khm_int32
handle_kmsg_system_exit(void)
{
khui_config_node cnode;
khui_config_node cn_idents;
/* It should not be assumed that initialization of the plugin went
well at this point since we receive a KMSG_SYSTEM_EXIT even if
the initialization failed. */
if (credtype_id != KCDB_CREDTYPE_INVALID) {
kcdb_credtype_unregister(credtype_id);
credtype_id = KCDB_CREDTYPE_INVALID;
}
if (g_credset) {
kcdb_credset_delete(g_credset);
g_credset = NULL;
}
/* Now unregister any configuration nodes we registered. */
if (KHM_SUCCEEDED(khui_cfg_open(NULL, CONFIGNODE_MAIN, &cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
if (KHM_SUCCEEDED(khui_cfg_open(NULL, L"KhmIdentities", &cn_idents))) {
if (KHM_SUCCEEDED(khui_cfg_open(cn_idents,
CONFIGNODE_ALL_ID,
&cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
if (KHM_SUCCEEDED(khui_cfg_open(cn_idents,
CONFIGNODE_PER_ID,
&cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
khui_cfg_release(cn_idents);
}
if (h_idprov_event != NULL) {
CloseHandle(h_idprov_event);
h_idprov_event = NULL;
}
/* TODO: Perform additional uninitialization operations. */
return KHM_ERROR_SUCCESS;
}
/* perform shutdown operations */
static void
khm_pre_shutdown(void) {
khm_handle csp_cw = NULL;
khm_handle credset = NULL;
khm_int32 t;
khm_size s;
/* Check if we should destroy all credentials on exit... */
if (KHM_FAILED(khc_open_space(NULL, L"CredWindow", 0, &csp_cw)))
return;
if (KHM_FAILED(khc_read_int32(csp_cw, L"DestroyCredsOnExit", &t)) ||
!t)
goto _cleanup;
if (KHM_FAILED(kcdb_credset_create(&credset)))
goto _cleanup;
if (KHM_FAILED(kcdb_credset_extract(credset, NULL, NULL,
KCDB_TYPE_INVALID)))
goto _cleanup;
if (KHM_FAILED(kcdb_credset_get_size(credset, &s)) ||
s == 0)
goto _cleanup;
kcdb_credset_apply(credset, mw_select_cred, NULL);
khui_context_set(KHUI_SCOPE_GROUP,
NULL,
KCDB_CREDTYPE_INVALID,
NULL,
NULL,
0,
credset);
khm_cred_destroy_creds(TRUE, TRUE);
_cleanup:
if (credset)
kcdb_credset_delete(credset);
if (csp_cw)
khc_close_space(csp_cw);
}
/* process KMSG_SYSTEM messages */
khm_int32 KHMAPI
afs_msg_system(khm_int32 msg_subtype,
khm_ui_4 uparam,
void * vparam)
{
khm_int32 rv = KHM_ERROR_UNKNOWN;
switch(msg_subtype) {
case KMSG_SYSTEM_INIT:
/* If we are building against an older SDK, we should try to
load newer APIs if it's available at run-time. */
#if KH_VERSION_API < 7
do {
khm_version libver;
khm_ui_4 apiver;
khm_get_lib_version(&libver, &apiver);
if (apiver < 7)
break;
hm_netidmgr = LoadLibrary(NIMDLLNAME);
if (hm_netidmgr == NULL)
break;
pkhui_action_lock = (void (KHMAPI *)(void))
GetProcAddress(hm_netidmgr, API_khui_action_lock);
pkhui_action_unlock = (void (KHMAPI *)(void))
GetProcAddress(hm_netidmgr, API_khui_action_unlock);
pkhui_refresh_actions = (void (KHMAPI *)(void))
GetProcAddress(hm_netidmgr, API_khui_refresh_actions);
pkhui_request_UI_callback = (khm_int32 (KHMAPI *)(khm_ui_callback, void *))
GetProcAddress(hm_netidmgr, API_khui_request_UI_callback);
} while (FALSE);
#endif
/* Add the icon now. On NIM v2.x, doing so after tokens were
reported may result in a deadlock as we try to switch to
the UI thread and the UI thread is blocked on a resource
request to this plug-in. */
afs_icon_set_state(AFSICON_SERVICE_STOPPED, NULL);
/* Perform critical registrations and data structure
initalization */
{
kcdb_credtype ct;
wchar_t buf[KCDB_MAXCCH_LONG_DESC];
size_t cbsize;
kcdb_attrib att;
khm_handle csp_afscred = NULL;
khm_int32 disable_afscreds = FALSE;
ZeroMemory(&ct, sizeof(ct));
/* first of all, register the AFS token credential type */
ct.id = KCDB_CREDTYPE_AUTO;
ct.name = AFS_CREDTYPE_NAME;
if(LoadString(hResModule,
IDS_AFS_SHORT_DESC,
buf,
ARRAYLENGTH(buf)) != 0) {
StringCbLength(buf, sizeof(buf), &cbsize);
cbsize += sizeof(wchar_t);
ct.short_desc = PMALLOC(cbsize);
StringCbCopy(ct.short_desc, cbsize, buf);
} else
ct.short_desc = NULL;
if(LoadString(hResModule,
IDS_AFS_LONG_DESC,
buf,
ARRAYLENGTH(buf)) != 0) {
StringCbLength(buf, sizeof(buf), &cbsize);
cbsize += sizeof(wchar_t);
ct.long_desc = PMALLOC(cbsize);
StringCbCopy(ct.long_desc, cbsize, buf);
} else
ct.long_desc = NULL;
ct.icon = LoadImage(hResModule,
MAKEINTRESOURCE(IDI_AFSTOKEN),
IMAGE_ICON,
0, 0, LR_DEFAULTSIZE);
kmq_create_subscription(afs_plugin_cb, &afs_sub);
ct.sub = afs_sub;
kcdb_credtype_register(&ct, &afs_credtype_id);
/* register the attribute types */
{
kcdb_type type;
ZeroMemory(&type, sizeof(type));
type.comp = afs_type_principal_comp;
type.dup = afs_type_principal_dup;
type.isValid = afs_type_principal_isValid;
type.toString = afs_type_principal_toString;
type.name = AFS_TYPENAME_PRINCIPAL;
type.id = KCDB_TYPE_INVALID;
type.cb_max = sizeof(struct ktc_principal);
type.cb_min = sizeof(struct ktc_principal);
type.flags = KCDB_TYPE_FLAG_CB_FIXED;
if(KHM_FAILED(kcdb_type_register(&type,
&afs_type_principal)))
goto _exit_init;
}
{
kcdb_type type;
kcdb_type *ti32 = NULL;
kcdb_type_get_info(KCDB_TYPE_INT32, &ti32);
ZeroMemory(&type, sizeof(type));
type.comp = ti32->comp;
type.dup = ti32->dup;
type.isValid = ti32->isValid;
type.toString = afs_type_method_toString;
type.name = AFS_TYPENAME_METHOD;
type.id = KCDB_TYPE_INVALID;
type.cb_max = sizeof(khm_int32);
type.cb_min = sizeof(khm_int32);
type.flags = KCDB_TYPE_FLAG_CB_FIXED;
if(KHM_FAILED(kcdb_type_register(&type,
&afs_type_method))) {
kcdb_type_release_info(ti32);
goto _exit_init;
}
kcdb_type_release_info(ti32);
}
/* now register the attributes */
{
wchar_t short_desc[KCDB_MAXCCH_SHORT_DESC];
ZeroMemory(&att, sizeof(att));
att.type = KCDB_TYPE_STRING;
att.name = AFS_ATTRNAME_CELL;
LoadString(hResModule,
IDS_ATTR_CELL_SHORT_DESC,
short_desc,
ARRAYLENGTH(short_desc));
att.short_desc = short_desc;
att.long_desc = NULL;
att.id = KCDB_ATTR_INVALID;
att.flags = KCDB_ATTR_FLAG_TRANSIENT;
if(KHM_FAILED(rv = kcdb_attrib_register(&att,
&afs_attr_cell)))
goto _exit_init;
}
{
wchar_t short_desc[KCDB_MAXCCH_SHORT_DESC];
ZeroMemory(&att, sizeof(att));
att.type = KCDB_TYPE_STRING;
att.name = AFS_ATTRNAME_REALM;
LoadString(hResModule,
IDS_ATTR_REALM_SHORT_DESC,
short_desc,
ARRAYLENGTH(short_desc));
att.short_desc = short_desc;
att.long_desc = NULL;
att.id = KCDB_ATTR_INVALID;
att.flags = KCDB_ATTR_FLAG_TRANSIENT;
if(KHM_FAILED(rv = kcdb_attrib_register(&att,
&afs_attr_realm)))
goto _exit_init;
}
{
wchar_t short_desc[KCDB_MAXCCH_SHORT_DESC];
ZeroMemory(&att, sizeof(att));
att.type = afs_type_method;
att.name = AFS_ATTRNAME_METHOD;
LoadString(hResModule,
IDS_ATTR_METHOD_SHORT_DESC,
short_desc,
ARRAYLENGTH(short_desc));
att.short_desc = short_desc;
att.long_desc = NULL;
att.id = KCDB_ATTR_INVALID;
att.flags = KCDB_ATTR_FLAG_TRANSIENT;
if(KHM_FAILED(rv = kcdb_attrib_register(&att,
&afs_attr_method)))
goto _exit_init;
}
{
wchar_t short_desc[KCDB_MAXCCH_SHORT_DESC];
ZeroMemory(&att, sizeof(att));
att.type = afs_type_principal;
att.name = AFS_ATTRNAME_CLIENT_PRINC;
LoadString(hResModule,
IDS_ATTR_CLIENT_PRINC_SHORT_DESC,
short_desc,
ARRAYLENGTH(short_desc));
att.short_desc = short_desc;
att.long_desc = NULL;
att.id = KCDB_ATTR_INVALID;
att.flags = KCDB_ATTR_FLAG_TRANSIENT;
if(KHM_FAILED(rv = kcdb_attrib_register(&att, &afs_attr_client_princ)))
goto _exit_init;
}
{
wchar_t short_desc[KCDB_MAXCCH_SHORT_DESC];
ZeroMemory(&att, sizeof(att));
att.type = afs_type_principal;
att.name = AFS_ATTRNAME_SERVER_PRINC;
LoadString(hResModule,
IDS_ATTR_SERVER_PRINC_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
att.short_desc = short_desc;
att.long_desc = NULL;
att.id = KCDB_ATTR_INVALID;
att.flags = KCDB_ATTR_FLAG_TRANSIENT;
if(KHM_FAILED(rv = kcdb_attrib_register(&att, &afs_attr_server_princ)))
goto _exit_init;
}
/* afs_credset is our stock credentials set that we
use for all our credset needs (instead of creating
a new one every time) */
if(KHM_FAILED(rv = kcdb_credset_create(&afs_credset)))
goto _exit_init;
if(KHM_FAILED(rv = kcdb_credtype_get_id(KRB5_CREDTYPE_NAME,
&krb5_credtype_id)))
goto _exit_init;
/* register the configuration nodes */
{
khui_config_node node_ident;
khui_config_node_reg reg;
wchar_t wshort_desc[KHUI_MAXCCH_SHORT_DESC];
wchar_t wlong_desc[KHUI_MAXCCH_LONG_DESC];
if (KHM_FAILED(rv = khui_cfg_open(NULL,
L"KhmIdentities",
&node_ident)))
goto _exit_init;
ZeroMemory(®, sizeof(reg));
reg.name = AFS_CONFIG_NODE_MAIN;
reg.short_desc = wshort_desc;
reg.long_desc = wlong_desc;
reg.h_module = hResModule;
reg.dlg_template = MAKEINTRESOURCE(IDD_CFG_AFS);
reg.dlg_proc = afs_cfg_main_proc;
reg.flags = 0;
LoadString(hResModule, IDS_CFG_MAIN_LONG,
wlong_desc, ARRAYLENGTH(wlong_desc));
LoadString(hResModule, IDS_CFG_MAIN_SHORT,
wshort_desc, ARRAYLENGTH(wshort_desc));
khui_cfg_register(NULL, ®);
ZeroMemory(®, sizeof(reg));
reg.name = AFS_CONFIG_NODE_IDS;
reg.short_desc = wshort_desc;
reg.long_desc = wshort_desc;
reg.h_module = hResModule;
reg.dlg_template = MAKEINTRESOURCE(IDD_CFG_IDS_TAB);
reg.dlg_proc = afs_cfg_ids_proc;
reg.flags = KHUI_CNFLAG_SUBPANEL;
LoadString(hResModule, IDS_CFG_IDS_TAB,
wshort_desc, ARRAYLENGTH(wshort_desc));
khui_cfg_register(node_ident, ®);
ZeroMemory(®, sizeof(reg));
reg.name = AFS_CONFIG_NODE_ID;
reg.short_desc = wshort_desc;
reg.long_desc = wshort_desc;
reg.h_module = hResModule;
reg.dlg_template = MAKEINTRESOURCE(IDD_CFG_ID_TAB);
reg.dlg_proc = afs_cfg_id_proc;
reg.flags = KHUI_CNFLAG_SUBPANEL | KHUI_CNFLAG_PLURAL;
LoadString(hResModule, IDS_CFG_ID_TAB,
wshort_desc, ARRAYLENGTH(wshort_desc));
khui_cfg_register(node_ident, ®);
}
/* and register the AFS message type */
rv = kmq_register_type(AFS_MSG_TYPENAME, &afs_msg_type_id);
if (KHM_SUCCEEDED(rv))
kmq_subscribe(afs_msg_type_id, afs_plugin_cb);
/* if the configuration is set to disable afscreds.exe,
then we look for the shortcut and remove it if
found. */
if (KHM_SUCCEEDED(kmm_get_plugin_config(AFS_PLUGIN_NAME,
0,
&csp_afscred))) {
wchar_t wpath[MAX_PATH];
khc_read_int32(csp_afscred, L"Disableafscreds",
&disable_afscreds);
if (disable_afscreds &&
afs_cfg_get_afscreds_shortcut(wpath)) {
DeleteFile(wpath);
}
khc_close_space(csp_afscred);
}
/* try to register the "AFS Help" menu item, if
possible */
{
khm_handle h_sub = NULL;
wchar_t short_desc[KHUI_MAXCCH_SHORT_DESC];
wchar_t long_desc[KHUI_MAXCCH_LONG_DESC];
#if KH_VERSION_API < 7
if (pkhui_action_lock == NULL ||
pkhui_action_unlock == NULL ||
pkhui_refresh_actions == NULL ||
pkhui_request_UI_callback == NULL)
goto no_custom_help;
#endif
kmq_create_subscription(afs_plugin_cb, &h_sub);
LoadString(hResModule, IDS_ACTION_AFS_HELP,
short_desc, ARRAYLENGTH(short_desc));
LoadString(hResModule, IDS_ACTION_AFS_HELP_TT,
long_desc, ARRAYLENGTH(long_desc));
action_id_afs_help = khui_action_create(NULL,
short_desc,
long_desc,
NULL,
KHUI_ACTIONTYPE_TRIGGER,
h_sub);
if (action_id_afs_help != 0) {
khm_size s;
khm_size i;
khui_menu_def * help_menu;
khm_boolean refresh = FALSE;
khui_action_lock();
help_menu = khui_find_menu(KHUI_MENU_HELP);
if (help_menu) {
s = khui_menu_get_size(help_menu);
for (i=0; i < s; i++) {
khui_action_ref * aref;
aref = khui_menu_get_action(help_menu, i);
if (aref && !(aref->flags & KHUI_ACTIONREF_PACTION) &&
aref->action == KHUI_ACTION_HELP_INDEX) {
khui_menu_insert_action(help_menu,
i + 1,
action_id_afs_help,
0);
refresh = TRUE;
break;
}
}
}
khui_action_unlock();
if (refresh)
khui_refresh_actions();
}
#if KH_VERSION_API < 7
no_custom_help:
;
#endif
}
_exit_init:
if(ct.short_desc)
PFREE(ct.short_desc);
if(ct.long_desc)
PFREE(ct.long_desc);
}
/* now that the critical stuff is done, we move on to the
non-critical stuff */
if(KHM_SUCCEEDED(rv)) {
initialized = TRUE;
/* obtain existing tokens */
afs_list_tokens();
}
/* define this so that if there are no TGT's, we don't
deadlock trying to open a new creds dialog from within the
new creds dialog. */
SetEnvironmentVariable(L"KERBEROSLOGIN_NEVER_PROMPT", L"1");
break;
/* end of KMSG_SYSTEM_INIT */
case KMSG_SYSTEM_EXIT:
afs_remove_icon();
/* Try to remove the AFS plug-in action from Help menu if it
was successfully registered. Also, delete the action. */
if (action_id_afs_help != 0) {
khui_menu_def * help_menu;
khm_boolean menu_changed = FALSE;
khui_action_lock();
help_menu = khui_find_menu(KHUI_MENU_HELP);
if (help_menu) {
khm_size s;
khm_size i;
s = khui_menu_get_size(help_menu);
for (i=0; i < s; i++) {
khui_action_ref * aref = khui_menu_get_action(help_menu, i);
if (aref && !(aref->flags & KHUI_ACTIONREF_PACTION) &&
aref->action == action_id_afs_help) {
khui_menu_remove_action(help_menu, i);
menu_changed = TRUE;
break;
}
}
}
khui_action_delete(action_id_afs_help);
khui_action_unlock();
if (menu_changed)
khui_refresh_actions();
action_id_afs_help = 0;
}
if (afs_msg_type_id != -1) {
kmq_unsubscribe(afs_msg_type_id, afs_plugin_cb);
kmq_unregister_type(afs_msg_type_id);
}
if(afs_credtype_id >= 0) {
kcdb_credtype_unregister(afs_credtype_id);
}
#if 0
if(afs_attr_client >= 0) {
kcdb_attrib_unregister(afs_attr_client);
}
#endif
if(afs_attr_cell >= 0) {
kcdb_attrib_unregister(afs_attr_cell);
}
if(afs_attr_realm >= 0) {
kcdb_attrib_unregister(afs_attr_realm);
}
if(afs_attr_method >= 0) {
kcdb_attrib_unregister(afs_attr_method);
}
if(afs_attr_client_princ >= 0) {
kcdb_attrib_unregister(afs_attr_client_princ);
}
if(afs_attr_server_princ >= 0) {
kcdb_attrib_unregister(afs_attr_server_princ);
}
if(afs_type_principal >= 0) {
kcdb_type_unregister(afs_type_principal);
}
if(afs_type_method >= 0) {
kcdb_type_unregister(afs_type_method);
}
initialized = FALSE;
if(afs_credset)
kcdb_credset_delete(afs_credset);
/* afs_sub doesn't need to be deleted. That is taken care
of when unregistering the afs cred type */
afs_sub = NULL;
#if KH_VERSION_API < 7
if (hm_netidmgr)
FreeLibrary(hm_netidmgr);
pkhui_action_lock = NULL;
pkhui_action_unlock = NULL;
pkhui_refresh_actions = NULL;
pkhui_request_UI_callback = NULL;
#endif
rv = KHM_ERROR_SUCCESS;
break;
/* end of KMSG_SYSTEM_EXIT */
}
return rv;
}
/* Completion handler for KMSG_CRED messages. We control the overall
logic of credentials acquisition and other operations here. Once a
credentials operation is triggered, each successive message
completion notification will be used to dispatch the messages for
the next step in processing the operation. */
void KHMAPI
kmsg_cred_completion(kmq_message *m)
{
khui_new_creds * nc;
#ifdef DEBUG
assert(m->type == KMSG_CRED);
#else
if(m->type != KMSG_CRED)
return; /* huh? */
#endif
switch(m->subtype) {
case KMSG_CRED_PASSWORD:
/* fallthrough */
case KMSG_CRED_NEW_CREDS:
/* Cred types have attached themselves. Trigger the next
phase. */
kmq_post_message(KMSG_CRED, KMSG_CRED_DIALOG_SETUP, 0,
m->vparam);
break;
case KMSG_CRED_RENEW_CREDS:
nc = (khui_new_creds *) m->vparam;
/* khm_cred_dispatch_process_message() deals with the case
where there are no credential types that wants to
participate in this operation. */
khm_cred_dispatch_process_message(nc);
break;
case KMSG_CRED_DIALOG_SETUP:
nc = (khui_new_creds *) m->vparam;
khm_prep_newcredwnd(nc->hwnd);
/* all the controls have been created. Now initialize them */
if (nc->n_types > 0) {
kmq_post_subs_msg(nc->type_subs,
nc->n_types,
KMSG_CRED,
KMSG_CRED_DIALOG_PRESTART,
0,
m->vparam);
} else {
PostMessage(nc->hwnd, KHUI_WM_NC_NOTIFY,
MAKEWPARAM(0, WMNC_DIALOG_PROCESS_COMPLETE), 0);
}
break;
case KMSG_CRED_DIALOG_PRESTART:
/* all prestart stuff is done. Now to activate the dialog */
nc = (khui_new_creds *) m->vparam;
khm_show_newcredwnd(nc->hwnd);
kmq_post_subs_msg(nc->type_subs,
nc->n_types,
KMSG_CRED,
KMSG_CRED_DIALOG_START,
0,
m->vparam);
/* at this point, the dialog window takes over. We let it run
the show until KMSG_CRED_DIALOG_END is posted by the dialog
procedure. */
break;
case KMSG_CRED_PROCESS:
/* a wave of these messages have completed. We should check
if there's more */
nc = (khui_new_creds *) m->vparam;
/* if we are done processing all the plug-ins, then check if
there were any errors reported. Otherwise we dispatch
another set of messages. */
if(!khm_cred_dispatch_process_level(nc)) {
if(kherr_is_error()) {
khui_alert * alert;
kherr_event * evt;
kherr_context * ctx;
wchar_t ws_tfmt[512];
wchar_t w_idname[KCDB_IDENT_MAXCCH_NAME];
wchar_t ws_title[ARRAYLENGTH(ws_tfmt) + KCDB_IDENT_MAXCCH_NAME];
khm_size cb;
/* For renewals, we suppress the error message for the
following case:
- The renewal was for an identity
- There are no identity credentials for the
identity (no credentials that have the same type
as the identity provider). */
if (nc->subtype == KMSG_CRED_RENEW_CREDS &&
nc->ctx.scope == KHUI_SCOPE_IDENT &&
nc->ctx.identity != NULL) {
khm_handle tcs = NULL; /* credential set */
khm_size count = 0;
khm_int32 id_ctype = KCDB_CREDTYPE_INVALID;
khm_int32 delta = 0;
kcdb_identity_get_type(&id_ctype);
kcdb_credset_create(&tcs);
kcdb_credset_collect(tcs, NULL,
nc->ctx.identity,
id_ctype,
&delta);
kcdb_credset_get_size(tcs, &count);
kcdb_credset_delete(tcs);
if (count == 0) {
goto done_with_op;
}
}
ctx = kherr_peek_context();
evt = kherr_get_err_event(ctx);
kherr_evaluate_event(evt);
khui_alert_create_empty(&alert);
if (nc->subtype == KMSG_CRED_NEW_CREDS) {
khui_alert_set_type(alert, KHUI_ALERTTYPE_ACQUIREFAIL);
cb = sizeof(w_idname);
if (nc->n_identities == 0 ||
KHM_FAILED(kcdb_identity_get_name(nc->identities[0],
w_idname, &cb))) {
/* an identity could not be determined */
LoadString(khm_hInstance, IDS_NC_FAILED_TITLE,
ws_title, ARRAYLENGTH(ws_title));
} else {
LoadString(khm_hInstance, IDS_NC_FAILED_TITLE_I,
ws_tfmt, ARRAYLENGTH(ws_tfmt));
StringCbPrintf(ws_title, sizeof(ws_title),
ws_tfmt, w_idname);
khui_alert_set_ctx(alert,
KHUI_SCOPE_IDENT,
nc->identities[0],
KCDB_CREDTYPE_INVALID,
NULL);
}
} else if (nc->subtype == KMSG_CRED_PASSWORD) {
khui_alert_set_type(alert, KHUI_ALERTTYPE_CHPW);
cb = sizeof(w_idname);
if (nc->n_identities == 0 ||
KHM_FAILED(kcdb_identity_get_name(nc->identities[0],
w_idname, &cb))) {
LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE,
ws_title, ARRAYLENGTH(ws_title));
} else {
LoadString(khm_hInstance, IDS_NC_PWD_FAILED_TITLE_I,
ws_tfmt, ARRAYLENGTH(ws_tfmt));
StringCbPrintf(ws_title, sizeof(ws_title),
ws_tfmt, w_idname);
khui_alert_set_ctx(alert,
KHUI_SCOPE_IDENT,
nc->identities[0],
KCDB_CREDTYPE_INVALID,
NULL);
}
} else if (nc->subtype == KMSG_CRED_RENEW_CREDS) {
khui_alert_set_type(alert, KHUI_ALERTTYPE_RENEWFAIL);
cb = sizeof(w_idname);
if (nc->ctx.identity == NULL ||
KHM_FAILED(kcdb_identity_get_name(nc->ctx.identity,
w_idname, &cb))) {
LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE,
ws_title, ARRAYLENGTH(ws_title));
} else {
LoadString(khm_hInstance, IDS_NC_REN_FAILED_TITLE_I,
ws_tfmt, ARRAYLENGTH(ws_tfmt));
StringCbPrintf(ws_title, sizeof(ws_title),
ws_tfmt, w_idname);
khui_alert_set_ctx(alert,
KHUI_SCOPE_IDENT,
nc->ctx.identity,
KCDB_CREDTYPE_INVALID,
NULL);
}
} else {
#ifdef DEBUG
assert(FALSE);
#endif
}
khui_alert_set_title(alert, ws_title);
khui_alert_set_severity(alert, evt->severity);
if(!evt->long_desc)
khui_alert_set_message(alert, evt->short_desc);
else
khui_alert_set_message(alert, evt->long_desc);
if(evt->suggestion)
khui_alert_set_suggestion(alert, evt->suggestion);
if (nc->subtype == KMSG_CRED_RENEW_CREDS &&
nc->ctx.identity != NULL) {
khm_int32 n_cmd;
n_cmd = khm_get_identity_new_creds_action(nc->ctx.identity);
if (n_cmd != 0) {
khui_alert_add_command(alert, n_cmd);
khui_alert_add_command(alert, KHUI_PACTION_CLOSE);
khui_alert_set_flags(alert, KHUI_ALERT_FLAG_DISPATCH_CMD,
KHUI_ALERT_FLAG_DISPATCH_CMD);
}
}
khui_alert_show(alert);
khui_alert_release(alert);
kherr_release_context(ctx);
kherr_clear_error();
}
done_with_op:
if (nc->subtype == KMSG_CRED_RENEW_CREDS) {
kmq_post_message(KMSG_CRED, KMSG_CRED_END, 0,
m->vparam);
} else {
PostMessage(nc->hwnd, KHUI_WM_NC_NOTIFY,
MAKEWPARAM(0, WMNC_DIALOG_PROCESS_COMPLETE),
0);
}
}
break;
case KMSG_CRED_END:
/* all is done. */
{
khui_new_creds * nc;
khm_boolean continue_cmdline = TRUE;
nc = (khui_new_creds *) m->vparam;
if (nc->subtype == KMSG_CRED_NEW_CREDS ||
nc->subtype == KMSG_CRED_PASSWORD) {
khm_cred_end_dialog(nc);
} else if (nc->subtype == KMSG_CRED_RENEW_CREDS) {
/* if this is a renewal that was triggered while we
were processing the commandline, then we need to
update the pending renewal count. */
if (khm_startup.processing) {
LONG renewals;
renewals = InterlockedDecrement(&khm_startup.pending_renewals);
if (renewals != 0) {
continue_cmdline = FALSE;
}
}
}
khui_cw_destroy_cred_blob(nc);
kmq_post_message(KMSG_CRED, KMSG_CRED_REFRESH, 0, 0);
if (continue_cmdline)
kmq_post_message(KMSG_ACT, KMSG_ACT_CONTINUE_CMDLINE, 0, 0);
}
break;
/* property sheet stuff */
case KMSG_CRED_PP_BEGIN:
/* all the pages should have been added by now. Just send out
the precreate message */
kmq_post_message(KMSG_CRED, KMSG_CRED_PP_PRECREATE, 0,
m->vparam);
break;
case KMSG_CRED_PP_END:
kmq_post_message(KMSG_CRED, KMSG_CRED_PP_DESTROY, 0,
m->vparam);
break;
case KMSG_CRED_DESTROY_CREDS:
#ifdef DEBUG
assert(m->vparam != NULL);
#endif
khui_context_release((khui_action_context *) m->vparam);
PFREE(m->vparam);
kmq_post_message(KMSG_CRED, KMSG_CRED_REFRESH, 0, 0);
kmq_post_message(KMSG_ACT, KMSG_ACT_CONTINUE_CMDLINE, 0, 0);
break;
case KMSG_CRED_IMPORT:
{
khm_boolean continue_cmdline = FALSE;
LONG pending_renewals;
/* once an import operation ends, we have to trigger a
renewal so that other plug-ins that didn't participate
in the import operation can have a chance at getting
the necessary credentials.
If we are in the middle of processing the commandline,
we have to be a little bit careful. We can't issue a
commandline conituation message right now because the
import action is still ongoing (since the renewals are
part of the action). Once the renewals have completed,
the completion handler will automatically issue a
commandline continuation message. However, if there
were no identities to renew, then we have to issue the
message ourselves.
*/
InterlockedIncrement(&khm_startup.pending_renewals);
khm_cred_renew_all_identities();
pending_renewals = InterlockedDecrement(&khm_startup.pending_renewals);
if (pending_renewals == 0 && khm_startup.processing)
kmq_post_message(KMSG_ACT, KMSG_ACT_CONTINUE_CMDLINE, 0, 0);
}
break;
case KMSG_CRED_REFRESH:
kcdb_identity_refresh_all();
break;
}
}
void
khm_cred_process_startup_actions(void) {
khm_handle defident = NULL;
if (!khm_startup.processing)
return;
if (khm_startup.init ||
khm_startup.renew ||
khm_startup.destroy ||
khm_startup.autoinit) {
kcdb_identity_get_default(&defident);
}
/* For asynchronous actions, we trigger the action and then exit
the loop. Once the action completes, the completion handler
will trigger a continuation message which will result in this
function getting called again. Then we can proceed with the
rest of the startup actions. */
do {
if (khm_startup.init) {
khm_cred_obtain_new_creds_for_ident(defident, NULL);
khm_startup.init = FALSE;
break;
}
if (khm_startup.import) {
khm_cred_import();
khm_startup.import = FALSE;
/* we also set the renew command to false here because we
trigger a renewal for all the identities at the end of
the import operation anyway. */
khm_startup.renew = FALSE;
break;
}
if (khm_startup.renew) {
LONG pending_renewals;
/* if there are no credentials, we just skip over the
renew action. */
khm_startup.renew = FALSE;
InterlockedIncrement(&khm_startup.pending_renewals);
khm_cred_renew_all_identities();
pending_renewals = InterlockedDecrement(&khm_startup.pending_renewals);
if (pending_renewals != 0)
break;
/* if there were no pending renewals, then we just fall
through. This means that either there were no
identities to renew, or all the renewals completed. If
all the renewals completed, then the commandline
contiuation message wasn't triggered. Either way, we
must fall through if the count is zero. */
}
if (khm_startup.destroy) {
khm_startup.destroy = FALSE;
if (defident) {
khm_cred_destroy_identity(defident);
break;
}
}
if (khm_startup.autoinit) {
khm_size count = 0;
khm_handle credset = NULL;
khm_int32 ctype_ident = KCDB_CREDTYPE_INVALID;
khm_int32 delta = 0;
khm_startup.autoinit = FALSE;
kcdb_credset_create(&credset);
kcdb_identity_get_type(&ctype_ident);
kcdb_credset_collect(credset, NULL,
defident, ctype_ident,
&delta);
kcdb_credset_get_size(credset, &count);
kcdb_credset_delete(credset);
if (count == 0) {
if (defident)
khui_context_set(KHUI_SCOPE_IDENT,
defident,
KCDB_CREDTYPE_INVALID,
NULL, NULL, 0,
NULL);
else
khui_context_reset();
khm_cred_obtain_new_creds(NULL);
break;
}
}
if (khm_startup.exit) {
PostMessage(khm_hwnd_main,
WM_COMMAND,
MAKEWPARAM(KHUI_ACTION_EXIT, 0), 0);
khm_startup.exit = FALSE;
break;
}
if (khm_startup.display & SOPTS_DISPLAY_HIDE) {
khm_hide_main_window();
} else if (khm_startup.display & SOPTS_DISPLAY_SHOW) {
khm_show_main_window();
}
khm_startup.display = 0;
/* when we get here, then we are all done with the command
line stuff */
khm_startup.processing = FALSE;
khm_startup.remote = FALSE;
kmq_post_message(KMSG_ACT, KMSG_ACT_END_CMDLINE, 0, 0);
} while(FALSE);
if (defident)
kcdb_identity_release(defident);
}
/* Handler for system messages. The only two we handle are
KMSG_SYSTEM_INIT and KMSG_SYSTEM_EXIT. */
khm_int32 KHMAPI
handle_kmsg_system(khm_int32 msg_type,
khm_int32 msg_subtype,
khm_ui_4 uparam,
void * vparam) {
khm_int32 rv = KHM_ERROR_SUCCESS;
switch (msg_subtype) {
/* This is the first message that will be received by a
plugin. We use it to perform initialization operations
such as registering any credential types, data types and
attributes. */
case KMSG_SYSTEM_INIT:
{
kcdb_credtype ct;
wchar_t short_desc[KCDB_MAXCCH_SHORT_DESC];
wchar_t long_desc[KCDB_MAXCCH_LONG_DESC];
khui_config_node cnode;
khui_config_node_reg creg;
/* First and foremost, we need to register a credential
type. */
ZeroMemory(&ct, sizeof(ct));
ct.id = KCDB_CREDTYPE_AUTO;
ct.name = MYCREDTYPE_NAMEW;
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CT_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CT_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
ct.icon = NULL; /* We skip the icon for now, but you
can assign a handle to an icon
here. The icon will be used to
represent the credentials type.*/
kmq_create_subscription(plugin_msg_proc, &ct.sub);
ct.is_equal = cred_is_equal;
rv = kcdb_credtype_register(&ct, &credtype_id);
/* We create a global credential set that we use in the
plug-in thread. This alleviates the need to create one
everytime we need one. Keep in mind that this should
only be used in the plug-in thread and should not be
touched from the UI thread or any other thread. */
kcdb_credset_create(&g_credset);
/* TODO: Perform additional initialization operations. */
/* TODO: Also list out the credentials of this type that
already exist. */
/* Now we register our configuration panels. */
/* This configuration panel is the one that controls
general options. We leave the identity specific and
identity defaults for other configuration panels. */
ZeroMemory(&creg, sizeof(creg));
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
creg.name = CONFIGNODE_MAIN;
creg.short_desc = short_desc;
creg.long_desc = long_desc;
creg.h_module = hResModule;
creg.dlg_template = MAKEINTRESOURCE(IDD_CONFIG);
creg.dlg_proc = config_dlgproc;
creg.flags = 0;
khui_cfg_register(NULL, &creg);
/* Now we do the identity specific and identity default
configuration panels. "KhmIdentities" is a predefined
configuration node under which all the identity spcific
configuration is managed. */
if (KHM_FAILED(khui_cfg_open(NULL, L"KhmIdentities", &cnode))) {
/* this should always work */
assert(FALSE);
rv = KHM_ERROR_NOT_FOUND;
break;
}
/* First the tab panel for defaults for all identities */
ZeroMemory(&creg, sizeof(creg));
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_IDS_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_IDS_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
creg.name = CONFIGNODE_ALL_ID;
creg.short_desc = short_desc;
creg.long_desc = long_desc;
creg.h_module = hResModule;
creg.dlg_template = MAKEINTRESOURCE(IDD_CONFIG_IDS);
creg.dlg_proc = config_ids_dlgproc;
creg.flags = KHUI_CNFLAG_SUBPANEL;
khui_cfg_register(cnode, &creg);
/* Now the panel for per identity configuration */
ZeroMemory(&creg, sizeof(creg));
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_ID_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_ID_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
creg.name = CONFIGNODE_PER_ID;
creg.short_desc = short_desc;
creg.long_desc = long_desc;
creg.h_module = hResModule;
creg.dlg_template = MAKEINTRESOURCE(IDD_CONFIG_ID);
creg.dlg_proc = config_id_dlgproc;
creg.flags = KHUI_CNFLAG_SUBPANEL | KHUI_CNFLAG_INSTANCE;
khui_cfg_register(cnode, &creg);
khui_cfg_release(cnode);
/* get IdentProvider handle to which this plugin belongs
it is possible to use kcdb_identity_create_ex() function with
proper h_idprov */
if (KHM_FAILED(kcdb_identpro_find(IDPROV_NAMEW, &h_idprov))) {
return KHM_ERROR_UNKNOWN;
}
}
break;
/* This is the last message that will be received by the
plugin. */
case KMSG_SYSTEM_EXIT:
{
khui_config_node cnode;
khui_config_node cn_idents;
/* It should not be assumed that initialization of the
plugin went well at this point since we receive a
KMSG_SYSTEM_EXIT even if the initialization failed. */
if (credtype_id != KCDB_CREDTYPE_INVALID) {
kcdb_credtype_unregister(credtype_id);
credtype_id = KCDB_CREDTYPE_INVALID;
}
if (g_credset) {
kcdb_credset_delete(g_credset);
g_credset = NULL;
}
/* Now unregister any configuration nodes we registered. */
if (KHM_SUCCEEDED(khui_cfg_open(NULL, CONFIGNODE_MAIN, &cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
if (KHM_SUCCEEDED(khui_cfg_open(NULL, L"KhmIdentities", &cn_idents))) {
if (KHM_SUCCEEDED(khui_cfg_open(cn_idents,
CONFIGNODE_ALL_ID,
&cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
if (KHM_SUCCEEDED(khui_cfg_open(cn_idents,
CONFIGNODE_PER_ID,
&cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
khui_cfg_release(cn_idents);
}
/* TODO: Perform additional uninitialization
operations. */
kcdb_identpro_release(h_idprov);
}
break;
}
return rv;
}
/* Handler for system messages. The only two we handle are
KMSG_SYSTEM_INIT and KMSG_SYSTEM_EXIT. */
khm_int32 KHMAPI
handle_kmsg_system(khm_int32 msg_type,
khm_int32 msg_subtype,
khm_ui_4 uparam,
void * vparam) {
khm_int32 rv = KHM_ERROR_SUCCESS;
switch (msg_subtype) {
/* This is the first message that will be received by a
plugin. We use it to perform initialization operations
such as registering any credential types, data types and
attributes. */
case KMSG_SYSTEM_INIT:
{
kcdb_credtype ct;
wchar_t short_desc[KCDB_MAXCCH_SHORT_DESC];
wchar_t long_desc[KCDB_MAXCCH_LONG_DESC];
khui_config_node cnode;
khui_config_node_reg creg;
kcdb_attrib attr;
khm_handle csp_plugin = NULL;
khm_handle csp_plugins = NULL;
#ifdef BUILD_KRBCOMPAT
/* If we don't have a Kerberos backend, then we can't
* function. */
if (!DelayLoadHeimdal()) {
_reportf("Can't initialize a Kerberos backend. LastError=%d", GetLastError());
return KHM_ERROR_NOT_FOUND;
}
#endif
#if KH_VERSION_API < 12
do {
khm_version libver;
khm_ui_4 apiver;
khm_get_lib_version(&libver, &apiver);
if (apiver < 7)
break;
hm_netidmgr = LoadLibrary(NIMDLLNAME);
if (hm_netidmgr == NULL)
break;
#if KH_VERSION_API < 7
pkhui_action_lock = (void (KHMAPI *)(void))
GetProcAddress(hm_netidmgr, API_khui_action_lock);
pkhui_action_unlock = (void (KHMAPI *)(void))
GetProcAddress(hm_netidmgr, API_khui_action_unlock);
pkhui_refresh_actions = (void (KHMAPI *)(void))
GetProcAddress(hm_netidmgr, API_khui_refresh_actions);
pkhui_request_UI_callback = (khm_int32 (KHMAPI *)(khm_ui_callback, void *))
GetProcAddress(hm_netidmgr, API_khui_request_UI_callback);
#endif
pkhui_cw_get_primary_id = (khm_int32 (KHMAPI *)(khui_new_creds *, khm_handle *))
GetProcAddress(hm_netidmgr, API_khui_cw_get_primary_id);
pkhui_cw_get_result = (khm_int32 (KHMAPI *)(khui_new_creds *))
GetProcAddress(hm_netidmgr, API_khui_cw_get_result);
pkhui_cw_get_subtype = (khui_nc_subtype (KHMAPI *)(khui_new_creds *))
GetProcAddress(hm_netidmgr, API_khui_cw_get_subtype);
pkhui_cw_get_ctx = (khui_action_context * (KHMAPI *)(khui_new_creds *))
GetProcAddress(hm_netidmgr, API_khui_cw_get_ctx);
pkcdb_get_resource = (khm_int32 (KHMAPI *)(khm_handle, kcdb_resource_id,
khm_int32, khm_int32 *,
void *, void *, khm_size *))
GetProcAddress(hm_netidmgr, API_kcdb_get_resource);
} while (FALSE);
if (pkhui_cw_get_primary_id == NULL)
pkhui_cw_get_primary_id = int_khui_cw_get_primary_id;
if (pkhui_cw_get_result == NULL)
pkhui_cw_get_result = int_khui_cw_get_result;
if (pkhui_cw_get_subtype == NULL)
pkhui_cw_get_subtype = int_khui_cw_get_subtype;
if (pkhui_cw_get_ctx == NULL)
pkhui_cw_get_ctx = int_khui_cw_get_ctx;
if (pkcdb_get_resource == NULL)
pkcdb_get_resource = int_kcdb_get_resource;
#endif
/* Add the icon now. On NIM v2.x, doing so after tokens
were reported may result in a deadlock as we try to
switch to the UI thread and the UI thread is blocked on
a resource request to this plug-in. */
kca_icon_set_state(NULL);
/* First and foremost, we need to register a credential
type. */
ZeroMemory(&ct, sizeof(ct));
ct.id = KCDB_CREDTYPE_AUTO;
ct.name = MYCREDTYPE_NAMEW;
ct.short_desc = short_desc;
ct.long_desc = long_desc;
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CT_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CT_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
ct.icon = NULL; /* We skip the icon for now, but you
can assign a handle to an icon
here. The icon will be used to
represent the credentials type.*/
kmq_create_subscription(plugin_msg_proc, &ct.sub);
ct.is_equal = cred_is_equal;
rv = kcdb_credtype_register(&ct, &credtype_id);
/* We create a global credential set that we use in the
plug-in thread. This alleviates the need to create one
everytime we need one. Keep in mind that this should
only be used in the plug-in thread and should not be
touched from the UI thread or any other thread. */
kcdb_credset_create(&g_credset);
/* TODO: Perform additional initialization operations. */
/* Register our attributes */
ZeroMemory(&attr, sizeof(attr));
attr.name = ATTRNAME_KCA_AUTHREALM;
attr.id = KCDB_ATTR_INVALID;
attr.alt_id = KCDB_ATTR_INVALID;
attr.flags = 0;
attr.type = KCDB_TYPE_STRING;
attr.short_desc = short_desc;
attr.long_desc = long_desc;
attr.compute_cb = NULL;
attr.compute_min_cbsize = 0;
attr.compute_max_cbsize = 0;
LoadString(hResModule, IDS_ATTR_REALM_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
LoadString(hResModule, IDS_ATTR_REALM_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
rv = kcdb_attrib_register(&attr, &attr_id_auth_realm);
if (KHM_FAILED(rv))
break;
attr.name = ATTRNAME_SUBJECT_EMAIL;
LoadString(hResModule, IDS_ATTR_SUBJECT_EMAIL_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
LoadString(hResModule, IDS_ATTR_SUBJECT_EMAIL_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
rv = kcdb_attrib_register(&attr, &attr_id_subj_email);
if (KHM_FAILED(rv))
break;
attr.name = ATTRNAME_SUBJECT_DISPLAY;
LoadString(hResModule, IDS_ATTR_SUBJECT_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
LoadString(hResModule, IDS_ATTR_SUBJECT_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
rv = kcdb_attrib_register(&attr, &attr_id_subj_display);
if (KHM_FAILED(rv))
break;
attr.name = ATTRNAME_ISSUER_DISPLAY;
LoadString(hResModule, IDS_ATTR_ISSUER_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
LoadString(hResModule, IDS_ATTR_ISSUER_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
rv = kcdb_attrib_register(&attr, &attr_id_issuer_display);
if (KHM_FAILED(rv))
break;
attr.name = ATTRNAME_ISSUER_NAME;
attr.flags = KCDB_ATTR_FLAG_HIDDEN;
attr.type = KCDB_TYPE_DATA;
attr.short_desc = NULL;
attr.long_desc = NULL;
rv = kcdb_attrib_register(&attr, &attr_id_issuer_name);
if (KHM_FAILED(rv))
break;
attr.name = ATTRNAME_SERIAL;
rv = kcdb_attrib_register(&attr, &attr_id_serial_number);
if (KHM_FAILED(rv))
break;
/* List the credentials that are already here */
kca_list_creds();
/* Now we register our configuration panels. */
#ifdef GENERAL_CONFIG_PANEL
/* This configuration panel is the one that controls
general options. We leave the identity specific and
identity defaults for other configuration panels. */
ZeroMemory(&creg, sizeof(creg));
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
creg.name = CONFIGNODE_MAIN;
creg.short_desc = short_desc;
creg.long_desc = long_desc;
creg.h_module = hResModule;
creg.dlg_template = MAKEINTRESOURCE(IDD_CONFIG);
creg.dlg_proc = config_dlgproc;
creg.flags = 0;
khui_cfg_register(NULL, &creg);
#endif
/* Now we do the identity specific and identity default
configuration panels. "KhmIdentities" is a predefined
configuration node under which all the identity spcific
configuration is managed. */
if (KHM_FAILED(khui_cfg_open(NULL, L"KhmIdentities", &cnode))) {
/* this should always work */
assert(FALSE);
rv = KHM_ERROR_NOT_FOUND;
break;
}
/* First the tab panel for defaults for all identities */
ZeroMemory(&creg, sizeof(creg));
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_IDS_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_IDS_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
creg.name = CONFIGNODE_ALL_ID;
creg.short_desc = short_desc;
creg.long_desc = long_desc;
creg.h_module = hResModule;
creg.dlg_template = MAKEINTRESOURCE(IDD_CONFIG_IDS);
creg.dlg_proc = config_ids_dlgproc;
creg.flags = KHUI_CNFLAG_SUBPANEL;
khui_cfg_register(cnode, &creg);
/* Now the panel for per identity configuration */
ZeroMemory(&creg, sizeof(creg));
short_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_ID_SHORT_DESC,
short_desc, ARRAYLENGTH(short_desc));
long_desc[0] = L'\0';
LoadString(hResModule, IDS_CFG_ID_LONG_DESC,
long_desc, ARRAYLENGTH(long_desc));
creg.name = CONFIGNODE_PER_ID;
creg.short_desc = short_desc;
creg.long_desc = long_desc;
creg.h_module = hResModule;
creg.dlg_template = MAKEINTRESOURCE(IDD_CONFIG_ID);
creg.dlg_proc = config_id_dlgproc;
creg.flags = KHUI_CNFLAG_SUBPANEL | KHUI_CNFLAG_INSTANCE;
khui_cfg_register(cnode, &creg);
khui_cfg_release(cnode);
/* load the schema */
if (KHM_SUCCEEDED(kmm_get_plugins_config(0, &csp_plugins))) {
khc_load_schema(csp_plugins, plugin_schema);
khc_close_space(csp_plugins);
}
/* open the plug-in and parameter configuration spaces */
if (KHM_SUCCEEDED(kmm_get_plugin_config(MYPLUGIN_NAMEW,
KHM_FLAG_CREATE,
&csp_plugin))) {
khc_open_space(csp_plugin, L"Parameters", KHM_FLAG_CREATE,
&csp_params);
khc_close_space(csp_plugin);
}
/* try to install the kpkcs11 plugin now */
install_kpkcs11_plugin();
/* register the "KCA Help" menu item, so that we can add
the plug-in menu item to the Help menu. */
{
khm_handle h_sub = NULL;
#if KH_VERSION_API < 7
if (pkhui_action_lock == NULL ||
pkhui_action_unlock == NULL ||
pkhui_refresh_actions == NULL ||
pkhui_request_UI_callback == NULL)
goto no_custom_help;
#endif
kmq_create_subscription(plugin_msg_proc, &h_sub);
LoadString(hResModule, IDS_ACTION_KCA_HELP,
short_desc, ARRAYLENGTH(short_desc));
LoadString(hResModule, IDS_ACTION_KCA_HELP_TT,
long_desc, ARRAYLENGTH(long_desc));
action_id_kca_help = khui_action_create(NULL,
short_desc,
long_desc,
NULL,
KHUI_ACTIONTYPE_TRIGGER,
h_sub);
if (action_id_kca_help != 0) {
khm_size s;
khm_size i;
khui_menu_def * help_menu;
khm_boolean refresh = FALSE;
khui_action_lock();
help_menu = khui_find_menu(KHUI_MENU_HELP);
if (help_menu) {
s = khui_menu_get_size(help_menu);
for (i=0; i < s; i++) {
khui_action_ref * aref;
aref = khui_menu_get_action(help_menu, i);
if (aref && !(aref->flags & KHUI_ACTIONREF_PACTION) &&
aref->action == KHUI_ACTION_HELP_INDEX) {
khui_menu_insert_action(help_menu,
i + 1,
action_id_kca_help,
0);
refresh = TRUE;
break;
}
}
}
khui_action_unlock();
if (refresh)
khui_refresh_actions();
}
#if KH_VERSION_API < 7
no_custom_help:
;
#endif
}
}
break;
/* This is the last message that will be received by the
plugin. */
case KMSG_SYSTEM_EXIT:
{
khui_config_node cnode;
khui_config_node cn_idents;
khm_int32 attr_id;
kca_remove_icon();
/* It should not be assumed that initialization of the
plugin went well at this point since we receive a
KMSG_SYSTEM_EXIT even if the initialization failed. */
/* Try to remove the KCA plug-in action from Help menu if
it was successfully registered. Also, delete the
action. */
if (action_id_kca_help != 0) {
khui_menu_def * help_menu;
khm_boolean menu_changed = FALSE;
khui_action_lock();
help_menu = khui_find_menu(KHUI_MENU_HELP);
if (help_menu) {
khm_size s;
khm_size i;
s = khui_menu_get_size(help_menu);
for (i=0; i < s; i++) {
khui_action_ref * aref = khui_menu_get_action(help_menu, i);
if (aref && !(aref->flags & KHUI_ACTIONREF_PACTION) &&
aref->action == action_id_kca_help) {
khui_menu_remove_action(help_menu, i);
menu_changed = TRUE;
break;
}
}
}
khui_action_delete(action_id_kca_help);
khui_action_unlock();
if (menu_changed)
khui_refresh_actions();
action_id_kca_help = 0;
}
if (credtype_id != KCDB_CREDTYPE_INVALID) {
kcdb_credtype_unregister(credtype_id);
credtype_id = KCDB_CREDTYPE_INVALID;
}
if (g_credset) {
kcdb_credset_delete(g_credset);
g_credset = NULL;
}
/* Now unregister any configuration nodes we registered. */
if (KHM_SUCCEEDED(khui_cfg_open(NULL, CONFIGNODE_MAIN, &cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
if (KHM_SUCCEEDED(khui_cfg_open(NULL, L"KhmIdentities", &cn_idents))) {
if (KHM_SUCCEEDED(khui_cfg_open(cn_idents,
CONFIGNODE_ALL_ID,
&cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
if (KHM_SUCCEEDED(khui_cfg_open(cn_idents,
CONFIGNODE_PER_ID,
&cnode))) {
khui_cfg_remove(cnode);
khui_cfg_release(cnode);
}
khui_cfg_release(cn_idents);
}
if (KHM_SUCCEEDED(kcdb_attrib_get_id(ATTRNAME_KCA_AUTHREALM,
&attr_id)))
kcdb_attrib_unregister(attr_id);
if (KHM_SUCCEEDED(kcdb_attrib_get_id(ATTRNAME_SUBJECT_EMAIL,
&attr_id)))
kcdb_attrib_unregister(attr_id);
if (KHM_SUCCEEDED(kcdb_attrib_get_id(ATTRNAME_SUBJECT_DISPLAY,
&attr_id)))
kcdb_attrib_unregister(attr_id);
if (KHM_SUCCEEDED(kcdb_attrib_get_id(ATTRNAME_ISSUER_DISPLAY,
&attr_id)))
kcdb_attrib_unregister(attr_id);
if (KHM_SUCCEEDED(kcdb_attrib_get_id(ATTRNAME_ISSUER_NAME,
&attr_id)))
kcdb_attrib_unregister(attr_id);
if (KHM_SUCCEEDED(kcdb_attrib_get_id(ATTRNAME_SERIAL,
&attr_id)))
kcdb_attrib_unregister(attr_id);
if (csp_params) {
khc_close_space(csp_params);
csp_params = NULL;
}
#if KH_VERSION_API < 12
if (hm_netidmgr)
FreeLibrary(hm_netidmgr);
pkhui_cw_get_primary_id = NULL;
#endif
#if KH_VERSION_API < 7
pkhui_action_lock = NULL;
pkhui_action_unlock = NULL;
pkhui_refresh_actions = NULL;
pkhui_request_UI_callback = NULL;
#endif
/* TODO: Perform additional uninitialization
operations. */
}
break;
}
return rv;
}
