bool getsids(char **error) { #ifdef __clang__ #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wmissing-braces" #endif SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY; #ifdef __clang__ #pragma clang diagnostic pop #endif bool ret = false; *error = NULL; if (!usersid) { if ((usersid = get_user_sid()) == NULL) { *error = dupprintf("unable to construct SID for current user: %s", win_strerror(GetLastError())); goto cleanup; } } if (!worldsid) { if (!AllocateAndInitializeSid(&world_auth, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &worldsid)) { *error = dupprintf("unable to construct SID for world: %s", win_strerror(GetLastError())); goto cleanup; } } if (!networksid) { if (!AllocateAndInitializeSid(&nt_auth, 1, SECURITY_NETWORK_RID, 0, 0, 0, 0, 0, 0, 0, &networksid)) { *error = dupprintf("unable to construct SID for " "local same-user access only: %s", win_strerror(GetLastError())); goto cleanup; } } ret = true; cleanup: return ret; }
/* * Sets the receive mode of the interface. */ int pkt_set_rcv_mode (int mode) { struct { PACKET_OID_DATA oidData; DWORD filter; } oid; BOOL rc; const ADAPTER *adapter; if (!_pkt_inf) return (0); adapter = (const ADAPTER*) _pkt_inf->adapter; memset (&oid, 0, sizeof(oid)); oid.oidData.Oid = OID_GEN_CURRENT_PACKET_FILTER; oid.oidData.Length = sizeof(oid.filter); *(DWORD*)oid.oidData.Data = mode; rc = PacketRequest (adapter, TRUE, &oid.oidData); if (rc) _pkt_rxmode = mode; else _pkt_errno = GetLastError(); TCP_CONSOLE_MSG (2, ("pkt_set_rcv_mode(); mode 0x%02X, rc %d; %s\n", mode, rc, !rc ? win_strerror(GetLastError()) : "okay")); return (rc); }
/* * Canonize file and paths names. E.g. convert this: * g:\mingw32\bin\../lib/gcc/x86_64-w64-mingw32/4.8.1/include * into something more readable: * g:\mingw32\lib\gcc\x86_64-w64-mingw32\4.8.1\include * * I.e. turns 'path' into a fully-qualified path. * * Note: the 'path' doesn't have to exist. * assumes 'result' is at least '_MAX_PATH' characters long (if non-NULL). */ char *_fixpath (const char *path, char *result) { if (!path || !*path) { DEBUGF (1, "given a bogus 'path'\n"); errno = EINVAL; return (NULL); } if (!result) result = CALLOC (_MAX_PATH, 1); /* GetFullPathName() doesn't seems to handle * '/' in 'path'. Convert to '\\'. * Note: the 'result' file or path may not exists. * Use 'FILE_EXISTS()' to test. * * to-do: maybe use GetLongPathName()? */ path = slashify (path, '\\'); if (!GetFullPathName(path, _MAX_PATH, result, NULL)) { DEBUGF (2, "GetFullPathName(\"%s\") failed: %s\n", path, win_strerror(GetLastError())); _strlcpy (result, path, _MAX_PATH); } return (result); }
int getsids(char *error) { SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY; int ret; error=NULL; if (!usersid) { if ((usersid = get_user_sid()) == NULL) { error = dupprintf("unable to construct SID for current user: %s", win_strerror(GetLastError())); goto cleanup; } } if (!worldsid) { if (!AllocateAndInitializeSid(&world_auth, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &worldsid)) { error = dupprintf("unable to construct SID for world: %s", win_strerror(GetLastError())); goto cleanup; } } if (!networksid) { if (!AllocateAndInitializeSid(&nt_auth, 1, SECURITY_NETWORK_RID, 0, 0, 0, 0, 0, 0, 0, &networksid)) { error = dupprintf("unable to construct SID for " "local same-user access only: %s", win_strerror(GetLastError())); goto cleanup; } } ret=TRUE; cleanup: if (ret) { sfree(error); error = NULL; } return ret; }
int pkt_release (void) { ADAPTER *adapter; DWORD status = 1; if (!_pkt_inf || _watt_fatal_error) return (0); adapter = (ADAPTER*) _pkt_inf->adapter; TCP_CONSOLE_MSG (2, ("pkt_release(): adapter %08lX\n", (DWORD)adapter)); if (adapter && adapter != INVALID_HANDLE_VALUE) { /* Don't close the adapter before telling the thread about it. */ if (_pkt_inf->recv_thread) { FILETIME ctime, etime, ktime, utime; DWORD err = 0; _pkt_inf->stop_thread = TRUE; SetEvent (adapter->ReadEvent); Sleep (50); GetExitCodeThread (_pkt_inf->recv_thread, &status); if (status == STILL_ACTIVE) TCP_CONSOLE_MSG (2, ("pkt_release(): killing thread.\n")); else TCP_CONSOLE_MSG (2, ("pkt_release(): thread exit code %lu.\n", status)); if (!GetThreadTimes (_pkt_inf->recv_thread, &ctime, &etime, &ktime, &utime)) err = GetLastError(); TerminateThread (_pkt_inf->recv_thread, 1); CloseHandle (_pkt_inf->recv_thread); if (err) TCP_CONSOLE_MSG (2, (" GetThreadTime() %s, ", win_strerror(err))); TCP_CONSOLE_MSG (2, (" kernel time %.6fs, user time %.6fs\n", filetime_sec(&ktime), filetime_sec(&utime))); } PacketCloseAdapter (adapter); _pkt_inf->adapter = NULL; } DO_FREE (_pkt_inf->npf_buf); DO_FREE (_pkt_inf); PacketInitModule (FALSE, dump_file); if (dump_file) fclose (dump_file); dump_file = NULL; return (int) status; }
/* * NDIS has the annoying feature (?) of looping packets we send in * NDIS_PACKET_TYPE_ALL_LOCAL mode (the default?). Disable it, but * doesn't seem to have any effect yet. Maybe need to use a BPF filter? * * No need when using RXMODE_DEFAULT (9). */ static BOOL ndis_set_loopback (BOOL enable) { struct { PACKET_OID_DATA oidData; DWORD options; } oid; const ADAPTER *adapter; BOOL rc; DWORD options; DWORD gen_oid = OID_GEN_MAC_OPTIONS; DWORD opt_bit = NDIS_MAC_OPTION_NO_LOOPBACK; if (!_pkt_inf) return (FALSE); adapter = (const ADAPTER*) _pkt_inf->adapter; memset (&oid, 0, sizeof(oid)); oid.oidData.Oid = gen_oid; oid.oidData.Length = sizeof(oid.options); /* Get current MAC/protocol options */ rc = PacketRequest (adapter, FALSE, &oid.oidData); options = *(DWORD*) &oid.oidData.Data; TCP_CONSOLE_MSG (2, ("ndis_set_loopback(); rc %d, options 0x%02lX; %s\n", rc, options, !rc ? win_strerror(GetLastError()) : "okay")); if (enable) options &= ~opt_bit; else options |= opt_bit; /* Set it back */ memset (&oid, 0, sizeof(oid)); oid.oidData.Oid = gen_oid; oid.oidData.Length = sizeof(oid.options); *(DWORD*) &oid.oidData.Data = options; rc = PacketRequest (adapter, TRUE, &oid.oidData); TCP_CONSOLE_MSG (2, ("ndis_set_loopback(); rc %d; %s\n", rc, !rc ? win_strerror(GetLastError()) : "okay")); return (rc); }
/* * Return the MAC address. */ int pkt_get_addr (mac_address *eth) { mac_address mac; if (get_perm_mac_address(&mac)) { memcpy (eth, &mac, sizeof(*eth)); return (1); } TCP_CONSOLE_MSG (2, ("Failed to get our MAC address; %s\n", win_strerror(GetLastError()))); return (0); }
static void handle_sentdata(struct handle *h, int new_backlog) { Handle_Socket ps = (Handle_Socket) handle_get_privdata(h); if (new_backlog < 0) { /* Special case: this is actually reporting an error writing * to the underlying handle, and our input value is the error * code itself, negated. */ plug_closing(ps->plug, win_strerror(-new_backlog), -new_backlog, 0); return; } plug_sent(ps->plug, new_backlog); }
/* * Check if running under WOW64. */ BOOL is_wow64_active (void) { BOOL rc = FALSE; BOOL wow64 = FALSE; #if (IS_WIN64 == 0) typedef BOOL (WINAPI *func_IsWow64Process) (HANDLE proc, BOOL *wow64); func_IsWow64Process p_IsWow64Process; const char *dll = "kernel32.dll"; HANDLE hnd = LoadLibrary (dll); if (!hnd || hnd == INVALID_HANDLE_VALUE) { DEBUGF (1, "Failed to load %s; %s\n", dll, win_strerror(GetLastError())); return (rc); } p_IsWow64Process = (func_IsWow64Process) GetProcAddress (hnd, "IsWow64Process"); if (!p_IsWow64Process) { DEBUGF (1, "Failed to find \"p_IsWow64Process()\" in %s; %s\n", dll, win_strerror(GetLastError())); FreeLibrary (hnd); return (rc); } if (p_IsWow64Process) if ((*p_IsWow64Process) (GetCurrentProcess(), &wow64)) rc = wow64; FreeLibrary (hnd); #endif /* IS_WIN64 */ DEBUGF (2, "IsWow64Process(): rc: %d, wow64: %d.\n", rc, wow64); return (rc); }
void __redisSetError(redisContext *c, int type, const char *str) { size_t len; c->err = type; if (str != NULL) { len = strlen(str); len = len < (sizeof(c->errstr)-1) ? len : (sizeof(c->errstr)-1); memcpy(c->errstr,str,len); c->errstr[len] = '\0'; } else { /* Only REDIS_ERR_IO may lack a description! */ assert(type == REDIS_ERR_IO); #ifdef WIN32 win_strerror(errno,c->errstr,sizeof(c->errstr)); #else strerror_r(errno,c->errstr,sizeof(c->errstr)); #endif } }
void System::CheckError(const String& msg) { #ifdef VHWD_WINDOWS int ret=::GetLastError(); if(ret!=0) { System::LogTrace("%s failed, code(%d): %s",msg,ret,win_strerror(ret)); } #else int ret=errno; if(ret!=0) { System::LogTrace("%s failed, code(%d): %s",msg,ret,strerror(ret)); } #endif }
int platform_ssh_share(const char *pi_name, Conf *conf, Plug downplug, Plug upplug, Socket *sock, char **logtext, char **ds_err, char **us_err, int can_upstream, int can_downstream) { char *name, *mutexname, *pipename; HANDLE mutex; Socket retsock; PSECURITY_DESCRIPTOR psd; PACL acl; /* * Transform the platform-independent version of the connection * identifier into the obfuscated version we'll use for our * Windows named pipe and mutex. A side effect of doing this is * that it also eliminates any characters illegal in Windows pipe * names. */ name = obfuscate_name(pi_name); if (!name) { *logtext = dupprintf("Unable to call CryptProtectMemory: %s", win_strerror(GetLastError())); return SHARE_NONE; } /* * Make a mutex name out of the connection identifier, and lock it * while we decide whether to be upstream or downstream. */ { SECURITY_ATTRIBUTES sa; mutexname = make_name(CONNSHARE_MUTEX_PREFIX, name); if (!make_private_security_descriptor(MUTEX_ALL_ACCESS, &psd, &acl, logtext)) { sfree(mutexname); return SHARE_NONE; } memset(&sa, 0, sizeof(sa)); sa.nLength = sizeof(sa); sa.lpSecurityDescriptor = psd; sa.bInheritHandle = FALSE; mutex = CreateMutex(&sa, FALSE, mutexname); if (!mutex) { *logtext = dupprintf("CreateMutex(\"%s\") failed: %s", mutexname, win_strerror(GetLastError())); sfree(mutexname); LocalFree(psd); LocalFree(acl); return SHARE_NONE; } sfree(mutexname); LocalFree(psd); LocalFree(acl); WaitForSingleObject(mutex, INFINITE); } pipename = make_name(CONNSHARE_PIPE_PREFIX, name); *logtext = NULL; if (can_downstream) { retsock = new_named_pipe_client(pipename, downplug); if (sk_socket_error(retsock) == NULL) { sfree(*logtext); *logtext = pipename; *sock = retsock; sfree(name); ReleaseMutex(mutex); CloseHandle(mutex); return SHARE_DOWNSTREAM; } sfree(*ds_err); *ds_err = dupprintf("%s: %s", pipename, sk_socket_error(retsock)); sk_close(retsock); } if (can_upstream) { retsock = new_named_pipe_listener(pipename, upplug); if (sk_socket_error(retsock) == NULL) { sfree(*logtext); *logtext = pipename; *sock = retsock; sfree(name); ReleaseMutex(mutex); CloseHandle(mutex); return SHARE_UPSTREAM; } sfree(*us_err); *us_err = dupprintf("%s: %s", pipename, sk_socket_error(retsock)); sk_close(retsock); } /* One of the above clauses ought to have happened. */ assert(*logtext || *ds_err || *us_err); sfree(pipename); sfree(name); ReleaseMutex(mutex); CloseHandle(mutex); return SHARE_NONE; }
int make_private_security_descriptor(DWORD permissions, PSECURITY_DESCRIPTOR *psd, PACL *acl, char **error) { SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY; EXPLICIT_ACCESS ea[3]; int acl_err; int ret = FALSE; /* Initialised once, then kept around to reuse forever */ static PSID worldsid, networksid, usersid; *psd = NULL; *acl = NULL; *error = NULL; if (!got_advapi()) { *error = dupprintf("unable to load advapi32.dll"); goto cleanup; } if (!usersid) { if ((usersid = get_user_sid()) == NULL) { *error = dupprintf("unable to construct SID for current user: %s", win_strerror(GetLastError())); goto cleanup; } } if (!worldsid) { if (!AllocateAndInitializeSid(&world_auth, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &worldsid)) { *error = dupprintf("unable to construct SID for world: %s", win_strerror(GetLastError())); goto cleanup; } } if (!networksid) { if (!AllocateAndInitializeSid(&nt_auth, 1, SECURITY_NETWORK_RID, 0, 0, 0, 0, 0, 0, 0, &networksid)) { *error = dupprintf("unable to construct SID for " "local same-user access only: %s", win_strerror(GetLastError())); goto cleanup; } } memset(ea, 0, sizeof(ea)); ea[0].grfAccessPermissions = permissions; ea[0].grfAccessMode = REVOKE_ACCESS; ea[0].grfInheritance = NO_INHERITANCE; ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[0].Trustee.ptstrName = (LPTSTR)worldsid; ea[1].grfAccessPermissions = permissions; ea[1].grfAccessMode = GRANT_ACCESS; ea[1].grfInheritance = NO_INHERITANCE; ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[1].Trustee.ptstrName = (LPTSTR)usersid; ea[2].grfAccessPermissions = permissions; ea[2].grfAccessMode = REVOKE_ACCESS; ea[2].grfInheritance = NO_INHERITANCE; ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[2].Trustee.ptstrName = (LPTSTR)networksid; acl_err = p_SetEntriesInAclA(3, ea, NULL, acl); if (acl_err != ERROR_SUCCESS || *acl == NULL) { *error = dupprintf("unable to construct ACL: %s", win_strerror(acl_err)); goto cleanup; } *psd = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); if (!*psd) { *error = dupprintf("unable to allocate security descriptor: %s", win_strerror(GetLastError())); goto cleanup; } if (!InitializeSecurityDescriptor(*psd, SECURITY_DESCRIPTOR_REVISION)) { *error = dupprintf("unable to initialise security descriptor: %s", win_strerror(GetLastError())); goto cleanup; } if (!SetSecurityDescriptorDacl(*psd, TRUE, *acl, FALSE)) { *error = dupprintf("unable to set DACL in security descriptor: %s", win_strerror(GetLastError())); goto cleanup; } ret = TRUE; cleanup: if (!ret) { if (*psd) { LocalFree(*psd); *psd = NULL; } if (*acl) { LocalFree(*acl); *acl = NULL; } } else { sfree(*error); *error = NULL; } return ret; }
Socket new_named_pipe_client(const char *pipename, Plug plug) { HANDLE pipehandle; PSID usersid, pipeowner; PSECURITY_DESCRIPTOR psd; char *err; Socket ret; assert(strncmp(pipename, "\\\\.\\pipe\\", 9) == 0); assert(strchr(pipename + 9, '\\') == NULL); while (1) { pipehandle = CreateFile(pipename, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_FLAG_OVERLAPPED, NULL); if (pipehandle != INVALID_HANDLE_VALUE) break; if (GetLastError() != ERROR_PIPE_BUSY) { err = dupprintf("Unable to open named pipe '%s': %s", pipename, win_strerror(GetLastError())); ret = new_error_socket(err, plug); sfree(err); return ret; } /* * If we got ERROR_PIPE_BUSY, wait for the server to * create a new pipe instance. (Since the server is * expected to be winnps.c, which will do that immediately * after a previous connection is accepted, that shouldn't * take excessively long.) */ if (!WaitNamedPipe(pipename, NMPWAIT_USE_DEFAULT_WAIT)) { err = dupprintf("Error waiting for named pipe '%s': %s", pipename, win_strerror(GetLastError())); ret = new_error_socket(err, plug); sfree(err); return ret; } } if ((usersid = get_user_sid()) == NULL) { CloseHandle(pipehandle); err = dupprintf("Unable to get user SID"); ret = new_error_socket(err, plug); sfree(err); return ret; } if (p_GetSecurityInfo(pipehandle, SE_KERNEL_OBJECT, OWNER_SECURITY_INFORMATION, &pipeowner, NULL, NULL, NULL, &psd) != ERROR_SUCCESS) { err = dupprintf("Unable to get named pipe security information: %s", win_strerror(GetLastError())); ret = new_error_socket(err, plug); sfree(err); CloseHandle(pipehandle); return ret; } if (!EqualSid(pipeowner, usersid)) { err = dupprintf("Owner of named pipe '%s' is not us", pipename); ret = new_error_socket(err, plug); sfree(err); CloseHandle(pipehandle); LocalFree(psd); return ret; } LocalFree(psd); return make_handle_socket(pipehandle, pipehandle, NULL, plug, TRUE); }
/** * Initialise WinPcap and return our MAC address. */ int pkt_eth_init (mac_address *mac_addr) { struct { PACKET_OID_DATA oidData; char descr[512]; } oid; const ADAPTER *adapter = NULL; DWORD thread_id; BOOL is_up; if (_watt_is_win9x) /**< \todo Support Win-9x too */ { (*_printf) (_LANG("Win-NT or later reqired.\n")); _pkt_errno = PDERR_GEN_FAIL; return (WERR_ILL_DOSX); } if (!_watt_no_config || _watt_user_config_fn) parse_config_pass_1(); _pkt_inf = calloc (sizeof(*_pkt_inf), 1); if (!_pkt_inf) { (*_printf) (_LANG("Failed to allocate WinPcap DRIVER data.\n")); _pkt_errno = PDERR_GEN_FAIL; return (WERR_NO_MEM); } if (debug_on >= 2 && dump_fname[0]) dump_file = fopen_excl (ExpandVarStr(dump_fname), "w+t"); if (!PacketInitModule(TRUE, dump_file)) { (*_printf) (_LANG("Failed to initialise WinPcap.\n")); pkt_release(); _pkt_errno = PDERR_NO_DRIVER; return (WERR_PKT_ERROR); } if (!_pktdrvrname[0] && !find_adapter(_pktdrvrname,sizeof(_pktdrvrname))) { (*_printf) (_LANG("No WinPcap driver found.\n")); _pkt_errno = PDERR_NO_DRIVER; return (WERR_NO_DRIVER); } TCP_CONSOLE_MSG (2, ("device %s\n", _pktdrvrname)); adapter = PacketOpenAdapter (_pktdrvrname); if (!adapter) { if (debug_on > 0) (*_printf) (_LANG("PacketOpenAdapter (\"%s\") failed; %s\n"), _pktdrvrname, win_strerror(GetLastError())); pkt_release(); return (WERR_NO_DRIVER); } _pkt_inf->adapter = adapter; #if defined(USE_DYN_PACKET) _pkt_inf->adapter_info = NULL; #else _pkt_inf->adapter_info = PacketFindAdInfo (_pktdrvrname); #endif /* Query the NIC driver for the adapter description */ memset (&oid, 0, sizeof(oid)); oid.oidData.Oid = OID_GEN_VENDOR_DESCRIPTION; oid.oidData.Length = sizeof(oid.descr); if (PacketRequest (adapter, FALSE, &oid.oidData)) StrLcpy (_pktdrvr_descr, (char*)oid.oidData.Data, sizeof(_pktdrvr_descr)); else { (*_printf) (_LANG("PacketRequest() failed; %s\n"), win_strerror(GetLastError())); pkt_release(); return (WERR_PKT_ERROR); } if (!get_interface_type(&_pktdevclass)) { pkt_release(); return (WERR_PKT_ERROR); } if (get_connected_status(&is_up) && !is_up) (*_printf) (_LANG("Warning: the adapter %s is down\n"), _pktdrvrname); switch (_pktdevclass) { case PDCLASS_TOKEN: _pkt_ip_ofs = sizeof(tok_Header); break; case PDCLASS_ETHER: _pkt_ip_ofs = sizeof(eth_Header); break; case PDCLASS_FDDI: _pkt_ip_ofs = sizeof(fddi_Header); break; case PDCLASS_ARCNET: _pkt_ip_ofs = ARC_HDRLEN; break; default: pkt_release(); (*_printf) (_LANG("WinPcap-ERROR: Unsupported driver class %dh\n"), _pktdevclass); _pkt_errno = PDERR_NO_CLASS; return (WERR_PKT_ERROR); } if (!pkt_get_addr(mac_addr)) /* get our MAC address */ { pkt_release(); return (WERR_PKT_ERROR); } pktq_init (&_pkt_inf->pkt_queue, sizeof(_pkt_inf->rx_buf[0]), /* RX_SIZE */ DIM(_pkt_inf->rx_buf), /* RX_BUFS */ (char*)&_pkt_inf->rx_buf); _pkt_inf->npf_buf_size = RX_SIZE * pkt_num_rx_bufs; _pkt_inf->npf_buf = malloc (_pkt_inf->npf_buf_size); if (!_pkt_inf->npf_buf) { (*_printf) (_LANG("Failed to allocate %d byte Rx buffer.\n"), _pkt_inf->npf_buf_size); pkt_release(); _pkt_errno = PDERR_GEN_FAIL; return (WERR_NO_MEM); } PacketSetMode (adapter, PACKET_MODE_CAPT); PacketSetBuff (adapter, _pkt_inf->npf_buf_size); PacketSetMinToCopy (adapter, ETH_MIN); /* PacketReceivePacket() blocks until something is received */ PacketSetReadTimeout ((ADAPTER*)adapter, 0); /* Set Rx-mode forced via config. */ if (_pkt_forced_rxmode != -1) { _pkt_forced_rxmode &= 0xFFFF; /* clear bits not set via ARG_ATOX_W */ if (_pkt_forced_rxmode == 0 || /* check illegal bit-values */ (_pkt_forced_rxmode & 0x10) || (_pkt_forced_rxmode & 0x40) || (_pkt_forced_rxmode > 0x80)) { TCP_CONSOLE_MSG (0, ("Illegal Rx-mode (0x%02X) specified\n", _pkt_forced_rxmode)); _pkt_forced_rxmode = -1; } } if (pkt_get_rcv_mode()) _pkt_rxmode0 = _pkt_rxmode; if (_pkt_forced_rxmode != -1) pkt_set_rcv_mode (_pkt_forced_rxmode); else pkt_set_rcv_mode (RXMODE_DEFAULT); #if 1 _pkt_inf->recv_thread = CreateThread (NULL, 2048, pkt_recv_thread, NULL, 0, &thread_id); #else _pkt_inf->recv_thread = _beginthreadex (NULL, 2048, pkt_recv_thread, NULL, 0, &thread_id); #endif if (!_pkt_inf->recv_thread) { (*_printf) (_LANG("Failed to create receiver thread; %s\n"), win_strerror(GetLastError())); pkt_release(); _pkt_errno = PDERR_GEN_FAIL; return (WERR_PKT_ERROR); } if (thr_realtime) SetThreadPriority (_pkt_inf->recv_thread, THREAD_PRIORITY_TIME_CRITICAL); TCP_CONSOLE_MSG (2, ("capture thread-id %lu\n", thread_id)); #if defined(USE_DEBUG) if (debug_on >= 2) { (*_printf) ("link-details:\n"); show_link_details(); } #endif return (0); }
char * gai_strerror(int ecode) { return (win_strerror(ecode)); }
int setprocessacl(char *error) { EXPLICIT_ACCESS ea[2]; int acl_err; int ret=FALSE; PACL acl = NULL; static const nastyace=WRITE_DAC | WRITE_OWNER | PROCESS_CREATE_PROCESS | PROCESS_CREATE_THREAD | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION | PROCESS_SET_QUOTA | PROCESS_SET_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_SUSPEND_RESUME; if (!getsids(error)) goto cleanup; memset(ea, 0, sizeof(ea)); /* Everyone: deny */ ea[0].grfAccessPermissions = nastyace; ea[0].grfAccessMode = DENY_ACCESS; ea[0].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT; ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[0].Trustee.ptstrName = (LPTSTR)worldsid; /* User: user ace */ ea[1].grfAccessPermissions = ~nastyace & 0x1fff; ea[1].grfAccessMode = GRANT_ACCESS; ea[1].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT; ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[1].Trustee.ptstrName = (LPTSTR)usersid; acl_err = p_SetEntriesInAclA(2, ea, NULL, &acl); if (acl_err != ERROR_SUCCESS || acl == NULL) { error = dupprintf("unable to construct ACL: %s", win_strerror(acl_err)); goto cleanup; } if (ERROR_SUCCESS != p_SetSecurityInfo (GetCurrentProcess(), SE_KERNEL_OBJECT, OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION, usersid, NULL, acl, NULL)) { error=dupprintf("Unable to set process ACL: %s", win_strerror(GetLastError())); goto cleanup; } ret=TRUE; cleanup: if (!ret) { if (acl) { LocalFree(acl); acl = NULL; } } return ret; }
int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpszCmd, int nCmd) { STARTUPINFO sProcStartupInfo; PROCESS_INFORMATION sProcInformation; DWORD dwNewProcessAffinity; int argc, i, rv = 1; char **argv, *szProcCmdLine, *szLastErrorMsg; LPCTSTR lpProcWorkingDir = NULL; argv = CommandLineToArgvA(GetCommandLine(),&argc,&szProcCmdLine); if(argc < 2) { ErrorMsgBox("Usage : [-a affinity] [-d working_dir] -- <cmdline>", "Improper parameters"); goto beach; } for(i=1; i<argc; ++i) { if(strcmp(argv[i],"-a") == 0) { ++i; if(i >= argc) { ErrorMsgBox("No data after -a.","Improper parameters"); goto beach; } else if(sscanf_s(argv[i],"%8x",&dwNewProcessAffinity) != 1) { ErrorMsgBox("Improper affinity specification", "Improper parameters"); goto beach; } } else if(strcmp(argv[i],"-d") == 0) { ++i; if(i >= argc) { ErrorMsgBox("No data after -d.","Improper parameters"); goto beach; } else lpProcWorkingDir = argv[i]; } } /* prepare the STARTUPINFO structure. in our case, it is desired to hide * the window of the launched process. */ ZeroMemory(&sProcStartupInfo, sizeof(sProcStartupInfo)); sProcStartupInfo.cb = sizeof(sProcStartupInfo); sProcStartupInfo.dwFlags = STARTF_USESHOWWINDOW; sProcStartupInfo.wShowWindow = SW_HIDE; ZeroMemory(&sProcInformation, sizeof(sProcInformation)); /* create the process by specifying its commandline. the process is created * as a suspended one. it is later resumed with ResumeThread() after setting * its affinity. therefore, the process will not start its execution until * the desired affinity is set. */ if(CreateProcess(NULL, szProcCmdLine, NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, lpProcWorkingDir, &sProcStartupInfo, &sProcInformation) == 0) { szLastErrorMsg = win_strerror("CreateProcess()"); ErrorMsgBox(szLastErrorMsg, "WinAPI call failed"); HeapFree(GetProcessHeap(),0,szLastErrorMsg); return 1; } /* set the affinity mask for the process. */ if(SetProcessAffinityMask(sProcInformation.hProcess, dwNewProcessAffinity) == 0) { szLastErrorMsg = win_strerror("SetProcessAffinityMask()"); ErrorMsgBox(szLastErrorMsg, "WinAPI call failed"); HeapFree(GetProcessHeap(),0,szLastErrorMsg); if(TerminateProcess(sProcInformation.hProcess, 255) == 0) { szLastErrorMsg = win_strerror("TerminateProcess()"); ErrorMsgBox(szLastErrorMsg, "WinAPI call failed"); HeapFree(GetProcessHeap(),0,szLastErrorMsg); } goto beach2; } /* and resume (actually, start) its execution. */ if(ResumeThread(sProcInformation.hThread) == -1) { szLastErrorMsg = win_strerror("ResumeThread()"); ErrorMsgBox(szLastErrorMsg, "WinAPI call failed"); HeapFree(GetProcessHeap(),0,szLastErrorMsg); if(TerminateProcess(sProcInformation.hProcess, 255) == 0) { szLastErrorMsg = win_strerror("TerminateProcess()"); ErrorMsgBox(szLastErrorMsg, "WinAPI call failed"); HeapFree(GetProcessHeap(),0,szLastErrorMsg); } goto beach2; } /* process launched successfully. */ rv = 0; beach2: /* close handles to the created process and its main thread, and exit. */ CloseHandle(sProcInformation.hProcess); CloseHandle(sProcInformation.hThread); beach: HeapFree(GetProcessHeap(),0,argv); return rv; }
const char *winsock_error_string(int error) { /* * Error codes we know about and have historically had reasonably * sensible error messages for. */ switch (error) { case WSAEACCES: return "Network error: Permission denied"; case WSAEADDRINUSE: return "Network error: Address already in use"; case WSAEADDRNOTAVAIL: return "Network error: Cannot assign requested address"; case WSAEAFNOSUPPORT: return "Network error: Address family not supported by protocol family"; case WSAEALREADY: return "Network error: Operation already in progress"; case WSAECONNABORTED: return "Network error: Software caused connection abort"; case WSAECONNREFUSED: return "Network error: Connection refused"; case WSAECONNRESET: return "Network error: Connection reset by peer"; case WSAEDESTADDRREQ: return "Network error: Destination address required"; case WSAEFAULT: return "Network error: Bad address"; case WSAEHOSTDOWN: return "Network error: Host is down"; case WSAEHOSTUNREACH: return "Network error: No route to host"; case WSAEINPROGRESS: return "Network error: Operation now in progress"; case WSAEINTR: return "Network error: Interrupted function call"; case WSAEINVAL: return "Network error: Invalid argument"; case WSAEISCONN: return "Network error: Socket is already connected"; case WSAEMFILE: return "Network error: Too many open files"; case WSAEMSGSIZE: return "Network error: Message too long"; case WSAENETDOWN: return "Network error: Network is down"; case WSAENETRESET: return "Network error: Network dropped connection on reset"; case WSAENETUNREACH: return "Network error: Network is unreachable"; case WSAENOBUFS: return "Network error: No buffer space available"; case WSAENOPROTOOPT: return "Network error: Bad protocol option"; case WSAENOTCONN: return "Network error: Socket is not connected"; case WSAENOTSOCK: return "Network error: Socket operation on non-socket"; case WSAEOPNOTSUPP: return "Network error: Operation not supported"; case WSAEPFNOSUPPORT: return "Network error: Protocol family not supported"; case WSAEPROCLIM: return "Network error: Too many processes"; case WSAEPROTONOSUPPORT: return "Network error: Protocol not supported"; case WSAEPROTOTYPE: return "Network error: Protocol wrong type for socket"; case WSAESHUTDOWN: return "Network error: Cannot send after socket shutdown"; case WSAESOCKTNOSUPPORT: return "Network error: Socket type not supported"; case WSAETIMEDOUT: return "Network error: Connection timed out"; case WSAEWOULDBLOCK: return "Network error: Resource temporarily unavailable"; case WSAEDISCON: return "Network error: Graceful shutdown in progress"; } /* * Handle any other error code by delegating to win_strerror. */ return win_strerror(error); }
int make_private_security_descriptor(DWORD permissions, PSECURITY_DESCRIPTOR *psd, PACL *acl, char **error) { EXPLICIT_ACCESS ea[3]; int acl_err; int ret = FALSE; *psd = NULL; *acl = NULL; *error = NULL; if (!getsids(*error)) goto cleanup; memset(ea, 0, sizeof(ea)); ea[0].grfAccessPermissions = permissions; ea[0].grfAccessMode = REVOKE_ACCESS; ea[0].grfInheritance = NO_INHERITANCE; ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[0].Trustee.ptstrName = (LPTSTR)worldsid; ea[1].grfAccessPermissions = permissions; ea[1].grfAccessMode = GRANT_ACCESS; ea[1].grfInheritance = NO_INHERITANCE; ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[1].Trustee.ptstrName = (LPTSTR)usersid; ea[2].grfAccessPermissions = permissions; ea[2].grfAccessMode = REVOKE_ACCESS; ea[2].grfInheritance = NO_INHERITANCE; ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[2].Trustee.ptstrName = (LPTSTR)networksid; acl_err = p_SetEntriesInAclA(3, ea, NULL, acl); if (acl_err != ERROR_SUCCESS || *acl == NULL) { *error = dupprintf("unable to construct ACL: %s", win_strerror(acl_err)); goto cleanup; } *psd = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); if (!*psd) { *error = dupprintf("unable to allocate security descriptor: %s", win_strerror(GetLastError())); goto cleanup; } if (!InitializeSecurityDescriptor(*psd, SECURITY_DESCRIPTOR_REVISION)) { *error = dupprintf("unable to initialise security descriptor: %s", win_strerror(GetLastError())); goto cleanup; } if (!SetSecurityDescriptorOwner(*psd, usersid, FALSE)) { *error = dupprintf("unable to set owner in security descriptor: %s", win_strerror(GetLastError())); goto cleanup; } if (!SetSecurityDescriptorDacl(*psd, TRUE, *acl, FALSE)) { *error = dupprintf("unable to set DACL in security descriptor: %s", win_strerror(GetLastError())); goto cleanup; } ret = TRUE; cleanup: if (!ret) { if (*psd) { LocalFree(*psd); *psd = NULL; } if (*acl) { LocalFree(*acl); *acl = NULL; } } else { sfree(*error); *error = NULL; } return ret; }