Subversion Repositories Aucun

Rev

Rev 40 | Rev 100 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
2 ixe013 1
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2
 
3
 THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
4
 EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
5
 WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
6
 
7
 Copyright (C) 1996 - 2000.  Microsoft Corporation.  All rights reserved.
8
 
9
 Module:   Ginahook.c
10
 
11
 Abstract: See ReadMe.txt for more detail information about this sample.
12
 
13
 Revision: August 6, 1999.
14
 
15
-------------------------------------------------------------------------------*/
16
 
17
#define _WIN32_WINNT 0x0501
18
 
19
#include <windows.h>
20
#include <winwlx.h>
21
 
22
#include "Ginahook.h"
23
#include "GinaDlg.h"
40 ixe013 24
#include "global.h"
91 ixe013 25
#include "trace.h"
40 ixe013 26
#include "debug.h"
91 ixe013 27
#include "SecurityHelper.h"
2 ixe013 28
 
29
//
30
// Location of the real MSGINA.
31
//
32
 
33
#define REALGINA_PATH      TEXT("MSGINA.DLL")
34
#define GINASTUB_VERSION   (WLX_VERSION_1_4) // Highest version supported at
35
// this point. Remember to modify
36
// this as support for newer version
37
// is added to this program.
40 ixe013 38
 
39
//Hooked instance of MSGINA
40
HINSTANCE hDll;
41
 
2 ixe013 42
//
43
// Winlogon function dispatch table.
44
//
40 ixe013 45
PVOID g_pWinlogon = NULL;
2 ixe013 46
static DWORD g_dwVersion = WLX_VERSION_1_4;
47
static HANDLE WinlogonHandle = 0;
48
 
40 ixe013 49
static MyGinaContext gAucunContext = {0};
50
MyGinaContext *pgAucunContext = &gAucunContext;
51
 
2 ixe013 52
//
53
// Pointers to the real MSGINA functions.
54
//
55
 
56
static PFWLXNEGOTIATE            pfWlxNegotiate;
57
static PFWLXINITIALIZE           pfWlxInitialize;
58
static PFWLXDISPLAYSASNOTICE     pfWlxDisplaySASNotice;
59
static PFWLXLOGGEDOUTSAS         pfWlxLoggedOutSAS;
60
static PFWLXACTIVATEUSERSHELL    pfWlxActivateUserShell;
61
static PFWLXLOGGEDONSAS          pfWlxLoggedOnSAS;
62
static PFWLXDISPLAYLOCKEDNOTICE  pfWlxDisplayLockedNotice;
63
static PFWLXWKSTALOCKEDSAS       pfWlxWkstaLockedSAS;
64
static PFWLXISLOCKOK             pfWlxIsLockOk;
65
static PFWLXISLOGOFFOK           pfWlxIsLogoffOk;
66
static PFWLXLOGOFF               pfWlxLogoff;
67
static PFWLXSHUTDOWN             pfWlxShutdown;
68
 
69
//
70
// New for version 1.1
71
//
72
static PFWLXSTARTAPPLICATION     pfWlxStartApplication  = NULL;
73
static PFWLXSCREENSAVERNOTIFY    pfWlxScreenSaverNotify = NULL;
74
 
75
//
76
// New for version 1.2 - No new GINA interface was added, except
77
//                       a new function in the dispatch table.
78
//
79
 
80
//
81
// New for version 1.3
82
//
83
static PFWLXNETWORKPROVIDERLOAD   pfWlxNetworkProviderLoad  = NULL;
84
static PFWLXDISPLAYSTATUSMESSAGE  pfWlxDisplayStatusMessage = NULL;
85
static PFWLXGETSTATUSMESSAGE      pfWlxGetStatusMessage     = NULL;
86
static PFWLXREMOVESTATUSMESSAGE   pfWlxRemoveStatusMessage  = NULL;
87
 
88
//
89
// New for version 1.4
90
//
91
static PWLXGETCONSOLESWITCHCREDENTIALS pfWlxGetConsoleSwitchCredentials = NULL;
92
static PWLXRECONNECTNOTIFY pfWlxReconnectNotify  = NULL;
93
static PWLXDISCONNECTNOTIFY pfWlxDisconnectNotify = NULL;
94
 
40 ixe013 95
PVOID GetHookedContext(PVOID pWlxContext)
96
{
91 ixe013 97
    return ((MyGinaContext*)pWlxContext)->mHookedContext;
40 ixe013 98
}
91 ixe013 99
 
2 ixe013 100
//
101
// Hook into the real MSGINA.
102
//
103
BOOL MyInitialize(HINSTANCE hDll, DWORD dwWlxVersion)
104
{
91 ixe013 105
    //
106
    // Get pointers to all of the WLX functions in the real MSGINA.
107
    //
108
    pfWlxInitialize = (PFWLXINITIALIZE) GetProcAddress(hDll, "WlxInitialize");
2 ixe013 109
 
91 ixe013 110
    if (!pfWlxInitialize)
111
    {
112
        return FALSE;
113
    }
2 ixe013 114
 
91 ixe013 115
    pfWlxDisplaySASNotice = (PFWLXDISPLAYSASNOTICE) GetProcAddress(hDll, "WlxDisplaySASNotice");
2 ixe013 116
 
91 ixe013 117
    if (!pfWlxDisplaySASNotice)
118
    {
119
        return FALSE;
120
    }
2 ixe013 121
 
91 ixe013 122
    pfWlxLoggedOutSAS = (PFWLXLOGGEDOUTSAS) GetProcAddress(hDll, "WlxLoggedOutSAS");
2 ixe013 123
 
91 ixe013 124
    if (!pfWlxLoggedOutSAS)
125
    {
126
        return FALSE;
127
    }
2 ixe013 128
 
91 ixe013 129
    pfWlxActivateUserShell = (PFWLXACTIVATEUSERSHELL) GetProcAddress(hDll, "WlxActivateUserShell");
2 ixe013 130
 
91 ixe013 131
    if (!pfWlxActivateUserShell)
132
    {
133
        return FALSE;
134
    }
2 ixe013 135
 
91 ixe013 136
    pfWlxLoggedOnSAS = (PFWLXLOGGEDONSAS) GetProcAddress(hDll, "WlxLoggedOnSAS");
2 ixe013 137
 
91 ixe013 138
    if (!pfWlxLoggedOnSAS)
139
    {
140
        return FALSE;
141
    }
2 ixe013 142
 
91 ixe013 143
    pfWlxDisplayLockedNotice = (PFWLXDISPLAYLOCKEDNOTICE) GetProcAddress(hDll, "WlxDisplayLockedNotice");
2 ixe013 144
 
91 ixe013 145
    if (!pfWlxDisplayLockedNotice)
146
    {
147
        return FALSE;
148
    }
2 ixe013 149
 
91 ixe013 150
    pfWlxIsLockOk = (PFWLXISLOCKOK) GetProcAddress(hDll, "WlxIsLockOk");
2 ixe013 151
 
91 ixe013 152
    if (!pfWlxIsLockOk)
153
    {
154
        return FALSE;
155
    }
2 ixe013 156
 
91 ixe013 157
    pfWlxWkstaLockedSAS = (PFWLXWKSTALOCKEDSAS) GetProcAddress(hDll, "WlxWkstaLockedSAS");
2 ixe013 158
 
91 ixe013 159
    if (!pfWlxWkstaLockedSAS)
160
    {
161
        return FALSE;
162
    }
2 ixe013 163
 
91 ixe013 164
    pfWlxIsLogoffOk = (PFWLXISLOGOFFOK) GetProcAddress(hDll, "WlxIsLogoffOk");
2 ixe013 165
 
91 ixe013 166
    if (!pfWlxIsLogoffOk)
167
    {
168
        return FALSE;
169
    }
2 ixe013 170
 
91 ixe013 171
    pfWlxLogoff = (PFWLXLOGOFF) GetProcAddress(hDll, "WlxLogoff");
2 ixe013 172
 
91 ixe013 173
    if (!pfWlxLogoff)
174
    {
175
        return FALSE;
176
    }
2 ixe013 177
 
91 ixe013 178
    pfWlxShutdown = (PFWLXSHUTDOWN) GetProcAddress(hDll, "WlxShutdown");
2 ixe013 179
 
91 ixe013 180
    if (!pfWlxShutdown)
181
    {
182
        return FALSE;
183
    }
2 ixe013 184
 
91 ixe013 185
    //
186
    // Load functions for version 1.1 as necessary.
187
    //
188
    if (dwWlxVersion > WLX_VERSION_1_0)
189
    {
190
        pfWlxStartApplication = (PFWLXSTARTAPPLICATION) GetProcAddress(hDll, "WlxStartApplication");
2 ixe013 191
 
91 ixe013 192
        if (!pfWlxStartApplication)
193
        {
194
            return FALSE;
195
        }
2 ixe013 196
 
91 ixe013 197
        pfWlxScreenSaverNotify = (PFWLXSCREENSAVERNOTIFY) GetProcAddress(hDll, "WlxScreenSaverNotify");
2 ixe013 198
 
91 ixe013 199
        if (!pfWlxScreenSaverNotify)
200
        {
201
            return FALSE;
202
        }
203
    }
2 ixe013 204
 
91 ixe013 205
    //
206
    // Load functions for version 1.3 as necessary.
207
    //
208
    if (dwWlxVersion > WLX_VERSION_1_2)
209
    {
210
        pfWlxNetworkProviderLoad = (PFWLXNETWORKPROVIDERLOAD)GetProcAddress(hDll, "WlxNetworkProviderLoad");
2 ixe013 211
 
91 ixe013 212
        if (!pfWlxNetworkProviderLoad)
213
        {
214
            return FALSE;
215
        }
2 ixe013 216
 
91 ixe013 217
        pfWlxDisplayStatusMessage = (PFWLXDISPLAYSTATUSMESSAGE)GetProcAddress(hDll, "WlxDisplayStatusMessage");
2 ixe013 218
 
91 ixe013 219
        if (!pfWlxDisplayStatusMessage)
220
        {
221
            return FALSE;
222
        }
2 ixe013 223
 
91 ixe013 224
        pfWlxGetStatusMessage =(PFWLXGETSTATUSMESSAGE)GetProcAddress(hDll, "WlxGetStatusMessage");
225
        if (!pfWlxGetStatusMessage)
226
        {
227
            return FALSE;
228
        }
2 ixe013 229
 
91 ixe013 230
        pfWlxRemoveStatusMessage =
231
            (PFWLXREMOVESTATUSMESSAGE)
232
            GetProcAddress(hDll, "WlxRemoveStatusMessage");
233
        if (!pfWlxRemoveStatusMessage)
234
        {
235
            return FALSE;
236
        }
237
    }
23 ixe013 238
 
91 ixe013 239
    //
240
    // Load functions for version 1.3 as necessary.
241
    //
242
    if (dwWlxVersion > WLX_VERSION_1_3)
243
    {
244
        pfWlxGetConsoleSwitchCredentials = (PWLXGETCONSOLESWITCHCREDENTIALS) GetProcAddress(hDll, "WlxGetConsoleSwitchCredentials");
245
        if (!pfWlxGetConsoleSwitchCredentials) return FALSE;
23 ixe013 246
 
91 ixe013 247
        pfWlxReconnectNotify = (PWLXRECONNECTNOTIFY) GetProcAddress(hDll, "WlxReconnectNotify");
248
        if (!pfWlxReconnectNotify) return FALSE;
23 ixe013 249
 
91 ixe013 250
        pfWlxDisconnectNotify = (PWLXDISCONNECTNOTIFY) GetProcAddress(hDll, "WlxDisconnectNotify");
251
        if (!pfWlxDisconnectNotify) return FALSE;
23 ixe013 252
 
91 ixe013 253
    }
23 ixe013 254
 
91 ixe013 255
    //
256
    // Everything loaded OK.
257
    //
258
    return TRUE;
2 ixe013 259
}
260
 
261
 
23 ixe013 262
BOOL WINAPI WlxNegotiate(DWORD dwWinlogonVersion, DWORD *pdwDllVersion)
2 ixe013 263
{
91 ixe013 264
    DWORD dwWlxVersion = GINASTUB_VERSION;
9 ixe013 265
 
91 ixe013 266
    //
267
    // Load MSGINA.DLL.
268
    //
269
    if (!(hDll = LoadLibrary(REALGINA_PATH)))
270
    {
271
        return FALSE;
272
    }
9 ixe013 273
 
91 ixe013 274
    //
275
    // Get pointers to WlxNegotiate function in the real MSGINA.
276
    //
277
    pfWlxNegotiate = (PFWLXNEGOTIATE) GetProcAddress(hDll, "WlxNegotiate");
278
    if (!pfWlxNegotiate)
279
    {
280
        return FALSE;
281
    }
9 ixe013 282
 
91 ixe013 283
    //
284
    // Handle older version of Winlogon.
285
    //
286
    if (dwWinlogonVersion < dwWlxVersion)
287
    {
288
        dwWlxVersion = dwWinlogonVersion;
289
    }
2 ixe013 290
 
91 ixe013 291
    //
292
    // Negotiate with MSGINA for version that we can support.
293
    //
294
    if (!pfWlxNegotiate(dwWlxVersion, &dwWlxVersion))
295
    {
296
        return FALSE;
297
    }
2 ixe013 298
 
91 ixe013 299
    //
300
    // Load the rest of the WLX functions from the real MSGINA.
301
    //
302
    if (!MyInitialize(hDll, dwWlxVersion))
303
    {
304
        return FALSE;
305
    }
2 ixe013 306
 
91 ixe013 307
    //
308
    // Inform Winlogon which version to use.
309
    //
310
    *pdwDllVersion = g_dwVersion = dwWlxVersion;
2 ixe013 311
 
91 ixe013 312
    return TRUE;
2 ixe013 313
}
314
 
315
 
23 ixe013 316
BOOL WINAPI WlxInitialize(LPWSTR lpWinsta, HANDLE hWlx, PVOID pvReserved, PVOID pWinlogonFunctions, PVOID * pWlxContext)
2 ixe013 317
{
91 ixe013 318
    BOOL result;
319
    //
320
    // Save pointer to dispatch table.
321
    //
322
    // Note that g_pWinlogon will need to be properly casted to the
323
    // appropriate version when used to call function in the dispatch
324
    // table.
325
    //
326
    // For example, assuming we are at WLX_VERSION_1_3, we would call
327
    // WlxSasNotify() as follows:
328
    //
329
    // ((PWLX_DISPATCH_VERSION_1_3) g_pWinlogon)->WlxSasNotify(hWlx, MY_SAS);
330
    //
331
    g_pWinlogon = pWinlogonFunctions;
2 ixe013 332
 
91 ixe013 333
    WinlogonHandle = hWlx;
2 ixe013 334
 
91 ixe013 335
    //
336
    // Now hook the WlxDialogBoxParam() dispatch function.
337
    //
338
    HookWlxDialogBoxParam(g_pWinlogon, g_dwVersion);
2 ixe013 339
 
91 ixe013 340
    //*
341
    *pWlxContext = &gAucunContext;
342
    gAucunContext.Winlogon = hWlx;
343
    result = pfWlxInitialize(lpWinsta, hWlx, pvReserved, pWinlogonFunctions, &gAucunContext.mHookedContext);
40 ixe013 344
 
345
 
91 ixe013 346
    /*/
347
    result = pfWlxInitialize(lpWinsta, hWlx, pvReserved, pWinlogonFunctions, pWlxContext);
348
    //*/
40 ixe013 349
 
91 ixe013 350
    if(result == TRUE)
351
    {
352
        gAucunContext.mLSA = 0; //safety
353
        RegisterLogonProcess(LOGON_PROCESS_NAME, &gAucunContext.mLSA);
354
    }
355
 
356
    return result;
23 ixe013 357
}
2 ixe013 358
 
359
 
23 ixe013 360
VOID WINAPI WlxDisplaySASNotice(PVOID pWlxContext)
361
{
91 ixe013 362
    pfWlxDisplaySASNotice(GetHookedContext(pWlxContext));
23 ixe013 363
}
2 ixe013 364
 
365
 
23 ixe013 366
int WINAPI WlxLoggedOutSAS(PVOID pWlxContext, DWORD dwSasType, PLUID pAuthenticationId, PSID pLogonSid, PDWORD pdwOptions, PHANDLE phToken, PWLX_MPR_NOTIFY_INFO pMprNotifyInfo, PVOID * pProfile)
367
{
91 ixe013 368
    int result;
40 ixe013 369
 
91 ixe013 370
    TRACE(L"Logon attemp ");
40 ixe013 371
 
91 ixe013 372
    result =  pfWlxLoggedOutSAS(GetHookedContext(pWlxContext), dwSasType, pAuthenticationId, pLogonSid, pdwOptions, phToken, pMprNotifyInfo, pProfile);
373
 
374
    if (result == WLX_SAS_ACTION_LOGON)
375
    {
376
        TRACEMORE(L"succeeded.\n");
377
 
378
        DuplicateToken(*phToken, SecurityIdentification, &(((MyGinaContext*)pWlxContext)->mCurrentUser));
379
    }
380
    else
381
        TRACEMORE(L"failed or cancelled.\n");
382
 
383
    return result;
2 ixe013 384
}
385
 
386
 
387
BOOL WINAPI WlxActivateUserShell(PVOID pWlxContext, PWSTR pszDesktopName, PWSTR pszMprLogonScript, PVOID pEnvironment)
388
{
91 ixe013 389
    return pfWlxActivateUserShell(GetHookedContext(pWlxContext), pszDesktopName, pszMprLogonScript, pEnvironment);
2 ixe013 390
}
391
 
392
 
393
int WINAPI WlxLoggedOnSAS(PVOID pWlxContext, DWORD dwSasType, PVOID pReserved)
394
{
91 ixe013 395
    int result;
396
 
397
    TRACE(L"Logged on SAS, type %d\n", dwSasType);
398
 
399
    result = pfWlxLoggedOnSAS(GetHookedContext(pWlxContext), dwSasType, pReserved);
400
 
401
    TRACE(L"Going back to windows.\n");
402
 
403
 
404
    return result;
2 ixe013 405
}
406
 
407
 
408
VOID WINAPI WlxDisplayLockedNotice(PVOID pWlxContext)
409
{
91 ixe013 410
    pfWlxDisplayLockedNotice(GetHookedContext(pWlxContext));
2 ixe013 411
}
412
 
413
 
414
BOOL WINAPI WlxIsLockOk(PVOID pWlxContext)
415
{
91 ixe013 416
    return pfWlxIsLockOk(GetHookedContext(pWlxContext));
2 ixe013 417
}
418
 
419
 
420
int WINAPI WlxWkstaLockedSAS(PVOID pWlxContext, DWORD dwSasType)
421
{
91 ixe013 422
    int result;
40 ixe013 423
 
91 ixe013 424
    result = pfWlxWkstaLockedSAS(GetHookedContext(pWlxContext), dwSasType);
40 ixe013 425
 
91 ixe013 426
    if (result == WLX_SAS_ACTION_LOGOFF)
427
    {
428
        TRACE(L"Proceding with a force logoff (comming from AUCUN).\n");
40 ixe013 429
 
91 ixe013 430
        result = WLX_SAS_ACTION_FORCE_LOGOFF;
431
    }
432
 
433
    return result;
2 ixe013 434
}
435
 
436
 
437
BOOL WINAPI WlxIsLogoffOk(PVOID pWlxContext)
438
{
91 ixe013 439
    return pfWlxIsLogoffOk(GetHookedContext(pWlxContext));
2 ixe013 440
}
441
 
442
 
443
VOID WINAPI WlxLogoff(PVOID pWlxContext)
444
{
91 ixe013 445
    pfWlxLogoff(GetHookedContext(pWlxContext));
40 ixe013 446
 
91 ixe013 447
    TRACE(L"User logged off.\n");
448
    CloseHandle(((MyGinaContext*)pWlxContext)->mCurrentUser);
449
    ((MyGinaContext*)pWlxContext)->mCurrentUser = 0;
2 ixe013 450
}
451
 
452
 
453
VOID WINAPI WlxShutdown(PVOID pWlxContext, DWORD ShutdownType)
454
{
91 ixe013 455
    pfWlxShutdown(GetHookedContext(pWlxContext), ShutdownType);
456
    LsaDeregisterLogonProcess(((MyGinaContext*)pWlxContext)->mLSA);
457
    FreeLibrary(hDll);
2 ixe013 458
}
459
 
460
 
461
//
462
// New for version 1.1
463
//
464
BOOL WINAPI WlxScreenSaverNotify(PVOID  pWlxContext, BOOL * pSecure)
465
{
91 ixe013 466
    TRACE(L"Screen saver notification.\n");
467
    return pfWlxScreenSaverNotify(GetHookedContext(pWlxContext), pSecure);
2 ixe013 468
}
469
 
470
BOOL WINAPI WlxStartApplication(PVOID pWlxContext, PWSTR pszDesktopName, PVOID pEnvironment, PWSTR pszCmdLine)
471
{
91 ixe013 472
    return pfWlxStartApplication(GetHookedContext(pWlxContext), pszDesktopName, pEnvironment, pszCmdLine);
2 ixe013 473
}
474
 
475
 
476
//
477
// New for version 1.3
478
//
479
 
480
BOOL WINAPI WlxNetworkProviderLoad(PVOID pWlxContext, PWLX_MPR_NOTIFY_INFO pNprNotifyInfo)
481
{
91 ixe013 482
    return pfWlxNetworkProviderLoad(GetHookedContext(pWlxContext), pNprNotifyInfo);
2 ixe013 483
}
484
 
485
 
486
BOOL WINAPI WlxDisplayStatusMessage(PVOID pWlxContext, HDESK hDesktop, DWORD dwOptions, PWSTR pTitle, PWSTR pMessage)
487
{
91 ixe013 488
    return pfWlxDisplayStatusMessage(GetHookedContext(pWlxContext), hDesktop, dwOptions, pTitle, pMessage);
2 ixe013 489
}
490
 
491
 
492
BOOL WINAPI WlxGetStatusMessage(PVOID pWlxContext, DWORD * pdwOptions, PWSTR pMessage, DWORD dwBufferSize)
493
{
91 ixe013 494
    return pfWlxGetStatusMessage(GetHookedContext(pWlxContext), pdwOptions, pMessage, dwBufferSize);
2 ixe013 495
}
496
 
497
 
498
BOOL WINAPI WlxRemoveStatusMessage(PVOID pWlxContext)
499
{
91 ixe013 500
    return pfWlxRemoveStatusMessage(GetHookedContext(pWlxContext));
2 ixe013 501
}
502
 
503
 
504
//
505
// New for 1.4
506
//
23 ixe013 507
BOOL WINAPI WlxGetConsoleSwitchCredentials(PVOID pWlxContext, PVOID pCredInfo)
2 ixe013 508
{
91 ixe013 509
    return pfWlxGetConsoleSwitchCredentials(GetHookedContext(pWlxContext), pCredInfo);
2 ixe013 510
}
511
 
23 ixe013 512
VOID WINAPI WlxReconnectNotify(PVOID pWlxContext)
2 ixe013 513
{
91 ixe013 514
    pfWlxReconnectNotify(GetHookedContext(pWlxContext));
2 ixe013 515
}
516
 
23 ixe013 517
VOID WINAPI WlxDisconnectNotify(PVOID pWlxContext)
2 ixe013 518
{
91 ixe013 519
    pfWlxDisconnectNotify(GetHookedContext(pWlxContext));
2 ixe013 520
}