private void Reset() { RuntimeHelpers.PrepareConstrainedRegions(); try { // Payload is in the finally block // as a way to guarantee execution } finally { this.stateWasChanged = false; this.initialState = false; this.needToRevert = false; if (this.tlsContents != null) { if (0 == this.tlsContents.DecrementReferenceCount()) { this.tlsContents = null; Thread.SetData(tlsSlot, null); } } } }
private void Reset() { this.stateWasChanged = false; this.initialState = false; this.needToRevert = false; if (this.tlsContents != null) { if (0 == this.tlsContents.DecrementReferenceCount()) { this.tlsContents = null; tlsSlotData = null; } } }
private void Reset() { RuntimeHelpers.PrepareConstrainedRegions(); try { } finally { this.stateWasChanged = false; this.initialState = false; this.needToRevert = false; if ((this.tlsContents != null) && (this.tlsContents.DecrementReferenceCount() == 0)) { this.tlsContents = null; Thread.SetData(tlsSlot, null); } } }
private void Dispose(bool disposing) { if (disposed) { return; } if (disposing) { if (tlsContents != null) { tlsContents.Dispose(); tlsContents = null; } } disposed = true; }
// [SecurityPermission( SecurityAction.Demand, TogglePrivileges=true )] private void ToggleState(bool enable) { int error = 0; // // All privilege operations must take place on the same thread // if (!this.currentThread.Equals(Thread.CurrentThread)) { throw new InvalidOperationException(SR.InvalidOperation_MustBeSameThread); } // // This privilege was already altered and needs to be reverted before it can be altered again // if (this.needToRevert) { throw new InvalidOperationException(SR.InvalidOperation_MustRevertPrivilege); } // // Need to make this block of code non-interruptible so that it would preserve // consistency of thread oken state even in the face of catastrophic exceptions // try { // // The payload is entirely in the finally block // This is how we ensure that the code will not be // interrupted by catastrophic exceptions // } finally { try { // // Retrieve TLS state // this.tlsContents = tlsSlotData; if (this.tlsContents == null) { this.tlsContents = new TlsContents(); tlsSlotData = this.tlsContents; } else { this.tlsContents.IncrementReferenceCount(); } Interop.mincore.LUID_AND_ATTRIBUTES luidAndAttrs = new Interop.mincore.LUID_AND_ATTRIBUTES(); luidAndAttrs.Luid = this.luid; luidAndAttrs.Attributes = enable ? Interop.mincore.SEPrivileges.SE_PRIVILEGE_ENABLED : Interop.mincore.SEPrivileges.SE_PRIVILEGE_DISABLED; Interop.mincore.TOKEN_PRIVILEGE newState = new Interop.mincore.TOKEN_PRIVILEGE(); newState.PrivilegeCount = 1; newState.Privileges[0] = luidAndAttrs; Interop.mincore.TOKEN_PRIVILEGE previousState = new Interop.mincore.TOKEN_PRIVILEGE(); uint previousSize = 0; // // Place the new privilege on the thread token and remember the previous state. // if (false == Interop.mincore.AdjustTokenPrivileges( this.tlsContents.ThreadHandle, false, ref newState, (uint)Marshal.SizeOf(previousState), ref previousState, ref previousSize)) { error = Marshal.GetLastWin32Error(); } else if (Interop.mincore.Errors.ERROR_NOT_ALL_ASSIGNED == Marshal.GetLastWin32Error()) { error = Interop.mincore.Errors.ERROR_NOT_ALL_ASSIGNED; } else { // // This is the initial state that revert will have to go back to // this.initialState = ((previousState.Privileges[0].Attributes & Interop.mincore.SEPrivileges.SE_PRIVILEGE_ENABLED) != 0); // // Remember whether state has changed at all // this.stateWasChanged = (this.initialState != enable); // // If we had to impersonate, or if the privilege state changed we'll need to revert // this.needToRevert = this.tlsContents.IsImpersonating || this.stateWasChanged; } } finally { if (!this.needToRevert) { this.Reset(); } } } if (error == Interop.mincore.Errors.ERROR_NOT_ALL_ASSIGNED) { throw new PrivilegeNotHeldException(privileges[this.luid]); } if (error == Interop.mincore.Errors.ERROR_NOT_ENOUGH_MEMORY) { throw new OutOfMemoryException(); } else if (error == Interop.mincore.Errors.ERROR_ACCESS_DENIED || error == Interop.mincore.Errors.ERROR_CANT_OPEN_ANONYMOUS) { throw new UnauthorizedAccessException(); } else if (error != 0) { System.Diagnostics.Debug.Assert(false, string.Format(CultureInfo.InvariantCulture, "AdjustTokenPrivileges() failed with unrecognized error code {0}", error)); throw new InvalidOperationException(); } }
private void ToggleState( bool enable ) { int error = 0; // // All privilege operations must take place on the same thread // if ( !this.currentThread.Equals( Thread.CurrentThread )) { throw new InvalidOperationException( "Operation must take place on the thread that created the object" ); } // // This privilege was already altered and needs to be reverted before it can be altered again // if ( this.NeedToRevert ) { throw new InvalidOperationException( "Must revert the privilege prior to attempting this operation" ); } try { // // Retrieve TLS state // this.tlsContents = Thread.GetData( tlsSlot ) as TlsContents; if ( this.tlsContents == null ) { this.tlsContents = new TlsContents(); Thread.SetData( tlsSlot, this.tlsContents ); } else { this.tlsContents.IncrementReferenceCount(); } NativeMethods.TOKEN_PRIVILEGE newState = new NativeMethods.TOKEN_PRIVILEGE(); newState.PrivilegeCount = 1; newState.Privilege.Luid = this.luid; newState.Privilege.Attributes = enable ? NativeMethods.SE_PRIVILEGE_ENABLED : NativeMethods.SE_PRIVILEGE_DISABLED; NativeMethods.TOKEN_PRIVILEGE previousState = new NativeMethods.TOKEN_PRIVILEGE(); uint previousSize = 0; // // Place the new privilege on the thread token and remember the previous state. // if ( false == NativeMethods.AdjustTokenPrivileges( this.tlsContents.ThreadHandle, false, ref newState, ( uint )Marshal.SizeOf( previousState ), ref previousState, ref previousSize )) { error = Marshal.GetLastWin32Error(); } else if ( NativeMethods.ERROR_NOT_ALL_ASSIGNED == Marshal.GetLastWin32Error()) { error = NativeMethods.ERROR_NOT_ALL_ASSIGNED; } else { // // This is the initial state that revert will have to go back to // this.initialState = (( previousState.Privilege.Attributes & NativeMethods.SE_PRIVILEGE_ENABLED ) != 0 ); // // Remember whether state has changed at all // this.stateWasChanged = ( this.initialState != enable ); // // If we had to impersonate, or if the privilege state changed we'll need to revert // this.needToRevert = this.tlsContents.IsImpersonating || this.stateWasChanged; } } finally { if ( !this.needToRevert ) { this.Reset(); } } if ( error == NativeMethods.ERROR_NOT_ALL_ASSIGNED ) { throw new PrivilegeNotHeldException( privileges[this.luid] as string ); } if ( error == NativeMethods.ERROR_NOT_ENOUGH_MEMORY ) { throw new OutOfMemoryException(); } else if ( error == NativeMethods.ERROR_ACCESS_DENIED || error == NativeMethods.ERROR_CANT_OPEN_ANONYMOUS ) { throw new UnauthorizedAccessException( "The caller does not have the right to change the privilege" ); } else if ( error != 0 ) { throw new Win32Exception( error ); } }
private void Reset() { this.stateWasChanged = false; this.initialState = false; this.needToRevert = false; if ( this.tlsContents != null ) { if ( 0 == this.tlsContents.DecrementReferenceCount()) { this.tlsContents = null; Thread.SetData( tlsSlot, null ); } } }
private void ToggleState(bool enable) { int error = 0; // // All privilege operations must take place on the same thread // if (!this.currentThread.Equals(Thread.CurrentThread)) { throw new InvalidOperationException("Operation must take place on the thread that created the object"); } // // This privilege was already altered and needs to be reverted before it can be altered again // if (this.NeedToRevert) { throw new InvalidOperationException("Must revert the privilege prior to attempting this operation"); } // // Need to make this block of code non-interruptible so that it would preserve // consistency of thread oken state even in the face of catastrophic exceptions // RuntimeHelpers.PrepareConstrainedRegions(); try { // // The payload is entirely in the finally block // This is how we ensure that the code will not be // interrupted by catastrophic exceptions // } finally { try { // // Retrieve TLS state // this.tlsContents = Thread.GetData(tlsSlot) as TlsContents; if (this.tlsContents == null) { this.tlsContents = new TlsContents(); Thread.SetData(tlsSlot, this.tlsContents); } else { this.tlsContents.IncrementReferenceCount(); } NativeMethods.TOKEN_PRIVILEGE newState = new NativeMethods.TOKEN_PRIVILEGE(); newState.PrivilegeCount = 1; newState.Privilege.Luid = this.luid; newState.Privilege.Attributes = enable ? NativeMethods.SE_PRIVILEGE_ENABLED : NativeMethods.SE_PRIVILEGE_DISABLED; NativeMethods.TOKEN_PRIVILEGE previousState = new NativeMethods.TOKEN_PRIVILEGE(); uint previousSize = 0; // // Place the new privilege on the thread token and remember the previous state. // if (false == NativeMethods.AdjustTokenPrivileges( this.tlsContents.ThreadHandle, false, ref newState, ( uint )Marshal.SizeOf(previousState), ref previousState, ref previousSize)) { error = Marshal.GetLastWin32Error(); } else if (NativeMethods.ERROR_NOT_ALL_ASSIGNED == Marshal.GetLastWin32Error()) { error = NativeMethods.ERROR_NOT_ALL_ASSIGNED; } else { // // This is the initial state that revert will have to go back to // this.initialState = ((previousState.Privilege.Attributes & NativeMethods.SE_PRIVILEGE_ENABLED) != 0); // // Remember whether state has changed at all // this.stateWasChanged = (this.initialState != enable); // // If we had to impersonate, or if the privilege state changed we'll need to revert // this.needToRevert = this.tlsContents.IsImpersonating || this.stateWasChanged; } } finally { if (!this.needToRevert) { this.Reset(); } } } if (error == NativeMethods.ERROR_NOT_ALL_ASSIGNED) { throw new PrivilegeNotHeldException(privileges[this.luid] as string); } if (error == NativeMethods.ERROR_NOT_ENOUGH_MEMORY) { throw new OutOfMemoryException(); } else if (error == NativeMethods.ERROR_ACCESS_DENIED || error == NativeMethods.ERROR_CANT_OPEN_ANONYMOUS) { throw new UnauthorizedAccessException("The caller does not have the right to change the privilege"); } else if (error != 0) { throw new Win32Exception(error); } }
private void ToggleState(bool enable) { int num = 0; if (!this.currentThread.Equals(Thread.CurrentThread)) { throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_MustBeSameThread")); } if (this.needToRevert) { throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_MustRevertPrivilege")); } RuntimeHelpers.PrepareConstrainedRegions(); try { } finally { try { this.tlsContents = Thread.GetData(tlsSlot) as TlsContents; if (this.tlsContents == null) { this.tlsContents = new TlsContents(); Thread.SetData(tlsSlot, this.tlsContents); } else { this.tlsContents.IncrementReferenceCount(); } Win32Native.TOKEN_PRIVILEGE newState = new Win32Native.TOKEN_PRIVILEGE { PrivilegeCount = 1 }; newState.Privilege.Luid = this.luid; newState.Privilege.Attributes = enable ? 2 : 0; Win32Native.TOKEN_PRIVILEGE structure = new Win32Native.TOKEN_PRIVILEGE(); uint returnLength = 0; int introduced4 = Marshal.SizeOf(structure); if (!Win32Native.AdjustTokenPrivileges(this.tlsContents.ThreadHandle, false, ref newState, (uint)introduced4, ref structure, ref returnLength)) { num = Marshal.GetLastWin32Error(); } else if (0x514 == Marshal.GetLastWin32Error()) { num = 0x514; } else { this.initialState = (structure.Privilege.Attributes & 2) != 0; this.stateWasChanged = this.initialState != enable; this.needToRevert = this.tlsContents.IsImpersonating || this.stateWasChanged; } } finally { if (!this.needToRevert) { this.Reset(); } } } switch (num) { case 0x514: throw new PrivilegeNotHeldException(privileges[this.luid] as string); case 8: throw new OutOfMemoryException(); case 5: case 0x543: throw new UnauthorizedAccessException(); } if (num != 0) { throw new InvalidOperationException(); } }
private void Reset() { RuntimeHelpers.PrepareConstrainedRegions(); try { } finally { this.stateWasChanged = false; this.initialState = false; this.needToRevert = false; if ( this.tlsContents != null ) { if ( 0 == this.tlsContents.DecrementReferenceCount()) { this.tlsContents = null; Thread.SetData( tlsSlot, null ); } } } }
private void ToggleState( bool enable ) { int error = 0; // // All privilege operations must take place on the same thread // if ( !this.currentThread.Equals( Thread.CurrentThread )) { throw new InvalidOperationException( Environment.GetResourceString( "InvalidOperation_MustBeSameThread" )); } // // This privilege was already altered and needs to be reverted before it can be altered again // if ( this.needToRevert ) { throw new InvalidOperationException( Environment.GetResourceString( "InvalidOperation_MustRevertPrivilege" )); } // // Need to make this block of code non-interruptible so that it would preserve // consistency of thread oken state even in the face of catastrophic exceptions // RuntimeHelpers.PrepareConstrainedRegions(); try { // // The payload is entirely in the finally block // This is how we ensure that the code will not be // interrupted by catastrophic exceptions // } finally { try { // // Retrieve TLS state // this.tlsContents = Thread.GetData( tlsSlot ) as TlsContents; if ( this.tlsContents == null ) { this.tlsContents = new TlsContents(); Thread.SetData( tlsSlot, this.tlsContents ); } else { this.tlsContents.IncrementReferenceCount(); } Win32Native.TOKEN_PRIVILEGE newState = new Win32Native.TOKEN_PRIVILEGE(); newState.PrivilegeCount = 1; newState.Privilege.Luid = this.luid; newState.Privilege.Attributes = enable ? Win32Native.SE_PRIVILEGE_ENABLED : Win32Native.SE_PRIVILEGE_DISABLED; Win32Native.TOKEN_PRIVILEGE previousState = new Win32Native.TOKEN_PRIVILEGE(); uint previousSize = 0; // // Place the new privilege on the thread token and remember the previous state. // if ( false == Win32Native.AdjustTokenPrivileges( this.tlsContents.ThreadHandle, false, ref newState, ( uint )Marshal.SizeOf( previousState ), ref previousState, ref previousSize )) { error = Marshal.GetLastWin32Error(); } else if ( Win32Native.ERROR_NOT_ALL_ASSIGNED == Marshal.GetLastWin32Error()) { error = Win32Native.ERROR_NOT_ALL_ASSIGNED; } else { // // This is the initial state that revert will have to go back to // this.initialState = (( previousState.Privilege.Attributes & Win32Native.SE_PRIVILEGE_ENABLED ) != 0 ); // // Remember whether state has changed at all // this.stateWasChanged = ( this.initialState != enable ); // // If we had to impersonate, or if the privilege state changed we'll need to revert // this.needToRevert = this.tlsContents.IsImpersonating || this.stateWasChanged; } } finally { if ( !this.needToRevert ) { this.Reset(); } } } if ( error == Win32Native.ERROR_NOT_ALL_ASSIGNED ) { throw new PrivilegeNotHeldException( privileges[this.luid] as string ); } if ( error == Win32Native.ERROR_NOT_ENOUGH_MEMORY ) { throw new OutOfMemoryException(); } else if ( error == Win32Native.ERROR_ACCESS_DENIED || error == Win32Native.ERROR_CANT_OPEN_ANONYMOUS ) { throw new UnauthorizedAccessException(); } else if ( error != 0 ) { Contract.Assert( false, string.Format( CultureInfo.InvariantCulture, "AdjustTokenPrivileges() failed with unrecognized error code {0}", error )); throw new InvalidOperationException(); } }
private void Reset() { RuntimeHelpers.PrepareConstrainedRegions(); try { // Payload is in the finally block // as a way to guarantee execution } finally { this.stateWasChanged = false; this.initialState = false; this.needToRevert = false; if ( this.tlsContents != null ) { if ( 0 == this.tlsContents.DecrementReferenceCount()) { this.tlsContents = null; Thread.SetData( tlsSlot, null ); } } } }
private void ToggleState(bool enable) { int error = 0; // // All privilege operations must take place on the same thread // if (!this.currentThread.Equals(Thread.CurrentThread)) { throw new InvalidOperationException("Operation must take place on the thread that created the object"); } // // This privilege was already altered and needs to be reverted before it can be altered again // if (this.NeedToRevert) { throw new InvalidOperationException("Must revert the privilege prior to attempting this operation"); } // // Need to make this block of code non-interruptible so that it would preserve // consistency of thread oken state even in the face of catastrophic exceptions // RuntimeHelpers.PrepareConstrainedRegions(); try { // // The payload is entirely in the finally block // This is how we ensure that the code will not be // interrupted by catastrophic exceptions // } finally { try { // // Retrieve TLS state // this.tlsContents = Thread.GetData(tlsSlot) as TlsContents; if (this.tlsContents == null) { this.tlsContents = new TlsContents(); Thread.SetData(tlsSlot, this.tlsContents); } else { this.tlsContents.IncrementReferenceCount(); } NativeMethods.TOKEN_PRIVILEGE newState = new NativeMethods.TOKEN_PRIVILEGE(); newState.PrivilegeCount = 1; newState.Privilege.Luid = this.luid; newState.Privilege.Attributes = (enable ? NativeMethods.PrivilegeAttribute.Enabled : NativeMethods.PrivilegeAttribute.Disabled); NativeMethods.TOKEN_PRIVILEGE previousState = new NativeMethods.TOKEN_PRIVILEGE(); uint previousSize = 0; // // Place the new privilege on the thread token and remember the previous state. // bool fResult = NativeMethods.AdjustTokenPrivileges(this.tlsContents.ThreadHandle, false, ref newState, (uint)Marshal.SizeOf(previousState), ref previousState, ref previousSize); error = Marshal.GetLastWin32Error(); if (fResult && error != Win32Error.ERROR_NOT_ALL_ASSIGNED) { // // This is the initial state that revert will have to go back to // this.initialState = ((previousState.Privilege.Attributes & NativeMethods.PrivilegeAttribute.Enabled) != 0); // // Remember whether state has changed at all // this.stateWasChanged = (this.initialState != enable); // // If we had to impersonate, or if the privilege state changed we'll need to revert // this.needToRevert = this.tlsContents.IsImpersonating || this.stateWasChanged; } } finally { if (!this.needToRevert) { this.Reset(); } } } switch (error) { case Win32Error.ERROR_NOT_ALL_ASSIGNED: throw new PrivilegeNotHeldException( privileges[this.luid] as string); case Win32Error.ERROR_NOT_ENOUGH_MEMORY: throw new InsufficientMemoryException(); case Win32Error.ERROR_CANT_OPEN_ANONYMOUS: goto case Win32Error.ERROR_ACCESS_DENIED; case Win32Error.ERROR_ACCESS_DENIED: { throw new UnauthorizedAccessException("The caller does not have the right to change the " + "privilege"); } default: { if (error != Win32Error.ERROR_SUCCESS) { throw new Win32Exception(error); } break; } } }
private void Dispose(bool disposing) { if (disposed) return; if (disposing) { if (tlsContents != null) { tlsContents.Dispose(); tlsContents = null; } } disposed = true; }
private void ToggleState(bool enable) { int num = 0; if (!this.currentThread.Equals(Thread.CurrentThread)) { throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_MustBeSameThread")); } if (this.needToRevert) { throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_MustRevertPrivilege")); } RuntimeHelpers.PrepareConstrainedRegions(); try { } finally { try { this.tlsContents = Thread.GetData(tlsSlot) as TlsContents; if (this.tlsContents == null) { this.tlsContents = new TlsContents(); Thread.SetData(tlsSlot, this.tlsContents); } else { this.tlsContents.IncrementReferenceCount(); } Win32Native.TOKEN_PRIVILEGE newState = new Win32Native.TOKEN_PRIVILEGE { PrivilegeCount = 1 }; newState.Privilege.Luid = this.luid; newState.Privilege.Attributes = enable ? 2 : 0; Win32Native.TOKEN_PRIVILEGE structure = new Win32Native.TOKEN_PRIVILEGE(); uint returnLength = 0; int introduced4 = Marshal.SizeOf(structure); if (!Win32Native.AdjustTokenPrivileges(this.tlsContents.ThreadHandle, false, ref newState, (uint) introduced4, ref structure, ref returnLength)) { num = Marshal.GetLastWin32Error(); } else if (0x514 == Marshal.GetLastWin32Error()) { num = 0x514; } else { this.initialState = (structure.Privilege.Attributes & 2) != 0; this.stateWasChanged = this.initialState != enable; this.needToRevert = this.tlsContents.IsImpersonating || this.stateWasChanged; } } finally { if (!this.needToRevert) { this.Reset(); } } } switch (num) { case 0x514: throw new PrivilegeNotHeldException(privileges[this.luid] as string); case 8: throw new OutOfMemoryException(); case 5: case 0x543: throw new UnauthorizedAccessException(); } if (num != 0) { throw new InvalidOperationException(); } }