From cd15a8abde7c6acc763a2c84d731ac1f509ee14c Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Fri, 30 Mar 2007 18:38:42 +0000 Subject: [PATCH] pull up r19296 from trunk r19296@cathode-dark-space: jaltman | 2007-03-28 14:03:45 -0400 ticket: new subject: KFW: problems with non-interactive logons component: windows tags: pullup Non-interactive logons cause two problems: (1) on XP/2003 the logon event handlers do not get triggered and on all platforms the LogonScript does not get executed. As a result, ccache files are not deleted. (2) on all platforms, accessing the credential cache causes krbcc32s.exe to be spawned. This process never terminates. This patch tests for interactive logons. If the logon is not interactive, the Network Provider exits immediately. ticket: 5493 version_fixed: 1.6.1 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19340 dc483132-0cff-0310-8789-dd5450dbe970 --- src/windows/kfwlogon/kfwlogon.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/src/windows/kfwlogon/kfwlogon.c b/src/windows/kfwlogon/kfwlogon.c index 3974a2ca7..ebfca873d 100644 --- a/src/windows/kfwlogon/kfwlogon.c +++ b/src/windows/kfwlogon/kfwlogon.c @@ -203,7 +203,10 @@ DWORD APIENTRY NPLogonNotify( HWND hwndOwner = (HWND)StationHandle; BOOLEAN lowercased_name = TRUE; - if ( !KFW_is_available() ) + /* Are we interactive? */ + interactive = (wcscmp(lpStationName, L"WinSta0") == 0); + + if ( !interactive || !KFW_is_available() ) return 0; DebugEvent("NPLogonNotify - LoginId(%d,%d)", lpLogonId->HighPart, lpLogonId->LowPart); @@ -227,8 +230,7 @@ DWORD APIENTRY NPLogonNotify( IL = (MSV1_0_INTERACTIVE_LOGON *) lpAuthentInfo; - /* Are we interactive? */ - interactive = (wcscmp(lpStationName, L"WinSta0") == 0); + DebugEvent("Interactive %s", interactive ? "yes" : "no"); /* Convert from Unicode to ANSI */ @@ -315,17 +317,24 @@ DWORD APIENTRY NPLogonNotify( DebugEvent("LookupAccountName obtained user %s sid in domain %s", acctname, pReferencedDomainName); code = KFW_set_ccache_dacl_with_user_sid(filename, pUserSid); +#ifdef USE_WINLOGON_EVENT /* If we are on Vista, setup a LogonScript * that will execute the LogonEventHandler entry point via rundll32.exe */ if (is_windows_vista()) { ConfigureLogonScript(lpLogonScript, filename); if (*lpLogonScript) - DebugEvent("LogonScript \"%s\"", *lpLogonScript); + DebugEvent0("LogonScript assigned"); else DebugEvent0("No Logon Script"); - } +#else + ConfigureLogonScript(lpLogonScript, filename); + if (*lpLogonScript) + DebugEvent0("LogonScript assigned"); + else + DebugEvent0("No Logon Script"); +#endif } else { DebugEvent0("LookupAccountName failed"); DeleteFile(filename); @@ -434,6 +443,7 @@ GetSecurityLogonSessionData(HANDLE hToken, PSECURITY_LOGON_SESSION_DATA * ppSess VOID KFW_Logon_Event( PWLX_NOTIFICATION_INFO pInfo ) { +#ifdef USE_WINLOGON_EVENT WCHAR szUserW[128] = L""; char szUserA[128] = ""; char szPath[MAX_PATH] = ""; @@ -540,6 +550,7 @@ VOID KFW_Logon_Event( PWLX_NOTIFICATION_INFO pInfo ) DeleteFile(newfilename); DebugEvent0("KFW_Logon_Event - End"); +#endif /* USE_WINLOGON_EVENT */ } -- 2.26.2