Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

213 lines
6.6 KiB

//////////////////////////////////////////////////////////////////////////////
//
// Copyright (c) 1999-2000 Microsoft Corporation
//
// Module Name:
// CEnableThreadPrivilege.cpp
//
// Description:
// Contains the definition of the CEnableThreadPrivilege class.
//
// Maintained By:
// Vij Vasu (Vvasu) 08-MAR-2000
//
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
// Include Files
//////////////////////////////////////////////////////////////////////////////
// The precompiled header.
#include "pch.h"
// The header for this file
#include "CEnableThreadPrivilege.h"
//////////////////////////////////////////////////////////////////////////////
//++
//
// CEnableThreadPrivilege::CEnableThreadPrivilege
//
// Description:
// Constructor of the CEnableThreadPrivilege class. Enables the specified
// privilege.
//
// Arguments:
// pcszPrivilegeNameIn
// Name of the privilege to be enabled.
//
// Return Value:
// None.
//
// Exceptions Thrown:
// CRuntimeError
// If any of the APIs fail.
//
//--
//////////////////////////////////////////////////////////////////////////////
CEnableThreadPrivilege::CEnableThreadPrivilege( const WCHAR * pcszPrivilegeNameIn )
: m_hThreadToken( NULL )
, m_fPrivilegeEnabled( false )
{
BCATraceScope1( "pcszPrivilegeNameIn = '%ws'", pcszPrivilegeNameIn );
DWORD dwError = ERROR_SUCCESS;
do
{
TOKEN_PRIVILEGES tpPrivilege;
DWORD dwReturnLength = sizeof( m_tpPreviousState );
DWORD dwBufferLength = sizeof( tpPrivilege );
// Open the current thread token.
if ( OpenThreadToken(
GetCurrentThread()
, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
, TRUE
, &m_hThreadToken
)
== FALSE
)
{
dwError = GetLastError();
// If the thread has no token, then default to the process token.
if ( dwError == ERROR_NO_TOKEN )
{
BCATraceMsg( "The thread has no token. Trying to open the process token." );
if ( OpenProcessToken(
GetCurrentProcess()
, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
, &m_hThreadToken
)
== FALSE
)
{
dwError = TW32( GetLastError() );
BCATraceMsg1( "Error %#08x occurred trying to open the process token.", dwError );
break;
} // if: OpenProcessToken() failed.
// The process token was opened. All is well.
dwError = ERROR_SUCCESS;
} // if: the thread has no token
else
{
TW32( dwError );
BCATraceMsg1( "Error %#08x occurred trying to open the thread token.", dwError );
break;
} // if: some other error occurred
} // if: OpenThreadToken() failed
//
// Initialize the TOKEN_PRIVILEGES structure.
//
tpPrivilege.PrivilegeCount = 1;
if ( LookupPrivilegeValue( NULL, pcszPrivilegeNameIn, &tpPrivilege.Privileges[0].Luid ) == FALSE )
{
dwError = TW32( GetLastError() );
BCATraceMsg1( "Error %#08x occurred trying to lookup privilege value.", dwError );
break;
} // if: LookupPrivilegeValue() failed
tpPrivilege.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
// Enable the desired privilege.
if ( AdjustTokenPrivileges(
m_hThreadToken
, FALSE
, &tpPrivilege
, dwBufferLength
, &m_tpPreviousState
, &dwReturnLength
)
== FALSE
)
{
dwError = TW32( GetLastError() );
BCATraceMsg1( "Error %#08x occurred trying to enable the privilege.", dwError );
break;
} // if: AdjustTokenPrivileges() failed
LogMsg( "Privilege '%ws' enabled for the current thread.", pcszPrivilegeNameIn );
// Set a flag if the privilege was not already enabled.
m_fPrivilegeEnabled = ( m_tpPreviousState.Privileges[0].Attributes != SE_PRIVILEGE_ENABLED );
}
while( false ); // dummy do-while loop to avoid gotos
if ( dwError != ERROR_SUCCESS )
{
LogMsg( "Error %#08x occurred trying to enable privilege '%ws'.", dwError, pcszPrivilegeNameIn );
BCATraceMsg2( "Error %#08x occurred trying to enable privilege '%ws'. Throwing exception.", dwError, pcszPrivilegeNameIn );
THROW_RUNTIME_ERROR( HRESULT_FROM_WIN32( dwError ), IDS_ERROR_ENABLE_THREAD_PRIVILEGE );
} // if:something went wrong
} //*** CEnableThreadPrivilege::CEnableThreadPrivilege()
//////////////////////////////////////////////////////////////////////////////
//++
//
// CEnableThreadPrivilege::~CEnableThreadPrivilege
//
// Description:
// Destructor of the CEnableThreadPrivilege class. Restores the specified
// privilege to its original state.
//
// Arguments:
// None.
//
// Return Value:
// None.
//
// Exceptions Thrown:
// None.
//
//--
//////////////////////////////////////////////////////////////////////////////
CEnableThreadPrivilege::~CEnableThreadPrivilege( void ) throw()
{
BCATraceScope( "" );
DWORD dwError = ERROR_SUCCESS;
if ( m_fPrivilegeEnabled )
{
if ( AdjustTokenPrivileges(
m_hThreadToken
, FALSE
, &m_tpPreviousState
, sizeof( m_tpPreviousState )
, NULL
, NULL
)
== FALSE
)
{
dwError = TW32( GetLastError() );
LogMsg( "Error %#08x occurred trying to restore privilege.", dwError );
BCATraceMsg1( "Error %#08x occurred trying to restore privilege.", dwError );
} // if: AdjustTokenPrivileges() failed
else
{
LogMsg( "Privilege restored.", dwError );
} // else: no errors
} // if: the privilege was successfully enabled in the constructor
else
{
LogMsg( "Privilege was enabled to begin with. Doing nothing.", dwError );
}
if ( m_hThreadToken != NULL )
{
CloseHandle( m_hThreadToken );
} // if: the thread handle was opened
} //*** CEnableThreadPrivilege::~CEnableThreadPrivilege()