|
|
////////////////////////////////////////////////////
//
// Copyright (c) 1997 Microsoft Corporation
//
// Module Name: certmap.cpp
//
// Abstract: IIS privider cert mapper object methods
//
// Author: Philippe Choquier (phillich) 10-Apr-1997
//
// History: Zeyong Xu borrowed the source code from ADSI object
// (created by Philippe Choquier at 10-Apr-1997) at 20-Oct-1999
//
///////////////////////////////////////////////////
#include "iisprov.h"
#include "certmap.h"
const DWORD MAX_CERT_KEY_LEN = METADATA_MAX_NAME_LEN + 1;const DWORD SHA1_HASH_SIZE = 20;
//
// CCertMapperMethod
//
CCertMapperMethod::CCertMapperMethod(LPCWSTR pszMetabasePathIn){ DBG_ASSERT(pszMetabasePathIn != NULL);
m_hmd = NULL;
HRESULT hr = CoCreateInstance( CLSID_MSAdminBase, NULL, CLSCTX_ALL, IID_IMSAdminBase, (void**)&m_pIABase );
THROW_ON_ERROR(hr); hr = Init(pszMetabasePathIn);
THROW_ON_ERROR(hr);}
CCertMapperMethod::~CCertMapperMethod(){ if ( m_pszMetabasePath ) { free( m_pszMetabasePath ); }
if(m_pIABase) m_pIABase->Release();}
HRESULTGetCertificateHashString( PBYTE pbCert, DWORD cbCert, WCHAR *pwszCertHash, DWORD cchCertHashBuffer)/*++
Routine Description:
verifies validity of cert blob by creating cert context and retrieves SHA1 hash and converts it to WCHAR *
Arguments:
pbCert - X.509 certificate blob cbCert - size of the cert blob in bytes pwszCertHash - buffer must be big enough to fit SHA1 hash in hex string form (2 * SHA1_HASH_SIZE + terminating 0 ) cchCertHashBuffer - size of the CertHash buffer in WCHARs (includes trminating string)Returns:
HRESULT
--*/ { HRESULT hr = E_FAIL; BYTE rgbHash[ SHA1_HASH_SIZE ]; DWORD cbSize = SHA1_HASH_SIZE;
#ifndef HEX_DIGIT
#define HEX_DIGIT( nDigit ) \
(WCHAR)((nDigit) > 9 ? \ (nDigit) - 10 + L'a' \ : (nDigit) + L'0') #endif
PCCERT_CONTEXT pCertContext = NULL; pCertContext = CertCreateCertificateContext( X509_ASN_ENCODING, (const BYTE *)pbCert, cbCert ); if ( pCertContext == NULL ) { hr = HRESULT_FROM_WIN32( GetLastError() ); return hr; }
//
// get hash of the certificate to be verified
//
if ( !CertGetCertificateContextProperty( pCertContext, CERT_SHA1_HASH_PROP_ID, rgbHash, &cbSize ) ) { hr = HRESULT_FROM_WIN32( GetLastError() ); CertFreeCertificateContext( pCertContext ); pCertContext = NULL; return hr; } CertFreeCertificateContext( pCertContext ); pCertContext = NULL;
if ( cchCertHashBuffer < SHA1_HASH_SIZE * 2 + 1 ) { // we don't have big enough buffer to store
// hex string of the SHA1 hash each byte takes 2 chars + terminating 0
hr = HRESULT_FROM_WIN32( ERROR_INVALID_PARAMETER ); return hr; }
//
// convert to text
//
for (int i = 0; i < sizeof(rgbHash); i ++ ) { *(pwszCertHash++) = HEX_DIGIT( ( rgbHash[ i ] >> 4 ) ); *(pwszCertHash++) = HEX_DIGIT( ( rgbHash[ i ] & 0x0F ) ); } *(pwszCertHash) = L'\0'; #undef HEX_DIGIT
return S_OK;}
//
// CreateMapping(): Create a mapping entry
//
// Arguments:
//
// vCert - X.509 certificate
// bstrNtAcct - NT acct to map to
// bstrNtPwd - NT pwd
// bstrName - friendly name for mapping entry
// lEnabled - 1 to enable mapping entry, 0 to disable it
//
HRESULTCCertMapperMethod::CreateMapping( VARIANT vCert, BSTR bstrNtAcct, BSTR bstrNtPwd, BSTR bstrName, LONG lEnabled ){ HRESULT hr; LPBYTE pbCert = NULL; DWORD cbCert; LPBYTE pRes; DWORD cRes; VARIANT vOldAcct; VARIANT vOldCert; VARIANT vOldPwd; VARIANT vOldName; VARIANT vOldEnabledFlag; PCCERT_CONTEXT pcCert = NULL; WCHAR wszCertHash[ 2*SHA1_HASH_SIZE + 1]; BOOL fFoundExisting = FALSE;
//
// Do some sanity checks on the cert
//
if ( SUCCEEDED( hr = GetBlobFromVariant( &vCert, &pbCert, &cbCert ) ) ) { //
// verify validity of certificate blob
// and retrieve certificate hash
//
if ( FAILED( hr = GetCertificateHashString( pbCert, cbCert, wszCertHash, sizeof( wszCertHash )/sizeof( WCHAR ) ) ) ) { DBGPRINTF((DBG_CONTEXT, "Invalid cert passed to CreateMapping() 0x%x\n", hr)); //
// If the decoding fails, GetLastError() returns an ASN1 decoding
// error that is obtained by subtracting CRYPT_E_OSS_ERROR from the returned
// error and looking in file asn1code.h for the actual error. To avoid the
// cryptic ASN1 errors, we'll just return a general "invalid arg" error
//
goto Exit; } } else { goto Exit; }
//
// check if we already have a mapping for this cert; if we do, we'll replace that mapping
// with the new one
//
WCHAR achIndex[MAX_CERT_KEY_LEN]; if ( SUCCEEDED( hr = OpenMd( L"Cert11/Mappings", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ ) ) ) { if ( SUCCEEDED(hr = Locate( IISMAPPER_LOCATE_BY_CERT, vCert, achIndex )) ) { fFoundExisting = TRUE; DBGPRINTF((DBG_CONTEXT, "Replacing old 1-1 cert mapping with new mapping\n")); if ( FAILED( hr = SetMdData( achIndex, MD_MAPENABLED, DWORD_METADATA, sizeof(DWORD), (LPBYTE)&lEnabled ) ) || FAILED( hr = SetMdData( achIndex, MD_MAPNAME, STRING_METADATA, sizeof(WCHAR) * (SysStringLen(bstrName) + 1 ), (LPBYTE)bstrName ) ) || FAILED( hr = SetMdData( achIndex, MD_MAPNTPWD, STRING_METADATA, sizeof(WCHAR) * (SysStringLen(bstrNtPwd) + 1 ), (LPBYTE)bstrNtPwd ) ) || FAILED( hr = SetMdData( achIndex, MD_MAPNTACCT, STRING_METADATA, sizeof(WCHAR) * (SysStringLen(bstrNtAcct) + 1 ), (LPBYTE)bstrNtAcct ) ) || FAILED( hr = SetMdData( achIndex, MD_MAPCERT, BINARY_METADATA, cbCert, (LPBYTE)pbCert ) ) ) { //NOP - Something failed
} } CloseMd( SUCCEEDED( hr ) ); } //
// New mapping
//
if ( !fFoundExisting ) { //
// check mapping exists, create if not
//
hr = OpenMd( L"Cert11/Mappings", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ );
if ( hr == RETURNCODETOHRESULT( ERROR_PATH_NOT_FOUND ) ) { if ( SUCCEEDED( hr = OpenMd( L"", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ ) ) ) { hr = CreateMdObject( L"Cert11/Mappings" ); CloseMd( FALSE );
// Reopen to the correct node.
hr = OpenMd( L"Cert11/Mappings", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ ); } }
if ( FAILED( hr ) ) { goto Exit; }
//
// adding the new mapping under it's CertHash node
//
if ( SUCCEEDED( hr = CreateMdObject( wszCertHash ) ) ) {
if ( FAILED( hr = SetMdData( wszCertHash, MD_MAPENABLED, DWORD_METADATA, sizeof(DWORD), (LPBYTE)&lEnabled ) ) || FAILED( hr = SetMdData( wszCertHash, MD_MAPNAME, STRING_METADATA, sizeof(WCHAR) * (SysStringLen(bstrName) + 1 ), (LPBYTE)bstrName ) ) || FAILED( hr = SetMdData( wszCertHash, MD_MAPNTPWD, STRING_METADATA, sizeof(WCHAR) * (SysStringLen(bstrNtPwd) + 1 ), (LPBYTE)bstrNtPwd ) ) || FAILED( hr = SetMdData( wszCertHash, MD_MAPNTACCT, STRING_METADATA, sizeof(WCHAR) * (SysStringLen(bstrNtAcct) + 1 ), (LPBYTE)bstrNtAcct ) ) || FAILED( hr = SetMdData( wszCertHash, MD_MAPCERT, BINARY_METADATA, cbCert, (LPBYTE)pbCert ) ) ) { } } }
Exit: if( pbCert != NULL ) { free( pbCert ); pbCert = NULL; } CloseMd( SUCCEEDED( hr ) ); return hr;}
//
// GetMapping: Get a mapping entry using key
//
// Arguments:
//
// lMethod - method to use for access ( IISMAPPER_LOCATE_BY_* )
// vKey - key to use to locate mapping
// pvCert - X.509 certificate
// pbstrNtAcct - NT acct to map to
// pbstrNtPwd - NT pwd
// pbstrName - friendly name for mapping entry
// plEnabled - 1 to enable mapping entry, 0 to disable it
//
HRESULTCCertMapperMethod::GetMapping( LONG lMethod, VARIANT vKey, VARIANT* pvCert, VARIANT* pbstrNtAcct, VARIANT* pbstrNtPwd, VARIANT* pbstrName, VARIANT* plEnabled ){ WCHAR achIndex[MAX_CERT_KEY_LEN]; HRESULT hr; DWORD dwLen; LPBYTE pbData = NULL;
VariantInit( pvCert ); VariantInit( pbstrNtAcct ); VariantInit( pbstrNtPwd ); VariantInit( pbstrName ); VariantInit( plEnabled );
if ( SUCCEEDED( hr = OpenMd( L"Cert11/Mappings", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ ) ) ) { if ( SUCCEEDED(hr = Locate( lMethod, vKey, achIndex )) ) { if ( SUCCEEDED( hr = GetMdData( achIndex, MD_MAPCERT, BINARY_METADATA, &dwLen, &pbData ) ) ) { if ( FAILED( hr = SetVariantAsByteArray( pvCert, dwLen, pbData ) ) ) { goto Done; } free( pbData ); pbData = NULL;
} else { if ( hr != MD_ERROR_DATA_NOT_FOUND || FAILED( hr = SetVariantAsByteArray( pvCert, 0, (PBYTE)"" ) ) ) { goto Done; } }
if ( SUCCEEDED( hr = GetMdData( achIndex, MD_MAPNTACCT, STRING_METADATA, &dwLen, &pbData ) ) ) { if ( FAILED( hr = SetVariantAsBSTR( pbstrNtAcct, dwLen, pbData ) ) ) { goto Done; } free( pbData ); pbData = NULL; } else { if ( hr != MD_ERROR_DATA_NOT_FOUND || FAILED ( hr = SetVariantAsBSTR( pbstrNtAcct, sizeof(L""), (LPBYTE)L"" ) ) ) { goto Done; } }
if ( SUCCEEDED( hr = GetMdData( achIndex, MD_MAPNTPWD, STRING_METADATA, &dwLen, &pbData ) ) ) { if ( FAILED( hr = SetVariantAsBSTR( pbstrNtPwd, dwLen, pbData ) ) ) { goto Done; } free( pbData ); pbData = NULL; } else { if ( hr != MD_ERROR_DATA_NOT_FOUND || FAILED( hr = SetVariantAsBSTR( pbstrNtPwd, sizeof(L""), (LPBYTE)L"" ) ) ) { goto Done; } }
if ( SUCCEEDED( hr = GetMdData( achIndex, MD_MAPNAME, STRING_METADATA, &dwLen, &pbData ) ) ) { if ( FAILED( hr = SetVariantAsBSTR( pbstrName, dwLen, pbData ) ) ) { goto Done; } free( pbData ); pbData = NULL; } else { if ( hr != MD_ERROR_DATA_NOT_FOUND || FAILED( hr = SetVariantAsBSTR( pbstrName, sizeof(L""), (LPBYTE)L"" ) ) ) { goto Done; } }
if ( SUCCEEDED( hr = GetMdData( achIndex, MD_MAPENABLED, DWORD_METADATA, &dwLen, &pbData ) ) ) { if ( FAILED( hr = SetVariantAsLong( plEnabled, *(LPDWORD)pbData ) ) ) { goto Done; } free( pbData ); pbData = NULL; } else { if ( hr != MD_ERROR_DATA_NOT_FOUND || FAILED( hr = SetVariantAsLong( plEnabled, FALSE ) ) ) { goto Done; } hr = S_OK; }
}
Done: if ( pbData != NULL ) { free( pbData ); pbData = NULL; } CloseMd( FALSE ); }
return hr;}
//
// Delete a mapping entry using key
//
HRESULTCCertMapperMethod::DeleteMapping( LONG lMethod, VARIANT vKey ){ WCHAR achIndex[MAX_CERT_KEY_LEN]; HRESULT hr;
if ( SUCCEEDED( hr = OpenMd( L"Cert11/Mappings", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ ) ) ) { if ( SUCCEEDED(hr = Locate( lMethod, vKey, achIndex )) ) { hr = DeleteMdObject( achIndex ); } CloseMd( TRUE ); }
return hr;}
//
// Set the enable flag on a mapping entry using key
//
HRESULTCCertMapperMethod::SetEnabled( LONG lMethod, VARIANT vKey, LONG lEnabled ){ WCHAR achIndex[MAX_CERT_KEY_LEN]; HRESULT hr;
if ( SUCCEEDED( hr = OpenMd( L"Cert11/Mappings", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ ) ) ) { if ( SUCCEEDED(hr = Locate( lMethod, vKey, achIndex )) ) { hr = SetMdData( achIndex, MD_MAPENABLED, DWORD_METADATA, sizeof(DWORD), (LPBYTE)&lEnabled ); } CloseMd( SUCCEEDED( hr ) ); }
return hr;}
//
// Set the Name on a mapping entry using key
//
HRESULT CCertMapperMethod::SetName( LONG lMethod, VARIANT vKey, BSTR bstrName ){ return SetString( lMethod, vKey, bstrName, MD_MAPNAME );}
//
// Set a string property on a mapping entry using key
//
HRESULT CCertMapperMethod::SetString( LONG lMethod, VARIANT vKey, BSTR bstrName, DWORD dwProp ){ WCHAR achIndex[MAX_CERT_KEY_LEN]; LPSTR pszName = NULL; HRESULT hr; DWORD dwLen;
if ( SUCCEEDED( hr = OpenMd( L"Cert11/Mappings", METADATA_PERMISSION_WRITE|METADATA_PERMISSION_READ ) ) ) { if ( SUCCEEDED(hr = Locate( lMethod, vKey, achIndex )) ) { hr = SetMdData( achIndex, dwProp, STRING_METADATA, sizeof(WCHAR) * (SysStringLen(bstrName) + 1 ), (LPBYTE)bstrName ); } CloseMd( SUCCEEDED( hr ) ); }
return hr;}
//
// Set the Password on a mapping entry using key
//
HRESULTCCertMapperMethod::SetPwd( LONG lMethod, VARIANT vKey, BSTR bstrPwd ){ return SetString( lMethod, vKey, bstrPwd, MD_MAPNTPWD );}
//
// Set the NT account name on a mapping entry using key
//
HRESULTCCertMapperMethod::SetAcct( LONG lMethod, VARIANT vKey, BSTR bstrAcct ){ return SetString( lMethod, vKey, bstrAcct, MD_MAPNTACCT );}
HRESULTCCertMapperMethod::OpenMd( LPWSTR pszOpenPath, DWORD dwPermission ){ HRESULT hr; LPWSTR pszPath; UINT cL = wcslen( m_pszMetabasePath );
pszPath = (LPWSTR)malloc( (wcslen(pszOpenPath) + 1 + cL + 1)*sizeof(WCHAR) );
if ( pszPath == NULL ) { return E_OUTOFMEMORY; }
memcpy( pszPath, m_pszMetabasePath, cL * sizeof(WCHAR) ); if ( cL && m_pszMetabasePath[cL-1] != L'/' && *pszOpenPath && *pszOpenPath != L'/' ) { pszPath[cL++] = L'/'; } wcscpy( pszPath + cL, pszOpenPath );
hr = OpenAdminBaseKey( pszPath, dwPermission );
free( pszPath );
return hr;}
HRESULTCCertMapperMethod::CloseMd( BOOL fSave ){ CloseAdminBaseKey(); m_hmd = NULL; if ( m_pIABase && fSave ) { m_pIABase->SaveData(); }
return S_OK;}
HRESULTCCertMapperMethod::DeleteMdObject( LPWSTR pszKey ){ return m_pIABase->DeleteKey( m_hmd, pszKey );}
HRESULTCCertMapperMethod::CreateMdObject( LPWSTR pszKey ){ return m_pIABase->AddKey( m_hmd, pszKey );}
HRESULTCCertMapperMethod::SetMdData( LPWSTR achIndex, DWORD dwProp, DWORD dwDataType, DWORD dwDataLen, LPBYTE pbData ){ METADATA_RECORD md;
md.dwMDDataLen = dwDataLen; md.dwMDDataType = dwDataType; md.dwMDIdentifier = dwProp; md.dwMDAttributes = (dwProp == MD_MAPNTPWD) ? METADATA_SECURE : 0; md.pbMDData = pbData;
return m_pIABase->SetData( m_hmd, achIndex, &md );}
HRESULTCCertMapperMethod::GetMdData( LPWSTR achIndex, DWORD dwProp, DWORD dwDataType, LPDWORD pdwDataLen, LPBYTE* ppbData ){ HRESULT hr; METADATA_RECORD md; DWORD dwRequired;
md.dwMDDataLen = 0; md.dwMDDataType = dwDataType; md.dwMDIdentifier = dwProp; md.dwMDAttributes = 0; md.pbMDData = NULL;
if ( FAILED(hr = m_pIABase->GetData( m_hmd, achIndex, &md, &dwRequired )) ) { if ( hr == RETURNCODETOHRESULT(ERROR_INSUFFICIENT_BUFFER) ) { if ( (*ppbData = (LPBYTE)malloc(dwRequired)) == NULL ) { return E_OUTOFMEMORY; } md.pbMDData = *ppbData; md.dwMDDataLen = dwRequired; hr = m_pIABase->GetData( m_hmd, achIndex, &md, &dwRequired ); *pdwDataLen = md.dwMDDataLen; } } else { *pdwDataLen = 0; *ppbData = NULL; }
return hr;}
//
// Locate a mapping entry based on key
// OpenMd() must be called 1st
//
HRESULTCCertMapperMethod::Locate( LONG lMethod, VARIANT vKey, LPWSTR pszResKey ){ HRESULT hr; PBYTE pbKeyData = NULL; DWORD cbKeyData =0; PBYTE pbCert = NULL; DWORD cbCert =0; DWORD dwProp; LPSTR pRes; DWORD cRes; BOOL fAddDelim = TRUE; VARIANT vKeyUI4; VARIANT vKeyBSTR;
WCHAR achIndex[ METADATA_MAX_NAME_LEN + 1 ]; DWORD dwIndex = 0; DWORD cbData = 0; PBYTE pbData = NULL;
VariantInit( &vKeyUI4 ); VariantInit( &vKeyBSTR ); if ( lMethod == IISMAPPER_LOCATE_BY_INDEX ) { //
// Convert index to numeric value VT_UI4 (within variant)
//
if ( FAILED( hr = VariantChangeType( &vKeyUI4, &vKey, 0, VT_UI4 ) ) ) { goto Exit; } if ( V_UI4( &vKeyUI4 ) == 0 ) { // Error PATH_NOT_FOUND chosen for backward compatibility
// with version IIS5.1 and older
//
hr = HRESULT_FROM_WIN32( ERROR_PATH_NOT_FOUND ); goto Exit; } //
// Index is 1 - based
//
hr = m_pIABase->EnumKeys( m_hmd, L"", achIndex, V_UI4( &vKeyUI4 ) - 1 ); if ( hr == HRESULT_FROM_WIN32( ERROR_NO_MORE_ITEMS ) ) { // Error PATH_NOT_FOUND chosen for backward compatibility
// with version IIS5.1 and older
//
hr = HRESULT_FROM_WIN32( ERROR_PATH_NOT_FOUND ); } goto Exit; }
//
// get ptr to data
//
if ( lMethod == IISMAPPER_LOCATE_BY_CERT ) { // Now this is really wacky. Because of the legacy of the bad
// decision in the past the CERT is not enforced to be byte array
// It can be passed as string. That causes problems with
// conversions between byte array and UNICODE and back
// but we got to stick with it for compatibility with previous versions.
//
if ( FAILED( hr = GetBlobFromVariant( &vKey, &pbCert, &cbCert ) ) ) { goto Exit; } pbKeyData = pbCert; cbKeyData = cbCert; } else { //
// the rest of the lookups (by mapping, name or by account name)
// assumes string
//
if ( FAILED( hr = VariantChangeType( &vKeyBSTR, &vKey, 0, VT_BSTR ) ) ) { goto Exit; } pbKeyData = (PBYTE) V_BSTR( &vKeyBSTR ); cbKeyData = ( SysStringLen(V_BSTR( &vKeyBSTR )) + 1 ) * sizeof(WCHAR); }
//
// enumerate all entries to find match
// Now this is really slooow if many mappings are configured
//
for(;;) { hr = m_pIABase->EnumKeys( m_hmd, L"", achIndex, dwIndex ); if ( FAILED( hr ) ) { if ( hr == HRESULT_FROM_WIN32( ERROR_NO_MORE_ITEMS ) ) { // Error PATH_NOT_FOUND chosen for backward compatibility
// with version IIS5.1 and older
//
hr = HRESULT_FROM_WIN32( ERROR_PATH_NOT_FOUND ); } goto Exit; } switch ( lMethod ) { case IISMAPPER_LOCATE_BY_CERT: hr = GetMdData( achIndex, MD_MAPCERT, BINARY_METADATA, &cbData, &pbData ); if ( hr == MD_ERROR_DATA_NOT_FOUND ) { cbData = 0; pbData = NULL; } else if ( FAILED( hr ) ) { // goto next entry
break; } //
// compare if key is matching value read from metabase
//
if ( cbData == cbKeyData ) { if ( ( cbData == 0 ) || memcmp( pbKeyData, pbData, cbData ) == 0 ) { // we found match
hr = S_OK; goto Exit; } } break; case IISMAPPER_LOCATE_BY_ACCT: hr = GetMdData( achIndex, MD_MAPNTACCT, STRING_METADATA, &cbData, &pbData ); if ( hr == MD_ERROR_DATA_NOT_FOUND ) { cbData = sizeof(L""); pbData = (PBYTE) L""; } else if ( FAILED( hr ) ) { // goto next entry
break; }
if ( cbData == cbKeyData ) { if ( _wcsicmp( (WCHAR *) pbKeyData, (WCHAR *) pbData ) == 0 ) { // we found match
hr = S_OK; goto Exit; } } break; case IISMAPPER_LOCATE_BY_NAME: hr = GetMdData( achIndex, MD_MAPNAME, STRING_METADATA, &cbData, &pbData ); if ( hr == MD_ERROR_DATA_NOT_FOUND ) { cbData = sizeof(L""); pbData = (PBYTE) L""; } else if ( FAILED( hr ) ) { // goto next entry
break; }
if ( cbData == cbKeyData ) { if ( _wcsicmp( (WCHAR *) pbKeyData, (WCHAR *) pbData ) == 0 ) { // we found match
hr = S_OK; goto Exit; } }
break; } if ( pbData != NULL ) { free( pbData ); pbData = NULL; }
dwIndex++; }
Exit:
if ( pbData != NULL ) { free( pbData ); pbData = NULL; } if ( pbCert != NULL ) { free( pbCert ); pbCert = NULL; }
if ( SUCCEEDED( hr ) ) { wcsncpy( pszResKey, achIndex, METADATA_MAX_NAME_LEN + 1 ); pszResKey[ METADATA_MAX_NAME_LEN ] ='\0'; } VariantClear( &vKeyUI4 ); VariantClear( &vKeyBSTR );
return hr;}
//
// GetStringFromBSTR: Allocate string buffer from BSTR
//
// Arguments:
//
// bstr - bstr to convert from
// psz - updated with ptr to buffer, to be freed with free()
// pdwLen - updated with strlen(string), incremented by 1 if fAddDelimInCount is TRUE
// fAddDelimInCount - TRUE to increment *pdwLen
//
HRESULT CCertMapperMethod::GetStringAFromBSTR( BSTR bstr, LPSTR* psz, LPDWORD pdwLen, BOOL fAddDelimInCount ){ UINT cch = SysStringLen(bstr); UINT cchT;
// include NULL terminator
*pdwLen = cch + (fAddDelimInCount ? 1 : 0);
CHAR *szNew = (CHAR*)malloc((2 * cch) + 1); // * 2 for worst case DBCS string
if (szNew == NULL) { return E_OUTOFMEMORY; }
cchT = WideCharToMultiByte(CP_ACP, 0, bstr, cch + 1, szNew, (2 * cch) + 1, NULL, NULL);
*psz = szNew;
return NOERROR;}
//
// GetStringFromVariant: Allocate string buffer from BSTR
//
// Arguments:
//
// pVar - variant to convert from. Recognizes BSTR, VT_ARRAY|VT_UI1, ByRef or ByVal
// psz - updated with ptr to buffer, to be freed with FreeString()
// pdwLen - updated with size of input, incremented by 1 if fAddDelimInCount is TRUE
// fAddDelimInCount - TRUE to increment *pdwLen
//
HRESULT CCertMapperMethod::GetBlobFromVariant( VARIANT* pVar, LPBYTE* ppbOut, LPDWORD pcbOut, BOOL fAddDelim ){ LPBYTE pbV = NULL; UINT cV; HRESULT hr; WORD vt = V_VT(pVar); BOOL fByRef = FALSE; VARIANT vOut;
// Set out params to 0
*ppbOut = NULL; *pcbOut = 0;
VariantInit( &vOut );
if ( vt & VT_BYREF ) { vt &= ~VT_BYREF; fByRef = TRUE; }
// if pVar is BSTR, convert to multibytes
if ( vt == VT_VARIANT ) { pVar = (VARIANT*)V_BSTR(pVar); vt = V_VT(pVar); if ( fByRef = vt & VT_BYREF ) { vt &= ~VT_BYREF; } }
if ( vt == VT_BSTR ) { hr = GetStringAFromBSTR( fByRef ? *(BSTR*)V_BSTR(pVar) : V_BSTR(pVar), (LPSTR *)ppbOut, pcbOut, FALSE ); } else if( vt == (VT_ARRAY | VT_UI1) ) { long lBound, uBound, lItem; BYTE bValue; SAFEARRAY* pSafeArray;
// array of VT_UI1 (probably OctetString)
pSafeArray = fByRef ? *(SAFEARRAY**)V_BSTR(pVar) : V_ARRAY( pVar );
hr = SafeArrayGetLBound(pSafeArray, 1, &lBound); hr = SafeArrayGetUBound(pSafeArray, 1, &uBound);
cV = uBound - lBound + 1;
if ( !(pbV = (LPBYTE)malloc( cV )) ) { hr = E_OUTOFMEMORY; goto Exit; }
hr = S_OK;
for( lItem = lBound; lItem <= uBound ; lItem++ ) { hr = SafeArrayGetElement( pSafeArray, &lItem, &bValue ); if( FAILED( hr ) ) { break; } pbV[lItem-lBound] = bValue; }
*ppbOut = pbV; *pcbOut = cV; } else if( vt == (VT_ARRAY | VT_VARIANT) ) { long lBound, uBound, lItem; VARIANT vValue; BYTE bValue; SAFEARRAY* pSafeArray;
// array of VT_VARIANT (probably VT_I4 )
pSafeArray = fByRef ? *(SAFEARRAY**)V_BSTR(pVar) : V_ARRAY( pVar );
hr = SafeArrayGetLBound(pSafeArray, 1, &lBound); hr = SafeArrayGetUBound(pSafeArray, 1, &uBound);
cV = uBound - lBound + 1;
if ( !(pbV = (LPBYTE)malloc( cV )) ) { hr = E_OUTOFMEMORY; goto Exit; }
hr = S_OK;
for( lItem = lBound; lItem <= uBound ; lItem++ ) { hr = SafeArrayGetElement( pSafeArray, &lItem, &vValue ); if( FAILED( hr ) ) { break; } if ( V_VT(&vValue) == VT_UI1 ) { bValue = V_UI1(&vValue); } else if ( V_VT(&vValue) == VT_I2 ) { bValue = (BYTE)V_I2(&vValue); } else if ( V_VT(&vValue) == VT_I4 ) { bValue = (BYTE)V_I4(&vValue); } else { bValue = 0; } pbV[lItem-lBound] = bValue; }
*ppbOut = pbV; *pcbOut = cV; } else { hr = HRESULT_FROM_WIN32(ERROR_INVALID_PARAMETER); }
Exit: VariantClear( &vOut );
return hr;}
HRESULT CCertMapperMethod::SetBSTR( BSTR* pbstrRet, DWORD cch, LPBYTE sz ){ BSTR bstrRet; if (sz == NULL) { *pbstrRet = NULL; return(NOERROR); } // Allocate a string of the desired length
// SysAllocStringLen allocates enough room for unicode characters plus a null
// Given a NULL string it will just allocate the space
bstrRet = SysAllocStringLen(NULL, cch); if (bstrRet == NULL) { return(E_OUTOFMEMORY); }
// If we were given "", we will have cch=0. return the empty bstr
// otherwise, really copy/convert the string
// NOTE we pass -1 as 4th parameter of MultiByteToWideChar for DBCS support
if (cch != 0) { UINT cchTemp = 0; if (MultiByteToWideChar(CP_ACP, 0, (LPSTR)sz, -1, bstrRet, cch+1) == 0) { SysFreeString(bstrRet); return(HRESULT_FROM_WIN32(GetLastError())); }
// If there are some DBCS characters in the sz(Input), then, the character count of BSTR(DWORD) is
// already set to cch(strlen(sz)) in SysAllocStringLen(NULL, cch), we cannot change the count,
// and later call of SysStringLen(bstr) always returns the number of characters specified in the
// cch parameter at allocation time. Bad, because one DBCS character(2 bytes) will convert
// to one UNICODE character(2 bytes), not 2 UNICODE characters(4 bytes).
// Example: For input sz contains only one DBCS character, we want to see SysStringLen(bstr)
// = 1, not 2.
bstrRet[cch] = 0; cchTemp = wcslen(bstrRet); if (cchTemp < cch) { BSTR bstrTemp = SysAllocString(bstrRet); SysFreeString(bstrRet); if (NULL == bstrTemp) { return (E_OUTOFMEMORY); } bstrRet = bstrTemp; cch = cchTemp; } }
bstrRet[cch] = 0; *pbstrRet = bstrRet;
return(NOERROR);}
HRESULT CCertMapperMethod::Init( LPCWSTR pszMetabasePath ){ DBG_ASSERT(pszMetabasePath != NULL);
UINT cL;
cL = wcslen( pszMetabasePath ); while ( cL && pszMetabasePath[cL-1] != L'/' && pszMetabasePath[cL-1] != L'\\' ) { --cL; } if ( m_pszMetabasePath = (LPWSTR)malloc( cL*sizeof(WCHAR) ) ) { memcpy( m_pszMetabasePath, pszMetabasePath, cL * sizeof(WCHAR) ); } else { return E_OUTOFMEMORY; }
return S_OK;}
HRESULT CCertMapperMethod::SetVariantAsByteArray( VARIANT* pvarReturn, DWORD cbLen, LPBYTE pbIn ){ SAFEARRAYBOUND rgsabound[1]; BYTE * pbData = NULL;
// Set the variant type of the output parameter
V_VT(pvarReturn) = VT_ARRAY|VT_UI1; V_ARRAY(pvarReturn) = NULL;
// Allocate a SafeArray for the data
rgsabound[0].lLbound = 0; rgsabound[0].cElements = cbLen;
V_ARRAY(pvarReturn) = SafeArrayCreate(VT_UI1, 1, rgsabound); if (V_ARRAY(pvarReturn) == NULL) { return E_OUTOFMEMORY; }
if (FAILED(SafeArrayAccessData(V_ARRAY(pvarReturn), (void **) &pbData))) { return E_UNEXPECTED; }
memcpy(pbData, pbIn, cbLen );
SafeArrayUnaccessData(V_ARRAY(pvarReturn));
return NOERROR;}
HRESULT CCertMapperMethod::SetVariantAsBSTR( VARIANT* pvarReturn, DWORD cbLen, LPBYTE pbIn ){ V_VT(pvarReturn) = VT_BSTR; return SetBSTR( &V_BSTR(pvarReturn), cbLen, pbIn );}
HRESULT CCertMapperMethod::SetVariantAsLong( VARIANT* pvarReturn, DWORD dwV ){ V_VT(pvarReturn) = VT_I4; V_I4(pvarReturn) = dwV;
return S_OK;}
HRESULT CCertMapperMethod::OpenAdminBaseKey( LPWSTR pszPathName, DWORD dwAccessType ){ if(m_hmd) CloseAdminBaseKey(); HRESULT t_hr = m_pIABase->OpenKey( METADATA_MASTER_ROOT_HANDLE, pszPathName, dwAccessType, DEFAULT_TIMEOUT_VALUE, // 30 seconds
&m_hmd );
if(FAILED(t_hr)) m_hmd = NULL;
return t_hr;}
VOID CCertMapperMethod::CloseAdminBaseKey(){ if(m_hmd && m_pIABase) { m_pIABase->CloseKey(m_hmd); m_hmd = NULL; }}
|
