VirtualBox

Changeset 66109 in vbox for trunk/src/VBox/Additions


Ignore:
Timestamp:
Mar 15, 2017 10:52:42 AM (8 years ago)
Author:
vboxsync
Message:

Additions/VBoxCredProv: Fix for creating the Kerberos logon package. Untested.

Location:
trunk/src/VBox/Additions/WINNT/VBoxCredProv
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/Additions/WINNT/VBoxCredProv/VBoxCredProvCredential.cpp

    r63476 r66109  
    55
    66/*
    7  * Copyright (C) 2012-2016 Oracle Corporation
     7 * Copyright (C) 2012-2017 Oracle Corporation
    88 *
    99 * This file is part of VirtualBox Open Source Edition (OSE), as
     
    126126{
    127127    AssertPtrReturn(pUnicodeDest, E_POINTER);
    128     AssertPtrReturn(pwszSource, E_POINTER);
     128    AssertPtrReturn(pwszSource,   E_POINTER);
    129129
    130130    size_t cbLen = RTUtf16Len(pwszSource) * sizeof(RTUTF16);
     
    155155
    156156
    157 HRESULT VBoxCredProvCredential::kerberosLogonInit(KERB_INTERACTIVE_LOGON *pLogonIn,
    158                                                   CREDENTIAL_PROVIDER_USAGE_SCENARIO enmUsage,
    159                                                   PRTUTF16 pwszUser, PRTUTF16 pwszPassword, PRTUTF16 pwszDomain)
    160 {
    161     AssertPtrReturn(pLogonIn,     E_INVALIDARG);
     157/**
     158 * Copies an UTF16 string into a PUNICODE_STRING by allocating space for it.
     159 *
     160 * @return  HRESULT
     161 * @param   pUnicodeDest        Where to store the copied (allocated) unicode string.
     162 * @param   pwszSource          UTF16 string to copy.
     163 */
     164HRESULT VBoxCredProvCredential::RTUTF16ToUnicodeA(PUNICODE_STRING pUnicodeDest, PRTUTF16 pwszSource)
     165{
     166    AssertPtrReturn(pUnicodeDest, E_POINTER);
     167    AssertPtrReturn(pwszSource,   E_POINTER);
     168
     169    size_t cbLen = (RTUtf16Len(pwszSource) + 1 /* Trailing zero */) * sizeof(WCHAR);
     170
     171    pUnicodeDest->Buffer = (LPWSTR)CoTaskMemAlloc(cbLen);
     172
     173    if (!pUnicodeDest->Buffer)
     174        return E_OUTOFMEMORY;
     175
     176    pUnicodeDest->MaximumLength = (USHORT)cbLen;
     177    pUnicodeDest->Length        = 0;
     178
     179    return RTUTF16ToUnicode(pUnicodeDest, pwszSource, true /* fCopy */);
     180}
     181
     182
     183/**
     184 * Frees a formerly allocated PUNICODE_STRING.
     185 *
     186 * @param   pUnicode            String to free.
     187 */
     188void VBoxCredProvCredential::UnicodeStringFree(PUNICODE_STRING pUnicode)
     189{
     190    if (!pUnicode)
     191        return;
     192
     193    if (pUnicode->Buffer)
     194    {
     195        Assert(pUnicode->MaximumLength);
     196
     197        /* Make sure to wipe contents before free'ing. */
     198        RTMemWipeThoroughly(pUnicode->Buffer, pUnicode->MaximumLength * sizeof(WCHAR), 3 /* Passes */);
     199
     200        CoTaskMemFree(pUnicode->Buffer);
     201        pUnicode->Buffer = NULL;
     202    }
     203
     204    pUnicode->Length        = 0;
     205    pUnicode->MaximumLength = 0;
     206}
     207
     208
     209/**
     210 * Creates a KERB_INTERACTIVE_LOGON structure with the given parameters.
     211 * Must be destroyed with kerberosLogonDestroy().
     212 *
     213 * @return  HRESULT
     214 * @param   pLogon              Structure to create.
     215 * @param   enmUsage            Intended usage of the structure.
     216 * @param   pwszUser            User name to use.
     217 * @param   pwszPassword        Password to use.
     218 * @param   pwszDomain          Domain to use. Optional and can be NULL.
     219 */
     220HRESULT VBoxCredProvCredential::kerberosLogonCreate(KERB_INTERACTIVE_LOGON *pLogon,
     221                                                    CREDENTIAL_PROVIDER_USAGE_SCENARIO enmUsage,
     222                                                    PRTUTF16 pwszUser, PRTUTF16 pwszPassword, PRTUTF16 pwszDomain)
     223{
     224    AssertPtrReturn(pLogon,       E_INVALIDARG);
    162225    AssertPtrReturn(pwszUser,     E_INVALIDARG);
    163226    AssertPtrReturn(pwszPassword, E_INVALIDARG);
     
    170233        && RTUtf16Len(pwszDomain))
    171234    {
    172         hr = RTUTF16ToUnicode(&pLogonIn->LogonDomainName, pwszDomain, true /* fCopy */);
     235        hr = RTUTF16ToUnicodeA(&pLogon->LogonDomainName, pwszDomain);
    173236    }
    174237    else /* No domain (FQDN) given, try local computer name. */
     
    179242        {
    180243            /* Is a domain name missing? Then use the name of the local computer. */
    181             hr = RTUTF16ToUnicode(&pLogonIn->LogonDomainName, wszComputerName, true /* fCopy */);
     244            hr = RTUTF16ToUnicodeA(&pLogon->LogonDomainName, wszComputerName);
    182245
    183246            VBoxCredProvVerbose(0, "VBoxCredProvCredential::kerberosLogonInit: Local computer name=%ls\n",
     
    191254    if (SUCCEEDED(hr))
    192255    {
    193         hr = RTUTF16ToUnicode(&pLogonIn->UserName, pwszUser, true /* fCopy */);
     256        hr = RTUTF16ToUnicodeA(&pLogon->UserName, pwszUser);
    194257        if (SUCCEEDED(hr))
    195258        {
    196             hr = RTUTF16ToUnicode(&pLogonIn->Password, pwszPassword, true /* fCopy */);
     259            hr = RTUTF16ToUnicodeA(&pLogon->Password, pwszPassword);
    197260            if (SUCCEEDED(hr))
    198261            {
     
    201264                {
    202265                    case CPUS_UNLOCK_WORKSTATION:
    203                         pLogonIn->MessageType = KerbWorkstationUnlockLogon;
     266                        pLogon->MessageType = KerbWorkstationUnlockLogon;
    204267                        break;
    205268
    206269                    case CPUS_LOGON:
    207                         pLogonIn->MessageType = KerbInteractiveLogon;
     270                        pLogon->MessageType = KerbInteractiveLogon;
    208271                        break;
    209272
    210273                    case CPUS_CREDUI:
    211                         pLogonIn->MessageType = (KERB_LOGON_SUBMIT_TYPE)0; /* No message type required here. */
     274                        pLogon->MessageType = (KERB_LOGON_SUBMIT_TYPE)0; /* No message type required here. */
    212275                        break;
    213276
     
    223286
    224287    return hr;
     288}
     289
     290
     291/**
     292 * Destroys a formerly created KERB_INTERACTIVE_LOGON structure.
     293 *
     294 * @param   pLogon              Structure to destroy.
     295 */
     296void VBoxCredProvCredential::kerberosLogonDestroy(KERB_INTERACTIVE_LOGON *pLogon)
     297{
     298    if (!pLogon)
     299        return;
     300
     301    UnicodeStringFree(&pLogon->UserName);
     302    UnicodeStringFree(&pLogon->Password);
     303    UnicodeStringFree(&pLogon->LogonDomainName);
    225304}
    226305
     
    908987    /* Save a pointer to the interactive logon struct. */
    909988    KERB_INTERACTIVE_LOGON *pLogon = &KerberosUnlockLogon.Logon;
    910     AssertPtr(pLogon);
    911989
    912990#ifdef DEBUG /* Note: NEVER print this in release mode! */
     
    917995#endif
    918996
    919     HRESULT hr = kerberosLogonInit(pLogon,
    920                                    m_enmUsageScenario,
    921                                    m_apwszCredentials[VBOXCREDPROV_FIELDID_USERNAME],
    922                                    m_apwszCredentials[VBOXCREDPROV_FIELDID_PASSWORD],
    923                                    m_apwszCredentials[VBOXCREDPROV_FIELDID_DOMAINNAME]);
     997    HRESULT hr = kerberosLogonCreate(pLogon,
     998                                     m_enmUsageScenario,
     999                                     m_apwszCredentials[VBOXCREDPROV_FIELDID_USERNAME],
     1000                                     m_apwszCredentials[VBOXCREDPROV_FIELDID_PASSWORD],
     1001                                     m_apwszCredentials[VBOXCREDPROV_FIELDID_DOMAINNAME]);
    9241002    if (SUCCEEDED(hr))
    9251003    {
     
    9731051        else
    9741052            VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: kerberosLogonSerialize failed with hr=0x%08x\n", hr);
     1053
     1054        kerberosLogonDestroy(pLogon);
     1055        pLogon = NULL;
    9751056    }
    9761057    else
    977         VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: kerberosLogonInit failed with hr=0x%08x\n", hr);
     1058        VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: kerberosLogonCreate failed with hr=0x%08x\n", hr);
    9781059
    9791060    VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetSerialization returned hr=0x%08x\n", hr);
  • trunk/src/VBox/Additions/WINNT/VBoxCredProv/VBoxCredProvCredential.h

    r63476 r66109  
    55
    66/*
    7  * Copyright (C) 2012-2016 Oracle Corporation
     7 * Copyright (C) 2012-2017 Oracle Corporation
    88 *
    99 * This file is part of VirtualBox Open Source Edition (OSE), as
     
    9595protected:
    9696    HRESULT RTUTF16ToUnicode(PUNICODE_STRING pUnicodeDest, PRTUTF16 pwszSource, bool fCopy);
    97     HRESULT kerberosLogonInit(KERB_INTERACTIVE_LOGON *pLogonIn,
    98                               CREDENTIAL_PROVIDER_USAGE_SCENARIO enmUsage,
    99                               PRTUTF16 pwszUser, PRTUTF16 pwszPassword, PRTUTF16 pwszDomain);
     97    HRESULT RTUTF16ToUnicodeA(PUNICODE_STRING pUnicodeDest, PRTUTF16 pwszSource);
     98    void UnicodeStringFree(PUNICODE_STRING pUnicode);
     99
     100    HRESULT kerberosLogonCreate(KERB_INTERACTIVE_LOGON *pLogon,
     101                                CREDENTIAL_PROVIDER_USAGE_SCENARIO enmUsage,
     102                                PRTUTF16 pwszUser, PRTUTF16 pwszPassword, PRTUTF16 pwszDomain);
     103    void    kerberosLogonDestroy(KERB_INTERACTIVE_LOGON *pLogon);
    100104    HRESULT kerberosLogonSerialize(const KERB_INTERACTIVE_LOGON *pLogon, PBYTE *ppPackage, DWORD *pcbPackage);
    101105
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette