$(ECHO) -- Done with $@\r
\r
!ifndef NO_KRB4\r
-finale: krb4plugin\r
+doc: krb4plugin\r
\r
krb4plugin: plugincommon\r
$(ECHO) -- Entering $@\r
$(ECHO) -- Done with $@\r
!endif\r
\r
-finale: krb5plugin\r
+finale: krb5plugin doc\r
$(ECHO) -- Done.\r
\r
pdoc:\r
-# Copyright (c) 2004 Massachusetts Institute of Technology\r
+# Copyright (c) 2004-2006 Massachusetts Institute of Technology\r
+# Copyright (c) 2006 Secure Endpoints Inc.\r
#\r
# Permission is hereby granted, free of charge, to any person\r
# obtaining a copy of this software and associated documentation files\r
+Schema:NetIDMgr\PluginManager\Modules\<module name>\Disabled\r
+Schema:NetIDMgr\PluginManager\Plugins\<plugin name>\Disabled\r
# If non-zero, the corresponding module or plug-in is disabled.\r
+\r
+!kcdb_identity_set_attrib(), kcdb_identity_get_attrib(), kcdb_identity_get_attrib_string()\r
+# Attribute name parameter is now a const pointer to a wchar_t string\r
+\r
+!kcdb_cred_create()\r
+# Name parameter is now a const pointer to a wchar_t string\r
+\r
+!kcdb_cred_set_attrib(), kcdb_cred_get_attrib()\r
+!kcdb_cred_get_attrib_string(), kcdb_creds_comp_attrib()\r
+# Attribute name parameter is now a const pointer to a wchar_t string\r
+\r
+!kcdb_type_get_id()\r
+# Name parameter is now a const pointer to a wchar_t string\r
+\r
+!kcdb_type_register()\r
+# type parameter is now a const pointer\r
+\r
+!kcdb_attrib_get_id()\r
+# Name parameter is now a const pointer\r
+\r
+!kcdb_attrib_register()\r
+# attrib parameter is now a const pointer\r
+\r
+!kcdb_credtype_register()\r
+# type parameter is now a const pointer\r
+\r
+!kcdb_credtype_get_id()\r
+# name parameter is now a const pointer\r
+\r
+!kcdb_buf_get_attrib(), kcdb_buf_get_attrib_string(), kcbd_buf_set_attrib()\r
+# attr_name is now a const pointer\r
+\r
# in the build tree.\r
#\r
# Copyright (c) 2004,2005 Massachusetts Institute of Technology\r
+# Copyright (c) 2006 Secure Endpoints Inc.\r
#\r
# Permission is hereby granted, free of charge, to any person\r
# obtaining a copy of this software and associated documentation files\r
# Version info\r
NETIDMGR_VERSION_MAJOR=1\r
NETIDMGR_VERSION_MINOR=1\r
-NETIDMGR_VERSION_PATCH=0\r
+NETIDMGR_VERSION_PATCH=1\r
NETIDMGR_VERSION_AUX=1\r
NETIDMGR_RELEASEDESC=\r
\r
#\r
# Changes to the API version numbers should be documented in\r
# apiversion.txt at the root of the source tree.\r
-NETIDMGR_VERSION_API=5\r
+NETIDMGR_VERSION_API=6\r
\r
# Minimum backwards compatible version. API versions from\r
# NETIDMGR_VERSION_API_MINCOMPAT through NETIDMGR_VERSION_API\r
# This file will be included by all the makefiles\r
# in the build tree.\r
#\r
-# Copyright (c) 2004,2005 Massachusetts Institute of Technology\r
+# Copyright (c) 2004,2005,2006 Massachusetts Institute of Technology\r
+# Copyright (c) 2006 Secure Endpoints Inc.\r
#\r
# Permission is hereby granted, free of charge, to any person\r
# obtaining a copy of this software and associated documentation files\r
#\r
# Changes to the API version numbers should be documented in\r
# apiversion.txt at the root of the source tree.\r
-NETIDMGR_VERSION_API=5\r
+NETIDMGR_VERSION_API=6\r
\r
# Minimum backwards compatible version. API versions from\r
# NETIDMGR_VERSION_API_MINCOMPAT through NETIDMGR_VERSION_API\r
\r
khcint_free_space(conf_root);\r
\r
+ LeaveCriticalSection(&cs_conf_global);\r
+ DeleteCriticalSection(&cs_conf_global);\r
+\r
EnterCriticalSection(&cs_conf_handle);\r
while(conf_free_handles) {\r
LPOP(&conf_free_handles, &h);\r
}\r
LeaveCriticalSection(&cs_conf_handle);\r
DeleteCriticalSection(&cs_conf_handle);\r
-\r
- LeaveCriticalSection(&cs_conf_global);\r
- DeleteCriticalSection(&cs_conf_global);\r
}\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
kconf_handle * \r
khcint_handle_from_space(kconf_conf_space * s, khm_int32 flags)\r
{\r
return h;\r
}\r
\r
-/* must be called with cs_conf_global held */\r
+/* obtains cs_conf_handle/cs_conf_global */\r
void \r
khcint_handle_free(kconf_handle * h)\r
{\r
\r
if(a == NULL) {\r
DebugBreak();\r
+\r
+ /* hmm. the handle was not in the in-use list */\r
+ LeaveCriticalSection(&cs_conf_handle);\r
+ return;\r
}\r
}\r
#endif\r
h->space = NULL;\r
}\r
lower = h->lower;\r
+ h->magic = 0;\r
LPUSH(&conf_free_handles, h);\r
h = lower;\r
}\r
LeaveCriticalSection(&cs_conf_handle);\r
}\r
\r
+/* obains cs_conf_handle/cs_conf_global */\r
kconf_handle * \r
khcint_handle_dup(kconf_handle * o)\r
{\r
return r;\r
}\r
\r
+/* obtains cs_conf_global */\r
void \r
khcint_space_hold(kconf_conf_space * s) {\r
EnterCriticalSection(&cs_conf_global);\r
LeaveCriticalSection(&cs_conf_global);\r
}\r
\r
+/* obtains cs_conf_global */\r
void \r
khcint_space_release(kconf_conf_space * s) {\r
khm_int32 l;\r
return rv;\r
}\r
\r
-\r
+/* obtains cs_conf_global */\r
HKEY \r
khcint_space_open_key(kconf_conf_space * s, khm_int32 flags) {\r
HKEY hk = NULL;\r
}\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_shadow_space(khm_handle upper, khm_handle lower)\r
{\r
if(!khc_is_config_running())\r
return KHM_ERROR_NOT_READY;\r
\r
- if(!khc_is_handle(upper))\r
+ if(!khc_is_handle(upper)) {\r
+#ifdef DEBUG\r
+ DebugBreak();\r
+#endif\r
return KHM_ERROR_INVALID_PARAM;\r
+ }\r
\r
h = (kconf_handle *) upper;\r
\r
EnterCriticalSection(&cs_conf_handle);\r
if(h->lower) {\r
- LeaveCriticalSection(&cs_conf_handle);\r
EnterCriticalSection(&cs_conf_global);\r
khcint_handle_free(h->lower);\r
LeaveCriticalSection(&cs_conf_global);\r
- EnterCriticalSection(&cs_conf_handle);\r
h->lower = NULL;\r
}\r
\r
kconf_handle * lc;\r
\r
l = (kconf_handle *) lower;\r
- LeaveCriticalSection(&cs_conf_handle);\r
lc = khcint_handle_dup(l);\r
- EnterCriticalSection(&cs_conf_handle);\r
h->lower = lc;\r
}\r
LeaveCriticalSection(&cs_conf_handle);\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* no locks */\r
kconf_conf_space * \r
khcint_create_empty_space(void) {\r
kconf_conf_space * r;\r
return r;\r
}\r
\r
+/* called with cs_conf_global */\r
void \r
khcint_free_space(kconf_conf_space * r) {\r
kconf_conf_space * c;\r
PFREE(r);\r
}\r
\r
+/* obtains cs_conf_global */\r
khm_int32 \r
khcint_open_space(kconf_conf_space * parent, \r
const wchar_t * sname, size_t n_sname, \r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_open_space(khm_handle parent, const wchar_t * cspace, khm_int32 flags, \r
khm_handle * result) {\r
return KHM_ERROR_NOT_READY;\r
}\r
\r
- if(!result || (parent && !khc_is_handle(parent)))\r
+ if(!result || (parent && !khc_is_handle(parent))) {\r
+#ifdef DEBUG\r
+ DebugBreak();\r
+#endif\r
return KHM_ERROR_INVALID_PARAM;\r
+ }\r
\r
if(!parent)\r
p = conf_root;\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_close_space(khm_handle csp) {\r
if(!khc_is_config_running())\r
return KHM_ERROR_NOT_READY;\r
\r
- if(!khc_is_handle(csp))\r
+ if(!khc_is_handle(csp)) {\r
+#ifdef DEBUG\r
+ DebugBreak();\r
+#endif\r
return KHM_ERROR_INVALID_PARAM;\r
+ }\r
\r
khcint_handle_free((kconf_handle *) csp);\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_read_string(khm_handle pconf, \r
const wchar_t * pvalue, \r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_read_int32(khm_handle pconf, const wchar_t * pvalue, khm_int32 * buf) {\r
kconf_conf_space * c;\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_read_int64(khm_handle pconf, const wchar_t * pvalue, khm_int64 * buf) {\r
kconf_conf_space * c;\r
return rv;\r
}\r
\r
+/* obtaincs cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_read_binary(khm_handle pconf, const wchar_t * pvalue, \r
void * buf, khm_size * bufsize) {\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_write_string(khm_handle pconf, \r
const wchar_t * pvalue, \r
return rv;\r
}\r
\r
+/* obtaincs cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_write_int32(khm_handle pconf, \r
const wchar_t * pvalue, \r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_write_int64(khm_handle pconf, const wchar_t * pvalue, khm_int64 buf) {\r
HKEY pk = NULL;\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_write_binary(khm_handle pconf, \r
const wchar_t * pvalue, \r
return rv;\r
}\r
\r
+/* no locks */\r
KHMEXP khm_int32 KHMAPI \r
khc_get_config_space_name(khm_handle conf, \r
wchar_t * buf, khm_size * bufsize) {\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_get_config_space_parent(khm_handle conf, khm_handle * parent) {\r
kconf_conf_space * c;\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* obtains cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_get_type(khm_handle conf, const wchar_t * value) {\r
HKEY hkm = NULL;\r
if(!khc_is_handle(conf))\r
return KC_NONE;\r
\r
- c = (kconf_conf_space *) conf;\r
+ c = khc_space_from_handle(conf);\r
\r
if(!khc_is_machine_handle(conf))\r
hku = khcint_space_open_key(c, KHM_PERM_READ);\r
return rv;\r
}\r
\r
+/* obtains cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_value_exists(khm_handle conf, const wchar_t * value) {\r
HKEY hku = NULL;\r
return rv;\r
}\r
\r
+/* obtains cs_conf_global */\r
KHMEXP khm_int32 KHMAPI\r
khc_remove_value(khm_handle conf, const wchar_t * value, khm_int32 flags) {\r
HKEY hku = NULL;\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* obtains cs_conf_global */\r
KHMEXP khm_int32 KHMAPI\r
khc_remove_space(khm_handle conf) {\r
\r
return rv;\r
}\r
\r
+/* no locks */\r
khm_boolean \r
khcint_is_valid_name(wchar_t * name)\r
{\r
return TRUE;\r
}\r
\r
+/* no locks */\r
khm_int32 \r
khcint_validate_schema(const kconf_schema * schema,\r
int begin,\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global; called with cs_conf_global */\r
khm_int32 \r
khcint_load_schema_i(khm_handle parent, const kconf_schema * schema, \r
int begin, int * end)\r
while(!end_found) {\r
switch(state) {\r
case 0: /* initial. this record should start a config space */\r
+ LeaveCriticalSection(&cs_conf_global);\r
if(KHM_FAILED(khc_open_space(parent, schema[i].name, \r
- KHM_FLAG_CREATE, &h)))\r
+ KHM_FLAG_CREATE, &h))) {\r
+ EnterCriticalSection(&cs_conf_global);\r
return KHM_ERROR_INVALID_PARAM;\r
+ }\r
+ EnterCriticalSection(&cs_conf_global);\r
thisconf = khc_space_from_handle(h);\r
thisconf->schema = schema + (begin + 1);\r
+ thisconf->nSchema = 0;\r
state = 1;\r
break;\r
\r
end_found = 1;\r
if(end)\r
*end = i;\r
+ LeaveCriticalSection(&cs_conf_global);\r
khc_close_space(h);\r
+ EnterCriticalSection(&cs_conf_global);\r
}\r
break;\r
\r
end_found = 1;\r
if(end)\r
*end = i;\r
+ LeaveCriticalSection(&cs_conf_global);\r
khc_close_space(h);\r
+ EnterCriticalSection(&cs_conf_global);\r
} else {\r
return KHM_ERROR_INVALID_PARAM;\r
}\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_load_schema(khm_handle conf, const kconf_schema * schema)\r
{\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global; called with cs_conf_global */\r
khm_int32 \r
khcint_unload_schema_i(khm_handle parent, const kconf_schema * schema, \r
int begin, int * end)\r
while(!end_found) {\r
switch(state) {\r
case 0: /* initial. this record should start a config space */\r
- if(KHM_FAILED(khc_open_space(parent, schema[i].name, 0, &h)))\r
+ LeaveCriticalSection(&cs_conf_global);\r
+ if(KHM_FAILED(khc_open_space(parent, schema[i].name, 0, &h))) {\r
+ EnterCriticalSection(&cs_conf_global);\r
return KHM_ERROR_INVALID_PARAM;\r
+ }\r
+ EnterCriticalSection(&cs_conf_global);\r
thisconf = khc_space_from_handle(h);\r
if(thisconf->schema == (schema + (begin + 1))) {\r
thisconf->schema = NULL;\r
end_found = 1;\r
if(end)\r
*end = i;\r
+ LeaveCriticalSection(&cs_conf_global);\r
khc_close_space(h);\r
+ EnterCriticalSection(&cs_conf_global);\r
}\r
break;\r
\r
end_found = 1;\r
if(end)\r
*end = i;\r
+ LeaveCriticalSection(&cs_conf_global);\r
khc_close_space(h);\r
+ EnterCriticalSection(&cs_conf_global);\r
} else {\r
return KHM_ERROR_INVALID_PARAM;\r
}\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_unload_schema(khm_handle conf, const kconf_schema * schema)\r
{\r
return rv;\r
}\r
\r
+/* obtaincs cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_enum_subspaces(khm_handle conf,\r
khm_handle prev,\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_write_multi_string(khm_handle conf, const wchar_t * value, wchar_t * buf)\r
{\r
return rv;\r
}\r
\r
+/* obtains cs_conf_handle/cs_conf_global */\r
KHMEXP khm_int32 KHMAPI \r
khc_read_multi_string(khm_handle conf, const wchar_t * value, \r
wchar_t * buf, khm_size * bufsize)\r
}\r
\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_attrib_get_id(wchar_t *name, khm_int32 * id)\r
+kcdb_attrib_get_id(const wchar_t *name, khm_int32 * id)\r
{\r
kcdb_attrib_i * ai;\r
\r
}\r
\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_attrib_register(kcdb_attrib * attrib, khm_int32 * new_id)\r
+kcdb_attrib_register(const kcdb_attrib * attrib, khm_int32 * new_id)\r
{\r
kcdb_attrib_i * ai;\r
size_t cb_name;\r
\r
KHMEXP khm_int32 KHMAPI kcdb_buf_get_attrib(\r
khm_handle record,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
khm_int32 * attr_type,\r
void * buffer,\r
khm_size * pcb_buf)\r
\r
KHMEXP khm_int32 KHMAPI kcdb_buf_get_attrib_string(\r
khm_handle record,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
wchar_t * buffer,\r
khm_size * pcbbuf,\r
khm_int32 flags)\r
\r
KHMEXP khm_int32 KHMAPI kcdb_buf_set_attrib(\r
khm_handle record,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
void * buffer,\r
khm_size cbbuf)\r
{\r
places with a read lock on l_creds. New credentials must be creatable while\r
holding either lock. */\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_cred_create(wchar_t * name, \r
+kcdb_cred_create(const wchar_t * name, \r
khm_handle identity,\r
khm_int32 cred_type,\r
khm_handle * result) \r
\r
KHMEXP khm_int32 KHMAPI kcdb_cred_set_attrib(\r
khm_handle cred, \r
- wchar_t * name, \r
+ const wchar_t * name, \r
void * buffer, \r
khm_size cbbuf)\r
{\r
\r
KHMEXP khm_int32 KHMAPI kcdb_cred_get_attrib(\r
khm_handle cred, \r
- wchar_t * name, \r
+ const wchar_t * name, \r
khm_int32 * attr_type,\r
void * buffer, \r
khm_size * cbbuf) \r
\r
KHMEXP khm_int32 KHMAPI kcdb_cred_get_attrib_string(\r
khm_handle cred, \r
- wchar_t * name, \r
+ const wchar_t * name, \r
wchar_t * buffer, \r
khm_size * cbbuf,\r
khm_int32 flags) \r
KHMEXP khm_int32 KHMAPI \r
kcdb_creds_comp_attrib(khm_handle cred1, \r
khm_handle cred2, \r
- wchar_t * name)\r
+ const wchar_t * name)\r
{\r
khm_int32 attr_id;\r
\r
}\r
\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_credtype_register(kcdb_credtype * type, khm_int32 * new_id) \r
+kcdb_credtype_register(const kcdb_credtype * type, khm_int32 * new_id) \r
{\r
khm_int32 id;\r
kcdb_credtype_i * ict;\r
}\r
\r
KHMEXP khm_int32 KHMAPI kcdb_credtype_get_id(\r
- wchar_t * name, \r
+ const wchar_t * name, \r
khm_int32 * id)\r
{\r
int i;\r
\r
LeaveCriticalSection(&cs_ident);\r
\r
- if (invoke_identpro)\r
- kcdbint_ident_post_message(KCDB_OP_NEW_DEFAULT, new_def);\r
+ /* if (invoke_identpro) */\r
+ kcdbint_ident_post_message(KCDB_OP_NEW_DEFAULT, new_def);\r
} else {\r
LeaveCriticalSection(&cs_ident);\r
}\r
\r
KHMEXP khm_int32 KHMAPI \r
kcdb_identity_set_attrib(khm_handle vid,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
void * buffer,\r
khm_size cbbuf)\r
{\r
\r
KHMEXP khm_int32 KHMAPI \r
kcdb_identity_get_attrib(khm_handle vid,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
khm_int32 * attr_type,\r
void * buffer,\r
khm_size * pcbbuf)\r
}\r
\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_identity_get_attrib_string(\r
- khm_handle vid,\r
- wchar_t * attr_name,\r
+kcdb_identity_get_attrib_string(khm_handle vid,\r
+ const wchar_t * attr_name,\r
wchar_t * buffer,\r
khm_size * pcbbuf,\r
khm_int32 flags)\r
to notify the KCDB that the specified identity is the default.\r
This does not result in the invocation of any other semantics to\r
make the identity the default other than releasing the previous\r
- defualt identity and making the specified one the default. As\r
- an additional side effect, the notification <::KMSG_KCDB,\r
- ::KMSG_KCDB_IDENT, ::KCDB_OP_NEW_DEFAULT> will also not be sent.\r
+ defualt identity and making the specified one the default.\r
*/\r
KHMEXP khm_int32 KHMAPI\r
kcdb_identity_set_default_int(khm_handle id);\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_identity_set_attrib(khm_handle identity,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
void * buffer,\r
khm_size cbbuf);\r
\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_identity_get_attrib(khm_handle identity,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
khm_int32 * attr_type,\r
void * buffer,\r
khm_size * pcbbuf);\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_identity_get_attrib_string(khm_handle identity,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
wchar_t * buffer,\r
khm_size * pcbbuf,\r
khm_int32 flags);\r
\see kcdb_cred_release()\r
*/\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_cred_create(wchar_t * name, \r
+kcdb_cred_create(const wchar_t * name, \r
khm_handle identity,\r
khm_int32 cred_type,\r
khm_handle * result);\r
\r
/*! \brief Set an attribute in a credential by name\r
\r
+ \r
+\r
\param[in] cbbuf Number of bytes of data in \a buffer. The\r
individual data type handlers may copy in less than this many\r
- bytes in to the credential.\r
+ bytes in to the credential. For some data types where the\r
+ size of the buffer is fixed or can be determined from its\r
+ contents, you can specify ::KCDB_CBSIZE_AUTO for this\r
+ parameter.\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_cred_set_attrib(khm_handle cred, \r
- wchar_t * name, \r
+ const wchar_t * name, \r
void * buffer, \r
khm_size cbbuf);\r
\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_cred_get_attrib(khm_handle cred, \r
- wchar_t * name, \r
+ const wchar_t * name, \r
khm_int32 * attr_type,\r
void * buffer, \r
khm_size * cbbuf);\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_cred_get_attrib_string(khm_handle cred, \r
- wchar_t * name, \r
+ const wchar_t * name, \r
wchar_t * buffer, \r
khm_size * cbbuf,\r
khm_int32 flags) ;\r
KHMEXP khm_int32 KHMAPI \r
kcdb_creds_comp_attrib(khm_handle cred1, \r
khm_handle cred2, \r
- wchar_t * name);\r
+ const wchar_t * name);\r
\r
/*! \brief Compare an attribute of two credentials by attribute id.\r
\r
/*@}*/\r
\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_type_get_id(wchar_t *name, khm_int32 * id);\r
+kcdb_type_get_id(const wchar_t *name, khm_int32 * id);\r
\r
/*! \brief Return the type descriptor for a given type id\r
\r
\param[out] new_id Receives the identifier for the credential attribute type.\r
*/\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_type_register(kcdb_type * type, \r
+kcdb_type_register(const kcdb_type * type, \r
khm_int32 * new_id);\r
\r
/*! \brief Unregister a credential attribute type\r
*/\r
#define KCDB_TYPE_ALL KCDB_TYPE_INVALID\r
\r
+/*! \brief Void\r
+\r
+ No data. This is not an actual data type.\r
+ */\r
#define KCDB_TYPE_VOID 0\r
+\r
+/*! \brief String\r
+\r
+ NULL terminated Unicode string. The byte count for a string\r
+ attribute always includes the terminating NULL.\r
+ */\r
#define KCDB_TYPE_STRING 1\r
+\r
+/*! \brief Data\r
+\r
+ A date/time represented in FILETIME format.\r
+ */\r
#define KCDB_TYPE_DATE 2\r
+\r
+/*! \brief Interval\r
+\r
+ An interval of time represented as the difference between two\r
+ FILETIME values.\r
+ */\r
#define KCDB_TYPE_INTERVAL 3\r
+\r
+/*! \brief 32-bit integer\r
+\r
+ A 32-bit signed integer.\r
+ */\r
#define KCDB_TYPE_INT32 4\r
+\r
+/*! \brief 64-bit integer\r
+\r
+ A 64-bit integer.\r
+ */\r
#define KCDB_TYPE_INT64 5\r
+\r
+/*! \brief Raw data\r
+\r
+ A raw data buffer.\r
+ */\r
#define KCDB_TYPE_DATA 6\r
\r
#define KCDB_TYPENAME_VOID L"Void"\r
\r
/*! \brief Retrieve the ID of a named attribute */\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_attrib_get_id(wchar_t *name, \r
+kcdb_attrib_get_id(const wchar_t *name, \r
khm_int32 * id);\r
\r
/*! \brief Register an attribute\r
attribute. If the \a id member of the ::kcdb_attrib object is\r
set to KCDB_ATTR_INVALID, then a unique ID is generated. */\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_attrib_register(kcdb_attrib * attrib, \r
+kcdb_attrib_register(const kcdb_attrib * attrib, \r
khm_int32 * new_id);\r
\r
/*! \brief Retrieve the attribute descriptor for an attribute \r
specified is already in use.\r
*/\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_credtype_register(kcdb_credtype * type, \r
+kcdb_credtype_register(const kcdb_credtype * type, \r
khm_int32 * new_id);\r
\r
/*! \brief Return a held reference to a \a kcdb_credtype object describing the credential type.\r
\r
*/\r
KHMEXP khm_int32 KHMAPI \r
-kcdb_credtype_get_id(wchar_t * name, \r
+kcdb_credtype_get_id(const wchar_t * name, \r
khm_int32 * id);\r
\r
/*@}*/\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_buf_get_attrib(khm_handle record,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
khm_int32 * attr_type,\r
void * buffer,\r
khm_size * pcb_buf);\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_buf_get_attrib_string(khm_handle record,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
wchar_t * buffer,\r
khm_size * pcbbuf,\r
khm_int32 flags);\r
*/\r
KHMEXP khm_int32 KHMAPI \r
kcdb_buf_set_attrib(khm_handle record,\r
- wchar_t * attr_name,\r
+ const wchar_t * attr_name,\r
void * buffer,\r
khm_size cbbuf);\r
\r
const void * d,\r
khm_size cbd)\r
{\r
- /* data is always valid, even if d is NULL */\r
- return TRUE;\r
+ /* data is always valid */\r
+ if (cbd != 0 && d == NULL)\r
+ return FALSE;\r
+ else\r
+ return TRUE;\r
}\r
\r
khm_int32 KHMAPI kcdb_type_data_comp(\r
const void * d2,\r
khm_size cbd2)\r
{\r
- /* datas can not be compared */\r
- return 0;\r
+ khm_size pref;\r
+ khm_int32 rv = 0;\r
+\r
+ pref = min(cbd1, cbd2);\r
+\r
+ if (pref == 0)\r
+ return (cbd1 < cbd2)? -1 : ((cbd1 > cbd2)? 1 : 0);\r
+\r
+ rv = memcmp(d1, d2, pref);\r
+\r
+ if (rv == 0) {\r
+ return (cbd1 < cbd2)? -1 : ((cbd1 > cbd2)? 1 : 0);\r
+ } else {\r
+ return rv;\r
+ }\r
}\r
\r
khm_int32 KHMAPI kcdb_type_data_dup(\r
void * d_dst,\r
khm_size * cbd_dst)\r
{\r
- if(!cbd_dst)\r
+ if(!cbd_dst || cbd_src == KCDB_CBSIZE_AUTO)\r
return KHM_ERROR_INVALID_PARAM;\r
\r
- *cbd_dst = cbd_src;\r
-\r
if(!d_dst || *cbd_dst < cbd_src) {\r
+ *cbd_dst = cbd_src;\r
return KHM_ERROR_TOO_LONG;\r
} else {\r
+ *cbd_dst = cbd_src;\r
memcpy(d_dst, d_src, cbd_src);\r
return KHM_ERROR_SUCCESS;\r
}\r
LeaveCriticalSection(&cs_type);\r
}\r
\r
-KHMEXP khm_int32 KHMAPI kcdb_type_get_id(wchar_t *name, khm_int32 * id)\r
+KHMEXP khm_int32 KHMAPI kcdb_type_get_id(const wchar_t *name, khm_int32 * id)\r
{\r
kcdb_type_i * t;\r
size_t cbsize;\r
return KHM_ERROR_SUCCESS;\r
}\r
\r
-KHMEXP khm_int32 KHMAPI kcdb_type_register(kcdb_type * type, khm_int32 * new_id)\r
+KHMEXP khm_int32 KHMAPI kcdb_type_register(const kcdb_type * type, khm_int32 * new_id)\r
{\r
kcdb_type_i *t;\r
size_t cbsize;\r
khc_close_space(csp_ident);\r
\r
if (csp_idk4)\r
- khc_close_space(csp_ident);\r
+ khc_close_space(csp_idk4);\r
\r
khui_cfg_set_flags_inst(d,\r
((applied)? KHUI_CNFLAG_APPLIED: 0),\r
\r
#include<windows.h>\r
\r
-#define KHERR_FACILITY L"Kerberos4"\r
+#define KHERR_FACILITY L"Krb4Cred"\r
#define KHERR_FACILITY_ID 65\r
#define KHERR_HMODULE hResModule\r
\r
*suggestion = 0;\r
*suggest_code = KHERR_SUGGEST_NONE;\r
\r
+ if (WSABASEERR <= code && code < (WSABASEERR + 1064)) {\r
+ /* winsock error */\r
+ table_num = WSABASEERR;\r
+ offset = code - WSABASEERR;\r
+ }\r
+\r
switch(table_num)\r
{\r
case krb_err_base:\r
case kadm_err_base:\r
+ case WSABASEERR:\r
break;\r
default:\r
+\r
if (code == KRB5KRB_AP_ERR_BAD_INTEGRITY) {\r
*suggestion = MSG_ERR_S_INTEGRITY;\r
}\r
return;\r
}\r
\r
- if (table_num == krb_err_base)\r
- switch(offset)\r
- {\r
+ if (table_num == krb_err_base) {\r
+ switch(offset) {\r
case KDC_NAME_EXP: /* 001 Principal expired */\r
case KDC_SERVICE_EXP: /* 002 Service expired */\r
case KDC_AUTH_EXP: /* 003 Auth expired */\r
/* no extra error msg */\r
break;\r
}\r
- else\r
- switch(code)\r
- {\r
+ } else if (table_num == kadm_err_base) {\r
+ switch(code) {\r
case KADM_INSECURE_PW:\r
/* if( kadm_info != NULL ){\r
* wsprintf(buf, "%s\n%s", com_err_msg, kadm_info);\r
/* no extra error msg */\r
break;\r
}\r
+ } else if (table_num == WSABASEERR) {\r
+ switch(code) {\r
+ case WSAENETDOWN:\r
+ msg_id = MSG_ERR_NETDOWN;\r
+ sugg_id = MSG_ERR_S_NETRETRY;\r
+ sugg_code = KHERR_SUGGEST_RETRY;\r
+ break;\r
+\r
+ case WSATRY_AGAIN:\r
+ msg_id = MSG_ERR_TEMPDOWN;\r
+ sugg_id = MSG_ERR_S_TEMPDOWN;\r
+ sugg_code = KHERR_SUGGEST_RETRY;\r
+ break;\r
+\r
+ case WSAENETUNREACH:\r
+ case WSAENETRESET:\r
+ case WSAECONNABORTED:\r
+ case WSAECONNRESET:\r
+ case WSAETIMEDOUT:\r
+ case WSAECONNREFUSED:\r
+ case WSAEHOSTDOWN:\r
+ case WSAEHOSTUNREACH:\r
+ msg_id = MSG_ERR_NOHOST;\r
+ sugg_id = MSG_ERR_S_NOHOST;\r
+ sugg_code = KHERR_SUGGEST_RETRY;\r
+ break;\r
+ }\r
+ }\r
\r
if (msg_id != 0) {\r
FormatMessage(FORMAT_MESSAGE_FROM_HMODULE |\r
char** error_str)\r
{\r
krb5_error_code rc = 0;\r
- int result_code;\r
+ int result_code = 0;\r
krb5_data result_code_string, result_string;\r
krb5_context context = 0;\r
krb5_principal princ = 0;\r
HWND hw_realm;\r
} k5_new_cred_data;\r
\r
+static\r
+void\r
+trim_str(wchar_t * s, khm_size cch) {\r
+ wchar_t * c, * last_ws;\r
+\r
+ for (c = s; *c && iswspace(*c) && ((khm_size)(c - s)) < cch; c++);\r
+\r
+ if (((khm_size)(c - s)) >= cch)\r
+ return;\r
+\r
+ if (c != s && ((khm_size)(c - s)) < cch) {\r
+#if _MSC_VER >= 1400\r
+ wmemmove_s(s, cch, c, cch - ((khm_size)(c - s)));\r
+#else\r
+ memmove(s, c, (cch - ((khm_size)(c - s))) * sizeof(wchar_t));\r
+#endif\r
+ }\r
+\r
+ last_ws = NULL;\r
+ for (c = s; *c && ((khm_size)(c - s)) < cch; c++) {\r
+ if (!iswspace(*c))\r
+ last_ws = NULL;\r
+ else if (last_ws == NULL)\r
+ last_ws = c;\r
+ }\r
+\r
+ if (last_ws)\r
+ *last_ws = L'\0';\r
+}\r
+\r
/* Runs in the UI thread */\r
int \r
k5_get_realm_from_nc(khui_new_creds * nc, \r
wchar_t * buf, \r
khm_size cch_buf) {\r
k5_new_cred_data * d;\r
+ khm_size s;\r
\r
d = (k5_new_cred_data *) nc->ident_aux;\r
- return GetWindowText(d->hw_realm, buf, (int) cch_buf);\r
+ buf[0] = L'\0';\r
+ GetWindowText(d->hw_realm, buf, (int) cch_buf);\r
+ trim_str(buf, cch_buf);\r
+\r
+ StringCchLength(buf, cch_buf, &s);\r
+\r
+ return (int) s;\r
}\r
\r
/* set the primary identity of a new credentials dialog depending on\r
assert(cch < KCDB_IDENT_MAXCCH_NAME - 1);\r
\r
GetWindowText(d->hw_username, un, ARRAYLENGTH(un));\r
+ trim_str(un, ARRAYLENGTH(un));\r
\r
realm = khm_get_realm_from_princ(un);\r
if (realm) /* realm was specified */\r
}\r
\r
GetWindowText(d->hw_realm, realm, (int) cch_left);\r
+ trim_str(realm, cch_left);\r
\r
_set_ident:\r
if (KHM_FAILED(rv = kcdb_identity_create(un,\r
GetWindowText(d->hw_username,\r
un,\r
ARRAYLENGTH(un));\r
+ trim_str(un, ARRAYLENGTH(un));\r
\r
un_realm = khm_get_realm_from_princ(un);\r
\r
\r
GetWindowText(d->hw_realm, realm,\r
ARRAYLENGTH(realm));\r
+ trim_str(realm, ARRAYLENGTH(realm));\r
\r
idx = (int)SendMessage(d->hw_realm,\r
CB_FINDSTRINGEXACT,\r
kmm_module h_khModule; /* KMM's handle to this module */\r
HINSTANCE hInstance;\r
HMODULE hResModule; /* HMODULE to the resource library */\r
-const wchar_t * k5_facility = L"Krb5";\r
+const wchar_t * k5_facility = L"Krb5Cred";\r
\r
khm_int32 type_id_enctype = -1;\r
khm_int32 type_id_addr_list = -1;\r
\r
wchar_t * cred_message; /* overrides the credential text, if\r
non-NULL */\r
+ BOOL pwd_change; /* force a password change */\r
} k5_dlg_data;\r
\r
\r
}\r
break;\r
\r
+ case WMNC_CREDTEXT_LINK:\r
+ {\r
+ k5_dlg_data * d;\r
+ khui_htwnd_link * l;\r
+ khui_new_creds * nc;\r
+ wchar_t linktext[128];\r
+\r
+ d = (k5_dlg_data *)(LONG_PTR)\r
+ GetWindowLongPtr(hwnd, DWLP_USER);\r
+ nc = d->nc;\r
+ l = (khui_htwnd_link *) lParam;\r
+\r
+ if (!l)\r
+ break;\r
+\r
+ StringCchCopyN(linktext, ARRAYLENGTH(linktext),\r
+ l->id, l->id_len);\r
+\r
+ if (!wcscmp(linktext, L"Krb5Cred:!Passwd")) {\r
+ /* we are turning this dialog into a change password dialog... */\r
+ wchar_t wbuf[KHUI_MAXCCH_BANNER];\r
+\r
+ khui_cw_clear_prompts(nc);\r
+\r
+ LoadString(hResModule, IDS_NC_PWD_BANNER,\r
+ wbuf, ARRAYLENGTH(wbuf));\r
+ khui_cw_begin_custom_prompts(nc, 3, NULL, wbuf);\r
+\r
+ LoadString(hResModule, IDS_NC_PWD_PWD,\r
+ wbuf, ARRAYLENGTH(wbuf));\r
+ khui_cw_add_prompt(nc, KHUI_NCPROMPT_TYPE_PASSWORD,\r
+ wbuf, NULL, KHUI_NCPROMPT_FLAG_HIDDEN);\r
+\r
+ LoadString(hResModule, IDS_NC_PWD_NPWD,\r
+ wbuf, ARRAYLENGTH(wbuf));\r
+ khui_cw_add_prompt(nc, KHUI_NCPROMPT_TYPE_NEW_PASSWORD,\r
+ wbuf, NULL, KHUI_NCPROMPT_FLAG_HIDDEN);\r
+\r
+ LoadString(hResModule, IDS_NC_PWD_NPWD_AGAIN,\r
+ wbuf, ARRAYLENGTH(wbuf));\r
+ khui_cw_add_prompt(nc, KHUI_NCPROMPT_TYPE_NEW_PASSWORD_AGAIN,\r
+ wbuf, NULL, KHUI_NCPROMPT_FLAG_HIDDEN);\r
+\r
+ d->pwd_change = TRUE;\r
+\r
+ return TRUE;\r
+ }\r
+ }\r
+ break;\r
+\r
case WMNC_UPDATE_CREDTEXT:\r
{\r
k5_dlg_data * d;\r
KHM_SUCCEEDED(kcdb_identity_get_flags(nc->identities[0], \r
&flags)) &&\r
(flags & KCDB_IDENT_FLAG_VALID) &&\r
- nc->subtype == KMSG_CRED_NEW_CREDS) {\r
+ nc->subtype == KMSG_CRED_NEW_CREDS &&\r
+ !d->pwd_change) {\r
\r
if (is_k5_identpro)\r
k5_get_realm_from_nc(nc, tbuf, ARRAYLENGTH(tbuf));\r
\r
StringCbCopy(nct->credtext, cbsize, sbuf);\r
} else if (nc->n_identities > 0 &&\r
- nc->subtype == KMSG_CRED_PASSWORD) {\r
+ (nc->subtype == KMSG_CRED_PASSWORD ||\r
+ (nc->subtype == KMSG_CRED_NEW_CREDS && d->pwd_change))) {\r
cbsize = sizeof(tbuf);\r
kcdb_identity_get_name(nc->identities[0], tbuf, &cbsize);\r
\r
khm_size n_cur_prompts;\r
khm_int32 n_prompts;\r
khm_int32 i;\r
+ khm_int64 iexpiry;\r
+ FILETIME expiry;\r
+ FILETIME current;\r
\r
#ifdef DEBUG\r
assert(g_fjob.nc);\r
\r
goto _cleanup;\r
\r
+ if (KHM_SUCCEEDED(khc_read_int64(csp_prcache, L"ExpiresOn", &iexpiry))) {\r
+ /* has the cache expired? */\r
+ expiry = IntToFt(iexpiry);\r
+ GetSystemTimeAsFileTime(¤t);\r
+\r
+ if (CompareFileTime(&expiry, ¤t) < 0)\r
+ /* already expired */\r
+ goto _cleanup;\r
+ } else {\r
+ FILETIME lifetime;\r
+ khm_int32 t;\r
+\r
+ /* make the cache expire at some point */\r
+ GetSystemTimeAsFileTime(¤t);\r
+ khc_read_int32(csp_params, L"PromptCacheLifetime", &t);\r
+ if (t == 0)\r
+ t = 172800; /* 48 hours */\r
+ TimetToFileTimeInterval(t, &lifetime);\r
+ expiry = FtAdd(¤t, &lifetime);\r
+ iexpiry = FtToInt(&expiry);\r
+\r
+ khc_write_int64(csp_prcache, L"ExpiresOn", iexpiry);\r
+ }\r
+\r
/* we found a prompt cache. We take this to imply that the\r
principal is valid. */\r
g_fjob.valid_principal = TRUE;\r
{\r
wchar_t wbanner[KHUI_MAXCCH_BANNER];\r
wchar_t wname[KHUI_MAXCCH_PNAME];\r
+ FILETIME current;\r
+ FILETIME lifetime;\r
+ FILETIME expiry;\r
+ khm_int64 iexpiry;\r
+ khm_int32 t = 0;\r
\r
if(banner)\r
AnsiStrToUnicode(wbanner, sizeof(wbanner), banner);\r
(banner)?wbanner:NULL,\r
(name)?wname:NULL);\r
\r
- if (banner && csp_prcache)\r
- khc_write_string(csp_prcache,\r
- L"Banner",\r
- wbanner);\r
- else if (csp_prcache)\r
- khc_write_string(csp_prcache,\r
- L"Banner",\r
- L"");\r
+ if (csp_prcache) {\r
\r
- if (name && csp_prcache)\r
- khc_write_string(csp_prcache,\r
- L"Name",\r
- wname);\r
- else if (csp_prcache)\r
- khc_write_string(csp_prcache,\r
- L"Name",\r
- L"");\r
+ if (banner)\r
+ khc_write_string(csp_prcache,\r
+ L"Banner",\r
+ wbanner);\r
+ else\r
+ khc_write_string(csp_prcache,\r
+ L"Banner",\r
+ L"");\r
+\r
+ if (name)\r
+ khc_write_string(csp_prcache,\r
+ L"Name",\r
+ wname);\r
+ else if (csp_prcache)\r
+ khc_write_string(csp_prcache,\r
+ L"Name",\r
+ L"");\r
\r
- if (csp_prcache)\r
khc_write_int32(csp_prcache,\r
L"PromptCount",\r
(khm_int32) num_prompts);\r
+\r
+ GetSystemTimeAsFileTime(¤t);\r
+ khc_read_int32(csp_params, L"PromptCacheLifetime", &t);\r
+ if (t == 0)\r
+ t = 172800; /* 48 hours */\r
+ TimetToFileTimeInterval(t, &lifetime);\r
+ expiry = FtAdd(¤t, &lifetime);\r
+ iexpiry = FtToInt(&expiry);\r
+\r
+ khc_write_int64(csp_prcache, L"ExpiresOn", iexpiry);\r
+ }\r
}\r
\r
for(i=0; i < num_prompts; i++) {\r
}\r
\r
khui_cw_unlock_nc(nc);\r
+\r
+ /* reset the force-password-change flag if this is a new\r
+ identity. */\r
+ d->pwd_change = FALSE;\r
}\r
\r
/* fallthrough */\r
if (nc->subtype == KMSG_CRED_NEW_CREDS) {\r
d = (k5_dlg_data *) nct->aux;\r
\r
+ if (d->pwd_change) {\r
+ /* we are forcing a password change */\r
+ goto change_password;\r
+ }\r
+\r
_begin_task(0);\r
_report_mr0(KHERR_NONE, MSG_CTX_INITAL_CREDS);\r
_describe();\r
} else if (nc->subtype == KMSG_CRED_PASSWORD &&\r
nc->result == KHUI_NC_RESULT_PROCESS) {\r
\r
+ change_password:\r
+ /* we jump here if there was a password change forced */\r
+\r
_begin_task(0);\r
_report_mr0(KHERR_NONE, MSG_CTX_PASSWD);\r
_describe();\r
\r
if (code)\r
rv = KHM_ERROR_UNKNOWN;\r
+ else if (nc->subtype == KMSG_CRED_NEW_CREDS) {\r
+ khm_handle csp_idcfg = NULL;\r
+ krb5_context ctx = NULL;\r
+\r
+ /* we forced a password change. now we need\r
+ to get the initial credentials. */\r
+\r
+ d = (k5_dlg_data *) nct->aux;\r
+\r
+ if (d == NULL) {\r
+ rv = KHM_ERROR_UNKNOWN;\r
+ goto _pwd_exit;\r
+ }\r
+\r
+ code = khm_krb5_kinit(NULL, /* context (create one) */\r
+ idname, /* principal_name */\r
+ npwd, /* password */\r
+ NULL, /* ccache name (figure out the identity cc)*/\r
+ (krb5_deltat) d->tc_lifetime.current,\r
+ d->forwardable,\r
+ d->proxiable,\r
+ (krb5_deltat)((d->renewable)?d->tc_renew.current:0),\r
+ d->addressless, /* addressless */\r
+ d->publicIP, /* public IP */\r
+ NULL, /* prompter */\r
+ NULL /* prompter data */);\r
+\r
+ if (code) {\r
+ rv = KHM_ERROR_UNKNOWN;\r
+ goto _pwd_exit;\r
+ }\r
+\r
+ /* save the settings that we used for\r
+ obtaining the ticket. */\r
+ if (KHM_SUCCEEDED\r
+ (k5_open_config_handle(nc->identities[0],\r
+ KHM_FLAG_CREATE |\r
+ KCONF_FLAG_WRITEIFMOD,\r
+ &csp_idcfg))) {\r
+ k5_write_dlg_params(csp_idcfg, d);\r
+ khc_close_space(csp_idcfg);\r
+ }\r
+\r
+ /* and do a quick refresh of the krb5 tickets\r
+ so that other plug-ins that depend on krb5\r
+ can look up tickets inside NetIDMgr */\r
+ khm_krb5_list_tickets(&ctx);\r
+\r
+ /* if there was no default identity, we make\r
+ this one the default. */\r
+ kcdb_identity_refresh(nc->identities[0]);\r
+ {\r
+ khm_handle tdefault = NULL;\r
+\r
+ if (KHM_SUCCEEDED(kcdb_identity_get_default(&tdefault))) {\r
+ kcdb_identity_release(tdefault);\r
+ } else {\r
+ _reportf(L"There was no default identity. Setting defualt");\r
+ kcdb_identity_set_default(nc->identities[0]);\r
+ }\r
+ }\r
+\r
+ /* and then update the LRU too */\r
+ k5_update_LRU(nc->identities[0]);\r
+\r
+ if (ctx != NULL)\r
+ pkrb5_free_context(ctx);\r
+ }\r
\r
/* result is only set when code != 0 */\r
if (code && result) {\r
LRURealms,KC_STRING,,\r
LRUPrincipals,KC_STRING,,\r
LastDefaultIdent,KC_STRING,,Last known default identity\r
+ PromptCacheLifetime,KC_INT32,172800,Lifetime of the prompt cache in seconds\r
DefaultCCName,KC_STRING,,Default CC name (only per identity)\r
PromptCache,KC_SPACE,0,Cache of prompts (only per identity)\r
Name,KC_STRING,,\r
Banner,KC_STRING,,\r
PromptCount,KC_INT32,0,\r
+ ExpiresOn,KC_INT64,0,FILETIME of when the prompt cache is set to expire\r
(n),KC_SPACE,0,Parameters for each prompt\r
Prompt,KC_STRING,,\r
Type,KC_INT32,0,\r
IDS_NC_REALM "Realm"\r
IDS_KRB5_WARNING "Kerberos 5 Warning"\r
IDS_K5ERR_NAME_EXPIRED "<p><a id=""SwitchPanel"" param=""Krb5Cred""><b>Krb5</b></a><tab>: The selected principal name has expired.</p><p><tab> Please contact your system administrator.</p>"\r
- IDS_K5ERR_KEY_EXPIRED "<p><a id=""SwitchPanel"" param=""Krb5Cred""><b>Krb5</b></a><tab>: The password for the selected identity has expired.</p><p><tab> Click <a id=""Krb5Cred:Passwd"">here</a> to change the password</p>"\r
+ IDS_K5ERR_KEY_EXPIRED "<p><a id=""SwitchPanel"" param=""Krb5Cred""><b>Krb5</b></a><tab>: The password for the selected identity has expired.</p><p><tab> Click <a id=""Krb5Cred:!Passwd"">here</a> to change the password</p>"\r
IDS_KRB5_WARN_FMT "Kerberos 5: %s\n\n%s"\r
IDS_K5ERR_FMT "<p><a id=""SwitchPanel"" param=""Krb5Cred""><b>Krb5</b></a><tag>: %s</p>"\r
IDS_K5CFG_SHORT_DESC "Kerberos 5"\r
Destroying Krb5 tickets\r
.\r
\r
+MessageId=\r
+SymbolicName=MSG_ERR_NETDOWN\r
+Language=English\r
+A network connection is unavailable\r
+.\r
+\r
+MessageId=\r
+SymbolicName=MSG_ERR_S_NETRETRY\r
+Language=English\r
+Please check your network connection or contact your network administrator for assistance.\r
+.\r
+\r
+MessageId=\r
+SymbolicName=MSG_ERR_TEMPDOWN\r
+Language=English\r
+A temporary network error caused the operation to fail\r
+.\r
+\r
+MessageId=\r
+SymbolicName=MSG_ERR_S_TEMPDOWN\r
+Language=English\r
+Please try again in a few minutes\r
+.\r
+\r
+MessageId=\r
+SymbolicName=MSG_ERR_NOHOST\r
+Language=English\r
+A server could not be reached\r
+.\r
+\r
+MessageId=\r
+SymbolicName=MSG_ERR_S_NOHOST\r
+Language=English\r
+This can be caused by the server being unavailable, network errors, or improper configuration. Please try again or contact your administrator for assistance.\r
+.\r
+\r
MessageId=\r
SymbolicName=MSG_\r
Language=English\r
\r
# Lots more macros\r
\r
-incflags = -I$(NIDMINCDIR) -I$(OBJ) -I.\r
-rincflags = /i $(NIDMINCDIR) /i $(OBJ) /i .\r
+incflags = -I"$(NIDMINCDIR)" -I"$(OBJ)" -I.\r
+rincflags = /i "$(NIDMINCDIR)" /i "$(OBJ)" /i .\r
\r
ldebug = $(ldebug) /DEBUG\r
cdebug = $(cdebug) -Os -Zi\r
\r
C2OBJ=$(CC) $(cdebug) $(cflags) $(incflags) $(cdefines) /Fo"$@" /c $**\r
\r
-DLLGUILINK=$(LINK) /NOLOGO $(ldebug) $(dlllflags) $(guilibsmt) /OUT:$@ /IMPLIB:$(DEST)\$(@B).lib $**\r
+DLLGUILINK=$(LINK) /NOLOGO $(ldebug) $(dlllflags) $(guilibsmt) /OUT:"$@" /IMPLIB:$(DEST)\$(@B).lib $**\r
\r
-DLLRESLINK=$(LINK) /NOLOGO /DLL /NOENTRY /MACHINE:$(PROCESSOR_ARCHITECTURE) /OUT:$@ $**\r
+DLLRESLINK=$(LINK) /NOLOGO /DLL /NOENTRY /MACHINE:$(PROCESSOR_ARCHITECTURE) /OUT:"$@" $**\r
\r
-RC2RES=$(RC) $(RFLAGS) $(rincflags) /fo $@ $**\r
+RC2RES=$(RC) $(RFLAGS) $(rincflags) /fo "$@" $**\r
\r
-MC2RC=$(MC) $(MCFLAGS) -h $(OBJ)\ -m 1024 -r $(OBJ)\ -x $(OBJ)\ $**\r
+MC2RC=$(MC) $(MCFLAGS) -h "$(OBJ)\" -m 1024 -r "$(OBJ)\" -x "$(OBJ)\" $**\r
\r
{}.c{$(OBJ)}.obj:\r
$(C2OBJ)\r
\r
mkdirs::\r
!if !exist($(DEST))\r
- $(MKDIR) $(DEST)\r
+ $(MKDIR) "$(DEST)"\r
!endif\r
!if !exist($(OBJ))\r
- $(MKDIR) $(OBJ)\r
+ $(MKDIR) "$(OBJ)"\r
!endif\r
\r
clean::\r
- $(RM) $(OBJ)\*.*\r
- $(RM) $(DEST)\*.*\r
+ $(RM) "$(OBJ)\*.*"\r
+ $(RM) "$(DEST)\*.*"\r
\r
.SUFFIXES: .h\r
\r
!endif\r
\r
_VC_MANIFEST_EMBED_EXE= \\r
-if exist $@.manifest $(MT) -outputresource:$@;1 -manifest $@.manifest\r
+if exist "$@.manifest" $(MT) -outputresource:"$@";1 -manifest "$@.manifest"\r
\r
_VC_MANIFEST_EMBED_DLL=$(_VC_MANIFEST_EMBED_EXE)\r
\r
# embedded manifest will be used. Otherwise the $@.manifest file will\r
# be used.\r
_VC_MANIFEST_CLEAN= \\r
-if exist $@.manifest $(RM) $@.manifest\r
+if exist "$@.manifest" $(RM) "$@.manifest"\r
\r
# End of manifest handling\r
\r
DLL=$(DEST)\$(DLLBASENAME).dll\r
\r
LIBFILES= \\r
- $(NIDMLIBDIR)\nidmgr32.lib\r
+ "$(NIDMLIBDIR)\nidmgr32.lib"\r
\r
OBJFILES= \\r
$(OBJ)\credacq.obj \\r
all: mkdirs $(CONFIGHEADER) $(DLL) lang\r
\r
$(CONFIGHEADER): Makefile\r
- $(CP) << $@\r
+ $(CP) << "$@"\r
/* This is a generated file. Do not modify directly. */\r
\r
#pragma once\r
\r
SetDlgItemText(hwnd, IDC_PRODUCT,\r
TEXT(KH_VERSTR_PRODUCT_1033));\r
+ /* retain the original copyright strings */\r
+#ifdef OVERRIDE_COPYRIGHT\r
SetDlgItemText(hwnd, IDC_COPYRIGHT,\r
TEXT(KH_VERSTR_COPYRIGHT_1033));\r
+#endif\r
SetDlgItemText(hwnd, IDC_BUILDINFO,\r
TEXT(KH_VERSTR_BUILDINFO_1033));\r
\r
if there's more */\r
nc = (khui_new_creds *) m->vparam;\r
\r
+ /* if we are done processing all the plug-ins, then check if\r
+ there were any errors reported. Otherwise we dispatch\r
+ another set of messages. */\r
if(!khm_cred_dispatch_process_level(nc)) {\r
\r
if(kherr_is_error()) {\r
wchar_t ws_title[ARRAYLENGTH(ws_tfmt) + KCDB_IDENT_MAXCCH_NAME];\r
khm_size cb;\r
\r
+ /* For renewals, we suppress the error message for the\r
+ following case:\r
+\r
+ - The renewal was for an identity\r
+\r
+ - There are no identity credentials for the\r
+ identity (no credentials that have the same type\r
+ as the identity provider). */\r
+\r
+ if (nc->subtype == KMSG_CRED_RENEW_CREDS &&\r
+ nc->ctx.scope == KHUI_SCOPE_IDENT &&\r
+ nc->ctx.identity != NULL) {\r
+ khm_handle tcs = NULL; /* credential set */\r
+ khm_size count = 0;\r
+ khm_int32 id_ctype = KCDB_CREDTYPE_INVALID;\r
+ khm_int32 delta = 0;\r
+\r
+ kcdb_identity_get_type(&id_ctype);\r
+ kcdb_credset_create(&tcs);\r
+ kcdb_credset_collect(tcs, NULL,\r
+ nc->ctx.identity,\r
+ id_ctype,\r
+ &delta);\r
+ kcdb_credset_get_size(tcs, &count);\r
+ kcdb_credset_delete(tcs);\r
+\r
+ if (count == 0)\r
+ break;\r
+ }\r
+\r
ctx = kherr_peek_context();\r
evt = kherr_get_err_event(ctx);\r
kherr_evaluate_event(evt);\r
\r
khui_alert_create_empty(&alert);\r
\r
- if (nc->subtype == KMSG_CRED_PASSWORD)\r
- LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE,\r
- ws_tfmt, ARRAYLENGTH(ws_tfmt));\r
- else if (nc->subtype == KMSG_CRED_RENEW_CREDS)\r
- LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE,\r
- ws_tfmt, ARRAYLENGTH(ws_tfmt));\r
- else\r
- LoadString(khm_hInstance, IDS_NC_FAILED_TITLE,\r
- ws_tfmt, ARRAYLENGTH(ws_tfmt));\r
+ if (nc->subtype == KMSG_CRED_NEW_CREDS) {\r
+\r
+ cb = sizeof(w_idname);\r
+ if (nc->n_identities == 0 ||\r
+ KHM_FAILED(kcdb_identity_get_name(nc->identities[0],\r
+ w_idname, &cb))) {\r
+ /* an identity could not be determined */\r
+ LoadString(khm_hInstance, IDS_NC_FAILED_TITLE,\r
+ ws_title, ARRAYLENGTH(ws_title));\r
+ } else {\r
+ LoadString(khm_hInstance, IDS_NC_FAILED_TITLE_I,\r
+ ws_tfmt, ARRAYLENGTH(ws_tfmt));\r
+ StringCbPrintf(ws_title, sizeof(ws_title),\r
+ ws_tfmt, w_idname);\r
+ }\r
+\r
+ } else if (nc->subtype == KMSG_CRED_PASSWORD) {\r
\r
- if (nc->n_identities > 0) {\r
cb = sizeof(w_idname);\r
- if (KHM_FAILED(kcdb_identity_get_name(nc->identities[0], \r
- w_idname, &cb)))\r
- StringCbCopy(w_idname, sizeof(w_idname), L"(?)");\r
+ if (nc->n_identities == 0 ||\r
+ KHM_FAILED(kcdb_identity_get_name(nc->identities[0],\r
+ w_idname, &cb))) {\r
+ LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE,\r
+ ws_title, ARRAYLENGTH(ws_title));\r
+ } else {\r
+ LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE_I,\r
+ ws_tfmt, ARRAYLENGTH(ws_tfmt));\r
+ StringCbPrintf(ws_title, sizeof(ws_title),\r
+ ws_tfmt, w_idname);\r
+ }\r
+\r
+ } else if (nc->subtype == KMSG_CRED_RENEW_CREDS) {\r
+\r
+ cb = sizeof(w_idname);\r
+ if (nc->ctx.identity == NULL ||\r
+ KHM_FAILED(kcdb_identity_get_name(nc->ctx.identity,\r
+ w_idname, &cb))) {\r
+ LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE,\r
+ ws_title, ARRAYLENGTH(ws_title));\r
+ } else {\r
+ LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE_I,\r
+ ws_tfmt, ARRAYLENGTH(ws_tfmt));\r
+ StringCbPrintf(ws_title, sizeof(ws_title),\r
+ ws_tfmt, w_idname);\r
+ }\r
+\r
} else {\r
- StringCbCopy(w_idname, sizeof(w_idname), L"(?)");\r
+#ifdef DEBUG\r
+ assert(FALSE);\r
+#endif\r
}\r
\r
- StringCbPrintf(ws_title, sizeof(ws_title), ws_tfmt, w_idname);\r
-\r
khui_alert_set_title(alert, ws_title);\r
khui_alert_set_severity(alert, evt->severity);\r
+\r
if(!evt->long_desc)\r
khui_alert_set_message(alert, evt->short_desc);\r
else\r
khui_alert_set_message(alert, evt->long_desc);\r
+\r
if(evt->suggestion)\r
khui_alert_set_suggestion(alert, evt->suggestion);\r
\r
\r
if (khm_startup.renew) {\r
khm_size count;\r
+ wchar_t * ident_names = NULL;\r
+ wchar_t * this_ident;\r
\r
kcdb_credset_get_size(NULL, &count);\r
\r
khm_startup.renew = FALSE;\r
\r
if (count != 0) {\r
- if (defident)\r
- khui_context_set(KHUI_SCOPE_IDENT,\r
- defident,\r
- KCDB_CREDTYPE_INVALID,\r
- NULL, NULL, 0,\r
- NULL);\r
- else\r
- khui_context_reset();\r
+ khm_size cb = 0;\r
+ khm_size n_idents = 0;\r
+ khm_int32 rv;\r
+\r
+ ident_names = NULL;\r
+\r
+ while (TRUE) {\r
+ if (ident_names) {\r
+ PFREE(ident_names);\r
+ ident_names = NULL;\r
+ }\r
+\r
+ cb = 0;\r
+ rv = kcdb_identity_enum(KCDB_IDENT_FLAG_EMPTY, 0,\r
+ NULL,\r
+ &cb, &n_idents);\r
+\r
+ if (n_idents == 0 || rv != KHM_ERROR_TOO_LONG ||\r
+ cb == 0)\r
+ break;\r
+\r
+ ident_names = PMALLOC(cb);\r
\r
- khm_cred_renew_creds();\r
+ rv = kcdb_identity_enum(KCDB_IDENT_FLAG_EMPTY, 0,\r
+ ident_names,\r
+ &cb, &n_idents);\r
+\r
+ if (KHM_SUCCEEDED(rv))\r
+ break;\r
+ }\r
+\r
+ if (ident_names) {\r
+ for (this_ident = ident_names;\r
+ this_ident && *this_ident;\r
+ this_ident = multi_string_next(this_ident)) {\r
+ khm_handle ident;\r
+\r
+ if (KHM_FAILED(kcdb_identity_create(this_ident, 0,\r
+ &ident)))\r
+ continue;\r
+\r
+ khm_cred_renew_identity(ident);\r
+\r
+ kcdb_identity_release(ident);\r
+ }\r
+\r
+ PFREE(ident_names);\r
+ ident_names = NULL;\r
+ }\r
break;\r
}\r
}\r
cw_update_outline(tbl);\r
cw_update_extents(tbl, TRUE);\r
InvalidateRect(hwnd, NULL, FALSE);\r
+\r
}\r
else if (m->subtype == KMSG_KCDB_IDENT && \r
m->uparam == KCDB_OP_NEW_DEFAULT) {\r
\r
InvalidateRect(hwnd, NULL, FALSE);\r
+\r
}\r
else if (m->subtype == KMSG_KCDB_ATTRIB &&\r
(m->uparam == KCDB_OP_INSERT ||\r
m->uparam == KCDB_OP_DELETE)) {\r
+\r
cw_refresh_attribs(hwnd);\r
+\r
}\r
} else if (m->type == KMSG_KMM &&\r
m->subtype == KMSG_KMM_I_DONE) {\r
BEGIN\r
DEFPUSHBUTTON "OK",IDOK,211,7,50,14\r
LTEXT "Productname",IDC_PRODUCT,41,7,163,13,NOT WS_GROUP\r
- LTEXT "© 2005 Massachusetts Institute of Technology",IDC_COPYRIGHT,41,23,220,18,NOT WS_GROUP\r
- LTEXT "BuildInfo",IDC_BUILDINFO,41,41,220,17,NOT WS_GROUP\r
- ICON IDI_MAIN_APP,IDC_STATIC,6,7,21,20\r
+ LTEXT "© 2005-2006 Massachusetts Institute of Technology\n© 2006 Secure Endpoints Inc.",IDC_COPYRIGHT,41,23,220,18,NOT WS_GROUP\r
+ LTEXT "BuildInfo",IDC_BUILDINFO,41,43,220,15,NOT WS_GROUP\r
+ ICON IDI_MAIN_APP,IDC_STATIC,6,7,20,20\r
CONTROL "",IDC_MODULES,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | WS_BORDER | WS_TABSTOP,41,72,220,91\r
LTEXT "Loaded modules",IDC_STATIC,41,60,52,8\r
END\r
IDS_ACTIONT_OPT_APPEAR "Change appearance and display settings"\r
IDS_ACTIONT_HELP_CTX "Display user documentation"\r
IDS_ACTIONT_IMPORT "Import credentials from external sources such as the Windows LSA"\r
+ IDS_NC_FAILED_TITLE_I "Failed to get credentials for %s"\r
+ IDS_NC_PWD_FAILED_TITLE_I "Failed to change password for %s"\r
+END\r
+\r
+STRINGTABLE \r
+BEGIN\r
+ IDS_NC_REN_FAILED_TITLE_I "Failed to renew creds for %s"\r
END\r
\r
#endif // English (U.S.) resources\r
/*\r
* Copyright (c) 2005 Massachusetts Institute of Technology\r
- * Copyright (c) 2006 Secure Endpoints Inc.\r
*\r
* Permission is hereby granted, free of charge, to any person\r
* obtaining a copy of this software and associated documentation\r
}\r
}\r
\r
+struct nc_enum_wnd_data {\r
+ khui_nc_wnd_data * d;\r
+ khm_boolean enable;\r
+};\r
+\r
+static\r
+BOOL CALLBACK\r
+nc_enum_wnd_proc(HWND hwnd,\r
+ LPARAM lParam)\r
+{\r
+ struct nc_enum_wnd_data * wd;\r
+\r
+ wd = (struct nc_enum_wnd_data *) lParam;\r
+\r
+ EnableWindow(hwnd, wd->enable);\r
+\r
+ return TRUE;\r
+}\r
+\r
+static void\r
+nc_enable_controls(khui_nc_wnd_data * d, khm_boolean enable)\r
+{\r
+ struct nc_enum_wnd_data wd;\r
+\r
+ ZeroMemory(&wd, sizeof(wd));\r
+\r
+ wd.d = d;\r
+ wd.enable = enable;\r
+\r
+ EnumChildWindows(d->dlg_main, nc_enum_wnd_proc, (LPARAM) &wd);\r
+}\r
+\r
#define NC_MAXCCH_CREDTEXT 16384\r
#define NC_MAXCB_CREDTEXT (NC_MAXCCH_CREDTEXT * sizeof(wchar_t))\r
\r
int x, y;\r
int width, height;\r
RECT r;\r
+ khm_int32 t;\r
\r
lpc = (LPCREATESTRUCT) lParam;\r
\r
/* add this to the dialog chain */\r
khm_add_dialog(hwnd);\r
\r
+ /* bring the window to the top, if necessary */\r
+ if (KHM_SUCCEEDED(khc_read_int32(NULL,\r
+ L"CredWindow\\Windows\\NewCred\\ForceToTop",\r
+ &t)) &&\r
+ t != 0) {\r
+\r
+ SetWindowPos(hwnd, HWND_TOP, 0, 0, 0, 0,\r
+ (SWP_NOMOVE | SWP_NOSIZE));\r
+\r
+ }\r
+\r
return TRUE;\r
}\r
\r
KHUI_NC_RESULT_CANCEL */\r
d->nc->response = KHUI_NC_RESPONSE_PROCESSING;\r
\r
+ nc_enable_controls(d, FALSE);\r
+\r
nc_notify_types(d->nc, \r
KHUI_WM_NC_NOTIFY, \r
MAKEWPARAM(0,WMNC_DIALOG_PREPROCESS), \r
type that is participating in the credentials\r
acquisition process, then we forward the message to\r
the panel that is providing the UI for that cred\r
- type. We also switch to that panel first. */\r
+ type. We also switch to that panel first, unless\r
+ the link is of the form '<credtype>:!<link_tag>'. */\r
\r
colon = wcschr(sid, L':');\r
if (colon != NULL) {\r
KHM_SUCCEEDED(khui_cw_find_type(d->nc, credtype, &t))){\r
*colon = L':';\r
\r
- if (t->ordinal != d->ctab)\r
+ if (t->ordinal != d->ctab &&\r
+ *(colon + 1) != L'!')\r
PostMessage(hwnd,\r
KHUI_WM_NC_NOTIFY,\r
MAKEWPARAM(t->ordinal,\r
KHUI_WM_NC_NOTIFY,\r
MAKEWPARAM(0, WMNC_CREDTEXT_LINK),\r
lParam);\r
+ } else {\r
+ *colon = L':';\r
}\r
}\r
\r
khui_cw_lock_nc(d->nc);\r
\r
GetWindowRect(d->dlg_ts, &r);\r
- if (x + width * d->nc->n_types > (khm_size) (r.right - r.left)) {\r
- width = (int)(((r.right - r.left) - x) / d->nc->n_types);\r
+ if (x + width * (d->nc->n_types + 1) > (khm_size) (r.right - r.left)) {\r
+ width = (int)(((r.right - r.left) - x) / (d->nc->n_types + 1));\r
}\r
\r
/* first, the control for the main panel */\r
if(nc->response & KHUI_NC_RESPONSE_NOEXIT) {\r
HWND hw;\r
\r
+ nc_enable_controls(d, TRUE);\r
+\r
/* reset state */\r
nc->result = KHUI_NC_RESULT_CANCEL;\r
\r
}\r
}\r
\r
+ if (d->hwnd_buttons[0])\r
+ SetFocus(d->hwnd_buttons[0]);\r
+\r
khm_notify_icon_change(a->severity);\r
\r
khui_alert_unlock(a);\r
#define IDS_ACTIONT_OPT_APPEAR 283\r
#define IDS_ACTIONT_HELP_CTX 284\r
#define IDS_ACTIONT_IMPORT 285\r
+#define IDS_NC_FAILED_TITLE_I 286\r
+#define IDS_NC_PWD_FAILED_TITLE_I 287\r
+#define IDS_NC_REN_FAILED_TITLE_I 288\r
#define IDC_NC_USERNAME 1007\r
#define IDC_NC_PASSWORD 1008\r
#define IDC_NC_CREDTEXT_LABEL 1009\r
_Schema,KC_ENDSPACE,0,\r
Main,KC_SPACE,0,Main window\r
Main,KC_ENDSPACE,0,\r
+ NewCred,KC_SPACE,0,New credentials window\r
+ ForceToTop,KC_INT32,1,Force new creds window to the top\r
+ NewCred,KC_ENDSPACE,0,\r
Windows,KC_ENDSPACE,0,\r
Views,KC_SPACE,0,Preconfigured views for credentials\r
Custom_0,KC_SPACE,0,First custom view. Additional views have names of the form Custom_N\r
khui_check_action(KHUI_ACTION_SET_DEF_ID, FALSE);\r
khui_enable_action(KHUI_ACTION_SET_DEF_ID, TRUE);\r
}\r
-\r
- khui_enable_action(KHUI_ACTION_PASSWD_ID, TRUE);\r
} else {\r
khui_check_action(KHUI_ACTION_SET_DEF_ID, FALSE);\r
khui_enable_action(KHUI_ACTION_SET_DEF_ID, FALSE);\r
- khui_enable_action(KHUI_ACTION_PASSWD_ID, FALSE);\r
}\r
\r
if (khui_ctx.scope != KHUI_SCOPE_NONE) {\r
return rv;\r
}\r
\r
+void\r
+khuiint_trim_str(wchar_t * s, khm_size cch) {\r
+ wchar_t * c, * last_ws;\r
+\r
+ for (c = s; *c && iswspace(*c) && ((khm_size)(c - s)) < cch; c++);\r
+\r
+ if (((khm_size)(c - s)) >= cch)\r
+ return;\r
+\r
+ if (c != s && ((khm_size)(c - s)) < cch) {\r
+#if _MSC_VER >= 1400\r
+ wmemmove_s(s, cch, c, cch - ((khm_size)(c - s)));\r
+#else\r
+ memmove(s, c, (cch - ((khm_size)(c - s)))* sizeof(wchar_t));\r
+#endif\r
+ }\r
+\r
+ last_ws = NULL;\r
+ for (c = s; *c && ((khm_size)(c - s)) < cch; c++) {\r
+ if (!iswspace(*c))\r
+ last_ws = NULL;\r
+ else if (last_ws == NULL)\r
+ last_ws = c;\r
+ }\r
+\r
+ if (last_ws)\r
+ *last_ws = L'\0';\r
+}\r
+\r
KHMEXP khm_int32 KHMAPI \r
khui_cw_sync_prompt_values(khui_new_creds * c)\r
{\r
LeaveCriticalSection(&c->cs);\r
\r
GetWindowText(hw, tmpbuf, ARRAYLENGTH(tmpbuf));\r
+ khuiint_trim_str(tmpbuf, ARRAYLENGTH(tmpbuf));\r
\r
EnterCriticalSection(&c->cs);\r
if (n != c->n_prompts)\r
*/\r
#define KHUI_CNFLAG_SYSTEM 0x0010\r
\r
+/*! \brief Settings have been modified\r
+\r
+ Settings for this configuration panel have been modified. This\r
+ flag should be cleared once the settings have been successfully\r
+ applied.\r
+ */\r
#define KHUI_CNFLAG_MODIFIED 0x0100\r
+\r
+/*! \brief Settings have been applied\r
+\r
+ Set once any modified settings were successfully applied.\r
+ */\r
#define KHUI_CNFLAG_APPLIED 0x0200\r
\r
#define KHUI_CNFLAGMASK_STATIC 0x00ff\r
Instead, the length fields should be used to extract the string.\r
*/\r
typedef struct tag_khui_htwnd_link {\r
- RECT r;\r
- wchar_t * id;\r
- int id_len;\r
- wchar_t * param;\r
- int param_len;\r
+ RECT r; /*!< The enclosing rectangle of the\r
+ hyperlink. Units are screen units\r
+ and the coordinates are relative to\r
+ the top left hand corner of the\r
+ hypertext area. */\r
+ wchar_t * id; /*!< The value of the \a id attribute\r
+ of the link or \a NULL if there was\r
+ no \a id attribute. This does not\r
+ point to a \a NULL terminated\r
+ string. The length of the string is\r
+ given by the \a id_len field. */\r
+ int id_len; /*!< The length of the string pointed\r
+ to by \a id in characters.\r
+ Undefined if \a id is \a NULL. */\r
+ wchar_t * param; /*!< The value of the \a param\r
+ attribute of the link or \a NULL if\r
+ there was no \a param attribute.\r
+ This does not point to a \a NULL\r
+ terminated string. The length of\r
+ the string is given by the \a\r
+ param_len field.*/\r
+ int param_len; /*!< Length of the string pointed to\r
+ by \a param in characters.\r
+ Undefined if \a param is \a NULL. */\r
} khui_htwnd_link;\r
\r
#define KHUI_MAXCCH_HTLINK_FIELD 256\r
\r
WMNC_CREDTEXT_LINK, \r
/*!< Sent to a panel dialog proc when a user clicks a credtext\r
- embedded link that belongs to that panel */\r
+ embedded link that belongs to that panel. The \a lParam\r
+ parameter of the message is a pointer to a ::khui_htwnd_link\r
+ structure describing the link. */\r
\r
WMNC_IDENTITY_CHANGE, \r
/*!< The primary identity has changed */\r
\see \ref cred_acq for more information\r
*/\r
typedef struct tag_khui_new_creds {\r
- khm_int32 magic;\r
+ khm_int32 magic; /*!< Internal use */\r
\r
khm_int32 subtype; /*!< Subtype of the request that is\r
being handled through this object.\r
::KMSG_CRED_NEW_CREDS or\r
::KMSG_CRED_RENEW_CREDS */\r
\r
- CRITICAL_SECTION cs;\r
+ CRITICAL_SECTION cs; /*!< Internal use */\r
\r
khm_boolean set_default; /*!< After a successfull credentials\r
acquisition, set the primary\r
documentation for info on what to do\r
with this field */\r
\r
- wchar_t *password; /*!< Not set until the dialog ends */\r
+ wchar_t *password; /*!< Not used. */\r
\r
/* UI stuff */\r
\r
projects / krb5.git / commitdiff