WinLogon calling WlxWkstaLockedSAS and WlxLoggedOnSAS simultaneous

From: Marco van Nieuwenhoven (MarcovanNieuwenhoven_at_discussions.microsoft.com)
Date: 01/05/05

  • Next message: test: "test" 
    Date: Wed, 5 Jan 2005 11:59:08 -0800

    Hi all.

    I have made a Gina replacement module which is a full implementation for all
    the commands based on WLX_VERSION_1_0.

    I'll first describe what happens. Below that is the full story with
    implementation details.

    The result I am getting is the following. I insert a USB token and a get a
    call to WlxWkstaLockedSAS followed by WlxLoggedOnSAS when the
    WlxWkstaLockedSAS was not even finished. This should not happen at all. The
    PC was in locked state and then I should only get WlxWkstaLockedSAS. The
    strange thing is that the WlxLoggedOnSAS already is called by WinLogon before
    the WlxWkstaLockedSAS has returned.

    Here it is step by step:
    The job description was to have a logon based on an insertion of a USB token
    (Rainbow iKey1000).

    >>>>>
    WinLogon calls DllMain(ProcesAttach) is called and stored the hWlx

    WinLogon calls WlxNegotiate is called and it detects version 1.4 which is
    Windows XP
    We set parameter 2 to WLX_VERSION_1_0 because this is the first
    implementation of these calls. The rest will follow.

    WinLogon calls WlxInitialize. Here I create a background hread which
    monitors insertion and removal of the iKey 1000. Every seconds it does a
    check for the presence. What exactly happens when an event occurs is
    described later.

    WinLogon calls WlxDisplaySASNotice. The dialog IDD_DLG_DISPLAYSASNOTICE pops
    up and waits for a sas event. When then the USB token is inserted the message
    WM_COMMAND,IDD_BUTTON_VIRTUAL_INSERT is sent to the dialog handle of
    IDD_DLG_DISPLAYSASNOTICE. This is captured by the DlgProc function. The
    DlgProc does
    EndDialog (IDD_BUTTON_VIRTUAL_INSERT)which is then returned as dialogresult
    from WlxDialogBoxParam. Inside WlxDisplaySASNotice the function
    WlxSasNotify(WLX_SAS_TYPE_SC_INSERT) is called because WlxDisplaySASNotice is
    a void function.

    WinLogon calls WlxLoggedOutSAS because is has received the
    WLX_SAS_TYPE_SC_INSERT notification. The dialog IDD_DLG_LOGGEDOUTSAS pops up.
    After pressing OK the message IDD_BUTTON_OK is sent to the DlgProc function.
    The DlgProc does LogonUser, on ok it sets the UserToken, does
    GetTokenInformation and sets the AuthenticationId, makes a TOKEN_GROUPS
    structure and sets it to the LogonSID. When credentials are all ok we finaly
    return WLX_SAS_ACTION_LOGON.

    Still following me? I hope so.

    WinLogon calls WlxActivateUserShell and here we call
    %Windows%\System32\userinit.exe. Got userinit command from
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Don't
    forget to loose the comma).

    After this the desktop pops up ok. Now the USB token can be removed.

    The thread which detects the USB token removal calls
    WlxSasNotify(WLX_SAS_TYPE_SC_REMOVE).

    WinLogon calls WlxLoggedOnSAS which sees dwSasType == WLX_SAS_TYPE_SC_REMOVE
    then returns WLX_SAS_ACTION_LOCK_WKSTA.

    WinLogon calls WlxDisplayLockedNotice. The dialog
    IDD_DLG_DISPLAYLOCKEDNOTICE pops up and waits for a sas event.

    Insert the USB Token.

    The thread which detects the USB token insertion calls
    WlxSasNotify(WLX_SAS_TYPE_SC_INSERT).

    WinLogon calls WlxWkstaLockedSAS. The DlgProc gets a command WM_COMMAND with
    lParam 1954.

    NOW IT HAPPENS!

    WinLogon calls WlxLoggedOnSAS even before WlxWkstaLockedSAS is finished.
    Huh? I thought that the machine was locked and I should not receive
    WlxLoggedOnSAS in this stage.
    <<<<<

    Oh yeah, I promised to tell about the thread. I got some global variables
    which remember all the dialog handles. When a dialog pops up the
    corresponding global is filled and on exit the global is cleared. When now
    the thread gets an event it looks if there is a dialog present. when so it
    does a global SendMessage (WM_COMMAND) with a specific event code. When there
    is no dialog present it calls WlxSasNotify(WLX_SAS_TYPE_SC_?????).

    Has anyone have any idea? I am willing to share my full source code.

  • Next message: test: "test"
    • Quantcast