BOOL IsWindowsOS(VOID)
{
// TODO? :
// Load the "SystemRoot\System32\Config\SOFTWARE" hive and mount it,
// then go to (SOFTWARE\\)Microsoft\\Windows NT\\CurrentVersion,
// check the REG_SZ value "ProductName" and see whether it's "Windows"
// or "ReactOS". One may also check the REG_SZ "CurrentVersion" value,
// the REG_SZ "SystemRoot" and "PathName" values (what are the differences??).
//
// Optionally, looking at the SYSTEM hive, CurrentControlSet\\Control,
// REG_SZ values "SystemBootDevice" (and "FirmwareBootDevice" ??)...
//
/* ReactOS reports as Windows NT 5.2 */
HKEY hKey = NULL;
if (RegOpenKeyExW(HKEY_LOCAL_MACHINE,
L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion",
0, KEY_QUERY_VALUE, &hKey) == ERROR_SUCCESS)
{
LONG ret;
DWORD dwType = 0, dwBufSize = 0;
ret = RegQueryValueExW(hKey, L"ProductName", NULL, &dwType, NULL, &dwBufSize);
if (ret == ERROR_SUCCESS && dwType == REG_SZ)
{
LPTSTR lpszProductName = (LPTSTR)MemAlloc(0, dwBufSize);
RegQueryValueExW(hKey, L"ProductName", NULL, &dwType, (LPBYTE)lpszProductName, &dwBufSize);
bIsWindowsOS = (FindSubStrI(lpszProductName, _T("Windows")) != NULL);
MemFree(lpszProductName);
}
RegCloseKey(hKey);
}
return bIsWindowsOS;
}
//
// TODO: Instead of returning TRUE/FALSE, it would be nice to return
// a flag indicating:
// - whether the installation is actually valid;
// - if it's broken or not (aka. needs for repair, or just upgrading).
//
static BOOLEAN
IsValidNTOSInstallationByHandle(
IN HANDLE SystemRootDirectory)
{
BOOLEAN Success = FALSE;
PCWSTR PathName;
USHORT i;
UNICODE_STRING VendorName;
WCHAR VendorNameBuffer[MAX_PATH];
/* Check for the existence of \SystemRoot\System32 */
PathName = L"System32\\";
if (!DoesPathExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
/* Check for the existence of \SystemRoot\System32\drivers */
PathName = L"System32\\drivers\\";
if (!DoesPathExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
/* Check for the existence of \SystemRoot\System32\config */
PathName = L"System32\\config\\";
if (!DoesPathExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
#if 0
/*
* Check for the existence of SYSTEM and SOFTWARE hives in \SystemRoot\System32\config
* (but we don't check here whether they are actually valid).
*/
PathName = L"System32\\config\\SYSTEM";
if (!DoesFileExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
PathName = L"System32\\config\\SOFTWARE";
if (!DoesFileExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
#endif
RtlInitEmptyUnicodeString(&VendorName, VendorNameBuffer, sizeof(VendorNameBuffer));
/* Check for the existence of \SystemRoot\System32\ntoskrnl.exe and retrieves its vendor name */
PathName = L"System32\\ntoskrnl.exe";
Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &VendorName);
if (!Success)
DPRINT1("Kernel executable '%S' is either not a PE file, or does not have any vendor?\n", PathName);
/* The kernel gives the OS its flavour */
if (Success)
{
for (i = 0; i < ARRAYSIZE(KnownVendors); ++i)
{
Success = !!FindSubStrI(VendorName.Buffer, KnownVendors[i]);
if (Success)
{
/* We have found a correct vendor combination */
DPRINT1("IsValidNTOSInstallation: We've got an NTOS installation from %S !\n", KnownVendors[i]);
break;
}
}
}
/* OPTIONAL: Check for the existence of \SystemRoot\System32\ntkrnlpa.exe */
/* Check for the existence of \SystemRoot\System32\ntdll.dll and retrieves its vendor name */
PathName = L"System32\\ntdll.dll";
Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &VendorName);
if (!Success)
DPRINT1("User-mode DLL '%S' is either not a PE file, or does not have any vendor?\n", PathName);
if (Success)
{
for (i = 0; i < ARRAYSIZE(KnownVendors); ++i)
{
if (!!FindSubStrI(VendorName.Buffer, KnownVendors[i]))
{
/* We have found a correct vendor combination */
DPRINT1("IsValidNTOSInstallation: The user-mode DLL '%S' is from %S\n", PathName, KnownVendors[i]);
break;
}
}
}
return Success;
}
//
// TODO: Instead of returning TRUE/FALSE, it would be nice to return
// a flag indicating:
// - whether the installation is actually valid;
// - if it's broken or not (aka. needs for repair, or just upgrading).
//
static BOOLEAN
IsValidNTOSInstallationByHandle(
IN HANDLE SystemRootDirectory,
OUT PUSHORT Machine OPTIONAL,
OUT PUNICODE_STRING VendorName OPTIONAL)
{
BOOLEAN Success = FALSE;
PCWSTR PathName;
USHORT i;
USHORT LocalMachine;
UNICODE_STRING LocalVendorName;
WCHAR VendorNameBuffer[MAX_PATH];
/* Check for VendorName validity */
if (VendorName->MaximumLength < sizeof(UNICODE_NULL))
{
/* Don't use it, invalidate the pointer */
VendorName = NULL;
}
else
{
/* Zero it out */
*VendorName->Buffer = UNICODE_NULL;
VendorName->Length = 0;
}
/* Check for the existence of \SystemRoot\System32 */
PathName = L"System32\\";
if (!DoesDirExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
/* Check for the existence of \SystemRoot\System32\drivers */
PathName = L"System32\\drivers\\";
if (!DoesDirExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
/* Check for the existence of \SystemRoot\System32\config */
PathName = L"System32\\config\\";
if (!DoesDirExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
#if 0
/*
* Check for the existence of SYSTEM and SOFTWARE hives in \SystemRoot\System32\config
* (but we don't check here whether they are actually valid).
*/
PathName = L"System32\\config\\SYSTEM";
if (!DoesFileExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
PathName = L"System32\\config\\SOFTWARE";
if (!DoesFileExist(SystemRootDirectory, PathName))
{
// DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status);
return FALSE;
}
#endif
RtlInitEmptyUnicodeString(&LocalVendorName, VendorNameBuffer, sizeof(VendorNameBuffer));
/* Check for the existence of \SystemRoot\System32\ntoskrnl.exe and retrieves its vendor name */
PathName = L"System32\\ntoskrnl.exe";
Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &LocalMachine, &LocalVendorName);
if (!Success)
DPRINT1("Kernel executable '%S' is either not a PE file, or does not have any vendor?\n", PathName);
/*
* The kernel gives the OS its flavour. If we failed due to the absence of
* ntoskrnl.exe this might be due to the fact this particular installation
* uses a custom kernel that has a different name, overridden in the boot
* parameters. We then rely on the existence of ntdll.dll, which cannot be
* renamed on a valid NT system.
*/
if (Success)
{
for (i = 0; i < ARRAYSIZE(KnownVendors); ++i)
{
Success = !!FindSubStrI(LocalVendorName.Buffer, KnownVendors[i]);
if (Success)
{
/* We have found a correct vendor combination */
DPRINT("IsValidNTOSInstallation: We've got an NTOS installation from %S !\n", KnownVendors[i]);
break;
}
}
/* Return the target architecture */
if (Machine)
{
/* Copy the value and invalidate the pointer */
*Machine = LocalMachine;
Machine = NULL;
}
/* Return the vendor name */
if (VendorName)
{
/* Copy the string and invalidate the pointer */
RtlCopyUnicodeString(VendorName, &LocalVendorName);
VendorName = NULL;
}
}
/* OPTIONAL: Check for the existence of \SystemRoot\System32\ntkrnlpa.exe */
/* Check for the existence of \SystemRoot\System32\ntdll.dll and retrieves its vendor name */
PathName = L"System32\\ntdll.dll";
Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &LocalMachine, &LocalVendorName);
if (!Success)
DPRINT1("User-mode DLL '%S' is either not a PE file, or does not have any vendor?\n", PathName);
if (Success)
{
for (i = 0; i < ARRAYSIZE(KnownVendors); ++i)
{
if (!!FindSubStrI(LocalVendorName.Buffer, KnownVendors[i]))
{
/* We have found a correct vendor combination */
DPRINT("IsValidNTOSInstallation: The user-mode DLL '%S' is from %S\n", PathName, KnownVendors[i]);
break;
}
}
/* Return the target architecture if not already obtained */
if (Machine)
{
/* Copy the value and invalidate the pointer */
*Machine = LocalMachine;
Machine = NULL;
}
/* Return the vendor name if not already obtained */
if (VendorName)
{
/* Copy the string and invalidate the pointer */
RtlCopyUnicodeString(VendorName, &LocalVendorName);
VendorName = NULL;
}
}
return Success;
}
static void AddService(SC_HANDLE hSCManager, LPENUM_SERVICE_STATUS_PROCESS Service, BOOL bHideOSVendorServices)
{
//
// Retrieve a handle to the service.
//
SC_HANDLE hService = OpenServiceW(hSCManager, Service->lpServiceName, SERVICE_QUERY_CONFIG);
if (hService == NULL)
return;
DWORD dwBytesNeeded = 0;
QueryServiceConfigW(hService, NULL, 0, &dwBytesNeeded);
// if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
LPQUERY_SERVICE_CONFIG lpServiceConfig = (LPQUERY_SERVICE_CONFIG)MemAlloc(0, dwBytesNeeded);
if (!lpServiceConfig)
{
CloseServiceHandle(hService);
return;
}
QueryServiceConfigW(hService, lpServiceConfig, dwBytesNeeded, &dwBytesNeeded);
//
// Get the service's vendor...
//
LPWSTR lpszVendor = NULL;
{
// Isolate only the executable path, without any arguments.
// TODO: Correct at the level of CmdLineToArgv the potential bug when lpszFilename == NULL.
#if 0 // Disabled until CmdLineToArgv is included
unsigned int argc = 0;
LPWSTR* argv = NULL;
CmdLineToArgv(lpServiceConfig->lpBinaryPathName, &argc, &argv, L" \t");
if (argc >= 1 && argv[0])
lpszVendor = GetExecutableVendor(argv[0]);
#else
// Hackish solution taken from the original srvpage.c.
// Will be removed after CmdLineToArgv is introduced.
WCHAR FileName[MAX_PATH];
memset(&FileName, 0, sizeof(FileName));
if (wcscspn(lpServiceConfig->lpBinaryPathName, L"\""))
{
wcsncpy(FileName, lpServiceConfig->lpBinaryPathName, wcscspn(lpServiceConfig->lpBinaryPathName, L" ") );
}
else
{
wcscpy(FileName, lpServiceConfig->lpBinaryPathName);
}
lpszVendor = GetExecutableVendor(FileName);
#endif
if (!lpszVendor)
lpszVendor = LoadResourceString(hInst, IDS_UNKNOWN);
#if 0
MemFree(argv);
#endif
}
// ...and display or not the Microsoft / ReactOS services.
BOOL bContinue = TRUE;
if (bHideOSVendorServices)
{
if (FindSubStrI(lpszVendor, bIsWindows ? IDS_MICROSOFT : IDS_REACTOS))
bContinue = FALSE;
}
if (bContinue)
{
BOOL bIsServiceEnabled = (lpServiceConfig->dwStartType != SERVICE_DISABLED);
BOOL bAddServiceToList = FALSE;
BOOL bIsModifiedService = FALSE;
RegistryDisabledServiceItemParams params = {};
//
// Try to look into the user modifications list...
//
POSITION it = userModificationsList.Find(Service->lpServiceName);
if (it)
{
bAddServiceToList = TRUE;
bIsModifiedService = TRUE;
}
//
// ...if not found, try to find if the disabled service is in the registry.
//
if (!bAddServiceToList)
{
if (!bIsServiceEnabled)
{
QUERY_REGISTRY_KEYS_TABLE KeysQueryTable[2] = {};
KeysQueryTable[0].QueryRoutine = GetRegistryKeyedDisabledServicesQueryRoutine;
KeysQueryTable[0].EntryContext = ¶ms;
RegQueryRegistryKeys(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Shared Tools\\MSConfig\\services", KeysQueryTable, Service->lpServiceName);
bAddServiceToList = params.bIsPresent;
if (bIsWindows && bIsPreVistaOSVersion && !bAddServiceToList)
{
QUERY_REGISTRY_VALUES_TABLE ValuesQueryTable[2] = {};
ValuesQueryTable[0].QueryRoutine = GetRegistryValuedDisabledServicesQueryRoutine;
ValuesQueryTable[0].EntryContext = ¶ms;
RegQueryRegistryValues(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Shared Tools\\MSConfig\\services", ValuesQueryTable, Service->lpServiceName);
bAddServiceToList = params.bIsPresent;
}
}
else
{
bAddServiceToList = TRUE;
}
}
if (bAddServiceToList)
{
//
// Check if service is required by the system.
//
BOOL bIsRequired = FALSE;
dwBytesNeeded = 0;
QueryServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, NULL, 0, &dwBytesNeeded);
// if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
LPSERVICE_FAILURE_ACTIONS lpServiceFailureActions = (LPSERVICE_FAILURE_ACTIONS)MemAlloc(0, dwBytesNeeded);
if (!lpServiceFailureActions)
{
MemFree(lpszVendor);
MemFree(lpServiceConfig);
CloseServiceHandle(hService);
return;
}
QueryServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, (LPBYTE)lpServiceFailureActions, dwBytesNeeded, &dwBytesNeeded);
// In Microsoft's MSConfig, things are done just like that!! (extracted string values from msconfig.exe)
if ( ( wcsicmp(Service->lpServiceName, L"rpcss" ) == 0 ||
wcsicmp(Service->lpServiceName, L"rpclocator") == 0 ||
wcsicmp(Service->lpServiceName, L"dcomlaunch") == 0 ) ||
( lpServiceFailureActions &&
(lpServiceFailureActions->cActions >= 1) &&
(lpServiceFailureActions->lpsaActions[0].Type == SC_ACTION_REBOOT) ) ) // We add also this test, which corresponds to real life.
{
bIsRequired = TRUE;
}
MemFree(lpServiceFailureActions);
//
// Add the service into the list.
//
LVITEM item = {};
item.mask = LVIF_TEXT | LVIF_PARAM;
item.pszText = Service->lpDisplayName;
item.lParam = reinterpret_cast<LPARAM>(new ServiceItem(Service->lpServiceName, bIsServiceEnabled, bIsRequired));
item.iItem = ListView_InsertItem(hServicesListCtrl, &item);
if (bIsRequired)
{
LPWSTR lpszYes = LoadResourceString(hInst, IDS_YES);
ListView_SetItemText(hServicesListCtrl, item.iItem, 1, lpszYes);
MemFree(lpszYes);
}
ListView_SetItemText(hServicesListCtrl, item.iItem, 2, lpszVendor);
LPWSTR lpszStatus = LoadResourceString(hInst, ((Service->ServiceStatusProcess.dwCurrentState == SERVICE_STOPPED) ? IDS_SERVICES_STATUS_STOPPED : IDS_SERVICES_STATUS_RUNNING));
ListView_SetItemText(hServicesListCtrl, item.iItem, 3, lpszStatus);
MemFree(lpszStatus);
if (!bIsServiceEnabled)
{
LPWSTR lpszUnknown = LoadResourceString(hInst, IDS_UNKNOWN);
LPWSTR lpszDisableDate = FormatDateTime(¶ms.time);
ListView_SetItemText(hServicesListCtrl, item.iItem, 4, (lpszDisableDate ? lpszDisableDate : lpszUnknown));
FreeDateTime(lpszDisableDate);
MemFree(lpszUnknown);
}
ListView_SetCheckState(hServicesListCtrl, item.iItem, (!bIsModifiedService ? bIsServiceEnabled : !bIsServiceEnabled));
}
}
MemFree(lpszVendor);
MemFree(lpServiceConfig);
CloseServiceHandle(hService);
return;
}
