Author: ekohl Date: Mon May 23 21:48:32 2016 New Revision: 71394

URL: http://svn.reactos.org/svn/reactos?rev=71394&view=rev Log: [SERVICES] - RChangeServiceConfigA/W: Modify or delete password secrets. [ADVAPI32] - ChangeServiceConfigA, CreateServiceA: Convert passwords to Unicode before passing them to the remote functions.

Modified: trunk/reactos/base/system/services/config.c trunk/reactos/base/system/services/rpcserver.c trunk/reactos/dll/win32/advapi32/service/scm.c

Modified: trunk/reactos/base/system/services/config.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/system/services/config... ============================================================================== --- trunk/reactos/base/system/services/config.c [iso-8859-1] (original) +++ trunk/reactos/base/system/services/config.c [iso-8859-1] Mon May 23 21:48:32 2016 @@ -481,7 +481,7 @@

Status = LsaStorePrivateData(PolicyHandle, &ServiceName, - &Password); + pszPassword ? &Password : NULL); if (!NT_SUCCESS(Status)) { dwError = RtlNtStatusToDosError(Status);

Modified: trunk/reactos/base/system/services/rpcserver.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/base/system/services/rpcser... ============================================================================== --- trunk/reactos/base/system/services/rpcserver.c [iso-8859-1] (original) +++ trunk/reactos/base/system/services/rpcserver.c [iso-8859-1] Mon May 23 21:48:32 2016 @@ -2022,7 +2022,27 @@

if (lpPassword != NULL) { - /* FIXME: Decrypt and write password */ + if (wcslen((LPWSTR)lpPassword) != 0) + { + /* FIXME: Decrypt the password */ + + /* Write the password */ + dwError = ScmSetServicePassword(lpService->szServiceName, + (LPCWSTR)lpPassword); + if (dwError != ERROR_SUCCESS) + goto done; + } + else + { + /* Delete the password */ + dwError = ScmSetServicePassword(lpService->szServiceName, + NULL); + if (dwError == ERROR_FILE_NOT_FOUND) + dwError = ERROR_SUCCESS; + + if (dwError != ERROR_SUCCESS) + goto done; + } }

done: @@ -3460,11 +3480,34 @@ dwDependSize);

HeapFree(GetProcessHeap(), 0, lpDependenciesW); + + if (dwError != ERROR_SUCCESS) + goto done; }

if (lpPassword != NULL) { - /* FIXME: Decrypt and write password */ + if (wcslen((LPWSTR)lpPassword) != 0) + { + /* FIXME: Decrypt the password */ + + /* Write the password */ + dwError = ScmSetServicePassword(lpService->szServiceName, + (LPCWSTR)lpPassword); + if (dwError != ERROR_SUCCESS) + goto done; + } + else + { + /* Delete the password */ + dwError = ScmSetServicePassword(lpService->szServiceName, + NULL); + if (dwError == ERROR_FILE_NOT_FOUND) + dwError = ERROR_SUCCESS; + + if (dwError != ERROR_SUCCESS) + goto done; + } }

done:

Modified: trunk/reactos/dll/win32/advapi32/service/scm.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/advapi32/service/... ============================================================================== --- trunk/reactos/dll/win32/advapi32/service/scm.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/advapi32/service/scm.c [iso-8859-1] Mon May 23 21:48:32 2016 @@ -287,6 +287,7 @@ SIZE_T cchLength; LPCSTR lpStr; DWORD dwPasswordLength = 0; + LPWSTR lpPasswordW = NULL; LPBYTE lpEncryptedPassword = NULL;

TRACE("ChangeServiceConfigA() called\n"); @@ -304,9 +305,29 @@ dwDependenciesLength++; }

- /* FIXME: Encrypt the password */ - lpEncryptedPassword = (LPBYTE)lpPassword; - dwPasswordLength = (DWORD)(lpPassword ? (strlen(lpPassword) + 1) * sizeof(CHAR) : 0); + if (lpPassword != NULL) + { + /* Convert the password to unicode */ + lpPasswordW = HeapAlloc(GetProcessHeap(), + HEAP_ZERO_MEMORY, + (strlen(lpPassword) + 1) * sizeof(WCHAR)); + if (lpPasswordW == NULL) + { + SetLastError(ERROR_NOT_ENOUGH_MEMORY); + return FALSE; + } + + MultiByteToWideChar(CP_ACP, + 0, + lpPassword, + -1, + lpPasswordW, + (int)(strlen(lpPassword) + 1)); + + /* FIXME: Encrypt the password */ + lpEncryptedPassword = (LPBYTE)lpPasswordW; + dwPasswordLength = (DWORD)(lpPasswordW ? (wcslen(lpPasswordW) + 1) * sizeof(WCHAR) : 0); + }

RpcTryExcept { @@ -331,6 +352,9 @@ } RpcEndExcept;

+ if (lpPasswordW != NULL) + HeapFree(GetProcessHeap(), 0, lpPasswordW); + if (dwError != ERROR_SUCCESS) { TRACE("RChangeServiceConfigA() failed (Error %lu)\n", dwError); @@ -548,6 +572,7 @@ SIZE_T cchLength; LPCSTR lpStr; DWORD dwPasswordLength = 0; + LPWSTR lpPasswordW = NULL; LPBYTE lpEncryptedPassword = NULL;

TRACE("CreateServiceA() called\n"); @@ -573,9 +598,29 @@ dwDependenciesLength++; }

- /* FIXME: Encrypt the password */ - lpEncryptedPassword = (LPBYTE)lpPassword; - dwPasswordLength = (DWORD)(lpPassword ? (strlen(lpPassword) + 1) * sizeof(CHAR) : 0); + if (lpPassword != NULL) + { + /* Convert the password to unicode */ + lpPasswordW = HeapAlloc(GetProcessHeap(), + HEAP_ZERO_MEMORY, + (strlen(lpPassword) + 1) * sizeof(WCHAR)); + if (lpPasswordW == NULL) + { + SetLastError(ERROR_NOT_ENOUGH_MEMORY); + return FALSE; + } + + MultiByteToWideChar(CP_ACP, + 0, + lpPassword, + -1, + lpPasswordW, + (int)(strlen(lpPassword) + 1)); + + /* FIXME: Encrypt the password */ + lpEncryptedPassword = (LPBYTE)lpPasswordW; + dwPasswordLength = (DWORD)(lpPasswordW ? (wcslen(lpPasswordW) + 1) * sizeof(WCHAR) : 0); + }

RpcTryExcept { @@ -602,6 +647,9 @@ dwError = ScmRpcStatusToWinError(RpcExceptionCode()); } RpcEndExcept; + + if (lpPasswordW != NULL) + HeapFree(GetProcessHeap(), 0, lpPasswordW);

if (dwError != ERROR_SUCCESS) {