Author: ekohl Date: Thu Jan 23 22:05:03 2014 New Revision: 61784 URL: http://svn.reactos.org/svn/reactos?rev=61784&view=rev Log: [MSGINA] - Add the ability for administrators to unlock a computer that was locked by another user. - Remove outdated code. Modified: trunk/reactos/dll/win32/msgina/gui.c trunk/reactos/dll/win32/msgina/msgina.c trunk/reactos/dll/win32/msgina/msgina.h Modified: trunk/reactos/dll/win32/msgina/gui.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/msgina/gui.c?rev… ============================================================================== --- trunk/reactos/dll/win32/msgina/gui.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/msgina/gui.c [iso-8859-1] Thu Jan 23 22:05:03 2014 @@ -639,10 +639,18 @@ else { /* Wrong user name */ - LoadStringW(pgContext->hDllInstance, IDS_LOCKEDWRONGUSER, Buffer1, 256); - wsprintfW(Buffer2, Buffer1, pgContext->Domain, pgContext->UserName); - LoadStringW(pgContext->hDllInstance, IDS_COMPUTERLOCKED, Buffer1, 256); - MessageBoxW(hwndDlg, Buffer2, Buffer1, MB_OK | MB_ICONERROR); + if (DoAdminUnlock(UserName, NULL, Password)) + { + *Action = WLX_SAS_ACTION_UNLOCK_WKSTA; + res = TRUE; + } + else + { + LoadStringW(pgContext->hDllInstance, IDS_LOCKEDWRONGUSER, Buffer1, 256); + wsprintfW(Buffer2, Buffer1, pgContext->Domain, pgContext->UserName); + LoadStringW(pgContext->hDllInstance, IDS_COMPUTERLOCKED, Buffer1, 256); + MessageBoxW(hwndDlg, Buffer2, Buffer1, MB_OK | MB_ICONERROR); + } } } Modified: trunk/reactos/dll/win32/msgina/msgina.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/msgina/msgina.c?… ============================================================================== --- trunk/reactos/dll/win32/msgina/msgina.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/msgina/msgina.c [iso-8859-1] Thu Jan 23 22:05:03 2014 @@ -31,6 +31,8 @@ extern GINA_UI GinaGraphicalUI; extern GINA_UI GinaTextUI; static PGINA_UI pGinaUI; +static SID_IDENTIFIER_AUTHORITY SystemAuthority = {SECURITY_NT_AUTHORITY}; +static PSID AdminSid; /* * @implemented @@ -589,6 +591,83 @@ return NewStr; } + +BOOL +DoAdminUnlock( + IN PWSTR UserName, + IN PWSTR Domain, + IN PWSTR Password) +{ + HANDLE hToken = NULL; + PTOKEN_GROUPS Groups = NULL; + BOOL bIsAdmin = FALSE; + ULONG Size; + ULONG i; + NTSTATUS Status; + + TRACE("(%S %S %S)\n", UserName, Domain, Password); + + if (!LogonUserW(UserName, + Domain, + Password, + LOGON32_LOGON_INTERACTIVE, + LOGON32_PROVIDER_DEFAULT, + &hToken)) + { + WARN("LogonUserW() failed\n"); + return FALSE; + } + + Status = NtQueryInformationToken(hToken, + TokenGroups, + NULL, + 0, + &Size); + if ((Status != STATUS_SUCCESS) && (Status != STATUS_BUFFER_TOO_SMALL)) + { + TRACE("NtQueryInformationToken() failed (Status 0x%08lx)\n", Status); + goto done; + } + + Groups = HeapAlloc(GetProcessHeap(), 0, Size); + if (Groups == NULL) + { + TRACE("HeapAlloc() failed\n"); + goto done; + } + + Status = NtQueryInformationToken(hToken, + TokenGroups, + Groups, + Size, + &Size); + if (!NT_SUCCESS(Status)) + { + TRACE("NtQueryInformationToken() failed (Status 0x%08lx)\n", Status); + goto done; + } + + for (i = 0; i < Groups->GroupCount; i++) + { + if (RtlEqualSid(Groups->Groups[i].Sid, AdminSid)) + { + TRACE("Member of Admins group\n"); + bIsAdmin = TRUE; + break; + } + } + +done: + if (Groups != NULL) + HeapFree(GetProcessHeap(), 0, Groups); + + if (hToken != NULL) + CloseHandle(hToken); + + return bIsAdmin; +} + + BOOL DoLoginTasks( IN OUT PGINA_CONTEXT pgContext, @@ -698,46 +777,6 @@ return FALSE; } -#if 0 -static -BOOL -CheckAutoAdminLogon( - IN PGINA_CONTEXT pgContext) -{ - HKEY WinLogonKey = NULL; - LPWSTR AutoLogon = NULL; - BOOL result = FALSE; - LONG rc; - - if (pgContext->AutoLogonState == AUTOLOGON_DISABLED) - return FALSE; - - rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE, - L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\WinLogon", - 0, - KEY_QUERY_VALUE, - &WinLogonKey); - if (rc != ERROR_SUCCESS) - goto cleanup; - - rc = ReadRegSzKey(WinLogonKey, - L"AutoAdminLogon", - &AutoLogon); - - if (rc != ERROR_SUCCESS) - goto cleanup; - - if (wcscmp(AutoLogon, L"1") == 0) - result = TRUE; - -cleanup: - if (WinLogonKey != NULL) - RegCloseKey(WinLogonKey); - HeapFree(GetProcessHeap(), 0, AutoLogon); - - return result; -} -#endif static BOOL DoAutoLogon( @@ -982,7 +1021,27 @@ UNREFERENCED_PARAMETER(lpvReserved); if (dwReason == DLL_PROCESS_ATTACH) + { hDllInstance = hinstDLL; + RtlAllocateAndInitializeSid(&SystemAuthority, + 2, + SECURITY_BUILTIN_DOMAIN_RID, + DOMAIN_ALIAS_RID_ADMINS, + SECURITY_NULL_RID, + SECURITY_NULL_RID, + SECURITY_NULL_RID, + SECURITY_NULL_RID, + SECURITY_NULL_RID, + SECURITY_NULL_RID, + &AdminSid); + + } + else if (dwReason == DLL_PROCESS_DETACH) + { + if (AdminSid != NULL) + RtlFreeSid(AdminSid); + } + return TRUE; } Modified: trunk/reactos/dll/win32/msgina/msgina.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/msgina/msgina.h?… ============================================================================== --- trunk/reactos/dll/win32/msgina/msgina.h [iso-8859-1] (original) +++ trunk/reactos/dll/win32/msgina/msgina.h [iso-8859-1] Thu Jan 23 22:05:03 2014 @@ -15,6 +15,8 @@ #include <winuser.h> #include <userenv.h> #include <winwlx.h> +#include <ndk/rtlfuncs.h> +#include <ndk/sefuncs.h> #include <wine/debug.h> WINE_DEFAULT_DEBUG_CHANNEL(msgina); @@ -80,6 +82,12 @@ /* msgina.c */ BOOL +DoAdminUnlock( + IN PWSTR UserName, + IN PWSTR Domain, + IN PWSTR Password); + +BOOL DoLoginTasks( IN OUT PGINA_CONTEXT pgContext, IN PWSTR UserName,