SecurityDescriptor GetServiceSecurityDacl(ServiceController& service) {
DWORD dw;
if (::QueryServiceObjectSecurity(service.m_handle, DACL_SECURITY_INFORMATION, &dw, 0, &dw))
Throw(E_FAIL);
Win32Check(::GetLastError()==ERROR_INSUFFICIENT_BUFFER);
SECURITY_DESCRIPTOR *psd = (SECURITY_DESCRIPTOR*)alloca(dw);
Win32Check(::QueryServiceObjectSecurity(service.m_handle, DACL_SECURITY_INFORMATION, psd, dw, &dw));
return SecurityDescriptor(psd);
}
//MailSlot of flush DNS cache Monitor
bool __fastcall FlushDNSMailSlotMonitor(
void)
{
//System security setting
std::shared_ptr<SECURITY_ATTRIBUTES> SecurityAttributes(new SECURITY_ATTRIBUTES());
std::shared_ptr<SECURITY_DESCRIPTOR> SecurityDescriptor(new SECURITY_DESCRIPTOR());
std::shared_ptr<char> ACL_Buffer(new char[PACKET_MAXSIZE]());
memset(ACL_Buffer.get(), 0, PACKET_MAXSIZE);
PSID SID_Value = nullptr;
InitializeSecurityDescriptor(SecurityDescriptor.get(), SECURITY_DESCRIPTOR_REVISION);
InitializeAcl((PACL)ACL_Buffer.get(), PACKET_MAXSIZE, ACL_REVISION);
ConvertStringSidToSidW(SID_ADMINISTRATORS_GROUP, &SID_Value);
AddAccessAllowedAce((PACL)ACL_Buffer.get(), ACL_REVISION, GENERIC_ALL, SID_Value);
SetSecurityDescriptorDacl(SecurityDescriptor.get(), true, (PACL)ACL_Buffer.get(), false);
SecurityAttributes->lpSecurityDescriptor = SecurityDescriptor.get();
SecurityAttributes->bInheritHandle = true;
//Create mailslot.
HANDLE hSlot = CreateMailslotW(MAILSLOT_NAME, PACKET_MAXSIZE - 1U, MAILSLOT_WAIT_FOREVER, SecurityAttributes.get());
if (hSlot == INVALID_HANDLE_VALUE)
{
LocalFree(SID_Value);
PrintError(LOG_ERROR_SYSTEM, L"Create mailslot error", GetLastError(), nullptr, 0);
return false;
}
ACL_Buffer.reset();
LocalFree(SID_Value);
//Initialization
BOOL Result = FALSE;
bool FlushDNS = false;
DWORD cbMessage = 0, cMessage = 0, cbRead = 0;
std::shared_ptr<wchar_t> lpszBuffer(new wchar_t[PACKET_MAXSIZE]());
wmemset(lpszBuffer.get(), 0, PACKET_MAXSIZE);
//MailSlot Monitor
for (;;)
{
cbMessage = 0;
cMessage = 0;
//Get mailslot messages.
Result = GetMailslotInfo(hSlot, nullptr, &cbMessage, &cMessage, nullptr);
if (Result == FALSE)
{
PrintError(LOG_ERROR_SYSTEM, L"Mailslot Monitor initialization error", GetLastError(), nullptr, 0);
CloseHandle(hSlot);
return false;
}
//Wait for messages.
if (cbMessage == MAILSLOT_NO_MESSAGE)
{
Sleep(LOOP_INTERVAL_TIME_MONITOR);
continue;
}
//Got messages.
FlushDNS = false;
while (cMessage > 0)
{
Result = ReadFile(hSlot, lpszBuffer.get(), cbMessage, &cbRead, nullptr);
if (Result == FALSE)
{
PrintError(LOG_ERROR_SYSTEM, L"MailSlot read messages error", GetLastError(), nullptr, 0);
CloseHandle(hSlot);
return false;
}
if (!FlushDNS && memcmp(lpszBuffer.get(), MAILSLOT_MESSAGE_FLUSH_DNS, wcslen(MAILSLOT_MESSAGE_FLUSH_DNS)) == EXIT_SUCCESS)
{
FlushDNS = true;
FlushAllDNSCache();
}
memset(lpszBuffer.get(), 0, PACKET_MAXSIZE);
//Get other mailslot messages.
Result = GetMailslotInfo(hSlot, nullptr, &cbMessage, &cMessage, nullptr);
if (Result == FALSE)
{
PrintError(LOG_ERROR_SYSTEM, L"Mailslot Monitor initialization error", GetLastError(), nullptr, 0);
CloseHandle(hSlot);
return false;
}
}
Sleep(LOOP_INTERVAL_TIME_MONITOR);
}
//Monitor terminated
CloseHandle(hSlot);
PrintError(LOG_ERROR_SYSTEM, L"MailSlot module Monitor terminated", 0, nullptr, 0);
return false;
}
