VirtualBox

source: vbox/trunk/src/VBox/HostServices/auth/simple/VBoxAuthSimple.cpp@ 76771

Last change on this file since 76771 was 76553, checked in by vboxsync, 6 years ago

scm --update-copyright-year

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id Revision
File size: 4.1 KB
Line 
1/* $Id: VBoxAuthSimple.cpp 76553 2019-01-01 01:45:53Z vboxsync $ */
2/** @file
3 * VirtualBox External Authentication Library - Simple Authentication.
4 */
5
6/*
7 * Copyright (C) 2006-2019 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18#include <stdlib.h>
19#include <stdio.h>
20#include <string.h>
21
22#include <iprt/cdefs.h>
23#include <iprt/uuid.h>
24#include <iprt/sha.h>
25
26#include <VBox/VBoxAuth.h>
27
28#include <VBox/com/com.h>
29#include <VBox/com/string.h>
30#include <VBox/com/Guid.h>
31#include <VBox/com/VirtualBox.h>
32
33using namespace com;
34
35/* If defined, debug messages will be written to the specified file. */
36//#define AUTH_DEBUG_FILE_NAME "/tmp/VBoxAuth.log"
37
38
39static void dprintf(const char *pszFormat, ...)
40{
41#ifdef AUTH_DEBUG_FILE_NAME
42 FILE *f = fopen(AUTH_DEBUG_FILE_NAME, "ab");
43 if (f)
44 {
45 va_list va;
46 va_start(va, pszFormat);
47 vfprintf(f, pszFormat, va);
48 va_end(va);
49 fclose(f);
50 }
51#else
52 RT_NOREF(pszFormat);
53#endif
54}
55
56RT_C_DECLS_BEGIN
57DECLEXPORT(FNAUTHENTRY3) AuthEntry;
58RT_C_DECLS_END
59
60DECLEXPORT(AuthResult) AUTHCALL AuthEntry(const char *pszCaller,
61 PAUTHUUID pUuid,
62 AuthGuestJudgement guestJudgement,
63 const char *pszUser,
64 const char *pszPassword,
65 const char *pszDomain,
66 int fLogon,
67 unsigned clientId)
68{
69 RT_NOREF(pszCaller, guestJudgement, pszDomain, clientId);
70
71 /* default is failed */
72 AuthResult result = AuthResultAccessDenied;
73
74 /* only interested in logon */
75 if (!fLogon)
76 /* return value ignored */
77 return result;
78
79 char uuid[RTUUID_STR_LENGTH] = {0};
80 if (pUuid)
81 RTUuidToStr((PCRTUUID)pUuid, (char*)uuid, RTUUID_STR_LENGTH);
82
83 /* the user might contain a domain name, split it */
84 const char *user = strchr(pszUser, '\\');
85 if (user)
86 user++;
87 else
88 user = (char*)pszUser;
89
90 dprintf("VBoxAuth: uuid: %s, user: %s, pszPassword: %s\n", uuid, user, pszPassword);
91
92 ComPtr<IVirtualBoxClient> virtualBoxClient;
93 ComPtr<IVirtualBox> virtualBox;
94 HRESULT rc;
95
96 rc = virtualBoxClient.createInprocObject(CLSID_VirtualBoxClient);
97 if (SUCCEEDED(rc))
98 {
99 rc = virtualBoxClient->COMGETTER(VirtualBox)(virtualBox.asOutParam());
100 if (SUCCEEDED(rc))
101 {
102 Bstr key = BstrFmt("VBoxAuthSimple/users/%s", user);
103 Bstr password;
104
105 /* lookup in VM's extra data? */
106 if (pUuid)
107 {
108 ComPtr<IMachine> machine;
109 virtualBox->FindMachine(Bstr(uuid).raw(), machine.asOutParam());
110 if (machine)
111 machine->GetExtraData(key.raw(), password.asOutParam());
112 }
113 else
114 /* lookup global extra data */
115 virtualBox->GetExtraData(key.raw(), password.asOutParam());
116
117 if (!password.isEmpty())
118 {
119 /* calculate hash */
120 uint8_t abDigest[RTSHA256_HASH_SIZE];
121 RTSha256(pszPassword, strlen(pszPassword), abDigest);
122 char pszDigest[RTSHA256_DIGEST_LEN + 1];
123 RTSha256ToString(abDigest, pszDigest, sizeof(pszDigest));
124
125 if (password == pszDigest)
126 result = AuthResultAccessGranted;
127 }
128 }
129 else
130 dprintf("VBoxAuth: failed to get VirtualBox object reference: %#x\n", rc);
131 }
132 else
133 dprintf("VBoxAuth: failed to get VirtualBoxClient object reference: %#x\n", rc);
134
135 return result;
136}
137
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette