2 * COPYRIGHT: See COPYING in the top level directory
3 * PROJECT: ReactOS Winlogon
4 * FILE: base/system/winlogon/wlx.c
6 * PROGRAMMERS: Thomas Weidenmueller (w3seek@users.sourceforge.net)
7 * Ge van Geldorp (gvg@reactos.com)
8 * Hervé Poussineau (hpoussin@reactos.org)
11 /* INCLUDES *****************************************************************/
15 WINE_DEFAULT_DEBUG_CHANNEL(winlogon
);
17 #define DESKTOP_ALL (DESKTOP_READOBJECTS | DESKTOP_CREATEWINDOW | \
18 DESKTOP_CREATEMENU | DESKTOP_HOOKCONTROL | DESKTOP_JOURNALRECORD | \
19 DESKTOP_JOURNALPLAYBACK | DESKTOP_ENUMERATE | DESKTOP_WRITEOBJECTS | \
20 DESKTOP_SWITCHDESKTOP | STANDARD_RIGHTS_REQUIRED)
22 #define WINSTA_ALL (WINSTA_ENUMDESKTOPS | WINSTA_READATTRIBUTES | \
23 WINSTA_ACCESSCLIPBOARD | WINSTA_CREATEDESKTOP | \
24 WINSTA_WRITEATTRIBUTES | WINSTA_ACCESSGLOBALATOMS | \
25 WINSTA_EXITWINDOWS | WINSTA_ENUMERATE | WINSTA_READSCREEN | \
26 STANDARD_RIGHTS_REQUIRED)
28 #define GENERIC_ACCESS (GENERIC_READ | GENERIC_WRITE | \
29 GENERIC_EXECUTE | GENERIC_ALL)
31 /* GLOBALS ******************************************************************/
33 static DLGPROC PreviousWindowProc
;
34 static UINT_PTR IdTimer
;
36 /* FUNCTIONS ****************************************************************/
38 static INT_PTR CALLBACK
45 if (uMsg
== WM_TIMER
&& (UINT_PTR
)wParam
== IdTimer
)
47 EndDialog(hwndDlg
, -1);
48 KillTimer(hwndDlg
, IdTimer
);
51 else if (uMsg
== WM_INITDIALOG
)
53 IdTimer
= SetTimer(hwndDlg
, 0, WLSession
->DialogTimeout
* 1000, NULL
);
54 return PreviousWindowProc(hwndDlg
, uMsg
, wParam
, lParam
);
56 else if (uMsg
== WM_NCDESTROY
)
59 ret
= PreviousWindowProc(hwndDlg
, uMsg
, wParam
, lParam
);
60 PreviousWindowProc
= NULL
;
65 return PreviousWindowProc(hwndDlg
, uMsg
, wParam
, lParam
);
78 TRACE("WlxUseCtrlAltDel()\n");
80 WlxSetOption(hWlx
, WLX_OPTION_USE_CTRL_ALT_DEL
, TRUE
, &OldValue
);
93 TRACE("WlxSetContextPointer(%p)\n", pWlxContext
);
95 WlxSetOption(hWlx
, WLX_OPTION_CONTEXT_POINTER
, (ULONG_PTR
)pWlxContext
, &OldValue
);
106 PWLSESSION Session
= (PWLSESSION
)hWlx
;
108 TRACE("WlxSasNotify(0x%lx)\n", dwSasType
);
110 if (dwSasType
== WLX_SAS_TYPE_CTRL_ALT_DEL
|| dwSasType
> WLX_SAS_TYPE_MAX_MSFT_VALUE
)
111 PostMessageW(Session
->SASWindow
, WLX_WM_SAS
, dwSasType
, 0);
122 PWLSESSION Session
= (PWLSESSION
)hWlx
;
124 TRACE("WlxSetTimeout(%lu)\n", Timeout
);
126 Session
->DialogTimeout
= Timeout
;
134 WlxAssignShellProtection(
140 UNREFERENCED_PARAMETER(hWlx
);
141 UNREFERENCED_PARAMETER(hToken
);
142 UNREFERENCED_PARAMETER(hProcess
);
143 UNREFERENCED_PARAMETER(hThread
);
160 UNREFERENCED_PARAMETER(hWlx
);
162 TRACE("WlxMessageBox()\n");
163 /* FIXME: Provide a custom window proc to be able to handle timeout */
164 return MessageBoxW(hwndOwner
, lpszText
, lpszTitle
, fuStyle
);
178 UNREFERENCED_PARAMETER(hWlx
);
180 TRACE("WlxDialogBox()\n");
182 if (PreviousWindowProc
!= NULL
)
184 PreviousWindowProc
= dlgprc
;
185 return (int)DialogBoxW((HINSTANCE
) hInst
, lpszTemplate
, hwndOwner
, DefaultWlxWindowProc
);
200 UNREFERENCED_PARAMETER(hWlx
);
202 TRACE("WlxDialogBoxParam()\n");
204 if (PreviousWindowProc
!= NULL
)
206 PreviousWindowProc
= dlgprc
;
207 return (int)DialogBoxParamW(hInst
, lpszTemplate
, hwndOwner
, DefaultWlxWindowProc
, dwInitParam
);
214 WlxDialogBoxIndirect(
217 LPCDLGTEMPLATE hDialogTemplate
,
221 UNREFERENCED_PARAMETER(hWlx
);
223 TRACE("WlxDialogBoxIndirect()\n");
225 if (PreviousWindowProc
!= NULL
)
227 PreviousWindowProc
= dlgprc
;
228 return (int)DialogBoxIndirectW(hInst
, hDialogTemplate
, hwndOwner
, DefaultWlxWindowProc
);
235 WlxDialogBoxIndirectParam(
238 LPCDLGTEMPLATE hDialogTemplate
,
243 UNREFERENCED_PARAMETER(hWlx
);
245 TRACE("WlxDialogBoxIndirectParam()\n");
247 if (PreviousWindowProc
!= NULL
)
249 PreviousWindowProc
= dlgprc
;
250 return (int)DialogBoxIndirectParamW(hInst
, hDialogTemplate
, hwndOwner
, DefaultWlxWindowProc
, dwInitParam
);
257 WlxSwitchDesktopToUser(
260 PWLSESSION Session
= (PWLSESSION
)hWlx
;
262 TRACE("WlxSwitchDesktopToUser()\n");
264 return (int)SwitchDesktop(Session
->ApplicationDesktop
);
271 WlxSwitchDesktopToWinlogon(
274 PWLSESSION Session
= (PWLSESSION
)hWlx
;
276 TRACE("WlxSwitchDesktopToWinlogon()\n");
278 return (int)SwitchDesktop(Session
->WinlogonDesktop
);
285 WlxChangePasswordNotify(
287 PWLX_MPR_NOTIFY_INFO pMprInfo
,
290 UNREFERENCED_PARAMETER(hWlx
);
291 UNREFERENCED_PARAMETER(pMprInfo
);
292 UNREFERENCED_PARAMETER(dwChangeInfo
);
304 PWLX_DESKTOP
* ppDesktop
)
306 UNREFERENCED_PARAMETER(hWlx
);
307 UNREFERENCED_PARAMETER(ppDesktop
);
319 PWLX_DESKTOP pDesktop
)
321 UNREFERENCED_PARAMETER(hWlx
);
322 UNREFERENCED_PARAMETER(pDesktop
);
332 WlxCreateUserDesktop(
336 PWSTR pszDesktopName
,
337 PWLX_DESKTOP
* ppDesktop
)
339 UNREFERENCED_PARAMETER(hWlx
);
340 UNREFERENCED_PARAMETER(hToken
);
341 UNREFERENCED_PARAMETER(Flags
);
342 UNREFERENCED_PARAMETER(pszDesktopName
);
343 UNREFERENCED_PARAMETER(ppDesktop
);
353 WlxChangePasswordNotifyEx(
355 PWLX_MPR_NOTIFY_INFO pMprInfo
,
360 UNREFERENCED_PARAMETER(hWlx
);
361 UNREFERENCED_PARAMETER(pMprInfo
);
362 UNREFERENCED_PARAMETER(dwChangeInfo
);
363 UNREFERENCED_PARAMETER(ProviderName
);
364 UNREFERENCED_PARAMETER(Reserved
);
376 PWLX_DESKTOP pDesktop
,
379 UNREFERENCED_PARAMETER(hWlx
);
380 UNREFERENCED_PARAMETER(pDesktop
);
381 UNREFERENCED_PARAMETER(hToken
);
397 PWLSESSION Session
= (PWLSESSION
)hWlx
;
399 TRACE("WlxSetOption(%lu)\n", Option
);
403 case WLX_OPTION_USE_CTRL_ALT_DEL
:
404 *OldValue
= (ULONG_PTR
)Session
->Gina
.UseCtrlAltDelete
;
405 Session
->Gina
.UseCtrlAltDelete
= (BOOL
)Value
;
407 case WLX_OPTION_CONTEXT_POINTER
:
408 *OldValue
= (ULONG_PTR
)Session
->Gina
.Context
;
409 Session
->Gina
.Context
= (PVOID
)Value
;
411 case WLX_OPTION_USE_SMART_CARD
:
428 PWLSESSION Session
= (PWLSESSION
)hWlx
;
430 TRACE("WlxGetOption(%lu)\n", Option
);
434 case WLX_OPTION_USE_CTRL_ALT_DEL
:
435 *Value
= (ULONG_PTR
)Session
->Gina
.UseCtrlAltDelete
;
437 case WLX_OPTION_CONTEXT_POINTER
:
439 *Value
= (ULONG_PTR
)Session
->Gina
.Context
;
442 case WLX_OPTION_USE_SMART_CARD
:
443 case WLX_OPTION_SMART_CARD_PRESENT
:
444 case WLX_OPTION_SMART_CARD_INFO
:
447 case WLX_OPTION_DISPATCH_TABLE_SIZE
:
449 switch (Session
->Gina
.Version
)
451 case WLX_VERSION_1_0
:
452 *Value
= sizeof(WLX_DISPATCH_VERSION_1_0
);
454 case WLX_VERSION_1_1
:
455 *Value
= sizeof(WLX_DISPATCH_VERSION_1_1
);
457 case WLX_VERSION_1_2
:
458 *Value
= sizeof(WLX_DISPATCH_VERSION_1_2
);
460 case WLX_VERSION_1_3
:
461 *Value
= sizeof(WLX_DISPATCH_VERSION_1_3
);
463 case WLX_VERSION_1_4
:
464 *Value
= sizeof(WLX_DISPATCH_VERSION_1_4
);
483 UNREFERENCED_PARAMETER(hWlx
);
492 WlxQueryClientCredentials(
493 PWLX_CLIENT_CREDENTIALS_INFO_V1_0 pCred
)
495 UNREFERENCED_PARAMETER(pCred
);
505 WlxQueryInetConnectorCredentials(
506 PWLX_CLIENT_CREDENTIALS_INFO_V1_0 pCred
)
508 UNREFERENCED_PARAMETER(pCred
);
528 WlxQueryTerminalServicesData(
530 PWLX_TERMINAL_SERVICES_DATA pTSData
,
534 UNREFERENCED_PARAMETER(hWlx
);
535 UNREFERENCED_PARAMETER(pTSData
);
536 UNREFERENCED_PARAMETER(UserName
);
537 UNREFERENCED_PARAMETER(Domain
);
547 WlxQueryConsoleSwitchCredentials(
548 PWLX_CONSOLESWITCH_CREDENTIALS_INFO_V1_0 pCred
)
550 UNREFERENCED_PARAMETER(pCred
);
560 WlxQueryTsLogonCredentials(
561 PWLX_CLIENT_CREDENTIALS_INFO_V2_0 pCred
)
563 UNREFERENCED_PARAMETER(pCred
);
570 WLX_DISPATCH_VERSION_1_4 FunctionTable
= {
572 WlxSetContextPointer
,
575 WlxAssignShellProtection
,
579 WlxDialogBoxIndirect
,
580 WlxDialogBoxIndirectParam
,
581 WlxSwitchDesktopToUser
,
582 WlxSwitchDesktopToWinlogon
,
583 WlxChangePasswordNotify
,
586 WlxCreateUserDesktop
,
587 WlxChangePasswordNotifyEx
,
592 WlxQueryClientCredentials
,
593 WlxQueryInetConnectorCredentials
,
595 WlxQueryTerminalServicesData
,
596 WlxQueryConsoleSwitchCredentials
,
597 WlxQueryTsLogonCredentials
600 /******************************************************************************/
611 Status
= RegOpenKeyExW(
613 L
"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon",
617 if (Status
!= ERROR_SUCCESS
)
620 wcsncpy(Path
, L
"msgina.dll", Len
);
624 Size
= Len
* sizeof(WCHAR
);
625 Status
= RegQueryValueExW(
632 if (Status
!= ERROR_SUCCESS
|| Type
!= REG_SZ
|| Size
== 0)
633 wcsncpy(Path
, L
"msgina.dll", Len
);
639 DefaultWlxScreenSaverNotify(
640 IN PVOID pWlxContext
,
641 IN OUT BOOL
*pSecure
)
644 *pSecure
= WLSession
->Gina
.Functions
.WlxIsLogoffOk(pWlxContext
);
650 IN OUT PGINAFUNCTIONS Functions
,
651 OUT DWORD
*DllVersion
,
652 OUT HMODULE
*GinaInstance
)
654 HMODULE hGina
= NULL
;
655 WCHAR GinaDll
[MAX_PATH
+ 1];
659 if (!GetGinaPath(GinaDll
, MAX_PATH
))
661 /* Terminate string */
662 GinaDll
[MAX_PATH
] = '\0';
664 hGina
= LoadLibraryW(GinaDll
);
668 Functions
->WlxNegotiate
= (PFWLXNEGOTIATE
)GetProcAddress(hGina
, "WlxNegotiate");
669 Functions
->WlxInitialize
= (PFWLXINITIALIZE
)GetProcAddress(hGina
, "WlxInitialize");
671 if (!Functions
->WlxInitialize
)
674 if (!Functions
->WlxNegotiate
)
676 /* Assume current version */
677 *DllVersion
= WLX_CURRENT_VERSION
;
681 TRACE("About to negociate with Gina %S. Winlogon uses version %x\n",
682 GinaDll
, WLX_CURRENT_VERSION
);
683 if (!Functions
->WlxNegotiate(WLX_CURRENT_VERSION
, DllVersion
))
687 TRACE("Gina uses WLX_VERSION %lx\n", *DllVersion
);
689 if (*DllVersion
>= WLX_VERSION_1_0
)
691 Functions
->WlxActivateUserShell
= (PFWLXACTIVATEUSERSHELL
)GetProcAddress(hGina
, "WlxActivateUserShell");
692 if (!Functions
->WlxActivateUserShell
) goto cleanup
;
693 Functions
->WlxDisplayLockedNotice
= (PFWLXDISPLAYLOCKEDNOTICE
)GetProcAddress(hGina
, "WlxDisplayLockedNotice");
694 if (!Functions
->WlxDisplayLockedNotice
) goto cleanup
;
695 Functions
->WlxDisplaySASNotice
= (PFWLXDISPLAYSASNOTICE
)GetProcAddress(hGina
, "WlxDisplaySASNotice");
696 if (!Functions
->WlxDisplaySASNotice
) goto cleanup
;
697 Functions
->WlxIsLockOk
= (PFWLXISLOCKOK
)GetProcAddress(hGina
, "WlxIsLockOk");
698 if (!Functions
->WlxIsLockOk
) goto cleanup
;
699 Functions
->WlxIsLogoffOk
= (PFWLXISLOGOFFOK
)GetProcAddress(hGina
, "WlxIsLogoffOk");
700 if (!Functions
->WlxIsLogoffOk
) goto cleanup
;
701 Functions
->WlxLoggedOnSAS
= (PFWLXLOGGEDONSAS
)GetProcAddress(hGina
, "WlxLoggedOnSAS");
702 if (!Functions
->WlxLoggedOnSAS
) goto cleanup
;
703 Functions
->WlxLoggedOutSAS
= (PFWLXLOGGEDOUTSAS
)GetProcAddress(hGina
, "WlxLoggedOutSAS");
704 if (!Functions
->WlxLoggedOutSAS
) goto cleanup
;
705 Functions
->WlxLogoff
= (PFWLXLOGOFF
)GetProcAddress(hGina
, "WlxLogoff");
706 if (!Functions
->WlxLogoff
) goto cleanup
;
707 Functions
->WlxShutdown
= (PFWLXSHUTDOWN
)GetProcAddress(hGina
, "WlxShutdown");
708 if (!Functions
->WlxShutdown
) goto cleanup
;
709 Functions
->WlxWkstaLockedSAS
= (PFWLXWKSTALOCKEDSAS
)GetProcAddress(hGina
, "WlxWkstaLockedSAS");
710 if (!Functions
->WlxWkstaLockedSAS
) goto cleanup
;
713 if (*DllVersion
>= WLX_VERSION_1_1
)
715 Functions
->WlxScreenSaverNotify
= (PFWLXSCREENSAVERNOTIFY
)GetProcAddress(hGina
, "WlxScreenSaverNotify");
716 Functions
->WlxStartApplication
= (PFWLXSTARTAPPLICATION
)GetProcAddress(hGina
, "WlxStartApplication");
719 if (*DllVersion
>= WLX_VERSION_1_3
)
721 Functions
->WlxDisplayStatusMessage
= (PFWLXDISPLAYSTATUSMESSAGE
)GetProcAddress(hGina
, "WlxDisplayStatusMessage");
722 if (!Functions
->WlxDisplayStatusMessage
) goto cleanup
;
723 Functions
->WlxGetStatusMessage
= (PFWLXGETSTATUSMESSAGE
)GetProcAddress(hGina
, "WlxGetStatusMessage");
724 if (!Functions
->WlxGetStatusMessage
) goto cleanup
;
725 Functions
->WlxNetworkProviderLoad
= (PFWLXNETWORKPROVIDERLOAD
)GetProcAddress(hGina
, "WlxNetworkProviderLoad");
726 if (!Functions
->WlxNetworkProviderLoad
) goto cleanup
;
727 Functions
->WlxRemoveStatusMessage
= (PFWLXREMOVESTATUSMESSAGE
)GetProcAddress(hGina
, "WlxRemoveStatusMessage");
728 if (!Functions
->WlxRemoveStatusMessage
) goto cleanup
;
731 /* Provide some default functions */
732 if (!Functions
->WlxScreenSaverNotify
)
733 Functions
->WlxScreenSaverNotify
= DefaultWlxScreenSaverNotify
;
744 *GinaInstance
= hGina
;
750 IN OUT PWLSESSION Session
)
752 DWORD GinaDllVersion
;
754 if (!LoadGina(&Session
->Gina
.Functions
, &GinaDllVersion
, &Session
->Gina
.hDllInstance
))
757 Session
->Gina
.Context
= NULL
;
758 Session
->Gina
.Version
= GinaDllVersion
;
759 Session
->Gina
.UseCtrlAltDelete
= FALSE
;
760 Session
->SuppressStatus
= FALSE
;
761 PreviousWindowProc
= NULL
;
763 TRACE("Calling WlxInitialize(\"%S\")\n", Session
->InteractiveWindowStationName
);
764 return Session
->Gina
.Functions
.WlxInitialize(
765 Session
->InteractiveWindowStationName
,
768 (PVOID
)&FunctionTable
,
769 &Session
->Gina
.Context
);
773 AddAceToWindowStation(
778 SECURITY_INFORMATION SecurityInformation
;
779 PACL pDefaultAcl
= NULL
;
780 PSECURITY_DESCRIPTOR WinstaSd
= NULL
;
781 PACCESS_ALLOWED_ACE Ace
= NULL
;
784 /* Allocate space for an ACL */
785 AclSize
= sizeof(ACL
)
786 + 2 * (FIELD_OFFSET(ACCESS_ALLOWED_ACE
, SidStart
) + GetLengthSid(Sid
));
787 pDefaultAcl
= HeapAlloc(GetProcessHeap(), 0, AclSize
);
790 ERR("WL: HeapAlloc() failed\n");
795 if (!InitializeAcl(pDefaultAcl
, AclSize
, ACL_REVISION
))
797 ERR("WL: InitializeAcl() failed (error %lu)\n", GetLastError());
801 /* Initialize new security descriptor */
802 WinstaSd
= HeapAlloc(GetProcessHeap(), 0, SECURITY_DESCRIPTOR_MIN_LENGTH
);
803 if (!InitializeSecurityDescriptor(WinstaSd
, SECURITY_DESCRIPTOR_REVISION
))
805 ERR("WL: InitializeSecurityDescriptor() failed (error %lu)\n", GetLastError());
809 /* Allocate memory for access allowed ACE */
810 Ace
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(ACCESS_ALLOWED_ACE
)+
811 GetLengthSid(Sid
) - sizeof(DWORD
));
813 /* Create the first ACE for the window station */
814 Ace
->Header
.AceType
= ACCESS_ALLOWED_ACE_TYPE
;
815 Ace
->Header
.AceFlags
= CONTAINER_INHERIT_ACE
| INHERIT_ONLY_ACE
| OBJECT_INHERIT_ACE
;
816 Ace
->Header
.AceSize
= sizeof(ACCESS_ALLOWED_ACE
) + GetLengthSid(Sid
) - sizeof(DWORD
);
817 Ace
->Mask
= GENERIC_ACCESS
;
820 if (!CopySid(GetLengthSid(Sid
), &Ace
->SidStart
, Sid
))
822 ERR("WL: CopySid() failed (error %lu)\n", GetLastError());
826 /* Add the first ACE */
827 if (!AddAce(pDefaultAcl
, ACL_REVISION
, MAXDWORD
, (LPVOID
)Ace
, Ace
->Header
.AceSize
))
829 ERR("WL: AddAce() failed (error %lu)\n", GetLastError());
833 /* Add the second ACE to the end of ACL */
834 Ace
->Header
.AceFlags
= NO_PROPAGATE_INHERIT_ACE
;
835 Ace
->Mask
= WINSTA_ALL
;
836 if (!AddAce(pDefaultAcl
, ACL_REVISION
, MAXDWORD
, (LPVOID
)Ace
, Ace
->Header
.AceSize
))
838 ERR("WL: AddAce() failed (error %lu)\n", GetLastError());
842 /* Add ACL to winsta's security descriptor */
843 if (!SetSecurityDescriptorDacl(WinstaSd
, TRUE
, pDefaultAcl
, FALSE
))
845 ERR("WL: SetSecurityDescriptorDacl() failed (error %lu)\n", GetLastError());
849 /* Apply security to the window station */
850 SecurityInformation
= DACL_SECURITY_INFORMATION
;
851 if (!SetUserObjectSecurity(WinSta
, &SecurityInformation
, WinstaSd
))
853 ERR("WL: SetUserObjectSecurity() failed (error %lu)\n", GetLastError());
857 /* Indicate success */
861 /* Free allocated stuff */
862 if (pDefaultAcl
) HeapFree(GetProcessHeap(), 0, pDefaultAcl
);
863 if (WinstaSd
) HeapFree(GetProcessHeap(), 0, WinstaSd
);
864 if (Ace
) HeapFree(GetProcessHeap(), 0, Ace
);
876 SECURITY_INFORMATION SecurityInformation
;
878 PSECURITY_DESCRIPTOR DesktopSd
= NULL
;
882 AclSize
= sizeof(ACL
)
883 + FIELD_OFFSET(ACCESS_ALLOWED_ACE
, SidStart
) + GetLengthSid(WinlogonSid
);
885 /* Take user's sid into account */
887 AclSize
+= FIELD_OFFSET(ACCESS_ALLOWED_ACE
, SidStart
) + GetLengthSid(UserSid
);
889 Acl
= HeapAlloc(GetProcessHeap(), 0, AclSize
);
892 ERR("WL: HeapAlloc() failed\n");
897 if (!InitializeAcl(Acl
, AclSize
, ACL_REVISION
))
899 ERR("WL: InitializeAcl() failed (error %lu)\n", GetLastError());
903 /* Add full desktop access ACE for winlogon */
904 if (!AddAccessAllowedAce(Acl
, ACL_REVISION
, DESKTOP_ALL
, WinlogonSid
))
906 ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError());
910 /* Add full desktop access ACE for a user (if provided) */
911 if (UserSid
&& !AddAccessAllowedAce(Acl
, ACL_REVISION
, DESKTOP_ALL
, UserSid
))
913 ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError());
917 /* Initialize new security descriptor */
918 DesktopSd
= HeapAlloc(GetProcessHeap(), 0, SECURITY_DESCRIPTOR_MIN_LENGTH
);
919 if (!InitializeSecurityDescriptor(DesktopSd
, SECURITY_DESCRIPTOR_REVISION
))
921 ERR("WL: InitializeSecurityDescriptor() failed (error %lu)\n", GetLastError());
925 /* Add ACL to the security descriptor */
926 if (!SetSecurityDescriptorDacl(DesktopSd
, TRUE
, Acl
, FALSE
))
928 ERR("WL: SetSecurityDescriptorDacl() failed (error %lu)\n", GetLastError());
932 /* Apply security to the window station */
933 SecurityInformation
= DACL_SECURITY_INFORMATION
;
934 if (!SetUserObjectSecurity(Desktop
, &SecurityInformation
, DesktopSd
))
936 ERR("WL: SetUserObjectSecurity() failed (error %lu)\n", GetLastError());
940 /* Indicate success */
944 /* Free allocated stuff */
945 if (Acl
) HeapFree(GetProcessHeap(), 0, Acl
);
946 if (DesktopSd
) HeapFree(GetProcessHeap(), 0, DesktopSd
);
952 CreateWindowStationAndDesktops(
953 IN OUT PWLSESSION Session
)
955 BYTE LocalSystemBuffer
[SECURITY_MAX_SID_SIZE
];
956 BYTE InteractiveBuffer
[SECURITY_MAX_SID_SIZE
];
957 PSID pLocalSystemSid
= (PSID
)&LocalSystemBuffer
;
958 PSID pInteractiveSid
= (PSID
)InteractiveBuffer
;
959 DWORD SidSize
, AclSize
;
960 PACL pDefaultAcl
= NULL
;
961 PACL pUserDesktopAcl
= NULL
;
962 SECURITY_DESCRIPTOR DefaultSecurityDescriptor
;
963 SECURITY_ATTRIBUTES DefaultSecurity
;
964 SECURITY_DESCRIPTOR UserDesktopSecurityDescriptor
;
965 SECURITY_ATTRIBUTES UserDesktopSecurity
;
969 * Prepare information for ACLs we will apply
971 SidSize
= SECURITY_MAX_SID_SIZE
;
972 if (!CreateWellKnownSid(WinLocalSystemSid
, NULL
, pLocalSystemSid
, &SidSize
))
974 ERR("WL: CreateWellKnownSid() failed (error %lu)\n", GetLastError());
977 SidSize
= SECURITY_MAX_SID_SIZE
;
978 if (!CreateWellKnownSid(WinInteractiveSid
, NULL
, pInteractiveSid
, &SidSize
))
980 ERR("WL: CreateWellKnownSid() failed (error %lu)\n", GetLastError());
984 AclSize
= sizeof(ACL
)
985 + FIELD_OFFSET(ACCESS_ALLOWED_ACE
, SidStart
) + GetLengthSid(pLocalSystemSid
)
986 + FIELD_OFFSET(ACCESS_ALLOWED_ACE
, SidStart
) + GetLengthSid(pInteractiveSid
);
987 pDefaultAcl
= HeapAlloc(GetProcessHeap(), 0, AclSize
);
988 pUserDesktopAcl
= HeapAlloc(GetProcessHeap(), 0, AclSize
);
989 if (!pDefaultAcl
|| !pUserDesktopAcl
)
991 ERR("WL: HeapAlloc() failed\n");
995 if (!InitializeAcl(pDefaultAcl
, AclSize
, ACL_REVISION
)
996 || !InitializeAcl(pUserDesktopAcl
, AclSize
, ACL_REVISION
))
998 ERR("WL: InitializeAcl() failed (error %lu)\n", GetLastError());
1003 * Create default ACL (window station, winlogon desktop, screen saver desktop)
1005 if (!AddAccessAllowedAce(pDefaultAcl
, ACL_REVISION
, GENERIC_ALL
, pLocalSystemSid
)
1006 || !AddAccessAllowedAce(pDefaultAcl
, ACL_REVISION
, GENERIC_READ
, pInteractiveSid
))
1008 ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError());
1013 * Create the default security descriptor
1015 if (!InitializeSecurityDescriptor(&DefaultSecurityDescriptor
, SECURITY_DESCRIPTOR_REVISION
))
1017 ERR("WL: InitializeSecurityDescriptor() failed (error %lu)\n", GetLastError());
1021 if (!SetSecurityDescriptorDacl(&DefaultSecurityDescriptor
, TRUE
, pDefaultAcl
, FALSE
))
1023 ERR("WL: SetSecurityDescriptorDacl() failed (error %lu)\n", GetLastError());
1027 DefaultSecurity
.nLength
= sizeof(SECURITY_ATTRIBUTES
);
1028 DefaultSecurity
.lpSecurityDescriptor
= &DefaultSecurityDescriptor
;
1029 DefaultSecurity
.bInheritHandle
= TRUE
;
1032 * Create user desktop ACL
1034 if (!AddAccessAllowedAce(pUserDesktopAcl
, ACL_REVISION
, GENERIC_ALL
, pLocalSystemSid
)
1035 || !AddAccessAllowedAce(pUserDesktopAcl
, ACL_REVISION
, GENERIC_ALL
, pInteractiveSid
))
1037 ERR("WL: AddAccessAllowedAce() failed (error %lu)\n", GetLastError());
1042 * Create the user desktop security descriptor
1044 if (!InitializeSecurityDescriptor(&UserDesktopSecurityDescriptor
, SECURITY_DESCRIPTOR_REVISION
))
1046 ERR("WL: InitializeSecurityDescriptor() failed (error %lu)\n", GetLastError());
1050 if (!SetSecurityDescriptorDacl(&UserDesktopSecurityDescriptor
, TRUE
, pUserDesktopAcl
, FALSE
))
1052 ERR("WL: SetSecurityDescriptorDacl() failed (error %lu)\n", GetLastError());
1056 UserDesktopSecurity
.nLength
= sizeof(SECURITY_ATTRIBUTES
);
1057 UserDesktopSecurity
.lpSecurityDescriptor
= &UserDesktopSecurityDescriptor
;
1058 UserDesktopSecurity
.bInheritHandle
= TRUE
;
1061 * Create the interactive window station
1063 Session
->InteractiveWindowStationName
= L
"WinSta0";
1064 Session
->InteractiveWindowStation
= CreateWindowStationW(
1065 Session
->InteractiveWindowStationName
,
1069 if (!Session
->InteractiveWindowStation
)
1071 ERR("WL: Failed to create window station (%lu)\n", GetLastError());
1074 if (!SetProcessWindowStation(Session
->InteractiveWindowStation
))
1076 ERR("WL: SetProcessWindowStation() failed (error %lu)\n", GetLastError());
1081 * Create the application desktop
1083 Session
->ApplicationDesktop
= CreateDesktopW(
1087 0, /* FIXME: Add DF_ALLOWOTHERACCOUNTHOOK flag? */
1089 &UserDesktopSecurity
);
1090 if (!Session
->ApplicationDesktop
)
1092 ERR("WL: Failed to create Default desktop (%lu)\n", GetLastError());
1097 * Create the winlogon desktop
1099 Session
->WinlogonDesktop
= CreateDesktopW(
1106 if (!Session
->WinlogonDesktop
)
1108 ERR("WL: Failed to create Winlogon desktop (%lu)\n", GetLastError());
1113 * Create the screen saver desktop
1115 Session
->ScreenSaverDesktop
= CreateDesktopW(
1122 if(!Session
->ScreenSaverDesktop
)
1124 ERR("WL: Failed to create Screen-Saver desktop (%lu)\n", GetLastError());
1128 /* FIXME: big HACK */
1129 CloseDesktop(Session
->WinlogonDesktop
);
1130 CloseDesktop(Session
->ScreenSaverDesktop
);
1131 Session
->WinlogonDesktop
= OpenDesktopW(L
"Default", 0, FALSE
, GENERIC_ALL
);
1132 Session
->ScreenSaverDesktop
= OpenDesktopW(L
"Default", 0, FALSE
, GENERIC_ALL
);
1135 * Switch to winlogon desktop
1137 if (!SetThreadDesktop(Session
->WinlogonDesktop
) ||
1138 !SwitchDesktop(Session
->WinlogonDesktop
))
1140 ERR("WL: Cannot switch to Winlogon desktop (%lu)\n", GetLastError());
1149 if (Session
->ApplicationDesktop
)
1151 CloseDesktop(Session
->ApplicationDesktop
);
1152 Session
->ApplicationDesktop
= NULL
;
1154 if (Session
->WinlogonDesktop
)
1156 CloseDesktop(Session
->WinlogonDesktop
);
1157 Session
->WinlogonDesktop
= NULL
;
1159 if (Session
->ScreenSaverDesktop
)
1161 CloseDesktop(Session
->ScreenSaverDesktop
);
1162 Session
->ScreenSaverDesktop
= NULL
;
1164 if (Session
->InteractiveWindowStation
)
1166 CloseWindowStation(Session
->InteractiveWindowStation
);
1167 Session
->InteractiveWindowStation
= NULL
;
1170 HeapFree(GetProcessHeap(), 0, pDefaultAcl
);
1171 HeapFree(GetProcessHeap(), 0, pUserDesktopAcl
);