archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/security/cryptoapi/pki/activex/xenroll/sfscript.cpp

125 lines
3.2 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 2002
  6. //
  7. // File: sfscript.cpp
  8. //
  9. //--------------------------------------------------------------------------
  11. #include <windows.h>
  12. #include <wincrypt.h>
  13. #include <dbgdef.h>
  14. #include "unicode.h"
  15. #include "resource.h"
  16. #include "sfscript.h"
  18. // handle to xenroll initalized in DllMain
  19. extern HINSTANCE hInstanceXEnroll;
  21. // implemented in cenroll.cpp
  22. HRESULT xeLoadRCString(IN HINSTANCE hInstance,
  23. IN int iRCId,
  24. OUT WCHAR **ppwsz);
  27. BOOL VerifyProviderFlagsSafeForScripting(DWORD dwFlags) {
  28. DWORD dwSafeFlags = CRYPT_MACHINE_KEYSET;
  30. // Return FALSE if the flag contains an unsafe flag.
  31. return 0 == (dwFlags & ~dwSafeFlags);
  32. }
  34. BOOL VerifyStoreFlagsSafeForScripting(DWORD dwFlags) {
  35. DWORD dwSafeFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE | CERT_SYSTEM_STORE_CURRENT_USER;
  37. // Return FALSE if the flag contains an unsafe flag.
  38. return 0 == (dwFlags & ~dwSafeFlags);
  39. }
  41. BOOL VerifyStoreSafeForScripting(HCERTSTORE hStore) {
  43. DWORD fRet = FALSE;
  44. PCCERT_CONTEXT pCertContext = NULL;
  45. DWORD dwCertCnt = 0;
  46. WCHAR *pwszSafety = NULL;
  47. WCHAR *pwszMsg = NULL;
  48. HRESULT hr;
  50. // count how many requests in the store
  51. while(NULL != (pCertContext = CertEnumCertificatesInStore(
  52. hStore,
  53. pCertContext)))
  54. dwCertCnt++;
  56. if(dwCertCnt >= MAX_SAFE_FOR_SCRIPTING_REQUEST_STORE_COUNT)
  57. {
  58. hr = xeLoadRCString(hInstanceXEnroll, IDS_NOTSAFEACTION, &pwszSafety);
  59. if (S_OK != hr)
  60. {
  61. goto xeLoadRCStringError;
  62. }
  63. hr = xeLoadRCString(hInstanceXEnroll, IDS_REQ_STORE_FULL, &pwszMsg);
  64. if (S_OK != hr)
  65. {
  66. goto xeLoadRCStringError;
  67. }
  69. switch(MessageBoxU(NULL, pwszMsg, pwszSafety, MB_YESNO | MB_ICONWARNING)) {
  71. case IDYES:
  72. break;
  74. case IDNO:
  75. default:
  76. SetLastError(ERROR_CANCELLED);
  77. goto ErrorCancelled;
  78. break;
  80. }
  81. }
  83. fRet = TRUE;
  84. ErrorReturn:
  85. if (NULL != pwszMsg)
  86. {
  87. LocalFree(pwszMsg);
  88. }
  89. if (NULL != pwszSafety)
  90. {
  91. LocalFree(pwszSafety);
  92. }
  93. return(fRet);
  95. TRACE_ERROR(ErrorCancelled);
  96. TRACE_ERROR(xeLoadRCStringError);
  97. }
  99. BOOL WINAPI MySafeCertAddCertificateContextToStore(HCERTSTORE hCertStore,
  100. PCCERT_CONTEXT pCertContext,
  101. DWORD dwAddDisposition,
  102. PCCERT_CONTEXT *ppStoreContext,
  103. DWORD dwSafetyOptions)
  104. {
  105. BOOL fResult;
  107. if (0 != dwSafetyOptions) {
  108. fResult = VerifyStoreSafeForScripting(hCertStore);
  109. if (!fResult)
  110. goto AccessDeniedError;
  111. }
  113. fResult = CertAddCertificateContextToStore(hCertStore, pCertContext, dwAddDisposition, ppStoreContext);
  114. if (!fResult)
  115. goto CertAddCertificateContextToStoreError;
  117. fResult = TRUE;
  118. ErrorReturn:
  119. return fResult;
  121. SET_ERROR(AccessDeniedError, ERROR_ACCESS_DENIED);
  122. TRACE_ERROR(CertAddCertificateContextToStoreError);
  123. }