Changeset 58388 in vbox for trunk/src/VBox/HostServices/auth/winlogon

Timestamp:

Oct 23, 2015 11:19:58 AM (9 years ago)

Author:

vboxsync

Message:

auth/winlogon: use LogonUserW

File:

• trunk/src/VBox/HostServices/auth/winlogon/winlogon.cpp (modified) (4 diffs)

trunk/src/VBox/HostServices/auth/winlogon/winlogon.cpp

@@ -6 +6 @@
 
 /*
- * Copyright (C) 2006-2011 Oracle Corporation
+ * Copyright (C) 2006-2015 Oracle Corporation
  *
  * This file is part of VirtualBox Open Source Edition (OSE), as
@@ -17 +17 @@
  */
 
-/* If defined, debug messages will be written to the specified file. */
-// #define AUTH_DEBUG_FILE_NAME "\\VBoxAuth.log"
-
-#include <stdio.h>
-#include <string.h>
+/* If defined, debug messages will be written to the debugger. */
+// #define AUTH_DEBUG
 
 #include <Windows.h>
@@ -27 +24 @@
 #include <VBox/VBoxAuth.h>
 
-static void dprintf(const char *fmt, ...)
+#ifdef AUTH_DEBUG
+#include <stdio.h>
+
+static void dprintfw(const WCHAR *fmt, ...)
 {
-#ifdef AUTH_DEBUG_FILE_NAME
    va_list va;
-
    va_start(va, fmt);
 
-   char buffer[1024];
+   WCHAR buffer[1024];
 
-   _vsnprintf (buffer, sizeof (buffer), fmt, va);
+   _vsnwprintf(buffer, sizeof (buffer), fmt, va);
 
-   OutputDebugStringA(buffer);
+   OutputDebugStringW(buffer);
 
-   FILE *f = fopen (AUTH_DEBUG_FILE_NAME, "ab");
-   if (f)
-   {
-       fprintf (f, "%s", buffer);
-       fclose (f);
-   }
+   va_end(va);
+}
+#define DBGAUTH(a) dprintfw a
+#else
+#define DBGAUTH(a)
+#endif
 
-   va_end (va);
-#endif
+static WCHAR swszEmpty[] = { L"" };
+
+static void freeWideChar(WCHAR *pwszString)
+{
+    if (pwszString && pwszString != &swszEmpty[0])
+    {
+        size_t cb = (wcslen(pwszString) + 1) * sizeof(WCHAR);
+        SecureZeroMemory(pwszString, cb);
+        free(pwszString);
+    }
+}
+
+static WCHAR *utf8ToWideChar(const char *pszString)
+{
+    /*
+     * Shortcut for empty strings.
+     */
+    if (!pszString || *pszString == 0)
+        return &swszEmpty[0];
+
+    /*
+     * Return NULL on errors.
+     */
+    WCHAR *pwszString = NULL;
+
+    /*
+     * First calc result string length.
+     */
+    const DWORD dwFlags = MB_ERR_INVALID_CHARS;
+    int cwc = MultiByteToWideChar(CP_UTF8, dwFlags, pszString, -1, NULL, 0);
+    if (cwc > 0)
+    {
+        /*
+         * Alloc space for result buffer.
+         */
+        pwszString = (WCHAR *)malloc(cwc * sizeof(WCHAR));
+        if (pwszString)
+        {
+            /*
+             * Do the translation.
+             */
+            if (MultiByteToWideChar(CP_UTF8, dwFlags, pszString, -1, pwszString, cwc) <= 0)
+            {
+                /* translation error */
+                free(pwszString);
+                pwszString = NULL;
+            }
+        }
+    }
+
+    return pwszString;
 }
 
@@ -64 +111 @@
                                unsigned clientId)
 {
+    if (!fLogon)
+    {
+        /* Nothing to cleanup. The return code does not matter. */
+        return AuthResultAccessDenied;
+    }
+
+    LPWSTR lpwszUsername = utf8ToWideChar(szUser);
+    LPWSTR lpwszDomain   = utf8ToWideChar(szDomain);
+    LPWSTR lpwszPassword = utf8ToWideChar(szPassword);
+
+    DBGAUTH((L"u[%ls], d[%ls], p[%ls]\n", lpwszUsername, lpwszDomain, lpwszPassword));
+
     AuthResult result = AuthResultAccessDenied;
 
-    LPTSTR lpszUsername = (char *)szUser;
-    LPTSTR lpszDomain   = (char *)szDomain;
-    LPTSTR lpszPassword = (char *)szPassword;
+    if (lpwszUsername && lpwszDomain && lpwszPassword)
+    {
+        /* LOGON32_LOGON_INTERACTIVE is intended for users who will be interactively using the computer,
+         * such as a user being logged on by a terminal server, remote shell, or similar process.
+         */
+        DWORD dwLogonType     = LOGON32_LOGON_INTERACTIVE;
+        DWORD dwLogonProvider = LOGON32_PROVIDER_DEFAULT;
 
-    /* LOGON32_LOGON_INTERACTIVE is intended for users who will be interactively using the computer,
-     * such as a user being logged on by a terminal server, remote shell, or similar process.
-     */
-    DWORD dwLogonType     = LOGON32_LOGON_INTERACTIVE;
-    DWORD dwLogonProvider = LOGON32_PROVIDER_DEFAULT;
+        HANDLE hToken;
 
-    HANDLE hToken;
+        BOOL fSuccess = LogonUserW(lpwszUsername,
+                                   lpwszDomain,
+                                   lpwszPassword,
+                                   dwLogonType,
+                                   dwLogonProvider,
+                                   &hToken);
 
-    dprintf("u[%s], d[%s], p[%s]\n", lpszUsername, lpszDomain, lpszPassword);
+        if (fSuccess)
+        {
+            DBGAUTH((L"LogonUser success. hToken = %p\n", hToken));
 
-    BOOL fSuccess = LogonUser(lpszUsername,
-                              lpszDomain,
-                              lpszPassword,
-                              dwLogonType,
-                              dwLogonProvider,
-                              &hToken);
+            result = AuthResultAccessGranted;
 
-    if (fSuccess)
-    {
-        dprintf("LogonUser success. hToken = %p\n", hToken);
+            CloseHandle(hToken);
+        }
+        else
+        {
+            DBGAUTH((L"LogonUser failed %08X\n", GetLastError()));
+        }
+    }
 
-        result = AuthResultAccessGranted;
-
-        CloseHandle (hToken);
-    }
-    else
-    {
-        dprintf("LogonUser failed %08X\n", GetLastError ());
-    }
+    freeWideChar(lpwszUsername);
+    freeWideChar(lpwszDomain);
+    freeWideChar(lpwszPassword);
 
     return result;