krb5 commit: Update kfw change password dialog
Benjamin Kaduk
kaduk at MIT.EDU
Tue Aug 28 16:30:22 EDT 2012
https://github.com/krb5/krb5/commit/16eb02cfaad02444e553c9a7af37917f02c60ba2
commit 16eb02cfaad02444e553c9a7af37917f02c60ba2
Author: Kevin Wasserman <kevin.wasserman at painless-security.com>
Date: Sun Jul 1 21:06:46 2012 -0400
Update kfw change password dialog
Use combined username/realm principal edit control.
Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
ticket: 7297 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
src/windows/leash/LeashView.cpp | 81 +++++++++++++-------
src/windows/leashdll/lsh_pwd.c | 159 +++++++--------------------------------
src/windows/leashdll/lsh_pwd.rc | 25 +++----
3 files changed, 91 insertions(+), 174 deletions(-)
diff --git a/src/windows/leash/LeashView.cpp b/src/windows/leash/LeashView.cpp
index 043ed5f..7b5ba17 100644
--- a/src/windows/leash/LeashView.cpp
+++ b/src/windows/leash/LeashView.cpp
@@ -1026,47 +1026,74 @@ VOID CLeashView::OnMakeDefault()
VOID CLeashView::OnChangePassword()
{
- if (!m_hWnd)
- {
- AfxMessageBox("There is a problem finding the Leash Window!",
- MB_OK|MB_ICONSTOP);
- return;
- }
+ krb5_context ctx;
+ krb5_ccache ccache = 0;
+ krb5_principal princ = 0;
+ char *pname = NULL;
+ char *username = NULL;
+ char *realm = NULL;
+ int code = 0;
- if (WaitForSingleObject( ticketinfo.lockObj, INFINITE ) != WAIT_OBJECT_0)
- throw("Unable to lock ticketinfo");
+ CCacheDisplayData *elem = m_ccacheDisplay;
+ while (elem != NULL) {
+ if (elem->m_selected) {
+ if (elem->m_ccacheName)
+ break;
+ }
+ elem = elem->m_next;
+ }
+ if (elem != NULL) {
+ code = pkrb5_init_context(&ctx);
+ if (code) {
+ // TODO: spew error
+ goto cleanup;
+ }
+ code = pkrb5_cc_resolve(ctx, elem->m_ccacheName, &ccache);
+ if (code) {
+ // TODO: spew error
+ goto cleanup;
+ }
+ code = pkrb5_cc_get_principal(ctx, ccache, &princ);
+ if (code) {
+ goto cleanup;
+ }
+ code = pkrb5_unparse_name(ctx, princ, &pname);
+ if (code) {
+ goto cleanup;
+ }
+ }
LSH_DLGINFO_EX ldi;
- char username[64];
- char realm[192];
- char * principal = ticketinfo.Krb5.principal;
- int i=0, j=0;
- if (principal)
- for (; principal[i] && principal[i] != '@'; i++)
- username[i] = principal[i];
- username[i] = '\0';
- if (principal && principal[i])
- for (i++ ; principal[i] ; i++, j++)
- realm[j] = principal[i];
- realm[j] = '\0';
- ReleaseMutex(ticketinfo.lockObj);
-
+ if (pname != NULL) {
+ username = pname;
+ realm = strchr(pname, '@');
+ if (realm != NULL)
+ *realm++ = '\0';
+ }
ldi.size = sizeof(ldi);
ldi.dlgtype = DLGTYPE_CHPASSWD;
ldi.title = ldi.in.title;
- strcpy(ldi.in.title,"Change Password");
+ strcpy_s(ldi.in.title, "MIT Kerberos: Change Password");
ldi.username = ldi.in.username;
- strcpy(ldi.in.username,username);
+ strcpy_s(ldi.in.username, username ? username : "");
ldi.realm = ldi.in.realm;
- strcpy(ldi.in.realm,realm);
+ strcpy_s(ldi.in.realm, realm ? realm : "");
ldi.use_defaults = 1;
int result = pLeash_changepwd_dlg_ex(m_hWnd, &ldi);
- if (-1 == result)
- {
+ if (-1 == result) {
AfxMessageBox("There is a problem changing password!",
MB_OK|MB_ICONSTOP);
}
+cleanup:
+ if (pname != NULL)
+ pkrb5_free_unparsed_name(ctx, pname);
+ if (princ != NULL)
+ pkrb5_free_principal(ctx, princ);
+ if (ccache != NULL)
+ pkrb5_cc_close(ctx, ccache);
+ if (ctx != NULL)
+ pkrb5_free_context(ctx);
}
static CCacheDisplayData **
diff --git a/src/windows/leashdll/lsh_pwd.c b/src/windows/leashdll/lsh_pwd.c
index 2afcc95..c45fa1c 100644
--- a/src/windows/leashdll/lsh_pwd.c
+++ b/src/windows/leashdll/lsh_pwd.c
@@ -38,6 +38,11 @@
#endif /* NO_KRB5 */
#include <commctrl.h>
+extern void * Leash_pec_create(HWND hEditCtl);
+extern void Leash_pec_destroy(void *pAutoComplete);
+extern void Leash_pec_add_principal(char *principal);
+extern void Leash_pec_clear_history(void *pec);
+
/* Global Variables. */
static long lsh_errno;
static char *err_context; /* error context */
@@ -1306,11 +1311,6 @@ AdjustOptions(HWND hDialog, int show, int hideDiff)
}
-extern void *Leash_pec_create(HWND hEditCtl);
-extern void Leash_pec_destroy(void *pAutoComplete);
-extern void Leasch_pec_add_principal(char *principal);
-extern void Leash_pec_clear_history(void *pec);
-
/* Callback function for the Authentication Dialog box that initializes and
renews tickets. */
@@ -1755,15 +1755,15 @@ NewPasswordProc(
)
{
static POINT Position = { -1, -1 };
- static char username[LEASH_USERNAME_SZ]="";
- static char realm[LEASH_REALM_SZ]="";
static char password[256]="";
static char password2[256]="";
static char password3[256]="";
static LPLSH_DLGINFO_EX lpdi;
static HWND hDlg=0;
+ static void *pAutoComplete = NULL;
char principal[256];
long realm_count = 0;
+ HWND hEditCtrl = NULL;
switch (message) {
@@ -1798,116 +1798,29 @@ NewPasswordProc(
SetProp(hDialog, "HANDLES_HELP", (HANDLE)1);
- if ( lpdi->size >= LSH_DLGINFO_EX_V3_SZ )
- lstrcpy(username, lpdi->in.username);
- else if (lpdi->username)
- lstrcpy(username, lpdi->username);
- if ( lpdi->size >= LSH_DLGINFO_EX_V3_SZ )
- lstrcpy(realm, lpdi->in.realm);
- else if (lpdi->realm)
- lstrcpy(realm, lpdi->realm);
+ if (lpdi->username != NULL && (strlen(lpdi->username) > 0) &&
+ lpdi->realm != NULL && (strlen(lpdi->realm) > 0)) {
+ sprintf_s(principal,
+ sizeof(principal), "%s@%s", lpdi->username, lpdi->realm);
+ } else {
+ principal[0] = 0;
+ }
- CSetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, username);
+ CSetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, principal);
CSetDlgItemText(hDialog, IDC_EDIT_PASSWORD, "");
CSetDlgItemText(hDialog, IDC_EDIT_PASSWORD2, "");
CSetDlgItemText(hDialog, IDC_EDIT_PASSWORD3, "");
+ hEditCtrl = GetDlgItem(hDialog, IDC_EDIT_PRINCIPAL);
+ if (hEditCtrl)
+ pAutoComplete = Leash_pec_create(hEditCtrl);
+
#if 0 /* 20030619 - mjv wishes to return to the default character */
/* echo spaces */
CSendDlgItemMessage(hDialog, IDC_EDIT_PASSWORD, EM_SETPASSWORDCHAR, 32, 0);
CSendDlgItemMessage(hDialog, IDC_EDIT_PASSWORD2, EM_SETPASSWORDCHAR, 32, 0);
CSendDlgItemMessage(hDialog, IDC_EDIT_PASSWORD3, EM_SETPASSWORDCHAR, 32, 0);
#endif
-
- /* Populate list of Realms */
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_RESETCONTENT, 0, 0);
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_LIMITTEXT, 192, 0);
-
- if (pprofile_get_subsection_names && pprofile_free_list) {
- const char* rootSection[] = {"realms", NULL};
- const char** rootsec = rootSection;
- char **sections = NULL, **cpp = NULL, *value = NULL;
-
- char krb5_conf[MAX_PATH+1];
-
- if (!GetProfileFile(krb5_conf,sizeof(krb5_conf))) {
- profile_t profile;
- long retval;
- const char *filenames[2];
-
- filenames[0] = krb5_conf;
- filenames[1] = NULL;
- retval = pprofile_init(filenames, &profile);
- if (!retval) {
- retval = pprofile_get_subsection_names(profile, rootsec, §ions);
-
- if (!retval)
- {
- for (cpp = sections; *cpp; cpp++)
- {
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)*cpp);
- realm_count++;
- }
- }
- pprofile_free_list(sections);
- pprofile_release(profile);
- }
- }
- } else {
- FILE * file;
- char krb_conf[MAX_PATH+1];
- char * p;
-
- if (!GetKrb4ConFile(krb_conf,sizeof(krb_conf)) &&
- (file = fopen(krb_conf, "rt")))
- {
- char lineBuf[256];
- // Skip the default realm
- readstring(file,lineBuf,sizeof(lineBuf));
-
- // Read the defined realms
- while (TRUE)
- {
- if (readstring(file,lineBuf,sizeof(lineBuf)) < 0)
- break;
-
- if (*(lineBuf + strlen(lineBuf) - 1) == '\r')
- *(lineBuf + strlen(lineBuf) - 1) = 0;
-
- for (p=lineBuf; *p ; p++)
- {
- if (isspace(*p)) {
- *p = 0;
- break;
- }
- }
-
- if ( strncmp(".KERBEROS.OPTION.",lineBuf,17) ) {
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)lineBuf);
- realm_count++;
- }
- }
-
- fclose(file);
- }
- }
- if (realm_count == 0)
- CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)realm);
-
- /* Select the default Realm */
- if (!realm[0] && hKrb5) {
- krb5_context ctx=0;
- char * def = 0;
- pkrb5_init_context(&ctx);
- pkrb5_get_default_realm(ctx,&def);
- if (def) {
- lstrcpy(realm, def);
- free(def);
- }
- pkrb5_free_context(ctx);
- }
- CSetDlgItemText(hDialog, IDC_COMBO_REALM, realm);
-
/* setup text of stuff. */
if (Position.x > 0 && Position.y > 0 &&
@@ -1943,6 +1856,10 @@ NewPasswordProc(
memset(password3,0,sizeof(password3));
RemoveProp(hDialog, "HANDLES_HELP");
EndDialog(hDialog, (int)lParam);
+ if (pAutoComplete != NULL) {
+ Leash_pec_destroy(pAutoComplete);
+ pAutoComplete = NULL;
+ }
return TRUE;
}
break;
@@ -1952,13 +1869,12 @@ NewPasswordProc(
int i = 0;
int bit8 = 0;
- CGetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, username, sizeof(username));
+ CGetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, principal, sizeof(principal));
CGetDlgItemText(hDialog, IDC_EDIT_PASSWORD, password, sizeof(password));
CGetDlgItemText(hDialog, IDC_EDIT_PASSWORD2, password2, sizeof(password2));
CGetDlgItemText(hDialog, IDC_EDIT_PASSWORD3, password3, sizeof(password3));
- CGetDlgItemText(hDialog, IDC_COMBO_REALM, realm, sizeof(realm));
- if (!username[0])
+ if (!principal[0])
{
MessageBox(hDialog, "You are not allowed to enter a "
"blank username.",
@@ -1966,20 +1882,6 @@ NewPasswordProc(
MB_OK | MB_ICONSTOP);
return TRUE;
}
- if (!realm[0])
- {
- MessageBox(hDialog, "You are not allowed to enter a "
- "blank realm.",
- "Invalid Principal",
- MB_OK | MB_ICONSTOP);
- return TRUE;
- }
-
- if (Leash_get_default_uppercaserealm())
- {
- // found
- strupr(realm);
- }
if (!password[0] || !password2[0] || !password3[0])
{
@@ -2022,8 +1924,6 @@ NewPasswordProc(
return TRUE;
}
- sprintf(principal,"%s@%s",username,realm);
-
lsh_errno = Leash_int_changepwd(principal, password, password2, 0, 1);
if (lsh_errno != 0)
{
@@ -2063,14 +1963,7 @@ NewPasswordProc(
#endif /* COMMENT */
return TRUE;
}
-
- if ( lpdi->size >= LSH_DLGINFO_EX_V2_SZ ) {
- strncpy(lpdi->out.username, username, LEASH_USERNAME_SZ);
- lpdi->out.username[LEASH_USERNAME_SZ-1] = 0;
- strncpy(lpdi->out.realm, realm, LEASH_REALM_SZ);
- lpdi->out.realm[LEASH_REALM_SZ-1] = 0;
- }
-
+ Leash_pec_add_principal(principal);
CloseMe(TRUE); /* success */
}
break;
diff --git a/src/windows/leashdll/lsh_pwd.rc b/src/windows/leashdll/lsh_pwd.rc
index 325cdb4..c12c548 100644
--- a/src/windows/leashdll/lsh_pwd.rc
+++ b/src/windows/leashdll/lsh_pwd.rc
@@ -127,30 +127,27 @@ BEGIN
RTEXT "Renewable Lifetime:",IDC_STATIC_RENEW,10,164,79,8
END
-IDD_PASSWORD DIALOG DISCARDABLE 0, 0, 382, 198
+IDD_PASSWORD DIALOG DISCARDABLE 0, 0, 382, 150
STYLE DS_MODALFRAME | DS_3DLOOK | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Change Password"
FONT 8, "Microsoft Sans Serif"
BEGIN
- EDITTEXT IDC_EDIT_PRINCIPAL,99,52,259,14,ES_AUTOHSCROLL
- EDITTEXT IDC_EDIT_PASSWORD,99,84,259,14,ES_PASSWORD |
+ EDITTEXT IDC_EDIT_PRINCIPAL,99,40,259,14,ES_AUTOHSCROLL
+ EDITTEXT IDC_EDIT_PASSWORD,99,60,259,14,ES_PASSWORD |
ES_AUTOHSCROLL
- EDITTEXT IDC_EDIT_PASSWORD2,99,112,259,14,ES_PASSWORD |
+ EDITTEXT IDC_EDIT_PASSWORD2,99,85,259,14,ES_PASSWORD |
ES_AUTOHSCROLL
- EDITTEXT IDC_EDIT_PASSWORD3,99,135,259,14,ES_PASSWORD |
+ EDITTEXT IDC_EDIT_PASSWORD3,99,105,259,14,ES_PASSWORD |
ES_AUTOHSCROLL
- COMBOBOX IDC_COMBO_REALM,99,67,259,79,CBS_DROPDOWN |
- CBS_AUTOHSCROLL | CBS_SORT | WS_VSCROLL | WS_TABSTOP
- DEFPUSHBUTTON "OK",IDOK,313,165,49,14
- PUSHBUTTON "Cancel",IDCANCEL,256,165,49,14
- RTEXT "Name:",IDC_STATIC_NAME,73,55,21,8
- RTEXT "Realm:",IDC_STATIC_REALM,72,71,23,8
- RTEXT "Old Password:",IDC_STATIC_PWD,19,85,74,21
+ DEFPUSHBUTTON "OK",IDOK,313,125,49,14
+ PUSHBUTTON "Cancel",IDCANCEL,256,125,49,14
+ RTEXT "Principal:",IDC_STATIC_NAME,22,43,74,12
+ RTEXT "Old Password:",IDC_STATIC_PWD,22,63,74,12
ICON LEASHICON,IDC_PICTURE_LEASH,15,15,20,20
LTEXT "Change your Kerberos password or phrase",
IDC_STATIC_NOTICE,48,20,276,8
- RTEXT "New Password:",IDC_STATIC_PWD2,23,112,74,16
- RTEXT "New Password (again):",IDC_STATIC_PWD3,22,135,74,18
+ RTEXT "New Password:",IDC_STATIC_PWD2,22,88,74,12
+ RTEXT "New Password (again):",IDC_STATIC_PWD3,22,108,74,12
END
More information about the cvs-krb5
mailing list