From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52062) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZWqTr-00009c-3L for qemu-devel@nongnu.org; Tue, 01 Sep 2015 14:40:32 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZWqTn-0007Qk-KS for qemu-devel@nongnu.org; Tue, 01 Sep 2015 14:40:27 -0400 Received: from e19.ny.us.ibm.com ([129.33.205.209]:51832) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZWqTn-0007Qc-Hq for qemu-devel@nongnu.org; Tue, 01 Sep 2015 14:40:23 -0400 Received: from /spool/local by e19.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 1 Sep 2015 14:40:23 -0400 Received: from b01cxnp22034.gho.pok.ibm.com (b01cxnp22034.gho.pok.ibm.com [9.57.198.24]) by d01dlp03.pok.ibm.com (Postfix) with ESMTP id B8A37C90042 for ; Tue, 1 Sep 2015 14:31:25 -0400 (EDT) Received: from d01av01.pok.ibm.com (d01av01.pok.ibm.com [9.56.224.215]) by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id t81IeLKM60620890 for ; Tue, 1 Sep 2015 18:40:21 GMT Received: from d01av01.pok.ibm.com (localhost [127.0.0.1]) by d01av01.pok.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id t81IeJJj027011 for ; Tue, 1 Sep 2015 14:40:20 -0400 From: Michael Roth Date: Tue, 1 Sep 2015 13:38:59 -0500 Message-Id: <1441132743-26228-23-git-send-email-mdroth@linux.vnet.ibm.com> In-Reply-To: <1441132743-26228-1-git-send-email-mdroth@linux.vnet.ibm.com> References: <1441132743-26228-1-git-send-email-mdroth@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Subject: [Qemu-devel] [PATCH 22/26] qemu-ga: implement win32 guest-set-user-password List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: peter.maydell@linaro.org, =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Michael Roth From: Marc-André Lureau Use NetUserSetInfo() to set the user password. This function is notoriously known to be problematic for users with EFS encrypted files. But the alternative, NetUserChangePassword() requires the old password. Nevertheless, The EFS file should be recovered by changing back to the old password. Signed-off-by: Marc-André Lureau Reviewed-by: Daniel P. Berrange Signed-off-by: Michael Roth --- configure | 2 +- qga/commands-win32.c | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 76 insertions(+), 3 deletions(-) diff --git a/configure b/configure index 86a38fe..1f033e9 100755 --- a/configure +++ b/configure @@ -732,7 +732,7 @@ if test "$mingw32" = "yes" ; then sysconfdir="\${prefix}" local_statedir= confsuffix="" - libs_qga="-lws2_32 -lwinmm -lpowrprof -liphlpapi $libs_qga" + libs_qga="-lws2_32 -lwinmm -lpowrprof -liphlpapi -lnetapi32 $libs_qga" fi werror="" diff --git a/qga/commands-win32.c b/qga/commands-win32.c index 1152c46..cbee186 100644 --- a/qga/commands-win32.c +++ b/qga/commands-win32.c @@ -26,6 +26,8 @@ #include #include #endif +#include + #include "qga/guest-agent-core.h" #include "qga/vss-win32.h" #include "qga-qmp-commands.h" @@ -1192,12 +1194,84 @@ int64_t qmp_guest_set_vcpus(GuestLogicalProcessorList *vcpus, Error **errp) return -1; } +static gchar * +get_net_error_message(gint error) +{ + HMODULE module = NULL; + gchar *retval = NULL; + wchar_t *msg = NULL; + int flags, nchars; + + flags = FORMAT_MESSAGE_ALLOCATE_BUFFER + |FORMAT_MESSAGE_IGNORE_INSERTS + |FORMAT_MESSAGE_FROM_SYSTEM; + + if (error >= NERR_BASE && error <= MAX_NERR) { + module = LoadLibraryExW(L"netmsg.dll", NULL, LOAD_LIBRARY_AS_DATAFILE); + + if (module != NULL) { + flags |= FORMAT_MESSAGE_FROM_HMODULE; + } + } + + FormatMessageW(flags, module, error, 0, (LPWSTR)&msg, 0, NULL); + + if (msg != NULL) { + nchars = wcslen(msg); + + if (nchars > 2 && msg[nchars-1] == '\n' && msg[nchars-2] == '\r') { + msg[nchars-2] = '\0'; + } + + retval = g_utf16_to_utf8(msg, -1, NULL, NULL, NULL); + + LocalFree(msg); + } + + if (module != NULL) { + FreeLibrary(module); + } + + return retval; +} + void qmp_guest_set_user_password(const char *username, const char *password, bool crypted, Error **errp) { - error_setg(errp, QERR_UNSUPPORTED); + NET_API_STATUS nas; + char *rawpasswddata = NULL; + size_t rawpasswdlen; + wchar_t *user, *wpass; + USER_INFO_1003 pi1003 = { 0, }; + + if (crypted) { + error_setg(errp, QERR_UNSUPPORTED); + return; + } + + rawpasswddata = (char *)g_base64_decode(password, &rawpasswdlen); + rawpasswddata = g_renew(char, rawpasswddata, rawpasswdlen + 1); + rawpasswddata[rawpasswdlen] = '\0'; + + user = g_utf8_to_utf16(username, -1, NULL, NULL, NULL); + wpass = g_utf8_to_utf16(rawpasswddata, -1, NULL, NULL, NULL); + + pi1003.usri1003_password = wpass; + nas = NetUserSetInfo(NULL, user, + 1003, (LPBYTE)&pi1003, + NULL); + + if (nas != NERR_Success) { + gchar *msg = get_net_error_message(nas); + error_setg(errp, "failed to set password: %s", msg); + g_free(msg); + } + + g_free(user); + g_free(wpass); + g_free(rawpasswddata); } GuestMemoryBlockList *qmp_guest_get_memory_blocks(Error **errp) @@ -1225,7 +1299,6 @@ GList *ga_command_blacklist_init(GList *blacklist) const char *list_unsupported[] = { "guest-suspend-hybrid", "guest-get-vcpus", "guest-set-vcpus", - "guest-set-user-password", "guest-get-memory-blocks", "guest-set-memory-blocks", "guest-get-memory-block-size", "guest-fsfreeze-freeze-list", -- 1.9.1