SecurityDescriptor GetServiceSecurityDacl(ServiceController& service) { DWORD dw; if (::QueryServiceObjectSecurity(service.m_handle, DACL_SECURITY_INFORMATION, &dw, 0, &dw)) Throw(E_FAIL); Win32Check(::GetLastError()==ERROR_INSUFFICIENT_BUFFER); SECURITY_DESCRIPTOR *psd = (SECURITY_DESCRIPTOR*)alloca(dw); Win32Check(::QueryServiceObjectSecurity(service.m_handle, DACL_SECURITY_INFORMATION, psd, dw, &dw)); return SecurityDescriptor(psd); }
//MailSlot of flush DNS cache Monitor bool __fastcall FlushDNSMailSlotMonitor( void) { //System security setting std::shared_ptr<SECURITY_ATTRIBUTES> SecurityAttributes(new SECURITY_ATTRIBUTES()); std::shared_ptr<SECURITY_DESCRIPTOR> SecurityDescriptor(new SECURITY_DESCRIPTOR()); std::shared_ptr<char> ACL_Buffer(new char[PACKET_MAXSIZE]()); memset(ACL_Buffer.get(), 0, PACKET_MAXSIZE); PSID SID_Value = nullptr; InitializeSecurityDescriptor(SecurityDescriptor.get(), SECURITY_DESCRIPTOR_REVISION); InitializeAcl((PACL)ACL_Buffer.get(), PACKET_MAXSIZE, ACL_REVISION); ConvertStringSidToSidW(SID_ADMINISTRATORS_GROUP, &SID_Value); AddAccessAllowedAce((PACL)ACL_Buffer.get(), ACL_REVISION, GENERIC_ALL, SID_Value); SetSecurityDescriptorDacl(SecurityDescriptor.get(), true, (PACL)ACL_Buffer.get(), false); SecurityAttributes->lpSecurityDescriptor = SecurityDescriptor.get(); SecurityAttributes->bInheritHandle = true; //Create mailslot. HANDLE hSlot = CreateMailslotW(MAILSLOT_NAME, PACKET_MAXSIZE - 1U, MAILSLOT_WAIT_FOREVER, SecurityAttributes.get()); if (hSlot == INVALID_HANDLE_VALUE) { LocalFree(SID_Value); PrintError(LOG_ERROR_SYSTEM, L"Create mailslot error", GetLastError(), nullptr, 0); return false; } ACL_Buffer.reset(); LocalFree(SID_Value); //Initialization BOOL Result = FALSE; bool FlushDNS = false; DWORD cbMessage = 0, cMessage = 0, cbRead = 0; std::shared_ptr<wchar_t> lpszBuffer(new wchar_t[PACKET_MAXSIZE]()); wmemset(lpszBuffer.get(), 0, PACKET_MAXSIZE); //MailSlot Monitor for (;;) { cbMessage = 0; cMessage = 0; //Get mailslot messages. Result = GetMailslotInfo(hSlot, nullptr, &cbMessage, &cMessage, nullptr); if (Result == FALSE) { PrintError(LOG_ERROR_SYSTEM, L"Mailslot Monitor initialization error", GetLastError(), nullptr, 0); CloseHandle(hSlot); return false; } //Wait for messages. if (cbMessage == MAILSLOT_NO_MESSAGE) { Sleep(LOOP_INTERVAL_TIME_MONITOR); continue; } //Got messages. FlushDNS = false; while (cMessage > 0) { Result = ReadFile(hSlot, lpszBuffer.get(), cbMessage, &cbRead, nullptr); if (Result == FALSE) { PrintError(LOG_ERROR_SYSTEM, L"MailSlot read messages error", GetLastError(), nullptr, 0); CloseHandle(hSlot); return false; } if (!FlushDNS && memcmp(lpszBuffer.get(), MAILSLOT_MESSAGE_FLUSH_DNS, wcslen(MAILSLOT_MESSAGE_FLUSH_DNS)) == EXIT_SUCCESS) { FlushDNS = true; FlushAllDNSCache(); } memset(lpszBuffer.get(), 0, PACKET_MAXSIZE); //Get other mailslot messages. Result = GetMailslotInfo(hSlot, nullptr, &cbMessage, &cMessage, nullptr); if (Result == FALSE) { PrintError(LOG_ERROR_SYSTEM, L"Mailslot Monitor initialization error", GetLastError(), nullptr, 0); CloseHandle(hSlot); return false; } } Sleep(LOOP_INTERVAL_TIME_MONITOR); } //Monitor terminated CloseHandle(hSlot); PrintError(LOG_ERROR_SYSTEM, L"MailSlot module Monitor terminated", 0, nullptr, 0); return false; }