install.c

文件过滤驱动

/*++

Copyright (c) 1999  Microsoft Corporation

Module Name:

   install.c

Abstract:

   This is the main module to install the filespy filter driver.  This was
   adapted from the sfilter installation probram.


Environment:

   User Mode Only

Revision History:

--*/

#include <windows.h>
#include <stdio.h>
#include <conio.h>
#include "fspyServ.h"
#include "..\kenerl\MyFileSpy.h"

VOID
DisplayError(
   DWORD Code
   ) ;


void __cdecl main (argc, argv)
   int argc;
   char *argv[];

/*++

Routine Description:

   This is the program entry point and main processing routine for the
   installation console mode application. It will be responsible for
   installing the file system filter driver into the registry and preparing
   the system for a reboot.

Arguments:

   argc - The count of arguments passed into the command line.

   argv - Array of arguments passed into the command line.

Return Value:

   None.

--*/

{
    SC_HANDLE           serviceControlManager = NULL;
    SC_HANDLE           filespyService = NULL;
    DWORD               errorCode;
    WCHAR               systemDirectory[MAX_PATH];
    WCHAR               loadGroup[24];
    BOOL                status;
    HANDLE              processToken;
    TOKEN_PRIVILEGES    tokenPriv;
    HKEY                key = NULL;
    WCHAR               keyPath[MAX_PATH];
    LONG                openStatus;
    ULONG               initialValue;
    
    //
    // Begin by displaying an introduction message to the user to let them
    // know that the application has started.
    //
    
    printf("\MyFSpy.sys Simple Installation Aid\n") ;
    printf("Copyright (c) 1999  Microsoft Corporation\n") ;
    printf("\n\n") ;
    
    //
    // Get the system directory so that the driver can be put in the correct
    // location. Concatenate the path to include the drivers directory and
    // the binary name.
    //
    
    GetSystemDirectory (systemDirectory, sizeof (systemDirectory)) ;
    wcscat (systemDirectory, L"\\drivers\\MyFSpy.sys") ;
    
    //
    // Copy the file to the appropriate directory on the target drive.
    //
    
    status = CopyFile (L"MyFSpy.sys", systemDirectory, FALSE) ;

    if (!status) {

        errorCode = GetLastError();
        printf("Copying of filespy.sys to the correct location failed.  Make "
               "sure that the install program is being run from a directory "
               "which contains filespy.sys.\n\n" );
        DisplayError( errorCode );
        goto Cleanup;
    }
    
    //
    // Obtain a handle to the service control manager requesting all access
    //
    
    serviceControlManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
    
    //
    // Verify that a handle could be obtained.
    //
    
    if (!serviceControlManager) {
    
      //
      // A handle could not be obtained. Get the error code and display a
      // useful message to the user.
      //
    
      errorCode = GetLastError() ;
      printf("The Service Control Manager could not be opened.\n") ;
      DisplayError (errorCode) ;
      goto Cleanup;
    }
    
    //
    // Set up the load order group for the driver. Set the driver name as well.
    //
    
    wcscpy (loadGroup, L"filter") ;
    
    //
    // Install the service with the Service Control Manager.
    //
    
    filespyService = CreateService (
        serviceControlManager,
        FILESPY_SERVICE_NAME,
        FILESPY_SERVICE_NAME,
        FILESPY_SERVICE_ACCESS,
        SERVICE_FILE_SYSTEM_DRIVER,
#ifdef SPY_BOOT_DRIVER
        SERVICE_BOOT_START,
#else        
        SERVICE_DEMAND_START,
#endif        
        SERVICE_ERROR_NORMAL,
        systemDirectory,
        loadGroup,
        NULL,
        NULL,
        NULL,
        NULL) ;
    
    //
    // Check to see if the driver could actually be installed.
    //
    
    if (!filespyService) {
    
      //
      // The driver could not be installed. Display a useful error message
      // and exit.
      //
    
      printf("Filespy could not be installed.\n") ;
      errorCode = GetLastError() ;
      DisplayError (errorCode) ;
      goto Cleanup;
    }
    
    //
    // Get a handle to the key for driver so that it can be altered in the
    // next step.
    //
    
    wcscpy (keyPath, L"SYSTEM\\CurrentControlSet\\Services\\MyFSpy") ;
    openStatus = RegOpenKeyEx (HKEY_LOCAL_MACHINE,
                              keyPath,
                              0,
                              KEY_ALL_ACCESS,
                              &key) ;
    
    //
    // Check the return to make sure that the application could get a
    // handle to the key.
    //
    
    if (openStatus != ERROR_SUCCESS) {
    
      //
      // A problem has occured. Delete the service so that it is not
      // installed, then display error message and exit.
      //
    
      DeleteService (filespyService) ;
      printf("Key could not be opened for driver.\n") ;
      DisplayError (openStatus) ;
      goto Cleanup;
    }
    
    //
    // Delete the ImagePath value in the newly created key so that the
    // system looks for the driver in the normal location.
    //
    
    openStatus = RegDeleteValue (key, L"ImagePath") ;
    
    //
    // Make sure that the application could delete the value.
    //
    
    if (openStatus != ERROR_SUCCESS) {
    
      //
      // A problem has occurred. Delete the service so that it isn't
      // installed, then display the error message and exit
      //
    
      DeleteService(filespyService);
      printf("Could not delete ImagePath key.\n") ;
      DisplayError (openStatus) ;
      goto Cleanup;
    }
    
    //
    // Add the MaxRecords and MaxNames parameters to the registry
    //
    initialValue = 500;
    openStatus = RegSetValueEx(
        key,
        L"MaxRecords",
        0,
        REG_DWORD,
        (PUCHAR)&initialValue,
        sizeof(initialValue));

    openStatus = RegSetValueEx(
        key,
        L"MaxNames",
        0,
        REG_DWORD,
        (PUCHAR)&initialValue,
        sizeof(initialValue));

    //
    // Display a message indicating that the driver has successfully been
    // installed and the system will be shutting down.
    //
    
    printf("Driver successfully installed.\n\n") ;

Cleanup:
    //
    // Close the key handle if it is set since it is no longer needed.
    //
    if (key) {
        RegCloseKey(key);
    }
    
    //
    // The driver has now been installed or there was an error. Close the 
    // service handle and ServiceControlManager handle if they were set
    // since we don't need them any longer.
    //
    if(filespyService){
        CloseServiceHandle(filespyService);
    }
    if(serviceControlManager) {
        CloseServiceHandle(serviceControlManager);
    }
}


VOID
DisplayError (
   DWORD Code
   )

/*++

Routine Description:

   This routine will display an error message based off of the Win32 error
   code that is passed in. This allows the user to see an understandable
   error message instead of just the code.

Arguments:

   Code - The error code to be translated.

Return Value:

   None.

--*/

{
   WCHAR                                    buffer[80] ;
   DWORD                                    count ;

   //
   // Translate the Win32 error code into a useful message.
   //

   count = FormatMessage (FORMAT_MESSAGE_FROM_SYSTEM,
                          NULL,
                          Code,
                          0,
                          buffer,
                          sizeof (buffer),
                          NULL) ;

   //
   // Make sure that the message could be translated.
   //

   if (count == 0) {

      printf("\nError could not be translated.\n Code: %d\n", Code) ;
      return;
   }
   else {

      //
      // Display the translated error.
      //

      printf("%S\n", buffer) ;
      return;
   }
}