//============================================================================= // Copyright (c) 2000 Microsoft Corporation // // dialogs.cpp // // Credential manager user interface classes used to get credentials. // // Created 02/29/2000 johnstep (John Stephens) //============================================================================= #include "precomp.hpp" #include "shellapi.h" #include "dialogs.hpp" #include "resource.h" #include "utils.hpp" #include "shpriv.h" #include "shlobj.h" #include "shlobjp.h" // compile switch to allow credui to update wildcard creds #define SETWILDCARD NET_API_STATUS NetUserChangePasswordEy(LPCWSTR domainname, LPCWSTR username, LPCWSTR oldpassword, LPCWSTR newpassword); // .NET logo sizes #define BRANDLEFT_PIXEL_WIDTH 3 #define BRANDLEFT_PIXEL_HEIGHT 4 #define BRANDMID_PIXEL_HEIGHT 4 #define BRANDRIGHT_PIXEL_WIDTH 144 #define BRANDRIGHT_PIXEL_HEIGHT 37 //----------------------------------------------------------------------------- // Values //----------------------------------------------------------------------------- #define CREDUI_MAX_WELCOME_TEXT_LINES 8 #define CREDUI_MAX_LOGO_HEIGHT 80 #define CREDUI_MAX_CMDLINE_MSG_LENGTH 256 //----------------------------------------------------------------------------- // Global Variables //----------------------------------------------------------------------------- // Balloon tip infos for change password dialog: CONST CREDUI_BALLOON_TIP_INFO CreduiWrongOldTipInfo = { CreduiStrings.WrongOldTipTitle, CreduiStrings.WrongOldTipText, TTI_ERROR, 96, 76 }; CONST CREDUI_BALLOON_TIP_INFO CreduiNotSameTipInfo = { CreduiStrings.NotSameTipTitle, CreduiStrings.NotSameTipText, TTI_ERROR, 96, 76 }; CONST CREDUI_BALLOON_TIP_INFO CreduiTooShortTipInfo = { CreduiStrings.TooShortTipTitle, CreduiStrings.TooShortTipText, TTI_ERROR, 96, 76 }; // Control balloons for password dialog: CONST CREDUI_BALLOON CreduiUserNameBalloon = { 1, CREDUI_CONTROL_USERNAME, CREDUI_BALLOON_ICON_INFO, CreduiStrings.UserNameTipTitle, CreduiStrings.UserNameTipText }; CONST CREDUI_BALLOON CreduiEmailNameBalloon = { 1, CREDUI_CONTROL_USERNAME, CREDUI_BALLOON_ICON_INFO, CreduiStrings.EmailNameTipTitle, CreduiStrings.EmailNameTipText }; CONST CREDUI_BALLOON CreduiDowngradeBalloon = { 1, CREDUI_CONTROL_USERNAME, CREDUI_BALLOON_ICON_ERROR, CreduiStrings.LogonTipTitle, CreduiStrings.DowngradeTipText }; CONST CREDUI_BALLOON CreduiLogonBalloon = { 1, CREDUI_CONTROL_PASSWORD, CREDUI_BALLOON_ICON_ERROR, CreduiStrings.LogonTipTitle, CreduiStrings.LogonTipText }; CONST CREDUI_BALLOON CreduiLogonCapsBalloon = { 1, CREDUI_CONTROL_PASSWORD, CREDUI_BALLOON_ICON_ERROR, CreduiStrings.LogonTipTitle, CreduiStrings.LogonTipCaps }; // Placehold for known password: CONST WCHAR CreduiKnownPassword[] = L"********"; //----------------------------------------------------------------------------- // Functions //----------------------------------------------------------------------------- void DemoteOldDefaultSSOCred ( PCREDENTIAL_TARGET_INFORMATION pTargetInfo, // target info of new cred DWORD Flags ); //============================================================================= // CreduiChangePasswordCallback // // This callback handles changing a domain password. // // Arguments: // changePasswordWindow (in) // message (in) // wParam (in) // lParam (in) - on WM_INITDIALOG, this is the info structure // // Returns TRUE if we handled the message, otherwise FALSE. // // Created 04/26/2000 johnstep (John Stephens) //============================================================================= INT_PTR CALLBACK CreduiChangePasswordCallback( HWND changePasswordWindow, UINT message, WPARAM wParam, LPARAM lParam ) { CREDUI_CHANGE_PASSWORD_INFO *info = reinterpret_cast( GetWindowLongPtr(changePasswordWindow, GWLP_USERDATA)); if (message == WM_INITDIALOG) { info = reinterpret_cast(lParam); if (info != NULL) { // Store this object's pointer in the user data window long: SetWindowLongPtr(changePasswordWindow, GWLP_USERDATA, reinterpret_cast(info)); SetWindowText( GetDlgItem(changePasswordWindow, IDC_USERNAME), info->UserName); info->BalloonTip.Init(CreduiInstance, changePasswordWindow); info->OldPasswordBox.Init( GetDlgItem(changePasswordWindow, IDC_PASSWORD), &info->BalloonTip, &CreduiCapsLockTipInfo); info->NewPasswordBox.Init( GetDlgItem(changePasswordWindow, IDC_NEW_PASSWORD), &info->BalloonTip, &CreduiCapsLockTipInfo); info->ConfirmPasswordBox.Init( GetDlgItem(changePasswordWindow, IDC_CONFIRM_PASSWORD), &info->BalloonTip, &CreduiCapsLockTipInfo); return TRUE; } else { EndDialog(changePasswordWindow, IDCANCEL); } } else switch (message) { case WM_COMMAND: switch (LOWORD(wParam)) { case IDC_PASSWORD: case IDC_NEW_PASSWORD: if ((HIWORD(wParam) == EN_KILLFOCUS) || (HIWORD(wParam) == EN_CHANGE)) { if (info->BalloonTip.IsVisible()) { info->BalloonTip.Hide(); } } break; case IDOK: WCHAR userDomain[CRED_MAX_USERNAME_LENGTH + 1]; WCHAR userName[CRED_MAX_USERNAME_LENGTH + 1]; WCHAR oldPassword[CRED_MAX_STRING_LENGTH + 1]; WCHAR newPassword[CRED_MAX_STRING_LENGTH + 1]; WCHAR confirmPassword[CRED_MAX_STRING_LENGTH + 1]; oldPassword[0] = L'\0'; newPassword[0] = L'\0'; confirmPassword[0] = L'\0'; GetWindowText( GetDlgItem(changePasswordWindow, IDC_NEW_PASSWORD), newPassword, CRED_MAX_STRING_LENGTH); GetWindowText( GetDlgItem(changePasswordWindow, IDC_CONFIRM_PASSWORD), confirmPassword, CRED_MAX_STRING_LENGTH); if (wcscmp(newPassword, confirmPassword) != 0) { SetWindowText( GetDlgItem(changePasswordWindow, IDC_NEW_PASSWORD), NULL); SetWindowText( GetDlgItem(changePasswordWindow, IDC_CONFIRM_PASSWORD), NULL); info->BalloonTip.SetInfo( GetDlgItem(changePasswordWindow, IDC_NEW_PASSWORD), &CreduiNotSameTipInfo); info->BalloonTip.Show(); SecureZeroMemory(newPassword, sizeof newPassword); SecureZeroMemory(confirmPassword, sizeof confirmPassword); break; } // Confirm password is no longer needed SecureZeroMemory(confirmPassword, sizeof confirmPassword); GetWindowText( GetDlgItem(changePasswordWindow, IDC_PASSWORD), oldPassword, CRED_MAX_STRING_LENGTH); if (CredUIParseUserName( info->UserName, userName, sizeof(userName)/sizeof(WCHAR), userDomain, sizeof(userDomain)/sizeof(WCHAR)) == ERROR_SUCCESS) { NET_API_STATUS netStatus = NetUserChangePasswordEy(userDomain, userName, oldPassword, newPassword); // Old password is no longer needed SecureZeroMemory(oldPassword, sizeof oldPassword); switch (netStatus) { case NERR_Success: // Once we make it this far, the password has been // changed. If the following call fails to update the // credential, we really cannot do much about it except // maybe notify the user. StringCchCopyW( info->Password, info->PasswordMaxChars + 1, newPassword); // Scrub the passwords on the stack and clear the // controls: SecureZeroMemory(newPassword, sizeof newPassword); // NOTE: We may want to first set the controls to some // pattern to fill the memory, then clear it. SetWindowText( GetDlgItem(changePasswordWindow, IDC_PASSWORD), NULL); SetWindowText( GetDlgItem(changePasswordWindow, IDC_NEW_PASSWORD), NULL); SetWindowText( GetDlgItem(changePasswordWindow, IDC_CONFIRM_PASSWORD), NULL); // NOTE: We may want to notify the user that the password // has been successfully changed. break; default: // NOTE: If we got an unknown error, just handle it the // same way as an invalid password, for now: case ERROR_INVALID_PASSWORD: // New password is no longer needed SecureZeroMemory(newPassword, sizeof newPassword); SetWindowText( GetDlgItem(changePasswordWindow, IDC_PASSWORD), NULL); info->BalloonTip.SetInfo( GetDlgItem(changePasswordWindow, IDC_PASSWORD), &CreduiWrongOldTipInfo); info->BalloonTip.Show(); return TRUE; case ERROR_ACCESS_DENIED: // NOTE: One use of this return value is when the new // password and old are the same. Would any // configuration ever allow them to match? If not, // we could just compare before calling the API. case NERR_PasswordTooShort: // New password is no longer needed SecureZeroMemory(newPassword, sizeof newPassword); SetWindowText( GetDlgItem(changePasswordWindow, IDC_NEW_PASSWORD), NULL); SetWindowText( GetDlgItem(changePasswordWindow, IDC_CONFIRM_PASSWORD), NULL); info->BalloonTip.SetInfo( GetDlgItem(changePasswordWindow, IDC_NEW_PASSWORD), &CreduiTooShortTipInfo); info->BalloonTip.Show(); return TRUE; } } else { SecureZeroMemory(newPassword, sizeof newPassword); SecureZeroMemory(oldPassword, sizeof oldPassword); break; } // Fall through... case IDCANCEL: EndDialog(changePasswordWindow, LOWORD(wParam)); return TRUE; } break; } return FALSE; } //============================================================================= // CreduiChangeDomainPassword // // Displays a dialog allowing the user to change the domain password. // // Arguments: // parentWindow (in) // userName (in) // password (out) // passwordMaxChars (in) - on WM_INITDIALOG, this is the info structure // // Returns TRUE if we handled the message, otherwise FALSE. // // Created 06/06/2000 johnstep (John Stephens) //============================================================================= BOOL CreduiChangeDomainPassword( HWND parentWindow, CONST WCHAR *userName, WCHAR *password, ULONG passwordMaxChars ) { CREDUI_CHANGE_PASSWORD_INFO info; info.UserName = userName; info.Password = password; info.PasswordMaxChars = passwordMaxChars; return DialogBoxParam( CreduiInstance, MAKEINTRESOURCE(IDD_CHANGE_PASSWORD), parentWindow, CreduiChangePasswordCallback, reinterpret_cast(&info)) == IDOK; } //----------------------------------------------------------------------------- // CreduiPasswordDialog Class Implementation //----------------------------------------------------------------------------- LONG CreduiPasswordDialog::Registered = FALSE; //============================================================================= // CreduiPasswordDialog::SetCredTargetFromInfo() // // Created 04/03/2001 georgema //============================================================================= void CreduiPasswordDialog::SetCredTargetFromInfo() { BOOL serverOnly = TRUE; NewCredential.Type = (CredCategory == GENERIC_CATEGORY) ? CRED_TYPE_GENERIC : CRED_TYPE_DOMAIN_PASSWORD; if ( TargetInfo != NULL ) { if ( TargetInfo->CredTypeCount == 1 && *(TargetInfo->CredTypes) == CRED_TYPE_DOMAIN_VISIBLE_PASSWORD ) { NewCredential.Type = CRED_TYPE_DOMAIN_VISIBLE_PASSWORD; MaximumPersist = MaximumPersistSso; serverOnly = (Flags & CREDUI_FLAGS_SERVER_CREDENTIAL); } } if ( CredCategory == DOMAIN_CATEGORY && (TargetInfo != NULL)) { SelectBestTargetName(serverOnly); NewCredential.TargetName = NewTargetName; } else { NewCredential.TargetName = const_cast(UserOrTargetName); } } //============================================================================= // CreduiPasswordDialog::CreduiPasswordDialog // // Created 02/25/2000 johnstep (John Stephens) //============================================================================= CreduiPasswordDialog::CreduiPasswordDialog( IN BOOL doingCommandLine, IN BOOL delayCredentialWrite, IN DWORD credCategory, CREDUI_INFO *uiInfo, CONST WCHAR *targetName, WCHAR *userName, ULONG userNameMaxChars, WCHAR *password, ULONG passwordMaxChars, BOOL *save, DWORD flags, CtxtHandle *securityContext, DWORD authError, DWORD *result ) /*++ Routine Description: This routine implements the GUI prompt for credentials Arguments: DoingCommandLine - TRUE if prompting is to be done via the command line FALSE if prompting is to be done via GUI delayCredentialWrite - TRUE if the credential is to be written only upon confirmation. FALSE, if the credential is to be written now as a session credential then morphed to a more persistent credential upon confirmation. This field is ignored if Flags doesn't specify CREDUI_FLAGS_EXPECT_CONFIRMATION. credCategory - This is the subset of the "flags" parameter defining the category of the credential. ... Return Values: None --*/ { Result = ERROR_CANCELLED; hBrandBmp = NULL; // Initialize the result out argument for failure: if ( result != NULL ) *result = Result; // Turn on the following chatter always for debug builds #if DBG // ensure that we don't miss uninitialized members in test... memset(this,0xcc,sizeof(CreduiPasswordDialog)); CreduiDebugLog("CreduiPasswordDialog: Constructor. Incoming targetname = %S\n " ,targetName); CreduiDebugLog("Incoming username = %S\n",userName); #endif CREDENTIAL **credentialSet = NULL; SecPkgContext_CredentialName credentialName = { 0, NULL }; ZeroMemory(&NewCredential, sizeof NewCredential); fPassedUsername = FALSE; fPasswordOnly = FALSE; //FIX 399728 if ((userName != NULL) && (wcslen(userName) != 0)) fPassedUsername = TRUE; // Set most of the class members to valid initial values. The window // handles will be initialized later if everything succeeds: DoingCommandLine = doingCommandLine; DelayCredentialWrite = delayCredentialWrite; CredCategory = credCategory; UserName = userName; UserNameMaxChars = userNameMaxChars; Password = password; PasswordMaxChars = passwordMaxChars; Flags = flags; AuthError = authError; Save = (Flags & CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX) ? *save : FALSE; rcBrand.top = 0; rcBrand.left = 0; rcBrand.right = 0; rcBrand.bottom = 0; if (targetName != NULL) { TargetName = const_cast(targetName); SecurityContext = NULL; } else if ( CredCategory == DOMAIN_CATEGORY ) { if( securityContext == NULL) { CreduiDebugLog("CreduiPasswordDialog: Need to pass target name for domain creds.\n" ); if ( result != NULL ) *result = ERROR_INVALID_PARAMETER; return; } SecurityContext = securityContext; // Get the credential name, which includes the type, from the // security context: if (QueryContextAttributes( SecurityContext, SECPKG_ATTR_CREDENTIAL_NAME, static_cast(&credentialName)) != SEC_E_OK) { // This is an invalid security context for this function: CreduiDebugLog("CreduiPasswordDialog: Cannot QueryContextAttributes.\n" ); if ( result != NULL ) *result = ERROR_INVALID_PARAMETER; return; } TargetName = credentialName.sCredentialName; } else TargetName = NULL; if (uiInfo != NULL) { UiInfo = *uiInfo; } else { UiInfo.cbSize = sizeof(UiInfo); UiInfo.hwndParent = NULL; UiInfo.pszMessageText = NULL; UiInfo.pszCaptionText = NULL; UiInfo.hbmBanner = NULL; } PasswordCredential = NULL; OldCredential = NULL; TargetInfo = NULL; EncryptedVisiblePassword = TRUE; FirstPaint = TRUE; CredBalloon = NULL; NewTargetName[0] = L'\0'; NewTargetAlias[0] = L'\0'; DisabledControlMask = 0; PasswordState = PASSWORD_UNINIT; ResizeTop = 0; ResizeDelta = 0; DWORD MaximumPersistArray[CRED_TYPE_MAXIMUM]; if ( LocalCredGetSessionTypes( CRED_TYPE_MAXIMUM, MaximumPersistArray)) { // // Maintain "MaximumPersist" as the maximum persistence to use. // We don't know yet whether this is an SSO cred, so keep it in a separate location // until we know for sure. // // Be careful to not use MaximumPersist until we do know for sure // if ( CredCategory == DOMAIN_CATEGORY || CredCategory == USERNAME_TARGET_CATEGORY ) { MaximumPersist = MaximumPersistArray[CRED_TYPE_DOMAIN_PASSWORD]; } else { MaximumPersist = MaximumPersistArray[CRED_TYPE_GENERIC]; } MaximumPersistSso = MaximumPersistArray[CRED_TYPE_DOMAIN_VISIBLE_PASSWORD]; } else { MaximumPersist = CRED_PERSIST_NONE; MaximumPersistSso = CRED_PERSIST_NONE; } fInitialSaveState = FALSE; // ISSUE: this set at this point has no effect // // USERNAME_TARGET creds have two concepts of TargetName // The target name on the peristed credential needs to be the UserName // The target name everywhere else is the prompt text // UserOrTargetName is used in all the former cases. if ( CredCategory == USERNAME_TARGET_CATEGORY ) { UserOrTargetName = UserName; } else { UserOrTargetName = TargetName; } // // Get the target information for the target // // Only attempt to get target information if the target name is not a wildcard name. // // Do this regardless of whether the credential will be persisted. // Target info is used for completing the username. // if ( CredCategory == DOMAIN_CATEGORY && SecurityContext == NULL && !CreduiIsWildcardTargetName(TargetName) && LocalCredGetTargetInfoW( TargetName, CRED_ALLOW_NAME_RESOLUTION, &TargetInfo) ) { // // Check out the target info to ensure it matches the flag bits // passed by the caller. // // If not, ignore the target info. // We'll assume that the caller is using a different auth package than // the one matching the cached info. // if ( TargetInfo->CredTypeCount != 0 ) { ULONG AuthPackageStyle; BOOL CertOk = FALSE; BOOL PasswordOk = FALSE; AuthPackageStyle = 0; // // Loop through the supported cred types seeing what style the auth package supports // for (UINT i = 0; i < TargetInfo->CredTypeCount; ++i) { switch ( TargetInfo->CredTypes[i] ) { case CRED_TYPE_DOMAIN_CERTIFICATE: CertOk = TRUE; break; case CRED_TYPE_DOMAIN_PASSWORD: case CRED_TYPE_DOMAIN_VISIBLE_PASSWORD: PasswordOk = TRUE; break; } } // // Adjust that for what the caller requires // if (Flags & (CREDUI_FLAGS_REQUIRE_SMARTCARD|CREDUI_FLAGS_REQUIRE_CERTIFICATE) ) { PasswordOk = FALSE; } else if (Flags & CREDUI_FLAGS_EXCLUDE_CERTIFICATES) { CertOk = FALSE; } // // If nothing to supported, // ignore the target info // if ( !CertOk && !PasswordOk ) { LocalCredFree(static_cast(TargetInfo)); TargetInfo = NULL; } } } // // If the credential might be peristed, // determine the existing credential and // build a template for the credential to be persisted. // if (!(Flags & CREDUI_FLAGS_DO_NOT_PERSIST)) { // Read the existing credential for this target: CREDENTIAL *credential = NULL; Result = ERROR_SUCCESS; if ( CredCategory == GENERIC_CATEGORY ) { if (LocalCredReadW(TargetName, CRED_TYPE_GENERIC, 0, &PasswordCredential)) { OldCredential = PasswordCredential; } else { Result = GetLastError(); } } else { DWORD count; // // If a TargetInfo was found, // use it to read the matching credentials. // if ( TargetInfo != NULL ) { if (LocalCredReadDomainCredentialsW(TargetInfo, 0, &count, &credentialSet)) { for (DWORD i = 0; i < count; ++i) { #ifndef SETWILDCARD // // Ignore RAS and wildcard credentials, // we never want credUI to change such a credential. // if ( CreduiIsSpecialCredential(credentialSet[i]) ) { continue; } #endif // // If the caller needs a server credential, // ignore wildcard credentials. // if ((Flags & CREDUI_FLAGS_SERVER_CREDENTIAL) && CreduiIsWildcardTargetName( credentialSet[i]->TargetName)) { continue; } // // If the caller wants a certificate, // ignore non certificates. // if ( Flags & (CREDUI_FLAGS_REQUIRE_CERTIFICATE|CREDUI_FLAGS_REQUIRE_SMARTCARD) ) { if ( credentialSet[i]->Type != CRED_TYPE_DOMAIN_CERTIFICATE ) { continue; } } // // If the caller wants to avoid certificates, // ignore certificates. // if ( Flags & CREDUI_FLAGS_EXCLUDE_CERTIFICATES ) { if ( credentialSet[i]->Type == CRED_TYPE_DOMAIN_CERTIFICATE ) { continue; } } // // CredReadDomain domain credentials returns creds in preference // order as specified by the TargetInfo. // So use the first valid one. // if ( OldCredential == NULL ) { OldCredential = credentialSet[i]; } // // Remember the PasswordCredential in case we need to fall back to it // if ( credentialSet[i]->Type == CRED_TYPE_DOMAIN_PASSWORD ) { PasswordCredential = credentialSet[i]; } } if (OldCredential == NULL) { Result = ERROR_NOT_FOUND; } else { Result = ERROR_SUCCESS; } } else { Result = GetLastError(); } } // // We don't have a target info // read each of the possible credential types // else { if (!(Flags & CREDUI_FLAGS_EXCLUDE_CERTIFICATES) && ((SecurityContext == NULL) || (credentialName.CredentialType == CRED_TYPE_DOMAIN_CERTIFICATE)) && *UserOrTargetName != '\0' && LocalCredReadW(UserOrTargetName, CRED_TYPE_DOMAIN_CERTIFICATE, 0, &credential)) { if (CreduiIsSpecialCredential(credential)) { LocalCredFree(static_cast(credential)); credential = NULL; } else { OldCredential = credential; } } if ( ( Flags & (CREDUI_FLAGS_REQUIRE_CERTIFICATE|CREDUI_FLAGS_REQUIRE_SMARTCARD)) == 0 ) { if ( OldCredential == NULL && ((SecurityContext == NULL) || (credentialName.CredentialType == CRED_TYPE_DOMAIN_PASSWORD)) && *UserOrTargetName != '\0' && LocalCredReadW(UserOrTargetName, CRED_TYPE_DOMAIN_PASSWORD, 0, &credential)) { if (CreduiIsSpecialCredential(credential)) { LocalCredFree(static_cast(credential)); credential = NULL; } else { PasswordCredential = credential; OldCredential = credential; Result = ERROR_SUCCESS; } } if ( OldCredential == NULL && ((SecurityContext == NULL) || (credentialName.CredentialType == CRED_TYPE_DOMAIN_VISIBLE_PASSWORD)) && *UserOrTargetName != '\0' && LocalCredReadW(UserOrTargetName, CRED_TYPE_DOMAIN_VISIBLE_PASSWORD, 0, &credential)) { if (CreduiIsSpecialCredential(credential)) { LocalCredFree(static_cast(credential)); credential = NULL; } else { OldCredential = credential; Result = ERROR_SUCCESS; } } } if (OldCredential == NULL) { Result = GetLastError(); } else { fInitialSaveState = TRUE; // ISSUE: this set at this point has no effect Result = ERROR_SUCCESS; } } } if (Result == ERROR_SUCCESS) { NewCredential = *OldCredential; // if we have an existing cred, set the save state if (OldCredential != NULL) { fInitialSaveState = TRUE; // ISSUE: this set at this point has no effect } // If a user name was not passed, copy the user name and password // from the existing credential: if (UserName[0] == L'\0') { if (OldCredential->UserName != NULL) { StringCchCopyW( UserName, UserNameMaxChars + 1, OldCredential->UserName); } if (Password[0] == L'\0') { if ((OldCredential->Type == CRED_TYPE_GENERIC) ) { CopyMemory( Password, OldCredential->CredentialBlob, OldCredential->CredentialBlobSize); Password[OldCredential-> CredentialBlobSize >> 1] = L'\0'; } else if (OldCredential->Type == CRED_TYPE_DOMAIN_VISIBLE_PASSWORD) { // check to see if the new one should be encrypted, but in any case, we can't prefill // the password box EncryptedVisiblePassword = IsPasswordEncrypted(OldCredential->CredentialBlob, OldCredential->CredentialBlobSize); PasswordState = PASSWORD_CHANGED; } else { // If prompt is required now, or if we're rerturning the password, then we can't prefill the // password box: fInitialSaveState = TRUE; // ISSUE: this set at this point has no effect if (OldCredential->Flags & CRED_FLAGS_PROMPT_NOW || DelayCredentialWrite ) { PasswordState = PASSWORD_CHANGED; } else { StringCchCopyW( Password, PasswordMaxChars + 1, CreduiKnownPassword); } } } } } else { if (Result != ERROR_NO_SUCH_LOGON_SESSION) { Result = ERROR_SUCCESS; } OldCredential = NULL; SetCredTargetFromInfo(); PasswordState = PASSWORD_CHANGED; } NewCredential.UserName = UserName; NewCredential.CredentialBlob = reinterpret_cast(Password); // // Since the old cred is an SSO cred, // use the SSO maximum persistence. // // Wait till now since NewCredential.Type is updated from either the old credential // or from the target info above. // // BUGBUG: If there is no old credential or target info, // we won't know this until later. // if ( NewCredential.Type == CRED_TYPE_DOMAIN_VISIBLE_PASSWORD ) { MaximumPersist = MaximumPersistSso; } // // If the session type isn't supported on this machine, // fail if the caller needs to save the credential. // if ( MaximumPersist == CRED_PERSIST_NONE ) { if ( DelayCredentialWrite ) { // no credmgr available, and user asked to persist. We can't persist, but we // can continue with UI and return values via the api - add CREDUI_FLAGS_DO_NOT_PERSIST Flags |= CREDUI_FLAGS_DO_NOT_PERSIST; } else { // we can't do anything without credmgr, return error if ( result != NULL ) *result = ERROR_NO_SUCH_LOGON_SESSION; return; } } } // // If the cred may not be persisted, // clear the NewCredential. // if ( Flags & CREDUI_FLAGS_DO_NOT_PERSIST) { // NEED TO Initialize NewCred here ZeroMemory(&NewCredential, sizeof NewCredential); SetCredTargetFromInfo(); PasswordState = PASSWORD_CHANGED; NewCredential.UserName = UserName; NewCredential.CredentialBlob = reinterpret_cast(Password); Result = ERROR_SUCCESS; } if (Result == ERROR_SUCCESS) { HWND parentWindow = UiInfo.hwndParent; CreduiIconParentWindow iconWindow; if ((parentWindow == NULL) || !IsWindow(parentWindow)) { if (iconWindow.Init(CreduiInstance, IDI_DEFAULT)) { parentWindow = iconWindow.GetWindow(); } } BOOL doPasswordDialog = TRUE; // Before doing the dialog, check for special errors: if ( CredCategory == DOMAIN_CATEGORY && !DoingCommandLine && CREDUIP_IS_EXPIRED_ERROR( authError ) && (OldCredential != NULL)) { if (CreduiChangeDomainPassword( parentWindow, UserName, Password, PasswordMaxChars)) { doPasswordDialog = FALSE; // Attempt to write the new credential, first get the length. // The blob does not include the terminating NULL: NewCredential.CredentialBlobSize = wcslen(Password) * sizeof (WCHAR); // If the password is empty, do not write a credential blob: if (NewCredential.CredentialBlobSize == 0) { NewCredential.CredentialBlob = NULL; } else { NewCredential.CredentialBlob = reinterpret_cast(Password); } Result = FinishHandleOk(); } } // Check to see if we can skip the UI: if ( CredCategory == GENERIC_CATEGORY && !(Flags & CREDUI_FLAGS_ALWAYS_SHOW_UI) && (OldCredential != NULL) && !(OldCredential->Flags & CRED_FLAGS_PROMPT_NOW)) { doPasswordDialog = FALSE; if ((Flags & CREDUI_FLAGS_REQUIRE_CERTIFICATE) && !LocalCredIsMarshaledCredentialW(OldCredential->UserName)) { doPasswordDialog = TRUE; } if ((Flags & CREDUI_FLAGS_EXCLUDE_CERTIFICATES) && LocalCredIsMarshaledCredentialW(OldCredential->UserName)) { doPasswordDialog = TRUE; } } // Do the dialog box: // check to see if this is an SSO cred if ( GetSSOPackageInfo( TargetInfo, &SSOPackage ) ) { // it's an sso cred dwIDDResource = IDD_BRANDEDPASSWORD; // we never set initial save state on these fInitialSaveState = FALSE; // ISSUE: this set at this point has no effect // check to see if we already have a cred for this if (!CheckForSSOCred( NULL )) { // check to see if we should run the wizard if ( !(SSOPackage.dwRegistrationCompleted) && (SSOPackage.dwNumRegistrationRuns < 5) ) { doPasswordDialog = !TryLauchRegWizard ( &SSOPackage, UiInfo.hwndParent, (MaximumPersistSso > CRED_PERSIST_SESSION), userName, userNameMaxChars, password, passwordMaxChars, &Result ); } } } else { // it's not an sso cred dwIDDResource = IDD_PASSWORD; } // save a copy of the current working user name for later if (NewCredential.UserName != NULL) { StringCchCopyW( OldUserName, RTL_NUMBER_OF(OldUserName), NewCredential.UserName); } else { OldUserName[0] = 0; } if (doPasswordDialog) { if ( DoingCommandLine ) { // // Do the command line version of a dialog box // Result = CmdLineDialog(); } else { LinkWindow_RegisterClass(); if (DialogBoxParam( CreduiInstance, MAKEINTRESOURCE(dwIDDResource), parentWindow, DialogMessageHandlerCallback, reinterpret_cast(this)) == IDOK) { if ((Result != ERROR_SUCCESS) && (Result != ERROR_NO_SUCH_LOGON_SESSION)) { Result = ERROR_CANCELLED; } } else { Result = ERROR_CANCELLED; } } } } else { Result = ERROR_NO_SUCH_LOGON_SESSION; } // kill outbound username if share-level access if (fPasswordOnly) { CreduiDebugLog("CUIPD: Share level credentials\n"); userName[0] = 0; } // Make sure other processes can set foreground window once again: LockSetForegroundWindow(LSFW_UNLOCK); AllowSetForegroundWindow(ASFW_ANY); if (TargetInfo != NULL) { LocalCredFree(static_cast(TargetInfo)); } // If we read a credential set, PasswordCredential // is a pointer into this set. Otherwise, they were // read separately: if (credentialSet != NULL) { LocalCredFree(static_cast(credentialSet)); } else { if (PasswordCredential != NULL) { LocalCredFree(static_cast(PasswordCredential)); } } if ( result != NULL ) *result = Result; if ( save != NULL && (Result == ERROR_SUCCESS)) { *save = Save; } } //============================================================================= // CreduiPasswordDialog::~CreduiPasswordDialog // // The constructor cleans up after itself, and since that is the only way to // use this class, there's nothing to do in the destructor. // // Created 02/25/2000 johnstep (John Stephens) //============================================================================= CreduiPasswordDialog::~CreduiPasswordDialog() { WCHAR ClassName[] = {L"CreduiCmdLineHelperWindow"}; LONG lRet; if ( hBrandBmp != NULL ) DeleteObject ( hBrandBmp ); // If 'Registered' is nonzero, unregister the class if (InterlockedCompareExchange(&Registered, FALSE, TRUE)) { lRet = UnregisterClass(ClassName, 0); // Put the class handle back if deregister failed if (0 == lRet) { // If the unregister fails, allow other instances to retry the unregister CreduiDebugLog( "CreduiPasswordDialog::~CreduiPasswordDialog UnregisterClass failed.\n" ); // put back the flag value that we had destroyed InterlockedExchange(&Registered,TRUE); } } } #define MAX_TEMP_TARGETNAME 64 DWORD CreduiPasswordDialog::CmdLineDialog( VOID ) /*++ Routine Description: This routine implements the command line prompt for credentials Arguments: None Return Values: Win 32 status of the operation --*/ { DWORD WinStatus; HWND Window; MSG msg; // // Create the window class if it doesn't already exist // if (!InterlockedCompareExchange(&Registered, TRUE, FALSE)) { WNDCLASS windowClass; ZeroMemory(&windowClass, sizeof windowClass); windowClass.style = CS_GLOBALCLASS; windowClass.cbWndExtra = 0; windowClass.lpfnWndProc = CmdLineMessageHandlerCallback; windowClass.hInstance = CreduiInstance; windowClass.hIcon = NULL; windowClass.hCursor = LoadCursor(NULL, MAKEINTRESOURCE(IDC_ARROW)); windowClass.lpszClassName = L"CreduiCmdLineHelperWindow"; InterlockedExchange(&Registered, RegisterClass(&windowClass) != 0); if (!InterlockedCompareExchange(&Registered, FALSE, FALSE)) { WinStatus = GetLastError(); goto Cleanup; } } // // Create a window of that class // Window = CreateWindow( L"CreduiCmdLineHelperWindow", NULL, WS_POPUP, 0, 0, 0, 0, NULL, NULL, CreduiInstance,(LPVOID) this); if ( Window == NULL ) { WinStatus = GetLastError(); goto Cleanup; } // // Run the message loop // CreduiDebugLog( "Entering message loop\n" ); for (;;) { BOOL GmStatus; GmStatus = GetMessage(&msg, NULL, 0, 0 ); if ( GmStatus == -1 ) { WinStatus = GetLastError(); break; } else if ( GmStatus == 0 ) { WinStatus = Result; break; } DispatchMessage(&msg); } // // Get the status left from the message loop. WinStatus = (DWORD) msg.wParam; CreduiDebugLog( "Got Quit Message: %ld\n", WinStatus ); // // Process the data as though the user hit OK to the GUI // if ( WinStatus == NO_ERROR ) { PasswordState = PASSWORD_CHANGED; WinStatus = HandleOk(); if ( WinStatus == ERROR_NO_SUCH_LOGON_SESSION) { WinStatus = ERROR_CANCELLED; } } CreduiDebugLog( "Calling destroy\n" ); DestroyWindow( Window ); Cleanup: return WinStatus; } //============================================================================= // CreduiPasswordDialog::FinishHandleOk // // This function writes the credential for domain credentials. // // Created 04/09/2000 johnstep (John Stephens) //============================================================================= DWORD CreduiPasswordDialog::FinishHandleOk() { DWORD error = ERROR_SUCCESS; PCREDENTIAL_TARGET_INFORMATION pTargetInfo = TargetInfo; if (Flags & CREDUI_FLAGS_KEEP_USERNAME ) return error; DWORD dwCredWriteFlags = 0; BOOL bDoSave = TRUE; if (PasswordState == PASSWORD_INIT) { dwCredWriteFlags |= CRED_PRESERVE_CREDENTIAL_BLOB; } if ( dwIDDResource == IDD_BRANDEDPASSWORD ) { // we need to reinterpret what Save means. Save in this case means to save as the default // for the SSO realm, while !Save means rename the cred target as the username and // save without the password // never delay writing these creds DelayCredentialWrite = FALSE; if ( Save ) { NewCredential.Persist = CRED_PERSIST_ENTERPRISE; if ( !(Flags & CREDUI_FLAGS_KEEP_USERNAME )) DemoteOldDefaultSSOCred ( TargetInfo, Flags ); } else { // save this under the username if it doesn't already match NewCred's username if ( (OldCredential != NULL && OldCredential->UserName != NULL && _wcsicmp ( OldCredential->UserName, UserName ) == 0 )|| (Flags & CREDUI_FLAGS_KEEP_USERNAME ) ) { // don't do this save if the username matches the currently saved cred - we don't want a duplicate bDoSave = FALSE; } // alter the TargetName TargetName = UserName; TargetInfo->TargetName = TargetName; // don't set a TargetInfo for this pTargetInfo = NULL; NewCredential.Persist = CRED_PERSIST_ENTERPRISE; NewCredential.CredentialBlob = NULL; NewCredential.CredentialBlobSize = 0; NewCredential.TargetName = TargetName; NewCredential.Flags = CRED_FLAGS_USERNAME_TARGET; DelayCredentialWrite = FALSE; EncryptedVisiblePassword = FALSE; dwCredWriteFlags = 0; } } // // Write the credential to credential manager // // Don't delay actually writing the credential to cred man since we're not // returning the credential to the caller. // if ( bDoSave ) { error = WriteCred( TargetName, Flags, pTargetInfo, &NewCredential, dwCredWriteFlags, DelayCredentialWrite, EncryptedVisiblePassword); } else { error = ERROR_SUCCESS; } if ( error != NO_ERROR ) { CreduiDebugLog("CreduiPasswordDialog::HandleOk: " "WriteCred failed: " "%u\n", error); } if ((SecurityContext != NULL) && (error == ERROR_SUCCESS)) { BOOL isValidated = TRUE; if (!SetContextAttributes( SecurityContext, SECPKG_ATTR_USE_VALIDATED, &isValidated, sizeof isValidated)) { error = ERROR_GEN_FAILURE; } } // Clear any password from memory, and also make sure the credential blob // points to Password once again (in case it was set to NULL due to a zero // length blob): NewCredential.CredentialBlob = reinterpret_cast(Password); NewCredential.CredentialBlobSize = 0; return error; } //============================================================================= // CreduiPasswordDialog::Enable // // Enables or disables all the user controls in the dialog box. This allows us // to maintain dialog responsiveness, while waiting for some potentially // lengthy (network usually) operation to complete. // // Most controls are always enabled normally, but we need to track the state // of IDC_CRED and IDOK. Do this with a simple DWORD bitmask. // // NOTE: Allow Cancel to remain enabled, and use it to abort the current // lookup? This means we have to somehow kill the thread, though, or // maybe just leave it, and close our handle to it? // // Arguments: // enable (in) - TRUE to enable the controls, FALSE to disable. // // Created 04/07/2000 johnstep (John Stephens) //============================================================================= VOID CreduiPasswordDialog::Enable( BOOL enable ) { if (enable && (DisabledControlMask & DISABLED_DIALOG)) { DisabledControlMask &= ~DISABLED_DIALOG; EnableWindow(CredControlWindow, TRUE); if ( DialogWindow) { EnableWindow(GetDlgItem(DialogWindow, IDCANCEL), TRUE); if (!(DisabledControlMask & DISABLED_CONTROL_OK)) { EnableWindow(GetDlgItem(DialogWindow, IDOK), TRUE); } } } else if (!(DisabledControlMask & DISABLED_DIALOG)) { // Hide the balloon tip before disabling the window: DisabledControlMask |= DISABLED_DIALOG; EnableWindow(CredControlWindow, FALSE); if ( DialogWindow ) { EnableWindow(GetDlgItem(DialogWindow, IDCANCEL), FALSE); EnableWindow(GetDlgItem(DialogWindow, IDOK), FALSE); } } } //============================================================================= // CreduiPasswordDialog::SelectAndSetWindowCaption // // Created 03/10/2000 johnstep (John Stephens) //============================================================================= VOID CreduiPasswordDialog::SelectAndSetWindowCaption() { // // Command line doesn't have a caption // if ( !DialogWindow ) { return; } if (UiInfo.pszCaptionText != NULL) { SetWindowText(DialogWindow, UiInfo.pszCaptionText); } else { WCHAR captionText[256]; if ( CredCategory == DOMAIN_CATEGORY ) { if (TargetInfo != NULL) { if ((TargetInfo->DnsServerName != NULL) || (TargetInfo->NetbiosServerName == NULL)) { StringCchPrintfW( captionText, RTL_NUMBER_OF(captionText), CreduiStrings.DnsCaption, (TargetInfo->DnsServerName != NULL) ? TargetInfo->DnsServerName : TargetInfo->TargetName); } else if ((TargetInfo->NetbiosServerName != NULL) && (TargetInfo->NetbiosDomainName != NULL)) { StringCchPrintfW( captionText, RTL_NUMBER_OF(captionText), CreduiStrings.NetbiosCaption, TargetInfo->NetbiosServerName, TargetInfo->NetbiosDomainName); } else { StringCchPrintfW( captionText, RTL_NUMBER_OF(captionText), CreduiStrings.DnsCaption, TargetName); } } else { StringCchPrintfW( captionText, RTL_NUMBER_OF(captionText), CreduiStrings.DnsCaption, TargetName); } } else { StringCchPrintfW( captionText, RTL_NUMBER_OF(captionText), CreduiStrings.GenericCaption, TargetName); } SetWindowText(DialogWindow, captionText); } } //============================================================================= // CreduiPasswordDialog::ResizeDialogCallback // // Created 04/12/2000 johnstep (John Stephens) //============================================================================= BOOL CALLBACK CreduiPasswordDialog::ResizeDialogCallback( HWND childWindow, LPARAM lParam ) { CreduiPasswordDialog *that = reinterpret_cast(lParam); ASSERT(that != NULL); // // Command line doesn't care about window size // if ( that->DoingCommandLine ) { return TRUE; } HWND dialogWindow = GetParent(childWindow); if (dialogWindow == NULL) { // Stop enumeration because our window must have been destroyed or // something: return FALSE; } else if (dialogWindow == that->DialogWindow) { RECT childRect; GetWindowRect(childWindow, &childRect); // If this child window is below the message window, move it down: if (childRect.top >= that->ResizeTop) { MapWindowPoints ( NULL, dialogWindow, reinterpret_cast(&childRect.left), 2 ); SetWindowPos(childWindow, NULL, childRect.left, childRect.top + that->ResizeDelta, 0, 0, SWP_NOACTIVATE | SWP_NOSIZE | SWP_NOOWNERZORDER | SWP_NOZORDER); } } return TRUE; } //============================================================================= // CreduiPasswordDialog::SelectAndSetWindowMessage // // This function will also resize the dialog to accomodate very long message // text. The maximum number of lines allowed at once is // CREDUI_MAX_WELCOME_TEXT_LINES, and, beyond that, a scrollbar is added. // // Created 03/10/2000 johnstep (John Stephens) //============================================================================= VOID CreduiPasswordDialog::SelectAndSetWindowMessage() { HWND welcomeTextWindow = GetDlgItem(DialogWindow, IDC_WELCOME_TEXT); // // Command line doesn't have welcome text // if ( DoingCommandLine ) { return; } ASSERT(welcomeTextWindow != NULL); if (UiInfo.pszMessageText != NULL) { SetWindowText(welcomeTextWindow, UiInfo.pszMessageText); } else { WCHAR messageText[256]; if ( CredCategory == GENERIC_CATEGORY ) { if (UserName[0] == L'\0') { StringCchPrintfW( messageText, RTL_NUMBER_OF(messageText), CreduiStrings.Welcome, TargetName); } else { StringCchPrintfW( messageText, RTL_NUMBER_OF(messageText), CreduiStrings.WelcomeBack, TargetName); } } else { StringCchPrintfW( messageText, RTL_NUMBER_OF(messageText), CreduiStrings.Connecting, TargetName); } SetWindowText(welcomeTextWindow, messageText); } ULONG lineCount = (ULONG) SendMessage(welcomeTextWindow, EM_GETLINECOUNT, 0, 0); if (lineCount > 1) { if ( dwIDDResource == IDD_BRANDEDPASSWORD ) { // Different layout (text to side of graphic) RECT messageRect; // RECT for welcomeTextWindow ULONG lineHeight = 13; // Height of line in welcomeTextWindow DWORD lineIndex = 0; // Character index of first char in second line of welcomeTextWindow DWORD linePos = 0; // Position of first char in second line of welcomeTextWindow GetWindowRect(welcomeTextWindow, &messageRect); // We don't want to resize anything for the branded password dialog ResizeDelta = 0; ResizeTop = messageRect.bottom; // Get the first character index of the second line lineIndex = (DWORD)SendMessage(welcomeTextWindow, EM_LINEINDEX, 1, 0); if (lineIndex > -1) { // Get the position of the first character of the second line linePos = (ULONG)SendMessage(welcomeTextWindow, EM_POSFROMCHAR, lineIndex, 0); if (linePos) { // This is our line height lineHeight = (ULONG)HIWORD(linePos); } } if ((lineCount * lineHeight) > CREDUI_MAX_LOGO_HEIGHT) { // Add the scrollbar. Consider adjusting the formatting rectangle // of the edit control because, by default, it is adjusted to // allow just exactly enough room for the scrollbar. This means // text could potentially "touch" the scrollbar, which would look // bad. LONG_PTR style = GetWindowLongPtr(welcomeTextWindow, GWL_STYLE); SetWindowLongPtr(welcomeTextWindow, GWL_STYLE, style |= WS_VSCROLL); } SetWindowPos(welcomeTextWindow, NULL, 0, 0, messageRect.right - messageRect.left, messageRect.bottom - messageRect.top, SWP_FRAMECHANGED | SWP_NOACTIVATE | SWP_NOMOVE | SWP_NOOWNERZORDER | SWP_NOZORDER); } else { // normal layout (text below graphic) RECT messageRect; GetWindowRect(welcomeTextWindow, &messageRect); ULONG lineHeight = messageRect.bottom - messageRect.top; ResizeTop = messageRect.bottom; ResizeDelta = lineHeight * (min(CREDUI_MAX_WELCOME_TEXT_LINES, lineCount) - 1); messageRect.bottom += ResizeDelta; if (lineCount > CREDUI_MAX_WELCOME_TEXT_LINES) { // Add the scrollbar. Consider adjusting the formatting rectangle // of the edit control because, by default, it is adjusted to // allow just exactly enough room for the scrollbar. This means // text could potentially "touch" the scrollbar, which would look // bad. LONG_PTR style = GetWindowLongPtr(welcomeTextWindow, GWL_STYLE); SetWindowLongPtr(welcomeTextWindow, GWL_STYLE, style |= WS_VSCROLL); } SetWindowPos(welcomeTextWindow, NULL, 0, 0, messageRect.right - messageRect.left, messageRect.bottom - messageRect.top, SWP_FRAMECHANGED | SWP_NOACTIVATE | SWP_NOMOVE | SWP_NOOWNERZORDER | SWP_NOZORDER); } // Reposition all the other controls: EnumChildWindows(DialogWindow, ResizeDialogCallback, reinterpret_cast(this)); // Resize the dialog box now RECT dialogRect; GetWindowRect(DialogWindow, &dialogRect); SetWindowPos(DialogWindow, NULL, dialogRect.left, dialogRect.top - (ResizeDelta / 2), dialogRect.right - dialogRect.left, (dialogRect.bottom - dialogRect.top) + ResizeDelta, SWP_NOACTIVATE | SWP_NOOWNERZORDER | SWP_NOZORDER); ResizeTop = 0; ResizeDelta = 0; } } //============================================================================= // CreduiPasswordDialog::InitWindow // // Created 02/25/2000 johnstep (John Stephens) // // Initialize the window // // dialogWindow - Window handle //============================================================================= BOOL CreduiPasswordDialog::InitWindow(HWND dialogWindow) { // // Store this object's pointer in the user data window long: // SetWindowLongPtr(dialogWindow, GWLP_USERDATA, reinterpret_cast(this)); // // In the GUI case, remember the dialog box window // if ( !DoingCommandLine ) { DialogWindow = dialogWindow; // Get the window handles for the various controls: CredControlWindow = GetDlgItem(DialogWindow, IDC_CRED); // // In the command line case, remember the popup window // } else { CmdLineWindow = dialogWindow; // // Create a CredControlWindow // It isn't visible, but the existence of the window allows the command line // code to share logic with the GUI implementation // CredControlWindow = CreateWindowEx( WS_EX_NOPARENTNOTIFY, WC_CREDENTIAL, NULL, // No window name WS_CHILD | WS_GROUP, 0, 0, 0, 0, // No coordinates on the screen CmdLineWindow, // Parent window NULL, // No menu window CreduiInstance, NULL); if ( CredControlWindow == NULL) { return FALSE; } } ASSERT(CredControlWindow != NULL); // // First, initialize the Credential control window: // // Set the default style // if (Flags & CREDUI_FLAGS_REQUIRE_SMARTCARD) { CredControlStyle = CRS_SMARTCARDS; } else if (Flags & CREDUI_FLAGS_REQUIRE_CERTIFICATE) { CredControlStyle = CRS_CERTIFICATES | CRS_SMARTCARDS; } else if (Flags & CREDUI_FLAGS_EXCLUDE_CERTIFICATES) { CredControlStyle = CRS_USERNAMES; } else { CredControlStyle = CRS_USERNAMES | CRS_CERTIFICATES | CRS_SMARTCARDS; } if (Flags & CREDUI_FLAGS_KEEP_USERNAME ) { CredControlStyle |= CRS_KEEPUSERNAME; } // // If we have a target info, // refine the style to match match what the auth package needs // // If the auth package has no opinion of its needs, allow everything. // if ( CredCategory == DOMAIN_CATEGORY && TargetInfo != NULL && TargetInfo->CredTypeCount != 0 ) { ULONG AuthPackageStyle; AuthPackageStyle = 0; // // Loop through the supported cred types seeing what style the auth package supports // for (UINT i = 0; i < TargetInfo->CredTypeCount; ++i) { switch ( TargetInfo->CredTypes[i] ) { case CRED_TYPE_DOMAIN_CERTIFICATE: AuthPackageStyle |= CRS_CERTIFICATES | CRS_SMARTCARDS; break; case CRED_TYPE_DOMAIN_PASSWORD: case CRED_TYPE_DOMAIN_VISIBLE_PASSWORD: AuthPackageStyle |= CRS_USERNAMES; break; } } CredControlStyle &= (AuthPackageStyle | CRS_KEEPUSERNAME ); ASSERT( CredControlStyle != 0); } // // If the caller wants only administrators, // include that request in the style. // if (Flags & CREDUI_FLAGS_REQUEST_ADMINISTRATOR) { CredControlStyle |= CRS_ADMINISTRATORS; } // // If the caller asked to see the save checkbox, // and we're running in a session that supports saving, // include the save checkbox in the style // if ( (Flags & (CREDUI_FLAGS_DO_NOT_PERSIST|CREDUI_FLAGS_PERSIST)) == 0 && !(Flags & CREDUI_FLAGS_KEEP_USERNAME ) && MaximumPersist != CRED_PERSIST_NONE ) { CredControlStyle |= CRS_SAVECHECK; } // // If the caller wants us to prompt for saving and return the result to him, // include the save checkbox in the style // // This is for the occasion that an application uses credui to harvest credentials from the // user, and wants username, password, and save preference back. Credui, however, // is not to attempt to save the cred... that will be done by the application. // // TESTNOTE: Pass both flags, observe correct state returned by Save, but no call to // credwrite from credui. (Credui does not itself attempt to save the cred) // else if ( (Flags & (CREDUI_FLAGS_DO_NOT_PERSIST|CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX)) == (CREDUI_FLAGS_DO_NOT_PERSIST|CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX) && !(Flags & CREDUI_FLAGS_KEEP_USERNAME )) { CredControlStyle |= CRS_SAVECHECK; } // // If we're not displaying the save checkbox, // adust the size of the dialog box. // if ( (CredControlStyle & CRS_SAVECHECK) == 0 && DialogWindow != NULL ) { RECT rect; SetRect(&rect, 0, 0, 0, 0); rect.bottom = CREDUI_CONTROL_ADD_SAVE; MapDialogRect(DialogWindow, &rect); ResizeDelta = -rect.bottom; GetWindowRect(CredControlWindow, &rect); ResizeTop = rect.bottom; // Reposition all the other controls: EnumChildWindows(DialogWindow, ResizeDialogCallback, reinterpret_cast(this)); // Resize the dialog box now: GetWindowRect(DialogWindow, &rect); SetWindowPos(DialogWindow, NULL, rect.left, rect.top - (ResizeDelta / 2), rect.right - rect.left, (rect.bottom - rect.top) + ResizeDelta, SWP_NOACTIVATE | SWP_NOOWNERZORDER | SWP_NOZORDER); GetClientRect(CredControlWindow, &rect); SetWindowPos(CredControlWindow, NULL, 0, 0, rect.right - rect.left, (rect.bottom - rect.top) + ResizeDelta, SWP_NOMOVE | SWP_NOACTIVATE | SWP_NOOWNERZORDER | SWP_NOZORDER); ResizeTop = 0; ResizeDelta = 0; } if ( dwIDDResource == IDD_BRANDEDPASSWORD ) { // size the parts of the brand RECT rect; RECT rectleft; RECT rectright; RECT rectmid; HWND hwndRight = GetDlgItem(DialogWindow, IDC_BRANDRIGHT); HWND hwndMid = GetDlgItem(DialogWindow, IDC_BRANDMID); HWND hwndLeft = GetDlgItem(DialogWindow, IDC_BRANDLEFT); HBITMAP hBmp; GetWindowRect(hwndRight, &rect); // Load the images from files // We can't load them in the .rc because then we lose transparency hBmp = (HBITMAP)LoadImage(CreduiInstance, MAKEINTRESOURCE(IDB_BRANDRIGHT), IMAGE_BITMAP, 0, 0, LR_CREATEDIBSECTION); if (hBmp) { SendMessage(hwndRight, STM_SETIMAGE, (WPARAM)IMAGE_BITMAP, (LPARAM)hBmp); } hBmp = (HBITMAP)LoadImage(CreduiInstance, MAKEINTRESOURCE(IDB_BRANDMID), IMAGE_BITMAP, 0, 0, LR_CREATEDIBSECTION); if (hBmp) { if (hwndMid) { SendMessage(hwndMid, STM_SETIMAGE, (WPARAM)IMAGE_BITMAP, (LPARAM)hBmp); } } hBmp = (HBITMAP)LoadImage(CreduiInstance, MAKEINTRESOURCE(IDB_BRANDLEFT), IMAGE_BITMAP, 0, 0, LR_CREATEDIBSECTION); if (hBmp) { if (hwndLeft) { SendMessage(hwndLeft, STM_SETIMAGE, (WPARAM)IMAGE_BITMAP, (LPARAM)hBmp); } } rectright.bottom = rect.bottom; rectright.top = rect.bottom - BRANDRIGHT_PIXEL_HEIGHT; rectright.right = rect.right; rectright.left = rect.right - BRANDRIGHT_PIXEL_WIDTH; rectleft.bottom = rect.bottom; rectleft.top = rect.bottom - BRANDLEFT_PIXEL_HEIGHT; rectleft.left = rect.left; rectleft.right = rect.left + BRANDLEFT_PIXEL_WIDTH; MapWindowPoints(NULL, DialogWindow, (LPPOINT)&rectleft, 2); MapWindowPoints(NULL, DialogWindow, (LPPOINT)&rectright, 2); if ( rectleft.right >= rectright.left ) { // dialog is really narrow, just use rectright // hide the other two ShowWindow ( hwndMid, SW_HIDE ); ShowWindow ( hwndLeft, SW_HIDE ); } else { // calculate rectmid rectmid.bottom = rectleft.bottom; rectmid.top = rectleft.bottom - BRANDMID_PIXEL_HEIGHT; rectmid.left = rectleft.right; rectmid.right = rectright.left; // No need to MapWindowsPoints for rectmid, since it's base off of the already-mapped rects. SetWindowPos(hwndMid, NULL, rectmid.left, rectmid.top, rectmid.right - rectmid.left, rectmid.bottom - rectmid.top, SWP_NOACTIVATE | SWP_NOOWNERZORDER | SWP_NOZORDER); SetWindowPos(hwndLeft, NULL, rectleft.left, rectleft.top, rectleft.right - rectleft.left, rectleft.bottom - rectleft.top, SWP_NOACTIVATE | SWP_NOOWNERZORDER | SWP_NOZORDER); } SetWindowPos(hwndRight, NULL, rectright.left, rectright.top, rectright.right - rectright.left, rectright.bottom - rectright.top, SWP_NOACTIVATE | SWP_NOOWNERZORDER | SWP_NOZORDER); } // // Tell the control window the style flags and whether we're doing command line // if (!SendMessage(CredControlWindow, CRM_INITSTYLE, (WPARAM)(CredControlStyle), DoingCommandLine ) ) { return FALSE; } // If a custom banner bitmap was provided, set it now, and free the // default bitmap: if ( DialogWindow != NULL && UiInfo.hbmBanner != NULL) { HWND bannerControlWindow = GetDlgItem(DialogWindow, IDC_BANNER); ASSERT(bannerControlWindow != NULL); HBITMAP oldBitmap = reinterpret_cast( SendMessage( bannerControlWindow, STM_SETIMAGE, IMAGE_BITMAP, reinterpret_cast(UiInfo.hbmBanner))); ASSERT(oldBitmap != NULL); DeleteObject(static_cast(oldBitmap)); } else if ( DialogWindow != NULL && dwIDDResource == IDD_BRANDEDPASSWORD ) { // if it's branded and there's no banner, hide the banner control HWND bannerControlWindow = GetDlgItem(DialogWindow, IDC_BANNER); if (bannerControlWindow != NULL) { ShowWindow ( bannerControlWindow, SW_HIDE ); } } // Limit the number of characters entered into the user name and password // edit controls: Credential_SetUserNameMaxChars(CredControlWindow, UserNameMaxChars); Credential_SetPasswordMaxChars(CredControlWindow, PasswordMaxChars); SelectAndSetWindowCaption(); SelectAndSetWindowMessage(); // // Set the default check box states // Default to don't save. That ensures the user has to take an action to // change global state. // // // If the caller is specifying the default value of the checkbox, // grab that default // fInitialSaveState = FALSE; // Force initial save state to false if SSO if (Flags & CREDUI_FLAGS_SHOW_SAVE_CHECK_BOX) { if (dwIDDResource != IDD_BRANDEDPASSWORD) { fInitialSaveState = Save; } else { fInitialSaveState = FALSE; } // // Only save if credman is available // } else if ( MaximumPersist != CRED_PERSIST_NONE ) { // // If the caller is forcing the save flag on, // default the save flag to TRUE. // if ( Flags & CREDUI_FLAGS_PERSIST ) { fInitialSaveState = TRUE; } } Credential_CheckSave(CredControlWindow, fInitialSaveState); // Make sure the new password window is the foreground window, if // possible: if ( DialogWindow != NULL ) { AllowSetForegroundWindow(GetCurrentProcessId()); SetForegroundWindow(DialogWindow); AllowSetForegroundWindow(ASFW_ANY); } // NOTE: Do we really need the guest user name here? if ((TargetInfo != NULL) && (UserName[0] == L'\0')) { if (TargetInfo->Flags & CRED_TI_ONLY_PASSWORD_REQUIRED) { LPWSTR ServerName = NULL; if ( TargetInfo->NetbiosServerName != NULL ) { ServerName = TargetInfo->NetbiosServerName; } else if ( TargetInfo->DnsServerName != NULL && (TargetInfo->Flags & CRED_TI_SERVER_FORMAT_UNKNOWN) != 0 ) { ServerName = TargetInfo->DnsServerName; } if ( ServerName != NULL ) { LPWSTR GuestName; if ( !CreduiLookupLocalNameFromRid( DOMAIN_USER_RID_GUEST, &GuestName ) ) { GuestName = NULL; } StringCchPrintfW( UserName, UserNameMaxChars + 1, L"%s\\%s", ServerName, GuestName == NULL ? L"Guest" : GuestName); delete GuestName; } } else { if ( DialogWindow ) { EnableWindow(GetDlgItem(DialogWindow, IDOK), FALSE); } DisabledControlMask |= DISABLED_CONTROL_OK; } } if ((UserName[0] != L'\0') || (Password[0] != L'\0')) { // If this fails, it may be because the certificate was not found in // the store, so if this is a domain credential, use the password one, // if available: BOOL isMarshaled = LocalCredIsMarshaledCredentialW(UserName); if (Credential_SetUserName(CredControlWindow, UserName)) { if (!isMarshaled) { Credential_SetPassword(CredControlWindow, Password); } if (TargetInfo) { if (TargetInfo->Flags & CRED_TI_ONLY_PASSWORD_REQUIRED) { Credential_DisableUserName(CredControlWindow); // when disabling the username field, prepare to return no username to the caller if (Flags & CREDUI_FLAGS_PASSWORD_ONLY_OK) { fPasswordOnly = TRUE; CreduiDebugLog("CreduiPasswordDialog::InitWindow - Password only share\n"); } } } } else { if ( CredCategory == DOMAIN_CATEGORY && isMarshaled && (PasswordCredential != NULL)) { OldCredential = PasswordCredential; // Change as little as possible about the new credential // because we already selected the target name, etc.: if (OldCredential->UserName != NULL) { StringCchCopyW( UserName, UserNameMaxChars + 1, OldCredential->UserName); } else { UserName[0] = L'\0'; } Password[0] = L'\0'; Credential_SetPassword(CredControlWindow, Password); } else { UserName[0] = L'\0'; Password[0] = L'\0'; } } if (PasswordState == PASSWORD_UNINIT) { PasswordState = PASSWORD_INIT; } if (UserName[0] != L'\0') { Credential_SetPasswordFocus(CredControlWindow); if (Flags & CREDUI_FLAGS_INCORRECT_PASSWORD) { if (CreduiIsCapsLockOn()) { CredBalloon = &CreduiLogonCapsBalloon; } else { CredBalloon = &CreduiLogonBalloon; } } } } if (Flags & CREDUI_FLAGS_KEEP_USERNAME ) { // okay button should always be enabled for this case EnableWindow(GetDlgItem(DialogWindow, IDOK), TRUE); DisabledControlMask &= ~DISABLED_CONTROL_OK; } return TRUE; } //============================================================================= // CreduiPasswordDialog::CompleteUserName // // Searches the user name for a domain name, and determines whether this // specifies the target server or a domain. If a domain is not present in the // user name, add it if this is a workstation or no target information is // available. // // Returns TRUE if a domain was already present in the user name, or if we // added one. Otherwise, return FALSE. // // Created 03/10/2000 johnstep (John Stephens) //============================================================================= BOOL CreduiPasswordDialog::CompleteUserName() { return ::CompleteUserName( UserName, UserNameMaxChars, TargetInfo, TargetName, Flags); } //============================================================================= // CreduiPasswordDialog::SelectBestTargetName // // Given TargetInfo, this function determines the most general target name // possible, and stores the result in NewTargetName. If a target alias is // available (NetBIOS name for a DNS name), this will be stored in // NewTargetAlias. If the wildcard won't fit within the required string // length, then it is not used. // // If serverOnly then, use the target information form of the target name, // with the user-typed name as the alias. If unavailable, just use the user- // typed form with a NULL alias. // // Created 03/10/2000 johnstep (John Stephens) //============================================================================= VOID CreduiPasswordDialog::SelectBestTargetName( BOOL serverOnly ) { NET_API_STATUS NetStatus; BOOL usePrefixWildcard = TRUE; WCHAR *credName = NULL; LPWSTR DomainName = NULL; LPWSTR DnsDomainName = NULL; LPWSTR DnsForestName = NULL; LPWSTR ComputerName = NULL; BOOLEAN IsWorkgroupName; BOOLEAN AddWildcard = TRUE; // If serverOnly is passed, always use the new server-only behavior. if (serverOnly) { if (TargetInfo->TargetName != NULL) { credName = TargetInfo->TargetName; NewCredential.TargetAlias = TargetName; } else { credName = TargetName; NewCredential.TargetAlias = NULL; } ASSERT(credName != NULL); StringCchCopyW( NewTargetName, RTL_NUMBER_OF(NewTargetName), credName); return; } // Determine the maximum length name we can use for the wildcard case: const ULONG maxChars = ((sizeof NewTargetName) / (sizeof NewTargetName[0])) - 3; if (TargetInfo->Flags & CRED_TI_ONLY_PASSWORD_REQUIRED ) { serverOnly = TRUE; } // // If the auth package requires us to create a target info by an explicit name, // only use that name. // if ( TargetInfo->Flags & CRED_TI_CREATE_EXPLICIT_CRED ) { credName = TargetInfo->TargetName; AddWildcard = FALSE; } // // If this machine is a member of a domain, // and the target machine is a member of the same forest, // and the user is logged onto an account in the forest, // then this prompt must be because of an authorization issue. // // Avoid this check if a username was passed into the call // // Special case this and create a server specific credential // if ( credName == NULL && !serverOnly && UserName[0] == '\0' ) { BOOL MachineInSameForest = FALSE; BOOL UserUsingDomainAccount = FALSE; // // First determine if this machine is in the same forest as the target machine // NetStatus = NetpGetDomainNameExExEx ( &DomainName, &DnsDomainName, &DnsForestName, NULL, // Don't need the GUID &IsWorkgroupName ); if ( NetStatus == NO_ERROR && !IsWorkgroupName ) { // // check if the netbios domain names match // if ( TargetInfo->NetbiosDomainName != NULL && DomainName != NULL && _wcsicmp( TargetInfo->NetbiosDomainName, DomainName ) == 0 ) { MachineInSameForest = TRUE; // // check if the DNS domain names match // } else if ( TargetInfo->DnsDomainName != NULL && DnsDomainName != NULL && _wcsicmp( TargetInfo->DnsDomainName, DnsDomainName ) == 0 ) { MachineInSameForest = TRUE; // // handle the special domain format unknown case // } else if ( TargetInfo->DnsDomainName != NULL && DomainName != NULL && (TargetInfo->Flags & CRED_TI_DOMAIN_FORMAT_UNKNOWN) != 0 && _wcsicmp( TargetInfo->DnsDomainName, DomainName ) == 0 ) { MachineInSameForest = TRUE; // // handle the forest name // (Too bad this doesn't work for the other trees in the forest.) // } else if ( TargetInfo->DnsTreeName != NULL && DnsForestName != NULL && _wcsicmp( TargetInfo->DnsTreeName, DnsForestName ) == 0 ) { MachineInSameForest = TRUE; } } // // If this machine and target machine are in the same forest, // see if the user is logged onto an account that should have worked. // if ( MachineInSameForest ) { WCHAR UserNameBuffer[CRED_MAX_USERNAME_LENGTH+1]; ULONG UserNameLength = CRED_MAX_USERNAME_LENGTH+1; if ( GetUserNameEx( NameSamCompatible, UserNameBuffer, &UserNameLength ) ) { // // Parse off the netbios account domain name // LPWSTR SlashPointer; SlashPointer = wcsrchr( UserNameBuffer, L'\\' ); if ( SlashPointer != NULL ) { *SlashPointer = '\0'; // // Get the computer name of this machine // NetStatus = NetpGetComputerName( &ComputerName ); if ( NetStatus == NO_ERROR ) { // // If the netbios account domain doesn't match the local computer name, // then the user is logged onto an account in the forest. // Since trust within the forest is transitive, // these creds should have worked // if ( _wcsicmp( ComputerName, UserNameBuffer ) != 0 ) { UserUsingDomainAccount = TRUE; } } } } } // // If both conditions are true, // we should create a server only cred. // if ( MachineInSameForest && UserUsingDomainAccount ) { serverOnly = TRUE; } } // // Compute the most generic form of the target name // if ( credName == NULL && !serverOnly) { // Look for the most general name possible first, selecting DNS over // NetBIOS: if ((TargetInfo->DnsServerName != NULL) && (TargetInfo->DnsTreeName != NULL) && CreduiIsPostfixString(TargetInfo->DnsServerName, TargetInfo->DnsTreeName) && (wcslen(TargetInfo->DnsTreeName) <= maxChars)) { // Credential form: *.DnsTreeName credName = TargetInfo->DnsTreeName; } else if ((TargetInfo->DnsServerName != NULL) && (TargetInfo->DnsDomainName != NULL) && !(TargetInfo->Flags & CRED_TI_DOMAIN_FORMAT_UNKNOWN) && CreduiIsPostfixString(TargetInfo->DnsServerName, TargetInfo->DnsDomainName) && (wcslen(TargetInfo->DnsDomainName) <= maxChars)) { // Credential form: *.DnsDomainName credName = TargetInfo->DnsDomainName; } else { usePrefixWildcard = FALSE; // If we have a DNS domain name, and it is different from the // target name and different from the NetBIOS server, if it // exists, then use it: if ((TargetInfo->DnsDomainName != NULL) && (wcslen(TargetInfo->DnsDomainName) <= maxChars)) { // Credential form: DnsDomainName\* credName = TargetInfo->DnsDomainName; // Set the target alias, if we have one. Don't change the // field otherwise, because it may already have been stored in // the old credential which was copied over: if (TargetInfo->NetbiosDomainName != NULL) { ULONG append = wcslen(TargetInfo->NetbiosDomainName); if (append <= maxChars) { StringCchCopyW( NewTargetAlias, RTL_NUMBER_OF(NewTargetAlias), TargetInfo->NetbiosDomainName); NewTargetAlias[append + 0] = L'\\'; NewTargetAlias[append + 1] = L'*'; NewTargetAlias[append + 2] = L'\0'; NewCredential.TargetAlias = NewTargetAlias; } } } else if ((TargetInfo->NetbiosDomainName != NULL) && (wcslen(TargetInfo->NetbiosDomainName) <= maxChars)) { // Credential form: NetbiosDomainName\* credName = TargetInfo->NetbiosDomainName; } } } // // If we still don't have a target name, select a server target name: // if (credName == NULL) { if (TargetInfo->DnsServerName != NULL) { // Credential form: DnsServerName credName = TargetInfo->DnsServerName; // Set the target alias, if we have one. Don't change the field // otherwise, because it may already have been stored in the old // credential which was copied over: if (TargetInfo->NetbiosServerName != NULL) { NewCredential.TargetAlias = TargetInfo->NetbiosServerName; } } else if (TargetInfo->NetbiosServerName != NULL) { // Credential form: NetbiosServerName credName = TargetInfo->NetbiosServerName; } else { // Credential form: TargetName credName = TargetName; } AddWildcard = FALSE; } ASSERT( credName != NULL ); // // If the target name should be wildcarded, // add the wildcard // if ( AddWildcard ) { // Add the wildcard in the required format: if (usePrefixWildcard) { NewTargetName[0] = L'*'; NewTargetName[1] = L'.'; StringCchCopyW( NewTargetName + 2, maxChars + 1, credName); } else { StringCchCopyW( NewTargetName, maxChars + 1, credName); ULONG append = wcslen(NewTargetName); ASSERT(append <= maxChars); NewTargetName[append + 0] = L'\\'; NewTargetName[append + 1] = L'*'; NewTargetName[append + 2] = L'\0'; } } else { StringCchCopyW( NewTargetName, maxChars + 1, credName); } if ( DomainName != NULL ) { NetApiBufferFree( DomainName ); } if ( DnsDomainName != NULL ) { NetApiBufferFree( DnsDomainName ); } if ( DnsForestName != NULL ) { NetApiBufferFree( DnsForestName ); } if ( ComputerName != NULL ) { NetApiBufferFree( ComputerName ); } } //============================================================================= // CreduiPasswordDialog::UsernameHandleOk // // Do the username part of "HandleOk". The caller should already have filled in // UserName as typed by the user. On succes, UserName may be modified to reflect // completion flags. // // This part of HandleOk is split out because command line is considered to have two // OKs. The first is when the user hits 'enter' after typing the username. So // username validation happens then by calling this routine. // // Returns: // NO_ERROR: if the user name is OK. // ERROR_BAD_USERNAME: if the username syntax is bad // ERROR_DOWNGRADE_DETECTED: if the username doesn't match downgrade requirements // //============================================================================= DWORD CreduiPasswordDialog::UsernameHandleOk() { DWORD WinStatus; BOOL isMarshaled = LocalCredIsMarshaledCredentialW(UserName); CreduiDebugLog("UsernameHandleOK: Flags = %x\n",Flags); // // Compute the credential type based on the new username // if ( CredCategory != GENERIC_CATEGORY ) { if (isMarshaled) { NewCredential.Type = CRED_TYPE_DOMAIN_CERTIFICATE; } else { // ISSUE: large stack allocation SSOPACKAGE SSOPackage; // look in registry if ( GetSSOPackageInfo( TargetInfo, &SSOPackage ) ) { // it's an sso cred NewCredential.Type = CRED_TYPE_DOMAIN_VISIBLE_PASSWORD; MaximumPersist = MaximumPersistSso; } else { // just a regular domain cred NewCredential.Type = CRED_TYPE_DOMAIN_PASSWORD; } } // Set the flag for username target cred if ( CredCategory == USERNAME_TARGET_CATEGORY ) { NewCredential.Flags |= CRED_FLAGS_USERNAME_TARGET; } } else { NewCredential.Type = CRED_TYPE_GENERIC; } // // If the caller wanted the username validated, // do so now. // WinStatus = NO_ERROR; if ( NewCredential.Type == CRED_TYPE_DOMAIN_PASSWORD || (Flags & CREDUI_FLAGS_COMPLETE_USERNAME) != 0 ) { if ( !CompleteUserName() ) { WinStatus = ERROR_BAD_USERNAME; } } else if ( Flags & CREDUI_FLAGS_VALIDATE_USERNAME ) { WCHAR user[CREDUI_MAX_USERNAME_LENGTH+1]; WCHAR domain[CREDUI_MAX_USERNAME_LENGTH+1]; WinStatus = CredUIParseUserNameW( UserName, user, sizeof(user)/sizeof(WCHAR), domain, sizeof(domain)/sizeof(WCHAR) ); if (WinStatus != NO_ERROR) { WinStatus = ERROR_BAD_USERNAME; } } // // If all is good so far, // and we were originally called because of a downgrade detection, // and the user typed his logon creds, // fail so that the downgrade attacker doesn't "win". // if ( WinStatus == NO_ERROR && CREDUIP_IS_DOWNGRADE_ERROR( AuthError ) ) { WCHAR UserNameBuffer[CRED_MAX_USERNAME_LENGTH+1]; ULONG UserNameLength; // // If the typed name is the sam compatible name, // fail. // UserNameLength = sizeof(UserNameBuffer)/sizeof(WCHAR); if ( GetUserNameEx( NameSamCompatible, UserNameBuffer, &UserNameLength ) ) { if ( _wcsicmp( UserNameBuffer, UserName ) == 0 ) { WinStatus = ERROR_DOWNGRADE_DETECTED; } } // // If the typed name is the UPN, // fail. // UserNameLength = sizeof(UserNameBuffer)/sizeof(WCHAR); if ( WinStatus == NO_ERROR && wcsrchr( UserName, L'@' ) != NULL && GetUserNameEx( NameUserPrincipal, UserNameBuffer, &UserNameLength ) ) { if ( _wcsicmp( UserNameBuffer, UserName ) == 0 ) { WinStatus = ERROR_DOWNGRADE_DETECTED; } } } // if (NULL == UserName) CreduiDebugLog("Exit UsernameHandleOK: Username NULL, Flags = %x\n",Flags); // else CreduiDebugLog("Exit UsernameHandleOK: UserName = %S, Flags = %x\n", UserName, Flags); return WinStatus; } //============================================================================= // CreduiPasswordDialog::HandleOk // // Returns ERROR_SUCCESS on success, ERROR_NO_SUCH_LOGON_SESSION if credential // manager cannot be used to write the credential, or an error from CredWrite // or FinishHandleOk. // // Created 02/25/2000 johnstep (John Stephens) //============================================================================= DWORD CreduiPasswordDialog::HandleOk() { // Get the user name, password, and other settings from the dialog: if (!Credential_GetUserName(CredControlWindow, UserName, UserNameMaxChars)) { return ERROR_GEN_FAILURE; } #ifdef SETWILDCARD // if is wildcard cred, see if username entered in control matches the // cred username. If not, override the old credential. // gm 112901: Create a server specific cred on any username change on a cred // involving a wildcard //if ( CreduiIsSpecialCredential(&NewCredential) ) if ((NewCredential.TargetName != NULL) && (wcschr(NewCredential.TargetName,L'*'))) { if (0 != _wcsicmp(OldUserName,UserName) ) { // Change the TargetName from special cred to explicit target passed by caller ZeroMemory(&NewCredential,sizeof NewCredential); SetCredTargetFromInfo(); NewCredential.UserName = UserName; } } #endif // If we cannot get the password, then this is probably a certificate // so just set a blank password, which will result in no credential // blob: BOOL gotPassword = Credential_GetPassword(CredControlWindow, Password, PasswordMaxChars); if (!gotPassword) { Password[0] = L'\0'; } // // Get the state of the Save checkbox // if ( CredControlStyle & CRS_SAVECHECK ) { Save = Credential_IsSaveChecked(CredControlWindow); } else { // fInitialSaveState was set in InitWindow(), taking into account passed flags // and the state of the initial save variable. Save = fInitialSaveState; } DWORD error = ERROR_SUCCESS; if (!(Flags & CREDUI_FLAGS_DO_NOT_PERSIST)) { // // Only save the credential if the user checked the 'save' checkbox // if ( Save ) { // // Keep any existing persistence or use the maximum persistance available. // if (OldCredential != NULL) { NewCredential.Persist = OldCredential->Persist; } else { NewCredential.Persist = MaximumPersist; } // // The credential might still be saved if the caller didn't asked for the creds // to be returned. // // ISSUE-2000/12/04-CliffV: Such callers are buggy. We should assign bugs and get them fixed. // } else { NewCredential.Persist = CRED_PERSIST_SESSION; } if ( CredCategory == GENERIC_CATEGORY || PasswordState == PASSWORD_CHANGED ) { // Attempt to write the new credential, first get the length. The blob // does not include the terminating NULL: NewCredential.CredentialBlobSize = wcslen(Password) * sizeof (WCHAR); } else { NewCredential.CredentialBlobSize = 0; } // If the password is empty, there is nothing to write: if (NewCredential.CredentialBlobSize == 0) { NewCredential.CredentialBlob = NULL; } else { NewCredential.CredentialBlob = reinterpret_cast(Password); } } // // Validate the username // error = UsernameHandleOk(); // // Save the credentials as required // if (!(Flags & CREDUI_FLAGS_DO_NOT_PERSIST) && error == ERROR_SUCCESS ) { // // Only save the credential if the user checked the 'save' checkbox // // Also store them for callers that didn't ask for creds to be returned // // Also store them for Branded credenials // if ( Save || !DelayCredentialWrite || dwIDDResource == IDD_BRANDEDPASSWORD ) { error = FinishHandleOk(); // Bug 230648: CredWrite could come back with ERROR_INVALID_PASSWORD here } else if ( fInitialSaveState && !Save ) { // user unchecked the save box, delete the cred LocalCredDeleteW ( NewCredential.TargetName, NewCredential.Type, 0 ); } else { error = ERROR_SUCCESS; } if (error == ERROR_SUCCESS) { if ( DialogWindow ) { EndDialog(DialogWindow, IDOK); } return error; } else if (error == ERROR_NO_SUCH_LOGON_SESSION) { if ( DialogWindow ) { EndDialog(DialogWindow, IDCANCEL); } return error; } // can still fall out of this block with ERROR_INVALID_PASSWORD Credential_SetUserName(CredControlWindow, UserName); } // // If the credential couldn't be written, // let the user type a better one. // if ((error != ERROR_SUCCESS) && (error != ERROR_NO_SUCH_LOGON_SESSION)) { // For some reason we failed to write the credential: if ( error == ERROR_DOWNGRADE_DETECTED ) { SendMessage(CredControlWindow, CRM_SHOWBALLOON, 0, reinterpret_cast(&CreduiDowngradeBalloon)); } else if ( error == ERROR_INVALID_PASSWORD ) { // for now, use preexisting credui mechanism, though that may go away in // lieu of shell's global implementation using EM_SHOWBALLOONTIP Credential_ShowPasswordBalloon(CredControlWindow, TTI_INFO, CreduiStrings.PasswordTipTitle, CreduiStrings.PasswordTipText); } else { if ( dwIDDResource == IDD_BRANDEDPASSWORD ) { SendMessage(CredControlWindow, CRM_SHOWBALLOON, 0, reinterpret_cast(&CreduiEmailNameBalloon)); } else { SendMessage(CredControlWindow, CRM_SHOWBALLOON, 0, reinterpret_cast(&CreduiUserNameBalloon)); } } } return error; } DWORD CreduiPasswordDialog::CmdlinePasswordPrompt() /*++ Routine Description: Command line code get username and password as needed from the user. UserName and Password strings set in their respective controls. Arguments: None Return Values: Status of the operation. --*/ { DWORD WinStatus; WCHAR szMsg[CREDUI_MAX_CMDLINE_MSG_LENGTH + 1]; ULONG LocalUserNameLength = 0; WCHAR LocalPassword[CREDUI_MAX_PASSWORD_LENGTH + 1]; WCHAR LocalUserName[CREDUI_MAX_USERNAME_LENGTH + 1] = {0}; BOOL bNeedUserNamePrompt = FALSE; // // Get the username passed into the API // if (!Credential_GetUserName(CredControlWindow, UserName, UserNameMaxChars)) { UserName[0] = '\0'; } // FIX352582 - allow update of wildcard creds. Matched wildcard cred presents // username. User should see it and be able to override it. //bNeedUserNamePrompt = (UserName[0] == '\0'); // FIX 399728 - prevent username prompting if the name was passed explicitly if (fPassedUsername) bNeedUserNamePrompt = FALSE; else if (!(Flags & USERNAME_TARGET_CATEGORY)) bNeedUserNamePrompt = TRUE; // // Loop getting the username until the user types a valid one // while ( bNeedUserNamePrompt ) { // // Prompt for username // if (UserName[0] != 0) { WCHAR *rgsz[2]; rgsz[0] = UserName; rgsz[1] = TargetName; szMsg[0] = 0; FormatMessage(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_ARGUMENT_ARRAY, CreduiInstance, IDS_PASSEDNAME_PROMPT, 0, szMsg, CREDUI_MAX_CMDLINE_MSG_LENGTH, (va_list *) rgsz); } else { WCHAR *rgsz[2]; rgsz[0] = TargetName; rgsz[1] = 0; szMsg[0] = 0; FormatMessage(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_ARGUMENT_ARRAY, CreduiInstance, IDS_USERNAME_PROMPT, 0, szMsg, CREDUI_MAX_CMDLINE_MSG_LENGTH, (va_list *) rgsz); } szMsg[CREDUI_MAX_CMDLINE_MSG_LENGTH] = L'\0'; CredPutStdout( szMsg ); CredGetStdin( LocalUserName, UserNameMaxChars, TRUE ); LocalUserNameLength = wcslen( LocalUserName ); // If nothing entered and nothing passed, bail. // If nothing entered and a previous value exists, use previous value unchanged // else use overwrite old value with new value if ( LocalUserNameLength == 0 ) { if (UserName[0] == '\0') { WinStatus = ERROR_CANCELLED; goto Cleanup; } } else { StringCchCopyW( UserName, UserNameMaxChars, LocalUserName); } CreduiDebugLog("CreduiCredentialControl::CmdlinePasswordPrompt: " "Username : %S\n", UserName ); // // See if the username is valid (and optional complete the new name) // WinStatus = UsernameHandleOk(); if ( WinStatus != NO_ERROR ) { // invalid username, put up message and try again if ( WinStatus == ERROR_DOWNGRADE_DETECTED ) { szMsg[0] = 0; FormatMessage(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_ARGUMENT_ARRAY, CreduiInstance, IDS_DOWNGRADE_CMD_TEXT, 0, szMsg, CREDUI_MAX_CMDLINE_MSG_LENGTH, NULL); CredPutStdout(szMsg); UserName[0] = 0; } else { szMsg[0] = 0; FormatMessage(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_ARGUMENT_ARRAY, CreduiInstance, IDS_INVALID_USERNAME, 0, szMsg, CREDUI_MAX_CMDLINE_MSG_LENGTH, NULL); CredPutStdout(szMsg); UserName[0] = 0; } CredPutStdout( L"\n" ); continue; } // // Save the username in the control as though the GUI prompted for it // if ( !Credential_SetUserName( CredControlWindow, UserName ) ) { WinStatus = GetLastError(); CreduiDebugLog("CreduiCredentialControl::CmdlinePasswordPrompt: " "OnSetUserName failed: %u\n", WinStatus ); goto Cleanup; } break; } // // Prompt for a password // //FIX216477 detect marshalled name and change the prompt string // to a generic one for any certificate if (CredIsMarshaledCredentialW( UserName )) { { WCHAR *rgsz[2]; rgsz[0] = TargetName; szMsg[0] = 0; FormatMessage(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_ARGUMENT_ARRAY, CreduiInstance, IDS_CERTIFICATE_PROMPT, 0, szMsg, CREDUI_MAX_CMDLINE_MSG_LENGTH, (va_list *) rgsz); } } else if ((Flags & USERNAME_TARGET_CATEGORY) || (LocalUserNameLength != 0)) { WCHAR *rgsz[2]; rgsz[0] = TargetName; szMsg[0] = 0; FormatMessage(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_ARGUMENT_ARRAY, CreduiInstance, IDS_SIMPLEPASSWORD_PROMPT, 0, szMsg, CREDUI_MAX_CMDLINE_MSG_LENGTH, (va_list *) rgsz); } else { WCHAR *rgsz[2]; rgsz[0] = UserName; rgsz[1] = TargetName; szMsg[0] = 0; FormatMessage(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_ARGUMENT_ARRAY, CreduiInstance, IDS_PASSWORD_PROMPT, 0, szMsg, CREDUI_MAX_CMDLINE_MSG_LENGTH, (va_list *) rgsz); szMsg[CREDUI_MAX_CMDLINE_MSG_LENGTH] = L'\0'; } CredPutStdout( szMsg ); CredGetStdin( LocalPassword, CREDUI_MAX_PASSWORD_LENGTH, FALSE ); // // Save the password in the control as though the GUI prompted for it // if ( !Credential_SetPassword( CredControlWindow, LocalPassword ) ) { WinStatus = GetLastError(); CreduiDebugLog("CreduiCredentialControl::CmdlinePasswordPrompt: " "OnSetPassword failed: %u\n", WinStatus ); goto Cleanup; } WinStatus = NO_ERROR; // // Tell our parent window that we're done prompting // Cleanup: SecureZeroMemory(LocalPassword, sizeof LocalPassword); return WinStatus; } //============================================================================= // CreduiPasswordDialog::CmdLineMessageHandlerCallback // // // The command line message handler function // // Arguments: // Window (in) // message (in) // wParam (in) // lParam (in) // //============================================================================= LRESULT CALLBACK CreduiPasswordDialog::CmdLineMessageHandlerCallback( HWND window, UINT message, WPARAM wParam, LPARAM lParam ) { // CreduiDebugLog( "CmdLine Callback: %8.8lx %8.8lx %8.8lx\n", message, wParam, lParam ); // on window message, retrieve object ptr from window data ptr // call class object handler function. CreduiPasswordDialog *that = reinterpret_cast( GetWindowLongPtr(window, GWLP_USERDATA)); if (that != NULL) { ASSERT(window == that->CmdLineWindow); return that->CmdLineMessageHandler(message, wParam, lParam); } if (message == WM_CREATE) { DWORD WinStatus; LPCREATESTRUCT lpCreateStruct = (LPCREATESTRUCT)lParam; that = (CreduiPasswordDialog *)lpCreateStruct->lpCreateParams; if (that != NULL) { // // Initialize the window // if (!that->InitWindow( window )) { PostQuitMessage( ERROR_CANCELLED ); return 0; } SetWindowPos ( window, HWND_BOTTOM, 0,0,0,0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOZORDER | SWP_NOACTIVATE | SWP_FRAMECHANGED ); // // For passwords, // prompt here. // // It is better to prompt here than in the control window since // command line has to do user name completion and that is done at this layer. // if ( (that->Flags & CREDUI_FLAGS_REQUIRE_SMARTCARD) == 0 ) { WinStatus = that->CmdlinePasswordPrompt(); if ( WinStatus != NO_ERROR ) { PostQuitMessage( WinStatus ); return 0; } } // // For smartcards, // Prompt in the control window since it supports smart card enumeration // For password, // prompt where to save the cred. // WinStatus = (DWORD) SendMessage(that->CredControlWindow, CRM_DOCMDLINE, 0, (LPARAM)that->TargetName ); if ( WinStatus != NO_ERROR ) { PostQuitMessage( WinStatus ); return 0; } } return 0; } return DefWindowProc(window, message, wParam, lParam); } //============================================================================= // CreduiPasswordDialog::CmdLineMessageHandler // // Called from the control window callback to handle the window messages. // // Arguments: // message (in) // wParam (in) // lParam (in) // //============================================================================= LRESULT CreduiPasswordDialog::CmdLineMessageHandler( UINT message, WPARAM wParam, LPARAM lParam ) { return SendMessage( CredControlWindow, message, wParam, lParam ); } //============================================================================= // CreduiPasswordDialog::DialogMessageHandlerCallback // // This is the actual callback function for the dialog window. On the intial // create, this handles WM_INITDIALOG. After that, it is only responsible for // getting the this pointer and calling DialogMessageHandler. // // Arguments: // dialogWindow (in) // message (in) // wParam (in) // lParam (in) // // Returns TRUE if the message was handled or FALSE otherwise. FALSE is also // returned in special cases such as WM_INITDIALOG. // // Created 02/25/2000 johnstep (John Stephens) //============================================================================= INT_PTR CALLBACK CreduiPasswordDialog::DialogMessageHandlerCallback( HWND dialogWindow, UINT message, WPARAM wParam, LPARAM lParam ) { //CreduiDebugLog( "Dialog Callback: %8.8lx %8.8lx %8.8lx\n", message, wParam, lParam ); CreduiPasswordDialog *that = reinterpret_cast( GetWindowLongPtr(dialogWindow, GWLP_USERDATA)); if (that != NULL) { ASSERT(dialogWindow == that->DialogWindow); return that->DialogMessageHandler(message, wParam, lParam); } if (message == WM_INITDIALOG) { that = reinterpret_cast(lParam); if (that != NULL) { if (!that->InitWindow(dialogWindow)) { EndDialog(dialogWindow, IDCANCEL); } } } return FALSE; } //============================================================================= // CreduiPasswordDialog::DialogMessageHandler // // Called from the dialog window callback to handle the window messages. // // Arguments: // message (in) // wParam (in) // lParam (in) // // Returns TRUE if the message was handled or FALSE otherwise. // // Created 02/25/2000 johnstep (John Stephens) //============================================================================= INT_PTR CreduiPasswordDialog::DialogMessageHandler( UINT message, WPARAM wParam, LPARAM lParam ) { switch (message) { case WM_NOTIFY: { int idCtrl = (int)wParam; LPNMHDR pnmh = (LPNMHDR)lParam; switch (pnmh->code) { case NM_CLICK: case NM_RETURN: switch (idCtrl) { case IDC_GETALINK: { DWORD dwResult; if ( TryLauchRegWizard ( &SSOPackage, DialogWindow, TRUE /* HasLogonSession */, UserName, UserNameMaxChars, Password, PasswordMaxChars, &dwResult )) { // end dialog, Result if ( dwResult == ERROR_SUCCESS ) { EndDialog(DialogWindow, IDOK); return TRUE; } } else { // if we couldn't launch the wizard, try the web page. if ( wcslen(SSOPackage.szRegURL) > 0 ) { ShellExecute ( NULL, NULL, SSOPackage.szRegURL, NULL, NULL, SW_SHOWNORMAL ); } } } break; case IDC_HELPLINK: if ( wcslen(SSOPackage.szHelpURL) > 0 ) { ShellExecute ( NULL, NULL, SSOPackage.szHelpURL, NULL, NULL, SW_SHOWNORMAL ); } break; } } } break; case WM_COMMAND: switch (LOWORD(wParam)) { case IDOK: Result = HandleOk(); if (Result != ERROR_SUCCESS) { if (Result == ERROR_NO_SUCH_LOGON_SESSION) { wParam = IDCANCEL; } else { return TRUE; } } // Fall through... case IDCANCEL: EndDialog(DialogWindow, LOWORD(wParam)); return TRUE; case IDC_CRED: if (HIWORD(wParam) == CRN_USERNAMECHANGE) { BOOL enable = TRUE; LONG length = Credential_GetUserNameLength(CredControlWindow); // Validate the user name: if ( CredCategory == DOMAIN_CATEGORY && ((TargetInfo == NULL) || !(TargetInfo->Flags & CRED_TI_ONLY_PASSWORD_REQUIRED))) { enable = length > 0; } else { enable = length != -1; } if (enable) { EnableWindow(GetDlgItem(DialogWindow, IDOK), TRUE); DisabledControlMask &= ~DISABLED_CONTROL_OK; } else { EnableWindow(GetDlgItem(DialogWindow, IDOK), FALSE); DisabledControlMask |= DISABLED_CONTROL_OK; } } else if (HIWORD(wParam) == CRN_PASSWORDCHANGE) { if (PasswordState == PASSWORD_INIT) { PasswordState = PASSWORD_CHANGED; } } return TRUE; } break; case WM_ENTERSIZEMOVE: Credential_HideBalloon(CredControlWindow); return TRUE; case WM_PAINT: if (FirstPaint && GetUpdateRect(DialogWindow, NULL, FALSE)) { FirstPaint = FALSE; if (CredBalloon != NULL) { SendMessage(CredControlWindow, CRM_SHOWBALLOON, 0, reinterpret_cast(CredBalloon)); } CredBalloon = NULL; } break; } return FALSE; } // looks for an existing cred with the same name as that of pNewCredential and demotes it to // username only void DemoteOldDefaultSSOCred ( PCREDENTIAL_TARGET_INFORMATION pTargetInfo, // target info of new cred DWORD Flags ) { CREDENTIALW **credentialSet = NULL; DWORD count; if ( pTargetInfo == NULL ) return; if (LocalCredReadDomainCredentialsW( pTargetInfo, 0, &count, &credentialSet)) { PCREDENTIAL pOldCredential = NULL; for ( DWORD i = 0; i < count; i++ ) { #ifndef SETWILDCARD // // Ignore RAS and wildcard credentials, // we never want credUI to change such a credential. // if ( CreduiIsSpecialCredential(credentialSet[i]) ) { continue; } #endif // // CredReadDomain domain credentials returns creds in preference // order as specified by the TargetInfo. // So use the first valid one. // if ( credentialSet[i]->Type == CRED_TYPE_DOMAIN_VISIBLE_PASSWORD ) { pOldCredential = credentialSet[i]; break; } } if ( pOldCredential != NULL ) { // save this under the username pOldCredential->Persist = CRED_PERSIST_ENTERPRISE; pOldCredential->CredentialBlob = NULL; pOldCredential->CredentialBlobSize = 0; pOldCredential->TargetName = pOldCredential->UserName; pOldCredential->Flags = CRED_FLAGS_USERNAME_TARGET; WriteCred( pOldCredential->UserName, Flags, NULL, pOldCredential, 0, FALSE, FALSE); } } if (credentialSet != NULL) { LocalCredFree(static_cast(credentialSet)); } }