2020-08-11 02:27:04 +00:00
|
|
|
/*
|
|
|
|
Looking Glass - KVM FrameRelay (KVMFR) Client
|
|
|
|
Copyright (C) 2017-2020 Geoffrey McRae <geoff@hostfission.com>
|
|
|
|
https://looking-glass.hostfission.com
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify it under
|
|
|
|
the terms of the GNU General Public License as published by the Free Software
|
|
|
|
Foundation; either version 2 of the License, or (at your option) any later
|
|
|
|
version.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful, but WITHOUT ANY
|
|
|
|
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
|
|
PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License along with
|
|
|
|
this program; if not, write to the Free Software Foundation, Inc., 59 Temple
|
|
|
|
Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "interface/platform.h"
|
2020-10-18 15:49:15 +00:00
|
|
|
#include "common/ivshmem.h"
|
2021-01-15 01:03:38 +00:00
|
|
|
#include "service.h"
|
2020-08-11 02:27:04 +00:00
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdbool.h>
|
|
|
|
#include <stdarg.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <inttypes.h>
|
2021-01-15 02:19:52 +00:00
|
|
|
#include <time.h>
|
2020-08-11 02:27:04 +00:00
|
|
|
|
|
|
|
#include <windows.h>
|
|
|
|
#include <winsvc.h>
|
|
|
|
#include <psapi.h>
|
|
|
|
#include <sddl.h>
|
|
|
|
#include <userenv.h>
|
|
|
|
#include <wtsapi32.h>
|
|
|
|
|
2020-08-12 11:50:48 +00:00
|
|
|
#define SVCNAME "Looking Glass (host)"
|
2020-08-11 02:27:04 +00:00
|
|
|
#define SVC_ERROR ((DWORD)0xC0020001L)
|
|
|
|
|
2020-12-30 07:29:58 +00:00
|
|
|
/*
|
|
|
|
* Windows 10 provides this API via kernel32.dll as well as advapi32.dll and
|
|
|
|
* mingw opts for linking against the kernel32.dll version which is fine
|
|
|
|
* provided you don't intend to run this on earlier versions of windows. As such
|
|
|
|
* we need to lookup this method at runtime. */
|
|
|
|
typedef WINBOOL WINAPI (*CreateProcessAsUserA_t)(HANDLE hToken,
|
|
|
|
LPCSTR lpApplicationName,
|
|
|
|
LPSTR lpCommandLine,
|
|
|
|
LPSECURITY_ATTRIBUTES lpProcessAttributes,
|
|
|
|
LPSECURITY_ATTRIBUTES lpThreadAttributes,
|
|
|
|
WINBOOL bInheritHandles,
|
|
|
|
DWORD dwCreationFlags,
|
|
|
|
LPVOID lpEnvironment,
|
|
|
|
LPCSTR lpCurrentDirectory,
|
|
|
|
LPSTARTUPINFOA lpStartupInfo,
|
|
|
|
LPPROCESS_INFORMATION lpProcessInformation);
|
|
|
|
static CreateProcessAsUserA_t f_CreateProcessAsUserA = NULL;
|
|
|
|
|
2020-08-11 02:27:04 +00:00
|
|
|
struct Service
|
|
|
|
{
|
|
|
|
FILE * logFile;
|
2021-01-14 23:55:36 +00:00
|
|
|
bool running;
|
|
|
|
HANDLE process;
|
2020-08-11 02:27:04 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
struct Service service = { 0 };
|
|
|
|
|
2021-01-15 02:19:52 +00:00
|
|
|
char logTime[100];
|
|
|
|
|
|
|
|
char * currentTime()
|
|
|
|
{
|
|
|
|
time_t t = time(NULL);
|
|
|
|
strftime(logTime, sizeof logTime, "%Y-%m-%d %H:%M:%S", localtime(&t));
|
|
|
|
return logTime;
|
|
|
|
}
|
|
|
|
|
|
|
|
void doLogReal(const char * fmt, ...)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
|
|
|
va_list args;
|
|
|
|
va_start(args, fmt);
|
|
|
|
vfprintf(service.logFile, fmt, args);
|
|
|
|
va_end(args);
|
|
|
|
}
|
|
|
|
|
2021-01-15 02:19:52 +00:00
|
|
|
#define doLog(fmt, ...) doLogReal("[%s] " fmt, currentTime(), ##__VA_ARGS__)
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
static bool setupAPI(void)
|
2020-12-30 07:29:58 +00:00
|
|
|
{
|
|
|
|
/* first look in kernel32.dll */
|
|
|
|
HMODULE mod;
|
|
|
|
|
|
|
|
mod = GetModuleHandleA("kernel32.dll");
|
|
|
|
if (mod)
|
|
|
|
{
|
|
|
|
f_CreateProcessAsUserA = (CreateProcessAsUserA_t)
|
|
|
|
GetProcAddress(mod, "CreateProcessAsUserA");
|
|
|
|
if (f_CreateProcessAsUserA)
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
mod = GetModuleHandleA("advapi32.dll");
|
|
|
|
if (mod)
|
|
|
|
{
|
|
|
|
f_CreateProcessAsUserA = (CreateProcessAsUserA_t)
|
|
|
|
GetProcAddress(mod, "CreateProcessAsUserA");
|
|
|
|
if (f_CreateProcessAsUserA)
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
static void setupLogging(void)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
|
|
|
char tempPath[MAX_PATH+1];
|
|
|
|
GetTempPathA(sizeof(tempPath), tempPath);
|
|
|
|
int len = snprintf(NULL, 0, "%slooking-glass-host-service.txt", tempPath);
|
|
|
|
char * logFilePath = malloc(len + 1);
|
|
|
|
sprintf(logFilePath, "%slooking-glass-host-service.txt", tempPath);
|
|
|
|
service.logFile = fopen(logFilePath, "a+");
|
2021-01-24 22:29:50 +00:00
|
|
|
setbuf(service.logFile, NULL);
|
2020-08-11 02:27:04 +00:00
|
|
|
doLog("Startup\n");
|
|
|
|
}
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
static void finishLogging(void)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
|
|
|
doLog("Finished\n");
|
|
|
|
fclose(service.logFile);
|
|
|
|
}
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
void winerr(void)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
|
|
|
char buf[256];
|
|
|
|
FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
|
|
NULL, GetLastError(), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
|
|
|
|
buf, (sizeof(buf) / sizeof(char)), NULL);
|
|
|
|
doLog("0x%08lx - %s", GetLastError(), buf);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool enablePriv(const char * name)
|
|
|
|
{
|
|
|
|
HANDLE hToken;
|
|
|
|
LUID luid;
|
|
|
|
TOKEN_PRIVILEGES tp = { 0 };
|
|
|
|
|
|
|
|
if (!OpenProcessToken(GetCurrentProcess(),
|
|
|
|
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
|
|
|
|
{
|
|
|
|
doLog("failed to open the process\n");
|
|
|
|
winerr();
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!LookupPrivilegeValueA(NULL, name, &luid))
|
|
|
|
{
|
|
|
|
doLog("failed to lookup the privilege value\n");
|
|
|
|
winerr();
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
tp.PrivilegeCount = 1;
|
|
|
|
tp.Privileges[0].Luid = luid;
|
|
|
|
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
|
|
|
|
|
|
|
|
if (!AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), NULL,
|
|
|
|
NULL))
|
|
|
|
{
|
|
|
|
doLog("failed to adjust the token privilege\n");
|
|
|
|
winerr();
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)
|
|
|
|
{
|
|
|
|
doLog("the token doesn't have the specified privilege - %s\n", name);
|
|
|
|
winerr();
|
|
|
|
goto fail;
|
|
|
|
}
|
|
|
|
|
2021-01-15 03:40:12 +00:00
|
|
|
CloseHandle(hToken);
|
2020-08-11 02:27:04 +00:00
|
|
|
return true;
|
|
|
|
|
|
|
|
fail:
|
|
|
|
CloseHandle(hToken);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
HANDLE dupeSystemProcessToken(void)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
|
|
|
DWORD count = 0;
|
|
|
|
DWORD returned;
|
|
|
|
do
|
|
|
|
{
|
|
|
|
count += 512;
|
|
|
|
DWORD pids[count];
|
|
|
|
EnumProcesses(pids, count * sizeof(DWORD), &returned);
|
|
|
|
}
|
|
|
|
while(returned / sizeof(DWORD) == count);
|
|
|
|
|
|
|
|
DWORD pids[count];
|
|
|
|
EnumProcesses(pids, count * sizeof(DWORD), &returned);
|
|
|
|
returned /= sizeof(DWORD);
|
|
|
|
|
|
|
|
for(DWORD i = 0; i < returned; ++i)
|
|
|
|
{
|
|
|
|
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pids[i]);
|
|
|
|
if (!hProcess)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
HANDLE hToken;
|
|
|
|
if (!OpenProcessToken(hProcess,
|
|
|
|
TOKEN_QUERY | TOKEN_READ | TOKEN_IMPERSONATE | TOKEN_QUERY_SOURCE |
|
|
|
|
TOKEN_DUPLICATE | TOKEN_ASSIGN_PRIMARY | TOKEN_EXECUTE, &hToken))
|
|
|
|
goto err_proc;
|
|
|
|
|
|
|
|
DWORD tmp;
|
|
|
|
char userBuf[1024];
|
|
|
|
TOKEN_USER * user = (TOKEN_USER *)userBuf;
|
|
|
|
if (!GetTokenInformation(hToken, TokenUser, user, sizeof(userBuf), &tmp))
|
|
|
|
goto err_token;
|
|
|
|
|
|
|
|
CHAR * sid = NULL;
|
|
|
|
if (!ConvertSidToStringSidA(user->User.Sid, &sid))
|
|
|
|
goto err_token;
|
|
|
|
|
|
|
|
if (strcmp(sid, "S-1-5-18") == 0)
|
|
|
|
{
|
|
|
|
LocalFree(sid);
|
|
|
|
CloseHandle(hProcess);
|
|
|
|
|
|
|
|
// duplicate the token so we can use it
|
|
|
|
HANDLE hDupe = NULL;
|
|
|
|
if (!DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL, SecurityImpersonation,
|
|
|
|
TokenPrimary, &hDupe))
|
|
|
|
hDupe = NULL;
|
|
|
|
|
|
|
|
CloseHandle(hToken);
|
|
|
|
return hDupe;
|
|
|
|
}
|
|
|
|
|
|
|
|
LocalFree(sid);
|
|
|
|
err_token:
|
|
|
|
CloseHandle(hToken);
|
|
|
|
err_proc:
|
|
|
|
CloseHandle(hProcess);
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
void Launch(void)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
2021-01-14 23:55:36 +00:00
|
|
|
if (service.process)
|
|
|
|
{
|
|
|
|
CloseHandle(service.process);
|
|
|
|
service.process = NULL;
|
|
|
|
}
|
|
|
|
|
2020-12-30 07:29:58 +00:00
|
|
|
if (!setupAPI())
|
|
|
|
{
|
|
|
|
doLog("setupAPI failed\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-08-11 02:27:04 +00:00
|
|
|
if (!enablePriv(SE_DEBUG_NAME))
|
|
|
|
return;
|
|
|
|
|
|
|
|
HANDLE hToken = dupeSystemProcessToken();
|
|
|
|
if (!hToken)
|
|
|
|
{
|
|
|
|
doLog("failed to get the system process token\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
DWORD origSessionID, targetSessionID, returnedLen;
|
|
|
|
GetTokenInformation(hToken, TokenSessionId, &origSessionID,
|
|
|
|
sizeof(origSessionID), &returnedLen);
|
|
|
|
|
|
|
|
if (!enablePriv(SE_TCB_NAME))
|
|
|
|
goto fail_token;
|
|
|
|
|
2021-01-16 12:41:28 +00:00
|
|
|
targetSessionID = WTSGetActiveConsoleSessionId();
|
2020-08-11 02:27:04 +00:00
|
|
|
if (origSessionID != targetSessionID)
|
|
|
|
{
|
|
|
|
if (!SetTokenInformation(hToken, TokenSessionId,
|
|
|
|
&targetSessionID, sizeof(targetSessionID)))
|
|
|
|
{
|
|
|
|
doLog("failed to set interactive token\n");
|
|
|
|
winerr();
|
|
|
|
goto fail_token;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
LPVOID pEnvironment = NULL;
|
|
|
|
if (!CreateEnvironmentBlock(&pEnvironment, hToken, TRUE))
|
|
|
|
{
|
|
|
|
doLog("fail_tokened to create the envionment block\n");
|
|
|
|
winerr();
|
|
|
|
goto fail_token;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!enablePriv(SE_ASSIGNPRIMARYTOKEN_NAME))
|
|
|
|
goto fail_token;
|
|
|
|
|
|
|
|
if (!enablePriv(SE_INCREASE_QUOTA_NAME))
|
|
|
|
goto fail_token;
|
|
|
|
|
2020-08-11 07:37:40 +00:00
|
|
|
DWORD flags = CREATE_NEW_CONSOLE | HIGH_PRIORITY_CLASS;
|
2020-08-11 02:27:04 +00:00
|
|
|
if (!pEnvironment)
|
|
|
|
flags |= CREATE_UNICODE_ENVIRONMENT;
|
|
|
|
|
|
|
|
PROCESS_INFORMATION pi = {0};
|
|
|
|
STARTUPINFO si =
|
|
|
|
{
|
|
|
|
.cb = sizeof(STARTUPINFO),
|
|
|
|
.dwFlags = STARTF_USESHOWWINDOW,
|
|
|
|
.wShowWindow = SW_SHOW,
|
|
|
|
.lpDesktop = "WinSta0\\Default"
|
|
|
|
};
|
|
|
|
|
2020-12-30 07:29:58 +00:00
|
|
|
if (!f_CreateProcessAsUserA(
|
2020-08-11 02:27:04 +00:00
|
|
|
hToken,
|
[host] windows: avoid quoting issues with CreateProcessAsUserA
To quote MSDN documentation:
> The lpApplicationName parameter can be NULL, in which case the executable
> name must be the first white space–delimited string in lpCommandLine. If
> the executable or path name has a space in it, there is a risk that a
> different executable could be run because of the way the function parses
> spaces. The following example is dangerous because the function will
> attempt to run "Program.exe", if it exists, instead of "MyApp.exe".
>
> LPTSTR szCmdline[] = _tcsdup(TEXT("C:\\Program Files\\MyApp"));
> CreateProcessAsUser(hToken, NULL, szCmdline, /*...*/ );
>
> If a malicious user were to create an application called "Program.exe" on
> a system, any program that incorrectly calls CreateProcessAsUser using the
> Program Files directory will run this application instead of the intended
> application.
>
> To avoid this problem, do not pass NULL for lpApplicationName.
So instead, we pass the executable to lpApplicationName instead, which avoids
the issue. MSDN says:
> The lpCommandLine parameter can be NULL. In that case, the function uses
> the string pointed to by lpApplicationName as the command line.
This also avoids the strdup since lpApplicationName is LPCSTR unlike
lpCommandLine which is LPSTR.
2021-01-15 23:34:29 +00:00
|
|
|
os_getExecutable(),
|
2020-08-11 02:27:04 +00:00
|
|
|
NULL,
|
|
|
|
NULL,
|
|
|
|
NULL,
|
|
|
|
TRUE,
|
|
|
|
flags,
|
|
|
|
NULL,
|
|
|
|
os_getDataPath(),
|
|
|
|
&si,
|
|
|
|
&pi
|
|
|
|
))
|
|
|
|
{
|
2020-08-12 10:54:20 +00:00
|
|
|
service.running = false;
|
2020-08-11 02:27:04 +00:00
|
|
|
doLog("failed to launch\n");
|
|
|
|
winerr();
|
[host] windows: avoid quoting issues with CreateProcessAsUserA
To quote MSDN documentation:
> The lpApplicationName parameter can be NULL, in which case the executable
> name must be the first white space–delimited string in lpCommandLine. If
> the executable or path name has a space in it, there is a risk that a
> different executable could be run because of the way the function parses
> spaces. The following example is dangerous because the function will
> attempt to run "Program.exe", if it exists, instead of "MyApp.exe".
>
> LPTSTR szCmdline[] = _tcsdup(TEXT("C:\\Program Files\\MyApp"));
> CreateProcessAsUser(hToken, NULL, szCmdline, /*...*/ );
>
> If a malicious user were to create an application called "Program.exe" on
> a system, any program that incorrectly calls CreateProcessAsUser using the
> Program Files directory will run this application instead of the intended
> application.
>
> To avoid this problem, do not pass NULL for lpApplicationName.
So instead, we pass the executable to lpApplicationName instead, which avoids
the issue. MSDN says:
> The lpCommandLine parameter can be NULL. In that case, the function uses
> the string pointed to by lpApplicationName as the command line.
This also avoids the strdup since lpApplicationName is LPCSTR unlike
lpCommandLine which is LPSTR.
2021-01-15 23:34:29 +00:00
|
|
|
goto fail_token;
|
2020-08-11 02:27:04 +00:00
|
|
|
}
|
|
|
|
|
2021-01-14 22:38:02 +00:00
|
|
|
CloseHandle(pi.hThread);
|
2021-01-14 23:55:36 +00:00
|
|
|
service.process = pi.hProcess;
|
|
|
|
service.running = true;
|
2020-08-12 10:54:20 +00:00
|
|
|
|
2020-08-11 02:27:04 +00:00
|
|
|
fail_token:
|
|
|
|
CloseHandle(hToken);
|
|
|
|
}
|
|
|
|
|
|
|
|
VOID SvcReportEvent(LPTSTR szFunction)
|
|
|
|
{
|
|
|
|
HANDLE hEventSource;
|
|
|
|
LPCTSTR lpszStrings[2];
|
|
|
|
TCHAR Buffer[80];
|
|
|
|
|
|
|
|
hEventSource = RegisterEventSource(NULL, SVCNAME);
|
|
|
|
|
|
|
|
if (hEventSource)
|
|
|
|
{
|
|
|
|
snprintf(Buffer, sizeof(Buffer), "%s failed with 0x%lx", szFunction, GetLastError());
|
|
|
|
|
|
|
|
lpszStrings[0] = SVCNAME;
|
|
|
|
lpszStrings[1] = Buffer;
|
|
|
|
|
|
|
|
ReportEvent(hEventSource, // event log handle
|
|
|
|
EVENTLOG_ERROR_TYPE, // event type
|
|
|
|
0, // event category
|
|
|
|
SVC_ERROR, // event identifier
|
|
|
|
NULL, // no security identifier
|
|
|
|
2, // size of lpszStrings array
|
|
|
|
0, // no binary data
|
|
|
|
lpszStrings, // array of strings
|
|
|
|
NULL); // no binary data
|
|
|
|
|
|
|
|
DeregisterEventSource(hEventSource);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
void Install(void)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
|
|
|
TCHAR szPath[MAX_PATH];
|
|
|
|
|
|
|
|
SC_HANDLE schSCManager;
|
|
|
|
SC_HANDLE schService;
|
|
|
|
|
|
|
|
if (!GetModuleFileName(NULL, szPath, MAX_PATH))
|
|
|
|
{
|
|
|
|
doLog("Cannot install service (0x%lx)\n", GetLastError());
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get a handle to the SCM database.
|
|
|
|
|
|
|
|
schSCManager = OpenSCManager(
|
|
|
|
NULL, // local computer
|
|
|
|
NULL, // ServicesActive database
|
|
|
|
SC_MANAGER_ALL_ACCESS); // full access rights
|
|
|
|
|
|
|
|
if (NULL == schSCManager)
|
|
|
|
{
|
|
|
|
doLog("OpenSCManager failed (0x%lx)\n", GetLastError());
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create the service
|
|
|
|
|
|
|
|
schService = CreateService(
|
|
|
|
schSCManager, // SCM database
|
|
|
|
SVCNAME, // name of service
|
|
|
|
SVCNAME, // service name to display
|
|
|
|
SERVICE_ALL_ACCESS, // desired access
|
|
|
|
SERVICE_WIN32_OWN_PROCESS, // service type
|
|
|
|
SERVICE_AUTO_START, // start type
|
|
|
|
SERVICE_ERROR_NORMAL, // error control type
|
|
|
|
os_getExecutable(), // path to service's binary
|
|
|
|
NULL, // no load ordering group
|
|
|
|
NULL, // no tag identifier
|
|
|
|
NULL, // no dependencies
|
|
|
|
NULL, // LocalSystem account
|
|
|
|
NULL); // no password
|
|
|
|
|
|
|
|
if (schService == NULL)
|
|
|
|
{
|
|
|
|
doLog("CreateService failed (0x%lx)\n", GetLastError());
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
doLog("Service installed successfully\n");
|
|
|
|
|
2020-08-12 10:54:20 +00:00
|
|
|
// Start the service
|
|
|
|
doLog("Starting the service\n");
|
|
|
|
StartService(schService, 0, NULL);
|
|
|
|
|
|
|
|
SERVICE_STATUS_PROCESS ssp;
|
|
|
|
DWORD dwBytesNeeded;
|
|
|
|
if (!QueryServiceStatusEx(schService, SC_STATUS_PROCESS_INFO,
|
|
|
|
(LPBYTE)&ssp, sizeof(SERVICE_STATUS_PROCESS), &dwBytesNeeded))
|
|
|
|
{
|
|
|
|
doLog("QueryServiceStatusEx failed (0x%lx)\n", GetLastError());
|
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
while (ssp.dwCurrentState == SERVICE_START_PENDING)
|
|
|
|
{
|
|
|
|
DWORD dwWaitTime = ssp.dwWaitHint / 10;
|
|
|
|
if(dwWaitTime < 1000)
|
|
|
|
dwWaitTime = 1000;
|
|
|
|
else if (dwWaitTime > 10000)
|
|
|
|
dwWaitTime = 10000;
|
|
|
|
|
|
|
|
Sleep(dwWaitTime);
|
|
|
|
|
|
|
|
if (!QueryServiceStatusEx(schService, SC_STATUS_PROCESS_INFO,
|
|
|
|
(LPBYTE)&ssp, sizeof(SERVICE_STATUS_PROCESS), &dwBytesNeeded))
|
|
|
|
{
|
|
|
|
doLog("QueryServiceStatusEx failed (0x%lx)\n", GetLastError());
|
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ssp.dwCurrentState != SERVICE_RUNNING)
|
|
|
|
doLog("Failed to start the service.\n");
|
|
|
|
else
|
|
|
|
doLog("Service started.\n");
|
|
|
|
|
2020-08-11 02:27:04 +00:00
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
}
|
|
|
|
|
2021-01-14 06:05:26 +00:00
|
|
|
void Uninstall(void)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
|
|
|
SC_HANDLE schSCManager;
|
|
|
|
SC_HANDLE schService;
|
|
|
|
|
|
|
|
schSCManager = OpenSCManager(
|
|
|
|
NULL, // local computer
|
|
|
|
NULL, // ServicesActive database
|
|
|
|
SC_MANAGER_ALL_ACCESS); // full access rights
|
|
|
|
|
|
|
|
if (NULL == schSCManager)
|
|
|
|
{
|
|
|
|
doLog("OpenSCManager failed (0x%lx)\n", GetLastError());
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-08-12 10:54:20 +00:00
|
|
|
schService = OpenService(schSCManager, SVCNAME,
|
|
|
|
SERVICE_STOP | SERVICE_QUERY_STATUS | DELETE);
|
|
|
|
|
2020-08-11 02:27:04 +00:00
|
|
|
if (!schService)
|
|
|
|
{
|
|
|
|
doLog("OpenService failed (0x%lx)\n", GetLastError());
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-08-12 10:54:20 +00:00
|
|
|
SERVICE_STATUS_PROCESS ssp;
|
|
|
|
DWORD dwBytesNeeded;
|
|
|
|
if (!QueryServiceStatusEx(schService, SC_STATUS_PROCESS_INFO,
|
|
|
|
(LPBYTE)&ssp, sizeof(SERVICE_STATUS_PROCESS), &dwBytesNeeded))
|
|
|
|
{
|
|
|
|
doLog("QueryServiceStatusEx failed (0x%lx)\n", GetLastError());
|
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool stop = false;
|
|
|
|
if (ssp.dwCurrentState == SERVICE_RUNNING)
|
|
|
|
{
|
|
|
|
stop = true;
|
|
|
|
doLog("Stopping the service...\n");
|
|
|
|
SERVICE_STATUS status;
|
|
|
|
if (!ControlService(schService, SERVICE_CONTROL_STOP, &status))
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
2020-08-12 10:54:20 +00:00
|
|
|
doLog("ControlService failed (%0xlx)\n", GetLastError());
|
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
2020-08-11 02:27:04 +00:00
|
|
|
}
|
|
|
|
|
2020-08-12 10:54:20 +00:00
|
|
|
ssp.dwCurrentState = SERVICE_STOP_PENDING;
|
|
|
|
}
|
|
|
|
|
|
|
|
while(ssp.dwCurrentState == SERVICE_STOP_PENDING)
|
|
|
|
{
|
|
|
|
DWORD dwWaitTime = ssp.dwWaitHint / 10;
|
|
|
|
if(dwWaitTime < 1000)
|
|
|
|
dwWaitTime = 1000;
|
|
|
|
else if (dwWaitTime > 10000)
|
|
|
|
dwWaitTime = 10000;
|
|
|
|
|
|
|
|
Sleep(dwWaitTime);
|
|
|
|
|
|
|
|
if (!QueryServiceStatusEx(schService, SC_STATUS_PROCESS_INFO,
|
|
|
|
(LPBYTE)&ssp, sizeof(SERVICE_STATUS_PROCESS), &dwBytesNeeded))
|
|
|
|
{
|
|
|
|
doLog("QueryServiceStatusEx failed (0x%lx)\n", GetLastError());
|
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ssp.dwCurrentState != SERVICE_STOPPED)
|
|
|
|
{
|
|
|
|
doLog("Failed to stop the service");
|
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (stop)
|
|
|
|
doLog("Service stopped.\n");
|
|
|
|
|
2020-08-11 02:27:04 +00:00
|
|
|
if (!DeleteService(schService))
|
|
|
|
{
|
|
|
|
doLog("DeleteService failed (0x%lx)\n", GetLastError());
|
2020-08-12 10:54:20 +00:00
|
|
|
CloseServiceHandle(schService);
|
2020-08-11 02:27:04 +00:00
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2020-08-12 10:54:20 +00:00
|
|
|
doLog("Service removed.\n");
|
2020-08-11 02:27:04 +00:00
|
|
|
CloseServiceHandle(schService);
|
|
|
|
CloseServiceHandle(schSCManager);
|
|
|
|
}
|
|
|
|
|
|
|
|
SERVICE_STATUS gSvcStatus;
|
|
|
|
SERVICE_STATUS_HANDLE gSvcStatusHandle;
|
|
|
|
HANDLE ghSvcStopEvent = NULL;
|
|
|
|
|
|
|
|
void ReportSvcStatus(DWORD dwCurrentState, DWORD dwWin32ExitCode,
|
|
|
|
DWORD dwWaitHint)
|
|
|
|
{
|
|
|
|
static DWORD dwCheckPoint = 1;
|
|
|
|
|
|
|
|
gSvcStatus.dwCurrentState = dwCurrentState;
|
|
|
|
gSvcStatus.dwWin32ExitCode = dwWin32ExitCode;
|
|
|
|
gSvcStatus.dwWaitHint = dwWaitHint;
|
|
|
|
|
|
|
|
if (dwCurrentState == SERVICE_START_PENDING)
|
|
|
|
gSvcStatus.dwControlsAccepted = 0;
|
|
|
|
else
|
|
|
|
gSvcStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP;
|
|
|
|
|
|
|
|
if ((dwCurrentState == SERVICE_RUNNING) || (dwCurrentState == SERVICE_STOPPED))
|
|
|
|
gSvcStatus.dwCheckPoint = 0;
|
|
|
|
else
|
|
|
|
gSvcStatus.dwCheckPoint = dwCheckPoint++;
|
|
|
|
|
|
|
|
SetServiceStatus(gSvcStatusHandle, &gSvcStatus);
|
|
|
|
}
|
|
|
|
|
|
|
|
VOID WINAPI SvcCtrlHandler(DWORD dwControl)
|
|
|
|
{
|
|
|
|
switch(dwControl)
|
|
|
|
{
|
|
|
|
case SERVICE_CONTROL_STOP:
|
|
|
|
ReportSvcStatus(SERVICE_STOP_PENDING, NO_ERROR, 0);
|
|
|
|
SetEvent(ghSvcStopEvent);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case SERVICE_CONTROL_INTERROGATE:
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
ReportSvcStatus(gSvcStatus.dwCurrentState, NO_ERROR, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
VOID WINAPI SvcMain(DWORD dwArgc, LPTSTR *lpszArgv)
|
|
|
|
{
|
|
|
|
gSvcStatusHandle = RegisterServiceCtrlHandler(SVCNAME, SvcCtrlHandler);
|
|
|
|
|
|
|
|
gSvcStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
|
|
|
|
gSvcStatus.dwServiceSpecificExitCode = 0;
|
|
|
|
|
|
|
|
ReportSvcStatus(SERVICE_START_PENDING, NO_ERROR, 0);
|
|
|
|
|
|
|
|
ghSvcStopEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
|
|
|
|
if (!ghSvcStopEvent)
|
|
|
|
{
|
|
|
|
ReportSvcStatus(SERVICE_STOPPED, NO_ERROR, 0);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
setupLogging();
|
|
|
|
|
2020-10-18 15:49:15 +00:00
|
|
|
/* check if the ivshmem device exists */
|
|
|
|
struct IVSHMEM shmDev = { 0 };
|
2020-10-18 16:01:35 +00:00
|
|
|
ivshmemOptionsInit();
|
2020-10-18 15:49:15 +00:00
|
|
|
if (!ivshmemInit(&shmDev))
|
|
|
|
{
|
|
|
|
doLog("Unable to find the IVSHMEM device, terminating the service\n");
|
|
|
|
goto shutdown;
|
|
|
|
}
|
|
|
|
ivshmemFree(&shmDev);
|
|
|
|
|
2020-08-11 02:27:04 +00:00
|
|
|
ReportSvcStatus(SERVICE_RUNNING, NO_ERROR, 0);
|
|
|
|
while(1)
|
|
|
|
{
|
2021-01-14 23:55:36 +00:00
|
|
|
ULONGLONG launchTime;
|
|
|
|
|
2021-01-16 12:41:28 +00:00
|
|
|
DWORD interactiveSession = WTSGetActiveConsoleSessionId();
|
|
|
|
if (interactiveSession != 0 && interactiveSession != 0xFFFFFFFF)
|
2020-08-11 02:27:04 +00:00
|
|
|
{
|
2021-01-14 23:55:36 +00:00
|
|
|
Launch();
|
|
|
|
launchTime = GetTickCount64();
|
2020-08-11 02:27:04 +00:00
|
|
|
}
|
|
|
|
|
2021-01-14 23:55:36 +00:00
|
|
|
HANDLE waitOn[] = { ghSvcStopEvent, service.process };
|
|
|
|
DWORD count = 2;
|
|
|
|
DWORD duration = INFINITE;
|
|
|
|
|
|
|
|
if (!service.running)
|
2020-08-11 05:21:42 +00:00
|
|
|
{
|
2021-01-14 23:55:36 +00:00
|
|
|
// If the service is running, wait only on ghSvcStopEvent and prepare to restart in one second.
|
|
|
|
count = 1;
|
|
|
|
duration = 1000;
|
2020-08-11 05:21:42 +00:00
|
|
|
}
|
2020-08-11 02:27:04 +00:00
|
|
|
|
2021-01-14 23:55:36 +00:00
|
|
|
switch (WaitForMultipleObjects(count, waitOn, FALSE, duration))
|
|
|
|
{
|
|
|
|
case WAIT_OBJECT_0:
|
|
|
|
goto stopped;
|
2021-01-15 01:03:38 +00:00
|
|
|
|
2021-01-14 23:55:36 +00:00
|
|
|
case WAIT_OBJECT_0 + 1:
|
|
|
|
{
|
2021-01-15 01:03:38 +00:00
|
|
|
service.running = false;
|
|
|
|
|
2021-01-14 23:55:36 +00:00
|
|
|
DWORD code;
|
2021-01-15 01:03:38 +00:00
|
|
|
if (!GetExitCodeProcess(service.process, &code))
|
2021-01-14 23:55:36 +00:00
|
|
|
doLog("Failed to GetExitCodeProcess (0x%lx)\n", GetLastError());
|
2021-01-15 01:03:38 +00:00
|
|
|
else
|
|
|
|
{
|
|
|
|
doLog("Host application exited with code 0x%lx\n", code);
|
|
|
|
switch (code)
|
|
|
|
{
|
|
|
|
case LG_HOST_EXIT_USER:
|
|
|
|
doLog("Host application exited due to user action\n");
|
|
|
|
goto stopped;
|
|
|
|
|
|
|
|
case LG_HOST_EXIT_CAPTURE:
|
|
|
|
doLog("Host application exited due to capture error; restarting\n");
|
|
|
|
break;
|
|
|
|
|
|
|
|
case LG_HOST_EXIT_KILLED:
|
|
|
|
doLog("Host application was killed; restarting\n");
|
|
|
|
break;
|
|
|
|
|
|
|
|
case LG_HOST_EXIT_FAILED:
|
|
|
|
doLog("Host application failed to start; will not restart\n");
|
|
|
|
goto stopped;
|
|
|
|
|
|
|
|
default:
|
|
|
|
doLog("Host application failed due to unknown error; restarting\n");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2021-01-14 23:55:36 +00:00
|
|
|
|
|
|
|
// avoid restarting too often
|
|
|
|
if (GetTickCount64() - launchTime < 1000)
|
2021-01-16 12:48:06 +00:00
|
|
|
Sleep(1000);
|
2021-01-14 23:55:36 +00:00
|
|
|
break;
|
|
|
|
}
|
2021-01-15 01:03:38 +00:00
|
|
|
|
2021-01-14 23:55:36 +00:00
|
|
|
case WAIT_FAILED:
|
|
|
|
doLog("Failed to WaitForMultipleObjects (0x%lx)\n", GetLastError());
|
|
|
|
}
|
2020-08-11 02:27:04 +00:00
|
|
|
}
|
|
|
|
|
2021-01-14 23:55:36 +00:00
|
|
|
stopped:
|
2020-08-12 10:54:20 +00:00
|
|
|
if (service.running)
|
|
|
|
{
|
|
|
|
doLog("Terminating the host application\n");
|
2021-01-15 01:03:38 +00:00
|
|
|
if (TerminateProcess(service.process, LG_HOST_EXIT_KILLED))
|
2020-08-12 10:54:20 +00:00
|
|
|
{
|
2021-01-14 23:55:36 +00:00
|
|
|
while(WaitForSingleObject(service.process, INFINITE) != WAIT_OBJECT_0) {}
|
|
|
|
doLog("Host application terminated\n");
|
2020-08-12 10:54:20 +00:00
|
|
|
}
|
|
|
|
else
|
2021-01-14 23:55:36 +00:00
|
|
|
doLog("Failed to terminate the host application\n");
|
|
|
|
CloseHandle(service.process);
|
|
|
|
service.process = NULL;
|
2020-08-12 10:54:20 +00:00
|
|
|
}
|
|
|
|
|
2020-10-18 15:49:15 +00:00
|
|
|
shutdown:
|
2020-08-11 02:27:04 +00:00
|
|
|
ReportSvcStatus(SERVICE_STOPPED, NO_ERROR, 0);
|
|
|
|
CloseHandle(ghSvcStopEvent);
|
|
|
|
finishLogging();
|
|
|
|
}
|
|
|
|
|
|
|
|
bool HandleService(int argc, char * argv[])
|
|
|
|
{
|
|
|
|
service.logFile = stdout;
|
|
|
|
if (argc > 1)
|
|
|
|
{
|
|
|
|
if (strcmp(argv[1], "InstallService") == 0)
|
|
|
|
{
|
|
|
|
Install();
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (strcmp(argv[1], "UninstallService") == 0)
|
|
|
|
{
|
|
|
|
Uninstall();
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
SERVICE_TABLE_ENTRY DispatchTable[] = {
|
|
|
|
{ SVCNAME, (LPSERVICE_MAIN_FUNCTION) SvcMain },
|
|
|
|
{ NULL, NULL }
|
|
|
|
};
|
|
|
|
|
|
|
|
if (StartServiceCtrlDispatcher(DispatchTable))
|
|
|
|
return true;
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|