mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
213 lines
6.6 KiB
213 lines
6.6 KiB
//////////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Copyright (c) 1999-2000 Microsoft Corporation
|
|
//
|
|
// Module Name:
|
|
// CEnableThreadPrivilege.cpp
|
|
//
|
|
// Description:
|
|
// Contains the definition of the CEnableThreadPrivilege class.
|
|
//
|
|
// Maintained By:
|
|
// Vij Vasu (Vvasu) 08-MAR-2000
|
|
//
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
// Include Files
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
|
|
// The precompiled header.
|
|
#include "pch.h"
|
|
|
|
// The header for this file
|
|
#include "CEnableThreadPrivilege.h"
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
//++
|
|
//
|
|
// CEnableThreadPrivilege::CEnableThreadPrivilege
|
|
//
|
|
// Description:
|
|
// Constructor of the CEnableThreadPrivilege class. Enables the specified
|
|
// privilege.
|
|
//
|
|
// Arguments:
|
|
// pcszPrivilegeNameIn
|
|
// Name of the privilege to be enabled.
|
|
//
|
|
// Return Value:
|
|
// None.
|
|
//
|
|
// Exceptions Thrown:
|
|
// CRuntimeError
|
|
// If any of the APIs fail.
|
|
//
|
|
//--
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
CEnableThreadPrivilege::CEnableThreadPrivilege( const WCHAR * pcszPrivilegeNameIn )
|
|
: m_hThreadToken( NULL )
|
|
, m_fPrivilegeEnabled( false )
|
|
{
|
|
BCATraceScope1( "pcszPrivilegeNameIn = '%ws'", pcszPrivilegeNameIn );
|
|
|
|
DWORD dwError = ERROR_SUCCESS;
|
|
|
|
do
|
|
{
|
|
TOKEN_PRIVILEGES tpPrivilege;
|
|
DWORD dwReturnLength = sizeof( m_tpPreviousState );
|
|
DWORD dwBufferLength = sizeof( tpPrivilege );
|
|
|
|
// Open the current thread token.
|
|
if ( OpenThreadToken(
|
|
GetCurrentThread()
|
|
, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
|
|
, TRUE
|
|
, &m_hThreadToken
|
|
)
|
|
== FALSE
|
|
)
|
|
{
|
|
dwError = GetLastError();
|
|
|
|
// If the thread has no token, then default to the process token.
|
|
if ( dwError == ERROR_NO_TOKEN )
|
|
{
|
|
BCATraceMsg( "The thread has no token. Trying to open the process token." );
|
|
|
|
if ( OpenProcessToken(
|
|
GetCurrentProcess()
|
|
, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
|
|
, &m_hThreadToken
|
|
)
|
|
== FALSE
|
|
)
|
|
{
|
|
dwError = TW32( GetLastError() );
|
|
BCATraceMsg1( "Error %#08x occurred trying to open the process token.", dwError );
|
|
break;
|
|
} // if: OpenProcessToken() failed.
|
|
|
|
// The process token was opened. All is well.
|
|
dwError = ERROR_SUCCESS;
|
|
|
|
} // if: the thread has no token
|
|
else
|
|
{
|
|
TW32( dwError );
|
|
BCATraceMsg1( "Error %#08x occurred trying to open the thread token.", dwError );
|
|
break;
|
|
} // if: some other error occurred
|
|
} // if: OpenThreadToken() failed
|
|
|
|
//
|
|
// Initialize the TOKEN_PRIVILEGES structure.
|
|
//
|
|
tpPrivilege.PrivilegeCount = 1;
|
|
|
|
if ( LookupPrivilegeValue( NULL, pcszPrivilegeNameIn, &tpPrivilege.Privileges[0].Luid ) == FALSE )
|
|
{
|
|
dwError = TW32( GetLastError() );
|
|
BCATraceMsg1( "Error %#08x occurred trying to lookup privilege value.", dwError );
|
|
break;
|
|
} // if: LookupPrivilegeValue() failed
|
|
|
|
tpPrivilege.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
|
|
|
|
// Enable the desired privilege.
|
|
if ( AdjustTokenPrivileges(
|
|
m_hThreadToken
|
|
, FALSE
|
|
, &tpPrivilege
|
|
, dwBufferLength
|
|
, &m_tpPreviousState
|
|
, &dwReturnLength
|
|
)
|
|
== FALSE
|
|
)
|
|
{
|
|
dwError = TW32( GetLastError() );
|
|
BCATraceMsg1( "Error %#08x occurred trying to enable the privilege.", dwError );
|
|
break;
|
|
} // if: AdjustTokenPrivileges() failed
|
|
|
|
LogMsg( "Privilege '%ws' enabled for the current thread.", pcszPrivilegeNameIn );
|
|
|
|
// Set a flag if the privilege was not already enabled.
|
|
m_fPrivilegeEnabled = ( m_tpPreviousState.Privileges[0].Attributes != SE_PRIVILEGE_ENABLED );
|
|
}
|
|
while( false ); // dummy do-while loop to avoid gotos
|
|
|
|
if ( dwError != ERROR_SUCCESS )
|
|
{
|
|
LogMsg( "Error %#08x occurred trying to enable privilege '%ws'.", dwError, pcszPrivilegeNameIn );
|
|
BCATraceMsg2( "Error %#08x occurred trying to enable privilege '%ws'. Throwing exception.", dwError, pcszPrivilegeNameIn );
|
|
THROW_RUNTIME_ERROR( HRESULT_FROM_WIN32( dwError ), IDS_ERROR_ENABLE_THREAD_PRIVILEGE );
|
|
} // if:something went wrong
|
|
|
|
} //*** CEnableThreadPrivilege::CEnableThreadPrivilege()
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
//++
|
|
//
|
|
// CEnableThreadPrivilege::~CEnableThreadPrivilege
|
|
//
|
|
// Description:
|
|
// Destructor of the CEnableThreadPrivilege class. Restores the specified
|
|
// privilege to its original state.
|
|
//
|
|
// Arguments:
|
|
// None.
|
|
//
|
|
// Return Value:
|
|
// None.
|
|
//
|
|
// Exceptions Thrown:
|
|
// None.
|
|
//
|
|
//--
|
|
//////////////////////////////////////////////////////////////////////////////
|
|
CEnableThreadPrivilege::~CEnableThreadPrivilege( void ) throw()
|
|
{
|
|
BCATraceScope( "" );
|
|
|
|
DWORD dwError = ERROR_SUCCESS;
|
|
|
|
if ( m_fPrivilegeEnabled )
|
|
{
|
|
if ( AdjustTokenPrivileges(
|
|
m_hThreadToken
|
|
, FALSE
|
|
, &m_tpPreviousState
|
|
, sizeof( m_tpPreviousState )
|
|
, NULL
|
|
, NULL
|
|
)
|
|
== FALSE
|
|
)
|
|
{
|
|
dwError = TW32( GetLastError() );
|
|
LogMsg( "Error %#08x occurred trying to restore privilege.", dwError );
|
|
BCATraceMsg1( "Error %#08x occurred trying to restore privilege.", dwError );
|
|
} // if: AdjustTokenPrivileges() failed
|
|
else
|
|
{
|
|
LogMsg( "Privilege restored.", dwError );
|
|
} // else: no errors
|
|
|
|
} // if: the privilege was successfully enabled in the constructor
|
|
else
|
|
{
|
|
LogMsg( "Privilege was enabled to begin with. Doing nothing.", dwError );
|
|
}
|
|
|
|
if ( m_hThreadToken != NULL )
|
|
{
|
|
CloseHandle( m_hThreadToken );
|
|
} // if: the thread handle was opened
|
|
|
|
} //*** CEnableThreadPrivilege::~CEnableThreadPrivilege()
|