archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/shell/ext/shgina/logonipc.cpp

503 lines
18 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. // --------------------------------------------------------------------------
  2. // Module Name: LogonIPC.cpp
  3. //
  4. // Copyright (c) 1999, Microsoft Corporation
  5. //
  6. // Class that implements communication between an external process and the
  7. // GINA logon dialog.
  8. //
  9. // History: 1999-08-20 vtan created
  10. // 2000-01-31 vtan moved from Neptune to Whistler
  11. // --------------------------------------------------------------------------
  13. #include "priv.h"
  14. #include "limits.h"
  15. #include "LogonIPC.h"
  17. #include "GinaIPC.h"
  19. // --------------------------------------------------------------------------
  20. // CLogonIPC::CLogonIPC
  21. //
  22. // Arguments: <none>
  23. //
  24. // Returns: <none>
  25. //
  26. // Purpose: Initializes the CLogonIPC class.
  27. //
  28. // History: 1999-08-20 vtan created
  29. // --------------------------------------------------------------------------
  31. CLogonIPC::CLogonIPC (void) :
  32. _iLogonAttemptCount(0),
  33. _hwndLogonService(NULL)
  35. {
  36. }
  38. // --------------------------------------------------------------------------
  39. // CLogonIPC::~CLogonIPC
  40. //
  41. // Arguments: <none>
  42. //
  43. // Returns: <none>
  44. //
  45. // Purpose: Releases any resources used by the CLogonIPC class.
  46. //
  47. // History: 1999-08-20 vtan created
  48. // --------------------------------------------------------------------------
  50. CLogonIPC::~CLogonIPC (void)
  52. {
  53. }
  55. // --------------------------------------------------------------------------
  56. // CLogonIPC::IsLogonServiceAvailable
  57. //
  58. // Arguments: <none>
  59. //
  60. // Returns: bool = Presence or abscence.
  61. //
  62. // Purpose: Finds out if the window providing logon service in GINA is
  63. // available. The determination is not performed statically but
  64. // rather dynamically which allows this class to be hosted by
  65. // the actual window providing the service as well.
  66. //
  67. // History: 1999-08-20 vtan created
  68. // --------------------------------------------------------------------------
  70. bool CLogonIPC::IsLogonServiceAvailable (void)
  72. {
  73. _hwndLogonService = FindWindow(NULL, TEXT("GINA Logon"));
  74. return(_hwndLogonService != NULL);
  75. }
  77. // --------------------------------------------------------------------------
  78. // CLogonIPC::IsUserLoggedOn
  79. //
  80. // Arguments: pwszUsername = User name.
  81. // pwszDomain = User domain.
  82. //
  83. // Returns: bool = Presence or abscence.
  84. //
  85. // Purpose: Finds out if the given user is logged onto the system. You
  86. // may pass a NULL pwszDomain for the local machine.
  87. //
  88. // History: 1999-08-20 vtan created
  89. // --------------------------------------------------------------------------
  91. bool CLogonIPC::IsUserLoggedOn (const WCHAR *pwszUsername, const WCHAR *pwszDomain)
  93. {
  94. LOGONIPC_USERID logonIPCUserID;
  96. PackageIdentification(pwszUsername, pwszDomain, &logonIPCUserID);
  97. return(SendToLogonService(LOGON_QUERY_LOGGED_ON, &logonIPCUserID, sizeof(logonIPCUserID), true));
  98. }
  100. // --------------------------------------------------------------------------
  101. // CLogonIPC::LogUserOn
  102. //
  103. // Arguments: pwszUsername = User name.
  104. // pwszDomain = User domain.
  105. // pwszPassword = User password. This is passed clear text.
  106. // Once encoded the password buffer is
  107. // zeroed. This function owns the memory that
  108. // you pass in.
  109. //
  110. // Returns: bool = Success or failure.
  111. //
  112. // Purpose: Attempts to log the user with the given credentials onto the
  113. // system. The password buffer is owned by this function for the
  114. // purpose of clearing it once encoded. Failed logon attempts
  115. // cause a counter to be incremented and a subsequent delay using
  116. // that counter is done to slow dictionary attacks.
  117. //
  118. // History: 1999-08-20 vtan created
  119. // --------------------------------------------------------------------------
  121. bool CLogonIPC::LogUserOn (const WCHAR *pwszUsername, const WCHAR *pwszDomain, WCHAR *pwszPassword)
  123. {
  124. bool fResult;
  125. UNICODE_STRING passwordString;
  126. LOGONIPC_CREDENTIALS logonIPCCredentials;
  128. PackageIdentification(pwszUsername, pwszDomain, &logonIPCCredentials.userID);
  130. // Limit the password to 127 characters. RtlRunEncodeUnicodeString
  131. // does not support strings greater than 127 characters.
  132. //
  133. // REVIEW (jeffreys) I don't think that's true.
  135. StringCchCopyNEx(logonIPCCredentials.wszPassword, ARRAYSIZE(logonIPCCredentials.wszPassword), pwszPassword, 127, NULL, NULL, STRSAFE_FILL_BEHIND_NULL);
  136. ZeroMemory(pwszPassword, (lstrlen(pwszPassword) + 1) * sizeof(WCHAR));
  138. logonIPCCredentials.iPasswordLength = lstrlen(logonIPCCredentials.wszPassword);
  139. logonIPCCredentials.ucPasswordSeed = 0;
  141. passwordString.Buffer = logonIPCCredentials.wszPassword;
  142. passwordString.Length = (USHORT)(logonIPCCredentials.iPasswordLength * sizeof(WCHAR));
  143. passwordString.MaximumLength = sizeof(logonIPCCredentials.wszPassword);
  145. RtlRunEncodeUnicodeString(&logonIPCCredentials.ucPasswordSeed, &passwordString);
  147. fResult = SendToLogonService(LOGON_LOGON_USER, &logonIPCCredentials, sizeof(logonIPCCredentials), false);
  148. if (!fResult)
  149. {
  150. Sleep(_iLogonAttemptCount * 1000);
  151. if (_iLogonAttemptCount < 5)
  152. {
  153. _iLogonAttemptCount++;
  154. }
  155. }
  157. return fResult;
  158. }
  160. // --------------------------------------------------------------------------
  161. // CLogonIPC::LogUserOff
  162. //
  163. // Arguments: pwszUsername = User name.
  164. // pwszDomain = User domain.
  165. //
  166. // Returns: bool = Success or failure.
  167. //
  168. // Purpose: Attempts to log the given user off the system. This will fail
  169. // if they aren't logged on.
  170. //
  171. // History: 1999-08-20 vtan created
  172. // --------------------------------------------------------------------------
  174. bool CLogonIPC::LogUserOff (const WCHAR *pwszUsername, const WCHAR *pwszDomain)
  176. {
  177. LOGONIPC_USERID logonIPCUserID;
  179. PackageIdentification(pwszUsername, pwszDomain, &logonIPCUserID);
  180. return(SendToLogonService(LOGON_LOGOFF_USER, &logonIPCUserID, sizeof(logonIPCUserID), true));
  181. }
  183. // --------------------------------------------------------------------------
  184. // CLogonIPC::TestBlankPassword
  185. //
  186. // Arguments: pwszUsername = User name.
  187. // pwszDomain = User domain.
  188. //
  189. // Returns: bool = Success or failure.
  190. //
  191. // Purpose: Attempts to log the given user on the system with a blank
  192. // password. The token is then dump and failure/success returned.
  193. //
  194. // History: 2000-03-09 vtan created
  195. // --------------------------------------------------------------------------
  197. bool CLogonIPC::TestBlankPassword (const WCHAR *pwszUsername, const WCHAR *pwszDomain)
  199. {
  200. LOGONIPC_USERID logonIPCUserID;
  202. PackageIdentification(pwszUsername, pwszDomain, &logonIPCUserID);
  203. return(SendToLogonService(LOGON_TEST_BLANK_PASSWORD, &logonIPCUserID, sizeof(logonIPCUserID), true));
  204. }
  206. // --------------------------------------------------------------------------
  207. // CLogonIPC::TestInteractiveLogonAllowed
  208. //
  209. // Arguments: pwszUsername = User name.
  210. // pwszDomain = User domain.
  211. //
  212. // Returns: bool
  213. //
  214. // Purpose: Test whether the user has interactive logon rights to this
  215. // machine. The presence of SeDenyInteractiveLogonRight
  216. // determines this - NOT the presence of SeInteractiveLogonRight.
  217. //
  218. // History: 2000-08-15 vtan created
  219. // --------------------------------------------------------------------------
  221. bool CLogonIPC::TestInteractiveLogonAllowed (const WCHAR *pwszUsername, const WCHAR *pwszDomain)
  223. {
  224. LOGONIPC_USERID logonIPCUserID;
  226. PackageIdentification(pwszUsername, pwszDomain, &logonIPCUserID);
  227. return(SendToLogonService(LOGON_TEST_INTERACTIVE_LOGON_ALLOWED, &logonIPCUserID, sizeof(logonIPCUserID), true));
  228. }
  230. // --------------------------------------------------------------------------
  231. // CLogonIPC::TestEjectAllowed
  232. //
  233. // Arguments: <none>
  234. //
  235. // Returns: bool = Success or failure.
  236. //
  237. // Purpose: Tests whether the computer is ejectable (docked laptop).
  238. //
  239. // History: 2001-01-10 vtan created
  240. // --------------------------------------------------------------------------
  242. bool CLogonIPC::TestEjectAllowed (void)
  244. {
  245. LOGONIPC logonIPC;
  247. return(SendToLogonService(LOGON_TEST_EJECT_ALLOWED, &logonIPC, sizeof(logonIPC), true));
  248. }
  250. // --------------------------------------------------------------------------
  251. // CLogonIPC::TestShutdownAllowed
  252. //
  253. // Arguments: <none>
  254. //
  255. // Returns: bool = Success or failure.
  256. //
  257. // Purpose: Tests whether the computer can be shut down.
  258. //
  259. // History: 2001-02-22 vtan created
  260. // --------------------------------------------------------------------------
  262. bool CLogonIPC::TestShutdownAllowed (void)
  264. {
  265. LOGONIPC logonIPC;
  267. return(SendToLogonService(LOGON_TEST_SHUTDOWN_ALLOWED, &logonIPC, sizeof(logonIPC), true));
  268. }
  270. // --------------------------------------------------------------------------
  271. // CLogonIPC::TurnOffComputer
  272. //
  273. // Arguments: <none>
  274. //
  275. // Returns: bool = Success or failure.
  276. //
  277. // Purpose: Brings up the "Turn Off Computer" dialog and allows the user
  278. // to choose what to do.
  279. //
  280. // History: 2000-04-20 vtan created
  281. // --------------------------------------------------------------------------
  283. bool CLogonIPC::TurnOffComputer (void)
  285. {
  286. LOGONIPC logonIPC;
  288. return(SendToLogonService(LOGON_TURN_OFF_COMPUTER, &logonIPC, sizeof(logonIPC), false));
  289. }
  291. // --------------------------------------------------------------------------
  292. // CLogonIPC::EjectComputer
  293. //
  294. // Arguments: <none>
  295. //
  296. // Returns: bool = Success or failure.
  297. //
  298. // Purpose: Ejects the computer (docked laptop).
  299. //
  300. // History: 2001-01-10 vtan created
  301. // --------------------------------------------------------------------------
  303. bool CLogonIPC::EjectComputer (void)
  305. {
  306. LOGONIPC logonIPC;
  308. return(SendToLogonService(LOGON_EJECT_COMPUTER, &logonIPC, sizeof(logonIPC), true));
  309. }
  311. // --------------------------------------------------------------------------
  312. // CLogonIPC::SignalUIHostFailure
  313. //
  314. // Arguments: <none>
  315. //
  316. // Returns: bool
  317. //
  318. // Purpose: Called when the UI host has an error that it cannot recover
  319. // from. This signals msgina to fall back to classic mode.
  320. //
  321. // History: 2000-03-09 vtan created
  322. // --------------------------------------------------------------------------
  324. bool CLogonIPC::SignalUIHostFailure (void)
  326. {
  327. LOGONIPC logonIPC;
  329. return(SendToLogonService(LOGON_SIGNAL_UIHOST_FAILURE, &logonIPC, sizeof(logonIPC), true));
  330. }
  332. // --------------------------------------------------------------------------
  333. // CLogonIPC::AllowExternalCredentials
  334. //
  335. // Arguments: <none>
  336. //
  337. // Returns: bool = Success or failure.
  338. //
  339. // Purpose:
  340. //
  341. // History: 2000-06-26 vtan created
  342. // --------------------------------------------------------------------------
  344. bool CLogonIPC::AllowExternalCredentials (void)
  346. {
  347. LOGONIPC logonIPC;
  349. return(SendToLogonService(LOGON_ALLOW_EXTERNAL_CREDENTIALS, &logonIPC, sizeof(logonIPC), true));
  350. }
  352. // --------------------------------------------------------------------------
  353. // CLogonIPC::RequestExternalCredentials
  354. //
  355. // Arguments: <none>
  356. //
  357. // Returns: bool
  358. //
  359. // Purpose:
  360. //
  361. // History: 2000-06-26 vtan created
  362. // --------------------------------------------------------------------------
  364. bool CLogonIPC::RequestExternalCredentials (void)
  366. {
  367. LOGONIPC logonIPC;
  369. return(SendToLogonService(LOGON_REQUEST_EXTERNAL_CREDENTIALS, &logonIPC, sizeof(logonIPC), true));
  370. }
  372. // --------------------------------------------------------------------------
  373. // CLogonIPC::PackageIdentification
  374. //
  375. // Arguments: pwszUsername = User name.
  376. // pwszDomain = User domain.
  377. // pIdentification = Pointer to a LOGONIPC_USERID struct
  378. // which is masked as void* to allow
  379. // LogonIPC.h to not expose this detail.
  380. //
  381. // Returns: <none>
  382. //
  383. // Purpose: Takes the user name and domain and packages them into the
  384. // given struct. If no domain is given the a zero length string
  385. // is used which indicates to the logon service provider that
  386. // the local machine is desired.
  387. //
  388. // Now parses the user name given. If the user has "\" then it
  389. // is assumed to be of the form "DOMAIN\USER". If the user has
  390. // "@" then it is assumed to be a UPN name.
  391. //
  392. // History: 1999-08-20 vtan created
  393. // 2000-06-27 vtan added UPN and DOMAIN parsing support
  394. // --------------------------------------------------------------------------
  396. void CLogonIPC::PackageIdentification (const WCHAR *pwszUsername, const WCHAR *pwszDomain, void *pIdentification)
  398. {
  399. LPTSTR psz;
  400. LOGONIPC_USERID *pLogonIPCUserID;
  402. pLogonIPCUserID = reinterpret_cast<LOGONIPC_USERID*>(pIdentification);
  404. pLogonIPCUserID->wszUsername[0] = L'\0';
  405. pLogonIPCUserID->wszDomain[0] = L'\0';
  407. psz = StrChrW(pwszUsername, L'\\');
  408. if (psz)
  409. {
  410. // stuff after the '\' is the username
  411. StringCchCopyW(pLogonIPCUserID->wszUsername, ARRAYSIZE(pLogonIPCUserID->wszUsername), psz + 1);
  413. // stuff before the '\' is the domain name
  414. StringCchCopyNW(pLogonIPCUserID->wszDomain, ARRAYSIZE(pLogonIPCUserID->wszDomain), pwszUsername, psz - pwszUsername);
  415. }
  416. else
  417. {
  418. StringCchCopyW(pLogonIPCUserID->wszUsername, ARRAYSIZE(pLogonIPCUserID->wszUsername), pwszUsername);
  419. }
  420. }
  422. // --------------------------------------------------------------------------
  423. // CLogonIPC::SendToLogonService
  424. //
  425. // Arguments: wQueryType = What type of service we are interested in.
  426. // pData = Pointer to the data.
  427. // wDataSize = Size of the data.
  428. // fBlock = Block message pump or not.
  429. //
  430. // Returns: bool = Success or failure.
  431. //
  432. // Purpose: Takes the package data and sends the message to the logon
  433. // service provider and receives the result. The logon service
  434. // provider started this process and reads this process' memory
  435. // directly (like a debugger would).
  436. //
  437. // This function should block the message pump because if it
  438. // processes another state change message while waiting for a
  439. // response it could destroy data.
  440. //
  441. // History: 1999-08-20 vtan created
  442. // 2001-06-22 vtan changed to SendMessageTimeout
  443. // 2001-06-28 vtan added block parameter
  444. // --------------------------------------------------------------------------
  446. bool CLogonIPC::SendToLogonService (WORD wQueryType, void *pData, WORD wDataSize, bool fBlock)
  448. {
  449. bool fResult;
  451. fResult = IsLogonServiceAvailable();
  452. if (fResult)
  453. {
  454. DWORD_PTR dwResult;
  456. reinterpret_cast<LOGONIPC*>(pData)->fResult = false;
  458. // WARNING: Danger Will Robinson.
  460. // Do NOT change INT_MAX to INFINITE. INT_MAX is a SIGNED number.
  461. // INFINITE is an UNSIGNED number. Despite the SDK and prototype
  462. // of SendMessageTimeout this timeout value is a SIGNED number.
  463. // Passing in an unsigned number causes the timeout to be
  464. // ignored and the function returns with a timeout.
  466. (LRESULT)SendMessageTimeout(_hwndLogonService,
  467. WM_LOGONSERVICEREQUEST,
  468. MAKEWPARAM(wDataSize, wQueryType),
  469. reinterpret_cast<LPARAM>(pData),
  470. fBlock ? SMTO_BLOCK : SMTO_NORMAL,
  471. INT_MAX, // See above warning.
  472. &dwResult);
  473. fResult = (reinterpret_cast<LOGONIPC*>(pData)->fResult != FALSE);
  474. }
  475. return(fResult);
  476. }
  478. // --------------------------------------------------------------------------
  479. // CLogonIPC::PostToLogonService
  480. //
  481. // Arguments: wQueryType = What type of service we are interested in.
  482. // pData = Pointer to the data.
  483. // wDataSize = Size of the data.
  484. //
  485. // Returns: <none>
  486. //
  487. // Purpose: Takes the package data and posts the message to the logon
  488. // service provider and receives the result. The logon service
  489. // provider started this process and reads this process' memory
  490. // directly (like a debugger would).
  491. //
  492. // History: 1999-11-26 vtan created
  493. // --------------------------------------------------------------------------
  495. void CLogonIPC::PostToLogonService (WORD wQueryType, void *pData, WORD wDataSize)
  497. {
  498. if (IsLogonServiceAvailable())
  499. {
  500. TBOOL(PostMessage(_hwndLogonService, WM_LOGONSERVICEREQUEST, MAKEWPARAM(wDataSize, wQueryType), reinterpret_cast<LPARAM>(pData)));
  501. }
  502. }