|
|
//+---------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1997-2002.
//
// File: Users.cpp
//
// Contents:
//
//----------------------------------------------------------------------------
// Users.cpp: implementation of the CUsers class.
//
//////////////////////////////////////////////////////////////////////
#include "stdafx.h"
#include "Users.h"
#ifdef _DEBUG
#undef THIS_FILE
static char THIS_FILE[]=__FILE__;#ifndef ALPHA
#define new DEBUG_NEW
#endif
#endif
//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////
CUsers::CUsers(){ m_UsersRoot = NULL; m_UserAddedCnt = 0; m_UserRemovedCnt = 0;}
//////////////////////////////////////////////////////////////////////
// Walk through the chain to free the memory
//////////////////////////////////////////////////////////////////////
CUsers::~CUsers(){ Clear();}
PUSERSONFILECUsers::RemoveItemFromHead(void){ PUSERSONFILE PItem = m_UsersRoot; if (m_UsersRoot){ m_UsersRoot = m_UsersRoot->m_pNext; if ((PItem->m_dwFlag & USERADDED) && !(PItem->m_dwFlag & USERREMOVED)){ m_UserAddedCnt--; } if ((PItem->m_dwFlag & USERINFILE) && (PItem->m_dwFlag & USERREMOVED)){ m_UserRemovedCnt--; } } return PItem;}
DWORDCUsers::Add( CUsers &NewUsers ){ PUSERSONFILE NewItem = NewUsers.RemoveItemFromHead();
while ( NewItem ) { PUSERSONFILE TmpItem = m_UsersRoot; while ( TmpItem ) {
if ((NewItem->m_szUserName && TmpItem->m_szUserName && !_tcsicmp(NewItem->m_szUserName, TmpItem->m_szUserName)) || ( !NewItem->m_szUserName && !TmpItem->m_szUserName)) { if ( !TmpItem->m_szUserName) { bool bUserMatched = false;
if (( !NewItem->m_szDnName && !TmpItem->m_szDnName) || (NewItem->m_szDnName && TmpItem->m_szDnName && !_tcsicmp(NewItem->m_szDnName, TmpItem->m_szDnName))) { bUserMatched = true; }
if ( !bUserMatched ) { TmpItem = TmpItem->m_pNext; continue; } }
//
// User exist
//
if ( TmpItem->m_dwFlag & USERREMOVED ) { if ( TmpItem->m_dwFlag & USERADDED ) { ASSERT(!(TmpItem->m_dwFlag & USERINFILE));
//
// User added and removed
//
m_UserAddedCnt++;
} else if ( TmpItem->m_dwFlag & USERINFILE ) { //
// User added and removed
//
m_UserRemovedCnt--;
} TmpItem->m_dwFlag &= ~USERREMOVED; }
//
// The caller will count on CUsers to release the memory
//
if (NewItem->m_szUserName) { delete [] NewItem->m_szUserName; } if (NewItem->m_szDnName) { delete [] NewItem->m_szDnName; } if ( NewItem->m_pCertContext ) { CertFreeCertificateContext(NewItem->m_pCertContext); } delete [] NewItem->m_pCert; if (NewItem->m_UserSid) { delete [] NewItem->m_UserSid; } delete NewItem; NewItem = NULL; break; } TmpItem = TmpItem->m_pNext; }
if (NewItem ) { //
// New item. Insert into the head.
//
NewItem->m_pNext = m_UsersRoot; m_UsersRoot = NewItem; m_UserAddedCnt++; }
NewItem = NewUsers.RemoveItemFromHead(); }
return ERROR_SUCCESS;}
DWORDCUsers::Add( LPWSTR pszUserName, LPWSTR pszDnName, PVOID UserCert, PSID UserSid, /* = NULL */ DWORD dwFlag, /* = USERINFILE */ PCCERT_CONTEXT pCertContext /* = NULL */ )//////////////////////////////////////////////////////////////////////
// Routine Description:
// Create an item for a user
// Arguments:
// m_szUserName -- User's name
// m_szDnName -- User's distinguished name
// UserCert -- User's certificate blob or hash
// m_UserSid -- User's ID. Can be NULL
// m_dwFlag -- Indicate if the item is existing in the file, to be added or removed
// Return Value:
// NO_ERROR if succeed.
// Will throw exception if memory allocation fails. ( From new.)
//
//////////////////////////////////////////////////////////////////////
{
PUSERSONFILE UserItem = 0; PUSERSONFILE TmpUserItem = m_UsersRoot; PEFS_CERTIFICATE_BLOB CertBlob; PEFS_HASH_BLOB CertHashBlob; DWORD CertSize; DWORD SidSize;
if ( !UserCert ) { return ERROR_INVALID_PARAMETER; }
ASSERT ( (( dwFlag & USERADDED ) || ( dwFlag & USERINFILE )) && ( (dwFlag & (USERADDED | USERINFILE)) != (USERADDED | USERINFILE)));
//
// If the user already in the memory, no new item is to be created except for unknown user
//
while ( TmpUserItem ) { if ( (pszUserName && TmpUserItem->m_szUserName && !_tcsicmp(pszUserName, TmpUserItem->m_szUserName)) || ((!pszUserName) && (TmpUserItem->m_szUserName == NULL))) { if (!pszUserName) { bool bUserMatched = false;
if (( !pszDnName && !TmpUserItem->m_szDnName) || (pszDnName && TmpUserItem->m_szDnName && !_tcsicmp(pszDnName, TmpUserItem->m_szDnName))) { bUserMatched = true; }
if ( !bUserMatched ) { TmpUserItem = TmpUserItem->m_pNext; continue; } }
//
// User exist
//
if ( TmpUserItem->m_dwFlag & USERREMOVED ) { if ( TmpUserItem->m_dwFlag & USERADDED ) { ASSERT(!(TmpUserItem->m_dwFlag & USERINFILE));
//
// User added and removed
//
m_UserAddedCnt++;
} else if ( TmpUserItem->m_dwFlag & USERINFILE ) { //
// User added and removed
//
m_UserRemovedCnt--;
} TmpUserItem->m_dwFlag &= ~USERREMOVED; }
//
// The caller will count on CUsers to release the memory
// for Username and the context if the call is succeeded. This is just for
// performance reason.
//
if (pszUserName) { delete [] pszUserName; } if (pszDnName) { delete [] pszDnName; } if ( pCertContext ) { ::CertFreeCertificateContext (pCertContext); pCertContext = NULL; } return (DWORD) CRYPT_E_EXISTS; } TmpUserItem = TmpUserItem->m_pNext; } try { UserItem = new USERSONFILE; if ( !UserItem ) { AfxThrowMemoryException( ); }
UserItem->m_pNext = NULL;
//
// In case exception raised, we can call delete.
// Delete NULL is OK, but random data is not OK.
//
UserItem->m_UserSid = NULL; UserItem->m_pCert = NULL; UserItem->m_pCertContext = NULL;
if ( UserSid ) { SidSize = GetLengthSid (UserSid ); if ( SidSize > 0 ) { UserItem->m_UserSid = new BYTE[SidSize]; if ( !UserItem->m_UserSid ) { AfxThrowMemoryException( ); } // security review 2/27/2002 BryanWal ok
if ( !::CopySid(SidSize, UserItem->m_UserSid, UserSid)) { delete [] UserItem->m_UserSid; delete UserItem; return GetLastError(); } } else { delete UserItem; return GetLastError(); } } else { UserItem->m_UserSid = NULL; } if ( dwFlag & USERINFILE ) {
//
// The info is from the file. Use the hash structure
//
CertHashBlob = ( PEFS_HASH_BLOB ) UserCert; CertSize = sizeof(EFS_HASH_BLOB) + CertHashBlob->cbData; UserItem->m_pCert = new BYTE[CertSize]; if ( !UserItem->m_pCert ) { AfxThrowMemoryException( ); } ((PEFS_HASH_BLOB)UserItem->m_pCert)->cbData = CertHashBlob->cbData; ((PEFS_HASH_BLOB)UserItem->m_pCert)->pbData = (PBYTE)(UserItem->m_pCert) + sizeof(EFS_HASH_BLOB);
// security review 2/27/2002 BryanWal ok
memcpy(((PEFS_HASH_BLOB)UserItem->m_pCert)->pbData, CertHashBlob->pbData, CertHashBlob->cbData); } else { //
// The info is from the user picked cert. Use m_pCert Blob structure
//
CertBlob = ( PEFS_CERTIFICATE_BLOB ) UserCert; CertSize = sizeof(EFS_CERTIFICATE_BLOB) + CertBlob->cbData; UserItem->m_pCert = new BYTE[CertSize]; if ( NULL == UserItem->m_pCert ){ AfxThrowMemoryException( ); } ((PEFS_CERTIFICATE_BLOB)UserItem->m_pCert)->cbData = CertBlob->cbData; ((PEFS_CERTIFICATE_BLOB)UserItem->m_pCert)->dwCertEncodingType = CertBlob->dwCertEncodingType; ((PEFS_CERTIFICATE_BLOB)UserItem->m_pCert)->pbData = (PBYTE)(UserItem->m_pCert) + sizeof(EFS_CERTIFICATE_BLOB); // security review 2/27/2002 BryanWal ok
memcpy(((PEFS_CERTIFICATE_BLOB)UserItem->m_pCert)->pbData, CertBlob->pbData, CertBlob->cbData); } UserItem->m_szUserName = pszUserName; UserItem->m_szDnName = pszDnName; UserItem->m_pCertContext = pCertContext; UserItem->m_dwFlag = dwFlag; if ( dwFlag & USERADDED ) { m_UserAddedCnt ++; } } catch (...) { delete [] UserItem->m_UserSid; delete [] UserItem->m_pCert; delete UserItem; AfxThrowMemoryException( ); return ERROR_NOT_ENOUGH_MEMORY; }
//
// Add to the head
//
if ( m_UsersRoot ) { UserItem->m_pNext = m_UsersRoot; } m_UsersRoot = UserItem;
return NO_ERROR;}
DWORDCUsers::Remove( LPCWSTR m_szUserName, LPCWSTR UserCertName )//////////////////////////////////////////////////////////////////////
// Routine Description:
// Remove a user from the list. Actually just mark for remove.
// Arguments:
// m_szUserName -- User's name
// UserCertName -- User's certificate name
// Return Value:
// NO_ERROR if succeed.
// ERROR_NOT_FOUND if the user cannot be found.
//
//////////////////////////////////////////////////////////////////////
{ PUSERSONFILE TmpUserItem = m_UsersRoot; bool bUserMatched = false;
while ( TmpUserItem ){ if (((NULL==m_szUserName) && ( NULL == TmpUserItem->m_szUserName)) || ( m_szUserName && TmpUserItem->m_szUserName && !_tcsicmp(m_szUserName, TmpUserItem->m_szUserName))){
//
// Make sure the CertName matches also if the user name is NULL
//
if (NULL==m_szUserName) { if (((NULL==UserCertName) && ( NULL == TmpUserItem->m_szDnName)) || (UserCertName && TmpUserItem->m_szDnName && !_tcsicmp(UserCertName, TmpUserItem->m_szDnName))){
bUserMatched = true; } } else { bUserMatched = true; }
if (bUserMatched) { //
// User exist, mark it for remove
//
if ( TmpUserItem->m_dwFlag & USERINFILE ){ m_UserRemovedCnt++; } else if ( TmpUserItem->m_dwFlag & USERADDED ) { m_UserAddedCnt--; } TmpUserItem->m_dwFlag |= USERREMOVED; return NO_ERROR; } } TmpUserItem = TmpUserItem->m_pNext; } return ERROR_NOT_FOUND;}
PUSERSONFILE CUsers::StartEnum()//////////////////////////////////////////////////////////////////////
// Routine Description:
// Prepare for GetNextUser
// Arguments:
//
// Return Value:
// A pointer used for GetNextUser
//
//////////////////////////////////////////////////////////////////////
{ return m_UsersRoot;}
PUSERSONFILE CUsers::GetNextUser( PUSERSONFILE Token, CString &szUserName, CString &CertName )//////////////////////////////////////////////////////////////////////
// Routine Description:
// Get next user in the list.(Not removed).
// Arguments:
// m_szUserName -- m_pNext User's name
// CertName -- Certificate name
// Token -- A pointer returned by previous GetNextUser or StartEnum.
// Return Value:
// A pointer for GetNextUser()
//
//////////////////////////////////////////////////////////////////////
{
PUSERSONFILE TmpItem = Token; PUSERSONFILE RetPointer = NULL;
while ( TmpItem ) { if ( TmpItem->m_dwFlag & USERREMOVED ) { TmpItem = TmpItem->m_pNext; continue; }
try{ szUserName = TmpItem->m_szUserName; CertName = TmpItem->m_szDnName; RetPointer = TmpItem->m_pNext; } catch (...){
//
// Out of memory
//
TmpItem = NULL; RetPointer = NULL; } break; }
if ( NULL == TmpItem ) { szUserName.Empty(); CertName.Empty(); } return RetPointer;
}
DWORD CUsers::GetUserAddedCnt(){ return m_UserAddedCnt;}
DWORD CUsers::GetUserRemovedCnt(){ return m_UserRemovedCnt;}
PVOID CUsers::GetNextChangedUser( PVOID Token, LPWSTR * m_szUserName, LPWSTR * m_szDnName, PSID * m_UserSid, PVOID * CertData, DWORD * m_dwFlag )//////////////////////////////////////////////////////////////////////
// Routine Description:
// Get the info for changed users. This method is not well behaved in the
// sense of OOP. It exposes internal pointers to the ouside world. The gain
// is performance. At this moment, CUsers is a supporting class and used only
// by USERLIST and CAddEFSWizSheet (single thread). We can make USERLIST a
// friend of CUsers if such concerns are raised in the future or reimplement this.
// The same issue applies to the enumerate methods.
//
// Arguments:
// Token -- A pointer to the item returned in previous GetNextChangedUser or StartEnum.
// m_szUserName -- User's name
// m_szDnName -- User's Distinguished name
// CertData -- User's certificate blob or hash
// m_UserSid -- User's ID. Can be NULL
// m_dwFlag -- Indicate if the item is existing in the file, to be added or removed
// Return Value:
// m_pNext item pointer.
//
//////////////////////////////////////////////////////////////////////
{ bool bChangedUserFound = false;
while ( Token ) { *m_dwFlag = ((PUSERSONFILE) Token)->m_dwFlag;
if ( ( *m_dwFlag & USERADDED ) && !( *m_dwFlag & USERREMOVED )) { //
// The user is to to be added to the file
//
*m_dwFlag = USERADDED; bChangedUserFound = true; } else if ( ( *m_dwFlag & USERREMOVED ) && ( *m_dwFlag & USERINFILE)) { //
// The user is to be removed from the file
//
*m_dwFlag = USERREMOVED; bChangedUserFound = true; }
if ( bChangedUserFound ) { *m_szUserName = ((PUSERSONFILE) Token)->m_szUserName; *m_szDnName = ((PUSERSONFILE) Token)->m_szDnName; *m_UserSid = ((PUSERSONFILE) Token)->m_UserSid; *CertData = ((PUSERSONFILE) Token)->m_pCert; return ((PUSERSONFILE) Token)->m_pNext; } else { Token = ((PUSERSONFILE) Token)->m_pNext; }
}
*m_szUserName = NULL; *m_szDnName = NULL; *m_UserSid = NULL; *CertData = NULL; *m_dwFlag = 0; return NULL;}
void CUsers::Clear(){ PUSERSONFILE TmpUserItem = m_UsersRoot; while (TmpUserItem) { m_UsersRoot = TmpUserItem->m_pNext; delete [] TmpUserItem->m_szUserName; delete [] TmpUserItem->m_szDnName; delete [] TmpUserItem->m_pCert; if (TmpUserItem->m_UserSid) { delete [] TmpUserItem->m_UserSid; } if (TmpUserItem->m_pCertContext) { ::CertFreeCertificateContext(TmpUserItem->m_pCertContext); } delete TmpUserItem; TmpUserItem = m_UsersRoot; }
m_UsersRoot = NULL; m_UserAddedCnt = 0; m_UserRemovedCnt = 0;
}
|
