mirror of
https://github.com/reactos/reactos.git
synced 2024-12-30 19:14:31 +00:00
c606eeb39a
svn path=/trunk/; revision=12551
315 lines
9.4 KiB
C
315 lines
9.4 KiB
C
/*
|
|
* MPR Password Cache functions
|
|
*
|
|
* Copyright 1999 Ulrich Weigand
|
|
* Copyright 2003,2004 Mike McCormack for CodeWeavers
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*/
|
|
|
|
#include <stdarg.h>
|
|
#include <stdio.h>
|
|
|
|
#include "windef.h"
|
|
#include "winbase.h"
|
|
#include "winnetwk.h"
|
|
#include "winreg.h"
|
|
#include "wine/debug.h"
|
|
|
|
WINE_DEFAULT_DEBUG_CHANNEL(mpr);
|
|
|
|
static const char mpr_key[] = "Software\\Wine\\Wine\\Mpr\\";
|
|
|
|
static inline BYTE hex( BYTE x )
|
|
{
|
|
if( x <= 9 )
|
|
return x + '0';
|
|
return x + 'A' - 10;
|
|
}
|
|
|
|
static inline CHAR ctox( CHAR x )
|
|
{
|
|
if( ( x >= '0' ) && ( x <= '9' ) )
|
|
return x - '0';
|
|
if( ( x >= 'A' ) && ( x <= 'F' ) )
|
|
return x - 'A' + 10;
|
|
if( ( x >= 'a' ) && ( x <= 'a' ) )
|
|
return x - 'a' + 10;
|
|
return -1;
|
|
}
|
|
|
|
static LPSTR MPR_GetValueName( LPSTR pbResource, WORD cbResource, BYTE nType )
|
|
{
|
|
LPSTR name;
|
|
DWORD i;
|
|
|
|
name = HeapAlloc( GetProcessHeap(), 0, 6+cbResource*2 );
|
|
if( name )
|
|
sprintf( name, "X-%02X-", nType );
|
|
for(i=0; i<cbResource; i++)
|
|
{
|
|
name[5+i*2]=hex((pbResource[i]&0xf0)>>4);
|
|
name[6+i*2]=hex(pbResource[i]&0x0f);
|
|
}
|
|
name[5+i*2]=0;
|
|
TRACE( "Value is %s\n", name );
|
|
return name;
|
|
}
|
|
|
|
|
|
/**************************************************************************
|
|
* WNetCachePassword [MPR.@] Saves password in cache
|
|
*
|
|
* NOTES
|
|
* only the parameter count is verifyed
|
|
*
|
|
* ---- everything below this line might be wrong (js) -----
|
|
* RETURNS
|
|
* Success: WN_SUCCESS
|
|
* Failure: WN_ACCESS_DENIED, WN_BAD_PASSWORD, WN_BADVALUE, WN_NET_ERROR,
|
|
* WN_NOT_SUPPORTED, WN_OUT_OF_MEMORY
|
|
*/
|
|
DWORD WINAPI WNetCachePassword(
|
|
LPSTR pbResource, /* [in] Name of workgroup, computer, or resource */
|
|
WORD cbResource, /* [in] Size of name */
|
|
LPSTR pbPassword, /* [in] Buffer containing password */
|
|
WORD cbPassword, /* [in] Size of password */
|
|
BYTE nType, /* [in] Type of password to cache */
|
|
WORD x)
|
|
|
|
{
|
|
HKEY hkey;
|
|
DWORD r;
|
|
LPSTR valname;
|
|
|
|
WARN( "(%p(%s), %d, %p(%s), %d, %d, 0x%08x): totally insecure\n",
|
|
pbResource, debugstr_a(pbResource), cbResource,
|
|
pbPassword, debugstr_a(pbPassword), cbPassword,
|
|
nType, x );
|
|
|
|
r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey );
|
|
if( r )
|
|
return WN_ACCESS_DENIED;
|
|
|
|
valname = MPR_GetValueName( pbResource, cbResource, nType );
|
|
if( valname )
|
|
{
|
|
r = RegSetValueExA( hkey, valname, 0, REG_BINARY,
|
|
pbPassword, cbPassword );
|
|
if( r )
|
|
r = WN_CANCEL;
|
|
else
|
|
r = WN_SUCCESS;
|
|
HeapFree( GetProcessHeap(), 0, valname );
|
|
}
|
|
else
|
|
r = WN_OUT_OF_MEMORY;
|
|
|
|
RegCloseKey( hkey );
|
|
|
|
return r;
|
|
}
|
|
|
|
/*****************************************************************
|
|
* WNetRemoveCachedPassword [MPR.@]
|
|
*/
|
|
UINT WINAPI WNetRemoveCachedPassword(
|
|
LPSTR pbResource, /* [in] resource ID to delete */
|
|
WORD cbResource, /* [in] number of bytes in the resource ID */
|
|
BYTE nType ) /* [in] Type of the resource to delete */
|
|
{
|
|
HKEY hkey;
|
|
DWORD r;
|
|
LPSTR valname;
|
|
|
|
WARN( "(%p(%s), %d, %d): totally insecure\n",
|
|
pbResource, debugstr_a(pbResource), cbResource, nType );
|
|
|
|
r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey );
|
|
if( r )
|
|
return WN_ACCESS_DENIED;
|
|
|
|
valname = MPR_GetValueName( pbResource, cbResource, nType );
|
|
if( valname )
|
|
{
|
|
r = RegDeleteValueA( hkey, valname );
|
|
if( r )
|
|
r = WN_ACCESS_DENIED;
|
|
else
|
|
r = WN_SUCCESS;
|
|
HeapFree( GetProcessHeap(), 0, valname );
|
|
}
|
|
else
|
|
r = WN_OUT_OF_MEMORY;
|
|
|
|
return r;
|
|
}
|
|
|
|
/*****************************************************************
|
|
* WNetGetCachedPassword [MPR.@] Retrieves password from cache
|
|
*
|
|
* NOTES
|
|
* the stub seems to be wrong:
|
|
* arg1: ptr 0x40xxxxxx -> (no string)
|
|
* arg2: len 36
|
|
* arg3: ptr 0x40xxxxxx -> (no string)
|
|
* arg4: ptr 0x40xxxxxx -> 0xc8
|
|
* arg5: type? 4
|
|
*
|
|
* ---- everything below this line might be wrong (js) -----
|
|
* RETURNS
|
|
* Success: WN_SUCCESS
|
|
* Failure: WN_ACCESS_DENIED, WN_BAD_PASSWORD, WN_BAD_VALUE,
|
|
* WN_NET_ERROR, WN_NOT_SUPPORTED, WN_OUT_OF_MEMORY
|
|
*/
|
|
DWORD WINAPI WNetGetCachedPassword(
|
|
LPSTR pbResource, /* [in] Name of workgroup, computer, or resource */
|
|
WORD cbResource, /* [in] Size of name */
|
|
LPSTR pbPassword, /* [out] Buffer to receive password */
|
|
LPWORD pcbPassword, /* [out] Receives size of password */
|
|
BYTE nType) /* [in] Type of password to retrieve */
|
|
{
|
|
HKEY hkey;
|
|
DWORD r, type = 0, sz;
|
|
LPSTR valname;
|
|
|
|
WARN( "(%p(%s), %d, %p, %p, %d): totally insecure\n",
|
|
pbResource, debugstr_a(pbResource), cbResource,
|
|
pbPassword, pcbPassword, nType );
|
|
|
|
memset( pbPassword, 0, *pcbPassword);
|
|
|
|
r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey );
|
|
if( r )
|
|
return WN_ACCESS_DENIED;
|
|
|
|
valname = MPR_GetValueName( pbResource, cbResource, nType );
|
|
if( valname )
|
|
{
|
|
sz = *pcbPassword;
|
|
r = RegQueryValueExA( hkey, valname, 0, &type, pbPassword, &sz );
|
|
*pcbPassword = sz;
|
|
if( r )
|
|
r = WN_CANCEL;
|
|
else
|
|
r = WN_SUCCESS;
|
|
HeapFree( GetProcessHeap(), 0, valname );
|
|
}
|
|
else
|
|
r = WN_OUT_OF_MEMORY;
|
|
|
|
return r;
|
|
}
|
|
|
|
/*******************************************************************
|
|
* WNetEnumCachedPasswords [MPR.@]
|
|
*
|
|
* NOTES
|
|
* the parameter count is verifyed
|
|
*
|
|
* This function is a huge security risk, as virii and such can use
|
|
* it to grab all the passwords in the cache. It's bad enough to
|
|
* store the passwords (insecurely).
|
|
*
|
|
* bpPrefix and cbPrefix are used to filter the returned passwords
|
|
* the first cbPrefix bytes of the password resource identifier
|
|
* should match the same number of bytes in bpPrefix
|
|
*
|
|
* RETURNS
|
|
* Success: WN_SUCCESS (even if no entries were enumerated)
|
|
* Failure: WN_ACCESS_DENIED, WN_BAD_PASSWORD, WN_BAD_VALUE,
|
|
* WN_NET_ERROR, WN_NOT_SUPPORTED, WN_OUT_OF_MEMORY
|
|
*/
|
|
|
|
UINT WINAPI WNetEnumCachedPasswords(
|
|
LPSTR pbPrefix, /* [in] prefix to filter cache entries */
|
|
WORD cbPrefix, /* [in] number of bytes in Prefix substring */
|
|
BYTE nType, /* [in] match the Type ID of the entry */
|
|
ENUMPASSWORDPROC enumPasswordProc, /* [in] callback function */
|
|
DWORD param) /* [in] parameter passed to enum function */
|
|
{
|
|
HKEY hkey;
|
|
DWORD r, type, val_sz, data_sz, i, j, size;
|
|
PASSWORD_CACHE_ENTRY *entry;
|
|
CHAR val[256], prefix[6];
|
|
|
|
WARN( "(%s, %d, %d, %p, 0x%08lx) totally insecure\n",
|
|
debugstr_an(pbPrefix,cbPrefix), cbPrefix,
|
|
nType, enumPasswordProc, param );
|
|
|
|
r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey );
|
|
if( r )
|
|
return WN_ACCESS_DENIED;
|
|
|
|
sprintf(prefix, "X-%02X-", nType );
|
|
|
|
i = 0;
|
|
for( i=0; ; i++ )
|
|
{
|
|
val_sz = sizeof val;
|
|
data_sz = 0;
|
|
type = 0;
|
|
val[0] = 0;
|
|
r = RegEnumValueA( hkey, i, val, &val_sz, NULL, &type, NULL, &data_sz );
|
|
if( r != ERROR_SUCCESS )
|
|
break;
|
|
if( type != REG_BINARY )
|
|
continue;
|
|
|
|
/* check the value is in the format we expect */
|
|
if( val_sz < sizeof prefix )
|
|
continue;
|
|
if( memcmp( prefix, val, 5 ) )
|
|
continue;
|
|
|
|
/* decode the value */
|
|
for(j=5; j<val_sz; j+=2 )
|
|
{
|
|
CHAR hi = ctox( val[j] ), lo = ctox( val[j+1] );
|
|
if( ( hi < 0 ) || ( lo < 0 ) )
|
|
break;
|
|
val[(j-5)/2] = (hi<<4) | lo;
|
|
}
|
|
|
|
/* find the decoded length */
|
|
val_sz = (j - 5)/2;
|
|
val[val_sz]=0;
|
|
if( val_sz < cbPrefix )
|
|
continue;
|
|
|
|
/* check the prefix matches */
|
|
if( memcmp(val, pbPrefix, cbPrefix) )
|
|
continue;
|
|
|
|
/* read the value data */
|
|
size = sizeof *entry - sizeof entry->abResource[0] + val_sz + data_sz;
|
|
entry = HeapAlloc( GetProcessHeap(), 0, sizeof *entry + val_sz + data_sz );
|
|
memcpy( entry->abResource, val, val_sz );
|
|
entry->cbEntry = size;
|
|
entry->cbResource = val_sz;
|
|
entry->cbPassword = data_sz;
|
|
entry->iEntry = i;
|
|
entry->nType = nType;
|
|
r = RegEnumValueA( hkey, i, NULL, &val_sz, NULL, &type,
|
|
&entry->abResource[val_sz], &data_sz );
|
|
if( r == ERROR_SUCCESS )
|
|
enumPasswordProc( entry, param );
|
|
HeapFree( GetProcessHeap(), 0, entry );
|
|
}
|
|
|
|
RegCloseKey( hkey );
|
|
|
|
return WN_SUCCESS;
|
|
}
|