windows-nt/Source/XPSP1/NT/inetsrv/iis/svcs/infocomm/common/logon32.cxx
2020-09-26 16:20:57 +08:00

283 lines
6.5 KiB
C++
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*++
Copyright (c) 1996 Microsoft Corporation
Module Name:
logon32.cxx
Abstract:
Provide a replacement for LogonUser to login a user
as a net logon. Also support sub-authentication DLL IDs
Author:
Philippe Choquier (phillich) 10-january-1996
Created from base\advapi\logon32.c
--*/
#include "tcpdllp.hxx"
#pragma hdrstop
#include <lmjoin.h>
#include <lonsi.hxx>
#include <infosec.hxx>
//
// externs
//
extern LOGON32_INITIALIZE_FN pfnLogon32Initialize;
extern LOGON_NET_USER_A_FN pfnLogonNetUserA;
extern LOGON_NET_USER_W_FN pfnLogonNetUserW;
extern NET_USER_COOKIE_A_FN pfnNetUserCookieA;
extern LOGON_DIGEST_USER_A_FN pfnLogonDigestUserA;
BOOL
Logon32Initialize(
IN PVOID hMod,
IN ULONG Reason,
IN PCONTEXT Context)
/*++
Routine Description:
Initializes the critical section
Arguments:
hMod -- reserved, must be NULL
Reason -- DLL_PROCESS_ATTACH or DLL_PROCESS_DETACH
Context -- reserved, must be NULL
Returns:
TRUE if initialization success, else FALSE
--*/
{
DBG_ASSERT( pfnLogon32Initialize != NULL );
return pfnLogon32Initialize(
hMod,
Reason,
Context );
} // Logon32Initialize
BOOL
WINAPI
LogonNetUserW(
PWSTR lpszUsername,
PWSTR lpszDomain,
PSTR lpszPassword,
PWSTR lpszWorkstation,
DWORD dwSubAuth,
DWORD dwLogonType,
DWORD dwLogonProvider,
HANDLE * phToken,
LARGE_INTEGER * pExpiry
)
/*++
Routine Description:
Logs a user on via username and domain
name via the LSA.
Arguments:
lpszUsername -- user name
lpszDomain -- domain validating the user name
lpszPassword -- clear text password, can be empty if a sub-auth DLL
is used
lpszWorkstation -- workstation requesting the login, can be NULL
for local workstation
dwSubAuth -- sub-auth DLL ID
dwLogonType -- one of LOGON32_LOGON_NETWORK, LOGON32_LOGON_IIS_NETWORK
dwLogonProvider -- must be LOGON32_PROVIDER_DEFAULT
phToken -- created access token
pExpiry -- ptr to pwd expiration time
Returns:
TRUE if success, FALSE if error
--*/
{
DBG_ASSERT( pfnLogonNetUserW != NULL );
return pfnLogonNetUserW(
lpszUsername,
lpszDomain,
lpszPassword,
lpszWorkstation,
dwSubAuth,
dwLogonType,
dwLogonProvider,
phToken,
pExpiry
);
} // LogonNetUserW
dllexp
BOOL
WINAPI
LogonNetUserA(
PSTR lpszUsername,
PSTR lpszDomain,
PSTR lpszPassword,
PSTR lpszWorkstation,
DWORD dwSubAuth,
DWORD dwLogonType,
DWORD dwLogonProvider,
HANDLE * phToken,
LARGE_INTEGER * pExpiry
)
/*++
Routine Description:
Logs a user on via username and domain
name via the LSA.
Arguments:
lpszUsername -- user name
lpszDomain -- domain validating the user name
lpszPassword -- clear text password, can be empty if a sub-auth DLL
is used
lpszWorkstation -- workstation requesting the login, can be NULL
for local workstation
dwSubAuth -- sub-auth DLL ID
dwLogonType -- one of LOGON32_LOGON_NETWORK, LOGON32_LOGON_IIS_NETWORK
dwLogonProvider -- must be LOGON32_PROVIDER_DEFAULT
phToken -- created access token
pExpiry -- ptr to pwd expiration time
Returns:
TRUE if success, FALSE if error
--*/
{
DBG_ASSERT( pfnLogonNetUserA != NULL );
return pfnLogonNetUserA(
lpszUsername,
lpszDomain,
lpszPassword,
lpszWorkstation,
dwSubAuth,
dwLogonType,
dwLogonProvider,
phToken,
pExpiry);
} // LogonNetUserA
dllexp
BOOL
WINAPI
NetUserCookieA(
LPSTR lpszUsername,
DWORD dwSeed,
LPSTR lpszCookieBuff,
DWORD dwBuffSize
)
/*++
Routine Description:
Compute logon validator ( to be used as password )
for IISSuba
Arguments:
lpszUsername -- user name
dwSeed -- start value of cookie
Returns:
TRUE if success, FALSE if error
--*/
{
DBG_ASSERT(pfnNetUserCookieA != NULL);
return pfnNetUserCookieA(
lpszUsername,
dwSeed,
lpszCookieBuff,
dwBuffSize
);
} // NetUserCookieA
dllexp
BOOL
WINAPI
LogonDigestUserA(
VOID * pDigestBuffer,
DWORD dwAlgo,
HANDLE * phToken
)
/*++
Routine Description:
Logs a user on via username and domain name via the LSA using Digest authentication.
AMallet, 5/11/98 - This function is currently only called by the Digest Auth filter.
Arguments:
pDigestBuffer - Digest parameters
dwAlgo - Logon type
phToken -- created access token
Returns:
TRUE if success, FALSE if error
--*/
{
PDIGEST_LOGON_INFO pDigestLogonInfo = (PDIGEST_LOGON_INFO) pDigestBuffer;
static CHAR achDefaultDomain[IIS_DNLEN + 1];
//
// [See comment above about where this function is called from]
// The digest filter will do what it can to pass in a non-empty domain [it'll try the
// domain specified by the user, the metabase-configured domain and the domain the computer
// is a part of, in that order], but if everything fails, we'll just have to use the
// "default" domain name, which is usually the name of the machine itself
//
if ( !pDigestLogonInfo->pszDomain ||
pDigestLogonInfo->pszDomain[ 0 ] == '\0' )
{
if ( achDefaultDomain[0] == '\0' )
{
if ( !pfnGetDefaultDomainName( achDefaultDomain,
sizeof(achDefaultDomain) ) )
{
return FALSE;
}
}
pDigestLogonInfo->pszDomain = achDefaultDomain;
}
else if ( pDigestLogonInfo->pszDomain[ 0 ] == '\\' )
{
pDigestLogonInfo->pszDomain[ 0 ] = '\0';
}
return pfnLogonDigestUserA( pDigestLogonInfo,
dwAlgo,
phToken );
} // LogonDigestUserA