| /* |
| * MPR Password Cache functions |
| * |
| * Copyright 1999 Ulrich Weigand |
| * Copyright 2003,2004 Mike McCormack for CodeWeavers |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General Public |
| * License along with this library; if not, write to the Free Software |
| * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
| */ |
| |
| #include <stdarg.h> |
| #include <stdio.h> |
| |
| #include "windef.h" |
| #include "winbase.h" |
| #include "winnetwk.h" |
| #include "winreg.h" |
| #include "wine/debug.h" |
| |
| WINE_DEFAULT_DEBUG_CHANNEL(mpr); |
| |
| static const char mpr_key[] = "Software\\Wine\\Wine\\Mpr\\"; |
| |
| static inline BYTE hex( BYTE x ) |
| { |
| if( x <= 9 ) |
| return x + '0'; |
| return x + 'A' - 10; |
| } |
| |
| static inline CHAR ctox( CHAR x ) |
| { |
| if( ( x >= '0' ) && ( x <= '9' ) ) |
| return x - '0'; |
| if( ( x >= 'A' ) && ( x <= 'F' ) ) |
| return x - 'A' + 10; |
| if( ( x >= 'a' ) && ( x <= 'a' ) ) |
| return x - 'a' + 10; |
| return -1; |
| } |
| |
| static LPSTR MPR_GetValueName( LPSTR pbResource, WORD cbResource, BYTE nType ) |
| { |
| LPSTR name; |
| DWORD i; |
| |
| name = HeapAlloc( GetProcessHeap(), 0, 6+cbResource*2 ); |
| if( name ) |
| sprintf( name, "X-%02X-", nType ); |
| for(i=0; i<cbResource; i++) |
| { |
| name[5+i*2]=hex((pbResource[i]&0xf0)>>4); |
| name[6+i*2]=hex(pbResource[i]&0x0f); |
| } |
| name[5+i*2]=0; |
| TRACE( "Value is %s\n", name ); |
| return name; |
| } |
| |
| |
| /************************************************************************** |
| * WNetCachePassword [MPR.@] Saves password in cache |
| * |
| * NOTES |
| * only the parameter count is verifyed |
| * |
| * ---- everything below this line might be wrong (js) ----- |
| * RETURNS |
| * Success: WN_SUCCESS |
| * Failure: WN_ACCESS_DENIED, WN_BAD_PASSWORD, WN_BADVALUE, WN_NET_ERROR, |
| * WN_NOT_SUPPORTED, WN_OUT_OF_MEMORY |
| */ |
| DWORD WINAPI WNetCachePassword( |
| LPSTR pbResource, /* [in] Name of workgroup, computer, or resource */ |
| WORD cbResource, /* [in] Size of name */ |
| LPSTR pbPassword, /* [in] Buffer containing password */ |
| WORD cbPassword, /* [in] Size of password */ |
| BYTE nType, /* [in] Type of password to cache */ |
| WORD x) |
| |
| { |
| HKEY hkey; |
| DWORD r; |
| LPSTR valname; |
| |
| WARN( "(%p(%s), %d, %p(%s), %d, %d, 0x%08x): totally insecure\n", |
| pbResource, debugstr_a(pbResource), cbResource, |
| pbPassword, debugstr_a(pbPassword), cbPassword, |
| nType, x ); |
| |
| r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey ); |
| if( r ) |
| return WN_ACCESS_DENIED; |
| |
| valname = MPR_GetValueName( pbResource, cbResource, nType ); |
| if( valname ) |
| { |
| r = RegSetValueExA( hkey, valname, 0, REG_BINARY, |
| pbPassword, cbPassword ); |
| if( r ) |
| r = WN_CANCEL; |
| else |
| r = WN_SUCCESS; |
| HeapFree( GetProcessHeap(), 0, valname ); |
| } |
| else |
| r = WN_OUT_OF_MEMORY; |
| |
| RegCloseKey( hkey ); |
| |
| return r; |
| } |
| |
| /***************************************************************** |
| * WNetRemoveCachedPassword [MPR.@] |
| */ |
| UINT WINAPI WNetRemoveCachedPassword( |
| LPSTR pbResource, /* [in] resource ID to delete */ |
| WORD cbResource, /* [in] number of bytes in the resource ID */ |
| BYTE nType ) /* [in] Type of the resource to delete */ |
| { |
| HKEY hkey; |
| DWORD r; |
| LPSTR valname; |
| |
| WARN( "(%p(%s), %d, %d): totally insecure\n", |
| pbResource, debugstr_a(pbResource), cbResource, nType ); |
| |
| r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey ); |
| if( r ) |
| return WN_ACCESS_DENIED; |
| |
| valname = MPR_GetValueName( pbResource, cbResource, nType ); |
| if( valname ) |
| { |
| r = RegDeleteValueA( hkey, valname ); |
| if( r ) |
| r = WN_ACCESS_DENIED; |
| else |
| r = WN_SUCCESS; |
| HeapFree( GetProcessHeap(), 0, valname ); |
| } |
| else |
| r = WN_OUT_OF_MEMORY; |
| |
| return r; |
| } |
| |
| /***************************************************************** |
| * WNetGetCachedPassword [MPR.@] Retrieves password from cache |
| * |
| * NOTES |
| * the stub seems to be wrong: |
| * arg1: ptr 0x40xxxxxx -> (no string) |
| * arg2: len 36 |
| * arg3: ptr 0x40xxxxxx -> (no string) |
| * arg4: ptr 0x40xxxxxx -> 0xc8 |
| * arg5: type? 4 |
| * |
| * ---- everything below this line might be wrong (js) ----- |
| * RETURNS |
| * Success: WN_SUCCESS |
| * Failure: WN_ACCESS_DENIED, WN_BAD_PASSWORD, WN_BAD_VALUE, |
| * WN_NET_ERROR, WN_NOT_SUPPORTED, WN_OUT_OF_MEMORY |
| */ |
| DWORD WINAPI WNetGetCachedPassword( |
| LPSTR pbResource, /* [in] Name of workgroup, computer, or resource */ |
| WORD cbResource, /* [in] Size of name */ |
| LPSTR pbPassword, /* [out] Buffer to receive password */ |
| LPWORD pcbPassword, /* [out] Receives size of password */ |
| BYTE nType) /* [in] Type of password to retrieve */ |
| { |
| HKEY hkey; |
| DWORD r, type = 0, sz; |
| LPSTR valname; |
| |
| WARN( "(%p(%s), %d, %p, %p, %d): totally insecure\n", |
| pbResource, debugstr_a(pbResource), cbResource, |
| pbPassword, pcbPassword, nType ); |
| |
| memset( pbPassword, 0, *pcbPassword); |
| |
| r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey ); |
| if( r ) |
| return WN_ACCESS_DENIED; |
| |
| valname = MPR_GetValueName( pbResource, cbResource, nType ); |
| if( valname ) |
| { |
| sz = *pcbPassword; |
| r = RegQueryValueExA( hkey, valname, 0, &type, pbPassword, &sz ); |
| *pcbPassword = sz; |
| if( r ) |
| r = WN_CANCEL; |
| else |
| r = WN_SUCCESS; |
| HeapFree( GetProcessHeap(), 0, valname ); |
| } |
| else |
| r = WN_OUT_OF_MEMORY; |
| |
| return r; |
| } |
| |
| /******************************************************************* |
| * WNetEnumCachedPasswords [MPR.@] |
| * |
| * NOTES |
| * the parameter count is verifyed |
| * |
| * This function is a huge security risk, as virii and such can use |
| * it to grab all the passwords in the cache. It's bad enough to |
| * store the passwords (insecurely). |
| * |
| * bpPrefix and cbPrefix are used to filter the returned passwords |
| * the first cbPrefix bytes of the password resource identifier |
| * should match the same number of bytes in bpPrefix |
| * |
| * RETURNS |
| * Success: WN_SUCCESS (even if no entries were enumerated) |
| * Failure: WN_ACCESS_DENIED, WN_BAD_PASSWORD, WN_BAD_VALUE, |
| * WN_NET_ERROR, WN_NOT_SUPPORTED, WN_OUT_OF_MEMORY |
| */ |
| |
| UINT WINAPI WNetEnumCachedPasswords( |
| LPSTR pbPrefix, /* [in] prefix to filter cache entries */ |
| WORD cbPrefix, /* [in] number of bytes in Prefix substring */ |
| BYTE nType, /* [in] match the Type ID of the entry */ |
| ENUMPASSWORDPROC enumPasswordProc, /* [in] callback function */ |
| DWORD param) /* [in] parameter passed to enum function */ |
| { |
| HKEY hkey; |
| DWORD r, type, val_sz, data_sz, i, j, size; |
| PASSWORD_CACHE_ENTRY *entry; |
| CHAR val[256], prefix[6]; |
| |
| WARN( "(%s, %d, %d, %p, 0x%08lx) totally insecure\n", |
| debugstr_an(pbPrefix,cbPrefix), cbPrefix, |
| nType, enumPasswordProc, param ); |
| |
| r = RegCreateKeyA( HKEY_CURRENT_USER, mpr_key, &hkey ); |
| if( r ) |
| return WN_ACCESS_DENIED; |
| |
| sprintf(prefix, "X-%02X-", nType ); |
| |
| i = 0; |
| for( i=0; ; i++ ) |
| { |
| val_sz = sizeof val; |
| data_sz = 0; |
| type = 0; |
| val[0] = 0; |
| r = RegEnumValueA( hkey, i, val, &val_sz, NULL, &type, NULL, &data_sz ); |
| if( r != ERROR_SUCCESS ) |
| break; |
| if( type != REG_BINARY ) |
| continue; |
| |
| /* check the value is in the format we expect */ |
| if( val_sz < sizeof prefix ) |
| continue; |
| if( memcmp( prefix, val, 5 ) ) |
| continue; |
| |
| /* decode the value */ |
| for(j=5; j<val_sz; j+=2 ) |
| { |
| CHAR hi = ctox( val[j] ), lo = ctox( val[j+1] ); |
| if( ( hi < 0 ) || ( lo < 0 ) ) |
| break; |
| val[(j-5)/2] = (hi<<4) | lo; |
| } |
| |
| /* find the decoded length */ |
| val_sz = (j - 5)/2; |
| val[val_sz]=0; |
| if( val_sz < cbPrefix ) |
| continue; |
| |
| /* check the prefix matches */ |
| if( memcmp(val, pbPrefix, cbPrefix) ) |
| continue; |
| |
| /* read the value data */ |
| size = sizeof *entry - sizeof entry->abResource[0] + val_sz + data_sz; |
| entry = HeapAlloc( GetProcessHeap(), 0, sizeof *entry + val_sz + data_sz ); |
| memcpy( entry->abResource, val, val_sz ); |
| entry->cbEntry = size; |
| entry->cbResource = val_sz; |
| entry->cbPassword = data_sz; |
| entry->iEntry = i; |
| entry->nType = nType; |
| r = RegEnumValueA( hkey, i, NULL, &val_sz, NULL, &type, |
| &entry->abResource[val_sz], &data_sz ); |
| if( r == ERROR_SUCCESS ) |
| enumPasswordProc( entry, param ); |
| HeapFree( GetProcessHeap(), 0, entry ); |
| } |
| |
| RegCloseKey( hkey ); |
| |
| return WN_SUCCESS; |
| } |