|
|
// *********************************************************************************
//
// Copyright (c) Microsoft Corporation
//
// Module Name:
//
// TaskKill.h
//
// Abstract:
//
// macros and function prototypes of TaskKill.cpp
//
// Author:
//
// Sunil G.V.N. Murali ([email protected]) 26-Nov-2000
//
// Revision History:
//
// Sunil G.V.N. Murali ([email protected]) 26-Nov-2000 : Created It.
//
// *********************************************************************************
#ifndef _TASKKILL_H
#define _TASKKILL_H
// resource header file
#include "resource.h"
//
// NOTE: THIS MODULE WILL WRITTEN IN SUCH A FASHION THAT IT WORKS ONLY
// IN UNICODE BUILD COMPILATION
//
#ifndef UNICODE
#error Must compile only in unicode build environment
#endif
//
// general purpose macros
//
#define DISPLAY_GET_REASON() ShowMessageEx( stderr, 2, FALSE, L"%1 %2", \
TAG_ERROR, GetReason() )
#define EXIT_PROCESS( exitcode ) \
ReleaseGlobals(); \ return (exitcode); \ 1
#define RELEASE_MEMORY_EX( block ) \
if ( (block) != NULL ) \ { \ FreeMemory( ( LPVOID * ) &( block )); \ } \ 1
#define DESTROY_ARRAY( array ) \
if ( (array) != NULL ) \ { \ DestroyDynamicArray( &(array) ); \ (array) = NULL; \ } \ 1
//
// winstation related structures ( extract from winsta.h - internal file )
//
//
// structures
typedef struct _CITRIX_PROCESS_INFORMATION { ULONG MagicNumber; ULONG LogonId; PVOID ProcessSid; ULONG Pad;} CITRIX_PROCESS_INFORMATION, * PCITRIX_PROCESS_INFORMATION;
// ...
typedef struct _TS_UNICODE_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer;} TS_UNICODE_STRING;
// CAUTION:
// TS_SYSTEM_PROCESS_INFORMATION is duplicated from ntexapi.h, and slightly modified.
// (not nice, but necessary because the Midl compiler doesn't like PVOID !)
typedef struct _TS_SYSTEM_PROCESS_INFORMATION { ULONG NextEntryOffset; ULONG NumberOfThreads; LARGE_INTEGER SpareLi1; LARGE_INTEGER SpareLi2; LARGE_INTEGER SpareLi3; LARGE_INTEGER CreateTime; LARGE_INTEGER UserTime; LARGE_INTEGER KernelTime; TS_UNICODE_STRING ImageName; LONG BasePriority; // KPRIORITY in ntexapi.h
DWORD UniqueProcessId; // HANDLE in ntexapi.h
DWORD InheritedFromUniqueProcessId; // HANDLE in ntexapi.h
ULONG HandleCount; ULONG SessionId; ULONG SpareUl3; SIZE_T PeakVirtualSize; SIZE_T VirtualSize; ULONG PageFaultCount; ULONG PeakWorkingSetSize; ULONG WorkingSetSize; SIZE_T QuotaPeakPagedPoolUsage; SIZE_T QuotaPagedPoolUsage; SIZE_T QuotaPeakNonPagedPoolUsage; SIZE_T QuotaNonPagedPoolUsage; SIZE_T PagefileUsage; SIZE_T PeakPagefileUsage; SIZE_T PrivatePageCount;} TS_SYSTEM_PROCESS_INFORMATION, *PTS_SYSTEM_PROCESS_INFORMATION;
// ...
typedef struct _TS_ALL_PROCESSES_INFO { PTS_SYSTEM_PROCESS_INFORMATION pspiProcessInfo; DWORD SizeOfSid; PBYTE pSid;} TS_ALL_PROCESSES_INFO, *PTS_ALL_PROCESSES_INFO;
// defines
#define SERVERNAME_CURRENT ((HANDLE)NULL)
#define GAP_LEVEL_BASIC 0
#define CITRIX_PROCESS_INFO_MAGIC 0x23495452
#define WINSTA_DLLNAME L"Winsta.dll"
#define FUNCNAME_WinStationFreeMemory "WinStationFreeMemory"
#define FUNCNAME_WinStationCloseServer "WinStationCloseServer"
#define FUNCNAME_WinStationOpenServerW "WinStationOpenServerW"
#define FUNCNAME_WinStationEnumerateProcesses "WinStationEnumerateProcesses"
#define FUNCNAME_WinStationFreeGAPMemory "WinStationFreeGAPMemory"
#define FUNCNAME_WinStationGetAllProcesses "WinStationGetAllProcesses"
#define SIZEOF_SYSTEM_THREAD_INFORMATION sizeof( struct SYSTEM_THREAD_INFORMATION )
#define SIZEOF_SYSTEM_PROCESS_INFORMATION sizeof( struct SYSTEM_PROCESS_INFORMATION )
//
// function prototypes
typedef BOOLEAN (WINAPI * FUNC_WinStationFreeMemory)( PVOID pBuffer );typedef BOOLEAN (WINAPI * FUNC_WinStationCloseServer)( HANDLE hServer );typedef HANDLE (WINAPI * FUNC_WinStationOpenServerW)( LPWSTR pwszServerName );typedef BOOLEAN (WINAPI * FUNC_WinStationEnumerateProcesses)( HANDLE hServer, PVOID *ppProcessBuffer );typedef BOOLEAN (WINAPI * FUNC_WinStationFreeGAPMemory)( ULONG Level, PVOID ProcessArray, ULONG ulCount );typedef BOOLEAN (WINAPI * FUNC_WinStationGetAllProcesses)( HANDLE hServer, ULONG Level, ULONG *pNumberOfProcesses, PVOID *ppProcessArray );
//
// constants / defines / enumerations
//
//
// WMI related stuff
// class name
#define CLASS_PROCESS L"Win32_Process"
// wmi query
#define WMI_QUERY_TYPE L"WQL"
#define WMI_SERVICE_QUERY L"SELECT Name FROM Win32_Service WHERE ProcessId = %d and State=\"Running\""
#define WMI_MODULES_QUERY L"ASSOCIATORS OF {%s} WHERE ResultClass = CIM_DataFile"
#define WMI_PROCESS_QUERY \
L"SELECT " \ L"__PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, " \ L"WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId " \ L"FROM Win32_Process"
// wmi query operators etc
#define WMI_QUERY_FIRST_CLAUSE L"WHERE ("
#define WMI_QUERY_SECOND_CLAUSE L"AND"
// Win32_Process class properties
#define WIN32_PROCESS_SYSPROPERTY_PATH L"__PATH"
#define WIN32_PROCESS_PROPERTY_HANDLE L"Handle"
#define WIN32_PROCESS_PROPERTY_COMPUTER L"CSName"
#define WIN32_PROCESS_PROPERTY_IMAGENAME L"Caption"
#define WIN32_PROCESS_PROPERTY_PROCESSID L"ProcessId"
#define WIN32_PROCESS_PROPERTY_SESSION L"SessionId"
#define WIN32_PROCESS_PROPERTY_THREADS L"ThreadCount"
#define WIN32_PROCESS_PROPERTY_USERMODETIME L"UserModeTime"
#define WIN32_PROCESS_PROPERTY_MEMUSAGE L"WorkingSetSize"
#define WIN32_PROCESS_PROPERTY_KERNELMODETIME L"KernelModeTime"
#define WIN32_PROCESS_PROPERTY_PARENTPROCESSID L"ParentProcessId"
// Win32_Process class method(s)
#define WIN32_PROCESS_METHOD_GETOWNER L"GetOwner"
#define WIN32_PROCESS_METHOD_TERMINATE L"Terminate"
// GetOwner method's return values
#define GETOWNER_RETURNVALUE_USER L"User"
#define GETOWNER_RETURNVALUE_DOMAIN L"Domain"
// Terminate input values
#define TERMINATE_INPARAM_REASON L"Reason"
// function default return value
#define WMI_RETURNVALUE L"ReturnValue"
// Win32_Service related stuff
#define WIN32_SERVICE_PROPERTY_NAME L"Name"
// CIM_DataFile related stuff
#define CIM_DATAFILE_PROPERTY_FILENAME L"FileName"
#define CIM_DATAFILE_PROPERTY_EXTENSION L"Extension"
//
// other stuff
#define VALUE_RUNNING GetResString( IDS_VALUE_RUNNING )
#define VALUE_NOTRESPONDING GetResString( IDS_VALUE_NOTRESPONDING )
#define VALUE_UNKNOWN GetResString( IDS_VALUE_UNKNOWN )
#define PID_0_DOMAIN GetResString( IDS_PID_0_DOMAIN )
#define PID_0_USERNAME GetResString( IDS_PID_0_USERNAME )
// messages
#define MSG_KILL_SUCCESS GetResString( IDS_MSG_KILL_SUCCESS )
#define MSG_KILL_SUCCESS_QUEUED GetResString( IDS_MSG_KILL_SUCCESS_QUEUED )
#define MSG_KILL_SUCCESS_EX GetResString( IDS_MSG_KILL_SUCCESS_EX )
#define MSG_KILL_SUCCESS_QUEUED_EX GetResString( IDS_MSG_KILL_SUCCESS_QUEUED_EX )
#define MSG_TREE_KILL_SUCCESS GetResString( IDS_MSG_TREE_KILL_SUCCESS )
#define MSG_TREE_KILL_SUCCESS_QUEUED GetResString( IDS_MSG_TREE_KILL_SUCCESS_QUEUED )
#define ERROR_TREE_KILL_FAILED GetResString( IDS_ERROR_TREE_KILL_FAILED )
#define ERROR_TASK_HAS_CHILDS GetResString( IDS_ERROR_TASK_HAS_CHILDS )
#define ERROR_KILL_FAILED GetResString( IDS_ERROR_KILL_FAILED )
#define ERROR_KILL_FAILED_EX GetResString( IDS_ERROR_KILL_FAILED_EX )
#define ERROR_PROCESS_NOTFOUND GetResString( IDS_ERROR_PROCESS_NOTFOUND )
#define ERROR_NO_PROCESSES GetResString( IDS_ERROR_NO_PROCESSES )
#define ERROR_UNABLE_TO_TERMINATE GetResString( IDS_ERROR_UNABLE_TO_TERMINATE )
#define ERROR_CRITICAL_SYSTEM_PROCESS GetResString( IDS_ERROR_CRITICAL_SYSTEM_PROCESS )
#define ERROR_CANNOT_KILL_SILENTLY GetResString( IDS_ERROR_CANNOT_KILL_SILENTLY )
#define ERROR_CANNOT_KILL_ITSELF GetResString( IDS_ERROR_CANNOT_KILL_ITSELF )
#define ERROR_COM_ERROR GetResString( IDS_ERROR_COM_ERROR )
#define ERROR_USERNAME_BUT_NOMACHINE GetResString( IDS_ERROR_USERNAME_BUT_NOMACHINE )
#define ERROR_PASSWORD_BUT_NOUSERNAME GetResString( IDS_ERROR_PASSWORD_BUT_NOUSERNAME )
#define ERROR_USERNAME_EMPTY GetResString( IDS_ERROR_USERNAME_EMPTY )
#define ERROR_SERVER_EMPTY GetResString( IDS_ERROR_SERVER_EMPTY )
#define ERROR_WILDCARD_WITHOUT_FILTERS GetResString( IDS_ERROR_WILDCARD_WITHOUT_FILTERS )
#define ERROR_PID_OR_IM_ONLY GetResString( IDS_ERROR_PID_OR_IM_ONLY )
#define ERROR_NO_PID_AND_IM GetResString( IDS_ERROR_NO_PID_AND_IM )
#define ERROR_STRING_FOR_PID GetResString( IDS_ERROR_STRING_FOR_PID )
#define ERROR_INVALID_USAGE_REQUEST GetResString( IDS_ERROR_INVALID_USAGE_REQUEST )
#define ERROR_PLATFORM_SHOULD_BE_X86 GetResString( IDS_ERROR_PLATFORM_SHOULD_BE_X86 )
//
// command line options and their indexes in the array
#define MAX_OPTIONS 9
// supported options ( do not localize )
#define OPTION_USAGE L"?"
#define OPTION_SERVER L"s"
#define OPTION_USERNAME L"u"
#define OPTION_PASSWORD L"p"
#define OPTION_FORCE L"f"
#define OPTION_FILTER L"fi"
#define OPTION_PID L"pid"
#define OPTION_IMAGENAME L"im"
#define OPTION_TREE L"t"
// indexes
#define OI_USAGE 0
#define OI_SERVER 1
#define OI_USERNAME 2
#define OI_PASSWORD 3
#define OI_FORCE 4
#define OI_FILTER 5
#define OI_PID 6
#define OI_IMAGENAME 7
#define OI_TREE 8
//
// filter details
#define MAX_FILTERS 10
// supported filters
#define FILTER_STATUS GetResString( IDS_FILTER_STATUS )
#define FILTER_IMAGENAME GetResString( IDS_FILTER_IMAGENAME )
#define FILTER_PID GetResString( IDS_FILTER_PID )
#define FILTER_SESSION GetResString( IDS_FILTER_SESSION )
#define FILTER_CPUTIME GetResString( IDS_FILTER_CPUTIME )
#define FILTER_MEMUSAGE GetResString( IDS_FILTER_MEMUSAGE )
#define FILTER_USERNAME GetResString( IDS_FILTER_USERNAME )
#define FILTER_SERVICES GetResString( IDS_FILTER_SERVICES )
#define FILTER_WINDOWTITLE GetResString( IDS_FILTER_WINDOWNAME )
#define FILTER_MODULES GetResString( IDS_FILTER_MODULES )
#define FI_STATUS 0
#define FI_IMAGENAME 1
#define FI_PID 2
#define FI_SESSION 3
#define FI_CPUTIME 4
#define FI_MEMUSAGE 5
#define FI_USERNAME 6
#define FI_SERVICES 7
#define FI_WINDOWTITLE 8
#define FI_MODULES 9
// values supported by 'status' filter
#define FVALUES_STATUS GetResString( IDS_FVALUES_STATUS )
// operators supported
#define OPERATORS_STRING GetResString( IDS_OPERATORS_STRING )
#define OPERATORS_NUMERIC GetResString( IDS_OPERATORS_NUMERIC )
// max. columns ( information ) to be stored for one task
#define MAX_TASKSINFO 18
// task info indexes
#define TASK_HOSTNAME 0
#define TASK_IMAGENAME 1
#define TASK_PID 2
#define TASK_SESSIONNAME 3
#define TASK_SESSION 4
#define TASK_MEMUSAGE 5
#define TASK_STATUS 6
#define TASK_USERNAME 7
#define TASK_CPUTIME 8
#define TASK_WINDOWTITLE 9
#define TASK_SERVICES 10
#define TASK_MODULES 11
// always hidden
#define TASK_HWND 12
#define TASK_WINSTA 13
#define TASK_DESK 14
#define TASK_CREATINGPROCESSID 15
#define TASK_OBJPATH 16
#define TASK_RANK 17
#define NULL_STRING L"\0"
//
// CTaskKill
//
class CTaskKill{public: // enumerators
enum { twiProcessId = 0, twiWinSta = 1, twiDesktop = 2, twiHandle = 3, twiTitle = 4, twiHungInfo = 5, twiCOUNT, };
// constructor / destructor
public: CTaskKill(); ~CTaskKill();
// data memebers
private: // input arguments
BOOL m_bTree; // -tr
BOOL m_bForce; // -fo
CHString m_strServer; // -s
CHString m_strUserName; // -u
CHString m_strPassword; // -p
TARRAY m_arrFilters; // -fi
TARRAY m_arrTasksToKill; // ( defaults = -im and -pid )
// WMI Query
CHString m_strQuery;
// other(s)
DWORD m_dwCurrentPid; BOOL m_bNeedPassword; BOOL m_bNeedModulesInfo; TARRAY m_arrFiltersEx; // parsed filters info
TARRAY m_arrWindowTitles; // window titles
BOOL m_bNeedServicesInfo; // determines whether services info has to gathered or not
BOOL m_bNeedUserContextInfo; // determines whether userinfo has to gathered or not
PTFILTERCONFIG m_pfilterConfigs; // filters config information
// WMI / COM interfaces
IWbemLocator* m_pWbemLocator; IWbemServices* m_pWbemServices; IEnumWbemClassObject* m_pWbemEnumObjects; IWbemClassObject* m_pWbemTerminateInParams;
// WMI connectivity
COAUTHIDENTITY* m_pAuthIdentity;
// output data
TARRAY m_arrRecord; DWORD m_dwProcessId; CHString m_strImageName; BOOL m_bTasksOptimized; BOOL m_bFiltersOptimized;
// winstation related stuff
CHString m_strUNCServer; // server name
BOOL m_bIsHydra; HMODULE m_hWinstaLib; PBYTE m_pProcessInfo; ULONG m_ulNumberOfProcesses; BOOL m_bCloseConnection;
// services related stuff
DWORD m_dwServicesCount; LPENUM_SERVICE_STATUS_PROCESS m_pServicesInfo;
// modules related stuff ( remote only )
BOOL m_bUseRemote; PPERF_DATA_BLOCK m_pdb;
//
// functions
FUNC_WinStationFreeMemory m_pfnWinStationFreeMemory; FUNC_WinStationOpenServerW m_pfnWinStationOpenServerW; FUNC_WinStationCloseServer m_pfnWinStationCloseServer; FUNC_WinStationFreeGAPMemory m_pfnWinStationFreeGAPMemory; FUNC_WinStationGetAllProcesses m_pfnWinStationGetAllProcesses; FUNC_WinStationEnumerateProcesses m_pfnWinStationEnumerateProcesses;
public: BOOL m_bUsage; // -?
BOOL m_bLocalSystem;
// functions
private: BOOL CanTerminate(); BOOL Kill(); BOOL KillProcessOnLocalSystem(); BOOL ForciblyKillProcessOnLocalSystem(); BOOL ForciblyKillProcessOnRemoteSystem(); LONG MatchTaskToKill( DWORD& dwMatchedIndex );
// helpers
VOID DoOptimization(); VOID SaveData( IWbemClassObject* pWmiObject ); VOID SetMemUsage( IWbemClassObject* pWmiObject ); VOID SetCPUTime( IWbemClassObject* pWmiObject ); VOID SetUserContext( IWbemClassObject* pWmiObject ); VOID SetWindowTitle( void ); VOID SetServicesInfo( void ); BOOL SetModulesInfo( void );
// ...
BOOL LoadTasksEx(); BOOL LoadModulesInfo(); BOOL LoadServicesInfo(); BOOL GetModulesOnRemote( TARRAY arrModules ); BOOL GetModulesOnRemoteEx( TARRAY arrModules ); BOOL LoadModulesOnLocal( TARRAY arrModules ); BOOL LoadUserNameFromWinsta( CHString& strDomain, CHString& strUserName );
// winsta functions
BOOLEAN WinStationFreeMemory( PVOID pBuffer ); BOOLEAN WinStationCloseServer( HANDLE hServer ); HANDLE WinStationOpenServerW( LPWSTR pwszServerName ); BOOLEAN WinStationEnumerateProcesses( HANDLE hServer, PVOID *ppProcessBuffer ); BOOLEAN WinStationFreeGAPMemory( ULONG Level, PVOID ProcessArray, ULONG ulCount ); BOOLEAN WinStationGetAllProcesses( HANDLE hServer, ULONG Level, ULONG *pNumberOfProcesses, PVOID *ppProcessArray );public: VOID Usage(); BOOL Initialize(); VOID PrepareColumns(); BOOL ValidateFilters(); BOOL ProcessOptions( DWORD argc, LPCTSTR argv[] );
// functionality related
BOOL Connect(); BOOL LoadTasks(); BOOL EnableDebugPriv(); BOOL DoTerminate( DWORD& dwTerminate );};
//
// public functions
//
#endif // _TASKLIST_H
|
