Re: [Qemu-devel] [PATCH] qemu-ga: implement win32 guest-set-user-passwor

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] qemu-ga: implement win32 guest-set-user-passwor

From:	Marc-André Lureau
Subject:	Re: [Qemu-devel] [PATCH] qemu-ga: implement win32 guest-set-user-password
Date:	Tue, 25 Aug 2015 23:51:35 +0200

ping

On Tue, Jun 30, 2015 at 4:37 PM, Marc-André Lureau
<address@hidden> wrote:
> Use NetUserSetInfo() to set the user password.
>
> This function is notoriously known to be problematic for users with EFS
> encrypted files. But the alternative, NetUserChangePassword() requires
> the old password. Nevertheless, The EFS file should be recovered by
> changing back to the old password.
>
> Signed-off-by: Marc-André Lureau <address@hidden>
> ---
>  configure            |  2 +-
>  qga/commands-win32.c | 77 
> ++++++++++++++++++++++++++++++++++++++++++++++++++--
>  2 files changed, 76 insertions(+), 3 deletions(-)
>
> diff --git a/configure b/configure
> index 3063739..400de0d 100755
> --- a/configure
> +++ b/configure
> @@ -732,7 +732,7 @@ if test "$mingw32" = "yes" ; then
>    sysconfdir="\${prefix}"
>    local_statedir=
>    confsuffix=""
> -  libs_qga="-lws2_32 -lwinmm -lpowrprof $libs_qga"
> +  libs_qga="-lws2_32 -lwinmm -lpowrprof -lnetapi32 $libs_qga"
>  fi
>
>  werror=""
> diff --git a/qga/commands-win32.c b/qga/commands-win32.c
> index fbddc8b..d31530c 100644
> --- a/qga/commands-win32.c
> +++ b/qga/commands-win32.c
> @@ -16,6 +16,8 @@
>  #include <powrprof.h>
>  #include <stdio.h>
>  #include <string.h>
> +#include <lm.h>
> +
>  #include "qga/guest-agent-core.h"
>  #include "qga/vss-win32.h"
>  #include "qga-qmp-commands.h"
> @@ -676,12 +678,84 @@ int64_t qmp_guest_set_vcpus(GuestLogicalProcessorList 
> *vcpus, Error **errp)
>      return -1;
>  }
>
> +static gchar *
> +get_net_error_message(gint error)
> +{
> +    HMODULE module = NULL;
> +    gchar *retval = NULL;
> +    wchar_t *msg = NULL;
> +    int flags, nchars;
> +
> +    flags = FORMAT_MESSAGE_ALLOCATE_BUFFER
> +        |FORMAT_MESSAGE_IGNORE_INSERTS
> +        |FORMAT_MESSAGE_FROM_SYSTEM;
> +
> +    if (error >= NERR_BASE && error <= MAX_NERR) {
> +        module = LoadLibraryExW(L"netmsg.dll", NULL, 
> LOAD_LIBRARY_AS_DATAFILE);
> +
> +        if (module != NULL) {
> +            flags |= FORMAT_MESSAGE_FROM_HMODULE;
> +        }
> +    }
> +
> +    FormatMessageW(flags, module, error, 0, (LPWSTR)&msg, 0, NULL);
> +
> +    if (msg != NULL) {
> +        nchars = wcslen(msg);
> +
> +        if (nchars > 2 && msg[nchars-1] == '\n' && msg[nchars-2] == '\r') {
> +            msg[nchars-2] = '\0';
> +        }
> +
> +        retval = g_utf16_to_utf8(msg, -1, NULL, NULL, NULL);
> +
> +        LocalFree(msg);
> +    }
> +
> +    if (module != NULL) {
> +        FreeLibrary(module);
> +    }
> +
> +    return retval;
> +}
> +
>  void qmp_guest_set_user_password(const char *username,
>                                   const char *password,
>                                   bool crypted,
>                                   Error **errp)
>  {
> -    error_setg(errp, QERR_UNSUPPORTED);
> +    NET_API_STATUS nas;
> +    char *rawpasswddata = NULL;
> +    size_t rawpasswdlen;
> +    wchar_t *user, *wpass;
> +    USER_INFO_1003 pi1003 = { 0, };
> +
> +    if (crypted) {
> +        error_setg(errp, QERR_UNSUPPORTED);
> +        return;
> +    }
> +
> +    rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen);
> +    rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1);
> +    rawpasswddata[rawpasswdlen] = '\0';
> +
> +    user = g_utf8_to_utf16(username, -1, NULL, NULL, NULL);
> +    wpass = g_utf8_to_utf16(rawpasswddata, -1, NULL, NULL, NULL);
> +
> +    pi1003.usri1003_password = wpass;
> +    nas = NetUserSetInfo(NULL, user,
> +                         1003, (LPBYTE)&pi1003,
> +                         NULL);
> +
> +    if (nas != NERR_Success) {
> +        gchar *msg = get_net_error_message(nas);
> +        error_setg(errp, "failed to set password: %s", msg);
> +        g_free(msg);
> +    }
> +
> +    g_free(user);
> +    g_free(wpass);
> +    g_free(rawpasswddata);
>  }
>
>  GuestMemoryBlockList *qmp_guest_get_memory_blocks(Error **errp)
> @@ -709,7 +783,6 @@ GList *ga_command_blacklist_init(GList *blacklist)
>      const char *list_unsupported[] = {
>          "guest-suspend-hybrid", "guest-network-get-interfaces",
>          "guest-get-vcpus", "guest-set-vcpus",
> -        "guest-set-user-password",
>          "guest-get-memory-blocks", "guest-set-memory-blocks",
>          "guest-get-memory-block-size",
>          "guest-fsfreeze-freeze-list", "guest-get-fsinfo",
> --
> 2.4.3
>



-- 
Marc-André Lureau

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH] qemu-ga: implement win32 guest-set-user-password, Marc-André Lureau <=
- Re: [Qemu-devel] [PATCH] qemu-ga: implement win32 guest-set-user-password, Daniel P. Berrange, 2015/08/26
- Re: [Qemu-devel] [PATCH] qemu-ga: implement win32 guest-set-user-password, Michael Roth, 2015/08/27

Prev by Date: Re: [Qemu-devel] [PATCH v3 3/4] qemu-ga: Created a separate component for each installed file in the MSI
Next by Date: Re: [Qemu-devel] [RFC 31/38] cpu: protect l1_map with tb_lock in full-system mode
Previous by thread: [Qemu-devel] [PATCH 0/7] remove useless muldiv64()
Next by thread: Re: [Qemu-devel] [PATCH] qemu-ga: implement win32 guest-set-user-password
Index(es):
- Date
- Thread