archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/inetsrv/iis/svcs/staxcore/fcache2/sdcache.h

414 lines
7.8 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. SDCACHE.H
  5. This file defines the interface to the Security
  8. --*/
  10. #ifndef _SDCACHE_H_
  11. #define _SDCACHE_H_
  13. typedef
  14. BOOL
  15. (WINAPI *CACHE_ACCESS_CHECK)( IN PSECURITY_DESCRIPTOR pSecurityDescriptor,
  16. IN HANDLE hClientToken,
  17. IN DWORD dwDesiredAccess,
  18. IN PGENERIC_MAPPING GenericMapping,
  19. IN PRIVILEGE_SET* PrivilegeSet,
  20. IN LPDWORD PrivilegeSetLength,
  21. IN LPDWORD GrantedAccess,
  22. IN LPBOOL AccessStatus
  23. ) ;
  29. //
  30. // Define the key for the hash tables we will be using !
  31. //
  32. class CSDKey {
  33. private :
  34. //
  35. // pointer to the GENERIC_MAPPING portion of the key
  36. //
  37. PGENERIC_MAPPING m_pMapping ;
  38. //
  39. // pointer to the security descriptor portion of the key.
  40. //
  41. PSECURITY_DESCRIPTOR m_pSecDesc ;
  42. //
  43. // No use of default constructor allowed !
  44. //
  45. CSDKey() ;
  46. //
  47. // CSDObject is allowed access to our inner members !
  48. //
  49. friend class CSDObject ;
  51. public :
  53. //
  54. // the length of the security descriptor !
  55. // this is publicly available, but should be read only !
  56. //
  57. int m_cbSecDesc ;
  59. //
  60. // Can only construct a key if these are provided
  61. //
  62. inline
  63. CSDKey( PGENERIC_MAPPING pg,
  64. PSECURITY_DESCRIPTOR pSecDesc
  65. ) :
  66. m_pMapping( pg ),
  67. m_pSecDesc( pSecDesc ),
  68. m_cbSecDesc( GetSecurityDescriptorLength( pSecDesc ) ) {
  69. _ASSERT(IsValid()) ;
  70. }
  72. //
  73. // Check that we're correctly initialized !
  74. //
  75. BOOL
  76. IsValid() ;
  78. //
  79. // compare two keys for equality !
  80. //
  81. static
  82. int
  83. MatchKey( CSDKey left, CSDKey right ) ;
  85. //
  86. // compute the hash function of this key !
  87. //
  88. static
  89. DWORD
  90. HashKey( CSDKey Key ) ;
  91. } ;
  94. class CSDObjectContainer ;
  96. //
  97. // This is a variable length object that is placed within the buckets
  98. // of a hash table. Each object contains a Security Descriptor, and
  99. // the GENERIC_MAPPING relevant to evaluating that Security Descriptor.
  100. //
  101. class CSDObject {
  102. private :
  104. enum CONSTANTS {
  105. SIGNATURE = 'ODSC',
  106. DEAD_SIGNATURE = 'ODSX'
  107. } ;
  109. //
  110. // help us recognize this thing in the debugger.
  111. //
  112. DWORD m_dwSignature ;
  114. //
  115. // The refcount for this item.
  116. //
  117. volatile long m_cRefCount ;
  119. //
  120. // The item we use to chain this into a hash bucket.
  121. //
  122. DLIST_ENTRY m_list ;
  124. //
  125. // Store our Hash Value so that we have easy access to it !
  126. //
  127. DWORD m_dwHash ;
  129. //
  130. // Back pointer to the CSDContainer holding our locks !
  131. //
  132. CSDObjectContainer* m_pContainer ;
  134. //
  135. // The GENERIC_MAPPING structure the client provided and associated
  136. // with the use of this security descriptor.
  137. //
  138. GENERIC_MAPPING m_mapping ;
  140. //
  141. // This is a variable length field containing the
  142. // Security descriptor we're holding.
  143. //
  144. DWORD m_rgdwSD[1] ;
  146. //
  147. // Return the security descriptor we're holding within ourselves.
  148. //
  149. inline
  150. PSECURITY_DESCRIPTOR
  151. SecurityDescriptor() {
  152. return (PSECURITY_DESCRIPTOR)&(m_rgdwSD[0]) ;
  153. }
  155. //
  156. // Return the length of the internally held security descriptor.
  157. //
  158. inline
  159. DWORD
  160. SecurityDescriptorLength() {
  161. return GetSecurityDescriptorLength(SecurityDescriptor()) ;
  162. }
  164. //
  165. // Not available to external clients !
  166. //
  167. CSDObject() ;
  169. public :
  171. typedef DLIST_ENTRY* (*PFNDLIST)( class CSDObject* ) ;
  173. //
  174. // Construct a security descriptor object for the cache !
  175. //
  176. inline
  177. CSDObject( DWORD dwHash,
  178. CSDKey& key,
  179. CSDObjectContainer* p
  180. ) :
  181. m_dwSignature( SIGNATURE ),
  182. m_cRefCount( 2 ),
  183. m_dwHash( dwHash ),
  184. m_pContainer( p ),
  185. m_mapping( *key.m_pMapping ) {
  186. CopyMemory( m_rgdwSD, key.m_pSecDesc, GetSecurityDescriptorLength(key.m_pSecDesc) ) ;
  187. }
  189. //
  190. // Our trivial destructor just makes it easy to recognize
  191. // released objects in the debugger .
  192. //
  193. ~CSDObject( ) {
  194. m_dwSignature = DEAD_SIGNATURE ;
  195. }
  197. //
  198. // Need a special operator new to get our variable size part correct !
  199. //
  200. void*
  201. operator new( size_t size, CSDKey& key ) ;
  203. //
  204. // Handle the release correctly !
  205. //
  206. void
  207. operator delete( void* ) ;
  210. //
  211. // We don't allow just anybody to Add References to us !
  212. //
  213. inline
  214. long
  215. AddRef() {
  216. return InterlockedIncrement((long*)&m_cRefCount) ;
  217. }
  219. //
  220. // Anybody is allowed to remove a reference from us !
  221. //
  222. long
  223. Release() ;
  226. //
  227. // Check that we are a valid object !
  228. //
  229. BOOL
  230. IsValid() ;
  232. //
  233. // Determine whether the client has access or not !
  234. //
  235. BOOL
  236. AccessCheck( HANDLE hToken,
  237. ACCESS_MASK accessMask,
  238. CACHE_ACCESS_CHECK pfnAccessCheck
  239. ) ;
  241. //---------------------------
  242. //
  243. // Hash table support functions -
  244. // the following set of functions support the use of these objects
  245. // in the standard hash tables defined in fdlhash.h
  246. //
  248. //
  249. // Get the offset to the doubly linked list within the object.
  250. //
  251. inline static
  252. DLIST_ENTRY*
  253. HashDLIST( CSDObject* p ) {
  254. return &p->m_list ;
  255. }
  257. //
  258. // Get the hash value out of the object !
  259. //
  260. inline static DWORD
  261. ReHash( CSDObject* p ) {
  262. _ASSERT( p->IsValid() ) ;
  263. return p->m_dwHash ;
  264. }
  266. //
  267. // return our key to the caller !
  268. //
  269. inline CSDKey
  270. GetKey() {
  271. _ASSERT( IsValid() ) ;
  272. return CSDKey( &m_mapping, SecurityDescriptor() ) ;
  273. }
  274. } ;
  277. //
  278. // This defines a hash table containing security descriptors !
  279. //
  280. typedef TFDLHash< class CSDObject,
  281. class CSDKey,
  282. &CSDObject::HashDLIST > SDTABLE ;
  284. //
  285. // This object provides the locking and hash table for a specified set
  286. // of security descriptors !
  287. //
  288. class CSDObjectContainer {
  289. private :
  291. enum CONSTANTS {
  292. SIGNATURE = 'CDSC',
  293. DEAD_SIGNATURE = 'CDSX',
  294. INITIAL_BUCKETS = 32,
  295. INCREMENT_BUCKETS = 16,
  296. LOAD = 8
  297. } ;
  299. //
  300. // The signature of the Security Descriptor Container !
  301. //
  302. DWORD m_dwSignature ;
  304. //
  305. // The lock that protects this hash table !
  306. //
  307. CShareLockNH m_lock ;
  309. //
  310. // A hash table instance !
  311. //
  312. SDTABLE m_table ;
  314. //
  315. // our friends include CSDObject which needs to unlike
  316. // out of our hash table upon destruction.
  317. //
  318. friend class CSDObject ;
  320. public :
  322. //
  323. // construct one of these guys !
  324. //
  325. CSDObjectContainer() :
  326. m_dwSignature( SIGNATURE ) {
  327. }
  329. //
  330. // Our trivial destructor just makes it easy to recognize
  331. // released objects in the debugger .
  332. //
  333. ~CSDObjectContainer() {
  334. m_dwSignature = DEAD_SIGNATURE ;
  336. }
  338. //
  339. // Initialize this particular table
  340. //
  341. inline
  342. BOOL
  343. Init() {
  344. return
  345. m_table.Init( INITIAL_BUCKETS,
  346. INCREMENT_BUCKETS,
  347. LOAD,
  348. CSDKey::HashKey,
  349. CSDObject::GetKey,
  350. CSDKey::MatchKey,
  351. CSDObject::ReHash
  352. ) ;
  353. }
  355. //
  356. // Now - find or create a given security descriptor
  357. // item !
  358. //
  359. CSDObject*
  360. FindOrCreate( DWORD dwHash,
  361. CSDKey& key
  362. ) ;
  364. } ;
  366. typedef CRefPtr2<CSDObject> PTRCSDOBJ ;
  367. typedef CHasRef<CSDObject,FALSE> HCSDOBJ ;
  369. //
  370. // This class provides our external interface for caching security descriptors.
  371. //
  372. class CSDMultiContainer {
  373. private :
  375. enum CONSTANTS {
  376. SIGNATURE = 'ODSC',
  377. DEAD_SIGNATURE = 'ODSX',
  378. CONTAINERS=37 // pick a nice prime number !
  379. } ;
  381. //
  382. // our signature !
  383. //
  384. DWORD m_dwSignature ;
  385. //
  386. // a bunch of child containers !
  387. //
  388. CSDObjectContainer m_rgContainer[CONTAINERS] ;
  389. public :
  391. inline
  392. CSDMultiContainer() :
  393. m_dwSignature( SIGNATURE ) {
  394. }
  396. inline
  397. HCSDOBJ
  398. FindOrCreate( PGENERIC_MAPPING pMapping,
  399. PSECURITY_DESCRIPTOR pSecDesc
  400. ) {
  402. CSDKey key( pMapping, pSecDesc ) ;
  403. DWORD dwHash = CSDKey::HashKey( key ) ;
  404. DWORD i = dwHash % CONTAINERS ;
  406. return m_rgContainer[i].FindOrCreate( dwHash, key ) ;
  407. }
  409. BOOL
  410. Init() ;
  412. } ;
  414. #endif _SDCACHE_H_ // end of the security descriptor cache !