archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/protocols/schannel/spbase/mapcache.c

405 lines
8.9 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 2001.
  5. //
  6. // File: mapcache.c
  7. //
  8. // Contents: Routines to manage a cache that holds issuer names we've
  9. // recently processed via many-to-one certificate mapping.
  10. // This is a negative cache, so only issuers that have failed
  11. // mapping are stored in the cache.
  12. //
  13. // The purpose of this cache is to avoid attempting to map
  14. // the same issuers over and over again. This is especially
  15. // important now that the many-to-one mapper walks up the
  16. // certificate chain, attempting to map each CA as it goes.
  17. //
  18. // This code is active on DC machines only.
  19. //
  20. // Functions:
  21. //
  22. // History: 04-12-2001 jbanes Created
  23. //
  24. //----------------------------------------------------------------------------
  25. #include "spbase.h"
  26. #include <mapper.h>
  28. ISSUER_CACHE IssuerCache;
  30. SP_STATUS
  31. SPInitIssuerCache(void)
  32. {
  33. DWORD i;
  34. NTSTATUS Status;
  36. memset(&IssuerCache, 0, sizeof(IssuerCache));
  37. IssuerCache.dwLifespan = ISSUER_CACHE_LIFESPAN;
  38. IssuerCache.dwCacheSize = ISSUER_CACHE_SIZE;
  39. IssuerCache.dwMaximumEntries = ISSUER_CACHE_SIZE;
  41. InitializeListHead(&IssuerCache.EntryList);
  43. __try {
  44. RtlInitializeResource(&IssuerCache.Lock);
  45. } __except(EXCEPTION_EXECUTE_HANDLER)
  46. {
  47. Status = STATUS_INSUFFICIENT_RESOURCES;
  48. goto cleanup;
  49. }
  50. IssuerCache.LockInitialized = TRUE;
  52. IssuerCache.Cache = (PLIST_ENTRY)SPExternalAlloc(IssuerCache.dwCacheSize * sizeof(LIST_ENTRY));
  53. if(IssuerCache.Cache == NULL)
  54. {
  55. Status = SP_LOG_RESULT(STATUS_NO_MEMORY);
  56. goto cleanup;
  57. }
  59. for(i = 0; i < IssuerCache.dwCacheSize; i++)
  60. {
  61. InitializeListHead(&IssuerCache.Cache[i]);
  62. }
  64. Status = STATUS_SUCCESS;
  66. cleanup:
  68. if(!NT_SUCCESS(Status))
  69. {
  70. SPShutdownIssuerCache();
  71. }
  73. return Status;
  74. }
  77. void
  78. SPShutdownIssuerCache(void)
  79. {
  80. ISSUER_CACHE_ENTRY *pItem;
  81. PLIST_ENTRY pList;
  83. if(IssuerCache.LockInitialized)
  84. {
  85. RtlAcquireResourceExclusive(&IssuerCache.Lock, TRUE);
  86. }
  88. if(IssuerCache.Cache != NULL)
  89. {
  90. pList = IssuerCache.EntryList.Flink;
  92. while(pList != &IssuerCache.EntryList)
  93. {
  94. pItem = CONTAINING_RECORD(pList, ISSUER_CACHE_ENTRY, EntryList.Flink);
  95. pList = pList->Flink;
  97. SPDeleteIssuerEntry(pItem);
  98. }
  100. SPExternalFree(IssuerCache.Cache);
  101. }
  103. if(IssuerCache.LockInitialized)
  104. {
  105. RtlDeleteResource(&IssuerCache.Lock);
  106. IssuerCache.LockInitialized = FALSE;
  107. }
  108. }
  110. void
  111. SPPurgeIssuerCache(void)
  112. {
  113. ISSUER_CACHE_ENTRY *pItem;
  114. PLIST_ENTRY pList;
  116. if(!IssuerCache.LockInitialized)
  117. {
  118. return;
  119. }
  121. if(IssuerCache.dwUsedEntries == 0)
  122. {
  123. return;
  124. }
  126. RtlAcquireResourceExclusive(&IssuerCache.Lock, TRUE);
  128. pList = IssuerCache.EntryList.Flink;
  130. while(pList != &IssuerCache.EntryList)
  131. {
  132. pItem = CONTAINING_RECORD(pList, ISSUER_CACHE_ENTRY, EntryList.Flink);
  133. pList = pList->Flink;
  135. RemoveEntryList(&pItem->IndexEntryList);
  136. RemoveEntryList(&pItem->EntryList);
  137. IssuerCache.dwUsedEntries--;
  139. SPDeleteIssuerEntry(pItem);
  140. }
  142. RtlReleaseResource(&IssuerCache.Lock);
  143. }
  145. void
  146. SPDeleteIssuerEntry(
  147. ISSUER_CACHE_ENTRY *pItem)
  148. {
  149. if(pItem == NULL)
  150. {
  151. return;
  152. }
  154. if(pItem->pbIssuer)
  155. {
  156. LogDistinguishedName(DEB_TRACE, "Delete from cache: %s\n", pItem->pbIssuer, pItem->cbIssuer);
  157. SPExternalFree(pItem->pbIssuer);
  158. }
  160. SPExternalFree(pItem);
  161. }
  163. DWORD
  164. ComputeIssuerCacheIndex(
  165. PBYTE pbIssuer,
  166. DWORD cbIssuer)
  167. {
  168. ULONG Index = 0;
  169. ULONG i;
  171. if(pbIssuer == NULL)
  172. {
  173. Index = 0;
  174. }
  175. else
  176. {
  177. for(i = 0; i < cbIssuer; i++)
  178. {
  179. Index += (pbIssuer[i] ^ 0x55);
  180. }
  182. Index %= IssuerCache.dwCacheSize;
  183. }
  185. return Index;
  186. }
  188. BOOL
  189. SPFindIssuerInCache(
  190. PBYTE pbIssuer,
  191. DWORD cbIssuer)
  192. {
  193. DWORD Index;
  194. DWORD timeNow;
  195. ISSUER_CACHE_ENTRY *pItem;
  196. PLIST_ENTRY pList;
  197. BOOL fFound = FALSE;
  199. if(pbIssuer == NULL || cbIssuer == 0)
  200. {
  201. return FALSE;
  202. }
  204. if(!IssuerCache.LockInitialized)
  205. {
  206. return FALSE;
  207. }
  210. //
  211. // Compute the cache index.
  212. //
  214. Index = ComputeIssuerCacheIndex(pbIssuer, cbIssuer);
  216. Index %= IssuerCache.dwCacheSize;
  219. //
  220. // Search through the cache entries at the computed index.
  221. //
  223. timeNow = GetTickCount();
  225. RtlAcquireResourceShared(&IssuerCache.Lock, TRUE);
  227. pList = IssuerCache.Cache[Index].Flink;
  229. while(pList != &IssuerCache.Cache[Index])
  230. {
  231. pItem = CONTAINING_RECORD(pList, ISSUER_CACHE_ENTRY, IndexEntryList.Flink);
  232. pList = pList->Flink ;
  234. // Has this item expired?
  235. if(HasTimeElapsed(pItem->CreationTime, timeNow, IssuerCache.dwLifespan))
  236. {
  237. continue;
  238. }
  240. // Does the issuer name match?
  241. if(cbIssuer != pItem->cbIssuer)
  242. {
  243. continue;
  244. }
  245. if(memcmp(pbIssuer, pItem->pbIssuer, cbIssuer) != 0)
  246. {
  247. continue;
  248. }
  250. // Found item in cache!!
  251. fFound = TRUE;
  252. break;
  253. }
  255. RtlReleaseResource(&IssuerCache.Lock);
  257. return fFound;
  258. }
  260. void
  261. SPExpireIssuerCacheElements(void)
  262. {
  263. ISSUER_CACHE_ENTRY *pItem;
  264. PLIST_ENTRY pList;
  265. BOOL fDeleteEntry;
  266. DWORD timeNow;
  268. if(!IssuerCache.LockInitialized)
  269. {
  270. return;
  271. }
  273. if(IssuerCache.dwUsedEntries == 0)
  274. {
  275. return;
  276. }
  278. timeNow = GetTickCount();
  280. RtlAcquireResourceExclusive(&IssuerCache.Lock, TRUE);
  282. pList = IssuerCache.EntryList.Flink;
  284. while(pList != &IssuerCache.EntryList)
  285. {
  286. pItem = CONTAINING_RECORD(pList, ISSUER_CACHE_ENTRY, EntryList.Flink);
  287. pList = pList->Flink;
  289. fDeleteEntry = FALSE;
  291. // Mark all expired cache entries as non-resumable.
  292. if(HasTimeElapsed(pItem->CreationTime, timeNow, IssuerCache.dwLifespan))
  293. {
  294. fDeleteEntry = TRUE;
  295. }
  297. // If the cache has gotten too large, then expire elements early. The
  298. // cache elements are sorted by creation time, so the oldest
  299. // entries will be expired first.
  300. if(IssuerCache.dwUsedEntries > IssuerCache.dwMaximumEntries)
  301. {
  302. fDeleteEntry = TRUE;
  303. }
  305. // Remove this entry from the cache.
  306. if(fDeleteEntry)
  307. {
  308. RemoveEntryList(&pItem->IndexEntryList);
  309. RemoveEntryList(&pItem->EntryList);
  310. IssuerCache.dwUsedEntries--;
  312. SPDeleteIssuerEntry(pItem);
  313. }
  314. }
  316. RtlReleaseResource(&IssuerCache.Lock);
  317. }
  320. void
  321. SPAddIssuerToCache(
  322. PBYTE pbIssuer,
  323. DWORD cbIssuer)
  324. {
  325. DWORD Index;
  326. DWORD timeNow;
  327. ISSUER_CACHE_ENTRY *pItem = NULL;
  329. if(pbIssuer == NULL || cbIssuer == 0)
  330. {
  331. return;
  332. }
  334. if(!IssuerCache.LockInitialized)
  335. {
  336. return;
  337. }
  339. //
  340. // Determine if the issuer is already in the cache. This isn't particularly
  341. // thread-safe, so it's possible that the same issuer might sneak into
  342. // the cache multiple times, but that's harmless.
  343. //
  345. if(SPFindIssuerInCache(pbIssuer, cbIssuer))
  346. {
  347. return;
  348. }
  351. //
  352. // Compute the cache index.
  353. //
  355. Index = ComputeIssuerCacheIndex(pbIssuer, cbIssuer);
  357. Index %= IssuerCache.dwCacheSize;
  359. timeNow = GetTickCount();
  362. //
  363. // Allocate a new cache entry.
  364. //
  366. pItem = SPExternalAlloc(sizeof(ISSUER_CACHE_ENTRY));
  367. if(pItem == NULL)
  368. {
  369. SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY);
  370. return;
  371. }
  373. //
  374. // Fill in the cache internal fields.
  375. //
  377. pItem->pbIssuer = SPExternalAlloc(cbIssuer);
  378. if(pItem->pbIssuer == NULL)
  379. {
  380. SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY);
  381. SPExternalFree(pItem);
  382. return;
  383. }
  385. pItem->cbIssuer = cbIssuer;
  386. memcpy(pItem->pbIssuer, pbIssuer, cbIssuer);
  388. pItem->CreationTime = timeNow;
  391. //
  392. // Add the new entry to the cache.
  393. //
  395. LogDistinguishedName(DEB_TRACE, "Add to cache: %s\n", pbIssuer, cbIssuer);
  397. RtlAcquireResourceExclusive(&IssuerCache.Lock, TRUE);
  399. InsertTailList(&IssuerCache.Cache[Index], &pItem->IndexEntryList);
  400. InsertTailList(&IssuerCache.EntryList, &pItem->EntryList);
  401. IssuerCache.dwUsedEntries++;
  403. RtlReleaseResource(&IssuerCache.Lock);
  404. }