implement non-EXE support

sudo/src/helpers.rs

@@ -15,6 +15,7 @@ use windows::Win32::System::Rpc::RPC_STATUS;
 use windows::Win32::System::SystemServices::{
     IMAGE_DOS_HEADER, IMAGE_DOS_SIGNATURE, IMAGE_NT_SIGNATURE, SE_TOKEN_USER, SE_TOKEN_USER_1,
 };
+use windows::Win32::UI::Shell::{AssocQueryStringW, ASSOCF, ASSOCSTR_COMMAND};
 use windows::{
     core::*, Win32::Foundation::*, Win32::Security::Authorization::*, Win32::Security::*,
     Win32::System::Console::*, Win32::System::Threading::*,
@@ -586,6 +587,52 @@ pub fn get_exe_subsystem<P: AsRef<Path>>(path: P) -> Result<IMAGE_SUBSYSTEM> {
     Ok(nt.OptionalHeader.Subsystem)
 }
 
+// TODO: Improve this logic
+pub fn get_default_application<P: AsRef<Path>>(path: P) -> Result<String> {
+    let ext = path.as_ref()
+        .extension()
+        .and_then(|ext| ext.to_str())
+        .map_or_else(String::new, |ext_str| format!(".{}", ext_str));
+    let mut buffer_size: u32 = 0;
+
+    let h_result = unsafe {
+        AssocQueryStringW(
+            ASSOCF::default(),
+            ASSOCSTR_COMMAND,
+            PCWSTR(HSTRING::from(ext.clone()).as_ptr()),
+            PCWSTR::null(),
+            PWSTR::null(),
+            &mut buffer_size,
+        )
+    };
+    if h_result.is_err() {
+        return Err(h_result.into());
+    }
+
+    let mut buffer: Vec<u16> = vec![0; buffer_size as usize];
+    let h_result = unsafe {
+        AssocQueryStringW(
+            ASSOCF::default(),
+            ASSOCSTR_COMMAND,
+            PCWSTR(HSTRING::from(ext).as_ptr()),
+            PCWSTR::null(),
+            PWSTR(buffer.as_mut_ptr()),
+            &mut buffer_size,
+        )
+    };
+    if h_result.is_err() {
+        return Err(h_result.into());
+    }
+
+    // The replace statements account for shell/open/command quirks
+    let result =
+    String::from_utf16_lossy(&buffer[..buffer_size as usize - 1])
+        .replace("\"%1\"", "")
+        .replace("%1", "");
+
+    Ok(result)
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;

sudo/src/run_handler.rs

@@ -150,7 +150,7 @@ fn adjust_args_for_intrinsics_and_cmdlets(req: &mut ElevateRequest) -> Result<bo
     Ok(false)
 }
 
-fn adjust_args_for_gui_exes(req: &mut ElevateRequest) {
+fn adjust_args_for_files(req: &mut ElevateRequest) {
     // We did find the command. We're now gonna try to find out if the file
     // is:
     // - An command line exe
@@ -169,15 +169,19 @@ fn adjust_args_for_gui_exes(req: &mut ElevateRequest) {
     tracing::trace_log_message(&format!("is_exe: {is_exe}"));
     tracing::trace_log_message(&format!("is_gui: {is_gui}"));
 
-    // TODO: figure out how to handle non-exe files. ShellExecute(runas,
-    // ...) doesn't do anything for them, and I'm not sure we can trivially
-    // have the service find out what the right verb is for an arbitrary
-    // extension. (this is the kind of comment I'm sure to be proven wrong
-    // about)
     if is_gui {
         tracing::trace_log_message("not cli exe. Force new window");
         req.sudo_mode = SudoMode::ForceNewWindow;
     }
+
+    // We're changing the argument to the application here and using the
+    // registry to figure out the default application for the specified
+    // file.
+    if !is_exe {
+        req.args
+            .splice(0..0, [req.application.clone()]);
+        req.application = get_default_application(&req.application).expect("Failed to get the default application");
+    }
 }
 
 pub fn run_target(
@@ -272,7 +276,7 @@ fn prepare_request(
         // found here in the unelevated context.
 
         req.application = absolute_path(&path)?.to_string_lossy().to_string();
-        adjust_args_for_gui_exes(&mut req);
+        adjust_args_for_files(&mut req);
     } else {
         tracing::trace_command_not_found(&req.application);