Catalin
Posts: 6540
Joined: Wed Jun 13, 2018 7:49 am

Re: Applying patch is changing service start type

Wed Mar 06, 2019 3:09 pm

Hello Collins,

Thank you for your followup on this and for the explanation. It seems that I have misunderstood what you meant in your first thread. I apologize for that.

I am currently investigating this and probably I will come to a conclusion soon (hopefully tomorrow).

Thank you for your patience.

All the best,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Catalin
Posts: 6540
Joined: Wed Jun 13, 2018 7:49 am

Re: Applying patch is changing service start type

Mon Mar 11, 2019 3:44 pm

Hello Collins,

First of all, I apologize for the delayed reply.

Thank you for your patience on this.

After further investigating this, I think that I have found a way in which you can achieve what you want.

A little explanation before I give you the step by step which you can follow in order to achieve that: First of all, there are two functions from the "Secureprop.dll" which we need to call in order to decrypt your property. One is the "GetRevealedTextLength" which will return the length of the plain text, to which we need to add 1 more unit, because the next function (which will reveal our text) is developed to also take in consideration the null character that is present at the end of the string. Without doing so, the revealed text will miss its last character (for instance, for a property having its value: "YourValue" --> the "RevealText" function will return "YourValu", without the "e").

Now that I have (hopefully) explained the concept behind this well enough, it is time to work on an example:

Let's say we have a newly created project in which we have the following two props:

PROPERTY --> VALUE

MY_PROP --> YourValue
RESULT_PROP --> 0

where:

- RESULT_PROP is a property which we will further use as an argument to one of our function's call.
- MY_PROP is the property which will have the "Secure property" flag set for itself.

Now it is time to configure the custom actions that will decrypt the earlier encrypted property.

Before we begin, please not that all these custom actions should be scheduled after the "Finish Execution" action group.

First thing we need to do is to call the "GetRevealedTextLength" function from our dll. To do so, you can use a "Call function from standard DLL" custom action, with sequence. The custom action should be configured as it follows:


Path: [#SecureProp.dll]

Return type: Unsigned Integer

Return property: PROPERTY_LENGTH

Calling convention: Standard Calling Convention

Name: GetRevealedTextLength


Arguments:

here you will need to create an argument as it follows:

IO Type: By reference
Type: Unicode String
Source Type: Property
Source: MY_PROP


Execution Time: Immediately
FirstFunctionCall.PNG
FirstFunctionCall.PNG (143.29KiB)Viewed 6505 times
Now it is time to increase the property which stores the length (in our case, PROPERTY_LENGTH) value by 1, as explained above. To do so, please add a "PowerShellScriptInline" custom action, with sequence. Schedule it after the earlier added "CallFunctionFromDLL" custom action. The custom action's content can be as it follows:

Code: Select all

$prop = AI_GetMsiProperty PROPERTY_LENGTH
$incremented = [int]$prop+1
AI_SetMsiProperty PROPERTY_LENGTH "$incremented"
Now the PROPERTY_LENGTH property will have the correct length.

Now it is time to configure the second custom action which will call the "RevealText" function. To do so, please add another "Call function from standard DLL" custom action and configure it as it follows:

Path: [#SecureProp.dll]

Return type: Void

Calling convention: Standard Calling Convention

Name: RevealText


Arguments:

here, the function takes 3 arguments as input. Here is how you can configure them:

First argument:

IO Type: By Reference
Type: Unicode String
Source type: Property
Source: MY_PROP


Second argument:

IO Type: By Reference
Type: Unicode string
Source type: Property
Source: RESULT_PROP


Third argument:

IO Type: By value
Type: Unsigned integer
Source type: Property
Source: PROPERTY_LENGTH

SecondFunctionCall.PNG
SecondFunctionCall.PNG (145.86KiB)Viewed 6505 times
By calling this function, the result (the property in plain text) will be stored in the RESULT_PROP property.

Also, attached to this thread you can find a sample project which you can use for your reference:
Your Application.aip
(16.29KiB)Downloaded 259 times
Hope this helps.

All the best,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Collins
Posts: 138
Joined: Wed Oct 12, 2016 2:57 pm

Re: Applying patch is changing service start type

Tue Mar 12, 2019 7:01 am

Thank you, I will try this, but one question. Can these custom actions be scheduled before the built in StartService custom action? If it's schedule after, it will fail to start the service because this custom action hasn't run yet to get the password and the field will be empty.



I just tried this as provided and it's not working. It's just returning the default value of the MY_PROP. In the secureprop example, it was loading the property from an ini file:

private static void SecureProps()
{
// Load the properties from the ini file
List<SecuredProperty> properties = new List<SecuredProperty>();
LoadPropertiesFromIni(ref properties);
if (properties.Count == 0)
return;


but it's not doing that here, it's just reading it as is which is why I'm assuming its just returning the default value. Will the original value need to be stored somewhere first and then retrieved?

Catalin
Posts: 6540
Joined: Wed Jun 13, 2018 7:49 am

Re: Applying patch is changing service start type

Wed Mar 13, 2019 1:20 pm

Hello Collins,
Can these custom actions be scheduled before the built in StartService custom action?
There should not be any problems if you schedule the custom actions before the "StartService" action.
It's just returning the default value of the MY_PROP.
Isn't that what you wanted to achieve? By default, when checking the "Secure property" flag, the property is stored encrypted in your project. By decrypting it, it will return the default value of the property.

All the best,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Collins
Posts: 138
Joined: Wed Oct 12, 2016 2:57 pm

Re: Applying patch is changing service start type

Wed Mar 13, 2019 2:39 pm

Isn't that what you wanted to achieve? By default, when checking the "Secure property" flag, the property is stored encrypted in your project. By decrypting it, it will return the default value of the property.
I was referring to the default value for the property under "Install Parameters" and not the value updated in the ini file. See the following attachment
UserPassword.png
UserPassword.png (5.22KiB)Viewed 6486 times
But I was able to get it to write the value to the registry encrypted and then use a registry search and setproperty to get the value. Not sure why the ini value & ini search didn't work.

There should not be any problems if you schedule the custom actions before the "StartService" action.
I tried moving the custom actions to right after Add Resources-->RegisterComPlus (this is right before the install & start service actions) standard action and I get the following error:

MSI (s) (1C:D8) [09:26:51:016]: Doing action: AI_DATA_SETTER_12
Action 9:26:51: AI_DATA_SETTER_12.
Action start 9:26:51: AI_DATA_SETTER_12.
MSI (s) (1C:D8) [09:26:51:017]: PROPERTY CHANGE: Modifying CustomActionData property. Its current value is ''. Its new value: 'C:\Program Files\Company\Audit\SecureProp.dll?D;PROPERTY_LENGTH;S;GetRevealedTextLength;Q;S;P;USER_PASSWORD?'.
Action ended 9:26:51: AI_DATA_SETTER_12. Return value 1.
MSI (s) (1C:D8) [09:26:51:017]: Doing action: CallFunctionFromDLL
Action 9:26:51: CallFunctionFromDLL.
Action start 9:26:51: CallFunctionFromDLL.
MSI (s) (1C:D8) [09:26:51:019]: Creating MSIHANDLE (3293) of type 790542 for thread 29912
MSI (s) (1C:F8) [09:26:51:019]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSID40C.tmp, Entrypoint: CallStdFcn
MSI (s) (1C!8C) [09:26:51:034]: Creating MSIHANDLE (3294) of type 790531 for thread 36748
Error 4157. Failed to load C:\Program Files\Company\Audit\SecureProp.dll. Error:The specified module could not be found.

MSI (s) (1C!8C) [09:29:16:038]: Product: Vertafore Audit Service -- Error 4157. Failed to load C:\Program Files\Company\Audit\SecureProp.dll. Error:The specified module could not be found.

MSI (s) (1C!8C) [09:29:16:039]: Closing MSIHANDLE (3294) of type 790531 for thread 36748
CustomAction CallFunctionFromDLL returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
MSI (s) (1C:F8) [09:29:16:039]: Closing MSIHANDLE (3293) of type 790542 for thread 29912
Action ended 9:29:16: CallFunctionFromDLL. Return value 3.

I tried adding the secureprop.dll as a temp file and loading it from there and I still get the same error.

I attached the AIP so you could see how the custom actions are configured:
AuditService_PassEncrypt.aip
(311.92KiB)Downloaded 258 times

Collins
Posts: 138
Joined: Wed Oct 12, 2016 2:57 pm

Re: Applying patch is changing service start type

Mon Mar 18, 2019 2:39 pm

Any updates on this?

Catalin
Posts: 6540
Joined: Wed Jun 13, 2018 7:49 am

Re: Applying patch is changing service start type

Tue Mar 19, 2019 11:14 am

Hello Collins,

First of all, I apologize for the delayed reply.
But I was able to get it to write the value to the registry encrypted and then use a registry search and setproperty to get the value.
I am glad you got this working.
I tried moving the custom actions to right after Add Resources-->RegisterComPlus (this is right before the install & start service actions) standard action and I get the following error:
Indeed, you are right. Please ignore my last answer about this, it seems that I have misunderstood your question. Unfortunately, I am afraid that you can not schedule the custom action before the Finish Execution. There are two reasons for this:

1- the custom action must have its "Execution Time" of "Immediately"

2- the secure prop DLL is copied on the target machine during the Deferred stage --> "Add resources" action group.

If the two conditions from above are combined, it means that the custom action can not be scheduled before the "Finish Execution" action group, unless there is a way to copy the SecureProp.dll on the target machine before the Deferred stage takes place. The only thing that I can think of right now is using our support for temporary files, which you have tried and does not work.

As of this moment, I am afraid I am not aware of any way in which you could achieve that. Please give me some more time so I can further investigate this and as soon as I come to a conclusion, I will let you know.

All the best,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Collins
Posts: 138
Joined: Wed Oct 12, 2016 2:57 pm

Re: Applying patch is changing service start type

Tue Mar 19, 2019 1:44 pm

Thank you Catalin. If not possible, I would like to request this as a feature.

Catalin
Posts: 6540
Joined: Wed Jun 13, 2018 7:49 am

Re: Applying patch is changing service start type

Wed Mar 27, 2019 10:27 am

Hello Collins,

First of all, thank you for your patience.

I have further investigated this and I have found that it is possible to achieve what you want. For this, we will make use of our predefined support for temporary files. Here is how you can proceed:

- first of all, delete the earlier created custom actions from your project.

- now, please delete the "SecureProp.dll" dll from "Files and Folders" page. After doing so, please add it as a temporary file by pressing the "Add temporary files" button from the toolbar. The SecureProp.dll can be found at the following location:

Code: Select all

C:\Program Files (x86)\Caphyon\Advanced Installer 15.8\custact\x86
- both custom actions can be scheduled after the "Searches" action group - "Install Execution Stage"

- one last thing that needs to be mentioned is that the property that you are trying to secure must have the "Set persistent property" attribute set, so its value is kept during the Maintenance Mode.

Also, please find attached a sample project which I think you may find useful while trying to implement the above:
CollinsSample-SecureProp.aip
(18.98KiB)Downloaded 256 times
Hope this helps.

All the best,
Catalin
Catalin Gheorghe - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Return to “Common Problems”