91 lines
2.3 KiB
C++
91 lines
2.3 KiB
C++
|
/* setlsapwd.cc: Set LSA private data password for current user.
|
||
|
|
||
|
Copyright 2008 Red Hat, Inc.
|
||
|
|
||
|
This file is part of Cygwin.
|
||
|
|
||
|
This software is a copyrighted work licensed under the terms of the
|
||
|
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
|
||
|
details. */
|
||
|
|
||
|
#include "winsup.h"
|
||
|
#include "shared_info.h"
|
||
|
#include "cygerrno.h"
|
||
|
#include "path.h"
|
||
|
#include "fhandler.h"
|
||
|
#include "dtable.h"
|
||
|
#include "cygheap.h"
|
||
|
#include "security.h"
|
||
|
#include "cygserver_setpwd.h"
|
||
|
#include "ntdll.h"
|
||
|
#include <ntsecapi.h>
|
||
|
#include <stdlib.h>
|
||
|
#include <wchar.h>
|
||
|
|
||
|
#ifdef USE_SERVER
|
||
|
/*
|
||
|
* client_request_setpwd Constructor
|
||
|
*/
|
||
|
|
||
|
client_request_setpwd::client_request_setpwd (PUNICODE_STRING passwd)
|
||
|
: client_request (CYGSERVER_REQUEST_SETPWD, &_parameters, sizeof (_parameters))
|
||
|
{
|
||
|
memset (_parameters.in.passwd, 0, sizeof _parameters.in.passwd);
|
||
|
if (passwd->Length > 0 && passwd->Length < 256 * sizeof (WCHAR))
|
||
|
wcpncpy (_parameters.in.passwd, passwd->Buffer, 255);
|
||
|
|
||
|
msglen (sizeof (_parameters.in));
|
||
|
}
|
||
|
|
||
|
#endif /* USE_SERVER */
|
||
|
|
||
|
unsigned long
|
||
|
setlsapwd (const char *passwd)
|
||
|
{
|
||
|
unsigned long ret = (unsigned long) -1;
|
||
|
HANDLE lsa = INVALID_HANDLE_VALUE;
|
||
|
WCHAR sid[128];
|
||
|
WCHAR key_name[128 + wcslen (CYGWIN_LSA_KEY_PREFIX)];
|
||
|
PWCHAR data_buf = NULL;
|
||
|
UNICODE_STRING key;
|
||
|
UNICODE_STRING data;
|
||
|
|
||
|
wcpcpy (wcpcpy (key_name, CYGWIN_LSA_KEY_PREFIX),
|
||
|
cygheap->user.get_windows_id (sid));
|
||
|
RtlInitUnicodeString (&key, key_name);
|
||
|
if (!passwd || ! *passwd
|
||
|
|| sys_mbstowcs_alloc (&data_buf, HEAP_NOTHEAP, passwd))
|
||
|
{
|
||
|
NTSTATUS status = STATUS_ACCESS_DENIED;
|
||
|
|
||
|
memset (&data, 0, sizeof data);
|
||
|
if (data_buf)
|
||
|
RtlInitUnicodeString (&data, data_buf);
|
||
|
/* First try it locally. Works for admin accounts. */
|
||
|
if ((lsa = open_local_policy (POLICY_CREATE_SECRET))
|
||
|
!= INVALID_HANDLE_VALUE)
|
||
|
{
|
||
|
status = LsaStorePrivateData (lsa, &key, data.Length ? &data : NULL);
|
||
|
if (NT_SUCCESS (status))
|
||
|
ret = 0;
|
||
|
LsaClose (lsa);
|
||
|
}
|
||
|
if (ret)
|
||
|
#ifdef USE_SERVER
|
||
|
{
|
||
|
/* If that fails, ask cygserver. */
|
||
|
client_request_setpwd request (&data);
|
||
|
if (request.make_request () == -1 || request.error_code ())
|
||
|
set_errno (request.error_code ());
|
||
|
else
|
||
|
ret = 0;
|
||
|
}
|
||
|
#else
|
||
|
__seterrno_from_nt_status (status);
|
||
|
#endif
|
||
|
if (data_buf)
|
||
|
free (data_buf);
|
||
|
}
|
||
|
return ret;
|
||
|
}
|