Update kfw change password dialog

Use combined username/realm principal edit control. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7297 (new) queue: kfw target_version: 1.10.4 tags: pullup
author: Kevin Wasserman <kevin.wasserman@painless-security.com> 2012-07-01 21:06:46 -0400
committer: Ben Kaduk <kaduk@mit.edu> 2012-08-27 19:27:23 -0400
commit: 16eb02cfaad02444e553c9a7af37917f02c60ba2 (patch)
tree: a61b5dd39dcb8180eccb46e42a7334d4d3a628cd
parent: e2b8cf10d536eeb1616f5b5e40fd41c691f24e29 (diff)
download: krb5-16eb02cfaad02444e553c9a7af37917f02c60ba2.tar.gz
krb5-16eb02cfaad02444e553c9a7af37917f02c60ba2.tar.xz
krb5-16eb02cfaad02444e553c9a7af37917f02c60ba2.zip
3 files changed, 91 insertions, 174 deletions
diff --git a/src/windows/leash/LeashView.cpp b/src/windows/leash/LeashView.cpp
index 043ed5fae1..7b5ba17d28 100644
--- a/src/windows/leash/LeashView.cpp
+++ b/src/windows/leash/LeashView.cpp
@@ -1026,47 +1026,74 @@ VOID CLeashView::OnMakeDefault()
 
 VOID CLeashView::OnChangePassword()
 {
-    if (!m_hWnd)
-    {
-        AfxMessageBox("There is a problem finding the Leash Window!",
-                   MB_OK|MB_ICONSTOP);
-        return;
-    }
+    krb5_context ctx;
+    krb5_ccache ccache = 0;
+    krb5_principal princ = 0;
+    char *pname = NULL;
+    char *username = NULL;
+    char *realm = NULL;
+    int code = 0;
 
-    if (WaitForSingleObject( ticketinfo.lockObj, INFINITE ) != WAIT_OBJECT_0)
-        throw("Unable to lock ticketinfo");
+    CCacheDisplayData *elem = m_ccacheDisplay;
+    while (elem != NULL) {
+        if (elem->m_selected) {
+            if (elem->m_ccacheName)
+                break;
+        }
+        elem = elem->m_next;
+    }
+    if (elem != NULL) {
+        code = pkrb5_init_context(&ctx);
+        if (code) {
+            // TODO: spew error
+            goto cleanup;
+        }
+        code = pkrb5_cc_resolve(ctx, elem->m_ccacheName, &ccache);
+        if (code) {
+            // TODO: spew error
+            goto cleanup;
+        }
+        code = pkrb5_cc_get_principal(ctx, ccache, &princ);
+        if (code) {
+            goto cleanup;
+        }
+        code = pkrb5_unparse_name(ctx, princ, &pname);
+        if (code) {
+            goto cleanup;
+        }
+    }
 
     LSH_DLGINFO_EX ldi;
-    char username[64];
-    char realm[192];
-    char * principal = ticketinfo.Krb5.principal;
-    int i=0, j=0;
-    if (principal)
-        for (; principal[i] && principal[i] != '@'; i++)
-	        username[i] = principal[i];
-    username[i] = '\0';
-    if (principal && principal[i])
-	    for (i++ ; principal[i] ; i++, j++)
-	        realm[j] = principal[i];
-    realm[j] = '\0';
-    ReleaseMutex(ticketinfo.lockObj);
-
+    if (pname != NULL) {
+        username = pname;
+        realm = strchr(pname, '@');
+        if (realm != NULL)
+            *realm++ = '\0';
+    }
     ldi.size = sizeof(ldi);
     ldi.dlgtype = DLGTYPE_CHPASSWD;
     ldi.title = ldi.in.title;
-    strcpy(ldi.in.title,"Change Password");
+    strcpy_s(ldi.in.title, "MIT Kerberos: Change Password");
     ldi.username = ldi.in.username;
-    strcpy(ldi.in.username,username);
+    strcpy_s(ldi.in.username, username ? username : "");
     ldi.realm = ldi.in.realm;
-    strcpy(ldi.in.realm,realm);
+    strcpy_s(ldi.in.realm, realm ? realm : "");
     ldi.use_defaults = 1;
 
     int result = pLeash_changepwd_dlg_ex(m_hWnd, &ldi);
-    if (-1 == result)
-    {
+    if (-1 == result) {
         AfxMessageBox("There is a problem changing password!",
                    MB_OK|MB_ICONSTOP);
     }
+cleanup:
+    if (pname != NULL)
+        pkrb5_free_unparsed_name(ctx, pname);
+    if (princ != NULL)
+        pkrb5_free_principal(ctx, princ);
+    if (ccache != NULL)
+        pkrb5_cc_close(ctx, ccache);
+    if (ctx != NULL)
+        pkrb5_free_context(ctx);
 }
 
 static CCacheDisplayData **
diff --git a/src/windows/leashdll/lsh_pwd.c b/src/windows/leashdll/lsh_pwd.c
index 2afcc957ab..c45fa1c682 100644
--- a/src/windows/leashdll/lsh_pwd.c
+++ b/src/windows/leashdll/lsh_pwd.c
@@ -38,6 +38,11 @@
 #endif /* NO_KRB5 */
 #include <commctrl.h>
 
+extern void * Leash_pec_create(HWND hEditCtl);
+extern void Leash_pec_destroy(void *pAutoComplete);
+extern void Leash_pec_add_principal(char *principal);
+extern void Leash_pec_clear_history(void *pec);
+
 /* Global Variables. */
 static long lsh_errno;
 static char *err_context;       /* error context */
@@ -1306,11 +1311,6 @@ AdjustOptions(HWND hDialog, int show, int hideDiff)
 
 }
 
-extern void *Leash_pec_create(HWND hEditCtl);
-extern void Leash_pec_destroy(void *pAutoComplete);
-extern void Leasch_pec_add_principal(char *principal);
-extern void Leash_pec_clear_history(void *pec);
-
 /* Callback function for the Authentication Dialog box that initializes and
    renews tickets. */
 
@@ -1755,15 +1755,15 @@ NewPasswordProc(
     )
 {
     static POINT Position = { -1, -1 };
-    static char username[LEASH_USERNAME_SZ]="";
-    static char realm[LEASH_REALM_SZ]="";
     static char password[256]="";
     static char password2[256]="";
     static char password3[256]="";
     static LPLSH_DLGINFO_EX lpdi;
     static HWND hDlg=0;
+    static void *pAutoComplete = NULL;
     char principal[256];
     long realm_count = 0;
+    HWND hEditCtrl = NULL;
 
     switch (message) {
 
@@ -1798,116 +1798,29 @@ NewPasswordProc(
 
         SetProp(hDialog, "HANDLES_HELP", (HANDLE)1);
 
-        if ( lpdi->size >= LSH_DLGINFO_EX_V3_SZ )
-            lstrcpy(username, lpdi->in.username);
-        else if (lpdi->username)
-            lstrcpy(username, lpdi->username);
-        if ( lpdi->size >= LSH_DLGINFO_EX_V3_SZ )
-	    lstrcpy(realm, lpdi->in.realm);
-	else if (lpdi->realm)
-	    lstrcpy(realm, lpdi->realm);
+        if (lpdi->username != NULL && (strlen(lpdi->username) > 0) &&
+            lpdi->realm != NULL && (strlen(lpdi->realm) > 0)) {
+            sprintf_s(principal,
+                      sizeof(principal), "%s@%s", lpdi->username, lpdi->realm);
+        } else {
+            principal[0] = 0;
+        }
 
-        CSetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, username);
+        CSetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, principal);
         CSetDlgItemText(hDialog, IDC_EDIT_PASSWORD, "");
         CSetDlgItemText(hDialog, IDC_EDIT_PASSWORD2, "");
         CSetDlgItemText(hDialog, IDC_EDIT_PASSWORD3, "");
 
+        hEditCtrl = GetDlgItem(hDialog, IDC_EDIT_PRINCIPAL);
+        if (hEditCtrl)
+            pAutoComplete = Leash_pec_create(hEditCtrl);
+
 #if 0  /* 20030619 - mjv wishes to return to the default character */
 	/* echo spaces */
 	CSendDlgItemMessage(hDialog, IDC_EDIT_PASSWORD, EM_SETPASSWORDCHAR, 32, 0);
 	CSendDlgItemMessage(hDialog, IDC_EDIT_PASSWORD2, EM_SETPASSWORDCHAR, 32, 0);
 	CSendDlgItemMessage(hDialog, IDC_EDIT_PASSWORD3, EM_SETPASSWORDCHAR, 32, 0);
 #endif
-
-	/* Populate list of Realms */
-	CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_RESETCONTENT, 0, 0);
-	CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_LIMITTEXT, 192, 0);
-
-	if (pprofile_get_subsection_names && pprofile_free_list) {
-	    const char*  rootSection[] = {"realms", NULL};
-	    const char** rootsec = rootSection;
-	    char **sections = NULL, **cpp = NULL, *value = NULL;
-
-	    char krb5_conf[MAX_PATH+1];
-
-	    if (!GetProfileFile(krb5_conf,sizeof(krb5_conf))) {
-		profile_t profile;
-		long retval;
-		const char *filenames[2];
-
-		filenames[0] = krb5_conf;
-		filenames[1] = NULL;
-		retval = pprofile_init(filenames, &profile);
-		if (!retval) {
-		    retval = pprofile_get_subsection_names(profile,	rootsec, &sections);
-
-		    if (!retval)
-		    {
-			for (cpp = sections; *cpp; cpp++)
-			{
-			    CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)*cpp);
-			    realm_count++;
-			}
-		    }
-		    pprofile_free_list(sections);
-		    pprofile_release(profile);
-		}
-	    }
-	} else {
-	    FILE * file;
-	    char krb_conf[MAX_PATH+1];
-	    char * p;
-
-	    if (!GetKrb4ConFile(krb_conf,sizeof(krb_conf)) &&
-		 (file = fopen(krb_conf, "rt")))
-	    {
-		char lineBuf[256];
-		// Skip the default realm
-		readstring(file,lineBuf,sizeof(lineBuf));
-
-		// Read the defined realms
-		while (TRUE)
-		{
-		    if (readstring(file,lineBuf,sizeof(lineBuf)) < 0)
-			break;
-
-		    if (*(lineBuf + strlen(lineBuf) - 1) == '\r')
-			*(lineBuf + strlen(lineBuf) - 1) = 0;
-
-		    for (p=lineBuf; *p ; p++)
-		    {
-			if (isspace(*p)) {
-			    *p = 0;
-			    break;
-			}
-		    }
-
-		    if ( strncmp(".KERBEROS.OPTION.",lineBuf,17) ) {
-			CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)lineBuf);
-			realm_count++;
-		    }
-		}
-
-		fclose(file);
-	    }
-	}
-	if (realm_count == 0)
-	    CSendDlgItemMessage(hDialog, IDC_COMBO_REALM, CB_ADDSTRING, 0, (LPARAM)realm);
-
-	/* Select the default Realm */
-	if (!realm[0] && hKrb5) {
-	    krb5_context ctx=0;
-	    char * def = 0;
-	    pkrb5_init_context(&ctx);
-	    pkrb5_get_default_realm(ctx,&def);
-	    if (def) {
-		lstrcpy(realm, def);
-		free(def);
-	    }
-	    pkrb5_free_context(ctx);
-	}
-	CSetDlgItemText(hDialog, IDC_COMBO_REALM, realm);
-
         /* setup text of stuff. */
 
         if (Position.x > 0 && Position.y > 0 &&
@@ -1943,6 +1856,10 @@ NewPasswordProc(
 		memset(password3,0,sizeof(password3));
 		RemoveProp(hDialog, "HANDLES_HELP");
 		EndDialog(hDialog, (int)lParam);
+                if (pAutoComplete != NULL) {
+                    Leash_pec_destroy(pAutoComplete);
+                    pAutoComplete = NULL;
+                }
                 return TRUE;
 	    }
 	    break;
@@ -1952,13 +1869,12 @@ NewPasswordProc(
 		int i = 0;
                 int bit8 = 0;
 
-		CGetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, username, sizeof(username));
+		CGetDlgItemText(hDialog, IDC_EDIT_PRINCIPAL, principal, sizeof(principal));
 		CGetDlgItemText(hDialog, IDC_EDIT_PASSWORD, password, sizeof(password));
 		CGetDlgItemText(hDialog, IDC_EDIT_PASSWORD2, password2, sizeof(password2));
 		CGetDlgItemText(hDialog, IDC_EDIT_PASSWORD3, password3, sizeof(password3));
-		CGetDlgItemText(hDialog, IDC_COMBO_REALM, realm, sizeof(realm));
 
-		if (!username[0])
+		if (!principal[0])
 		{
 		    MessageBox(hDialog, "You are not allowed to enter a "
 				"blank username.",
@@ -1966,20 +1882,6 @@ NewPasswordProc(
 				MB_OK | MB_ICONSTOP);
 		    return TRUE;
 		}
-		if (!realm[0])
-		{
-		    MessageBox(hDialog, "You are not allowed to enter a "
-				"blank realm.",
-				"Invalid Principal",
-				MB_OK | MB_ICONSTOP);
-		    return TRUE;
-		}
-
-		if (Leash_get_default_uppercaserealm())
-		{
-		    // found
-		    strupr(realm);
-		}
 
 		if (!password[0] || !password2[0] || !password3[0])
 		{
@@ -2022,8 +1924,6 @@ NewPasswordProc(
                     return TRUE;
 		}
 
-		sprintf(principal,"%s@%s",username,realm);
-
                 lsh_errno = Leash_int_changepwd(principal, password, password2, 0, 1);
 		if (lsh_errno != 0)
 		{
@@ -2063,14 +1963,7 @@ NewPasswordProc(
 #endif /* COMMENT */
                     return TRUE;
 		}
-
-                if ( lpdi->size >= LSH_DLGINFO_EX_V2_SZ ) {
-                    strncpy(lpdi->out.username, username, LEASH_USERNAME_SZ);
-                    lpdi->out.username[LEASH_USERNAME_SZ-1] = 0;
-                    strncpy(lpdi->out.realm, realm, LEASH_REALM_SZ);
-                    lpdi->out.realm[LEASH_REALM_SZ-1] = 0;
-                }
-
+                Leash_pec_add_principal(principal);
                 CloseMe(TRUE); /* success */
 	    }
 	    break;
diff --git a/src/windows/leashdll/lsh_pwd.rc b/src/windows/leashdll/lsh_pwd.rc
index 325cdb4503..c12c5481e1 100644
--- a/src/windows/leashdll/lsh_pwd.rc
+++ b/src/windows/leashdll/lsh_pwd.rc
@@ -127,30 +127,27 @@ BEGIN
     RTEXT           "Renewable Lifetime:",IDC_STATIC_RENEW,10,164,79,8
 END
 
-IDD_PASSWORD DIALOG DISCARDABLE  0, 0, 382, 198
+IDD_PASSWORD DIALOG DISCARDABLE  0, 0, 382, 150
 STYLE DS_MODALFRAME | DS_3DLOOK | WS_POPUP | WS_CAPTION | WS_SYSMENU
 CAPTION "Change Password"
 FONT 8, "Microsoft Sans Serif"
 BEGIN
-    EDITTEXT        IDC_EDIT_PRINCIPAL,99,52,259,14,ES_AUTOHSCROLL
-    EDITTEXT        IDC_EDIT_PASSWORD,99,84,259,14,ES_PASSWORD |
+    EDITTEXT        IDC_EDIT_PRINCIPAL,99,40,259,14,ES_AUTOHSCROLL
+    EDITTEXT        IDC_EDIT_PASSWORD,99,60,259,14,ES_PASSWORD |
                     ES_AUTOHSCROLL
-    EDITTEXT        IDC_EDIT_PASSWORD2,99,112,259,14,ES_PASSWORD |
+    EDITTEXT        IDC_EDIT_PASSWORD2,99,85,259,14,ES_PASSWORD |
                     ES_AUTOHSCROLL
-    EDITTEXT        IDC_EDIT_PASSWORD3,99,135,259,14,ES_PASSWORD |
+    EDITTEXT        IDC_EDIT_PASSWORD3,99,105,259,14,ES_PASSWORD |
                     ES_AUTOHSCROLL
-    COMBOBOX        IDC_COMBO_REALM,99,67,259,79,CBS_DROPDOWN |
-                    CBS_AUTOHSCROLL | CBS_SORT | WS_VSCROLL | WS_TABSTOP
-    DEFPUSHBUTTON   "OK",IDOK,313,165,49,14
-    PUSHBUTTON      "Cancel",IDCANCEL,256,165,49,14
-    RTEXT           "Name:",IDC_STATIC_NAME,73,55,21,8
-    RTEXT           "Realm:",IDC_STATIC_REALM,72,71,23,8
-    RTEXT           "Old Password:",IDC_STATIC_PWD,19,85,74,21
+    DEFPUSHBUTTON   "OK",IDOK,313,125,49,14
+    PUSHBUTTON      "Cancel",IDCANCEL,256,125,49,14
+    RTEXT           "Principal:",IDC_STATIC_NAME,22,43,74,12
+    RTEXT           "Old Password:",IDC_STATIC_PWD,22,63,74,12
     ICON            LEASHICON,IDC_PICTURE_LEASH,15,15,20,20
     LTEXT           "Change your Kerberos password or phrase",
                     IDC_STATIC_NOTICE,48,20,276,8
-    RTEXT           "New Password:",IDC_STATIC_PWD2,23,112,74,16
-    RTEXT           "New Password (again):",IDC_STATIC_PWD3,22,135,74,18
+    RTEXT           "New Password:",IDC_STATIC_PWD2,22,88,74,12
+    RTEXT           "New Password (again):",IDC_STATIC_PWD3,22,108,74,12
 END
author	Kevin Wasserman <kevin.wasserman@painless-security.com>	2012-07-01 21:06:46 -0400
committer	Ben Kaduk <kaduk@mit.edu>	2012-08-27 19:27:23 -0400
commit	16eb02cfaad02444e553c9a7af37917f02c60ba2 (patch)
tree	a61b5dd39dcb8180eccb46e42a7334d4d3a628cd
parent	e2b8cf10d536eeb1616f5b5e40fd41c691f24e29 (diff)
download	krb5-16eb02cfaad02444e553c9a7af37917f02c60ba2.tar.gz krb5-16eb02cfaad02444e553c9a7af37917f02c60ba2.tar.xz krb5-16eb02cfaad02444e553c9a7af37917f02c60ba2.zip