New release 5.9.4.0

FIX: Last user account is now also stored when doing unlock, which will fix some unlock timeout issues
FIX: One step 2FA hide unwanted link on the login form

CppClientCore/CppClientCore/MultiOTP.cpp

@@ -2,8 +2,8 @@
  * multiOTP Credential Provider, extends privacyIdea
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2021
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CppClientCore/CppClientCore/MultiOTP.h

@@ -2,8 +2,8 @@
  * multiOTP Credential Provider, extends privacyIdea
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2021
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CppClientCore/CppClientCore/MultiOTPRegistryReader.cpp

@@ -2,8 +2,8 @@
  * multiOTP Credential Provider, extends privacyIdea RegistryReader
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2021
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CppClientCore/CppClientCore/MultiOTPRegistryReader.h

@@ -2,8 +2,8 @@
  * multiOTP Credential Provider, extends privacyIdea RegistryReader
  *
  * @author Yann Jeanrenaud, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2021
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CppClientCore/CppClientCore/MultiotpHelpers.cpp

@@ -4,8 +4,8 @@
  * Extra code provided "as is" for the multiOTP open source project
  *
  * @author Andre Liechti, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2013
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CppClientCore/CppClientCore/MultiotpHelpers.h

@@ -4,8 +4,8 @@
  * Extra code provided "as is" for the multiOTP open source project
  *
  * @author Andre Liechti, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2013
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CppClientCore/CppClientCore/MultiotpRegistry.cpp

@@ -2,8 +2,8 @@
  * multiOTP Credential Provider
  *
  * @author Andre Liechti, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2013
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CppClientCore/CppClientCore/MultiotpRegistry.h

@@ -2,8 +2,8 @@
  * multiOTP Credential Provider
  *
  * @author Andre Liechti, SysCo systemes de communication sa, <[email protected]>
- * @version 5.9.3.1
- * @date 2022-10-21
+ * @version 5.9.4.0
+ * @date 2022-11-04
  * @since 2013
  * @copyright (c) 2016-2022 SysCo systemes de communication sa
  * @copyright (c) 2015-2016 ArcadeJust ("RDP only" enhancement)

CredentialProvider/core/CCredential.cpp

@@ -228,6 +228,46 @@ HRESULT CCredential::SetSelected(__out BOOL* pbAutoLogon)
  *pbAutoLogon = TRUE;
  }
 
+ // Manage link display if it's in one step mode
+ if (_config->provider.cpu == CPUS_LOGON && !_config->credential.passwordMustChange)
+ {
+ if (!_config->twoStepHideOTP)
+ {
+ if (readRegistryValueInteger(CONF_DISPLAY_EMAIL_LINK, 0)) {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_EMAIL, CPFS_DISPLAY_IN_SELECTED_TILE);
+ }
+ else {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_EMAIL, CPFS_HIDDEN);
+ }
+ if (readRegistryValueInteger(CONF_DISPLAY_SMS_LINK, 0)) {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_SMS, CPFS_DISPLAY_IN_SELECTED_TILE);
+ }
+ else {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_SMS, CPFS_HIDDEN);
+ }
+ }
+ }
+
+ if (_config->provider.cpu == CPUS_UNLOCK_WORKSTATION && !_config->credential.passwordMustChange) {
+ if (!_config->twoStepHideOTP)
+ {
+ if (readRegistryValueInteger(CONF_DISPLAY_EMAIL_LINK, 0)) {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_EMAIL, CPFS_DISPLAY_IN_SELECTED_TILE);
+ }
+ else {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_EMAIL, CPFS_HIDDEN);
+ }
+ if (readRegistryValueInteger(CONF_DISPLAY_SMS_LINK, 0)) {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_SMS, CPFS_DISPLAY_IN_SELECTED_TILE);
+ }
+ else {
+ _pCredProvCredentialEvents->SetFieldState(this, FID_REQUIRE_SMS, CPFS_HIDDEN);
+ }
+ }
+ }
+
+
+
  return hr;
 }
 
@@ -531,14 +571,24 @@ HRESULT CCredential::CommandLinkClicked(__in DWORD dwFieldID)
  {
  case FID_REQUIRE_SMS:
  if(_pCredProvCredentialEvents) {
+ _config->provider.pCredProvCredential = this;
+ _config->provider.pCredProvCredentialEvents = _pCredProvCredentialEvents;
+ _config->provider.field_strings = _rgFieldStrings;
+ _util.ReadFieldValues();
+
+ // Cacher le bouton
  hideCPField(_config->provider.pCredProvCredential, _config->provider.pCredProvCredentialEvents, FID_REQUIRE_SMS);
  displayCPField(_config->provider.pCredProvCredential, _config->provider.pCredProvCredentialEvents, FID_CODE_SENT_SMS);
- // Cacher le bouton
  return multiotp_request(getCleanUsername(_config->credential.username, _config->credential.domain), L"", L"sms");
  }
  break;
  case FID_REQUIRE_EMAIL:
  if (_pCredProvCredentialEvents) {
+ _config->provider.pCredProvCredential = this;
+ _config->provider.pCredProvCredentialEvents = _pCredProvCredentialEvents;
+ _config->provider.field_strings = _rgFieldStrings;
+ _util.ReadFieldValues();
+
  hideCPField(_config->provider.pCredProvCredential, _config->provider.pCredProvCredentialEvents, FID_REQUIRE_EMAIL);
  displayCPField(_config->provider.pCredProvCredential, _config->provider.pCredProvCredentialEvents, FID_CODE_SENT_EMAIL);
  return multiotp_request(getCleanUsername(_config->credential.username, _config->credential.domain), L"", L"email");
@@ -580,7 +630,6 @@ HRESULT CCredential::GetSerialization(
 )
 {
  DebugPrint(__FUNCTION__);
-
  *pcpgsr = CPGSR_RETURN_NO_CREDENTIAL_FINISHED;
 
  HRESULT hr = E_FAIL, retVal = S_OK;
@@ -1112,11 +1161,10 @@ void CCredential::storeLastConnectedUserIfNeeded() {
  if (_config->multiOTPDisplayLastUser || _config->multiOTPTimeoutUnlock > 0) {
  wchar_t username[1024];
  wcscpy_s(username, 1024, _config->provider.field_strings[FID_USERNAME]);
- // if unlock do not store username
- if (_config->provider.cpu != CPUS_UNLOCK_WORKSTATION) {
- // Store the username
- writeRegistryValueString(LAST_USER_AUTHENTICATED, username);
- }
+
+ // Store the username
+ writeRegistryValueString(LAST_USER_AUTHENTICATED, username);
+
  // Store the timestamp
  if (_config->multiOTPTimeoutUnlock > 0) { 
  int timestamp = minutesSinceEpoch();

CredentialProvider/scenario.h

@@ -49,11 +49,11 @@ static const FIELD_STATE_PAIR s_rgScenarioDisplayAllFields[] =
  { CPFS_HIDDEN, CPFIS_NONE }, // FID_NEW_PASS_1
  { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE }, // FID_SUBMIT_BUTTON
  { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE }, // FID_SUBTEXT
- { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE}, // FID_LASTUSER_LOGGED
- { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE}, // FID_REQUIRE_SMS
- { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE}, // FID_REQUIRE_EMAIL
- { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE}, // FID_CODE_SENT_SMS
- { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE} // FID_CODE_SENT_EMAIL
+ { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE }, // FID_LASTUSER_LOGGED
+ { CPFS_HIDDEN, CPFIS_NONE }, // FID_REQUIRE_SMS
+ { CPFS_HIDDEN, CPFIS_NONE }, // FID_REQUIRE_EMAIL
+ { CPFS_HIDDEN, CPFIS_NONE }, // FID_CODE_SENT_SMS
+ { CPFS_HIDDEN, CPFIS_NONE } // FID_CODE_SENT_EMAIL
 };
 
 static const FIELD_STATE_PAIR s_rgScenarioUnlockPasswordOTP[] =
@@ -71,8 +71,8 @@ static const FIELD_STATE_PAIR s_rgScenarioUnlockPasswordOTP[] =
  { CPFS_HIDDEN, CPFIS_NONE}, // FID_LASTUSER_LOGGED
  { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE}, // FID_REQUIRE_SMS
  { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE}, // FID_REQUIRE_EMAIL
- { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE}, // FID_CODE_SENT_SMS
- { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE} // FID_CODE_SENT_EMAIL
+ { CPFS_HIDDEN, CPFIS_NONE}, // FID_CODE_SENT_SMS
+ { CPFS_HIDDEN, CPFIS_NONE} // FID_CODE_SENT_EMAIL
 };
 
 static const FIELD_STATE_PAIR s_rgScenarioSecondStepOTP[] =
@@ -145,11 +145,11 @@ static const FIELD_STATE_PAIR s_rgScenarioUnlockFirstStepPassword[] =
  { CPFS_HIDDEN, CPFIS_NONE }, // FID_NEW_PASS_1
  { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE }, // FID_SUBMIT_BUTTON
  { CPFS_DISPLAY_IN_SELECTED_TILE, CPFIS_NONE }, // FID_SUBTEXT
- { CPFS_HIDDEN, CPFIS_NONE}, // FID_LASTUSER_LOGGED
+ { CPFS_HIDDEN, CPFIS_NONE }, // FID_LASTUSER_LOGGED
  { CPFS_HIDDEN, CPFIS_NONE }, // FID_REQUIRE_SMS
  { CPFS_HIDDEN, CPFIS_NONE }, // FID_REQUIRE_EMAIL
- { CPFS_HIDDEN, CPFIS_NONE}, // FID_CODE_SENT_SMS
- { CPFS_HIDDEN, CPFIS_NONE} // FID_CODE_SENT_EMAIL
+ { CPFS_HIDDEN, CPFIS_NONE }, // FID_CODE_SENT_SMS
+ { CPFS_HIDDEN, CPFIS_NONE } // FID_CODE_SENT_EMAIL
 };
 
 // Field descriptors for unlock and logon.

CredentialProviderFilter/resources.rc

@@ -53,8 +53,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 5,9,3,1
- PRODUCTVERSION 5,9,3,1
+ FILEVERSION 5,9,4,0
+ PRODUCTVERSION 5,9,4,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -71,12 +71,12 @@ BEGIN
  BEGIN
  VALUE "CompanyName", "SysCo systemes de communication sa"
  VALUE "FileDescription", "CredentialProviderFilter for the multiOTP CredentialProvider for Windows logon"
- VALUE "FileVersion", "5.9.3.1"
+ VALUE "FileVersion", "5.9.4.0"
  VALUE "InternalName", "multiOTPCredentialProviderFilter.dll"
  VALUE "LegalCopyright", "Copyright (c) 2022 SysCo systemes de communication sa, 2019 NetKnights, 2016 Last Squirrel IT"
  VALUE "OriginalFilename", "multiOTPCredentialProviderFilter.dll"
  VALUE "ProductName", "multiOTPCredentialProvider"
- VALUE "ProductVersion", "5.9.3.1"
+ VALUE "ProductVersion", "5.9.4.0"
  END
  END
  BLOCK "VarFileInfo"

README.md

@@ -7,7 +7,7 @@ multiOTP Credential Provider for multiOTP is a free and open source implementati
 (c) 2015-2016 ArcadeJust ("RDP only" enhancement) 
 (c) 2013-2015 Last Squirrel IT 
 
-Current build: 5.9.3.1 (2022-10-21) 
+Current build: 5.9.4.0 (2022-11-04) 
 
 The binary download page is available here : https://download.multiotp.net/credential-provider/ (download link are at the bottom of the page)
 
@@ -177,6 +177,8 @@ CHANGE LOG OF RELEASED VERSIONS
 ===============================
 ```
 
+2022-11-04 5.9.4.0 FIX: Last user account is now also stored when doing unlock, which will fix some unlock timeout issues
+ FIX: One step 2FA hide unwanted link on the login form
 2022-10-21 5.9.3.1 FIX: Better special characters support in username and password
  ENH: Accounts with Without2FA tokens can now also be stored in cache
 2022-08-09 5.9.2.1 ENH: Support without2FA user, unlock timeout without 2FA

versioning/version.h

@@ -33,7 +33,7 @@
 
 #define VERSION_MAJOR 5
 #define VERSION_MINOR 9
-#define VERSION_REVISION 3
+#define VERSION_REVISION 4
 
 #define VER_FILE_DESCRIPTION_STR ENDPOINT_NAME " Credential Provider for Windows logon"
 #define VER_FILE_VERSION VERSION_MAJOR, VERSION_MINOR, VERSION_REVISION