Changeset 14409 in vbox for trunk/src/VBox
- Timestamp:
- Nov 20, 2008 1:19:20 PM (16 years ago)
- Location:
- trunk/src/VBox/Additions/WINNT/VBoxService
- Files:
-
- 2 edited
-
VBoxVMInfoUser.cpp (modified) (6 diffs)
-
VBoxVMInfoUser.h (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Additions/WINNT/VBoxService/VBoxVMInfoUser.cpp
r13462 r14409 151 151 BOOL bFoundUser = FALSE; 152 152 PSECURITY_LOGON_SESSION_DATA sessionData = NULL; 153 NTSTATUS ret = 0; 154 WCHAR szAuthPkg[256] = { 0 }; 155 WCHAR szLogonDomain[256] = { 0 }; 153 NTSTATUS r = 0; 156 154 WCHAR *usBuffer = NULL; 157 int usLength = 0;155 int iLength = 0; 158 156 159 157 if (!a_pSession) 160 158 return FALSE; 161 159 162 r et= LsaGetLogonSessionData (a_pSession, &sessionData);163 if (r et!= STATUS_SUCCESS)164 { 165 Log(("vboxVMInfoThread: LsaGetLogonSessionData failed %lu\n", LsaNtStatusToWinError(ret)));160 r = LsaGetLogonSessionData (a_pSession, &sessionData); 161 if (r != STATUS_SUCCESS) 162 { 163 Log(("vboxVMInfoThread: Users: LsaGetLogonSessionData failed %lu\n", LsaNtStatusToWinError(r))); 166 164 167 165 if (sessionData) … … 173 171 if (!sessionData) 174 172 { 175 Log(("vboxVMInfoThread: Invalid logon session data.\n"));173 Log(("vboxVMInfoThread: Users: Invalid logon session data.\n")); 176 174 return FALSE; 177 175 } 176 177 Log(("vboxVMInfoThread: Users: Session data: Name = %ls, Len = %d, SID = %s, LogonID = %d,%d\n", 178 (sessionData->UserName).Buffer, (sessionData->UserName).Length, (sessionData->Sid != NULL) ? "1" : "0", sessionData->LogonId.HighPart, sessionData->LogonId.LowPart)); 178 179 179 180 if ((sessionData->UserName.Buffer != NULL) && … … 183 184 /* Get the user name. */ 184 185 usBuffer = (sessionData->UserName).Buffer; 185 usLength = (sessionData->UserName).Length; 186 if (usLength > 256) 187 { 188 Log(("vboxVMInfoThread: User name too long for buffer! Length: %d, Buffer: 256\n", usLength)); 189 } 190 else 191 { 192 /** @todo r=bird: Check this code for buffer overruns. the if check above is wrong as it's making assumptions about _MAX_PATH (which is 260 not 256 as stated). */ 193 wcsncpy (a_pUserInfo->szUser, usBuffer, usLength); 194 wcscat (a_pUserInfo->szUser, L""); 195 196 usBuffer = (sessionData->AuthenticationPackage).Buffer; 197 usLength = (sessionData->AuthenticationPackage).Length; 198 wcsncpy (szAuthPkg, usBuffer, usLength); 199 wcscat (szAuthPkg, L""); 200 201 usBuffer = (sessionData->LogonDomain).Buffer; 202 usLength = (sessionData->LogonDomain).Length; 203 wcsncpy (szLogonDomain, usBuffer, usLength); 204 wcscat (szLogonDomain, L""); /** @todo r=bird: There is a potential buffer overrun here. */ 205 206 /* Only handle users which can login interactively. */ 207 if ( ((SECURITY_LOGON_TYPE)sessionData->LogonType == Interactive) 208 && (sessionData->Sid != NULL)) 186 iLength = (sessionData->UserName).Length; 187 if (iLength > sizeof(a_pUserInfo->szUser) - sizeof(TCHAR)) /* -sizeof(TCHAR) because we have to add the terminating null char at the end later. */ 188 { 189 LogRel(("vboxVMInfoThread: Users: User name too long (%d bytes) for buffer! Name will be truncated.\n", iLength)); 190 iLength = sizeof(a_pUserInfo->szUser) - sizeof(TCHAR); 191 } 192 wcsncpy (a_pUserInfo->szUser, usBuffer, iLength); 193 wcscat (a_pUserInfo->szUser, L""); /* Add terminating null char. */ 194 195 /* Get authentication package. */ 196 usBuffer = (sessionData->AuthenticationPackage).Buffer; 197 iLength = (sessionData->AuthenticationPackage).Length; 198 if (iLength > sizeof(a_pUserInfo->szAuthenticationPackage) - sizeof(TCHAR)) /* -sizeof(TCHAR) because we have to add the terminating null char at the end later. */ 199 { 200 LogRel(("vboxVMInfoThread: Users: Authentication pkg name too long (%d bytes) for buffer! Name will be truncated.\n", iLength)); 201 iLength = sizeof(a_pUserInfo->szAuthenticationPackage) - sizeof(TCHAR); 202 } 203 wcsncpy (a_pUserInfo->szAuthenticationPackage, usBuffer, iLength); 204 wcscat (a_pUserInfo->szAuthenticationPackage, L""); /* Add terminating null char. */ 205 206 /* Get logon domain. */ 207 usBuffer = (sessionData->LogonDomain).Buffer; 208 iLength = (sessionData->LogonDomain).Length; 209 if (iLength > sizeof(a_pUserInfo->szLogonDomain) - sizeof(TCHAR)) /* -sizeof(TCHAR) because we have to add the terminating null char at the end later. */ 210 { 211 LogRel(("vboxVMInfoThread: Users: Logon domain name too long (%d bytes) for buffer! Name will be truncated.\n", iLength)); 212 iLength = sizeof(a_pUserInfo->szLogonDomain) - sizeof(TCHAR); 213 } 214 wcsncpy (a_pUserInfo->szLogonDomain, usBuffer, iLength); 215 wcscat (a_pUserInfo->szLogonDomain, L""); /* Add terminating null char. */ 216 217 /* Only handle users which can login interactively or logged in remotely over native RDP. */ 218 if ( (((SECURITY_LOGON_TYPE)sessionData->LogonType == Interactive) 219 || ((SECURITY_LOGON_TYPE)sessionData->LogonType == RemoteInteractive)) 220 && (sessionData->Sid != NULL)) 221 { 222 TCHAR szOwnerName [_MAX_PATH] = { 0 }; 223 DWORD dwOwnerNameSize = _MAX_PATH; 224 225 TCHAR szDomainName [_MAX_PATH] = { 0 }; 226 DWORD dwDomainNameSize = _MAX_PATH; 227 228 SID_NAME_USE ownerType; 229 230 if (LookupAccountSid(NULL, 231 sessionData->Sid, 232 szOwnerName, 233 &dwOwnerNameSize, 234 szDomainName, 235 &dwDomainNameSize, 236 &ownerType)) 209 237 { 210 TCHAR szOwnerName [_MAX_PATH] = { 0 }; 211 DWORD dwOwnerNameSize = _MAX_PATH; 212 213 TCHAR szDomainName [_MAX_PATH] = { 0 }; 214 DWORD dwDomainNameSize = _MAX_PATH; 215 216 SID_NAME_USE ownerType; 217 218 if (LookupAccountSid(NULL, 219 sessionData->Sid, 220 szOwnerName, 221 &dwOwnerNameSize, 222 szDomainName, 223 &dwDomainNameSize, 224 &ownerType)) 238 Log(("vboxVMInfoThread: Users: Account User=%ls, Session=%ld, LUID=%ld,%ld, AuthPkg=%ls, Domain=%ls\n", 239 a_pUserInfo->szUser, sessionData->Session, sessionData->LogonId.HighPart, sessionData->LogonId.LowPart, a_pUserInfo->szAuthenticationPackage, a_pUserInfo->szLogonDomain)); 240 241 /* The session ID increments/decrements on Vista often! So don't compare 242 the session data SID with the current SID here. */ 243 DWORD dwActiveSession = 0; 244 if (a_pCtx->pfnWTSGetActiveConsoleSessionId != NULL) /* Check terminal session ID. */ 245 dwActiveSession = a_pCtx->pfnWTSGetActiveConsoleSessionId(); 246 247 /*Log(("vboxVMInfoThread: Users: Current active session ID: %ld\n", dwActiveSession));*/ 248 249 if (SidTypeUser == ownerType) 225 250 { 226 Log(("vboxVMInfoThread: Account User=%ls, Session=%ld, LUID=%ld,%ld, AuthPkg=%ls, Domain=%ls\n", 227 a_pUserInfo->szUser, sessionData->Session, sessionData->LogonId.HighPart, sessionData->LogonId.LowPart, szAuthPkg, szLogonDomain)); 228 229 /* The session ID increments/decrements on Vista often! So don't compare 230 the session data SID with the current SID here. */ 231 DWORD dwActiveSession = 0; 232 if (a_pCtx->pfnWTSGetActiveConsoleSessionId != NULL) /* Check terminal session ID. */ 233 dwActiveSession = a_pCtx->pfnWTSGetActiveConsoleSessionId(); 234 235 /*Log(("vboxVMInfoThread: Current active session ID: %ld\n", dwActiveSession));*/ 236 237 if (SidTypeUser == ownerType) 251 LPWSTR pBuffer = NULL; 252 DWORD dwBytesRet = 0; 253 int iState = 0; 254 255 if (WTSQuerySessionInformation( /* Detect RDP sessions as well. */ 256 WTS_CURRENT_SERVER_HANDLE, 257 WTS_CURRENT_SESSION, 258 WTSConnectState, 259 &pBuffer, 260 &dwBytesRet)) 238 261 { 239 LPWSTR pBuffer = NULL; 240 DWORD dwBytesRet = 0; 241 int iState = 0; 242 243 if (WTSQuerySessionInformation( /* Detect RDP sessions as well. */ 244 WTS_CURRENT_SERVER_HANDLE, 245 WTS_CURRENT_SESSION, 246 WTSConnectState, 247 &pBuffer, 248 &dwBytesRet)) 262 /*Log(("vboxVMInfoThread: Users: WTSQuerySessionInformation returned %ld bytes, p=%p, state=%d\n", dwBytesRet, pBuffer, pBuffer != NULL ? (INT)*pBuffer : -1));*/ 263 if(dwBytesRet) 264 iState = *pBuffer; 265 266 if ( (iState == WTSActive) /* User logged on to WinStation. */ 267 || (iState == WTSShadow) /* Shadowing another WinStation. */ 268 || (iState == WTSDisconnected)) /* WinStation logged on without client. */ 249 269 { 250 /*Log(("vboxVMInfoThread: WTSQuerySessionInformation returned %ld bytes, p=%p, state=%d\n", dwBytesRet, pBuffer, pBuffer != NULL ? (INT)*pBuffer : -1));*/ 251 if(dwBytesRet) 252 iState = *pBuffer; 253 254 if ( (iState == WTSActive) /* User logged on to WinStation. */ 255 || (iState == WTSShadow) /* Shadowing another WinStation. */ 256 || (iState == WTSDisconnected)) /* WinStation logged on without client. */ 257 { 258 /** @todo On Vista and W2K, always "old" user name are still there. Filter out the old! */ 259 Log(("vboxVMInfoThread: Account User=%ls is logged in via TCS/RDP. State=%d\n", a_pUserInfo->szUser, iState)); 260 bFoundUser = TRUE; 261 } 262 } 263 else 264 { 265 /* Terminal services don't run (for example in W2K, nothing to worry about ...). */ 266 /* ... or is on Vista fast user switching page! */ 270 /** @todo On Vista and W2K, always "old" user name are still there. Filter out the old! */ 271 Log(("vboxVMInfoThread: Users: Account User=%ls is logged in via TCS/RDP. State=%d\n", a_pUserInfo->szUser, iState)); 267 272 bFoundUser = TRUE; 268 273 } 269 270 if (pBuffer) 271 WTSFreeMemory(pBuffer); 272 273 /* A user logged in, but it could be a stale/orphaned logon session. */ 274 BOOL bFoundInLUIDs = FALSE; 275 for (DWORD dwIndex = 0; dwIndex < a_dwNumOfProcLUIDs; dwIndex++) 274 } 275 else 276 { 277 /* Terminal services don't run (for example in W2K, nothing to worry about ...). */ 278 /* ... or is on Vista fast user switching page! */ 279 bFoundUser = TRUE; 280 } 281 282 if (pBuffer) 283 WTSFreeMemory(pBuffer); 284 285 /* A user logged in, but it could be a stale/orphaned logon session. */ 286 BOOL bFoundInLUIDs = FALSE; 287 for (DWORD dwIndex = 0; dwIndex < a_dwNumOfProcLUIDs; dwIndex++) 288 { 289 if ( (a_pLuid[dwIndex].HighPart == sessionData->LogonId.HighPart) 290 && (a_pLuid[dwIndex].LowPart == sessionData->LogonId.LowPart)) 276 291 { 277 if ( (a_pLuid[dwIndex].HighPart == sessionData->LogonId.HighPart) 278 && (a_pLuid[dwIndex].LowPart == sessionData->LogonId.LowPart)) 279 { 280 bLoggedIn = TRUE; 281 Log(("vboxVMInfoThread: User \"%ls\" is logged in!\n", a_pUserInfo->szUser)); 282 break; 283 } 292 bLoggedIn = TRUE; 293 Log(("vboxVMInfoThread: Users: User \"%ls\" is logged in!\n", a_pUserInfo->szUser)); 294 break; 284 295 } 285 296 } … … 297 308 PLUID pSessions = NULL; 298 309 ULONG ulCount = 0; 299 NTSTATUS r et= 0;310 NTSTATUS r = 0; 300 311 301 312 int iUserCount = 0; … … 305 316 /* This function can report stale or orphaned interactive logon sessions of already logged 306 317 off users (especially in Windows 2000). */ 307 r et= LsaEnumerateLogonSessions(&ulCount, &pSessions);308 Log(("vboxVMInfoThread: Found %d users.\n", ulCount));309 310 if (r et!= STATUS_SUCCESS)311 { 312 Log(("vboxVMInfoThread: LsaEnumerate failed %lu\n", LsaNtStatusToWinError(ret)));318 r = LsaEnumerateLogonSessions(&ulCount, &pSessions); 319 Log(("vboxVMInfoThread: Users: Found %d users.\n", ulCount)); 320 321 if (r != STATUS_SUCCESS) 322 { 323 Log(("vboxVMInfoThread: Users: LsaEnumerate failed %lu\n", LsaNtStatusToWinError(r))); 313 324 return 1; 314 325 } … … 356 367 a_pCtx->cUsers = iUserCount; 357 368 358 return r et;369 return r; 359 370 } 360 371 -
trunk/src/VBox/Additions/WINNT/VBoxService/VBoxVMInfoUser.h
r13462 r14409 25 25 typedef struct _VBOXUSERINFO 26 26 { 27 TCHAR szUser[_MAX_PATH]; 27 TCHAR szUser [_MAX_PATH]; 28 TCHAR szAuthenticationPackage [_MAX_PATH]; 29 TCHAR szLogonDomain [_MAX_PATH]; 28 30 } VBOXUSERINFO; 29 31
Note:
See TracChangeset
for help on using the changeset viewer.
