2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afs/param.h>
17 #include <afs/pioctl_nt.h>
18 #include <afs/kautils.h>
19 #include "cm_config.h"
24 #include <sys/types.h>
27 DWORD LogonOption,TraceOption;
33 #define REG_CLIENT_PARMS_KEY "SYSTEM\\CurrentControlSet\\Services\\TransarcAFSDaemon\\Parameters"
34 #define REG_CLIENT_PROVIDER_KEY "SYSTEM\\CurrentControlSet\\Services\\TransarcAFSDaemon\\NetworkProvider"
35 #define REG_CLIENT_RETRY_INTERVAL_PARM "LoginRetryInterval"
36 #define REG_CLIENT_FAIL_SILENTLY_PARM "FailLoginsSilently"
37 #define DEFAULT_RETRY_INTERVAL 30 /* seconds*/
38 #define DEFAULT_FAIL_SILENTLY FALSE
39 #define DEFAULT_SLEEP_INTERVAL 5 /* seconds*/
41 #define ISLOGONINTEGRATED(v) ( ((v) & LOGON_OPTION_INTEGRATED)==LOGON_OPTION_INTEGRATED)
42 #define ISHIGHSECURITY(v) ( ((v) & LOGON_OPTION_HIGHSECURITY)==LOGON_OPTION_HIGHSECURITY)
44 #define TRACE_OPTION_EVENT 1
45 #define ISLOGONTRACE(v) ( ((v) & TRACE_OPTION_EVENT)==TRACE_OPTION_EVENT)
47 /* Structure def copied from DDK (NTDEF.H) */
48 typedef struct UNICODE_STRING {
49 USHORT Length; /* number of bytes of Buffer actually used */
50 USHORT MaximumLength; /* sizeof buffer in bytes */
51 WCHAR *Buffer; /* 16 bit characters */
54 /* Structure def copied from NP API documentation */
55 typedef struct _MSV1_0_INTERACTIVE_LOGON {
56 DWORD MessageType; /* Actually this is an enum; ignored */
57 UNICODE_STRING LogonDomainName;
58 UNICODE_STRING UserName;
59 UNICODE_STRING Password;
60 } MSV1_0_INTERACTIVE_LOGON;
65 * We get a logon script pathname from the HKEY_LOCAL_MACHINE registry.
66 * I don't know what good this does; I just copied it from DFS.
68 * Returns NULL on failure.
72 void DebugEvent0(char *a)
74 HANDLE h; char *ptbuf[1];
75 if (!ISLOGONTRACE(TraceOption))
77 h = RegisterEventSource(NULL, AFS_DAEMON_EVENT_NAME);
79 ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);
80 DeregisterEventSource(h);
84 void DebugEvent(char *a,char *b,...)
86 HANDLE h; char *ptbuf[1],buf[MAXBUF_+1];
88 if (!ISLOGONTRACE(TraceOption))
90 h = RegisterEventSource(NULL, AFS_DAEMON_EVENT_NAME);
92 _vsnprintf(buf,MAXBUF_,b,marker);
95 ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, (const char **)ptbuf, NULL);\
96 DeregisterEventSource(h);
100 CHAR *GenRandomName(CHAR *pbuf)
103 srand( (unsigned)time( NULL ) );
104 for (i=0;i<MAXRANDOMNAMELEN-1;i++)
105 pbuf[i]='a'+(rand() % 26);
106 pbuf[MAXRANDOMNAMELEN-1]=0;
110 WCHAR *GetLogonScript(CHAR *pname)
114 DWORD LSPtype, LSPsize;
116 WCHAR randomName[MAXRANDOMNAMELEN];
119 * Get Network Provider key.
120 * Assume this works or we wouldn't be here.
122 (void) RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PROVIDER_KEY,
123 0, KEY_QUERY_VALUE, &NPKey);
126 * Get Logon Script pathname length
129 code = RegQueryValueExW(NPKey, L"LogonScript", NULL,
130 &LSPtype, NULL, &LSPsize);
137 if (LSPtype != REG_SZ) { /* Maybe handle REG_EXPAND_SZ? */
142 buf=(WCHAR *)LocalAlloc(LMEM_FIXED,LSPsize);
143 script=(WCHAR *)LocalAlloc(LMEM_FIXED,LSPsize+(MAXRANDOMNAMELEN)*sizeof(WCHAR));
145 * Explicitly call UNICODE version
146 * Assume it will succeed since it did before
148 (void) RegQueryValueExW(NPKey, L"LogonScript", NULL,
149 &LSPtype, (LPBYTE)buf, &LSPsize);
150 MultiByteToWideChar(CP_ACP,0,pname,strlen(pname)+1,randomName,(strlen(pname)+1)*sizeof(WCHAR));
151 swprintf(script,buf,randomName);
156 HANDLE h; char *ptbuf[1],buf[132],tbuf[255];
157 WideCharToMultiByte(CP_ACP,0,script,LSPsize,tbuf,255,NULL,NULL);
158 h = RegisterEventSource(NULL, AFS_DAEMON_EVENT_NAME);
159 sprintf(buf, "Script[%s,%d] Return Code[%x]",tbuf,LSPsize,code);
161 ReportEvent(h, EVENTLOG_INFORMATION_TYPE, 0, 0, NULL, 1, 0, ptbuf, NULL);
162 DeregisterEventSource(h);
170 BOOLEAN AFSWillAutoStart(void)
175 BOOLEAN result = FALSE;
176 LPQUERY_SERVICE_CONFIG pConfig = NULL;
180 /* Open services manager */
181 scm = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
182 if (!scm) return FALSE;
184 /* Open AFSD service */
185 svc = OpenService(scm, "TransarcAFSDaemon", SERVICE_QUERY_CONFIG);
189 /* Query AFSD service config, first just to get buffer size */
190 /* Expected to fail, so don't test return value */
191 (void) QueryServiceConfig(svc, NULL, 0, &BufSize);
192 status = GetLastError();
193 if (status != ERROR_INSUFFICIENT_BUFFER)
196 /* Allocate buffer */
197 pConfig = (LPQUERY_SERVICE_CONFIG)GlobalAlloc(GMEM_FIXED,BufSize);
201 /* Query AFSD service config, this time for real */
202 flag = QueryServiceConfig(svc, pConfig, BufSize, &BufSize);
206 /* Is it autostart? */
207 if (pConfig->dwStartType < SERVICE_DEMAND_START)
213 CloseServiceHandle(svc);
215 CloseServiceHandle(scm);
220 DWORD MapAuthError(DWORD code)
225 return WN_NO_NETWORK;
226 /* case INTK_BADPW: return WN_BAD_PASSWORD;*/
227 /* case KERB_ERR_PRINCIPAL_UNKNOWN: return WN_BAD_USER;*/
228 default: return WN_SUCCESS;
232 BOOLEAN APIENTRY DllEntryPoint(HANDLE dll, DWORD reason, PVOID reserved)
236 case DLL_PROCESS_ATTACH:
237 /* Initialize AFS libraries */
243 /* Everything else succeeds but does nothing. */
244 case DLL_PROCESS_DETACH:
245 case DLL_THREAD_ATTACH:
246 case DLL_THREAD_DETACH:
254 DWORD APIENTRY NPGetCaps(DWORD index)
258 /* Don't have our own type; use somebody else's. */
259 return WNNC_NET_SUN_PC_NFS;
265 static void GetLoginBehavior(int *pRetryInterval, BOOLEAN *pFailSilently)
271 result = RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PARMS_KEY, 0, KEY_QUERY_VALUE, &hKey);
272 if (result != ERROR_SUCCESS) {
273 *pRetryInterval = DEFAULT_RETRY_INTERVAL;
274 *pFailSilently = DEFAULT_FAIL_SILENTLY;
278 result = RegQueryValueEx(hKey, REG_CLIENT_RETRY_INTERVAL_PARM, 0, 0, (BYTE *)pRetryInterval, &dummyLen);
279 if (result != ERROR_SUCCESS)
280 *pRetryInterval = DEFAULT_RETRY_INTERVAL;
282 result = RegQueryValueEx(hKey, REG_CLIENT_FAIL_SILENTLY_PARM, 0, 0, (BYTE *)pFailSilently, &dummyLen);
283 if (result != ERROR_SUCCESS)
284 *pFailSilently = DEFAULT_FAIL_SILENTLY;
286 /* Make sure this is really a bool value in the strict sense*/
287 *pFailSilently = !!*pFailSilently;
292 BOOL IsServiceRunning (void)
294 SERVICE_STATUS Status;
296 memset (&Status, 0x00, sizeof(Status));
297 Status.dwCurrentState = SERVICE_STOPPED;
299 if ((hManager = OpenSCManager (NULL, NULL, GENERIC_READ)) != NULL)
302 if ((hService = OpenService (hManager, TEXT("TransarcAFSDaemon"), GENERIC_READ)) != NULL)
304 QueryServiceStatus (hService, &Status);
305 CloseServiceHandle (hService);
308 CloseServiceHandle (hManager);
310 DebugEvent("AFS AfsLogon - Test Service Running","Return Code[%x] ?Running[%d]",Status.dwCurrentState,(Status.dwCurrentState == SERVICE_RUNNING));
311 return (Status.dwCurrentState == SERVICE_RUNNING);
314 DWORD APIENTRY NPLogonNotify(
316 LPCWSTR lpAuthentInfoType,
317 LPVOID lpAuthentInfo,
318 LPCWSTR lpPreviousAuthentInfoType,
319 LPVOID lpPreviousAuthentInfo,
320 LPWSTR lpStationName,
321 LPVOID StationHandle,
322 LPWSTR *lpLogonScript)
326 char password[256]="";
327 char cell[256]="<non-integrated logon>";
328 MSV1_0_INTERACTIVE_LOGON *IL;
334 DWORD LSPtype, LSPsize;
336 HWND hwndOwner = (HWND)StationHandle;
337 BOOLEAN failSilently;
339 int sleepInterval = DEFAULT_SLEEP_INTERVAL; /* seconds */
340 BOOLEAN afsWillAutoStart;
341 CHAR RandomName[MAXRANDOMNAMELEN];
343 /* Initialize Logon Script to none */
346 IL = (MSV1_0_INTERACTIVE_LOGON *) lpAuthentInfo;
348 /* Are we interactive? */
349 interactive = (wcscmp(lpStationName, L"WinSta0") == 0);
351 /* Convert from Unicode to ANSI */
352 wcstombs(uname, IL->UserName.Buffer, 256);
353 wcstombs(password, IL->Password.Buffer, 256);
355 /* Make sure AD-DOMANS sent from login that is sent to us is striped */
356 ctemp = strchr(uname, '@');
357 if (ctemp) *ctemp = 0;
359 (void) RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PARMS_KEY,
360 0, KEY_QUERY_VALUE, &NPKey);
361 LSPsize=sizeof(TraceOption);
362 RegQueryValueEx(NPKey, "TraceOption", NULL,
363 &LSPtype, (LPBYTE)&TraceOption, &LSPsize);
370 (void) RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CLIENT_PROVIDER_KEY,
371 0, KEY_QUERY_VALUE, &NPKey);
373 LSPsize=sizeof(LogonOption);
374 code = RegQueryValueEx(NPKey, "LogonOptions", NULL,
375 &LSPtype, (LPBYTE)&LogonOption, &LSPsize);
378 if ((code!=0) || (LSPtype!=REG_DWORD))
379 LogonOption=LOGON_OPTION_INTEGRATED; /*default to integrated logon only*/
381 afsWillAutoStart = AFSWillAutoStart();
383 DebugEvent("AFS AfsLogon - NPLogonNotify","LogonOption[%x], Service AutoStart[%d]",
384 LogonOption,afsWillAutoStart);
386 /* Get local machine specified login behavior (or defaults) */
387 GetLoginBehavior(&retryInterval, &failSilently);
389 /* Check for zero length password if integrated logon*/
390 if ( ISLOGONINTEGRATED(LogonOption) ) {
391 if ( password[0] == 0 ) {
393 reason = "zero length password is illegal";
397 /* Get cell name if doing integrated logon */
398 code = cm_GetRootCellName(cell);
401 reason = "unknown cell";
405 /*only do if high security option is on*/
406 if (ISHIGHSECURITY(LogonOption))
407 *lpLogonScript = GetLogonScript(GenRandomName(RandomName));
410 /* loop until AFS is started. */
414 /* is service started yet?*/
415 DebugEvent("AFS AfsLogon - ka_UserAuthenticateGeneral2","Code[%x] uname[%s] Cell[%s]",
418 /* if Integrated Logon only */
419 if (ISLOGONINTEGRATED(LogonOption) && !ISHIGHSECURITY(LogonOption))
421 code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
422 uname, "", cell, password,uname, 0, &pw_exp, 0,
424 DebugEvent("AFS AfsLogon - (INTEGRATED only)ka_UserAuthenticateGeneral2","Code[%x]",
427 /* if Integrated Logon and High Security pass random generated name*/
428 else if (ISLOGONINTEGRATED(LogonOption) && ISHIGHSECURITY(LogonOption))
430 code = ka_UserAuthenticateGeneral2(KA_USERAUTH_VERSION+KA_USERAUTH_AUTHENT_LOGON,
431 uname, "", cell, password,RandomName, 0, &pw_exp, 0,
433 DebugEvent("AFS AfsLogon - (Both)ka_UserAuthenticateGeneral2","Code[%x] RandomName[%s]",
436 /*JUST check to see if its running*/
437 if (IsServiceRunning())
440 if (!afsWillAutoStart)
444 /* If we've failed because the client isn't running yet and the
445 * client is set to autostart (and therefore it makes sense for
446 * us to wait for it to start) then sleep a while and try again.
447 * If the error was something else, then give up. */
448 if (code != KTC_NOCM && code != KTC_NOCMRPC || !afsWillAutoStart)
451 /* If the retry interval has expired and we still aren't
452 * logged in, then just give up if we are not in interactive
453 * mode or the failSilently flag is set, otherwise let the
454 * user know we failed and give them a chance to try again. */
455 if (retryInterval <= 0) {
456 reason = "AFS not running";
457 if (!interactive || failSilently)
459 flag = MessageBox(hwndOwner,
460 "AFS is still starting. Retry?",
462 MB_ICONQUESTION | MB_RETRYCANCEL);
463 if (flag == IDCANCEL)
466 /* Wait just a little while and try again */
467 retryInterval = sleepInterval = DEFAULT_SLEEP_INTERVAL;
470 if (retryInterval < sleepInterval)
471 sleepInterval = retryInterval;
473 Sleep(sleepInterval * 1000);
475 retryInterval -= sleepInterval;
480 sprintf(msg, "Integrated login failed: %s", reason);
482 if (interactive && !failSilently)
483 MessageBox(hwndOwner, msg, "AFS Logon", MB_OK);
488 h = RegisterEventSource(NULL, AFS_DAEMON_EVENT_NAME);
490 ReportEvent(h, EVENTLOG_WARNING_TYPE, 0, 1008, NULL,
492 DeregisterEventSource(h);
494 code = MapAuthError(code);
497 if (ISLOGONINTEGRATED(LogonOption) && (code!=0))
500 LocalFree(*lpLogonScript);
501 *lpLogonScript = NULL;
502 if (!afsWillAutoStart) // its not running, so if not autostart or integrated logon then just skip
508 DebugEvent("AFS AfsLogon - Exit","Return Code[%x]",code);
512 DWORD APIENTRY NPPasswordChangeNotify(
513 LPCWSTR lpAuthentInfoType,
514 LPVOID lpAuthentInfo,
515 LPCWSTR lpPreviousAuthentInfoType,
516 LPVOID lpPreviousAuthentInfo,
517 LPWSTR lpStationName,
518 LPVOID StationHandle,
521 DebugEvent0("AFS AfsLogon - NPPasswordChangeNotify");