1 | /* $Id: VBoxGuestR3LibCredentials.cpp 28800 2010-04-27 08:22:32Z vboxsync $ */
|
---|
2 | /** @file
|
---|
3 | * VBoxGuestR3Lib - Ring-3 Support Library for VirtualBox guest additions, user credentials.
|
---|
4 | */
|
---|
5 |
|
---|
6 | /*
|
---|
7 | * Copyright (C) 2009 Oracle Corporation
|
---|
8 | *
|
---|
9 | * This file is part of VirtualBox Open Source Edition (OSE), as
|
---|
10 | * available from http://www.virtualbox.org. This file is free software;
|
---|
11 | * you can redistribute it and/or modify it under the terms of the GNU
|
---|
12 | * General Public License (GPL) as published by the Free Software
|
---|
13 | * Foundation, in version 2 as it comes in the "COPYING" file of the
|
---|
14 | * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
|
---|
15 | * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
|
---|
16 | *
|
---|
17 | * The contents of this file may alternatively be used under the terms
|
---|
18 | * of the Common Development and Distribution License Version 1.0
|
---|
19 | * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
|
---|
20 | * VirtualBox OSE distribution, in which case the provisions of the
|
---|
21 | * CDDL are applicable instead of those of the GPL.
|
---|
22 | *
|
---|
23 | * You may elect to license modified versions of this file under the
|
---|
24 | * terms and conditions of either the GPL or the CDDL or both.
|
---|
25 | */
|
---|
26 |
|
---|
27 |
|
---|
28 | /*******************************************************************************
|
---|
29 | * Header Files *
|
---|
30 | *******************************************************************************/
|
---|
31 | #include <iprt/asm.h>
|
---|
32 | #include <iprt/string.h>
|
---|
33 | #include <iprt/rand.h>
|
---|
34 | #include <VBox/log.h>
|
---|
35 |
|
---|
36 | #include "VBGLR3Internal.h"
|
---|
37 |
|
---|
38 |
|
---|
39 | /**
|
---|
40 | * Checks whether user credentials are available to the guest or not.
|
---|
41 | *
|
---|
42 | * @returns IPRT status value; VINF_SUCCESS if credentials are available,
|
---|
43 | * VERR_NOT_FOUND if not. Otherwise an error is occured.
|
---|
44 | */
|
---|
45 | VBGLR3DECL(int) VbglR3CredentialsQueryAvailability(void)
|
---|
46 | {
|
---|
47 | VMMDevCredentials Req;
|
---|
48 | RT_ZERO(Req);
|
---|
49 | vmmdevInitRequest((VMMDevRequestHeader*)&Req, VMMDevReq_QueryCredentials);
|
---|
50 | Req.u32Flags |= VMMDEV_CREDENTIALS_QUERYPRESENCE;
|
---|
51 |
|
---|
52 | int rc = vbglR3GRPerform(&Req.header);
|
---|
53 | if (RT_SUCCESS(rc))
|
---|
54 | {
|
---|
55 | if ((Req.u32Flags & VMMDEV_CREDENTIALS_PRESENT) == 0)
|
---|
56 | rc = VERR_NOT_FOUND;
|
---|
57 | }
|
---|
58 | return rc;
|
---|
59 | }
|
---|
60 |
|
---|
61 |
|
---|
62 | /**
|
---|
63 | * Retrieves and clears the user credentials for logging into the guest OS.
|
---|
64 | *
|
---|
65 | * @returns IPRT status value
|
---|
66 | * @param ppszUser Receives pointer of allocated user name string.
|
---|
67 | * The returned pointer must be freed using VbglR3CredentialsDestroy().
|
---|
68 | * @param ppszPassword Receives pointer of allocated user password string.
|
---|
69 | * The returned pointer must be freed using VbglR3CredentialsDestroy().
|
---|
70 | * @param ppszDomain Receives pointer of allocated domain name string.
|
---|
71 | * The returned pointer must be freed using VbglR3CredentialsDestroy().
|
---|
72 | */
|
---|
73 | VBGLR3DECL(int) VbglR3CredentialsRetrieve(char **ppszUser, char **ppszPassword, char **ppszDomain)
|
---|
74 | {
|
---|
75 | VMMDevCredentials Req;
|
---|
76 | RT_ZERO(Req);
|
---|
77 | vmmdevInitRequest((VMMDevRequestHeader*)&Req, VMMDevReq_QueryCredentials);
|
---|
78 | Req.u32Flags |= VMMDEV_CREDENTIALS_READ | VMMDEV_CREDENTIALS_CLEAR;
|
---|
79 |
|
---|
80 | int rc = vbglR3GRPerform(&Req.header);
|
---|
81 | if (RT_SUCCESS(rc))
|
---|
82 | {
|
---|
83 | rc = RTStrDupEx(ppszUser, Req.szUserName);
|
---|
84 | if (RT_SUCCESS(rc))
|
---|
85 | {
|
---|
86 | rc = RTStrDupEx(ppszPassword, Req.szPassword);
|
---|
87 | if (RT_SUCCESS(rc))
|
---|
88 | {
|
---|
89 | rc = RTStrDupEx(ppszDomain, Req.szDomain);
|
---|
90 | if (RT_SUCCESS(rc))
|
---|
91 | return VINF_SUCCESS;
|
---|
92 |
|
---|
93 | RTStrFree(*ppszPassword);
|
---|
94 | }
|
---|
95 | RTStrFree(*ppszUser);
|
---|
96 | }
|
---|
97 | }
|
---|
98 | return rc;
|
---|
99 | }
|
---|
100 |
|
---|
101 |
|
---|
102 | /**
|
---|
103 | * Clears and frees the three strings.
|
---|
104 | *
|
---|
105 | * @param pszUser Receives pointer of the user name string to destroy.
|
---|
106 | * Optional.
|
---|
107 | * @param pszPassword Receives pointer of the password string to destroy.
|
---|
108 | * Optional.
|
---|
109 | * @param pszDomain Receives pointer of allocated domain name string.
|
---|
110 | * Optional.
|
---|
111 | * @param cPasses Number of wipe passes. The more the better + slower.
|
---|
112 | */
|
---|
113 | VBGLR3DECL(void) VbglR3CredentialsDestroy(char *pszUser, char *pszPassword, char *pszDomain, uint32_t cPasses)
|
---|
114 | {
|
---|
115 | size_t const cchUser = pszUser ? strlen(pszUser) : 0;
|
---|
116 | size_t const cchPassword = pszPassword ? strlen(pszPassword) : 0;
|
---|
117 | size_t const cchDomain = pszDomain ? strlen(pszDomain) : 0;
|
---|
118 |
|
---|
119 | do
|
---|
120 | {
|
---|
121 | if (cchUser)
|
---|
122 | memset(pszUser, 0xff, cchUser);
|
---|
123 | if (cchPassword)
|
---|
124 | memset(pszPassword, 0xff, cchPassword);
|
---|
125 | if (cchDomain)
|
---|
126 | memset(pszDomain, 0xff, cchDomain);
|
---|
127 | ASMMemoryFence();
|
---|
128 |
|
---|
129 | if (cchUser)
|
---|
130 | memset(pszUser, 0x00, cchUser);
|
---|
131 | if (cchPassword)
|
---|
132 | memset(pszPassword, 0x00, cchPassword);
|
---|
133 | if (cchDomain)
|
---|
134 | memset(pszDomain, 0x00, cchDomain);
|
---|
135 | ASMMemoryFence();
|
---|
136 |
|
---|
137 | if (cchUser)
|
---|
138 | RTRandBytes(pszUser, cchUser);
|
---|
139 | if (cchPassword)
|
---|
140 | RTRandBytes(pszPassword, cchPassword);
|
---|
141 | if (cchDomain)
|
---|
142 | RTRandBytes(pszDomain, cchDomain);
|
---|
143 | ASMMemoryFence();
|
---|
144 |
|
---|
145 | } while (cPasses-- > 0);
|
---|
146 |
|
---|
147 | RTStrFree(pszUser);
|
---|
148 | RTStrFree(pszPassword);
|
---|
149 | RTStrFree(pszDomain);
|
---|
150 | }
|
---|
151 |
|
---|