BOOL
ResetEvent(
HANDLE hEvent
)
/*++
Routine Description:
The state of an event is set to the Not-Signaled state (FALSE) using
the ClearEvent function.
Once the event attains a state of Not-Signaled, any threads which
wait on the event block, awaiting the event to become Signaled. The
reset event service sets the event count to zero for the state of
the event.
Arguments:
hEvent - Supplies an open handle to an event object. The
handle must have EVENT_MODIFY_STATE access to the event.
Return Value:
TRUE - The operation was successful
FALSE/NULL - The operation failed. Extended error status is available
using GetLastError.
--*/
{
NTSTATUS Status;
Status = NtClearEvent(hEvent);
if ( NT_SUCCESS(Status) ) {
return TRUE;
}
else {
BaseSetLastNTError(Status);
return FALSE;
}
}
IHFSERVICE DWORD IHFAPI IHF_Cleanup()
{
BOOL result = false;
EnterCriticalSection(&cs);
if (running)
{
running = false;
HANDLE hRecvPipe = IthOpenPipe(recv_pipe,GENERIC_WRITE);
NtClose(hRecvPipe);
NtClearEvent(hPipeExist);
//delete cmdq;
delete man;
NtClose(hMutex);
NtClose(hPipeExist);
DeleteCriticalSection(&detach_cs);
result = true;
}
LeaveCriticalSection(&cs);
return result;
}
DWORD WINAPI CommandPipe(LPVOID lpThreadParameter)
{
DWORD command;
BYTE buff[0x400]={};
HANDLE hPipeExist;
hPipeExist=IthOpenEvent(exist);
IO_STATUS_BLOCK ios={0};
NTSTATUS status;
if (hPipeExist!=INVALID_HANDLE_VALUE)
while (running)
{
while (!live)
{
if (!running) goto _detach;
NtDelayExecution(0,&sleep_time);
}
status=NtReadFile(hCommand,0,0,0,&ios,buff,0x200,0,0);
if (status==STATUS_PIPE_BROKEN||
status==STATUS_PIPE_DISCONNECTED)
{
NtClearEvent(hPipeExist);
continue;
}
if (status==STATUS_PENDING)
{
NtWaitForSingleObject(hCommand,0,0);
switch (ios.Status)
{
case 0:
break;
case STATUS_PIPE_BROKEN:
case STATUS_PIPE_DISCONNECTED:
NtClearEvent(hPipeExist);
continue;
break;
default:
if (NtWaitForSingleObject(hDetach,0,&wait_time)==WAIT_OBJECT_0)
goto _detach;
}
}
if (ios.uInformation)
if (live)
{
command=*(DWORD*)buff;
switch(command)
{
case IHF_COMMAND_NEW_HOOK:
//IthBreak();
buff[ios.uInformation] = 0;
buff[ios.uInformation + 1] = 0;
NewHook(*(HookParam*)(buff+4),(LPWSTR)(buff + 4 + sizeof(HookParam)),0);
break;
case IHF_COMMAND_REMOVE_HOOK:
{
DWORD rm_addr=*(DWORD*)(buff+4);
HANDLE hRemoved=IthOpenEvent(L"ITH_REMOVE_HOOK");
TextHook* in=hookman;
int i;
for (i=0;i<current_hook;in++)
{
if (in->Address()) i++;
if (in->Address()==rm_addr) break;
}
if (in->Address())
in->ClearHook();
IthSetEvent(hRemoved);
NtClose(hRemoved);
break;
}
case IHF_COMMAND_MODIFY_HOOK:
{
DWORD rm_addr=*(DWORD*)(buff+4);
HANDLE hModify=IthOpenEvent(L"ITH_MODIFY_HOOK");
TextHook* in=hookman;
int i;
for (i=0;i<current_hook;in++)
{
if (in->Address()) i++;
if (in->Address()==rm_addr) break;
}
if (in->Address())
in->ModifyHook(*(HookParam*)(buff+4));
IthSetEvent(hModify);
NtClose(hModify);
break;
}
break;
case IHF_COMMAND_DETACH:
running=false;
live=false;
goto _detach;
default:
break;
}
}
}
_detach:
NtClose(hPipeExist);
NtClose(hCommand);
return 0;
}
NTSTATUS _ExitWindowsEx(
PCSR_THREAD pcsrt,
UINT dwFlags,
DWORD dwReserved)
{
BOOL fDoEndSession = FALSE;
LUID luidCaller;
NTSTATUS Status = STATUS_SUCCESS;
UNREFERENCED_PARAMETER(dwReserved);
if ((dwFlags & EWX_REBOOT) || (dwFlags & EWX_POWEROFF)) {
dwFlags |= EWX_SHUTDOWN;
}
/*
* Find out the callers sid. Only want to shutdown processes in the
* callers sid.
*/
if (!CsrImpersonateClient(NULL)) {
return STATUS_BAD_IMPERSONATION_LEVEL;
}
Status = CsrGetProcessLuid(NULL, &luidCaller);
if (!NT_SUCCESS(Status)) {
CsrRevertToSelf();
return Status;
}
try {
while (1) {
LARGE_INTEGER li;
LeaveCrit();
Status = NtUserSetInformationThread(
pcsrt->ThreadHandle,
UserThreadInitiateShutdown,
&dwFlags, sizeof(dwFlags));
EnterCrit();
switch (Status) {
case STATUS_PENDING:
/*
* The logoff/shutdown is in progress and nothing
* more needs to be done.
*/
goto fastexit;
case STATUS_RETRY:
/*
* Another logoff/shutdown is in progress and we need
* to cancel it so we can do an override.
*
* if someone else is trying to cancel shutdown, exit
*/
li.QuadPart = 0;
if (NtWaitForSingleObject(heventCancel, FALSE, &li) == 0) {
Status = STATUS_PENDING;
goto fastexit;
}
/*
* Cancel the old shutdown
*/
NtClearEvent(heventCancelled);
NtSetEvent(heventCancel, NULL);
/*
* Wait for the other guy to be cancelled
*/
LeaveCrit();
NtWaitForSingleObject(heventCancelled, FALSE, NULL);
EnterCrit();
/*
* This signals that we are no longer trying to cancel a
* shutdown
*/
NtClearEvent(heventCancel);
continue;
case STATUS_CANT_WAIT:
/*
* There is no notify window and the calling thread has
* windows that prevent this request from succeeding.
* The client handles this by starting another thread
* to recall ExitWindowsEx.
*/
goto fastexit;
default:
if (!NT_SUCCESS(Status))
goto fastexit;
}
break;
}
gdwFlags = dwFlags;
dwThreadEndSession = (DWORD)pcsrt->ClientId.UniqueThread;
fDoEndSession = TRUE;
/*
* Sometimes the console calls the dialog box when not in shutdown
* if now is one of those times cancel the dialog box.
*/
while (gcInternalDoEndTaskDialog > 0) {
LARGE_INTEGER li;
NtPulseEvent(heventCancel, NULL);
LeaveCrit();
li.QuadPart = (LONGLONG)-10000 * CMSSLEEP;
NtDelayExecution(FALSE, &li);
EnterCrit();
}
/*
* Call csr to loop through the processes shutting them down.
*/
LeaveCrit();
Status = CsrShutdownProcesses(&luidCaller, dwFlags);
NtUserSetInformationThread(
pcsrt->ThreadHandle,
UserThreadEndShutdown, &Status, sizeof(Status));
EnterCrit();
fastexit:;
} finally {
/*
* Only turn off dwThreadEndSession if this is the
* thread doing shutdown.
*/
if (fDoEndSession) {
dwThreadEndSession = 0;
NtSetEvent(heventCancelled, NULL);
}
}
CsrRevertToSelf();
return Status;
}
