BOOL IsWindowsOS(VOID) { // TODO? : // Load the "SystemRoot\System32\Config\SOFTWARE" hive and mount it, // then go to (SOFTWARE\\)Microsoft\\Windows NT\\CurrentVersion, // check the REG_SZ value "ProductName" and see whether it's "Windows" // or "ReactOS". One may also check the REG_SZ "CurrentVersion" value, // the REG_SZ "SystemRoot" and "PathName" values (what are the differences??). // // Optionally, looking at the SYSTEM hive, CurrentControlSet\\Control, // REG_SZ values "SystemBootDevice" (and "FirmwareBootDevice" ??)... // /* ReactOS reports as Windows NT 5.2 */ HKEY hKey = NULL; if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", 0, KEY_QUERY_VALUE, &hKey) == ERROR_SUCCESS) { LONG ret; DWORD dwType = 0, dwBufSize = 0; ret = RegQueryValueExW(hKey, L"ProductName", NULL, &dwType, NULL, &dwBufSize); if (ret == ERROR_SUCCESS && dwType == REG_SZ) { LPTSTR lpszProductName = (LPTSTR)MemAlloc(0, dwBufSize); RegQueryValueExW(hKey, L"ProductName", NULL, &dwType, (LPBYTE)lpszProductName, &dwBufSize); bIsWindowsOS = (FindSubStrI(lpszProductName, _T("Windows")) != NULL); MemFree(lpszProductName); } RegCloseKey(hKey); } return bIsWindowsOS; }
// // TODO: Instead of returning TRUE/FALSE, it would be nice to return // a flag indicating: // - whether the installation is actually valid; // - if it's broken or not (aka. needs for repair, or just upgrading). // static BOOLEAN IsValidNTOSInstallationByHandle( IN HANDLE SystemRootDirectory) { BOOLEAN Success = FALSE; PCWSTR PathName; USHORT i; UNICODE_STRING VendorName; WCHAR VendorNameBuffer[MAX_PATH]; /* Check for the existence of \SystemRoot\System32 */ PathName = L"System32\\"; if (!DoesPathExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } /* Check for the existence of \SystemRoot\System32\drivers */ PathName = L"System32\\drivers\\"; if (!DoesPathExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } /* Check for the existence of \SystemRoot\System32\config */ PathName = L"System32\\config\\"; if (!DoesPathExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } #if 0 /* * Check for the existence of SYSTEM and SOFTWARE hives in \SystemRoot\System32\config * (but we don't check here whether they are actually valid). */ PathName = L"System32\\config\\SYSTEM"; if (!DoesFileExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } PathName = L"System32\\config\\SOFTWARE"; if (!DoesFileExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } #endif RtlInitEmptyUnicodeString(&VendorName, VendorNameBuffer, sizeof(VendorNameBuffer)); /* Check for the existence of \SystemRoot\System32\ntoskrnl.exe and retrieves its vendor name */ PathName = L"System32\\ntoskrnl.exe"; Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &VendorName); if (!Success) DPRINT1("Kernel executable '%S' is either not a PE file, or does not have any vendor?\n", PathName); /* The kernel gives the OS its flavour */ if (Success) { for (i = 0; i < ARRAYSIZE(KnownVendors); ++i) { Success = !!FindSubStrI(VendorName.Buffer, KnownVendors[i]); if (Success) { /* We have found a correct vendor combination */ DPRINT1("IsValidNTOSInstallation: We've got an NTOS installation from %S !\n", KnownVendors[i]); break; } } } /* OPTIONAL: Check for the existence of \SystemRoot\System32\ntkrnlpa.exe */ /* Check for the existence of \SystemRoot\System32\ntdll.dll and retrieves its vendor name */ PathName = L"System32\\ntdll.dll"; Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &VendorName); if (!Success) DPRINT1("User-mode DLL '%S' is either not a PE file, or does not have any vendor?\n", PathName); if (Success) { for (i = 0; i < ARRAYSIZE(KnownVendors); ++i) { if (!!FindSubStrI(VendorName.Buffer, KnownVendors[i])) { /* We have found a correct vendor combination */ DPRINT1("IsValidNTOSInstallation: The user-mode DLL '%S' is from %S\n", PathName, KnownVendors[i]); break; } } } return Success; }
// // TODO: Instead of returning TRUE/FALSE, it would be nice to return // a flag indicating: // - whether the installation is actually valid; // - if it's broken or not (aka. needs for repair, or just upgrading). // static BOOLEAN IsValidNTOSInstallationByHandle( IN HANDLE SystemRootDirectory, OUT PUSHORT Machine OPTIONAL, OUT PUNICODE_STRING VendorName OPTIONAL) { BOOLEAN Success = FALSE; PCWSTR PathName; USHORT i; USHORT LocalMachine; UNICODE_STRING LocalVendorName; WCHAR VendorNameBuffer[MAX_PATH]; /* Check for VendorName validity */ if (VendorName->MaximumLength < sizeof(UNICODE_NULL)) { /* Don't use it, invalidate the pointer */ VendorName = NULL; } else { /* Zero it out */ *VendorName->Buffer = UNICODE_NULL; VendorName->Length = 0; } /* Check for the existence of \SystemRoot\System32 */ PathName = L"System32\\"; if (!DoesDirExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } /* Check for the existence of \SystemRoot\System32\drivers */ PathName = L"System32\\drivers\\"; if (!DoesDirExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } /* Check for the existence of \SystemRoot\System32\config */ PathName = L"System32\\config\\"; if (!DoesDirExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open directory '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } #if 0 /* * Check for the existence of SYSTEM and SOFTWARE hives in \SystemRoot\System32\config * (but we don't check here whether they are actually valid). */ PathName = L"System32\\config\\SYSTEM"; if (!DoesFileExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } PathName = L"System32\\config\\SOFTWARE"; if (!DoesFileExist(SystemRootDirectory, PathName)) { // DPRINT1("Failed to open file '%S', Status 0x%08lx\n", PathName, Status); return FALSE; } #endif RtlInitEmptyUnicodeString(&LocalVendorName, VendorNameBuffer, sizeof(VendorNameBuffer)); /* Check for the existence of \SystemRoot\System32\ntoskrnl.exe and retrieves its vendor name */ PathName = L"System32\\ntoskrnl.exe"; Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &LocalMachine, &LocalVendorName); if (!Success) DPRINT1("Kernel executable '%S' is either not a PE file, or does not have any vendor?\n", PathName); /* * The kernel gives the OS its flavour. If we failed due to the absence of * ntoskrnl.exe this might be due to the fact this particular installation * uses a custom kernel that has a different name, overridden in the boot * parameters. We then rely on the existence of ntdll.dll, which cannot be * renamed on a valid NT system. */ if (Success) { for (i = 0; i < ARRAYSIZE(KnownVendors); ++i) { Success = !!FindSubStrI(LocalVendorName.Buffer, KnownVendors[i]); if (Success) { /* We have found a correct vendor combination */ DPRINT("IsValidNTOSInstallation: We've got an NTOS installation from %S !\n", KnownVendors[i]); break; } } /* Return the target architecture */ if (Machine) { /* Copy the value and invalidate the pointer */ *Machine = LocalMachine; Machine = NULL; } /* Return the vendor name */ if (VendorName) { /* Copy the string and invalidate the pointer */ RtlCopyUnicodeString(VendorName, &LocalVendorName); VendorName = NULL; } } /* OPTIONAL: Check for the existence of \SystemRoot\System32\ntkrnlpa.exe */ /* Check for the existence of \SystemRoot\System32\ntdll.dll and retrieves its vendor name */ PathName = L"System32\\ntdll.dll"; Success = CheckForValidPEAndVendor(SystemRootDirectory, PathName, &LocalMachine, &LocalVendorName); if (!Success) DPRINT1("User-mode DLL '%S' is either not a PE file, or does not have any vendor?\n", PathName); if (Success) { for (i = 0; i < ARRAYSIZE(KnownVendors); ++i) { if (!!FindSubStrI(LocalVendorName.Buffer, KnownVendors[i])) { /* We have found a correct vendor combination */ DPRINT("IsValidNTOSInstallation: The user-mode DLL '%S' is from %S\n", PathName, KnownVendors[i]); break; } } /* Return the target architecture if not already obtained */ if (Machine) { /* Copy the value and invalidate the pointer */ *Machine = LocalMachine; Machine = NULL; } /* Return the vendor name if not already obtained */ if (VendorName) { /* Copy the string and invalidate the pointer */ RtlCopyUnicodeString(VendorName, &LocalVendorName); VendorName = NULL; } } return Success; }
static void AddService(SC_HANDLE hSCManager, LPENUM_SERVICE_STATUS_PROCESS Service, BOOL bHideOSVendorServices) { // // Retrieve a handle to the service. // SC_HANDLE hService = OpenServiceW(hSCManager, Service->lpServiceName, SERVICE_QUERY_CONFIG); if (hService == NULL) return; DWORD dwBytesNeeded = 0; QueryServiceConfigW(hService, NULL, 0, &dwBytesNeeded); // if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) LPQUERY_SERVICE_CONFIG lpServiceConfig = (LPQUERY_SERVICE_CONFIG)MemAlloc(0, dwBytesNeeded); if (!lpServiceConfig) { CloseServiceHandle(hService); return; } QueryServiceConfigW(hService, lpServiceConfig, dwBytesNeeded, &dwBytesNeeded); // // Get the service's vendor... // LPWSTR lpszVendor = NULL; { // Isolate only the executable path, without any arguments. // TODO: Correct at the level of CmdLineToArgv the potential bug when lpszFilename == NULL. #if 0 // Disabled until CmdLineToArgv is included unsigned int argc = 0; LPWSTR* argv = NULL; CmdLineToArgv(lpServiceConfig->lpBinaryPathName, &argc, &argv, L" \t"); if (argc >= 1 && argv[0]) lpszVendor = GetExecutableVendor(argv[0]); #else // Hackish solution taken from the original srvpage.c. // Will be removed after CmdLineToArgv is introduced. WCHAR FileName[MAX_PATH]; memset(&FileName, 0, sizeof(FileName)); if (wcscspn(lpServiceConfig->lpBinaryPathName, L"\"")) { wcsncpy(FileName, lpServiceConfig->lpBinaryPathName, wcscspn(lpServiceConfig->lpBinaryPathName, L" ") ); } else { wcscpy(FileName, lpServiceConfig->lpBinaryPathName); } lpszVendor = GetExecutableVendor(FileName); #endif if (!lpszVendor) lpszVendor = LoadResourceString(hInst, IDS_UNKNOWN); #if 0 MemFree(argv); #endif } // ...and display or not the Microsoft / ReactOS services. BOOL bContinue = TRUE; if (bHideOSVendorServices) { if (FindSubStrI(lpszVendor, bIsWindows ? IDS_MICROSOFT : IDS_REACTOS)) bContinue = FALSE; } if (bContinue) { BOOL bIsServiceEnabled = (lpServiceConfig->dwStartType != SERVICE_DISABLED); BOOL bAddServiceToList = FALSE; BOOL bIsModifiedService = FALSE; RegistryDisabledServiceItemParams params = {}; // // Try to look into the user modifications list... // POSITION it = userModificationsList.Find(Service->lpServiceName); if (it) { bAddServiceToList = TRUE; bIsModifiedService = TRUE; } // // ...if not found, try to find if the disabled service is in the registry. // if (!bAddServiceToList) { if (!bIsServiceEnabled) { QUERY_REGISTRY_KEYS_TABLE KeysQueryTable[2] = {}; KeysQueryTable[0].QueryRoutine = GetRegistryKeyedDisabledServicesQueryRoutine; KeysQueryTable[0].EntryContext = ¶ms; RegQueryRegistryKeys(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Shared Tools\\MSConfig\\services", KeysQueryTable, Service->lpServiceName); bAddServiceToList = params.bIsPresent; if (bIsWindows && bIsPreVistaOSVersion && !bAddServiceToList) { QUERY_REGISTRY_VALUES_TABLE ValuesQueryTable[2] = {}; ValuesQueryTable[0].QueryRoutine = GetRegistryValuedDisabledServicesQueryRoutine; ValuesQueryTable[0].EntryContext = ¶ms; RegQueryRegistryValues(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Shared Tools\\MSConfig\\services", ValuesQueryTable, Service->lpServiceName); bAddServiceToList = params.bIsPresent; } } else { bAddServiceToList = TRUE; } } if (bAddServiceToList) { // // Check if service is required by the system. // BOOL bIsRequired = FALSE; dwBytesNeeded = 0; QueryServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, NULL, 0, &dwBytesNeeded); // if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) LPSERVICE_FAILURE_ACTIONS lpServiceFailureActions = (LPSERVICE_FAILURE_ACTIONS)MemAlloc(0, dwBytesNeeded); if (!lpServiceFailureActions) { MemFree(lpszVendor); MemFree(lpServiceConfig); CloseServiceHandle(hService); return; } QueryServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, (LPBYTE)lpServiceFailureActions, dwBytesNeeded, &dwBytesNeeded); // In Microsoft's MSConfig, things are done just like that!! (extracted string values from msconfig.exe) if ( ( wcsicmp(Service->lpServiceName, L"rpcss" ) == 0 || wcsicmp(Service->lpServiceName, L"rpclocator") == 0 || wcsicmp(Service->lpServiceName, L"dcomlaunch") == 0 ) || ( lpServiceFailureActions && (lpServiceFailureActions->cActions >= 1) && (lpServiceFailureActions->lpsaActions[0].Type == SC_ACTION_REBOOT) ) ) // We add also this test, which corresponds to real life. { bIsRequired = TRUE; } MemFree(lpServiceFailureActions); // // Add the service into the list. // LVITEM item = {}; item.mask = LVIF_TEXT | LVIF_PARAM; item.pszText = Service->lpDisplayName; item.lParam = reinterpret_cast<LPARAM>(new ServiceItem(Service->lpServiceName, bIsServiceEnabled, bIsRequired)); item.iItem = ListView_InsertItem(hServicesListCtrl, &item); if (bIsRequired) { LPWSTR lpszYes = LoadResourceString(hInst, IDS_YES); ListView_SetItemText(hServicesListCtrl, item.iItem, 1, lpszYes); MemFree(lpszYes); } ListView_SetItemText(hServicesListCtrl, item.iItem, 2, lpszVendor); LPWSTR lpszStatus = LoadResourceString(hInst, ((Service->ServiceStatusProcess.dwCurrentState == SERVICE_STOPPED) ? IDS_SERVICES_STATUS_STOPPED : IDS_SERVICES_STATUS_RUNNING)); ListView_SetItemText(hServicesListCtrl, item.iItem, 3, lpszStatus); MemFree(lpszStatus); if (!bIsServiceEnabled) { LPWSTR lpszUnknown = LoadResourceString(hInst, IDS_UNKNOWN); LPWSTR lpszDisableDate = FormatDateTime(¶ms.time); ListView_SetItemText(hServicesListCtrl, item.iItem, 4, (lpszDisableDate ? lpszDisableDate : lpszUnknown)); FreeDateTime(lpszDisableDate); MemFree(lpszUnknown); } ListView_SetCheckState(hServicesListCtrl, item.iItem, (!bIsModifiedService ? bIsServiceEnabled : !bIsServiceEnabled)); } } MemFree(lpszVendor); MemFree(lpServiceConfig); CloseServiceHandle(hService); return; }