Commit b2b8a0d1 authored by Mike McCormack's avatar Mike McCormack Committed by Alexandre Julliard

Implemented password caching.

parent 5f175508
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
* MPR Password Cache functions * MPR Password Cache functions
* *
* Copyright 1999 Ulrich Weigand * Copyright 1999 Ulrich Weigand
* Copyright 2003 Mike McCormack for Codeweavers
* *
* This library is free software; you can redistribute it and/or * This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public * modify it under the terms of the GNU Lesser General Public
...@@ -18,12 +19,33 @@ ...@@ -18,12 +19,33 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/ */
#include <stdio.h>
#include "winbase.h" #include "winbase.h"
#include "winnetwk.h" #include "winnetwk.h"
#include "winreg.h"
#include "wine/debug.h" #include "wine/debug.h"
WINE_DEFAULT_DEBUG_CHANNEL(mpr); WINE_DEFAULT_DEBUG_CHANNEL(mpr);
static const char mpr_key[] = "Software\\Wine\\Wine\\Mpr\\";
static LPSTR MPR_GetValueName( LPSTR pbResource, WORD cbResource, BYTE nType )
{
LPSTR name;
DWORD i, x = 0;
/* just a hash so the value name doesn't get too large */
for( i=0; i<cbResource; i++ )
x = ((x<<7) | (x >> 25)) ^ toupper(pbResource[i]);
name = HeapAlloc( GetProcessHeap(), 0, 0x10 );
if( name )
sprintf( name, "I-%08lX-%02X", x, nType );
TRACE( "Value is %s\n", name );
return name;
}
/************************************************************************** /**************************************************************************
* WNetCachePassword [MPR.@] Saves password in cache * WNetCachePassword [MPR.@] Saves password in cache
* *
...@@ -45,12 +67,36 @@ DWORD WINAPI WNetCachePassword( ...@@ -45,12 +67,36 @@ DWORD WINAPI WNetCachePassword(
WORD x) WORD x)
{ {
FIXME( "(%p(%s), %d, %p(%s), %d, %d, 0x%08x): stub\n", HKEY hkey;
DWORD r;
LPSTR valname;
WARN( "(%p(%s), %d, %p(%s), %d, %d, 0x%08x): totally insecure\n",
pbResource, debugstr_a(pbResource), cbResource, pbResource, debugstr_a(pbResource), cbResource,
pbPassword, debugstr_a(pbPassword), cbPassword, pbPassword, debugstr_a(pbPassword), cbPassword,
nType, x ); nType, x );
return WN_NOT_SUPPORTED; r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey );
if( r )
return WN_ACCESS_DENIED;
valname = MPR_GetValueName( pbResource, cbResource, nType );
if( valname )
{
r = RegSetValueExA( hkey, valname, 0, REG_BINARY,
pbPassword, cbPassword );
if( r )
r = WN_ACCESS_DENIED;
else
r = WN_SUCCESS;
HeapFree( GetProcessHeap(), 0, valname );
}
else
r = WN_OUT_OF_MEMORY;
RegCloseKey( hkey );
return r;
} }
/***************************************************************** /*****************************************************************
...@@ -59,10 +105,31 @@ DWORD WINAPI WNetCachePassword( ...@@ -59,10 +105,31 @@ DWORD WINAPI WNetCachePassword(
UINT WINAPI WNetRemoveCachedPassword( LPSTR pbResource, WORD cbResource, UINT WINAPI WNetRemoveCachedPassword( LPSTR pbResource, WORD cbResource,
BYTE nType ) BYTE nType )
{ {
FIXME( "(%p(%s), %d, %d): stub\n", HKEY hkey;
DWORD r;
LPSTR valname;
WARN( "(%p(%s), %d, %d): totally insecure\n",
pbResource, debugstr_a(pbResource), cbResource, nType ); pbResource, debugstr_a(pbResource), cbResource, nType );
return WN_NOT_SUPPORTED; r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey );
if( r )
return WN_ACCESS_DENIED;
valname = MPR_GetValueName( pbResource, cbResource, nType );
if( valname )
{
r = RegDeleteValueA( hkey, valname );
if( r )
r = WN_ACCESS_DENIED;
else
r = WN_SUCCESS;
HeapFree( GetProcessHeap(), 0, valname );
}
else
r = WN_OUT_OF_MEMORY;
return r;
} }
/***************************************************************** /*****************************************************************
...@@ -89,11 +156,34 @@ DWORD WINAPI WNetGetCachedPassword( ...@@ -89,11 +156,34 @@ DWORD WINAPI WNetGetCachedPassword(
LPWORD pcbPassword, /* [out] Receives size of password */ LPWORD pcbPassword, /* [out] Receives size of password */
BYTE nType) /* [in] Type of password to retrieve */ BYTE nType) /* [in] Type of password to retrieve */
{ {
FIXME( "(%p(%s), %d, %p, %p, %d): stub\n", HKEY hkey;
DWORD r, type = 0, sz;
LPSTR valname;
WARN( "(%p(%s), %d, %p, %p, %d): stub\n",
pbResource, debugstr_a(pbResource), cbResource, pbResource, debugstr_a(pbResource), cbResource,
pbPassword, pcbPassword, nType ); pbPassword, pcbPassword, nType );
return WN_NOT_SUPPORTED; r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey );
if( r )
return WN_ACCESS_DENIED;
valname = MPR_GetValueName( pbResource, cbResource, nType );
if( valname )
{
sz = *pcbPassword;
r = RegQueryValueExA( hkey, valname, 0, &type, pbPassword, &sz );
*pcbPassword = sz;
if( r )
r = WN_ACCESS_DENIED;
else
r = WN_SUCCESS;
HeapFree( GetProcessHeap(), 0, valname );
}
else
r = WN_OUT_OF_MEMORY;
return r;
} }
/******************************************************************* /*******************************************************************
...@@ -102,6 +192,10 @@ DWORD WINAPI WNetGetCachedPassword( ...@@ -102,6 +192,10 @@ DWORD WINAPI WNetGetCachedPassword(
* NOTES * NOTES
* the parameter count is verifyed * the parameter count is verifyed
* *
* This function is a huge security risk, as virii and such can use
* it to grab all the passwords in the cache. It's bad enough to
* store the passwords (insecurely).
*
* observed values: * observed values:
* arg1 ptr 0x40xxxxxx -> (no string) * arg1 ptr 0x40xxxxxx -> (no string)
* arg2 int 32 * arg2 int 32
...@@ -115,7 +209,7 @@ DWORD WINAPI WNetGetCachedPassword( ...@@ -115,7 +209,7 @@ DWORD WINAPI WNetGetCachedPassword(
UINT WINAPI WNetEnumCachedPasswords( LPSTR pbPrefix, WORD cbPrefix, UINT WINAPI WNetEnumCachedPasswords( LPSTR pbPrefix, WORD cbPrefix,
BYTE nType, ENUMPASSWORDPROC enumPasswordProc, DWORD x) BYTE nType, ENUMPASSWORDPROC enumPasswordProc, DWORD x)
{ {
FIXME( "(%p(%s), %d, %d, %p, 0x%08lx): stub\n", WARN( "(%p(%s), %d, %d, %p, 0x%08lx): don't implement this\n",
pbPrefix, debugstr_a(pbPrefix), cbPrefix, pbPrefix, debugstr_a(pbPrefix), cbPrefix,
nType, enumPasswordProc, x ); nType, enumPasswordProc, x );
......
...@@ -68,7 +68,8 @@ ...@@ -68,7 +68,8 @@
#define RESOURCEUSAGE_CONTAINER 0x00000002 #define RESOURCEUSAGE_CONTAINER 0x00000002
#define RESOURCEUSAGE_NOLOCALDEVICE 0x00000004 #define RESOURCEUSAGE_NOLOCALDEVICE 0x00000004
#define RESOURCEUSAGE_SIBLING 0x00000008 #define RESOURCEUSAGE_SIBLING 0x00000008
#define RESOURCEUSAGE_ALL (RESOURCEUSAGE_CONNECTABLE | RESOURCEUSAGE_CONTAINER) #define RESOURCEUSAGE_ATTACHED 0x00000010
#define RESOURCEUSAGE_ALL (RESOURCEUSAGE_CONNECTABLE | RESOURCEUSAGE_CONTAINER | RESOURCEUSAGE_ATTACHED)
#define RESOURCEUSAGE_RESERVED 0x80000000 #define RESOURCEUSAGE_RESERVED 0x80000000
#define RESOURCEDISPLAYTYPE_GENERIC 0x00000000 #define RESOURCEDISPLAYTYPE_GENERIC 0x00000000
...@@ -388,5 +389,8 @@ typedef struct tagPASSWORD_CACHE_ENTRY ...@@ -388,5 +389,8 @@ typedef struct tagPASSWORD_CACHE_ENTRY
typedef BOOL (CALLBACK *ENUMPASSWORDPROC)(PASSWORD_CACHE_ENTRY *, DWORD); typedef BOOL (CALLBACK *ENUMPASSWORDPROC)(PASSWORD_CACHE_ENTRY *, DWORD);
UINT WINAPI WNetEnumCachedPasswords( LPSTR, WORD, BYTE, ENUMPASSWORDPROC, DWORD); UINT WINAPI WNetEnumCachedPasswords( LPSTR, WORD, BYTE, ENUMPASSWORDPROC, DWORD);
DWORD WINAPI WNetGetCachedPassword( LPSTR, WORD, LPSTR, LPWORD, BYTE );
DWORD WINAPI WNetCachePassword( LPSTR, WORD, LPSTR, WORD, BYTE, WORD );
#endif /* _WINNETWK_H_ */ #endif /* _WINNETWK_H_ */
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment