/src/FreeRDP/winpr/libwinpr/utils/sam.c
Line | Count | Source (jump to first uncovered line) |
1 | | /** |
2 | | * WinPR: Windows Portable Runtime |
3 | | * Security Accounts Manager (SAM) |
4 | | * |
5 | | * Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com> |
6 | | * |
7 | | * Licensed under the Apache License, Version 2.0 (the "License"); |
8 | | * you may not use this file except in compliance with the License. |
9 | | * You may obtain a copy of the License at |
10 | | * |
11 | | * http://www.apache.org/licenses/LICENSE-2.0 |
12 | | * |
13 | | * Unless required by applicable law or agreed to in writing, software |
14 | | * distributed under the License is distributed on an "AS IS" BASIS, |
15 | | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
16 | | * See the License for the specific language governing permissions and |
17 | | * limitations under the License. |
18 | | */ |
19 | | |
20 | | #include <winpr/config.h> |
21 | | #include <winpr/path.h> |
22 | | |
23 | | #include <stdio.h> |
24 | | #include <stdlib.h> |
25 | | #include <string.h> |
26 | | |
27 | | #include <winpr/wtypes.h> |
28 | | #include <winpr/crt.h> |
29 | | #include <winpr/sam.h> |
30 | | #include <winpr/cast.h> |
31 | | #include <winpr/print.h> |
32 | | #include <winpr/file.h> |
33 | | |
34 | | #include "../log.h" |
35 | | |
36 | | #ifdef WINPR_HAVE_UNISTD_H |
37 | | #include <unistd.h> |
38 | | #endif |
39 | | |
40 | | #define TAG WINPR_TAG("utils") |
41 | | |
42 | | struct winpr_sam |
43 | | { |
44 | | FILE* fp; |
45 | | char* line; |
46 | | char* buffer; |
47 | | char* context; |
48 | | BOOL readOnly; |
49 | | }; |
50 | | |
51 | | static WINPR_SAM_ENTRY* SamEntryFromDataA(LPCSTR User, DWORD UserLength, LPCSTR Domain, |
52 | | DWORD DomainLength) |
53 | 0 | { |
54 | 0 | WINPR_SAM_ENTRY* entry = calloc(1, sizeof(WINPR_SAM_ENTRY)); |
55 | 0 | if (!entry) |
56 | 0 | return NULL; |
57 | 0 | if (User && (UserLength > 0)) |
58 | 0 | entry->User = _strdup(User); |
59 | 0 | entry->UserLength = UserLength; |
60 | 0 | if (Domain && (DomainLength > 0)) |
61 | 0 | entry->Domain = _strdup(Domain); |
62 | 0 | entry->DomainLength = DomainLength; |
63 | 0 | return entry; |
64 | 0 | } |
65 | | |
66 | | static BOOL SamAreEntriesEqual(const WINPR_SAM_ENTRY* a, const WINPR_SAM_ENTRY* b) |
67 | 0 | { |
68 | 0 | if (!a || !b) |
69 | 0 | return FALSE; |
70 | 0 | if (a->UserLength != b->UserLength) |
71 | 0 | return FALSE; |
72 | 0 | if (a->DomainLength != b->DomainLength) |
73 | 0 | return FALSE; |
74 | 0 | if (a->UserLength > 0) |
75 | 0 | { |
76 | 0 | if (!a->User || !b->User) |
77 | 0 | return FALSE; |
78 | 0 | if (strncmp(a->User, b->User, a->UserLength) != 0) |
79 | 0 | return FALSE; |
80 | 0 | } |
81 | 0 | if (a->DomainLength > 0) |
82 | 0 | { |
83 | 0 | if (!a->Domain || !b->Domain) |
84 | 0 | return FALSE; |
85 | 0 | if (strncmp(a->Domain, b->Domain, a->DomainLength) != 0) |
86 | 0 | return FALSE; |
87 | 0 | } |
88 | 0 | return TRUE; |
89 | 0 | } |
90 | | |
91 | | WINPR_SAM* SamOpen(const char* filename, BOOL readOnly) |
92 | 0 | { |
93 | 0 | FILE* fp = NULL; |
94 | 0 | WINPR_SAM* sam = NULL; |
95 | 0 | char* allocatedFileName = NULL; |
96 | |
|
97 | 0 | if (!filename) |
98 | 0 | { |
99 | 0 | allocatedFileName = winpr_GetConfigFilePath(TRUE, "SAM"); |
100 | 0 | filename = allocatedFileName; |
101 | 0 | } |
102 | |
|
103 | 0 | if (readOnly) |
104 | 0 | fp = winpr_fopen(filename, "r"); |
105 | 0 | else |
106 | 0 | { |
107 | 0 | fp = winpr_fopen(filename, "r+"); |
108 | |
|
109 | 0 | if (!fp) |
110 | 0 | fp = winpr_fopen(filename, "w+"); |
111 | 0 | } |
112 | 0 | free(allocatedFileName); |
113 | |
|
114 | 0 | if (fp) |
115 | 0 | { |
116 | 0 | sam = (WINPR_SAM*)calloc(1, sizeof(WINPR_SAM)); |
117 | |
|
118 | 0 | if (!sam) |
119 | 0 | { |
120 | 0 | (void)fclose(fp); |
121 | 0 | return NULL; |
122 | 0 | } |
123 | | |
124 | 0 | sam->readOnly = readOnly; |
125 | 0 | sam->fp = fp; |
126 | 0 | } |
127 | 0 | else |
128 | 0 | { |
129 | 0 | WLog_DBG(TAG, "Could not open SAM file!"); |
130 | 0 | return NULL; |
131 | 0 | } |
132 | | |
133 | 0 | return sam; |
134 | 0 | } |
135 | | |
136 | | static BOOL SamLookupStart(WINPR_SAM* sam) |
137 | 0 | { |
138 | 0 | size_t readSize = 0; |
139 | 0 | INT64 fileSize = 0; |
140 | |
|
141 | 0 | if (!sam || !sam->fp) |
142 | 0 | return FALSE; |
143 | | |
144 | 0 | if (_fseeki64(sam->fp, 0, SEEK_END) != 0) |
145 | 0 | return FALSE; |
146 | 0 | fileSize = _ftelli64(sam->fp); |
147 | 0 | if (_fseeki64(sam->fp, 0, SEEK_SET) != 0) |
148 | 0 | return FALSE; |
149 | | |
150 | 0 | if (fileSize < 1) |
151 | 0 | return FALSE; |
152 | | |
153 | 0 | sam->context = NULL; |
154 | 0 | sam->buffer = (char*)calloc((size_t)fileSize + 2, 1); |
155 | |
|
156 | 0 | if (!sam->buffer) |
157 | 0 | return FALSE; |
158 | | |
159 | 0 | readSize = fread(sam->buffer, (size_t)fileSize, 1, sam->fp); |
160 | |
|
161 | 0 | if (!readSize) |
162 | 0 | { |
163 | 0 | if (!ferror(sam->fp)) |
164 | 0 | readSize = (size_t)fileSize; |
165 | 0 | } |
166 | |
|
167 | 0 | if (readSize < 1) |
168 | 0 | { |
169 | 0 | free(sam->buffer); |
170 | 0 | sam->buffer = NULL; |
171 | 0 | return FALSE; |
172 | 0 | } |
173 | | |
174 | 0 | sam->buffer[fileSize] = '\n'; |
175 | 0 | sam->buffer[fileSize + 1] = '\0'; |
176 | 0 | sam->line = strtok_s(sam->buffer, "\n", &sam->context); |
177 | 0 | return TRUE; |
178 | 0 | } |
179 | | |
180 | | static void SamLookupFinish(WINPR_SAM* sam) |
181 | 0 | { |
182 | 0 | free(sam->buffer); |
183 | 0 | sam->buffer = NULL; |
184 | 0 | sam->line = NULL; |
185 | 0 | } |
186 | | |
187 | | static BOOL SamReadEntry(WINPR_SAM* sam, WINPR_SAM_ENTRY* entry) |
188 | 0 | { |
189 | 0 | char* p[5] = { 0 }; |
190 | 0 | size_t count = 0; |
191 | |
|
192 | 0 | if (!sam || !entry || !sam->line) |
193 | 0 | return FALSE; |
194 | | |
195 | 0 | char* cur = sam->line; |
196 | |
|
197 | 0 | while ((cur = strchr(cur, ':')) != NULL) |
198 | 0 | { |
199 | 0 | count++; |
200 | 0 | cur++; |
201 | 0 | } |
202 | |
|
203 | 0 | if (count < 4) |
204 | 0 | return FALSE; |
205 | | |
206 | 0 | p[0] = sam->line; |
207 | 0 | p[1] = strchr(p[0], ':') + 1; |
208 | 0 | p[2] = strchr(p[1], ':') + 1; |
209 | 0 | p[3] = strchr(p[2], ':') + 1; |
210 | 0 | p[4] = strchr(p[3], ':') + 1; |
211 | 0 | const size_t LmHashLength = WINPR_ASSERTING_INT_CAST(size_t, (p[3] - p[2] - 1)); |
212 | 0 | const size_t NtHashLength = WINPR_ASSERTING_INT_CAST(size_t, (p[4] - p[3] - 1)); |
213 | | |
214 | 0 | if ((LmHashLength != 0) && (LmHashLength != 32)) |
215 | 0 | return FALSE; |
216 | | |
217 | 0 | if ((NtHashLength != 0) && (NtHashLength != 32)) |
218 | 0 | return FALSE; |
219 | | |
220 | 0 | entry->UserLength = (UINT32)(p[1] - p[0] - 1); |
221 | 0 | entry->User = (LPSTR)malloc(entry->UserLength + 1); |
222 | |
|
223 | 0 | if (!entry->User) |
224 | 0 | return FALSE; |
225 | | |
226 | 0 | entry->User[entry->UserLength] = '\0'; |
227 | 0 | entry->DomainLength = (UINT32)(p[2] - p[1] - 1); |
228 | 0 | memcpy(entry->User, p[0], entry->UserLength); |
229 | |
|
230 | 0 | if (entry->DomainLength > 0) |
231 | 0 | { |
232 | 0 | entry->Domain = (LPSTR)malloc(entry->DomainLength + 1); |
233 | |
|
234 | 0 | if (!entry->Domain) |
235 | 0 | { |
236 | 0 | free(entry->User); |
237 | 0 | entry->User = NULL; |
238 | 0 | return FALSE; |
239 | 0 | } |
240 | | |
241 | 0 | memcpy(entry->Domain, p[1], entry->DomainLength); |
242 | 0 | entry->Domain[entry->DomainLength] = '\0'; |
243 | 0 | } |
244 | 0 | else |
245 | 0 | entry->Domain = NULL; |
246 | | |
247 | 0 | if (LmHashLength == 32) |
248 | 0 | winpr_HexStringToBinBuffer(p[2], LmHashLength, entry->LmHash, sizeof(entry->LmHash)); |
249 | |
|
250 | 0 | if (NtHashLength == 32) |
251 | 0 | winpr_HexStringToBinBuffer(p[3], NtHashLength, (BYTE*)entry->NtHash, sizeof(entry->NtHash)); |
252 | |
|
253 | 0 | return TRUE; |
254 | 0 | } |
255 | | |
256 | | void SamFreeEntry(WINPR_ATTR_UNUSED WINPR_SAM* sam, WINPR_SAM_ENTRY* entry) |
257 | 0 | { |
258 | 0 | if (entry) |
259 | 0 | { |
260 | 0 | if (entry->UserLength > 0) |
261 | 0 | free(entry->User); |
262 | |
|
263 | 0 | if (entry->DomainLength > 0) |
264 | 0 | free(entry->Domain); |
265 | |
|
266 | 0 | free(entry); |
267 | 0 | } |
268 | 0 | } |
269 | | |
270 | | void SamResetEntry(WINPR_SAM_ENTRY* entry) |
271 | 0 | { |
272 | 0 | if (!entry) |
273 | 0 | return; |
274 | | |
275 | 0 | if (entry->UserLength) |
276 | 0 | { |
277 | 0 | free(entry->User); |
278 | 0 | entry->User = NULL; |
279 | 0 | } |
280 | |
|
281 | 0 | if (entry->DomainLength) |
282 | 0 | { |
283 | 0 | free(entry->Domain); |
284 | 0 | entry->Domain = NULL; |
285 | 0 | } |
286 | |
|
287 | 0 | ZeroMemory(entry->LmHash, sizeof(entry->LmHash)); |
288 | 0 | ZeroMemory(entry->NtHash, sizeof(entry->NtHash)); |
289 | 0 | } |
290 | | |
291 | | WINPR_SAM_ENTRY* SamLookupUserA(WINPR_SAM* sam, LPCSTR User, UINT32 UserLength, LPCSTR Domain, |
292 | | UINT32 DomainLength) |
293 | 0 | { |
294 | 0 | size_t length = 0; |
295 | 0 | BOOL found = FALSE; |
296 | 0 | WINPR_SAM_ENTRY* search = SamEntryFromDataA(User, UserLength, Domain, DomainLength); |
297 | 0 | WINPR_SAM_ENTRY* entry = (WINPR_SAM_ENTRY*)calloc(1, sizeof(WINPR_SAM_ENTRY)); |
298 | |
|
299 | 0 | if (!entry || !search) |
300 | 0 | goto fail; |
301 | | |
302 | 0 | if (!SamLookupStart(sam)) |
303 | 0 | goto fail; |
304 | | |
305 | 0 | while (sam->line != NULL) |
306 | 0 | { |
307 | 0 | length = strlen(sam->line); |
308 | |
|
309 | 0 | if (length > 1) |
310 | 0 | { |
311 | 0 | if (sam->line[0] != '#') |
312 | 0 | { |
313 | 0 | if (!SamReadEntry(sam, entry)) |
314 | 0 | { |
315 | 0 | goto out_fail; |
316 | 0 | } |
317 | | |
318 | 0 | if (SamAreEntriesEqual(entry, search)) |
319 | 0 | { |
320 | 0 | found = 1; |
321 | 0 | break; |
322 | 0 | } |
323 | 0 | } |
324 | 0 | } |
325 | | |
326 | 0 | SamResetEntry(entry); |
327 | 0 | sam->line = strtok_s(NULL, "\n", &sam->context); |
328 | 0 | } |
329 | | |
330 | 0 | out_fail: |
331 | 0 | SamLookupFinish(sam); |
332 | 0 | fail: |
333 | 0 | SamFreeEntry(sam, search); |
334 | |
|
335 | 0 | if (!found) |
336 | 0 | { |
337 | 0 | SamFreeEntry(sam, entry); |
338 | 0 | return NULL; |
339 | 0 | } |
340 | | |
341 | 0 | return entry; |
342 | 0 | } |
343 | | |
344 | | WINPR_SAM_ENTRY* SamLookupUserW(WINPR_SAM* sam, LPCWSTR User, UINT32 UserLength, LPCWSTR Domain, |
345 | | UINT32 DomainLength) |
346 | 0 | { |
347 | 0 | WINPR_SAM_ENTRY* entry = NULL; |
348 | 0 | char* utfUser = NULL; |
349 | 0 | char* utfDomain = NULL; |
350 | 0 | size_t userCharLen = 0; |
351 | 0 | size_t domainCharLen = 0; |
352 | |
|
353 | 0 | utfUser = ConvertWCharNToUtf8Alloc(User, UserLength / sizeof(WCHAR), &userCharLen); |
354 | 0 | if (!utfUser) |
355 | 0 | goto fail; |
356 | 0 | if (DomainLength > 0) |
357 | 0 | { |
358 | 0 | utfDomain = ConvertWCharNToUtf8Alloc(Domain, DomainLength / sizeof(WCHAR), &domainCharLen); |
359 | 0 | if (!utfDomain) |
360 | 0 | goto fail; |
361 | 0 | } |
362 | 0 | entry = SamLookupUserA(sam, utfUser, (UINT32)userCharLen, utfDomain, (UINT32)domainCharLen); |
363 | 0 | fail: |
364 | 0 | free(utfUser); |
365 | 0 | free(utfDomain); |
366 | 0 | return entry; |
367 | 0 | } |
368 | | |
369 | | void SamClose(WINPR_SAM* sam) |
370 | 0 | { |
371 | 0 | if (sam != NULL) |
372 | 0 | { |
373 | 0 | if (sam->fp) |
374 | 0 | (void)fclose(sam->fp); |
375 | 0 | free(sam); |
376 | 0 | } |
377 | 0 | } |