ReactOS  0.4.15-dev-4853-g3a72a52
Classes | Macros | Typedefs | Enumerations | Functions | Variables
winlogon.h File Reference
#include <stdarg.h>
#include <windef.h>
#include <winbase.h>
#include <wingdi.h>
#include <winuser.h>
#include <winreg.h>
#include <winwlx.h>
#include <ndk/rtlfuncs.h>
#include <ndk/exfuncs.h>
#include <strsafe.h>
#include <reactos/undocuser.h>
#include <reactos/undocmpr.h>
#include <wine/debug.h>
#include "resource.h"
Include dependency graph for winlogon.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  _GINAFUNCTIONS
 
struct  _GINAINSTANCE
 
struct  _WLSESSION
 

Macros

#define USE_GETLASTINPUTINFO
 
#define WIN32_NO_STATUS
 
#define LockWorkstation(Session)
 
#define UnlockWorkstation(Session)
 
#define WLX_SHUTTINGDOWN(Status)
 
#define WLX_SUSPENDING(Status)
 

Typedefs

typedef BOOL(WINAPIPFWLXNEGOTIATE) (DWORD, DWORD *)
 
typedef BOOL(WINAPIPFWLXINITIALIZE) (LPWSTR, HANDLE, PVOID, PVOID, PVOID *)
 
typedef VOID(WINAPIPFWLXDISPLAYSASNOTICE) (PVOID)
 
typedef int(WINAPIPFWLXLOGGEDOUTSAS) (PVOID, DWORD, PLUID, PSID, PDWORD, PHANDLE, PWLX_MPR_NOTIFY_INFO, PVOID *)
 
typedef BOOL(WINAPIPFWLXACTIVATEUSERSHELL) (PVOID, PWSTR, PWSTR, PVOID)
 
typedef int(WINAPIPFWLXLOGGEDONSAS) (PVOID, DWORD, PVOID)
 
typedef VOID(WINAPIPFWLXDISPLAYLOCKEDNOTICE) (PVOID)
 
typedef int(WINAPIPFWLXWKSTALOCKEDSAS) (PVOID, DWORD)
 
typedef BOOL(WINAPIPFWLXISLOCKOK) (PVOID)
 
typedef BOOL(WINAPIPFWLXISLOGOFFOK) (PVOID)
 
typedef VOID(WINAPIPFWLXLOGOFF) (PVOID)
 
typedef VOID(WINAPIPFWLXSHUTDOWN) (PVOID, DWORD)
 
typedef BOOL(WINAPIPFWLXSCREENSAVERNOTIFY) (PVOID, BOOL *)
 
typedef BOOL(WINAPIPFWLXSTARTAPPLICATION) (PVOID, PWSTR, PVOID, PWSTR)
 
typedef BOOL(WINAPIPFWLXNETWORKPROVIDERLOAD) (PVOID, PWLX_MPR_NOTIFY_INFO)
 
typedef BOOL(WINAPIPFWLXDISPLAYSTATUSMESSAGE) (PVOID, HDESK, DWORD, PWSTR, PWSTR)
 
typedef BOOL(WINAPIPFWLXGETSTATUSMESSAGE) (PVOID, DWORD *, PWSTR, DWORD)
 
typedef BOOL(WINAPIPFWLXREMOVESTATUSMESSAGE) (PVOID)
 
typedef struct _GINAFUNCTIONS GINAFUNCTIONS
 
typedef struct _GINAFUNCTIONSPGINAFUNCTIONS
 
typedef struct _GINAINSTANCE GINAINSTANCE
 
typedef struct _GINAINSTANCEPGINAINSTANCE
 
typedef enum _LOGON_STATE LOGON_STATE
 
typedef enum _LOGON_STATEPLOGON_STATE
 
typedef struct _WLSESSION WLSESSION
 
typedef struct _WLSESSIONPWLSESSION
 
typedef enum _NOTIFICATION_TYPE NOTIFICATION_TYPE
 
typedef enum _NOTIFICATION_TYPEPNOTIFICATION_TYPE
 

Enumerations

enum  _LOGON_STATE {
  STATE_INIT, STATE_LOGGED_OFF, STATE_LOGGED_OFF_SAS, STATE_LOGGED_ON,
  STATE_LOGGED_ON_SAS, STATE_LOCKED, STATE_LOCKED_SAS, STATE_LOGGING_OFF,
  STATE_SHUTTING_DOWN, STATE_SHUT_DOWN, STATE_SCREENSAVER
}
 
enum  _NOTIFICATION_TYPE {
  LogonHandler, LogoffHandler, LockHandler, UnlockHandler,
  StartupHandler, ShutdownHandler, StartScreenSaverHandler, StopScreenSaverHandler,
  DisconnectHandler, ReconnectHandler, StartShellHandler, PostShellHandler,
  LastHandler
}
 

Functions

BOOL WINAPI SetWindowStationUser (IN HWINSTA hWindowStation, IN PLUID pluid, IN PSID psid OPTIONAL, IN DWORD size)
 
 WINE_DEFAULT_DEBUG_CHANNEL (winlogon)
 
BOOL CreateUserEnvironment (IN PWLSESSION Session)
 
BOOL InitNotifications (VOID)
 
VOID CleanupNotifications (VOID)
 
VOID CallNotificationDlls (PWLSESSION pSession, NOTIFICATION_TYPE Type)
 
BOOL StartRpcServer (VOID)
 
BOOL SetDefaultLanguage (IN PWLSESSION Session)
 
NTSTATUS HandleShutdown (IN OUT PWLSESSION Session, IN DWORD wlxAction)
 
BOOL InitializeSAS (IN OUT PWLSESSION Session)
 
BOOL InitializeScreenSaver (IN OUT PWLSESSION Session)
 
VOID StartScreenSaver (IN PWLSESSION Session)
 
PSECURITY_DESCRIPTOR ConvertToSelfRelative (_In_ PSECURITY_DESCRIPTOR AbsoluteSd)
 Converts an absolute security descriptor to a self-relative format. More...
 
BOOL CreateWinstaSecurity (_Out_ PSECURITY_DESCRIPTOR *WinstaSd)
 Creates a security descriptor for the default window station upon its creation. More...
 
BOOL CreateApplicationDesktopSecurity (_Out_ PSECURITY_DESCRIPTOR *ApplicationDesktopSd)
 Creates a security descriptor for the default application desktop upon its creation. More...
 
BOOL CreateWinlogonDesktopSecurity (_Out_ PSECURITY_DESCRIPTOR *WinlogonDesktopSd)
 Creates a security descriptor for the default Winlogon desktop. This descriptor serves as a security measure for the winlogon desktop so that only Winlogon itself (and admins) can interact with it. More...
 
BOOL CreateScreenSaverSecurity (_Out_ PSECURITY_DESCRIPTOR *ScreenSaverDesktopSd)
 Creates a security descriptor for the screen saver desktop. More...
 
BOOL AllowWinstaAccessToUser (_In_ HWINSTA WinSta, _In_ PSID LogonSid)
 Assigns access to the specific logon user to the default window station. Such access is given to the user when it has logged in. More...
 
BOOL AllowDesktopAccessToUser (_In_ HDESK Desktop, _In_ PSID LogonSid)
 Assigns access to the specific logon user to the default desktop. Such access is given to the user when it has logged in. More...
 
BOOL AllowAccessOnSession (_In_ PWLSESSION Session)
 Assigns both window station and desktop access to the specific session currently active on the system. More...
 
DWORD GetSetupType (VOID)
 
BOOL RunSetup (VOID)
 
DWORD TerminateSystemShutdown (VOID)
 
DWORD StartSystemShutdown (IN PUNICODE_STRING pMessage, IN ULONG dwTimeout, IN BOOLEAN bForceAppsClosed, IN BOOLEAN bRebootAfterShutdown, IN ULONG dwReason)
 
BOOL PlaySoundRoutine (IN LPCWSTR FileName, IN UINT Logon, IN UINT Flags)
 
BOOL DisplayStatusMessage (IN PWLSESSION Session, IN HDESK hDesktop, IN UINT ResourceId)
 
BOOL RemoveStatusMessage (IN PWLSESSION Session)
 
VOID InitDialogListHead (VOID)
 
VOID CloseAllDialogWindows (VOID)
 
BOOL GinaInit (IN OUT PWLSESSION Session)
 
BOOL CreateWindowStationAndDesktops (_Inout_ PWLSESSION Session)
 
VOID WINAPI WlxUseCtrlAltDel (HANDLE hWlx)
 
VOID WINAPI WlxSetContextPointer (HANDLE hWlx, PVOID pWlxContext)
 
VOID WINAPI WlxSasNotify (HANDLE hWlx, DWORD dwSasType)
 
BOOL WINAPI WlxSetTimeout (HANDLE hWlx, DWORD Timeout)
 
int WINAPI WlxAssignShellProtection (HANDLE hWlx, HANDLE hToken, HANDLE hProcess, HANDLE hThread)
 
int WINAPI WlxMessageBox (HANDLE hWlx, HWND hwndOwner, LPWSTR lpszText, LPWSTR lpszTitle, UINT fuStyle)
 
int WINAPI WlxDialogBox (HANDLE hWlx, HANDLE hInst, LPWSTR lpszTemplate, HWND hwndOwner, DLGPROC dlgprc)
 
int WINAPI WlxDialogBoxParam (HANDLE hWlx, HANDLE hInst, LPWSTR lpszTemplate, HWND hwndOwner, DLGPROC dlgprc, LPARAM dwInitParam)
 
int WINAPI WlxDialogBoxIndirect (HANDLE hWlx, HANDLE hInst, LPCDLGTEMPLATE hDialogTemplate, HWND hwndOwner, DLGPROC dlgprc)
 
int WINAPI WlxDialogBoxIndirectParam (HANDLE hWlx, HANDLE hInst, LPCDLGTEMPLATE hDialogTemplate, HWND hwndOwner, DLGPROC dlgprc, LPARAM dwInitParam)
 
int WINAPI WlxSwitchDesktopToUser (HANDLE hWlx)
 
int WINAPI WlxSwitchDesktopToWinlogon (HANDLE hWlx)
 
int WINAPI WlxChangePasswordNotify (HANDLE hWlx, PWLX_MPR_NOTIFY_INFO pMprInfo, DWORD dwChangeInfo)
 
BOOL WINAPI WlxGetSourceDesktop (HANDLE hWlx, PWLX_DESKTOP *ppDesktop)
 
BOOL WINAPI WlxSetReturnDesktop (HANDLE hWlx, PWLX_DESKTOP pDesktop)
 
BOOL WINAPI WlxCreateUserDesktop (HANDLE hWlx, HANDLE hToken, DWORD Flags, PWSTR pszDesktopName, PWLX_DESKTOP *ppDesktop)
 
int WINAPI WlxChangePasswordNotifyEx (HANDLE hWlx, PWLX_MPR_NOTIFY_INFO pMprInfo, DWORD dwChangeInfo, PWSTR ProviderName, PVOID Reserved)
 
BOOL WINAPI WlxCloseUserDesktop (HANDLE hWlx, PWLX_DESKTOP pDesktop, HANDLE hToken)
 
BOOL WINAPI WlxSetOption (HANDLE hWlx, DWORD Option, ULONG_PTR Value, ULONG_PTR *OldValue)
 
BOOL WINAPI WlxGetOption (HANDLE hWlx, DWORD Option, ULONG_PTR *Value)
 
VOID WINAPI WlxWin31Migrate (HANDLE hWlx)
 
BOOL WINAPI WlxQueryClientCredentials (PWLX_CLIENT_CREDENTIALS_INFO_V1_0 pCred)
 
BOOL WINAPI WlxQueryInetConnectorCredentials (PWLX_CLIENT_CREDENTIALS_INFO_V1_0 pCred)
 
DWORD WINAPI WlxQueryConsoleSwitchCredentials (PWLX_CONSOLESWITCH_CREDENTIALS_INFO_V1_0 pCred)
 
BOOL WINAPI WlxQueryTsLogonCredentials (PWLX_CLIENT_CREDENTIALS_INFO_V2_0 pCred)
 
BOOL WINAPI WlxDisconnect (VOID)
 
DWORD WINAPI WlxQueryTerminalServicesData (HANDLE hWlx, PWLX_TERMINAL_SERVICES_DATA pTSData, WCHAR *UserName, WCHAR *Domain)
 

Variables

HINSTANCE hAppInstance
 
PWLSESSION WLSession
 
LUID LuidNone
 

Macro Definition Documentation

◆ LockWorkstation

#define LockWorkstation (   Session)

Definition at line 211 of file winlogon.h.

◆ UnlockWorkstation

#define UnlockWorkstation (   Session)

Definition at line 212 of file winlogon.h.

◆ USE_GETLASTINPUTINFO

#define USE_GETLASTINPUTINFO

Definition at line 31 of file winlogon.h.

◆ WIN32_NO_STATUS

#define WIN32_NO_STATUS

Definition at line 33 of file winlogon.h.

◆ WLX_SHUTTINGDOWN

#define WLX_SHUTTINGDOWN (   Status)
Value:
(((Status) == WLX_SAS_ACTION_SHUTDOWN) || \
((Status) == WLX_SAS_ACTION_SHUTDOWN_POWER_OFF) || \
((Status) == WLX_SAS_ACTION_SHUTDOWN_REBOOT) \
)
WLX_SAS_ACTION_SHUTDOWN
#define WLX_SAS_ACTION_SHUTDOWN
Definition: winwlx.h:57
Status
Status
Definition: gdiplustypes.h:24
WLX_SAS_ACTION_SHUTDOWN_POWER_OFF
#define WLX_SAS_ACTION_SHUTDOWN_POWER_OFF
Definition: winwlx.h:62
WLX_SAS_ACTION_SHUTDOWN_REBOOT
#define WLX_SAS_ACTION_SHUTDOWN_REBOOT
Definition: winwlx.h:63

Definition at line 271 of file winlogon.h.

◆ WLX_SUSPENDING

#define WLX_SUSPENDING (   Status)
Value:
(((Status) == WLX_SAS_ACTION_SHUTDOWN_SLEEP) || \
((Status) == WLX_SAS_ACTION_SHUTDOWN_SLEEP2) || \
((Status) == WLX_SAS_ACTION_SHUTDOWN_HIBERNATE) \
)
WLX_SAS_ACTION_SHUTDOWN_HIBERNATE
#define WLX_SAS_ACTION_SHUTDOWN_HIBERNATE
Definition: winwlx.h:66
WLX_SAS_ACTION_SHUTDOWN_SLEEP2
#define WLX_SAS_ACTION_SHUTDOWN_SLEEP2
Definition: winwlx.h:65
Status
Status
Definition: gdiplustypes.h:24
WLX_SAS_ACTION_SHUTDOWN_SLEEP
#define WLX_SAS_ACTION_SHUTDOWN_SLEEP
Definition: winwlx.h:64

Definition at line 277 of file winlogon.h.

Typedef Documentation

◆ GINAFUNCTIONS

typedef struct _GINAFUNCTIONS GINAFUNCTIONS

◆ GINAINSTANCE

typedef struct _GINAINSTANCE GINAINSTANCE

◆ LOGON_STATE

typedef enum _LOGON_STATE LOGON_STATE

◆ NOTIFICATION_TYPE

typedef enum _NOTIFICATION_TYPE NOTIFICATION_TYPE

◆ PFWLXACTIVATEUSERSHELL

typedef BOOL(WINAPI * PFWLXACTIVATEUSERSHELL) (PVOID, PWSTR, PWSTR, PVOID)

Definition at line 66 of file winlogon.h.

◆ PFWLXDISPLAYLOCKEDNOTICE

typedef VOID(WINAPI * PFWLXDISPLAYLOCKEDNOTICE) (PVOID)

Definition at line 68 of file winlogon.h.

◆ PFWLXDISPLAYSASNOTICE

typedef VOID(WINAPI * PFWLXDISPLAYSASNOTICE) (PVOID)

Definition at line 62 of file winlogon.h.

◆ PFWLXDISPLAYSTATUSMESSAGE

typedef BOOL(WINAPI * PFWLXDISPLAYSTATUSMESSAGE) (PVOID, HDESK, DWORD, PWSTR, PWSTR)

Definition at line 83 of file winlogon.h.

◆ PFWLXGETSTATUSMESSAGE

typedef BOOL(WINAPI * PFWLXGETSTATUSMESSAGE) (PVOID, DWORD *, PWSTR, DWORD)

Definition at line 84 of file winlogon.h.

◆ PFWLXINITIALIZE

typedef BOOL(WINAPI * PFWLXINITIALIZE) (LPWSTR, HANDLE, PVOID, PVOID, PVOID *)

Definition at line 61 of file winlogon.h.

◆ PFWLXISLOCKOK

typedef BOOL(WINAPI * PFWLXISLOCKOK) (PVOID)

Definition at line 70 of file winlogon.h.

◆ PFWLXISLOGOFFOK

typedef BOOL(WINAPI * PFWLXISLOGOFFOK) (PVOID)

Definition at line 71 of file winlogon.h.

◆ PFWLXLOGGEDONSAS

typedef int(WINAPI * PFWLXLOGGEDONSAS) (PVOID, DWORD, PVOID)

Definition at line 67 of file winlogon.h.

◆ PFWLXLOGGEDOUTSAS

typedef int(WINAPI * PFWLXLOGGEDOUTSAS) (PVOID, DWORD, PLUID, PSID, PDWORD, PHANDLE, PWLX_MPR_NOTIFY_INFO, PVOID *)

Definition at line 63 of file winlogon.h.

◆ PFWLXLOGOFF

typedef VOID(WINAPI * PFWLXLOGOFF) (PVOID)

Definition at line 72 of file winlogon.h.

◆ PFWLXNEGOTIATE

typedef BOOL(WINAPI * PFWLXNEGOTIATE) (DWORD, DWORD *)

Definition at line 60 of file winlogon.h.

◆ PFWLXNETWORKPROVIDERLOAD

typedef BOOL(WINAPI * PFWLXNETWORKPROVIDERLOAD) (PVOID, PWLX_MPR_NOTIFY_INFO)

Definition at line 82 of file winlogon.h.

◆ PFWLXREMOVESTATUSMESSAGE

typedef BOOL(WINAPI * PFWLXREMOVESTATUSMESSAGE) (PVOID)

Definition at line 85 of file winlogon.h.

◆ PFWLXSCREENSAVERNOTIFY

typedef BOOL(WINAPI * PFWLXSCREENSAVERNOTIFY) (PVOID, BOOL *)

Definition at line 77 of file winlogon.h.

◆ PFWLXSHUTDOWN

typedef VOID(WINAPI * PFWLXSHUTDOWN) (PVOID, DWORD)

Definition at line 73 of file winlogon.h.

◆ PFWLXSTARTAPPLICATION

typedef BOOL(WINAPI * PFWLXSTARTAPPLICATION) (PVOID, PWSTR, PVOID, PWSTR)

Definition at line 78 of file winlogon.h.

◆ PFWLXWKSTALOCKEDSAS

typedef int(WINAPI * PFWLXWKSTALOCKEDSAS) (PVOID, DWORD)

Definition at line 69 of file winlogon.h.

◆ PGINAFUNCTIONS

typedef struct _GINAFUNCTIONS * PGINAFUNCTIONS

◆ PGINAINSTANCE

typedef struct _GINAINSTANCE * PGINAINSTANCE

◆ PLOGON_STATE

typedef enum _LOGON_STATE * PLOGON_STATE

◆ PNOTIFICATION_TYPE

typedef enum _NOTIFICATION_TYPE * PNOTIFICATION_TYPE

◆ PWLSESSION

typedef struct _WLSESSION * PWLSESSION

◆ WLSESSION

typedef struct _WLSESSION WLSESSION

Enumeration Type Documentation

◆ _LOGON_STATE

enum _LOGON_STATE
Enumerator
STATE_INIT 
STATE_LOGGED_OFF 
STATE_LOGGED_OFF_SAS 
STATE_LOGGED_ON 
STATE_LOGGED_ON_SAS 
STATE_LOCKED 
STATE_LOCKED_SAS 
STATE_LOGGING_OFF 
STATE_SHUTTING_DOWN 
STATE_SHUT_DOWN 
STATE_SCREENSAVER 

Definition at line 196 of file winlogon.h.

197 {
198  STATE_INIT,
199  STATE_LOGGED_OFF,
200  STATE_LOGGED_OFF_SAS,
201  STATE_LOGGED_ON,
202  STATE_LOGGED_ON_SAS,
203  STATE_LOCKED,
204  STATE_LOCKED_SAS,
205  STATE_LOGGING_OFF, // not used yet
206  STATE_SHUTTING_DOWN, // not used yet
207  STATE_SHUT_DOWN, // not used yet
208  STATE_SCREENSAVER // not used yet
209 } LOGON_STATE, *PLOGON_STATE;
LOGON_STATE
enum _LOGON_STATE LOGON_STATE
PLOGON_STATE
enum _LOGON_STATE * PLOGON_STATE

◆ _NOTIFICATION_TYPE

enum _NOTIFICATION_TYPE
Enumerator
LogonHandler 
LogoffHandler 
LockHandler 
UnlockHandler 
StartupHandler 
ShutdownHandler 
StartScreenSaverHandler 
StopScreenSaverHandler 
DisconnectHandler 
ReconnectHandler 
StartShellHandler 
PostShellHandler 
LastHandler 

Definition at line 251 of file winlogon.h.

252 {
253  LogonHandler,
254  LogoffHandler,
255  LockHandler,
256  UnlockHandler,
257  StartupHandler,
258  ShutdownHandler,
259  StartScreenSaverHandler,
260  StopScreenSaverHandler,
261  DisconnectHandler,
262  ReconnectHandler,
263  StartShellHandler,
264  PostShellHandler,
265  LastHandler
266 } NOTIFICATION_TYPE, *PNOTIFICATION_TYPE;
NOTIFICATION_TYPE
enum _NOTIFICATION_TYPE NOTIFICATION_TYPE
PNOTIFICATION_TYPE
enum _NOTIFICATION_TYPE * PNOTIFICATION_TYPE

Function Documentation

◆ AllowAccessOnSession()

BOOL AllowAccessOnSession ( _In_ PWLSESSION  Session)

Assigns both window station and desktop access to the specific session currently active on the system.

Parameters
[in]SessionA pointer to an active session.
Returns
Returns TRUE if the function has successfully assigned access to the current session, FALSE otherwise.

Definition at line 1391 of file security.c.

1393 {
1394  BOOL Success = FALSE;
1395  DWORD Index, SidLength, GroupsLength = 0;
1396  PTOKEN_GROUPS TokenGroup = NULL;
1397  PSID LogonSid;
1398 
1399  /* Get required buffer size and allocate the TOKEN_GROUPS buffer */
1400  if (!GetTokenInformation(Session->UserToken,
1401  TokenGroups,
1402  TokenGroup,
1403  0,
1404  &GroupsLength))
1405  {
1406  if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
1407  {
1408  ERR("AllowAccessOnSession(): Unexpected error code returned, must be ERROR_INSUFFICIENT_BUFFER (error code %lu)\n", GetLastError());
1409  return FALSE;
1410  }
1411 
1412  TokenGroup = RtlAllocateHeap(RtlGetProcessHeap(), HEAP_ZERO_MEMORY, GroupsLength);
1413  if (TokenGroup == NULL)
1414  {
1415  ERR("AllowAccessOnSession(): Failed to allocate memory buffer for token group!\n");
1416  return FALSE;
1417  }
1418  }
1419 
1420  /* Get the token group information from the access token */
1421  if (!GetTokenInformation(Session->UserToken,
1422  TokenGroups,
1423  TokenGroup,
1424  GroupsLength,
1425  &GroupsLength))
1426  {
1427  ERR("AllowAccessOnSession(): Failed to retrieve the token group information (error code %lu)\n", GetLastError());
1428  goto Quit;
1429  }
1430 
1431  /* Loop through the groups to find the logon SID */
1432  for (Index = 0; Index < TokenGroup->GroupCount; Index++)
1433  {
1434  if ((TokenGroup->Groups[Index].Attributes & SE_GROUP_LOGON_ID)
1435  == SE_GROUP_LOGON_ID)
1436  {
1437  LogonSid = TokenGroup->Groups[Index].Sid;
1438  break;
1439  }
1440  }
1441 
1442  /* Allow window station access to this user within this session */
1443  if (!AllowWinstaAccessToUser(Session->InteractiveWindowStation, LogonSid))
1444  {
1445  ERR("AllowAccessOnSession(): Failed to allow winsta access to the logon user!\n");
1446  goto Quit;
1447  }
1448 
1449  /* Allow application desktop access to this user within this session */
1450  if (!AllowDesktopAccessToUser(Session->ApplicationDesktop, LogonSid))
1451  {
1452  ERR("AllowAccessOnSession(): Failed to allow application desktop access to the logon user!\n");
1453  goto Quit;
1454  }
1455 
1456  /* Get the length of this logon SID */
1457  SidLength = GetLengthSid(LogonSid);
1458 
1459  /* Assign the window station to this logged in user */
1460  if (!SetWindowStationUser(Session->InteractiveWindowStation,
1461  &Session->LogonId,
1462  LogonSid,
1463  SidLength))
1464  {
1465  ERR("AllowAccessOnSession(): Failed to assign the window station to the logon user!\n");
1466  goto Quit;
1467  }
1468 
1469  Success = TRUE;
1470 
1471 Quit:
1472  if (TokenGroup != NULL)
1473  {
1474  RtlFreeHeap(RtlGetProcessHeap(), 0, TokenGroup);
1475  }
1476 
1477  return Success;
1478 }
SetWindowStationUser
BOOL WINAPI SetWindowStationUser(IN HWINSTA hWindowStation, IN PLUID pluid, IN PSID psid OPTIONAL, IN DWORD size)
Definition: winsta.c:419
_SID_AND_ATTRIBUTES::Sid
PSID Sid
Definition: setypes.h:506
_TOKEN_GROUPS
Definition: setypes.h:1009
_SID
Definition: ms-dtyp.idl:198
TRUE
#define TRUE
Definition: types.h:120
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
AllowDesktopAccessToUser
BOOL AllowDesktopAccessToUser(_In_ HDESK Desktop, _In_ PSID LogonSid)
Assigns access to the specific logon user to the default desktop. Such access is given to the user wh...
Definition: security.c:1165
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
Index
_In_ WDFCOLLECTION _In_ ULONG Index
Definition: wdfcollection.h:179
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
SE_GROUP_LOGON_ID
#define SE_GROUP_LOGON_ID
Definition: setypes.h:98
ERR
#define ERR(fmt,...)
Definition: debug.h:110
_SID_AND_ATTRIBUTES::Attributes
$ULONG Attributes
Definition: setypes.h:508
_TOKEN_GROUPS::Groups
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
Definition: setypes.h:1014
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
_TOKEN_GROUPS::GroupCount
$ULONG GroupCount
Definition: setypes.h:1010
GetTokenInformation
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
Definition: security.c:413
AllowWinstaAccessToUser
BOOL AllowWinstaAccessToUser(_In_ HWINSTA WinSta, _In_ PSID LogonSid)
Assigns access to the specific logon user to the default window station. Such access is given to the ...
Definition: security.c:874
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10

Referenced by HandleLogon().

◆ AllowDesktopAccessToUser()

BOOL AllowDesktopAccessToUser ( _In_ HDESK  Desktop,
_In_ PSID  LogonSid 
)

Assigns access to the specific logon user to the default desktop. Such access is given to the user when it has logged in.

Parameters
[in]DesktopA handle to a desktop where the user is given access to it.
[in]LogonSidA pointer to a logon SID that represents the logged in user in question.
Returns
Returns TRUE if the function has successfully assigned access to the user, FALSE otherwise.

Definition at line 1165 of file security.c.

1168 {
1169  BOOL Success = FALSE;
1170  SECURITY_DESCRIPTOR AbsoluteSd;
1171  PSECURITY_DESCRIPTOR RelativeSd = NULL;
1172  PSID WinlogonSid = NULL, AdminsSid = NULL, InteractiveSid = NULL, NetworkServiceSid = NULL; /* NetworkServiceSid is a HACK, see the comment in CreateWinstaSecurity for information */
1173  SECURITY_INFORMATION SecurityInformation;
1174  DWORD DaclSize;
1175  PACL Dacl;
1176 
1177  /* Create the Winlogon SID */
1178  if (!AllocateAndInitializeSid(&NtAuthority,
1179  1,
1180  SECURITY_LOCAL_SYSTEM_RID,
1181  0, 0, 0, 0, 0, 0, 0,
1182  &WinlogonSid))
1183  {
1184  ERR("AllowDesktopAccessToUser(): Failed to create the Winlogon SID (error code %lu)\n", GetLastError());
1185  return FALSE;
1186  }
1187 
1188  /* Create the admins SID */
1189  if (!AllocateAndInitializeSid(&NtAuthority,
1190  2,
1191  SECURITY_BUILTIN_DOMAIN_RID,
1192  DOMAIN_ALIAS_RID_ADMINS,
1193  0, 0, 0, 0, 0, 0,
1194  &AdminsSid))
1195  {
1196  ERR("AllowDesktopAccessToUser(): Failed to create the admins SID (error code %lu)\n", GetLastError());
1197  goto Quit;
1198  }
1199 
1200  /* Create the interactive logon SID */
1201  if (!AllocateAndInitializeSid(&NtAuthority,
1202  1,
1203  SECURITY_INTERACTIVE_RID,
1204  0, 0, 0, 0, 0, 0, 0,
1205  &InteractiveSid))
1206  {
1207  ERR("AllowDesktopAccessToUser(): Failed to create the interactive SID (error code %lu)\n", GetLastError());
1208  goto Quit;
1209  }
1210 
1211  /* HACK: Create the network service SID */
1212  if (!AllocateAndInitializeSid(&NtAuthority,
1213  1,
1214  SECURITY_NETWORK_SERVICE_RID,
1215  0, 0, 0, 0, 0, 0, 0,
1216  &NetworkServiceSid))
1217  {
1218  ERR("AllowDesktopAccessToUser(): Failed to create the network service SID (error code %lu)\n", GetLastError());
1219  goto Quit;
1220  }
1221 
1222  /*
1223  * Build up the DACL size. This includes a number
1224  * of four ACEs of four different SIDs. The first ACE
1225  * gives full desktop access to Winlogon, the second one gives
1226  * generic limited desktop access to admins. The last two give
1227  * full power to both interactive logon users and logon user as
1228  * well.
1229  */
1230  DaclSize = sizeof(ACL) +
1231  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
1232  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid) +
1233  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(InteractiveSid) +
1234  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(LogonSid) +
1235  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(NetworkServiceSid); /* HACK */
1236 
1237  /* Allocate the DACL now */
1238  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
1239  HEAP_ZERO_MEMORY,
1240  DaclSize);
1241  if (Dacl == NULL)
1242  {
1243  ERR("AllowDesktopAccessToUser(): Failed to allocate memory buffer for DACL!\n");
1244  goto Quit;
1245  }
1246 
1247  /* Initialize it */
1248  if (!InitializeAcl(Dacl, DaclSize, ACL_REVISION))
1249  {
1250  ERR("AllowDesktopAccessToUser(): Failed to initialize DACL (error code %lu)\n", GetLastError());
1251  goto Quit;
1252  }
1253 
1254  /* First ACE -- Give full desktop access to Winlogon */
1255  if (!AddAccessAllowedAceEx(Dacl,
1256  ACL_REVISION,
1257  0,
1258  DESKTOP_ALL,
1259  WinlogonSid))
1260  {
1261  ERR("AllowDesktopAccessToUser(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
1262  goto Quit;
1263  }
1264 
1265  /* Second ACE -- Give limited desktop access to admins */
1266  if (!AddAccessAllowedAceEx(Dacl,
1267  ACL_REVISION,
1268  0,
1269  DESKTOP_ADMINS_LIMITED,
1270  AdminsSid))
1271  {
1272  ERR("AllowDesktopAccessToUser(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
1273  goto Quit;
1274  }
1275 
1276  /* Third ACE -- Give full desktop access to interactive logon users */
1277  if (!AddAccessAllowedAceEx(Dacl,
1278  ACL_REVISION,
1279  0,
1280  DESKTOP_ALL,
1281  InteractiveSid))
1282  {
1283  ERR("AllowDesktopAccessToUser(): Failed to set ACE for interactive SID (error code %lu)\n", GetLastError());
1284  goto Quit;
1285  }
1286 
1287  /* Fourth ACE -- Give full desktop access to logon user */
1288  if (!AddAccessAllowedAceEx(Dacl,
1289  ACL_REVISION,
1290  0,
1291  DESKTOP_ALL,
1292  LogonSid))
1293  {
1294  ERR("AllowDesktopAccessToUser(): Failed to set ACE for logon user SID (error code %lu)\n", GetLastError());
1295  goto Quit;
1296  }
1297 
1298  /* HACK: Fifth ACE -- Give full desktop to network services */
1299  if (!AddAccessAllowedAceEx(Dacl,
1300  ACL_REVISION,
1301  0,
1302  DESKTOP_ALL,
1303  NetworkServiceSid))
1304  {
1305  ERR("AllowDesktopAccessToUser(): Failed to set ACE for network service SID (error code %lu)\n", GetLastError());
1306  goto Quit;
1307  }
1308 
1309  /* Initialize the security descriptor */
1310  if (!InitializeSecurityDescriptor(&AbsoluteSd, SECURITY_DESCRIPTOR_REVISION))
1311  {
1312  ERR("AllowDesktopAccessToUser(): Failed to initialize absolute security descriptor (error code %lu)\n", GetLastError());
1313  goto Quit;
1314  }
1315 
1316  /* Set the DACL to the descriptor */
1317  if (!SetSecurityDescriptorDacl(&AbsoluteSd, TRUE, Dacl, FALSE))
1318  {
1319  ERR("AllowDesktopAccessToUser(): Failed to set up DACL to absolute security descriptor (error code %lu)\n", GetLastError());
1320  goto Quit;
1321  }
1322 
1323  /* Conver it to self-relative format */
1324  RelativeSd = ConvertToSelfRelative(&AbsoluteSd);
1325  if (RelativeSd == NULL)
1326  {
1327  ERR("AllowDesktopAccessToUser(): Failed to convert security descriptor to self relative format!\n");
1328  goto Quit;
1329  }
1330 
1331  /* Assign new security to desktop based on this descriptor */
1332  SecurityInformation = DACL_SECURITY_INFORMATION;
1333  if (!SetUserObjectSecurity(Desktop, &SecurityInformation, RelativeSd))
1334  {
1335  ERR("AllowDesktopAccessToUser(): Failed to set desktop security descriptor (error code %lu)\n", GetLastError());
1336  goto Quit;
1337  }
1338 
1339  Success = TRUE;
1340 
1341 Quit:
1342  if (WinlogonSid != NULL)
1343  {
1344  FreeSid(WinlogonSid);
1345  }
1346 
1347  if (AdminsSid != NULL)
1348  {
1349  FreeSid(AdminsSid);
1350  }
1351 
1352  if (InteractiveSid != NULL)
1353  {
1354  FreeSid(InteractiveSid);
1355  }
1356 
1357  /* HACK */
1358  if (NetworkServiceSid != NULL)
1359  {
1360  FreeSid(NetworkServiceSid);
1361  }
1362  /* END HACK */
1363 
1364  if (Dacl != NULL)
1365  {
1366  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
1367  }
1368 
1369  if (RelativeSd != NULL)
1370  {
1371  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
1372  }
1373 
1374  return Success;
1375 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
DWORD
static DWORD
Definition: security.c:70
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
_SID
Definition: ms-dtyp.idl:198
ConvertToSelfRelative
PSECURITY_DESCRIPTOR ConvertToSelfRelative(_In_ PSECURITY_DESCRIPTOR AbsoluteSd)
Converts an absolute security descriptor to a self-relative format.
Definition: security.c:64
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1008
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
TRUE
#define TRUE
Definition: types.h:120
_ACL
Definition: ms-dtyp.idl:293
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:931
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1065
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
DESKTOP_ALL
#define DESKTOP_ALL
Definition: security.c:14
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
ACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:559
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:700
ACL
struct _ACL ACL
SetUserObjectSecurity
BOOL WINAPI SetUserObjectSecurity(_In_ HANDLE, _In_ PSECURITY_INFORMATION, _In_ PSECURITY_DESCRIPTOR)
SecurityInformation
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1339
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
NtAuthority
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576
ERR
#define ERR(fmt,...)
Definition: debug.h:110
InteractiveSid
PSID InteractiveSid
Definition: globals.c:15
NetworkServiceSid
PSID NetworkServiceSid
Definition: globals.c:16
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
DaclSize
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
DESKTOP_ADMINS_LIMITED
#define DESKTOP_ADMINS_LIMITED
Definition: security.c:19
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:676

Referenced by AllowAccessOnSession().

◆ AllowWinstaAccessToUser()

BOOL AllowWinstaAccessToUser ( _In_ HWINSTA  WinSta,
_In_ PSID  LogonSid 
)

Assigns access to the specific logon user to the default window station. Such access is given to the user when it has logged in.

Parameters
[in]WinStaA handle to a window station where the user is given access to it.
[in]LogonSidA pointer to a logon SID that represents the logged in user in question.
Returns
Returns TRUE if the function has successfully assigned access to the user, FALSE otherwise.

Definition at line 874 of file security.c.

877 {
878  BOOL Success = FALSE;
879  SECURITY_DESCRIPTOR AbsoluteSd;
880  PSECURITY_DESCRIPTOR RelativeSd = NULL;
881  PSID WinlogonSid = NULL, AdminsSid = NULL, InteractiveSid = NULL, NetworkServiceSid = NULL; /* NetworkServiceSid is a HACK, see the comment in CreateWinstaSecurity for information */
882  SECURITY_INFORMATION SecurityInformation;
883  DWORD DaclSize;
884  PACL Dacl;
885 
886  /* Create the Winlogon SID */
887  if (!AllocateAndInitializeSid(&NtAuthority,
888  1,
889  SECURITY_LOCAL_SYSTEM_RID,
890  0, 0, 0, 0, 0, 0, 0,
891  &WinlogonSid))
892  {
893  ERR("AllowWinstaAccessToUser(): Failed to create the Winlogon SID (error code %lu)\n", GetLastError());
894  return FALSE;
895  }
896 
897  /* Create the admins SID */
898  if (!AllocateAndInitializeSid(&NtAuthority,
899  2,
900  SECURITY_BUILTIN_DOMAIN_RID,
901  DOMAIN_ALIAS_RID_ADMINS,
902  0, 0, 0, 0, 0, 0,
903  &AdminsSid))
904  {
905  ERR("AllowWinstaAccessToUser(): Failed to create the admins SID (error code %lu)\n", GetLastError());
906  goto Quit;
907  }
908 
909  /* Create the interactive logon SID */
910  if (!AllocateAndInitializeSid(&NtAuthority,
911  1,
912  SECURITY_INTERACTIVE_RID,
913  0, 0, 0, 0, 0, 0, 0,
914  &InteractiveSid))
915  {
916  ERR("AllowWinstaAccessToUser(): Failed to create the interactive SID (error code %lu)\n", GetLastError());
917  goto Quit;
918  }
919 
920  /* HACK: Create the network service SID */
921  if (!AllocateAndInitializeSid(&NtAuthority,
922  1,
923  SECURITY_NETWORK_SERVICE_RID,
924  0, 0, 0, 0, 0, 0, 0,
925  &NetworkServiceSid))
926  {
927  ERR("AllowWinstaAccessToUser(): Failed to create the network service SID (error code %lu)\n", GetLastError());
928  goto Quit;
929  }
930 
931  /*
932  * Build up the DACL size. This includes a number
933  * of eight ACEs of four different SIDs. The first ACE
934  * gives full winsta access to Winlogon, the second one gives
935  * generic access to Winlogon. Such approach is the same
936  * for both interactive logon users and logon user as well.
937  * Only admins are given limited powers.
938  */
939  DaclSize = sizeof(ACL) +
940  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
941  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
942  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid) +
943  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid) +
944  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(InteractiveSid) +
945  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(InteractiveSid) +
946  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(LogonSid) +
947  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(LogonSid) +
948  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(NetworkServiceSid) + /* HACK */
949  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(NetworkServiceSid);
950 
951  /* Allocate the DACL now */
952  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
953  HEAP_ZERO_MEMORY,
954  DaclSize);
955  if (Dacl == NULL)
956  {
957  ERR("AllowWinstaAccessToUser(): Failed to allocate memory buffer for DACL!\n");
958  goto Quit;
959  }
960 
961  /* Initialize it */
962  if (!InitializeAcl(Dacl, DaclSize, ACL_REVISION))
963  {
964  ERR("AllowWinstaAccessToUser(): Failed to initialize DACL (error code %lu)\n", GetLastError());
965  goto Quit;
966  }
967 
968  /* First ACE -- Give full winsta access to Winlogon */
969  if (!AddAccessAllowedAceEx(Dacl,
970  ACL_REVISION,
971  NO_PROPAGATE_INHERIT_ACE,
972  WINSTA_ALL,
973  WinlogonSid))
974  {
975  ERR("AllowWinstaAccessToUser(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
976  goto Quit;
977  }
978 
979  /* Second ACE -- Give generic access to Winlogon */
980  if (!AddAccessAllowedAceEx(Dacl,
981  ACL_REVISION,
982  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
983  GENERIC_ACCESS,
984  WinlogonSid))
985  {
986  ERR("AllowWinstaAccessToUser(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
987  goto Quit;
988  }
989 
990  /* Third ACE -- Give limited winsta access to admins */
991  if (!AddAccessAllowedAceEx(Dacl,
992  ACL_REVISION,
993  NO_PROPAGATE_INHERIT_ACE,
994  WINSTA_ADMINS_LIMITED,
995  AdminsSid))
996  {
997  ERR("AllowWinstaAccessToUser(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
998  goto Quit;
999  }
1000 
1001  /* Fourth ACE -- Give limited desktop access to admins */
1002  if (!AddAccessAllowedAceEx(Dacl,
1003  ACL_REVISION,
1004  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
1005  DESKTOP_ADMINS_LIMITED,
1006  AdminsSid))
1007  {
1008  ERR("AllowWinstaAccessToUser(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
1009  goto Quit;
1010  }
1011 
1012  /* Fifth ACE -- Give full winsta access to interactive logon users */
1013  if (!AddAccessAllowedAceEx(Dacl,
1014  ACL_REVISION,
1015  NO_PROPAGATE_INHERIT_ACE,
1016  WINSTA_ALL,
1017  InteractiveSid))
1018  {
1019  ERR("AllowWinstaAccessToUser(): Failed to set ACE for interactive SID (error code %lu)\n", GetLastError());
1020  goto Quit;
1021  }
1022 
1023  /* Sixth ACE -- Give generic access to interactive logon users */
1024  if (!AddAccessAllowedAceEx(Dacl,
1025  ACL_REVISION,
1026  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
1027  GENERIC_ACCESS,
1028  InteractiveSid))
1029  {
1030  ERR("AllowWinstaAccessToUser(): Failed to set ACE for interactive SID (error code %lu)\n", GetLastError());
1031  goto Quit;
1032  }
1033 
1034  /* Seventh ACE -- Give full winsta access to logon user */
1035  if (!AddAccessAllowedAceEx(Dacl,
1036  ACL_REVISION,
1037  NO_PROPAGATE_INHERIT_ACE,
1038  WINSTA_ALL,
1039  LogonSid))
1040  {
1041  ERR("AllowWinstaAccessToUser(): Failed to set ACE for logon user SID (error code %lu)\n", GetLastError());
1042  goto Quit;
1043  }
1044 
1045  /* Eighth ACE -- Give generic access to logon user */
1046  if (!AddAccessAllowedAceEx(Dacl,
1047  ACL_REVISION,
1048  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
1049  GENERIC_ACCESS,
1050  LogonSid))
1051  {
1052  ERR("AllowWinstaAccessToUser(): Failed to set ACE for logon user SID (error code %lu)\n", GetLastError());
1053  goto Quit;
1054  }
1055 
1056  /* HACK : Ninenth ACE -- Give full winsta access to network services */
1057  if (!AddAccessAllowedAceEx(Dacl,
1058  ACL_REVISION,
1059  NO_PROPAGATE_INHERIT_ACE,
1060  WINSTA_ALL,
1061  NetworkServiceSid))
1062  {
1063  ERR("AllowWinstaAccessToUser(): Failed to set ACE for logon network service SID (error code %lu)\n", GetLastError());
1064  goto Quit;
1065  }
1066 
1067  /* HACK: Tenth ACE -- Give generic access to network services */
1068  if (!AddAccessAllowedAceEx(Dacl,
1069  ACL_REVISION,
1070  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
1071  GENERIC_ACCESS,
1072  NetworkServiceSid))
1073  {
1074  ERR("AllowWinstaAccessToUser(): Failed to set ACE for network service SID (error code %lu)\n", GetLastError());
1075  goto Quit;
1076  }
1077 
1078  /* Initialize the security descriptor */
1079  if (!InitializeSecurityDescriptor(&AbsoluteSd, SECURITY_DESCRIPTOR_REVISION))
1080  {
1081  ERR("AllowWinstaAccessToUser(): Failed to initialize absolute security descriptor (error code %lu)\n", GetLastError());
1082  goto Quit;
1083  }
1084 
1085  /* Set the DACL to descriptor */
1086  if (!SetSecurityDescriptorDacl(&AbsoluteSd, TRUE, Dacl, FALSE))
1087  {
1088  ERR("AllowWinstaAccessToUser(): Failed to set up DACL to absolute security descriptor (error code %lu)\n", GetLastError());
1089  goto Quit;
1090  }
1091 
1092  /* Convert it to self-relative format */
1093  RelativeSd = ConvertToSelfRelative(&AbsoluteSd);
1094  if (RelativeSd == NULL)
1095  {
1096  ERR("AllowWinstaAccessToUser(): Failed to convert security descriptor to self relative format!\n");
1097  goto Quit;
1098  }
1099 
1100  /* Set new winsta security based on this descriptor */
1101  SecurityInformation = DACL_SECURITY_INFORMATION;
1102  if (!SetUserObjectSecurity(WinSta, &SecurityInformation, RelativeSd))
1103  {
1104  ERR("AllowWinstaAccessToUser(): Failed to set window station security descriptor (error code %lu)\n", GetLastError());
1105  goto Quit;
1106  }
1107 
1108  Success = TRUE;
1109 
1110 Quit:
1111  if (WinlogonSid != NULL)
1112  {
1113  FreeSid(WinlogonSid);
1114  }
1115 
1116  if (AdminsSid != NULL)
1117  {
1118  FreeSid(AdminsSid);
1119  }
1120 
1121  if (InteractiveSid != NULL)
1122  {
1123  FreeSid(InteractiveSid);
1124  }
1125 
1126  /* HACK */
1127  if (NetworkServiceSid != NULL)
1128  {
1129  FreeSid(NetworkServiceSid);
1130  }
1131  /* END HACK */
1132 
1133  if (Dacl != NULL)
1134  {
1135  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
1136  }
1137 
1138  if (RelativeSd != NULL)
1139  {
1140  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
1141  }
1142 
1143  return Success;
1144 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
DWORD
static DWORD
Definition: security.c:70
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
_SID
Definition: ms-dtyp.idl:198
ConvertToSelfRelative
PSECURITY_DESCRIPTOR ConvertToSelfRelative(_In_ PSECURITY_DESCRIPTOR AbsoluteSd)
Converts an absolute security descriptor to a self-relative format.
Definition: security.c:64
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1008
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
TRUE
#define TRUE
Definition: types.h:120
_ACL
Definition: ms-dtyp.idl:293
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:931
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1065
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
ACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:559
NO_PROPAGATE_INHERIT_ACE
#define NO_PROPAGATE_INHERIT_ACE
Definition: setypes.h:748
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
SECURITY_INFORMATION
DWORD SECURITY_INFORMATION
Definition: ms-dtyp.idl:311
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:700
ACL
struct _ACL ACL
SetUserObjectSecurity
BOOL WINAPI SetUserObjectSecurity(_In_ HANDLE, _In_ PSECURITY_INFORMATION, _In_ PSECURITY_DESCRIPTOR)
SecurityInformation
_Must_inspect_result_ _In_ PFILE_OBJECT _In_ SECURITY_INFORMATION SecurityInformation
Definition: fltkernel.h:1339
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
WINSTA_ALL
#define WINSTA_ALL
Definition: security.c:27
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
NtAuthority
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576
ERR
#define ERR(fmt,...)
Definition: debug.h:110
InteractiveSid
PSID InteractiveSid
Definition: globals.c:15
NetworkServiceSid
PSID NetworkServiceSid
Definition: globals.c:16
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
GENERIC_ACCESS
#define GENERIC_ACCESS
Definition: security.c:35
DaclSize
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
WINSTA_ADMINS_LIMITED
#define WINSTA_ADMINS_LIMITED
Definition: security.c:33
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
DESKTOP_ADMINS_LIMITED
#define DESKTOP_ADMINS_LIMITED
Definition: security.c:19
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:676

Referenced by AllowAccessOnSession().

◆ CallNotificationDlls()

VOID CallNotificationDlls ( PWLSESSION  pSession,
NOTIFICATION_TYPE  Type 
)

Definition at line 380 of file notify.c.

383 {
384  PLIST_ENTRY ListEntry;
385  PNOTIFICATION_ITEM NotificationDll;
386  WLX_NOTIFICATION_INFO Info;
387  HKEY hNotifyKey = NULL;
388  DWORD dwError;
389 
390  TRACE("CallNotificationDlls()\n");
391 
392  dwError = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
393  L"Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify",
394  0,
395  KEY_READ | KEY_ENUMERATE_SUB_KEYS,
396  &hNotifyKey);
397  if (dwError != ERROR_SUCCESS)
398  {
399  TRACE("RegOpenKeyExW()\n");
400  return;
401  }
402 
403  Info.Size = sizeof(WLX_NOTIFICATION_INFO);
404 
405  switch (Type)
406  {
407  case LogoffHandler:
408  case ShutdownHandler:
409  Info.Flags = 3;
410  break;
411 
412  default:
413  Info.Flags = 0;
414  break;
415  }
416 
417  Info.UserName = NULL; //UserName;
418  Info.Domain = NULL; //Domain;
419  Info.WindowStation = pSession->InteractiveWindowStationName;
420  Info.hToken = pSession->UserToken;
421 
422  switch (Type)
423  {
424  case LogonHandler:
425  case StartShellHandler:
426  Info.hDesktop = pSession->ApplicationDesktop;
427  break;
428 
429  case StartScreenSaverHandler:
430  Info.hDesktop = pSession->ApplicationDesktop;
431  break;
432 
433  default:
434  Info.hDesktop = pSession->WinlogonDesktop;
435  break;
436  }
437 
438  Info.pStatusCallback = NULL;
439 
440  ListEntry = NotificationDllListHead.Flink;
441  while (ListEntry != &NotificationDllListHead)
442  {
443 TRACE("ListEntry %p\n", ListEntry);
444 
445  NotificationDll = CONTAINING_RECORD(ListEntry,
446  NOTIFICATION_ITEM,
447  ListEntry);
448 TRACE("NotificationDll: %p\n", NotificationDll);
449  if (NotificationDll != NULL && NotificationDll->bEnabled)
450  CallNotificationDll(hNotifyKey, NotificationDll, Type, &Info);
451 
452  ListEntry = ListEntry->Flink;
453  }
454 
455  RegCloseKey(hNotifyKey);
456 }
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
_WLSESSION::WinlogonDesktop
HDESK WinlogonDesktop
Definition: winlogon.h:224
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
_WLSESSION::UserToken
HANDLE UserToken
Definition: winlogon.h:227
NotificationDllListHead
static LIST_ENTRY NotificationDllListHead
Definition: notify.c:50
_WLSESSION::ApplicationDesktop
HDESK ApplicationDesktop
Definition: winlogon.h:223
_NOTIFICATION_ITEM::bEnabled
BOOL bEnabled
Definition: notify.c:40
Info
_Must_inspect_result_ _In_ WDFCHILDLIST _In_ PWDF_CHILD_LIST_ITERATOR _Out_ WDFDEVICE _Inout_opt_ PWDF_CHILD_RETRIEVE_INFO Info
Definition: wdfchildlist.h:683
L
#define L(x)
Definition: ntvdm.h:50
_WLX_NOTIFICATION_INFO
Definition: winwlx.h:621
CONTAINING_RECORD
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
Type
Type
Definition: Type.h:6
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
_WLSESSION::InteractiveWindowStationName
LPWSTR InteractiveWindowStationName
Definition: winlogon.h:222
_LIST_ENTRY
Definition: typedefs.h:119
NULL
#define NULL
Definition: types.h:112
CallNotificationDll
static VOID CallNotificationDll(HKEY hNotifyKey, PNOTIFICATION_ITEM NotificationDll, NOTIFICATION_TYPE Type, PWLX_NOTIFICATION_INFO pInfo)
Definition: notify.c:309
_NOTIFICATION_ITEM
Definition: notify.c:35
RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3356
WLX_NOTIFICATION_INFO
struct _WLX_NOTIFICATION_INFO WLX_NOTIFICATION_INFO
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:47
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12
KEY_ENUMERATE_SUB_KEYS
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019

Referenced by DoGenericAction(), HandleLogoff(), HandleLogon(), HandleShutdown(), StartScreenSaver(), and WinMain().

◆ CleanupNotifications()

VOID CleanupNotifications ( VOID  )

Definition at line 460 of file notify.c.

461 {
462  PLIST_ENTRY ListEntry;
463  PNOTIFICATION_ITEM NotificationDll;
464 
465  ListEntry = NotificationDllListHead.Flink;
466  while (ListEntry != &NotificationDllListHead)
467  {
468  NotificationDll = CONTAINING_RECORD(ListEntry,
469  NOTIFICATION_ITEM,
470  ListEntry);
471  if (NotificationDll != NULL)
472  {
473  if (NotificationDll->pszKeyName != NULL)
474  RtlFreeHeap(RtlGetProcessHeap(), 0, NotificationDll->pszKeyName);
475 
476  if (NotificationDll->pszDllName != NULL)
477  RtlFreeHeap(RtlGetProcessHeap(), 0, NotificationDll->pszDllName);
478  }
479 
480  ListEntry = ListEntry->Flink;
481 
482  RemoveEntryList(&NotificationDll->ListEntry);
483 
484  RtlFreeHeap(RtlGetProcessHeap(), 0, NotificationDll);
485  }
486 }
_NOTIFICATION_ITEM::pszKeyName
PWSTR pszKeyName
Definition: notify.c:38
_NOTIFICATION_ITEM::pszDllName
PWSTR pszDllName
Definition: notify.c:39
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
NotificationDllListHead
static LIST_ENTRY NotificationDllListHead
Definition: notify.c:50
_NOTIFICATION_ITEM::ListEntry
LIST_ENTRY ListEntry
Definition: notify.c:37
RemoveEntryList
FORCEINLINE BOOLEAN RemoveEntryList(_In_ PLIST_ENTRY Entry)
Definition: rtlfuncs.h:105
CONTAINING_RECORD
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_LIST_ENTRY
Definition: typedefs.h:119
NULL
#define NULL
Definition: types.h:112
_NOTIFICATION_ITEM
Definition: notify.c:35

Referenced by WinMain().

◆ CloseAllDialogWindows()

VOID CloseAllDialogWindows ( VOID  )

Definition at line 95 of file wlx.c.

96 {
97  PDIALOG_LIST_ENTRY Current;
98  PLIST_ENTRY ListEntry;
99 
100  ListEntry = DialogListHead.Flink;
101  while (ListEntry != &DialogListHead)
102  {
103  Current = CONTAINING_RECORD(ListEntry,
104  DIALOG_LIST_ENTRY,
105  Entry);
106 
107  PostMessage(Current->hWnd, WLX_WM_SAS, 0, 0);
108 
109  ListEntry = ListEntry->Flink;
110  }
111 }
WLX_WM_SAS
#define WLX_WM_SAS
Definition: winwlx.h:71
CONTAINING_RECORD
PFLT_MESSAGE_WAITER_QUEUE CONTAINING_RECORD(Csq, DEVICE_EXTENSION, IrpQueue)) -> WaiterQ.mLock) _IRQL_raises_(DISPATCH_LEVEL) VOID NTAPI FltpAcquireMessageWaiterLock(_In_ PIO_CSQ Csq, _Out_ PKIRQL Irql)
Definition: Messaging.c:560
PostMessage
#define PostMessage
Definition: winuser.h:5812
DialogListHead
static LIST_ENTRY DialogListHead
Definition: wlx.c:26
_LIST_ENTRY::Flink
struct _LIST_ENTRY * Flink
Definition: typedefs.h:121
_DIALOG_LIST_ENTRY::hWnd
HWND hWnd
Definition: wlx.c:18
_LIST_ENTRY
Definition: typedefs.h:119
_DIALOG_LIST_ENTRY
Definition: wlx.c:15
Entry
base of all file and directory entries
Definition: entries.h:82

Referenced by DispatchSAS().

◆ ConvertToSelfRelative()

PSECURITY_DESCRIPTOR ConvertToSelfRelative ( _In_ PSECURITY_DESCRIPTOR  AbsoluteSd)

Converts an absolute security descriptor to a self-relative format.

Parameters
[in]AbsoluteSdA pointer to an absolute security descriptor to be converted.
Returns
Returns a pointer to a converted security descriptor in self-relative format. If the function fails, NULL is returned otherwise.
Remarks
The function allocates the security descriptor buffer in memory heap, the caller is entirely responsible for freeing such buffer from when it's no longer needed.

Definition at line 64 of file security.c.

66 {
67  PSECURITY_DESCRIPTOR RelativeSd;
68  DWORD DescriptorLength = 0;
69 
70  /* Determine the size for our buffer to allocate */
71  if (!MakeSelfRelativeSD(AbsoluteSd, NULL, &DescriptorLength) && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
72  {
73  ERR("ConvertToSelfRelative(): Unexpected error code (error code %lu -- must be ERROR_INSUFFICIENT_BUFFER)\n", GetLastError());
74  return NULL;
75  }
76 
77  /* Allocate the buffer now */
78  RelativeSd = RtlAllocateHeap(RtlGetProcessHeap(),
79  HEAP_ZERO_MEMORY,
80  DescriptorLength);
81  if (RelativeSd == NULL)
82  {
83  ERR("ConvertToSelfRelative(): Failed to allocate buffer for relative SD!\n");
84  return NULL;
85  }
86 
87  /* Convert the security descriptor now */
88  if (!MakeSelfRelativeSD(AbsoluteSd, RelativeSd, &DescriptorLength))
89  {
90  ERR("ConvertToSelfRelative(): Failed to convert the security descriptor to a self relative format (error code %lu)\n", GetLastError());
91  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
92  return NULL;
93  }
94 
95  return RelativeSd;
96 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
MakeSelfRelativeSD
BOOL WINAPI MakeSelfRelativeSD(PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor, PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor, LPDWORD lpdwBufferLength)
Definition: sec.c:214
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
ERR
#define ERR(fmt,...)
Definition: debug.h:110
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10

Referenced by AllowDesktopAccessToUser(), AllowWinstaAccessToUser(), CreateApplicationDesktopSecurity(), CreateScreenSaverSecurity(), CreateWinlogonDesktopSecurity(), and CreateWinstaSecurity().

◆ CreateApplicationDesktopSecurity()

BOOL CreateApplicationDesktopSecurity ( _Out_ PSECURITY_DESCRIPTOR ApplicationDesktopSd)

Creates a security descriptor for the default application desktop upon its creation.

Parameters
[out]ApplicationDesktopSdA pointer to a created security descriptor for the application desktop.
Returns
Returns TRUE if the function has successfully created the security descriptor, FALSE otherwise.

Definition at line 359 of file security.c.

361 {
362  BOOL Success = FALSE;
363  SECURITY_DESCRIPTOR AbsoluteSd;
364  PSECURITY_DESCRIPTOR RelativeSd = NULL;
365  PSID WinlogonSid = NULL, AdminsSid = NULL, NetworkServiceSid = NULL; /* NetworkServiceSid is a HACK, see the comment in CreateWinstaSecurity for information */
366  DWORD DaclSize;
367  PACL Dacl;
368 
369  /* Create the Winlogon SID */
370  if (!AllocateAndInitializeSid(&NtAuthority,
371  1,
372  SECURITY_LOCAL_SYSTEM_RID,
373  0, 0, 0, 0, 0, 0, 0,
374  &WinlogonSid))
375  {
376  ERR("CreateApplicationDesktopSecurity(): Failed to create the Winlogon SID (error code %lu)\n", GetLastError());
377  return FALSE;
378  }
379 
380  /* Create the admins SID */
381  if (!AllocateAndInitializeSid(&NtAuthority,
382  2,
383  SECURITY_BUILTIN_DOMAIN_RID,
384  DOMAIN_ALIAS_RID_ADMINS,
385  0, 0, 0, 0, 0, 0,
386  &AdminsSid))
387  {
388  ERR("CreateApplicationDesktopSecurity(): Failed to create the admins SID (error code %lu)\n", GetLastError());
389  goto Quit;
390  }
391 
392  /* HACK: Create the network service SID */
393  if (!AllocateAndInitializeSid(&NtAuthority,
394  1,
395  SECURITY_NETWORK_SERVICE_RID,
396  0, 0, 0, 0, 0, 0, 0,
397  &NetworkServiceSid))
398  {
399  ERR("CreateApplicationDesktopSecurity(): Failed to create the network service SID (error code %lu)\n", GetLastError());
400  goto Quit;
401  }
402 
403  /*
404  * Build up the DACL size. This includes a number
405  * of two ACEs of two different SIDs. The first ACE
406  * gives full access to Winlogon, the last one gives
407  * limited desktop access to admins.
408  */
409  DaclSize = sizeof(ACL) +
410  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
411  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid) +
412  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(NetworkServiceSid); /* HACK */
413 
414  /* Allocate the DACL now */
415  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
416  HEAP_ZERO_MEMORY,
417  DaclSize);
418  if (Dacl == NULL)
419  {
420  ERR("CreateApplicationDesktopSecurity(): Failed to allocate memory buffer for DACL!\n");
421  goto Quit;
422  }
423 
424  /* Initialize it */
425  if (!InitializeAcl(Dacl, DaclSize, ACL_REVISION))
426  {
427  ERR("CreateApplicationDesktopSecurity(): Failed to initialize DACL (error code %lu)\n", GetLastError());
428  goto Quit;
429  }
430 
431  /* First ACE -- Give full desktop power to Winlogon */
432  if (!AddAccessAllowedAceEx(Dacl,
433  ACL_REVISION,
434  0,
435  DESKTOP_ALL,
436  WinlogonSid))
437  {
438  ERR("CreateApplicationDesktopSecurity(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
439  goto Quit;
440  }
441 
442  /* Second ACE -- Give limited desktop power to admins */
443  if (!AddAccessAllowedAceEx(Dacl,
444  ACL_REVISION,
445  0,
446  DESKTOP_ADMINS_LIMITED,
447  AdminsSid))
448  {
449  ERR("CreateApplicationDesktopSecurity(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
450  goto Quit;
451  }
452 
453  /* HACK: Third ACE -- Give full desktop power to network services */
454  if (!AddAccessAllowedAceEx(Dacl,
455  ACL_REVISION,
456  0,
457  DESKTOP_ALL,
458  NetworkServiceSid))
459  {
460  ERR("CreateApplicationDesktopSecurity(): Failed to set ACE for network services (error code %lu)\n", GetLastError());
461  goto Quit;
462  }
463 
464  /* Initialize the security descriptor */
465  if (!InitializeSecurityDescriptor(&AbsoluteSd, SECURITY_DESCRIPTOR_REVISION))
466  {
467  ERR("CreateApplicationDesktopSecurity(): Failed to initialize absolute security descriptor (error code %lu)\n", GetLastError());
468  goto Quit;
469  }
470 
471  /* Set the DACL to the descriptor */
472  if (!SetSecurityDescriptorDacl(&AbsoluteSd, TRUE, Dacl, FALSE))
473  {
474  ERR("CreateApplicationDesktopSecurity(): Failed to set up DACL to absolute security descriptor (error code %lu)\n", GetLastError());
475  goto Quit;
476  }
477 
478  /* Conver it to self-relative format */
479  RelativeSd = ConvertToSelfRelative(&AbsoluteSd);
480  if (RelativeSd == NULL)
481  {
482  ERR("CreateApplicationDesktopSecurity(): Failed to convert security descriptor to self relative format!\n");
483  goto Quit;
484  }
485 
486  /* Give the descriptor to the caller */
487  *ApplicationDesktopSd = RelativeSd;
488  Success = TRUE;
489 
490 Quit:
491  if (WinlogonSid != NULL)
492  {
493  FreeSid(WinlogonSid);
494  }
495 
496  if (AdminsSid != NULL)
497  {
498  FreeSid(AdminsSid);
499  }
500 
501  /* HACK */
502  if (NetworkServiceSid != NULL)
503  {
504  FreeSid(NetworkServiceSid);
505  }
506  /* END HACK */
507 
508  if (Dacl != NULL)
509  {
510  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
511  }
512 
513  if (Success == FALSE)
514  {
515  if (RelativeSd != NULL)
516  {
517  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
518  }
519  }
520 
521  return Success;
522 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
DWORD
static DWORD
Definition: security.c:70
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
_SID
Definition: ms-dtyp.idl:198
ConvertToSelfRelative
PSECURITY_DESCRIPTOR ConvertToSelfRelative(_In_ PSECURITY_DESCRIPTOR AbsoluteSd)
Converts an absolute security descriptor to a self-relative format.
Definition: security.c:64
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1008
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
TRUE
#define TRUE
Definition: types.h:120
_ACL
Definition: ms-dtyp.idl:293
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:931
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1065
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
DESKTOP_ALL
#define DESKTOP_ALL
Definition: security.c:14
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
ACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:700
ACL
struct _ACL ACL
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
NtAuthority
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576
ERR
#define ERR(fmt,...)
Definition: debug.h:110
NetworkServiceSid
PSID NetworkServiceSid
Definition: globals.c:16
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
DaclSize
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
DESKTOP_ADMINS_LIMITED
#define DESKTOP_ADMINS_LIMITED
Definition: security.c:19
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:676

Referenced by CreateWindowStationAndDesktops().

◆ CreateScreenSaverSecurity()

BOOL CreateScreenSaverSecurity ( _Out_ PSECURITY_DESCRIPTOR ScreenSaverDesktopSd)

Creates a security descriptor for the screen saver desktop.

Parameters
[out]ScreenSaverDesktopSdA pointer to a created security descriptor for the screen-saver desktop.
Returns
Returns TRUE if the function has successfully created the security descriptor, FALSE otherwise.

Definition at line 690 of file security.c.

692 {
693  BOOL Success = FALSE;
694  SECURITY_DESCRIPTOR AbsoluteSd;
695  PSECURITY_DESCRIPTOR RelativeSd = NULL;
696  PSID WinlogonSid = NULL, AdminsSid = NULL, InteractiveSid = NULL;
697  DWORD DaclSize;
698  PACL Dacl;
699 
700  /* Create the Winlogon SID */
701  if (!AllocateAndInitializeSid(&NtAuthority,
702  1,
703  SECURITY_LOCAL_SYSTEM_RID,
704  0, 0, 0, 0, 0, 0, 0,
705  &WinlogonSid))
706  {
707  ERR("CreateScreenSaverSecurity(): Failed to create the Winlogon SID (error code %lu)\n", GetLastError());
708  return FALSE;
709  }
710 
711  /* Create the admins SID */
712  if (!AllocateAndInitializeSid(&NtAuthority,
713  2,
714  SECURITY_BUILTIN_DOMAIN_RID,
715  DOMAIN_ALIAS_RID_ADMINS,
716  0, 0, 0, 0, 0, 0,
717  &AdminsSid))
718  {
719  ERR("CreateScreenSaverSecurity(): Failed to create the admins SID (error code %lu)\n", GetLastError());
720  goto Quit;
721  }
722 
723  /* Create the interactive logon SID */
724  if (!AllocateAndInitializeSid(&NtAuthority,
725  1,
726  SECURITY_INTERACTIVE_RID,
727  0, 0, 0, 0, 0, 0, 0,
728  &InteractiveSid))
729  {
730  ERR("CreateScreenSaverSecurity(): Failed to create the interactive SID (error code %lu)\n", GetLastError());
731  goto Quit;
732  }
733 
734  /*
735  * Build up the DACL size. This includes a number
736  * of three ACEs of three different SIDs. The first ACE
737  * gives full access to Winlogon, the second one gives
738  * limited desktop access to admins and the last one
739  * gives full desktop access to users who have logged in
740  * interactively.
741  */
742  DaclSize = sizeof(ACL) +
743  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
744  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid) +
745  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(InteractiveSid);
746 
747  /* Allocate the DACL now */
748  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
749  HEAP_ZERO_MEMORY,
750  DaclSize);
751  if (Dacl == NULL)
752  {
753  ERR("CreateScreenSaverSecurity(): Failed to allocate memory buffer for DACL!\n");
754  goto Quit;
755  }
756 
757  /* Initialize it */
758  if (!InitializeAcl(Dacl, DaclSize, ACL_REVISION))
759  {
760  ERR("CreateScreenSaverSecurity(): Failed to initialize DACL (error code %lu)\n", GetLastError());
761  goto Quit;
762  }
763 
764  /* First ACE -- Give full desktop access to Winlogon */
765  if (!AddAccessAllowedAceEx(Dacl,
766  ACL_REVISION,
767  0,
768  DESKTOP_ALL,
769  WinlogonSid))
770  {
771  ERR("CreateScreenSaverSecurity(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
772  goto Quit;
773  }
774 
775  /* Second ACE -- Give limited desktop access to admins */
776  if (!AddAccessAllowedAceEx(Dacl,
777  ACL_REVISION,
778  NO_PROPAGATE_INHERIT_ACE,
779  DESKTOP_ADMINS_LIMITED,
780  AdminsSid))
781  {
782  ERR("CreateScreenSaverSecurity(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
783  goto Quit;
784  }
785 
786  /* Third ACE -- Give full desktop access to interactive logon users */
787  if (!AddAccessAllowedAceEx(Dacl,
788  ACL_REVISION,
789  NO_PROPAGATE_INHERIT_ACE,
790  DESKTOP_INTERACTIVE_LIMITED,
791  InteractiveSid))
792  {
793  ERR("CreateScreenSaverSecurity(): Failed to set ACE for interactive SID (error code %lu)\n", GetLastError());
794  goto Quit;
795  }
796 
797  /* Initialize the security descriptor */
798  if (!InitializeSecurityDescriptor(&AbsoluteSd, SECURITY_DESCRIPTOR_REVISION))
799  {
800  ERR("CreateScreenSaverSecurity(): Failed to initialize absolute security descriptor (error code %lu)\n", GetLastError());
801  goto Quit;
802  }
803 
804  /* Set the DACL to the descriptor */
805  if (!SetSecurityDescriptorDacl(&AbsoluteSd, TRUE, Dacl, FALSE))
806  {
807  ERR("CreateScreenSaverSecurity(): Failed to set up DACL to absolute security descriptor (error code %lu)\n", GetLastError());
808  goto Quit;
809  }
810 
811  /* Conver it to self-relative format */
812  RelativeSd = ConvertToSelfRelative(&AbsoluteSd);
813  if (RelativeSd == NULL)
814  {
815  ERR("CreateScreenSaverSecurity(): Failed to convert security descriptor to self relative format!\n");
816  goto Quit;
817  }
818 
819  /* Give the descriptor to the caller */
820  *ScreenSaverDesktopSd = RelativeSd;
821  Success = TRUE;
822 
823 Quit:
824  if (WinlogonSid != NULL)
825  {
826  FreeSid(WinlogonSid);
827  }
828 
829  if (AdminsSid != NULL)
830  {
831  FreeSid(AdminsSid);
832  }
833 
834  if (InteractiveSid != NULL)
835  {
836  FreeSid(InteractiveSid);
837  }
838 
839  if (Dacl != NULL)
840  {
841  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
842  }
843 
844  if (Success == FALSE)
845  {
846  if (RelativeSd != NULL)
847  {
848  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
849  }
850  }
851 
852  return Success;
853 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
DWORD
static DWORD
Definition: security.c:70
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
_SID
Definition: ms-dtyp.idl:198
ConvertToSelfRelative
PSECURITY_DESCRIPTOR ConvertToSelfRelative(_In_ PSECURITY_DESCRIPTOR AbsoluteSd)
Converts an absolute security descriptor to a self-relative format.
Definition: security.c:64
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1008
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
TRUE
#define TRUE
Definition: types.h:120
_ACL
Definition: ms-dtyp.idl:293
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:931
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1065
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
DESKTOP_ALL
#define DESKTOP_ALL
Definition: security.c:14
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
ACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
SECURITY_INTERACTIVE_RID
#define SECURITY_INTERACTIVE_RID
Definition: setypes.h:559
NO_PROPAGATE_INHERIT_ACE
#define NO_PROPAGATE_INHERIT_ACE
Definition: setypes.h:748
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:700
ACL
struct _ACL ACL
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
NtAuthority
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
DESKTOP_INTERACTIVE_LIMITED
#define DESKTOP_INTERACTIVE_LIMITED
Definition: security.c:22
ERR
#define ERR(fmt,...)
Definition: debug.h:110
InteractiveSid
PSID InteractiveSid
Definition: globals.c:15
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
DaclSize
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
DESKTOP_ADMINS_LIMITED
#define DESKTOP_ADMINS_LIMITED
Definition: security.c:19
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:676

Referenced by CreateWindowStationAndDesktops().

◆ CreateUserEnvironment()

BOOL CreateUserEnvironment ( IN PWLSESSION  Session)

Definition at line 128 of file environment.c.

130 {
131  HKEY hKeyCurrentUser;
132  LONG lError;
133 
134  TRACE("WL: CreateUserEnvironment called\n");
135 
136  /* Impersonate the new user */
137  if (!ImpersonateLoggedOnUser(Session->UserToken))
138  {
139  ERR("ImpersonateLoggedOnUser() failed with error %lu\n", GetLastError());
140  return FALSE;
141  }
142 
143  /* Open the new user HKCU key */
144  lError = RegOpenCurrentUser(KEY_CREATE_SUB_KEY,
145  &hKeyCurrentUser);
146  if (lError == ERROR_SUCCESS)
147  {
148  BuildVolatileEnvironment(Session,
149  hKeyCurrentUser);
150  RegCloseKey(hKeyCurrentUser);
151  }
152 
153  /* Revert the impersonation */
154  RevertToSelf();
155 
156  TRACE("WL: CreateUserEnvironment done\n");
157 
158  return TRUE;
159 }
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
TRUE
#define TRUE
Definition: types.h:120
RevertToSelf
BOOL WINAPI RevertToSelf(VOID)
Definition: security.c:1610
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
FALSE
#define FALSE
Definition: types.h:117
LONG
long LONG
Definition: pedump.c:60
BuildVolatileEnvironment
static VOID BuildVolatileEnvironment(IN PWLSESSION Session, IN HKEY hKeyCurrentUser)
Definition: environment.c:19
ImpersonateLoggedOnUser
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
Definition: misc.c:152
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
ERR
#define ERR(fmt,...)
Definition: debug.h:110
RegOpenCurrentUser
LONG WINAPI RegOpenCurrentUser(IN REGSAM samDesired, OUT PHKEY phkResult)
Definition: reg.c:3232
KEY_CREATE_SUB_KEY
#define KEY_CREATE_SUB_KEY
Definition: nt_native.h:1018
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:47

Referenced by HandleLogon().

◆ CreateWindowStationAndDesktops()

BOOL CreateWindowStationAndDesktops ( _Inout_ PWLSESSION  Session)

Definition at line 928 of file wlx.c.

930 {
931  SECURITY_ATTRIBUTES WinstaSecurity;
932  SECURITY_ATTRIBUTES ApplicationDesktopSecurity;
933  SECURITY_ATTRIBUTES WinlogonDesktopSecurity;
934  SECURITY_ATTRIBUTES ScreenSaverDesktopSecurity;
935  PSECURITY_DESCRIPTOR WlWinstaSecurityDescriptor;
936  PSECURITY_DESCRIPTOR WlApplicationDesktopSecurityDescriptor;
937  PSECURITY_DESCRIPTOR WlWinlogonDesktopSecurityDescriptor;
938  PSECURITY_DESCRIPTOR WlScreenSaverDesktopSecurityDescriptor;
939  BOOL ret = FALSE;
940 
941  if (!CreateWinstaSecurity(&WlWinstaSecurityDescriptor))
942  {
943  ERR("WL: Failed to create winsta security!\n");
944  return ret;
945  }
946 
947  WinstaSecurity.nLength = sizeof(SECURITY_ATTRIBUTES);
948  WinstaSecurity.lpSecurityDescriptor = WlWinstaSecurityDescriptor;
949  WinstaSecurity.bInheritHandle = TRUE;
950 
951  if (!CreateApplicationDesktopSecurity(&WlApplicationDesktopSecurityDescriptor))
952  {
953  ERR("WL: Failed to create application desktop security!\n");
954  goto cleanup;
955  }
956 
957  ApplicationDesktopSecurity.nLength = sizeof(SECURITY_ATTRIBUTES);
958  ApplicationDesktopSecurity.lpSecurityDescriptor = WlApplicationDesktopSecurityDescriptor;
959  ApplicationDesktopSecurity.bInheritHandle = TRUE;
960 
961  if (!CreateWinlogonDesktopSecurity(&WlWinlogonDesktopSecurityDescriptor))
962  {
963  ERR("WL: Failed to create winlogon desktop security!\n");
964  goto cleanup;
965  }
966 
967  WinlogonDesktopSecurity.nLength = sizeof(SECURITY_ATTRIBUTES);
968  WinlogonDesktopSecurity.lpSecurityDescriptor = WlWinlogonDesktopSecurityDescriptor;
969  WinlogonDesktopSecurity.bInheritHandle = FALSE;
970 
971  if (!CreateScreenSaverSecurity(&WlScreenSaverDesktopSecurityDescriptor))
972  {
973  ERR("WL: Failed to create winlogon desktop security!\n");
974  goto cleanup;
975  }
976 
977  ScreenSaverDesktopSecurity.nLength = sizeof(SECURITY_ATTRIBUTES);
978  ScreenSaverDesktopSecurity.lpSecurityDescriptor = WlScreenSaverDesktopSecurityDescriptor;
979  ScreenSaverDesktopSecurity.bInheritHandle = TRUE;
980 
981  /*
982  * Create the interactive window station
983  */
984  Session->InteractiveWindowStationName = L"WinSta0";
985  Session->InteractiveWindowStation = CreateWindowStationW(
986  Session->InteractiveWindowStationName,
987  0,
988  MAXIMUM_ALLOWED,
989  &WinstaSecurity);
990  if (!Session->InteractiveWindowStation)
991  {
992  ERR("WL: Failed to create window station (%lu)\n", GetLastError());
993  goto cleanup;
994  }
995 
996  if (!SetProcessWindowStation(Session->InteractiveWindowStation))
997  {
998  ERR("WL: SetProcessWindowStation() failed (error %lu)\n", GetLastError());
999  goto cleanup;
1000  }
1001 
1002  /*
1003  * Create the application desktop
1004  */
1005  Session->ApplicationDesktop = CreateDesktopW(
1006  L"Default",
1007  NULL,
1008  NULL,
1009  0, /* FIXME: Add DF_ALLOWOTHERACCOUNTHOOK flag? */
1010  MAXIMUM_ALLOWED,
1011  &ApplicationDesktopSecurity);
1012  if (!Session->ApplicationDesktop)
1013  {
1014  ERR("WL: Failed to create Default desktop (%lu)\n", GetLastError());
1015  goto cleanup;
1016  }
1017 
1018  /*
1019  * Create the winlogon desktop
1020  */
1021  Session->WinlogonDesktop = CreateDesktopW(
1022  L"Winlogon",
1023  NULL,
1024  NULL,
1025  0,
1026  MAXIMUM_ALLOWED,
1027  &WinlogonDesktopSecurity);
1028  if (!Session->WinlogonDesktop)
1029  {
1030  ERR("WL: Failed to create Winlogon desktop (%lu)\n", GetLastError());
1031  goto cleanup;
1032  }
1033 
1034  /*
1035  * Create the screen saver desktop
1036  */
1037  Session->ScreenSaverDesktop = CreateDesktopW(
1038  L"Screen-Saver",
1039  NULL,
1040  NULL,
1041  0,
1042  MAXIMUM_ALLOWED,
1043  &ScreenSaverDesktopSecurity);
1044  if(!Session->ScreenSaverDesktop)
1045  {
1046  ERR("WL: Failed to create Screen-Saver desktop (%lu)\n", GetLastError());
1047  goto cleanup;
1048  }
1049 
1050  /*
1051  * Switch to winlogon desktop
1052  */
1053  if (!SetThreadDesktop(Session->WinlogonDesktop) ||
1054  !SwitchDesktop(Session->WinlogonDesktop))
1055  {
1056  ERR("WL: Cannot switch to Winlogon desktop (%lu)\n", GetLastError());
1057  goto cleanup;
1058  }
1059 
1060  SetWindowStationUser(Session->InteractiveWindowStation,
1061  &LuidNone, NULL, 0);
1062 
1063  ret = TRUE;
1064 
1065 cleanup:
1066  if (!ret)
1067  {
1068  if (Session->ApplicationDesktop)
1069  {
1070  CloseDesktop(Session->ApplicationDesktop);
1071  Session->ApplicationDesktop = NULL;
1072  }
1073  if (Session->WinlogonDesktop)
1074  {
1075  CloseDesktop(Session->WinlogonDesktop);
1076  Session->WinlogonDesktop = NULL;
1077  }
1078  if (Session->ScreenSaverDesktop)
1079  {
1080  CloseDesktop(Session->ScreenSaverDesktop);
1081  Session->ScreenSaverDesktop = NULL;
1082  }
1083  if (Session->InteractiveWindowStation)
1084  {
1085  CloseWindowStation(Session->InteractiveWindowStation);
1086  Session->InteractiveWindowStation = NULL;
1087  }
1088  if (WlWinstaSecurityDescriptor)
1089  {
1090  RtlFreeHeap(RtlGetProcessHeap(), 0, WlWinstaSecurityDescriptor);
1091  }
1092  if (WlApplicationDesktopSecurityDescriptor)
1093  {
1094  RtlFreeHeap(RtlGetProcessHeap(), 0, WlApplicationDesktopSecurityDescriptor);
1095  }
1096  if (WlWinlogonDesktopSecurityDescriptor)
1097  {
1098  RtlFreeHeap(RtlGetProcessHeap(), 0, WlWinlogonDesktopSecurityDescriptor);
1099  }
1100  if (WlScreenSaverDesktopSecurityDescriptor)
1101  {
1102  RtlFreeHeap(RtlGetProcessHeap(), 0, WlScreenSaverDesktopSecurityDescriptor);
1103  }
1104  }
1105 
1106  return ret;
1107 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
SetWindowStationUser
BOOL WINAPI SetWindowStationUser(IN HWINSTA hWindowStation, IN PLUID pluid, IN PSID psid OPTIONAL, IN DWORD size)
Definition: winsta.c:419
_SECURITY_ATTRIBUTES::nLength
DWORD nLength
Definition: compat.h:192
TRUE
#define TRUE
Definition: types.h:120
CreateScreenSaverSecurity
BOOL CreateScreenSaverSecurity(_Out_ PSECURITY_DESCRIPTOR *ScreenSaverDesktopSd)
Creates a security descriptor for the screen saver desktop.
Definition: security.c:690
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
SetProcessWindowStation
BOOL WINAPI SetProcessWindowStation(_In_ HWINSTA)
LuidNone
LUID LuidNone
Definition: sas.c:47
SetThreadDesktop
BOOL WINAPI SetThreadDesktop(_In_ HDESK)
CreateWinlogonDesktopSecurity
BOOL CreateWinlogonDesktopSecurity(_Out_ PSECURITY_DESCRIPTOR *WinlogonDesktopSd)
Creates a security descriptor for the default Winlogon desktop. This descriptor serves as a security ...
Definition: security.c:541
L
#define L(x)
Definition: ntvdm.h:50
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
SwitchDesktop
BOOL WINAPI SwitchDesktop(_In_ HDESK)
ret
int ret
Definition: wcstombs-tests.c:31
CreateApplicationDesktopSecurity
BOOL CreateApplicationDesktopSecurity(_Out_ PSECURITY_DESCRIPTOR *ApplicationDesktopSd)
Creates a security descriptor for the default application desktop upon its creation.
Definition: security.c:359
_SECURITY_ATTRIBUTES
Definition: compat.h:191
ERR
#define ERR(fmt,...)
Definition: debug.h:110
_SECURITY_ATTRIBUTES::lpSecurityDescriptor
LPVOID lpSecurityDescriptor
Definition: compat.h:193
_SECURITY_ATTRIBUTES::bInheritHandle
BOOL bInheritHandle
Definition: compat.h:194
NULL
#define NULL
Definition: types.h:112
CreateWinstaSecurity
BOOL CreateWinstaSecurity(_Out_ PSECURITY_DESCRIPTOR *WinstaSd)
Creates a security descriptor for the default window station upon its creation.
Definition: security.c:112
CreateWindowStationW
HWINSTA WINAPI CreateWindowStationW(_In_opt_ LPCWSTR lpwinsta, _In_ DWORD dwFlags, _In_ ACCESS_MASK dwDesiredAccess, _In_opt_ LPSECURITY_ATTRIBUTES lpsa)
CloseDesktop
BOOL WINAPI CloseDesktop(_In_ HDESK)
cleanup
char * cleanup(char *str)
Definition: wpickclick.c:99
CreateDesktopW
HDESK WINAPI CreateDesktopW(LPCWSTR lpszDesktop, LPCWSTR lpszDevice, LPDEVMODEW pDevmode, DWORD dwFlags, ACCESS_MASK dwDesiredAccess, LPSECURITY_ATTRIBUTES lpsa)
Definition: desktop.c:473
CloseWindowStation
BOOL WINAPI CloseWindowStation(_In_ HWINSTA)
SECURITY_ATTRIBUTES
struct _SECURITY_ATTRIBUTES SECURITY_ATTRIBUTES

Referenced by WinMain().

◆ CreateWinlogonDesktopSecurity()

BOOL CreateWinlogonDesktopSecurity ( _Out_ PSECURITY_DESCRIPTOR WinlogonDesktopSd)

Creates a security descriptor for the default Winlogon desktop. This descriptor serves as a security measure for the winlogon desktop so that only Winlogon itself (and admins) can interact with it.

Parameters
[out]WinlogonDesktopSdA pointer to a created security descriptor for the Winlogon desktop.
Returns
Returns TRUE if the function has successfully created the security descriptor, FALSE otherwise.

Definition at line 541 of file security.c.

543 {
544  BOOL Success = FALSE;
545  SECURITY_DESCRIPTOR AbsoluteSd;
546  PSECURITY_DESCRIPTOR RelativeSd = NULL;
547  PSID WinlogonSid = NULL, AdminsSid = NULL;
548  DWORD DaclSize;
549  PACL Dacl;
550 
551  /* Create the Winlogon SID */
552  if (!AllocateAndInitializeSid(&NtAuthority,
553  1,
554  SECURITY_LOCAL_SYSTEM_RID,
555  0, 0, 0, 0, 0, 0, 0,
556  &WinlogonSid))
557  {
558  ERR("CreateWinlogonDesktopSecurity(): Failed to create the Winlogon SID (error code %lu)\n", GetLastError());
559  return FALSE;
560  }
561 
562  /* Create the admins SID */
563  if (!AllocateAndInitializeSid(&NtAuthority,
564  2,
565  SECURITY_BUILTIN_DOMAIN_RID,
566  DOMAIN_ALIAS_RID_ADMINS,
567  0, 0, 0, 0, 0, 0,
568  &AdminsSid))
569  {
570  ERR("CreateWinlogonDesktopSecurity(): Failed to create the admins SID (error code %lu)\n", GetLastError());
571  goto Quit;
572  }
573 
574  /*
575  * Build up the DACL size. This includes a number
576  * of two ACEs of two different SIDs. The first ACE
577  * gives full access to Winlogon, the last one gives
578  * limited desktop access to admins.
579  */
580  DaclSize = sizeof(ACL) +
581  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
582  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid);
583 
584  /* Allocate the DACL now */
585  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
586  HEAP_ZERO_MEMORY,
587  DaclSize);
588  if (Dacl == NULL)
589  {
590  ERR("CreateWinlogonDesktopSecurity(): Failed to allocate memory buffer for DACL!\n");
591  goto Quit;
592  }
593 
594  /* Initialize it */
595  if (!InitializeAcl(Dacl, DaclSize, ACL_REVISION))
596  {
597  ERR("CreateWinlogonDesktopSecurity(): Failed to initialize DACL (error code %lu)\n", GetLastError());
598  goto Quit;
599  }
600 
601  /* First ACE -- Give full desktop access to Winlogon */
602  if (!AddAccessAllowedAceEx(Dacl,
603  ACL_REVISION,
604  0,
605  DESKTOP_ALL,
606  WinlogonSid))
607  {
608  ERR("CreateWinlogonDesktopSecurity(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
609  goto Quit;
610  }
611 
612  /* Second ACE -- Give limited desktop access to admins */
613  if (!AddAccessAllowedAceEx(Dacl,
614  ACL_REVISION,
615  0,
616  DESKTOP_WINLOGON_ADMINS_LIMITED,
617  AdminsSid))
618  {
619  ERR("CreateWinlogonDesktopSecurity(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
620  goto Quit;
621  }
622 
623  /* Initialize the security descriptor */
624  if (!InitializeSecurityDescriptor(&AbsoluteSd, SECURITY_DESCRIPTOR_REVISION))
625  {
626  ERR("CreateWinlogonDesktopSecurity(): Failed to initialize absolute security descriptor (error code %lu)\n", GetLastError());
627  goto Quit;
628  }
629 
630  /* Set the DACL to the descriptor */
631  if (!SetSecurityDescriptorDacl(&AbsoluteSd, TRUE, Dacl, FALSE))
632  {
633  ERR("CreateWinlogonDesktopSecurity(): Failed to set up DACL to absolute security descriptor (error code %lu)\n", GetLastError());
634  goto Quit;
635  }
636 
637  /* Conver it to self-relative format */
638  RelativeSd = ConvertToSelfRelative(&AbsoluteSd);
639  if (RelativeSd == NULL)
640  {
641  ERR("CreateWinlogonDesktopSecurity(): Failed to convert security descriptor to self relative format!\n");
642  goto Quit;
643  }
644 
645  /* Give the descriptor to the caller */
646  *WinlogonDesktopSd = RelativeSd;
647  Success = TRUE;
648 
649 Quit:
650  if (WinlogonSid != NULL)
651  {
652  FreeSid(WinlogonSid);
653  }
654 
655  if (AdminsSid != NULL)
656  {
657  FreeSid(AdminsSid);
658  }
659 
660  if (Dacl != NULL)
661  {
662  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
663  }
664 
665  if (Success == FALSE)
666  {
667  if (RelativeSd != NULL)
668  {
669  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
670  }
671  }
672 
673  return Success;
674 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
DWORD
static DWORD
Definition: security.c:70
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
_SID
Definition: ms-dtyp.idl:198
ConvertToSelfRelative
PSECURITY_DESCRIPTOR ConvertToSelfRelative(_In_ PSECURITY_DESCRIPTOR AbsoluteSd)
Converts an absolute security descriptor to a self-relative format.
Definition: security.c:64
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1008
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
TRUE
#define TRUE
Definition: types.h:120
_ACL
Definition: ms-dtyp.idl:293
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:931
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1065
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
DESKTOP_ALL
#define DESKTOP_ALL
Definition: security.c:14
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
ACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:700
ACL
struct _ACL ACL
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
NtAuthority
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
DESKTOP_WINLOGON_ADMINS_LIMITED
#define DESKTOP_WINLOGON_ADMINS_LIMITED
Definition: security.c:25
ERR
#define ERR(fmt,...)
Definition: debug.h:110
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
DaclSize
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:676

Referenced by CreateWindowStationAndDesktops().

◆ CreateWinstaSecurity()

BOOL CreateWinstaSecurity ( _Out_ PSECURITY_DESCRIPTOR WinstaSd)

Creates a security descriptor for the default window station upon its creation.

Parameters
[out]WinstaSdA pointer to a created security descriptor for the window station.
Returns
Returns TRUE if the function has successfully created the security descriptor, FALSE otherwise.

Definition at line 112 of file security.c.

114 {
115  BOOL Success = FALSE;
116  SECURITY_DESCRIPTOR AbsoluteSd;
117  PSECURITY_DESCRIPTOR RelativeSd = NULL;
118  PSID WinlogonSid = NULL, AdminsSid = NULL, NetworkServiceSid = NULL; /* NetworkServiceSid is a HACK, see the comment below for information */
119  DWORD DaclSize;
120  PACL Dacl;
121 
122  /* Create the Winlogon SID */
123  if (!AllocateAndInitializeSid(&NtAuthority,
124  1,
125  SECURITY_LOCAL_SYSTEM_RID,
126  0, 0, 0, 0, 0, 0, 0,
127  &WinlogonSid))
128  {
129  ERR("CreateWinstaSecurity(): Failed to create the Winlogon SID (error code %lu)\n", GetLastError());
130  return FALSE;
131  }
132 
133  /* Create the admins SID */
134  if (!AllocateAndInitializeSid(&NtAuthority,
135  2,
136  SECURITY_BUILTIN_DOMAIN_RID,
137  DOMAIN_ALIAS_RID_ADMINS,
138  0, 0, 0, 0, 0, 0,
139  &AdminsSid))
140  {
141  ERR("CreateWinstaSecurity(): Failed to create the admins SID (error code %lu)\n", GetLastError());
142  goto Quit;
143  }
144 
145  /* HACK: Create the network service SID */
146  if (!AllocateAndInitializeSid(&NtAuthority,
147  1,
148  SECURITY_NETWORK_SERVICE_RID,
149  0, 0, 0, 0, 0, 0, 0,
150  &NetworkServiceSid))
151  {
152  ERR("CreateWinstaSecurity(): Failed to create the network service SID (error code %lu)\n", GetLastError());
153  goto Quit;
154  }
155 
156  /*
157  * Build up the DACL size. This includes a number
158  * of four ACEs of two different SIDs. The first two
159  * ACEs give both window station and generic access
160  * to Winlogon, the last two give limited window station
161  * and desktop access to admins.
162  *
163  * ===================== !!!MUST READ!!! =====================
164  *
165  * HACK -- Include in the DACL two more ACEs for network
166  * service SID. Network services will be granted full
167  * access to the default window station. Whilst technically
168  * services that are either network or local ones are part
169  * and act on behalf of the system, what we are doing here
170  * is a hack because of two reasons:
171  *
172  * 1) Winlogon does not allow default window station (Winsta0)
173  * access to network services on Windows. As a matter of fact,
174  * network services must access their own service window station
175  * (aka Service-0x0-3e4$) which never gets created. Why it never
176  * gets created is explained on the second point.
177  *
178  * 2) Our LSASS terribly lacks in code that handles special logon
179  * service types, NetworkService and LocalService. For this reason
180  * whenever an access token is created for a network service process
181  * for example, its authentication ID (aka LogonId represented as a LUID)
182  * is a uniquely generated ID by LSASS for this process. This is wrong
183  * on so many levels, partly because a network service is not a regular
184  * service and network services have their own special authentication logon
185  * ID (with its respective LUID as {0x3e4, 0x0}). On top of that, a network
186  * service process must have an impersonation token but for whatever reason
187  * we are creating a primary access token instead.
188  *
189  * FOR ANYONE WHO'S INTERESTED ON FIXING THIS, DO NOT FORGET TO REMOVE THIS
190  * HACK!!!
191  *
192  * =========================== !!!END!!! ================================
193  */
194  DaclSize = sizeof(ACL) +
195  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
196  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(WinlogonSid) +
197  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid) +
198  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(AdminsSid) +
199  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(NetworkServiceSid) +
200  sizeof(ACCESS_ALLOWED_ACE) - sizeof(DWORD) + GetLengthSid(NetworkServiceSid);
201 
202  /* Allocate the DACL now */
203  Dacl = RtlAllocateHeap(RtlGetProcessHeap(),
204  HEAP_ZERO_MEMORY,
205  DaclSize);
206  if (Dacl == NULL)
207  {
208  ERR("CreateWinstaSecurity(): Failed to allocate memory buffer for DACL!\n");
209  goto Quit;
210  }
211 
212  /* Initialize it */
213  if (!InitializeAcl(Dacl, DaclSize, ACL_REVISION))
214  {
215  ERR("CreateWinstaSecurity(): Failed to initialize DACL (error code %lu)\n", GetLastError());
216  goto Quit;
217  }
218 
219  /* First ACE -- give full winsta access to Winlogon */
220  if (!AddAccessAllowedAceEx(Dacl,
221  ACL_REVISION,
222  NO_PROPAGATE_INHERIT_ACE,
223  WINSTA_ALL,
224  WinlogonSid))
225  {
226  ERR("CreateWinstaSecurity(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
227  goto Quit;
228  }
229 
230  /* Second ACE -- give full generic access to Winlogon */
231  if (!AddAccessAllowedAceEx(Dacl,
232  ACL_REVISION,
233  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
234  GENERIC_ACCESS,
235  WinlogonSid))
236  {
237  ERR("CreateWinstaSecurity(): Failed to set ACE for Winlogon (error code %lu)\n", GetLastError());
238  goto Quit;
239  }
240 
241  /* Third ACE -- give limited winsta access to admins */
242  if (!AddAccessAllowedAceEx(Dacl,
243  ACL_REVISION,
244  NO_PROPAGATE_INHERIT_ACE,
245  WINSTA_ADMINS_LIMITED,
246  AdminsSid))
247  {
248  ERR("CreateWinstaSecurity(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
249  goto Quit;
250  }
251 
252  /* Fourth ACE -- give limited desktop access to admins */
253  if (!AddAccessAllowedAceEx(Dacl,
254  ACL_REVISION,
255  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
256  DESKTOP_ADMINS_LIMITED,
257  AdminsSid))
258  {
259  ERR("CreateWinstaSecurity(): Failed to set ACE for admins (error code %lu)\n", GetLastError());
260  goto Quit;
261  }
262 
263  /* HACK: Fifth ACE -- give full access to network services */
264  if (!AddAccessAllowedAceEx(Dacl,
265  ACL_REVISION,
266  NO_PROPAGATE_INHERIT_ACE,
267  WINSTA_ALL,
268  NetworkServiceSid))
269  {
270  ERR("CreateWinstaSecurity(): Failed to set ACE for network service (error code %lu)\n", GetLastError());
271  goto Quit;
272  }
273 
274  /* HACK: Sixth ACE -- give full generic access to network services */
275  if (!AddAccessAllowedAceEx(Dacl,
276  ACL_REVISION,
277  INHERIT_ONLY_ACE | OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE,
278  GENERIC_ACCESS,
279  NetworkServiceSid))
280  {
281  ERR("CreateWinstaSecurity(): Failed to set ACE for network service (error code %lu)\n", GetLastError());
282  goto Quit;
283  }
284 
285  /* Initialize the security descriptor */
286  if (!InitializeSecurityDescriptor(&AbsoluteSd, SECURITY_DESCRIPTOR_REVISION))
287  {
288  ERR("CreateWinstaSecurity(): Failed to initialize absolute security descriptor (error code %lu)\n", GetLastError());
289  goto Quit;
290  }
291 
292  /* Set the DACL to the descriptor */
293  if (!SetSecurityDescriptorDacl(&AbsoluteSd, TRUE, Dacl, FALSE))
294  {
295  ERR("CreateWinstaSecurity(): Failed to set up DACL to absolute security descriptor (error code %lu)\n", GetLastError());
296  goto Quit;
297  }
298 
299  /* Convert it to self-relative format */
300  RelativeSd = ConvertToSelfRelative(&AbsoluteSd);
301  if (RelativeSd == NULL)
302  {
303  ERR("CreateWinstaSecurity(): Failed to convert security descriptor to self relative format!\n");
304  goto Quit;
305  }
306 
307  /* Give the descriptor to the caller */
308  *WinstaSd = RelativeSd;
309  Success = TRUE;
310 
311 Quit:
312  if (WinlogonSid != NULL)
313  {
314  FreeSid(WinlogonSid);
315  }
316 
317  if (AdminsSid != NULL)
318  {
319  FreeSid(AdminsSid);
320  }
321 
322  /* HACK */
323  if (NetworkServiceSid != NULL)
324  {
325  FreeSid(NetworkServiceSid);
326  }
327  /* END HACK */
328 
329  if (Dacl != NULL)
330  {
331  RtlFreeHeap(RtlGetProcessHeap(), 0, Dacl);
332  }
333 
334  if (Success == FALSE)
335  {
336  if (RelativeSd != NULL)
337  {
338  RtlFreeHeap(RtlGetProcessHeap(), 0, RelativeSd);
339  }
340  }
341 
342  return Success;
343 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
DWORD
static DWORD
Definition: security.c:70
SECURITY_LOCAL_SYSTEM_RID
#define SECURITY_LOCAL_SYSTEM_RID
Definition: setypes.h:574
SetSecurityDescriptorDacl
BOOL WINAPI SetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted)
Definition: sec.c:262
_SID
Definition: ms-dtyp.idl:198
ConvertToSelfRelative
PSECURITY_DESCRIPTOR ConvertToSelfRelative(_In_ PSECURITY_DESCRIPTOR AbsoluteSd)
Converts an absolute security descriptor to a self-relative format.
Definition: security.c:64
InitializeAcl
BOOL WINAPI InitializeAcl(PACL pAcl, DWORD nAclLength, DWORD dwAclRevision)
Definition: security.c:1008
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
TRUE
#define TRUE
Definition: types.h:120
_ACL
Definition: ms-dtyp.idl:293
InitializeSecurityDescriptor
BOOL WINAPI InitializeSecurityDescriptor(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision)
Definition: security.c:931
AddAccessAllowedAceEx
BOOL WINAPI AddAccessAllowedAceEx(PACL pAcl, DWORD dwAceRevision, DWORD AceFlags, DWORD AccessMask, PSID pSid)
Definition: security.c:1065
RtlFreeHeap
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
ACCESS_ALLOWED_ACE
struct _ACCESS_ALLOWED_ACE ACCESS_ALLOWED_ACE
NO_PROPAGATE_INHERIT_ACE
#define NO_PROPAGATE_INHERIT_ACE
Definition: setypes.h:748
SECURITY_DESCRIPTOR_REVISION
#define SECURITY_DESCRIPTOR_REVISION
Definition: setypes.h:58
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
FreeSid
PVOID WINAPI FreeSid(PSID pSid)
Definition: security.c:700
ACL
struct _ACL ACL
RtlAllocateHeap
PVOID NTAPI RtlAllocateHeap(IN PVOID HeapHandle, IN ULONG Flags, IN SIZE_T Size)
Definition: heap.c:588
WINSTA_ALL
#define WINSTA_ALL
Definition: security.c:27
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_BUILTIN_DOMAIN_RID
Definition: setypes.h:581
GetLengthSid
DWORD WINAPI GetLengthSid(PSID pSid)
Definition: security.c:921
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
NtAuthority
static SID_IDENTIFIER_AUTHORITY NtAuthority
Definition: security.c:40
SECURITY_NETWORK_SERVICE_RID
#define SECURITY_NETWORK_SERVICE_RID
Definition: setypes.h:576
ERR
#define ERR(fmt,...)
Definition: debug.h:110
NetworkServiceSid
PSID NetworkServiceSid
Definition: globals.c:16
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
GENERIC_ACCESS
#define GENERIC_ACCESS
Definition: security.c:35
DaclSize
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL _Inout_ PULONG DaclSize
Definition: rtlfuncs.h:1552
ACL_REVISION
#define ACL_REVISION
Definition: setypes.h:39
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
WINSTA_ADMINS_LIMITED
#define WINSTA_ADMINS_LIMITED
Definition: security.c:33
DOMAIN_ALIAS_RID_ADMINS
#define DOMAIN_ALIAS_RID_ADMINS
Definition: setypes.h:652
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
DESKTOP_ADMINS_LIMITED
#define DESKTOP_ADMINS_LIMITED
Definition: security.c:19
AllocateAndInitializeSid
BOOL WINAPI AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid)
Definition: security.c:676

Referenced by CreateWindowStationAndDesktops().

◆ DisplayStatusMessage()

BOOL DisplayStatusMessage ( IN PWLSESSION  Session,
IN HDESK  hDesktop,
IN UINT  ResourceId 
)

Definition at line 349 of file winlogon.c.

353 {
354  WCHAR StatusMsg[MAX_PATH];
355 
356  if (Session->Gina.Version < WLX_VERSION_1_3)
357  return TRUE;
358 
359  if (Session->SuppressStatus)
360  return TRUE;
361 
362  if (LoadStringW(hAppInstance, ResourceId, StatusMsg, MAX_PATH) == 0)
363  return FALSE;
364 
365  return Session->Gina.Functions.WlxDisplayStatusMessage(Session->Gina.Context, hDesktop, 0, NULL, StatusMsg);
366 }
TRUE
#define TRUE
Definition: types.h:120
LoadStringW
int WINAPI LoadStringW(_In_opt_ HINSTANCE hInstance, _In_ UINT uID, _Out_writes_to_(cchBufferMax, return+1) LPWSTR lpBuffer, _In_ int cchBufferMax)
FALSE
#define FALSE
Definition: types.h:117
hAppInstance
HINSTANCE hAppInstance
Definition: winlogon.c:19
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
NULL
#define NULL
Definition: types.h:112
WLX_VERSION_1_3
#define WLX_VERSION_1_3
Definition: winwlx.h:31

Referenced by HandleLogoff(), HandleLogon(), HandleShutdown(), and WinMain().

◆ GetSetupType()

DWORD GetSetupType ( VOID  )

Definition at line 16 of file setup.c.

17 {
18  DWORD dwError;
19  HKEY hKey;
20  DWORD dwType;
21  DWORD dwSize;
22  DWORD dwSetupType;
23 
24  TRACE("GetSetupType()\n");
25 
26  /* Open key */
27  dwError = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
28  L"SYSTEM\\Setup",
29  0,
30  KEY_QUERY_VALUE,
31  &hKey);
32  if (dwError != ERROR_SUCCESS)
33  return 0;
34 
35  /* Read key */
36  dwSize = sizeof(DWORD);
37  dwError = RegQueryValueExW(hKey,
38  L"SetupType",
39  NULL,
40  &dwType,
41  (LPBYTE)&dwSetupType,
42  &dwSize);
43 
44  /* Close key, and check if returned values are correct */
45  RegCloseKey(hKey);
46  if (dwError != ERROR_SUCCESS || dwType != REG_DWORD || dwSize != sizeof(DWORD))
47  return 0;
48 
49  TRACE("GetSetupType() returns %lu\n", dwSetupType);
50  return dwSetupType;
51 }
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
DWORD
#define DWORD
Definition: nt_native.h:44
L
#define L(x)
Definition: ntvdm.h:50
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
RegQueryValueExW
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
Definition: reg.c:4120
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
hKey
FxAutoRegKey hKey
Definition: fxdriverapikm.cpp:59
KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
NULL
#define NULL
Definition: types.h:112
RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3356
REG_DWORD
#define REG_DWORD
Definition: sdbapi.c:596
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:47
dwSize
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12

Referenced by SASWindowProc(), and WinMain().

◆ GinaInit()

BOOL GinaInit ( IN OUT PWLSESSION  Session)

Definition at line 905 of file wlx.c.

907 {
908  DWORD GinaDllVersion;
909 
910  if (!LoadGina(&Session->Gina.Functions, &GinaDllVersion, &Session->Gina.hDllInstance))
911  return FALSE;
912 
913  Session->Gina.Context = NULL;
914  Session->Gina.Version = GinaDllVersion;
915  Session->Gina.UseCtrlAltDelete = FALSE;
916  Session->SuppressStatus = FALSE;
917 
918  TRACE("Calling WlxInitialize(\"%S\")\n", Session->InteractiveWindowStationName);
919  return Session->Gina.Functions.WlxInitialize(
920  Session->InteractiveWindowStationName,
921  (HANDLE)Session,
922  NULL,
923  (PVOID)&FunctionTable,
924  &Session->Gina.Context);
925 }
FALSE
#define FALSE
Definition: types.h:117
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
LoadGina
static BOOL LoadGina(IN OUT PGINAFUNCTIONS Functions, OUT DWORD *DllVersion, OUT HMODULE *GinaInstance)
Definition: wlx.c:805
NULL
#define NULL
Definition: types.h:112
FunctionTable
static WLX_DISPATCH_VERSION_1_4 FunctionTable
Definition: wlx.c:722

Referenced by WinMain().

◆ HandleShutdown()

NTSTATUS HandleShutdown ( IN OUT PWLSESSION  Session,
IN DWORD  wlxAction 
)

Definition at line 964 of file sas.c.

967 {
968  PLOGOFF_SHUTDOWN_DATA LSData;
969  HANDLE hThread;
970  DWORD exitCode;
971  BOOLEAN Old;
972 
973  // SwitchDesktop(Session->WinlogonDesktop);
974 
975  /* If the system is rebooting, show the appropriate string */
976  if (wlxAction == WLX_SAS_ACTION_SHUTDOWN_REBOOT)
977  DisplayStatusMessage(Session, Session->WinlogonDesktop, IDS_REACTOSISRESTARTING);
978  else
979  DisplayStatusMessage(Session, Session->WinlogonDesktop, IDS_REACTOSISSHUTTINGDOWN);
980 
981  /* Prepare data for shutdown thread */
982  LSData = HeapAlloc(GetProcessHeap(), 0, sizeof(LOGOFF_SHUTDOWN_DATA));
983  if (!LSData)
984  {
985  ERR("Failed to allocate mem for thread data\n");
986  return STATUS_NO_MEMORY;
987  }
988  if (wlxAction == WLX_SAS_ACTION_SHUTDOWN_POWER_OFF)
989  LSData->Flags = EWX_POWEROFF;
990  else if (wlxAction == WLX_SAS_ACTION_SHUTDOWN_REBOOT)
991  LSData->Flags = EWX_REBOOT;
992  else
993  LSData->Flags = EWX_SHUTDOWN;
994  LSData->Session = Session;
995 
996  // FIXME: We may need to specify this flag to really force application kill
997  // (we are shutting down ReactOS, not just logging off so no hangs, etc...
998  // should be allowed).
999  // LSData->Flags |= EWX_FORCE;
1000 
1001  /* Run shutdown thread */
1002  hThread = CreateThread(NULL, 0, LogoffShutdownThread, (LPVOID)LSData, 0, NULL);
1003  if (!hThread)
1004  {
1005  ERR("Unable to create shutdown thread, error %lu\n", GetLastError());
1006  HeapFree(GetProcessHeap(), 0, LSData);
1007  return STATUS_UNSUCCESSFUL;
1008  }
1009  WaitForSingleObject(hThread, INFINITE);
1010  HeapFree(GetProcessHeap(), 0, LSData);
1011  if (!GetExitCodeThread(hThread, &exitCode))
1012  {
1013  ERR("Unable to get exit code of shutdown thread (error %lu)\n", GetLastError());
1014  CloseHandle(hThread);
1015  return STATUS_UNSUCCESSFUL;
1016  }
1017  CloseHandle(hThread);
1018  if (exitCode == 0)
1019  {
1020  ERR("Shutdown thread returned failure\n");
1021  return STATUS_UNSUCCESSFUL;
1022  }
1023 
1024  CallNotificationDlls(Session, ShutdownHandler);
1025 
1026  /* Destroy SAS window */
1027  UninitializeSAS(Session);
1028 
1029  /* Now we can shut down NT */
1030  ERR("Shutting down NT...\n");
1031  RtlAdjustPrivilege(SE_SHUTDOWN_PRIVILEGE, TRUE, FALSE, &Old);
1032  if (wlxAction == WLX_SAS_ACTION_SHUTDOWN_REBOOT)
1033  {
1034  NtShutdownSystem(ShutdownReboot);
1035  }
1036  else
1037  {
1038  if (FALSE)
1039  {
1040  /* FIXME - only show this dialog if it's a shutdown and the computer doesn't support APM */
1041  DialogBox(hAppInstance, MAKEINTRESOURCE(IDD_SHUTDOWNCOMPUTER),
1042  GetDesktopWindow(), ShutdownComputerWindowProc);
1043  }
1044  NtShutdownSystem(ShutdownNoReboot);
1045  }
1046  RtlAdjustPrivilege(SE_SHUTDOWN_PRIVILEGE, Old, FALSE, &Old);
1047  return STATUS_SUCCESS;
1048 }
MAKEINTRESOURCE
#define MAKEINTRESOURCE
Definition: winuser.h:591
DisplayStatusMessage
BOOL DisplayStatusMessage(IN PWLSESSION Session, IN HDESK hDesktop, IN UINT ResourceId)
Definition: winlogon.c:349
CloseHandle
#define CloseHandle
Definition: compat.h:598
TRUE
#define TRUE
Definition: types.h:120
tagLOGOFF_SHUTDOWN_DATA
Definition: sas.c:39
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
RtlAdjustPrivilege
NTSYSAPI NTSTATUS NTAPI RtlAdjustPrivilege(_In_ ULONG Privilege, _In_ BOOLEAN NewValue, _In_ BOOLEAN ForThread, _Out_ PBOOLEAN OldValue)
tagLOGOFF_SHUTDOWN_DATA::Session
PWLSESSION Session
Definition: sas.c:42
UninitializeSAS
static VOID UninitializeSAS(IN OUT PWLSESSION Session)
Definition: sas.c:950
EWX_REBOOT
#define EWX_REBOOT
Definition: winuser.h:633
LogoffShutdownThread
static DWORD WINAPI LogoffShutdownThread(LPVOID Parameter)
Definition: sas.c:619
GetExitCodeThread
BOOL WINAPI GetExitCodeThread(IN HANDLE hThread, OUT LPDWORD lpExitCode)
Definition: thread.c:541
WaitForSingleObject
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
Definition: synch.c:82
DialogBox
#define DialogBox
Definition: winuser.h:5741
ShutdownComputerWindowProc
static INT_PTR CALLBACK ShutdownComputerWindowProc(IN HWND hwndDlg, IN UINT uMsg, IN WPARAM wParam, IN LPARAM lParam)
Definition: sas.c:918
FALSE
#define FALSE
Definition: types.h:117
EWX_SHUTDOWN
#define EWX_SHUTDOWN
Definition: winuser.h:634
IDS_REACTOSISSHUTTINGDOWN
#define IDS_REACTOSISSHUTTINGDOWN
Definition: resource.h:31
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
CreateThread
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
GetDesktopWindow
HWND WINAPI GetDesktopWindow(void)
Definition: window.c:656
SE_SHUTDOWN_PRIVILEGE
#define SE_SHUTDOWN_PRIVILEGE
Definition: security.c:673
EWX_POWEROFF
#define EWX_POWEROFF
Definition: winuser.h:632
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:595
HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
WLX_SAS_ACTION_SHUTDOWN_POWER_OFF
#define WLX_SAS_ACTION_SHUTDOWN_POWER_OFF
Definition: winwlx.h:62
NtShutdownSystem
NTSTATUS NTAPI NtShutdownSystem(IN SHUTDOWN_ACTION Action)
Definition: shutdown.c:43
IDD_SHUTDOWNCOMPUTER
#define IDD_SHUTDOWNCOMPUTER
Definition: resource.h:7
ERR
#define ERR(fmt,...)
Definition: debug.h:110
CallNotificationDlls
VOID CallNotificationDlls(PWLSESSION pSession, NOTIFICATION_TYPE Type)
Definition: notify.c:380
STATUS_NO_MEMORY
#define STATUS_NO_MEMORY
Definition: ntstatus.h:260
NULL
#define NULL
Definition: types.h:112
hThread
HANDLE hThread
Definition: wizard.c:28
WLX_SAS_ACTION_SHUTDOWN_REBOOT
#define WLX_SAS_ACTION_SHUTDOWN_REBOOT
Definition: winwlx.h:63
tagLOGOFF_SHUTDOWN_DATA::Flags
UINT Flags
Definition: sas.c:41
IDS_REACTOSISRESTARTING
#define IDS_REACTOSISRESTARTING
Definition: resource.h:38
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
INFINITE
#define INFINITE
Definition: serial.h:102
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:594
hAppInstance
HINSTANCE hAppInstance
Definition: mmc.c:23

Referenced by DoGenericAction(), and WinMain().

◆ InitDialogListHead()

VOID InitDialogListHead ( VOID  )

Definition at line 31 of file wlx.c.

32 {
33  InitializeListHead(&DialogListHead);
34 }
DialogListHead
static LIST_ENTRY DialogListHead
Definition: wlx.c:26
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944

Referenced by WinMain().

◆ InitializeSAS()

BOOL InitializeSAS ( IN OUT PWLSESSION  Session)

Definition at line 1508 of file sas.c.

1510 {
1511  WNDCLASSEXW swc;
1512  BOOL ret = FALSE;
1513 
1514  if (!SwitchDesktop(Session->WinlogonDesktop))
1515  {
1516  ERR("WL: Failed to switch to winlogon desktop\n");
1517  goto cleanup;
1518  }
1519 
1520  /* Register SAS window class */
1521  swc.cbSize = sizeof(WNDCLASSEXW);
1522  swc.style = CS_SAVEBITS;
1523  swc.lpfnWndProc = SASWindowProc;
1524  swc.cbClsExtra = 0;
1525  swc.cbWndExtra = 0;
1526  swc.hInstance = hAppInstance;
1527  swc.hIcon = NULL;
1528  swc.hCursor = NULL;
1529  swc.hbrBackground = NULL;
1530  swc.lpszMenuName = NULL;
1531  swc.lpszClassName = WINLOGON_SAS_CLASS;
1532  swc.hIconSm = NULL;
1533  if (RegisterClassExW(&swc) == 0)
1534  {
1535  ERR("WL: Failed to register SAS window class\n");
1536  goto cleanup;
1537  }
1538 
1539  /* Create invisible SAS window */
1540  Session->SASWindow = CreateWindowExW(
1541  0,
1542  WINLOGON_SAS_CLASS,
1543  WINLOGON_SAS_TITLE,
1544  WS_POPUP,
1545  0, 0, 0, 0, 0, 0,
1546  hAppInstance, Session);
1547  if (!Session->SASWindow)
1548  {
1549  ERR("WL: Failed to create SAS window\n");
1550  goto cleanup;
1551  }
1552 
1553  /* Register SAS window to receive SAS notifications */
1554  if (!SetLogonNotifyWindow(Session->SASWindow))
1555  {
1556  ERR("WL: Failed to register SAS window\n");
1557  goto cleanup;
1558  }
1559 
1560  if (!SetDefaultLanguage(NULL))
1561  return FALSE;
1562 
1563  ret = TRUE;
1564 
1565 cleanup:
1566  if (!ret)
1567  UninitializeSAS(Session);
1568  return ret;
1569 }
_WNDCLASSEXW::cbWndExtra
int cbWndExtra
Definition: winuser.h:3200
TRUE
#define TRUE
Definition: types.h:120
SetLogonNotifyWindow
BOOL WINAPI SetLogonNotifyWindow(HWND Wnd)
Definition: logon.c:91
SASWindowProc
static LRESULT CALLBACK SASWindowProc(IN HWND hwndDlg, IN UINT uMsg, IN WPARAM wParam, IN LPARAM lParam)
Definition: sas.c:1308
_WNDCLASSEXW::hIcon
HICON hIcon
Definition: winuser.h:3202
WNDCLASSEXW
struct _WNDCLASSEXW WNDCLASSEXW
UninitializeSAS
static VOID UninitializeSAS(IN OUT PWLSESSION Session)
Definition: sas.c:950
RegisterClassExW
ATOM WINAPI RegisterClassExW(_In_ CONST WNDCLASSEXW *)
_WNDCLASSEXW::lpszMenuName
LPCWSTR lpszMenuName
Definition: winuser.h:3205
WINLOGON_SAS_CLASS
#define WINLOGON_SAS_CLASS
Definition: sas.c:26
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
_WNDCLASSEXW::cbClsExtra
int cbClsExtra
Definition: winuser.h:3199
_WNDCLASSEXW::lpszClassName
LPCWSTR lpszClassName
Definition: winuser.h:3206
_WNDCLASSEXW::hbrBackground
HBRUSH hbrBackground
Definition: winuser.h:3204
_WNDCLASSEXW::cbSize
UINT cbSize
Definition: winuser.h:3196
SwitchDesktop
BOOL WINAPI SwitchDesktop(_In_ HDESK)
_WNDCLASSEXW::hInstance
HINSTANCE hInstance
Definition: winuser.h:3201
CS_SAVEBITS
#define CS_SAVEBITS
Definition: winuser.h:652
SetDefaultLanguage
BOOL SetDefaultLanguage(IN PWLSESSION Session)
Definition: sas.c:111
ret
int ret
Definition: wcstombs-tests.c:31
CreateWindowExW
HWND WINAPI CreateWindowExW(_In_ DWORD dwExStyle, _In_opt_ LPCWSTR lpClassName, _In_opt_ LPCWSTR lpWindowName, _In_ DWORD dwStyle, _In_ int X, _In_ int Y, _In_ int nWidth, _In_ int nHeight, _In_opt_ HWND hWndParent, _In_opt_ HMENU hMenu, _In_opt_ HINSTANCE hInstance, _In_opt_ LPVOID lpParam)
_WNDCLASSEXW::hCursor
HCURSOR hCursor
Definition: winuser.h:3203
_WNDCLASSEXW::style
UINT style
Definition: winuser.h:3197
_WNDCLASSEXW::lpfnWndProc
WNDPROC lpfnWndProc
Definition: winuser.h:3198
_WNDCLASSEXW
Definition: winuser.h:3195
ERR
#define ERR(fmt,...)
Definition: debug.h:110
WS_POPUP
#define WS_POPUP
Definition: pedump.c:616
WINLOGON_SAS_TITLE
#define WINLOGON_SAS_TITLE
Definition: sas.c:27
NULL
#define NULL
Definition: types.h:112
_WNDCLASSEXW::hIconSm
HICON hIconSm
Definition: winuser.h:3207
cleanup
char * cleanup(char *str)
Definition: wpickclick.c:99
hAppInstance
HINSTANCE hAppInstance
Definition: mmc.c:23

Referenced by WinMain().

◆ InitializeScreenSaver()

BOOL InitializeScreenSaver ( IN OUT PWLSESSION  Session)

Definition at line 204 of file screensaver.c.

206 {
207  HANDLE ScreenSaverThread;
208 
209 #ifndef USE_GETLASTINPUTINFO
210  /* Register hooks to detect keyboard and mouse activity */
211  Session->KeyboardHook = SetWindowsHookEx(WH_KEYBOARD_LL, KeyboardActivityProc, hAppInstance, 0);
212  if (!Session->KeyboardHook)
213  {
214  ERR("WL: Unable to register keyboard hook\n");
215  return FALSE;
216  }
217 
218  Session->MouseHook = SetWindowsHookEx(WH_MOUSE_LL, MouseActivityProc, hAppInstance, 0);
219  if (!Session->MouseHook)
220  {
221  ERR("WL: Unable to register mouse hook\n");
222  return FALSE;
223  }
224 #endif
225 
226  Session->hScreenSaverParametersChanged = CreateEventW(NULL, FALSE, FALSE, NULL);
227  if (!Session->hScreenSaverParametersChanged)
228  {
229  WARN("WL: Unable to create screen saver event (error %lu)\n", GetLastError());
230  return TRUE;
231  }
232 
233  Session->hEndOfScreenSaverThread = CreateEventW(NULL, FALSE, FALSE, NULL);
234  if (!Session->hEndOfScreenSaverThread)
235  {
236  WARN("WL: Unable to create screen saver event (error %lu)\n", GetLastError());
237  CloseHandle(Session->hScreenSaverParametersChanged);
238  return TRUE;
239  }
240 
241  ScreenSaverThread = CreateThread(NULL,
242  0,
243  ScreenSaverThreadMain,
244  Session,
245  0,
246  NULL);
247  if (ScreenSaverThread)
248  CloseHandle(ScreenSaverThread);
249  else
250  ERR("WL: Unable to start screen saver thread\n");
251 
252  return TRUE;
253 }
CloseHandle
#define CloseHandle
Definition: compat.h:598
TRUE
#define TRUE
Definition: types.h:120
WARN
#define WARN(fmt,...)
Definition: debug.h:112
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
CreateEventW
HANDLE WINAPI DECLSPEC_HOTPATCH CreateEventW(IN LPSECURITY_ATTRIBUTES lpEventAttributes OPTIONAL, IN BOOL bManualReset, IN BOOL bInitialState, IN LPCWSTR lpName OPTIONAL)
Definition: synch.c:651
WH_MOUSE_LL
#define WH_MOUSE_LL
Definition: winuser.h:44
FALSE
#define FALSE
Definition: types.h:117
CreateThread
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
WH_KEYBOARD_LL
#define WH_KEYBOARD_LL
Definition: winuser.h:43
SetWindowsHookEx
#define SetWindowsHookEx
Definition: winuser.h:5836
ERR
#define ERR(fmt,...)
Definition: debug.h:110
ScreenSaverThreadMain
static DWORD WINAPI ScreenSaverThreadMain(IN LPVOID lpParameter)
Definition: screensaver.c:76
NULL
#define NULL
Definition: types.h:112
hAppInstance
HINSTANCE hAppInstance
Definition: mmc.c:23

Referenced by HandleLogon().

◆ InitNotifications()

BOOL InitNotifications ( VOID  )

Definition at line 253 of file notify.c.

254 {
255  HKEY hNotifyKey = NULL;
256  LONG lError;
257  DWORD dwIndex;
258  WCHAR szKeyName[80];
259  DWORD dwKeyName;
260 
261  TRACE("InitNotifications()\n");
262 
263  InitializeListHead(&NotificationDllListHead);
264 
265  AddSfcNotification();
266 
267  lError = RegOpenKeyExW(HKEY_LOCAL_MACHINE,
268  L"Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Notify",
269  0,
270  KEY_READ | KEY_ENUMERATE_SUB_KEYS,
271  &hNotifyKey);
272  if (lError != ERROR_SUCCESS)
273  {
274  TRACE("RegOpenKeyExW()\n");
275  return TRUE;
276  }
277 
278  dwIndex = 0;
279  for(;;)
280  {
281  dwKeyName = 80 * sizeof(WCHAR);
282  lError = RegEnumKeyExW(hNotifyKey,
283  dwIndex,
284  szKeyName,
285  &dwKeyName,
286  NULL,
287  NULL,
288  NULL,
289  NULL);
290  if (lError != ERROR_SUCCESS)
291  break;
292 
293  TRACE("Notification DLL: %S\n", szKeyName);
294  AddNotificationDll(hNotifyKey, szKeyName);
295 
296  dwIndex++;
297  }
298 
299  RegCloseKey(hNotifyKey);
300 
301  TRACE("InitNotifications() done\n");
302 
303  return TRUE;
304 }
AddSfcNotification
static VOID AddSfcNotification(VOID)
Definition: notify.c:57
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
TRUE
#define TRUE
Definition: types.h:120
NotificationDllListHead
static LIST_ENTRY NotificationDllListHead
Definition: notify.c:50
L
#define L(x)
Definition: ntvdm.h:50
LONG
long LONG
Definition: pedump.c:60
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
AddNotificationDll
static VOID AddNotificationDll(HKEY hNotifyKey, PWSTR pszKeyName)
Definition: notify.c:109
InitializeListHead
#define InitializeListHead(ListHead)
Definition: env_spec_w32.h:944
NULL
#define NULL
Definition: types.h:112
RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3356
RegEnumKeyExW
LONG WINAPI RegEnumKeyExW(_In_ HKEY hKey, _In_ DWORD dwIndex, _Out_ LPWSTR lpName, _Inout_ LPDWORD lpcbName, _Reserved_ LPDWORD lpReserved, _Out_opt_ LPWSTR lpClass, _Inout_opt_ LPDWORD lpcbClass, _Out_opt_ PFILETIME lpftLastWriteTime)
Definition: reg.c:2527
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:47
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12
KEY_ENUMERATE_SUB_KEYS
#define KEY_ENUMERATE_SUB_KEYS
Definition: nt_native.h:1019

Referenced by WinMain().

◆ PlaySoundRoutine()

BOOL PlaySoundRoutine ( IN LPCWSTR  FileName,
IN UINT  Logon,
IN UINT  Flags 
)

Definition at line 240 of file sas.c.

244 {
245  typedef BOOL (WINAPI *PLAYSOUNDW)(LPCWSTR,HMODULE,DWORD);
246  typedef UINT (WINAPI *WAVEOUTGETNUMDEVS)(VOID);
247  PLAYSOUNDW Play;
248  WAVEOUTGETNUMDEVS waveOutGetNumDevs;
249  UINT NumDevs;
250  HMODULE hLibrary;
251  BOOL Ret = FALSE;
252 
253  hLibrary = LoadLibraryW(L"winmm.dll");
254  if (hLibrary)
255  {
256  waveOutGetNumDevs = (WAVEOUTGETNUMDEVS)GetProcAddress(hLibrary, "waveOutGetNumDevs");
257  if (waveOutGetNumDevs)
258  {
259  NumDevs = waveOutGetNumDevs();
260  if (!NumDevs)
261  {
262  if (!bLogon)
263  {
264  Beep(440, 125);
265  }
266  FreeLibrary(hLibrary);
267  return FALSE;
268  }
269  }
270 
271  Play = (PLAYSOUNDW)GetProcAddress(hLibrary, "PlaySoundW");
272  if (Play)
273  {
274  Ret = Play(FileName, NULL, Flags);
275  }
276  FreeLibrary(hLibrary);
277  }
278 
279  return Ret;
280 }
LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
BOOL
#define BOOL
Definition: nt_native.h:43
DWORD
#define DWORD
Definition: nt_native.h:44
L
#define L(x)
Definition: ntvdm.h:50
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
LoadLibraryW
#define LoadLibraryW(x)
Definition: compat.h:606
_FileName
Definition: filecomp.c:347
waveOutGetNumDevs
UINT WINAPI waveOutGetNumDevs(void)
Definition: winmm.c:2140
FreeLibrary
#define FreeLibrary(x)
Definition: compat.h:607
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
WINAPI
#define WINAPI
Definition: msvc.h:6
VOID
#define VOID
Definition: acefi.h:82
hLibrary
HMODULE hLibrary
Definition: odbccp32.c:12
HMODULE
HANDLE HMODULE
Definition: typedefs.h:77
UINT
unsigned int UINT
Definition: ndis.h:50
NULL
#define NULL
Definition: types.h:112
Beep
BOOL WINAPI Beep(IN DWORD dwFreq, IN DWORD dwDuration)
Definition: deviceio.c:48
GetProcAddress
#define GetProcAddress(x, y)
Definition: compat.h:612

Referenced by HandleMessageBeep(), and PlayLogonSoundThread().

◆ RemoveStatusMessage()

BOOL RemoveStatusMessage ( IN PWLSESSION  Session)

Definition at line 370 of file winlogon.c.

372 {
373  if (Session->Gina.Version < WLX_VERSION_1_3)
374  return TRUE;
375 
376  return Session->Gina.Functions.WlxRemoveStatusMessage(Session->Gina.Context);
377 }
TRUE
#define TRUE
Definition: types.h:120
WLX_VERSION_1_3
#define WLX_VERSION_1_3
Definition: winwlx.h:31

Referenced by DoGenericAction(), HandleLogon(), and WinMain().

◆ RunSetup()

BOOL RunSetup ( VOID  )

Definition at line 153 of file setup.c.

154 {
155  HANDLE hThread;
156 
157  hThread = CreateThread(NULL,
158  0,
159  RunSetupThreadProc,
160  NULL,
161  0,
162  NULL);
163  if (hThread != NULL)
164  CloseHandle(hThread);
165 
166  return hThread != NULL;
167 }
CloseHandle
#define CloseHandle
Definition: compat.h:598
CreateThread
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
RunSetupThreadProc
static DWORD WINAPI RunSetupThreadProc(IN LPVOID lpParameter)
Definition: setup.c:57
NULL
#define NULL
Definition: types.h:112
hThread
HANDLE hThread
Definition: wizard.c:28

Referenced by WinMain().

◆ SetDefaultLanguage()

BOOL SetDefaultLanguage ( IN PWLSESSION  Session)

Definition at line 111 of file sas.c.

113 {
114  BOOL ret = FALSE;
115  BOOL UserProfile;
116  LONG rc;
117  HKEY UserKey, hKey = NULL;
118  LPCWSTR SubKey, ValueName;
119  DWORD dwType, dwSize;
120  LPWSTR Value = NULL;
121  UNICODE_STRING ValueString;
122  NTSTATUS Status;
123  LCID Lcid;
124 
125  UserProfile = (Session && Session->UserToken);
126 
127  if (UserProfile && !ImpersonateLoggedOnUser(Session->UserToken))
128  {
129  ERR("WL: ImpersonateLoggedOnUser() failed with error %lu\n", GetLastError());
130  return FALSE;
131  // FIXME: ... or use the default language of the system??
132  // UserProfile = FALSE;
133  }
134 
135  if (UserProfile)
136  {
137  rc = RegOpenCurrentUser(MAXIMUM_ALLOWED, &UserKey);
138  if (rc != ERROR_SUCCESS)
139  {
140  TRACE("RegOpenCurrentUser() failed with error %lu\n", rc);
141  goto cleanup;
142  }
143 
144  SubKey = L"Control Panel\\International";
145  ValueName = L"Locale";
146  }
147  else
148  {
149  UserKey = NULL;
150  SubKey = L"System\\CurrentControlSet\\Control\\Nls\\Language";
151  ValueName = L"Default";
152  }
153 
154  rc = RegOpenKeyExW(UserKey ? UserKey : HKEY_LOCAL_MACHINE,
155  SubKey,
156  0,
157  KEY_READ,
158  &hKey);
159 
160  if (UserKey)
161  RegCloseKey(UserKey);
162 
163  if (rc != ERROR_SUCCESS)
164  {
165  TRACE("RegOpenKeyEx() failed with error %lu\n", rc);
166  goto cleanup;
167  }
168 
169  rc = RegQueryValueExW(hKey,
170  ValueName,
171  NULL,
172  &dwType,
173  NULL,
174  &dwSize);
175  if (rc != ERROR_SUCCESS)
176  {
177  TRACE("RegQueryValueEx() failed with error %lu\n", rc);
178  goto cleanup;
179  }
180  else if (dwType != REG_SZ)
181  {
182  TRACE("Wrong type for %S\\%S registry entry (got 0x%lx, expected 0x%x)\n",
183  SubKey, ValueName, dwType, REG_SZ);
184  goto cleanup;
185  }
186 
187  Value = HeapAlloc(GetProcessHeap(), 0, dwSize);
188  if (!Value)
189  {
190  TRACE("HeapAlloc() failed\n");
191  goto cleanup;
192  }
193  rc = RegQueryValueExW(hKey,
194  ValueName,
195  NULL,
196  NULL,
197  (LPBYTE)Value,
198  &dwSize);
199  if (rc != ERROR_SUCCESS)
200  {
201  TRACE("RegQueryValueEx() failed with error %lu\n", rc);
202  goto cleanup;
203  }
204 
205  /* Convert Value to a Lcid */
206  ValueString.Length = ValueString.MaximumLength = (USHORT)dwSize;
207  ValueString.Buffer = Value;
208  Status = RtlUnicodeStringToInteger(&ValueString, 16, (PULONG)&Lcid);
209  if (!NT_SUCCESS(Status))
210  {
211  TRACE("RtlUnicodeStringToInteger() failed with status 0x%08lx\n", Status);
212  goto cleanup;
213  }
214 
215  TRACE("%s language is 0x%08lx\n",
216  UserProfile ? "User" : "System", Lcid);
217  Status = NtSetDefaultLocale(UserProfile, Lcid);
218  if (!NT_SUCCESS(Status))
219  {
220  TRACE("NtSetDefaultLocale() failed with status 0x%08lx\n", Status);
221  goto cleanup;
222  }
223 
224  ret = TRUE;
225 
226 cleanup:
227  if (Value)
228  HeapFree(GetProcessHeap(), 0, Value);
229 
230  if (hKey)
231  RegCloseKey(hKey);
232 
233  if (UserProfile)
234  RevertToSelf();
235 
236  return ret;
237 }
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
Lcid
_In_ CONST DEVPROPKEY _In_ LCID Lcid
Definition: iofuncs.h:2414
LPCWSTR
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
_UNICODE_STRING::MaximumLength
USHORT MaximumLength
Definition: env_spec_w32.h:370
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
TRUE
#define TRUE
Definition: types.h:120
RevertToSelf
BOOL WINAPI RevertToSelf(VOID)
Definition: security.c:1610
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
_UNICODE_STRING::Length
USHORT Length
Definition: env_spec_w32.h:369
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
LCID
DWORD LCID
Definition: nls.h:13
L
#define L(x)
Definition: ntvdm.h:50
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
LONG
long LONG
Definition: pedump.c:60
_UNICODE_STRING::Buffer
PWSTR Buffer
Definition: env_spec_w32.h:371
ImpersonateLoggedOnUser
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
Definition: misc.c:152
Value
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _Out_opt_ PUSHORT _Inout_opt_ PUNICODE_STRING Value
Definition: wdfregistry.h:406
Status
Status
Definition: gdiplustypes.h:24
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:595
HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
RegQueryValueExW
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
Definition: reg.c:4120
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NtSetDefaultLocale
NTSTATUS NTAPI NtSetDefaultLocale(IN BOOLEAN UserProfile, IN LCID DefaultLocaleId)
Definition: locale.c:203
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
ValueName
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING ValueName
Definition: wdfregistry.h:240
ret
int ret
Definition: wcstombs-tests.c:31
ERR
#define ERR(fmt,...)
Definition: debug.h:110
_UNICODE_STRING
Definition: env_spec_w32.h:368
USHORT
unsigned short USHORT
Definition: pedump.c:61
hKey
FxAutoRegKey hKey
Definition: fxdriverapikm.cpp:59
PULONG
unsigned int * PULONG
Definition: retypes.h:1
NULL
#define NULL
Definition: types.h:112
RegOpenCurrentUser
LONG WINAPI RegOpenCurrentUser(IN REGSAM samDesired, OUT PHKEY phkResult)
Definition: reg.c:3232
RtlUnicodeStringToInteger
NTSYSAPI NTSTATUS NTAPI RtlUnicodeStringToInteger(PUNICODE_STRING String, ULONG Base, PULONG Value)
RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3356
cleanup
char * cleanup(char *str)
Definition: wpickclick.c:99
LPWSTR
WCHAR * LPWSTR
Definition: xmlstorage.h:184
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:594
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:47
dwSize
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
HKEY_LOCAL_MACHINE
#define HKEY_LOCAL_MACHINE
Definition: winreg.h:12
REG_SZ
#define REG_SZ
Definition: layer.c:22

Referenced by HandleLogon(), and InitializeSAS().

◆ SetWindowStationUser()

BOOL WINAPI SetWindowStationUser ( IN HWINSTA  hWindowStation,
IN PLUID  pluid,
IN PSID psid  OPTIONAL,
IN DWORD  size 
)

Definition at line 419 of file winsta.c.

424 {
425  BOOL Success;
426 
427  Success = NtUserSetWindowStationUser(hWindowStation, pluid, psid, size);
428  if (Success)
429  {
430  /* Signal log-on/off to WINSRV */
431 
432  /* User is logging on if *pluid != LuidNone, otherwise it is a log-off */
433  LUID LuidNone = {0, 0};
434  BOOL IsLogon = (pluid && !RtlEqualLuid(pluid, &LuidNone));
435 
436  Logon(IsLogon);
437  }
438 
439  return Success;
440 }
LuidNone
LUID LuidNone
Definition: sas.c:47
_LUID
Definition: devicetopology.idl:136
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
RtlEqualLuid
#define RtlEqualLuid(Luid1, Luid2)
Definition: rtlfuncs.h:301
size
GLsizeiptr size
Definition: glext.h:5919
Logon
VOID FASTCALL Logon(BOOL IsLogon)
Definition: logon.c:74
NtUserSetWindowStationUser
BOOL NTAPI NtUserSetWindowStationUser(IN HWINSTA hWindowStation, IN PLUID pluid, IN PSID psid OPTIONAL, IN DWORD size)
Definition: winsta.c:1981

Referenced by AllowAccessOnSession(), CreateWindowStationAndDesktops(), HandleLogoff(), and HandleLogon().

◆ StartRpcServer()

BOOL StartRpcServer ( VOID  )

Definition at line 32 of file rpcserver.c.

33 {
34  NTSTATUS Status;
35 
36  Status = lpServiceGlobals->StartRpcServer(L"seclogon", ISeclogon_v1_0_s_ifspec);
37  TRACE("StartRpcServer returned 0x%08lx\n", Status);
38 
39  return RtlNtStatusToDosError(Status);
40 }
lpServiceGlobals
PSVCHOST_GLOBAL_DATA lpServiceGlobals
Definition: seclogon.c:18
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
L
#define L(x)
Definition: ntvdm.h:50
RtlNtStatusToDosError
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
Status
Status
Definition: gdiplustypes.h:24
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_SVCHOST_GLOBAL_DATA::StartRpcServer
PSTART_RPC_SERVER StartRpcServer
Definition: svc.h:114

◆ StartScreenSaver()

VOID StartScreenSaver ( IN PWLSESSION  Session)

Definition at line 257 of file screensaver.c.

259 {
260  HKEY hKey = NULL, hCurrentUser = NULL;
261  WCHAR szApplicationName[MAX_PATH];
262  WCHAR szCommandLine[MAX_PATH + 3];
263  DWORD bufferSize = sizeof(szApplicationName) - sizeof(WCHAR);
264  DWORD dwType;
265  STARTUPINFOW StartupInfo;
266  PROCESS_INFORMATION ProcessInformation;
267  HANDLE HandleArray[2];
268  LONG rc;
269  DWORD Status;
270  BOOL ret = FALSE;
271 
272  if (!ImpersonateLoggedOnUser(Session->UserToken))
273  {
274  ERR("WL: ImpersonateLoggedOnUser() failed with error %lu\n", GetLastError());
275  goto cleanup;
276  }
277 
278  rc = RegOpenCurrentUser(KEY_READ,
279  &hCurrentUser);
280  if (rc != ERROR_SUCCESS)
281  {
282  ERR("WL: RegOpenCurrentUser error %lu\n", rc);
283  goto cleanup;
284  }
285 
286  rc = RegOpenKeyExW(hCurrentUser,
287  L"Control Panel\\Desktop",
288  0,
289  KEY_QUERY_VALUE,
290  &hKey);
291  if (rc != ERROR_SUCCESS)
292  {
293  ERR("WL: RegOpenKeyEx error %lu\n", rc);
294  goto cleanup;
295  }
296 
297  rc = RegQueryValueExW(hKey,
298  L"SCRNSAVE.EXE",
299  0,
300  &dwType,
301  (LPBYTE)szApplicationName,
302  &bufferSize);
303  if (rc != ERROR_SUCCESS || dwType != REG_SZ)
304  {
305  if (rc != ERROR_FILE_NOT_FOUND)
306  ERR("WL: RegQueryValueEx error %lu\n", rc);
307  goto cleanup;
308  }
309 
310  if (bufferSize == 0)
311  {
312  ERR("WL: Buffer size is NULL!\n");
313  goto cleanup;
314  }
315 
316  szApplicationName[bufferSize / sizeof(WCHAR)] = 0; /* Terminate the string */
317 
318  if (wcslen(szApplicationName) == 0)
319  {
320  ERR("WL: Application Name length is zero!\n");
321  goto cleanup;
322  }
323 
324  wsprintfW(szCommandLine, L"%s /s", szApplicationName);
325  TRACE("WL: Executing %S\n", szCommandLine);
326 
327  ZeroMemory(&StartupInfo, sizeof(STARTUPINFOW));
328  ZeroMemory(&ProcessInformation, sizeof(PROCESS_INFORMATION));
329  StartupInfo.cb = sizeof(STARTUPINFOW);
330  StartupInfo.dwFlags = STARTF_SCREENSAVER;
331 
332  /* FIXME: Run the screen saver on the secure screen saver desktop if required */
333  StartupInfo.lpDesktop = L"WinSta0\\Default";
334 
335  ret = CreateProcessAsUserW(Session->UserToken,
336  szApplicationName,
337  szCommandLine,
338  NULL,
339  NULL,
340  FALSE,
341  IDLE_PRIORITY_CLASS,
342  NULL,
343  NULL,
344  &StartupInfo,
345  &ProcessInformation);
346  if (!ret)
347  {
348  ERR("WL: Unable to start %S, error %lu\n", szApplicationName, GetLastError());
349  goto cleanup;
350  }
351 
352  CloseHandle(ProcessInformation.hThread);
353 
354  SystemParametersInfoW(SPI_SETSCREENSAVERRUNNING, TRUE, NULL, 0);
355 
356  CallNotificationDlls(Session, StartScreenSaverHandler);
357 
358  /* Wait the end of the process or some other activity */
359  ResetEvent(Session->hUserActivity);
360  HandleArray[0] = ProcessInformation.hProcess;
361  HandleArray[1] = Session->hUserActivity;
362  Status = WaitForMultipleObjects(2, HandleArray, FALSE, INFINITE);
363  if (Status == WAIT_OBJECT_0 + 1)
364  {
365  /* Kill the screen saver */
366  TerminateProcess(ProcessInformation.hProcess, 0);
367  }
368 
369  SetEvent(Session->hEndOfScreenSaver);
370 
371  CloseHandle(ProcessInformation.hProcess);
372 
373  CallNotificationDlls(Session, StopScreenSaverHandler);
374 
375 cleanup:
376  if (hKey)
377  RegCloseKey(hKey);
378 
379  if (hCurrentUser)
380  RegCloseKey(hCurrentUser);
381 
382  RevertToSelf();
383 
384  if (!ret)
385  {
386  PostMessageW(Session->SASWindow, WLX_WM_SAS, WLX_SAS_TYPE_SCRNSVR_ACTIVITY, 0);
387 #ifndef USE_GETLASTINPUTINFO
388  InterlockedExchange((LONG*)&Session->LastActivity, GetTickCount());
389 #endif
390  }
391 }
wsprintfW
int WINAPIV wsprintfW(_Out_ LPWSTR, _In_ _Printf_format_string_ LPCWSTR,...)
WLX_WM_SAS
#define WLX_WM_SAS
Definition: winwlx.h:71
CloseHandle
#define CloseHandle
Definition: compat.h:598
_STARTUPINFOW
Definition: winbase.h:848
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
WLX_SAS_TYPE_SCRNSVR_ACTIVITY
#define WLX_SAS_TYPE_SCRNSVR_ACTIVITY
Definition: winwlx.h:38
KEY_READ
#define KEY_READ
Definition: nt_native.h:1023
TRUE
#define TRUE
Definition: types.h:120
RevertToSelf
BOOL WINAPI RevertToSelf(VOID)
Definition: security.c:1610
STARTUPINFOW
struct _STARTUPINFOW STARTUPINFOW
GetTickCount
DWORD WINAPI GetTickCount(VOID)
Definition: time.c:455
SetEvent
BOOL WINAPI DECLSPEC_HOTPATCH SetEvent(IN HANDLE hEvent)
Definition: synch.c:733
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
ZeroMemory
#define ZeroMemory
Definition: winbase.h:1667
WaitForMultipleObjects
DWORD WINAPI WaitForMultipleObjects(IN DWORD nCount, IN CONST HANDLE *lpHandles, IN BOOL bWaitAll, IN DWORD dwMilliseconds)
Definition: synch.c:151
_PROCESS_INFORMATION::hThread
HANDLE hThread
Definition: winbase.h:871
L
#define L(x)
Definition: ntvdm.h:50
LPBYTE
unsigned char * LPBYTE
Definition: typedefs.h:53
FALSE
#define FALSE
Definition: types.h:117
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
LONG
long LONG
Definition: pedump.c:60
_STARTUPINFOW::lpDesktop
LPWSTR lpDesktop
Definition: winbase.h:851
ImpersonateLoggedOnUser
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
Definition: misc.c:152
ERROR_FILE_NOT_FOUND
#define ERROR_FILE_NOT_FOUND
Definition: disk.h:79
Status
Status
Definition: gdiplustypes.h:24
SystemParametersInfoW
BOOL WINAPI SystemParametersInfoW(_In_ UINT, _In_ UINT, _Inout_opt_ PVOID, _In_ UINT)
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
_PROCESS_INFORMATION::hProcess
HANDLE hProcess
Definition: winbase.h:870
IDLE_PRIORITY_CLASS
#define IDLE_PRIORITY_CLASS
Definition: winbase.h:182
WAIT_OBJECT_0
#define WAIT_OBJECT_0
Definition: winbase.h:403
_STARTUPINFOW::cb
DWORD cb
Definition: winbase.h:849
RegQueryValueExW
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
Definition: reg.c:4120
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
_PROCESS_INFORMATION
Definition: winbase.h:869
ret
int ret
Definition: wcstombs-tests.c:31
bufferSize
size_t bufferSize
Definition: fxusbdeviceapi.cpp:564
InterlockedExchange
#define InterlockedExchange
Definition: armddk.h:54
CreateProcessAsUserW
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW(_In_opt_ HANDLE hToken, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
Definition: logon.c:993
ERR
#define ERR(fmt,...)
Definition: debug.h:110
CallNotificationDlls
VOID CallNotificationDlls(PWLSESSION pSession, NOTIFICATION_TYPE Type)
Definition: notify.c:380
hKey
FxAutoRegKey hKey
Definition: fxdriverapikm.cpp:59
KEY_QUERY_VALUE
#define KEY_QUERY_VALUE
Definition: nt_native.h:1016
TerminateProcess
BOOL WINAPI TerminateProcess(IN HANDLE hProcess, IN UINT uExitCode)
Definition: proc.c:1532
STARTF_SCREENSAVER
#define STARTF_SCREENSAVER
Definition: undocuser.h:164
NULL
#define NULL
Definition: types.h:112
wcslen
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
ResetEvent
BOOL WINAPI DECLSPEC_HOTPATCH ResetEvent(IN HANDLE hEvent)
Definition: synch.c:714
RegOpenCurrentUser
LONG WINAPI RegOpenCurrentUser(IN REGSAM samDesired, OUT PHKEY phkResult)
Definition: reg.c:3232
PostMessageW
BOOL WINAPI PostMessageW(_In_opt_ HWND, _In_ UINT, _In_ WPARAM, _In_ LPARAM)
RegOpenKeyExW
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
Definition: reg.c:3356
cleanup
char * cleanup(char *str)
Definition: wpickclick.c:99
_STARTUPINFOW::dwFlags
DWORD dwFlags
Definition: winbase.h:860
INFINITE
#define INFINITE
Definition: serial.h:102
RegCloseKey
#define RegCloseKey(hKey)
Definition: registry.h:47
REG_SZ
#define REG_SZ
Definition: layer.c:22

Referenced by DispatchSAS().

◆ StartSystemShutdown()

DWORD StartSystemShutdown ( IN PUNICODE_STRING  pMessage,
IN ULONG  dwTimeout,
IN BOOLEAN  bForceAppsClosed,
IN BOOLEAN  bRebootAfterShutdown,
IN ULONG  dwReason 
)

Definition at line 337 of file shutdown.c.

343 {
344  HANDLE hThread;
345 
346  /* Fail if the timeout is 10 years or more */
347  if (dwTimeout >= SECONDS_PER_DECADE)
348  return ERROR_INVALID_PARAMETER;
349 
350  if (_InterlockedCompareExchange8((volatile char*)&g_ShutdownParams.bShuttingDown, TRUE, FALSE) == TRUE)
351  return ERROR_SHUTDOWN_IN_PROGRESS;
352 
353  if ((dwTimeout != 0) && pMessage && pMessage->Length && pMessage->Buffer)
354  {
355  g_ShutdownParams.pszMessage = HeapAlloc(GetProcessHeap(),
356  HEAP_ZERO_MEMORY,
357  pMessage->Length + sizeof(UNICODE_NULL));
358  if (g_ShutdownParams.pszMessage == NULL)
359  {
360  g_ShutdownParams.bShuttingDown = FALSE;
361  return GetLastError();
362  }
363 
364  wcsncpy(g_ShutdownParams.pszMessage,
365  pMessage->Buffer,
366  pMessage->Length / sizeof(WCHAR));
367  }
368  else
369  {
370  g_ShutdownParams.pszMessage = NULL;
371  }
372 
373  g_ShutdownParams.dwTimeout = dwTimeout;
374  g_ShutdownParams.bForceAppsClosed = bForceAppsClosed;
375  g_ShutdownParams.bRebootAfterShutdown = bRebootAfterShutdown;
376  g_ShutdownParams.dwReason = dwReason;
377 
378  /* If dwTimeout is zero perform an immediate system shutdown,
379  * otherwise display the countdown shutdown dialog. */
380  if (g_ShutdownParams.dwTimeout == 0)
381  {
382  if (DoSystemShutdown(&g_ShutdownParams))
383  return ERROR_SUCCESS;
384  }
385  else
386  {
387  hThread = CreateThread(NULL, 0, InitiateSystemShutdownThread,
388  &g_ShutdownParams, 0, NULL);
389  if (hThread)
390  {
391  CloseHandle(hThread);
392  return ERROR_SUCCESS;
393  }
394  }
395 
396  if (g_ShutdownParams.pszMessage)
397  {
398  HeapFree(GetProcessHeap(), 0, g_ShutdownParams.pszMessage);
399  g_ShutdownParams.pszMessage = NULL;
400  }
401 
402  g_ShutdownParams.bShuttingDown = FALSE;
403  return GetLastError();
404 }
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
CloseHandle
#define CloseHandle
Definition: compat.h:598
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
TRUE
#define TRUE
Definition: types.h:120
ERROR_SHUTDOWN_IN_PROGRESS
#define ERROR_SHUTDOWN_IN_PROGRESS
Definition: winerror.h:651
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1040
g_ShutdownParams
SYS_SHUTDOWN_PARAMS g_ShutdownParams
Definition: shutdown.c:43
_InterlockedCompareExchange8
char _InterlockedCompareExchange8(_Interlocked_operand_ char volatile *_Destination, char _Exchange, char _Comparand)
dwReason
DWORD dwReason
Definition: misc.cpp:154
FALSE
#define FALSE
Definition: types.h:117
UNICODE_NULL
#define UNICODE_NULL
CreateThread
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
Definition: thread.c:137
DoSystemShutdown
static BOOL DoSystemShutdown(IN PSYS_SHUTDOWN_PARAMS pShutdownParams)
Definition: shutdown.c:49
_SYS_SHUTDOWN_PARAMS::bForceAppsClosed
BOOLEAN bForceAppsClosed
Definition: shutdown.c:37
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:595
HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
WCHAR
__wchar_t WCHAR
Definition: xmlstorage.h:180
_SYS_SHUTDOWN_PARAMS::pszMessage
PWSTR pszMessage
Definition: shutdown.c:28
_SYS_SHUTDOWN_PARAMS::dwTimeout
ULONG dwTimeout
Definition: shutdown.c:29
dwTimeout
_In_ void _In_ PCCERT_CONTEXT _In_opt_ LPFILETIME _In_ DWORD _In_ DWORD dwTimeout
Definition: wincrypt.h:6077
wcsncpy
_CRTIMP wchar_t *__cdecl wcsncpy(wchar_t *_Dest, const wchar_t *_Source, size_t _Count)
_SYS_SHUTDOWN_PARAMS::bRebootAfterShutdown
BOOLEAN bRebootAfterShutdown
Definition: shutdown.c:36
NULL
#define NULL
Definition: types.h:112
HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
hThread
HANDLE hThread
Definition: wizard.c:28
_SYS_SHUTDOWN_PARAMS::dwReason
DWORD dwReason
Definition: shutdown.c:38
InitiateSystemShutdownThread
static DWORD WINAPI InitiateSystemShutdownThread(IN LPVOID lpParameter)
Definition: shutdown.c:231
SECONDS_PER_DECADE
#define SECONDS_PER_DECADE
Definition: shutdown.c:22
_SYS_SHUTDOWN_PARAMS::bShuttingDown
BOOLEAN bShuttingDown
Definition: shutdown.c:35
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:594

Referenced by BaseInitiateSystemShutdownEx().

◆ TerminateSystemShutdown()

DWORD TerminateSystemShutdown ( VOID  )

Definition at line 328 of file shutdown.c.

329 {
330  if (_InterlockedCompareExchange8((volatile char*)&g_ShutdownParams.bShuttingDown, FALSE, TRUE) == FALSE)
331  return ERROR_NO_SHUTDOWN_IN_PROGRESS;
332 
333  return ERROR_SUCCESS;
334 }
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
TRUE
#define TRUE
Definition: types.h:120
g_ShutdownParams
SYS_SHUTDOWN_PARAMS g_ShutdownParams
Definition: shutdown.c:43
_InterlockedCompareExchange8
char _InterlockedCompareExchange8(_Interlocked_operand_ char volatile *_Destination, char _Exchange, char _Comparand)
FALSE
#define FALSE
Definition: types.h:117
ERROR_NO_SHUTDOWN_IN_PROGRESS
#define ERROR_NO_SHUTDOWN_IN_PROGRESS
Definition: winerror.h:652
_SYS_SHUTDOWN_PARAMS::bShuttingDown
BOOLEAN bShuttingDown
Definition: shutdown.c:35

Referenced by BaseAbortSystemShutdown().

◆ WINE_DEFAULT_DEBUG_CHANNEL()

WINE_DEFAULT_DEBUG_CHANNEL ( winlogon  )

◆ WlxAssignShellProtection()

int WINAPI WlxAssignShellProtection ( HANDLE  hWlx,
HANDLE  hToken,
HANDLE  hProcess,
HANDLE  hThread 
)

Definition at line 248 of file wlx.c.

253 {
254  UNREFERENCED_PARAMETER(hWlx);
255  UNREFERENCED_PARAMETER(hToken);
256  UNREFERENCED_PARAMETER(hProcess);
257  UNREFERENCED_PARAMETER(hThread);
258 
259  UNIMPLEMENTED;
260  return 0;
261 }
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
hProcess
_In_ BOOL _In_ HANDLE hProcess
Definition: mapping.h:70
hThread
HANDLE hThread
Definition: wizard.c:28
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

◆ WlxChangePasswordNotify()

int WINAPI WlxChangePasswordNotify ( HANDLE  hWlx,
PWLX_MPR_NOTIFY_INFO  pMprInfo,
DWORD  dwChangeInfo 
)

Definition at line 423 of file wlx.c.

427 {
428  UNREFERENCED_PARAMETER(hWlx);
429  UNREFERENCED_PARAMETER(pMprInfo);
430  UNREFERENCED_PARAMETER(dwChangeInfo);
431 
432  UNIMPLEMENTED;
433  return 0;
434 }
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

◆ WlxChangePasswordNotifyEx()

int WINAPI WlxChangePasswordNotifyEx ( HANDLE  hWlx,
PWLX_MPR_NOTIFY_INFO  pMprInfo,
DWORD  dwChangeInfo,
PWSTR  ProviderName,
PVOID  Reserved 
)

Definition at line 495 of file wlx.c.

501 {
502  UNREFERENCED_PARAMETER(hWlx);
503  UNREFERENCED_PARAMETER(pMprInfo);
504  UNREFERENCED_PARAMETER(dwChangeInfo);
505  UNREFERENCED_PARAMETER(ProviderName);
506  UNREFERENCED_PARAMETER(Reserved);
507 
508  UNIMPLEMENTED;
509  return 0;
510 }
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
Reserved
_Reserved_ PVOID Reserved
Definition: winddi.h:3974
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

◆ WlxCloseUserDesktop()

BOOL WINAPI WlxCloseUserDesktop ( HANDLE  hWlx,
PWLX_DESKTOP  pDesktop,
HANDLE  hToken 
)

Definition at line 517 of file wlx.c.

521 {
522  UNREFERENCED_PARAMETER(hWlx);
523  UNREFERENCED_PARAMETER(pDesktop);
524  UNREFERENCED_PARAMETER(hToken);
525 
526  UNIMPLEMENTED;
527  return FALSE;
528 }
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
FALSE
#define FALSE
Definition: types.h:117
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

◆ WlxCreateUserDesktop()

BOOL WINAPI WlxCreateUserDesktop ( HANDLE  hWlx,
HANDLE  hToken,
DWORD  Flags,
PWSTR  pszDesktopName,
PWLX_DESKTOP ppDesktop 
)

Definition at line 473 of file wlx.c.

479 {
480  UNREFERENCED_PARAMETER(hWlx);
481  UNREFERENCED_PARAMETER(hToken);
482  UNREFERENCED_PARAMETER(Flags);
483  UNREFERENCED_PARAMETER(pszDesktopName);
484  UNREFERENCED_PARAMETER(ppDesktop);
485 
486  UNIMPLEMENTED;
487  return FALSE;
488 }
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
FALSE
#define FALSE
Definition: types.h:117
Flags
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

◆ WlxDialogBox()

int WINAPI WlxDialogBox ( HANDLE  hWlx,
HANDLE  hInst,
LPWSTR  lpszTemplate,
HWND  hwndOwner,
DLGPROC  dlgprc 
)

Definition at line 287 of file wlx.c.

293 {
294  UNREFERENCED_PARAMETER(hWlx);
295 
296  TRACE("WlxDialogBox()\n");
297 
298  return (int)WlxDialogBoxParam(hWlx, hInst, lpszTemplate, hwndOwner, dlgprc, 0);
299 }
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
hInst
HINSTANCE hInst
Definition: dxdiag.c:13
WlxDialogBoxParam
int WINAPI WlxDialogBoxParam(HANDLE hWlx, HANDLE hInst, LPWSTR lpszTemplate, HWND hwndOwner, DLGPROC dlgprc, LPARAM dwInitParam)
Definition: wlx.c:306

◆ WlxDialogBoxIndirect()

int WINAPI WlxDialogBoxIndirect ( HANDLE  hWlx,
HANDLE  hInst,
LPCDLGTEMPLATE  hDialogTemplate,
HWND  hwndOwner,
DLGPROC  dlgprc 
)

Definition at line 340 of file wlx.c.

346 {
347  UNREFERENCED_PARAMETER(hWlx);
348 
349  TRACE("WlxDialogBoxIndirect()\n");
350 
351  return (int)WlxDialogBoxIndirectParam(hWlx, hInst, hDialogTemplate, hwndOwner, dlgprc, 0);
352 }
WlxDialogBoxIndirectParam
int WINAPI WlxDialogBoxIndirectParam(HANDLE hWlx, HANDLE hInst, LPCDLGTEMPLATE hDialogTemplate, HWND hwndOwner, DLGPROC dlgprc, LPARAM dwInitParam)
Definition: wlx.c:359
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
hInst
HINSTANCE hInst
Definition: dxdiag.c:13

◆ WlxDialogBoxIndirectParam()

int WINAPI WlxDialogBoxIndirectParam ( HANDLE  hWlx,
HANDLE  hInst,
LPCDLGTEMPLATE  hDialogTemplate,
HWND  hwndOwner,
DLGPROC  dlgprc,
LPARAM  dwInitParam 
)

Definition at line 359 of file wlx.c.

366 {
367  PDIALOG_LIST_ENTRY ListEntry;
368  int ret;
369 
370  UNREFERENCED_PARAMETER(hWlx);
371 
372  TRACE("WlxDialogBoxIndirectParam()\n");
373 
374  ListEntry = AddDialogListEntry();
375  if (ListEntry == NULL)
376  return -1;
377 
378  ListEntry->DlgProc = dlgprc;
379  ListEntry->lParam = dwInitParam;
380 
381  ret = (int)DialogBoxIndirectParamW(hInst, hDialogTemplate, hwndOwner, DefaultWlxWindowProc, (LPARAM)ListEntry);
382 
383  RemoveDialogListEntry(ListEntry);
384 
385  return ret;
386 }
_DIALOG_LIST_ENTRY::DlgProc
DLGPROC DlgProc
Definition: wlx.c:19
_DIALOG_LIST_ENTRY::lParam
LPARAM lParam
Definition: wlx.c:20
RemoveDialogListEntry
static VOID RemoveDialogListEntry(PDIALOG_LIST_ENTRY ListEntry)
Definition: wlx.c:58
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
DefaultWlxWindowProc
static INT_PTR CALLBACK DefaultWlxWindowProc(IN HWND hwndDlg, IN UINT uMsg, IN WPARAM wParam, IN LPARAM lParam)
Definition: wlx.c:117
LPARAM
LONG_PTR LPARAM
Definition: windef.h:208
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
ret
int ret
Definition: wcstombs-tests.c:31
hInst
HINSTANCE hInst
Definition: dxdiag.c:13
DialogBoxIndirectParamW
INT_PTR WINAPI DialogBoxIndirectParamW(_In_opt_ HINSTANCE, _In_ LPCDLGTEMPLATE, _In_opt_ HWND, _In_opt_ DLGPROC, _In_ LPARAM)
_DIALOG_LIST_ENTRY
Definition: wlx.c:15
NULL
#define NULL
Definition: types.h:112
AddDialogListEntry
static PDIALOG_LIST_ENTRY AddDialogListEntry(VOID)
Definition: wlx.c:39
int
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31

Referenced by WlxDialogBoxIndirect().

◆ WlxDialogBoxParam()

int WINAPI WlxDialogBoxParam ( HANDLE  hWlx,
HANDLE  hInst,
LPWSTR  lpszTemplate,
HWND  hwndOwner,
DLGPROC  dlgprc,
LPARAM  dwInitParam 
)

Definition at line 306 of file wlx.c.

313 {
314  PDIALOG_LIST_ENTRY ListEntry;
315  int ret;
316 
317  UNREFERENCED_PARAMETER(hWlx);
318 
319  TRACE("WlxDialogBoxParam()\n");
320 
321  ListEntry = AddDialogListEntry();
322  if (ListEntry == NULL)
323  return -1;
324 
325  ListEntry->DlgProc = dlgprc;
326  ListEntry->lParam = dwInitParam;
327 
328  ret = (int)DialogBoxParamW(hInst, lpszTemplate, hwndOwner, DefaultWlxWindowProc, (LPARAM)ListEntry);
329 
330  RemoveDialogListEntry(ListEntry);
331 
332  return ret;
333 }
_DIALOG_LIST_ENTRY::DlgProc
DLGPROC DlgProc
Definition: wlx.c:19
_DIALOG_LIST_ENTRY::lParam
LPARAM lParam
Definition: wlx.c:20
RemoveDialogListEntry
static VOID RemoveDialogListEntry(PDIALOG_LIST_ENTRY ListEntry)
Definition: wlx.c:58
DialogBoxParamW
INT_PTR WINAPI DialogBoxParamW(_In_opt_ HINSTANCE, _In_ LPCWSTR, _In_opt_ HWND, _In_opt_ DLGPROC, _In_ LPARAM)
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:317
DefaultWlxWindowProc
static INT_PTR CALLBACK DefaultWlxWindowProc(IN HWND hwndDlg, IN UINT uMsg, IN WPARAM wParam, IN LPARAM lParam)
Definition: wlx.c:117
LPARAM
LONG_PTR LPARAM
Definition: windef.h:208
TRACE
#define TRACE(s)
Definition: solgame.cpp:4
ret
int ret
Definition: wcstombs-tests.c:31
hInst
HINSTANCE hInst
Definition: dxdiag.c:13
_DIALOG_LIST_ENTRY
Definition: wlx.c:15
NULL
#define NULL
Definition: types.h:112
AddDialogListEntry
static PDIALOG_LIST_ENTRY AddDialogListEntry(VOID)
Definition: wlx.c:39
int
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31

Referenced by WlxDialogBox().

◆ WlxDisconnect()

BOOL WINAPI WlxDisconnect ( VOID  )

Definition at line 667 of file wlx.c.

668 {
669  UNIMPLEMENTED;
670  return FALSE;
671 }
FALSE
#define FALSE
Definition: types.h:117
UNIMPLEMENTED
#define UNIMPLEMENTED
Definition: debug.h:115

◆ WlxGetOption()