archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/inetsrv/iis/iisrearc/iisplus/ulw3/iisdigestprovider.hxx

384 lines
7.3 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #ifndef _IIS_DIGESTPROVIDER_HXX_
  2. #define _IIS_DIGESTPROVIDER_HXX_
  3. /*++
  4. Copyright (c) 2000 Microsoft Corporation
  6. Module Name :
  7. iisdigestprovider.hxx
  9. Abstract:
  10. IIS Digest authentication provider
  11. - version of Digest auth as implemented by IIS5 and IIS5.1
  13. Author:
  14. Jaroslad - based on code from md5filt 10-Nov-2000
  17. Environment:
  18. Win32 - User Mode
  20. Project:
  21. ULW3.DLL
  22. --*/
  25. //
  26. // Constants
  27. //
  29. //# of random bytes at beginning of nonce
  30. #define RANDOM_SIZE 8
  31. //size of timestamp in nonce
  32. #define TIMESTAMP_SIZE 12
  33. //MD5 hash size
  34. #define MD5_HASH_SIZE 16
  35. #define NONCE_SIZE ( 2*RANDOM_SIZE + TIMESTAMP_SIZE + 2*MD5_HASH_SIZE )
  36. #define NONCE_GRANULARITY 512
  38. #define DIGEST_AUTH "Digest"
  39. #define QOP_AUTH "auth"
  40. #define VALUE_NONE "none"
  42. // based on RFC2617 NC is defined as 8LHEX
  43. #define SIZE_OF_NC 8
  45. //
  46. // Class definitions
  47. //
  49. #define IIS_DIGEST_CONN_CONTEXT_SIGNATURE CREATE_SIGNATURE( 'DIGC' )
  50. #define IIS_DIGEST_CONN_CONTEXT_SIGNATURE_FREED CREATE_SIGNATURE( 'digX' )
  53. class IIS_DIGEST_CONN_CONTEXT: public CONNECTION_AUTH_CONTEXT
  54. {
  55. public:
  57. IIS_DIGEST_CONN_CONTEXT(
  58. VOID
  59. ):
  60. _fStale ( FALSE ),
  61. _tLastNonce ( 0 ),
  62. _straNonce ( __szNonce, sizeof(__szNonce))
  64. {
  65. SetSignature( IIS_DIGEST_CONN_CONTEXT_SIGNATURE );
  66. }
  68. virtual ~IIS_DIGEST_CONN_CONTEXT(
  69. VOID
  70. )
  71. {
  72. DBG_ASSERT( CheckSignature() );
  73. SetSignature( IIS_DIGEST_CONN_CONTEXT_SIGNATURE_FREED );
  74. }
  76. BOOL
  77. CheckSignature(
  78. VOID
  79. )
  80. { return( QuerySignature() == IIS_DIGEST_CONN_CONTEXT_SIGNATURE ); }
  83. VOID *
  84. operator new(
  85. size_t size
  86. )
  87. {
  88. DBG_ASSERT( size == sizeof( IIS_DIGEST_CONN_CONTEXT ) );
  89. DBG_ASSERT( sm_pachIISDIGESTConnContext != NULL );
  90. return sm_pachIISDIGESTConnContext->Alloc();
  91. }
  93. VOID
  94. operator delete(
  95. VOID * pDIGESTConnContext
  96. )
  97. {
  98. DBG_ASSERT( pDIGESTConnContext != NULL );
  99. DBG_ASSERT( sm_pachIISDIGESTConnContext != NULL );
  101. DBG_REQUIRE( sm_pachIISDIGESTConnContext->Free( pDIGESTConnContext ) );
  102. }
  104. BOOL
  105. Cleanup(
  106. VOID
  107. )
  108. {
  109. delete this;
  110. return TRUE;
  111. }
  113. static
  114. HRESULT
  115. Initialize(
  116. VOID
  117. );
  119. static
  120. VOID
  121. Terminate(
  122. VOID
  123. );
  125. VOID
  126. SetStale(
  127. IN BOOL fStale
  128. )
  129. {
  130. _fStale = fStale;
  131. }
  133. BOOL
  134. QueryStale(
  135. VOID
  136. )
  137. {
  138. return _fStale;
  139. }
  141. STRA&
  142. QueryNonce(
  143. VOID
  144. )
  145. {
  146. return _straNonce;
  147. }
  149. static
  150. HRESULT
  151. HashData(
  152. IN BUFFER& buffData,
  153. OUT BUFFER& buffHash
  154. );
  156. static
  157. BOOL
  158. IsExpiredNonce(
  159. IN STRA& strRequestNonce,
  160. IN STRA& strPresentNonce
  161. );
  163. static
  164. BOOL
  165. IsWellFormedNonce(
  166. IN STRA& strNonce
  167. );
  169. HRESULT
  170. GenerateNonce(
  171. VOID
  172. );
  174. static
  175. BOOL
  176. IIS_DIGEST_CONN_CONTEXT::ParseForName(
  177. IN PSTR pszStr,
  178. IN PSTR * pNameTable,
  179. IN UINT cNameTable,
  180. OUT PSTR * pValueTable
  181. );
  183. private:
  185. DWORD _dwSignature;
  186. // Is the nonce value stale
  187. BOOL _fStale;
  188. DWORD _tLastNonce;
  189. // buffer for _straNonce
  190. CHAR __szNonce[ NONCE_SIZE ];
  191. STRA _straNonce;
  192. static const PCHAR _pszSecret;
  193. static const DWORD _cchSecret;
  194. static HCRYPTPROV sm_hCryptProv;
  195. static ALLOC_CACHE_HANDLER * sm_pachIISDIGESTConnContext;
  197. };
  200. class IIS_DIGEST_AUTH_PROVIDER : public AUTH_PROVIDER
  201. {
  202. public:
  204. IIS_DIGEST_AUTH_PROVIDER(
  205. VOID
  206. )
  207. {
  208. }
  210. virtual ~IIS_DIGEST_AUTH_PROVIDER(
  211. VOID
  212. )
  213. {
  214. }
  216. HRESULT
  217. Initialize(
  218. DWORD dwInternalId
  219. );
  221. VOID
  222. Terminate(
  223. VOID
  224. );
  226. HRESULT
  227. DoesApply(
  228. IN W3_MAIN_CONTEXT * pMainContext,
  229. OUT BOOL * pfApplies
  230. );
  232. HRESULT
  233. DoAuthenticate(
  234. IN W3_MAIN_CONTEXT * pMainContext,
  235. OUT BOOL * pfFilterFinished
  236. );
  238. HRESULT
  239. OnAccessDenied(
  240. IN W3_MAIN_CONTEXT * pMainContext
  241. );
  243. HRESULT
  244. SetDigestHeader(
  245. IN W3_MAIN_CONTEXT * pMainContext,
  246. IN IIS_DIGEST_CONN_CONTEXT * pDigestConnContext
  247. );
  249. DWORD
  250. QueryAuthType(
  251. VOID
  252. )
  253. {
  254. return MD_AUTH_MD5;
  255. }
  257. static
  258. HRESULT
  259. GetDigestConnContext(
  260. IN W3_MAIN_CONTEXT * pMainContext,
  261. OUT IIS_DIGEST_CONN_CONTEXT ** ppDigestConnContext
  262. );
  264. static
  265. HRESULT
  266. GetLanGroupDomainName(
  267. OUT STRA& straDomain
  268. );
  270. static
  271. HRESULT
  272. BreakUserAndDomain(
  273. IN PCHAR pszFullName,
  274. OUT STRA& straDomainName,
  275. OUT STRA& straUserName
  276. );
  278. static
  279. STRA&
  280. QueryComputerDomain(
  281. VOID
  282. )
  283. {
  284. DBG_ASSERT( sm_pstraComputerDomain != NULL );
  285. return *sm_pstraComputerDomain;
  286. }
  288. private:
  289. static STRA * sm_pstraComputerDomain;
  291. };
  294. class IIS_DIGEST_USER_CONTEXT : public W3_USER_CONTEXT
  295. {
  296. public:
  297. IIS_DIGEST_USER_CONTEXT(
  298. AUTH_PROVIDER * pProvider
  299. ):
  300. W3_USER_CONTEXT( pProvider ),
  301. _hImpersonationToken( NULL ),
  302. _hPrimaryToken( NULL )
  304. {
  305. }
  307. virtual ~IIS_DIGEST_USER_CONTEXT(
  308. VOID
  309. )
  310. {
  311. if ( _hImpersonationToken != NULL )
  312. {
  313. CloseHandle( _hImpersonationToken );
  314. _hImpersonationToken = NULL;
  315. }
  317. if ( _hPrimaryToken != NULL )
  318. {
  319. CloseHandle( _hPrimaryToken );
  320. _hPrimaryToken = NULL;
  321. }
  322. }
  324. HRESULT
  325. Create(
  326. IN HANDLE hImpersonationToken,
  327. IN PSTR pszUserName
  328. );
  331. WCHAR *
  332. QueryUserName(
  333. VOID
  334. )
  335. {
  336. return _strUserName.QueryStr();
  337. }
  339. WCHAR *
  340. QueryRemoteUserName(
  341. VOID
  342. )
  343. {
  344. return _strUserName.QueryStr();
  345. }
  347. WCHAR *
  348. QueryPassword(
  349. VOID
  350. )
  351. {
  352. return L"";
  353. }
  355. DWORD
  356. QueryAuthType(
  357. VOID
  358. )
  359. {
  360. return MD_AUTH_MD5;
  361. }
  363. HANDLE
  364. QueryImpersonationToken(
  365. VOID
  366. )
  367. {
  368. DBG_ASSERT( _hImpersonationToken != NULL );
  369. return _hImpersonationToken;
  370. }
  372. HANDLE
  373. QueryPrimaryToken(
  374. VOID
  375. );
  377. private:
  378. HANDLE _hImpersonationToken;
  379. HANDLE _hPrimaryToken;
  380. STRU _strUserName;
  381. };
  384. #endif