archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/net/snmp/newagent/exe/contexts.c

656 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1992-1997 Microsoft Corporation
  5. Module Name:
  7. contexts.c
  9. Abstract:
  11. Contains routines for manipulating SNMP community structures.
  13. Environment:
  15. User Mode - Win32
  17. Revision History:
  19. 10-Feb-1997 DonRyan
  20. Rewrote to implement SNMPv2 support.
  22. --*/
  24. ///////////////////////////////////////////////////////////////////////////////
  25. // //
  26. // Include files //
  27. // //
  28. ///////////////////////////////////////////////////////////////////////////////
  30. #include "globals.h"
  31. #include "contexts.h"
  32. #include "snmpthrd.h"
  34. #define DYN_REGISTRY_UPDATE 1
  36. ///////////////////////////////////////////////////////////////////////////////
  37. // //
  38. // Private procedures //
  39. // //
  40. ///////////////////////////////////////////////////////////////////////////////
  42. BOOL
  43. AddValidCommunity(
  44. LPWSTR pCommunity,
  45. DWORD dwAccess
  46. )
  48. /*++
  50. Routine Description:
  52. Adds valid community to list.
  54. Arguments:
  56. pCommunity - pointer to community to add.
  58. dwAccess - access rights for community.
  60. Return Values:
  62. Returns true if successful.
  64. --*/
  66. {
  67. BOOL fOk = FALSE;
  68. PCOMMUNITY_LIST_ENTRY pCLE = NULL;
  69. AsnOctetString CommunityOctets;
  71. // initialize octet string info
  72. CommunityOctets.length = wcslen(pCommunity) * sizeof(WCHAR);
  73. CommunityOctets.stream = (LPBYTE)pCommunity;
  74. CommunityOctets.dynamic = FALSE;
  76. // attempt to locate in list
  77. if (FindValidCommunity(&pCLE, &CommunityOctets)) {
  79. SNMPDBG((
  80. SNMP_LOG_TRACE,
  81. "SNMP: SVC: updating community %s.\n",
  82. StaticUnicodeToString((LPWSTR)pCommunity)
  83. ));
  85. // update access rights
  86. pCLE->dwAccess = dwAccess;
  88. // success
  89. fOk = TRUE;
  91. } else {
  93. // allocate community structure
  94. if (AllocCLE(&pCLE, pCommunity)) {
  96. SNMPDBG((
  97. SNMP_LOG_TRACE,
  98. "SNMP: SVC: adding community %s.\n",
  99. CommunityOctetsToString(&(pCLE->Community), TRUE)
  100. ));
  102. // insert into valid communities list
  103. InsertTailList(&g_ValidCommunities, &pCLE->Link);
  105. // update access rights
  106. pCLE->dwAccess = dwAccess;
  108. // success
  109. fOk = TRUE;
  110. }
  111. }
  113. return fOk;
  114. }
  117. ///////////////////////////////////////////////////////////////////////////////
  118. // //
  119. // Public procedures //
  120. // //
  121. ///////////////////////////////////////////////////////////////////////////////
  123. BOOL
  124. AllocCLE(
  125. PCOMMUNITY_LIST_ENTRY * ppCLE,
  126. LPWSTR pCommunity
  127. )
  129. /*++
  131. Routine Description:
  133. Allocates community structure and initializes.
  135. Arguments:
  137. ppCLE - pointer to receive pointer to entry.
  139. pCommunity - pointer to community string.
  141. Return Values:
  143. Returns true if successful.
  145. --*/
  147. {
  148. BOOL fOk = FALSE;
  149. PCOMMUNITY_LIST_ENTRY pCLE = NULL;
  151. // attempt to allocate structure
  152. pCLE = AgentMemAlloc(sizeof(COMMUNITY_LIST_ENTRY));
  154. // validate
  155. if (pCLE != NULL) {
  157. // determine string length
  158. DWORD nBytes = wcslen(pCommunity) * sizeof(WCHAR);
  160. // allocate memory for string (include terminator)
  161. pCLE->Community.stream = SnmpUtilMemAlloc(nBytes + sizeof(WCHAR));
  163. // validate community string stream
  164. if (pCLE->Community.stream != NULL) {
  166. // set length of manager string
  167. pCLE->Community.length = nBytes;
  169. // set memory allocation flag
  170. pCLE->Community.dynamic = TRUE;
  172. // transfer community string into octets
  173. wcscpy((LPWSTR)(pCLE->Community.stream), pCommunity);
  175. // success
  176. fOk = TRUE;
  178. } else {
  180. SNMPDBG((
  181. SNMP_LOG_ERROR,
  182. "SNMP: SVC: could not copy community string %s.\n",
  183. StaticUnicodeToString(pCommunity)
  184. ));
  186. // release
  187. FreeCLE(pCLE);
  189. // re-init
  190. pCLE = NULL;
  191. }
  193. } else {
  195. SNMPDBG((
  196. SNMP_LOG_ERROR,
  197. "SNMP: SVC: could not allocate context entry for %s.\n",
  198. StaticUnicodeToString(pCommunity)
  199. ));
  200. }
  202. // transfer
  203. *ppCLE = pCLE;
  205. return fOk;
  206. }
  209. BOOL
  210. FreeCLE(
  211. PCOMMUNITY_LIST_ENTRY pCLE
  212. )
  214. /*++
  216. Routine Description:
  218. Releases community structure.
  220. Arguments:
  222. pCLE - pointer to community list entry to be freed.
  224. Return Values:
  226. Returns true if successful.
  228. --*/
  230. {
  231. // validate pointer
  232. if (pCLE != NULL) {
  234. // release octet string contents
  235. SnmpUtilOctetsFree(&pCLE->Community);
  237. // release structure
  238. AgentMemFree(pCLE);
  239. }
  241. return TRUE;
  242. }
  245. BOOL
  246. FindValidCommunity(
  247. PCOMMUNITY_LIST_ENTRY * ppCLE,
  248. AsnOctetString * pCommunity
  249. )
  251. /*++
  253. Routine Description:
  255. Locates valid community in list.
  257. Arguments:
  259. ppCLE - pointer to receive pointer to entry.
  261. pCommunity - pointer to community to find.
  263. Return Values:
  265. Returns true if successful.
  267. --*/
  269. {
  270. PLIST_ENTRY pLE;
  271. PCOMMUNITY_LIST_ENTRY pCLE;
  273. // initialize
  274. *ppCLE = NULL;
  276. // obtain pointer to list head
  277. pLE = g_ValidCommunities.Flink;
  279. // process all entries in list
  280. while (pLE != &g_ValidCommunities) {
  282. // retrieve pointer to community structure
  283. pCLE = CONTAINING_RECORD(pLE, COMMUNITY_LIST_ENTRY, Link);
  285. // compare community string with entry
  286. if (!SnmpUtilOctetsCmp(&pCLE->Community, pCommunity)) {
  288. // transfer
  289. *ppCLE = pCLE;
  291. // success
  292. return TRUE;
  293. }
  295. // next entry
  296. pLE = pLE->Flink;
  297. }
  299. // failure
  300. return FALSE;
  301. }
  304. DWORD
  305. ParsePermissionMask(
  306. DWORD bitMask
  307. )
  308. /*++
  310. Routine Description:
  312. Translates the permission mask from the bit-mask format (registry)
  313. into the internal constant value (constants from public\sdk\inc\snmp.h).
  314. The function works no longer if:
  315. - more than sizeof(DWORD)*8 permission values are defined
  316. - constant values (access policy) changes
  318. Arguments:
  320. bit-mask.
  322. Return Values:
  324. permission's constant value.
  326. --*/
  327. {
  328. DWORD dwPermission;
  330. for(dwPermission = 0; (bitMask & ((DWORD)(-1)^1)) != 0; bitMask>>=1, dwPermission++);
  332. return dwPermission;
  333. }
  335. #ifdef DYN_REGISTRY_UPDATE
  336. LONG UpdateRegistry(
  337. HKEY hKey,
  338. LPWSTR wszBogus,
  339. LPWSTR wszCommunity
  340. )
  341. /*++
  343. Routine Description:
  345. Updates the registry configuration in order to be able to associate
  346. permission masks to each community:
  347. name type data
  348. old format: <whatever> REG_SZ community_name
  349. new format: community_name REG_DWORD permission_mask
  350. Arguments:
  352. hKey - open handle to the key that contains the value
  353. szBogus - old format value name; useless data
  354. szCommunity - pointer to community name, as it was specified in the old format.
  356. Return Values:
  358. Returns ERROR_SUCCESS if successful.
  360. --*/
  361. {
  362. LONG lStatus;
  363. DWORD dwDataType;
  365. // make sure the update was not tried (and breaked) before
  366. lStatus = RegQueryValueExW(
  367. hKey,
  368. wszCommunity,
  369. 0,
  370. &dwDataType,
  371. NULL,
  372. NULL);
  374. // if no previous (breaked) update, convert community to the new format
  375. if (lStatus != ERROR_SUCCESS || dwDataType != REG_DWORD)
  376. {
  377. // permissions to be assigned to community
  378. DWORD dwPermissionMask;
  380. // all communities that are converted to new format at this point,
  381. // are converted to READ-ONLY permissions to tighten the security
  382. dwPermissionMask = 1 << SNMP_ACCESS_READ_ONLY;
  384. // set the new format value
  385. lStatus = RegSetValueExW(
  386. hKey,
  387. wszCommunity,
  388. 0,
  389. REG_DWORD,
  390. (CONST BYTE *)&dwPermissionMask,
  391. sizeof(DWORD));
  393. if (lStatus != ERROR_SUCCESS)
  394. return lStatus;
  395. }
  397. // delete the old format value
  398. lStatus = RegDeleteValueW(
  399. hKey,
  400. wszBogus);
  402. return lStatus;
  403. }
  404. #endif
  407. BOOL
  408. LoadValidCommunities(
  409. BOOL bFirstCall
  410. )
  412. /*++
  414. Routine Description:
  416. Constructs list of valid communities.
  418. Arguments:
  420. None.
  422. Return Values:
  424. Returns true if successful.
  426. --*/
  428. {
  429. HKEY hKey;
  430. LONG lStatus;
  431. DWORD dwIndex;
  432. WCHAR wszName[MAX_PATH]; // get the UNICODE encoding for szName
  433. DWORD dwNameSize;
  434. DWORD dwDataType;
  435. WCHAR wszData[MAX_PATH]; // get the UNICODE encoding for szData
  436. DWORD dwDataSize;
  437. BOOL fPolicy;
  438. LPTSTR pszKey;
  439. BOOL fOk = FALSE;
  442. SNMPDBG((
  443. SNMP_LOG_TRACE,
  444. "SNMP: SVC: loading valid communities.\n"
  445. ));
  447. #ifdef _POLICY
  448. // we need to provide precedence to the parameters set through the policy
  449. fPolicy = TRUE;
  450. #else
  451. fPolicy = FALSE;
  452. #endif
  454. do
  455. {
  456. // if the policy is to be enforced, check the policy registry location first
  457. pszKey = fPolicy ? REG_POLICY_VALID_COMMUNITIES : REG_KEY_VALID_COMMUNITIES;
  459. // open registry subkey
  460. lStatus = RegOpenKeyEx(
  461. HKEY_LOCAL_MACHINE,
  462. pszKey,
  463. 0,
  464. #ifdef DYN_REGISTRY_UPDATE
  465. bFirstCall ? KEY_READ | KEY_SET_VALUE : KEY_READ,
  466. #else
  467. KEY_READ,
  468. #endif
  469. &hKey
  470. );
  472. // if the call succeeded or we were not checking the policy, break the loop
  473. if (lStatus == ERROR_SUCCESS || !fPolicy)
  474. break;
  476. // being at this point, this means we were checking for the policy parameters.
  477. // If and only if the policy is not defined (registry key is missing) we
  478. // reset the error, mark 'fPolicy already tried' and go back into the loop
  479. if (lStatus == ERROR_FILE_NOT_FOUND)
  480. {
  481. lStatus = ERROR_SUCCESS;
  482. fPolicy = FALSE;
  483. }
  484. } while (lStatus == ERROR_SUCCESS);
  487. // validate return code
  488. if (lStatus == ERROR_SUCCESS) {
  490. // initialize
  491. dwIndex = 0;
  493. // loop until error or end of list
  494. for (dwIndex = 0;
  495. lStatus == ERROR_SUCCESS;
  496. dwIndex++)
  498. {
  499. // initialize buffer sizes
  500. dwNameSize = sizeof(wszName) / sizeof(wszName[0]); // size in number of WCHARs, not the size in bytes
  501. dwDataSize = sizeof(wszData); // size in number of bytes
  503. // read next value
  504. lStatus = RegEnumValueW(
  505. hKey,
  506. dwIndex,
  507. wszName,
  508. &dwNameSize,
  509. NULL,
  510. &dwDataType,
  511. (LPBYTE)wszData,
  512. &dwDataSize
  513. );
  515. // validate return code
  516. if (lStatus == ERROR_SUCCESS) {
  518. // dynamically update values that are not of DWORD type
  519. if (dwDataType != REG_DWORD)
  520. {
  521. #ifdef DYN_REGISTRY_UPDATE
  522. if (dwDataType == REG_SZ)
  523. {
  524. // BUG# 638837, do not update ValidCommunities
  525. // registry format in case we're working with policy
  526. if (bFirstCall && !fPolicy)
  527. {
  528. if(UpdateRegistry(hKey, wszName, wszData) == ERROR_SUCCESS)
  529. {
  530. SNMPDBG((
  531. SNMP_LOG_WARNING,
  532. "SNMP: SVC: updated community registration\n"
  533. ));
  535. // current value has been deleted, need to keep the index
  536. dwIndex--;
  537. continue;
  538. }
  539. }
  540. else
  541. {
  542. SNMPDBG((
  543. SNMP_LOG_WARNING,
  544. "SNMP: SVC: old format community to be considered with read-only right"));
  546. wcscpy(wszName, wszData);
  547. *(DWORD *)wszData = (1 << SNMP_ACCESS_READ_ONLY);
  548. }
  549. }
  550. else
  551. #endif
  552. {
  553. SNMPDBG((
  554. SNMP_LOG_WARNING,
  555. "SNMP: SVC: wrong format in ValidCommunities[%d] registry entry\n",
  556. dwIndex
  557. ));
  558. continue;
  559. }
  560. }
  562. // add valid community to list with related permissions
  563. if (AddValidCommunity(wszName, ParsePermissionMask(*(DWORD *)wszData)))
  564. {
  566. SNMPDBG((
  567. SNMP_LOG_WARNING,
  568. "SNMP: SVC: rights set to %d for community '%s'\n",
  569. *(DWORD *)wszData,
  570. StaticUnicodeToString(wszName)
  571. ));
  573. }
  574. else
  575. {
  576. // reset status to reflect failure
  577. lStatus = ERROR_NOT_ENOUGH_MEMORY;
  578. }
  580. }
  581. else if (lStatus == ERROR_NO_MORE_ITEMS)
  582. {
  583. // success
  584. fOk = TRUE;
  585. }
  586. }
  587. RegCloseKey(hKey);
  588. }
  589. else
  590. // it doesn't matter how the values are, the key has to exist,
  591. // so mark as bFirstCall in order to log an event if this is not true.
  592. bFirstCall = TRUE;
  594. if (!fOk) {
  596. SNMPDBG((
  597. SNMP_LOG_ERROR,
  598. "SNMP: SVC: error %d processing ValidCommunities subkey.\n",
  599. lStatus
  600. ));
  602. // report an event only for the first call (initialization of the service).
  603. // otherwise subsequent registry ops through regedit might flood the event log with
  604. // unsignificant records
  605. if (bFirstCall)
  606. // report event
  607. ReportSnmpEvent(
  608. SNMP_EVENT_INVALID_REGISTRY_KEY,
  609. 1,
  610. &pszKey,
  611. lStatus
  612. );
  613. }
  614. return fOk;
  615. }
  618. BOOL
  619. UnloadValidCommunities(
  620. )
  622. /*++
  624. Routine Description:
  626. Destroys list of valid communities.
  628. Arguments:
  630. None.
  632. Return Values:
  634. Returns true if successful.
  636. --*/
  638. {
  639. PLIST_ENTRY pLE;
  640. PCOMMUNITY_LIST_ENTRY pCLE;
  642. // process entries until list is empty
  643. while (!IsListEmpty(&g_ValidCommunities)) {
  645. // extract next entry from head of list
  646. pLE = RemoveHeadList(&g_ValidCommunities);
  648. // retrieve pointer to community structure
  649. pCLE = CONTAINING_RECORD(pLE, COMMUNITY_LIST_ENTRY, Link);
  651. // release
  652. FreeCLE(pCLE);
  653. }
  655. return TRUE;
  656. }