/*********************************************************
- * Copyright (c) 2007-2024 Broadcom. All Rights Reserved.
+ * Copyright (c) 2007-2025 Broadcom. All Rights Reserved.
* The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
*
* This program is free software; you can redistribute it and/or modify it
#endif
+#if defined(_WIN32)
+/*
+ *-----------------------------------------------------------------------------
+ *
+ * VixTools_ConfigGetString --
+ *
+ * Wrapper for VMTools_ConfigGetString to retrieve values
+ * from VIX_TOOLS_CONFIG_API_GROUPNAME group.
+ *
+ * Return value:
+ * Value of the key if the value was read successfully, or else
+ * a copy of defValue unless defValue is NULL, in which case it's NULL.
+ * The returned string should be freed with g_free when no longer
+ * needed.
+ *
+ * Side effects:
+ * None
+ *
+ *-----------------------------------------------------------------------------
+ */
+gchar *
+VixTools_ConfigGetString(const gchar *key, // IN
+ const gchar *defValue) // In
+{
+
+ return VMTools_ConfigGetString(gConfDictRef,
+ VIX_TOOLS_CONFIG_API_GROUPNAME,
+ key, defValue);
+}
+
+
+/*
+ *-----------------------------------------------------------------------------
+ *
+ * VixTools_ConfigLogInvalidString --
+ *
+ * Log a warning when a config string from the
+ * VIX_TOOLS_CONFIG_API_GROUPNAME group has an invalid value.
+ *
+ * Return value:
+ * None
+ *
+ * Side effects:
+ * None
+ *
+ *-----------------------------------------------------------------------------
+ */
+void
+VixTools_ConfigLogInvalidString(const gchar *function, // IN
+ const gchar *key, // IN
+ const gchar *confValue, // IN
+ const gchar *usedValue) // IN
+{
+ g_warning("%s: invalid value '%s' from tools.conf [%s] %s, using %s.\n",
+ function, confValue, VIX_TOOLS_CONFIG_API_GROUPNAME, key, usedValue);
+}
+#endif
+
+
/*
*-----------------------------------------------------------------------------
*
* the GuestAuth library.
*
* Results:
- * VIX_OK if successful.Other VixError code otherwise.
+ * VIX_OK if successful, otherwise some other VixError code.
*
* Side effects:
* Current process impersonates.
VGAuthExtraParams extraParams[1];
Bool impersonated = FALSE;
- extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;
- extraParams[0].value = loadUserProfile ? VGAUTH_PARAM_VALUE_TRUE :
- VGAUTH_PARAM_VALUE_FALSE;
-
err = VixMsg_DeObfuscateNamePassword(obfuscatedNamePassword,
&username,
&password);
goto done;
}
+#ifdef _WIN32
+ vgErr = VGAuth_ValidateUsernamePassword_Helper(ctx, username, password,
+ &newHandle);
+#else
vgErr = VGAuth_ValidateUsernamePassword(ctx, username, password,
- 0, NULL,
- &newHandle);
+ 0, NULL, &newHandle);
+#endif
if (VGAUTH_FAILED(vgErr)) {
err = VixToolsTranslateVGAuthError(vgErr);
goto done;
}
+ extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE;
+ extraParams[0].value = loadUserProfile ? VGAUTH_PARAM_VALUE_TRUE :
+ VGAUTH_PARAM_VALUE_FALSE;
+
vgErr = VGAuth_Impersonate(ctx, newHandle,
(int)ARRAYSIZE(extraParams),
extraParams);
* the GuestAuth library.
*
* Results:
- * VIX_OK if successful. Other VixError code otherwise.
+ * VIX_OK if successful, otherwise some other VixError code.
*
* Side effects:
* Current process impersonates.
/*********************************************************
- * Copyright (c) 2010-2020,2023 VMware, Inc. All rights reserved.
+ * Copyright (c) 2010-2025 Broadcom. All Rights Reserved.
+ * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
#include "VGAuthCommon.h"
#include "VGAuthError.h"
#include "VGAuthAuthentication.h"
+#include "VGAuthAuthenticationWin32.h"
#include "VGAuthAlias.h"
#endif
#ifdef _WIN32
VixError VixToolsTranslateVGAuthError(VGAuthError vgErr);
+
+gchar *VixTools_ConfigGetString(const gchar *key,
+ const gchar *defValue);
+
+void VixTools_ConfigLogInvalidString(const gchar *function,
+ const gchar *key,
+ const gchar *confValue,
+ const gchar *usedValue);
+
#endif
VixError VixToolsImpersonateUser(VixCommandRequestHeader *requestMsg,
Bool hostVerified,
void **userToken,
VGAuthUserHandle **curUserHandle);
+
+VGAuthError
+VGAuth_ValidateUsernamePassword_Helper(VGAuthContext *ctx,
+ const char *userName,
+ const char *password,
+ VGAuthUserHandle **handle);
+
#endif // _WIN32
#ifdef VMX86_DEVEL
/*********************************************************
- * Copyright (c) 2011-2017,2023 VMware, Inc. All rights reserved.
+ * Copyright (c) 2011-2025 Broadcom. All Rights Reserved.
+ * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
#include "VGAuthBasicDefs.h"
#include "VGAuthCommon.h"
#include "VGAuthAuthentication.h"
+#ifdef _WIN32
+#include "VGAuthAuthenticationWin32.h"
+#endif
#include "VGAuthAlias.h"
#include "audit.h"
#include "prefs.h"
VGAuthError VGAuthValidateUsernamePasswordImpl(VGAuthContext *ctx,
const char *userName,
const char *password,
+ const int numExtraParams,
+ const VGAuthExtraParams
+ *extraParams,
VGAuthUserHandle **handle);
#ifdef UNITTEST
gboolean defValue,
gboolean *paramValue);
+#define VGAuthGetStringExtraParam(numEP, ep, name, defValue, value) \
+ VGAuthGetStringExtraParamImpl(__FUNCTION__, (numEP), ep, \
+ name, defValue, (value))
+
+VGAuthError VGAuthGetStringExtraParamImpl(const char *funcName,
+ int numExtraParams,
+ const VGAuthExtraParams *params,
+ const char *paramName,
+ const char *defValue,
+ const char **paramValue);
+
void VGAuth_FreeAliasInfoContents(VGAuthAliasInfo *si);
void VGAuth_CopyAliasInfo(const VGAuthAliasInfo *src,
VGAuthAliasInfo *dst);
/*********************************************************
- * Copyright (c) 2011-2017,2023 VMware, Inc. All rights reserved.
+ * Copyright (c) 2011-2025 Broadcom. All Rights Reserved.
+ * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
* @param[in] password The password to be validated.
* @param[in] numExtraParams The number of elements in extraParams.
* @param[in] extraParams Any optional, additional paramaters to the
- * function. Currently none are supported, so this
- * must be NULL.
+ * function.
* @param[out] handle The resulting handle representing the user
* associated with @a userName.
* Must be freed with VGAuth_UserHandleFree().
VGAuth_ValidateUsernamePassword(VGAuthContext *ctx,
const char *userName,
const char *password,
- int numExtraParams,
+ const int numExtraParams,
const VGAuthExtraParams *extraParams,
VGAuthUserHandle **handle)
{
return VGAUTH_E_INVALID_ARGUMENT;
}
- err = VGAuthValidateExtraParams(numExtraParams, extraParams);
- if (VGAUTH_E_OK != err) {
- return err;
- }
-
+ /*
+ * numExtraParams and extraParams need to be validated before use. No need
+ * to validate them here since they're just passed through.
+ */
err = VGAuthValidateUsernamePasswordImpl(ctx,
userName,
password,
+ numExtraParams,
+ extraParams,
handle);
if (VGAUTH_E_OK == err) {
VGAuth_AuditEvent(ctx,
FALSE,
SU_(auth.password.invalid,
- "Username and password mismatch for '%s'"),
- userName);
+ "Username and password validation failed for '%s': "
+ "%s"),
+ userName, VGAuth_GetErrorText(err, NULL));
}
return err;
/*********************************************************
- * Copyright (C) 2011-2017, 2019, 2021 VMware, Inc. All rights reserved.
+ * Copyright (c) 2011-2025 Broadcom. All Rights Reserved.
+ * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
*
* Validates a username/password.
*
- * @param[in] ctx The VGAuthContext.
- * @param[in] userName The username to be validated.
- * @param[in] password The password to be validated.
- * @param[out] handle The resulting handle representing the user
- * associated with the username.
+ * @param[in] ctx The VGAuthContext.
+ * @param[in] userName The username to be validated.
+ * @param[in] password The password to be validated.
+ * @param[in] numExtraParams The number of elements in extraParams.
+ * @param[in] extraParams Any optional, additional paramaters to the
+ * function. Currently none are supported, so this
+ * must be NULL.
+ * @param[out] handle The resulting handle representing the user
+ * associated with the username.
*
* @return VGAUTH_E_OK on success, VGAuthError on failure
*
VGAuthValidateUsernamePasswordImpl(VGAuthContext *ctx,
const char *userName,
const char *password,
+ const int numExtraParams,
+ const VGAuthExtraParams *extraParams,
VGAuthUserHandle **handle)
{
#ifdef USE_PAM
struct passwd *pwd;
#endif
+ err = VGAuthValidateExtraParams(numExtraParams, extraParams);
+ if (VGAUTH_E_OK != err) {
+ return err;
+ }
+
#ifdef USE_PAM
if (!AuthLoadPAM()) {
return VGAUTH_E_FAIL;
/*********************************************************
- * Copyright (c) 2011-2017, 2023 VMware, Inc. All rights reserved.
+ * Copyright (c) 2011-2025 Broadcom. All Rights Reserved.
+ * The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
}
+/*
+ ******************************************************************************
+ * VGAuthGetStringExtraParamImpl -- */ /**
+ *
+ * Get the string value of the specified extra param in the params array.
+ *
+ * @param[in] funcName The name of the calling function.
+ * @param[in] numParams The number of elements in the params array.
+ * @param[in] params The params array to get param value from.
+ * @param[in] paramName The param name to get its value.
+ * @param[in] defValue The param default value if not set in the array.
+ * @param[out] paramValue Returned param value
+ *
+ * @retval VGAUTH_E_INVALID_ARGUMENT If incomplete arguments are passed in,
+ * the specified extra parameter is passed
+ * in the array multiple times or the
+ * parameter value is invalid.
+ * @reval VGAUTH_E_OK If no error is encountered.
+ *
+ ******************************************************************************
+ */
+
+VGAuthError
+VGAuthGetStringExtraParamImpl(const char *funcName,
+ int numParams,
+ const VGAuthExtraParams *params,
+ const char *paramName,
+ const char *defValue,
+ const char **paramValue)
+{
+ gboolean paramSet = FALSE;
+ int i;
+
+ if ((numParams < 0) || (numParams > 0 && NULL == params)) {
+ Warning("%s: invalid number of parameters: %d.\n", funcName, numParams);
+ return VGAUTH_E_INVALID_ARGUMENT;
+ }
+
+ if (NULL == paramName || NULL == paramValue) {
+ return VGAUTH_E_INVALID_ARGUMENT;
+ }
+
+ for (i = 0; i < numParams; i++) {
+ if (g_strcmp0(params[i].name, paramName) == 0) {
+ // only allow it to be set once
+ if (paramSet) {
+ Warning("%s: extraParam '%s' passed multiple times.\n",
+ funcName, params[i].name);
+ return VGAUTH_E_INVALID_ARGUMENT;
+ }
+ if (params[i].value) {
+ *paramValue = params[i].value;
+ paramSet = TRUE;
+ } else {
+ Warning("%s: extraParam '%s' has NULL value.\n",
+ funcName, params[i].name);
+ return VGAUTH_E_INVALID_ARGUMENT;
+ }
+ }
+ }
+
+ if (!paramSet) {
+ *paramValue = defValue;
+ }
+ return VGAUTH_E_OK;
+}
+
+
/*
******************************************************************************
* VGAuth_Init -- */ /**
#
##########################################################
-auth.password.invalid = "Username and password mismatch for '%1$s'"
+auth.password.invalid = "Username and password validation failed for '%1$s': %2$s"
auth.password.valid = "Username and password successfully validated for '%1$s'"
auth.sspi.badid = "Attempt to authenticate using an invalid or expired SSPI challenge ID: %1$u"
#
##########################################################
-auth.password.invalid = "El nombre de usuario y la contraseña de '%1$s' no coinciden"
+auth.password.invalid = "Username and password validation failed for '%1$s': %2$s"
auth.password.valid = "El nombre de usuario y la contraseña de '%1$s' se han validado correctamente"
auth.sspi.badid = "Intento de autenticación utilizando un SSPI challenge ID no válido o caducado: %1$u"
#
##########################################################
-auth.password.invalid = "Non-concordance du nom d'utilisateur et du mot de passe pour '%1$s'"
+auth.password.invalid = "Username and password validation failed for '%1$s': %2$s"
auth.password.valid = "Validation réussie du nom d'utilisateur et du mot de passe pour '%1$s'"
auth.sspi.badid = "Tentative d'authentification à l'aide d'un ID de demande SSPI non valide ou expiré : %1$u"
#
##########################################################
-auth.password.invalid = "'%1$s' のユーザー名とパスワードが一致しません"
+auth.password.invalid = "Username and password validation failed for '%1$s': %2$s"
auth.password.valid = "'%1$s' のユーザー名とパスワードが正しく検証されました"
auth.sspi.badid = "無効または期限切れの SSPI チャレンジ ID を使用して認証を試みます: %1$u"
projects / thirdparty / open-vm-tools.git / commitdiff
