archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/inetsrv/iis/admin/common/hosthead.cpp

289 lines
7.1 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. #include "stdafx.h"
  2. #include "common.h"
  3. #include "hosthead.h"
  4. #include "iisdebug.h"
  5. #include <lm.h>
  6. #include <ipexport.h>
  7. #include <ntdef.h>
  9. #ifdef _DEBUG
  10. #undef THIS_FILE
  11. static char BASED_CODE THIS_FILE[] = __FILE__;
  12. #endif
  13. #define new DEBUG_NEW
  15. #define DEFAULT_MAX_LABEL_LENGTH 63
  16. #define ANSI_HIGH_MAX 0x00ff
  17. #define IS_ANSI(c) ((unsigned) (c) <= ANSI_HIGH_MAX)
  18. #define ISDIGIT(x) ( x >= '0' && x <= '9' ? (TRUE) : FALSE )
  19. #define ISHEX(x) ( x >= '0' && x <= '9' ? (TRUE) : \
  20. x >= 'A' && x <= 'F' ? (TRUE) : \
  21. x >= 'a' && x <= 'f' ? (TRUE) : FALSE )
  23. #define IS_ILLEGAL_COMPUTERNAME_SET(x) (\
  24. x == '\"' ? (TRUE) : \
  25. x == '/' ? (TRUE) : \
  26. x == '\\' ? (TRUE) : \
  27. x == '[' ? (TRUE) : \
  28. x == ']' ? (TRUE) : \
  29. x == ':' ? (TRUE) : \
  30. x == '|' ? (TRUE) : \
  31. x == ' ' ? (TRUE) : \
  32. x == '%' ? (TRUE) : \
  33. x == '<' ? (TRUE) : \
  34. x == '>' ? (TRUE) : \
  35. x == '+' ? (TRUE) : \
  36. x == '=' ? (TRUE) : \
  37. x == ';' ? (TRUE) : \
  38. x == ',' ? (TRUE) : \
  39. x == '?' ? (TRUE) : \
  40. x == '*' ? (TRUE) : \
  41. FALSE )
  44. // returns:
  45. // S_OK if it is a valid domain or ipv4 address
  46. // E_FAIL if it is not a valid domain or ipv4 address
  47. //
  48. // comments:
  49. // This code was stolen from NT\net\http\common\C14n.c
  50. // and then modified.
  51. HRESULT IsHostHeaderDomainNameOrIPv4(LPCTSTR pHostname)
  52. {
  53. HRESULT hRes = E_FAIL;
  54. LPCTSTR pChar = NULL;
  55. LPCTSTR pLabel = NULL;
  56. LPCTSTR pEnd = pHostname + _tcslen(pHostname);
  57. BOOL AlphaLabel = FALSE;
  58. INT iPeriodCounts = 0;
  59. NTSTATUS Status;
  61. //
  62. // It must be a domain name or an IPv4 literal. We'll try to treat
  63. // it as a domain name first. If the labels turn out to be all-numeric,
  64. // we'll try decoding it as an IPv4 literal.
  65. //
  66. pLabel = pHostname;
  67. for (pChar = pHostname; pChar < pEnd; ++pChar)
  68. {
  69. // check each character...
  70. if (L'.' == *pChar)
  71. {
  72. ULONG LabelLength = DIFF(pChar - pLabel);
  74. iPeriodCounts++;
  76. // There must be at least one char in the label
  77. if (0 == LabelLength)
  78. {
  79. // Empty label, can't have that...
  80. goto IsHostHeaderDomainNameOrIPv4_Exit;
  81. }
  83. // Label can't have more than 63 chars
  84. if (LabelLength > DEFAULT_MAX_LABEL_LENGTH)
  85. {
  86. // label is too long, can't have that...
  87. goto IsHostHeaderDomainNameOrIPv4_Exit;
  88. }
  90. // Reset for the next label
  91. pLabel = pChar + _tcslen(_T("."));
  93. continue;
  94. }
  96. //
  97. // All chars above 0xFF are considered valid
  98. //
  99. if (!IS_ANSI(*pChar) || !IS_ILLEGAL_COMPUTERNAME_SET(*pChar))
  100. {
  101. if (!IS_ANSI(*pChar) || !ISDIGIT(*pChar))
  102. AlphaLabel = TRUE;
  104. if (pChar > pLabel)
  105. continue;
  107. // The first char of a label cannot be a hyphen. (Underscore?)
  108. if (L'-' == *pChar)
  109. {
  110. // um yeah.
  111. goto IsHostHeaderDomainNameOrIPv4_Exit;
  112. }
  114. continue;
  115. }
  117. // We found some invalid characters in there...
  118. goto IsHostHeaderDomainNameOrIPv4_Exit;
  120. }
  122. // if we get here then the string is either
  123. // a valid domain name or a semi valid ipv4 address
  125. // check if the label had at least one alpha character..
  126. if (AlphaLabel)
  127. {
  128. // if there was a non digit character,
  129. // then it's a domain name.
  130. // this is fine.
  131. hRes = S_OK;
  132. }
  133. else
  134. {
  135. // this could be a ipv4 address
  136. // if there are periods in there... like
  137. // 0.0.0.0 then this is acceptable
  138. // but all number is not
  139. if (iPeriodCounts > 0 )
  140. {
  141. struct in_addr IPv4Address;
  142. LPCTSTR pTerminator = NULL;
  144. // Let's see if it's a valid IPv4 address
  145. Status = RtlIpv4StringToAddressW(
  146. (LPCTSTR) pHostname,
  147. TRUE, // strict => 4 dotted decimal octets
  148. &pTerminator,
  149. &IPv4Address
  150. );
  152. if (!NT_SUCCESS(Status))
  153. {
  154. // Invalid IPv4 address
  155. //RETURN(Status);
  156. goto IsHostHeaderDomainNameOrIPv4_Exit;
  157. }
  159. hRes = S_OK;
  160. }
  161. }
  163. IsHostHeaderDomainNameOrIPv4_Exit:
  164. return hRes;
  165. }
  168. // returns:
  169. // S_OK if it is a valid IPv6 address
  170. // S_FALSE if it is a IPv6 address but something is invalid about it
  171. // E_FAIL if it is not a IPv6 address
  172. //
  173. // comments:
  174. // This code was stolen from NT\net\http\common\C14n.c
  175. // and then modified.
  176. HRESULT IsHostHeaderIPV6(LPCTSTR pHostname)
  177. {
  178. HRESULT hRes = E_FAIL;
  179. LPCTSTR pChar = NULL;
  180. LPCTSTR pEnd = pHostname + _tcslen(pHostname);
  181. NTSTATUS Status;
  183. // Is this an IPv6 literal address, per RFC 2732?
  184. if ('[' == *pHostname)
  185. {
  186. // If it starts with a [
  187. // then it's a IPv6 type
  188. hRes = S_FALSE;
  190. // Empty brackets?
  191. if (_tcslen(pHostname) < _tcslen(_T("[0]"))
  192. || _T(']') == pHostname[1])
  193. {
  194. goto IsHostHeaderIPV6_Exit;
  195. }
  197. for (pChar = pHostname + _tcslen(_T("[")); pChar < pEnd; ++pChar)
  198. {
  199. if (']' == *pChar)
  200. break;
  202. //
  203. // Dots are allowed because the last 32 bits may be represented
  204. // in IPv4 dotted-octet notation. We do not accept Scope IDs
  205. // (indicated by '%') in hostnames.
  206. //
  207. if (ISHEX(*pChar) || ':' == *pChar || '.' == *pChar)
  208. continue;
  210. // Invalid Characters between brackets...
  211. goto IsHostHeaderIPV6_Exit;
  212. }
  214. if (pChar == pEnd)
  215. {
  216. // No ending ']'
  217. goto IsHostHeaderIPV6_Exit;
  218. }
  220. {
  221. struct in6_addr IPv6Address;
  222. LPCTSTR pTerminator = NULL;
  224. // Let the RTL routine do the hard work of parsing IPv6 addrs
  225. Status = RtlIpv6StringToAddressW(
  226. (LPCTSTR) pHostname + _tcslen(_T("[")),
  227. &pTerminator,
  228. &IPv6Address
  229. );
  230. if (! NT_SUCCESS(Status))
  231. {
  232. // Invalid IPv6 address
  233. //RETURN(Status);
  234. goto IsHostHeaderIPV6_Exit;
  235. }
  236. }
  238. // if we got this far, then
  239. // it's probably a valid IPv6 literal
  240. hRes = S_OK;
  241. }
  243. IsHostHeaderIPV6_Exit:
  244. return hRes;
  245. }
  247. HRESULT IsAllNumHostHeader(LPCTSTR pHostname)
  248. {
  249. HRESULT hRes = S_OK;
  250. LPCTSTR pChar = NULL;
  251. LPCTSTR pEnd = pHostname + _tcslen(pHostname);
  252. for (pChar = pHostname; pChar < pEnd; ++pChar)
  253. {
  254. if (!IS_ANSI(*pChar) || !ISDIGIT(*pChar))
  255. {
  256. // Found an alpha label
  257. // return false, that it's not all numeric
  258. hRes = E_FAIL;
  259. break;
  260. }
  261. }
  263. return hRes;
  264. }
  266. HRESULT IsValidHostHeader(LPCTSTR pHostHeader)
  267. {
  268. HRESULT hr = E_FAIL;
  270. hr = IsHostHeaderIPV6(pHostHeader);
  271. if (S_OK == hr)
  272. {
  273. // It is a valid IPV6 address
  274. return S_OK;
  275. }
  276. if (S_FALSE == hr)
  277. {
  278. // It is a IPV6 address but there is something wrong with it
  279. return E_FAIL;
  280. }
  281. else
  282. {
  283. // it is not a IPV6 literal
  284. // Check if it's something else...
  285. hr = IsHostHeaderDomainNameOrIPv4(pHostHeader);
  286. }
  288. return hr;
  289. }