archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/inetsrv/iis/admin/common/strpass.cpp

348 lines
7.9 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1994-2002 Microsoft Corporation
  5. Module Name :
  6. strpass.cpp
  8. Abstract:
  9. Message Functions
  11. Author:
  12. Aaron Lee (aaronl)
  14. Project:
  15. Internet Services Manager
  17. Revision History:
  19. --*/
  21. #include "stdafx.h"
  22. #include "common.h"
  23. #include "strpass.h"
  24. #include "cryptpass.h"
  25. #include <strsafe.h>
  27. #ifdef _DEBUG
  28. #undef THIS_FILE
  29. static char BASED_CODE THIS_FILE[] = __FILE__;
  30. #endif
  33. #define new DEBUG_NEW
  35. void CStrPassword::ClearPasswordBuffers(void)
  36. {
  37. if (NULL != m_pszDataEncrypted)
  38. {
  39. if (m_cbDataEncrypted > 0)
  40. {
  41. SecureZeroMemory(m_pszDataEncrypted,m_cbDataEncrypted);
  42. }
  43. LocalFree(m_pszDataEncrypted);m_pszDataEncrypted=NULL;
  44. m_pszDataEncrypted = NULL;
  45. }
  46. m_cbDataEncrypted = 0;
  47. }
  49. // constructor
  50. CStrPassword::CStrPassword()
  51. {
  52. m_pszDataEncrypted = NULL;
  53. m_cbDataEncrypted = 0;
  54. }
  56. CStrPassword::~CStrPassword()
  57. {
  58. ClearPasswordBuffers();
  59. }
  61. // constructor
  62. CStrPassword::CStrPassword(LPTSTR lpch)
  63. {
  64. m_pszDataEncrypted = NULL;
  65. m_cbDataEncrypted = 0;
  67. // Copy the string
  68. if (NULL != lpch)
  69. {
  70. if (FAILED(EncryptMemoryPassword(lpch,&m_pszDataEncrypted,&m_cbDataEncrypted)))
  71. {
  72. ASSERT(FALSE);
  73. }
  74. }
  75. }
  77. // constructor
  78. CStrPassword::CStrPassword(LPCTSTR lpch)
  79. {
  80. CStrPassword((LPTSTR) lpch);
  81. }
  83. // constructor
  84. CStrPassword::CStrPassword(CStrPassword& csPassword)
  85. {
  86. m_pszDataEncrypted = NULL;
  87. m_cbDataEncrypted = 0;
  88. LPTSTR lpTempPassword = csPassword.GetClearTextPassword();
  89. if (FAILED(EncryptMemoryPassword((LPTSTR) lpTempPassword,&m_pszDataEncrypted,&m_cbDataEncrypted)))
  90. {
  91. ASSERT(FALSE);
  92. }
  93. csPassword.DestroyClearTextPassword(lpTempPassword);
  94. }
  96. BOOL CStrPassword::IsEmpty() const
  97. {
  98. if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
  99. {
  100. return FALSE;
  101. }
  102. return TRUE;
  103. }
  105. void CStrPassword::Empty()
  106. {
  107. ClearPasswordBuffers();
  108. }
  110. int CStrPassword::GetLength() const
  111. {
  112. int iRet = 0;
  113. LPTSTR lpszTempPassword = NULL;
  115. if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
  116. {
  117. if (SUCCEEDED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
  118. {
  119. iRet = _tcslen(lpszTempPassword);
  120. }
  121. }
  123. if (lpszTempPassword)
  124. {
  125. SecureZeroMemory(lpszTempPassword,(_tcslen(lpszTempPassword)+1) * sizeof(TCHAR));
  126. LocalFree(lpszTempPassword);lpszTempPassword=NULL;
  127. }
  128. return iRet;
  129. };
  131. int CStrPassword::GetByteLength() const
  132. {
  133. int iRet = 0;
  134. LPTSTR lpszTempPassword = NULL;
  136. if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
  137. {
  138. if (SUCCEEDED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
  139. {
  140. iRet = (_tcslen(lpszTempPassword) + 1) * sizeof(TCHAR);
  141. }
  142. }
  144. if (lpszTempPassword)
  145. {
  146. SecureZeroMemory(lpszTempPassword,(_tcslen(lpszTempPassword)+1) * sizeof(TCHAR));
  147. LocalFree(lpszTempPassword);lpszTempPassword=NULL;
  148. }
  149. return iRet;
  150. };
  152. int CStrPassword::Compare(LPCTSTR lpsz) const
  153. {
  154. // identical = 0
  155. // not equal = 1
  156. int iRet = 1;
  157. LPTSTR lpszTempPassword = NULL;
  159. if (lpsz == NULL)
  160. {
  161. return this->IsEmpty() ? 0 : 1;
  162. }
  163. if (lpsz[0] == NULL)
  164. {
  165. return this->IsEmpty() ? 0 : 1;
  166. }
  168. // Decrypt what we have
  169. if (!m_pszDataEncrypted || (m_cbDataEncrypted < 1))
  170. {
  171. // means we have nothing in here
  172. // but they want to compare it to something
  173. return iRet;
  174. }
  176. if (FAILED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
  177. {
  178. goto CStrPassword_Compare_Exit;
  179. }
  180. else
  181. {
  182. iRet = _tcscmp(lpszTempPassword,lpsz);
  183. }
  185. CStrPassword_Compare_Exit:
  186. if (lpszTempPassword)
  187. {
  188. LocalFree(lpszTempPassword);lpszTempPassword=NULL;
  189. }
  190. return iRet;
  191. }
  193. const CStrPassword& CStrPassword::operator=(LPCTSTR lpsz)
  194. {
  195. ClearPasswordBuffers();
  196. if (lpsz != NULL)
  197. {
  198. // make sure it's pointing to some value
  199. if (*lpsz != NULL)
  200. {
  201. // Copy the string
  202. if (FAILED(EncryptMemoryPassword((LPTSTR) lpsz,&m_pszDataEncrypted,&m_cbDataEncrypted)))
  203. {
  204. ASSERT(FALSE);
  205. }
  206. }
  207. }
  208. return *this;
  209. }
  211. const CStrPassword& CStrPassword::operator= (CStrPassword& StrPass)
  212. {
  213. // handle the a = a case.
  214. if (this == &StrPass)
  215. {
  216. return *this;
  217. }
  218. ClearPasswordBuffers();
  219. if (!StrPass.IsEmpty())
  220. {
  221. LPTSTR p = StrPass.GetClearTextPassword();
  222. ASSERT(NULL != p);
  223. if (FAILED(EncryptMemoryPassword((LPTSTR) p,&m_pszDataEncrypted,&m_cbDataEncrypted)))
  224. {
  225. ASSERT(FALSE);
  226. }
  227. StrPass.DestroyClearTextPassword(p);
  228. }
  229. return *this;
  230. }
  232. void CStrPassword::CopyTo(CString& stringSrc)
  233. {
  234. LPTSTR lpTempPassword = GetClearTextPassword();
  235. stringSrc = lpTempPassword;
  236. DestroyClearTextPassword(lpTempPassword);
  237. return;
  238. }
  240. void CStrPassword::CopyTo(CStrPassword& stringSrc)
  241. {
  242. LPTSTR lpTempPassword = GetClearTextPassword();
  243. stringSrc = (LPCTSTR) lpTempPassword;
  244. DestroyClearTextPassword(lpTempPassword);
  245. return;
  246. }
  248. int CStrPassword::Compare(CString& csString) const
  249. {
  250. int iRet = 1;
  251. if (!csString.IsEmpty())
  252. {
  253. return Compare((LPCTSTR) csString);
  254. }
  255. return iRet;
  256. }
  258. int CStrPassword::Compare(CStrPassword& cstrPassword) const
  259. {
  260. int iRet = 1;
  261. if (!cstrPassword.IsEmpty())
  262. {
  263. LPTSTR lpTempPassword = cstrPassword.GetClearTextPassword();
  264. iRet = Compare((LPCTSTR) lpTempPassword);
  265. cstrPassword.DestroyClearTextPassword(lpTempPassword);
  266. return iRet;
  267. }
  268. return iRet;
  269. }
  271. // user needs to LocalFree return.
  272. // or call DestroyClearTextPassword.
  273. LPTSTR CStrPassword::GetClearTextPassword()
  274. {
  275. LPTSTR lpszTempPassword = NULL;
  277. if (m_pszDataEncrypted && (m_cbDataEncrypted > 0))
  278. {
  279. if (FAILED(DecryptMemoryPassword((LPTSTR) m_pszDataEncrypted,&lpszTempPassword,m_cbDataEncrypted)))
  280. {
  281. if (lpszTempPassword)
  282. {
  283. LocalFree(lpszTempPassword);lpszTempPassword=NULL;
  284. }
  285. }
  286. else
  287. {
  288. return lpszTempPassword;
  289. }
  290. }
  291. return NULL;
  292. }
  294. void CStrPassword::DestroyClearTextPassword(LPTSTR lpClearTextPassword) const
  295. {
  296. if (lpClearTextPassword)
  297. {
  298. SecureZeroMemory(lpClearTextPassword,(_tcslen(lpClearTextPassword)+1) * sizeof(TCHAR));
  299. LocalFree(lpClearTextPassword);lpClearTextPassword=NULL;
  300. }
  301. return;
  302. }
  304. // assign to a CString
  305. CStrPassword::operator CString()
  306. {
  307. LPTSTR lpTempPassword = GetClearTextPassword();
  308. CString csTempCString(lpTempPassword);
  309. DestroyClearTextPassword(lpTempPassword);
  310. return csTempCString;
  311. }
  313. bool CStrPassword::operator==(CStrPassword& csCompareToMe)
  314. {
  315. LPTSTR lpTempPassword1 = NULL;
  316. LPTSTR lpTempPassword2 = NULL;
  317. bool result = FALSE;
  319. // handle the a == a case
  320. if (this == &csCompareToMe)
  321. {
  322. return TRUE;
  323. }
  325. if (GetLength() != csCompareToMe.GetLength())
  326. {
  327. // can't be the same if lengths differ...
  328. return FALSE;
  329. }
  331. // check the case when both are empty (fix for 593488)
  332. if (GetLength() == 0 && csCompareToMe.GetLength() == 0)
  333. {
  334. return TRUE;
  335. }
  337. // Two strings are the same if their decoded contents are the same.
  338. lpTempPassword1 = GetClearTextPassword();
  339. lpTempPassword2 = csCompareToMe.GetClearTextPassword();
  341. result = (_tcscmp(lpTempPassword1, lpTempPassword2) == 0);
  343. if (lpTempPassword1)
  344. {DestroyClearTextPassword(lpTempPassword1);}
  345. if (lpTempPassword2)
  346. {csCompareToMe.DestroyClearTextPassword(lpTempPassword2);}
  347. return result;
  348. }