📄 stafprocess.cpp
字号:
CTRL_C_EVENT : CTRL_BREAK_EVENT, info.pid); if (rc == FALSE) { if (osRC) *osRC = GetLastError(); return kSTAFBaseOSError; } } else return kSTAFUnknownError; } else return kSTAFHandleDoesNotExist; return kSTAFOk;}STAFRC_t STAFProcessRegisterEndCallback(STAFProcessID_t pid, STAFProcessHandle_t procHandle, void *callback, unsigned int callbackLevel){ if (callback == 0) return kSTAFInvalidValue; if (callbackLevel != 1) return kSTAFInvalidValue; STAFProcessEndCallbackLevel1 *callbackLevel1 = reinterpret_cast<STAFProcessEndCallbackLevel1 *>(callback); AddProcessMonitor(ProcessMonitorInfo(procHandle, pid, *callbackLevel1)); return kSTAFOk;}STAFRC_t STAFProcessGetHandleFromID(STAFProcessID_t processID, STAFProcessHandle_t *processHandle, unsigned int *osRC){ if (processHandle == 0) return kSTAFInvalidValue; // Walk through the monitorList and each corresponding monitor map to // determine if the pid already exists and is still running. If so, // then simply return the existing handle, rather than creating a // new handle. This fixes a Windows 95/98/Me problem with Java // services and WaitForMultipleObjects. { STAFMutexSemLock monitorListLock(sMonitorDataSem); ProcessMonitorInfo info; bool found = false; for (ProcessMonitorThreadList::iterator threadIter = sThreadList.begin(); threadIter != sThreadList.end(); ++threadIter) { for (ProcessMonitorMap::iterator mapIter = (*threadIter)->monitorMap.begin(); mapIter != (*threadIter)->monitorMap.end(); ++mapIter) { for (ProcessMonitorList::iterator listIter = mapIter->second.begin(); listIter != mapIter->second.end(); ++ listIter) { if (listIter->pid == processID) { info = *listIter; found = true; break; } } } } if (found) { if (STAFProcess::isRunning(info.handle)) { *processHandle = info.handle; return kSTAFOk; } } } HANDLE theHandle = OpenProcess(PROCESS_DUP_HANDLE | PROCESS_TERMINATE | PROCESS_QUERY_INFORMATION | SYNCHRONIZE, FALSE, processID); if (theHandle == NULL) { if (osRC) *osRC = GetLastError(); return kSTAFBaseOSError; } *processHandle = theHandle; return kSTAFOk;}STAFRC_t STAFProcessIsRunning(STAFProcessHandle_t processHandle, unsigned int *isRunning, unsigned int *osRC){ if (isRunning == 0) return kSTAFInvalidValue; DWORD retCode = 0; BOOL rc = GetExitCodeProcess(processHandle, &retCode); if (rc != TRUE) { if (osRC) *osRC = GetLastError(); return kSTAFBaseOSError; } *isRunning = (retCode == STILL_ACTIVE) ? 1 : 0; return kSTAFOk;}STAFRC_t STAFProcessIsValidAuthMode(STAFProcessAuthenticationMode_t authMode){ if ((authMode != kSTAFProcessAuthDisabled) && (authMode != kSTAFProcessAuthWindows)) return kSTAFInvalidValue; else return kSTAFOk;}STAFRC_t STAFProcessIsValidStopMethod(STAFProcessStopMethod_t stopMethod){ if (stopMethod == kSTAFProcessStopWithSigKillAll) return kSTAFInvalidValue; else return kSTAFOk;}unsigned int UserAuthenticate(STAFUserID_t &hUsrToken, STAFString &username, STAFString &password, bool mustValidate, unsigned int *osRC, STAFString &errorBuffer){ // Note: if no username has been specified, take // normal action if (username.length() == 0 || mustValidate == false) return 1; unsigned int systemErrorCode = 0; STAFString systemErrorMsg = ""; char usernameBuffer[256] = { 0 }; unsigned long buffLen = 256; BOOL rc = GetUserName(usernameBuffer, &buffLen); STAFString usernameStr = usernameBuffer; if (rc == FALSE) { systemErrorCode = GetLastError(); if (osRC) *osRC = systemErrorCode; STAFString_t systemErrorMsg = 0; STAFUtilWin32LookupSystemErrorMessage( systemErrorCode, &systemErrorMsg); errorBuffer = STAFString( "Error during process authentication for user name: ") + username + "\nGetUserName failed with OS RC " + systemErrorCode; STAFString systemErrorString = STAFString( systemErrorMsg, STAFString::kShallow); if (systemErrorString.length() != 0) errorBuffer += ": " + STAFString(systemErrorMsg); return 0; } // is user trying to start a process of its own? if so, no // authentication is needed, passwd is pretty much ignored if (usernameStr.toLowerCase() == username.toLowerCase()) { return 1; } STAFStringBufferPtr usernameInCCP = username.toCurrentCodePage(); STAFStringBufferPtr passwordInCCP = password.toCurrentCodePage(); // otherwise, create a handle that represents the specified // user rc = LogonUser((char *)usernameInCCP->buffer(), NULL, (char *)passwordInCCP->buffer(), LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &hUsrToken); if (rc == FALSE) { // An error occurred logging on as the user. // Set the error code and create an error message. systemErrorCode = GetLastError(); if (osRC) *osRC = systemErrorCode; STAFString_t systemErrorMsg = 0; STAFUtilWin32LookupSystemErrorMessage( systemErrorCode, &systemErrorMsg); errorBuffer = STAFString( "Error during process authentication for user name: ") + username + "\nLogonUser failed with OS RC " + systemErrorCode; STAFString systemErrorString = STAFString( systemErrorMsg, STAFString::kShallow); if (systemErrorString.length() != 0) errorBuffer += ": " + STAFString(systemErrorMsg); if (systemErrorCode == ERROR_PRIVILEGE_NOT_HELD) { // Get current process's privileges to add to the error message HANDLE processToken = 0; if (OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &processToken)) { STAFString privilegeErrorMsg; GetPrivilegeError(processToken, privilegeErrorMsg); errorBuffer += "\n" + privilegeErrorMsg; } } } return (rc == FALSE) ? 0 : 1;}// Note:// The following functions were added to run a process under another user id// on Windows NT/2000/XP. The code was derived from Keith Brown's// cmdasuser.cpp code obtained from Keith Brown's security samples page at// http://www.develop.com/kbrown. Keith Brown gave us his approval on// 12/06/2001 to use the code.// Helper functions for the Logon Session BrokerACL* GetUserObjectDacl(HANDLE h, DWORD cbExtra){ DWORD cb = 0; SECURITY_INFORMATION si = DACL_SECURITY_INFORMATION; GetUserObjectSecurity(h, &si, 0, cb, &cb); if (ERROR_INSUFFICIENT_BUFFER != GetLastError()) WriteTraceError("first GetUserObjectSecurity()"); void* psd = HeapAlloc(sProcessHeap, 0, cb); if (!psd) { WriteTraceError(STAFString("HeapAlloc() in GetUserObjectDacl(), ") + E_OUTOFMEMORY + ", "); } si = DACL_SECURITY_INFORMATION; if (!GetUserObjectSecurity(h, &si, psd, cb, &cb)) WriteTraceError("GetUserObjectSecurity()"); BOOL bPresent, bDefaulted; ACL* pdaclOld; if (!GetSecurityDescriptorDacl(psd, &bPresent, &pdaclOld, &bDefaulted)) WriteTraceError("GetSecurityDescriptorDacl()"); // Get the size of the existing DACL ACL_SIZE_INFORMATION info; if (!GetAclInformation(pdaclOld, &info, sizeof info, AclSizeInformation)) WriteTraceError("GetAclInformation()"); // Allocate enough memory for the existing DACL plus whatever extra space // the caller requires. cb = info.AclBytesInUse + cbExtra; ACL* pdaclNew = reinterpret_cast<ACL*>(HeapAlloc(sProcessHeap, 0, cb)); if (!pdaclNew) WriteTraceError("HeapAlloc() in GetUserObjectDacl()"); if (!InitializeAcl(pdaclNew, cb, ACL_REVISION)) WriteTraceError("InitializeAcl()"); // Copy over all the old aces to the new DACL for (DWORD i = 0; i < info.AceCount; ++i) { ACE_HEADER* pace = 0; if (!GetAce(pdaclOld, i, reinterpret_cast<void**>(&pace))) WriteTraceError("GetAce()"); if (!AddAce(pdaclNew, ACL_REVISION, MAXDWORD, pace, pace->AceSize)) WriteTraceError("AddAce()"); } HeapFree(sProcessHeap, 0, psd); return pdaclNew;}DWORD CalcAceSizeFromSid(void* psid){ return sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(psid);}#if _WIN32_WINNT < 0x500// This is such a simple function, it's bizarre that we had to wait until// W2K to get it.BOOL AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid){ if (!AddAccessAllowedAce(pAcl, dwAceRevision, AccessMask, pSid)) return FALSE; ACL_SIZE_INFORMATION info; if (!GetAclInformation(pAcl, &info, sizeof info, AclSizeInformation)) return FALSE; ACE_HEADER* pace = 0; if (!GetAce(pAcl, info.AceCount - 1, reinterpret_cast<void**>(&pace))) return FALSE; pace->AceFlags = static_cast<BYTE>(AceFlags); return TRUE;}#endif void DeleteMatchingAces(ACL* pdacl, void* psid){ ACL_SIZE_INFORMATION info; if (!GetAclInformation(pdacl, &info, sizeof info, AclSizeInformation)) WriteTraceError("GetAclInformation() in DeleteMatchingAces()"); // It's a bit easier to delete aces while iterating backwards so that // the iterator doesn't get honked up. DWORD i = info.AceCount; while (i--) { ACCESS_ALLOWED_ACE* pAce = 0; if (!GetAce(pdacl, i, reinterpret_cast<void**>(&pAce))) WriteTraceError("GetAce() in DeleteMatchingAces()"); if (EqualSid(psid, &pAce->SidStart)) DeleteAce(pdacl, i); }}/*******************************************************************************//* GrantAccessToWinsta - This function grants session SID access to the *//* interactive window station and the desktop. This is *//* ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -