archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/com/mobile/sens/conn/senslogn/senslogn.cxx

1251 lines
29 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (C) Microsoft Corporation, 1997 - 1999
  5. Module Name:
  7. senslogn.cxx
  9. Abstract:
  11. This file contains the implementation of a Stub DLL to notify SENS of
  12. events generated by Winlogon.
  14. Author:
  16. Gopal Parupudi <GopalP>
  18. Notes:
  20. a. This DLL notifies the following components:
  21. o EventSystem (contact DMcCrady)
  22. o IR service (contact JRoberts)
  23. o SENS service (contact GopalP)
  25. b. This DLL also maintains tokens of the currently logged on user. This
  26. is used by COM for activation.
  28. Revision History:
  30. GopalP 12/7/1997 Start.
  32. --*/
  36. #include <common.hxx>
  37. #include <stdio.h>
  38. #include <windows.h>
  39. #include <malloc.h>
  40. #include <winwlx.h>
  41. #include <sensapip.h>
  42. #include <rpc.h>
  43. #include "mutex.hxx"
  44. #include "usertok.h"
  45. #include "senslogn.hxx"
  46. #include "onestop.cxx"
  49. //
  50. // Constants
  51. //
  52. #define NOTIFY_LCE_STARTSHELL 0x00000003
  53. #define NOTIFY_LCE_LOGOFF 0x00000004
  55. #define SENS_START_WAIT_TIMEOUT 180*1000 // 3 minutes
  56. #define NOTIFY_LCE_LOGONUSER "NotifyLogonUser"
  57. #define NOTIFY_LCE_LOGOFFUSER "NotifyLogoffUser"
  58. #define SENS_SERVICE SENS_STRING("SENS")
  59. #define EVENTSYSTEM_DLL SENS_STRING("ES.DLL")
  61. //
  62. // Globals
  63. //
  65. HANDLE ghSensStartedEvent;
  66. BOOL gbIsTokenCodeInitialized;
  68. // For GetCurrentUserToken
  69. USER_LOGON_TABLE * ActiveUserList;
  71. //
  72. // Some useful Macros
  73. //
  75. #ifdef DETAIL_DEBUG
  78. #define DUMP_INFO(_EventType_) \
  79. \
  80. PWLX_NOTIFICATION_INFO pInfo = (PWLX_NOTIFICATION_INFO) lpvParam; \
  81. \
  82. LogMessage(("------------------------------------------------------\n")); \
  83. LogMessage((SENSLOGN " Received a %s Event.\n", _EventType_)); \
  84. LogMessage((" Size - %d\n", pInfo->Size)); \
  85. LogMessage((" Flags - 0x%x\n", pInfo->Flags)); \
  86. LogMessage((" UserName - %ws\n", pInfo->UserName)); \
  87. LogMessage((" Domain - %ws\n", pInfo->Domain)); \
  88. LogMessage((" WinStation - %ws\n", pInfo->WindowStation)); \
  89. LogMessage((" hToken - 0x%x\n", pInfo->hToken)); \
  90. LogMessage((" hDesktop - 0x%x\n", pInfo->hDesktop)); \
  91. LogMessage((" pCallback - 0x%x\n", pInfo->pStatusCallback)); \
  92. LogMessage((" dwSessionId - 0x%x\n", NtCurrentPeb()->SessionId)); \
  93. LogMessage(("------------------------------------------------------\n"));
  95. #else // ! DETAIL_DEBUG
  97. #define DUMP_INFO(_EventType_)
  99. #endif // DETAIL_DEBUG
  103. #define FIRE_EVENT(_EventType_) \
  104. { \
  105. \
  106. SENS_NOTIFY_WINLOGON Data; \
  107. \
  108. Data.eType = _EventType_; \
  109. Data.Info.Size = sizeof(SENS_NOTIFY_WINLOGON); \
  110. Data.Info.Flags = ((PWLX_NOTIFICATION_INFO)lpvParam)->Flags; \
  111. Data.Info.UserName = ((PWLX_NOTIFICATION_INFO)lpvParam)->UserName; \
  112. Data.Info.Domain = ((PWLX_NOTIFICATION_INFO)lpvParam)->Domain; \
  113. Data.Info.WindowStation = ((PWLX_NOTIFICATION_INFO)lpvParam)->WindowStation; \
  114. Data.Info.hToken = HandleToUlong(((PWLX_NOTIFICATION_INFO)lpvParam)->hToken); \
  115. Data.Info.hDesktop = HandleToUlong(((PWLX_NOTIFICATION_INFO)lpvParam)->hDesktop); \
  116. Data.Info.dwSessionId = NtCurrentPeb()->SessionId; \
  117. \
  118. status = SensNotifyWinlogonEvent(&Data); \
  119. \
  120. if (status) {SensPrintToDebugger(SENS_DBG, (SENSLOGN "SensNotifyWinlogonEvent(0x%x) returned %d\n", _EventType_, status));} \
  121. }
  124. /*****************************************************************************
  125. *
  126. * IsRemoteSession
  127. *
  128. * On a Terminal Server: returns TRUE if current Session is the not the physical
  129. * console , FALSE if it is the console session (SessionId == 0)
  130. *
  131. * ENTRY:
  132. * nothing
  133. *
  134. * EXIT:
  135. * nothing
  136. *
  137. ****************************************************************************/
  139. BOOL
  140. IsRemoteSession(VOID)
  141. {
  142. DWORD dwSessionId;
  144. if (ProcessIdToSessionId(GetCurrentProcessId(), &dwSessionId))
  145. {
  146. return (dwSessionId != 0);
  147. }
  149. return FALSE;
  150. }
  155. DWORD WINAPI
  156. SensLogonEvent(
  157. LPVOID lpvParam
  158. )
  159. /*++
  161. Routine Description:
  163. Hook to trap the Logon Event. In addition, we do the following:
  165. a. Populate our token table with the current token.
  166. b. Initialize The token RPC interface, if necessary.
  168. Arguments:
  170. lpvParam - Winlogon notification info.
  172. Return Value:
  174. RPC status from SensNotifyWinlogonEvent()
  176. --*/
  177. {
  178. DWORD status;
  179. PWLX_NOTIFICATION_INFO pTempInfo = (PWLX_NOTIFICATION_INFO) lpvParam;
  181. DUMP_INFO("Logon");
  183. ActiveUserList->Add( pTempInfo );
  185. FIRE_EVENT(SENS_NOTIFY_WINLOGON_LOGON);
  187. return status;
  188. }
  193. DWORD WINAPI
  194. SensLogoffEvent(
  195. LPVOID lpvParam
  196. )
  197. /*++
  199. Routine Description:
  201. Hook to trap the Logoff Event. We notify various components
  202. (like OneStop, EventSystem, SENS) of the Logoff event.
  204. Arguments:
  206. lpvParam - Winlogon notification info.
  208. Notes:
  210. a. The system logoff will block till this call returns. Be very
  211. careful in adding code here.
  213. Return Value:
  215. RPC status from SensNotifyWinlogonEvent()
  217. --*/
  218. {
  219. DWORD status;
  220. DWORD dwError;
  221. HRESULT hr;
  222. PWLX_NOTIFICATION_INFO pTempInfo;
  224. hr = S_OK;
  225. dwError = 0x0;
  226. pTempInfo = (PWLX_NOTIFICATION_INFO) lpvParam;
  228. LogMessage((SENSLOGN "[%d] Entered Logoff.\n", GetTickCount()));
  230. DUMP_INFO("Logoff");
  232. // Try to fire SENS Event
  233. LogMessage((SENSLOGN "[%d] Notifying SENS...\n", GetTickCount()));
  234. FIRE_EVENT(SENS_NOTIFY_WINLOGON_LOGOFF);
  235. LogMessage((SENSLOGN "[%d] SensNotifyWinlogonEvent(LOGOFF) succeeded.\n", GetTickCount()));
  237. // Start OneStop if necessary, except on Restart.
  238. if ( ((pTempInfo->Flags & EWX_REBOOT) == 0)
  239. && (IsAutoSyncEnabled(pTempInfo->hToken, AUTOSYNC_ON_LOGOFF)))
  240. {
  241. //
  242. // NOTE: If SENS ever becomes demandstarted on NT5, there are a couple
  243. // of things that can be done:
  244. // o Call StartSensIfNecessary() here. (OR)
  245. // o Make Sens APIs call StartSensIfNecessary().
  246. //
  247. LogMessage((SENSLOGN "[%d] Notifying OneStop...\n", GetTickCount()));
  248. hr = SensNotifyOneStop(pTempInfo->hToken, SYNC_MANAGER_LOGOFF, TRUE);
  249. LogMessage((SENSLOGN "[%d] SensNotifyOneStop() returned 0x%x\n", GetTickCount(), hr));
  250. }
  252. // Notify EventSystem
  253. LogMessage((SENSLOGN "[%d] Notifying EventSystem...\n", GetTickCount()));
  254. hr = SensNotifyEventSystem(NOTIFY_LCE_LOGOFF, lpvParam);
  255. LogMessage((SENSLOGN "[%d] SensNotifyEventSystem() returned 0x%x\n", GetTickCount(), hr));
  257. //
  258. // Remove token handle from the list at the end so that COM activation
  259. // works till SENS gets done with event firings.
  260. //
  261. ActiveUserList->Remove( pTempInfo );
  262. LogMessage((SENSLOGN "Removed current user's token!\n"));
  264. return status;
  265. }
  270. DWORD WINAPI
  271. SensStartupEvent(
  272. LPVOID lpvParam
  273. )
  274. /*++
  276. Routine Description:
  278. Hook to trap the Startup Event. Do some token management related
  279. initialization.
  281. Arguments:
  283. lpvParam - Winlogon notification info.
  285. Notes:
  287. a. This occurs very early in the bootup sequence. At this time,
  288. SENS service hasn't yet started up.
  290. Return Value:
  292. RPC status from SensNotifyWinlogonEvent()
  294. --*/
  295. {
  296. DWORD status;
  297. DWORD dwLastError;
  299. status = 0x0;
  300. gbIsTokenCodeInitialized = FALSE;
  302. //
  303. // Create the table of logged-in users.
  304. //
  305. ActiveUserList = new USER_LOGON_TABLE( &status );
  306. if (!ActiveUserList || status)
  307. {
  308. delete ActiveUserList;
  309. return ERROR_NOT_ENOUGH_MEMORY;
  310. }
  312. InitializeNotifyInterface();
  314. //
  315. // We are ready to use Token Code.
  316. //
  317. gbIsTokenCodeInitialized = TRUE;
  318. LogMessage((SENSLOGN "**** Token code initialized successfully ****\n"));
  320. //
  321. // Create an Event to indicate the starting of SENS.
  322. //
  323. ghSensStartedEvent = CreateEvent(
  324. NULL, // Specific Security Attributes
  325. TRUE, // Event is ManualReset
  326. FALSE, // Initial state is not Signalled
  327. SENS_STARTED_EVENT
  328. );
  329. if (ghSensStartedEvent == NULL)
  330. {
  331. dwLastError = GetLastError();
  332. LogMessage((SENSLOGN "SensStartupEvent() - CreateEvent() failed - %x.\n",
  333. dwLastError));
  334. }
  335. else
  336. {
  337. LogMessage((SENSLOGN "SensStartedEvent created successfully\n"));
  338. }
  340. DUMP_INFO("Startup");
  342. return status;
  343. }
  348. BOOLEAN
  349. InitializeNotifyInterface(
  350. void
  351. )
  352. /*++
  354. Routine Description:
  356. Initialize RPC interface for accepting calls to GetCurrentUserToken() API.
  358. Arguments:
  360. None.
  362. Return Value:
  364. TRUE, if successful
  366. FALSE, otherwise.
  368. --*/
  369. {
  370. RPC_STATUS status;
  372. if (!IsRemoteSession())
  373. {
  374. status = RpcServerRegisterIfEx(
  375. _GetUserToken_ServerIfHandle,
  376. NULL,
  377. NULL,
  378. 0,
  379. RPC_C_LISTEN_MAX_CALLS_DEFAULT,
  380. AllowLocalSystem
  381. );
  383. if (RPC_S_OK != status)
  384. {
  385. return FALSE;
  386. }
  387. }
  389. return TRUE;
  390. }
  395. DWORD WINAPI
  396. SensStartShellEvent(
  397. LPVOID lpvParam
  398. )
  399. /*++
  401. Routine Description:
  403. Hook to trap the StartShell Event. We treat this as Logon and notify
  404. various components (OneStop, SENS, EventSystem) of Logon.
  406. Arguments:
  408. lpvParam - Winlogon notification info.
  410. Notes:
  412. a. When this function is called by Winlogon, the shell has begun starting.
  413. There is no guarantee that shell has started completely and is up and
  414. running.
  416. b. We create a thread to do bulk of the work and allow the function
  417. to return.
  419. Return Value:
  421. RPC status from SensNotifyWinlogonEvent()
  423. --*/
  424. {
  425. BOOL bRetVal;
  426. DWORD status;
  427. DWORD dwLastError;
  428. PWLX_NOTIFICATION_INFO pTempInfo;
  429. PWLX_NOTIFICATION_INFO pDuplicateInfo;
  431. dwLastError = 0;
  432. bRetVal = TRUE;
  434. DUMP_INFO("StartShell");
  436. // Duplicate the parts of the notification info so we can process this
  437. // event on another thread.
  438. pTempInfo = (PWLX_NOTIFICATION_INFO) lpvParam;
  440. SIZE_T sizeUserName = wcslen(pTempInfo->UserName) + 1;
  441. SIZE_T sizeDomain = wcslen(pTempInfo->Domain) + 1;
  442. SIZE_T sizeWinsta = wcslen(pTempInfo->WindowStation) + 1;
  444. //
  445. // Allocate space for the notification block
  446. //
  447. pDuplicateInfo = new WLX_NOTIFICATION_INFO;
  448. if (pDuplicateInfo == NULL)
  449. {
  450. dwLastError = GetLastError();
  451. LogMessage((SENSLOGN "SensStartShellEvent(): new() failed - %x.\n", dwLastError));
  452. return dwLastError;
  453. }
  455. //
  456. // Copy simple types, safely initialize everything in case of failure.
  457. //
  458. pDuplicateInfo->Size = sizeof(WLX_NOTIFICATION_INFO);
  459. pDuplicateInfo->Flags = pTempInfo->Flags;
  460. pDuplicateInfo->hToken = NULL; // duplicated below, closed on error
  461. pDuplicateInfo->hDesktop = NULL; // not duplicated, unused
  462. pDuplicateInfo->pStatusCallback = NULL;
  464. // Allocate space for the string parameters.
  465. pDuplicateInfo->UserName = (PWSTR) new WCHAR[sizeUserName];
  466. pDuplicateInfo->Domain = (PWSTR) new WCHAR[sizeDomain];
  467. pDuplicateInfo->WindowStation = (PWSTR) new WCHAR[sizeWinsta];
  469. if ( (pDuplicateInfo->UserName == NULL)
  470. || (pDuplicateInfo->Domain == NULL)
  471. || (pDuplicateInfo->WindowStation == NULL))
  472. {
  473. dwLastError = GetLastError();
  474. LogMessage((SENSLOGN "SensStartShellEvent(): new() of strings failed - %x.\n", dwLastError));
  475. goto Cleanup;
  476. }
  478. //
  479. // Deep copy the parameters
  480. //
  481. StringCchCopy(pDuplicateInfo->UserName, sizeUserName, pTempInfo->UserName);
  482. StringCchCopy(pDuplicateInfo->Domain, sizeDomain, pTempInfo->Domain);
  483. StringCchCopy(pDuplicateInfo->WindowStation, sizeWinsta, pTempInfo->WindowStation);
  485. if ( !DuplicateHandle(GetCurrentProcess(),
  486. pTempInfo->hToken,
  487. GetCurrentProcess(),
  488. &pDuplicateInfo->hToken,
  489. 0, // ignored, same access flag set
  490. FALSE,
  491. DUPLICATE_SAME_ACCESS))
  492. {
  493. dwLastError = GetLastError();
  494. LogMessage((SENSLOGN "SensStartShellEvent(): failed to duplicate users token - %x\n", dwLastError));
  495. goto Cleanup;
  496. }
  498. //
  499. // Create a thread to wait on the StartShell event
  500. //
  501. bRetVal = SensQueueUserWorkItem(
  502. (LPTHREAD_START_ROUTINE) SensWaitToStartRoutine,
  503. pDuplicateInfo, // Winlogon event info
  504. SENS_LONG_ITEM // Flags
  505. );
  506. if (FALSE == bRetVal)
  507. {
  508. dwLastError = GetLastError();
  509. LogMessage((SENSLOGN "SensStartShellEvent(): SensQueueUserWorkItem() failed with %x.\n",
  510. dwLastError));
  511. }
  513. // Success - SensWaitToStartRoutine now owns pDuplicateInfo
  515. return 0;
  517. Cleanup:
  518. // All branches here occur after the parameter block is copied and initalized
  519. ASSERT(pDuplicateInfo);
  521. if (pDuplicateInfo->hToken)
  522. {
  523. CloseHandle(pDuplicateInfo->hToken);
  524. }
  525. delete pDuplicateInfo->UserName;
  526. delete pDuplicateInfo->Domain;
  527. delete pDuplicateInfo->WindowStation;
  528. delete pDuplicateInfo;
  530. return dwLastError;
  531. }
  536. DWORD WINAPI
  537. SensPostShellEvent(
  538. LPVOID lpvParam
  539. )
  540. /*++
  542. Routine Description:
  544. Hook to trap the Post Shell Event.
  546. Arguments:
  548. lpvParam - Winlogon notification info.
  550. Return Value:
  552. RPC status from SensNotifyWinlogonEvent()
  554. --*/
  555. {
  556. DWORD status;
  558. DUMP_INFO("Post Shell");
  560. FIRE_EVENT(SENS_NOTIFY_WINLOGON_POSTSHELL);
  562. return status;
  563. }
  568. DWORD WINAPI
  569. SensDisconnectEvent(
  570. LPVOID lpvParam
  571. )
  572. /*++
  574. Routine Description:
  576. Hook to trap the Session Disconnect Event.
  578. Arguments:
  580. lpvParam - Winlogon notification info.
  582. Return Value:
  584. RPC status from SensNotifyWinlogonEvent()
  586. --*/
  587. {
  588. DWORD status;
  590. DUMP_INFO("Session Disconnect");
  592. FIRE_EVENT(SENS_NOTIFY_WINLOGON_SESSION_DISCONNECT);
  594. return status;
  595. }
  600. DWORD WINAPI
  601. SensReconnectEvent(
  602. LPVOID lpvParam
  603. )
  604. /*++
  606. Routine Description:
  608. Hook to trap the Session Reconnect Event.
  610. Arguments:
  612. lpvParam - Winlogon notification info.
  614. Return Value:
  616. RPC status from SensNotifyWinlogonEvent()
  618. --*/
  619. {
  620. DWORD status;
  622. DUMP_INFO("Session Reconnect");
  624. FIRE_EVENT(SENS_NOTIFY_WINLOGON_SESSION_RECONNECT);
  626. return status;
  627. }
  632. DWORD WINAPI
  633. SensShutdownEvent(
  634. LPVOID lpvParam
  635. )
  636. /*++
  638. Routine Description:
  640. Hook to trap the Shutdown Event. Do some cleanup.
  642. Arguments:
  644. lpvParam - Winlogon notification info.
  646. Notes:
  648. a. It is guaranteed that COM activation will not work when this event
  649. is received.
  651. Return Value:
  653. RPC status from SensNotifyWinlogonEvent()
  655. --*/
  656. {
  657. DWORD status;
  659. status = ERROR_SUCCESS;
  661. DUMP_INFO("Shutdown");
  663. return status;
  664. }
  669. DWORD WINAPI
  670. SensLockEvent(
  671. LPVOID lpvParam
  672. )
  673. /*++
  675. Routine Description:
  677. Hook to trap the Display Lock Event.
  679. Arguments:
  681. lpvParam - Winlogon notification info.
  683. Return Value:
  685. RPC status from SensNotifyWinlogonEvent()
  687. --*/
  688. {
  689. DWORD status;
  691. DUMP_INFO("Display Lock");
  693. FIRE_EVENT(SENS_NOTIFY_WINLOGON_LOCK);
  695. return status;
  696. }
  701. DWORD WINAPI
  702. SensUnlockEvent(
  703. LPVOID lpvParam
  704. )
  705. /*++
  707. Routine Description:
  709. Hook to trap the Display unlock Event.
  711. Arguments:
  713. lpvParam - Winlogon notification info.
  715. Return Value:
  717. RPC status from SensNotifyWinlogonEvent()
  719. --*/
  720. {
  721. DWORD status;
  723. DUMP_INFO("Display Unlock");
  725. FIRE_EVENT(SENS_NOTIFY_WINLOGON_UNLOCK);
  727. return status;
  728. }
  733. DWORD WINAPI
  734. SensStartScreenSaverEvent(
  735. LPVOID lpvParam
  736. )
  737. /*++
  739. Routine Description:
  741. Hook to trap the ScreenSaver Start Event.
  743. Arguments:
  745. lpvParam - Winlogon notification info.
  747. Return Value:
  749. RPC status from SensNotifyWinlogonEvent()
  751. --*/
  752. {
  753. DWORD status;
  755. DUMP_INFO("StartScreenSaver");
  757. FIRE_EVENT(SENS_NOTIFY_WINLOGON_STARTSCREENSAVER);
  759. return status;
  760. }
  766. DWORD WINAPI
  767. SensStopScreenSaverEvent(
  768. LPVOID lpvParam
  769. )
  770. /*++
  772. Routine Description:
  774. Hook to trap the Screen Saver Stop Event.
  776. Arguments:
  778. lpvParam - Winlogon notification info.
  780. Return Value:
  782. RPC status from SensNotifyWinlogonEvent()
  784. --*/
  785. {
  786. DWORD status;
  788. DUMP_INFO("StopScreenSaver");
  790. FIRE_EVENT(SENS_NOTIFY_WINLOGON_STOPSCREENSAVER);
  792. return status;
  793. }
  798. DWORD WINAPI
  799. SensWaitToStartRoutine(
  800. LPVOID lpvParam
  801. )
  802. /*++
  804. Routine Description:
  806. This routine implements the work item that is queued when the StartShell
  807. event is received.
  809. Arguments:
  811. lpvParam - Winlogon notification info.
  813. Return Value:
  815. ERROR_SUCCESS, always
  817. --*/
  818. {
  819. DWORD dwError;
  820. DWORD dwWaitStatus;
  821. DWORD status;
  822. HRESULT hr;
  823. PWLX_NOTIFICATION_INFO pTempInfo;
  825. dwError = ERROR_SUCCESS;
  826. dwWaitStatus = 0x0;
  827. pTempInfo = (PWLX_NOTIFICATION_INFO) lpvParam;
  829. // Give SENS a chance to start if it has not already stated.
  830. // Give up after a short time in case sens is has been set to manual start
  831. // We could check the service configuration but the thread as already been
  832. // created so we save won't very much.
  834. ASSERT(ghSensStartedEvent);
  836. dwError = WaitForSingleObject(ghSensStartedEvent, 20*1000);
  837. if (dwError != STATUS_WAIT_0)
  838. {
  839. LogMessage((SENSLOGN "[%d] Wait for sens start event timed out...\n", GetTickCount()));
  840. }
  842. // Notify EventSystem
  843. LogMessage((SENSLOGN "[%d] Notifying EventSystem...\n", GetTickCount()));
  844. hr = SensNotifyEventSystem(NOTIFY_LCE_STARTSHELL, lpvParam);
  845. LogMessage((SENSLOGN "[%d] SensNotifyEventSystem() returned 0x%x\n", GetTickCount(), hr));
  847. // Try to fire SENS Event
  848. LogMessage((SENSLOGN "[%d] Notifying SENS...\n", GetTickCount()));
  849. FIRE_EVENT(SENS_NOTIFY_WINLOGON_STARTSHELL);
  850. LogMessage((SENSLOGN "[%d] SensNotifyWinlogonEvent(STARTSHELL) succeeded.\n", GetTickCount()));
  852. // Cleanup
  853. CloseHandle(pTempInfo->hToken);
  854. delete pTempInfo->UserName;
  855. delete pTempInfo->Domain;
  856. delete pTempInfo->WindowStation;
  857. delete pTempInfo;
  859. return ERROR_SUCCESS;
  860. }
  865. HRESULT
  866. SensNotifyEventSystem(
  867. DWORD dwEvent,
  868. LPVOID lpvParam
  869. )
  870. /*++
  872. Routine Description:
  874. This routine notifies EventSystem of the Logon/Logoff events.
  876. Arguments:
  878. dwEvent - Tells if the event is Logon or Logoff.
  880. lpvParam - Winlogon notification info.
  882. Notes:
  884. a. EventSystem's notify routine has been observed sometimes to take
  885. a long time causing Logoff to take longer time to complete.
  887. Return Value:
  889. HRESULT from EventSystem's Notify routine.
  891. --*/
  892. {
  893. HRESULT hr;
  895. hr = S_OK;
  897. PWLX_NOTIFICATION_INFO pTempInfo = (PWLX_NOTIFICATION_INFO)lpvParam;
  899. //
  900. // Notify the COM+ Event System that a user has just logged on.
  901. // Per-user subscriptions will be activated.
  902. //
  904. typedef HRESULT (__stdcall *LPFN_NOTIFICATION)(HANDLE);
  906. HMODULE hDLL;
  907. LPFN_NOTIFICATION lpfnNotify = NULL;
  909. hDLL = (HMODULE) LoadLibrary(EVENTSYSTEM_DLL);
  910. if (hDLL == NULL)
  911. {
  912. hr = HRESULT_FROM_WIN32(GetLastError());
  913. }
  914. else
  915. {
  916. if (dwEvent == NOTIFY_LCE_STARTSHELL)
  917. {
  918. lpfnNotify = (LPFN_NOTIFICATION) GetProcAddress(hDLL, NOTIFY_LCE_LOGONUSER);
  919. }
  920. else
  921. if (dwEvent == NOTIFY_LCE_LOGOFF)
  922. {
  923. lpfnNotify = (LPFN_NOTIFICATION) GetProcAddress(hDLL, NOTIFY_LCE_LOGOFFUSER);
  924. }
  926. hr = (lpfnNotify == NULL) ? HRESULT_FROM_WIN32(GetLastError()) : (*lpfnNotify)(pTempInfo->hToken);
  928. FreeLibrary(hDLL);
  929. }
  931. return hr;
  932. }
  934. #define MAX_WINDOWSTATION_NAME_LENGTH 1000
  937. DWORD
  938. _SecpGetCurrentUserToken(
  939. handle_t Binding,
  940. wchar_t WindowStation[],
  941. unsigned long * pToken,
  942. unsigned long DesiredAccess
  943. )
  944. /*++
  946. Routine Description:
  948. RPC server manager routine. This is the only method in the GetUserToken
  949. interface.
  951. The interface registered a callback function to verify that the caller is
  952. both non-remote and is local system.
  954. Arguments:
  956. Binding - RPC server binding
  957. WindowStation - window station retrive the token from
  958. pToken - Upon return this is the handle ID of the duplicated token in the
  959. callers process
  960. DesiredAccess - Access mask passed directly to the DuplicateHandle() call.
  962. Return Value:
  964. WIN32 ERROR value or 0
  966. --*/
  967. {
  968. HANDLE LocalToken;
  969. HANDLE RemoteToken;
  970. HANDLE RemoteProcess;
  971. unsigned long ProcessId;
  973. if (FALSE == gbIsTokenCodeInitialized)
  974. {
  975. return ERROR_OUTOFMEMORY;
  976. }
  978. //
  979. // Validate arguments. The only one that can cause us harm is the window station.
  980. //
  981. if (IsBadStringPtr( WindowStation, MAX_WINDOWSTATION_NAME_LENGTH))
  982. {
  983. return ERROR_ACCESS_DENIED;
  984. }
  986. if (I_RpcBindingInqLocalClientPID(0, &ProcessId))
  987. {
  988. return ERROR_ACCESS_DENIED;
  989. }
  991. //
  992. // Clone the token into the requested process.
  993. //
  994. LocalToken = ActiveUserList->CurrentUserTokenFromWindowStation( WindowStation );
  995. if (!LocalToken)
  996. {
  997. LogMessage((SENSLOGN "GetCurrentUserToken(): User not logged on!\n"));
  998. return ERROR_NOT_LOGGED_ON;
  999. }
  1001. RemoteProcess = OpenProcess(
  1002. PROCESS_DUP_HANDLE,
  1003. FALSE, // not inheritable
  1004. ProcessId
  1005. );
  1006. if (!RemoteProcess)
  1007. {
  1008. LogMessage((SENSLOGN "GetCurrentUserToken(): OpenProcess() failed!\n"));
  1009. return GetLastError();
  1010. }
  1012. // Only way to verify that the client process has not exited while waiting for
  1013. // the response. (this is to avoid duplicating the handle into another process).
  1014. //
  1015. // This is done after the OpenProcess() call to keep the PID from being reused before
  1016. // we could open the process.
  1018. if (RPC_S_OK != RpcImpersonateClient(0))
  1019. {
  1020. CloseHandle(RemoteProcess);
  1021. return ERROR_ACCESS_DENIED;
  1022. }
  1024. // We have already validated that the caller is local system in the interface callback.
  1026. RpcRevertToSelf();
  1028. if (!DuplicateHandle(
  1029. GetCurrentProcess(),
  1030. LocalToken,
  1031. RemoteProcess,
  1032. &RemoteToken,
  1033. DesiredAccess,
  1034. FALSE, // not inheritable
  1035. 0 // no funny options
  1036. ))
  1037. {
  1038. LogMessage((SENSLOGN "GetCurrentUserToken(): DuplicateHandle() failed!\n"));
  1039. CloseHandle( RemoteProcess );
  1040. return GetLastError();
  1041. }
  1043. CloseHandle( RemoteProcess );
  1044. *pToken = HandleToUlong(RemoteToken);
  1046. LogMessage((SENSLOGN "GetCurrentUserToken(): Succeeded. Returning 0x%x.\n", *pToken));
  1048. return ERROR_SUCCESS;
  1049. }
  1054. BOOL
  1055. USER_LOGON_TABLE::Add(
  1056. WLX_NOTIFICATION_INFO * User
  1057. )
  1058. {
  1059. USER_INFO_NODE * Entry;
  1061. if (FALSE == gbIsTokenCodeInitialized)
  1062. {
  1063. return FALSE;
  1064. }
  1066. CLAIM_MUTEX Lock( Mutex );
  1068. Entry = FindInactiveEntry();
  1069. if (!Entry)
  1070. {
  1071. Entry = new USER_INFO_NODE;
  1072. if (!Entry)
  1073. {
  1074. return FALSE;
  1075. }
  1077. Entry->fActive = FALSE;
  1079. InsertTailList( &List, &Entry->Links );
  1080. }
  1082. Entry->Info.Size = sizeof(WLX_NOTIFICATION_INFO);
  1083. Entry->Info.Flags = User->Flags;
  1084. Entry->Info.hToken = User->hToken;
  1086. SIZE_T sizeUserName = wcslen(User->UserName) + 1;
  1087. SIZE_T sizeDomain = wcslen(User->Domain) + 1;
  1088. SIZE_T sizeWinsta = wcslen(User->WindowStation) + 1;
  1090. WCHAR * Buffer = new WCHAR[sizeUserName + sizeDomain + sizeWinsta];
  1092. if (!Buffer)
  1093. {
  1094. Entry->Info.UserName = 0;
  1095. Entry->Info.Domain = 0;
  1096. Entry->Info.WindowStation = 0;
  1098. return FALSE;
  1099. }
  1101. //
  1102. // This must match the code in Remove().
  1103. //
  1104. Entry->Info.UserName = Buffer;
  1105. Entry->Info.Domain = Entry->Info.UserName+1+wcslen(User->UserName);
  1106. Entry->Info.WindowStation = Entry->Info.Domain +1+wcslen(User->Domain);
  1108. StringCchCopy(Entry->Info.UserName, sizeUserName, User->UserName);
  1109. StringCchCopy(Entry->Info.Domain, sizeDomain, User->Domain);
  1110. StringCchCopy(Entry->Info.WindowStation, sizeWinsta, User->WindowStation);
  1112. Entry->fActive = TRUE;
  1114. return TRUE;
  1115. }
  1120. BOOL
  1121. USER_LOGON_TABLE::Remove(
  1122. WLX_NOTIFICATION_INFO * User
  1123. )
  1124. {
  1125. if (FALSE == gbIsTokenCodeInitialized)
  1126. {
  1127. return FALSE;
  1128. }
  1130. USER_INFO_NODE * Entry = FromWindowStation( User->WindowStation );
  1132. if (Entry)
  1133. {
  1134. //
  1135. // This must match the code in Add().
  1136. //
  1137. delete Entry->Info.UserName;
  1139. Entry->fActive = FALSE;
  1141. Mutex.Leave();
  1142. return TRUE;
  1143. }
  1145. Mutex.Leave();
  1146. return FALSE;
  1147. }
  1152. HANDLE
  1153. USER_LOGON_TABLE::CurrentUserTokenFromWindowStation(
  1154. wchar_t WindowStation[]
  1155. )
  1156. {
  1157. HANDLE Token = NULL;
  1158. USER_INFO_NODE * Node = FromWindowStation(WindowStation);
  1160. if (Node)
  1161. {
  1162. Token = Node->Info.hToken;
  1163. }
  1165. Mutex.Leave();
  1166. return Token;
  1167. }
  1172. USER_INFO_NODE *
  1173. USER_LOGON_TABLE::FromWindowStation(
  1174. wchar_t WindowStation[]
  1175. )
  1176. /*++
  1178. Note that the mutex is held on exit, to avoid race conditions.
  1180. --*/
  1181. {
  1182. USER_INFO_NODE * Node;
  1183. LIST_ENTRY * Link;
  1185. Mutex.Enter();
  1187. for (Link = List.Flink, Node = CONTAINING_RECORD(Link, USER_INFO_NODE, Links);
  1188. Link != &List;
  1189. Link = Link->Flink, Node = CONTAINING_RECORD(Link, USER_INFO_NODE, Links))
  1190. {
  1191. if (Node->fActive && 0 == wcscmp(Node->Info.WindowStation, WindowStation))
  1192. {
  1193. return Node;
  1194. }
  1195. }
  1197. return 0;
  1198. }
  1203. USER_INFO_NODE *
  1204. USER_LOGON_TABLE::FindInactiveEntry(
  1205. void
  1206. )
  1207. {
  1208. USER_INFO_NODE * Node;
  1209. LIST_ENTRY * Link;
  1211. for (Link = List.Flink, Node = CONTAINING_RECORD(Link, USER_INFO_NODE, Links);
  1212. Link != &List;
  1213. Link = Link->Flink, Node = CONTAINING_RECORD(Link, USER_INFO_NODE, Links))
  1214. {
  1215. if (!Node->fActive)
  1216. {
  1217. return Node;
  1218. }
  1219. }
  1221. return 0;
  1222. }
  1225. RPC_STATUS RPC_ENTRY
  1226. AllowLocalSystem (
  1227. IN RPC_IF_HANDLE InterfaceUuid,
  1228. IN void *Context
  1229. )
  1230. {
  1231. unsigned fLocal = FALSE;
  1233. if (RPC_S_OK != I_RpcBindingIsClientLocal(NULL, &fLocal))
  1234. {
  1235. return ERROR_ACCESS_DENIED;
  1236. }
  1238. if (!fLocal)
  1239. {
  1240. return ERROR_ACCESS_DENIED;
  1241. }
  1244. if (!IsRpcCallerLocalSystem())
  1245. {
  1246. return ERROR_ACCESS_DENIED;
  1247. }
  1249. return RPC_S_OK;
  1250. }