Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

535 lines
14 KiB

  1. /*++
  2. Copyright (c) 1995 Microsoft Corporation
  3. Module Name:
  4. syssec.c
  5. Abstract:
  6. Security installation routines.
  7. Author:
  8. Vijesh Shetty (vijeshs) 6-Mar-1997
  9. Revision History:
  10. --*/
  11. #include "setupp.h"
  12. #include "scesetup.h"
  13. #pragma hdrstop
  14. #if DBG
  15. #define SEC_DEBUG 1
  16. #else
  17. #define SEC_DEBUG 0
  18. #endif
  19. #define SECURITY_WKS_INF_FILE L"defltwk.inf"
  20. #define SECURITY_SRV_INF_FILE L"defltsv.inf"
  21. //
  22. // Structure for thread parameter
  23. //
  24. typedef struct _SYSSEC_THREAD_PARAMS {
  25. HWND Window;
  26. HWND ProgressWindow;
  27. DWORD ThreadId;
  28. ULONG Sec_StartAtPercent;
  29. ULONG Sec_StopAtPercent;
  30. BOOL SendWmQuit;
  31. } SYSSEC_THREAD_PARAMS, *PSYSSEC_THREAD_PARAMS;
  32. BOOL SetupSecurityGaugeUpdate(
  33. IN HWND Window,
  34. IN UINT NotificationCode,
  35. IN UINT NotificationSpecificValue,
  36. IN LPARAM lParam );
  37. HWND SetupProgWindow;
  38. HANDLE SceSetupRootSecurityThreadHandle = NULL;
  39. BOOL bSceSetupRootSecurityComplete = FALSE;
  40. DWORD
  41. pSetupInstallSecurity(
  42. IN PVOID ThreadParam
  43. )
  44. {
  45. BOOL b;
  46. BOOL Success;
  47. UINT i;
  48. UINT GaugeRange;
  49. PSYSSEC_THREAD_PARAMS Context;
  50. DWORD NumberOfTicks;
  51. DWORD_PTR ret;
  52. HINSTANCE Dll_Handle;
  53. FARPROC SceSystem;
  54. WCHAR SecurityLogPath[MAX_PATH];
  55. DWORD Result;
  56. KdPrintEx((DPFLTR_SETUP_ID,
  57. DPFLTR_INFO_LEVEL,
  58. "SETUP: Entering Security Block. \n"));
  59. Context = ThreadParam;
  60. //
  61. // Assume success.
  62. //
  63. Success = TRUE;
  64. try{
  65. if ( (Dll_Handle = LoadLibrary( L"scecli.dll" )) &&
  66. (SceSystem = GetProcAddress(Dll_Handle,"SceSetupSystemByInfName")) ) {
  67. Result = GetWindowsDirectory( SecurityLogPath, MAX_PATH );
  68. if( Result == 0) {
  69. MYASSERT(FALSE);
  70. return FALSE;
  71. }
  72. pSetupConcatenatePaths( SecurityLogPath, L"security\\logs\\scesetup.log", (sizeof(SecurityLogPath)/sizeof(WCHAR)), NULL );
  73. //
  74. //Call for no. of ticks
  75. //
  76. if ( ret = SceSystem(ProductType ? SECURITY_SRV_INF_FILE : SECURITY_WKS_INF_FILE,
  77. SecurityLogPath,
  78. Upgrade ? 0 : (AREA_FILE_SECURITY | AREA_REGISTRY_SECURITY),
  79. Upgrade ? (SCESETUP_QUERY_TICKS | SCESETUP_UPGRADE_SYSTEM) : SCESETUP_QUERY_TICKS,
  80. SetupSecurityGaugeUpdate,
  81. (PVOID)&NumberOfTicks) ) {
  82. KdPrintEx((DPFLTR_SETUP_ID,
  83. DPFLTR_WARNING_LEVEL,
  84. "SETUP: Error in SCE while querying ticks - (%d)\n",
  85. ret));
  86. SetuplogError(
  87. LogSevError,
  88. SETUPLOG_USE_MESSAGEID,
  89. MSG_LOG_SCE_SETUP_ERROR,
  90. NULL,
  91. SETUPLOG_USE_MESSAGEID,
  92. ret, NULL, NULL);
  93. Success = FALSE;
  94. } else {
  95. GaugeRange = (NumberOfTicks*100/(Context->Sec_StopAtPercent - Context->Sec_StartAtPercent));
  96. SendMessage(Context->ProgressWindow, WMX_PROGRESSTICKS, NumberOfTicks, 0);
  97. SendMessage(Context->ProgressWindow,PBM_SETRANGE,0,MAKELPARAM(0,GaugeRange));
  98. SendMessage(Context->ProgressWindow,PBM_SETPOS,GaugeRange*Context->Sec_StartAtPercent/100,0);
  99. SendMessage(Context->ProgressWindow,PBM_SETSTEP,1,0);
  100. if ( ret = SceSystem(ProductType ? SECURITY_SRV_INF_FILE : SECURITY_WKS_INF_FILE,
  101. SecurityLogPath,
  102. Upgrade ? 0 : (AREA_FILE_SECURITY | AREA_REGISTRY_SECURITY),
  103. Upgrade ? SCESETUP_UPGRADE_SYSTEM : SCESETUP_CONFIGURE_SECURITY,
  104. SetupSecurityGaugeUpdate,
  105. (PVOID)(Context->ProgressWindow) )) {
  106. KdPrintEx((DPFLTR_SETUP_ID,
  107. DPFLTR_WARNING_LEVEL,
  108. "SETUP: Error in SCE while setting security - (%d)\n",
  109. ret));
  110. SetuplogError(
  111. LogSevError,
  112. SETUPLOG_USE_MESSAGEID,
  113. MSG_LOG_SCE_SETUP_ERROR,
  114. NULL,
  115. SETUPLOG_USE_MESSAGEID,
  116. ret, NULL, NULL);
  117. Success = FALSE;
  118. }
  119. }
  120. FreeLibrary(Dll_Handle);
  121. } else {
  122. if ( Dll_Handle )
  123. FreeLibrary(Dll_Handle);
  124. KdPrintEx((DPFLTR_SETUP_ID,
  125. DPFLTR_WARNING_LEVEL,
  126. "SETUP: Error while loading SCE\n"));
  127. SetuplogError(
  128. LogSevError,
  129. SETUPLOG_USE_MESSAGEID,
  130. MSG_LOG_LOAD_SECURITY_LIBRARY_FAILED,NULL,NULL);
  131. }
  132. } except(EXCEPTION_EXECUTE_HANDLER) {
  133. KdPrintEx((DPFLTR_SETUP_ID,
  134. DPFLTR_WARNING_LEVEL,
  135. "SETUP: Exception in SCE while applying default security \n"));
  136. SetuplogError(
  137. LogSevError,
  138. SETUPLOG_USE_MESSAGEID,
  139. MSG_LOG_SCE_EXCEPTION,NULL,NULL);
  140. }
  141. SendMessage(Context->ProgressWindow,PBM_SETPOS,(GaugeRange*Context->Sec_StopAtPercent/100),0);
  142. if ( Context->SendWmQuit ) {
  143. //
  144. // We send WM_QUIT only if this routine was started as a separate thread.
  145. // Otherwise, the WM_QUIT will be processed by the wizard, and it will make it stop.
  146. //
  147. PostThreadMessage(Context->ThreadId,WM_QUIT,Success,0);
  148. }
  149. KdPrintEx((DPFLTR_SETUP_ID,
  150. DPFLTR_INFO_LEVEL,
  151. "SETUP: Leaving Security Block. \n"));
  152. return(Success);
  153. }
  154. BOOL
  155. SetupInstallSecurity(
  156. IN HWND Window,
  157. IN HWND ProgressWindow,
  158. IN ULONG StartAtPercent,
  159. IN ULONG StopAtPercent
  160. )
  161. /*++
  162. Routine Description:
  163. Implement Security at start of GUI Setup.
  164. Arguments:
  165. Window - supplies window handle for Window that is to be the
  166. parent/owner for any dialogs that are created, etc.
  167. ProgressWindow - supplies window handle of progress bar Window
  168. common control. This routine manages the progress bar.
  169. StartAtPercent - Position where the progress window should start (0% to 100%).
  170. StopAtPercent - Maximum position where the progress window can be moved to (0% to 100%).
  171. Return Value:
  172. Boolean value indicating whether all operations completed successfully.
  173. --*/
  174. {
  175. DWORD ThreadId;
  176. HANDLE ThreadHandle = NULL;
  177. MSG msg;
  178. SYSSEC_THREAD_PARAMS Context;
  179. BOOL Success;
  180. Context.ThreadId = GetCurrentThreadId();
  181. Context.Window = Window;
  182. Context.Sec_StartAtPercent = StartAtPercent;
  183. Context.Sec_StopAtPercent = StopAtPercent;
  184. Context.SendWmQuit = TRUE;
  185. Context.ProgressWindow = ProgressWindow;
  186. ThreadHandle = CreateThread(
  187. NULL,
  188. 0,
  189. pSetupInstallSecurity,
  190. &Context,
  191. 0,
  192. &ThreadId
  193. );
  194. if (ThreadHandle) {
  195. CloseHandle(ThreadHandle);
  196. //
  197. // Pump the message queue and wait for the thread to finish.
  198. //
  199. do {
  200. GetMessage(&msg,NULL,0,0);
  201. if (msg.message != WM_QUIT) {
  202. DispatchMessage(&msg);
  203. }
  204. } while (msg.message != WM_QUIT);
  205. Success = (BOOL)msg.wParam;
  206. } else {
  207. //
  208. // Just do it synchronously.
  209. //
  210. Context.SendWmQuit = FALSE;
  211. Success = pSetupInstallSecurity(&Context);
  212. }
  213. return(Success);
  214. }
  215. BOOL
  216. SetupSecurityGaugeUpdate(
  217. IN HWND Window,
  218. IN UINT NotificationCode,
  219. IN UINT NotificationSpecificValue,
  220. IN LPARAM lParam )
  221. {
  222. SendMessage(Window,PBM_STEPIT,0,0);
  223. return( TRUE );
  224. }
  225. VOID
  226. CallSceGenerateTemplate( VOID )
  227. {
  228. HINSTANCE Dll_Handle;
  229. FARPROC SceCall;
  230. try{
  231. if ( (Dll_Handle = LoadLibrary( L"scecli.dll" )) &&
  232. (SceCall = GetProcAddress(Dll_Handle,"SceSetupBackupSecurity")) ) {
  233. // We don't log errors for this call
  234. KdPrintEx((DPFLTR_SETUP_ID,
  235. DPFLTR_INFO_LEVEL,
  236. "SETUP: SCE Generating Security Template. \n"));
  237. SceCall( NULL );
  238. KdPrintEx((DPFLTR_SETUP_ID,
  239. DPFLTR_INFO_LEVEL,
  240. "SETUP: SCE Generating Security Template. Done ! \n"));
  241. FreeLibrary( Dll_Handle );
  242. } else {
  243. if ( Dll_Handle )
  244. FreeLibrary(Dll_Handle);
  245. KdPrintEx((DPFLTR_SETUP_ID,
  246. DPFLTR_WARNING_LEVEL,
  247. "SETUP: Error while loading SCE\n"));
  248. SetuplogError(
  249. LogSevError,
  250. SETUPLOG_USE_MESSAGEID,
  251. MSG_LOG_LOAD_SECURITY_LIBRARY_FAILED,NULL,NULL);
  252. }
  253. } except(EXCEPTION_EXECUTE_HANDLER) {
  254. KdPrintEx((DPFLTR_SETUP_ID,
  255. DPFLTR_WARNING_LEVEL,
  256. "SETUP: Exception in SCE while generating security template (non-critical) \n"));
  257. SetuplogError(
  258. LogSevError,
  259. SETUPLOG_USE_MESSAGEID,
  260. MSG_LOG_SCE_EXCEPTION,NULL,NULL);
  261. }
  262. return;
  263. }
  264. VOID
  265. CallSceConfigureServices( VOID )
  266. {
  267. HINSTANCE Dll_Handle;
  268. FARPROC SceCall;
  269. try{
  270. if ( (Dll_Handle = LoadLibrary( L"scecli.dll" )) &&
  271. (SceCall = GetProcAddress(Dll_Handle,"SceSetupConfigureServices")) ) {
  272. // We don't log errors for this call
  273. KdPrintEx((DPFLTR_SETUP_ID,
  274. DPFLTR_INFO_LEVEL,
  275. "SETUP: SCE Configuring services. \n"));
  276. SceCall( ProductType );
  277. KdPrintEx((DPFLTR_SETUP_ID,
  278. DPFLTR_INFO_LEVEL,
  279. "SETUP: SCE Configuring services. Done ! \n"));
  280. FreeLibrary( Dll_Handle );
  281. } else {
  282. if ( Dll_Handle )
  283. FreeLibrary(Dll_Handle);
  284. KdPrintEx((DPFLTR_SETUP_ID,
  285. DPFLTR_WARNING_LEVEL,
  286. "SETUP: Error while loading SCE\n"));
  287. SetuplogError(
  288. LogSevError,
  289. SETUPLOG_USE_MESSAGEID,
  290. MSG_LOG_LOAD_SECURITY_LIBRARY_FAILED,NULL,NULL);
  291. }
  292. } except(EXCEPTION_EXECUTE_HANDLER) {
  293. KdPrintEx((DPFLTR_SETUP_ID,
  294. DPFLTR_WARNING_LEVEL,
  295. "SETUP: Exception in SCE while configuring services (non-critical) \n"));
  296. SetuplogError(
  297. LogSevError,
  298. SETUPLOG_USE_MESSAGEID,
  299. MSG_LOG_SCE_EXCEPTION,NULL,NULL);
  300. }
  301. return;
  302. }
  303. DWORD
  304. pSceSetupRootSecurity(
  305. IN PVOID ThreadParam
  306. )
  307. {
  308. HINSTANCE Dll_Handle;
  309. FARPROC SceCall;
  310. BOOL Success = FALSE;
  311. try{
  312. if ( (Dll_Handle = LoadLibrary( L"scecli.dll" )) &&
  313. (SceCall = GetProcAddress(Dll_Handle,"SceSetupRootSecurity")) ) {
  314. KdPrintEx((DPFLTR_SETUP_ID,
  315. DPFLTR_INFO_LEVEL,
  316. "SETUP: SCE Setup root security. \n"));
  317. BEGIN_SECTION(L"SceSetupRootSecurity");
  318. SceCall();
  319. Success = TRUE;
  320. KdPrintEx((DPFLTR_SETUP_ID,
  321. DPFLTR_INFO_LEVEL,
  322. "SETUP: SCE Setup root security. Done ! \n"));
  323. bSceSetupRootSecurityComplete = TRUE;
  324. END_SECTION(L"SceSetupRootSecurity");
  325. FreeLibrary( Dll_Handle );
  326. } else {
  327. if ( Dll_Handle )
  328. FreeLibrary(Dll_Handle);
  329. KdPrintEx((DPFLTR_SETUP_ID,
  330. DPFLTR_WARNING_LEVEL,
  331. "SETUP: Error while loading SCE\n"));
  332. SetuplogError(
  333. LogSevError,
  334. SETUPLOG_USE_MESSAGEID,
  335. MSG_LOG_LOAD_SECURITY_LIBRARY_FAILED,NULL,NULL);
  336. }
  337. } except(EXCEPTION_EXECUTE_HANDLER) {
  338. KdPrintEx((DPFLTR_SETUP_ID,
  339. DPFLTR_WARNING_LEVEL,
  340. "SETUP: Exception in SCE while setting root security (non-critical) \n"));
  341. SetuplogError(
  342. LogSevError,
  343. SETUPLOG_USE_MESSAGEID,
  344. MSG_LOG_SCE_EXCEPTION,NULL,NULL);
  345. }
  346. return( Success);
  347. }
  348. VOID
  349. CallSceSetupRootSecurity( VOID )
  350. {
  351. DWORD ThreadId;
  352. SceSetupRootSecurityThreadHandle = CreateThread(
  353. NULL,
  354. 0,
  355. pSceSetupRootSecurity,
  356. 0,
  357. 0,
  358. &ThreadId
  359. );
  360. if ( !SceSetupRootSecurityThreadHandle) {
  361. KdPrintEx((DPFLTR_SETUP_ID,
  362. DPFLTR_WARNING_LEVEL,
  363. "SETUP: SCE Could not start thread to setup root security(non-critical) \n"));
  364. SetuplogError(
  365. LogSevError,
  366. SETUPLOG_USE_MESSAGEID,
  367. MSG_LOG_SCE_EXCEPTION,NULL,NULL);
  368. }
  369. return;
  370. }