49 TRACE(
"WlxNegotiate(%lx, %p)\n", dwWinlogonVersion, pdwDllVersion);
109 cbData =
sizeof(
DWORD);
128 L"SYSTEM\\CurrentControlSet\\Control",
133 rc =
ReadRegSzValue(ControlKey,
L"SystemStartOptions", &SystemStartOptions);
138 CurrentOption = SystemStartOptions;
139 while (CurrentOption)
144 if (
_wcsicmp(CurrentOption,
L"CONSOLE") == 0)
146 TRACE(
"Found %S. Switching to console boot\n", CurrentOption);
159 if (ControlKey !=
NULL)
172 pInput->Buffer, pInput->Length,
218 DWORD dwDisableCAD = 0;
223 L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",
229 WARN(
"RegOpenKeyExW() failed with error %lu\n", rc);
238 if (
wcscmp(lpAutoAdminLogon,
L"1") == 0)
249 if (dwDisableCAD != 0)
257 L"ShutdownWithoutLogon",
258 &lpShutdownWithoutLogon);
261 if (
wcscmp(lpShutdownWithoutLogon,
L"0") == 0)
266 L"DontDisplayLastUserName",
267 &lpDontDisplayLastUserName);
270 if (
wcscmp(lpDontDisplayLastUserName,
L"1") == 0)
275 L"IgnoreShiftOverride",
276 &lpIgnoreShiftOverride);
279 if (
wcscmp(lpIgnoreShiftOverride,
L"1") == 0)
293 L"DefaultDomainName",
309 if (lpIgnoreShiftOverride !=
NULL)
312 if (lpShutdownWithoutLogon !=
NULL)
315 if (lpDontDisplayLastUserName !=
NULL)
318 if (lpAutoAdminLogon !=
NULL)
343 if(themeWait && themeWatch)
358 PVOID pWinlogonFunctions,
370 WARN(
"LocalAlloc() failed\n");
376 WARN(
"GetRegistrySettings() failed\n");
382 *pWlxContext = (
PVOID)pgContext;
389 pgContext->
hWlx = hWlx;
426 TRACE(
"(%p %p)\n", pWlxContext, pSecure);
439 ERR(
"WL: ImpersonateLoggedOnUser() failed with error %lu\n",
GetLastError());
446 TRACE(
"RegOpenCurrentUser: %ld\n", rc);
451 L"Control Panel\\Desktop",
455 TRACE(
"RegOpenKeyExW: %ld\n", rc);
463 L"ScreenSaverIsSecure",
469 TRACE(
"RegQueryValueExW: %ld\n", rc);
473 TRACE(
"szBuffer: \"%S\"\n", szBuffer);
474 *pSecure =
_wtoi(szBuffer);
483 TRACE(
"*pSecure: %ld\n", *pSecure);
497 PWSTR pszDesktopName,
512 ERR(
"GetWindowsDirectoryW() failed\n");
523 ZeroMemory(&StartupInfo,
sizeof(StartupInfo));
524 ZeroMemory(&ProcessInformation,
sizeof(ProcessInformation));
525 StartupInfo.
cb =
sizeof(StartupInfo);
526 StartupInfo.
lpTitle = pszCmdLine;
534 ERR(
"GetWindowsDirectoryW() failed\n");
548 &ProcessInformation);
563 PWSTR pszDesktopName,
564 PWSTR pszMprLogonScript,
574 TRACE(
"WlxActivateUserShell()\n");
581 L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",
587 WARN(
"RegOpenKeyExW() failed with error %lu\n", rc);
603 WARN(
"RegQueryValueExW() failed with error %lu\n", rc);
611 WARN(
"ExpandEnvironmentStringsW() failed. Required size %lu\n",
len);
631 TRACE(
"WlxLoggedOnSAS(0x%lx)\n", dwSasType);
645 FIXME(
"WlxLoggedOnSAS: SasType WLX_SAS_TYPE_SC_INSERT not supported!\n");
650 FIXME(
"WlxLoggedOnSAS: SasType WLX_SAS_TYPE_SC_REMOVE not supported!\n");
655 WARN(
"WlxLoggedOnSAS: Unknown SasType: 0x%x\n", dwSasType);
676 TRACE(
"WlxDisplayStatusMessage(\"%S\")\n", pMessage);
690 TRACE(
"WlxRemoveStatusMessage()\n");
730 WARN(
"ConnectToLsa() failed\n");
735 pgContext->AuthenticationPackage,
739 &pgContext->UserToken,
743 WARN(
"MyLogonUser() failed\n");
754 TRACE(
"NtQueryInformationToken() failed (Status 0x%08lx)\n",
Status);
761 TRACE(
"HeapAlloc() failed\n");
772 TRACE(
"NtQueryInformationToken() failed (Status 0x%08lx)\n",
Status);
780 TRACE(
"Member of Admins group\n");
810 WARN(
"ConnectToLsa() failed (Status 0x%08lx)\n",
Status);
815 pgContext->AuthenticationPackage,
819 &pgContext->UserToken,
823 WARN(
"MyLogonUser() failed (Status 0x%08lx)\n",
Status);
841 DWORD cbStats, cbSize;
849 wcscpy(pgContext->UserName, UserName);
857 wcscpy(pgContext->DomainName, Domain);
868 WARN(
"HeapAlloc() failed\n");
875 WARN(
"GetUserProfileDirectoryW() failed\n");
883 WARN(
"HeapAlloc() failed\n");
889 cbSize =
sizeof(
L"LOGONSERVER=\\\\") +
895 WARN(
"HeapAlloc() failed\n");
899 StringCbPrintfW(lpEnvironment, cbSize,
L"LOGONSERVER=\\\\%ls", pgContext->DomainName);
911 WARN(
"Couldn't get Authentication id from user token!\n");
919 pgContext->pMprNotifyInfo->pszOldPassword =
NULL;
920 *pgContext->pdwOptions = 0;
921 *pgContext->pProfile = pProfile;
944 TRACE(
"WlxDisplaySASNotice(%p)\n", pWlxContext);
974 TRACE(
"WlxDisplaySASNotice() done\n");
994 TRACE(
"WlxLoggedOutSAS()\n");
1020 TRACE(
"WlxWkstaLockedSAS()\n");
1037 TRACE(
"WlxDisplayLockedNotice()\n");
1056 TRACE(
"WlxIsLogoffOk()\n");
1071 TRACE(
"WlxLogoff(%p)\n", pWlxContext);
1093 TRACE(
"WlxShutdown(%p %lx)\n", pWlxContext, ShutdownType);
1100 ERR(
"LsaDeregisterLogonProcess failed (Status 0x%08lx)\n",
Status);
WCHAR CurrentDirectory[1024]
#define RegCloseKey(hKey)
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
IN PUNICODE_STRING IN POBJECT_ATTRIBUTES ObjectAttributes
#define ERROR_NOT_ENOUGH_MEMORY
#define ERROR_INSUFFICIENT_BUFFER
#define NT_SUCCESS(StatCode)
BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessAsUserW(_In_opt_ HANDLE hToken, _In_opt_ LPCWSTR lpApplicationName, _Inout_opt_ LPWSTR lpCommandLine, _In_opt_ LPSECURITY_ATTRIBUTES lpProcessAttributes, _In_opt_ LPSECURITY_ATTRIBUTES lpThreadAttributes, _In_ BOOL bInheritHandles, _In_ DWORD dwCreationFlags, _In_opt_ LPVOID lpEnvironment, _In_opt_ LPCWSTR lpCurrentDirectory, _In_ LPSTARTUPINFOW lpStartupInfo, _Out_ LPPROCESS_INFORMATION lpProcessInformation)
LONG WINAPI RegOpenKeyExW(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
LONG WINAPI RegOpenCurrentUser(IN REGSAM samDesired, OUT PHKEY phkResult)
LONG WINAPI RegQueryValueExW(_In_ HKEY hkeyorg, _In_ LPCWSTR name, _In_ LPDWORD reserved, _In_ LPDWORD type, _In_ LPBYTE data, _In_ LPDWORD count)
NTSTATUS WINAPI LsaOpenPolicy(IN PLSA_UNICODE_STRING SystemName OPTIONAL, IN PLSA_OBJECT_ATTRIBUTES ObjectAttributes, IN ACCESS_MASK DesiredAccess, OUT PLSA_HANDLE PolicyHandle)
NTSTATUS WINAPI LsaFreeMemory(IN PVOID Buffer)
NTSTATUS WINAPI LsaRetrievePrivateData(IN LSA_HANDLE PolicyHandle, IN PLSA_UNICODE_STRING KeyName, OUT PLSA_UNICODE_STRING *PrivateData)
NTSTATUS WINAPI LsaClose(IN LSA_HANDLE ObjectHandle)
BOOL WINAPI ImpersonateLoggedOnUser(HANDLE hToken)
BOOL WINAPI GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength)
BOOL WINAPI DuplicateTokenEx(IN HANDLE ExistingTokenHandle, IN DWORD dwDesiredAccess, IN LPSECURITY_ATTRIBUTES lpTokenAttributes OPTIONAL, IN SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, IN TOKEN_TYPE TokenType, OUT PHANDLE DuplicateTokenHandle)
#define ERROR_INVALID_PARAMETER
#define DLL_PROCESS_ATTACH
#define DLL_PROCESS_DETACH
#define GetProcAddress(x, y)
#define HeapFree(x, y, z)
static DWORD DWORD * dwLength
static void cleanup(void)
DWORD WINAPI ExpandEnvironmentStringsW(IN LPCWSTR lpSrc, IN LPWSTR lpDst, IN DWORD nSize)
UINT WINAPI GetWindowsDirectoryW(OUT LPWSTR lpBuffer, IN UINT uSize)
VOID WINAPI GetLocalTime(OUT LPSYSTEMTIME lpSystemTime)
NTSTATUS MyLogonUser(HANDLE LsaHandle, ULONG AuthenticationPackage, LPWSTR lpszUsername, LPWSTR lpszDomain, LPWSTR lpszPassword, PHANDLE phToken, PNTSTATUS SubStatus)
NTSTATUS ConnectToLsa(PGINA_CONTEXT pgContext)
BOOL WINAPI GetProfilesDirectoryW(_Out_ LPWSTR lpProfilesDir, _Inout_ LPDWORD lpcchSize)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
HLOCAL NTAPI LocalAlloc(UINT uFlags, SIZE_T dwBytes)
HLOCAL NTAPI LocalFree(HLOCAL hMem)
_Check_return_ _CRTIMP int __cdecl _wtoi(_In_z_ const wchar_t *_Str)
_CRTIMP size_t __cdecl wcslen(_In_z_ const wchar_t *_Str)
static IN DWORD IN LPVOID lpvReserved
#define memcpy(s1, s2, n)
static char * NextOption(const char *const ostr)
#define ERROR_FILE_NOT_FOUND
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
static LPCSTR DWORD void * pvReserved
static HMODULE MODULEINFO DWORD cb
BOOL WINAPI WlxNegotiate(IN DWORD dwWinlogonVersion, OUT PDWORD pdwDllVersion)
static SID_IDENTIFIER_AUTHORITY SystemAuthority
static PWSTR DuplicationString(PWSTR Str)
VOID WINAPI WlxDisplaySASNotice(IN PVOID pWlxContext)
BOOL WINAPI WlxIsLogoffOk(PVOID pWlxContext)
BOOL WINAPI WlxInitialize(LPWSTR lpWinsta, HANDLE hWlx, PVOID pvReserved, PVOID pWinlogonFunctions, PVOID *pWlxContext)
static BOOL GetLsaDefaultPassword(_Inout_ PGINA_CONTEXT pgContext)
static BOOL GetRegistrySettings(PGINA_CONTEXT pgContext)
static VOID ChooseGinaUI(VOID)
LONG ReadRegSzValue(IN HKEY hKey, IN LPCWSTR pszValue, OUT LPWSTR *pValue)
BOOL WINAPI WlxActivateUserShell(PVOID pWlxContext, PWSTR pszDesktopName, PWSTR pszMprLogonScript, PVOID pEnvironment)
int WINAPI WlxLoggedOnSAS(PVOID pWlxContext, DWORD dwSasType, PVOID pReserved)
DWORD(WINAPI * pThemeWait)(DWORD dwTimeout)
BOOL CreateProfile(IN OUT PGINA_CONTEXT pgContext, IN PWSTR UserName, IN PWSTR Domain, IN PWSTR Password)
BOOL WINAPI DllMain(IN HINSTANCE hinstDLL, IN DWORD dwReason, IN LPVOID lpvReserved)
VOID WINAPI WlxDisplayLockedNotice(PVOID pWlxContext)
INT WINAPI WlxLoggedOutSAS(IN PVOID pWlxContext, IN DWORD dwSasType, OUT PLUID pAuthenticationId, IN OUT PSID pLogonSid, OUT PDWORD pdwOptions, OUT PHANDLE phToken, OUT PWLX_MPR_NOTIFY_INFO pMprNotifyInfo, OUT PVOID *pProfile)
static BOOL SafeGetUnicodeString(_In_ const LSA_UNICODE_STRING *pInput, _Out_ PWSTR pszOutput, _In_ SIZE_T cchMax)
static void InitThemeSupport(VOID)
BOOL WINAPI WlxScreenSaverNotify(PVOID pWlxContext, BOOL *pSecure)
VOID WINAPI WlxLogoff(PVOID pWlxContext)
BOOL(WINAPI * pThemeWatch)(void)
VOID WINAPI WlxShutdown(PVOID pWlxContext, DWORD ShutdownType)
BOOL WINAPI WlxRemoveStatusMessage(IN PVOID pWlxContext)
static LONG ReadRegDwordValue(IN HKEY hKey, IN LPCWSTR pszValue, OUT LPDWORD pValue)
BOOL DoAdminUnlock(IN PGINA_CONTEXT pgContext, IN PWSTR UserName, IN PWSTR Domain, IN PWSTR Password)
NTSTATUS DoLoginTasks(IN OUT PGINA_CONTEXT pgContext, IN PWSTR UserName, IN PWSTR Domain, IN PWSTR Password, OUT PNTSTATUS SubStatus)
int WINAPI WlxWkstaLockedSAS(PVOID pWlxContext, DWORD dwSasType)
BOOL WINAPI WlxStartApplication(PVOID pWlxContext, PWSTR pszDesktopName, PVOID pEnvironment, PWSTR pszCmdLine)
BOOL WINAPI WlxDisplayStatusMessage(IN PVOID pWlxContext, IN HDESK hDesktop, IN DWORD dwOptions, IN PWSTR pTitle, IN PWSTR pMessage)
struct GINA_CONTEXT * PGINA_CONTEXT
NTSYSAPI PVOID NTAPI RtlFreeSid(_In_ _Post_invalid_ PSID Sid)
NTSYSAPI BOOLEAN NTAPI RtlEqualSid(_In_ PSID Sid1, _In_ PSID Sid2)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
#define UNREFERENCED_PARAMETER(P)
_IRQL_requires_same_ _In_ PLSA_STRING _In_ SECURITY_LOGON_TYPE _In_ ULONG _In_ ULONG _In_opt_ PTOKEN_GROUPS _In_ PTOKEN_SOURCE _Out_ PVOID _Out_ PULONG _Inout_ PLUID _Out_ PHANDLE _Out_ PQUOTA_LIMITS _Out_ PNTSTATUS SubStatus
NTSYSAPI NTSTATUS NTAPI RtlAllocateAndInitializeSid(IN PSID_IDENTIFIER_AUTHORITY IdentifierAuthority, IN UCHAR SubAuthorityCount, IN ULONG SubAuthority0, IN ULONG SubAuthority1, IN ULONG SubAuthority2, IN ULONG SubAuthority3, IN ULONG SubAuthority4, IN ULONG SubAuthority5, IN ULONG SubAuthority6, IN ULONG SubAuthority7, OUT PSID *Sid)
#define POLICY_GET_PRIVATE_INFORMATION
NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE)
#define STRSAFE_NULL_ON_FAILURE
#define STRSAFE_NO_TRUNCATION
_Check_return_ _CRTIMP int __cdecl _wcsicmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
_Check_return_ _CRTIMP int __cdecl wcscmp(_In_z_ const wchar_t *_Str1, _In_z_ const wchar_t *_Str2)
#define STATUS_BUFFER_TOO_SMALL
STRSAFEAPI StringCbPrintfW(STRSAFE_LPWSTR pszDest, size_t cbDest, STRSAFE_LPCWSTR pszFormat,...)
STRSAFEAPI StringCbCopyNExW(STRSAFE_LPWSTR pszDest, size_t cbDest, STRSAFE_LPCWSTR pszSrc, size_t cbToCopy, STRSAFE_LPWSTR *ppszDestEnd, size_t *pcbRemaining, STRSAFE_DWORD dwFlags)
BOOL bIgnoreShiftOverride
BOOL bDontDisplayLastUserName
BOOL bShutdownWithoutLogon
ULONG AuthenticationPackage
PWLX_MPR_NOTIFY_INFO pMprNotifyInfo
PWLX_DISPATCH_VERSION_1_3 pWlxFuncs
PFGINA_LOGGEDOUTSAS LoggedOutSAS
PFGINA_LOCKEDSAS LockedSAS
PFGINA_DISPLAYLOCKEDNOTICE DisplayLockedNotice
PFGINA_DISPLAYSASNOTICE DisplaySASNotice
PFGINA_LOGGEDONSAS LoggedOnSAS
PFGINA_REMOVESTATUSMESSAGE RemoveStatusMessage
PFGINA_DISPLAYSTATUSMESSAGE DisplayStatusMessage
PFGINA_INITIALIZE Initialize
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY]
PWLX_SAS_NOTIFY WlxSasNotify
PWLX_USE_CTRL_ALT_DEL WlxUseCtrlAltDel
_Must_inspect_result_ __kernel_entry NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _Out_writes_bytes_to_opt_(TokenInformationLength, *ReturnLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength, _Out_ PULONG ReturnLength)
Queries a specific type of information in regard of an access token based upon the information class....
_Must_inspect_result_ _In_ WDFDEVICE _In_ PWDF_DEVICE_PROPERTY_DATA _In_ DEVPROPTYPE _In_ ULONG Size
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _In_ ULONG _Out_opt_ PULONG _Out_opt_ PULONG ValueType
_Must_inspect_result_ _In_ WDFKEY _In_ PCUNICODE_STRING _Out_opt_ PUSHORT _Inout_opt_ PUNICODE_STRING Value
_In_opt_ LPSTR _In_opt_ LPSTR _In_ DWORD _In_ DWORD _Out_opt_ PHANDLE phToken
DWORD WINAPI GetLastError(void)
#define STARTF_USESHOWWINDOW
#define CREATE_UNICODE_ENVIRONMENT
BOOL WINAPI RevertToSelf(void)
_In_ void _In_ PCCERT_CONTEXT _In_opt_ LPFILETIME _In_ DWORD _In_ DWORD dwTimeout
#define HKEY_LOCAL_MACHINE
int WINAPI GetSystemMetrics(_In_ int)
SHORT WINAPI GetKeyState(_In_ int)
#define WLX_SAS_TYPE_TIMEOUT
#define WLX_SAS_ACTION_NONE
#define WLX_SAS_TYPE_CTRL_ALT_DEL
#define WLX_PROFILE_TYPE_V2_0
struct _WLX_DISPATCH_VERSION_1_3 * PWLX_DISPATCH_VERSION_1_3
#define WLX_SAS_ACTION_SHUTDOWN_POWER_OFF
#define WLX_SAS_TYPE_SC_INSERT
#define WLX_SAS_TYPE_SC_REMOVE
#define SECURITY_BUILTIN_DOMAIN_RID
#define SECURITY_NULL_RID
#define SECURITY_NT_AUTHORITY
#define DOMAIN_ALIAS_RID_ADMINS