Changeset 257

Timestamp:

Jan 8, 2004, 5:43:29 PM (22 years ago)

Author:

umoeller

Message:

Fixes that have piled up in the last three months.

Location:

trunk

Files:

• include/helpers/dosh.h (modified) (1 diff)
• include/helpers/exeh.h (modified) (2 diffs)
• include/helpers/lan.h (modified) (2 diffs)
• include/helpers/procstat.h (modified) (1 diff)
• include/helpers/textview.h (modified) (1 diff)
• include/helpers/tree.h (modified) (1 diff)
• include/helpers/xwpsecty.h (modified) (17 diffs)
• src/helpers/dialog.c (modified) (2 diffs)
• src/helpers/dosh.c (modified) (9 diffs)
• src/helpers/exeh.c (modified) (21 diffs)
• src/helpers/helpers_pre.in (modified) (1 diff)
• src/helpers/lan.c (modified) (3 diffs)
• src/helpers/nls.c (modified) (1 diff)
• src/helpers/nlscache.c (modified) (1 diff)
• src/helpers/xsecapi.c (added)

trunk/include/helpers/dosh.h

@@ -721 +721 @@
     typedef ULONG XWPENTRY DOSHMYPID(VOID);
     typedef DOSHMYPID *PDOSHMYPID;
+
+    ULONG doshMyParentPID(VOID);
 
     ULONG XWPENTRY doshMyTID(VOID);

trunk/include/helpers/exeh.h

@@ -1157 +1157 @@
         //      (NOSTUB, V0.9.12);
         // --   for .COM, .BAT, .CMD files (V0.9.16)
-        PDOSEXEHEADER   pDosExeHeader;
-        ULONG           cbDosExeHeader;
+        DOSEXEHEADER    DosExeHeader;       // no longer a ptr, but inline struct V1.0.2 (2003-11-13) [umoeller]
+        ULONG           cbDosExeHeader;     // if != 0, DosExeHeader is present
 
         // New Executable (NE) header, if ulExeFormat == EXEFORMAT_NE
@@ -1353 +1353 @@
                               ULONG idResource,
                               PBYTE *ppbResData,
+                              PULONG pulOffset,
                               PULONG pcbResData);
 

trunk/include/helpers/lan.h

@@ -3 +3 @@
  *@@sourcefile lan.h:
  *      header file for lan.c. See notes there.
+ *
+ *      Since the LAN headers are so confusing and maybe not
+ *      everyone has them, we duplicate all definitions that
+ *      we need here.
  *
  *      Note: Version numbering in this file relates to XWorkplace version
@@ -32 +36 @@
     #define LANH_HEADER_INCLUDED
 
+    #ifndef NERR_NetNotStarted
+        #define NERR_BASE       2100
+
+        #define NERR_NetNotStarted      (NERR_BASE+2)   /* The workstation driver (NETWKSTA.SYS on OS/2 workstations, NETWKSTA.EXE on DOS workstations) isn't installed. */
+        #define NERR_UnknownServer      (NERR_BASE+3)   /* The server cannot be located. */
+        #define NERR_ShareMem           (NERR_BASE+4)   /* An internal error occurred.  The network cannot access a shared memory segment. */
+        #define NERR_NoNetworkResource  (NERR_BASE+5)   /* A network resource shortage occurred . */
+        #define NERR_RemoteOnly         (NERR_BASE+6)   /* This operation is not supported on workstations. */
+        #define NERR_DevNotRedirected   (NERR_BASE+7)   /* The device is not connected. */
+        #define Dhcpwaitmsg             (NERR_BASE+8)   /* Waiting for response from DHCP server */
+        #define DhcpCompletemsg         (NERR_BASE+9)   /* Successful response received from DHCP server */
+        #define NERR_ServerNotStarted   (NERR_BASE+14)  /* The Server service isn't started. */
+        #define NERR_ItemNotFound       (NERR_BASE+15)  /* The queue is empty. */
+        #define NERR_UnknownDevDir      (NERR_BASE+16)  /* The device or directory does not exist. */
+        #define NERR_RedirectedPath     (NERR_BASE+17)  /* The operation is invalid on a redirected resource. */
+        #define NERR_DuplicateShare     (NERR_BASE+18)  /* The name has already been shared. */
+        #define NERR_NoRoom             (NERR_BASE+19)  /* The server is currently out of the requested resource. */
+        #define NERR_TooManyItems       (NERR_BASE+21)  /* Requested add of item exceeds maximum allowed. */
+        #define NERR_InvalidMaxUsers    (NERR_BASE+22)  /* The Peer service supports only two simultaneous users. */
+        #define NERR_BufTooSmall        (NERR_BASE+23)  /* The API return buffer is too small. */
+        #define NERR_RemoteErr          (NERR_BASE+27)  /* A remote API error occurred.  */
+        #define NERR_LanmanIniError     (NERR_BASE+31)  /* An error occurred when opening or reading IBMLAN.INI. */
+        #define NERR_OS2IoctlError      (NERR_BASE+34)  /* An internal error occurred when calling the workstation driver. */
+        #define NERR_NetworkError       (NERR_BASE+36)  /* A general network error occurred. */
+        #define NERR_WkstaNotStarted    (NERR_BASE+38)  /* The Requester service has not been started. */
+        #define NERR_InternalError      (NERR_BASE+40)  /* An internal LAN Manager error occurred.*/
+        #define NERR_BadTransactConfig  (NERR_BASE+41)  /* The server is not configured for transactions. */
+        #define NERR_InvalidAPI         (NERR_BASE+42)  /* The requested API isn't supported on the remote server. */
+        #define NERR_BadEventName       (NERR_BASE+43)  /* The event name is invalid. */
+
+        #define NERR_CfgCompNotFound    (NERR_BASE+46)  /* Could not find the specified component in IBMLAN.INI. */
+        #define NERR_CfgParamNotFound   (NERR_BASE+47)  /* Could not find the specified parameter in IBMLAN.INI. */
+        #define NERR_LineTooLong        (NERR_BASE+49)  /* A line in IBMLAN.INI is too long. */
+
+        #define NERR_QNotFound          (NERR_BASE+50)  /* The printer queue does not exist. */
+        #define NERR_JobNotFound        (NERR_BASE+51)  /* The print job does not exist. */
+        #define NERR_DestNotFound       (NERR_BASE+52)  /* The printer destination cannot be found. */
+        #define NERR_DestExists         (NERR_BASE+53)  /* The printer destination already exists. */
+        #define NERR_QExists            (NERR_BASE+54)  /* The printer queue already exists. */
+        #define NERR_QNoRoom            (NERR_BASE+55)  /* No more printer queues can be added. */
+        #define NERR_JobNoRoom          (NERR_BASE+56)  /* No more print jobs can be added.  */
+        #define NERR_DestNoRoom         (NERR_BASE+57)  /* No more printer destinations can be added. */
+        #define NERR_DestIdle           (NERR_BASE+58)  /* This printer destination is idle and cannot accept control operations. */
+        #define NERR_DestInvalidOp      (NERR_BASE+59)  /* This printer destination request contains an invalid control function. */
+        #define NERR_ProcNoRespond      (NERR_BASE+60)  /* The printer processor is not responding. */
+        #define NERR_SpoolerNotLoaded   (NERR_BASE+61)  /* The spooler is not running. */
+        #define NERR_DestInvalidState   (NERR_BASE+62)  /* This operation cannot be performed on the print destination in its current state. */
+        #define NERR_QInvalidState      (NERR_BASE+63)  /* This operation cannot be performed on the printer queue in its current state. */
+        #define NERR_JobInvalidState    (NERR_BASE+64)  /* This operation cannot be performed on the print job in its current state. */
+        #define NERR_SpoolNoMemory      (NERR_BASE+65)  /* A spooler memory allocation failure occurred. */
+        #define NERR_DriverNotFound     (NERR_BASE+66)  /* The device driver does not exist. */
+        #define NERR_DataTypeInvalid    (NERR_BASE+67)  /* The datatype is not supported by the processor. */
+        #define NERR_ProcNotFound       (NERR_BASE+68)  /* The print processor is not installed. */
+
+        #define NERR_ServiceTableLocked (NERR_BASE+80)  /* The service does not respond to control actions. */
+        #define NERR_ServiceTableFull   (NERR_BASE+81)  /* The service table is full. */
+        #define NERR_ServiceInstalled   (NERR_BASE+82)  /* The requested service has already been started. */
+        #define NERR_ServiceEntryLocked (NERR_BASE+83)  /* The service does not respond to control actions. */
+        #define NERR_ServiceNotInstalled (NERR_BASE+84) /* The service has not been started. */
+        #define NERR_BadServiceName     (NERR_BASE+85)  /* The service name is invalid. */
+        #define NERR_ServiceCtlTimeout  (NERR_BASE+86)  /* The service is not responding to the control function. */
+        #define NERR_ServiceCtlBusy     (NERR_BASE+87)  /* The service control is busy. */
+        #define NERR_BadServiceProgName (NERR_BASE+88)  /* IBMLAN.INI contains an invalid service program name. */
+        #define NERR_ServiceNotCtrl     (NERR_BASE+89)  /* The service cannot be controlled in its present state. */
+        #define NERR_ServiceKillProc    (NERR_BASE+90)  /* The service ended abnormally. */
+        #define NERR_ServiceCtlNotValid (NERR_BASE+91)  /* The requested pause or stop is not valid for this service. */
+
+        #define NERR_AlreadyLoggedOn    (NERR_BASE+100) /* This workstation is already logged on to the local-area network. */
+        #define NERR_NotLoggedOn        (NERR_BASE+101) /* The workstation isn't logged on to the local-area network. */
+        #define NERR_BadUsername        (NERR_BASE+102) /* The username or groupname parameter is invalid.  */
+        #define NERR_BadPassword        (NERR_BASE+103) /* The password parameter is invalid. */
+        #define NERR_UnableToAddName_W  (NERR_BASE+104) /* @W The logon processor did not add the message alias. */
+        #define NERR_UnableToAddName_F  (NERR_BASE+105) /* The logon processor did not add the message alias. */
+        #define NERR_UnableToDelName_W  (NERR_BASE+106) /* @W The logoff processor did not delete the message alias. */
+        #define NERR_UnableToDelName_F  (NERR_BASE+107) /* The logoff processor did not delete the message alias. */
+        #define NERR_LogonsPaused       (NERR_BASE+109) /* Network logons are paused. */
+        #define NERR_LogonServerConflict (NERR_BASE+110)/* A centralized logon-server conflict occurred. */
+        #define NERR_LogonScriptError   (NERR_BASE+112) /* An error occurred while loading or running the logon script. */
+        #define NERR_StandaloneLogon    (NERR_BASE+114) /* The logon server was not specified.  Your computer will be logged on as STANDALONE. */
+        #define NERR_LogonServerNotFound (NERR_BASE+115) /* The logon server cannot be found.  */
+        #define NERR_NonValidatedLogon  (NERR_BASE+117) /* The logon server could not validate the logon. */
+
+        #define NERR_AccountUndeletable (NERR_BASE+118) /* The user account is marked undeletable. */
+        #define NERR_ACFNotFound        (NERR_BASE+119) /* The accounts file NET.ACC cannot be found. */
+        #define NERR_GroupNotFound      (NERR_BASE+120) /* The groupname cannot be found. */
+        #define NERR_UserNotFound       (NERR_BASE+121) /* The username cannot be found. */
+        #define NERR_ResourceNotFound   (NERR_BASE+122) /* The resource name cannot be found.  */
+        #define NERR_GroupExists        (NERR_BASE+123) /* The group already exists. */
+        #define NERR_UserExists         (NERR_BASE+124) /* The user account already exists. */
+        #define NERR_ResourceExists     (NERR_BASE+125) /* The resource permission list already exists. */
+        #define NERR_NotPrimary         (NERR_BASE+126) /* The UAS database is replicant and will not allow updates. */
+        #define NERR_ACFNotLoaded       (NERR_BASE+127) /* The user account system has not been started. */
+        #define NERR_ACFNoRoom          (NERR_BASE+128) /* There are too many names in the user account system. */
+        #define NERR_ACFFileIOFail      (NERR_BASE+129) /* A disk I/O failure occurred.*/
+        #define NERR_ACFTooManyLists    (NERR_BASE+130) /* The limit of 64 entries per resource was exceeded. */
+        #define NERR_UserLogon          (NERR_BASE+131) /* Deleting a user with a session is not allowed. */
+        #define NERR_ACFNoParent        (NERR_BASE+132) /* The parent directory cannot be located. */
+        #define NERR_CanNotGrowSegment  (NERR_BASE+133) /* Unable to grow UAS session cache segment. */
+        #define NERR_SpeGroupOp         (NERR_BASE+134) /* This operation is not allowed on this special group. */
+        #define NERR_NotInCache         (NERR_BASE+135) /* This user is not cached in UAS session cache. */
+        #define NERR_UserInGroup        (NERR_BASE+136) /* The user already belongs to this group. */
+        #define NERR_UserNotInGroup     (NERR_BASE+137) /* The user does not belong to this group. */
+        #define NERR_AccountUndefined   (NERR_BASE+138) /* This user account is undefined. */
+        #define NERR_AccountExpired     (NERR_BASE+139) /* This user account has expired. */
+        #define NERR_InvalidRequester (NERR_BASE+140) /* The user is not allowed to log on from this workstation. */
+        #define NERR_InvalidLogonHours  (NERR_BASE+141) /* The user is not allowed to log on at this time.  */
+        #define NERR_PasswordExpired    (NERR_BASE+142) /* The password of this user has expired. */
+        #define NERR_PasswordCantChange (NERR_BASE+143) /* The password of this user cannot change. */
+        #define NERR_PasswordHistConflict (NERR_BASE+144) /* This password cannot be used now. */
+        #define NERR_PasswordTooShort   (NERR_BASE+145) /* The password is shorter than required. */
+        #define NERR_PasswordTooRecent  (NERR_BASE+146) /* The password of this user is too recent to change.  */
+        #define NERR_InvalidDatabase    (NERR_BASE+147) /* The UAS database file is corrupted. */
+        #define NERR_DatabaseUpToDate   (NERR_BASE+148) /* No updates are necessary to this replicant UAS database. */
+        #define NERR_SyncRequired       (NERR_BASE+149) /* This replicant database is outdated; synchronization is required. */
+
+        /*
+         *      Use API related
+         *              Error codes from BASE+150 to BASE+169
+         */
+
+        #define NERR_UseNotFound        (NERR_BASE+150) /* The connection cannot be found. */
+        #define NERR_BadAsgType         (NERR_BASE+151) /* This asg_type is invalid. */
+        #define NERR_DeviceIsShared     (NERR_BASE+152) /* This device is currently being shared. */
+
+        /*
+         *      Message Server related
+         *              Error codes BASE+170 to BASE+209
+         */
+
+        #define NERR_NoComputerName     (NERR_BASE+170) /* A computername has not been configured.  */
+        #define NERR_MsgAlreadyStarted  (NERR_BASE+171) /* The Messenger service is already started. */
+        #define NERR_MsgInitFailed      (NERR_BASE+172) /* The Messenger service failed to start.  */
+        #define NERR_NameNotFound       (NERR_BASE+173) /* The message alias cannot be found on the local-area network. */
+        #define NERR_AlreadyForwarded   (NERR_BASE+174) /* This message alias has already been forwarded. */
+        #define NERR_AlreadyExists      (NERR_BASE+176) /* This message alias already exists locally. */
+        #define NERR_TooManyNames       (NERR_BASE+177) /* The maximum number of added message aliases has been exceeded. */
+        #define NERR_DelComputerName    (NERR_BASE+178) /* The computername cannot be deleted.*/
+        #define NERR_LocalForward       (NERR_BASE+179) /* Messages cannot be forwarded back to the same workstation. */
+        #define NERR_GrpMsgProcessor    (NERR_BASE+180) /* Error in domain message processor */
+        #define NERR_PausedRemote       (NERR_BASE+181) /* The message was sent, but the recipient has paused the Messenger service. */
+        #define NERR_BadReceive         (NERR_BASE+182) /* The message was sent but not received. */
+        #define NERR_NameInUse          (NERR_BASE+183) /* The message alias is currently in use. Try again later. */
+        #define NERR_MsgNotStarted      (NERR_BASE+184) /* The Messenger service has not been started. */
+        #define NERR_NotLocalName       (NERR_BASE+185) /* The name is not on the local computer. */
+        #define NERR_NoForwardName      (NERR_BASE+186) /* The forwarded message alias cannot be found on the network. */
+        #define NERR_RemoteFull         (NERR_BASE+187) /* The message alias table on the remote station is full. */
+        #define NERR_NameNotForwarded   (NERR_BASE+188) /* Messages for this alias are not currently being forwarded. */
+        #define NERR_TruncatedBroadcast (NERR_BASE+189) /* The broadcast message was truncated. */
+        #define NERR_InvalidDevice      (NERR_BASE+194) /* This is an invalid devicename. */
+        #define NERR_WriteFault         (NERR_BASE+195) /* A write fault occurred. */
+        #define NERR_DuplicateName      (NERR_BASE+197) /* A duplicate message alias exists on the local-area network. */
+        #define NERR_DeleteLater        (NERR_BASE+198) /* @W This message alias will be deleted later. */
+        #define NERR_IncompleteDel      (NERR_BASE+199) /* The message alias was not successfully deleted from all networks. */
+        #define NERR_MultipleNets       (NERR_BASE+200) /* This operation is not supported on machines with multiple networks. */
+
+        #define NERR_DASDNotInstalled         (NERR_BASE+201)
+        #define NERR_DASDAlreadyInstalled     (NERR_BASE+202)
+        #define NERR_NotHPFSVolume            (NERR_BASE+203)
+        #define NERR_DASDMaxValidationFailed  (NERR_BASE+204)
+        #define NERR_DASDInstallVolumeLocked  (NERR_BASE+205)
+        #define NERR_LimitNotFound            (NERR_BASE+206)
+        #define NERR_LimitExists              (NERR_BASE+207)
+        #define NERR_DASDNotRunning           (NERR_BASE+208)
+        #define NERR_DASDNotOperational       (NERR_BASE+209)
+
+        #define NERR_NetNameNotFound    (NERR_BASE+210) /* This shared resource does not exist.*/
+        #define NERR_DeviceNotShared    (NERR_BASE+211) /* This device is not shared. */
+        #define NERR_ClientNameNotFound (NERR_BASE+212) /* A session does not exist with that computername. */
+        #define NERR_FileIdNotFound     (NERR_BASE+214) /* There isn't an open file with that ID number. */
+        #define NERR_ExecFailure        (NERR_BASE+215) /* A failure occurred when executing a remote administration command. */
+        #define NERR_TmpFile            (NERR_BASE+216) /* A failure occurred when opening a remote temporary file. */
+        #define NERR_TooMuchData        (NERR_BASE+217) /* The data returned from a remote administration command has been truncated to 64K. */
+        #define NERR_DeviceShareConflict (NERR_BASE+218) /* This device cannot be shared as both a spooled and a non-spooled resource. */
+        #define NERR_BrowserTableIncomplete (NERR_BASE+219)  /* The information in the list of servers may be incorrect. */
+        #define NERR_NotLocalDomain     (NERR_BASE+220) /* The computer isn't active on this domain. */
+
+        #define NERR_RedirectionsNotFound       (NERR_BASE+221)
+        #define NERR_LocalPathWarning           (NERR_BASE+222)
+        #define NERR_AssignmentNotMade          (NERR_BASE+223)
+        #define NERR_ItemNotAssigned            (NERR_BASE+224)
+        #define NERR_CantAddAssignments         (NERR_BASE+225)
+        #define NERR_CantSetAssignments         (NERR_BASE+226)
+        #define NERR_DomainSpecificInfo         (NERR_BASE+227)
+        #define NERR_TooManyLogonAsn            (NERR_BASE+228)
+        #define NERR_DASDNoAPARs                (NERR_BASE+229)
+
+        #define NERR_DevInvalidOpCode   (NERR_BASE+231) /* The operation is invalid for this device. */
+        #define NERR_DevNotFound        (NERR_BASE+232) /* This device cannot be shared. */
+        #define NERR_DevNotOpen         (NERR_BASE+233) /* This device was not open. */
+        #define NERR_BadQueueDevString  (NERR_BASE+234) /* This devicename list is invalid. */
+        #define NERR_BadQueuePriority   (NERR_BASE+235) /* The queue priority is invalid. */
+        #define NERR_NoCommDevs         (NERR_BASE+237) /* There are no shared communication devices. */
+        #define NERR_QueueNotFound      (NERR_BASE+238) /* The queue you specified doesn't exist. */
+        #define NERR_BadDevString       (NERR_BASE+240) /* This list of devices is invalid. */
+        #define NERR_BadDev             (NERR_BASE+241) /* The requested device is invalid. */
+        #define NERR_InUseBySpooler     (NERR_BASE+242) /* This device is already in use by the spooler. */
+        #define NERR_CommDevInUse       (NERR_BASE+243) /* This device is already in use as a communication device. */
+
+        #define NERR_InvalidComputer   (NERR_BASE+251) /* This computername is invalid. */
+        #define NERR_MaxLenExceeded    (NERR_BASE+254) /* The string and prefix specified are too long. */
+        #define NERR_BadComponent      (NERR_BASE+256) /* This path component is invalid. */
+        #define NERR_CantType          (NERR_BASE+257) /* Cannot determine type of input. */
+        #define NERR_TooManyEntries    (NERR_BASE+262) /* The buffer for types is not big enough. */
+
+        #define NERR_LogOverflow           (NERR_BASE+277)      /* This log file exceeds the maximum defined size. */
+        #define NERR_LogFileChanged        (NERR_BASE+278)      /* This log file has changed between reads. */
+        #define NERR_LogFileCorrupt        (NERR_BASE+279)      /* This log file is corrupt. */
+
+        #define NERR_SourceIsDir   (NERR_BASE+280) /* The source path cannot be a directory. */
+        #define NERR_BadSource     (NERR_BASE+281) /* The source path is illegal. */
+        #define NERR_BadDest       (NERR_BASE+282) /* The destination path is illegal. */
+        #define NERR_DifferentServers   (NERR_BASE+283) /* The source and destination paths are on different servers. */
+        #define NERR_RunSrvPaused       (NERR_BASE+285) /* The Run server you requested is paused. */
+        #define NERR_ErrCommRunSrv      (NERR_BASE+289) /* An error occurred when communicating with a Run server. */
+        #define NERR_ErrorExecingGhost  (NERR_BASE+291) /* An error occurred when starting a background process. */
+        #define NERR_ShareNotFound      (NERR_BASE+292) /* The shared resource you are connected to could not be found.*/
+
+        #define NERR_InvalidLana        (NERR_BASE+300) /* The LAN adapter number is invalid.  */
+        #define NERR_OpenFiles          (NERR_BASE+301) /* There are open files on the connection.    */
+        #define NERR_ActiveConns        (NERR_BASE+302) /* Active connections still exist. */
+        #define NERR_BadPasswordCore    (NERR_BASE+303) /* This netname or password is invalid. */
+        #define NERR_DevInUse           (NERR_BASE+304) /* The device is being accessed by an active process. */
+        #define NERR_LocalDrive         (NERR_BASE+305) /* The drive letter is in use locally. */
+        #define NERR_PausedConns        (NERR_BASE+306) /* Paused devices cannot be deleted */
+        #define NERR_PipeBufTooSmall    (NERR_BASE+307) /* Write to a network named pipe buffer that is too small */
+
+        #define NERR_AlertExists        (NERR_BASE+330) /* The specified client is already registered for the specified event. */
+        #define NERR_TooManyAlerts      (NERR_BASE+331) /* The alert table is full. */
+        #define NERR_NoSuchAlert        (NERR_BASE+332) /* An invalid or nonexistent alertname was raised. */
+        #define NERR_BadRecipient       (NERR_BASE+333) /* The alert recipient is invalid.*/
+        #define NERR_AcctLimitExceeded  (NERR_BASE+334) /* A user's session with this server has been deleted
+                                                         * because his logon hours are no longer valid */
+        #define NERR_InvalidLogSeek     (NERR_BASE+340) /* The log file does not contain the requested record number. */
+
+        #define NERR_ParmsMoved         (NERR_BASE+345) /* The parameters in the %1 section have been moved to the %2 section in the %3 file. */
+
+        #define NERR_BadUasConfig       (NERR_BASE+350) /* The user account system database is not configured correctly. */
+        #define NERR_InvalidUASOp       (NERR_BASE+351) /* This operation is not permitted when the Netlogon service is running. */
+        #define NERR_LastAdmin          (NERR_BASE+352) /* This operation is not allowed on the last admin account. */
+        #define NERR_DCNotFound         (NERR_BASE+353) /* Unable to find domain controller for this domain. */
+        #define NERR_LogonTrackingError (NERR_BASE+354) /* Unable to set logon information for this user. */
+        #define NERR_NetlogonNotStarted (NERR_BASE+355) /* The Netlogon service has not been started. */
+        #define NERR_CanNotGrowUASFile  (NERR_BASE+356) /* Unable to grow the user account system database. */
+        #define NERR_PasswordMismatch   (NERR_BASE+358) /* A password mismatch has been detected. */
+
+        #define NERR_MaxBadPasswordExceeded (NERR_BASE+359) /* The number of bad password has exceeded the max allowed */
+
+        #define NERR_NoSuchServer       (NERR_BASE+360) /* The server ID does not specify a valid server. */
+        #define NERR_NoSuchSession      (NERR_BASE+361) /* The session ID does not specify a valid session. */
+        #define NERR_NoSuchConnection   (NERR_BASE+362) /* The connection ID does not specify a valid connection. */
+        #define NERR_TooManyServers     (NERR_BASE+363) /* There is no space for another entry in the table of available servers. */
+        #define NERR_TooManySessions    (NERR_BASE+364) /* The server has reached the maximum number of sessions it supports. */
+        #define NERR_TooManyConnections (NERR_BASE+365) /* The server has reached the maximum number of connections it supports. */
+        #define NERR_TooManyFiles       (NERR_BASE+366) /* The server cannot open more files because it has reached its maximum number. */
+        #define NERR_NoAlternateServers (NERR_BASE+367) /* There are no alternate servers registered on this server. */
+        #define NERR_TooManySrvNames    (NERR_BASE+368) /* The maximum number of server names has been reached. */
+        #define NERR_DelPrimaryName     (NERR_BASE+369) /* The deletion of the server's primary name is not allowed. */
+
+        #define NERR_BadDosRetCode      (NERR_BASE+400) /* The program below returned an MS-DOS error code:*/
+        #define NERR_ProgNeedsExtraMem  (NERR_BASE+401) /* The program below needs more memory:*/
+        #define NERR_BadDosFunction     (NERR_BASE+402) /* The program below called an unsupported MS-DOS function:*/
+        #define NERR_RemoteBootFailed   (NERR_BASE+403) /* The workstation failed to boot.*/
+        #define NERR_BadFileCheckSum    (NERR_BASE+404) /* The file below is corrupt.*/
+        #define NERR_NoRplBootSystem    (NERR_BASE+405) /* No loader is specified in the boot-block definition file.*/
+        #define NERR_RplLoadrNetBiosErr (NERR_BASE+406) /* NetBIOS returned an error: The NCB and SMB are dumped above.*/
+        #define NERR_RplLoadrDiskErr    (NERR_BASE+407) /* A disk I/O error occurred.*/
+        #define NERR_ImageParamErr      (NERR_BASE+408) /* Image parameter substitution failed.*/
+        #define NERR_TooManyImageParams (NERR_BASE+409) /* Too many image parameters cross disk sector boundaries.*/
+        #define NERR_NonDosFloppyUsed   (NERR_BASE+410) /* The image was not generated from an MS-DOS diskette formatted with /S.*/
+        #define NERR_RplBootRestart     (NERR_BASE+411) /* Remote boot will be restarted later.*/
+        #define NERR_RplSrvrCallFailed  (NERR_BASE+412) /* The call to the Remoteboot server failed.*/
+        #define NERR_CantConnectRplSrvr (NERR_BASE+413) /* Cannot connect to the Remoteboot server.*/
+        #define NERR_CantOpenImageFile  (NERR_BASE+414) /* Cannot open image file on the Remoteboot server.*/
+        #define NERR_CallingRplSrvr     (NERR_BASE+415) /* Connecting to the Remoteboot server...*/
+        #define NERR_StartingRplBoot    (NERR_BASE+416) /* Connecting to the Remoteboot server...*/
+        #define NERR_RplBootServiceTerm (NERR_BASE+417) /* Remote boot service was stopped; check the error log for the cause of the problem.*/
+        #define NERR_RplBootStartFailed (NERR_BASE+418) /* Remote boot startup failed; check the error log for the cause of the problem.*/
+        #define NERR_RPL_CONNECTED      (NERR_BASE+419) /* A second connection to a Remoteboot resource is not allowed.*/
+        #define NERR_RplBootErrDetected (NERR_BASE+420) /* The REMOTEBOOT service detected a configuration error but is continuing.  Check the error log at the remote IPL server for details. */
+        #define NERR_RPL_COPYRIGHT1     (NERR_BASE+421) /* Remote IPL Initialization Program Version 2.0. */
+        #define NERR_RPL_COPYRIGHT2     (NERR_BASE+422) /* (C) Copyright International Business Machines Corporation 1989, 1991. */
+        #define NERR_RPL_COPYRIGHT3     (NERR_BASE+423) /* (C) Copyright Microsoft Corporation 1989, 1991. */
+
+        #define NERR_FTNotInstalled     (NERR_BASE+425) /* DISKFT.SYS is not installed. */
+        #define NERR_FTMONITNotRunning  (NERR_BASE+426) /* FTMONIT is not running */
+        #define NERR_FTDiskNotLocked    (NERR_BASE+427) /* FTADMIN has not locked the disk. */
+        #define NERR_FTDiskNotAvailable (NERR_BASE+428) /* Some other process has locked the disk. */
+        #define NERR_FTUnableToStart    (NERR_BASE+429) /* The verifier/correcter cannot be started. */
+        #define NERR_FTNotInProgress    (NERR_BASE+430) /* The verifier/correcter can't be aborted because it isn't started. */
+        #define NERR_FTUnableToAbort    (NERR_BASE+431) /* The verifier/correcter can't be aborted. */
+        #define NERR_FTUnabletoChange   (NERR_BASE+432) /* The disk could not be locked/unlocked. */
+        #define NERR_FTInvalidErrHandle (NERR_BASE+433) /* The error handle was not recognized. */
+        #define NERR_FTDriveNotMirrored (NERR_BASE+434) /* The drive is not mirrored. */
+
+        #if !defined(NERR_AppParmNotFound)
+        #define NERR_AppParmNotFound            (NERR_BASE+435)
+        #endif
+        #if !defined(NERR_AppParmExists)
+        #define NERR_AppParmExists              (NERR_BASE+436)
+        #endif
+        #if !defined(NERR_UserCannotOverride)
+        #define NERR_UserCannotOverride         (NERR_BASE+437)
+        #endif
+        #if !defined(NERR_EnvDataMustBeString)
+        #define NERR_EnvDataMustBeString        (NERR_BASE+438)
+        #endif
+        #if !defined(NERR_IniFileError)
+        #define NERR_IniFileError               (NERR_BASE+439)
+        #endif
+        #if !defined(NERR_IniFileOnlyOnPrimary)
+        #define NERR_IniFileOnlyOnPrimary       (NERR_BASE+440)
+        #endif
+        #if !defined(NERR_IniMissingOrDamaged)
+        #define NERR_IniMissingOrDamaged        (NERR_BASE+441)
+        #endif
+        #if !defined(NERR_IncorrectApptype)
+        #define NERR_IncorrectApptype           (NERR_BASE+442)
+        #endif
+
+        #define NERR_NoAccessDrive      (NERR_BASE+681)
+        #if !defined(NERR_AliasExists)
+        #define NERR_AliasExists        (NERR_BASE+682)
+        #endif
+        #if !defined(NERR_AliasNotFound)
+        #define NERR_AliasNotFound      (NERR_BASE+683)
+        #endif
+        #define NERR_InvAliasDev        (NERR_BASE+685)
+        #if !defined(NERR_DCDBError)
+        #define NERR_DCDBError          (NERR_BASE+686)
+        #endif
+        #if !defined(NERR_NetnameExists)
+        #define NERR_NetnameExists      (NERR_BASE+687)
+        #endif
+        #if !defined(NERR_DupAliasRes)
+        #define NERR_DupAliasRes       (NERR_BASE+688)
+        #endif
+
+        #if !defined(NERR_AppExists)
+        #define NERR_AppExists          (NERR_BASE+692)
+        #endif
+        #if !defined(NERR_AppNotFound)
+        #define NERR_AppNotFound        (NERR_BASE+693)
+        #endif
+        #if !defined(NERR_DCDBCreateError)
+        #define NERR_DCDBCreateError    (NERR_BASE+694)
+        #endif
+        #if !defined(NERR_NotPrimaryDCDB)
+        #define NERR_NotPrimaryDCDB     (NERR_BASE+695)
+        #endif
+        #define NERR_BadAppRemark       (NERR_BASE+696)
+        #define NERR_CannotMigrate      (NERR_BASE+697)
+
+        #define NERR_ApplyNotPermitted  (NERR_BASE+700)
+        #define NERR_IncompleteApply    (NERR_BASE+701)
+        #define NERR_ApplyFailed        (NERR_BASE+702)
+
+    #endif
+
     #ifndef SNLEN
         #define CNLEN           15                  /* Computer name length     */

trunk/include/helpers/procstat.h

@@ -234 +234 @@
 
     // #pragma pack(1)
-    #pragma pack(4)         // V0.9.10 (2001-04-08) [umoeller]
 
     #define QS32_PROCESS      0x0001

trunk/include/helpers/textview.h

@@ -449 +449 @@
     #define XS_VSCROLL          0x0001      // show vertical scroll bar
     #define XS_HSCROLL          0x0002      // show horizontal scroll bar
-    #define XS_AUTOVHIDE        0x0004      // with XTXF_VSCROLL: automatically hide scrollbar
-    #define XS_AUTOHHIDE        0x0008      // with XTXF_HSCROLL: automatically hide scrollbar
+    #define XS_AUTOVHIDE        0x0004      // with XS_VSCROLL: automatically hide scrollbar
+    #define XS_AUTOHHIDE        0x0008      // with XS_HSCROLL: automatically hide scrollbar
 
     // handy macro V0.9.20 (2002-08-10) [umoeller]

trunk/include/helpers/tree.h

@@ -10 +10 @@
 #endif
 
-#ifndef XWPTREE_INCLUDED               //  Allow multiple inclusions
+#ifndef XWPTREE_INCLUDED
     #define XWPTREE_INCLUDED
 

trunk/include/helpers/xwpsecty.h

@@ -70 +70 @@
  *      real ACLs which are unlimited in size per resource.
  *
- *      To implement this efficiently, XWPSec uses "subject handles", which
- *      is a concept borrowed from SES. However, XWPSec does not use the
- *      SES APIs for creating and managing those, but implements this
- *      functionality itself.
+ *      To implement this efficiently, XWPSec uses "subject handles",
+ *      which is a concept borrowed from SES. However, XWPSec does not
+ *      use the SES APIs for creating and managing those, but implements
+ *      this functionality itself.
  *
  *      For authorizing events, XWPSec uses the XWPSUBJECTINFO and
  *      XWPSECURITYCONTEXT structures, plus an array of RESOURCEACL
- *      structs which forms the global system ACL table shared with
+ *      structs that forms the global system ACL table shared with
  *      the ring-0 device driver.
  *
@@ -87 +87 @@
  *      users. However, one user logon is special and is called
  *      the "local" logon: that user owns the shell, most
- *      importantly the Workplace Shell, and processes started
- *      via the shell run on behalf of that user.
+ *      importantly PM and the Workplace Shell, and processes
+ *      started via the shell run on behalf of that user.
  *
  *      When a user logs on, XWPShell authenticates the credentials
@@ -222 +222 @@
     typedef unsigned long HXSUBJECT;
 
-    typedef unsigned long XWPSECID;
+    typedef long XWPSECID;
 
     /*
@@ -303 +303 @@
 
     /*
-     *@@ XWPSECURITYCONTEXT:
+     *@@ XWPSECURITYCONTEXTCORE:
      *      describes the security context for a process.
      *
@@ -345 +345 @@
      *          there would be one subject handle representing the
      *          ACLs for that in addition to those of the user running
-     *          it.
+     *          it (if any).
      *
      *      --  For processes that were started during system startup,
@@ -352 +352 @@
      *          PIDs to the driver with the "initialization" ring-0 API.
      *          As a result, all processes started through CONFIG.SYS
-     *          are considered trusted processes.
-     */
-
-    typedef struct _XWPSECURITYCONTEXT
-    {
-        ULONG       cbStruct;
-        ULONG       ulPID;          // process ID
-
-        ULONG       cSubjects;      // no. of subject handles in this context
+     *          are presently considered trusted processes.
+     */
+
+    typedef struct _XWPSECURITYCONTEXTCORE
+    {
+        USHORT      pidParent;      // ID of process parent
+
+        USHORT      cSubjects;      // no. of subject handles in this context
 
         HXSUBJECT   aSubjects[1];   // array of cSubjects subject handles,
-                                        // determining the permissions of this
-                                        // process
-
-    } XWPSECURITYCONTEXT, *PXWPSECURITYCONTEXT;
+                                    // determining the permissions of this
+                                    // process
+
+    } XWPSECURITYCONTEXTCORE, *PXWPSECURITYCONTEXTCORE;
 
     /* ******************************************************************
@@ -426 +425 @@
                     // is required for that).
                     // Should be used together with "Read", because
-                    // "Write" alone doesn't make much sense.
+                    // "Write" alone is not terribly useful.
                     // Besides, "Attrib" permission will also be
                     // required.
@@ -460 +459 @@
     /*
      *@@ XWPSECSTATUS:
+     *      structure representing the current status of XWPSec.
+     *      Used with QUECMD_QUERYSTATUS.
      *
      *@@added V1.0.1 (2003-01-10) [umoeller]
@@ -470 +471 @@
         // the following fields are only set if fLocalSecurity is TRUE
 
-        ULONG       cbAllocated;        // fixed memory currently allocated in ring 0
+        ULONG       cbAllocated;        // total fixed memory currently allocated in ring 0
         ULONG       cAllocations,       // no. of allocations made since startup
                     cFrees;             // no. of frees made since startup
@@ -478 +479 @@
         ULONG       cGranted,           // no. of syscalls where access was granted
                     cDenied;            // ... and denied
+        LONG        cContexts;          // no. of currently allocated security contexts
+                                        // (always >= the no. of running processes)
+        ULONG       cbACLs;             // of cbAllocated, no. of bytes in use for ACLs
     } XWPSECSTATUS, *PXWPSECSTATUS;
-
 
     /* ******************************************************************
@@ -507 +510 @@
     typedef struct _XWPUSERINFO
     {
-        XWPSECID    uid;                // user's ID (unique); 0 for root
+        XWPSECID    uid;                    // user's ID (unique); 0 for root
         CHAR        szUserName[XWPSEC_NAMELEN];
         CHAR        szFullName[XWPSEC_FULLNAMELEN];       // user's clear name
+        CHAR        szUserShell[CCHMAXPATH];    // user shell (normally "X:\OS2\PMSHELL.EXE")
     } XWPUSERINFO, *PXWPUSERINFO;
 
@@ -557 +561 @@
         XWPSECID    uid;            // user's ID
         CHAR        szUserName[XWPSEC_NAMELEN];
-        ULONG       cSubjects;      // no. of entries in aSubjects array
+        USHORT      cSubjects;      // no. of entries in aSubjects array
         HXSUBJECT   aSubjects[1];   // array of subject handles of this user; one "0" entry if root
     } XWPLOGGEDON, *PXWPLOGGEDON;
@@ -601 +605 @@
 
     #define XWPSEC_DB_ACL_SYNTAX        (ERROR_XWPSEC_FIRST + 40)
-    #define XWPSEC_DB_ACL_DUPRES        (ERROR_XWPSEC_FIRST + 41)
+    #define XWPSEC_DB_ACL_INTEGRITY     (ERROR_XWPSEC_FIRST + 41)
+    #define XWPSEC_DB_ACL_DUPRES        (ERROR_XWPSEC_FIRST + 42)
                 // more than one line for the same resource in ACL DB
 
@@ -745 +750 @@
         } QueryGroups;
 
-        #define QUECMD_QUERYPROCESSOWNER            5
+        #define QUECMD_QUERYUSERNAME                5
+
+        struct
+        {
+            XWPSECID    uid;                            // in: user ID
+            CHAR        szUserName[XWPSEC_NAMELEN];     // out: user name
+        } QueryUserName;
+
+        #define QUECMD_QUERYPROCESSOWNER            6
             // return the uid of the user who owns
             // the given process.
-            // Required authority: administrator.
+            // Required authority: XWPPERM_QUERYUSERINFO,
+            // unless the given process is owned by the
+            // same user who runs the query.
         struct
         {
-            ULONG               ulPID;      // in: PID to query
+            USHORT              pid;        // in: PID to query (or 0 for calling process)
+            HXSUBJECT           hsubj0;     // out: hSubject of user (or privileged process)
             XWPSECID            uid;        // out: uid of owner, if NO_ERROR is returned
         } QueryProcessOwner;
 
-        #define QUECMD_CREATEUSER                   6
+        #define QUECMD_CREATEUSER                   7
 
         struct
@@ -765 +781 @@
         } CreateUser;
 
-        #define QUECMD_SETUSERDATA                  7
+        #define QUECMD_SETUSERDATA                  8
 
         XWPUSERINFO     SetUserData;
 
-        #define QUECMD_DELETEUSER                   8
+        #define QUECMD_DELETEUSER                   9
 
         XWPSECID        uidDelete;
 
-        #define QUECMD_QUERYPERMISSIONS             9
+        #define QUECMD_QUERYPERMISSIONS             10
 
         struct
@@ -781 +797 @@
         } QueryPermissions;
 
+        #define QUECMD_SWITCHUSER                   11
+            // change the credentials of the current process. This
+            // allows a process to run on behalf of a different user
+            // and can be used to implement a "su" command, since
+            // processes started by the current process will inherit
+            // those credentials.
+
+        struct
+        {
+            CHAR        szUserName[XWPSEC_NAMELEN];
+            CHAR        szPassword[XWPSEC_NAMELEN];
+            XWPSECID    uid;                        // out: user id if NO_ERROR
+        } SwitchUser;
+
     } QUEUEUNION, *PQUEUEUNION;
 
@@ -836 +866 @@
     /* ******************************************************************
      *
-     *   Ring-0 (driver) APIs
+     *   APIs for interfacing XWPShell
      *
      ********************************************************************/
 
-    /*
-     *      Ring 0 interfaces required to be called from XWPShell:
-     *
-     *      --  Initialization: to be called exactly once when
-     *          XWPShell starts up. This call enables local security
-     *          and switches the driver into authorization mode:
-     *          from then on, all system events are authenticated
-     *          via the KPI callouts.
-     *
-     *          With this call, XWPShell must pass down an array of
-     *          PIDs that were already running when XWPShell was
-     *          started, including XWPShell itself. For these
-     *          processes, the driver will create security contexts
-     *          as trusted processes.
-     *
-     *          In addition, XWPShell sends down an array with all
-     *          definitions of trusted processes so that the driver
-     *          can create special security contexts for those.
-     *
-     *      --  Query security context: XWPShell needs to be able
-     *          to retrieve the security context of a given PID
-     *          from the driver to be able to authorize ring-3 API
-     *          calls such as "create user" or changing permissions.
-     *
-     *      --  Set security context: changes the security context
-     *          of an existing process. This is used by XWPShell
-     *          to change its own context when the local user logs
-     *          on. In addition, XWPShell will call this when a
-     *          third party process has requested to change its
-     *          context and this request was authenticated.
-     *
-     *      --  ACL table: Whenever subject handles are created or
-     *          deleted, XWPShell needs to rebuild the system ACL
-     *          table to contain the fresh subject handles and
-     *          pass them all down to the driver.
-     *
-     *      --  Refresh process list: XWPShell needs to periodically
-     *          call into the driver to pass it a list of processes
-     *          that are currently running. Since there is no callout
-     *          for when a process has terminated, the driver will
-     *          end up with plenty of zombie PIDs after a while. This
-     *          call will also be necessary before a user logs off
-     *          after his processes have been terminated to make
-     *          sure that subject handles are no longer in use.
-     */
-
-    /*
-     *@@ ACCESS:
-     *
-     *@@added V1.0.1 (2003-01-05) [umoeller]
-     */
-
-    typedef struct _ACCESS
-    {
-        HXSUBJECT   hSubject;           // subject handle; this is -1 if an entry
-                                        // exists for this resource but the user or
-                                        // group is not currently in use (because no
-                                        // such user is logged on)
-        BYTE        fbAccess;           // XWPACCESS_* flags
-    } ACCESS, *PACCESS;
-
-    /*
-     *@@ RESOURCEACL:
-     *      definition of a resource entry in the system access control
-     *      list (ACL).
-     *
-     *      At ring 0, the driver has a list of all RESOURCEACL entries
-     *      defined for the system. Each entry in turn has an array of
-     *      ACCESS structs listing the subject handles for the resource,
-     *      for example, defining that subject handle 1 (which could be
-     *      representing a user) may read and write this resource, subject
-     *      handle 2 (representing one of the groups the user belongs to)
-     *      may execute, and so on.
-     *
-     *      There will only be one entry for any resource per subject.
-     *      As a result, if the permissions for a resource are changed,
-     *      the existing entry must be found and refreshed to avoid
-     *      duplicates.
-     *
-     *      The global ACL table is build by XWPShell whenever it needs
-     *      updating and passed down to the driver for future use. It
-     *      will need rebuilding whenever a subject handle gets created
-     *      or when access permissions are changed by an administrator.
-     *
-     *      The table will be build as follows by XWPShell:
-     *
-     *      1)  XWPShell loads the file defining the ACLs for the entire
-     *          system.
-     *
-     *          For each definition in the file, it builds a RESOURCEACL
-     *          entry. It checks the permissions defined for the resource
-     *          in the file and sets up the array of ACCESS structures for
-     *          the resource. If a permission was defined for a user for
-     *          which a subject handle already exists (because the user
-     *          is already logged on), that subject handle is stored.
-     *          If a definition exists but none of the permissions apply
-     *          to any of the current users (because those users are not
-     *          logged on, or the groups are not in use yet), a dummy
-     *          entry with a -1 subject handle is created to block access
-     *          to the resource (see the algorithm description below).
-     *
-     *      2)  XWPShell then sends the system ACL list down to the driver.
-     *
-     *      During authorization, for any event, the driver first checks
-     *      if a null ("root") subject handle exists in the process's
-     *      security context. If so, access is granted unconditionally.
-     *
-     *      Otherwise, ACLs apply to all subdirectories too, unless a more
-     *      specific ACL entry is encountered. In other words,
-     *      the driver authorizes events bottom-up in the following order:
-     *
-     *      1)  It checks for whether an ACL entry for the given resource
-     *          exists in the ACL table.
-     *
-     *          If any ACL entry was found for the resource, access is
-     *          granted if any ACL entry allowed access for one of the
-     *          subjects in the process's security context. Access is denied
-     *          if ACL entries existed for the resource but none allowed access,
-     *          which includes the "blocker" -1 entry described above.
-     *
-     *          In any case, the search stops if an ACL entry was found
-     *          in the table, and access is either granted or denied.
-     *
-     *      2)  Only if no entry was found for the resource in any of the
-     *          subject infos, we climb up to the parent directory and
-     *          search all subject infos again. Go back to (1).
-     *
-     *      3)  After the root directory has been processed and still no
-     *          entry exists, access is denied.
-     *
-     *      Examples:
-     *
-     *      User "dumbo" belongs to the groups "users" and "admins".
-     *      The following ACLs are defined:
-     *
-     *      --  "users" may read "C:\DIR",
-     *
-     *      --  "admins" may read and write "C:\",
-     *
-     *      --  "admins" may create directories in "C:\DIR",
-     *
-     *      --  "otheruser" may read "C:\OTHERDIR".
-     *
-     *      Assuming that only "dumbo" is logged on presently and the following
-     *      subject handles have thus been created:
-     *
-     *      --  1 for user "dumbo",
-     *
-     *      --  2 for group "users",
-     *
-     *      --  3 for group "admins",
-     *
-     *      the system ACL table will contain the following entries:
-     *
-     *      --  "C:\": 3 (group "admins") may read and write;
-     *
-     *      --  "C:\DIR": 2 (group "users") may read, 3 (group "admins) may
-     *          create directories;
-     *
-     *      --  "C:\OTHERDIR": this will have a dummy -1 entry with no permissions
-     *          because the only ACL defined is that user "otheruser" may read, and
-     *          that user is not logged on.
-     *
-     *      1)  Assume a process running on behalf of "dumbo" wants to open
-     *          C:\DIR\SUBDIR\TEXT.DOC for reading.
-     *          Since the security context of "dumbo" has the three subject
-     *          handles for user "dumbo" (1) and the groups "users" (2) and
-     *          "admins" (3), the following happens:
-     *
-     *          a)  We check the system ACL table for "C:\DIR\SUBDIR\TEXT.DOC"
-     *              and find no ACL entry.
-     *
-     *          b)  So we take the parent directory, "C:\DIR\SUBDIR",
-     *              and again we find nothing.
-     *
-     *          c)  Taking the next parent, "C:\DIR\", we find the above two
-     *              subject handles: since "users" (2) may read, and that is
-     *              part of the security context, we grant access.
-     *
-     *      2)  Now assume that the same process wants to write the file back:
-     *
-     *          a)  Again, we find no ACL entries for "C:\DIR\SUBDIR\TEXT.DOC"
-     *              or "C:\DIR\SUBDIR".
-     *
-     *          b)  Searching for "C:\DIR", we find that "users" (2) may only read,
-     +              but not write. Also, "admins" (3) may create directories under
-     *              "C:\DIR", which is not sufficient either. Since no other entries
-     *              exist for "C:\DIR"  that would permit write, we deny access.
-     *              That "admins" may write to "C:\" does not help since more
-     *              specific entries exist for "C:\DIR".
-     *
-     *      3)  Now assume that the same process wants to create a new directory
-     *          under "C:\DIR\SUBDIR".
-     *
-     *          a)  Again, we find no ACL entries for "C:\DIR\SUBDIR".
-     *
-     *          b)  Searching for "C:\DIR", we find that "users" may only read,
-     *              which does not help. However, "admins" may create directories,
-     *              so we grant access.
-     *
-     *      4)  Assume now that the process wants to create a new directory under
-     *          "C:\OTHERDIR".
-     *
-     *          We find the ACL entry for "C:\OTHERDIR" and see only the -1
-     *          subject handle (for user "otheruser", who's not logged on),
-     *          and since no other permissions are set for us, we deny access.
-     *
-     *@@added V1.0.1 (2003-01-05) [umoeller]
-     */
-
-    typedef struct _RESOURCEACL
-    {
-        ULONG       cbStruct;           // size of entire structure; this is
-                                        //   sizeof(RESOURCEACL)
-                                        // + cbName - 1
-                                        // + cAccesses * sizeof(ACCESS)
-        USHORT      cAccesses;          // no. of entries in array of ACCESS structs;
-                                        // this comes right after szName, so its address
-                                        // is szName + cbName
-        USHORT      cbName;             // offset of array of ACCESS structs after szName
-                                        // (includes null terminator and DWORD alignment
-                                        // filler bytes)
-        CHAR        szName[1];          // fully qualified filename of this resource
-                                        // (zero-terminated)
-    } RESOURCEACL, *PRESOURCEACL;
-
-    /*
-     *@@ RING0BUF:
-     *
-     *@@added V1.0.1 (2003-01-05) [umoeller]
-     */
-
-    typedef struct _RING0BUF
-    {
-        ULONG       cbTotal;
-        ULONG       cSubjectInfos;      // no. of subject infos (directly after this struct)
-        ULONG       cACLs;              // no. of RESOURCEACL structs (after subject infos)
-        ULONG       ofsACLs;            // ofs of first RESOURCEACL struct from beginning of
-                                        // RING0BUF
-    } RING0BUF, *PRING0BUF;
+    APIRET xsecQueryStatus(PXWPSECSTATUS pStatus);
+
+    APIRET xsecQueryLocalUser(PXWPUSERDBENTRY *ppLocalUser);
+
+    APIRET xsecQueryAllUsers(PULONG pcUsers,
+                             PXWPUSERDBENTRY *ppaUsers);
+
+    APIRET xsecQueryGroups(PULONG pcGroups,
+                           PXWPGROUPDBENTRY *ppaGroups);
+
+    APIRET xsecQueryUserName(XWPSECID uid,
+                             PSZ pszUserName);
+
+    APIRET xsecQueryProcessOwner(USHORT pid,
+                                 XWPSECID *puid);
+
+    APIRET xsecCreateUser(PCSZ pcszUserName,
+                          PCSZ pcszFullName,
+                          PCSZ pcszPassword,
+                          XWPSECID gid,
+                          XWPSECID *puid);
+
+    APIRET xsecSetUserData(XWPSECID uid,
+                           PCSZ pcszUserName,
+                           PCSZ pcszFullName);
+
+    APIRET xsecDeleteUser(XWPSECID uid);
+
+    APIRET xsecQueryPermissions(PCSZ pcszFilename,
+                                PULONG pflAccess);
 
 #endif

trunk/src/helpers/dialog.c

@@ -296 +296 @@
  *      the control _sizes_, and everything is layed out automatically.
  *      You may even have the formatter compute the sizes automatically
- *      based on the control classes and values; it is possible to
- *      create dialogs without specifying a single size also.
+ *      based on the control classes and values (strings); it is possible
+ *      to create dialogs without specifying a single size also.
  *
  *      There are several tricks to how this works.
@@ -314 +314 @@
  *          (which again goes into ProcessRow and ProcessColumn).
  *          There is no limit to how deep tables may nest, except
- *          the stack size of the current thread. ;-)
+ *          for the stack size of the current thread, of course.
  *
  *      3)  This whole recursive iteration is performed several times.

trunk/src/helpers/dosh.c

@@ -2588 +2588 @@
  *@@changed V0.9.16 (2001-12-18) [umoeller]: fixed error codes
  *@@changed V1.0.1 (2003-01-10) [umoeller]: now allowing read for all modes
+ *@@changed V1.0.2 (2003-11-13) [umoeller]: optimized; now calling doshQueryPathSize only on failure
  */
 
@@ -2615 +2616 @@
             // which isn't that meaningful
             // V0.9.16 (2001-12-08) [umoeller]
-            arc = doshQueryPathSize(pcszFilename,
-                                    pcbFile);
+            /* arc = doshQueryPathSize(pcszFilename,
+                                    pcbFile); */
+                // moved this down V1.0.2 (2003-11-13) [umoeller]
         break;
 
@@ -2625 +2627 @@
                           | OPEN_ACCESS_READWRITE;
 
-            arc = doshQueryPathSize(pcszFilename,
-                                    pcbFile);
+            /* arc = doshQueryPathSize(pcszFilename,
+                                    pcbFile); */
+                // moved this down V1.0.2 (2003-11-13) [umoeller]
         break;
 
@@ -2646 +2649 @@
     }
 
-    if ((!arc) && fsOpenFlags && pcbFile && ppFile)
+    if (    (!arc)
+         && fsOpenFlags
+         && pcbFile
+         && ppFile
+       )
     {
         PXFILE pFile;
@@ -2695 +2702 @@
                 pFile->pszFilename = strdup(pcszFilename);
             }
-            #ifdef DEBUG_DOSOPEN
             else
-                 _Pmpf((__FUNCTION__ ": DosOpen returned %d for %s",
+            {
+                #ifdef DEBUG_DOSOPEN
+                    _Pmpf((__FUNCTION__ ": DosOpen returned %d for %s",
                              arc, pcszFilename));
-            #endif
+                #endif
+
+                // open failed: if the file doesn't exist, DosOpen only
+                // returns OPEN_FAILED, while ERROR_FILE_NOT_FOUND would
+                // be a bit more informative
+                // (this check used to be before DosOpen, but is a bit
+                // excessive and should only be run if we really have no open)
+                if (arc == ERROR_OPEN_FAILED)
+                    arc = doshQueryPathSize(pcszFilename,
+                                            pcbFile);
+            }
 
             if (arc)
@@ -2750 +2768 @@
  *@@added V0.9.13 (2001-06-14) [umoeller]
  *@@changed V0.9.16 (2001-12-18) [umoeller]: now with XFILE, and always using FILE_BEGIN
- *@@chaanged V0.9.19 (2002-04-02) [umoeller]: added params checking
+ *@@changed V0.9.19 (2002-04-02) [umoeller]: added params checking
+ *@@changed V1.0.2 (2003-11-13) [umoeller]: optimized cache (using realloc)
  */
 
@@ -2828 +2847 @@
             #endif
 
+#if 0
             // free old cache
             if (pFile->pbCache)
@@ -2834 +2854 @@
             // allocate new cache
             if (!(pFile->pbCache = (PBYTE)malloc(pFile->cbCache)))
+#else
+            // realloc is better V1.0.2 (2003-11-13) [umoeller]
+            if (!(pFile->pbCache = (PBYTE)realloc(pFile->pbCache,
+                                                  pFile->cbCache)))
+#endif
                 arc = ERROR_NOT_ENOUGH_MEMORY;
             else
@@ -4487 +4512 @@
 
 /*
+ *@@ doshMyParentPID:
+ *      returns the PID of the parent of the current process.
+ *
+ *      This uses an interesting hack which is way
+ *      faster than DosGetInfoBlocks.
+ *
+ *@@added V1.0.2 (2003-11-13) [umoeller]
+ */
+
+ULONG doshMyParentPID(VOID)
+{
+    if (!G_pvLocalInfoSeg)
+        // first call:
+        GetInfoSegs();
+
+    // parent PID is at offset 2 in the local info seg
+    return *(PUSHORT)((PBYTE)G_pvLocalInfoSeg + 2);
+}
+
+/*
  *@@ doshMyTID:
  *      returns the TID of the current thread.

trunk/src/helpers/exeh.c

@@ -266 +266 @@
 
         // read old DOS EXE header
-        if (!(pExec->pDosExeHeader = (PDOSEXEHEADER)malloc(sizeof(DOSEXEHEADER))))
-            arc = ERROR_NOT_ENOUGH_MEMORY;
-        else if (!(arc = doshReadAt(pFile,
-                                    0,
-                                    &pExec->cbDosExeHeader,      // in/out
-                                    (PBYTE)pExec->pDosExeHeader,
-                                    DRFL_FAILIFLESS)))
+        if ((arc = doshReadAt(pFile,
+                              0,
+                              &pExec->cbDosExeHeader,      // in/out
+                              (PBYTE)&pExec->DosExeHeader,
+                              DRFL_FAILIFLESS)))
+            pExec->cbDosExeHeader = 0;
+        else
         {
             // now check if we really have a DOS header
-            if (pExec->pDosExeHeader->usDosExeID != 0x5a4d)
+            if (pExec->DosExeHeader.usDosExeID != 0x5a4d)
             {
                 // arc = ERROR_INVALID_EXE_SIGNATURE;
@@ -289 +289 @@
                 // remove the DOS header info, since we have none
                 // V0.9.12 (2001-05-03) [umoeller]
-                FREE(pExec->pDosExeHeader);
+                // FREE(pExec->pDosExeHeader);
                 pExec->cbDosExeHeader = 0;
             }
@@ -295 +295 @@
             {
                 // we have a DOS header:
-                if (pExec->pDosExeHeader->usRelocTableOfs < 0x40)
+                if (pExec->DosExeHeader.usRelocTableOfs < 0x40)
                 {
                     // neither LX nor PE nor NE:
@@ -305 +305 @@
                     // we have a new header offset:
                     fLoadNewHeader = TRUE;
-                    ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+                    ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
                 }
             }
@@ -1199 +1199 @@
         ULONG ulNewHeaderOfs = 0;       // V0.9.12 (2001-05-03) [umoeller]
 
-        if (pExec->pDosExeHeader)
+        if (pExec->cbDosExeHeader)
             // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-            ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+            ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
         if (pExec->ulExeFormat == EXEFORMAT_LX)
@@ -1353 +1353 @@
     HFILE hfExe = pExec->pFile->hf;
 
-    if (pExec->pDosExeHeader)
+    if (pExec->cbDosExeHeader)
         // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-        ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+        ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
     ENSURE(DosSetFilePtr(hfExe,
@@ -1594 +1594 @@
     HFILE hfExe = pExec->pFile->hf;
 
-    if (pExec->pDosExeHeader)
+    if (pExec->cbDosExeHeader)
         // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-        ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+        ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
     ENSURE(DosSetFilePtr(hfExe,
@@ -1801 +1801 @@
         ULONG ulNewHeaderOfs = 0; // V0.9.12 (2001-05-03) [umoeller]
 
-        if (pExec->pDosExeHeader)
+        if (pExec->cbDosExeHeader)
             // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-            ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+            ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
         if (pExec->ulExeFormat == EXEFORMAT_LX)
@@ -1976 +1976 @@
         ULONG           ulNewHeaderOfs = 0; // V0.9.12 (2001-05-03) [umoeller]
 
-        if (pExec->pDosExeHeader)
+        if (pExec->cbDosExeHeader)
             // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-            ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+            ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
         if (pExec->ulExeFormat == EXEFORMAT_LX)
@@ -2371 +2371 @@
         ULONG cb;
 
-        if (pExec->pDosExeHeader)
+        if (pExec->cbDosExeHeader)
             // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-            ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+            ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
         // resource table
@@ -2883 +2883 @@
         ULONG ulPageSize = pExec->pLXHeader->ulPageSize;
 
+        // if the data is not compressed, we read it directly
+        // into caller's pbData buffer (avoid one memcpy)
+        // V1.0.2 (2003-11-13) [umoeller]
+        PBYTE pbTarget =
+            (ulFlags == VALID) ? pbData : pabCompressed;
+
         ulOffset += ulExeOffset;
 
@@ -2898 +2904 @@
                                     ulOffset,
                                     &ulSize,
-                                    pabCompressed,
+                                    pbTarget, // pabCompressed, V1.0.2 (2003-11-13) [umoeller]
                                     0)))
         {
@@ -2924 +2930 @@
                 break;
 
+                /* V1.0.2 (2003-11-13) [umoeller]
                 case VALID:
                     // uncompressed
@@ -2930 +2937 @@
                            ulPageSize);
                 break;
+                */
             }
         }
@@ -2948 +2956 @@
  *      type _and_ ID.
  *
- *      If NO_ERROR is returned, *ppbResData receives
- *      a new buffer with the raw resource data, and
- *      *pcbResData receives the size of that buffer.
- *      The caller must then free() that buffer.
+ *      If NO_ERROR is returned,
+ *
+ *      --  *ppbResData receives a new buffer with
+ *          the raw resource data, which the caller
+ *          must free();
+ *
+ *      --  *pulOffset receives an offset into that
+ *          buffer, where the actual resource data
+ *          starts;
+ *
+ *      --  *pcbResData receives the size of the
+ *          following resource data (what follows
+ *          after *pulOffset).
+ *
+ *      The reason for this slightly complicated
+ *      format is to avoid another memcpy since
+ *      resource data need not necessarily be on
+ *      an LX page boundary.
  *
  *      This code will properly unpack compressed
@@ -2977 +2999 @@
                           ULONG idResource,      // in: resource ID or 0 for first
                           PBYTE *ppbResData,     // out: resource data (to be free()'d)
+                          PULONG pulOffset,      // out: offset of actual data in buffer
                           PULONG pcbResData)     // out: size of resource data (ptr can be NULL)
 {
@@ -2995 +3018 @@
         return ERROR_INVALID_EXE_SIGNATURE;
 
-    if (pExec->pDosExeHeader)
+    if (pExec->cbDosExeHeader)
         // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-        ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+        ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
     if (!(cResources = pLXHeader->ulResTblCnt))
@@ -3136 +3159 @@
                         if (!arc)
                         {
-                            // allocate a new buffer for caller
-                            if (!(*ppbResData = (PBYTE)malloc(pRsEntry->cb)))
-                                arc = ERROR_NOT_ENOUGH_MEMORY;
-                            else
-                            {
-                                // copy into that buffer from the offset
-                                // into the first page and the data from
-                                // the subsequent pages too
-                                memcpy(*ppbResData,
-                                       pabUncompressed + ulResOffsetInFirstPage,
-                                       pRsEntry->cb);
-
-                                if (pcbResData)
-                                    *pcbResData = pRsEntry->cb;
-                            }
+                            // new code without malloc/memcpy V1.0.2 (2003-11-13) [umoeller]
+                            *ppbResData = pabUncompressed;
+                            *pulOffset = ulResOffsetInFirstPage;
+
+
+                            /*
+                                // allocate a new buffer for caller
+                                if (!(*ppbResData = (PBYTE)malloc(pRsEntry->cb)))
+                                    arc = ERROR_NOT_ENOUGH_MEMORY;
+                                else
+                                {
+                                    // copy into that buffer from the offset
+                                    // into the first page and the data from
+                                    // the subsequent pages too
+                                    memcpy(*ppbResData,
+                                           pabUncompressed + ulResOffsetInFirstPage,
+                                           pRsEntry->cb);
+                                }
+                            */
+
+                            if (pcbResData)
+                                *pcbResData = pRsEntry->cb;
 
                             fPtrFound = TRUE;
                         }
-
-                        FREE(pabUncompressed);
+                        else
+                            FREE(pabUncompressed);
+
                         FREE(pabCompressed);
                     }
@@ -3239 +3270 @@
         ULONG cb;
 
-        if (pExec->pDosExeHeader)
+        if (pExec->cbDosExeHeader)
             // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-            ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+            ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
         // resource table
@@ -3351 +3382 @@
         return ERROR_INVALID_EXE_SIGNATURE;
 
-    if (pExec->pDosExeHeader)
+    if (pExec->cbDosExeHeader)
         // executable has DOS stub: V0.9.12 (2001-05-03) [umoeller]
-        ulNewHeaderOfs = pExec->pDosExeHeader->ulNewHeaderOfs;
+        ulNewHeaderOfs = pExec->DosExeHeader.ulNewHeaderOfs;
 
     // _Pmpf((__FUNCTION__ ": entering, checking %d resources", pNEHeader->usResSegmCount));
@@ -3454 +3485 @@
         char **papsz[] =
             {
-                (char**)&pExec->pDosExeHeader,
+                // (char**)&pExec->pDosExeHeader,
                 (char**)&pExec->pNEHeader,
                 (char**)&pExec->pLXHeader,

trunk/src/helpers/helpers_pre.in

@@ -47 +47 @@
 $(OUTPUTDIR)\xprf.obj\
 $(OUTPUTDIR)\xprf2.obj\
+$(OUTPUTDIR)\xsecapi.obj\
 $(OUTPUTDIR)\xstring.obj
 

trunk/src/helpers/lan.c

@@ -213 +213 @@
  *      queries the given service.
  *
+ *      If NO_ERROR is returned,
+ +
+ +          SERVICEBUF.svci2_status & SERVICE_INSTALL_STATE
+ +
+ *      can be queried for the service state, which should
+ *      be one of the following:
+ *
+ *      --  SERVICE_UNINSTALLED: not running. For the
+ *          REQUESTER service, this is only a theoretical
+ *          value because without it, NERR_WkstaNotStarted
+ *          (2138) is returned.
+ *
+ *      --  SERVICE_INSTALL_PENDING: start in progress
+ *
+ *      --  SERVICE_UNINSTALL_PENDING: stop in progress
+ *
+ *      --  SERVICE_INSTALLED: running
+ *
+ *      Alternatively, call lanServiceControl with the
+ *      SERVICE_CTRL_INTERROGATE code, which actually asks the
+ *      service.
+ *
+ *      Returns, among others:
+ *
+ *      --  NO_ERROR
+ *
+ *      --  NERR_WkstaNotStarted (2138): requester is not
+ *          running.
+ *
+ *      --  NERR_ServiceNotInstalled: requested service is
+ *          not running.
+ *
  *@@added V1.0.0 (2002-09-24) [umoeller]
  */
@@ -240 +272 @@
  *      must be fully qualified so you cannot
  *      abbreviate "requester" with "req", for
- *      example (as valid with the net command).
+ *      example (as valid with the NET START command).
+ *
+ *      The name of the service is found in the IBMLAN.INI file.
+ *      The executable file name of the service is matched to a
+ *      corresponding entry in the Services section of the
+ *      IBMLAN.INI file. Any relative file path name supplied
+ *      for a service is assumed to be relative to the LAN
+ *      Server root directory (\IBMLAN).
+ *
+ *      #Net32ServiceInstall supports a cmdargs argument, which
+ *      is presently always passed as NULL with this implementation.
  *
  *      Returns, among others:
@@ -277 +319 @@
 /*
  *@@ lanServiceControl:
- *      queries, pauses, resumes, or stops the given service.
+ *      queries, pauses, resumes, or stops the given service. This
+ *      has the functionality of the NET STOP command.
  *
  *      opcode must be one of:
  *
  *      --  SERVICE_CTRL_INTERROGATE (0): interrogate service status.
+ *          This is similar to running lanServiceGetInfo, except
+ *          that this one actually asks the service for its status,
+ *          while lanServiceGetInfo simply dumps the status last
+ *          posted.
  *
  *      --  SERVICE_CTRL_PAUSE (1): pause service.

trunk/src/helpers/nls.c

@@ -149 +149 @@
                      ++n)
                     G_afLeadByte[n] = TRUE;
+
                 G_fDBCS = TRUE;
             }

trunk/src/helpers/nlscache.c

@@ -289 +289 @@
  *      After that, this function implements a fast string
  *      cache for various NLS strings. Compared to the
- *      standard method, this has the following advantages:
- *
- *      -- Memory is only consumed for strings that are actually
- *         used. The NLSSTRINGS array had become terribly big,
- *         and lots of strings were loaded that were never used.
- *
- *      -- Program startup should be a bit faster because we don't
- *         have to load a thousand strings at startup.
- *
- *      -- The memory buffer holding the string is probably close
- *         to the rest of the heap data that the caller allocated,
- *         so this might lead to less memory page fragmentation.
- *
- *      -- To add a new NLS string, before this mechanism existed,
- *         three files had to be changed (and kept in sync): common.h
- *         to add a field to the NLSSTRINGS structure, dlgids.h to
- *         add the string ID, and xfldrXXX.rc to add the resource.
- *         With the new mechanism, there's no need to change common.h
- *         any more, so the danger of forgetting something is a bit
- *         reduced. Anyway, fewer recompiles are needed (maybe),
- *         and sending in patches to the code is a bit easier.
+ *      standard method of preloading all NLS strings at
+ *      program startup, this method of on-demand string
+ *      loading has the following advantages:
+ *
+ *      --  Memory is only consumed for strings that are actually
+ *          used.
+ *
+ *      --  Program startup should be a bit faster because we don't
+ *          have to load a thousand strings at startup.
+ *
+ *      --  The memory buffer holding the string is probably close
+ *          to the rest of the heap data that the caller allocated,
+ *          so this might lead to less memory page fragmentation.
+ *          (This is a wild guess though.)
+ *
+ *      --  To add a new NLS string, before this mechanism existed,
+ *          three files had to be changed (and kept in sync): common.h
+ *          to add a field to the NLSSTRINGS structure, dlgids.h to
+ *          add the string ID, and xfldrXXX.rc to add the resource.
+ *          With the new mechanism, there's no need to change common.h
+ *          any more, so the danger of forgetting something is a bit
+ *          reduced. Anyway, fewer recompiles are needed (maybe),
+ *          and sending in patches to the code is a bit easier.
  *
  *      On input, specify a string resouce ID that exists