Sunday, May 29, 2011

Some Notes about GINA

GINA (Graphical Identification and Authentication) is a component which works with Winlogon to provide secure authentication and interactive logon services for Windows before Windows Vista. GINA is implemented as a replaceable dynamic link library (DLL), so that one can customize it by writing his own DLL. For GINA basics, please read them here. Below I would like to make some notes about problems I met while developing a customized GINA. I will expand the list when I find something new.
  1. Do not call WlxSasNotify() to notify Winlogon for a SAS (Secure Attention Sequence, normally Ctrl+Alt+Del) in a thread different from the GINA thread. In my case, I post a message using PostMessage() SendMessage() to the SAS dialog box and call WlxSasNotify() there. Otherwise, the machine failed to shut down after recovering from hibernate.
  2. Normally, Winlogon will capture a SAS appearance and call appropriate GINA functions. If you are replacing it with something else (so you are not triggering SAS manually), I have found that Winlogon may fail to call those GINA functions and results in halting between logon and logoff/locked states. Therefore you should notify Winlogon using WlxSasNotify(). However, you cannot just call WlxSasNotify() in anywhere, otherwise you may trigger some other abnormal behavior. After trial and error, I found that only calling WlxSasNotify() from the dialog box gives out normal results.
Update: Using PostMessage() will trigger another bug (cannot shut down after recovering from standby)