Changeset 67809 in vbox for trunk/src/VBox/Additions/WINNT/VBoxCredProv

Timestamp:

Jul 5, 2017 6:11:47 PM (8 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

116734

Message:

Additions/VBoxCredProv: Renamed resetField() to setField() and implemented the ability to notify LogonUI + set a new value if needed. Fixed default value handling / resetting.

Location:

trunk/src/VBox/Additions/WINNT/VBoxCredProv

Files:

• VBoxCredProvCredential.cpp (modified) (5 diffs)
• VBoxCredProvCredential.h (modified) (1 diff)
• VBoxCredProvProvider.cpp (modified) (1 diff)
• VBoxCredentialProvider.h (modified) (1 diff)

trunk/src/VBox/Additions/WINNT/VBoxCredProv/VBoxCredProvCredential.cpp

@@ -52 +52 @@
     for (unsigned i = 0; i < VBOXCREDPROV_NUM_FIELDS; i++)
     {
-        m_apwszFields[i] = RTUtf16Alloc(VBOXCREDPROV_MAX_FIELD_LEN * sizeof(RTUTF16) + 1);
+        const VBOXCREDPROV_FIELD *pField = &s_VBoxCredProvDefaultFields[i];
+
+        m_apwszFields[i] = RTUtf16Dup(pField->desc.pszLabel ? pField->desc.pszLabel : L"");
         AssertPtr(m_apwszFields[i]);
     }
@@ -387 +389 @@
 
 /**
- * Resets a credential provider field by zero'ing out its contents in a (hopefully) secure manner.
+ * Sets a credential provider field by first zero'ing out its current content in a (hopefully) secure manner,
+ * then applying either the field's default or a new value.
  *
  * @return  HRESULT
  * @param   dwFieldID           Field ID of the credential provider field to reset.
- */
-HRESULT VBoxCredProvCredential::resetField(DWORD dwFieldID)
-{
-    if (   dwFieldID >= VBOXCREDPROV_NUM_FIELDS
-        || !m_apwszFields[dwFieldID])
-    {
+ * @param   pcwszString         String to set for the given field. Specify NULL for setting the provider's default value.
+ * @param   fNotifyUI           Whether to notify the LogonUI about the reset.
+ */
+HRESULT VBoxCredProvCredential::setField(DWORD dwFieldID, const PRTUTF16 pcwszString, bool fNotifyUI)
+{
+    if (dwFieldID >= VBOXCREDPROV_NUM_FIELDS)
         return E_INVALIDARG;
-    }
 
     HRESULT hr = S_OK;
 
-    RTMemWipeThoroughly(m_apwszFields[dwFieldID],
-                        (VBOXCREDPROV_MAX_FIELD_LEN + 1) * sizeof(RTUTF16), 3 /* cPasses */);
-    if (m_pEvents)
-        hr = m_pEvents->SetFieldString(this, dwFieldID, m_apwszFields[dwFieldID]);
-
-    VBoxCredProvVerbose(0, "VBoxCredProvCredential::resetField: Resetting field dwFieldID=%ld, hr=0x%08x\n", dwFieldID, hr);
+    PRTUTF16 pwszField = m_apwszFields[dwFieldID];
+    if (pwszField)
+    {
+        /* First, wipe the existing value thoroughly. */
+        RTMemWipeThoroughly(pwszField, RTUtf16Len(pwszField) * sizeof(RTUTF16), 3 /* cPasses */);
+
+        /* Second, free the string. */
+        RTUtf16Free(pwszField);
+    }
+
+    /* Either fill in the default value or the one specified in pcwszString. */
+    pwszField = RTUtf16Dup(pcwszString ? pcwszString : s_VBoxCredProvDefaultFields[dwFieldID].desc.pszLabel);
+    if (pwszField)
+    {
+        m_apwszFields[dwFieldID] = pwszField; /* Update the pointer. */
+
+        if (   m_pEvents
+            && fNotifyUI) /* Let the logon UI know if wanted. */
+        {
+            hr = m_pEvents->SetFieldString(this, dwFieldID, pwszField);
+        }
+    }
+    else
+        hr = E_OUTOFMEMORY;
+
+    VBoxCredProvVerbose(0, "VBoxCredProvCredential::setField: Setting field dwFieldID=%ld to '%ls', fNotifyUI=%RTbool, hr=0x%08x\n",
+                        dwFieldID,
+#ifdef DEBUG
+                        pwszField,
+#else
+                        L"XXX" /* Don't show any actual values in release mode. */,
+#endif
+                        fNotifyUI, hr);
     return hr;
 }
@@ -427 +456 @@
                         m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME] ? m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME] : L"<NULL>");
 
-    if (m_pEvents)
-    {
-        resetField(VBOXCREDPROV_FIELDID_USERNAME);
-        resetField(VBOXCREDPROV_FIELDID_PASSWORD);
-        resetField(VBOXCREDPROV_FIELDID_DOMAINNAME);
-    }
+    /* Note: Do not reset the user name and domain name here,
+     *       as they could still being queried (again) by LogonUI on failed login attempts. */
+    HRESULT hr = setField(VBOXCREDPROV_FIELDID_PASSWORD, NULL /* Use default value */, true /* fNotifyUI */);
 
     m_fIsSelected = false;
 
     VBoxCredProvVerbose(0, "VBoxCredProvCredential::Reset\n");
-    return S_OK;
+    return hr;
 }
 
@@ -526 +552 @@
         VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Credentials already retrieved\n");
 
-        resetField(VBOXCREDPROV_FIELDID_USERNAME);
-        rc = RTUtf16Copy(m_apwszFields[VBOXCREDPROV_FIELDID_USERNAME],      VBOXCREDPROV_MAX_FIELD_LEN, pwszUser);
-
-        resetField(VBOXCREDPROV_FIELDID_PASSWORD);
-        int rc2 = RTUtf16Copy(m_apwszFields[VBOXCREDPROV_FIELDID_PASSWORD], VBOXCREDPROV_MAX_FIELD_LEN, pwszPassword);
-        if (RT_SUCCESS(rc))
-            rc = rc2;
-
-        resetField(VBOXCREDPROV_FIELDID_DOMAINNAME);
-        rc2 = RTUtf16Copy(m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME],   VBOXCREDPROV_MAX_FIELD_LEN, pwszDomain);
-        if (RT_SUCCESS(rc))
-            rc = rc2;
-
-        VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: User=%ls, Password=%ls, Domain=%ls\n",
-                            m_apwszFields[VBOXCREDPROV_FIELDID_USERNAME],
-#ifdef DEBUG
-                            m_apwszFields[VBOXCREDPROV_FIELDID_PASSWORD],
-#else
-                            L"XXX" /* Don't show any passwords in release mode. */,
-#endif
-                            m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME]);
+        setField(VBOXCREDPROV_FIELDID_USERNAME,   pwszUser,     true /* fNotifyUI */);
+        setField(VBOXCREDPROV_FIELDID_PASSWORD,   pwszPassword, true /* fNotifyUI */);
+        setField(VBOXCREDPROV_FIELDID_DOMAINNAME, pwszDomain,   true /* fNotifyUI */);
     }
 
@@ -657 +665 @@
     {
         if (pFieldState)
-            *pFieldState            = s_VBoxCredProvFields[dwFieldID].state;
+            *pFieldState            = s_VBoxCredProvDefaultFields[dwFieldID].state;
 
         if (pFieldstateInteractive)
-            *pFieldstateInteractive = s_VBoxCredProvFields[dwFieldID].stateInteractive;
+            *pFieldstateInteractive = s_VBoxCredProvDefaultFields[dwFieldID].stateInteractive;
     }
     else

trunk/src/VBox/Additions/WINNT/VBoxCredProv/VBoxCredProvCredential.h

@@ -87 +87 @@
     /** @} */
 
-    HRESULT resetField(DWORD dwFieldID);
+    HRESULT setField(DWORD dwFieldID, const PRTUTF16 pcwszString, bool fNotifyUI);
     HRESULT Reset(void);
     HRESULT Initialize(CREDENTIAL_PROVIDER_USAGE_SCENARIO cpus);

trunk/src/VBox/Additions/WINNT/VBoxCredProv/VBoxCredProvProvider.cpp

@@ -411 +411 @@
         if (pcpFieldDesc)
         {
-            const VBOXCREDPROV_FIELD &field = s_VBoxCredProvFields[dwIndex];
+            const VBOXCREDPROV_FIELD &field = s_VBoxCredProvDefaultFields[dwIndex];
 
             RT_BZERO(pcpFieldDesc, sizeof(CREDENTIAL_PROVIDER_FIELD_DESCRIPTOR));

trunk/src/VBox/Additions/WINNT/VBoxCredProv/VBoxCredentialProvider.h

@@ -76 +76 @@
 #endif
 
-static const VBOXCREDPROV_FIELD s_VBoxCredProvFields[] =
+/** The credential provider's default fields. */
+static const VBOXCREDPROV_FIELD s_VBoxCredProvDefaultFields[] =
 {
     /** The user's profile image (tile). */
-    { { VBOXCREDPROV_FIELDID_TILEIMAGE,      CPFT_TILE_IMAGE,    L"Tile Image",     0,                             }, CPFS_DISPLAY_IN_BOTH,          CPFIS_NONE    },
-    { { VBOXCREDPROV_FIELDID_USERNAME,       CPFT_LARGE_TEXT,    L"Username",       CPFG_LOGON_USERNAME            }, CPFS_DISPLAY_IN_BOTH,          CPFIS_NONE    },
-    { { VBOXCREDPROV_FIELDID_PASSWORD,       CPFT_PASSWORD_TEXT, L"Password",       CPFG_LOGON_PASSWORD            }, CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_FOCUSED },
-    { { VBOXCREDPROV_FIELDID_DOMAINNAME,     CPFT_LARGE_TEXT,    L"Domain Name",    0                              }, CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_FOCUSED },
-    { { VBOXCREDPROV_FIELDID_SUBMIT_BUTTON,  CPFT_SUBMIT_BUTTON, L"Submit",         0                              }, CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_FOCUSED },
+    { { VBOXCREDPROV_FIELDID_TILEIMAGE,      CPFT_TILE_IMAGE,    L"Tile Image",     0,                             }, CPFS_DISPLAY_IN_BOTH,            CPFIS_NONE    },
+    { { VBOXCREDPROV_FIELDID_USERNAME,       CPFT_LARGE_TEXT,    L"Username",       CPFG_LOGON_USERNAME            }, CPFS_DISPLAY_IN_BOTH,            CPFIS_NONE    },
+    { { VBOXCREDPROV_FIELDID_PASSWORD,       CPFT_PASSWORD_TEXT, L"Password",       CPFG_LOGON_PASSWORD            }, CPFS_DISPLAY_IN_SELECTED_TILE,   CPFIS_FOCUSED },
+    { { VBOXCREDPROV_FIELDID_DOMAINNAME,     CPFT_LARGE_TEXT,    L"",               0                              }, CPFS_DISPLAY_IN_SELECTED_TILE,   CPFIS_FOCUSED },
+    { { VBOXCREDPROV_FIELDID_SUBMIT_BUTTON,  CPFT_SUBMIT_BUTTON, L"Submit",         0                              }, CPFS_DISPLAY_IN_SELECTED_TILE,   CPFIS_FOCUSED },
     /** New since Windows 8: The image used to represent a credential provider on the logon page. */
-    { { VBOXCREDPROV_FIELDID_PROVIDER_LOGO,  CPFT_TILE_IMAGE,    L"Provider Logo",  CPFG_CREDENTIAL_PROVIDER_LOGO  }, CPFS_DISPLAY_IN_BOTH,          CPFIS_NONE },
+    { { VBOXCREDPROV_FIELDID_PROVIDER_LOGO,  CPFT_TILE_IMAGE,    L"Provider Logo",  CPFG_CREDENTIAL_PROVIDER_LOGO  }, CPFS_HIDDEN /* Not used yet. */, CPFIS_NONE },
     /** New since Windows 8: The label associated with a credential provider on the logon page. */
-    { { VBOXCREDPROV_FIELDID_PROVIDER_LABEL, CPFT_SMALL_TEXT,    L"Provider Label", CPFG_CREDENTIAL_PROVIDER_LABEL }, CPFS_DISPLAY_IN_BOTH,          CPFIS_NONE }
+    { { VBOXCREDPROV_FIELDID_PROVIDER_LABEL, CPFT_SMALL_TEXT,    L"Provider Label", CPFG_CREDENTIAL_PROVIDER_LABEL }, CPFS_HIDDEN /* Not used yet. */, CPFIS_NONE }
 };