[SERVICES]

[reactos.git] / reactos / base / system / services / rpcserver.c

diff --git a/reactos/base/system/services/rpcserver.c b/reactos/base/system/services/rpcserver.c
index 914e013..c1c717e 100644 (file)
--- a/reactos/base/system/services/rpcserver.c
+++ b/reactos/base/system/services/rpcserver.c
@@ -24,7 +24,6 @@
 typedef struct _SCMGR_HANDLE
 {
     DWORD Tag;
-    DWORD RefCount;
     DWORD DesiredAccess;
 } SCMGR_HANDLE;
 
@@ -32,9 +31,6 @@ typedef struct _SCMGR_HANDLE
 typedef struct _MANAGER_HANDLE
 {
     SCMGR_HANDLE Handle;
-
-    /* FIXME: Insert more data here */
-
     WCHAR DatabaseName[1];
 } MANAGER_HANDLE, *PMANAGER_HANDLE;
 
@@ -42,12 +38,7 @@ typedef struct _MANAGER_HANDLE
 typedef struct _SERVICE_HANDLE
 {
     SCMGR_HANDLE Handle;
-
-    DWORD DesiredAccess;
     PSERVICE ServiceEntry;
-
-    /* FIXME: Insert more data here */
-
 } SERVICE_HANDLE, *PSERVICE_HANDLE;
 
 
@@ -151,7 +142,7 @@ ScmCreateManagerHandle(LPWSTR lpDatabaseName,
     if (lpDatabaseName == NULL)
         lpDatabaseName = SERVICES_ACTIVE_DATABASEW;
 
-    if (_wcsicmp(lpDatabaseName,SERVICES_FAILED_DATABASEW)==0)
+    if (_wcsicmp(lpDatabaseName, SERVICES_FAILED_DATABASEW) == 0)
     {
         DPRINT("Database %S, does not exist\n",lpDatabaseName);
         return ERROR_DATABASE_DOES_NOT_EXIST;
@@ -169,9 +160,6 @@ ScmCreateManagerHandle(LPWSTR lpDatabaseName,
         return ERROR_NOT_ENOUGH_MEMORY;
 
     Ptr->Handle.Tag = MANAGER_TAG;
-    Ptr->Handle.RefCount = 1;
-
-    /* FIXME: initialize more data here */
 
     wcscpy(Ptr->DatabaseName, lpDatabaseName);
 
@@ -194,9 +182,7 @@ ScmCreateServiceHandle(PSERVICE lpServiceEntry,
         return ERROR_NOT_ENOUGH_MEMORY;
 
     Ptr->Handle.Tag = SERVICE_TAG;
-    Ptr->Handle.RefCount = 1;
 
-    /* FIXME: initialize more data here */
     Ptr->ServiceEntry = lpServiceEntry;
 
     *Handle = (SC_HANDLE)Ptr;
@@ -205,6 +191,46 @@ ScmCreateServiceHandle(PSERVICE lpServiceEntry,
 }
 
 
+static PMANAGER_HANDLE
+ScmGetServiceManagerFromHandle(SC_RPC_HANDLE Handle)
+{
+    PMANAGER_HANDLE pManager = NULL;
+
+    _SEH2_TRY
+    {
+        if (((PMANAGER_HANDLE)Handle)->Handle.Tag == MANAGER_TAG)
+            pManager = (PMANAGER_HANDLE)Handle;
+    }
+    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+    {
+        DPRINT1("Exception: Invalid Service Manager handle!\n");
+    }
+    _SEH2_END;
+
+    return pManager;
+}
+
+
+static PSERVICE_HANDLE
+ScmGetServiceFromHandle(SC_RPC_HANDLE Handle)
+{
+    PSERVICE_HANDLE pService = NULL;
+
+    _SEH2_TRY
+    {
+        if (((PSERVICE_HANDLE)Handle)->Handle.Tag == SERVICE_TAG)
+            pService = (PSERVICE_HANDLE)Handle;
+    }
+    _SEH2_EXCEPT(EXCEPTION_EXECUTE_HANDLER)
+    {
+        DPRINT1("Exception: Invalid Service handle!\n");
+    }
+    _SEH2_END;
+
+    return pService;
+}
+
+
 static DWORD
 ScmCheckAccess(SC_HANDLE Handle,
                DWORD dwDesiredAccess)
@@ -417,42 +443,38 @@ DWORD RCloseServiceHandle(
     if (*hSCObject == 0)
         return ERROR_INVALID_HANDLE;
 
-    hManager = (PMANAGER_HANDLE)*hSCObject;
-    hService = (PSERVICE_HANDLE)*hSCObject;
-    if (hManager->Handle.Tag == MANAGER_TAG)
+    hManager = ScmGetServiceManagerFromHandle(*hSCObject);
+    hService = ScmGetServiceFromHandle(*hSCObject);
+
+    if (hManager != NULL)
     {
         DPRINT("Found manager handle\n");
 
-        hManager->Handle.RefCount--;
-        if (hManager->Handle.RefCount == 0)
-        {
-            /* FIXME: add handle cleanup code */
+        /* FIXME: add handle cleanup code */
 
-            HeapFree(GetProcessHeap(), 0, hManager);
-            hManager = NULL;
-        }
+        HeapFree(GetProcessHeap(), 0, hManager);
+        hManager = NULL;
+
+        *hSCObject = NULL;
 
         DPRINT("RCloseServiceHandle() done\n");
         return ERROR_SUCCESS;
     }
-    else if (hService->Handle.Tag == SERVICE_TAG)
+    else if (hService != NULL)
     {
         DPRINT("Found service handle\n");
 
+        /* Lock the service database exlusively */
+        ScmLockDatabaseExclusive();
+
         /* Get the pointer to the service record */
         lpService = hService->ServiceEntry;
 
-        ASSERT(hService->Handle.RefCount > 0);
+        /* FIXME: add handle cleanup code */
 
-        hService->Handle.RefCount--;
-        if (hService->Handle.RefCount == 0)
-        {
-            /* FIXME: add handle cleanup code */
-
-            /* Free the handle */
-            HeapFree(GetProcessHeap(), 0, hService);
-            hService = NULL;
-        }
+        /* Free the handle */
+        HeapFree(GetProcessHeap(), 0, hService);
+        hService = NULL;
 
         ASSERT(lpService->dwRefCount > 0);
 
@@ -474,6 +496,7 @@ DWORD RCloseServiceHandle(
                 if (dwError != ERROR_SUCCESS)
                 {
                     DPRINT("Failed to open services key\n");
+                    ScmUnlockDatabase();
                     return dwError;
                 }
 
@@ -490,6 +513,7 @@ DWORD RCloseServiceHandle(
                 {
                     DPRINT("Deletion failed due to running dependencies.\n");
                     RegCloseKey(hServicesKey);
+                    ScmUnlockDatabase();
                     return ERROR_SUCCESS;
                 }
 
@@ -505,6 +529,7 @@ DWORD RCloseServiceHandle(
                 if (dwError != ERROR_SUCCESS)
                 {
                     DPRINT("Failed to Delete the Service Registry key\n");
+                    ScmUnlockDatabase();
                     return dwError;
                 }
 
@@ -513,6 +538,10 @@ DWORD RCloseServiceHandle(
             }
         }
 
+        ScmUnlockDatabase();
+
+        *hSCObject = NULL;
+
         DPRINT("RCloseServiceHandle() done\n");
         return ERROR_SUCCESS;
     }
@@ -535,6 +564,8 @@ DWORD RControlService(
     DWORD dwError = ERROR_SUCCESS;
     DWORD pcbBytesNeeded = 0;
     DWORD dwServicesReturned = 0;
+    DWORD dwControlsAccepted;
+    DWORD dwCurrentState;
     HKEY hServicesKey = NULL;
 
     DPRINT("RControlService() called\n");
@@ -543,18 +574,19 @@ DWORD RControlService(
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
     /* Check the service handle */
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
+
     /* Check the service entry point */
     lpService = hSvc->ServiceEntry;
     if (lpService == NULL)
     {
-        DPRINT("lpService == NULL!\n"); 
+        DPRINT1("lpService == NULL!\n"); 
         return ERROR_INVALID_HANDLE;
     }
 
@@ -635,6 +667,49 @@ DWORD RControlService(
     }
     else
     {
+        dwControlsAccepted = lpService->Status.dwControlsAccepted;
+        dwCurrentState = lpService->Status.dwCurrentState;
+
+        /* Check the current state before sending a control request */
+        switch (dwCurrentState)
+        {
+            case SERVICE_STOP_PENDING:
+            case SERVICE_STOPPED:
+                return ERROR_SERVICE_CANNOT_ACCEPT_CTRL;
+
+            case SERVICE_START_PENDING:
+                switch (dwControl)
+                {
+                    case SERVICE_CONTROL_STOP:
+                        break;
+
+                    case SERVICE_CONTROL_INTERROGATE:
+                        RtlCopyMemory(lpServiceStatus,
+                                      &lpService->Status,
+                                      sizeof(SERVICE_STATUS));
+                        return ERROR_SUCCESS;
+
+                    default:
+                        return ERROR_SERVICE_CANNOT_ACCEPT_CTRL;
+                }
+                break;
+        }
+
+        /* Check if the control code is acceptable to the service */
+        switch (dwControl)
+        {
+            case SERVICE_CONTROL_STOP:
+                if ((dwControlsAccepted & SERVICE_ACCEPT_STOP) == 0)
+                    return ERROR_INVALID_SERVICE_CONTROL;
+                break;
+
+            case SERVICE_CONTROL_PAUSE:
+            case SERVICE_CONTROL_CONTINUE:
+                if ((dwControlsAccepted & SERVICE_ACCEPT_PAUSE_CONTINUE) == 0)
+                    return ERROR_INVALID_SERVICE_CONTROL;
+                break;
+        }
+
         /* Send control code to the service */
         dwError = ScmControlService(lpService,
                                     dwControl);
@@ -674,9 +749,12 @@ DWORD RDeleteService(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
+    {
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
+    }
 
     if (!RtlAreAllAccessesGranted(hSvc->Handle.DesiredAccess,
                                   DELETE))
@@ -689,12 +767,14 @@ DWORD RDeleteService(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Acquire service database lock exclusively */
+    /* Lock the service database exclusively */
+    ScmLockDatabaseExclusive();
 
     if (lpService->bDeleted)
     {
         DPRINT("The service has already been marked for delete!\n");
-        return ERROR_SERVICE_MARKED_FOR_DELETE;
+        dwError = ERROR_SERVICE_MARKED_FOR_DELETE;
+        goto Done;
     }
 
     /* Mark service for delete */
@@ -702,7 +782,9 @@ DWORD RDeleteService(
 
     dwError = ScmMarkServiceForDelete(lpService);
 
-    /* FIXME: Release service database lock */
+Done:;
+    /* Unlock the service database */
+    ScmUnlockDatabase();
 
     DPRINT("RDeleteService() done\n");
 
@@ -721,9 +803,12 @@ DWORD RLockServiceDatabase(
 
     *lpLock = 0;
 
-    hMgr = (PMANAGER_HANDLE)hSCManager;
-    if (!hMgr || hMgr->Handle.Tag != MANAGER_TAG)
+    hMgr = ScmGetServiceManagerFromHandle(hSCManager);
+    if (hMgr == NULL)
+    {
+        DPRINT1("Invalid service manager handle!\n");
         return ERROR_INVALID_HANDLE;
+    }
 
     if (!RtlAreAllAccessesGranted(hMgr->Handle.DesiredAccess,
                                   SC_MANAGER_LOCK))
@@ -758,15 +843,15 @@ DWORD RQueryServiceObjectSecurity(
 
     DPRINT("RQueryServiceObjectSecurity() called\n");
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
-    if (dwSecurityInformation & (DACL_SECURITY_INFORMATION ||
-                                 GROUP_SECURITY_INFORMATION ||
+    if (dwSecurityInformation & (DACL_SECURITY_INFORMATION |
+                                 GROUP_SECURITY_INFORMATION |
                                  OWNER_SECURITY_INFORMATION))
         DesiredAccess |= READ_CONTROL;
 
@@ -840,10 +925,10 @@ DWORD RSetServiceObjectSecurity(
 
     DPRINT("RSetServiceObjectSecurity() called\n");
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -957,10 +1042,10 @@ DWORD RQueryServiceStatus(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -978,6 +1063,7 @@ DWORD RQueryServiceStatus(
         return ERROR_INVALID_HANDLE;
     }
 
+    /* Lock the srevice database shared */
     ScmLockDatabaseShared();
 
     /* Return service status information */
@@ -985,6 +1071,7 @@ DWORD RQueryServiceStatus(
                   &lpService->Status,
                   sizeof(SERVICE_STATUS));
 
+    /* Unlock the service database */
     ScmUnlockDatabase();
 
     return ERROR_SUCCESS;
@@ -1063,12 +1150,14 @@ DWORD RSetServiceStatus(
         return ERROR_INVALID_DATA;
     }
 
+    /* Lock the service database exclusively */
     ScmLockDatabaseExclusive();
 
     RtlCopyMemory(&lpService->Status,
                   lpServiceStatus,
                   sizeof(SERVICE_STATUS));
 
+    /* Unlock the service database */
     ScmUnlockDatabase();
 
     DPRINT("Set %S to %lu\n", lpService->lpDisplayName, lpService->Status.dwCurrentState);
@@ -1143,10 +1232,10 @@ DWORD RChangeServiceConfigW(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -1164,13 +1253,14 @@ DWORD RChangeServiceConfigW(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Lock database exclusively */
+    /* Lock the service database exclusively */
+    ScmLockDatabaseExclusive();
 
     if (lpService->bDeleted)
     {
-        /* FIXME: Unlock database */
         DPRINT("The service has already been marked for delete!\n");
-        return ERROR_SERVICE_MARKED_FOR_DELETE;
+        dwError = ERROR_SERVICE_MARKED_FOR_DELETE;
+        goto done;
     }
 
     /* Open the service key */
@@ -1337,12 +1427,13 @@ DWORD RChangeServiceConfigW(
         /* FIXME: Write password */
     }
 
-    /* FIXME: Unlock database */
-
 done:
     if (hServiceKey != NULL)
         RegCloseKey(hServiceKey);
 
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     DPRINT("RChangeServiceConfigW() done (Error %lu)\n", dwError);
 
     return dwError;
@@ -1763,10 +1854,10 @@ DWORD RCreateServiceW(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hManager = (PMANAGER_HANDLE)hSCManager;
-    if (!hManager || hManager->Handle.Tag != MANAGER_TAG)
+    hManager = ScmGetServiceManagerFromHandle(hSCManager);
+    if (hManager == NULL)
     {
-        DPRINT("Invalid manager handle!\n");
+        DPRINT1("Invalid service manager handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -2073,7 +2164,6 @@ DWORD REnumDependentServicesW(
     DWORD dwServicesReturned = 0;
     DWORD dwServiceCount;
     HKEY hServicesKey = NULL;
-    LPSC_RPC_HANDLE hSCObject;
     PSERVICE_HANDLE hSvc;
     PSERVICE lpService = NULL;
     PSERVICE *lpServicesArray = NULL;
@@ -2085,8 +2175,13 @@ DWORD REnumDependentServicesW(
 
     DPRINT("REnumDependentServicesW() called\n");
 
-    hSCObject = &hService;
-    hSvc = (PSERVICE_HANDLE) *hSCObject;
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
+    {
+        DPRINT1("Invalid service handle!\n");
+        return ERROR_INVALID_HANDLE;
+    }
+
     lpService = hSvc->ServiceEntry;
 
     /* Check access rights */
@@ -2218,13 +2313,14 @@ DWORD REnumServicesStatusW(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hManager = (PMANAGER_HANDLE)hSCManager;
-    if (!hManager || hManager->Handle.Tag != MANAGER_TAG)
+    hManager = ScmGetServiceManagerFromHandle(hSCManager);
+    if (hManager == NULL)
     {
-        DPRINT("Invalid manager handle!\n");
+        DPRINT1("Invalid service manager handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
+
     *pcbBytesNeeded = 0;
     *lpServicesReturned = 0;
 
@@ -2252,7 +2348,8 @@ DWORD REnumServicesStatusW(
     if (lpResumeHandle)
         dwLastResumeCount = *lpResumeHandle;
 
-    /* FIXME: Lock the service list shared */
+    /* Lock the service database shared */
+    ScmLockDatabaseShared();
 
     lpService = ScmGetServiceEntryByResumeCount(dwLastResumeCount);
     if (lpService == NULL)
@@ -2390,7 +2487,8 @@ DWORD REnumServicesStatusW(
     }
 
 Done:;
-    /* FIXME: Unlock the service list */
+    /* Unlock the service database */
+    ScmUnlockDatabase();
 
     DPRINT("REnumServicesStatusW() done (Error %lu)\n", dwError);
 
@@ -2458,7 +2556,7 @@ DWORD ROpenServiceW(
     PSERVICE lpService;
     PMANAGER_HANDLE hManager;
     SC_HANDLE hHandle;
-    DWORD dwError;
+    DWORD dwError = ERROR_SUCCESS;
 
     DPRINT("ROpenServiceW() called\n");
     DPRINT("hSCManager = %p\n", hSCManager);
@@ -2469,10 +2567,10 @@ DWORD ROpenServiceW(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hManager = (PMANAGER_HANDLE)hSCManager;
-    if (!hManager || hManager->Handle.Tag != MANAGER_TAG)
+    hManager = ScmGetServiceManagerFromHandle(hSCManager);
+    if (hManager == NULL)
     {
-        DPRINT("Invalid manager handle!\n");
+        DPRINT1("Invalid service manager handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -2482,14 +2580,16 @@ DWORD ROpenServiceW(
     if (!lpServiceName)
         return ERROR_INVALID_ADDRESS;
 
-    /* FIXME: Lock the service list */
+    /* Lock the service database exclusive */
+    ScmLockDatabaseExclusive();
 
     /* Get service database entry */
     lpService = ScmGetServiceEntryByName(lpServiceName);
     if (lpService == NULL)
     {
         DPRINT("Could not find a service!\n");
-        return ERROR_SERVICE_DOES_NOT_EXIST;
+        dwError = ERROR_SERVICE_DOES_NOT_EXIST;
+        goto Done;
     }
 
     /* Create a service handle */
@@ -2498,7 +2598,7 @@ DWORD ROpenServiceW(
     if (dwError != ERROR_SUCCESS)
     {
         DPRINT("ScmCreateServiceHandle() failed (Error %lu)\n", dwError);
-        return dwError;
+        goto Done;
     }
 
     /* Check the desired access */
@@ -2508,7 +2608,7 @@ DWORD ROpenServiceW(
     {
         DPRINT("ScmCheckAccess() failed (Error %lu)\n", dwError);
         HeapFree(GetProcessHeap(), 0, hHandle);
-        return dwError;
+        goto Done;
     }
 
     lpService->dwRefCount++;
@@ -2517,9 +2617,13 @@ DWORD ROpenServiceW(
     *lpServiceHandle = (SC_RPC_HANDLE)hHandle;
     DPRINT("*hService = %p\n", *lpServiceHandle);
 
+Done:;
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     DPRINT("ROpenServiceW() done\n");
 
-    return ERROR_SUCCESS;
+    return dwError;
 }
 
 
@@ -2549,10 +2653,10 @@ DWORD RQueryServiceConfigW(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -2570,7 +2674,8 @@ DWORD RQueryServiceConfigW(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Lock the service database shared */
+    /* Lock the service database shared */
+    ScmLockDatabaseShared();
 
     dwError = ScmOpenServiceKey(lpService->lpServiceName,
                                 KEY_READ,
@@ -2710,6 +2815,9 @@ DWORD RQueryServiceConfigW(
         *pcbBytesNeeded = dwRequiredSize;
 
 Done:;
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     if (lpImagePath != NULL)
         HeapFree(GetProcessHeap(), 0, lpImagePath);
 
@@ -2722,8 +2830,6 @@ Done:;
     if (hServiceKey != NULL)
         RegCloseKey(hServiceKey);
 
-    /* FIXME: Unlock the service database */
-
     DPRINT("RQueryServiceConfigW() done\n");
 
     return dwError;
@@ -2757,10 +2863,10 @@ DWORD RStartServiceW(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -2983,10 +3089,10 @@ DWORD RChangeServiceConfigA(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -3004,13 +3110,14 @@ DWORD RChangeServiceConfigA(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Lock database exclusively */
+    /* Lock the service database exclusively */
+    ScmLockDatabaseExclusive();
 
     if (lpService->bDeleted)
     {
-        /* FIXME: Unlock database */
         DPRINT("The service has already been marked for delete!\n");
-        return ERROR_SERVICE_MARKED_FOR_DELETE;
+        dwError = ERROR_SERVICE_MARKED_FOR_DELETE;
+        goto done;
     }
 
     /* Open the service key */
@@ -3225,9 +3332,10 @@ DWORD RChangeServiceConfigA(
         /* FIXME: Write password */
     }
 
-    /* FIXME: Unlock database */
-
 done:
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     if (hServiceKey != NULL)
         RegCloseKey(hServiceKey);
 
@@ -3401,7 +3509,6 @@ DWORD REnumDependentServicesA(
     DWORD dwServicesReturned = 0;
     DWORD dwServiceCount;
     HKEY hServicesKey = NULL;
-    LPSC_RPC_HANDLE hSCObject;
     PSERVICE_HANDLE hSvc;
     PSERVICE lpService = NULL;
     PSERVICE *lpServicesArray = NULL;
@@ -3413,8 +3520,13 @@ DWORD REnumDependentServicesA(
 
     DPRINT("REnumDependentServicesA() called\n");
 
-    hSCObject = &hService;
-    hSvc = (PSERVICE_HANDLE) *hSCObject;
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
+    {
+        DPRINT1("Invalid service handle!\n");
+        return ERROR_INVALID_HANDLE;
+    }
+
     lpService = hSvc->ServiceEntry;
 
     /* Check access rights */
@@ -3723,10 +3835,10 @@ DWORD RQueryServiceConfigA(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -3744,7 +3856,8 @@ DWORD RQueryServiceConfigA(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Lock the service database shared */
+    /* Lock the service database shared */
+    ScmLockDatabaseShared();
 
     dwError = ScmOpenServiceKey(lpService->lpServiceName,
                                 KEY_READ,
@@ -3917,6 +4030,9 @@ DWORD RQueryServiceConfigA(
         *pcbBytesNeeded = dwRequiredSize;
 
 Done:;
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     if (lpImagePath != NULL)
         HeapFree(GetProcessHeap(), 0, lpImagePath);
 
@@ -3929,8 +4045,6 @@ Done:;
     if (hServiceKey != NULL)
         RegCloseKey(hServiceKey);
 
-    /* FIXME: Unlock the service database */
-
     DPRINT("RQueryServiceConfigA() done\n");
 
     return dwError;
@@ -3964,10 +4078,10 @@ DWORD RStartServiceA(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -4345,10 +4459,10 @@ DWORD RChangeServiceConfig2W(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -4366,13 +4480,14 @@ DWORD RChangeServiceConfig2W(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Lock database exclusively */
+    /* Lock the service database exclusively */
+    ScmLockDatabaseExclusive();
 
     if (lpService->bDeleted)
     {
-        /* FIXME: Unlock database */
         DPRINT("The service has already been marked for delete!\n");
-        return ERROR_SERVICE_MARKED_FOR_DELETE;
+        dwError = ERROR_SERVICE_MARKED_FOR_DELETE;
+        goto done;
     }
 
     /* Open the service key */
@@ -4412,7 +4527,9 @@ DWORD RChangeServiceConfig2W(
     }
 
 done:
-    /* FIXME: Unlock database */
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     if (hServiceKey != NULL)
         RegCloseKey(hServiceKey);
 
@@ -4446,10 +4563,10 @@ DWORD RQueryServiceConfig2A(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -4467,7 +4584,8 @@ DWORD RQueryServiceConfig2A(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Lock the service database shared */
+    /* Lock the service database shared */
+    ScmLockDatabaseShared();
 
     dwError = ScmOpenServiceKey(lpService->lpServiceName,
                                 KEY_READ,
@@ -4480,42 +4598,40 @@ DWORD RQueryServiceConfig2A(
         LPSERVICE_DESCRIPTIONA lpServiceDescription = (LPSERVICE_DESCRIPTIONA)lpBuffer;
         LPSTR lpStr;
 
-        *pcbBytesNeeded = sizeof(SERVICE_DESCRIPTIONA);
-
         dwError = ScmReadString(hServiceKey,
                                 L"Description",
                                 &lpDescriptionW);
+        if (dwError != ERROR_SUCCESS && dwError != ERROR_FILE_NOT_FOUND)
+            goto done;
+
+        *pcbBytesNeeded = sizeof(SERVICE_DESCRIPTIONA);
         if (dwError == ERROR_SUCCESS)
-        {
             *pcbBytesNeeded += ((wcslen(lpDescriptionW) + 1) * sizeof(WCHAR));
-        }
 
-        if (cbBufSize >= *pcbBytesNeeded)
+        if (cbBufSize < *pcbBytesNeeded)
         {
+            dwError = ERROR_INSUFFICIENT_BUFFER;
+            goto done;
+        }
 
-            if (dwError == ERROR_SUCCESS)
-            {
-                lpStr = (LPSTR)(lpServiceDescription + 1);
+        if (dwError == ERROR_SUCCESS)
+        {
+            lpStr = (LPSTR)(lpServiceDescription + 1);
 
-                WideCharToMultiByte(CP_ACP,
-                                    0,
-                                    lpDescriptionW,
-                                    -1,
-                                    lpStr,
-                                    wcslen(lpDescriptionW),
-                                    NULL,
-                                    NULL);
-                lpServiceDescription->lpDescription = (LPSTR)((ULONG_PTR)lpStr - (ULONG_PTR)lpServiceDescription);
-            }
-            else
-            {
-                lpServiceDescription->lpDescription = NULL;
-                goto done;
-            }
+            WideCharToMultiByte(CP_ACP,
+                                0,
+                                lpDescriptionW,
+                                -1,
+                                lpStr,
+                                wcslen(lpDescriptionW),
+                                NULL,
+                                NULL);
+            lpServiceDescription->lpDescription = (LPSTR)((ULONG_PTR)lpStr - (ULONG_PTR)lpServiceDescription);
         }
         else
         {
-            dwError = ERROR_INSUFFICIENT_BUFFER;
+            lpServiceDescription->lpDescription = NULL;
+            dwError = ERROR_SUCCESS;
             goto done;
         }
     }
@@ -4527,14 +4643,15 @@ DWORD RQueryServiceConfig2A(
     }
 
 done:
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     if (lpDescription != NULL)
         HeapFree(GetProcessHeap(), 0, lpDescription);
 
     if (hServiceKey != NULL)
         RegCloseKey(hServiceKey);
 
-    /* FIXME: Unlock database */
-
     DPRINT("RQueryServiceConfig2W() done (Error %lu)\n", dwError);
 
     return dwError;
@@ -4566,10 +4683,10 @@ DWORD RQueryServiceConfig2W(
     if (ScmShutdown)
         return ERROR_SHUTDOWN_IN_PROGRESS;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -4587,7 +4704,8 @@ DWORD RQueryServiceConfig2W(
         return ERROR_INVALID_HANDLE;
     }
 
-    /* FIXME: Lock the service database shared */
+    /* Lock the service database shared */
+    ScmLockDatabaseShared();
 
     dwError = ScmOpenServiceKey(lpService->lpServiceName,
                                 KEY_READ,
@@ -4603,21 +4721,30 @@ DWORD RQueryServiceConfig2W(
         dwError = ScmReadString(hServiceKey,
                                 L"Description",
                                 &lpDescription);
-        if (dwError != ERROR_SUCCESS)
+        if (dwError != ERROR_SUCCESS && dwError != ERROR_FILE_NOT_FOUND)
             goto done;
 
-        dwRequiredSize = sizeof(SERVICE_DESCRIPTIONW) + ((wcslen(lpDescription) + 1) * sizeof(WCHAR));
+        *pcbBytesNeeded = sizeof(SERVICE_DESCRIPTIONW);
+        if (dwError == ERROR_SUCCESS)
+            *pcbBytesNeeded += ((wcslen(lpDescription) + 1) * sizeof(WCHAR));
 
-        if (cbBufSize < dwRequiredSize)
+        if (cbBufSize < *pcbBytesNeeded)
         {
-            *pcbBytesNeeded = dwRequiredSize;
             dwError = ERROR_INSUFFICIENT_BUFFER;
             goto done;
         }
 
-        lpStr = (LPWSTR)(lpServiceDescription + 1);
-        wcscpy(lpStr, lpDescription);
-        lpServiceDescription->lpDescription = (LPWSTR)((ULONG_PTR)lpStr - (ULONG_PTR)lpServiceDescription);
+        if (dwError == ERROR_SUCCESS)
+        {
+            lpStr = (LPWSTR)(lpServiceDescription + 1);
+            wcscpy(lpStr, lpDescription);
+            lpServiceDescription->lpDescription = (LPWSTR)((ULONG_PTR)lpStr - (ULONG_PTR)lpServiceDescription);
+        }
+        else
+        {
+            lpServiceDescription->lpDescription = NULL;
+            dwError = ERROR_SUCCESS;
+        }
     }
     else if (dwInfoLevel == SERVICE_CONFIG_FAILURE_ACTIONS)
     {
@@ -4674,6 +4801,9 @@ DWORD RQueryServiceConfig2W(
     }
 
 done:
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     if (lpDescription != NULL)
         HeapFree(GetProcessHeap(), 0, lpDescription);
 
@@ -4686,8 +4816,6 @@ done:
     if (hServiceKey != NULL)
         RegCloseKey(hServiceKey);
 
-    /* FIXME: Unlock database */
-
     DPRINT("RQueryServiceConfig2W() done (Error %lu)\n", dwError);
 
     return dwError;
@@ -4719,10 +4847,10 @@ DWORD RQueryServiceStatusEx(
     if (cbBufSize < sizeof(SERVICE_STATUS_PROCESS))
         return ERROR_INSUFFICIENT_BUFFER;
 
-    hSvc = (PSERVICE_HANDLE)hService;
-    if (!hSvc || hSvc->Handle.Tag != SERVICE_TAG)
+    hSvc = ScmGetServiceFromHandle(hService);
+    if (hSvc == NULL)
     {
-        DPRINT("Invalid handle tag!\n");
+        DPRINT1("Invalid service handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -4740,6 +4868,9 @@ DWORD RQueryServiceStatusEx(
         return ERROR_INVALID_HANDLE;
     }
 
+    /* Lock the service database shared */
+    ScmLockDatabaseShared();
+
     lpStatus = (LPSERVICE_STATUS_PROCESS)lpBuffer;
 
     /* Return service status information */
@@ -4750,6 +4881,9 @@ DWORD RQueryServiceStatusEx(
     lpStatus->dwProcessId = lpService->ProcessId;      /* FIXME */
     lpStatus->dwServiceFlags = 0;                      /* FIXME */
 
+    /* Unlock the service database */
+    ScmUnlockDatabase();
+
     return ERROR_SUCCESS;
 }
 
@@ -4912,10 +5046,10 @@ DWORD REnumServicesStatusExW(
     if (InfoLevel != SC_ENUM_PROCESS_INFO)
         return ERROR_INVALID_LEVEL;
 
-    hManager = (PMANAGER_HANDLE)hSCManager;
-    if (!hManager || hManager->Handle.Tag != MANAGER_TAG)
+    hManager = ScmGetServiceManagerFromHandle(hSCManager);
+    if (hManager == NULL)
     {
-        DPRINT("Invalid manager handle!\n");
+        DPRINT1("Invalid service manager handle!\n");
         return ERROR_INVALID_HANDLE;
     }
 
@@ -4943,9 +5077,10 @@ DWORD REnumServicesStatusExW(
         return ERROR_ACCESS_DENIED;
     }
 
-    if (lpResumeIndex) dwLastResumeCount = *lpResumeIndex;
+    if (lpResumeIndex)
+        dwLastResumeCount = *lpResumeIndex;
 
-    /* Lock the service list shared */
+    /* FIXME: Lock the service list shared */
 
     lpService = ScmGetServiceEntryByResumeCount(dwLastResumeCount);
     if (lpService == NULL)
@@ -5147,7 +5282,7 @@ DWORD REnumServicesStatusExW(
     }
 
 Done:;
-    /* Unlock the service list */
+    /* FIXME: Unlock the service list */
 
     DPRINT("REnumServicesStatusExW() done (Error %lu)\n", dwError);