archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/ds/security/protocols/digest/cred.cxx

611 lines
18 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (c) Microsoft Corporation 2000
  6. //
  7. // File: creds.cxx
  8. //
  9. // Contents: Credential functions:
  10. //
  11. //
  12. // History: KDamour 15Mar00 Stolen from NTLM
  13. //
  14. //------------------------------------------------------------------------
  15. #include "global.h"
  17. //
  18. // Crit Sect to protect various globals in this module.
  19. //
  21. RTL_CRITICAL_SECTION l_CredentialCritSect;
  23. LIST_ENTRY l_CredentialList;
  25. // Simple variable to make sure that the package was initialize
  26. BOOL g_bCredentialsInitialized = FALSE;
  30. //+--------------------------------------------------------------------
  31. //
  32. // Function: CredHandlerInit
  33. //
  34. // Synopsis: Initializes the credential manager package
  35. //
  36. // Arguments: none
  37. //
  38. // Returns: NTSTATUS
  39. //
  40. // Notes: Called by SpInitialize
  41. //
  42. //---------------------------------------------------------------------
  43. NTSTATUS
  44. CredHandlerInit(VOID)
  45. {
  46. NTSTATUS Status = STATUS_SUCCESS;
  48. //
  49. // Initialize the Credential list to be empty.
  50. //
  52. Status = RtlInitializeCriticalSection(&l_CredentialCritSect);
  53. if (!NT_SUCCESS(Status))
  54. {
  55. DebugLog((DEB_ERROR, "CredHandlerInit: Failed to initialize critsec 0x%x\n", Status));
  56. goto CleanUp;
  57. }
  60. InitializeListHead( &l_CredentialList );
  62. // Simple variable test to make sure all initialized;
  63. g_bCredentialsInitialized = TRUE;
  65. CleanUp:
  67. return Status;
  68. }
  70. NTSTATUS
  71. CredHandlerInsertCred(
  72. IN PDIGEST_CREDENTIAL pDigestCred
  73. )
  74. {
  75. RtlEnterCriticalSection( &l_CredentialCritSect );
  76. pDigestCred->Unlinked = FALSE;
  77. InsertHeadList( &l_CredentialList, &pDigestCred->Next );
  78. RtlLeaveCriticalSection( &l_CredentialCritSect );
  80. return STATUS_SUCCESS;
  81. }
  84. // Initialize the Credential Structure
  85. NTSTATUS
  86. CredentialInit(
  87. IN PDIGEST_CREDENTIAL pDigestCred)
  88. {
  89. NTSTATUS Status = STATUS_SUCCESS;
  90. ASSERT(pDigestCred);
  92. if (!pDigestCred)
  93. {
  94. return STATUS_INVALID_PARAMETER;
  95. }
  97. ZeroMemory(pDigestCred, sizeof(DIGEST_CREDENTIAL));
  98. pDigestCred->Unlinked = TRUE;
  99. pDigestCred->CredentialHandle = (ULONG_PTR)pDigestCred;
  100. pDigestCred->lReferences = 0;
  102. return(Status);
  103. }
  106. // Free up memory utilized by Credential the Credential Structure
  107. NTSTATUS
  108. CredentialFree(
  109. IN PDIGEST_CREDENTIAL pDigestCred)
  110. {
  111. NTSTATUS Status = STATUS_SUCCESS;
  112. ASSERT(pDigestCred);
  113. ASSERT(0 == pDigestCred->lReferences);
  115. UnicodeStringFree(&(pDigestCred->ustrAccountName));
  116. UnicodeStringFree(&(pDigestCred->ustrDomainName));
  118. // Erase any password information
  119. if (((pDigestCred->ustrPassword).MaximumLength) &&
  120. ((pDigestCred->ustrPassword).Buffer))
  121. {
  122. SecureZeroMemory((pDigestCred->ustrPassword).Buffer, (pDigestCred->ustrPassword).MaximumLength);
  123. }
  124. UnicodeStringFree(&(pDigestCred->ustrPassword));
  125. UnicodeStringFree(&(pDigestCred->ustrDomain));
  126. UnicodeStringFree(&(pDigestCred->ustrUpn));
  128. DigestFreeMemory(pDigestCred);
  130. return(Status);
  131. }
  135. /*++
  137. Routine Description:
  139. This routine checks to see if the Credential Handle is from a currently
  140. active client, and references the Credential if it is valid.
  142. The caller can request that the Credential be dereferenced only.
  144. For a client's Credential to be valid, the Credential value
  145. must be on our list of active Credentials.
  148. Arguments:
  150. CredentialHandle - Points to the CredentialHandle of the Credential
  151. to be referenced.
  153. DereferenceCredential - This boolean value indicates whether the caller
  154. wants the logon process's Credential to be referenced (FALSE) or
  155. decremented (TRUE)
  158. Return Value:
  160. NULL - the Credential was not found.
  162. Otherwise - returns a pointer to the referenced credential.
  164. --*/
  166. NTSTATUS
  167. CredHandlerHandleToPtr(
  168. IN ULONG_PTR CredentialHandle,
  169. IN BOOLEAN DereferenceCredential,
  170. OUT PDIGEST_CREDENTIAL * UserCredential
  171. )
  172. {
  173. PLIST_ENTRY ListEntry = NULL;
  174. PDIGEST_CREDENTIAL Credential = NULL;
  175. NTSTATUS Status = STATUS_SUCCESS;
  176. SECPKG_CLIENT_INFO ClientInfo;
  177. SECPKG_CALL_INFO CallInfo;
  179. // LONG lDereferenceCount = 1;
  180. ULONG ulDereferenceCount = 1;
  181. LONG lReferences = 0;
  183. DebugLog((DEB_TRACE_FUNC, "CredHandlerHandleToPtr: Entering Credential 0x%x\n", CredentialHandle));
  185. // set default output
  186. ASSERT(UserCredential);
  187. *UserCredential = NULL ;
  190. ZeroMemory( &CallInfo, sizeof(CallInfo) );
  191. ZeroMemory( &ClientInfo, sizeof(ClientInfo) );
  194. if(g_LsaFunctions->GetCallInfo(&CallInfo))
  195. {
  196. ulDereferenceCount = CallInfo.CallCount;
  197. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: CallCount 0x%x\n", CallInfo.CallCount));
  198. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: Attributes 0x%x\n", CallInfo.Attributes));
  199. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: PID %d Thread %d\n", CallInfo.ProcessId, CallInfo.ThreadId));
  200. }
  201. else
  202. {
  203. ZeroMemory( &CallInfo, sizeof(CallInfo) );
  204. }
  206. Status = g_LsaFunctions->GetClientInfo(&ClientInfo);
  208. if(!NT_SUCCESS(Status))
  209. {
  210. //
  211. // this call can fail during a cleanup call. so ignore that for now,
  212. // and check for cleanup disposition.
  213. //
  215. if ((CallInfo.Attributes & SECPKG_CALL_CLEANUP) != 0)
  216. {
  217. Status = STATUS_SUCCESS;
  218. RtlZeroMemory(
  219. &ClientInfo,
  220. sizeof(SECPKG_CLIENT_INFO)
  221. );
  222. ClientInfo.HasTcbPrivilege = TRUE;
  223. ClientInfo.ProcessID = CallInfo.ProcessId;
  224. }
  226. if( !NT_SUCCESS( Status ) )
  227. {
  228. DebugLog(( DEB_ERROR, "CredHandlerHandleToPtr: GetClientInfo returned 0x%lx\n", Status));
  229. return( Status );
  230. }
  231. }
  233. if( CallInfo.Attributes & SECPKG_CALL_CLEANUP )
  234. {
  235. DebugLog(( DEB_TRACE, "CredHandlerHandleToPtr: Cleanup Called pid: 0x%lx handle: %p refcount: %lu\n",
  236. ClientInfo.ProcessID, CredentialHandle, ulDereferenceCount));
  237. }
  239. //
  240. // Acquire exclusive access to the Credential list
  241. //
  243. RtlEnterCriticalSection( &l_CredentialCritSect );
  246. //
  247. // Now walk the list of Credentials looking for a match.
  248. //
  250. for ( ListEntry = l_CredentialList.Flink;
  251. ListEntry != &l_CredentialList;
  252. ListEntry = ListEntry->Flink )
  253. {
  255. Credential = CONTAINING_RECORD( ListEntry, DIGEST_CREDENTIAL, Next );
  258. //
  259. // Found a match ... reference this Credential
  260. // (if the Credential is being removed, we would increment
  261. // and then decrement the reference, so don't bother doing
  262. // either - since they cancel each other out).
  263. //
  265. if (( Credential == (PDIGEST_CREDENTIAL) CredentialHandle))
  266. {
  268. // Make sure we have the privilege of accessing
  269. // this handle
  271. if (!ClientInfo.HasTcbPrivilege &&
  272. (Credential->ClientProcessID != ClientInfo.ProcessID)
  273. )
  274. {
  275. DebugLog((DEB_ERROR, "CredHandlerHandleToPtr: ProcessIDs are different. Access forbidden.\n"));
  276. break;
  277. }
  279. if (!DereferenceCredential)
  280. {
  281. lReferences = InterlockedIncrement(&Credential->lReferences);
  283. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: Incremented ReferenceCount %ld\n", lReferences));
  284. }
  285. else
  286. {
  287. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: Dereferencing credential\n" ));
  289. ASSERT((ulDereferenceCount > 0));
  291. // Note: Subtract one off of the deref count, this avoids an extra interlock operation
  292. // After exit, SpFreeCredentialsHandle will call CredHandlerRelease
  295. ulDereferenceCount--;
  297. if( ulDereferenceCount == 1 )
  298. {
  299. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: Dereferencing by one count\n" ));
  300. lReferences = InterlockedDecrement( &Credential->lReferences );
  302. ASSERT( (lReferences > 0) );
  304. }
  305. else if( ulDereferenceCount > 1 )
  306. {
  308. //
  309. // there is no equivalent to InterlockedSubtract.
  310. // so, turn it into an Add with some signed magic.
  311. //
  313. LONG lDecrementToIncrement = 0 - ulDereferenceCount;
  315. DebugLog((DEB_TRACE, "CredHandlerHandleToPtr: Dereferencing by %lu count\n", ulDereferenceCount ));
  317. lReferences = InterlockedExchangeAdd( &Credential->lReferences, lDecrementToIncrement );
  318. lReferences += lDecrementToIncrement;
  320. ASSERT( (lReferences > 0) );
  321. }
  322. }
  324. // Found the Credential
  325. *UserCredential = Credential ;
  326. goto CleanUp;
  328. }
  329. }
  332. //
  333. // No match found
  334. //
  335. DebugLog((DEB_WARN, "CredHandlerHandleToCredential: Tried to reference unknown Credential 0x%lx\n",
  336. CredentialHandle ));
  338. Status = STATUS_INVALID_HANDLE;
  340. CleanUp:
  342. RtlLeaveCriticalSection( &l_CredentialCritSect );
  344. DebugLog((DEB_TRACE_FUNC, "CredHandlerHandleToPtr: Leaving Credential 0x%x\n", CredentialHandle));
  346. return(Status);
  347. }
  350. // Locate a Credential based on a LogonId, ProcessID
  351. // For either the Logon list or the Credential list
  353. NTSTATUS
  354. CredHandlerLocatePtr(
  355. IN PLUID pLogonId,
  356. IN ULONG CredentialUseFlags,
  357. OUT PDIGEST_CREDENTIAL * UserCredential
  358. )
  359. {
  360. PLIST_ENTRY ListEntry = NULL;
  361. PDIGEST_CREDENTIAL Credential = NULL;
  362. NTSTATUS Status = STATUS_SUCCESS;
  363. // SECPKG_CLIENT_INFO ClientInfo;
  364. SECPKG_CALL_INFO CallInfo;
  365. LONG lReferences = 0;
  367. DebugLog((DEB_TRACE_FUNC, "CredHandlerLocatePtr: Entering\n"));
  369. *UserCredential = NULL ;
  371. // If we do not have a LogonId
  372. if (!pLogonId)
  373. {
  374. return(STATUS_INVALID_HANDLE);
  375. }
  377. //
  378. // Match both flags
  379. //
  381. // CredentialUseFlags |= CredentialFlags;
  383. if (!g_LsaFunctions->GetCallInfo(&CallInfo))
  384. {
  385. DebugLog((DEB_ERROR,"CredHandlerLocatePtr: Failed to get call info\n"));
  386. return(STATUS_INVALID_HANDLE); // Really this is another error
  387. }
  390. //
  391. // Acquire exclusive access to the Credential list
  392. //
  394. RtlEnterCriticalSection( &l_CredentialCritSect );
  397. //
  398. // Now walk the list of Credentials looking for a match.
  399. //
  401. for ( ListEntry = l_CredentialList.Flink;
  402. ListEntry != &l_CredentialList;
  403. ListEntry = ListEntry->Flink )
  404. {
  406. Credential = CONTAINING_RECORD( ListEntry, DIGEST_CREDENTIAL, Next );
  409. //
  410. // Found a match ... reference this Credential
  411. // (if the Credential is being removed, we would increment
  412. // and then decrement the reference, so don't bother doing
  413. // either - since they cancel each other out).
  414. //
  416. // If this is a session credential then check for appropriate flags (like inbound or outbound)
  417. if ((Credential->CredentialUseFlags & DIGEST_CRED_MATCH_FLAGS) != CredentialUseFlags)
  418. {
  419. continue;
  420. }
  422. if (RtlEqualLuid(&(Credential->LogonId), pLogonId) &&
  423. (Credential->ClientProcessID == CallInfo.ProcessId))
  424. {
  425. lReferences = InterlockedIncrement(&Credential->lReferences);
  427. DebugLog((DEB_TRACE, "CredHandlerLocatePtr: ReferenceCount %ld\n", lReferences));
  429. // Found the Credential
  430. *UserCredential = Credential ;
  432. goto CleanUp;
  434. }
  436. }
  438. //
  439. // No match found
  440. //
  441. DebugLog((DEB_WARN, "CredHandlerLocatePtr: Tried to reference unknown LogonId (%x:%lx)\n",
  442. pLogonId->HighPart, pLogonId->LowPart ));
  443. Status = STATUS_INVALID_HANDLE;
  445. CleanUp:
  447. RtlLeaveCriticalSection( &l_CredentialCritSect );
  450. DebugLog((DEB_TRACE_FUNC, "CredHandlerLocatePtr: Leaving Status 0x%x\n", Status));
  451. return(Status);
  453. }
  457. //+--------------------------------------------------------------------
  458. //
  459. // Function: CredHandlerRelease
  460. //
  461. // Synopsis: Releases the Credential by decreasing reference counter
  462. // if Credential reference count drops to zero, Credential is deleted
  463. //
  464. // Arguments: pCredential - pointer to credential to de-reference
  465. //
  466. // Returns: NTSTATUS
  467. //
  468. // Notes: Called by ASC. Since multiple threads can have a credential
  469. // checked out, simply decrease the reference counter on release.
  470. //
  471. //---------------------------------------------------------------------
  472. NTSTATUS
  473. CredHandlerRelease(
  474. PDIGEST_CREDENTIAL pCredential)
  475. {
  476. NTSTATUS Status = STATUS_SUCCESS;
  478. LONG lReferences = 0;
  480. DebugLog((DEB_TRACE_FUNC, "CredHandlerRelease: Entering for Credential 0x%0x\n", pCredential));
  482. lReferences = InterlockedDecrement(&pCredential->lReferences);
  484. DebugLog((DEB_TRACE, "CredHandlerRelease: ReferenceCount %ld\n", lReferences));
  486. ASSERT( lReferences >= 0 );
  488. //
  489. // If the count has dropped to zero, then free all alloced stuff
  490. // Care must be taken since Cred is still in linked list - need to grab critsec
  491. // and then test again if zero since another thread might have taken a ref to cred
  492. //
  494. if (lReferences == 0)
  495. {
  496. RtlEnterCriticalSection( &l_CredentialCritSect );
  498. // Check to make sure no one took a reference since InterlockDecrement
  499. if (pCredential->lReferences)
  500. {
  501. DebugLog((DEB_TRACE, "CredHandlerRelease: Another thread took a reference. No action taken\n"));
  502. }
  503. else
  504. {
  505. // Safe to remove from list and delete
  506. // Check if added into linked list
  507. if (!pCredential->Unlinked)
  508. {
  509. RemoveEntryList( &pCredential->Next );
  510. DebugLog((DEB_TRACE, "CredHandlerRelease: Unlinked Credential 0x%x\n", pCredential));
  511. }
  513. DebugLog((DEB_TRACE, "CredHandlerRelease: Deleting Credential 0x%x\n", pCredential));
  514. Status = CredentialFree(pCredential);
  515. }
  517. RtlLeaveCriticalSection( &l_CredentialCritSect );
  518. }
  520. DebugLog((DEB_TRACE_FUNC, "CredHandlerRelease: Leaving Status 0x%x\n", Status));
  522. return(Status);
  523. }
  526. // Helper functions for processing fields within the credentials
  530. //+--------------------------------------------------------------------
  531. //
  532. // Function: CredHandlerPasswdSet
  533. //
  534. // Synopsis: Set the unicode string password in the credential
  535. //
  536. // Arguments: pCredential - pointer to credential to use
  537. // pustrPasswd - pointer to new password
  538. //
  539. // Returns: NTSTATUS
  540. //
  541. // Notes: might want to use record locking in the future instead
  542. // of an update flag on credentials
  543. //
  544. //---------------------------------------------------------------------
  545. NTSTATUS
  546. CredHandlerPasswdSet(
  547. IN OUT PDIGEST_CREDENTIAL pCredential,
  548. IN PUNICODE_STRING pustrPasswd)
  549. {
  550. NTSTATUS Status = STATUS_SUCCESS;
  552. // Protect writing the info into the credential
  553. RtlEnterCriticalSection( &l_CredentialCritSect );
  554. if (pCredential->ustrPassword.Buffer)
  555. {
  556. SecureZeroMemory((pCredential->ustrPassword).Buffer, (pCredential->ustrPassword).MaximumLength);
  557. UnicodeStringFree(&(pCredential->ustrPassword));
  558. }
  559. Status = UnicodeStringDuplicatePassword(&(pCredential->ustrPassword),pustrPasswd);
  560. RtlLeaveCriticalSection( &l_CredentialCritSect );
  562. if (!NT_SUCCESS(Status))
  563. {
  564. DebugLog((DEB_ERROR, "CredHandlerPasswdSet: Error in setting Credential password, status 0x%0x\n", Status ));
  565. }
  567. return(Status);
  568. }
  572. //+--------------------------------------------------------------------
  573. //
  574. // Function: CredHandlerPasswdGet
  575. //
  576. // Synopsis: Get the unicode string password in the credential
  577. // Locking is only necessary for the logon creds and not the session creds
  578. // but it is just as well to keep it unifom
  579. //
  580. // Arguments: pCredential - pointer to credential to use
  581. // pustrPasswd - pointer to destination copy of password
  582. //
  583. // Returns: NTSTATUS
  584. //
  585. // Notes:
  586. //
  587. //---------------------------------------------------------------------
  588. NTSTATUS
  589. CredHandlerPasswdGet(
  590. IN PDIGEST_CREDENTIAL pCredential,
  591. OUT PUNICODE_STRING pustrPasswd)
  592. {
  593. NTSTATUS Status = STATUS_SUCCESS;
  595. // Protect reading/writing the credential password
  596. RtlEnterCriticalSection( &l_CredentialCritSect );
  597. if (pustrPasswd->Buffer)
  598. {
  599. SecureZeroMemory(pustrPasswd->Buffer, pustrPasswd->MaximumLength);
  600. UnicodeStringFree(pustrPasswd);
  601. }
  602. Status = UnicodeStringDuplicatePassword(pustrPasswd, &(pCredential->ustrPassword));
  603. RtlLeaveCriticalSection( &l_CredentialCritSect );
  604. if (!NT_SUCCESS(Status))
  605. {
  606. DebugLog((DEB_ERROR, "CredHandlerPasswdSet: Error in setting Credential password, status 0x%0x\n", Status ));
  607. }
  609. return(Status);
  610. }