archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/base/screg/sc/server/lockapi.cxx

981 lines
24 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. LockAPI.cxx
  9. Abstract:
  11. This file contains the Service Controller's lock APIs:
  13. RLockServiceDatabase
  14. RQueryServiceLockStatusW
  15. RUnlockServiceDatabase
  16. SC_RPC_LOCK_rundown
  18. Author:
  20. John Rogers (JohnRo) 14-Apr-1992
  22. Environment:
  24. User Mode - Win32
  26. Revision History:
  28. 26-Mar-1992 danl
  29. Created the stubbed out version for RPC.
  30. 17-Apr-1992 JohnRo
  31. Split lock APIs out from config API stubs in CfgAPI.c.
  32. Did initial coding of all lock APIs.
  33. 22-Apr-1992 JohnRo
  34. Made changes suggested by PC-LINT.
  35. Use SC_LOG0(), etc.
  36. 06-Aug-1992 ritaw
  37. Completed the code.
  39. --*/
  42. //
  43. // INCLUDES
  44. //
  46. #include "precomp.hxx"
  47. extern "C" {
  48. #include <ntlsa.h> // LsaLookupSids
  49. }
  50. #include <stdlib.h> // wide character c runtimes.
  51. #include <tstr.h> // Unicode string macros
  52. #include <sclib.h> // ScCopyStringToBufferW().
  53. #include <time.h> // time().
  54. #include "account.h" // SCDOMAIN_USERNAME_SEPARATOR
  55. #include "lockapi.h" // ScLockDatabase
  56. #include "scsec.h" // ScGetClientSid
  58. #define SC_MANAGER_USERNAME L".\\NT Service Control Manager"
  61. #define ScDatabaseNamesMatch(a,b) (_wcsicmp( (a), (b) ) == 0)
  64. // Macros to lock and unlock the lock list:
  67. #define LOCK_API_LOCK_LIST_SHARED( comment ) \
  68. { \
  69. ScServiceRecordLock.GetShared(); \
  70. }
  72. #define LOCK_API_LOCK_LIST_EXCLUSIVE( comment ) \
  73. { \
  74. ScServiceRecordLock.GetExclusive(); \
  75. }
  77. #define UNLOCK_API_LOCK_LIST( comment ) \
  78. { \
  79. ScServiceRecordLock.Release(); \
  80. }
  83. typedef struct _API_LOCK {
  84. struct _API_LOCK *Prev;
  85. struct _API_LOCK *Next;
  86. DWORD Signature; // Must be API_LOCK_SIGNATURE.
  87. LPWSTR DatabaseName;
  88. time_t TimeWhenLocked; // seconds since 1970.
  89. PSID LockOwnerSid; // SID. It is NULL if SC
  90. // Manager grabbed the lock
  91. } API_LOCK, *PAPI_LOCK, *LPAPI_LOCK;
  93. #define API_LOCK_SIGNATURE 0x4C697041 // "ApiL" in ASCII.
  95. //
  96. // List of API_LOCK structures. This list is locked by the macros above.
  97. //
  98. LPAPI_LOCK ScGlobalApiLockList = NULL;
  101. DWORD
  102. ScCreateLock(
  103. IN BOOL IsServiceController,
  104. IN LPWSTR DatabaseName,
  105. IN PSID UserSid OPTIONAL,
  106. OUT LPSC_RPC_LOCK lpLock
  107. );
  110. #if DBG
  111. VOID
  112. ScDumpLockList(
  113. VOID
  114. );
  115. #endif
  118. LPAPI_LOCK
  119. ScFindApiLockForDatabase(
  120. IN LPWSTR DatabaseName
  121. )
  122. /*++
  124. Routine Description:
  127. Arguments:
  130. Return Value:
  132. Pointer to entry in the list (or NULL if not found).
  134. Note:
  136. The caller must have a lock (shared or exclusive) for the api lock list.
  138. --*/
  139. {
  140. LPAPI_LOCK apiLockEntry;
  142. apiLockEntry = ScGlobalApiLockList;
  143. while (apiLockEntry != NULL) {
  144. SC_ASSERT( apiLockEntry->Signature == API_LOCK_SIGNATURE );
  145. if (ScDatabaseNamesMatch( DatabaseName, apiLockEntry->DatabaseName) ) {
  146. return (apiLockEntry);
  147. }
  148. apiLockEntry = apiLockEntry->Next;
  149. }
  151. return (NULL);
  152. }
  155. DWORD
  156. RLockServiceDatabase(
  157. IN SC_RPC_HANDLE hSCManager,
  158. OUT LPSC_RPC_LOCK lpLock
  159. )
  161. /*++
  163. Routine Description:
  166. Arguments:
  169. Return Value:
  172. --*/
  173. {
  174. DWORD status;
  175. LPSC_HANDLE_STRUCT serviceHandleStruct = (LPSC_HANDLE_STRUCT) hSCManager;
  178. SC_ASSERT( lpLock != NULL );
  180. *lpLock = NULL;
  181. if ( !ScIsValidScManagerHandle( hSCManager ) ) {
  182. return (ERROR_INVALID_HANDLE);
  183. }
  185. //
  186. // Do we have permission to do this?
  187. //
  188. if ( !RtlAreAllAccessesGranted(
  189. serviceHandleStruct->AccessGranted,
  190. SC_MANAGER_LOCK
  191. )) {
  192. return (ERROR_ACCESS_DENIED);
  193. }
  195. status = ScLockDatabase(
  196. FALSE,
  197. serviceHandleStruct->Type.ScManagerObject.DatabaseName,
  198. lpLock
  199. );
  201. SC_LOG0( LOCK_API, "Database Lock is ON (from API)\n");
  203. return status;
  204. }
  207. DWORD
  208. RQueryServiceLockStatusW(
  209. IN SC_RPC_HANDLE hSCManager,
  210. OUT LPQUERY_SERVICE_LOCK_STATUSW lpLockStatus,
  211. IN DWORD cbBufSize,
  212. OUT LPDWORD pcbBytesNeeded
  213. )
  215. /*++
  217. Routine Description:
  220. Arguments:
  223. Return Value:
  226. --*/
  227. {
  228. DWORD status;
  230. LPAPI_LOCK apiLockEntry;
  231. DWORD allocSize;
  232. LPWSTR databaseName;
  234. LPWSTR endOfVariableData;
  235. LPWSTR fixedDataEnd;
  237. LPWSTR lockOwner;
  238. DWORD lockOwnerSize;
  240. LPSC_HANDLE_STRUCT serviceHandleStruct = (LPSC_HANDLE_STRUCT) hSCManager;
  243. if ( !ScIsValidScManagerHandle( hSCManager ) ) {
  244. return (ERROR_INVALID_HANDLE);
  245. } else if (lpLockStatus == NULL) {
  246. return (ERROR_INVALID_PARAMETER);
  247. } else if (pcbBytesNeeded == NULL) {
  248. return (ERROR_INVALID_PARAMETER);
  249. }
  251. //
  252. // Do we have permission to do this?
  253. //
  254. if ( !RtlAreAllAccessesGranted(
  255. serviceHandleStruct->AccessGranted,
  256. SC_MANAGER_QUERY_LOCK_STATUS
  257. )) {
  258. return (ERROR_ACCESS_DENIED);
  259. }
  261. LOCK_API_LOCK_LIST_SHARED( "RQueryServiceLockStatusW start" );
  263. databaseName = serviceHandleStruct->Type.ScManagerObject.DatabaseName;
  264. SC_ASSERT( databaseName != NULL );
  267. apiLockEntry = ScFindApiLockForDatabase( databaseName );
  270. if (apiLockEntry == NULL) {
  272. allocSize = sizeof(QUERY_SERVICE_LOCK_STATUSW) + sizeof(WCHAR);
  274. *pcbBytesNeeded = allocSize;
  276. if (cbBufSize < allocSize) {
  277. UNLOCK_API_LOCK_LIST( "RQueryServiceLockStatusW too small" );
  278. return (ERROR_INSUFFICIENT_BUFFER);
  279. }
  281. lpLockStatus->fIsLocked = FALSE;
  283. fixedDataEnd = (LPWSTR) (lpLockStatus + 1);
  285. endOfVariableData = (LPWSTR) ((LPBYTE)lpLockStatus + allocSize);
  287. if (! ScCopyStringToBufferW (
  288. NULL,
  289. 0,
  290. fixedDataEnd,
  291. &endOfVariableData,
  292. &lpLockStatus->lpLockOwner,
  293. NULL
  294. )) {
  296. SC_ASSERT( FALSE );
  297. }
  299. lpLockStatus->dwLockDuration = 0;
  301. UNLOCK_API_LOCK_LIST( "RQueryServiceLockStatusW not found" );
  302. return (NO_ERROR);
  303. }
  306. SC_ASSERT( apiLockEntry->Signature == API_LOCK_SIGNATURE );
  308. status = ScGetLockOwner(
  309. apiLockEntry->LockOwnerSid,
  310. &lockOwner
  311. );
  313. if (status != NO_ERROR) {
  314. UNLOCK_API_LOCK_LIST( "RQueryServiceLockStatusW failed get owner" );
  315. return status;
  316. }
  318. lockOwnerSize = (DWORD) WCSSIZE(lockOwner);
  320. SC_ASSERT( lockOwnerSize > 2 ); // min is ".\x" (domain\user).
  322. allocSize = sizeof(QUERY_SERVICE_LOCK_STATUSW) + lockOwnerSize;
  324. *pcbBytesNeeded = allocSize;
  326. if (allocSize > cbBufSize) {
  328. LocalFree(lockOwner);
  329. UNLOCK_API_LOCK_LIST( "RQueryServiceLockStatusW too small" );
  330. return (ERROR_INSUFFICIENT_BUFFER);
  331. }
  333. //
  334. // Build the QUERY_SERVICE_LOCK_STATUS structure.
  335. //
  336. lpLockStatus->fIsLocked = TRUE;
  338. lpLockStatus->dwLockDuration =
  339. (DWORD)(time(NULL) - apiLockEntry->TimeWhenLocked);
  341. fixedDataEnd = (LPWSTR) (lpLockStatus + 1);
  343. endOfVariableData = (LPWSTR) ((LPBYTE)lpLockStatus + allocSize);
  345. if (! ScCopyStringToBufferW (
  346. lockOwner,
  347. (DWORD) wcslen(lockOwner),
  348. fixedDataEnd,
  349. &endOfVariableData,
  350. &lpLockStatus->lpLockOwner,
  351. NULL
  352. )) {
  354. SC_ASSERT( FALSE );
  355. }
  357. LocalFree(lockOwner);
  359. UNLOCK_API_LOCK_LIST( "RQueryServiceLockStatusW done" );
  361. return (NO_ERROR);
  362. }
  365. DWORD
  366. RUnlockServiceDatabase(
  367. IN OUT LPSC_RPC_LOCK lpLock
  368. )
  370. /*++
  372. Routine Description:
  375. Arguments:
  378. Return Value:
  381. --*/
  382. {
  383. LPAPI_LOCK apiLockEntry;
  385. if (lpLock == NULL) {
  386. return (ERROR_INVALID_SERVICE_LOCK);
  387. }
  388. apiLockEntry = * (LPAPI_LOCK *) (LPVOID) lpLock;
  389. if (apiLockEntry->Signature != API_LOCK_SIGNATURE) {
  390. SC_LOG1( ERROR, "RUnlockServiceDatabase: lock w/o signature at "
  391. FORMAT_LPVOID "\n", (LPVOID) lpLock );
  392. return (ERROR_INVALID_SERVICE_LOCK);
  393. }
  395. //
  396. // We're going to update the linked list, so keep other threads out.
  397. //
  398. LOCK_API_LOCK_LIST_EXCLUSIVE( "RUnlockServiceDatabase start" );
  400. //
  401. // Remove the entry from the lock list. This has the effect of
  402. // unlocking this database.
  403. //
  404. if (apiLockEntry->Prev != NULL) {
  405. apiLockEntry->Prev->Next = apiLockEntry->Next;
  406. }
  407. if (apiLockEntry->Next != NULL) {
  408. apiLockEntry->Next->Prev = apiLockEntry->Prev;
  409. }
  410. if ( (apiLockEntry->Next == NULL) && (apiLockEntry->Prev == NULL) ) {
  411. ScGlobalApiLockList = NULL;
  412. }
  414. //
  415. // Free the storage we allocated for this entry.
  416. //
  417. LocalFree( apiLockEntry );
  418. *lpLock = NULL;
  420. #if DBG
  421. ScDumpLockList();
  422. #endif
  424. //
  425. // OK, it's safe for other threads to muck with the lock list.
  426. //
  427. UNLOCK_API_LOCK_LIST( "RUnlockServiceDatabase done" );
  429. SC_LOG0( LOCK_API,"Database Lock is OFF (from API)\n");
  431. return(NO_ERROR);
  432. }
  435. VOID
  436. SC_RPC_LOCK_rundown(
  437. SC_RPC_LOCK lock
  438. )
  440. /*++
  442. Routine Description:
  444. This function is called by RPC when a connection is broken that had
  445. an outstanding context handle. The value of the context handle is
  446. passed in here so that we have an opportunity to clean up.
  448. Arguments:
  450. lock - This is the handle value of the context handle that is broken.
  452. Return Value:
  454. none.
  456. --*/
  457. {
  458. RUnlockServiceDatabase(&lock);
  459. }
  462. VOID
  463. ScUnlockDatabase(
  464. IN OUT LPSC_RPC_LOCK lpLock
  465. )
  466. /*++
  468. Routine Description:
  470. This function is called by internally by ScStartServiceAndDependencies
  471. to unlock the SC Manager database lock when it is done starting
  472. services.
  474. Arguments:
  476. lpLock - Supplies the address of the pointer to the lock structure.
  477. On output, the pointer is set to NULL.
  479. Return Value:
  481. None.
  483. --*/
  484. {
  485. RUnlockServiceDatabase(lpLock);
  486. }
  489. DWORD
  490. ScLockDatabase(
  491. IN BOOL IsServiceController,
  492. IN LPWSTR DatabaseName,
  493. OUT LPSC_RPC_LOCK lpLock
  494. )
  495. /*++
  497. Routine Description:
  499. This function grabs the external database lock which is used
  500. by setup programs to ensure serialization to the services'
  501. configuration.
  503. It is also called by the service controller itself from
  504. ScStartServiceAndDependencies. We need to grab the database lock
  505. internally when starting services so that setup programs know
  506. that when is an unsafe time to modify service configuration.
  508. When called by the service controller itself, the SID is not
  509. looked up.
  511. Arguments:
  513. IsServiceController - Supplies a flag which is TRUE if this routine
  514. is called by the service controller; FALSE all other times.
  516. DatabaseName - Supplies the name of the database which the lock
  517. is to be acquired.
  519. lpLock - Receives a pointer to the lock entry created.
  522. Return Value:
  524. NO_ERROR or reason for failure.
  526. --*/
  527. {
  528. DWORD status;
  529. LPAPI_LOCK apiLockEntry;
  530. PTOKEN_USER UserInfo = NULL;
  533. SC_ASSERT(DatabaseName != NULL);
  535. LOCK_API_LOCK_LIST_EXCLUSIVE( "ScLockDatabase start" );
  537. //
  538. // Check for another lock.
  539. //
  540. apiLockEntry = ScFindApiLockForDatabase(DatabaseName);
  542. if (apiLockEntry != NULL) {
  543. UNLOCK_API_LOCK_LIST( "ScLockDatabase already locked" );
  544. SC_LOG0(LOCK_API, "ScLockDatabase: Database is already locked\n");
  545. return ERROR_SERVICE_DATABASE_LOCKED;
  546. }
  548. if (! IsServiceController) {
  549. //
  550. // Get the caller's SID
  551. //
  552. if ((status = ScGetClientSid(
  553. &UserInfo
  554. )) != NO_ERROR) {
  555. UNLOCK_API_LOCK_LIST( "ScLockDatabase ScGetClientSid failed" );
  556. return status;
  557. }
  559. status = ScCreateLock(
  560. FALSE, // Non-ScManager caller to grab lock
  561. DatabaseName,
  562. UserInfo->User.Sid,
  563. lpLock
  564. );
  566. LocalFree(UserInfo);
  567. }
  568. else {
  569. status = ScCreateLock(
  570. TRUE, // ScManager caller to grab lock
  571. DatabaseName,
  572. NULL,
  573. lpLock
  574. );
  575. }
  577. #if DBG
  578. ScDumpLockList();
  579. #endif
  581. UNLOCK_API_LOCK_LIST("ScLockDatabase done");
  583. return status;
  584. }
  587. DWORD
  588. ScCreateLock(
  589. IN BOOL IsServiceController,
  590. IN LPWSTR DatabaseName,
  591. IN PSID UserSid OPTIONAL,
  592. OUT LPSC_RPC_LOCK lpLock
  593. )
  594. /*++
  596. Routine Description:
  598. This function is creates a lock entry, fills in the information about
  599. the nature of the lock and insert it into the lock list.
  601. Arguments:
  603. IsServiceController - Supplies a flag which is TRUE if this routine
  604. is called by the service controller; FALSE all other times.
  606. DatabaseName - Supplies the name of the database which the lock
  607. is to be acquired.
  609. UserSid - Supplies the SID of the caller to claim the lock. This
  610. is NULL if IsServiceController is TRUE.
  612. lpLock - Receives a pointer to the lock entry created.
  615. Return Value:
  617. NO_ERROR or reason for failure.
  619. --*/
  620. {
  621. NTSTATUS ntstatus;
  622. DWORD allocSize;
  623. LPAPI_LOCK newLockEntry;
  624. LPAPI_LOCK apiLockEntry;
  627. //
  628. // Build a structure to describe this lock.
  629. //
  630. if (IsServiceController) {
  631. allocSize = sizeof(API_LOCK) + (DWORD) WCSSIZE(DatabaseName);
  632. }
  633. else {
  634. if (! ARGUMENT_PRESENT(UserSid)) {
  635. SC_LOG0(ERROR, "ScCreateLock: UserSid is NULL!\n");
  636. SC_ASSERT(FALSE);
  637. return ERROR_GEN_FAILURE;
  638. }
  640. allocSize = sizeof(API_LOCK) + (DWORD) WCSSIZE(DatabaseName)
  641. + RtlLengthSid(UserSid);
  642. }
  644. newLockEntry = (LPAPI_LOCK) LocalAlloc( LMEM_ZEROINIT, (UINT) allocSize );
  646. if (newLockEntry == NULL) {
  647. SC_LOG1(ERROR,"ScCreateLock: Local Alloc FAILED "
  648. FORMAT_DWORD "\n", GetLastError());
  649. return (ERROR_NOT_ENOUGH_MEMORY);
  650. }
  652. SC_LOG3(LOCK_API,"ScCreateLock: alloc'ed " FORMAT_DWORD
  653. " bytes at " FORMAT_LPVOID " Sid-size " FORMAT_DWORD ".\n",
  654. allocSize, (LPVOID) newLockEntry,
  655. (UserSid) ? RtlLengthSid(UserSid) : 0);
  658. //
  659. // Fill in fields of new lock entry
  660. //
  661. newLockEntry->Signature = API_LOCK_SIGNATURE;
  663. newLockEntry->DatabaseName = (LPWSTR) (newLockEntry + 1);
  664. wcscpy(newLockEntry->DatabaseName, DatabaseName);
  667. if (ARGUMENT_PRESENT(UserSid)) {
  668. newLockEntry->LockOwnerSid = (PSID) ((DWORD_PTR) newLockEntry->DatabaseName +
  669. WCSSIZE(DatabaseName));
  672. SC_LOG1(LOCK_API, "ScCreateLock: Before RtlCopySid, bytes left "
  673. FORMAT_DWORD "\n", ((DWORD_PTR) newLockEntry + allocSize) -
  674. (DWORD_PTR) newLockEntry->LockOwnerSid);
  676. ntstatus = RtlCopySid(
  677. (ULONG)(((DWORD_PTR) newLockEntry + allocSize) - (DWORD_PTR) newLockEntry->LockOwnerSid),
  678. newLockEntry->LockOwnerSid,
  679. UserSid
  680. );
  682. if (! NT_SUCCESS(ntstatus)) {
  683. SC_LOG1(ERROR, "ScCreateLock: RtlCopySid failed " FORMAT_NTSTATUS
  684. "\n", ntstatus);
  686. LocalFree(newLockEntry);
  687. return RtlNtStatusToDosError(ntstatus);
  688. }
  689. }
  690. else {
  691. newLockEntry->LockOwnerSid = (PSID) NULL;
  692. }
  694. newLockEntry->TimeWhenLocked = (DWORD) time( NULL );
  696. //
  697. // Record this lock.
  698. //
  699. if (ScGlobalApiLockList != NULL) {
  701. //
  702. // List is not empty, so just add to end.
  703. //
  704. apiLockEntry = ScGlobalApiLockList;
  705. ADD_TO_LIST( apiLockEntry, newLockEntry );
  707. } else {
  709. //
  710. // List is empty, so start with this (new) entry.
  711. //
  712. ScGlobalApiLockList = newLockEntry;
  713. newLockEntry->Next = NULL;
  714. newLockEntry->Prev = NULL;
  715. }
  717. *lpLock = newLockEntry;
  719. return NO_ERROR;
  720. }
  725. DWORD
  726. ScGetLockOwner(
  727. IN PSID UserSid OPTIONAL,
  728. OUT LPWSTR *LockOwnerName
  729. )
  730. {
  732. DWORD status = NO_ERROR;
  733. NTSTATUS ntstatus;
  734. OBJECT_ATTRIBUTES ObjAttributes;
  735. LSA_HANDLE PolicyHandle;
  737. PLSA_REFERENCED_DOMAIN_LIST ReferencedDomain = NULL;
  738. PLSA_TRANSLATED_NAME Name = NULL;
  740. NT_PRODUCT_TYPE ProductType;
  743. if (! ARGUMENT_PRESENT(UserSid)) {
  745. *LockOwnerName = (LPWSTR)LocalAlloc(
  746. LMEM_ZEROINIT,
  747. WCSSIZE(SC_MANAGER_USERNAME)
  748. );
  750. if (*LockOwnerName == NULL) {
  751. SC_LOG1(ERROR, "ScGetLockOwner: LocalAlloc failed " FORMAT_DWORD
  752. "\n", GetLastError());
  754. return ERROR_NOT_ENOUGH_MEMORY;
  755. }
  757. wcscpy(*LockOwnerName, SC_MANAGER_USERNAME);
  759. return NO_ERROR;
  760. }
  762. //
  763. // Open a handle to the local security policy. Initialize the
  764. // objects attributes structure first.
  765. //
  766. InitializeObjectAttributes(
  767. &ObjAttributes,
  768. NULL,
  769. 0L,
  770. NULL,
  771. NULL
  772. );
  774. ntstatus = LsaOpenPolicy(
  775. NULL,
  776. &ObjAttributes,
  777. POLICY_LOOKUP_NAMES,
  778. &PolicyHandle
  779. );
  781. if (! NT_SUCCESS(ntstatus)) {
  782. SC_LOG(ERROR, "ScGetLockOwner: LsaOpenPolicy returned " FORMAT_NTSTATUS
  783. "\n", ntstatus);
  784. return RtlNtStatusToDosError(ntstatus);
  785. }
  787. //
  788. // Get the name of the specified SID
  789. //
  790. ntstatus = LsaLookupSids(
  791. PolicyHandle,
  792. 1,
  793. &UserSid,
  794. &ReferencedDomain,
  795. &Name
  796. );
  798. if (! NT_SUCCESS(ntstatus))
  799. {
  800. SC_LOG(ERROR, "ScGetLockOwner: LsaLookupNames returned " FORMAT_NTSTATUS
  801. "\n", ntstatus);
  803. status = RtlNtStatusToDosError(ntstatus);
  804. goto CleanExit;
  805. }
  807. if (ReferencedDomain == NULL || Name == NULL)
  808. {
  809. SC_LOG2(ERROR, "ScGetLockOwner: ReferencedDomain=%08lx, Name=%08lx\n",
  810. ReferencedDomain, Name);
  812. status = ERROR_GEN_FAILURE;
  813. goto CleanExit;
  814. }
  815. else
  816. {
  817. LPWSTR Ptr;
  820. if (Name->Use == SidTypeUnknown || Name->Use == SidTypeInvalid) {
  821. SC_LOG0(ERROR, "ScGetLockOwner: Sid is unknown or invalid\n");
  822. status = ERROR_GEN_FAILURE;
  823. goto CleanExit;
  824. }
  826. if (Name->DomainIndex < 0) {
  827. SC_LOG1(ERROR, "ScGetLockOwner: DomainIndex is negative %ld\n",
  828. Name->DomainIndex);
  829. status = ERROR_GEN_FAILURE;
  830. goto CleanExit;
  831. }
  833. if (ReferencedDomain->Entries == 0) {
  834. SC_LOG0(ERROR, "ScGetLockOwner: No ReferencedDomain entry\n");
  835. status = ERROR_GEN_FAILURE;
  836. goto CleanExit;
  837. }
  839. *LockOwnerName = (LPWSTR)LocalAlloc(
  840. LMEM_ZEROINIT,
  841. Name->Name.Length +
  842. ReferencedDomain->Domains[Name->DomainIndex].Name.Length +
  843. 2 * sizeof(WCHAR)
  844. );
  846. if (*LockOwnerName == NULL) {
  847. SC_LOG1(ERROR, "ScGetLockOwner: LocalAlloc failed " FORMAT_DWORD
  848. "\n", GetLastError());
  850. status = ERROR_NOT_ENOUGH_MEMORY;
  851. goto CleanExit;
  852. }
  854. if (! RtlGetNtProductType(&ProductType)) {
  855. status = GetLastError();
  856. SC_LOG1(ERROR, "ScGetLockOwner: RtlGetNtProductType failed "
  857. FORMAT_DWORD "\n", status);
  858. LocalFree(*LockOwnerName);
  859. goto CleanExit;
  860. }
  862. if (ProductType != NtProductLanManNt) {
  864. status = ScGetAccountDomainInfo();
  866. if (status != NO_ERROR) {
  867. LocalFree(*LockOwnerName);
  868. goto CleanExit;
  869. }
  871. if (RtlEqualUnicodeString(
  872. &(ReferencedDomain->Domains[Name->DomainIndex].Name),
  873. &ScAccountDomain,
  874. TRUE
  875. )
  876. ||
  878. RtlEqualUnicodeString(
  879. &(ReferencedDomain->Domains[Name->DomainIndex].Name),
  880. &ScComputerName,
  881. TRUE
  882. )
  884. ) {
  886. //
  887. // We are WinNT and the user who has the lock is logged on to
  888. // a local account. Convert the local domain name to "."
  889. //
  890. wcscpy(*LockOwnerName, SC_LOCAL_DOMAIN_NAME);
  891. }
  892. else {
  893. goto ReturnRefDomain;
  894. }
  896. }
  897. else {
  899. ReturnRefDomain:
  900. memcpy(
  901. *LockOwnerName,
  902. ReferencedDomain->Domains[Name->DomainIndex].Name.Buffer,
  903. ReferencedDomain->Domains[Name->DomainIndex].Name.Length
  904. );
  906. }
  908. Ptr = *LockOwnerName + wcslen(*LockOwnerName);
  910. *Ptr = SCDOMAIN_USERNAME_SEPARATOR;
  912. Ptr++;
  914. memcpy(
  915. Ptr,
  916. Name->Name.Buffer,
  917. Name->Name.Length
  918. );
  919. }
  921. CleanExit:
  923. if (ReferencedDomain != NULL) {
  924. LsaFreeMemory(ReferencedDomain);
  925. }
  927. if (Name != NULL) {
  928. LsaFreeMemory(Name);
  929. }
  931. LsaClose(PolicyHandle);
  933. return status;
  934. }
  936. #if DBG
  937. VOID
  938. ScDumpLockList(
  939. VOID
  940. )
  941. {
  943. LPAPI_LOCK LockEntry = ScGlobalApiLockList;
  944. LPWSTR LockOwner;
  947. if (LockEntry == NULL) {
  948. KdPrintEx((DPFLTR_SCSERVER_ID, DEBUG_LOCK_API, "\nLock list is NULL\n"));
  950. return;
  951. }
  953. KdPrintEx((DPFLTR_SCSERVER_ID, DEBUG_LOCK_API, "\nScDumpLockList:\n"));
  955. while (LockEntry != NULL) {
  957. if (ScGetLockOwner(LockEntry->LockOwnerSid, &LockOwner) == NO_ERROR) {
  959. KdPrintEx((DPFLTR_SCSERVER_ID,
  960. DEBUG_LOCK_API,
  961. "LockOwner: " FORMAT_LPWSTR "\n",
  962. LockOwner));
  964. KdPrintEx((DPFLTR_SCSERVER_ID,
  965. DEBUG_LOCK_API,
  966. "LockDuration: " FORMAT_DWORD "\n",
  967. ((DWORD)time(NULL)) - LockEntry->TimeWhenLocked));
  969. KdPrintEx((DPFLTR_SCSERVER_ID,
  970. DEBUG_LOCK_API,
  971. "LockDatabase: " FORMAT_LPWSTR "\n",
  972. LockEntry->DatabaseName));
  974. LocalFree(LockOwner);
  975. }
  977. LockEntry = LockEntry->Next;
  978. }
  980. }
  981. #endif