archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/termsrv/admtools/utilsub/procutil.c

516 lines
14 KiB
Raw Normal View History

Add source files
4 years ago
  1. // Copyright (c) 1998-1999 Microsoft Corporation
  2. /******************************************************************************
  3. *
  4. * PROCUTIL.C
  5. *
  6. * Various useful utilities for dealing with processes
  7. * that are useful across a range of utilities and apps.
  8. *
  9. *
  10. *******************************************************************************/
  12. #include <nt.h>
  13. #include <ntrtl.h>
  14. #include <nturtl.h>
  15. #include <windows.h>
  16. #include <ntddkbd.h>
  17. #include <ntddmou.h>
  18. #include <assert.h>
  19. #include <stdio.h>
  20. #include <stdlib.h>
  21. #include <time.h>
  22. #include <process.h>
  23. #include <string.h>
  24. #include <malloc.h>
  26. #include <winstaw.h>
  27. #include <utilsub.h>
  29. // from helpers.c
  30. BOOL GetResourceStringFromUtilDll(UINT uID, LPTSTR szBuffer, int iBufferSize);
  31. void ErrorOutFromResource(UINT uiStringResource, ...);
  33. #include "utilsubres.h" // resources refrenced in this file.
  36. /*
  37. * Local function prototypes.
  38. */
  39. VOID LookupSidUser( PSID pSid, PWCHAR pUserName, PULONG pcbUserName );
  41. /*
  42. * RefreshProcessObjectCaches()
  43. *
  44. * Refresh (invalidate) any caches that may be used by process object
  45. * utilities.
  46. *
  47. * This is currently a place holder, but is here so that utilities can call
  48. * it, thus being isolated from any future decisions to add caching.
  49. */
  50. VOID WINAPI
  51. RefreshProcessObjectCaches()
  52. {
  53. RefreshUserSidCrcCache();
  54. }
  56. /******************************************************************************
  57. *
  58. * ProcessObjectMatch
  59. *
  60. * General Name match function against a process.
  61. *
  62. * The multi-user admin utilities can take a user name, winstation name,
  63. * a winstation id, or process id as an argument to a command that targets
  64. * a process for some action (query status, kill, etc.)
  65. *
  66. * This function does general compares of the supplied name to see if it
  67. * applies to the given process because the name represents the NT user
  68. * account, a winstations system name, the winstations unique id, or the
  69. * processes unique id.
  70. *
  71. * The various information about a process is supplied by the caller. Because
  72. * of the way processes are enumerated from the NT system, it is easier
  73. * and faster for the caller to supply this information than for the routine
  74. * to retrieve it itself. This could be folded into a general EnumerateProcess()
  75. * if needed. Currently this routine serves the purpose of having one unified
  76. * way of handling process objects across all utilities.
  77. *
  78. *
  79. * Matching:
  80. *
  81. * An integer number is assumed to be an NT process ID unless NumberIsLogonId
  82. * is set, which then says to treat it as a LogonId.
  83. *
  84. * A name starting with a character is tested first as a winstation name, then
  85. * as a user name, finally as a program image name. A user or group name
  86. * could stand alone, or be preceded by a '\' to be [somewhat] compatible
  87. * with the OS/2 product.
  88. *
  89. * Parameters:
  90. *
  91. * Pid (input)
  92. * Windows NT unique process identifier
  93. * LogonId (input)
  94. * Logon (also called Session) ID the process is executing on.
  95. * NumberIsLogonId (input)
  96. * Treat a number in pMatchName as a LogonId not an PID number.
  97. * pMatchName (input)
  98. * Name for match testing
  99. * pWinStationName (input)
  100. * Name of WinStation for process.
  101. * pUserName (input)
  102. * Name of User for process.
  103. * pImageName (input)
  104. * Image name of executing program for process.
  105. *
  106. *****************************************************************************/
  108. BOOLEAN WINAPI
  109. ProcessObjectMatch( HANDLE Pid,
  110. ULONG LogonId,
  111. int NumberIsLogonId,
  112. PWCHAR pMatchName,
  113. PWCHAR pWinStationName,
  114. PWCHAR pUserName,
  115. PWCHAR pImageName )
  116. {
  117. ULONG tmp;
  118. HANDLE htmp;
  120. /*
  121. * Check for wild card
  122. */
  123. if( pMatchName[0] == L'*' ) return( TRUE );
  125. /*
  126. * If someone puts a '\' in front of pMatchName, strip it off
  127. */
  128. if( pMatchName[0] == L'\\' ) pMatchName++;
  130. /*
  131. * First, if the match name is a number, check for == to process ID or
  132. * LogonId.
  133. */
  134. if( iswdigit( pMatchName[0] ) ) {
  135. tmp = wcstol( pMatchName, NULL, 10 );
  136. htmp = LongToPtr (tmp);
  138. if( NumberIsLogonId && (tmp == LogonId) )
  139. return( TRUE );
  140. else if( htmp == Pid )
  141. return( TRUE );
  142. else
  143. return( FALSE );
  144. }
  146. /*
  147. * Then, check the match name against the WinStation Name of the process.
  148. */
  149. if ( !_wcsicmp( pWinStationName, pMatchName ) ) {
  150. return( TRUE );
  151. }
  153. /*
  154. * Then, check the match name against the UserName of the process.
  155. */
  156. if( !_wcsicmp( pUserName, pMatchName ) ) {
  157. return( TRUE );
  158. }
  160. /*
  161. * Finally, check the match name against the image name of the process.
  162. */
  163. if( !_wcsicmp( pImageName, pMatchName ) ) {
  164. return(TRUE);
  165. }
  167. return( FALSE );
  168. }
  171. /*
  172. * This is the cache maintained by the GetUserNameFromSid function
  173. *
  174. * It is thread safe through the use of ULock.
  175. */
  177. typedef struct TAGUSERSIDLIST {
  178. struct TAGUSERSIDLIST *Next;
  179. USHORT SidCrc;
  180. WCHAR UserName[USERNAME_LENGTH];
  181. } USERSIDLIST, *PUSERSIDLIST;
  183. static PUSERSIDLIST pUList = NULL;
  184. static RTL_CRITICAL_SECTION ULock;
  185. static BOOLEAN ULockInited = FALSE;
  187. /***************************************************************************
  188. *
  189. * InitULock
  190. *
  191. * Since we do not require the user to call an initialize function,
  192. * we must initialize our critical section in a thread safe manner.
  193. *
  194. * The problem is, a critical section is needed to guard against multiple
  195. * threads trying to init the critical section at the same time.
  196. *
  197. * The solution that Nt uses, in which RtlInitializeCriticalSection itself
  198. * uses, is to wait on a kernel supported process wide Mutant before proceding.
  199. * This Mutant almost works by itself, but RtlInitializeCriticalSection does
  200. * not wait on it until after trashing the semaphore count. So we wait on
  201. * it ourselves, since it can be acquired recursively.
  202. *
  203. ***************************************************************************/
  204. NTSTATUS InitULock()
  205. {
  206. NTSTATUS status = STATUS_SUCCESS;
  208. RtlEnterCriticalSection((PRTL_CRITICAL_SECTION)NtCurrentPeb()->LoaderLock);
  210. /*
  211. * Make sure another thread did not beat us here
  212. */
  213. if( ULockInited == FALSE ){
  214. status = RtlInitializeCriticalSection( &ULock );
  215. if (status == STATUS_SUCCESS) {
  216. ULockInited = TRUE;
  217. }
  218. }
  220. RtlLeaveCriticalSection((PRTL_CRITICAL_SECTION)NtCurrentPeb()->LoaderLock);
  222. return status;
  223. }
  226. /***************************************************************************
  227. *
  228. * RefreshUserSidCrcCache
  229. *
  230. * Invalidate the User/SidCrc cache so that the newest information
  231. * will be fetched from the system.
  232. *
  233. ***************************************************************************/
  235. VOID WINAPI
  236. RefreshUserSidCrcCache( )
  237. {
  238. NTSTATUS status = STATUS_SUCCESS;
  239. PUSERSIDLIST pEntry, pNext;
  241. if( pUList == NULL ) return;
  243. /*
  244. * Make sure critical section has been inited
  245. */
  246. if( !ULockInited ) {
  247. status = InitULock();
  248. }
  250. if (status == STATUS_SUCCESS) {
  251. RtlEnterCriticalSection( &ULock );
  253. pEntry = pUList;
  255. while( pEntry ) {
  256. pNext = pEntry->Next;
  257. free( pEntry );
  258. pEntry = pNext;
  259. }
  261. pUList = NULL;
  263. RtlLeaveCriticalSection( &ULock );
  264. }
  265. }
  268. /******************************************************************************
  269. *
  270. * GetUserNameFromSid
  271. *
  272. * Attempts to retrieve the user (login) name of the process by first looking
  273. * in our User/SidCrc cache table, then (if no match) looking up the SID in
  274. * the SAM database and adding the new entry to the User/SidCrc table.
  275. *
  276. * Input
  277. *
  278. * IN pUserSid Sid pointer
  279. *
  280. * OUT NameBuf WCHAR pointer to buffer for name
  281. *
  282. * IN/OUT pBufSize PULONG NameBuf size
  283. *
  284. * Will always return a user name, which will be "(unknown)" if the SID is
  285. * invalid or can't determine the user/SID relationship for any other reason.
  286. *
  287. *****************************************************************************/
  289. VOID WINAPI
  290. GetUserNameFromSid( PSID pUserSid, PWCHAR pBuffer, PULONG pcbBuffer )
  291. {
  292. NTSTATUS status = STATUS_SUCCESS;
  293. USHORT SidCrc = 0;
  294. PUSERSIDLIST pEntry;
  296. /*
  297. * Make sure critical section has been inited
  298. */
  299. if( !ULockInited ) {
  300. status = InitULock();
  301. }
  303. /*
  304. * Determine SID length in bytes and calculate a 16-bit CRC for it,
  305. * to facilitate quick matching.
  306. */
  307. if ( pUserSid )
  308. SidCrc = CalculateCrc16( (PBYTE)pUserSid,
  309. (USHORT)GetLengthSid(pUserSid) );
  311. /*
  312. * First: Before performing the expensive LookupAccountSid() function,
  313. * see if we've encountered this SID already, and match the user name
  314. * if so.
  315. */
  316. if ( status == STATUS_SUCCESS && pUList ) {
  318. RtlEnterCriticalSection( &ULock );
  320. pEntry = pUList;
  322. while( pEntry ) {
  324. if ( SidCrc == pEntry->SidCrc ) {
  326. wcsncpy( pBuffer, pEntry->UserName, (*pcbBuffer)-1 );
  327. pBuffer[(*pcbBuffer)-1] = 0;
  328. *pcbBuffer = wcslen(pBuffer);
  329. RtlLeaveCriticalSection( &ULock );
  330. return;
  331. }
  332. pEntry = pEntry->Next;
  333. }
  335. RtlLeaveCriticalSection( &ULock );
  336. }
  338. /*
  339. * Last resort: Determine the user name associated with the SID using
  340. * the LookupAccountSid() API, embedded in our local function
  341. * LookupSidUser().
  342. */
  343. LookupSidUser( pUserSid, pBuffer, pcbBuffer );
  345. /*
  346. * Add this new User/Sid relationship in our User/Sid cache list.
  347. */
  348. if (status == STATUS_SUCCESS) {
  349. RtlEnterCriticalSection( &ULock );
  351. if ( (pEntry = (PUSERSIDLIST)malloc(sizeof(USERSIDLIST))) ) {
  353. pEntry->SidCrc = SidCrc;
  354. wcsncpy( pEntry->UserName, pBuffer, USERNAME_LENGTH - 1 );
  355. pEntry->UserName[USERNAME_LENGTH-1] = 0;
  356. pEntry->Next = pUList;
  357. pUList = pEntry;
  358. }
  360. RtlLeaveCriticalSection( &ULock );
  361. }
  362. }
  365. /******************************************************************************
  366. * LookupSidUser
  367. *
  368. * Fetch the user name associated with the specified SID.
  369. *
  370. * ENTRY:
  371. * pSid (input)
  372. * Points to SID to match to user name.
  373. * pUserName (output)
  374. * Points to buffer to place the user name into.
  375. * pcbUserName (input/output)
  376. * Specifies the size in bytes of the user name buffer. The returned
  377. * user name will be truncated to fit this buffer (including NUL
  378. * terminator) if necessary and this variable set to the number of
  379. * characters copied to pUserName.
  380. *
  381. * EXIT:
  382. *
  383. * LookupSidUser() will always return a user name. If the specified
  384. * SID fails to match to a user name, then the user name "(unknown)" will
  385. * be returned.
  386. *
  387. *****************************************************************************/
  389. VOID
  390. LookupSidUser( PSID pSid,
  391. PWCHAR pUserName,
  392. PULONG pcbUserName )
  393. {
  394. WCHAR DomainBuffer[DOMAIN_LENGTH], UserBuffer[USERNAME_LENGTH];
  395. DWORD cbDomainBuffer=sizeof(DomainBuffer), cbUserBuffer=sizeof(UserBuffer),
  396. Error;
  397. PWCHAR pDomainBuffer = NULL, pUserBuffer = NULL;
  398. SID_NAME_USE SidNameUse;
  400. /*
  401. * Fetch user name from SID: try user lookup with a reasonable Domain and
  402. * Sid buffer size first, before resorting to alloc.
  403. */
  404. if ( !LookupAccountSid( NULL, pSid,
  405. UserBuffer, &cbUserBuffer,
  406. DomainBuffer, &cbDomainBuffer, &SidNameUse ) ) {
  408. if ( ((Error = GetLastError()) == ERROR_INSUFFICIENT_BUFFER) ) {
  410. if ( cbDomainBuffer > sizeof(DomainBuffer) ) {
  412. if ( !(pDomainBuffer =
  413. (PWCHAR)malloc(
  414. cbDomainBuffer * sizeof(WCHAR))) ) {
  416. Error = ERROR_NOT_ENOUGH_MEMORY;
  417. goto BadDomainAlloc;
  418. }
  419. }
  421. if ( cbUserBuffer > sizeof(UserBuffer) ) {
  423. if ( !(pUserBuffer =
  424. (PWCHAR)malloc(
  425. cbUserBuffer * sizeof(WCHAR))) ) {
  427. Error = ERROR_NOT_ENOUGH_MEMORY;
  428. goto BadUserAlloc;
  429. }
  430. }
  432. if ( !LookupAccountSid( NULL, pSid,
  433. pUserBuffer ?
  434. pUserBuffer : UserBuffer,
  435. &cbUserBuffer,
  436. pDomainBuffer ?
  437. pDomainBuffer : DomainBuffer,
  438. &cbDomainBuffer,
  439. &SidNameUse ) ) {
  441. Error = GetLastError();
  442. goto BadLookup;
  443. }
  445. } else {
  447. goto BadLookup;
  448. }
  449. }
  451. /*
  452. * Copy the user name into the specified buffer, truncating if necessary.
  453. */
  454. wcsncpy( pUserName, pUserBuffer ? pUserBuffer : UserBuffer,
  455. (*pcbUserName)-1 );
  456. pUserName[(*pcbUserName)-1] = 0;
  457. *pcbUserName = wcslen(pUserName);
  459. /*
  460. * Free our allocs (if any) and return.
  461. */
  462. if ( pDomainBuffer )
  463. free(pDomainBuffer);
  464. if ( pUserBuffer )
  465. free(pUserBuffer);
  466. return;
  468. /*--------------------------------------
  469. * Error clean-up and return...
  470. */
  471. BadLookup:
  472. BadUserAlloc:
  473. BadDomainAlloc:
  474. if ( pDomainBuffer )
  475. free(pDomainBuffer);
  476. if ( pUserBuffer )
  477. free(pUserBuffer);
  478. GetResourceStringFromUtilDll(IDS_UNKNOWN_USERNAME, pUserName, (*pcbUserName)-1);
  479. pUserName[(*pcbUserName)-1] = 0;
  480. *pcbUserName = wcslen(pUserName);
  481. return;
  482. }
  484. /*******************************************************************************
  485. *
  486. * AreWeRunningTerminalServices
  487. *
  488. * Check if we are running terminal server
  489. *
  490. * ENTRY:
  491. *
  492. * EXIT: BOOL: True if we are running Terminal Services False if we
  493. * are not running Terminal Services
  494. *
  495. *
  496. ******************************************************************************/
  498. BOOL AreWeRunningTerminalServices(void)
  499. {
  500. OSVERSIONINFOEX osVersionInfo;
  501. DWORDLONG dwlConditionMask = 0;
  503. ZeroMemory(&osVersionInfo, sizeof(OSVERSIONINFOEX));
  504. osVersionInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
  505. osVersionInfo.wSuiteMask = VER_SUITE_TERMINAL | VER_SUITE_SINGLEUSERTS;
  507. VER_SET_CONDITION( dwlConditionMask, VER_SUITENAME, VER_OR );
  509. return VerifyVersionInfo(
  510. &osVersionInfo,
  511. VER_SUITENAME,
  512. dwlConditionMask
  513. );
  514. }