Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-22 16:36:33 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ADVAPI32][SERVICES] Add (dummy) password encryption/decryption functions to CreateServiceA/W and ChangeServiceConfigA/W in order to prepare to pass encrypted passwords to the service manager

Browse source
This commit is contained in:
Eric Kohl 2018-09-17 16:34:48 +02:00
parent a631e31c86
commit 5e2c4657ca
4 changed files with 177 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
base/system/services/config.c
View file

@ -677,4 +677,28 @@ done:
return dwError; return dwError;
} }
DWORD
ScmDecryptPassword(
_In_ PBYTE pPassword,
_In_ DWORD dwPasswordSize,
_Out_ PWSTR *pClearTextPassword)
{
PWSTR pBuffer;
/* Allocate a buffer for the decrypted password */
pBuffer = HeapAlloc(GetProcessHeap(), 0, dwPasswordSize);
if (pBuffer == NULL)
return ERROR_OUTOFMEMORY;
/* Decrypt the password */
CopyMemory(pBuffer,
pPassword,
dwPasswordSize);
*pClearTextPassword = pBuffer;
return ERROR_SUCCESS;
}
/* EOF */ /* EOF */

49
base/system/services/rpcserver.c
View file

@ -1934,6 +1934,7 @@ RChangeServiceConfigW(
HKEY hServiceKey = NULL; HKEY hServiceKey = NULL;
LPWSTR lpDisplayNameW = NULL; LPWSTR lpDisplayNameW = NULL;
LPWSTR lpImagePathW = NULL; LPWSTR lpImagePathW = NULL;
LPWSTR lpClearTextPassword = NULL;
DPRINT("RChangeServiceConfigW() called\n"); DPRINT("RChangeServiceConfigW() called\n");
DPRINT("dwServiceType = 0x%lx\n", dwServiceType); DPRINT("dwServiceType = 0x%lx\n", dwServiceType);
@ -1941,6 +1942,9 @@ RChangeServiceConfigW(
DPRINT("dwErrorControl = %lu\n", dwErrorControl); DPRINT("dwErrorControl = %lu\n", dwErrorControl);
DPRINT("lpBinaryPathName = %S\n", lpBinaryPathName); DPRINT("lpBinaryPathName = %S\n", lpBinaryPathName);
DPRINT("lpLoadOrderGroup = %S\n", lpLoadOrderGroup); DPRINT("lpLoadOrderGroup = %S\n", lpLoadOrderGroup);
DPRINT("lpServiceStartName = %S\n", lpServiceStartName);
DPRINT("lpPassword = %p\n", lpPassword);
DPRINT("dwPwSite = %lu\n", dwPwSize);
DPRINT("lpDisplayName = %S\n", lpDisplayName); DPRINT("lpDisplayName = %S\n", lpDisplayName);
if (ScmShutdown) if (ScmShutdown)
@ -2199,13 +2203,25 @@ RChangeServiceConfigW(
{ {
if (*(LPWSTR)lpPassword != 0) if (*(LPWSTR)lpPassword != 0)
{ {
/* FIXME: Decrypt the password */ /* Decrypt the password */
dwError = ScmDecryptPassword(lpPassword,
dwPwSize,
&lpClearTextPassword);
if (dwError != ERROR_SUCCESS)
{
DPRINT1("ScmDecryptPassword failed (Error %lu)\n", dwError);
goto done;
}
DPRINT1("Clear text password: %S\n", lpClearTextPassword);
/* Write the password */ /* Write the password */
dwError = ScmSetServicePassword(lpService->szServiceName, dwError = ScmSetServicePassword(lpService->szServiceName,
(LPCWSTR)lpPassword); lpClearTextPassword);
if (dwError != ERROR_SUCCESS) if (dwError != ERROR_SUCCESS)
{
DPRINT1("ScmSetServicePassword failed (Error %lu)\n", dwError);
goto done; goto done;
}
} }
else else
{ {
@ -2216,12 +2232,23 @@ RChangeServiceConfigW(
dwError = ERROR_SUCCESS; dwError = ERROR_SUCCESS;
if (dwError != ERROR_SUCCESS) if (dwError != ERROR_SUCCESS)
{
DPRINT1("ScmSetServicePassword failed (Error %lu)\n", dwError);
goto done; goto done;
}
} }
} }
} }
done: done:
if (lpClearTextPassword != NULL)
{
/* Wipe and release the password buffer */
ZeroMemory(lpClearTextPassword,
(wcslen(lpClearTextPassword) + 1) * sizeof(WCHAR));
HeapFree(GetProcessHeap(), 0, lpClearTextPassword);
}
if (hServiceKey != NULL) if (hServiceKey != NULL)
RegCloseKey(hServiceKey); RegCloseKey(hServiceKey);
@ -2260,6 +2287,7 @@ RCreateServiceW(
PSERVICE lpService = NULL; PSERVICE lpService = NULL;
SC_HANDLE hServiceHandle = NULL; SC_HANDLE hServiceHandle = NULL;
LPWSTR lpImagePath = NULL; LPWSTR lpImagePath = NULL;
LPWSTR lpClearTextPassword = NULL;
HKEY hServiceKey = NULL; HKEY hServiceKey = NULL;
LPWSTR lpObjectName; LPWSTR lpObjectName;
@ -2576,11 +2604,16 @@ RCreateServiceW(
if (lpPassword != NULL && *(LPWSTR)lpPassword != 0) if (lpPassword != NULL && *(LPWSTR)lpPassword != 0)
{ {
/* FIXME: Decrypt the password */ /* Decrypt the password */
dwError = ScmDecryptPassword(lpPassword,
dwPwSize,
&lpClearTextPassword);
if (dwError != ERROR_SUCCESS)
goto done;
/* Write the password */ /* Write the password */
dwError = ScmSetServicePassword(lpServiceName, dwError = ScmSetServicePassword(lpServiceName,
(LPCWSTR)lpPassword); lpClearTextPassword);
if (dwError != ERROR_SUCCESS) if (dwError != ERROR_SUCCESS)
goto done; goto done;
} }
@ -2612,6 +2645,14 @@ done:
if (hServiceKey != NULL) if (hServiceKey != NULL)
RegCloseKey(hServiceKey); RegCloseKey(hServiceKey);
if (lpClearTextPassword != NULL)
{
/* Wipe and release the password buffer */
ZeroMemory(lpClearTextPassword,
(wcslen(lpClearTextPassword) + 1) * sizeof(WCHAR));
HeapFree(GetProcessHeap(), 0, lpClearTextPassword);
}
if (dwError == ERROR_SUCCESS) if (dwError == ERROR_SUCCESS)
{ {
DPRINT("hService %p\n", hServiceHandle); DPRINT("hService %p\n", hServiceHandle);

7
base/system/services/services.h
View file

@ -150,6 +150,13 @@ ScmDeleteRegKey(
_In_ HKEY hKey, _In_ HKEY hKey,
_In_ PCWSTR pszSubKey); _In_ PCWSTR pszSubKey);
DWORD
ScmDecryptPassword(
_In_ PBYTE pPassword,
_In_ DWORD dwPasswordSize,
_Out_ PWSTR *pDecryptedPassword);
/* controlset.c */ /* controlset.c */
BOOL ScmGetControlSetValues(VOID); BOOL ScmGetControlSetValues(VOID);

123
dll/win32/advapi32/service/scm.c
View file

@ -155,6 +155,33 @@ ScmRpcStatusToWinError(RPC_STATUS Status)
} }
static
DWORD
ScmEncryptPassword(
_In_ PCWSTR pClearTextPassword,
_Out_ PBYTE *pEncryptedPassword,
_Out_ PDWORD pEncryptedPasswordSize)
{
DWORD dwSize;
PBYTE pBuffer;
dwSize = (wcslen(pClearTextPassword) + 1) * sizeof(WCHAR);
pBuffer = HeapAlloc(GetProcessHeap(), 0, dwSize);
if (pBuffer == NULL)
return ERROR_OUTOFMEMORY;
CopyMemory(pBuffer,
pClearTextPassword,
dwSize);
*pEncryptedPassword = pBuffer;
*pEncryptedPasswordSize = dwSize;
return ERROR_SUCCESS;
}
/********************************************************************** /**********************************************************************
* ChangeServiceConfig2A * ChangeServiceConfig2A
* *
@ -293,12 +320,12 @@ ChangeServiceConfigA(SC_HANDLE hService,
DWORD dwDependenciesLength = 0; DWORD dwDependenciesLength = 0;
SIZE_T cchLength; SIZE_T cchLength;
LPCSTR lpStr; LPCSTR lpStr;
DWORD dwPasswordLength = 0; DWORD dwPasswordSize = 0;
LPWSTR lpPasswordW = NULL; LPWSTR lpPasswordW = NULL;
LPBYTE lpEncryptedPassword = NULL; LPBYTE lpEncryptedPassword = NULL;
TRACE("ChangeServiceConfigA(%p %lu %lu %lu %s %s %p %s %s %s %s)\n", TRACE("ChangeServiceConfigA(%p %lu %lu %lu %s %s %p %s %s %s %s)\n",
dwServiceType, dwStartType, dwErrorControl, debugstr_a(lpBinaryPathName), hService, dwServiceType, dwStartType, dwErrorControl, debugstr_a(lpBinaryPathName),
debugstr_a(lpLoadOrderGroup), lpdwTagId, debugstr_a(lpDependencies), debugstr_a(lpLoadOrderGroup), lpdwTagId, debugstr_a(lpDependencies),
debugstr_a(lpServiceStartName), debugstr_a(lpPassword), debugstr_a(lpDisplayName)); debugstr_a(lpServiceStartName), debugstr_a(lpPassword), debugstr_a(lpDisplayName));
@ -334,9 +361,12 @@ ChangeServiceConfigA(SC_HANDLE hService,
lpPasswordW, lpPasswordW,
(int)(strlen(lpPassword) + 1)); (int)(strlen(lpPassword) + 1));
/* FIXME: Encrypt the password */ /* Encrypt the unicode password */
lpEncryptedPassword = (LPBYTE)lpPasswordW; dwError = ScmEncryptPassword(lpPasswordW,
dwPasswordLength = (wcslen(lpPasswordW) + 1) * sizeof(WCHAR); &lpEncryptedPassword,
&dwPasswordSize);
if (dwError != ERROR_SUCCESS)
goto done;
} }
RpcTryExcept RpcTryExcept
@ -352,7 +382,7 @@ ChangeServiceConfigA(SC_HANDLE hService,
dwDependenciesLength, dwDependenciesLength,
(LPSTR)lpServiceStartName, (LPSTR)lpServiceStartName,
lpEncryptedPassword, lpEncryptedPassword,
dwPasswordLength, dwPasswordSize,
(LPSTR)lpDisplayName); (LPSTR)lpDisplayName);
} }
RpcExcept(EXCEPTION_EXECUTE_HANDLER) RpcExcept(EXCEPTION_EXECUTE_HANDLER)
@ -361,9 +391,20 @@ ChangeServiceConfigA(SC_HANDLE hService,
} }
RpcEndExcept; RpcEndExcept;
done:
if (lpPasswordW != NULL) if (lpPasswordW != NULL)
{
/* Wipe and release the password buffers */
ZeroMemory(lpPasswordW, (wcslen(lpPasswordW) + 1) * sizeof(WCHAR));
HeapFree(GetProcessHeap(), 0, lpPasswordW); HeapFree(GetProcessHeap(), 0, lpPasswordW);
if (lpEncryptedPassword != NULL)
{
ZeroMemory(lpEncryptedPassword, dwPasswordSize);
HeapFree(GetProcessHeap(), 0, lpEncryptedPassword);
}
}
if (dwError != ERROR_SUCCESS) if (dwError != ERROR_SUCCESS)
{ {
TRACE("RChangeServiceConfigA() failed (Error %lu)\n", dwError); TRACE("RChangeServiceConfigA() failed (Error %lu)\n", dwError);
@ -397,11 +438,11 @@ ChangeServiceConfigW(SC_HANDLE hService,
DWORD dwDependenciesLength = 0; DWORD dwDependenciesLength = 0;
SIZE_T cchLength; SIZE_T cchLength;
LPCWSTR lpStr; LPCWSTR lpStr;
DWORD dwPasswordLength = 0; DWORD dwPasswordSize = 0;
LPBYTE lpEncryptedPassword = NULL; LPBYTE lpEncryptedPassword = NULL;
TRACE("ChangeServiceConfigW(%p %lu %lu %lu %s %s %p %s %s %s %s)\n", TRACE("ChangeServiceConfigW(%p %lu %lu %lu %s %s %p %s %s %s %s)\n",
dwServiceType, dwStartType, dwErrorControl, debugstr_w(lpBinaryPathName), hService, dwServiceType, dwStartType, dwErrorControl, debugstr_w(lpBinaryPathName),
debugstr_w(lpLoadOrderGroup), lpdwTagId, debugstr_w(lpDependencies), debugstr_w(lpLoadOrderGroup), lpdwTagId, debugstr_w(lpDependencies),
debugstr_w(lpServiceStartName), debugstr_w(lpPassword), debugstr_w(lpDisplayName)); debugstr_w(lpServiceStartName), debugstr_w(lpPassword), debugstr_w(lpDisplayName));
@ -421,9 +462,14 @@ ChangeServiceConfigW(SC_HANDLE hService,
if (lpPassword != NULL) if (lpPassword != NULL)
{ {
/* FIXME: Encrypt the password */ dwError = ScmEncryptPassword(lpPassword,
lpEncryptedPassword = (LPBYTE)lpPassword; &lpEncryptedPassword,
dwPasswordLength = (wcslen(lpPassword) + 1) * sizeof(WCHAR); &dwPasswordSize);
if (dwError != ERROR_SUCCESS)
{
ERR("ScmEncryptPassword failed (Error %lu)\n", dwError);
goto done;
}
} }
RpcTryExcept RpcTryExcept
@ -439,7 +485,7 @@ ChangeServiceConfigW(SC_HANDLE hService,
dwDependenciesLength, dwDependenciesLength,
(LPWSTR)lpServiceStartName, (LPWSTR)lpServiceStartName,
lpEncryptedPassword, lpEncryptedPassword,
dwPasswordLength, dwPasswordSize,
(LPWSTR)lpDisplayName); (LPWSTR)lpDisplayName);
} }
RpcExcept(EXCEPTION_EXECUTE_HANDLER) RpcExcept(EXCEPTION_EXECUTE_HANDLER)
@ -448,6 +494,14 @@ ChangeServiceConfigW(SC_HANDLE hService,
} }
RpcEndExcept; RpcEndExcept;
done:
if (lpEncryptedPassword != NULL)
{
/* Wipe and release the password buffer */
ZeroMemory(lpEncryptedPassword, dwPasswordSize);
HeapFree(GetProcessHeap(), 0, lpEncryptedPassword);
}
if (dwError != ERROR_SUCCESS) if (dwError != ERROR_SUCCESS)
{ {
TRACE("RChangeServiceConfigW() failed (Error %lu)\n", dwError); TRACE("RChangeServiceConfigW() failed (Error %lu)\n", dwError);
@ -584,7 +638,7 @@ CreateServiceA(SC_HANDLE hSCManager,
DWORD dwError; DWORD dwError;
SIZE_T cchLength; SIZE_T cchLength;
LPCSTR lpStr; LPCSTR lpStr;
DWORD dwPasswordLength = 0; DWORD dwPasswordSize = 0;
LPWSTR lpPasswordW = NULL; LPWSTR lpPasswordW = NULL;
LPBYTE lpEncryptedPassword = NULL; LPBYTE lpEncryptedPassword = NULL;
@ -632,9 +686,12 @@ CreateServiceA(SC_HANDLE hSCManager,
lpPasswordW, lpPasswordW,
(int)(strlen(lpPassword) + 1)); (int)(strlen(lpPassword) + 1));
/* FIXME: Encrypt the password */ /* Encrypt the password */
lpEncryptedPassword = (LPBYTE)lpPasswordW; dwError = ScmEncryptPassword(lpPasswordW,
dwPasswordLength = (wcslen(lpPasswordW) + 1) * sizeof(WCHAR); &lpEncryptedPassword,
&dwPasswordSize);
if (dwError != ERROR_SUCCESS)
goto done;
} }
RpcTryExcept RpcTryExcept
@ -653,7 +710,7 @@ CreateServiceA(SC_HANDLE hSCManager,
dwDependenciesLength, dwDependenciesLength,
(LPSTR)lpServiceStartName, (LPSTR)lpServiceStartName,
lpEncryptedPassword, lpEncryptedPassword,
dwPasswordLength, dwPasswordSize,
(SC_RPC_HANDLE *)&hService); (SC_RPC_HANDLE *)&hService);
} }
RpcExcept(EXCEPTION_EXECUTE_HANDLER) RpcExcept(EXCEPTION_EXECUTE_HANDLER)
@ -662,9 +719,20 @@ CreateServiceA(SC_HANDLE hSCManager,
} }
RpcEndExcept; RpcEndExcept;
done:
if (lpPasswordW != NULL) if (lpPasswordW != NULL)
{
/* Wipe and release the password buffers */
ZeroMemory(lpPasswordW, (wcslen(lpPasswordW) + 1) * sizeof(WCHAR));
HeapFree(GetProcessHeap(), 0, lpPasswordW); HeapFree(GetProcessHeap(), 0, lpPasswordW);
if (lpEncryptedPassword != NULL)
{
ZeroMemory(lpEncryptedPassword, dwPasswordSize);
HeapFree(GetProcessHeap(), 0, lpEncryptedPassword);
}
}
SetLastError(dwError); SetLastError(dwError);
if (dwError != ERROR_SUCCESS) if (dwError != ERROR_SUCCESS)
{ {
@ -701,7 +769,7 @@ CreateServiceW(SC_HANDLE hSCManager,
DWORD dwError; DWORD dwError;
SIZE_T cchLength; SIZE_T cchLength;
LPCWSTR lpStr; LPCWSTR lpStr;
DWORD dwPasswordLength = 0; DWORD dwPasswordSize = 0;
LPBYTE lpEncryptedPassword = NULL; LPBYTE lpEncryptedPassword = NULL;
TRACE("CreateServiceW(%p %s %s %lx %lu %lu %lu %s %s %p %s %s %s)\n", TRACE("CreateServiceW(%p %s %s %lx %lu %lu %lu %s %s %p %s %s %s)\n",
@ -732,9 +800,12 @@ CreateServiceW(SC_HANDLE hSCManager,
if (lpPassword != NULL) if (lpPassword != NULL)
{ {
/* FIXME: Encrypt the password */ /* Encrypt the password */
lpEncryptedPassword = (LPBYTE)lpPassword; dwError = ScmEncryptPassword(lpPassword,
dwPasswordLength = (wcslen(lpPassword) + 1) * sizeof(WCHAR); &lpEncryptedPassword,
&dwPasswordSize);
if (dwError != ERROR_SUCCESS)
goto done;
} }
RpcTryExcept RpcTryExcept
@ -753,7 +824,7 @@ CreateServiceW(SC_HANDLE hSCManager,
dwDependenciesLength, dwDependenciesLength,
lpServiceStartName, lpServiceStartName,
lpEncryptedPassword, lpEncryptedPassword,
dwPasswordLength, dwPasswordSize,
(SC_RPC_HANDLE *)&hService); (SC_RPC_HANDLE *)&hService);
} }
RpcExcept(EXCEPTION_EXECUTE_HANDLER) RpcExcept(EXCEPTION_EXECUTE_HANDLER)
@ -762,6 +833,14 @@ CreateServiceW(SC_HANDLE hSCManager,
} }
RpcEndExcept; RpcEndExcept;
done:
if (lpEncryptedPassword != NULL)
{
/* Wipe and release the password buffers */
ZeroMemory(lpEncryptedPassword, dwPasswordSize);
HeapFree(GetProcessHeap(), 0, lpEncryptedPassword);
}
SetLastError(dwError); SetLastError(dwError);
if (dwError != ERROR_SUCCESS) if (dwError != ERROR_SUCCESS)
{ {