Password-reveal: Respect group policy setting, if any

- The policy setting is checked when GUI is started. Any change
  in policy will be effective only after restarting the GUI.

Signed-off-by: Selva Nair <[email protected]>

misc.c

@@ -1096,6 +1096,13 @@ ResetPasswordReveal(HWND edit, HWND btn, WPARAM wParam)
     {
         return;
     }
+
+    if (o.disable_password_reveal)
+    {
+        ShowWindow(btn, SW_HIDE);
+        return;
+    }
+
     /* set the password field to be masked as a sane default */
     SendMessage(edit, EM_SETPASSWORDCHAR, (WPARAM)'*', 0);
     SendMessage(btn, STM_SETIMAGE, (WPARAM) IMAGE_ICON, (LPARAM)LoadLocalizedSmallIcon(ID_ICO_EYE));

options.h

@@ -228,6 +228,7 @@ typedef struct {
     DWORD ovpn_engine;                  /* 0 - openvpn2, 1 - openvpn3 */
     DWORD enable_persistent;            /* 0 - disabled, 1 - enabled, 2 - enabled & auto attach */
     DWORD enable_auto_restart;          /* 0 - disabled, >0 enabled */
+    DWORD disable_password_reveal;      /* read from group policy */
 #ifdef DEBUG
     FILE *debug_fp;
 #endif

registry.c

@@ -212,6 +212,21 @@ GetRegistryKeys ()
         o.mgmt_port_offset = 25340;
     }
 
+    /* Read group policy setting for password reveal */
+    status = RegOpenKeyEx(HKEY_CURRENT_USER, L"Software\\Policies\\Microsoft\\Windows\\CredUI", 0, KEY_READ, &regkey);
+    if (status != ERROR_SUCCESS
+        || !GetRegistryValueNumeric(regkey, L"DisablePasswordReveal", &o.disable_password_reveal))
+    {
+        o.disable_password_reveal = 0;
+        PrintDebug(L"default: %ls = %lu", L"DisablePasswordReveal", o.disable_password_reveal);
+    }
+    else
+    {
+        PrintDebug(L"from policy: %ls = %lu", L"DisablePasswordReveal", o.disable_password_reveal);
+    }
+    if (status == ERROR_SUCCESS)
+        RegCloseKey(regkey);
+
     ExpandOptions ();
     return true;
 }