Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

VBoxCredProvCredential.cpp

Last change on this file was 98103, checked in by vboxsync, 16 months ago
Copyright year updates by scm.
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 41.2 KB

Line
1	/* $Id: VBoxCredProvCredential.cpp 98103 2023-01-17 14:15:46Z vboxsync $ */
2	/** @file
3	* VBoxCredProvCredential - Class for keeping and handling the passed credentials.
4	*/
5
6	/*
7	* Copyright (C) 2012-2023 Oracle and/or its affiliates.
8	*
9	* This file is part of VirtualBox base platform packages, as
10	* available from https://www.virtualbox.org.
11	*
12	* This program is free software; you can redistribute it and/or
13	* modify it under the terms of the GNU General Public License
14	* as published by the Free Software Foundation, in version 3 of the
15	* License.
16	*
17	* This program is distributed in the hope that it will be useful, but
18	* WITHOUT ANY WARRANTY; without even the implied warranty of
19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20	* General Public License for more details.
21	*
22	* You should have received a copy of the GNU General Public License
23	* along with this program; if not, see <https://www.gnu.org/licenses>.
24	*
25	* SPDX-License-Identifier: GPL-3.0-only
26	*/
27
28
29	/*********************************************************************************************************************************
30	* Header Files *
31	*********************************************************************************************************************************/
32	#ifndef WIN32_NO_STATUS
33	# include <ntstatus.h>
34	# define WIN32_NO_STATUS
35	#endif
36	#include <iprt/win/intsafe.h>
37
38	#include "VBoxCredentialProvider.h"
39
40	#include "VBoxCredProvProvider.h"
41	#include "VBoxCredProvCredential.h"
42	#include "VBoxCredProvUtils.h"
43
44	#include <lm.h>
45
46	#include <iprt/initterm.h>
47	#include <iprt/mem.h>
48	#include <iprt/string.h>
49	#include <iprt/utf16.h>
50
51
52
53
54	VBoxCredProvCredential::VBoxCredProvCredential(void)
55	: m_cRefs(1)
56	, m_enmUsageScenario(CPUS_INVALID)
57	, m_pEvents(NULL)
58	, m_fHaveCreds(false)
59	{
60	VBoxCredProvVerbose(0, "VBoxCredProvCredential: Created\n");
61	VBoxCredentialProviderAcquire();
62
63	for (unsigned i = 0; i < VBOXCREDPROV_NUM_FIELDS; i++)
64	{
65	const VBOXCREDPROV_FIELD *pField = &s_VBoxCredProvDefaultFields[i];
66
67	m_apwszFields[i] = RTUtf16Dup(pField->desc.pszLabel ? pField->desc.pszLabel : L"");
68	AssertPtr(m_apwszFields[i]);
69	}
70	}
71
72
73	VBoxCredProvCredential::~VBoxCredProvCredential(void)
74	{
75	VBoxCredProvVerbose(0, "VBoxCredProvCredential: Destroying\n");
76
77	Reset();
78
79	for (unsigned i = 0; i < VBOXCREDPROV_NUM_FIELDS; i++)
80	{
81	if (m_apwszFields[i])
82	{
83	RTUtf16Free(m_apwszFields[i]);
84	m_apwszFields[i] = NULL;
85	}
86	}
87
88	VBoxCredentialProviderRelease();
89	}
90
91
92	ULONG VBoxCredProvCredential::AddRef(void)
93	{
94	LONG cRefs = InterlockedIncrement(&m_cRefs);
95	VBoxCredProvVerbose(0, "VBoxCredProvCredential::AddRef: Returning refcount=%ld\n",
96	cRefs);
97	return cRefs;
98	}
99
100
101	ULONG VBoxCredProvCredential::Release(void)
102	{
103	LONG cRefs = InterlockedDecrement(&m_cRefs);
104	VBoxCredProvVerbose(0, "VBoxCredProvCredential::Release: Returning refcount=%ld\n",
105	cRefs);
106	if (!cRefs)
107	{
108	VBoxCredProvVerbose(0, "VBoxCredProvCredential: Calling destructor\n");
109	delete this;
110	}
111	return cRefs;
112	}
113
114
115	HRESULT VBoxCredProvCredential::QueryInterface(REFIID interfaceID, void **ppvInterface)
116	{
117	HRESULT hr = S_OK;;
118	if (ppvInterface)
119	{
120	if ( IID_IUnknown == interfaceID
121	\|\| IID_ICredentialProviderCredential == interfaceID)
122	{
123	ppvInterface = static_cast<IUnknown>(this);
124	reinterpret_cast<IUnknown>(ppvInterface)->AddRef();
125	}
126	else
127	{
128	*ppvInterface = NULL;
129	hr = E_NOINTERFACE;
130	}
131	}
132	else
133	hr = E_INVALIDARG;
134
135	return hr;
136	}
137
138
139	/**
140	* Assigns or copies a RTUTF16 string to a UNICODE_STRING.
141	*
142	* When fCopy is false, this does not copy its contents
143	* and only assigns its code points to the destination!
144	* When fCopy is true, the actual string buffer gets copied.
145	*
146	* Does not take terminating \0 into account.
147	*
148	* @return HRESULT
149	* @param pUnicodeDest Unicode string assigning the UTF16 string to.
150	* @param pwszSource UTF16 string to assign.
151	* @param fCopy Whether to just assign or copy the actual buffer
152	* contents from source -> dest.
153	*/
154	HRESULT VBoxCredProvCredential::RTUTF16ToUnicode(PUNICODE_STRING pUnicodeDest, PRTUTF16 pwszSource, bool fCopy)
155	{
156	AssertPtrReturn(pUnicodeDest, E_POINTER);
157	AssertPtrReturn(pwszSource, E_POINTER);
158
159	size_t cbLen = RTUtf16Len(pwszSource) * sizeof(RTUTF16);
160	AssertReturn(cbLen <= USHORT_MAX, E_INVALIDARG);
161
162	HRESULT hr;
163
164	if (fCopy)
165	{
166	if (cbLen <= pUnicodeDest->MaximumLength)
167	{
168	memcpy(pUnicodeDest->Buffer, pwszSource, cbLen);
169	pUnicodeDest->Length = (USHORT)cbLen;
170	hr = S_OK;
171	}
172	else
173	hr = E_INVALIDARG;
174	}
175	else /* Just assign the buffer. */
176	{
177	pUnicodeDest->Buffer = pwszSource;
178	pUnicodeDest->Length = (USHORT)cbLen;
179	hr = S_OK;
180	}
181
182	return hr;
183	}
184
185
186	/**
187	* Copies an UTF16 string into a PUNICODE_STRING by allocating space for it.
188	*
189	* @return HRESULT
190	* @param pUnicodeDest Where to store the copied (allocated) unicode string.
191	* @param pwszSource UTF16 string to copy.
192	*/
193	HRESULT VBoxCredProvCredential::RTUTF16ToUnicodeA(PUNICODE_STRING pUnicodeDest, PRTUTF16 pwszSource)
194	{
195	AssertPtrReturn(pUnicodeDest, E_POINTER);
196	AssertPtrReturn(pwszSource, E_POINTER);
197
198	size_t cbLen = RTUtf16Len(pwszSource) * sizeof(RTUTF16);
199
200	pUnicodeDest->Buffer = (LPWSTR)CoTaskMemAlloc(cbLen);
201
202	if (!pUnicodeDest->Buffer)
203	return E_OUTOFMEMORY;
204
205	pUnicodeDest->MaximumLength = (USHORT)cbLen;
206	pUnicodeDest->Length = 0;
207
208	return RTUTF16ToUnicode(pUnicodeDest, pwszSource, true /* fCopy */);
209	}
210
211
212	/**
213	* Frees a formerly allocated PUNICODE_STRING.
214	*
215	* @param pUnicode String to free.
216	*/
217	void VBoxCredProvCredential::UnicodeStringFree(PUNICODE_STRING pUnicode)
218	{
219	if (!pUnicode)
220	return;
221
222	if (pUnicode->Buffer)
223	{
224	Assert(pUnicode->MaximumLength);
225
226	/* Make sure to wipe contents before free'ing. */
227	RTMemWipeThoroughly(pUnicode->Buffer, pUnicode->MaximumLength /* MaximumLength is bytes! /, 3 / Passes */);
228
229	CoTaskMemFree(pUnicode->Buffer);
230	pUnicode->Buffer = NULL;
231	}
232
233	pUnicode->Length = 0;
234	pUnicode->MaximumLength = 0;
235	}
236
237
238	/**
239	* Creates a KERB_INTERACTIVE_LOGON structure with the given parameters.
240	* Must be destroyed with kerberosLogonDestroy().
241	*
242	* @return HRESULT
243	* @param pLogon Structure to create.
244	* @param enmUsage Intended usage of the structure.
245	* @param pwszUser User name to use.
246	* @param pwszPassword Password to use.
247	* @param pwszDomain Domain to use. Optional and can be NULL.
248	*/
249	HRESULT VBoxCredProvCredential::kerberosLogonCreate(KERB_INTERACTIVE_LOGON *pLogon,
250	CREDENTIAL_PROVIDER_USAGE_SCENARIO enmUsage,
251	PRTUTF16 pwszUser, PRTUTF16 pwszPassword, PRTUTF16 pwszDomain)
252	{
253	AssertPtrReturn(pLogon, E_INVALIDARG);
254	AssertPtrReturn(pwszUser, E_INVALIDARG);
255	AssertPtrReturn(pwszPassword, E_INVALIDARG);
256	/* pwszDomain is optional. */
257
258	HRESULT hr;
259
260	/* Do we have a domain name set? */
261	if ( pwszDomain
262	&& RTUtf16Len(pwszDomain))
263	{
264	hr = RTUTF16ToUnicodeA(&pLogon->LogonDomainName, pwszDomain);
265	}
266	else /* No domain (FQDN) given, try local computer name. */
267	{
268	WCHAR wszComputerName[MAX_COMPUTERNAME_LENGTH + 1];
269	DWORD cch = ARRAYSIZE(wszComputerName);
270	if (GetComputerNameW(wszComputerName, &cch))
271	{
272	/* Is a domain name missing? Then use the name of the local computer. */
273	hr = RTUTF16ToUnicodeA(&pLogon->LogonDomainName, wszComputerName);
274
275	VBoxCredProvVerbose(0, "VBoxCredProvCredential::kerberosLogonInit: Local computer name=%ls\n",
276	wszComputerName);
277	}
278	else
279	hr = HRESULT_FROM_WIN32(GetLastError());
280	}
281
282	/* Fill in the username and password. */
283	if (SUCCEEDED(hr))
284	{
285	hr = RTUTF16ToUnicodeA(&pLogon->UserName, pwszUser);
286	if (SUCCEEDED(hr))
287	{
288	hr = RTUTF16ToUnicodeA(&pLogon->Password, pwszPassword);
289	if (SUCCEEDED(hr))
290	{
291	/* Set credential type according to current usage scenario. */
292	switch (enmUsage)
293	{
294	case CPUS_UNLOCK_WORKSTATION:
295	pLogon->MessageType = KerbWorkstationUnlockLogon;
296	break;
297
298	case CPUS_LOGON:
299	pLogon->MessageType = KerbInteractiveLogon;
300	break;
301
302	case CPUS_CREDUI:
303	pLogon->MessageType = (KERB_LOGON_SUBMIT_TYPE)0; /* No message type required here. */
304	break;
305
306	default:
307	VBoxCredProvVerbose(0, "VBoxCredProvCredential::kerberosLogonInit: Unknown usage scenario=%ld\n",
308	enmUsage);
309	hr = E_FAIL;
310	break;
311	}
312	}
313	}
314	}
315
316	return hr;
317	}
318
319
320	/**
321	* Destroys a formerly created KERB_INTERACTIVE_LOGON structure.
322	*
323	* @param pLogon Structure to destroy.
324	*/
325	void VBoxCredProvCredential::kerberosLogonDestroy(KERB_INTERACTIVE_LOGON *pLogon)
326	{
327	if (!pLogon)
328	return;
329
330	UnicodeStringFree(&pLogon->UserName);
331	UnicodeStringFree(&pLogon->Password);
332	UnicodeStringFree(&pLogon->LogonDomainName);
333	}
334
335
336	HRESULT VBoxCredProvCredential::kerberosLogonSerialize(const KERB_INTERACTIVE_LOGON *pLogonIn,
337	PBYTE ppPackage, DWORD pcbPackage)
338	{
339	AssertPtrReturn(pLogonIn, E_INVALIDARG);
340	AssertPtrReturn(ppPackage, E_INVALIDARG);
341	AssertPtrReturn(pcbPackage, E_INVALIDARG);
342
343	/*
344	* First, allocate enough space for the logon structure itself and separate
345	* string buffers right after it to store the actual user, password and domain
346	* credentials.
347	*/
348	DWORD cbLogon = sizeof(KERB_INTERACTIVE_UNLOCK_LOGON)
349	+ pLogonIn->LogonDomainName.Length
350	+ pLogonIn->UserName.Length
351	+ pLogonIn->Password.Length;
352
353	#ifdef DEBUG /* Do not reveal any hints to credential data in release mode. */
354	VBoxCredProvVerbose(1, "VBoxCredProvCredential::AllocateLogonPackage: Allocating %ld bytes (%zu bytes credentials)\n",
355	cbLogon, cbLogon - sizeof(KERB_INTERACTIVE_UNLOCK_LOGON));
356	#endif
357
358	KERB_INTERACTIVE_UNLOCK_LOGON pLogon = (KERB_INTERACTIVE_UNLOCK_LOGON)CoTaskMemAlloc(cbLogon);
359	if (!pLogon)
360	return E_OUTOFMEMORY;
361
362	/* Make sure to zero everything first. */
363	RT_BZERO(pLogon, cbLogon);
364
365	/* Let our byte buffer point to the end of our allocated structure so that it can
366	* be used to store the credential data sequentially in a binary blob
367	* (without terminating \0). */
368	PBYTE pbBuffer = (PBYTE)pLogon + sizeof(KERB_INTERACTIVE_UNLOCK_LOGON);
369
370	/* The buffer of the packed destination string does not contain the actual
371	* string content but a relative offset starting at the given
372	* KERB_INTERACTIVE_UNLOCK_LOGON structure. */
373	#define KERB_CRED_INIT_PACKED(StringDst, StringSrc, LogonOffset) \
374	StringDst.Length = StringSrc.Length; \
375	StringDst.MaximumLength = StringSrc.Length; \
376	if (StringDst.Length) \
377	{ \
378	StringDst.Buffer = (PWSTR)pbBuffer; \
379	memcpy(StringDst.Buffer, StringSrc.Buffer, StringDst.Length); \
380	StringDst.Buffer = (PWSTR)(pbBuffer - (PBYTE)LogonOffset); \
381	pbBuffer += StringDst.Length; \
382	}
383
384	KERB_INTERACTIVE_LOGON *pLogonOut = &pLogon->Logon;
385
386	pLogonOut->MessageType = pLogonIn->MessageType;
387
388	KERB_CRED_INIT_PACKED(pLogonOut->LogonDomainName, pLogonIn->LogonDomainName, pLogon);
389	KERB_CRED_INIT_PACKED(pLogonOut->UserName , pLogonIn->UserName, pLogon);
390	KERB_CRED_INIT_PACKED(pLogonOut->Password , pLogonIn->Password, pLogon);
391
392	*ppPackage = (PBYTE)pLogon;
393	*pcbPackage = cbLogon;
394
395	#undef KERB_CRED_INIT_PACKED
396
397	return S_OK;
398	}
399
400
401	/**
402	* Returns the current value of a specific credential provider field.
403	*
404	* @return Pointer (const) to the credential provider field requested, or NULL if not found / invalid.
405	* @param dwFieldID Field ID of the credential provider field to get.
406	*/
407	PCRTUTF16 VBoxCredProvCredential::getField(DWORD dwFieldID)
408	{
409	if (dwFieldID >= VBOXCREDPROV_NUM_FIELDS)
410	return NULL;
411
412	/* Paranoia: Don't ever reveal passwords. */
413	if (dwFieldID == VBOXCREDPROV_FIELDID_PASSWORD)
414	return NULL;
415
416	return m_apwszFields[dwFieldID];
417	}
418
419
420	/**
421	* Sets a credential provider field by first zero'ing out its current content in a (hopefully) secure manner,
422	* then applying either the field's default or a new value.
423	*
424	* @return HRESULT
425	* @param dwFieldID Field ID of the credential provider field to reset.
426	* @param pcwszString String to set for the given field. Specify NULL for setting the provider's default value.
427	* @param fNotifyUI Whether to notify the LogonUI about the reset.
428	*/
429	HRESULT VBoxCredProvCredential::setField(DWORD dwFieldID, const PRTUTF16 pcwszString, bool fNotifyUI)
430	{
431	if (dwFieldID >= VBOXCREDPROV_NUM_FIELDS)
432	return E_INVALIDARG;
433
434	HRESULT hr = S_OK;
435
436	PRTUTF16 pwszField = m_apwszFields[dwFieldID];
437	if (pwszField)
438	{
439	/* First, wipe the existing value thoroughly. */
440	RTMemWipeThoroughly(pwszField, (RTUtf16Len(pwszField) + 1) * sizeof(RTUTF16), 3 /* Passes */);
441
442	/* Second, free the string. */
443	RTUtf16Free(pwszField);
444	}
445
446	/* Either fill in the default value or the one specified in pcwszString. */
447	pwszField = RTUtf16Dup(pcwszString ? pcwszString : s_VBoxCredProvDefaultFields[dwFieldID].desc.pszLabel);
448	if (pwszField)
449	{
450	m_apwszFields[dwFieldID] = pwszField; /* Update the pointer. */
451
452	if ( m_pEvents
453	&& fNotifyUI) /* Let the logon UI know if wanted. */
454	{
455	hr = m_pEvents->SetFieldString(this, dwFieldID, pwszField);
456	}
457	}
458	else
459	hr = E_OUTOFMEMORY;
460
461	VBoxCredProvVerbose(0, "VBoxCredProvCredential::setField: Setting field dwFieldID=%ld to '%ls', fNotifyUI=%RTbool, hr=0x%08x\n",
462	dwFieldID,
463	#ifdef DEBUG
464	pwszField,
465	#else
466	/* Don't show any passwords in release mode. */
467	dwFieldID == VBOXCREDPROV_FIELDID_PASSWORD ? L"XXX" : pwszField,
468	#endif
469	fNotifyUI, hr);
470	return hr;
471	}
472
473	/**
474	* Resets (wipes) stored credentials.
475	*
476	* @return HRESULT
477	*/
478	HRESULT VBoxCredProvCredential::Reset(void)
479	{
480	VBoxCredProvVerbose(0, "VBoxCredProvCredential::Reset: Wiping credentials user=%ls, pw=%ls, domain=%ls\n",
481	m_apwszFields[VBOXCREDPROV_FIELDID_USERNAME] ? m_apwszFields[VBOXCREDPROV_FIELDID_USERNAME] : L"<NULL>",
482	#ifdef DEBUG
483	m_apwszFields[VBOXCREDPROV_FIELDID_PASSWORD] ? m_apwszFields[VBOXCREDPROV_FIELDID_PASSWORD] : L"<NULL>",
484	#else
485	L"XXX" /* Don't show any passwords in release mode. */,
486	#endif
487	m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME] ? m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME] : L"<NULL>");
488
489	/* Note: Do not reset the user name and domain name here,
490	* as they could still being queried (again) by LogonUI on failed login attempts. */
491	HRESULT hr = setField(VBOXCREDPROV_FIELDID_PASSWORD, NULL /* Use default value /, true / fNotifyUI */);
492
493	m_fIsSelected = false;
494
495	VBoxCredProvVerbose(0, "VBoxCredProvCredential::Reset\n");
496	return hr;
497	}
498
499
500	/**
501	* Checks and retrieves credentials provided by the host + does account lookup on eventually
502	* renamed user accounts.
503	*
504	* @return IPRT status code.
505	*/
506	int VBoxCredProvCredential::RetrieveCredentials(void)
507	{
508	PRTUTF16 pwszUser = NULL;
509	PRTUTF16 pwszPassword = NULL;
510	PRTUTF16 pwszDomain = NULL;
511
512	int rc = VbglR3CredentialsQueryAvailability();
513	if (RT_SUCCESS(rc))
514	{
515	/*
516	* Set status to "terminating" to let the host know this module now
517	* tries to receive and use passed credentials so that credentials from
518	* the host won't be sent twice.
519	*/
520	VBoxCredProvReportStatus(VBoxGuestFacilityStatus_Terminating);
521
522	rc = VbglR3CredentialsRetrieveUtf16(&pwszUser, &pwszPassword, &pwszDomain);
523
524	VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Retrieved credentials with rc=%Rrc\n", rc);
525	}
526
527	if (RT_SUCCESS(rc))
528	{
529	VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Received credentials for user '%ls'\n", pwszUser);
530
531	/*
532	* In case we got a "display name" (e.g. "John Doe")
533	* instead of the real user name (e.g. "jdoe") we have
534	* to translate the data first ...
535	*/
536	PWSTR pwszExtractedName = NULL;
537	if ( TranslateAccountName(pwszUser, &pwszExtractedName)
538	&& pwszExtractedName)
539	{
540	VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Translated account name '%ls' -> '%ls'\n",
541	pwszUser, pwszExtractedName);
542
543	RTMemWipeThoroughly(pwszUser, (RTUtf16Len(pwszUser) + 1) * sizeof(RTUTF16), 3 /* Passes */);
544	RTUtf16Free(pwszUser);
545
546	pwszUser = RTUtf16Dup(pwszExtractedName);
547
548	CoTaskMemFree(pwszExtractedName);
549	pwszExtractedName = NULL;
550	}
551	else
552	{
553	/*
554	* Okay, no display name, but maybe it's a
555	* principal name from which we have to extract the domain from?
556	* (jdoe@my-domain.sub.net.com -> jdoe in domain my-domain.sub.net.com.)
557	*/
558	PWSTR pwszExtractedDomain = NULL;
559	if (ExtractAccountData(pwszUser, &pwszExtractedName, &pwszExtractedDomain))
560	{
561	/* Update user name. */
562	if (pwszExtractedName)
563	{
564	if (pwszUser)
565	{
566	RTMemWipeThoroughly(pwszUser, (RTUtf16Len(pwszUser) + 1) * sizeof(RTUTF16), 3 /* Passes */);
567	RTUtf16Free(pwszUser);
568	}
569
570	pwszUser = RTUtf16Dup(pwszExtractedName);
571
572	CoTaskMemFree(pwszExtractedName);
573	pwszExtractedName = NULL;
574	}
575
576	/* Update domain. */
577	if (pwszExtractedDomain)
578	{
579	if (pwszDomain)
580	{
581	RTMemWipeThoroughly(pwszDomain, (RTUtf16Len(pwszDomain) + 1) * sizeof(RTUTF16), 3 /* Passes */);
582	RTUtf16Free(pwszDomain);
583	}
584
585	pwszDomain = RTUtf16Dup(pwszExtractedDomain);
586
587	CoTaskMemFree(pwszExtractedDomain);
588	pwszExtractedDomain = NULL;
589	}
590
591	VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Extracted account name '%ls' + domain '%ls'\n",
592	pwszUser ? pwszUser : L"<NULL>", pwszDomain ? pwszDomain : L"<NULL>");
593	}
594	}
595
596	m_fHaveCreds = true;
597	}
598
599	if (m_fHaveCreds)
600	{
601	VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Setting fields\n");
602
603	setField(VBOXCREDPROV_FIELDID_USERNAME, pwszUser, true /* fNotifyUI */);
604	setField(VBOXCREDPROV_FIELDID_PASSWORD, pwszPassword, true /* fNotifyUI */);
605	setField(VBOXCREDPROV_FIELDID_DOMAINNAME, pwszDomain, true /* fNotifyUI */);
606	}
607
608	VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Wiping ...\n");
609
610	VbglR3CredentialsDestroyUtf16(pwszUser, pwszPassword, pwszDomain, 3 /* cPasses */);
611
612	VBoxCredProvVerbose(0, "VBoxCredProvCredential::RetrieveCredentials: Returned rc=%Rrc\n", rc);
613	return rc;
614	}
615
616
617	/**
618	* Initializes this credential with the current credential provider
619	* usage scenario.
620	*/
621	HRESULT VBoxCredProvCredential::Initialize(CREDENTIAL_PROVIDER_USAGE_SCENARIO enmUsageScenario)
622	{
623	VBoxCredProvVerbose(0, "VBoxCredProvCredential::Initialize: enmUsageScenario=%ld\n", enmUsageScenario);
624	m_enmUsageScenario = enmUsageScenario;
625	return S_OK;
626	}
627
628
629	/**
630	* Called by LogonUI when it needs this credential's advice.
631	*
632	* At the moment we only grab the credential provider events so that we can
633	* trigger a re-enumeration of the credentials later.
634	*/
635	HRESULT VBoxCredProvCredential::Advise(ICredentialProviderCredentialEvents *pEvents)
636	{
637	VBoxCredProvVerbose(0, "VBoxCredProvCredential::Advise: pEvents=0x%p\n", pEvents);
638
639	if (m_pEvents)
640	{
641	m_pEvents->Release();
642	m_pEvents = NULL;
643	}
644
645	return pEvents->QueryInterface(IID_PPV_ARGS(&m_pEvents));
646	}
647
648
649	/**
650	* Called by LogonUI when it's finished with handling this credential.
651	*
652	* We only need to release the credential provider events, if any.
653	*/
654	HRESULT VBoxCredProvCredential::UnAdvise(void)
655	{
656	VBoxCredProvVerbose(0, "VBoxCredProvCredential::UnAdvise\n");
657
658	if (m_pEvents)
659	{
660	m_pEvents->Release();
661	m_pEvents = NULL;
662	}
663
664	return S_OK;
665	}
666
667
668	/**
669	* Called by LogonUI when a user profile (tile) has been selected.
670	*
671	* As we don't want Winlogon to try logging in immediately we set pfAutoLogon
672	* to FALSE (if set).
673	*/
674	HRESULT VBoxCredProvCredential::SetSelected(PBOOL pfAutoLogon)
675	{
676	VBoxCredProvVerbose(0, "VBoxCredProvCredential::SetSelected\n");
677
678	/*
679	* Don't do auto logon here because it would retry too often with
680	* every credential field (user name, password, domain, ...) which makes
681	* winlogon wait before new login attempts can be made.
682	*/
683	if (pfAutoLogon)
684	*pfAutoLogon = FALSE;
685
686	m_fIsSelected = true;
687
688	return S_OK;
689	}
690
691
692	/**
693	* Called by LogonUI when a user profile (tile) has been unselected again.
694	*/
695	HRESULT VBoxCredProvCredential::SetDeselected(void)
696	{
697	VBoxCredProvVerbose(0, "VBoxCredProvCredential::SetDeselected\n");
698
699	Reset();
700
701	return S_OK;
702	}
703
704
705	/**
706	* Called by LogonUI to retrieve the (interactive) state of a UI field.
707	*/
708	HRESULT VBoxCredProvCredential::GetFieldState(DWORD dwFieldID, CREDENTIAL_PROVIDER_FIELD_STATE *pFieldState,
709	CREDENTIAL_PROVIDER_FIELD_INTERACTIVE_STATE *pFieldstateInteractive)
710	{
711	VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetFieldState: dwFieldID=%ld\n", dwFieldID);
712
713	HRESULT hr = S_OK;
714
715	if (dwFieldID < VBOXCREDPROV_NUM_FIELDS)
716	{
717	if (pFieldState)
718	*pFieldState = s_VBoxCredProvDefaultFields[dwFieldID].state;
719
720	if (pFieldstateInteractive)
721	*pFieldstateInteractive = s_VBoxCredProvDefaultFields[dwFieldID].stateInteractive;
722	}
723	else
724	hr = E_INVALIDARG;
725
726	return hr;
727	}
728
729
730	/**
731	* Searches the account name based on a display (real) name (e.g. "John Doe" -> "jdoe").
732	*
733	* @return TRUE if translation of the account name was successful, FALSE if not.
734	* @param pwszDisplayName Display name to extract account name from.
735	* @param ppwszAccoutName Where to store the extracted account name on success.
736	* Needs to be free'd with CoTaskMemFree().
737	*/
738	BOOL VBoxCredProvCredential::TranslateAccountName(PWSTR pwszDisplayName, PWSTR *ppwszAccoutName)
739	{
740	AssertPtrReturn(pwszDisplayName, FALSE);
741	VBoxCredProvVerbose(0, "VBoxCredProvCredential::TranslateAccountName: Getting account name for \"%ls\" ...\n",
742	pwszDisplayName);
743
744	/** @todo Do we need ADS support (e.g. TranslateNameW) here? */
745	BOOL fFound = FALSE; /* Did we find the desired user? */
746	NET_API_STATUS rcStatus;
747	DWORD dwLevel = 2; /* Detailed information about user accounts. */
748	DWORD dwPrefMaxLen = MAX_PREFERRED_LENGTH;
749	DWORD dwEntriesRead = 0;
750	DWORD dwTotalEntries = 0;
751	DWORD dwResumeHandle = 0;
752	LPUSER_INFO_2 pBuf = NULL;
753	LPUSER_INFO_2 pCurBuf = NULL;
754	do
755	{
756	rcStatus = NetUserEnum(NULL, /* Server name, NULL for localhost. */
757	dwLevel,
758	FILTER_NORMAL_ACCOUNT,
759	(LPBYTE*)&pBuf,
760	dwPrefMaxLen,
761	&dwEntriesRead,
762	&dwTotalEntries,
763	&dwResumeHandle);
764	if ( rcStatus == NERR_Success
765	\|\| rcStatus == ERROR_MORE_DATA)
766	{
767	if ((pCurBuf = pBuf) != NULL)
768	{
769	for (DWORD i = 0; i < dwEntriesRead; i++)
770	{
771	/*
772	* Search for the "display name" - that might be
773	* "John Doe" or something similar the user recognizes easier
774	* and may not the same as the "account" name (e.g. "jdoe").
775	*/
776	if ( pCurBuf
777	&& pCurBuf->usri2_full_name
778	&& StrCmpI(pwszDisplayName, pCurBuf->usri2_full_name) == 0)
779	{
780	/*
781	* Copy the real user name (e.g. "jdoe") to our
782	* output buffer.
783	*/
784	LPWSTR pwszTemp;
785	HRESULT hr = SHStrDupW(pCurBuf->usri2_name, &pwszTemp);
786	if (hr == S_OK)
787	{
788	*ppwszAccoutName = pwszTemp;
789	fFound = TRUE;
790	}
791	else
792	VBoxCredProvVerbose(0, "VBoxCredProvCredential::TranslateAccountName: Error copying data, hr=%08x\n", hr);
793	break;
794	}
795	pCurBuf++;
796	}
797	}
798	if (pBuf != NULL)
799	{
800	NetApiBufferFree(pBuf);
801	pBuf = NULL;
802	}
803	}
804	} while (rcStatus == ERROR_MORE_DATA && !fFound);
805
806	if (pBuf != NULL)
807	{
808	NetApiBufferFree(pBuf);
809	pBuf = NULL;
810	}
811
812	VBoxCredProvVerbose(0, "VBoxCredProvCredential::TranslateAccountName returned rcStatus=%ld, fFound=%RTbool\n",
813	rcStatus, fFound);
814	return fFound;
815
816	#if 0
817	DWORD dwErr = NO_ERROR;
818	ULONG cbLen = 0;
819	if ( TranslateNameW(pwszName, NameUnknown, NameUserPrincipal, NULL, &cbLen)
820	&& cbLen > 0)
821	{
822	VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetAccountName: Translated ADS name has %u characters\n", cbLen));
823
824	ppwszAccoutName = (PWSTR)RTMemAlloc(cbLen * sizeof(WCHAR));
825	AssertPtrReturn(pwszName, FALSE);
826	if (TranslateNameW(pwszName, NameUnknown, NameUserPrincipal, ppwszAccoutName, &cbLen))
827	{
828	VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetAccountName: Real ADS account name of '%ls' is '%ls'\n",
829	pwszName, ppwszAccoutName));
830	}
831	else
832	{
833	RTMemFree(ppwszAccoutName);
834	dwErr = GetLastError();
835	}
836	}
837	else
838	dwErr = GetLastError();
839	/* The above method for looking up in ADS failed, try another one. */
840	if (dwErr != NO_ERROR)
841	{
842	dwErr = NO_ERROR;
843
844	}
845	#endif
846	}
847
848
849	/**
850	* Extracts the actual account name & domain from a (raw) account data string.
851	*
852	* This might be a principal or FQDN string.
853	*
854	* @return success indicator. Will fail if input not in a user\@domain format.
855	* @param pwszAccountData Raw account data string to extract data from.
856	* @param ppwszAccountName Where to store the extracted account name on
857	* success. Needs to be freed with CoTaskMemFree().
858	* @param ppwszDomain Where to store the extracted domain name on
859	* success. Needs to be freed with CoTaskMemFree().
860	*/
861	/static/ bool VBoxCredProvCredential::ExtractAccountData(PWSTR pwszAccountData, PWSTR ppwszAccountName, PWSTR ppwszDomain)
862	{
863	AssertPtrReturn(pwszAccountData, FALSE);
864	VBoxCredProvVerbose(0, "VBoxCredProvCredential::ExtractAccoutData: Getting account name for \"%ls\" ...\n",
865	pwszAccountData);
866
867	/** @todo r=bird: The original code seemed a little confused about whether
868	* the domain stuff was optional or not, as it declared pwszDomain
869	* very early and freed it in the error path. Not entirely sure what
870	* to make of that... */
871
872	/* Try to figure out whether this is a principal name (user@domain). */
873	LPWSTR const pwszAt = StrChrW(pwszAccountData, L'@');
874	if (pwszAt && pwszAt != pwszAccountData)
875	{
876	if (pwszAt[1])
877	{
878	size_t cwcUser = (size_t)(pwszAt - pwszAccountData) + 1;
879	LPWSTR pwszName = (LPWSTR)CoTaskMemAlloc(cwcUser * sizeof(WCHAR));
880	if (pwszName)
881	{
882	int rc = RTUtf16CopyEx(pwszName, cwcUser, pwszAccountData, cwcUser - 1);
883	if (RT_SUCCESS(rc))
884	{
885	LPWSTR pwszDomain = NULL;
886	HRESULT hr = SHStrDupW(&pwszAt[1], &pwszDomain);
887	if (SUCCEEDED(hr))
888	{
889	*ppwszAccountName = pwszName;
890	*ppwszDomain = pwszDomain;
891	return true;
892	}
893
894	VBoxCredProvVerbose(0, "VBoxCredProvCredential::ExtractAccountData: Error copying domain data, hr=%08x\n", hr);
895	}
896	else
897	VBoxCredProvVerbose(0, "VBoxCredProvCredential::ExtractAccountData: Error copying account data, rc=%Rrc\n", rc);
898	CoTaskMemFree(pwszName);
899	}
900	else
901	VBoxCredProvVerbose(0, "VBoxCredProvCredential::ExtractAccountData: allocation failure.\n");
902	}
903	else
904	VBoxCredProvVerbose(0, "VBoxCredProvCredential::ExtractAccountData: No domain name found!\n");
905	}
906	else
907	VBoxCredProvVerbose(0, "VBoxCredProvCredential::ExtractAccountData: No valid principal account name found!\n");
908
909	return false;
910	}
911
912
913	/**
914	* Returns the current value of a specified LogonUI field.
915	*
916	* @return IPRT status code.
917	* @param dwFieldID Field ID to get value for.
918	* @param ppwszString Pointer that receives the actual value of the specified field.
919	*/
920	HRESULT VBoxCredProvCredential::GetStringValue(DWORD dwFieldID, PWSTR *ppwszString)
921	{
922	HRESULT hr;
923
924	PWSTR pwszString = NULL;
925
926	if (dwFieldID < VBOXCREDPROV_NUM_FIELDS)
927	{
928	switch (dwFieldID)
929	{
930	case VBOXCREDPROV_FIELDID_SUBMIT_BUTTON:
931	{
932	/* Fill in standard value to make Winlogon happy. */
933	hr = SHStrDupW(L"Submit", &pwszString);
934	break;
935	}
936
937	default:
938	{
939	if ( m_apwszFields[dwFieldID]
940	&& m_apwszFields[dwFieldID][0])
941	hr = SHStrDupW(m_apwszFields[dwFieldID], &pwszString);
942	else /* Fill in an empty value. */
943	hr = SHStrDupW(L"", &pwszString);
944	break;
945	}
946	}
947	}
948	else
949	hr = E_INVALIDARG;
950
951	VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetStringValue: m_fIsSelected=%RTbool, dwFieldID=%ld, pwszString=%ls, hr=%Rhrc\n",
952	m_fIsSelected, dwFieldID,
953	#ifdef DEBUG
954	pwszString ? pwszString : L"<NULL>",
955	#else
956	/* Don't show any passwords in release mode. */
957	dwFieldID == VBOXCREDPROV_FIELDID_PASSWORD ? L"XXX" : (pwszString ? pwszString : L"<NULL>"),
958	#endif
959	hr);
960
961	if (ppwszString)
962	*ppwszString = pwszString;
963	else if (pwszString)
964	CoTaskMemFree(pwszString);
965
966	return hr;
967	}
968
969
970	/**
971	* Returns back the field ID of which the submit button should be put next to.
972	*
973	* We always want to be the password field put next to the submit button
974	* currently.
975	*
976	* @return HRESULT
977	* @param dwFieldID Field ID of the submit button.
978	* @param pdwAdjacentTo Field ID where to put the submit button next to.
979	*/
980	HRESULT VBoxCredProvCredential::GetSubmitButtonValue(DWORD dwFieldID, DWORD *pdwAdjacentTo)
981	{
982	VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetSubmitButtonValue: dwFieldID=%ld\n",
983	dwFieldID);
984
985	HRESULT hr = S_OK;
986
987	/* Validate parameters. */
988	if ( dwFieldID == VBOXCREDPROV_FIELDID_SUBMIT_BUTTON
989	&& pdwAdjacentTo)
990	{
991	/* pdwAdjacentTo is a pointer to the fieldID you want the submit button to appear next to. */
992	*pdwAdjacentTo = VBOXCREDPROV_FIELDID_PASSWORD;
993	VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetSubmitButtonValue: dwFieldID=%ld, *pdwAdjacentTo=%ld\n",
994	dwFieldID, *pdwAdjacentTo);
995	}
996	else
997	hr = E_INVALIDARG;
998
999	return hr;
1000	}
1001
1002
1003	/**
1004	* Sets the value of a specified field. Currently not used.
1005	*
1006	* @return HRESULT
1007	* @param dwFieldID Field to set value for.
1008	* @param pwszValue Actual value to set.
1009	*/
1010	HRESULT VBoxCredProvCredential::SetStringValue(DWORD dwFieldID, PCWSTR pwszValue)
1011	{
1012	RT_NOREF(dwFieldID, pwszValue);
1013
1014	/* Do more things here later. */
1015	HRESULT hr = S_OK;
1016
1017	VBoxCredProvVerbose(0, "VBoxCredProvCredential::SetStringValue: dwFieldID=%ld, pcwzString=%ls, hr=%Rhrc\n",
1018	dwFieldID,
1019	#ifdef DEBUG
1020	pwszValue ? pwszValue : L"<NULL>",
1021	#else /* Never show any (sensitive) data in release mode! */
1022	L"XXX",
1023	#endif
1024	hr);
1025
1026	return hr;
1027	}
1028
1029
1030	HRESULT VBoxCredProvCredential::GetBitmapValue(DWORD dwFieldID, HBITMAP *phBitmap)
1031	{
1032	NOREF(dwFieldID);
1033	NOREF(phBitmap);
1034
1035	/* We don't do own bitmaps. */
1036	return E_NOTIMPL;
1037	}
1038
1039
1040	HRESULT VBoxCredProvCredential::GetCheckboxValue(DWORD dwFieldID, BOOL pfChecked, PWSTR ppwszLabel)
1041	{
1042	NOREF(dwFieldID);
1043	NOREF(pfChecked);
1044	NOREF(ppwszLabel);
1045	return E_NOTIMPL;
1046	}
1047
1048
1049	HRESULT VBoxCredProvCredential::GetComboBoxValueCount(DWORD dwFieldID, DWORD pcItems, DWORD pdwSelectedItem)
1050	{
1051	NOREF(dwFieldID);
1052	NOREF(pcItems);
1053	NOREF(pdwSelectedItem);
1054	return E_NOTIMPL;
1055	}
1056
1057
1058	HRESULT VBoxCredProvCredential::GetComboBoxValueAt(DWORD dwFieldID, DWORD dwItem, PWSTR *ppwszItem)
1059	{
1060	NOREF(dwFieldID);
1061	NOREF(dwItem);
1062	NOREF(ppwszItem);
1063	return E_NOTIMPL;
1064	}
1065
1066
1067	HRESULT VBoxCredProvCredential::SetCheckboxValue(DWORD dwFieldID, BOOL fChecked)
1068	{
1069	NOREF(dwFieldID);
1070	NOREF(fChecked);
1071	return E_NOTIMPL;
1072	}
1073
1074
1075	HRESULT VBoxCredProvCredential::SetComboBoxSelectedValue(DWORD dwFieldId, DWORD dwSelectedItem)
1076	{
1077	NOREF(dwFieldId);
1078	NOREF(dwSelectedItem);
1079	return E_NOTIMPL;
1080	}
1081
1082
1083	HRESULT VBoxCredProvCredential::CommandLinkClicked(DWORD dwFieldID)
1084	{
1085	NOREF(dwFieldID);
1086	return E_NOTIMPL;
1087	}
1088
1089
1090	/**
1091	* Does the actual authentication stuff to attempt a login.
1092	*
1093	* @return HRESULT
1094	* @param pcpGetSerializationResponse Credential serialization response.
1095	* @param pcpCredentialSerialization Details about the current credential.
1096	* @param ppwszOptionalStatusText Text to set. Optional.
1097	* @param pcpsiOptionalStatusIcon Status icon to set. Optional.
1098	*/
1099	HRESULT VBoxCredProvCredential::GetSerialization(CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE *pcpGetSerializationResponse,
1100	CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION *pcpCredentialSerialization,
1101	PWSTR *ppwszOptionalStatusText,
1102	CREDENTIAL_PROVIDER_STATUS_ICON *pcpsiOptionalStatusIcon)
1103	{
1104	NOREF(ppwszOptionalStatusText);
1105	NOREF(pcpsiOptionalStatusIcon);
1106
1107	KERB_INTERACTIVE_UNLOCK_LOGON KerberosUnlockLogon;
1108	RT_BZERO(&KerberosUnlockLogon, sizeof(KerberosUnlockLogon));
1109
1110	/* Save a pointer to the interactive logon struct. */
1111	KERB_INTERACTIVE_LOGON *pLogon = &KerberosUnlockLogon.Logon;
1112
1113	#ifdef DEBUG /* Note: NEVER print this in release mode! */
1114	VBoxCredProvVerbose(0, "VBoxCredProvCredential::GetSerialization: Username=%ls, Password=%ls, Domain=%ls\n",
1115	m_apwszFields[VBOXCREDPROV_FIELDID_USERNAME],
1116	m_apwszFields[VBOXCREDPROV_FIELDID_PASSWORD],
1117	m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME]);
1118	#endif
1119
1120	HRESULT hr = kerberosLogonCreate(pLogon,
1121	m_enmUsageScenario,
1122	m_apwszFields[VBOXCREDPROV_FIELDID_USERNAME],
1123	m_apwszFields[VBOXCREDPROV_FIELDID_PASSWORD],
1124	m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME]);
1125	if (SUCCEEDED(hr))
1126	{
1127	hr = kerberosLogonSerialize(pLogon,
1128	&pcpCredentialSerialization->rgbSerialization,
1129	&pcpCredentialSerialization->cbSerialization);
1130	if (SUCCEEDED(hr))
1131	{
1132	HANDLE hLSA;
1133	NTSTATUS s = LsaConnectUntrusted(&hLSA);
1134	hr = HRESULT_FROM_NT(s);
1135
1136	if (SUCCEEDED(hr))
1137	{
1138	#if 0 /* eeek. leaving this as an example of how not to handle a string constant. */
1139	size_t cchKerberosName;
1140	hr = StringCchLengthA(NEGOSSP_NAME_A, USHORT_MAX, &cchKerberosName);
1141	if (SUCCEEDED(hr))
1142	{
1143	USHORT usLength;
1144	hr = SizeTToUShort(cchKerberosName, &usLength);
1145	if (SUCCEEDED(hr))
1146	#endif
1147	{
1148	LSA_STRING lsaszKerberosName;
1149	lsaszKerberosName.Buffer = (PCHAR)NEGOSSP_NAME_A;
1150	lsaszKerberosName.Length = sizeof(NEGOSSP_NAME_A) - 1;
1151	lsaszKerberosName.MaximumLength = sizeof(NEGOSSP_NAME_A);
1152
1153	ULONG ulAuthPackage = 0;
1154
1155	s = LsaLookupAuthenticationPackage(hLSA, &lsaszKerberosName, &ulAuthPackage);
1156	hr = HRESULT_FROM_NT(s);
1157
1158	if (SUCCEEDED(hr))
1159	{
1160	pcpCredentialSerialization->ulAuthenticationPackage = ulAuthPackage;
1161	pcpCredentialSerialization->clsidCredentialProvider = CLSID_VBoxCredProvider;
1162
1163	/* We're done -- let the logon UI know. */
1164	*pcpGetSerializationResponse = CPGSR_RETURN_CREDENTIAL_FINISHED;
1165
1166	VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: Finished for user '%ls' (domain '%ls')\n",
1167	m_apwszFields[VBOXCREDPROV_FIELDID_USERNAME],
1168	m_apwszFields[VBOXCREDPROV_FIELDID_DOMAINNAME]);
1169	}
1170	else
1171	VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: LsaLookupAuthenticationPackage failed with ntStatus=%ld\n", s);
1172	}
1173	#if 0
1174	}
1175	#endif
1176	LsaDeregisterLogonProcess(hLSA);
1177	}
1178	else
1179	VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: LsaConnectUntrusted failed with ntStatus=%ld\n", s);
1180	}
1181	else
1182	VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: kerberosLogonSerialize failed with hr=0x%08x\n", hr);
1183
1184	kerberosLogonDestroy(pLogon);
1185	pLogon = NULL;
1186	}
1187	else
1188	VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization: kerberosLogonCreate failed with hr=0x%08x\n", hr);
1189
1190	VBoxCredProvVerbose(1, "VBoxCredProvCredential::GetSerialization returned hr=0x%08x\n", hr);
1191	return hr;
1192	}
1193
1194
1195	/**
1196	* Called by LogonUI after a logon attempt was made -- here we could set an additional status
1197	* text and/or icon.
1198	*
1199	* Currently not used.
1200	*
1201	* @return HRESULT
1202	* @param ntStatus NT status of logon attempt reported by Winlogon.
1203	* @param ntSubStatus NT substatus of logon attempt reported by Winlogon.
1204	* @param ppwszOptionalStatusText Pointer that receives the optional status text.
1205	* @param pcpsiOptionalStatusIcon Pointer that receives the optional status icon.
1206	*/
1207	HRESULT VBoxCredProvCredential::ReportResult(NTSTATUS ntStatus,
1208	NTSTATUS ntSubStatus,
1209	PWSTR *ppwszOptionalStatusText,
1210	CREDENTIAL_PROVIDER_STATUS_ICON *pcpsiOptionalStatusIcon)
1211	{
1212	RT_NOREF(ntStatus, ntSubStatus, ppwszOptionalStatusText, pcpsiOptionalStatusIcon);
1213	VBoxCredProvVerbose(0, "VBoxCredProvCredential::ReportResult: ntStatus=%ld, ntSubStatus=%ld\n",
1214	ntStatus, ntSubStatus);
1215	return E_NOTIMPL;
1216	}
1217

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: vbox/trunk/src/VBox/Additions/WINNT/VBoxCredProv/VBoxCredProvCredential.cpp

Download in other formats: