[Libreoffice-commits] core.git: Branch 'feature/mar-updater' - 2 commits - onlineupdate/astyle.options onlineupdate/source
Markus Mohrhard
markus.mohrhard at googlemail.com
Fri Jan 6 04:47:53 UTC 2017
onlineupdate/astyle.options | 7
onlineupdate/source/libmar/sign/nss_secutil.h | 18
onlineupdate/source/libmar/verify/cryptox.h | 12
onlineupdate/source/service/certificatecheck.cxx | 382 +-
onlineupdate/source/service/certificatecheck.hxx | 8
onlineupdate/source/service/maintenanceservice.cxx | 517 +-
onlineupdate/source/service/maintenanceservice.hxx | 4
onlineupdate/source/service/registrycertificates.cxx | 214 -
onlineupdate/source/service/resource.hxx | 2
onlineupdate/source/service/servicebase.cxx | 114
onlineupdate/source/service/servicebase.hxx | 2
onlineupdate/source/service/serviceinstall.cxx | 1232 +++---
onlineupdate/source/service/serviceinstall.hxx | 4
onlineupdate/source/service/workmonitor.cxx | 1062 +++---
onlineupdate/source/update/common/pathhash.cxx | 177 -
onlineupdate/source/update/common/readstrings.cxx | 315 -
onlineupdate/source/update/common/readstrings.h | 8
onlineupdate/source/update/common/uachelper.cxx | 261 -
onlineupdate/source/update/common/uachelper.h | 16
onlineupdate/source/update/common/updatedefines.h | 28
onlineupdate/source/update/common/updatehelper.cxx | 986 ++---
onlineupdate/source/update/common/updatelogging.cxx | 71
onlineupdate/source/update/common/updatelogging.h | 40
onlineupdate/source/update/common/win_dirent.h | 18
onlineupdate/source/update/updater/archivereader.cxx | 368 +-
onlineupdate/source/update/updater/archivereader.h | 29
onlineupdate/source/update/updater/bspatch.cxx | 230 -
onlineupdate/source/update/updater/bspatch.h | 46
onlineupdate/source/update/updater/loaddlls.cxx | 169
onlineupdate/source/update/updater/primaryCert.h | 3
onlineupdate/source/update/updater/progressui-unused/progressui_gonk.cxx | 37
onlineupdate/source/update/updater/progressui.h | 18
onlineupdate/source/update/updater/progressui_gtk.cxx | 114
onlineupdate/source/update/updater/progressui_null.cxx | 4
onlineupdate/source/update/updater/progressui_win.cxx | 401 +-
onlineupdate/source/update/updater/secondaryCert.h | 3
onlineupdate/source/update/updater/updater.cxx | 1761 ++++++----
onlineupdate/source/update/updater/win_dirent.cxx | 78
onlineupdate/source/update/updater/xpcom/glue/nsVersionComparator.cxx | 513 +-
onlineupdate/source/update/updater/xpcom/glue/nsVersionComparator.h | 210 -
onlineupdate/source/winhelper/windowsStart.cxx | 341 +
41 files changed, 5387 insertions(+), 4436 deletions(-)
New commits:
commit 050bf8b4cd1dc82d3f7281ea9c8e92d84bdadaf2
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Fri Jan 6 05:45:49 2017 +0100
add the astyle script used to format the files
diff --git a/onlineupdate/astyle.options b/onlineupdate/astyle.options
new file mode 100644
index 0000000..fc8d9f6
--- /dev/null
+++ b/onlineupdate/astyle.options
@@ -0,0 +1,7 @@
+--style=allman
+-s4
+--indent=spaces=4
+--attach-namespaces
+--indent-switches
+--indent-col1-comments
+--pad-header
commit bc94b74896d7d34f96d01ac571686f040d443323
Author: Markus Mohrhard <markus.mohrhard at googlemail.com>
Date: Fri Jan 6 05:42:34 2017 +0100
use a more libreoffice like formatting
This formatting has been done by an astyle script. The idea is that with
a consistent formatting it is much easier to bring in changes from
Mozilla. Updating the code with the new version, running the astyle
script and then looking through the diff seems like the most sensible
option.
diff --git a/onlineupdate/source/libmar/sign/nss_secutil.h b/onlineupdate/source/libmar/sign/nss_secutil.h
index 363c649..f599fcc 100644
--- a/onlineupdate/source/libmar/sign/nss_secutil.h
+++ b/onlineupdate/source/libmar/sign/nss_secutil.h
@@ -16,14 +16,16 @@
#include "key.h"
#include <stdint.h>
-typedef struct {
- enum {
- PW_NONE = 0,
- PW_FROMFILE = 1,
- PW_PLAINTEXT = 2,
- PW_EXTERNAL = 3
- } source;
- char *data;
+typedef struct
+{
+ enum
+ {
+ PW_NONE = 0,
+ PW_FROMFILE = 1,
+ PW_PLAINTEXT = 2,
+ PW_EXTERNAL = 3
+ } source;
+ char *data;
} secuPWData;
#if( defined(_WINDOWS) && !defined(_WIN32_WCE))
diff --git a/onlineupdate/source/libmar/verify/cryptox.h b/onlineupdate/source/libmar/verify/cryptox.h
index acecae6..23aa6c9 100644
--- a/onlineupdate/source/libmar/verify/cryptox.h
+++ b/onlineupdate/source/libmar/verify/cryptox.h
@@ -77,9 +77,9 @@ CryptoX_Result CryptoMac_LoadPublicKey(const unsigned char* aCertData,
unsigned int aDataSize,
CryptoX_PublicKey* aPublicKey);
CryptoX_Result CryptoMac_VerifySignature(CryptoX_SignatureHandle* aInputData,
- CryptoX_PublicKey* aPublicKey,
- const unsigned char* aSignature,
- unsigned int aSignatureLen);
+ CryptoX_PublicKey* aPublicKey,
+ const unsigned char* aSignature,
+ unsigned int aSignatureLen);
void CryptoMac_FreeSignatureHandle(CryptoX_SignatureHandle* aInputData);
void CryptoMac_FreePublicKey(CryptoX_PublicKey* aPublicKey);
#ifdef __cplusplus
@@ -118,9 +118,9 @@ CryptoX_Result CryptoAPI_VerifyBegin(HCRYPTPROV provider, HCRYPTHASH* hash);
CryptoX_Result CryptoAPI_VerifyUpdate(HCRYPTHASH* hash,
BYTE *buf, DWORD len);
CryptoX_Result CyprtoAPI_VerifySignature(HCRYPTHASH *hash,
- HCRYPTKEY *pubKey,
- const BYTE *signature,
- DWORD signatureLen);
+ HCRYPTKEY *pubKey,
+ const BYTE *signature,
+ DWORD signatureLen);
#define CryptoX_InvalidHandleValue ((ULONG_PTR)NULL)
#define CryptoX_ProviderHandle HCRYPTPROV
diff --git a/onlineupdate/source/service/certificatecheck.cxx b/onlineupdate/source/service/certificatecheck.cxx
index 3a9eba0..58d7016 100644
--- a/onlineupdate/source/service/certificatecheck.cxx
+++ b/onlineupdate/source/service/certificatecheck.cxx
@@ -28,87 +28,97 @@ DWORD
CheckCertificateForPEFile(LPCWSTR filePath,
CertificateCheckInfo &infoToMatch)
{
- HCERTSTORE certStore = nullptr;
- HCRYPTMSG cryptMsg = nullptr;
- PCCERT_CONTEXT certContext = nullptr;
- PCMSG_SIGNER_INFO signerInfo = nullptr;
- DWORD lastError = ERROR_SUCCESS;
+ HCERTSTORE certStore = nullptr;
+ HCRYPTMSG cryptMsg = nullptr;
+ PCCERT_CONTEXT certContext = nullptr;
+ PCMSG_SIGNER_INFO signerInfo = nullptr;
+ DWORD lastError = ERROR_SUCCESS;
- // Get the HCERTSTORE and HCRYPTMSG from the signed file.
- DWORD encoding, contentType, formatType;
- BOOL result = CryptQueryObject(CERT_QUERY_OBJECT_FILE,
- filePath,
- CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
- CERT_QUERY_CONTENT_FLAG_ALL,
- 0, &encoding, &contentType,
- &formatType, &certStore, &cryptMsg, nullptr);
- if (!result) {
- lastError = GetLastError();
- LOG_WARN(("CryptQueryObject failed. (%d)", lastError));
- goto cleanup;
- }
+ // Get the HCERTSTORE and HCRYPTMSG from the signed file.
+ DWORD encoding, contentType, formatType;
+ BOOL result = CryptQueryObject(CERT_QUERY_OBJECT_FILE,
+ filePath,
+ CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
+ CERT_QUERY_CONTENT_FLAG_ALL,
+ 0, &encoding, &contentType,
+ &formatType, &certStore, &cryptMsg, nullptr);
+ if (!result)
+ {
+ lastError = GetLastError();
+ LOG_WARN(("CryptQueryObject failed. (%d)", lastError));
+ goto cleanup;
+ }
- // Pass in nullptr to get the needed signer information size.
- DWORD signerInfoSize;
- result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
- nullptr, &signerInfoSize);
- if (!result) {
- lastError = GetLastError();
- LOG_WARN(("CryptMsgGetParam failed. (%d)", lastError));
- goto cleanup;
- }
+ // Pass in nullptr to get the needed signer information size.
+ DWORD signerInfoSize;
+ result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
+ nullptr, &signerInfoSize);
+ if (!result)
+ {
+ lastError = GetLastError();
+ LOG_WARN(("CryptMsgGetParam failed. (%d)", lastError));
+ goto cleanup;
+ }
- // Allocate the needed size for the signer information.
- signerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, signerInfoSize);
- if (!signerInfo) {
- lastError = GetLastError();
- LOG_WARN(("Unable to allocate memory for Signer Info. (%d)", lastError));
- goto cleanup;
- }
+ // Allocate the needed size for the signer information.
+ signerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, signerInfoSize);
+ if (!signerInfo)
+ {
+ lastError = GetLastError();
+ LOG_WARN(("Unable to allocate memory for Signer Info. (%d)", lastError));
+ goto cleanup;
+ }
- // Get the signer information (PCMSG_SIGNER_INFO).
- // In particular we want the issuer and serial number.
- result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
- (PVOID)signerInfo, &signerInfoSize);
- if (!result) {
- lastError = GetLastError();
- LOG_WARN(("CryptMsgGetParam failed. (%d)", lastError));
- goto cleanup;
- }
+ // Get the signer information (PCMSG_SIGNER_INFO).
+ // In particular we want the issuer and serial number.
+ result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0,
+ (PVOID)signerInfo, &signerInfoSize);
+ if (!result)
+ {
+ lastError = GetLastError();
+ LOG_WARN(("CryptMsgGetParam failed. (%d)", lastError));
+ goto cleanup;
+ }
- // Search for the signer certificate in the certificate store.
- CERT_INFO certInfo;
- certInfo.Issuer = signerInfo->Issuer;
- certInfo.SerialNumber = signerInfo->SerialNumber;
- certContext = CertFindCertificateInStore(certStore, ENCODING, 0,
- CERT_FIND_SUBJECT_CERT,
- (PVOID)&certInfo, nullptr);
- if (!certContext) {
- lastError = GetLastError();
- LOG_WARN(("CertFindCertificateInStore failed. (%d)", lastError));
- goto cleanup;
- }
+ // Search for the signer certificate in the certificate store.
+ CERT_INFO certInfo;
+ certInfo.Issuer = signerInfo->Issuer;
+ certInfo.SerialNumber = signerInfo->SerialNumber;
+ certContext = CertFindCertificateInStore(certStore, ENCODING, 0,
+ CERT_FIND_SUBJECT_CERT,
+ (PVOID)&certInfo, nullptr);
+ if (!certContext)
+ {
+ lastError = GetLastError();
+ LOG_WARN(("CertFindCertificateInStore failed. (%d)", lastError));
+ goto cleanup;
+ }
- if (!DoCertificateAttributesMatch(certContext, infoToMatch)) {
- lastError = ERROR_NOT_FOUND;
- LOG_WARN(("Certificate did not match issuer or name. (%d)", lastError));
- goto cleanup;
- }
+ if (!DoCertificateAttributesMatch(certContext, infoToMatch))
+ {
+ lastError = ERROR_NOT_FOUND;
+ LOG_WARN(("Certificate did not match issuer or name. (%d)", lastError));
+ goto cleanup;
+ }
cleanup:
- if (signerInfo) {
- LocalFree(signerInfo);
- }
- if (certContext) {
- CertFreeCertificateContext(certContext);
- }
- if (certStore) {
- CertCloseStore(certStore, 0);
- }
- if (cryptMsg) {
- CryptMsgClose(cryptMsg);
- }
- return lastError;
+ if (signerInfo)
+ {
+ LocalFree(signerInfo);
+ }
+ if (certContext)
+ {
+ CertFreeCertificateContext(certContext);
+ }
+ if (certStore)
+ {
+ CertCloseStore(certStore, 0);
+ }
+ if (cryptMsg)
+ {
+ CryptMsgClose(cryptMsg);
+ }
+ return lastError;
}
/**
@@ -122,86 +132,96 @@ BOOL
DoCertificateAttributesMatch(PCCERT_CONTEXT certContext,
CertificateCheckInfo &infoToMatch)
{
- DWORD dwData;
- LPTSTR szName = nullptr;
+ DWORD dwData;
+ LPTSTR szName = nullptr;
- if (infoToMatch.issuer) {
- // Pass in nullptr to get the needed size of the issuer buffer.
- dwData = CertGetNameString(certContext,
- CERT_NAME_SIMPLE_DISPLAY_TYPE,
- CERT_NAME_ISSUER_FLAG, nullptr,
- nullptr, 0);
+ if (infoToMatch.issuer)
+ {
+ // Pass in nullptr to get the needed size of the issuer buffer.
+ dwData = CertGetNameString(certContext,
+ CERT_NAME_SIMPLE_DISPLAY_TYPE,
+ CERT_NAME_ISSUER_FLAG, nullptr,
+ nullptr, 0);
- if (!dwData) {
- LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
- return FALSE;
- }
+ if (!dwData)
+ {
+ LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
+ return FALSE;
+ }
- // Allocate memory for Issuer name buffer.
- LPTSTR szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
- if (!szName) {
- LOG_WARN(("Unable to allocate memory for issuer name. (%d)",
- GetLastError()));
- return FALSE;
- }
+ // Allocate memory for Issuer name buffer.
+ LPTSTR szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
+ if (!szName)
+ {
+ LOG_WARN(("Unable to allocate memory for issuer name. (%d)",
+ GetLastError()));
+ return FALSE;
+ }
- // Get Issuer name.
- if (!CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
- CERT_NAME_ISSUER_FLAG, nullptr, szName, dwData)) {
- LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
- LocalFree(szName);
- return FALSE;
- }
+ // Get Issuer name.
+ if (!CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
+ CERT_NAME_ISSUER_FLAG, nullptr, szName, dwData))
+ {
+ LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
+ LocalFree(szName);
+ return FALSE;
+ }
- // If the issuer does not match, return a failure.
- if (!infoToMatch.issuer ||
- wcscmp(szName, infoToMatch.issuer)) {
- LocalFree(szName);
- return FALSE;
+ // If the issuer does not match, return a failure.
+ if (!infoToMatch.issuer ||
+ wcscmp(szName, infoToMatch.issuer))
+ {
+ LocalFree(szName);
+ return FALSE;
+ }
+
+ LocalFree(szName);
+ szName = nullptr;
}
- LocalFree(szName);
- szName = nullptr;
- }
+ if (infoToMatch.name)
+ {
+ // Pass in nullptr to get the needed size of the name buffer.
+ dwData = CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
+ 0, nullptr, nullptr, 0);
+ if (!dwData)
+ {
+ LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
+ return FALSE;
+ }
- if (infoToMatch.name) {
- // Pass in nullptr to get the needed size of the name buffer.
- dwData = CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE,
- 0, nullptr, nullptr, 0);
- if (!dwData) {
- LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
- return FALSE;
- }
+ // Allocate memory for the name buffer.
+ szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
+ if (!szName)
+ {
+ LOG_WARN(("Unable to allocate memory for subject name. (%d)",
+ GetLastError()));
+ return FALSE;
+ }
- // Allocate memory for the name buffer.
- szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR));
- if (!szName) {
- LOG_WARN(("Unable to allocate memory for subject name. (%d)",
- GetLastError()));
- return FALSE;
- }
+ // Obtain the name.
+ if (!(CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0,
+ nullptr, szName, dwData)))
+ {
+ LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
+ LocalFree(szName);
+ return FALSE;
+ }
- // Obtain the name.
- if (!(CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0,
- nullptr, szName, dwData))) {
- LOG_WARN(("CertGetNameString failed. (%d)", GetLastError()));
- LocalFree(szName);
- return FALSE;
- }
+ // If the issuer does not match, return a failure.
+ if (!infoToMatch.name ||
+ wcscmp(szName, infoToMatch.name))
+ {
+ LocalFree(szName);
+ return FALSE;
+ }
- // If the issuer does not match, return a failure.
- if (!infoToMatch.name ||
- wcscmp(szName, infoToMatch.name)) {
- LocalFree(szName);
- return FALSE;
+ // We have a match!
+ LocalFree(szName);
}
- // We have a match!
- LocalFree(szName);
- }
-
- // If there were any errors we would have aborted by now.
- return TRUE;
+ // If there were any errors we would have aborted by now.
+ return TRUE;
}
/**
@@ -213,12 +233,13 @@ DoCertificateAttributesMatch(PCCERT_CONTEXT certContext,
LPWSTR
AllocateAndCopyWideString(LPCWSTR inputString)
{
- LPWSTR outputString =
- (LPWSTR)LocalAlloc(LPTR, (wcslen(inputString) + 1) * sizeof(WCHAR));
- if (outputString) {
- lstrcpyW(outputString, inputString);
- }
- return outputString;
+ LPWSTR outputString =
+ (LPWSTR)LocalAlloc(LPTR, (wcslen(inputString) + 1) * sizeof(WCHAR));
+ if (outputString)
+ {
+ lstrcpyW(outputString, inputString);
+ }
+ return outputString;
}
/**
@@ -230,41 +251,42 @@ AllocateAndCopyWideString(LPCWSTR inputString)
DWORD
VerifyCertificateTrustForFile(LPCWSTR filePath)
{
- // Setup the file to check.
- WINTRUST_FILE_INFO fileToCheck;
- ZeroMemory(&fileToCheck, sizeof(fileToCheck));
- fileToCheck.cbStruct = sizeof(WINTRUST_FILE_INFO);
- fileToCheck.pcwszFilePath = filePath;
+ // Setup the file to check.
+ WINTRUST_FILE_INFO fileToCheck;
+ ZeroMemory(&fileToCheck, sizeof(fileToCheck));
+ fileToCheck.cbStruct = sizeof(WINTRUST_FILE_INFO);
+ fileToCheck.pcwszFilePath = filePath;
- // Setup what to check, we want to check it is signed and trusted.
- WINTRUST_DATA trustData;
- ZeroMemory(&trustData, sizeof(trustData));
- trustData.cbStruct = sizeof(trustData);
- trustData.pPolicyCallbackData = nullptr;
- trustData.pSIPClientData = nullptr;
- trustData.dwUIChoice = WTD_UI_NONE;
- trustData.fdwRevocationChecks = WTD_REVOKE_NONE;
- trustData.dwUnionChoice = WTD_CHOICE_FILE;
- trustData.dwStateAction = 0;
- trustData.hWVTStateData = nullptr;
- trustData.pwszURLReference = nullptr;
- // no UI
- trustData.dwUIContext = 0;
- trustData.pFile = &fileToCheck;
+ // Setup what to check, we want to check it is signed and trusted.
+ WINTRUST_DATA trustData;
+ ZeroMemory(&trustData, sizeof(trustData));
+ trustData.cbStruct = sizeof(trustData);
+ trustData.pPolicyCallbackData = nullptr;
+ trustData.pSIPClientData = nullptr;
+ trustData.dwUIChoice = WTD_UI_NONE;
+ trustData.fdwRevocationChecks = WTD_REVOKE_NONE;
+ trustData.dwUnionChoice = WTD_CHOICE_FILE;
+ trustData.dwStateAction = 0;
+ trustData.hWVTStateData = nullptr;
+ trustData.pwszURLReference = nullptr;
+ // no UI
+ trustData.dwUIContext = 0;
+ trustData.pFile = &fileToCheck;
- GUID policyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
- // Check if the file is signed by something that is trusted.
- LONG ret = WinVerifyTrust(nullptr, &policyGUID, &trustData);
- if (ERROR_SUCCESS == ret) {
- // The hash that represents the subject is trusted and there were no
- // verification errors. No publisher nor time stamp chain errors.
- LOG(("The file \"%ls\" is signed and the signature was verified.",
- filePath));
- return ERROR_SUCCESS;
- }
+ GUID policyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2;
+ // Check if the file is signed by something that is trusted.
+ LONG ret = WinVerifyTrust(nullptr, &policyGUID, &trustData);
+ if (ERROR_SUCCESS == ret)
+ {
+ // The hash that represents the subject is trusted and there were no
+ // verification errors. No publisher nor time stamp chain errors.
+ LOG(("The file \"%ls\" is signed and the signature was verified.",
+ filePath));
+ return ERROR_SUCCESS;
+ }
- DWORD lastError = GetLastError();
- LOG_WARN(("There was an error validating trust of the certificate for file"
- " \"%ls\". Returned: %d. (%d)", filePath, ret, lastError));
- return ret;
+ DWORD lastError = GetLastError();
+ LOG_WARN(("There was an error validating trust of the certificate for file"
+ " \"%ls\". Returned: %d. (%d)", filePath, ret, lastError));
+ return ret;
}
diff --git a/onlineupdate/source/service/certificatecheck.hxx b/onlineupdate/source/service/certificatecheck.hxx
index 43a7c85..1efbcb1 100644
--- a/onlineupdate/source/service/certificatecheck.hxx
+++ b/onlineupdate/source/service/certificatecheck.hxx
@@ -9,14 +9,14 @@
struct CertificateCheckInfo
{
- LPCWSTR name;
- LPCWSTR issuer;
+ LPCWSTR name;
+ LPCWSTR issuer;
};
-BOOL DoCertificateAttributesMatch(PCCERT_CONTEXT pCertContext,
+BOOL DoCertificateAttributesMatch(PCCERT_CONTEXT pCertContext,
CertificateCheckInfo &infoToMatch);
DWORD VerifyCertificateTrustForFile(LPCWSTR filePath);
-DWORD CheckCertificateForPEFile(LPCWSTR filePath,
+DWORD CheckCertificateForPEFile(LPCWSTR filePath,
CertificateCheckInfo &infoToMatch);
#endif
diff --git a/onlineupdate/source/service/maintenanceservice.cxx b/onlineupdate/source/service/maintenanceservice.cxx
index 8471bdb..036bfe2 100644
--- a/onlineupdate/source/service/maintenanceservice.cxx
+++ b/onlineupdate/source/service/maintenanceservice.cxx
@@ -33,92 +33,106 @@ BOOL GetLogDirectoryPath(WCHAR *path);
int
wmain(int argc, WCHAR **argv)
{
- if (argc < 2)
- {
- LOG_WARN(("missing mandatory command line argument"));
- return 1;
- }
- // If command-line parameter is "install", install the service
- // or upgrade if already installed
- // If command line parameter is "forceinstall", install the service
- // even if it is older than what is already installed.
- // If command-line parameter is "upgrade", upgrade the service
- // but do not install it if it is not already installed.
- // If command line parameter is "uninstall", uninstall the service.
- // Otherwise, the service is probably being started by the SCM.
- bool forceInstall = !lstrcmpi(argv[1], L"forceinstall");
- if (!lstrcmpi(argv[1], L"install") || forceInstall) {
- WCHAR updatePath[MAX_PATH + 1];
- if (GetLogDirectoryPath(updatePath)) {
- LogInit(updatePath, L"maintenanceservice-install.log");
+ if (argc < 2)
+ {
+ LOG_WARN(("missing mandatory command line argument"));
+ return 1;
}
-
- SvcInstallAction action = InstallSvc;
- if (forceInstall) {
- action = ForceInstallSvc;
- LOG(("Installing service with force specified..."));
- } else {
- LOG(("Installing service..."));
+ // If command-line parameter is "install", install the service
+ // or upgrade if already installed
+ // If command line parameter is "forceinstall", install the service
+ // even if it is older than what is already installed.
+ // If command-line parameter is "upgrade", upgrade the service
+ // but do not install it if it is not already installed.
+ // If command line parameter is "uninstall", uninstall the service.
+ // Otherwise, the service is probably being started by the SCM.
+ bool forceInstall = !lstrcmpi(argv[1], L"forceinstall");
+ if (!lstrcmpi(argv[1], L"install") || forceInstall)
+ {
+ WCHAR updatePath[MAX_PATH + 1];
+ if (GetLogDirectoryPath(updatePath))
+ {
+ LogInit(updatePath, L"maintenanceservice-install.log");
+ }
+
+ SvcInstallAction action = InstallSvc;
+ if (forceInstall)
+ {
+ action = ForceInstallSvc;
+ LOG(("Installing service with force specified..."));
+ }
+ else
+ {
+ LOG(("Installing service..."));
+ }
+
+ bool ret = SvcInstall(action);
+ if (!ret)
+ {
+ LOG_WARN(("Could not install service. (%d)", GetLastError()));
+ LogFinish();
+ return 1;
+ }
+
+ LOG(("The service was installed successfully"));
+ LogFinish();
+ return 0;
}
- bool ret = SvcInstall(action);
- if (!ret) {
- LOG_WARN(("Could not install service. (%d)", GetLastError()));
- LogFinish();
- return 1;
+ if (!lstrcmpi(argv[1], L"upgrade"))
+ {
+ WCHAR updatePath[MAX_PATH + 1];
+ if (GetLogDirectoryPath(updatePath))
+ {
+ LogInit(updatePath, L"maintenanceservice-install.log");
+ }
+
+ LOG(("Upgrading service if installed..."));
+ if (!SvcInstall(UpgradeSvc))
+ {
+ LOG_WARN(("Could not upgrade service. (%d)", GetLastError()));
+ LogFinish();
+ return 1;
+ }
+
+ LOG(("The service was upgraded successfully"));
+ LogFinish();
+ return 0;
}
- LOG(("The service was installed successfully"));
- LogFinish();
- return 0;
- }
-
- if (!lstrcmpi(argv[1], L"upgrade")) {
- WCHAR updatePath[MAX_PATH + 1];
- if (GetLogDirectoryPath(updatePath)) {
- LogInit(updatePath, L"maintenanceservice-install.log");
+ if (!lstrcmpi(argv[1], L"uninstall"))
+ {
+ WCHAR updatePath[MAX_PATH + 1];
+ if (GetLogDirectoryPath(updatePath))
+ {
+ LogInit(updatePath, L"maintenanceservice-uninstall.log");
+ }
+ LOG(("Uninstalling service..."));
+ if (!SvcUninstall())
+ {
+ LOG_WARN(("Could not uninstall service. (%d)", GetLastError()));
+ LogFinish();
+ return 1;
+ }
+ LOG(("The service was uninstalled successfully"));
+ LogFinish();
+ return 0;
}
- LOG(("Upgrading service if installed..."));
- if (!SvcInstall(UpgradeSvc)) {
- LOG_WARN(("Could not upgrade service. (%d)", GetLastError()));
- LogFinish();
- return 1;
+ SERVICE_TABLE_ENTRYW DispatchTable[] =
+ {
+ { SVC_NAME, (LPSERVICE_MAIN_FUNCTIONW) SvcMain },
+ { nullptr, nullptr }
+ };
+
+ // This call returns when the service has stopped.
+ // The process should simply terminate when the call returns.
+ if (!StartServiceCtrlDispatcherW(DispatchTable))
+ {
+ LOG_WARN(("StartServiceCtrlDispatcher failed. (%d)", GetLastError()));
}
- LOG(("The service was upgraded successfully"));
- LogFinish();
return 0;
- }
-
- if (!lstrcmpi(argv[1], L"uninstall")) {
- WCHAR updatePath[MAX_PATH + 1];
- if (GetLogDirectoryPath(updatePath)) {
- LogInit(updatePath, L"maintenanceservice-uninstall.log");
- }
- LOG(("Uninstalling service..."));
- if (!SvcUninstall()) {
- LOG_WARN(("Could not uninstall service. (%d)", GetLastError()));
- LogFinish();
- return 1;
- }
- LOG(("The service was uninstalled successfully"));
- LogFinish();
- return 0;
- }
-
- SERVICE_TABLE_ENTRYW DispatchTable[] = {
- { SVC_NAME, (LPSERVICE_MAIN_FUNCTIONW) SvcMain },
- { nullptr, nullptr }
- };
-
- // This call returns when the service has stopped.
- // The process should simply terminate when the call returns.
- if (!StartServiceCtrlDispatcherW(DispatchTable)) {
- LOG_WARN(("StartServiceCtrlDispatcher failed. (%d)", GetLastError()));
- }
-
- return 0;
}
/**
@@ -130,24 +144,27 @@ wmain(int argc, WCHAR **argv)
BOOL
GetLogDirectoryPath(WCHAR *path)
{
- HRESULT hr = SHGetFolderPathW(nullptr, CSIDL_COMMON_APPDATA, nullptr,
- SHGFP_TYPE_CURRENT, path);
- if (FAILED(hr)) {
- return FALSE;
- }
-
- if (!PathAppendSafe(path, L"Mozilla")) {
- return FALSE;
- }
- // The directory should already be created from the installer, but
- // just to be safe in case someone deletes.
- CreateDirectoryW(path, nullptr);
-
- if (!PathAppendSafe(path, L"logs")) {
- return FALSE;
- }
- CreateDirectoryW(path, nullptr);
- return TRUE;
+ HRESULT hr = SHGetFolderPathW(nullptr, CSIDL_COMMON_APPDATA, nullptr,
+ SHGFP_TYPE_CURRENT, path);
+ if (FAILED(hr))
+ {
+ return FALSE;
+ }
+
+ if (!PathAppendSafe(path, L"Mozilla"))
+ {
+ return FALSE;
+ }
+ // The directory should already be created from the installer, but
+ // just to be safe in case someone deletes.
+ CreateDirectoryW(path, nullptr);
+
+ if (!PathAppendSafe(path, L"logs"))
+ {
+ return FALSE;
+ }
+ CreateDirectoryW(path, nullptr);
+ return TRUE;
}
/**
@@ -161,16 +178,19 @@ GetLogDirectoryPath(WCHAR *path)
BOOL
GetBackupLogPath(LPWSTR path, LPCWSTR basePath, int logNumber)
{
- WCHAR logName[64] = { L'\0' };
- wcsncpy(path, basePath, sizeof(logName) / sizeof(logName[0]) - 1);
- if (logNumber <= 0) {
- swprintf(logName, sizeof(logName) / sizeof(logName[0]),
- L"maintenanceservice.log");
- } else {
- swprintf(logName, sizeof(logName) / sizeof(logName[0]),
- L"maintenanceservice-%d.log", logNumber);
- }
- return PathAppendSafe(path, logName);
+ WCHAR logName[64] = { L'\0' };
+ wcsncpy(path, basePath, sizeof(logName) / sizeof(logName[0]) - 1);
+ if (logNumber <= 0)
+ {
+ swprintf(logName, sizeof(logName) / sizeof(logName[0]),
+ L"maintenanceservice.log");
+ }
+ else
+ {
+ swprintf(logName, sizeof(logName) / sizeof(logName[0]),
+ L"maintenanceservice-%d.log", logNumber);
+ }
+ return PathAppendSafe(path, logName);
}
/**
@@ -187,21 +207,25 @@ GetBackupLogPath(LPWSTR path, LPCWSTR basePath, int logNumber)
void
BackupOldLogs(LPCWSTR basePath, int numLogsToKeep)
{
- WCHAR oldPath[MAX_PATH + 1];
- WCHAR newPath[MAX_PATH + 1];
- for (int i = numLogsToKeep; i >= 1; i--) {
- if (!GetBackupLogPath(oldPath, basePath, i -1)) {
- continue;
- }
-
- if (!GetBackupLogPath(newPath, basePath, i)) {
- continue;
+ WCHAR oldPath[MAX_PATH + 1];
+ WCHAR newPath[MAX_PATH + 1];
+ for (int i = numLogsToKeep; i >= 1; i--)
+ {
+ if (!GetBackupLogPath(oldPath, basePath, i -1))
+ {
+ continue;
+ }
+
+ if (!GetBackupLogPath(newPath, basePath, i))
+ {
+ continue;
+ }
+
+ if (!MoveFileExW(oldPath, newPath, MOVEFILE_REPLACE_EXISTING))
+ {
+ continue;
+ }
}
-
- if (!MoveFileExW(oldPath, newPath, MOVEFILE_REPLACE_EXISTING)) {
- continue;
- }
- }
}
/**
@@ -221,20 +245,21 @@ BackupOldLogs(LPCWSTR basePath, int numLogsToKeep)
DWORD WINAPI
EnsureProcessTerminatedThread(LPVOID)
{
- Sleep(5000);
- exit(0);
+ Sleep(5000);
+ exit(0);
}
void
StartTerminationThread()
{
- // If the process does not self terminate like it should, this thread
- // will terminate the process after 5 seconds.
- HANDLE thread = CreateThread(nullptr, 0, EnsureProcessTerminatedThread,
- nullptr, 0, nullptr);
- if (thread) {
- CloseHandle(thread);
- }
+ // If the process does not self terminate like it should, this thread
+ // will terminate the process after 5 seconds.
+ HANDLE thread = CreateThread(nullptr, 0, EnsureProcessTerminatedThread,
+ nullptr, 0, nullptr);
+ if (thread)
+ {
+ CloseHandle(thread);
+ }
}
/**
@@ -243,61 +268,65 @@ StartTerminationThread()
void WINAPI
SvcMain(DWORD argc, LPWSTR *argv)
{
- // Setup logging, and backup the old logs
- WCHAR updatePath[MAX_PATH + 1];
- if (GetLogDirectoryPath(updatePath)) {
- BackupOldLogs(updatePath, LOGS_TO_KEEP);
- LogInit(updatePath, L"maintenanceservice.log");
- }
-
- // Disable every privilege we don't need. Processes started using
- // CreateProcess will use the same token as this process.
- UACHelper::DisablePrivileges(nullptr);
-
- // Register the handler function for the service
- gSvcStatusHandle = RegisterServiceCtrlHandlerW(SVC_NAME, SvcCtrlHandler);
- if (!gSvcStatusHandle) {
- LOG_WARN(("RegisterServiceCtrlHandler failed. (%d)", GetLastError()));
- ExecuteServiceCommand(argc, argv);
- LogFinish();
- exit(1);
- }
-
- // These values will be re-used later in calls involving gSvcStatus
- gSvcStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
- gSvcStatus.dwServiceSpecificExitCode = 0;
+ // Setup logging, and backup the old logs
+ WCHAR updatePath[MAX_PATH + 1];
+ if (GetLogDirectoryPath(updatePath))
+ {
+ BackupOldLogs(updatePath, LOGS_TO_KEEP);
+ LogInit(updatePath, L"maintenanceservice.log");
+ }
- // Report initial status to the SCM
- ReportSvcStatus(SERVICE_START_PENDING, NO_ERROR, 3000);
+ // Disable every privilege we don't need. Processes started using
+ // CreateProcess will use the same token as this process.
+ UACHelper::DisablePrivileges(nullptr);
+
+ // Register the handler function for the service
+ gSvcStatusHandle = RegisterServiceCtrlHandlerW(SVC_NAME, SvcCtrlHandler);
+ if (!gSvcStatusHandle)
+ {
+ LOG_WARN(("RegisterServiceCtrlHandler failed. (%d)", GetLastError()));
+ ExecuteServiceCommand(argc, argv);
+ LogFinish();
+ exit(1);
+ }
- // This event will be used to tell the SvcCtrlHandler when the work is
- // done for when a stop comamnd is manually issued.
- gWorkDoneEvent = CreateEvent(nullptr, TRUE, FALSE, nullptr);
- if (!gWorkDoneEvent) {
- ReportSvcStatus(SERVICE_STOPPED, 1, 0);
- StartTerminationThread();
- return;
- }
+ // These values will be re-used later in calls involving gSvcStatus
+ gSvcStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
+ gSvcStatus.dwServiceSpecificExitCode = 0;
+
+ // Report initial status to the SCM
+ ReportSvcStatus(SERVICE_START_PENDING, NO_ERROR, 3000);
+
+ // This event will be used to tell the SvcCtrlHandler when the work is
+ // done for when a stop comamnd is manually issued.
+ gWorkDoneEvent = CreateEvent(nullptr, TRUE, FALSE, nullptr);
+ if (!gWorkDoneEvent)
+ {
+ ReportSvcStatus(SERVICE_STOPPED, 1, 0);
+ StartTerminationThread();
+ return;
+ }
- // Initialization complete and we're about to start working on
- // the actual command. Report the service state as running to the SCM.
- ReportSvcStatus(SERVICE_RUNNING, NO_ERROR, 0);
+ // Initialization complete and we're about to start working on
+ // the actual command. Report the service state as running to the SCM.
+ ReportSvcStatus(SERVICE_RUNNING, NO_ERROR, 0);
- // The service command was executed, stop logging and set an event
- // to indicate the work is done in case someone is waiting on a
- // service stop operation.
- ExecuteServiceCommand(argc, argv);
- LogFinish();
+ // The service command was executed, stop logging and set an event
+ // to indicate the work is done in case someone is waiting on a
+ // service stop operation.
+ ExecuteServiceCommand(argc, argv);
+ LogFinish();
- SetEvent(gWorkDoneEvent);
+ SetEvent(gWorkDoneEvent);
- // If we aren't already in a stopping state then tell the SCM we're stopped
- // now. If we are already in a stopping state then the SERVICE_STOPPED state
- // will be set by the SvcCtrlHandler.
- if (!gServiceControlStopping) {
- ReportSvcStatus(SERVICE_STOPPED, NO_ERROR, 0);
- StartTerminationThread();
- }
+ // If we aren't already in a stopping state then tell the SCM we're stopped
+ // now. If we are already in a stopping state then the SERVICE_STOPPED state
+ // will be set by the SvcCtrlHandler.
+ if (!gServiceControlStopping)
+ {
+ ReportSvcStatus(SERVICE_STOPPED, NO_ERROR, 0);
+ StartTerminationThread();
+ }
}
/**
@@ -312,29 +341,35 @@ ReportSvcStatus(DWORD currentState,
DWORD exitCode,
DWORD waitHint)
{
- static DWORD dwCheckPoint = 1;
-
- gSvcStatus.dwCurrentState = currentState;
- gSvcStatus.dwWin32ExitCode = exitCode;
- gSvcStatus.dwWaitHint = waitHint;
-
- if (SERVICE_START_PENDING == currentState ||
- SERVICE_STOP_PENDING == currentState) {
- gSvcStatus.dwControlsAccepted = 0;
- } else {
- gSvcStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP |
- SERVICE_ACCEPT_SHUTDOWN;
- }
-
- if ((SERVICE_RUNNING == currentState) ||
- (SERVICE_STOPPED == currentState)) {
- gSvcStatus.dwCheckPoint = 0;
- } else {
- gSvcStatus.dwCheckPoint = dwCheckPoint++;
- }
-
- // Report the status of the service to the SCM.
- SetServiceStatus(gSvcStatusHandle, &gSvcStatus);
+ static DWORD dwCheckPoint = 1;
+
+ gSvcStatus.dwCurrentState = currentState;
+ gSvcStatus.dwWin32ExitCode = exitCode;
+ gSvcStatus.dwWaitHint = waitHint;
+
+ if (SERVICE_START_PENDING == currentState ||
+ SERVICE_STOP_PENDING == currentState)
+ {
+ gSvcStatus.dwControlsAccepted = 0;
+ }
+ else
+ {
+ gSvcStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP |
+ SERVICE_ACCEPT_SHUTDOWN;
+ }
+
+ if ((SERVICE_RUNNING == currentState) ||
+ (SERVICE_STOPPED == currentState))
+ {
+ gSvcStatus.dwCheckPoint = 0;
+ }
+ else
+ {
+ gSvcStatus.dwCheckPoint = dwCheckPoint++;
+ }
+
+ // Report the status of the service to the SCM.
+ SetServiceStatus(gSvcStatusHandle, &gSvcStatus);
}
/**
@@ -344,14 +379,16 @@ ReportSvcStatus(DWORD currentState,
DWORD WINAPI
StopServiceAndWaitForCommandThread(LPVOID)
{
- do {
- ReportSvcStatus(SERVICE_STOP_PENDING, NO_ERROR, 1000);
- } while(WaitForSingleObject(gWorkDoneEvent, 100) == WAIT_TIMEOUT);
- CloseHandle(gWorkDoneEvent);
- gWorkDoneEvent = nullptr;
- ReportSvcStatus(SERVICE_STOPPED, NO_ERROR, 0);
- StartTerminationThread();
- return 0;
+ do
+ {
+ ReportSvcStatus(SERVICE_STOP_PENDING, NO_ERROR, 1000);
+ }
+ while (WaitForSingleObject(gWorkDoneEvent, 100) == WAIT_TIMEOUT);
+ CloseHandle(gWorkDoneEvent);
+ gWorkDoneEvent = nullptr;
+ ReportSvcStatus(SERVICE_STOPPED, NO_ERROR, 0);
+ StartTerminationThread();
+ return 0;
}
/**
@@ -361,35 +398,41 @@ StopServiceAndWaitForCommandThread(LPVOID)
void WINAPI
SvcCtrlHandler(DWORD dwCtrl)
{
- // After a SERVICE_CONTROL_STOP there should be no more commands sent to
- // the SvcCtrlHandler.
- if (gServiceControlStopping) {
- return;
- }
-
- // Handle the requested control code.
- switch(dwCtrl) {
- case SERVICE_CONTROL_SHUTDOWN:
- case SERVICE_CONTROL_STOP: {
- gServiceControlStopping = true;
- ReportSvcStatus(SERVICE_STOP_PENDING, NO_ERROR, 1000);
-
- // The SvcCtrlHandler thread should not spend more than 30 seconds in
- // shutdown so we spawn a new thread for stopping the service
- HANDLE thread = CreateThread(nullptr, 0,
- StopServiceAndWaitForCommandThread,
- nullptr, 0, nullptr);
- if (thread) {
- CloseHandle(thread);
- } else {
- // Couldn't start the thread so just call the stop ourselves.
- // If it happens to take longer than 30 seconds the caller will
- // get an error.
- StopServiceAndWaitForCommandThread(nullptr);
- }
+ // After a SERVICE_CONTROL_STOP there should be no more commands sent to
+ // the SvcCtrlHandler.
+ if (gServiceControlStopping)
+ {
+ return;
+ }
+
+ // Handle the requested control code.
+ switch (dwCtrl)
+ {
+ case SERVICE_CONTROL_SHUTDOWN:
+ case SERVICE_CONTROL_STOP:
+ {
+ gServiceControlStopping = true;
+ ReportSvcStatus(SERVICE_STOP_PENDING, NO_ERROR, 1000);
+
+ // The SvcCtrlHandler thread should not spend more than 30 seconds in
+ // shutdown so we spawn a new thread for stopping the service
+ HANDLE thread = CreateThread(nullptr, 0,
+ StopServiceAndWaitForCommandThread,
+ nullptr, 0, nullptr);
+ if (thread)
+ {
+ CloseHandle(thread);
+ }
+ else
+ {
+ // Couldn't start the thread so just call the stop ourselves.
+ // If it happens to take longer than 30 seconds the caller will
+ // get an error.
+ StopServiceAndWaitForCommandThread(nullptr);
+ }
+ }
+ break;
+ default:
+ break;
}
- break;
- default:
- break;
- }
}
diff --git a/onlineupdate/source/service/maintenanceservice.hxx b/onlineupdate/source/service/maintenanceservice.hxx
index 9e02914..af5db9e 100644
--- a/onlineupdate/source/service/maintenanceservice.hxx
+++ b/onlineupdate/source/service/maintenanceservice.hxx
@@ -5,6 +5,6 @@
void WINAPI SvcMain(DWORD dwArgc, LPWSTR *lpszArgv);
void SvcInit(DWORD dwArgc, LPWSTR *lpszArgv);
void WINAPI SvcCtrlHandler(DWORD dwCtrl);
-void ReportSvcStatus(DWORD dwCurrentState,
- DWORD dwWin32ExitCode,
+void ReportSvcStatus(DWORD dwCurrentState,
+ DWORD dwWin32ExitCode,
DWORD dwWaitHint);
diff --git a/onlineupdate/source/service/registrycertificates.cxx b/onlineupdate/source/service/registrycertificates.cxx
index f44fb34..ea0905c 100644
--- a/onlineupdate/source/service/registrycertificates.cxx
+++ b/onlineupdate/source/service/registrycertificates.cxx
@@ -55,115 +55,127 @@ struct AutoRegKey
BOOL
DoesBinaryMatchAllowedCertificates(LPCWSTR basePathForUpdate, LPCWSTR filePath)
{
- WCHAR maintenanceServiceKey[MAX_PATH + 1];
- if (!CalculateRegistryPathFromFilePath(basePathForUpdate,
- maintenanceServiceKey)) {
- return FALSE;
- }
-
- // We use KEY_WOW64_64KEY to always force 64-bit view.
- // The user may have both x86 and x64 applications installed
- // which each register information. We need a consistent place
- // to put those certificate attributes in and hence why we always
- // force the non redirected registry under Wow6432Node.
- // This flag is ignored on 32bit systems.
- HKEY baseKeyRaw;
- LONG retCode = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
- maintenanceServiceKey, 0,
- KEY_READ | KEY_WOW64_64KEY, &baseKeyRaw);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Could not open key. (%d)", retCode));
- // Our tests run with a different apply directory for each test.
- // We use this registry key on our test slaves to store the
- // allowed name/issuers.
- retCode = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
- TEST_ONLY_FALLBACK_KEY_PATH, 0,
- KEY_READ | KEY_WOW64_64KEY, &baseKeyRaw);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Could not open fallback key. (%d)", retCode));
- return FALSE;
- }
- }
- AutoRegKey baseKey(baseKeyRaw);
-
- // Get the number of subkeys.
- DWORD subkeyCount = 0;
- retCode = RegQueryInfoKeyW(baseKey.get(), nullptr, nullptr, nullptr, &subkeyCount,
- nullptr, nullptr, nullptr, nullptr, nullptr,
- nullptr, nullptr);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Could not query info key. (%d)", retCode));
- return FALSE;
- }
-
- // Enumerate the subkeys, each subkey represents an allowed certificate.
- for (DWORD i = 0; i < subkeyCount; i++) {
- WCHAR subkeyBuffer[MAX_KEY_LENGTH];
- DWORD subkeyBufferCount = MAX_KEY_LENGTH;
- retCode = RegEnumKeyExW(baseKey.get(), i, subkeyBuffer,
- &subkeyBufferCount, nullptr,
- nullptr, nullptr, nullptr);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Could not enum certs. (%d)", retCode));
- return FALSE;
+ WCHAR maintenanceServiceKey[MAX_PATH + 1];
+ if (!CalculateRegistryPathFromFilePath(basePathForUpdate,
+ maintenanceServiceKey))
+ {
+ return FALSE;
}
- // Open the subkey for the current certificate
- HKEY subKeyRaw;
- retCode = RegOpenKeyExW(baseKey.get(),
- subkeyBuffer,
- 0,
- KEY_READ | KEY_WOW64_64KEY,
- &subKeyRaw);
- AutoRegKey subKey(subKeyRaw);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Could not open subkey. (%d)", retCode));
- continue; // Try the next subkey
+ // We use KEY_WOW64_64KEY to always force 64-bit view.
+ // The user may have both x86 and x64 applications installed
+ // which each register information. We need a consistent place
+ // to put those certificate attributes in and hence why we always
+ // force the non redirected registry under Wow6432Node.
+ // This flag is ignored on 32bit systems.
+ HKEY baseKeyRaw;
+ LONG retCode = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
+ maintenanceServiceKey, 0,
+ KEY_READ | KEY_WOW64_64KEY, &baseKeyRaw);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Could not open key. (%d)", retCode));
+ // Our tests run with a different apply directory for each test.
+ // We use this registry key on our test slaves to store the
+ // allowed name/issuers.
+ retCode = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
+ TEST_ONLY_FALLBACK_KEY_PATH, 0,
+ KEY_READ | KEY_WOW64_64KEY, &baseKeyRaw);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Could not open fallback key. (%d)", retCode));
+ return FALSE;
+ }
}
-
- const int MAX_CHAR_COUNT = 256;
- DWORD valueBufSize = MAX_CHAR_COUNT * sizeof(WCHAR);
- WCHAR name[MAX_CHAR_COUNT] = { L'\0' };
- WCHAR issuer[MAX_CHAR_COUNT] = { L'\0' };
-
- // Get the name from the registry
- retCode = RegQueryValueExW(subKey.get(), L"name", 0, nullptr,
- (LPBYTE)name, &valueBufSize);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Could not obtain name from registry. (%d)", retCode));
- continue; // Try the next subkey
+ AutoRegKey baseKey(baseKeyRaw);
+
+ // Get the number of subkeys.
+ DWORD subkeyCount = 0;
+ retCode = RegQueryInfoKeyW(baseKey.get(), nullptr, nullptr, nullptr, &subkeyCount,
+ nullptr, nullptr, nullptr, nullptr, nullptr,
+ nullptr, nullptr);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Could not query info key. (%d)", retCode));
+ return FALSE;
}
- // Get the issuer from the registry
- valueBufSize = MAX_CHAR_COUNT * sizeof(WCHAR);
- retCode = RegQueryValueExW(subKey.get(), L"issuer", 0, nullptr,
- (LPBYTE)issuer, &valueBufSize);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Could not obtain issuer from registry. (%d)", retCode));
- continue; // Try the next subkey
- }
+ // Enumerate the subkeys, each subkey represents an allowed certificate.
+ for (DWORD i = 0; i < subkeyCount; i++)
+ {
+ WCHAR subkeyBuffer[MAX_KEY_LENGTH];
+ DWORD subkeyBufferCount = MAX_KEY_LENGTH;
+ retCode = RegEnumKeyExW(baseKey.get(), i, subkeyBuffer,
+ &subkeyBufferCount, nullptr,
+ nullptr, nullptr, nullptr);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Could not enum certs. (%d)", retCode));
+ return FALSE;
+ }
- CertificateCheckInfo allowedCertificate = {
- name,
- issuer,
- };
+ // Open the subkey for the current certificate
+ HKEY subKeyRaw;
+ retCode = RegOpenKeyExW(baseKey.get(),
+ subkeyBuffer,
+ 0,
+ KEY_READ | KEY_WOW64_64KEY,
+ &subKeyRaw);
+ AutoRegKey subKey(subKeyRaw);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Could not open subkey. (%d)", retCode));
+ continue; // Try the next subkey
+ }
- retCode = CheckCertificateForPEFile(filePath, allowedCertificate);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Error on certificate check. (%d)", retCode));
- continue; // Try the next subkey
- }
+ const int MAX_CHAR_COUNT = 256;
+ DWORD valueBufSize = MAX_CHAR_COUNT * sizeof(WCHAR);
+ WCHAR name[MAX_CHAR_COUNT] = { L'\0' };
+ WCHAR issuer[MAX_CHAR_COUNT] = { L'\0' };
- retCode = VerifyCertificateTrustForFile(filePath);
- if (retCode != ERROR_SUCCESS) {
- LOG_WARN(("Error on certificate trust check. (%d)", retCode));
- continue; // Try the next subkey
- }
+ // Get the name from the registry
+ retCode = RegQueryValueExW(subKey.get(), L"name", 0, nullptr,
+ (LPBYTE)name, &valueBufSize);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Could not obtain name from registry. (%d)", retCode));
+ continue; // Try the next subkey
+ }
+
+ // Get the issuer from the registry
+ valueBufSize = MAX_CHAR_COUNT * sizeof(WCHAR);
+ retCode = RegQueryValueExW(subKey.get(), L"issuer", 0, nullptr,
+ (LPBYTE)issuer, &valueBufSize);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Could not obtain issuer from registry. (%d)", retCode));
+ continue; // Try the next subkey
+ }
+
+ CertificateCheckInfo allowedCertificate =
+ {
+ name,
+ issuer,
+ };
- // Raise the roof, we found a match!
- return TRUE;
- }
+ retCode = CheckCertificateForPEFile(filePath, allowedCertificate);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Error on certificate check. (%d)", retCode));
+ continue; // Try the next subkey
+ }
+
+ retCode = VerifyCertificateTrustForFile(filePath);
+ if (retCode != ERROR_SUCCESS)
+ {
+ LOG_WARN(("Error on certificate trust check. (%d)", retCode));
+ continue; // Try the next subkey
+ }
+
+ // Raise the roof, we found a match!
+ return TRUE;
+ }
- // No certificates match, :'(
- return FALSE;
+ // No certificates match, :'(
+ return FALSE;
}
diff --git a/onlineupdate/source/service/resource.hxx b/onlineupdate/source/service/resource.hxx
index 4561945..f1a1c38 100644
--- a/onlineupdate/source/service/resource.hxx
+++ b/onlineupdate/source/service/resource.hxx
@@ -9,7 +9,7 @@
#define IDI_DIALOG 1003
// Next default values for new objects
-//
+//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NEXT_RESOURCE_VALUE 102
diff --git a/onlineupdate/source/service/servicebase.cxx b/onlineupdate/source/service/servicebase.cxx
index 1b4f406..4fb6328 100644
--- a/onlineupdate/source/service/servicebase.cxx
+++ b/onlineupdate/source/service/servicebase.cxx
@@ -18,68 +18,80 @@
BOOL
VerifySameFiles(LPCWSTR file1Path, LPCWSTR file2Path, BOOL &sameContent)
{
- sameContent = FALSE;
- AutoHandle file1(CreateFileW(file1Path, GENERIC_READ, FILE_SHARE_READ,
+ sameContent = FALSE;
+ AutoHandle file1(CreateFileW(file1Path, GENERIC_READ, FILE_SHARE_READ,
nullptr, OPEN_EXISTING, 0, nullptr));
- if (file1 == INVALID_HANDLE_VALUE) {
- return FALSE;
- }
- AutoHandle file2(CreateFileW(file2Path, GENERIC_READ, FILE_SHARE_READ,
+ if (file1 == INVALID_HANDLE_VALUE)
+ {
+ return FALSE;
+ }
+ AutoHandle file2(CreateFileW(file2Path, GENERIC_READ, FILE_SHARE_READ,
nullptr, OPEN_EXISTING, 0, nullptr));
- if (file2 == INVALID_HANDLE_VALUE) {
- return FALSE;
- }
-
- DWORD fileSize1 = GetFileSize(file1.get(), nullptr);
- DWORD fileSize2 = GetFileSize(file2.get(), nullptr);
- if (INVALID_FILE_SIZE == fileSize1 || INVALID_FILE_SIZE == fileSize2) {
- return FALSE;
- }
-
- if (fileSize1 != fileSize2) {
- // sameContent is already set to FALSE
- return TRUE;
- }
-
- char buf1[COMPARE_BLOCKSIZE];
- char buf2[COMPARE_BLOCKSIZE];
- DWORD numBlocks = fileSize1 / COMPARE_BLOCKSIZE;
- DWORD leftOver = fileSize1 % COMPARE_BLOCKSIZE;
- DWORD readAmount;
- for (DWORD i = 0; i < numBlocks; i++) {
- if (!ReadFile(file1.get(), buf1, COMPARE_BLOCKSIZE, &readAmount, nullptr) ||
- readAmount != COMPARE_BLOCKSIZE) {
- return FALSE;
+ if (file2 == INVALID_HANDLE_VALUE)
+ {
+ return FALSE;
}
- if (!ReadFile(file2.get(), buf2, COMPARE_BLOCKSIZE, &readAmount, nullptr) ||
- readAmount != COMPARE_BLOCKSIZE) {
- return FALSE;
+ DWORD fileSize1 = GetFileSize(file1.get(), nullptr);
+ DWORD fileSize2 = GetFileSize(file2.get(), nullptr);
+ if (INVALID_FILE_SIZE == fileSize1 || INVALID_FILE_SIZE == fileSize2)
+ {
+ return FALSE;
}
- if (memcmp(buf1, buf2, COMPARE_BLOCKSIZE)) {
- // sameContent is already set to FALSE
- return TRUE;
+ if (fileSize1 != fileSize2)
+ {
+ // sameContent is already set to FALSE
+ return TRUE;
}
- }
- if (leftOver) {
- if (!ReadFile(file1.get(), buf1, leftOver, &readAmount, nullptr) ||
- readAmount != leftOver) {
- return FALSE;
- }
+ char buf1[COMPARE_BLOCKSIZE];
+ char buf2[COMPARE_BLOCKSIZE];
+ DWORD numBlocks = fileSize1 / COMPARE_BLOCKSIZE;
+ DWORD leftOver = fileSize1 % COMPARE_BLOCKSIZE;
+ DWORD readAmount;
+ for (DWORD i = 0; i < numBlocks; i++)
+ {
+ if (!ReadFile(file1.get(), buf1, COMPARE_BLOCKSIZE, &readAmount, nullptr) ||
+ readAmount != COMPARE_BLOCKSIZE)
+ {
+ return FALSE;
+ }
+
+ if (!ReadFile(file2.get(), buf2, COMPARE_BLOCKSIZE, &readAmount, nullptr) ||
+ readAmount != COMPARE_BLOCKSIZE)
+ {
+ return FALSE;
+ }
- if (!ReadFile(file2.get(), buf2, leftOver, &readAmount, nullptr) ||
- readAmount != leftOver) {
- return FALSE;
+ if (memcmp(buf1, buf2, COMPARE_BLOCKSIZE))
+ {
+ // sameContent is already set to FALSE
+ return TRUE;
+ }
}
- if (memcmp(buf1, buf2, leftOver)) {
- // sameContent is already set to FALSE
- return TRUE;
+ if (leftOver)
+ {
+ if (!ReadFile(file1.get(), buf1, leftOver, &readAmount, nullptr) ||
+ readAmount != leftOver)
+ {
+ return FALSE;
+ }
+
+ if (!ReadFile(file2.get(), buf2, leftOver, &readAmount, nullptr) ||
+ readAmount != leftOver)
+ {
+ return FALSE;
+ }
+
+ if (memcmp(buf1, buf2, leftOver))
+ {
+ // sameContent is already set to FALSE
+ return TRUE;
+ }
}
- }
- sameContent = TRUE;
- return TRUE;
+ sameContent = TRUE;
+ return TRUE;
}
diff --git a/onlineupdate/source/service/servicebase.hxx b/onlineupdate/source/service/servicebase.hxx
index abf88a1..c47f966 100644
--- a/onlineupdate/source/service/servicebase.hxx
+++ b/onlineupdate/source/service/servicebase.hxx
@@ -14,7 +14,7 @@ BOOL VerifySameFiles(LPCWSTR file1Path, LPCWSTR file2Path, BOOL &sameContent);
#define COMPARE_BLOCKSIZE 32768
// The following string resource value is used to uniquely identify the signed
-// Mozilla application as an updater. Before the maintenance service will
+// Mozilla application as an updater. Before the maintenance service will
// execute the updater it must have this updater identity string in its string
// table. No other signed Mozilla product will have this string table value.
#define UPDATER_IDENTITY_STRING \
diff --git a/onlineupdate/source/service/serviceinstall.cxx b/onlineupdate/source/service/serviceinstall.cxx
index cf7fef3..a225e94 100644
--- a/onlineupdate/source/service/serviceinstall.cxx
+++ b/onlineupdate/source/service/serviceinstall.cxx
@@ -73,19 +73,20 @@ static int
ReadMaintenanceServiceStrings(LPCWSTR path,
MaintenanceServiceStringTable *results)
{
- // Read in the maintenance service description string if specified.
- const unsigned int kNumStrings = 1;
- const char *kServiceKeys = "MozillaMaintenanceDescription\0";
- char serviceStrings[kNumStrings][MAX_TEXT_LEN];
- int result = ReadStrings(path, kServiceKeys,
- kNumStrings, serviceStrings);
- if (result != OK) {
- serviceStrings[0][0] = '\0';
- }
- strncpy(results->serviceDescription,
- serviceStrings[0], MAX_TEXT_LEN - 1);
- results->serviceDescription[MAX_TEXT_LEN - 1] = '\0';
- return result;
+ // Read in the maintenance service description string if specified.
+ const unsigned int kNumStrings = 1;
+ const char *kServiceKeys = "MozillaMaintenanceDescription\0";
+ char serviceStrings[kNumStrings][MAX_TEXT_LEN];
+ int result = ReadStrings(path, kServiceKeys,
+ kNumStrings, serviceStrings);
+ if (result != OK)
+ {
+ serviceStrings[0][0] = '\0';
+ }
+ strncpy(results->serviceDescription,
+ serviceStrings[0], MAX_TEXT_LEN - 1);
+ results->serviceDescription[MAX_TEXT_LEN - 1] = '\0';
+ return result;
}
/**
@@ -103,30 +104,32 @@ static BOOL
GetVersionNumberFromPath(LPWSTR path, DWORD &A, DWORD &B,
DWORD &C, DWORD &D)
{
- DWORD fileVersionInfoSize = GetFileVersionInfoSizeW(path, 0);
- std::unique_ptr<char[]> fileVersionInfo(new char[fileVersionInfoSize]);
- if (!GetFileVersionInfoW(path, 0, fileVersionInfoSize,
- fileVersionInfo.get())) {
- LOG_WARN(("Could not obtain file info of old service. (%d)",
- GetLastError()));
- return FALSE;
- }
-
- VS_FIXEDFILEINFO *fixedFileInfo =
- reinterpret_cast<VS_FIXEDFILEINFO *>(fileVersionInfo.get());
- UINT size;
- if (!VerQueryValueW(fileVersionInfo.get(), L"\\",
- reinterpret_cast<LPVOID*>(&fixedFileInfo), &size)) {
- LOG_WARN(("Could not query file version info of old service. (%d)",
- GetLastError()));
- return FALSE;
- }
-
- A = HIWORD(fixedFileInfo->dwFileVersionMS);
- B = LOWORD(fixedFileInfo->dwFileVersionMS);
- C = HIWORD(fixedFileInfo->dwFileVersionLS);
- D = LOWORD(fixedFileInfo->dwFileVersionLS);
- return TRUE;
+ DWORD fileVersionInfoSize = GetFileVersionInfoSizeW(path, 0);
+ std::unique_ptr<char[]> fileVersionInfo(new char[fileVersionInfoSize]);
+ if (!GetFileVersionInfoW(path, 0, fileVersionInfoSize,
+ fileVersionInfo.get()))
+ {
+ LOG_WARN(("Could not obtain file info of old service. (%d)",
+ GetLastError()));
+ return FALSE;
+ }
+
+ VS_FIXEDFILEINFO *fixedFileInfo =
+ reinterpret_cast<VS_FIXEDFILEINFO *>(fileVersionInfo.get());
+ UINT size;
+ if (!VerQueryValueW(fileVersionInfo.get(), L"\\",
+ reinterpret_cast<LPVOID*>(&fixedFileInfo), &size))
+ {
+ LOG_WARN(("Could not query file version info of old service. (%d)",
+ GetLastError()));
+ return FALSE;
+ }
+
+ A = HIWORD(fixedFileInfo->dwFileVersionMS);
+ B = LOWORD(fixedFileInfo->dwFileVersionMS);
+ C = HIWORD(fixedFileInfo->dwFileVersionLS);
+ D = LOWORD(fixedFileInfo->dwFileVersionLS);
+ return TRUE;
}
/**
@@ -140,63 +143,70 @@ GetVersionNumberFromPath(LPWSTR path, DWORD &A, DWORD &B,
BOOL
UpdateServiceDescription(SC_HANDLE serviceHandle)
{
- WCHAR updaterINIPath[MAX_PATH + 1];
- if (!GetModuleFileNameW(nullptr, updaterINIPath,
- sizeof(updaterINIPath) /
- sizeof(updaterINIPath[0]))) {
- LOG_WARN(("Could not obtain module filename when attempting to "
- "modify service description. (%d)", GetLastError()));
- return FALSE;
- }
-
- if (!PathRemoveFileSpecW(updaterINIPath)) {
- LOG_WARN(("Could not remove file spec when attempting to "
- "modify service description. (%d)", GetLastError()));
- return FALSE;
- }
-
- if (!PathAppendSafe(updaterINIPath, L"updater.ini")) {
- LOG_WARN(("Could not append updater.ini filename when attempting to "
- "modify service description. (%d)", GetLastError()));
- return FALSE;
- }
-
- if (GetFileAttributesW(updaterINIPath) == INVALID_FILE_ATTRIBUTES) {
- LOG_WARN(("updater.ini file does not exist, will not modify "
- "service description. (%d)", GetLastError()));
- return FALSE;
- }
-
- MaintenanceServiceStringTable serviceStrings;
- int rv = ReadMaintenanceServiceStrings(updaterINIPath, &serviceStrings);
- if (rv != OK || !strlen(serviceStrings.serviceDescription)) {
- LOG_WARN(("updater.ini file does not contain a maintenance "
- "service description."));
- return FALSE;
- }
-
- WCHAR serviceDescription[MAX_TEXT_LEN];
- if (!MultiByteToWideChar(CP_UTF8, 0,
- serviceStrings.serviceDescription, -1,
- serviceDescription,
- sizeof(serviceDescription) /
- sizeof(serviceDescription[0]))) {
- LOG_WARN(("Could not convert description to wide string format. (%d)",
- GetLastError()));
- return FALSE;
- }
-
- SERVICE_DESCRIPTIONW descriptionConfig;
- descriptionConfig.lpDescription = serviceDescription;
- if (!ChangeServiceConfig2W(serviceHandle,
- SERVICE_CONFIG_DESCRIPTION,
- &descriptionConfig)) {
- LOG_WARN(("Could not change service config. (%d)", GetLastError()));
- return FALSE;
- }
-
- LOG(("The service description was updated successfully."));
- return TRUE;
+ WCHAR updaterINIPath[MAX_PATH + 1];
+ if (!GetModuleFileNameW(nullptr, updaterINIPath,
+ sizeof(updaterINIPath) /
+ sizeof(updaterINIPath[0])))
+ {
+ LOG_WARN(("Could not obtain module filename when attempting to "
+ "modify service description. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ if (!PathRemoveFileSpecW(updaterINIPath))
+ {
+ LOG_WARN(("Could not remove file spec when attempting to "
+ "modify service description. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ if (!PathAppendSafe(updaterINIPath, L"updater.ini"))
+ {
+ LOG_WARN(("Could not append updater.ini filename when attempting to "
+ "modify service description. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ if (GetFileAttributesW(updaterINIPath) == INVALID_FILE_ATTRIBUTES)
+ {
+ LOG_WARN(("updater.ini file does not exist, will not modify "
+ "service description. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ MaintenanceServiceStringTable serviceStrings;
+ int rv = ReadMaintenanceServiceStrings(updaterINIPath, &serviceStrings);
+ if (rv != OK || !strlen(serviceStrings.serviceDescription))
+ {
+ LOG_WARN(("updater.ini file does not contain a maintenance "
+ "service description."));
+ return FALSE;
+ }
+
+ WCHAR serviceDescription[MAX_TEXT_LEN];
+ if (!MultiByteToWideChar(CP_UTF8, 0,
+ serviceStrings.serviceDescription, -1,
+ serviceDescription,
+ sizeof(serviceDescription) /
+ sizeof(serviceDescription[0])))
+ {
+ LOG_WARN(("Could not convert description to wide string format. (%d)",
+ GetLastError()));
+ return FALSE;
+ }
+
+ SERVICE_DESCRIPTIONW descriptionConfig;
+ descriptionConfig.lpDescription = serviceDescription;
+ if (!ChangeServiceConfig2W(serviceHandle,
+ SERVICE_CONFIG_DESCRIPTION,
+ &descriptionConfig))
+ {
+ LOG_WARN(("Could not change service config. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ LOG(("The service description was updated successfully."));
+ return TRUE;
}
/**
@@ -213,54 +223,58 @@ FixServicePath(SC_HANDLE service,
LPCWSTR currentServicePath,
BOOL &servicePathWasWrong)
{
- // When we originally upgraded the MozillaMaintenance service we
- // would uninstall the service on each upgrade. This had an
- // intermittent error which could cause the service to use the file
- // maintenanceservice_tmp.exe as the install path. Only a small number
- // of Nightly users would be affected by this, but we check for this
- // state here and fix the user if they are affected.
- //
- // We also fix the path in the case of the path not being quoted.
- size_t currentServicePathLen = wcslen(currentServicePath);
- bool doesServiceHaveCorrectPath =
- currentServicePathLen > 2 &&
- !wcsstr(currentServicePath, L"maintenanceservice_tmp.exe") &&
- currentServicePath[0] == L'\"' &&
- currentServicePath[currentServicePathLen - 1] == L'\"';
-
- if (doesServiceHaveCorrectPath) {
- LOG(("The MozillaMaintenance service path is correct."));
- servicePathWasWrong = FALSE;
+ // When we originally upgraded the MozillaMaintenance service we
+ // would uninstall the service on each upgrade. This had an
+ // intermittent error which could cause the service to use the file
+ // maintenanceservice_tmp.exe as the install path. Only a small number
+ // of Nightly users would be affected by this, but we check for this
+ // state here and fix the user if they are affected.
+ //
+ // We also fix the path in the case of the path not being quoted.
+ size_t currentServicePathLen = wcslen(currentServicePath);
+ bool doesServiceHaveCorrectPath =
+ currentServicePathLen > 2 &&
+ !wcsstr(currentServicePath, L"maintenanceservice_tmp.exe") &&
+ currentServicePath[0] == L'\"' &&
+ currentServicePath[currentServicePathLen - 1] == L'\"';
+
+ if (doesServiceHaveCorrectPath)
+ {
+ LOG(("The MozillaMaintenance service path is correct."));
+ servicePathWasWrong = FALSE;
+ return TRUE;
+ }
+ // This is a recoverable situation so not logging as a warning
+ LOG(("The MozillaMaintenance path is NOT correct. It was: %ls",
+ currentServicePath));
+
+ servicePathWasWrong = TRUE;
+ WCHAR fixedPath[MAX_PATH + 1] = { L'\0' };
+ wcsncpy(fixedPath, currentServicePath, MAX_PATH);
+ PathUnquoteSpacesW(fixedPath);
+ if (!PathRemoveFileSpecW(fixedPath))
+ {
+ LOG_WARN(("Couldn't remove file spec. (%d)", GetLastError()));
+ return FALSE;
+ }
+ if (!PathAppendSafe(fixedPath, L"maintenanceservice.exe"))
+ {
+ LOG_WARN(("Couldn't append file spec. (%d)", GetLastError()));
+ return FALSE;
+ }
+ PathQuoteSpacesW(fixedPath);
+
+
+ if (!ChangeServiceConfigW(service, SERVICE_NO_CHANGE, SERVICE_NO_CHANGE,
+ SERVICE_NO_CHANGE, fixedPath, nullptr, nullptr,
+ nullptr, nullptr, nullptr, nullptr))
+ {
+ LOG_WARN(("Could not fix service path. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ LOG(("Fixed service path to: %ls.", fixedPath));
return TRUE;
- }
- // This is a recoverable situation so not logging as a warning
- LOG(("The MozillaMaintenance path is NOT correct. It was: %ls",
- currentServicePath));
-
- servicePathWasWrong = TRUE;
- WCHAR fixedPath[MAX_PATH + 1] = { L'\0' };
- wcsncpy(fixedPath, currentServicePath, MAX_PATH);
- PathUnquoteSpacesW(fixedPath);
- if (!PathRemoveFileSpecW(fixedPath)) {
- LOG_WARN(("Couldn't remove file spec. (%d)", GetLastError()));
- return FALSE;
- }
- if (!PathAppendSafe(fixedPath, L"maintenanceservice.exe")) {
- LOG_WARN(("Couldn't append file spec. (%d)", GetLastError()));
- return FALSE;
- }
- PathQuoteSpacesW(fixedPath);
-
-
- if (!ChangeServiceConfigW(service, SERVICE_NO_CHANGE, SERVICE_NO_CHANGE,
- SERVICE_NO_CHANGE, fixedPath, nullptr, nullptr,
- nullptr, nullptr, nullptr, nullptr)) {
- LOG_WARN(("Could not fix service path. (%d)", GetLastError()));
- return FALSE;
- }
-
- LOG(("Fixed service path to: %ls.", fixedPath));
- return TRUE;
}
/**
@@ -274,263 +288,299 @@ FixServicePath(SC_HANDLE service,
BOOL
SvcInstall(SvcInstallAction action)
{
- // Get a handle to the local computer SCM database with full access rights.
- AutoServiceHandle schSCManager(OpenSCManager(nullptr, nullptr,
- SC_MANAGER_ALL_ACCESS));
- if (!schSCManager) {
- LOG_WARN(("Could not open service manager. (%d)", GetLastError()));
- return FALSE;
- }
-
- WCHAR newServiceBinaryPath[MAX_PATH + 1];
- if (!GetModuleFileNameW(nullptr, newServiceBinaryPath,
- sizeof(newServiceBinaryPath) /
- sizeof(newServiceBinaryPath[0]))) {
- LOG_WARN(("Could not obtain module filename when attempting to "
- "install service. (%d)",
- GetLastError()));
- return FALSE;
- }
-
- // Check if we already have the service installed.
- AutoServiceHandle schService(OpenServiceW(schSCManager.get(),
- SVC_NAME,
- SERVICE_ALL_ACCESS));
- DWORD lastError = GetLastError();
- if (!schService && ERROR_SERVICE_DOES_NOT_EXIST != lastError) {
- // The service exists but we couldn't open it
- LOG_WARN(("Could not open service. (%d)", GetLastError()));
- return FALSE;
- }
-
- if (schService) {
- // The service exists but it may not have the correct permissions.
- // This could happen if the permissions were not set correctly originally
- // or have been changed after the installation. This will reset the
- // permissions back to allow limited user accounts.
- if (!SetUserAccessServiceDACL(schService.get())) {
- LOG_WARN(("Could not reset security ACE on service handle. It might not be "
- "possible to start the service. This error should never "
- "happen. (%d)", GetLastError()));
- }
-
- // The service exists and we opened it
- DWORD bytesNeeded;
- if (!QueryServiceConfigW(schService.get(), nullptr, 0, &bytesNeeded) &&
- GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
- LOG_WARN(("Could not determine buffer size for query service config. (%d)",
- GetLastError()));
- return FALSE;
- }
-
- // Get the service config information, in particular we want the binary
- // path of the service.
- std::unique_ptr<char[]> serviceConfigBuffer(new char[bytesNeeded]);
- if (!QueryServiceConfigW(schService.get(),
- reinterpret_cast<QUERY_SERVICE_CONFIGW*>(serviceConfigBuffer.get()),
- bytesNeeded, &bytesNeeded)) {
- LOG_WARN(("Could open service but could not query service config. (%d)",
- GetLastError()));
- return FALSE;
- }
- QUERY_SERVICE_CONFIGW &serviceConfig =
- *reinterpret_cast<QUERY_SERVICE_CONFIGW*>(serviceConfigBuffer.get());
-
- // Check if we need to fix the service path
- BOOL servicePathWasWrong;
- static BOOL alreadyCheckedFixServicePath = FALSE;
- if (!alreadyCheckedFixServicePath) {
- if (!FixServicePath(schService.get(), serviceConfig.lpBinaryPathName,
- servicePathWasWrong)) {
- LOG_WARN(("Could not fix service path. This should never happen. (%d)",
+ // Get a handle to the local computer SCM database with full access rights.
+ AutoServiceHandle schSCManager(OpenSCManager(nullptr, nullptr,
+ SC_MANAGER_ALL_ACCESS));
+ if (!schSCManager)
+ {
+ LOG_WARN(("Could not open service manager. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ WCHAR newServiceBinaryPath[MAX_PATH + 1];
+ if (!GetModuleFileNameW(nullptr, newServiceBinaryPath,
+ sizeof(newServiceBinaryPath) /
+ sizeof(newServiceBinaryPath[0])))
+ {
+ LOG_WARN(("Could not obtain module filename when attempting to "
+ "install service. (%d)",
GetLastError()));
- // True is returned because the service is pointing to
- // maintenanceservice_tmp.exe so it actually was upgraded to the
- // newest installed service.
- return TRUE;
- } else if (servicePathWasWrong) {
- // Now that the path is fixed we should re-attempt the install.
- // This current process' image path is maintenanceservice_tmp.exe.
- // The service used to point to maintenanceservice_tmp.exe.
- // The service was just fixed to point to maintenanceservice.exe.
- // Re-attempting an install from scratch will work as normal.
- alreadyCheckedFixServicePath = TRUE;
- LOG(("Restarting install action: %d", action));
- return SvcInstall(action);
- }
- }
-
- // Ensure the service path is not quoted. We own this memory and know it to
- // be large enough for the quoted path, so it is large enough for the
- // unquoted path. This function cannot fail.
- PathUnquoteSpacesW(serviceConfig.lpBinaryPathName);
-
- // Obtain the existing maintenanceservice file's version number and
- // the new file's version number. Versions are in the format of
- // A.B.C.D.
- DWORD existingA, existingB, existingC, existingD;
- DWORD newA, newB, newC, newD;
- BOOL obtainedExistingVersionInfo =
- GetVersionNumberFromPath(serviceConfig.lpBinaryPathName,
- existingA, existingB,
- existingC, existingD);
- if (!GetVersionNumberFromPath(newServiceBinaryPath, newA,
- newB, newC, newD)) {
- LOG_WARN(("Could not obtain version number from new path"));
- return FALSE;
- }
-
- // Check if we need to replace the old binary with the new one
- // If we couldn't get the old version info then we assume we should
- // replace it.
- if (ForceInstallSvc == action ||
- !obtainedExistingVersionInfo ||
- (existingA < newA) ||
- (existingA == newA && existingB < newB) ||
- (existingA == newA && existingB == newB &&
- existingC < newC) ||
- (existingA == newA && existingB == newB &&
- existingC == newC && existingD < newD)) {
-
- // We have a newer updater, so update the description from the INI file.
- UpdateServiceDescription(schService.get());
-
- schService.reset();
- if (!StopService()) {
return FALSE;
- }
+ }
- if (!wcscmp(newServiceBinaryPath, serviceConfig.lpBinaryPathName)) {
- LOG(("File is already in the correct location, no action needed for "
- "upgrade. The path is: \"%ls\"", newServiceBinaryPath));
- return TRUE;
- }
-
- BOOL result = TRUE;
-
- // Attempt to copy the new binary over top the existing binary.
- // If there is an error we try to move it out of the way and then
- // copy it in. First try the safest / easiest way to overwrite the file.
- if (!CopyFileW(newServiceBinaryPath,
- serviceConfig.lpBinaryPathName, FALSE)) {
- LOG_WARN(("Could not overwrite old service binary file. "
- "This should never happen, but if it does the next "
- "upgrade will fix it, the service is not a critical "
- "component that needs to be installed for upgrades "
- "to work. (%d)", GetLastError()));
-
- // We rename the last 3 filename chars in an unsafe way. Manually
- // verify there are more than 3 chars for safe failure in MoveFileExW.
- const size_t len = wcslen(serviceConfig.lpBinaryPathName);
- if (len > 3) {
- // Calculate the temp file path that we're moving the file to. This
- // is the same as the proper service path but with a .old extension.
- LPWSTR oldServiceBinaryTempPath =
- new WCHAR[len + 1];
- memset(oldServiceBinaryTempPath, 0, (len + 1) * sizeof (WCHAR));
- wcsncpy(oldServiceBinaryTempPath, serviceConfig.lpBinaryPathName, len);
- // Rename the last 3 chars to 'old'
- wcsncpy(oldServiceBinaryTempPath + len - 3, L"old", 3);
-
- // Move the current (old) service file to the temp path.
- if (MoveFileExW(serviceConfig.lpBinaryPathName,
- oldServiceBinaryTempPath,
- MOVEFILE_REPLACE_EXISTING | MOVEFILE_WRITE_THROUGH)) {
- // The old binary is moved out of the way, copy in the new one.
+ // Check if we already have the service installed.
+ AutoServiceHandle schService(OpenServiceW(schSCManager.get(),
+ SVC_NAME,
+ SERVICE_ALL_ACCESS));
+ DWORD lastError = GetLastError();
+ if (!schService && ERROR_SERVICE_DOES_NOT_EXIST != lastError)
+ {
+ // The service exists but we couldn't open it
+ LOG_WARN(("Could not open service. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ if (schService)
+ {
+ // The service exists but it may not have the correct permissions.
+ // This could happen if the permissions were not set correctly originally
+ // or have been changed after the installation. This will reset the
+ // permissions back to allow limited user accounts.
+ if (!SetUserAccessServiceDACL(schService.get()))
+ {
+ LOG_WARN(("Could not reset security ACE on service handle. It might not be "
+ "possible to start the service. This error should never "
+ "happen. (%d)", GetLastError()));
+ }
+
+ // The service exists and we opened it
+ DWORD bytesNeeded;
+ if (!QueryServiceConfigW(schService.get(), nullptr, 0, &bytesNeeded) &&
+ GetLastError() != ERROR_INSUFFICIENT_BUFFER)
+ {
+ LOG_WARN(("Could not determine buffer size for query service config. (%d)",
+ GetLastError()));
+ return FALSE;
+ }
+
+ // Get the service config information, in particular we want the binary
+ // path of the service.
+ std::unique_ptr<char[]> serviceConfigBuffer(new char[bytesNeeded]);
+ if (!QueryServiceConfigW(schService.get(),
+ reinterpret_cast<QUERY_SERVICE_CONFIGW*>(serviceConfigBuffer.get()),
+ bytesNeeded, &bytesNeeded))
+ {
+ LOG_WARN(("Could open service but could not query service config. (%d)",
+ GetLastError()));
+ return FALSE;
+ }
+ QUERY_SERVICE_CONFIGW &serviceConfig =
+ *reinterpret_cast<QUERY_SERVICE_CONFIGW*>(serviceConfigBuffer.get());
+
+ // Check if we need to fix the service path
+ BOOL servicePathWasWrong;
+ static BOOL alreadyCheckedFixServicePath = FALSE;
+ if (!alreadyCheckedFixServicePath)
+ {
+ if (!FixServicePath(schService.get(), serviceConfig.lpBinaryPathName,
+ servicePathWasWrong))
+ {
+ LOG_WARN(("Could not fix service path. This should never happen. (%d)",
+ GetLastError()));
+ // True is returned because the service is pointing to
+ // maintenanceservice_tmp.exe so it actually was upgraded to the
+ // newest installed service.
+ return TRUE;
+ }
+ else if (servicePathWasWrong)
+ {
+ // Now that the path is fixed we should re-attempt the install.
+ // This current process' image path is maintenanceservice_tmp.exe.
+ // The service used to point to maintenanceservice_tmp.exe.
+ // The service was just fixed to point to maintenanceservice.exe.
+ // Re-attempting an install from scratch will work as normal.
+ alreadyCheckedFixServicePath = TRUE;
+ LOG(("Restarting install action: %d", action));
+ return SvcInstall(action);
+ }
+ }
+
+ // Ensure the service path is not quoted. We own this memory and know it to
+ // be large enough for the quoted path, so it is large enough for the
+ // unquoted path. This function cannot fail.
+ PathUnquoteSpacesW(serviceConfig.lpBinaryPathName);
+
+ // Obtain the existing maintenanceservice file's version number and
+ // the new file's version number. Versions are in the format of
+ // A.B.C.D.
+ DWORD existingA, existingB, existingC, existingD;
+ DWORD newA, newB, newC, newD;
+ BOOL obtainedExistingVersionInfo =
+ GetVersionNumberFromPath(serviceConfig.lpBinaryPathName,
+ existingA, existingB,
+ existingC, existingD);
+ if (!GetVersionNumberFromPath(newServiceBinaryPath, newA,
+ newB, newC, newD))
+ {
+ LOG_WARN(("Could not obtain version number from new path"));
+ return FALSE;
+ }
+
+ // Check if we need to replace the old binary with the new one
+ // If we couldn't get the old version info then we assume we should
+ // replace it.
+ if (ForceInstallSvc == action ||
+ !obtainedExistingVersionInfo ||
+ (existingA < newA) ||
+ (existingA == newA && existingB < newB) ||
+ (existingA == newA && existingB == newB &&
+ existingC < newC) ||
+ (existingA == newA && existingB == newB &&
+ existingC == newC && existingD < newD))
+ {
+
+ // We have a newer updater, so update the description from the INI file.
+ UpdateServiceDescription(schService.get());
+
+ schService.reset();
+ if (!StopService())
+ {
+ return FALSE;
+ }
+
+ if (!wcscmp(newServiceBinaryPath, serviceConfig.lpBinaryPathName))
+ {
+ LOG(("File is already in the correct location, no action needed for "
+ "upgrade. The path is: \"%ls\"", newServiceBinaryPath));
+ return TRUE;
+ }
+
+ BOOL result = TRUE;
+
+ // Attempt to copy the new binary over top the existing binary.
+ // If there is an error we try to move it out of the way and then
+ // copy it in. First try the safest / easiest way to overwrite the file.
if (!CopyFileW(newServiceBinaryPath,
- serviceConfig.lpBinaryPathName, FALSE)) {
- // It is best to leave the old service binary in this condition.
- LOG_WARN(("The new service binary could not be copied in."
- " The service will not be upgraded."));
- result = FALSE;
- } else {
- LOG(("The new service binary was copied in by first moving the"
- " old one out of the way."));
+ serviceConfig.lpBinaryPathName, FALSE))
+ {
+ LOG_WARN(("Could not overwrite old service binary file. "
+ "This should never happen, but if it does the next "
+ "upgrade will fix it, the service is not a critical "
+ "component that needs to be installed for upgrades "
+ "to work. (%d)", GetLastError()));
+
+ // We rename the last 3 filename chars in an unsafe way. Manually
+ // verify there are more than 3 chars for safe failure in MoveFileExW.
+ const size_t len = wcslen(serviceConfig.lpBinaryPathName);
+ if (len > 3)
+ {
+ // Calculate the temp file path that we're moving the file to. This
+ // is the same as the proper service path but with a .old extension.
+ LPWSTR oldServiceBinaryTempPath =
+ new WCHAR[len + 1];
+ memset(oldServiceBinaryTempPath, 0, (len + 1) * sizeof (WCHAR));
+ wcsncpy(oldServiceBinaryTempPath, serviceConfig.lpBinaryPathName, len);
+ // Rename the last 3 chars to 'old'
+ wcsncpy(oldServiceBinaryTempPath + len - 3, L"old", 3);
+
+ // Move the current (old) service file to the temp path.
+ if (MoveFileExW(serviceConfig.lpBinaryPathName,
+ oldServiceBinaryTempPath,
+ MOVEFILE_REPLACE_EXISTING | MOVEFILE_WRITE_THROUGH))
+ {
+ // The old binary is moved out of the way, copy in the new one.
+ if (!CopyFileW(newServiceBinaryPath,
+ serviceConfig.lpBinaryPathName, FALSE))
+ {
+ // It is best to leave the old service binary in this condition.
+ LOG_WARN(("The new service binary could not be copied in."
+ " The service will not be upgraded."));
+ result = FALSE;
+ }
+ else
+ {
+ LOG(("The new service binary was copied in by first moving the"
+ " old one out of the way."));
+ }
+
+ // Attempt to get rid of the old service temp path.
+ if (DeleteFileW(oldServiceBinaryTempPath))
+ {
+ LOG(("The old temp service path was deleted: %ls.",
+ oldServiceBinaryTempPath));
+ }
+ else
+ {
+ // The old temp path could not be removed. It will be removed
+ // the next time the user can't copy the binary in or on uninstall.
+ LOG_WARN(("The old temp service path was not deleted."));
+ }
+ }
+ else
+ {
+ // It is best to leave the old service binary in this condition.
+ LOG_WARN(("Could not move old service file out of the way from:"
+ " \"%ls\" to \"%ls\". Service will not be upgraded. (%d)",
+ serviceConfig.lpBinaryPathName,
+ oldServiceBinaryTempPath, GetLastError()));
+ result = FALSE;
+ }
+ delete[] oldServiceBinaryTempPath;
+ }
+ else
+ {
+ // It is best to leave the old service binary in this condition.
+ LOG_WARN(("Service binary path was less than 3, service will"
+ " not be updated. This should never happen."));
+ result = FALSE;
+ }
+ }
+ else
+ {
+ LOG(("The new service binary was copied in."));
}
- // Attempt to get rid of the old service temp path.
- if (DeleteFileW(oldServiceBinaryTempPath)) {
- LOG(("The old temp service path was deleted: %ls.",
- oldServiceBinaryTempPath));
- } else {
- // The old temp path could not be removed. It will be removed
- // the next time the user can't copy the binary in or on uninstall.
- LOG_WARN(("The old temp service path was not deleted."));
+ // We made a copy of ourselves to the existing location.
+ // The tmp file (the process of which we are executing right now) will be
+ // left over. Attempt to delete the file on the next reboot.
+ if (MoveFileExW(newServiceBinaryPath, nullptr,
+ MOVEFILE_DELAY_UNTIL_REBOOT))
+ {
+ LOG(("Deleting the old file path on the next reboot: %ls.",
+ newServiceBinaryPath));
+ }
+ else
+ {
+ LOG_WARN(("Call to delete the old file path failed: %ls.",
+ newServiceBinaryPath));
}
- } else {
- // It is best to leave the old service binary in this condition.
- LOG_WARN(("Could not move old service file out of the way from:"
- " \"%ls\" to \"%ls\". Service will not be upgraded. (%d)",
- serviceConfig.lpBinaryPathName,
- oldServiceBinaryTempPath, GetLastError()));
- result = FALSE;
- }
- delete[] oldServiceBinaryTempPath;
- } else {
- // It is best to leave the old service binary in this condition.
- LOG_WARN(("Service binary path was less than 3, service will"
- " not be updated. This should never happen."));
- result = FALSE;
+
+ return result;
}
- } else {
- LOG(("The new service binary was copied in."));
- }
-
- // We made a copy of ourselves to the existing location.
- // The tmp file (the process of which we are executing right now) will be
- // left over. Attempt to delete the file on the next reboot.
- if (MoveFileExW(newServiceBinaryPath, nullptr,
- MOVEFILE_DELAY_UNTIL_REBOOT)) {
- LOG(("Deleting the old file path on the next reboot: %ls.",
- newServiceBinaryPath));
- } else {
- LOG_WARN(("Call to delete the old file path failed: %ls.",
- newServiceBinaryPath));
- }
-
- return result;
- }
-
- // We don't need to copy ourselves to the existing location.
- // The tmp file (the process of which we are executing right now) will be
- // left over. Attempt to delete the file on the next reboot.
- MoveFileExW(newServiceBinaryPath, nullptr, MOVEFILE_DELAY_UNTIL_REBOOT);
-
- // nothing to do, we already have a newer service installed
- return TRUE;
- }
- // If the service does not exist and we are upgrading, don't install it.
- if (UpgradeSvc == action) {
- // The service does not exist and we are upgrading, so don't install it
+ // We don't need to copy ourselves to the existing location.
+ // The tmp file (the process of which we are executing right now) will be
+ // left over. Attempt to delete the file on the next reboot.
+ MoveFileExW(newServiceBinaryPath, nullptr, MOVEFILE_DELAY_UNTIL_REBOOT);
+
+ // nothing to do, we already have a newer service installed
+ return TRUE;
+ }
+
+ // If the service does not exist and we are upgrading, don't install it.
+ if (UpgradeSvc == action)
+ {
+ // The service does not exist and we are upgrading, so don't install it
+ return TRUE;
+ }
+
+ // Quote the path only if it contains spaces.
+ PathQuoteSpacesW(newServiceBinaryPath);
+ // The service does not already exist so create the service as on demand
+ schService.reset(CreateServiceW(schSCManager.get(), SVC_NAME, SVC_DISPLAY_NAME,
+ SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS,
+ SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL,
+ newServiceBinaryPath, nullptr, nullptr,
+ nullptr, nullptr, nullptr));
+ if (!schService)
+ {
+ LOG_WARN(("Could not create Windows service. "
+ "This error should never happen since a service install "
+ "should only be called when elevated. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ if (!SetUserAccessServiceDACL(schService.get()))
+ {
+ LOG_WARN(("Could not set security ACE on service handle, the service will not "
+ "be able to be started from unelevated processes. "
+ "This error should never happen. (%d)",
+ GetLastError()));
+ }
+
+ UpdateServiceDescription(schService.get());
+
return TRUE;
- }
-
- // Quote the path only if it contains spaces.
- PathQuoteSpacesW(newServiceBinaryPath);
- // The service does not already exist so create the service as on demand
- schService.reset(CreateServiceW(schSCManager.get(), SVC_NAME, SVC_DISPLAY_NAME,
- SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS,
- SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL,
- newServiceBinaryPath, nullptr, nullptr,
- nullptr, nullptr, nullptr));
- if (!schService) {
- LOG_WARN(("Could not create Windows service. "
- "This error should never happen since a service install "
- "should only be called when elevated. (%d)", GetLastError()));
- return FALSE;
- }
-
- if (!SetUserAccessServiceDACL(schService.get())) {
- LOG_WARN(("Could not set security ACE on service handle, the service will not "
- "be able to be started from unelevated processes. "
- "This error should never happen. (%d)",
- GetLastError()));
- }
-
- UpdateServiceDescription(schService.get());
-
- return TRUE;
}
/**
@@ -541,42 +591,45 @@ SvcInstall(SvcInstallAction action)
BOOL
StopService()
{
- // Get a handle to the local computer SCM database with full access rights.
- AutoServiceHandle schSCManager(OpenSCManager(nullptr, nullptr,
- SC_MANAGER_ALL_ACCESS));
- if (!schSCManager) {
- LOG_WARN(("Could not open service manager. (%d)", GetLastError()));
- return FALSE;
- }
-
- // Open the service
- AutoServiceHandle schService(OpenServiceW(schSCManager.get(), SVC_NAME,
- SERVICE_ALL_ACCESS));
- if (!schService) {
- LOG_WARN(("Could not open service. (%d)", GetLastError()));
- return FALSE;
- }
-
- LOG(("Sending stop request..."));
- SERVICE_STATUS status;
- SetLastError(ERROR_SUCCESS);
- if (!ControlService(schService.get(), SERVICE_CONTROL_STOP, &status) &&
- GetLastError() != ERROR_SERVICE_NOT_ACTIVE) {
- LOG_WARN(("Error sending stop request. (%d)", GetLastError()));
- }
-
- schSCManager.reset();
- schService.reset();
-
- LOG(("Waiting for service stop..."));
- DWORD lastState = WaitForServiceStop(SVC_NAME, 30);
-
- // The service can be in a stopped state but the exe still in use
- // so make sure the process is really gone before proceeding
- WaitForProcessExit(L"maintenanceservice.exe", 30);
- LOG(("Done waiting for service stop, last service state: %d", lastState));
-
- return lastState == SERVICE_STOPPED;
+ // Get a handle to the local computer SCM database with full access rights.
+ AutoServiceHandle schSCManager(OpenSCManager(nullptr, nullptr,
+ SC_MANAGER_ALL_ACCESS));
+ if (!schSCManager)
+ {
+ LOG_WARN(("Could not open service manager. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ // Open the service
+ AutoServiceHandle schService(OpenServiceW(schSCManager.get(), SVC_NAME,
+ SERVICE_ALL_ACCESS));
+ if (!schService)
+ {
+ LOG_WARN(("Could not open service. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ LOG(("Sending stop request..."));
+ SERVICE_STATUS status;
+ SetLastError(ERROR_SUCCESS);
+ if (!ControlService(schService.get(), SERVICE_CONTROL_STOP, &status) &&
+ GetLastError() != ERROR_SERVICE_NOT_ACTIVE)
+ {
+ LOG_WARN(("Error sending stop request. (%d)", GetLastError()));
+ }
+
+ schSCManager.reset();
+ schService.reset();
+
+ LOG(("Waiting for service stop..."));
+ DWORD lastState = WaitForServiceStop(SVC_NAME, 30);
+
+ // The service can be in a stopped state but the exe still in use
+ // so make sure the process is really gone before proceeding
+ WaitForProcessExit(L"maintenanceservice.exe", 30);
+ LOG(("Done waiting for service stop, last service state: %d", lastState));
+
+ return lastState == SERVICE_STOPPED;
}
/**
@@ -587,46 +640,55 @@ StopService()
BOOL
SvcUninstall()
{
- // Get a handle to the local computer SCM database with full access rights.
- AutoServiceHandle schSCManager(OpenSCManager(nullptr, nullptr,
- SC_MANAGER_ALL_ACCESS));
- if (!schSCManager) {
- LOG_WARN(("Could not open service manager. (%d)", GetLastError()));
- return FALSE;
- }
-
- // Open the service
- AutoServiceHandle schService(OpenServiceW(schSCManager.get(), SVC_NAME,
- SERVICE_ALL_ACCESS));
- if (!schService) {
- LOG_WARN(("Could not open service. (%d)", GetLastError()));
- return FALSE;
- }
-
- //Stop the service so it deletes faster and so the uninstaller
- // can actually delete its EXE.
- DWORD totalWaitTime = 0;
- SERVICE_STATUS status;
- static const int maxWaitTime = 1000 * 60; // Never wait more than a minute
- if (ControlService(schService.get(), SERVICE_CONTROL_STOP, &status)) {
- do {
- Sleep(status.dwWaitHint);
- totalWaitTime += (status.dwWaitHint + 10);
- if (status.dwCurrentState == SERVICE_STOPPED) {
- break;
- } else if (totalWaitTime > maxWaitTime) {
- break;
- }
- } while (QueryServiceStatus(schService.get(), &status));
- }
-
- // Delete the service or mark it for deletion
- BOOL deleted = DeleteService(schService.get());
- if (!deleted) {
- deleted = (GetLastError() == ERROR_SERVICE_MARKED_FOR_DELETE);
- }
-
- return deleted;
+ // Get a handle to the local computer SCM database with full access rights.
+ AutoServiceHandle schSCManager(OpenSCManager(nullptr, nullptr,
+ SC_MANAGER_ALL_ACCESS));
+ if (!schSCManager)
+ {
+ LOG_WARN(("Could not open service manager. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ // Open the service
+ AutoServiceHandle schService(OpenServiceW(schSCManager.get(), SVC_NAME,
+ SERVICE_ALL_ACCESS));
+ if (!schService)
+ {
+ LOG_WARN(("Could not open service. (%d)", GetLastError()));
+ return FALSE;
+ }
+
+ //Stop the service so it deletes faster and so the uninstaller
+ // can actually delete its EXE.
+ DWORD totalWaitTime = 0;
+ SERVICE_STATUS status;
+ static const int maxWaitTime = 1000 * 60; // Never wait more than a minute
+ if (ControlService(schService.get(), SERVICE_CONTROL_STOP, &status))
+ {
+ do
+ {
+ Sleep(status.dwWaitHint);
+ totalWaitTime += (status.dwWaitHint + 10);
+ if (status.dwCurrentState == SERVICE_STOPPED)
+ {
+ break;
+ }
+ else if (totalWaitTime > maxWaitTime)
+ {
+ break;
+ }
+ }
+ while (QueryServiceStatus(schService.get(), &status));
+ }
+
+ // Delete the service or mark it for deletion
+ BOOL deleted = DeleteService(schService.get());
+ if (!deleted)
+ {
+ deleted = (GetLastError() == ERROR_SERVICE_MARKED_FOR_DELETE);
+ }
+
+ return deleted;
}
/**
@@ -638,16 +700,18 @@ SvcUninstall()
BOOL
SetUserAccessServiceDACL(SC_HANDLE hService)
{
- PACL pNewAcl = nullptr;
- PSECURITY_DESCRIPTOR psd = nullptr;
- DWORD lastError = SetUserAccessServiceDACL(hService, pNewAcl, psd);
- if (pNewAcl) {
- LocalFree((HLOCAL)pNewAcl);
- }
- if (psd) {
- LocalFree((LPVOID)psd);
- }
- return ERROR_SUCCESS == lastError;
+ PACL pNewAcl = nullptr;
+ PSECURITY_DESCRIPTOR psd = nullptr;
+ DWORD lastError = SetUserAccessServiceDACL(hService, pNewAcl, psd);
+ if (pNewAcl)
+ {
+ LocalFree((HLOCAL)pNewAcl);
+ }
+ if (psd)
+ {
+ LocalFree((LPVOID)psd);
+ }
+ return ERROR_SUCCESS == lastError;
}
/**
@@ -662,112 +726,124 @@ DWORD
SetUserAccessServiceDACL(SC_HANDLE hService, PACL &pNewAcl,
... etc. - the rest is truncated
More information about the Libreoffice-commits
mailing list