You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1533 lines
42 KiB
1533 lines
42 KiB
/*
|
|
File userdb.c
|
|
|
|
Implementation of the local user database object.
|
|
|
|
Paul Mayfield, 10/8/97
|
|
*/
|
|
|
|
#include "rassrv.h"
|
|
|
|
// Registry values
|
|
extern WCHAR pszregRasParameters[];
|
|
extern WCHAR pszregServerFlags[];
|
|
extern WCHAR pszregPure[];
|
|
|
|
// Cached values for users
|
|
typedef struct _RASSRV_USERINFO
|
|
{
|
|
HANDLE hUser; // Handle to user
|
|
PWCHAR pszName;
|
|
PWCHAR pszFullName; // Only loaded if requested
|
|
|
|
//gangz for secure password bug
|
|
//Change this for the new safe encoding password functions
|
|
WCHAR szPassword[PWLEN+1]; // Only non-null if this is new password to be committed
|
|
WCHAR wszPhoneNumber[MAX_PHONE_NUMBER_LEN + 1];
|
|
BYTE bfPrivilege;
|
|
BYTE bDirty;
|
|
|
|
} RASSRV_USERINFO;
|
|
|
|
// Structure used to implement/manipulate the local user database
|
|
typedef struct _RASSRV_USERDB
|
|
{
|
|
HANDLE hServer; // Handle to user server
|
|
DWORD dwUserCount; // Number of users in the database
|
|
DWORD dwCacheSize; // Number of users can be stored in cache
|
|
BOOL bEncrypt; // Whether encryption should be used
|
|
BOOL bDccBypass; // Whether dcc connections can bypass auth.
|
|
BOOL bPure; // Whether database is "Pure"
|
|
BOOL bEncSettingLoaded; // Whether we've read in the enc setting
|
|
BOOL bFlushOnClose;
|
|
RASSRV_USERINFO ** pUserCache; // Cache of users
|
|
|
|
} RASSRV_USERDB;
|
|
|
|
// Defines a callback for enumerating users. Returns TRUE to continue the enueration
|
|
// FALSE to stop it.
|
|
typedef
|
|
BOOL
|
|
(* pEnumUserCb)(
|
|
IN NET_DISPLAY_USER* pUser,
|
|
IN HANDLE hData);
|
|
|
|
// We use this to guess the size of the the user array
|
|
// (so we can grow it when new users are added)
|
|
#define USR_ARRAY_GROW_SIZE 50
|
|
|
|
// Dirty flags
|
|
#define USR_RASPROPS_DIRTY 0x1 // whether callback is dirty
|
|
#define USR_FULLNAME_DIRTY 0x2 // whether full name needs to be flushed
|
|
#define USR_PASSWORD_DIRTY 0x4 // whether password needs to be flushed
|
|
#define USR_ADD_DIRTY 0x8 // whether user needs to be added
|
|
|
|
// Helper macros for dealing with dirty flags
|
|
#define usrDirtyRasProps(pUser) ((pUser)->bDirty |= USR_RASPROPS_DIRTY)
|
|
#define usrDirtyFullname(pUser) ((pUser)->bDirty |= USR_FULLNAME_DIRTY)
|
|
#define usrDirtyPassword(pUser) ((pUser)->bDirty |= USR_PASSWORD_DIRTY)
|
|
#define usrDirtyAdd(pUser) ((pUser)->bDirty |= USR_ADD_DIRTY)
|
|
|
|
#define usrIsDirty(pUser) ((pUser)->bDirty)
|
|
#define usrIsRasPropsDirty(pUser) ((pUser)->bDirty & USR_RASPROPS_DIRTY)
|
|
#define usrIsFullNameDirty(pUser) ((pUser)->bDirty & USR_FULLNAME_DIRTY)
|
|
#define usrIsPasswordDirty(pUser) ((pUser)->bDirty & USR_PASSWORD_DIRTY)
|
|
#define usrIsAddDirty(pUser) ((pUser)->bDirty & USR_ADD_DIRTY)
|
|
|
|
#define usrClearDirty(pUser) ((pUser)->bDirty = 0)
|
|
#define usrClearRasPropsDirty(pUser) ((pUser)->bDirty &= ~USR_CALLBACK_DIRTY)
|
|
#define usrClearFullNameDirty(pUser) ((pUser)->bDirty &= ~USR_FULLNAME_DIRTY)
|
|
#define usrClearPasswordDirty(pUser) ((pUser)->bDirty &= ~USR_PASSWORD_DIRTY)
|
|
#define usrClearAddDirty(pUser) ((pUser)->bDirty &= ~USR_ADD_DIRTY)
|
|
|
|
#define usrFlagIsSet(_val, _flag) (((_val) & (_flag)) != 0)
|
|
#define usrFlagIsClear(_val, _flag) (((_val) & (_flag)) == 0)
|
|
|
|
//
|
|
// Reads in server flags and determines whether encrypted
|
|
// password and data are required.
|
|
//
|
|
// lpdwFlags is assigned one of the following on success
|
|
// 0 = data and pwd enc not required
|
|
// MPR_USER_PROF_FLAG_SECURE = data and pwd enc required
|
|
// MPR_USER_PROF_FLAG_UNDETERMINED = Can't say for sure
|
|
//
|
|
DWORD
|
|
usrGetServerEnc(
|
|
OUT LPDWORD lpdwFlags)
|
|
{
|
|
DWORD dwFlags = 0;
|
|
|
|
if (!lpdwFlags)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Read in the flags
|
|
RassrvRegGetDw(&dwFlags,
|
|
0,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregServerFlags);
|
|
|
|
// The following bits will be set for secure auth.
|
|
//
|
|
if (
|
|
(usrFlagIsSet (dwFlags, PPPCFG_NegotiateMSCHAP)) &&
|
|
(usrFlagIsSet (dwFlags, PPPCFG_NegotiateStrongMSCHAP)) &&
|
|
(usrFlagIsClear (dwFlags, PPPCFG_NegotiateMD5CHAP)) &&
|
|
(usrFlagIsClear (dwFlags, PPPCFG_NegotiateSPAP)) &&
|
|
(usrFlagIsClear (dwFlags, PPPCFG_NegotiateEAP)) &&
|
|
(usrFlagIsClear (dwFlags, PPPCFG_NegotiatePAP))
|
|
)
|
|
{
|
|
*lpdwFlags = MPR_USER_PROF_FLAG_SECURE;
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// The following bits will be set for insecure auth.
|
|
//
|
|
else if (
|
|
(usrFlagIsSet (dwFlags, PPPCFG_NegotiateMSCHAP)) &&
|
|
(usrFlagIsSet (dwFlags, PPPCFG_NegotiateStrongMSCHAP)) &&
|
|
(usrFlagIsSet (dwFlags, PPPCFG_NegotiateSPAP)) &&
|
|
(usrFlagIsSet (dwFlags, PPPCFG_NegotiatePAP)) &&
|
|
(usrFlagIsClear (dwFlags, PPPCFG_NegotiateEAP)) &&
|
|
(usrFlagIsClear (dwFlags, PPPCFG_NegotiateMD5CHAP))
|
|
)
|
|
{
|
|
*lpdwFlags = 0; // data and pwd enc not required
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Otherwise, we are undetermined
|
|
*lpdwFlags = MPR_USER_PROF_FLAG_UNDETERMINED;
|
|
return NO_ERROR;
|
|
}
|
|
|
|
//
|
|
// Sets the encryption policy for the server
|
|
//
|
|
DWORD
|
|
usrSetServerEnc(
|
|
IN DWORD dwFlags)
|
|
{
|
|
DWORD dwSvrFlags = 0;
|
|
|
|
// Read in the old flags
|
|
RassrvRegGetDw(&dwSvrFlags,
|
|
0,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregServerFlags);
|
|
|
|
// If the user requires encryption then set MSCHAP
|
|
// and CHAP as the only authentication types and
|
|
// set the ipsec flag.
|
|
if (dwFlags & MPR_USER_PROF_FLAG_SECURE)
|
|
{
|
|
dwSvrFlags |= PPPCFG_NegotiateMSCHAP;
|
|
dwSvrFlags |= PPPCFG_NegotiateStrongMSCHAP;
|
|
dwSvrFlags &= ~PPPCFG_NegotiateMD5CHAP;
|
|
dwSvrFlags &= ~PPPCFG_NegotiateSPAP;
|
|
dwSvrFlags &= ~PPPCFG_NegotiateEAP;
|
|
dwSvrFlags &= ~PPPCFG_NegotiatePAP;
|
|
}
|
|
|
|
// Otherwise, the user does require encryption,
|
|
// so enable all authentication types and disable
|
|
// the requirement to use IPSEC
|
|
else
|
|
{
|
|
dwSvrFlags &= ~PPPCFG_NegotiateMD5CHAP;
|
|
dwSvrFlags &= ~PPPCFG_NegotiateEAP;
|
|
dwSvrFlags |= PPPCFG_NegotiateMSCHAP;
|
|
dwSvrFlags |= PPPCFG_NegotiateStrongMSCHAP;
|
|
dwSvrFlags |= PPPCFG_NegotiateSPAP;
|
|
dwSvrFlags |= PPPCFG_NegotiatePAP;
|
|
}
|
|
|
|
// Commit changes to the registry
|
|
RassrvRegSetDw(dwSvrFlags,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregServerFlags);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Enumerates the local users
|
|
//
|
|
DWORD
|
|
usrEnumLocalUsers(
|
|
IN pEnumUserCb pCbFunction,
|
|
IN HANDLE hData)
|
|
{
|
|
DWORD dwErr, dwIndex = 0, dwCount = 100, dwEntriesRead, i;
|
|
NET_DISPLAY_USER * pUsers;
|
|
NET_API_STATUS nStatus;
|
|
RAS_USER_0 RasUser0;
|
|
HANDLE hUser = NULL, hServer = NULL;
|
|
|
|
// Enumerate the users,
|
|
while (TRUE)
|
|
{
|
|
// Read in the first block of user names
|
|
nStatus = NetQueryDisplayInformation(
|
|
NULL,
|
|
1,
|
|
dwIndex,
|
|
dwCount,
|
|
dwCount * sizeof(NET_DISPLAY_USER),
|
|
&dwEntriesRead,
|
|
&pUsers);
|
|
|
|
// Get out if there's an error getting user names
|
|
if ((nStatus != NERR_Success) &&
|
|
(nStatus != ERROR_MORE_DATA))
|
|
{
|
|
break;
|
|
}
|
|
|
|
// For each user read in, call the callback function
|
|
for (i = 0; i < dwEntriesRead; i++)
|
|
{
|
|
BOOL bOk;
|
|
|
|
//For whistler bug 243874 gangz
|
|
//On whistler Personal version, we wont show the Administrator
|
|
//in the user's listview on the Incoming connection's User Tab
|
|
//
|
|
|
|
if ( (DOMAIN_USER_RID_ADMIN == pUsers[i].usri1_user_id) &&
|
|
IsPersonalPlatform() )
|
|
{
|
|
continue;
|
|
}
|
|
|
|
bOk = (*pCbFunction)(&(pUsers[i]), hData);
|
|
if (bOk == FALSE)
|
|
{
|
|
nStatus = NERR_Success;
|
|
break;
|
|
}
|
|
}
|
|
|
|
// Set the index to read in the next set of users
|
|
dwIndex = pUsers[dwEntriesRead - 1].usri1_next_index;
|
|
|
|
// Free the users buffer
|
|
NetApiBufferFree (pUsers);
|
|
|
|
// If we've read in everybody, go ahead and break
|
|
if (nStatus != ERROR_MORE_DATA)
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Copies the data in pRassrvUser to its equivalent in UserInfo
|
|
DWORD
|
|
usrSyncRasProps(
|
|
IN RASSRV_USERINFO * pRassrvUser,
|
|
OUT RAS_USER_0 * UserInfo)
|
|
{
|
|
UserInfo->bfPrivilege = pRassrvUser->bfPrivilege;
|
|
lstrcpynW( UserInfo->wszPhoneNumber,
|
|
pRassrvUser->wszPhoneNumber,
|
|
MAX_PHONE_NUMBER_LEN);
|
|
UserInfo->wszPhoneNumber[MAX_PHONE_NUMBER_LEN] = (WCHAR)0;
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Commits the data for the given user to the local user database
|
|
DWORD
|
|
usrCommitRasProps(
|
|
IN RASSRV_USERINFO * pRassrvUser)
|
|
{
|
|
DWORD dwErr = NO_ERROR;
|
|
RAS_USER_0 UserInfo;
|
|
|
|
dwErr = usrSyncRasProps(pRassrvUser, &UserInfo);
|
|
if (dwErr != NO_ERROR)
|
|
return dwErr;
|
|
|
|
dwErr = MprAdminUserWrite(pRassrvUser->hUser, 0, (LPBYTE)&UserInfo);
|
|
if (dwErr != NO_ERROR)
|
|
DbgOutputTrace ("usrCommitRasProps: unable to commit %S (0x%08x)",
|
|
pRassrvUser->pszName, dwErr);
|
|
|
|
return dwErr;
|
|
}
|
|
|
|
// Simple bounds checking
|
|
BOOL
|
|
usrBoundsCheck(
|
|
IN RASSRV_USERDB * This,
|
|
IN DWORD dwIndex)
|
|
{
|
|
// Dwords are unsigned, so no need to check < 0
|
|
if (This->dwUserCount <= dwIndex)
|
|
return FALSE;
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
// Frees an array of users
|
|
DWORD
|
|
usrFreeUserArray(
|
|
IN RASSRV_USERINFO ** pUsers,
|
|
IN DWORD dwCount)
|
|
{
|
|
DWORD i;
|
|
|
|
if (!pUsers)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
for (i=0; i < dwCount; i++) {
|
|
if (pUsers[i]) {
|
|
if (pUsers[i]->hUser)
|
|
MprAdminUserClose(pUsers[i]->hUser);
|
|
if (pUsers[i]->pszName)
|
|
RassrvFree (pUsers[i]->pszName);
|
|
if (pUsers[i]->pszFullName)
|
|
RassrvFree (pUsers[i]->pszFullName);
|
|
|
|
//Wipe password before free memory, if CryptProtectData() is used
|
|
//this will also release the memory allocated by it
|
|
SafeWipePasswordBuf(pUsers[i]->szPassword);
|
|
|
|
RassrvFree(pUsers[i]);
|
|
}
|
|
|
|
}
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Standard user comparison function used for sorting
|
|
int _cdecl
|
|
usrCompareUsers(
|
|
IN const void * elem1,
|
|
IN const void * elem2)
|
|
{
|
|
RASSRV_USERINFO* p1 = *((RASSRV_USERINFO**)elem1);
|
|
RASSRV_USERINFO* p2 = *((RASSRV_USERINFO**)elem2);
|
|
|
|
return lstrcmpi(p1->pszName, p2->pszName);
|
|
}
|
|
|
|
// Returns whether a given user exists
|
|
BOOL
|
|
usrUserExists (
|
|
IN RASSRV_USERDB * This,
|
|
IN PWCHAR pszName)
|
|
{
|
|
DWORD i;
|
|
int iCmp;
|
|
|
|
for (i = 0; i < This->dwUserCount; i++) {
|
|
iCmp = lstrcmpi(This->pUserCache[i]->pszName, pszName);
|
|
if (iCmp == 0)
|
|
return TRUE;
|
|
if (iCmp > 0)
|
|
return FALSE;
|
|
}
|
|
|
|
return FALSE;
|
|
}
|
|
|
|
// Resorts the cache
|
|
DWORD
|
|
usrResortCache(
|
|
IN RASSRV_USERDB * This)
|
|
{
|
|
qsort(
|
|
This->pUserCache,
|
|
This->dwUserCount,
|
|
sizeof(RASSRV_USERINFO*),
|
|
usrCompareUsers);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Resizes the user cache to allow for added users
|
|
DWORD
|
|
usrResizeCache(
|
|
IN RASSRV_USERDB * This,
|
|
IN DWORD dwNewSize)
|
|
{
|
|
RASSRV_USERINFO ** pNewCache;
|
|
DWORD i;
|
|
|
|
// Only resize bigger (this could be changed)
|
|
if ((!This) || (dwNewSize <= This->dwCacheSize))
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Allocate the new cache
|
|
pNewCache = RassrvAlloc(dwNewSize * sizeof (RASSRV_USERINFO*), TRUE);
|
|
if (pNewCache == NULL)
|
|
return ERROR_NOT_ENOUGH_MEMORY;
|
|
|
|
// Copy over the old entries and free the old cache
|
|
if (This->pUserCache)
|
|
{
|
|
CopyMemory( (PVOID)pNewCache,
|
|
(CONST VOID *)(This->pUserCache),
|
|
This->dwCacheSize * sizeof(RASSRV_USERINFO*));
|
|
RassrvFree(This->pUserCache);
|
|
}
|
|
|
|
// Reassign the new cache and update the cache size
|
|
This->pUserCache = pNewCache;
|
|
This->dwCacheSize = dwNewSize;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Enumeration callback that adds users to the local database
|
|
// as they are read from the system.
|
|
BOOL
|
|
usrInitializeUser(
|
|
NET_DISPLAY_USER * pNetUser,
|
|
HANDLE hUserDatabase)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
RASSRV_USERINFO * pRasUser = NULL;
|
|
DWORD dwErr = NO_ERROR, dwSize;
|
|
RAS_USER_0 UserInfo;
|
|
|
|
// Make sure we have a valid database
|
|
if (!This)
|
|
{
|
|
return FALSE;
|
|
}
|
|
|
|
// Resize the cache to accomodate more users if needed
|
|
if (This->dwUserCount >= This->dwCacheSize)
|
|
{
|
|
dwErr = usrResizeCache(
|
|
This,
|
|
This->dwCacheSize + USR_ARRAY_GROW_SIZE);
|
|
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
return FALSE;
|
|
}
|
|
}
|
|
|
|
// Allocate this user
|
|
pRasUser = RassrvAlloc(sizeof(RASSRV_USERINFO), TRUE);
|
|
if (pRasUser == NULL)
|
|
{
|
|
return FALSE;
|
|
}
|
|
|
|
do
|
|
{
|
|
// Point to the user name
|
|
dwSize = (wcslen(pNetUser->usri1_name) + 1) * sizeof(WCHAR);
|
|
pRasUser->pszName = RassrvAlloc(dwSize, FALSE);
|
|
if (!pRasUser->pszName)
|
|
{
|
|
dwErr = ERROR_NOT_ENOUGH_MEMORY;
|
|
break;
|
|
}
|
|
wcscpy(pRasUser->pszName, pNetUser->usri1_name);
|
|
|
|
// Open the user handle
|
|
dwErr = MprAdminUserOpen (
|
|
This->hServer,
|
|
pRasUser->pszName,
|
|
&(pRasUser->hUser));
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
break;
|
|
}
|
|
|
|
// Get the ras user info
|
|
dwErr = MprAdminUserRead(pRasUser->hUser, 0, (LPBYTE)&UserInfo);
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
break;
|
|
}
|
|
|
|
// Clear any dirty flags
|
|
usrClearDirty(pRasUser);
|
|
|
|
// Copy the phone number
|
|
lstrcpynW(
|
|
pRasUser->wszPhoneNumber,
|
|
UserInfo.wszPhoneNumber,
|
|
MAX_PHONE_NUMBER_LEN);
|
|
pRasUser->wszPhoneNumber[MAX_PHONE_NUMBER_LEN] = (WCHAR)0;
|
|
|
|
// Copy the privelege flags
|
|
pRasUser->bfPrivilege = UserInfo.bfPrivilege;
|
|
|
|
// Assign the user in the cache
|
|
This->pUserCache[This->dwUserCount] = pRasUser;
|
|
|
|
// Update the user count
|
|
This->dwUserCount += 1;
|
|
|
|
} while (FALSE);
|
|
|
|
// Cleanup
|
|
{
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
if (pRasUser)
|
|
{
|
|
if (pRasUser->pszName)
|
|
{
|
|
RassrvFree(pRasUser->pszName);
|
|
}
|
|
|
|
RassrvFree(pRasUser);
|
|
}
|
|
}
|
|
}
|
|
|
|
return (dwErr == NO_ERROR) ? TRUE : FALSE;
|
|
}
|
|
|
|
//
|
|
// Loads the global encryption setting. Because the operation opens
|
|
// up .mdb files to read profiles, etc. it is put in its own function
|
|
// and is called only when absolutely needed.
|
|
//
|
|
DWORD
|
|
usrLoadEncryptionSetting(
|
|
IN RASSRV_USERDB * This)
|
|
{
|
|
DWORD dwErr = NO_ERROR;
|
|
DWORD dwSvrFlags, dwProfFlags;
|
|
|
|
if (This->bEncSettingLoaded)
|
|
{
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Read in the encryption setting by combining the
|
|
// server flags with the values in the default
|
|
// profile.
|
|
dwSvrFlags = MPR_USER_PROF_FLAG_UNDETERMINED;
|
|
dwProfFlags = MPR_USER_PROF_FLAG_UNDETERMINED;
|
|
|
|
MprAdminUserReadProfFlags (This->hServer, &dwProfFlags);
|
|
usrGetServerEnc (&dwSvrFlags);
|
|
|
|
// If both sources confirm the encryption requirement
|
|
// then we require encryption
|
|
if ((dwProfFlags & MPR_USER_PROF_FLAG_SECURE) &&
|
|
(dwSvrFlags & MPR_USER_PROF_FLAG_SECURE))
|
|
{
|
|
This->bEncrypt = TRUE;
|
|
}
|
|
else
|
|
{
|
|
This->bEncrypt = FALSE;
|
|
}
|
|
|
|
This->bEncSettingLoaded = TRUE;
|
|
|
|
return dwErr;
|
|
}
|
|
|
|
// Creates a user data base object, initializing it from the local
|
|
// user database and returning a handle to it.
|
|
DWORD
|
|
usrOpenLocalDatabase (
|
|
IN HANDLE * hUserDatabase)
|
|
{
|
|
RASSRV_USERDB * This = NULL;
|
|
DWORD dwErr;
|
|
|
|
if (!hUserDatabase)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Allocate the database
|
|
if ((This = RassrvAlloc(sizeof(RASSRV_USERDB), TRUE)) == NULL)
|
|
return ERROR_NOT_ENOUGH_MEMORY;
|
|
|
|
// Connect to the user server
|
|
dwErr = MprAdminUserServerConnect(NULL, TRUE, &(This->hServer));
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
RassrvFree(This);
|
|
return dwErr;
|
|
}
|
|
|
|
// Load in the data from the system
|
|
if ((dwErr = usrReloadLocalDatabase((HANDLE)This)) == NO_ERROR) {
|
|
*hUserDatabase = (HANDLE)This;
|
|
This->bFlushOnClose = FALSE;
|
|
return NO_ERROR;
|
|
}
|
|
|
|
DbgOutputTrace ("usrOpenLocalDb: unable to load user db 0x%08x",
|
|
dwErr);
|
|
|
|
RassrvFree(This);
|
|
*hUserDatabase = NULL;
|
|
|
|
return dwErr;
|
|
}
|
|
|
|
// Reloads the user information cached in the user database obj
|
|
// from the system. This can be used to implement a refresh in the ui.
|
|
//
|
|
DWORD
|
|
usrReloadLocalDatabase (
|
|
IN HANDLE hUserDatabase)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
DWORD dwErr;
|
|
|
|
// Validate
|
|
if (!This)
|
|
{
|
|
return ERROR_INVALID_PARAMETER;
|
|
}
|
|
|
|
// Cleanup the old database
|
|
if (This->pUserCache)
|
|
{
|
|
usrFreeUserArray(This->pUserCache, This->dwUserCount);
|
|
RassrvFree(This->pUserCache);
|
|
}
|
|
|
|
// The encryption setting is loaded on demand from the
|
|
// usrGetEncryption/usrSetEncryption api's. This is a performance
|
|
// tune so that the IC wizard wouldn't have to wait for
|
|
// the profile to be loaded even though it doesn't use the result.
|
|
|
|
// Read in the purity of the system
|
|
{
|
|
DWORD dwPure = 0;
|
|
|
|
RassrvRegGetDw(&dwPure,
|
|
0,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregPure);
|
|
|
|
if (dwPure == 1)
|
|
This->bPure = FALSE;
|
|
else
|
|
This->bPure = TRUE;
|
|
}
|
|
|
|
// Read in whether dcc connections can be bypassed
|
|
{
|
|
DWORD dwSvrFlags = 0;
|
|
|
|
RassrvRegGetDw(
|
|
&dwSvrFlags,
|
|
dwSvrFlags,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregServerFlags);
|
|
|
|
if (dwSvrFlags & PPPCFG_AllowNoAuthOnDCPorts)
|
|
This->bDccBypass = TRUE;
|
|
else
|
|
This->bDccBypass = FALSE;
|
|
}
|
|
|
|
// Enumerate the local users from the system adding them
|
|
// to this database.
|
|
dwErr = usrEnumLocalUsers(usrInitializeUser, hUserDatabase);
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
return NO_ERROR;
|
|
}
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Frees up the resources held by a user database object.
|
|
DWORD
|
|
usrCloseLocalDatabase (
|
|
IN HANDLE hUserDatabase)
|
|
{
|
|
DWORD i;
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
|
|
// Make sure we were passed a valid handle
|
|
if (!This)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// We're done if there are no users
|
|
if (!This->dwUserCount)
|
|
return NO_ERROR;
|
|
|
|
// Commit any settings as appropriate
|
|
if (This->bFlushOnClose)
|
|
usrFlushLocalDatabase(hUserDatabase);
|
|
|
|
// Free the user cache
|
|
usrFreeUserArray(This->pUserCache, This->dwUserCount);
|
|
RassrvFree(This->pUserCache);
|
|
|
|
// Disconnect from the user server
|
|
MprAdminUserServerDisconnect (This->hServer);
|
|
|
|
// Free This
|
|
RassrvFree(This);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Flushes the data written to the database object
|
|
DWORD
|
|
usrFlushLocalDatabase (
|
|
IN HANDLE hUserDatabase)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
RASSRV_USERINFO * pUser;
|
|
DWORD dwErr, dwRet = NO_ERROR, dwCount, i, dwLength;
|
|
|
|
dwErr = usrGetUserCount (This, &dwCount);
|
|
if (dwErr != NO_ERROR)
|
|
return dwErr;
|
|
|
|
for (i=0; i<dwCount; i++) {
|
|
pUser = This->pUserCache[i];
|
|
// Flush any dirty settings
|
|
if (usrIsDirty(pUser)) {
|
|
// Add the user to the local user database if it hasn't
|
|
// already been done
|
|
if (usrIsAddDirty(pUser))
|
|
{
|
|
|
|
//For secure password bug .Net 754400
|
|
SafeDecodePasswordBuf(pUser->szPassword);
|
|
dwErr = RasSrvAddUser (
|
|
pUser->pszName,
|
|
(pUser->pszFullName) ? pUser->pszFullName : L"",
|
|
(L'\0'!=pUser->szPassword[0]) ? pUser->szPassword : L"");
|
|
SafeEncodePasswordBuf(pUser->szPassword);
|
|
|
|
if (dwErr != NO_ERROR)
|
|
dwRet = dwErr;
|
|
|
|
// Now get the SDO handle to the user
|
|
// so we can commit ras properties below.
|
|
dwErr = MprAdminUserOpen (
|
|
This->hServer,
|
|
pUser->pszName,
|
|
&(pUser->hUser));
|
|
if (dwErr != NO_ERROR)
|
|
continue;
|
|
}
|
|
|
|
// Flush dirty callback properties
|
|
if (usrIsRasPropsDirty(pUser)) {
|
|
if ((dwErr = usrCommitRasProps(This->pUserCache[i])) != NO_ERROR)
|
|
dwRet = dwErr;
|
|
}
|
|
|
|
// Flush dirty password and full name settings
|
|
if (usrIsFullNameDirty(pUser) || usrIsPasswordDirty(pUser)) {
|
|
|
|
SafeDecodePasswordBuf(pUser->szPassword);
|
|
RasSrvEditUser (
|
|
pUser->pszName,
|
|
(usrIsFullNameDirty(pUser)) ? pUser->pszFullName : NULL,
|
|
(usrIsPasswordDirty(pUser)) ? pUser->szPassword : NULL);
|
|
|
|
SafeEncodePasswordBuf(pUser->szPassword);
|
|
}
|
|
|
|
// Reset the user as not being dirty
|
|
usrClearDirty(pUser);
|
|
}
|
|
}
|
|
|
|
// Flush the encryption setting if it has been read
|
|
if (This->bEncSettingLoaded)
|
|
{
|
|
DWORD dwFlags;
|
|
|
|
if (This->bEncrypt)
|
|
dwFlags = MPR_USER_PROF_FLAG_SECURE;
|
|
else
|
|
dwFlags = 0;
|
|
|
|
MprAdminUserWriteProfFlags (This->hServer, dwFlags);
|
|
usrSetServerEnc(dwFlags);
|
|
}
|
|
|
|
// Flush out the purity of the system
|
|
{
|
|
DWORD dwPure = 0;
|
|
|
|
if (This->bPure)
|
|
dwPure = 0;
|
|
else
|
|
dwPure = 1;
|
|
|
|
RassrvRegSetDw(dwPure,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregPure);
|
|
}
|
|
|
|
// Flush out whether dcc connections can be bypassed
|
|
{
|
|
DWORD dwSvrFlags = 0;
|
|
|
|
RassrvRegGetDw(
|
|
&dwSvrFlags,
|
|
dwSvrFlags,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregServerFlags);
|
|
|
|
if (This->bDccBypass)
|
|
dwSvrFlags |= PPPCFG_AllowNoAuthOnDCPorts;
|
|
else
|
|
dwSvrFlags &= ~PPPCFG_AllowNoAuthOnDCPorts;
|
|
|
|
RassrvRegSetDw(
|
|
dwSvrFlags,
|
|
(const PWCHAR)pszregRasParameters,
|
|
(const PWCHAR)pszregServerFlags);
|
|
}
|
|
|
|
|
|
return dwRet;
|
|
}
|
|
|
|
// Rolls back the local user database so that no
|
|
// changes will be committed when Flush is called.
|
|
DWORD
|
|
usrRollbackLocalDatabase (
|
|
IN HANDLE hUserDatabase)
|
|
{
|
|
DWORD i, dwIndex, dwErr;
|
|
BOOL bCommit;
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
|
|
if (!This)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
if (!This->dwUserCount)
|
|
return NO_ERROR;
|
|
|
|
// Go through the database, marking each user as not dirty
|
|
for (i = 0; i < This->dwUserCount; i++)
|
|
usrClearDirty(This->pUserCache[i]);
|
|
|
|
This->bFlushOnClose = FALSE;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
//
|
|
// Determines whether all users are required to encrypt
|
|
// their data and passwords.
|
|
//
|
|
DWORD usrGetEncryption (
|
|
IN HANDLE hUserDatabase,
|
|
OUT PBOOL pbEncrypted)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
|
|
if (!This)
|
|
{
|
|
return ERROR_INVALID_PARAMETER;
|
|
}
|
|
|
|
// Load in the encryption setting
|
|
usrLoadEncryptionSetting(This);
|
|
|
|
*pbEncrypted = This->bEncrypt;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Gets user encryption setting
|
|
DWORD
|
|
usrSetEncryption (
|
|
IN HANDLE hUserDatabase,
|
|
IN BOOL bEncrypt)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
|
|
if (!This)
|
|
{
|
|
return ERROR_INVALID_PARAMETER;
|
|
}
|
|
|
|
// Load in the encryption setting
|
|
usrLoadEncryptionSetting(This);
|
|
|
|
This->bEncrypt = bEncrypt;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Returns whether dcc connections are allowed to
|
|
// bypass authentication
|
|
DWORD
|
|
usrGetDccBypass (
|
|
IN HANDLE hUserDatabase,
|
|
OUT PBOOL pbBypass)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
if (!This)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
*pbBypass = This->bDccBypass;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Sets whether dcc connections are allowed to
|
|
// bypass authentication
|
|
DWORD
|
|
usrSetDccBypass (
|
|
IN HANDLE hUserDatabase,
|
|
IN BOOL bBypass)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
if (!This)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
This->bDccBypass = bBypass;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Reports whether the user database is pure. (i.e. nobody has
|
|
// gone into MMC and messed with it).
|
|
DWORD
|
|
usrIsDatabasePure (
|
|
IN HANDLE hUserDatabase,
|
|
OUT PBOOL pbPure)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
if (!This)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
*pbPure = This->bPure;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Marks the user database's purity
|
|
DWORD
|
|
usrSetDatabasePure(
|
|
IN HANDLE hUserDatabase,
|
|
IN BOOL bPure)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
if (!This)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
This->bPure = bPure;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Returns the number of users cached in this database
|
|
DWORD
|
|
usrGetUserCount (
|
|
IN HANDLE hUserDatabase,
|
|
OUT LPDWORD lpdwCount)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
if (!This || !lpdwCount)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
*lpdwCount = This->dwUserCount;
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Adds a user to the given database. This user will not be
|
|
// added to the system's local user database until this database
|
|
// object is flushed (and as long as Rollback is not called on
|
|
// this database object)
|
|
//
|
|
// On success, an optional handle to the user is returned
|
|
//
|
|
DWORD usrAddUser (
|
|
IN HANDLE hUserDatabase,
|
|
IN PWCHAR pszName,
|
|
OUT OPTIONAL HANDLE * phUser)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
RASSRV_USERINFO * pUser;
|
|
DWORD dwErr, dwLength;
|
|
|
|
// Validate the parameters
|
|
if (!This || !pszName)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// If the user already exists, don't add him
|
|
if (usrUserExists(This, pszName))
|
|
return ERROR_ALREADY_EXISTS;
|
|
|
|
// Resize the cache to accomodate if neccessary
|
|
if (This->dwUserCount + 1 >= This->dwCacheSize) {
|
|
dwErr = usrResizeCache(This, This->dwCacheSize + USR_ARRAY_GROW_SIZE);
|
|
if (dwErr != NO_ERROR)
|
|
return dwErr;
|
|
}
|
|
|
|
// Allocate the new user control block
|
|
if ((pUser = RassrvAlloc(sizeof(RASSRV_USERINFO), TRUE)) == NULL)
|
|
return ERROR_NOT_ENOUGH_MEMORY;
|
|
|
|
// Allocate space for the name
|
|
dwLength = wcslen(pszName);
|
|
pUser->pszName = RassrvAlloc((dwLength + 1) * sizeof(WCHAR), FALSE);
|
|
if (pUser->pszName == NULL)
|
|
return ERROR_NOT_ENOUGH_MEMORY;
|
|
|
|
// Copy the name
|
|
wcscpy(pUser->pszName, pszName);
|
|
|
|
// Enable the user for dialin by default
|
|
usrEnableDialin ((HANDLE)pUser, TRUE);
|
|
|
|
// Dirty the user
|
|
usrDirtyAdd(pUser);
|
|
usrDirtyRasProps(pUser);
|
|
|
|
// Put the user in the array and re-sort it
|
|
This->pUserCache[This->dwUserCount++] = pUser;
|
|
usrResortCache(This);
|
|
|
|
// Return the handle
|
|
if (phUser)
|
|
*phUser = (HANDLE)pUser;
|
|
|
|
//Need this zero memory to tell if a password is set in the future.
|
|
RtlSecureZeroMemory(pUser->szPassword,sizeof(pUser->szPassword));
|
|
|
|
//Other place will always assume the password is encrypted
|
|
//So encrypt even the empty password
|
|
SafeEncodePasswordBuf(pUser->szPassword);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Gives the count of users stored in the user database object
|
|
// Deletes the given user
|
|
DWORD
|
|
usrDeleteUser (
|
|
IN HANDLE hUserDatabase,
|
|
IN DWORD dwIndex)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
RASSRV_USERINFO * pUser;
|
|
DWORD dwErr, dwMoveElemCount;
|
|
|
|
// Validate the parameters
|
|
if (!This)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Bounds Check
|
|
if (!usrBoundsCheck(This, dwIndex))
|
|
return ERROR_INVALID_INDEX;
|
|
|
|
// Get a reference to the user in question and remove him
|
|
// from the cache
|
|
pUser = This->pUserCache[dwIndex];
|
|
|
|
//Need this to clear password area and any memory allocated(if CryptProtectData() is used)
|
|
//
|
|
SafeWipePasswordBuf(pUser->szPassword);
|
|
|
|
// Attempt to delete the user from the system
|
|
if ((dwErr = RasSrvDeleteUser(pUser->pszName)) != NO_ERROR)
|
|
return dwErr;
|
|
|
|
// Remove the user from the cache
|
|
This->pUserCache[dwIndex] = NULL;
|
|
|
|
// Pull down every thing in the cache so that there are no holes
|
|
dwMoveElemCount = This->dwUserCount - dwIndex;
|
|
if (dwMoveElemCount) {
|
|
MoveMemory(&(This->pUserCache[dwIndex]),
|
|
&(This->pUserCache[dwIndex + 1]),
|
|
dwMoveElemCount * sizeof(RASSRV_USERINFO*));
|
|
}
|
|
|
|
// Decrement the number of users
|
|
This->dwUserCount--;
|
|
|
|
// Cleanup the user
|
|
usrFreeUserArray(&pUser, 1);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Gives a handle to the user at the given index
|
|
DWORD
|
|
usrGetUserHandle (
|
|
IN HANDLE hUserDatabase,
|
|
IN DWORD dwIndex,
|
|
OUT HANDLE * hUser)
|
|
{
|
|
RASSRV_USERDB * This = (RASSRV_USERDB*)hUserDatabase;
|
|
if (!This || !hUser)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
if (!usrBoundsCheck(This, dwIndex))
|
|
return ERROR_INVALID_INDEX;
|
|
|
|
*hUser = (HANDLE)(This->pUserCache[dwIndex]);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Gets a pointer to the name of the user (do not modify this)
|
|
DWORD
|
|
usrGetName (
|
|
IN HANDLE hUser,
|
|
OUT PWCHAR* pszName)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
|
|
if (!pRassrvUser || !pszName)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
*pszName = pRassrvUser->pszName;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Fills the given buffer with a friendly display name
|
|
// (in the form username (fullname))
|
|
//*lpdwBuffSize is the number of Characters, NOT including the ending NULL
|
|
DWORD
|
|
usrGetDisplayName (
|
|
IN HANDLE hUser,
|
|
IN PWCHAR pszBuffer,
|
|
IN OUT LPDWORD lpdwBufSize)
|
|
{
|
|
RASSRV_USERINFO * pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
NET_API_STATUS nStatus;
|
|
DWORD dwUserNameLength, dwFullLength, dwSizeRequired;
|
|
WCHAR pszTemp[IC_USERFULLNAME]; // For whistler bug 39081 gangz
|
|
DWORD dwErr = NO_ERROR;
|
|
|
|
// Sanity check the params
|
|
if (!pRassrvUser || !pszBuffer || !lpdwBufSize)
|
|
{
|
|
return ERROR_INVALID_PARAMETER;
|
|
}
|
|
|
|
do
|
|
{
|
|
// Get the full name of the user
|
|
// For whistler bug 39081 gangz
|
|
// This is size in bytes
|
|
dwFullLength = sizeof(pszTemp)/sizeof(pszTemp[0]);
|
|
dwErr = usrGetFullName(hUser, pszTemp, &dwFullLength);
|
|
if (dwErr != NO_ERROR)
|
|
{
|
|
break;
|
|
}
|
|
|
|
// Make sure the buffer is big enough
|
|
dwUserNameLength = wcslen(pRassrvUser->pszName);
|
|
dwSizeRequired = dwUserNameLength +
|
|
dwFullLength +
|
|
((dwFullLength) ? 3 : 0);
|
|
if (*lpdwBufSize < dwSizeRequired)
|
|
{
|
|
dwErr = ERROR_INSUFFICIENT_BUFFER;
|
|
break;
|
|
}
|
|
|
|
if (dwFullLength)
|
|
{
|
|
wsprintfW(
|
|
pszBuffer,
|
|
L"%s (%s)",
|
|
pRassrvUser->pszName,
|
|
pszTemp);
|
|
}
|
|
else
|
|
{
|
|
wcscpy(pszBuffer, pRassrvUser->pszName);
|
|
}
|
|
|
|
} while (FALSE);
|
|
|
|
// Cleanup
|
|
{
|
|
// The number of characters required, NOT including ending NULL
|
|
*lpdwBufSize = dwSizeRequired;
|
|
}
|
|
|
|
return dwErr;
|
|
}
|
|
// Fills the given buffer with a friendly display name
|
|
// (in the form username (fullname))
|
|
// *lpdwBufSize is the number of characters, NOT including ending NULL
|
|
DWORD
|
|
usrGetFullName (
|
|
IN HANDLE hUser,
|
|
IN PWCHAR pszBuffer,
|
|
IN OUT LPDWORD lpdwBufSize)
|
|
{
|
|
RASSRV_USERINFO * pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
NET_API_STATUS nStatus;
|
|
USER_INFO_2 * pUserInfo = NULL;
|
|
DWORD dwLength;
|
|
PWCHAR pszFullName;
|
|
DWORD dwErr = NO_ERROR;
|
|
|
|
// Sanity check the params
|
|
if (!pRassrvUser || !pszBuffer || !lpdwBufSize)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// If the full name is already loaded, return it
|
|
if (pRassrvUser->pszFullName)
|
|
pszFullName = pRassrvUser->pszFullName;
|
|
|
|
// or if this is a new user, get the name from memory
|
|
else if (usrIsAddDirty(pRassrvUser)) {
|
|
pszFullName = (pRassrvUser->pszFullName) ?
|
|
pRassrvUser->pszFullName : L"";
|
|
}
|
|
|
|
// Load the full name of the user
|
|
else {
|
|
nStatus = NetUserGetInfo(
|
|
NULL,
|
|
pRassrvUser->pszName,
|
|
2,
|
|
(LPBYTE*)&pUserInfo);
|
|
if (nStatus != NERR_Success) {
|
|
DbgOutputTrace (
|
|
"usrGetFullName: %x returned from NetUserGetInfo for %S",
|
|
nStatus,
|
|
pRassrvUser->pszName);
|
|
return nStatus;
|
|
}
|
|
pszFullName = (PWCHAR)pUserInfo->usri2_full_name;
|
|
}
|
|
|
|
do
|
|
{
|
|
// Make sure the length is ok
|
|
dwLength = wcslen(pszFullName);
|
|
|
|
// Assign the full name here if it hasn't already been done
|
|
if (dwLength && !pRassrvUser->pszFullName)
|
|
{
|
|
DWORD dwSize = dwLength * sizeof(WCHAR) + sizeof(WCHAR);
|
|
pRassrvUser->pszFullName = RassrvAlloc(dwSize, FALSE);
|
|
if (pRassrvUser->pszFullName)
|
|
{
|
|
wcscpy(pRassrvUser->pszFullName, pszFullName);
|
|
}
|
|
}
|
|
|
|
// Check the size NOT including ending NULL
|
|
if (*lpdwBufSize < dwLength )
|
|
{
|
|
dwErr = ERROR_INSUFFICIENT_BUFFER;
|
|
break;
|
|
}
|
|
|
|
// Copy in the full name
|
|
wcscpy(pszBuffer, pszFullName);
|
|
|
|
} while (FALSE);
|
|
|
|
// Cleanup
|
|
{
|
|
// report the size in number of characters ( NOT include ending NULL)
|
|
*lpdwBufSize = dwLength;
|
|
if (pUserInfo)
|
|
{
|
|
NetApiBufferFree((LPBYTE)pUserInfo);
|
|
}
|
|
}
|
|
|
|
return dwErr;
|
|
}
|
|
|
|
// Commits the full name of a user
|
|
DWORD usrSetFullName (
|
|
IN HANDLE hUser,
|
|
IN PWCHAR pszFullName)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
DWORD dwLength;
|
|
|
|
if (!pRassrvUser || !pszFullName)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// If this is not a new name, don't do anything
|
|
if (pRassrvUser->pszFullName) {
|
|
if (wcscmp(pRassrvUser->pszFullName, pszFullName) == 0)
|
|
return NO_ERROR;
|
|
RassrvFree(pRassrvUser->pszFullName);
|
|
}
|
|
|
|
// Allocate a new one
|
|
dwLength = wcslen(pszFullName);
|
|
pRassrvUser->pszFullName = RassrvAlloc(dwLength * sizeof(WCHAR) + sizeof(WCHAR),
|
|
FALSE);
|
|
if (!pRassrvUser->pszFullName)
|
|
return ERROR_NOT_ENOUGH_MEMORY;
|
|
|
|
// Copy it over
|
|
wcscpy(pRassrvUser->pszFullName, pszFullName);
|
|
|
|
// Mark it dirty -- a newly added user has his/her full name commited
|
|
// whenever it exists automatically
|
|
if (!usrIsAddDirty(pRassrvUser))
|
|
usrDirtyFullname(pRassrvUser);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Commits the password of a user
|
|
//pszNewPassword is not encoded
|
|
DWORD
|
|
usrSetPassword (
|
|
IN HANDLE hUser,
|
|
IN PWCHAR pszNewPassword)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
DWORD dwLength;
|
|
|
|
if (!pRassrvUser || !pszNewPassword)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Cleanup the old password if it exists
|
|
SafeWipePasswordBuf(pRassrvUser->szPassword);
|
|
|
|
// Allocate a new one
|
|
dwLength = wcslen(pszNewPassword);
|
|
|
|
// Copy it over
|
|
lstrcpynW(pRassrvUser->szPassword, pszNewPassword,
|
|
sizeof(pRassrvUser->szPassword)/sizeof(pRassrvUser->szPassword[0]) );
|
|
|
|
// Encrypt it
|
|
SafeEncodePasswordBuf( pRassrvUser->szPassword );
|
|
|
|
// Mark it dirty -- a newly added user has his/her full name commited
|
|
// whenever it exists automatically
|
|
if (!usrIsAddDirty(pRassrvUser))
|
|
usrDirtyPassword(pRassrvUser);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Determines whether users have callback/dialin priveleges.
|
|
DWORD
|
|
usrGetDialin (
|
|
IN HANDLE hUser,
|
|
OUT BOOL* bEnabled)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
DWORD dwErr;
|
|
RAS_USER_0 UserInfo;
|
|
|
|
if (!pRassrvUser || !bEnabled)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Get the user info
|
|
*bEnabled = (pRassrvUser->bfPrivilege & RASPRIV_DialinPrivilege);
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Determines which if any callback priveleges are granted to a given user.
|
|
// Either (or both) of bAdminOnly and bUserSettable can be null
|
|
DWORD
|
|
usrGetCallback (
|
|
IN HANDLE hUser,
|
|
OUT BOOL* bAdminOnly,
|
|
OUT BOOL* bUserSettable)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
DWORD dwErr;
|
|
|
|
if (!pRassrvUser || !bAdminOnly || !bUserSettable)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Return whether we have callback privelege
|
|
if (bAdminOnly)
|
|
{
|
|
*bAdminOnly =
|
|
(pRassrvUser->bfPrivilege & RASPRIV_AdminSetCallback);
|
|
}
|
|
|
|
if (bUserSettable)
|
|
{
|
|
*bUserSettable =
|
|
(pRassrvUser->bfPrivilege & RASPRIV_CallerSetCallback);
|
|
}
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Enable/disable dialin privelege.
|
|
DWORD
|
|
usrEnableDialin (
|
|
IN HANDLE hUser,
|
|
IN BOOL bEnable)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
DWORD dwErr = NO_ERROR;
|
|
BOOL bIsEnabled;
|
|
|
|
if (!pRassrvUser)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// If the dialin privelege is already set as requested return success
|
|
bIsEnabled = pRassrvUser->bfPrivilege & RASPRIV_DialinPrivilege;
|
|
if ((!!bIsEnabled) == (!!bEnable))
|
|
return NO_ERROR;
|
|
|
|
// Otherwise reset the privelege
|
|
if (bEnable)
|
|
pRassrvUser->bfPrivilege |= RASPRIV_DialinPrivilege;
|
|
else
|
|
pRassrvUser->bfPrivilege &= ~RASPRIV_DialinPrivilege;
|
|
|
|
// Dirty the user (cause him/her to be flushed at apply time)
|
|
usrDirtyRasProps(pRassrvUser);
|
|
|
|
return dwErr;
|
|
}
|
|
|
|
// The flags are evaluated in the following order with whichever condition
|
|
// being satisfied fist defining the behavior of the function.
|
|
// bNone == TRUE => Callback is disabled for the user
|
|
// bCaller == TRUE => Callback is set to caller-settable
|
|
// bAdmin == TRUE => Callback is set to a predefine callback number set
|
|
// All 3 are FALSE => No op
|
|
DWORD
|
|
usrEnableCallback (
|
|
IN HANDLE hUser,
|
|
IN BOOL bNone,
|
|
IN BOOL bCaller,
|
|
IN BOOL bAdmin)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
DWORD dwErr = NO_ERROR;
|
|
BOOL bIsEnabled;
|
|
|
|
if (!pRassrvUser)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
if (bNone) {
|
|
pRassrvUser->bfPrivilege |= RASPRIV_NoCallback;
|
|
pRassrvUser->bfPrivilege &= ~RASPRIV_CallerSetCallback;
|
|
pRassrvUser->bfPrivilege &= ~RASPRIV_AdminSetCallback;
|
|
}
|
|
else if (bCaller) {
|
|
pRassrvUser->bfPrivilege &= ~RASPRIV_NoCallback;
|
|
pRassrvUser->bfPrivilege |= RASPRIV_CallerSetCallback;
|
|
pRassrvUser->bfPrivilege &= ~RASPRIV_AdminSetCallback;
|
|
}
|
|
else if (bAdmin) {
|
|
pRassrvUser->bfPrivilege &= ~RASPRIV_NoCallback;
|
|
pRassrvUser->bfPrivilege &= ~RASPRIV_CallerSetCallback;
|
|
pRassrvUser->bfPrivilege |= RASPRIV_AdminSetCallback;
|
|
}
|
|
else
|
|
return NO_ERROR;
|
|
|
|
// Dirty the user (cause him/her to be flushed at apply time)
|
|
usrDirtyRasProps(pRassrvUser);
|
|
|
|
return dwErr;
|
|
}
|
|
|
|
// Retreives a pointer to the callback number of the given user
|
|
DWORD
|
|
usrGetCallbackNumber(
|
|
IN HANDLE hUser,
|
|
OUT PWCHAR * lpzNumber)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
|
|
if (!pRassrvUser || !lpzNumber)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Return the pointer to the callback number
|
|
*lpzNumber = pRassrvUser->wszPhoneNumber;
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
// Sets the callback number of the given user. If lpzNumber is NULL,
|
|
// an empty phone number is copied.
|
|
DWORD
|
|
usrSetCallbackNumber(
|
|
IN HANDLE hUser,
|
|
IN PWCHAR lpzNumber)
|
|
{
|
|
RASSRV_USERINFO* pRassrvUser = (RASSRV_USERINFO*)hUser;
|
|
DWORD dwErr = NO_ERROR;
|
|
|
|
if (!pRassrvUser)
|
|
return ERROR_INVALID_PARAMETER;
|
|
|
|
// Modify the phone number appropriately
|
|
if (!lpzNumber)
|
|
wcscpy(pRassrvUser->wszPhoneNumber, L"");
|
|
else {
|
|
lstrcpynW(pRassrvUser->wszPhoneNumber, lpzNumber, MAX_PHONE_NUMBER_LEN);
|
|
pRassrvUser->wszPhoneNumber[MAX_PHONE_NUMBER_LEN] = (WCHAR)0;
|
|
}
|
|
|
|
// Dirty the user (cause him/her to be flushed at apply time)
|
|
usrDirtyRasProps(pRassrvUser);
|
|
|
|
return dwErr;
|
|
}
|
|
|
|
|
|
|
|
|