diff --git a/openvpn.c b/openvpn.c index be8b2a9..f7a23e0 100644 --- a/openvpn.c +++ b/openvpn.c @@ -511,6 +511,7 @@ UserAuthDialogFunc(HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) else { DeleteSavedAuthPass(param->c->config_name); + DeleteSavedUsername(param->c->config_name); Button_SetCheck(GetDlgItem (hwndDlg, ID_CHK_SAVE_PASS), BST_UNCHECKED); } AutoCloseCancel(hwndDlg); /* user interrupt */ @@ -524,7 +525,6 @@ UserAuthDialogFunc(HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) show_error_tip(GetDlgItem(hwndDlg, ID_EDT_AUTH_USER), LoadLocalizedString(IDS_ERR_INVALID_USERNAME_INPUT)); return 0; } - SaveUsername(param->c->config_name, username); } if (GetDlgItemTextW(hwndDlg, ID_EDT_AUTH_PASS, password, _countof(password))) { @@ -536,6 +536,7 @@ UserAuthDialogFunc(HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam) } if ( param->c->flags & FLAG_SAVE_AUTH_PASS && wcslen(password) ) { + SaveUsername(param->c->config_name, username); SaveAuthPass(param->c->config_name, password); } SecureZeroMemory(password, sizeof(password)); diff --git a/save_pass.c b/save_pass.c index e2ea7f8..788f24e 100644 --- a/save_pass.c +++ b/save_pass.c @@ -200,9 +200,7 @@ RecallAuthPass(const WCHAR *config_name, WCHAR *password) int SaveUsername(const WCHAR *config_name, const WCHAR *username) { - DWORD len = (wcslen(username) + 1) * sizeof(*username); - SetConfigRegistryValueBinary(config_name, AUTH_USER_DATA,(BYTE *) username, len); - return 1; + return save_encrypted(config_name, username, AUTH_USER_DATA); } /* * The buffer username should be have space for up to USER_PASS_LEN @@ -212,13 +210,29 @@ int RecallUsername(const WCHAR *config_name, WCHAR *username) { DWORD capacity = USER_PASS_LEN * sizeof(WCHAR); - DWORD len; - - len = GetConfigRegistryValue(config_name, AUTH_USER_DATA, (BYTE *) username, capacity); - if (len == 0) - return 0; - username[USER_PASS_LEN-1] = L'\0'; - return 1; + int retval; + retval = recall_encrypted(config_name, username, USER_PASS_LEN, AUTH_USER_DATA); + /* older versions saved username unencrypted -- try to read as plain text and migrate */ + if (!retval) + { + DWORD len = GetConfigRegistryValue(config_name, AUTH_USER_DATA, (BYTE *) username, capacity); + username[USER_PASS_LEN-1] = L'\0'; + if (len > 0) + { + retval = 1; + /* re-save as encrypted or delete depending on password is saved or not */ + if (IsAuthPassSaved(config_name)) + { + SaveUsername(config_name, username); /* overwrites previous plain text value */ + } + else + { + DeleteSavedUsername(config_name); + SecureZeroMemory(username, capacity); + } + } + } + return retval; } void @@ -233,6 +247,12 @@ DeleteSavedAuthPass(const WCHAR *config_name) DeleteConfigRegistryValue(config_name, AUTH_PASS_DATA); } +void +DeleteSavedUsername(const WCHAR *config_name) +{ + DeleteConfigRegistryValue(config_name, AUTH_USER_DATA); +} + /* delete saved config-specific auth password and private key passphrase */ void DeleteSavedPasswords(const WCHAR *config_name) @@ -240,6 +260,7 @@ DeleteSavedPasswords(const WCHAR *config_name) DeleteConfigRegistryValue(config_name, KEY_PASS_DATA); DeleteConfigRegistryValue(config_name, AUTH_PASS_DATA); DeleteConfigRegistryValue(config_name, ENTROPY_DATA); + DeleteConfigRegistryValue(config_name, AUTH_USER_DATA); } /* check if auth password is saved */ diff --git a/save_pass.h b/save_pass.h index cdd831f..58f616c 100644 --- a/save_pass.h +++ b/save_pass.h @@ -14,6 +14,7 @@ int RecallKeyPass(const WCHAR *config_name, WCHAR *password); int RecallAuthPass(const WCHAR *config_name, WCHAR *password); int RecallUsername(const WCHAR *config_name, WCHAR *username); +void DeleteSavedUsername(const WCHAR *config_name); void DeleteSavedAuthPass(const WCHAR *config_name); void DeleteSavedKeyPass(const WCHAR *config_name); void DeleteSavedPasswords(const WCHAR *config_name);