1 files changed, 161 insertions, 0 deletions

diff --git a/src/ccapi/common/win/OldCC/secure.cxx b/src/ccapi/common/win/OldCC/secure.cxx
new file mode 100644
index 0000000000000..99ba08a25dd46
--- /dev/null
+++ b/src/ccapi/common/win/OldCC/secure.cxx
@@ -0,0 +1,161 @@
+/*
+ * $Header$
+ *
+ * Copyright 2008 Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+#include <windows.h>
+#include "secure.hxx"
+
+extern "C" {
+#include "cci_debugging.h"
+    }
+
+CcOsLock SecureClient::s_lock;
+DWORD SecureClient::s_refcount = 0;
+DWORD SecureClient::s_error = 0;
+HANDLE SecureClient::s_hToken = 0;
+
+#include "util.h"
+
+#define SC "SecureClient::"
+
+DWORD
+SecureClient::Attach(
+    )
+{
+    CcAutoLock AL(s_lock);
+    if (s_hToken) {
+        s_refcount++;
+        return 0;
+    }
+    if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, 
+                         &s_hToken)) {
+        s_refcount++;
+        s_error = 0;
+    } else {
+        s_hToken = 0;
+        s_error = GetLastError();
+    }
+    return s_error;
+}
+
+DWORD
+SecureClient::Detach(
+    )
+{
+    CcAutoLock AL(s_lock);
+    s_refcount--;
+    if (s_refcount) return 0;
+    if (!s_hToken) return 0;
+    DWORD error = 0;
+    if (!CloseHandle(s_hToken))
+        error = GetLastError();
+    s_hToken = 0;
+    s_error = 0;
+    return error;
+}
+
+DWORD SecureClient::Token(HANDLE& hToken) {
+    // This function will not do automatic initialization.
+    CcAutoLock AL(s_lock);
+    hToken = 0;
+    if (!s_hToken) {
+        cci_debug_printf("%s no process token initialized (%u)", __FUNCTION__, s_error);
+        return s_error ? s_error : ERROR_INVALID_HANDLE;
+        } 
+    else {
+        DWORD status = 0;
+        if (!DuplicateHandle(GetCurrentProcess(), s_hToken, 
+                             GetCurrentProcess(), &hToken, 0, FALSE, 
+                             DUPLICATE_SAME_ACCESS)) {
+            status = GetLastError();
+            cci_debug_printf("  Could not duplicate handle (%u)", status);
+            }
+        return status;
+        }
+    }
+
+void
+SecureClient::Start(SecureClient*& s) {
+    s = new SecureClient;
+}
+
+void
+SecureClient::Stop(SecureClient*& s) {
+    delete s;
+    s = 0;
+}
+
+///////////////////////////////////////////////////////////////////////////////
+
+/* This constructor turns off impersonation.
+ * It is OK for OpenThreadToken to return an error -- that just means impersonation
+ * is off.
+ */
+SecureClient::SecureClient():
+    m_Error(0),
+    m_hToken(0),
+    m_NeedRestore(false) {
+
+    HANDLE hThread = GetCurrentThread();
+    HANDLE hThDuplicate;
+    
+    int status  = DuplicateHandle(  GetCurrentProcess(),
+                                    hThread,
+                                    GetCurrentProcess(),
+                                    &hThDuplicate,
+                                    TOKEN_ALL_ACCESS,
+                                    FALSE,
+                                    0);
+    if (!status) return;
+
+    if (!OpenThreadToken(hThDuplicate, TOKEN_ALL_ACCESS, FALSE, &m_hToken)) {
+        m_Error = GetLastError();
+        return;
+        }
+    if (SetThreadToken(&hThDuplicate, NULL)) {
+        m_NeedRestore = true;
+    } else {
+        m_Error = GetLastError();
+        }
+    CloseHandle(hThDuplicate);
+    }
+
+SecureClient::~SecureClient() {
+    if (m_NeedRestore) {
+        HANDLE hThread = GetCurrentThread();
+        if (!SetThreadToken(&hThread, m_hToken)) {
+            m_Error = cci_check_error(GetLastError());
+            }
+        }
+    if (m_hToken) {
+        if (!CloseHandle(m_hToken)) {
+            m_Error = cci_check_error(GetLastError());
+            }
+        }
+    }
+
+DWORD SecureClient::Error() {
+    return m_Error;
+    }
\ No newline at end of file