#include <windows.h>

#include <Ntsecapi.h>

#include <wtsapi32.h> /* For WTS* calls. */

#include <psapi.h> /* EnumProcesses. */

#include <iprt/assert.h>

#include <iprt/mem.h>

#include <iprt/thread.h>

#include <iprt/string.h>

#include <iprt/semaphore.h>

#include <iprt/system.h>

#include <iprt/time.h>

#include <VBox/VBoxGuestLib.h>

#include "VBoxServiceInternal.h"

#include "VBoxServiceUtils.h"

#ifndef TARGET_NT4

/** Function prototypes for dynamic loading. */

extern fnWTSGetActiveConsoleSessionId g_pfnWTSGetActiveConsoleSessionId;

/** The vminfo interval (millseconds). */

uint32_t g_VMInfoLoggedInUsersCount = 0;

#endif

#ifndef TARGET_NT4

DWORD VboxServiceVMInfoWinGetLUIDsFromProcesses(PLUID *ppLuid)

{

DWORD dwSize, dwSize2, dwIndex ;

LPDWORD lpdwPIDs ;

DWORD dwLastError = ERROR_SUCCESS;

if (!ppLuid)

{

SetLastError(ERROR_INVALID_PARAMETER);

return 0L;

}

/* Call the PSAPI function EnumProcesses to get all of the

dwSize2 = 256 * sizeof(DWORD);

lpdwPIDs = NULL;

do

{

if (lpdwPIDs)

{

HeapFree(GetProcessHeap(), 0, lpdwPIDs) ;

dwSize2 *= 2;

}

lpdwPIDs = (unsigned long *)HeapAlloc(GetProcessHeap(), 0, dwSize2);

if (lpdwPIDs == NULL)

return 0L; // Last error will be that of HeapAlloc

if (!EnumProcesses( lpdwPIDs, dwSize2, &dwSize))

{

DWORD dw = GetLastError();

HeapFree(GetProcessHeap(), 0, lpdwPIDs);

SetLastError(dw);

return 0L;

}

}

while (dwSize == dwSize2);

/* At this point we have an array of the PIDs at the

/* How many ProcIDs did we get? */

dwSize /= sizeof(DWORD);

dwSize2 = 0L; /* Our return value of found luids. */

*ppLuid = (LUID *)LocalAlloc(LPTR, dwSize*sizeof(LUID));

if (!(*ppLuid))

{

dwLastError = GetLastError();

goto CLEANUP;

}

for (dwIndex = 0; dwIndex < dwSize; dwIndex++)

{

(*ppLuid)[dwIndex].LowPart =0L;

(*ppLuid)[dwIndex].HighPart=0;

/* Open the process (if we can... security does not

HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE, lpdwPIDs[dwIndex]);

if ( hProcess != NULL )

{

HANDLE hAccessToken;

if (OpenProcessToken(hProcess, TOKEN_QUERY, &hAccessToken))

{

TOKEN_STATISTICS ts;

DWORD dwSize;

if (GetTokenInformation(hAccessToken, TokenStatistics, &ts, sizeof ts, &dwSize))

{

DWORD dwTmp = 0L;

BOOL bFound = FALSE;

for (;dwTmp<dwSize2 && !bFound;dwTmp++)

bFound = (*ppLuid)[dwTmp].HighPart == ts.AuthenticationId.HighPart &&

(*ppLuid)[dwTmp].LowPart == ts.AuthenticationId.LowPart;

if (!bFound)

(*ppLuid)[dwSize2++] = ts.AuthenticationId;

}

CloseHandle(hAccessToken);

}

CloseHandle(hProcess);

}

/* We don't really care if OpenProcess or OpenProcessToken fail or succeed, because

}

CLEANUP:

if (lpdwPIDs)

HeapFree(GetProcessHeap(), 0, lpdwPIDs);

if (ERROR_SUCCESS !=dwLastError)

SetLastError(dwLastError);

return dwSize2;

}

BOOL VboxServiceVMInfoWinIsLoggedIn(VBOXSERVICEVMINFOUSER* a_pUserInfo,

PLUID a_pSession,

PLUID a_pLuid,

DWORD a_dwNumOfProcLUIDs)

{

BOOL bLoggedIn = FALSE;

BOOL bFoundUser = FALSE;

PSECURITY_LOGON_SESSION_DATA sessionData = NULL;

NTSTATUS r = 0;

WCHAR *usBuffer = NULL;

int iLength = 0;

if (!a_pSession)

return FALSE;

r = LsaGetLogonSessionData (a_pSession, &sessionData);

if (r != STATUS_SUCCESS)

{

VBoxServiceError("LsaGetLogonSessionData failed, LSA error %lu\n", LsaNtStatusToWinError(r));

if (sessionData)

LsaFreeReturnBuffer(sessionData);

return FALSE;

}

if (!sessionData)

{

VBoxServiceError("Invalid logon session data.\n");

return FALSE;

}

VBoxServiceVerbose(3, "Users: Session data: Name = %ls, Len = %d, SID = %s, LogonID = %d,%d\n",

(sessionData->UserName).Buffer, (sessionData->UserName).Length, (sessionData->Sid != NULL) ? "1" : "0", sessionData->LogonId.HighPart, sessionData->LogonId.LowPart);

if ((sessionData->UserName.Buffer != NULL) &&

(sessionData->Sid != NULL) &&

(sessionData->LogonId.LowPart != 0))

{

/* Get the user name. */

usBuffer = (sessionData->UserName).Buffer;

iLength = (sessionData->UserName).Length;

if (iLength > sizeof(a_pUserInfo->szUser) - sizeof(TCHAR)) /* -sizeof(TCHAR) because we have to add the terminating null char at the end later. */

{

VBoxServiceVerbose(0, "User name too long (%d bytes) for buffer! Name will be truncated.\n", iLength);

iLength = sizeof(a_pUserInfo->szUser) - sizeof(TCHAR);

}

wcsncpy (a_pUserInfo->szUser, usBuffer, iLength);

wcscat (a_pUserInfo->szUser, L""); /* Add terminating null char. */

/* Get authentication package. */

usBuffer = (sessionData->AuthenticationPackage).Buffer;

iLength = (sessionData->AuthenticationPackage).Length;

if (iLength > sizeof(a_pUserInfo->szAuthenticationPackage) - sizeof(TCHAR)) /* -sizeof(TCHAR) because we have to add the terminating null char at the end later. */

{

VBoxServiceVerbose(0, "Authentication pkg name too long (%d bytes) for buffer! Name will be truncated.\n", iLength);

iLength = sizeof(a_pUserInfo->szAuthenticationPackage) - sizeof(TCHAR);

}

wcsncpy (a_pUserInfo->szAuthenticationPackage, usBuffer, iLength);

wcscat (a_pUserInfo->szAuthenticationPackage, L""); /* Add terminating null char. */

/* Get logon domain. */

usBuffer = (sessionData->LogonDomain).Buffer;

iLength = (sessionData->LogonDomain).Length;

if (iLength > sizeof(a_pUserInfo->szLogonDomain) - sizeof(TCHAR)) /* -sizeof(TCHAR) because we have to add the terminating null char at the end later. */

{

VBoxServiceVerbose(0, "Logon domain name too long (%d bytes) for buffer! Name will be truncated.\n", iLength);

iLength = sizeof(a_pUserInfo->szLogonDomain) - sizeof(TCHAR);

}

wcsncpy (a_pUserInfo->szLogonDomain, usBuffer, iLength);

wcscat (a_pUserInfo->szLogonDomain, L""); /* Add terminating null char. */

/* Only handle users which can login interactively or logged in remotely over native RDP. */

if ( (((SECURITY_LOGON_TYPE)sessionData->LogonType == Interactive)

|| ((SECURITY_LOGON_TYPE)sessionData->LogonType == RemoteInteractive))

&& (sessionData->Sid != NULL))

{

TCHAR szOwnerName [_MAX_PATH] = { 0 };

DWORD dwOwnerNameSize = _MAX_PATH;

TCHAR szDomainName [_MAX_PATH] = { 0 };

DWORD dwDomainNameSize = _MAX_PATH;

SID_NAME_USE ownerType;

if (LookupAccountSid(NULL,

sessionData->Sid,

szOwnerName,

&dwOwnerNameSize,

szDomainName,

&dwDomainNameSize,

&ownerType))

{

VBoxServiceVerbose(3, "Account User=%ls, Session=%ld, LUID=%ld,%ld, AuthPkg=%ls, Domain=%ls\n",

a_pUserInfo->szUser, sessionData->Session, sessionData->LogonId.HighPart, sessionData->LogonId.LowPart, a_pUserInfo->szAuthenticationPackage, a_pUserInfo->szLogonDomain);

/* The session ID increments/decrements on Vista often! So don't compare

DWORD dwActiveSession = 0;

if (g_pfnWTSGetActiveConsoleSessionId != NULL) /* Check terminal session ID. */

dwActiveSession = g_pfnWTSGetActiveConsoleSessionId();

/*VBoxServiceVerbose(3, ("Users: Current active session ID: %ld\n", dwActiveSession));*/

if (SidTypeUser == ownerType)

{

char* pBuffer = NULL;

DWORD dwBytesRet = 0;

int iState = 0;

if (WTSQuerySessionInformation( /* Detect RDP sessions as well. */

WTS_CURRENT_SERVER_HANDLE,

WTS_CURRENT_SESSION,

WTSConnectState,

&pBuffer,

&dwBytesRet))

{

/*VBoxServiceVerbose(3, ("Users: WTSQuerySessionInformation returned %ld bytes, p=%p, state=%d\n", dwBytesRet, pBuffer, pBuffer != NULL ? (INT)*pBuffer : -1));*/

if(dwBytesRet)

iState = *pBuffer;

if ( (iState == WTSActive) /* User logged on to WinStation. */

|| (iState == WTSShadow) /* Shadowing another WinStation. */

|| (iState == WTSDisconnected)) /* WinStation logged on without client. */

{

/** @todo On Vista and W2K, always "old" user name are still

VBoxServiceVerbose(3, "Users: Account User=%ls is logged in via TCS/RDP. State=%d\n", a_pUserInfo->szUser, iState);

bFoundUser = TRUE;

}

}

else

{

/* Terminal services don't run (for example in W2K, nothing to worry about ...). */

/* ... or is on Vista fast user switching page! */

bFoundUser = TRUE;

}

if (pBuffer)

WTSFreeMemory(pBuffer);

/* A user logged in, but it could be a stale/orphaned logon session. */

BOOL bFoundInLUIDs = FALSE;

for (DWORD dwIndex = 0; dwIndex < a_dwNumOfProcLUIDs; dwIndex++)

{

if ( (a_pLuid[dwIndex].HighPart == sessionData->LogonId.HighPart)

&& (a_pLuid[dwIndex].LowPart == sessionData->LogonId.LowPart))

{

bLoggedIn = TRUE;

VBoxServiceVerbose(3, "User \"%ls\" is logged in!\n", a_pUserInfo->szUser);

break;

}

}

}

}

}

}

LsaFreeReturnBuffer(sessionData);

return bLoggedIn;

}

#endif /* TARGET_NT4 */

int VboxServiceWinGetAddsVersion(uint32_t uiClientID)

{

char szInstDir[_MAX_PATH] = {0};

char szRev[_MAX_PATH] = {0};

char szVer[_MAX_PATH] = {0};

HKEY hKey = NULL;

long rc = 0;

DWORD dwSize = 0;

DWORD dwType = 0;

VBoxServiceVerbose(3, "Guest Additions version lookup: Looking up ...\n");

/* Check the new path first. */

rc = RegOpenKeyExA (HKEY_LOCAL_MACHINE, "SOFTWARE\\Sun\\VirtualBox Guest Additions", 0, KEY_READ, &hKey);

if (rc != ERROR_SUCCESS)

{

VBoxServiceVerbose(3, "Guest Additions version lookup: Looking in xVM key ...\n");

/* New path does not exist, check the old one ... */

rc = RegOpenKeyExA (HKEY_LOCAL_MACHINE, "SOFTWARE\\Sun\\xVM VirtualBox Guest Additions", 0, KEY_READ, &hKey);

if (rc != ERROR_SUCCESS)

{

/* Nothing seems to exist, print some warning. */

VBoxServiceError("Failed to open registry key (guest additions)! Error: %d\n", rc);

return 1;

}

}

VBoxServiceVerbose(3, "Guest Additions version lookup: Key: 0x%p, RC: %d\n", hKey, rc);

/* Installation directory. */

dwSize = sizeof(szInstDir);

rc = RegQueryValueExA (hKey, "InstallDir", NULL, &dwType, (BYTE*)(LPCTSTR)szInstDir, &dwSize);

if ((rc != ERROR_SUCCESS) && (rc != ERROR_FILE_NOT_FOUND))

{

RegCloseKey (hKey);

VBoxServiceError("Failed to query registry key (install directory)! Error: %d\n", rc);

return 1;

}

/* Flip slashes. */

for (char* pszTmp = &szInstDir[0]; *pszTmp; ++pszTmp)

if (*pszTmp == '\\')

*pszTmp = '/';

/* Revision. */

dwSize = sizeof(szRev);

rc = RegQueryValueExA (hKey, "Revision", NULL, &dwType, (BYTE*)(LPCTSTR)szRev, &dwSize);

if ((rc != ERROR_SUCCESS) && (rc != ERROR_FILE_NOT_FOUND))

{

RegCloseKey (hKey);

VBoxServiceError("Failed to query registry key (revision)! Error: %d\n", rc);

return 1;

}

/* Version. */

dwSize = sizeof(szVer);

rc = RegQueryValueExA (hKey, "Version", NULL, &dwType, (BYTE*)(LPCTSTR)szVer, &dwSize);

if ((rc != ERROR_SUCCESS) && (rc != ERROR_FILE_NOT_FOUND))

{

RegCloseKey (hKey);

VBoxServiceError("Failed to query registry key (version)! Error: %u\n", rc);

return 1;

}

/* Write information to host. */

VboxServiceWriteProp(uiClientID, "GuestAdd/InstallDir", szInstDir);

VboxServiceWriteProp(uiClientID, "GuestAdd/Revision", szRev);

VboxServiceWriteProp(uiClientID, "GuestAdd/Version", szVer);

RegCloseKey (hKey);

return VINF_SUCCESS;

}

int VboxServiceWinGetComponentVersions(uint32_t uiClientID)

{

int rc;

char szVer[_MAX_PATH] = {0};

char szPropPath[_MAX_PATH] = {0};

char szSysDir[_MAX_PATH] = {0};

char szWinDir[_MAX_PATH] = {0};

char szDriversDir[_MAX_PATH + 32] = {0};

GetSystemDirectory(szSysDir, _MAX_PATH);

GetWindowsDirectory(szWinDir, _MAX_PATH);

RTStrPrintf(szDriversDir, (_MAX_PATH + 32), "%s\\drivers", szSysDir);

#ifdef RT_ARCH_AMD64

char szSysWowDir[_MAX_PATH + 32] = {0};

RTStrPrintf(szSysWowDir, (_MAX_PATH + 32), "%s\\SysWow64", szWinDir);

#endif

/* The file information table. */

#ifndef TARGET_NT4

VBOXSERVICEVMINFOFILE vboxFileInfoTable[] =

{

{ szSysDir, "VBoxControl.exe", },

{ szSysDir, "VBoxHook.dll", },

{ szSysDir, "VBoxDisp.dll", },

{ szSysDir, "VBoxMRXNP.dll", },

{ szSysDir, "VBoxService.exe", },

{ szSysDir, "VBoxTray.exe", },

{ szSysDir, "VBoxGINA.dll", },

/* On 64-bit we don't yet have the OpenGL DLLs in native format.

#ifdef RT_ARCH_AMD64

{ szSysWowDir, "VBoxOGLarrayspu.dll", },

{ szSysWowDir, "VBoxOGLcrutil.dll", },

{ szSysWowDir, "VBoxOGLerrorspu.dll", },

{ szSysWowDir, "VBoxOGLpackspu.dll", },

{ szSysWowDir, "VBoxOGLpassthroughspu.dll", },

{ szSysWowDir, "VBoxOGLfeedbackspu.dll", },

{ szSysWowDir, "VBoxOGL.dll", },

#else

{ szSysDir, "VBoxOGLarrayspu.dll", },

{ szSysDir, "VBoxOGLcrutil.dll", },

{ szSysDir, "VBoxOGLerrorspu.dll", },

{ szSysDir, "VBoxOGLpackspu.dll", },

{ szSysDir, "VBoxOGLpassthroughspu.dll", },

{ szSysDir, "VBoxOGLfeedbackspu.dll", },

{ szSysDir, "VBoxOGL.dll", },

#endif

{ szDriversDir, "VBoxGuest.sys", },

{ szDriversDir, "VBoxMouse.sys", },

{ szDriversDir, "VBoxSF.sys", },

{ szDriversDir, "VBoxVideo.sys", },

{

NULL

}

};

#else /* File lookup for NT4. */

VBOXSERVICEVMINFOFILE vboxFileInfoTable[] =

{

{ szSysDir, "VBoxControl.exe", },

{ szSysDir, "VBoxHook.dll", },

{ szSysDir, "VBoxDisp.dll", },

{ szSysDir, "VBoxService.exe", },

{ szSysDir, "VBoxTray.exe", },

{ szDriversDir, "VBoxGuestNT.sys", },

{ szDriversDir, "VBoxMouseNT.sys", },

{ szDriversDir, "VBoxVideo.sys", },

{

NULL

}

};

#endif

PVBOXSERVICEVMINFOFILE pTable = vboxFileInfoTable;

Assert(pTable);

while (pTable->pszFileName)

{

rc = VboxServiceGetFileVersionString(pTable->pszFilePath, pTable->pszFileName, szVer, sizeof(szVer));

RTStrPrintf(szPropPath, sizeof(szPropPath), "GuestAdd/Components/%s", pTable->pszFileName);

VboxServiceWriteProp(uiClientID, szPropPath, szVer);

pTable++;

}

return VINF_SUCCESS;

}