2017-01-16 20:59:50 +01:00
|
|
|
|
/* Copyright (c) Citrix Systems, Inc.
|
2013-06-24 13:41:48 +02:00
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms,
|
|
|
|
|
* with or without modification, are permitted provided
|
|
|
|
|
* that the following conditions are met:
|
|
|
|
|
*
|
|
|
|
|
* * Redistributions of source code must retain the above
|
|
|
|
|
* copyright notice, this list of conditions and the
|
|
|
|
|
* following disclaimer.
|
|
|
|
|
* * Redistributions in binary form must reproduce the above
|
|
|
|
|
* copyright notice, this list of conditions and the
|
|
|
|
|
* following disclaimer in the documentation and/or other
|
|
|
|
|
* materials provided with the distribution.
|
|
|
|
|
*
|
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
|
|
|
|
|
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
|
|
|
|
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
|
|
|
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
|
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
|
|
|
|
|
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
|
|
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
|
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
|
|
|
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
|
|
|
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
|
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
using System;
|
|
|
|
|
using System.Configuration;
|
|
|
|
|
using System.Text;
|
|
|
|
|
using System.Diagnostics;
|
|
|
|
|
using System.Windows.Forms;
|
|
|
|
|
|
2017-11-17 02:04:45 +01:00
|
|
|
|
using XenCenterLib;
|
2013-06-24 13:41:48 +02:00
|
|
|
|
using XenAdmin.Core;
|
|
|
|
|
using XenAdmin.Dialogs;
|
|
|
|
|
using XenAdmin.Network;
|
|
|
|
|
using System.Xml;
|
|
|
|
|
using System.IO;
|
|
|
|
|
using System.Security.Principal;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
namespace XenAdmin
|
|
|
|
|
{
|
|
|
|
|
internal class PasswordsRequest
|
|
|
|
|
{
|
|
|
|
|
private const string NamespaceURI = "http://citrix.com/XenCenter/ConnectionExport";
|
|
|
|
|
private const string TokenIdentifier = "XenCenterPasswordToken";
|
|
|
|
|
private const string RootElement = "XenCenterConnectionExport";
|
|
|
|
|
private const string TokenElement = "token";
|
|
|
|
|
private const string RequestFilename = "XenCenterConnectionRequest.xml";
|
|
|
|
|
private const string ResultFilename = "XenCenterConnectionExport.xml";
|
|
|
|
|
private const char Separator = '\x202f'; // narrow non-breaking space.
|
|
|
|
|
|
|
|
|
|
private static readonly log4net.ILog log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
|
|
|
|
|
|
|
|
|
|
internal static void HandleRequest(string destdir)
|
|
|
|
|
{
|
2019-10-03 10:18:20 +02:00
|
|
|
|
log.DebugFormat("Handling password request");
|
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
Process thisProcess = Process.GetCurrentProcess();
|
|
|
|
|
Process parentProcess = Processes.FindParent(thisProcess);
|
2013-06-24 13:41:48 +02:00
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
if (parentProcess == null)
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
|
|
|
|
log.Warn("Cannot find parent process. Ignoring request.");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
WindowsIdentity parentUser = Processes.GetWindowsIdentity(parentProcess);
|
|
|
|
|
WindowsIdentity thisUser = Processes.GetWindowsIdentity(thisProcess);
|
2013-06-24 13:41:48 +02:00
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
if (parentUser == null || thisUser == null)
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
|
|
|
|
log.Warn("Cannot find user details. Ignoring request.");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
if (parentUser.User != thisUser.User)
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
|
|
|
|
log.Warn("Passwords requested from user different to us. Ignoring request.");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!Registry.AllowCredentialSave || !Properties.Settings.Default.SaveSession)
|
|
|
|
|
{
|
|
|
|
|
WriteXML(destdir, null, "nosession");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
string exePath = Processes.GetExePath(parentProcess);
|
2013-06-24 13:41:48 +02:00
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
if (ParseToken(destdir, out var token, out var tokenExePath, out var userSid))
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
|
|
|
|
// Valid token.
|
2019-11-08 22:00:03 +01:00
|
|
|
|
if (tokenExePath == exePath)
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
2019-11-08 22:00:03 +01:00
|
|
|
|
if (userSid == thisUser.User.ToString())
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
|
|
|
|
CompleteRequest(destdir, token);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2019-11-08 22:00:03 +01:00
|
|
|
|
|
|
|
|
|
log.WarnFormat("Valid token, but for the wrong user. Will re-prompt");
|
2013-06-24 13:41:48 +02:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2019-11-08 22:00:03 +01:00
|
|
|
|
log.WarnFormat("Valid token, but for the wrong app. Will re-prompt");
|
2013-06-24 13:41:48 +02:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-08 22:00:03 +01:00
|
|
|
|
using (var d = new PasswordsRequestDialog { Application = exePath })
|
2019-10-03 14:40:13 +02:00
|
|
|
|
switch (d.ShowDialog())
|
|
|
|
|
{
|
|
|
|
|
case DialogResult.OK:
|
|
|
|
|
// Give passwords this time.
|
|
|
|
|
CompleteRequest(destdir, null);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case DialogResult.Yes:
|
|
|
|
|
// Give passwords always.
|
2019-11-08 22:00:03 +01:00
|
|
|
|
CompleteRequest(destdir, GenerateToken(exePath, thisUser.User.ToString()));
|
2019-10-03 14:40:13 +02:00
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case DialogResult.Cancel:
|
|
|
|
|
WriteXML(destdir, null, "cancelled");
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
log.Error("Unexpected result from PasswordsRequestDialog!");
|
|
|
|
|
return;
|
|
|
|
|
}
|
2013-06-24 13:41:48 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static bool ParseToken(string destdir, out string token, out string token_exepath, out string user_sid)
|
|
|
|
|
{
|
2020-10-22 01:49:13 +02:00
|
|
|
|
token = null;
|
|
|
|
|
token_exepath = null;
|
|
|
|
|
user_sid = null;
|
|
|
|
|
|
2013-06-24 13:41:48 +02:00
|
|
|
|
string enc = GetToken(destdir);
|
|
|
|
|
if (enc != null)
|
|
|
|
|
{
|
2020-10-22 01:49:13 +02:00
|
|
|
|
string plain;
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
plain = EncryptionUtils.Unprotect(enc);
|
|
|
|
|
}
|
|
|
|
|
catch (Exception e)
|
|
|
|
|
{
|
|
|
|
|
log.Warn("Could not unprotect token.", e);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-24 13:41:48 +02:00
|
|
|
|
if (plain != null)
|
|
|
|
|
{
|
|
|
|
|
string[] bits = plain.Split(Separator);
|
2020-10-22 01:49:13 +02:00
|
|
|
|
if (bits.Length == 4 && bits[0] == TokenIdentifier && long.TryParse(bits[1], out long ticks))
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
|
|
|
|
token = enc;
|
|
|
|
|
token_exepath = bits[2];
|
|
|
|
|
user_sid = bits[3];
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-22 01:49:13 +02:00
|
|
|
|
log.Warn("Missing or invalid token.");
|
2013-06-24 13:41:48 +02:00
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static string GetToken(string destdir)
|
|
|
|
|
{
|
|
|
|
|
string path = Path.Combine(destdir, RequestFilename);
|
|
|
|
|
if (!File.Exists(path))
|
|
|
|
|
return null;
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
XmlDocument doc = new XmlDocument();
|
|
|
|
|
doc.Load(path);
|
|
|
|
|
|
|
|
|
|
XmlNamespaceManager nsmgr = new XmlNamespaceManager(doc.NameTable);
|
|
|
|
|
nsmgr.AddNamespace("n", NamespaceURI);
|
|
|
|
|
|
|
|
|
|
XmlNode n = doc.SelectSingleNode("/n:" + RootElement + "/n:" + TokenElement, nsmgr);
|
|
|
|
|
return n == null ? null : n.InnerText;
|
|
|
|
|
}
|
|
|
|
|
catch (Exception exn)
|
|
|
|
|
{
|
|
|
|
|
log.Error(exn, exn);
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static string GenerateToken(string exepath, string user_sid)
|
|
|
|
|
{
|
|
|
|
|
string plain = string.Format("{0}{1}{2}{3}{4}{5}{6}", TokenIdentifier, Separator, DateTime.Now.Ticks, Separator, exepath,
|
|
|
|
|
Separator, user_sid);
|
|
|
|
|
return EncryptionUtils.Protect(plain);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static void CompleteRequest(string destdir, string token)
|
|
|
|
|
{
|
|
|
|
|
bool restored;
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
Settings.RestoreSession();
|
|
|
|
|
restored = Properties.Settings.Default.SaveSession;
|
|
|
|
|
}
|
|
|
|
|
catch (ConfigurationErrorsException ex)
|
|
|
|
|
{
|
|
|
|
|
log.Error("Could not load settings.", ex);
|
2020-04-22 15:47:03 +02:00
|
|
|
|
using (var dlg = new ErrorDialog(string.Format(Messages.MESSAGEBOX_LOAD_CORRUPTED, Settings.GetUserConfigPath()))
|
|
|
|
|
{WindowTitle = Messages.MESSAGEBOX_LOAD_CORRUPTED_TITLE})
|
2016-06-20 11:49:12 +02:00
|
|
|
|
{
|
|
|
|
|
dlg.ShowDialog(Program.MainWindow);
|
|
|
|
|
}
|
2013-06-24 13:41:48 +02:00
|
|
|
|
Application.Exit();
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
if (restored)
|
|
|
|
|
{
|
|
|
|
|
WriteXML(destdir, token, null);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
// The user has cancelled the restore.
|
|
|
|
|
WriteXML(destdir, null, "cancelled");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (Exception exn)
|
|
|
|
|
{
|
2020-04-22 15:47:03 +02:00
|
|
|
|
using (var dlg = new ErrorDialog(string.Format(Messages.MESSAGEBOX_PASSWORD_WRITE_FAILED, exn.Message)))
|
2016-06-20 11:49:12 +02:00
|
|
|
|
dlg.ShowDialog(Program.MainWindow);
|
2013-06-24 13:41:48 +02:00
|
|
|
|
Application.Exit();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static void WriteXML(string destdir, string token, string error)
|
|
|
|
|
{
|
|
|
|
|
XmlDocument doc = new XmlDocument();
|
|
|
|
|
doc.AppendChild(doc.CreateXmlDeclaration("1.0", null, null));
|
|
|
|
|
XmlElement root = doc.CreateElement(RootElement, NamespaceURI);
|
|
|
|
|
root.SetAttribute("version", "1.0");
|
|
|
|
|
doc.AppendChild(root);
|
|
|
|
|
|
|
|
|
|
if (error != null)
|
|
|
|
|
{
|
|
|
|
|
XmlElement error_node = doc.CreateElement("error", NamespaceURI);
|
|
|
|
|
root.AppendChild(error_node);
|
|
|
|
|
|
|
|
|
|
error_node.SetAttribute("code", error);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if (token != null)
|
|
|
|
|
{
|
|
|
|
|
XmlElement token_node = doc.CreateElement(TokenElement, NamespaceURI);
|
|
|
|
|
root.AppendChild(token_node);
|
|
|
|
|
|
|
|
|
|
token_node.AppendChild(doc.CreateTextNode(token));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
foreach (IXenConnection conn in ConnectionsManager.XenConnectionsCopy)
|
|
|
|
|
{
|
|
|
|
|
XenConnection connection = conn as XenConnection;
|
|
|
|
|
XmlElement pool_node = doc.CreateElement("pool", NamespaceURI);
|
|
|
|
|
root.AppendChild(pool_node);
|
|
|
|
|
|
|
|
|
|
pool_node.SetAttribute("name_label", conn.FriendlyName);
|
|
|
|
|
pool_node.SetAttribute("password", conn.Password);
|
|
|
|
|
pool_node.SetAttribute("is_connected", conn.SaveDisconnected ? "false" : "true");
|
|
|
|
|
|
|
|
|
|
lock (connection.PoolMembersLock)
|
|
|
|
|
{
|
|
|
|
|
pool_node.AppendChild(ServerNode(doc, conn.Hostname, conn.Port, true));
|
|
|
|
|
|
|
|
|
|
foreach (string member in conn.PoolMembers)
|
|
|
|
|
{
|
|
|
|
|
if (member != conn.Hostname)
|
|
|
|
|
pool_node.AppendChild(ServerNode(doc, member, conn.Port, false));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
XmlWriterSettings settings = new XmlWriterSettings();
|
|
|
|
|
settings.CloseOutput = true;
|
|
|
|
|
settings.Indent = true;
|
|
|
|
|
settings.Encoding = Encoding.UTF8;
|
|
|
|
|
string dest = Path.Combine(destdir, ResultFilename);
|
|
|
|
|
XmlWriter writer = XmlWriter.Create(dest, settings);
|
|
|
|
|
try
|
|
|
|
|
{
|
|
|
|
|
doc.WriteContentTo(writer);
|
|
|
|
|
}
|
|
|
|
|
finally
|
|
|
|
|
{
|
|
|
|
|
writer.Close();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-31 12:31:16 +02:00
|
|
|
|
private static XmlElement ServerNode(XmlDocument doc, string address, int port, bool is_coordinator)
|
2013-06-24 13:41:48 +02:00
|
|
|
|
{
|
|
|
|
|
XmlElement server_node = doc.CreateElement("server", NamespaceURI);
|
|
|
|
|
|
|
|
|
|
server_node.SetAttribute("address", address);
|
|
|
|
|
server_node.SetAttribute("port", port.ToString());
|
2021-08-31 12:31:16 +02:00
|
|
|
|
server_node.SetAttribute("is_master", is_coordinator ? "true" : "false");
|
2013-06-24 13:41:48 +02:00
|
|
|
|
|
|
|
|
|
return server_node;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|