Don't fail if SaferPolicy API is not available on Win10 IoT or NanoServer (#7075)
* don't fail if SaferApi is not available * fix install-powershellremoting to work on Windows PowerShell 5.1
This commit is contained in:
parent
bda8fd376c
commit
abcdce4e3e
|
@ -477,6 +477,8 @@ namespace System.Management.Automation.Internal
|
|||
|
||||
#endregion execution policy
|
||||
|
||||
private static bool _saferIdentifyLevelApiSupported = true;
|
||||
|
||||
/// <summary>
|
||||
/// Get the pass / fail result of calling the SAFER API
|
||||
/// </summary>
|
||||
|
@ -489,6 +491,11 @@ namespace System.Management.Automation.Internal
|
|||
{
|
||||
SaferPolicy status = SaferPolicy.Allowed;
|
||||
|
||||
if (!_saferIdentifyLevelApiSupported)
|
||||
{
|
||||
return status;
|
||||
}
|
||||
|
||||
SAFER_CODE_PROPERTIES codeProperties = new SAFER_CODE_PROPERTIES();
|
||||
IntPtr hAuthzLevel;
|
||||
|
||||
|
@ -555,7 +562,15 @@ namespace System.Management.Automation.Internal
|
|||
}
|
||||
else
|
||||
{
|
||||
throw new System.ComponentModel.Win32Exception(Marshal.GetLastWin32Error());
|
||||
int lastError = Marshal.GetLastWin32Error();
|
||||
if (lastError == NativeConstants.FUNCTION_NOT_SUPPORTED)
|
||||
{
|
||||
_saferIdentifyLevelApiSupported = false;
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new System.ComponentModel.Win32Exception(lastError);
|
||||
}
|
||||
}
|
||||
|
||||
return status;
|
||||
|
|
|
@ -24,68 +24,115 @@ namespace System.Management.Automation.Security
|
|||
// Safer native constants
|
||||
internal partial class NativeConstants
|
||||
{
|
||||
/// <Summary>
|
||||
/// SAFER_TOKEN_NULL_IF_EQUAL -> 0x00000001
|
||||
/// </Summary>
|
||||
public const int SAFER_TOKEN_NULL_IF_EQUAL = 1;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_TOKEN_COMPARE_ONLY -> 0x00000002
|
||||
/// </Summary>
|
||||
public const int SAFER_TOKEN_COMPARE_ONLY = 2;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_TOKEN_MAKE_INERT -> 0x00000004
|
||||
/// </Summary>
|
||||
public const int SAFER_TOKEN_MAKE_INERT = 4;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_CRITERIA_IMAGEPATH -> 0x00001
|
||||
/// </Summary>
|
||||
public const int SAFER_CRITERIA_IMAGEPATH = 1;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_CRITERIA_NOSIGNEDHASH -> 0x00002
|
||||
/// </Summary>
|
||||
public const int SAFER_CRITERIA_NOSIGNEDHASH = 2;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_CRITERIA_IMAGEHASH -> 0x00004
|
||||
/// </Summary>
|
||||
public const int SAFER_CRITERIA_IMAGEHASH = 4;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_CRITERIA_AUTHENTICODE -> 0x00008
|
||||
/// </Summary>
|
||||
public const int SAFER_CRITERIA_AUTHENTICODE = 8;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_CRITERIA_URLZONE -> 0x00010
|
||||
/// </Summary>
|
||||
public const int SAFER_CRITERIA_URLZONE = 16;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_CRITERIA_IMAGEPATH_NT -> 0x01000
|
||||
/// </Summary>
|
||||
public const int SAFER_CRITERIA_IMAGEPATH_NT = 4096;
|
||||
|
||||
/// <Summary>
|
||||
/// WTD_UI_NONE -> 0x00002
|
||||
/// </Summary>
|
||||
public const int WTD_UI_NONE = 2;
|
||||
|
||||
/// <Summary>
|
||||
/// S_OK -> ((HRESULT)0L)
|
||||
/// </Summary>
|
||||
public const int S_OK = 0;
|
||||
|
||||
/// <Summary>
|
||||
/// S_FALSE -> ((HRESULT)1L)
|
||||
/// </Summary>
|
||||
public const int S_FALSE = 1;
|
||||
|
||||
/// <Summary>
|
||||
/// ERROR_MORE_DATA -> 234L
|
||||
/// </Summary>
|
||||
public const int ERROR_MORE_DATA = 234;
|
||||
|
||||
/// <Summary>
|
||||
/// ERROR_ACCESS_DISABLED_BY_POLICY -> 1260L
|
||||
/// </Summary>
|
||||
public const int ERROR_ACCESS_DISABLED_BY_POLICY = 1260;
|
||||
|
||||
/// <Summary>
|
||||
/// ERROR_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY -> 786L
|
||||
/// </Summary>
|
||||
public const int ERROR_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY = 786;
|
||||
|
||||
/// <Summary>
|
||||
/// SAFER_MAX_HASH_SIZE -> 64
|
||||
/// </Summary>
|
||||
public const int SAFER_MAX_HASH_SIZE = 64;
|
||||
|
||||
/// <Summary>
|
||||
/// SRP_POLICY_SCRIPT -> L"SCRIPT"
|
||||
/// </Summary>
|
||||
public const string SRP_POLICY_SCRIPT = "SCRIPT";
|
||||
|
||||
/// <Summary>
|
||||
/// SIGNATURE_DISPLAYNAME_LENGTH -> MAX_PATH
|
||||
/// </Summary>
|
||||
internal const int SIGNATURE_DISPLAYNAME_LENGTH = NativeConstants.MAX_PATH;
|
||||
|
||||
/// <Summary>
|
||||
/// SIGNATURE_PUBLISHER_LENGTH -> 128
|
||||
/// </Summary>
|
||||
internal const int SIGNATURE_PUBLISHER_LENGTH = 128;
|
||||
|
||||
/// <Summary>
|
||||
/// SIGNATURE_HASH_LENGTH -> 64
|
||||
/// </Summary>
|
||||
internal const int SIGNATURE_HASH_LENGTH = 64;
|
||||
|
||||
/// <Summary>
|
||||
/// MAX_PATH -> 260
|
||||
/// </Summary>
|
||||
internal const int MAX_PATH = 260;
|
||||
|
||||
/// <Summary>
|
||||
/// This function is not supported on this system
|
||||
/// </Summary>
|
||||
internal const int FUNCTION_NOT_SUPPORTED = 120;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
|
|
@ -124,7 +124,7 @@ function Install-PluginEndpoint {
|
|||
# #
|
||||
######################
|
||||
|
||||
if ($PsCmdlet.ParameterSetName -eq "ByPath")
|
||||
if ($PowerShellHome -ne $null)
|
||||
{
|
||||
$targetPsHome = $PowerShellHome
|
||||
$targetPsVersion = & "$targetPsHome\pwsh" -NoProfile -Command '$PSVersionTable.PSVersion.ToString()'
|
||||
|
@ -135,6 +135,7 @@ function Install-PluginEndpoint {
|
|||
$targetPsHome = $PSHOME
|
||||
$targetPsVersion = $PSVersionTable.PSVersion.ToString()
|
||||
}
|
||||
Write-Verbose "PowerShellHome: $targetPsHome" -Verbose
|
||||
|
||||
# For default, not tied to the specific version endpoint, we apply
|
||||
# only first number in the PSVersion string to the endpoint name.
|
||||
|
@ -163,7 +164,16 @@ function Install-PluginEndpoint {
|
|||
return
|
||||
}
|
||||
|
||||
if ($PSVersionTable.PSVersion -lt "6.0")
|
||||
{
|
||||
# This script is primarily used from Windows PowerShell for Win10 IoT and NanoServer to setup PSCore6 remoting endpoint
|
||||
# so it's ok to hardcode to 'C:\Windows' for those systems
|
||||
$pluginBasePath = Join-Path "C:\Windows\System32\PowerShell" $targetPsVersion
|
||||
}
|
||||
else
|
||||
{
|
||||
$pluginBasePath = Join-Path ([System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::Windows) + "\System32\PowerShell") $targetPsVersion
|
||||
}
|
||||
|
||||
$resolvedPluginAbsolutePath = ""
|
||||
if (! (Test-Path $pluginBasePath))
|
||||
|
|
Loading…
Reference in a new issue