues);
|
||||
COptionsWindow__AddCertIcon(ui.chkRamDisk);
|
||||
|
||||
this->installEventFilter(this); // prevent enter from closing the dialog
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
#define VERSION_MJR 1
|
||||
#define VERSION_MIN 11
|
||||
#define VERSION_REV 0
|
||||
#define VERSION_UPD 1
|
||||
#define VERSION_UPD 2
|
||||
|
||||
#ifndef STR
|
||||
#define STR2(X) #X
|
||||
|
|
Loading…
Reference in New Issue