windows-xp/Source/XPSP1/NT/shell/services/hdsrv/shsrvice/main.cpp

#include "shsrvice.h"

#include "dbg.h"
#include "tfids.h"

#pragma warning(push)
// FALSE positive below: gss
#pragma warning(disable : 4101)

// for now
static SECURITY_ATTRIBUTES     _sa = {0};
static ACL*                    _pacl = NULL;
static SID*                    _psidLocalUsers = NULL;
static SECURITY_DESCRIPTOR*    _psd = NULL;

HRESULT _InitSecurityDescriptor();
// for now

#ifdef UNICODE
extern "C"
{
int __cdecl wmain(int argc, wchar_t* argv[])
#else
int __cdecl main(int argc, char* argv[])
#endif
{
    TRACE(TF_SERVICE, TEXT("Entered main"));

    HRESULT hres = E_INVALIDARG;

#ifdef DEBUG
    CGenericServiceManager::_fRunAsService = FALSE;
#endif

    if (argc > 1)
    {
        hres = CGenericServiceManager::Init();

        if (!lstrcmpi(argv[1], TEXT("-i")) ||
            !lstrcmpi(argv[1], TEXT("/i")))
        {
            TRACE(TF_SERVICE, TEXT("Installing"));
            hres = CGenericServiceManager::Install();

            if (SUCCEEDED(hres))
            {
                TRACE(TF_SERVICE, TEXT("Install SUCCEEDED"));
            }
            else
            {
                TRACE(TF_SERVICE, TEXT("Install FAILED"));
            }
        }
        else
        {
            if (!lstrcmpi(argv[1], TEXT("-u")) ||
                !lstrcmpi(argv[1], TEXT("/u")))
            {
                TRACE(TF_SERVICE, TEXT("UnInstalling"));
                hres = CGenericServiceManager::UnInstall();

                if (SUCCEEDED(hres))
                {
                    TRACE(TF_SERVICE, TEXT("UnInstall SUCCEEDED"));
                }
                else
                {
                    TRACE(TF_SERVICE, TEXT("UnInstall FAILED"));
                }
            }
            else
            {
                hres = E_INVALIDARG;
            }
        }

        CGenericServiceManager::Cleanup();
    }
    else
    {
        hres = CoInitializeEx(NULL, COINIT_MULTITHREADED | COINIT_DISABLE_OLE1DDE);

        if (SUCCEEDED(hres))
        {
//            hres = _InitSecurityDescriptor();

            if (SUCCEEDED(hres))
            {
                hres = CoInitializeSecurity(_psd, -1, NULL, NULL,
                    RPC_C_AUTHN_LEVEL_PKT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL,
                    EOAC_NONE, NULL);

                if (SUCCEEDED(hres))
                {
                    // need to be here at most 2 seconds after being launched
                    hres = CGenericServiceManager::StartServiceCtrlDispatcher();
                }
                else
                {
                    TRACE(TF_SERVICE, TEXT("CoInitializeSecurity failed: 0x%08X"), hres);
                }
            }

            CoUninitialize();
        }
    }

    return hres;
}
#ifdef UNICODE
}
#endif
#pragma warning(pop)

HRESULT _InitSecurityDescriptor()
{
    HRESULT hres;

    if (_pacl)
    {
        hres = S_OK;
    }
    else
    {
        hres = E_FAIL;
//      This is for "Everyone":
//
//        SID_IDENTIFIER_AUTHORITY sidAuthNT = SECURITY_WORLD_SID_AUTHORITY;
//
//        if (AllocateAndInitializeSid(&sidAuthNT, 1, SECURITY_WORLD_RID,
//            0, 0, 0, 0, 0, 0, 0, (void**)&_psidLocalUsers))

        // This is for local entities only
        SID_IDENTIFIER_AUTHORITY sidAuthNT = SECURITY_NT_AUTHORITY;

        if (AllocateAndInitializeSid(&sidAuthNT, 1, SECURITY_INTERACTIVE_RID,
            0, 0, 0, 0, 0, 0, 0, (void**)&_psidLocalUsers))
        {
            DWORD cbacl = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) -
                sizeof(DWORD/*ACCESS_ALLOWED_ACE.SidStart*/) +
                GetLengthSid(_psidLocalUsers);

            _pacl = (ACL*)LocalAlloc(LPTR, cbacl);

            if (_pacl)
            {
                if (InitializeAcl(_pacl, cbacl, ACL_REVISION))
                {
                    if (AddAccessAllowedAce(_pacl, ACL_REVISION, FILE_ALL_ACCESS,
                        _psidLocalUsers))
                    {
                        _psd = (SECURITY_DESCRIPTOR*)LocalAlloc(LPTR,
                            sizeof(SECURITY_DESCRIPTOR));

                        if (_psd)
                        {
                            if (InitializeSecurityDescriptor(_psd,
                                SECURITY_DESCRIPTOR_REVISION))
                            {
                                if (SetSecurityDescriptorDacl(_psd, TRUE,
                                    _pacl, FALSE))
                                {
                                    if (IsValidSecurityDescriptor(_psd))
                                    {
                                        _sa.nLength = sizeof(_sa);
                                        _sa.lpSecurityDescriptor = _psd;
                                        _sa.bInheritHandle = TRUE;

                                        hres = S_OK;
                                    }
                                }
                            }
                        }
                        else
                        {
                            hres = E_OUTOFMEMORY;
                        }
                    }
                }
            }
            else
            {
                hres = E_OUTOFMEMORY;
            }
        }    

        if (FAILED(hres))
        {
            if (_psidLocalUsers)
            {
                FreeSid(_psidLocalUsers);
            }

            if (_pacl)
            {
                LocalFree((HLOCAL)_pacl);
            }

            if (_psd)
            {
                LocalFree((HLOCAL)_psd);
            }
        }
    }
  
    return hres;
}