archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
4.9 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/termsrv/newclient/tsmmc/snapin/connode.cpp

881 lines
22 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. //Copyright (c) 1998 - 1999 Microsoft Corporation
  2. #include "stdafx.h"
  3. #include "connode.h"
  4. #include "resource.h"
  5. #include "license.h"
  6. #include "tssec.h"
  7. #include "defaults.h"
  8. #include "wincrypt.h"
  10. #define NO_PASSWORD_VALUE_LEN 4
  11. #define NO_PASSWORD_VALUE 0x45628275
  13. CConNode::CConNode()
  14. {
  15. m_bConnected = FALSE;
  16. m_bConnectionInitialized = FALSE;
  18. m_szServer[0] = NULL;
  19. m_szDescription[0] = NULL;
  21. m_szUserName[0] = NULL;
  22. m_szDomain[0] = NULL;
  24. m_bSavePassword = FALSE;
  26. m_resType = SCREEN_RES_FILL_MMC;
  27. m_Width = DEFAULT_RES_WIDTH;
  28. m_Height = DEFAULT_RES_HEIGHT;
  30. m_szProgramPath[0] = NULL;
  31. m_szProgramStartIn[0] = NULL;
  33. m_pMhostCtl = NULL;
  34. m_pTsClientCtl = NULL;
  36. m_bConnectToConsole = FALSE;
  37. m_bRedirectDrives = FALSE;
  38. m_pIComponent = NULL;
  39. m_fPasswordSpecified = FALSE;
  41. _blobEncryptedPassword.cbData = 0;
  42. _blobEncryptedPassword.pbData = 0;
  43. }
  46. CConNode::~CConNode()
  47. {
  48. if (m_pIComponent)
  49. {
  50. m_pIComponent->Release();
  51. m_pIComponent = NULL;
  52. }
  54. if (_blobEncryptedPassword.pbData && _blobEncryptedPassword.cbData) {
  55. LocalFree(_blobEncryptedPassword.pbData);
  56. _blobEncryptedPassword.pbData = NULL;
  57. _blobEncryptedPassword.cbData = 0;
  58. }
  59. }
  61. BOOL CConNode::SetServerName( LPTSTR szServerName)
  62. {
  63. ASSERT(szServerName);
  64. if (szServerName != NULL)
  65. {
  66. lstrcpy(m_szServer, szServerName);
  67. }
  68. else
  69. {
  70. m_szServer[0] = NULL;
  71. }
  72. return TRUE;
  73. }
  75. BOOL CConNode::SetDescription( LPTSTR szDescription)
  76. {
  77. ASSERT(szDescription);
  78. if (szDescription != NULL)
  79. {
  80. lstrcpy(m_szDescription, szDescription);
  81. }
  82. else
  83. {
  84. m_szDescription[0] = NULL;
  85. }
  86. return TRUE;
  87. }
  89. BOOL CConNode::SetUserName( LPTSTR szUserName)
  90. {
  91. ASSERT(szUserName);
  92. if (szUserName != NULL)
  93. {
  94. lstrcpy(m_szUserName, szUserName);
  95. }
  96. else
  97. {
  98. m_szUserName[0] = NULL;
  99. }
  101. return TRUE;
  102. }
  104. BOOL CConNode::SetDomain(LPTSTR szDomain)
  105. {
  106. ASSERT(szDomain);
  107. if (szDomain != NULL)
  108. {
  109. lstrcpy(m_szDomain, szDomain);
  110. }
  111. else
  112. {
  113. m_szDomain[0] = NULL;
  114. }
  115. return TRUE;
  116. }
  118. //
  119. // DataProtect
  120. // Protect data for persistence using data protection API
  121. // params:
  122. // pInData - (in) input bytes to protect
  123. // cbLen - (in) length of pInData in bytes
  124. // ppOutData - (out) output bytes
  125. // pcbOutLen - (out) length of output
  126. // returns: bool status
  127. //
  128. BOOL CConNode::DataProtect(PBYTE pInData, DWORD cbLen, PBYTE* ppOutData, PDWORD pcbOutLen)
  129. {
  130. DATA_BLOB DataIn;
  131. DATA_BLOB DataOut;
  132. ASSERT(pInData && cbLen);
  133. ASSERT(ppOutData);
  134. ASSERT(pcbOutLen);
  135. if (pInData && cbLen && ppOutData && pcbOutLen)
  136. {
  137. DataIn.pbData = pInData;
  138. DataIn.cbData = cbLen;
  140. if (CryptProtectData( &DataIn,
  141. TEXT("ps"), // DESCRIPTION STRING.
  142. NULL, // optional entropy
  143. NULL, // reserved
  144. NULL, // NO prompting
  145. CRYPTPROTECT_UI_FORBIDDEN, //don't pop UI
  146. &DataOut ))
  147. {
  148. *ppOutData = (PBYTE)LocalAlloc(LPTR, DataOut.cbData);
  149. if (*ppOutData)
  150. {
  151. //copy the output data
  152. memcpy(*ppOutData, DataOut.pbData, DataOut.cbData);
  153. *pcbOutLen = DataOut.cbData;
  154. LocalFree(DataOut.pbData);
  155. return TRUE;
  156. }
  157. else
  158. {
  159. LocalFree(DataOut.pbData);
  160. return FALSE;
  161. }
  162. }
  163. else
  164. {
  165. DWORD dwLastErr = GetLastError();
  166. DBGMSG( L"CryptProtectData FAILED error:%d\n",dwLastErr);
  167. return FALSE;
  168. }
  169. }
  170. else
  171. {
  172. return FALSE;
  173. }
  174. }
  176. //
  177. // DataUnprotect
  178. // UnProtect persisted out data using data protection API
  179. // params:
  180. // pInData - (in) input bytes to UN protect
  181. // cbLen - (in) length of pInData in bytes
  182. // ppOutData - (out) output bytes
  183. // pcbOutLen - (out) length of output
  184. // returns: bool status
  185. //
  186. //
  187. BOOL CConNode::DataUnprotect(PBYTE pInData, DWORD cbLen, PBYTE* ppOutData, PDWORD pcbOutLen)
  188. {
  189. DATA_BLOB DataIn;
  190. DATA_BLOB DataOut;
  191. ASSERT(pInData && cbLen && ppOutData && pcbOutLen);
  192. if (pInData && cbLen && ppOutData && pcbOutLen)
  193. {
  194. DataIn.pbData = pInData;
  195. DataIn.cbData = cbLen;
  197. if (CryptUnprotectData( &DataIn,
  198. NULL, // NO DESCRIPTION STRING
  199. NULL, // optional entropy
  200. NULL, // reserved
  201. NULL, // NO prompting
  202. CRYPTPROTECT_UI_FORBIDDEN, //don't pop UI
  203. &DataOut ))
  204. {
  205. *ppOutData = (PBYTE)LocalAlloc(LPTR, DataOut.cbData);
  206. if (*ppOutData)
  207. {
  208. //copy the output data
  209. memcpy(*ppOutData, DataOut.pbData, DataOut.cbData);
  210. *pcbOutLen = DataOut.cbData;
  211. LocalFree(DataOut.pbData);
  212. return TRUE;
  213. }
  214. else
  215. {
  216. LocalFree(DataOut.pbData);
  217. return FALSE;
  218. }
  219. }
  220. else
  221. {
  222. DWORD dwLastErr = GetLastError();
  223. DBGMSG( L"CryptUnprotectData FAILED error:%d\n",dwLastErr);
  224. return FALSE;
  225. }
  226. }
  227. else
  228. {
  229. return FALSE;
  230. }
  231. }
  234. HRESULT CConNode::PersistToStream( IStream* pStm)
  235. {
  236. //
  237. // Persist the data of this connection node to the stream
  238. //
  239. // The data is persisted started at the current seek position
  240. // of the stream.
  242. HRESULT hr;
  243. ULONG cbWritten;
  245. ASSERT(pStm);
  246. if (!pStm)
  247. {
  248. return E_FAIL;
  249. }
  251. //
  252. //Persist info version
  253. //
  254. int persist_ver = CONNODE_PERSIST_INFO_VERSION;
  255. hr = pStm->Write( &persist_ver, sizeof(persist_ver), &cbWritten);
  256. HR_RET_IF_FAIL(hr);
  258. //
  259. //server
  260. //
  261. hr = pStm->Write( &m_szServer, sizeof(m_szServer), &cbWritten);
  262. HR_RET_IF_FAIL(hr);
  264. //
  265. //description
  266. //
  267. hr = pStm->Write( &m_szDescription, sizeof(m_szDescription), &cbWritten);
  268. HR_RET_IF_FAIL(hr);
  270. //
  271. //user name
  272. //
  273. hr = pStm->Write( &m_szUserName, sizeof(m_szUserName), &cbWritten);
  274. HR_RET_IF_FAIL(hr);
  277. //
  278. //encrypted password
  279. //
  281. //Intentional ignore of failure code as crypto may fail
  282. hr = WriteProtectedPassword( pStm);
  284. //
  285. //domain
  286. //
  287. hr = pStm->Write( &m_szDomain, sizeof(m_szDomain), &cbWritten);
  288. HR_RET_IF_FAIL(hr);
  290. //
  291. //Password specified flag
  292. //
  293. BOOL fWritePassword = GetPasswordSpecified() && GetSavePassword();
  294. hr = pStm->Write( &fWritePassword, sizeof(fWritePassword), &cbWritten);
  295. HR_RET_IF_FAIL(hr);
  297. //
  298. // Screen resolution
  299. //
  300. hr = pStm->Write( &m_resType, sizeof(m_resType), &cbWritten);
  301. HR_RET_IF_FAIL(hr);
  303. hr = pStm->Write( &m_Width, sizeof(m_Width), &cbWritten);
  304. HR_RET_IF_FAIL(hr);
  306. hr = pStm->Write( &m_Height, sizeof(m_Height), &cbWritten);
  307. HR_RET_IF_FAIL(hr);
  309. //
  310. // Start program
  311. //
  312. hr = pStm->Write( &m_szProgramPath, sizeof(m_szProgramPath), &cbWritten);
  313. HR_RET_IF_FAIL(hr);
  315. //
  316. // Work dir
  317. //
  318. hr = pStm->Write( &m_szProgramStartIn, sizeof(m_szProgramStartIn), &cbWritten);
  319. HR_RET_IF_FAIL(hr);
  321. //
  322. // Connect to console
  323. //
  324. hr = pStm->Write( &m_bConnectToConsole, sizeof(m_bConnectToConsole), &cbWritten);
  325. HR_RET_IF_FAIL(hr);
  327. hr = pStm->Write( &m_bRedirectDrives, sizeof(m_bRedirectDrives), &cbWritten);
  328. HR_RET_IF_FAIL(hr);
  330. //
  331. // PADDING for future extension
  332. //
  333. DWORD dwPad = (DWORD)-1;
  334. hr = pStm->Write( &dwPad, sizeof(dwPad), &cbWritten);
  335. HR_RET_IF_FAIL(hr);
  336. hr = pStm->Write( &dwPad, sizeof(dwPad), &cbWritten);
  337. HR_RET_IF_FAIL(hr);
  338. hr = pStm->Write( &dwPad, sizeof(dwPad), &cbWritten);
  339. HR_RET_IF_FAIL(hr);
  341. return S_OK;
  342. }
  344. HRESULT CConNode::InitFromStream( IStream* pStm)
  345. {
  346. //
  347. // Reads in the data for this connection node from the stream
  348. // starting at the current seek position in the stream.
  349. //
  350. HRESULT hr;
  351. ULONG cbRead;
  353. ASSERT(pStm);
  354. if (!pStm)
  355. {
  356. return E_FAIL;
  357. }
  359. int persist_info_version;
  360. //
  361. //Persist info version
  362. //
  363. hr = pStm->Read( &persist_info_version, sizeof(persist_info_version), &cbRead);
  364. HR_RET_IF_FAIL(hr);
  366. if (persist_info_version <= CONNODE_PERSIST_INFO_VERSION_TSAC_BETA)
  367. {
  368. //
  369. // Unsupported perist version
  370. //
  371. return E_FAIL;
  372. }
  374. //
  375. //server
  376. //
  377. hr = pStm->Read( &m_szServer, sizeof(m_szServer), &cbRead);
  378. m_szServer[sizeof(m_szServer) / sizeof(TCHAR) - 1] = NULL;
  379. HR_RET_IF_FAIL(hr);
  381. //
  382. //description
  383. //
  384. hr = pStm->Read( &m_szDescription, sizeof(m_szDescription), &cbRead);
  385. m_szDescription[sizeof(m_szDescription) / sizeof(TCHAR) - 1] = NULL;
  386. HR_RET_IF_FAIL(hr);
  388. //
  389. //user name
  390. //
  391. hr = pStm->Read( &m_szUserName, sizeof(m_szUserName), &cbRead);
  392. m_szUserName[sizeof(m_szUserName) / sizeof(TCHAR) - 1] = NULL;
  393. HR_RET_IF_FAIL(hr);
  395. //
  396. // Password
  397. //
  399. BOOL fGotPassword = FALSE;
  400. if (CONNODE_PERSIST_INFO_VERSION_TSAC_BETA == persist_info_version)
  401. {
  402. //
  403. // We drop the password if it's in TSAC format as we dropped
  404. // support for that format
  405. //
  407. //
  408. // Just seek past the correct number of bytes
  409. //
  411. LARGE_INTEGER seekDelta = {0, CL_OLD_PASSWORD_LENGTH + CL_SALT_LENGTH};
  412. hr = pStm->Seek(seekDelta,
  413. STREAM_SEEK_CUR,
  414. NULL);
  415. HR_RET_IF_FAIL(hr);
  416. }
  417. else if (persist_info_version <= CONNODE_PERSIST_INFO_VERSION_DOTNET_BETA3) {
  418. //
  419. // We drop support for the legacy DPAPI+Control obfuscation formats
  420. //
  421. DWORD cbSecureLen = 0;
  422. //
  423. //encrypted bytes length
  424. //
  425. hr = pStm->Read( &cbSecureLen, sizeof(cbSecureLen), &cbRead);
  426. HR_RET_IF_FAIL(hr);
  428. //
  429. // Just seek ahead in the stream
  430. //
  431. LARGE_INTEGER seekDelta;
  432. seekDelta.LowPart = cbSecureLen;
  433. seekDelta.HighPart = 0;
  434. hr = pStm->Seek(seekDelta,
  435. STREAM_SEEK_CUR,
  436. NULL);
  437. HR_RET_IF_FAIL(hr);
  438. }
  439. else
  440. {
  441. //Read the new more secure format
  442. hr = ReadProtectedPassword(pStm);
  443. if(SUCCEEDED(hr)) {
  444. fGotPassword = TRUE;
  445. }
  446. else {
  447. ODS(TEXT("Failed to ReadProtectedPassword\n"));
  448. }
  449. }
  450. //
  451. //domain
  452. //
  453. if(persist_info_version >= CONNODE_PERSIST_INFO_VERSION_DOTNET_BETA3)
  454. {
  455. hr = pStm->Read( &m_szDomain, sizeof(m_szDomain), &cbRead);
  456. m_szDomain[sizeof(m_szDomain) / sizeof(TCHAR) - 1] = NULL;
  457. HR_RET_IF_FAIL(hr);
  458. }
  459. else
  460. {
  461. //Old length for domain
  462. hr = pStm->Read( &m_szDomain, CL_OLD_DOMAIN_LENGTH * sizeof(TCHAR),
  463. &cbRead);
  464. m_szDomain[CL_OLD_DOMAIN_LENGTH - 1] = NULL;
  465. HR_RET_IF_FAIL(hr);
  466. }
  468. //
  469. //Password specified flag
  470. //
  471. hr = pStm->Read( &m_fPasswordSpecified, sizeof(m_fPasswordSpecified), &cbRead);
  472. HR_RET_IF_FAIL(hr);
  474. //
  475. // Override the autologon flag if we failed to
  476. // get a password, e.g if we were unable to decrypt
  477. // it because the current user doesn't match credentials
  478. //
  479. if(!fGotPassword)
  480. {
  481. m_fPasswordSpecified = FALSE;
  482. }
  484. //
  485. // If the password was specified in the file
  486. // it means we want it saved
  487. //
  488. m_bSavePassword = m_fPasswordSpecified;
  490. //
  491. // Screen resolution
  492. //
  493. hr = pStm->Read( &m_resType, sizeof(m_resType), &cbRead);
  494. HR_RET_IF_FAIL(hr);
  496. hr = pStm->Read( &m_Width, sizeof(m_Width), &cbRead);
  497. HR_RET_IF_FAIL(hr);
  499. hr = pStm->Read( &m_Height, sizeof(m_Height), &cbRead);
  500. HR_RET_IF_FAIL(hr);
  502. //
  503. // Start program
  504. //
  505. hr = pStm->Read( &m_szProgramPath, sizeof(m_szProgramPath), &cbRead);
  506. m_szProgramPath[sizeof(m_szProgramPath) / sizeof(TCHAR) - 1] = NULL;
  507. HR_RET_IF_FAIL(hr);
  509. //
  510. // Work dir
  511. //
  512. hr = pStm->Read( &m_szProgramStartIn, sizeof(m_szProgramStartIn), &cbRead);
  513. m_szProgramStartIn[sizeof(m_szProgramStartIn) / sizeof(TCHAR) - 1] = NULL;
  514. HR_RET_IF_FAIL(hr);
  517. if(persist_info_version >= CONNODE_PERSIST_INFO_VERSION_WHISTLER_BETA1)
  518. {
  519. //
  520. // Connect to console
  521. //
  522. hr = pStm->Read( &m_bConnectToConsole, sizeof(m_bConnectToConsole), &cbRead);
  523. HR_RET_IF_FAIL(hr);
  525. hr = pStm->Read( &m_bRedirectDrives, sizeof(m_bRedirectDrives), &cbRead);
  526. HR_RET_IF_FAIL(hr);
  528. //
  529. // PADDING for future extension
  530. //
  531. DWORD dwPad;
  532. hr = pStm->Read( &dwPad, sizeof(dwPad), &cbRead);
  533. HR_RET_IF_FAIL(hr);
  534. hr = pStm->Read( &dwPad, sizeof(dwPad), &cbRead);
  535. HR_RET_IF_FAIL(hr);
  536. hr = pStm->Read( &dwPad, sizeof(dwPad), &cbRead);
  537. HR_RET_IF_FAIL(hr);
  538. }
  540. return S_OK;
  541. }
  543. HRESULT CConNode::ReadProtectedPassword(IStream* pStm)
  544. {
  545. HRESULT hr = E_FAIL;
  546. ULONG cbRead;
  547. if (pStm)
  548. {
  549. //
  550. // NOTE: About password encryption
  551. // at runtime the password is passed around in DPAPI form
  552. //
  553. // Legacy formats had the password first encrypted with the
  554. // control's password obfuscation - we got rid of those.
  555. //
  556. // persistence format is
  557. // -DWORD giving size of encrypted data field
  558. // -Data protection ENCRYPTED BYTES of encryptedpass+salt concatenation
  559. //
  560. DWORD cbSecureLen = 0;
  561. //
  562. //encrypted bytes length
  563. //
  564. hr = pStm->Read( &cbSecureLen, sizeof(cbSecureLen), &cbRead);
  565. HR_RET_IF_FAIL(hr);
  567. if (cbSecureLen == 0) {
  568. return E_FAIL;
  569. }
  571. PBYTE pEncryptedBytes = (PBYTE) LocalAlloc(LPTR, cbSecureLen);
  572. if (!pEncryptedBytes) {
  573. return E_OUTOFMEMORY;
  574. }
  576. //
  577. //read in the encrypted pass+salt combo
  578. //
  579. hr = pStm->Read( pEncryptedBytes, cbSecureLen, &cbRead);
  580. HR_RET_IF_FAIL(hr);
  581. if (cbSecureLen != cbRead)
  582. {
  583. LocalFree(pEncryptedBytes);
  584. return E_FAIL;
  585. }
  587. if (cbSecureLen == NO_PASSWORD_VALUE_LEN)
  588. {
  589. ODS(TEXT("Read cbSecurLen of NO_PASSWORD_VALUE_LEN. No password."));
  590. LocalFree(pEncryptedBytes);
  591. return E_FAIL;
  592. }
  594. //
  595. // DPAPI decrypt the persisted secure bytes to test if the decryption
  596. // succeeds
  597. //
  598. PBYTE pUnSecureBytes;
  599. DWORD cbUnSecureLen;
  600. if (!DataUnprotect( (PBYTE)pEncryptedBytes, cbSecureLen,
  601. &pUnSecureBytes, &cbUnSecureLen))
  602. {
  603. //DPAPI Password encryption failed
  604. ODS(TEXT("DataUnProtect encryption FAILED\n"));
  605. LocalFree(pEncryptedBytes);
  606. return E_FAIL;
  607. }
  609. //
  610. // Free any existing data in the blob
  611. //
  612. if (_blobEncryptedPassword.pbData && _blobEncryptedPassword.cbData) {
  613. LocalFree(_blobEncryptedPassword.pbData);
  614. _blobEncryptedPassword.pbData = NULL;
  615. _blobEncryptedPassword.cbData = 0;
  616. }
  618. //
  619. // Do not free the encrypted bytes, they are kept around
  620. // in the data blob in DPAPI format - ConNode will take care
  621. // of correctly freeing the bytes when they are no longer needed.
  622. //
  623. _blobEncryptedPassword.pbData = pEncryptedBytes;
  624. _blobEncryptedPassword.cbData = cbSecureLen;
  626. SecureZeroMemory(pUnSecureBytes, cbUnSecureLen);
  627. LocalFree(pUnSecureBytes);
  628. return hr;
  629. }
  630. else
  631. {
  632. return E_INVALIDARG;
  633. }
  634. }
  637. //
  638. // Write a DPAPI protected password out to the stream
  639. //
  640. HRESULT CConNode::WriteProtectedPassword(IStream* pStm)
  641. {
  642. HRESULT hr = E_FAIL;
  643. ULONG cbWritten;
  644. if (pStm)
  645. {
  646. //
  647. // NOTE: About password encryption
  648. // at runtime the password is passed around in DPAPI form
  650. //
  651. // Save the password/salt in the following format
  652. // -DWORD giving size of encrypted data field
  653. // -Data protection ENCRYPTED BYTES of encryptedpass+salt concatenation
  654. //
  656. PBYTE pSecureBytes = NULL;
  657. DWORD cbSecureLen = NULL;
  658. BOOL fFreeSecureBytes = FALSE;
  660. DWORD dwDummyBytes = NO_PASSWORD_VALUE;
  662. //
  663. // Don't save the password if the setting is not selected or if there
  664. // isn't any data to save.
  665. //
  666. if (!GetSavePassword() || 0 == _blobEncryptedPassword.cbData) {
  667. //
  668. // User chose not to save the password, write 4 bytes
  669. //
  670. cbSecureLen = 4;
  671. pSecureBytes = (PBYTE)&dwDummyBytes;
  672. }
  675. //
  676. //encrypted bytes length
  677. //
  678. cbSecureLen = _blobEncryptedPassword.cbData;
  679. hr = pStm->Write(&cbSecureLen, sizeof(cbSecureLen), &cbWritten);
  681. //
  682. //write out secured bytes
  683. //
  684. if (SUCCEEDED(hr)) {
  685. pSecureBytes = _blobEncryptedPassword.pbData;
  686. hr = pStm->Write(pSecureBytes, cbSecureLen, &cbWritten);
  687. }
  688. }
  689. else
  690. {
  691. hr = E_INVALIDARG;
  692. }
  693. return hr;
  694. }
  697. IMsRdpClient* CConNode::GetTsClient()
  698. {
  699. if (m_pTsClientCtl)
  700. {
  701. m_pTsClientCtl->AddRef();
  702. }
  703. return m_pTsClientCtl;
  704. }
  706. void CConNode::SetTsClient(IMsRdpClient* pTs)
  707. {
  708. if (NULL == pTs)
  709. {
  710. if (m_pTsClientCtl)
  711. {
  712. m_pTsClientCtl->Release();
  713. m_pTsClientCtl = NULL;
  714. }
  715. }
  716. else
  717. {
  718. m_pTsClientCtl = pTs;
  719. m_pTsClientCtl->AddRef();
  720. }
  721. }
  723. IMstscMhst* CConNode::GetMultiHostCtl()
  724. {
  725. if (m_pMhostCtl)
  726. {
  727. m_pMhostCtl->AddRef();
  728. }
  729. return m_pMhostCtl;
  730. }
  732. void CConNode::SetMultiHostCtl(IMstscMhst* pMhst)
  733. {
  734. if (NULL == pMhst)
  735. {
  736. if (m_pMhostCtl)
  737. {
  738. m_pMhostCtl->Release();
  739. }
  740. m_pMhostCtl = NULL;
  741. }
  742. else
  743. {
  744. m_pMhostCtl = pMhst;
  745. m_pMhostCtl->AddRef();
  746. }
  747. }
  749. IComponent* CConNode::GetView()
  750. {
  751. if (m_pIComponent)
  752. {
  753. m_pIComponent->AddRef();
  754. }
  755. return m_pIComponent;
  756. }
  758. void CConNode::SetView(IComponent* pView)
  759. {
  760. if (!pView)
  761. {
  762. if (m_pIComponent)
  763. {
  764. m_pIComponent->Release();
  765. m_pIComponent = NULL;
  766. }
  767. }
  768. else
  769. {
  770. if (m_pIComponent)
  771. {
  772. ODS( L"Clobbering IComponent interface, could be leaking\n" );
  773. }
  775. pView->AddRef();
  776. m_pIComponent = pView;
  777. }
  778. }
  781. //
  782. // Store a clear text password in encrypted form
  783. //
  784. HRESULT
  785. CConNode::SetClearTextPass(LPCTSTR szClearPass)
  786. {
  787. HRESULT hr = E_FAIL;
  789. DATA_BLOB din;
  790. din.cbData = _tcslen(szClearPass) * sizeof(TCHAR);
  791. din.pbData = (PBYTE)szClearPass;
  792. if (_blobEncryptedPassword.pbData)
  793. {
  794. LocalFree(_blobEncryptedPassword.pbData);
  795. _blobEncryptedPassword.pbData = NULL;
  796. _blobEncryptedPassword.cbData = 0;
  797. }
  798. if (din.cbData)
  799. {
  800. if (CryptProtectData(&din,
  801. TEXT("ps"), // DESCRIPTION STRING.
  802. NULL, // optional entropy
  803. NULL, // reserved
  804. NULL, // NO prompting
  805. CRYPTPROTECT_UI_FORBIDDEN, //don't pop UI
  806. &_blobEncryptedPassword))
  807. {
  808. hr = S_OK;
  809. }
  810. else
  811. {
  812. ODS((_T("DataProtect failed")));
  813. hr = E_FAIL;
  814. }
  815. }
  816. else
  817. {
  818. ODS((_T("0 length password, not encrypting")));
  819. hr = S_OK;
  820. }
  822. return hr;
  823. }
  825. //
  826. // Retrieve a clear text password
  827. //
  828. //
  829. // Params
  830. // [out] szBuffer - receives decrypted password
  831. // [int] cbLen - length of szBuffer
  832. //
  833. HRESULT
  834. CConNode::GetClearTextPass(LPTSTR szBuffer, INT cbLen)
  835. {
  836. HRESULT hr = E_FAIL;
  838. DATA_BLOB dout;
  839. dout.cbData = 0;
  840. dout.pbData = NULL;
  841. if (_blobEncryptedPassword.cbData)
  842. {
  843. memset(szBuffer, 0, cbLen);
  844. if (CryptUnprotectData(&_blobEncryptedPassword,
  845. NULL, // NO DESCRIPTION STRING
  846. NULL, // optional entropy
  847. NULL, // reserved
  848. NULL, // NO prompting
  849. CRYPTPROTECT_UI_FORBIDDEN, //don't pop UI
  850. &dout))
  851. {
  852. memcpy(szBuffer, dout.pbData,
  853. min( dout.cbData,(UINT)cbLen-sizeof(TCHAR)));
  855. //
  856. // Nuke the original copy
  857. //
  858. SecureZeroMemory(dout.pbData, dout.cbData);
  859. LocalFree( dout.pbData );
  860. hr = S_OK;
  861. }
  862. else
  863. {
  864. ODS((_T("DataUnprotect failed")));
  865. hr = E_FAIL;
  866. }
  867. }
  868. else
  869. {
  870. ODS(_T("0 length encrypted pass, not decrypting"));
  872. //
  873. // Just reset the output buffer
  874. //
  875. memset(szBuffer, 0, cbLen);
  876. hr = S_OK;
  877. }
  879. return hr;
  880. }