diff options
| author | Jeffrey Altman <jaltman@secure-endpoints.com> | 2006-09-21 21:49:41 +0000 |
|---|---|---|
| committer | Jeffrey Altman <jaltman@secure-endpoints.com> | 2006-09-21 21:49:41 +0000 |
| commit | 67aa2eb7cd9ebbb08e2247c124f3947cb526136e (patch) | |
| tree | 77eec2ae97702aa7e55ee1d7d8c95748b22a7a04 /src/windows/identity/ui | |
| parent | 515f4996f041c6a36bf5667440f3b18661745de1 (diff) | |
| download | krb5-67aa2eb7cd9ebbb08e2247c124f3947cb526136e.tar.gz krb5-67aa2eb7cd9ebbb08e2247c124f3947cb526136e.tar.xz krb5-67aa2eb7cd9ebbb08e2247c124f3947cb526136e.zip | |
KFW 3.1 Beta 2 NetIDMgr Changes
source for (1.1.0.1)
- Updated documentation with additional information and fixed errors.
nidmgr32.dll (1.1.0.1)
- Fixed a deadlock in the configuration provider that may cause
NetIDMgr to deadlock on load.
- Prevent the configuration provider handle list from getting
corrupted in the event of a plug-in freeing a handle twice.
- Add more parameter validation for the configuration provider.
- If a plug-in is only partially registered (only some of the entries
were set in the registry), the completion of the registration didn't
complete successfully, leaving the plug-in in an unusable state.
This has been fixed. Plug-ins will now successfully complete
registration once they are loaded for the first time, assuming the
correct resources are present in the module.
- Fixed notifications for setting a default identity. Notifications
were not being properly sent out resulting in the credentials window
not being updated when the default identity changed.
- Changes to the API for type safety.
- Handling of binary data fields was changed to support validation and
comparison.
- Data types that do not support KCDB_CBSIZE_AUTO now check for and
report an error if it is specified.
- Password fields in the new credentials dialog will trim leading and
trailing whitespace before using a user-entered value.
- Change password action will no longer be disabled if no identity is
selected. An identity selection control is present in the dialog
making this restriction unnecessary.
- When renewing credentials, error messages will be suppressed if the
renewal was for an identity and the identity does not have any
identity credentials associated with it.
- Error messages that are related to credentials acquisition or
password changes will now display the name of the identity that the
error applies to.
- Automatic renewals now renews all identities that have credentials
associated with them instead of just the default identity.
- Fixed a bug where error messages did not have a default button which
can be invoked with the return key or the space bar.
- The new credentials window will force itself to the top. This can
be disabled via a registry setting, but is on by default.
- Fixed the sort order in the new credentials tabs to respect sort
hints provided by plug-ins.
- If a new credentials operation fails, the password fields will be
cleared.
- Once a new credentials operation starts, the controls for specifying
the identity and password and any other custom prompts will be
disabled until the operation completes.
- Notifications during the new credentials operation now supply a
handle to the proper data structures as documented.
- Hyperlinks in the new credentials dialog now support markup that
will prevent the dialog from switching to the credentials type panel
when the link is activated.
- If there are too many buttons added by plug-ins in the new
credentials dialog, they will be resized to accomodate all of them.
- The options button in the new credentials dialog will be disabled
while a new credentials operation is in progress.
- The 'about' dialog retains the original copyright strings included
in the resource.
- Multiple modal dialogs are now supported. Only the topmost one will
be active. Once it is closed, the other dialogs will gain focus in
turn. This allows for error messages to be displayed from other
modal dialogs.
- The hypertext window supports italics.
krb4cred.dll (1.1.0.1)
- Fixed a bug where the plug-in would attempt to free a handle twice.
- Fixed a handle leak.
- Changed the facility name used for event reporting to match the
credentials type name.
krb5cred.dll (1.1.0.1)
- Fixed handling of expired passwords. If the password for an
identity is found to have expired at the time a new credentials
acquisition is in progress, the user will be given an opportunity to
change the password. If this is successful, the new credentials
operation will continue with the new password.
- Prevent the new credentials dialog from switching to the Kerberos 5
credentials panel during a password change.
- Prompts that were cached indefinitely will now have a limited
lifetime. Prompt caches that were created using prior versions of
the plug-in will automatically expire.
- Multistrings in the resource files were converted to CSV to protect
them against a bug in Visual Studio 2005 which corrupted
multistrings.
- Added handling of and reporting WinSock errors that are returned
from the Kerberos 5 libraries.
- Fixed uninitialized variables.
- The username and realm that is entered when selecting an identity
will be trimmed of leading and trailing whitespace.
- Changed the facility name used for event reporting to match the
credentials type name.
ticket: new
component: windows
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18604 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/windows/identity/ui')
| -rw-r--r-- | src/windows/identity/ui/aboutwnd.c | 3 | ||||
| -rw-r--r-- | src/windows/identity/ui/credfuncs.c | 157 | ||||
| -rw-r--r-- | src/windows/identity/ui/credwnd.c | 4 | ||||
| -rw-r--r-- | src/windows/identity/ui/lang/en_us/khapp.rc | 13 | ||||
| -rw-r--r-- | src/windows/identity/ui/newcredwnd.c | 61 | ||||
| -rw-r--r-- | src/windows/identity/ui/notifier.c | 3 | ||||
| -rw-r--r-- | src/windows/identity/ui/resource.h | 3 | ||||
| -rw-r--r-- | src/windows/identity/ui/uiconfig.csv | 3 |
8 files changed, 214 insertions, 33 deletions
diff --git a/src/windows/identity/ui/aboutwnd.c b/src/windows/identity/ui/aboutwnd.c index 242b1c589..f4dcfcc5e 100644 --- a/src/windows/identity/ui/aboutwnd.c +++ b/src/windows/identity/ui/aboutwnd.c @@ -46,8 +46,11 @@ about_dlg_proc(HWND hwnd, SetDlgItemText(hwnd, IDC_PRODUCT,
TEXT(KH_VERSTR_PRODUCT_1033));
+ /* retain the original copyright strings */
+#ifdef OVERRIDE_COPYRIGHT
SetDlgItemText(hwnd, IDC_COPYRIGHT,
TEXT(KH_VERSTR_COPYRIGHT_1033));
+#endif
SetDlgItemText(hwnd, IDC_BUILDINFO,
TEXT(KH_VERSTR_BUILDINFO_1033));
diff --git a/src/windows/identity/ui/credfuncs.c b/src/windows/identity/ui/credfuncs.c index 937e82ff9..d695afead 100644 --- a/src/windows/identity/ui/credfuncs.c +++ b/src/windows/identity/ui/credfuncs.c @@ -227,6 +227,9 @@ kmsg_cred_completion(kmq_message *m) if there's more */
nc = (khui_new_creds *) m->vparam;
+ /* if we are done processing all the plug-ins, then check if
+ there were any errors reported. Otherwise we dispatch
+ another set of messages. */
if(!khm_cred_dispatch_process_level(nc)) {
if(kherr_is_error()) {
@@ -238,39 +241,102 @@ kmsg_cred_completion(kmq_message *m) wchar_t ws_title[ARRAYLENGTH(ws_tfmt) + KCDB_IDENT_MAXCCH_NAME];
khm_size cb;
+ /* For renewals, we suppress the error message for the
+ following case:
+
+ - The renewal was for an identity
+
+ - There are no identity credentials for the
+ identity (no credentials that have the same type
+ as the identity provider). */
+
+ if (nc->subtype == KMSG_CRED_RENEW_CREDS &&
+ nc->ctx.scope == KHUI_SCOPE_IDENT &&
+ nc->ctx.identity != NULL) {
+ khm_handle tcs = NULL; /* credential set */
+ khm_size count = 0;
+ khm_int32 id_ctype = KCDB_CREDTYPE_INVALID;
+ khm_int32 delta = 0;
+
+ kcdb_identity_get_type(&id_ctype);
+ kcdb_credset_create(&tcs);
+ kcdb_credset_collect(tcs, NULL,
+ nc->ctx.identity,
+ id_ctype,
+ &delta);
+ kcdb_credset_get_size(tcs, &count);
+ kcdb_credset_delete(tcs);
+
+ if (count == 0)
+ break;
+ }
+
ctx = kherr_peek_context();
evt = kherr_get_err_event(ctx);
kherr_evaluate_event(evt);
khui_alert_create_empty(&alert);
- if (nc->subtype == KMSG_CRED_PASSWORD)
- LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE,
- ws_tfmt, ARRAYLENGTH(ws_tfmt));
- else if (nc->subtype == KMSG_CRED_RENEW_CREDS)
- LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE,
- ws_tfmt, ARRAYLENGTH(ws_tfmt));
- else
- LoadString(khm_hInstance, IDS_NC_FAILED_TITLE,
- ws_tfmt, ARRAYLENGTH(ws_tfmt));
+ if (nc->subtype == KMSG_CRED_NEW_CREDS) {
+
+ cb = sizeof(w_idname);
+ if (nc->n_identities == 0 ||
+ KHM_FAILED(kcdb_identity_get_name(nc->identities[0],
+ w_idname, &cb))) {
+ /* an identity could not be determined */
+ LoadString(khm_hInstance, IDS_NC_FAILED_TITLE,
+ ws_title, ARRAYLENGTH(ws_title));
+ } else {
+ LoadString(khm_hInstance, IDS_NC_FAILED_TITLE_I,
+ ws_tfmt, ARRAYLENGTH(ws_tfmt));
+ StringCbPrintf(ws_title, sizeof(ws_title),
+ ws_tfmt, w_idname);
+ }
+
+ } else if (nc->subtype == KMSG_CRED_PASSWORD) {
- if (nc->n_identities > 0) {
cb = sizeof(w_idname);
- if (KHM_FAILED(kcdb_identity_get_name(nc->identities[0],
- w_idname, &cb)))
- StringCbCopy(w_idname, sizeof(w_idname), L"(?)");
+ if (nc->n_identities == 0 ||
+ KHM_FAILED(kcdb_identity_get_name(nc->identities[0],
+ w_idname, &cb))) {
+ LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE,
+ ws_title, ARRAYLENGTH(ws_title));
+ } else {
+ LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE_I,
+ ws_tfmt, ARRAYLENGTH(ws_tfmt));
+ StringCbPrintf(ws_title, sizeof(ws_title),
+ ws_tfmt, w_idname);
+ }
+
+ } else if (nc->subtype == KMSG_CRED_RENEW_CREDS) {
+
+ cb = sizeof(w_idname);
+ if (nc->ctx.identity == NULL ||
+ KHM_FAILED(kcdb_identity_get_name(nc->ctx.identity,
+ w_idname, &cb))) {
+ LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE,
+ ws_title, ARRAYLENGTH(ws_title));
+ } else {
+ LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE_I,
+ ws_tfmt, ARRAYLENGTH(ws_tfmt));
+ StringCbPrintf(ws_title, sizeof(ws_title),
+ ws_tfmt, w_idname);
+ }
+
} else {
- StringCbCopy(w_idname, sizeof(w_idname), L"(?)");
+#ifdef DEBUG
+ assert(FALSE);
+#endif
}
- StringCbPrintf(ws_title, sizeof(ws_title), ws_tfmt, w_idname);
-
khui_alert_set_title(alert, ws_title);
khui_alert_set_severity(alert, evt->severity);
+
if(!evt->long_desc)
khui_alert_set_message(alert, evt->short_desc);
else
khui_alert_set_message(alert, evt->long_desc);
+
if(evt->suggestion)
khui_alert_set_suggestion(alert, evt->suggestion);
@@ -847,6 +913,8 @@ khm_cred_process_startup_actions(void) { if (khm_startup.renew) {
khm_size count;
+ wchar_t * ident_names = NULL;
+ wchar_t * this_ident;
kcdb_credset_get_size(NULL, &count);
@@ -856,16 +924,55 @@ khm_cred_process_startup_actions(void) { khm_startup.renew = FALSE;
if (count != 0) {
- if (defident)
- khui_context_set(KHUI_SCOPE_IDENT,
- defident,
- KCDB_CREDTYPE_INVALID,
- NULL, NULL, 0,
- NULL);
- else
- khui_context_reset();
+ khm_size cb = 0;
+ khm_size n_idents = 0;
+ khm_int32 rv;
+
+ ident_names = NULL;
+
+ while (TRUE) {
+ if (ident_names) {
+ PFREE(ident_names);
+ ident_names = NULL;
+ }
+
+ cb = 0;
+ rv = kcdb_identity_enum(KCDB_IDENT_FLAG_EMPTY, 0,
+ NULL,
+ &cb, &n_idents);
+
+ if (n_idents == 0 || rv != KHM_ERROR_TOO_LONG ||
+ cb == 0)
+ break;
+
+ ident_names = PMALLOC(cb);
- khm_cred_renew_creds();
+ rv = kcdb_identity_enum(KCDB_IDENT_FLAG_EMPTY, 0,
+ ident_names,
+ &cb, &n_idents);
+
+ if (KHM_SUCCEEDED(rv))
+ break;
+ }
+
+ if (ident_names) {
+ for (this_ident = ident_names;
+ this_ident && *this_ident;
+ this_ident = multi_string_next(this_ident)) {
+ khm_handle ident;
+
+ if (KHM_FAILED(kcdb_identity_create(this_ident, 0,
+ &ident)))
+ continue;
+
+ khm_cred_renew_identity(ident);
+
+ kcdb_identity_release(ident);
+ }
+
+ PFREE(ident_names);
+ ident_names = NULL;
+ }
break;
}
}
diff --git a/src/windows/identity/ui/credwnd.c b/src/windows/identity/ui/credwnd.c index 31df6bdf7..a870fe527 100644 --- a/src/windows/identity/ui/credwnd.c +++ b/src/windows/identity/ui/credwnd.c @@ -2669,16 +2669,20 @@ cw_kmq_wm_dispatch(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) cw_update_outline(tbl);
cw_update_extents(tbl, TRUE);
InvalidateRect(hwnd, NULL, FALSE);
+
}
else if (m->subtype == KMSG_KCDB_IDENT &&
m->uparam == KCDB_OP_NEW_DEFAULT) {
InvalidateRect(hwnd, NULL, FALSE);
+
}
else if (m->subtype == KMSG_KCDB_ATTRIB &&
(m->uparam == KCDB_OP_INSERT ||
m->uparam == KCDB_OP_DELETE)) {
+
cw_refresh_attribs(hwnd);
+
}
} else if (m->type == KMSG_KMM &&
m->subtype == KMSG_KMM_I_DONE) {
diff --git a/src/windows/identity/ui/lang/en_us/khapp.rc b/src/windows/identity/ui/lang/en_us/khapp.rc index 93e780575..eb84b8f1e 100644 --- a/src/windows/identity/ui/lang/en_us/khapp.rc +++ b/src/windows/identity/ui/lang/en_us/khapp.rc @@ -356,9 +356,9 @@ FONT 8, "MS Shell Dlg", 400, 0, 0x1 BEGIN
DEFPUSHBUTTON "OK",IDOK,211,7,50,14
LTEXT "Productname",IDC_PRODUCT,41,7,163,13,NOT WS_GROUP
- LTEXT "© 2005 Massachusetts Institute of Technology",IDC_COPYRIGHT,41,23,220,18,NOT WS_GROUP
- LTEXT "BuildInfo",IDC_BUILDINFO,41,41,220,17,NOT WS_GROUP
- ICON IDI_MAIN_APP,IDC_STATIC,6,7,21,20
+ LTEXT "© 2005-2006 Massachusetts Institute of Technology\n© 2006 Secure Endpoints Inc.",IDC_COPYRIGHT,41,23,220,18,NOT WS_GROUP
+ LTEXT "BuildInfo",IDC_BUILDINFO,41,43,220,15,NOT WS_GROUP
+ ICON IDI_MAIN_APP,IDC_STATIC,6,7,20,20
CONTROL "",IDC_MODULES,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | WS_BORDER | WS_TABSTOP,41,72,220,91
LTEXT "Loaded modules",IDC_STATIC,41,60,52,8
END
@@ -770,6 +770,13 @@ BEGIN IDS_ACTIONT_OPT_APPEAR "Change appearance and display settings"
IDS_ACTIONT_HELP_CTX "Display user documentation"
IDS_ACTIONT_IMPORT "Import credentials from external sources such as the Windows LSA"
+ IDS_NC_FAILED_TITLE_I "Failed to get credentials for %s"
+ IDS_NC_PWD_FAILED_TITLE_I "Failed to change password for %s"
+END
+
+STRINGTABLE
+BEGIN
+ IDS_NC_REN_FAILED_TITLE_I "Failed to renew creds for %s"
END
#endif // English (U.S.) resources
diff --git a/src/windows/identity/ui/newcredwnd.c b/src/windows/identity/ui/newcredwnd.c index 1c5d19412..f5b302ec0 100644 --- a/src/windows/identity/ui/newcredwnd.c +++ b/src/windows/identity/ui/newcredwnd.c @@ -1,6 +1,5 @@ /*
* Copyright (c) 2005 Massachusetts Institute of Technology
- * Copyright (c) 2006 Secure Endpoints Inc.
*
* Permission is hereby granted, free of charge, to any person
* obtaining a copy of this software and associated documentation
@@ -264,6 +263,38 @@ nc_clear_password_fields(khui_nc_wnd_data * d) }
}
+struct nc_enum_wnd_data {
+ khui_nc_wnd_data * d;
+ khm_boolean enable;
+};
+
+static
+BOOL CALLBACK
+nc_enum_wnd_proc(HWND hwnd,
+ LPARAM lParam)
+{
+ struct nc_enum_wnd_data * wd;
+
+ wd = (struct nc_enum_wnd_data *) lParam;
+
+ EnableWindow(hwnd, wd->enable);
+
+ return TRUE;
+}
+
+static void
+nc_enable_controls(khui_nc_wnd_data * d, khm_boolean enable)
+{
+ struct nc_enum_wnd_data wd;
+
+ ZeroMemory(&wd, sizeof(wd));
+
+ wd.d = d;
+ wd.enable = enable;
+
+ EnumChildWindows(d->dlg_main, nc_enum_wnd_proc, (LPARAM) &wd);
+}
+
#define NC_MAXCCH_CREDTEXT 16384
#define NC_MAXCB_CREDTEXT (NC_MAXCCH_CREDTEXT * sizeof(wchar_t))
@@ -524,6 +555,7 @@ nc_handle_wm_create(HWND hwnd, int x, y;
int width, height;
RECT r;
+ khm_int32 t;
lpc = (LPCREATESTRUCT) lParam;
@@ -789,6 +821,17 @@ nc_handle_wm_create(HWND hwnd, /* add this to the dialog chain */
khm_add_dialog(hwnd);
+ /* bring the window to the top, if necessary */
+ if (KHM_SUCCEEDED(khc_read_int32(NULL,
+ L"CredWindow\\Windows\\NewCred\\ForceToTop",
+ &t)) &&
+ t != 0) {
+
+ SetWindowPos(hwnd, HWND_TOP, 0, 0, 0, 0,
+ (SWP_NOMOVE | SWP_NOSIZE));
+
+ }
+
return TRUE;
}
@@ -936,6 +979,8 @@ nc_handle_wm_command(HWND hwnd, KHUI_NC_RESULT_CANCEL */
d->nc->response = KHUI_NC_RESPONSE_PROCESSING;
+ nc_enable_controls(d, FALSE);
+
nc_notify_types(d->nc,
KHUI_WM_NC_NOTIFY,
MAKEWPARAM(0,WMNC_DIALOG_PREPROCESS),
@@ -1008,7 +1053,8 @@ nc_handle_wm_command(HWND hwnd, type that is participating in the credentials
acquisition process, then we forward the message to
the panel that is providing the UI for that cred
- type. We also switch to that panel first. */
+ type. We also switch to that panel first, unless
+ the link is of the form '<credtype>:!<link_tag>'. */
colon = wcschr(sid, L':');
if (colon != NULL) {
@@ -1020,7 +1066,8 @@ nc_handle_wm_command(HWND hwnd, KHM_SUCCEEDED(khui_cw_find_type(d->nc, credtype, &t))){
*colon = L':';
- if (t->ordinal != d->ctab)
+ if (t->ordinal != d->ctab &&
+ *(colon + 1) != L'!')
PostMessage(hwnd,
KHUI_WM_NC_NOTIFY,
MAKEWPARAM(t->ordinal,
@@ -1031,6 +1078,8 @@ nc_handle_wm_command(HWND hwnd, KHUI_WM_NC_NOTIFY,
MAKEWPARAM(0, WMNC_CREDTEXT_LINK),
lParam);
+ } else {
+ *colon = L':';
}
}
@@ -1257,8 +1306,8 @@ static LRESULT nc_handle_wm_nc_notify(HWND hwnd, khui_cw_lock_nc(d->nc);
GetWindowRect(d->dlg_ts, &r);
- if (x + width * d->nc->n_types > (khm_size) (r.right - r.left)) {
- width = (int)(((r.right - r.left) - x) / d->nc->n_types);
+ if (x + width * (d->nc->n_types + 1) > (khm_size) (r.right - r.left)) {
+ width = (int)(((r.right - r.left) - x) / (d->nc->n_types + 1));
}
/* first, the control for the main panel */
@@ -1684,6 +1733,8 @@ static LRESULT nc_handle_wm_nc_notify(HWND hwnd, if(nc->response & KHUI_NC_RESPONSE_NOEXIT) {
HWND hw;
+ nc_enable_controls(d, TRUE);
+
/* reset state */
nc->result = KHUI_NC_RESULT_CANCEL;
diff --git a/src/windows/identity/ui/notifier.c b/src/windows/identity/ui/notifier.c index eb46824c7..12b746b1f 100644 --- a/src/windows/identity/ui/notifier.c +++ b/src/windows/identity/ui/notifier.c @@ -744,6 +744,9 @@ alerter_wnd_proc(HWND hwnd, }
}
+ if (d->hwnd_buttons[0])
+ SetFocus(d->hwnd_buttons[0]);
+
khm_notify_icon_change(a->severity);
khui_alert_unlock(a);
diff --git a/src/windows/identity/ui/resource.h b/src/windows/identity/ui/resource.h index 49fcf70e4..35b493e91 100644 --- a/src/windows/identity/ui/resource.h +++ b/src/windows/identity/ui/resource.h @@ -290,6 +290,9 @@ #define IDS_ACTIONT_OPT_APPEAR 283
#define IDS_ACTIONT_HELP_CTX 284
#define IDS_ACTIONT_IMPORT 285
+#define IDS_NC_FAILED_TITLE_I 286
+#define IDS_NC_PWD_FAILED_TITLE_I 287
+#define IDS_NC_REN_FAILED_TITLE_I 288
#define IDC_NC_USERNAME 1007
#define IDC_NC_PASSWORD 1008
#define IDC_NC_CREDTEXT_LABEL 1009
diff --git a/src/windows/identity/ui/uiconfig.csv b/src/windows/identity/ui/uiconfig.csv index 5c512bbac..f1bb4b195 100644 --- a/src/windows/identity/ui/uiconfig.csv +++ b/src/windows/identity/ui/uiconfig.csv @@ -35,6 +35,9 @@ CredWindow,KC_SPACE,0,Options for the credentials window _Schema,KC_ENDSPACE,0,
Main,KC_SPACE,0,Main window
Main,KC_ENDSPACE,0,
+ NewCred,KC_SPACE,0,New credentials window
+ ForceToTop,KC_INT32,1,Force new creds window to the top
+ NewCred,KC_ENDSPACE,0,
Windows,KC_ENDSPACE,0,
Views,KC_SPACE,0,Preconfigured views for credentials
Custom_0,KC_SPACE,0,First custom view. Additional views have names of the form Custom_N
|