|
|
//+----------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1996-1998
//
// File: timebomb.cpp
//
// Contents: Implement licensing timebomb-related APIs
//
// History: 08-12-98 FredCh Created
//
//-----------------------------------------------------------------------------
#include "precomp.h"
#include "tlsapip.h"
#include "time.h"
extern "C" {
//-----------------------------------------------------------------------------
//
// The LSA secret name used to store the licensing timebomb expiration
//
//-----------------------------------------------------------------------------
#define LICENSING_TIME_BOMB_5_0 L"TIMEBOMB_832cc540-3244-11d2-b416-00c04fa30cc4"
#define RTMLICENSING_TIME_BOMB_5_0 L"RTMTSTB_832cc540-3244-11d2-b416-00c04fa30cc4"
#define BETA2_LICENSING_TIME_BOMB_5_1 L"BETA2TIMEBOMB_1320153D-8DA3-4e8e-B27B-0D888223A588"
// L$ means only readable from the local machine
#define BETA_LICENSING_TIME_BOMB_5_1 L"L$BETA3TIMEBOMB_1320153D-8DA3-4e8e-B27B-0D888223A588"
#define RTM_LICENSING_TIME_BOMB_5_1 L"L$RTMTIMEBOMB_1320153D-8DA3-4e8e-B27B-0D888223A588"
#define BETA_LICENSING_TIME_BOMB_LATEST_VERSION BETA_LICENSING_TIME_BOMB_5_1
#define RTM_LICENSING_TIME_BOMB_LATEST_VERSION RTM_LICENSING_TIME_BOMB_5_1
#define HS_PARAM_GRACE_PERIOD_ENDED L"LicensingGracePeriodEnded"
//-----------------------------------------------------------------------------
//
// The global licensing time bomb value.
//
//-----------------------------------------------------------------------------
FILETIME g_LicenseTimeBomb;
//-----------------------------------------------------------------------------
//
// The number of licensing grace period is 90 days. By default, we start
// logging events when there are less than 15 days from expiration and the
// terminal server has not registered itself with a license server.
//
//-----------------------------------------------------------------------------
#define GRACE_PERIOD 120
#define GRACE_PERIOD_EXPIRATION_WARNING_DAYS 15
//-----------------------------------------------------------------------------
//
// Only log the grace period warning or error once a day.
//
//-----------------------------------------------------------------------------
#define GRACE_PERIOD_EVENT_LOG_INTERVAL (1000*60*60*24)
//-----------------------------------------------------------------------------
//
// Thread used to warn administrator when grace period is about to expire
//
//-----------------------------------------------------------------------------
HANDLE g_GracePeriodThreadExitEvent = NULL;CRITICAL_SECTION g_EventCritSec;
//-----------------------------------------------------------------------------
//
// Internal functions
//
//-----------------------------------------------------------------------------
BOOLCalculateTimeBombExpiration( FILETIME * pExpiration );
DWORDGetExpirationWarningDays();
BOOLIsLicensingTimeBombExpired();
/*++
Function:
InitializeLicensingTimeBomb
Description:
Initialize the licensing time bomb value.
Argument:
None.
Return:
A LICENSE_STATUS return code.
--*/
LICENSE_STATUSInitializeLicensingTimeBomb(){ LICENSE_STATUS Status; DWORD cbTimeBomb = sizeof( FILETIME ); NTSTATUS NtStatus;
NtStatus = RtlInitializeCriticalSection(&g_EventCritSec);
if (STATUS_SUCCESS != NtStatus) { return LICENSE_STATUS_INITIALIZATION_FAILED; }
Status = LsCsp_RetrieveSecret( (TLSIsBetaNTServer()) ? BETA_LICENSING_TIME_BOMB_LATEST_VERSION : RTM_LICENSING_TIME_BOMB_LATEST_VERSION, ( LPBYTE )&g_LicenseTimeBomb, &cbTimeBomb );
if( LICENSE_STATUS_OK == Status && cbTimeBomb == sizeof(g_LicenseTimeBomb) ) { return( LICENSE_STATUS_OK ); }
//
// Calculate and set the timebomb
//
if( FALSE == CalculateTimeBombExpiration( &g_LicenseTimeBomb ) ) {#if DBG
DbgPrint( "CalculateTimeBombExpiration: cannot calculate licensing time bomb expiration.\n" );#endif
return( LICENSE_STATUS_INITIALIZATION_FAILED ); }
Status = LsCsp_StoreSecret( (TLSIsBetaNTServer()) ? BETA_LICENSING_TIME_BOMB_LATEST_VERSION : RTM_LICENSING_TIME_BOMB_LATEST_VERSION, ( LPBYTE )&g_LicenseTimeBomb, sizeof( g_LicenseTimeBomb ) );
return( Status );}
/*++
Function:
IsLicensingTimeBombExpired
Description:
Check if the licensing time bomb has expired.
Argument:
None.
Return:
TRUE if the timebomb has expired or FALSE otherwise.
--*/
BOOLIsLicensingTimeBombExpired(){ SYSTEMTIME SysTimeNow; FILETIME FileTimeNow, FileTimeExpiration;
GetSystemTime( &SysTimeNow );
SystemTimeToFileTime( &SysTimeNow, &FileTimeNow ); RtlEnterCriticalSection(&g_EventCritSec);
FileTimeExpiration.dwLowDateTime = g_LicenseTimeBomb.dwLowDateTime; FileTimeExpiration.dwHighDateTime = g_LicenseTimeBomb.dwHighDateTime;
RtlLeaveCriticalSection(&g_EventCritSec);
if( 0 > CompareFileTime( &FileTimeExpiration, &FileTimeNow ) ) { return( TRUE ); } return( FALSE );}
/*++
Function:
CalculateTimeBombExpiration
Description:
Calculate the licensing time bomb expiration.
Argument:
pExpiration - The timebomb expiration date and time
Return:
TRUE if the expiration is calculated successfully or FALSE otherwise.
--*/
BOOLCalculateTimeBombExpiration( FILETIME * pExpiration ){ time_t now = time( NULL ); struct tm * GmTime = gmtime( &now ); SYSTEMTIME SysTime; if(( NULL == pExpiration ) || ( NULL == GmTime )) { return( FALSE ); }
//
// Add the days of licensing grace period to get the time bomb
// expiration.
//
GmTime->tm_mday += GRACE_PERIOD; if( ( ( time_t ) -1 ) == mktime( GmTime ) ) { return( FALSE ); }
memset( &SysTime, 0, sizeof( SYSTEMTIME ) );
SysTime.wYear = (WORD) GmTime->tm_year + 1900; SysTime.wMonth = (WORD) GmTime->tm_mon + 1; SysTime.wDay = (WORD) GmTime->tm_mday; SysTime.wDayOfWeek = (WORD) GmTime->tm_wday; SysTime.wHour = (WORD) GmTime->tm_hour; SysTime.wMinute = (WORD) GmTime->tm_min; SysTime.wSecond = (WORD) GmTime->tm_sec;
return( SystemTimeToFileTime( &SysTime, pExpiration ) );
}
/*++
Function:
ReceivedPermanentLicense();
Description:
Store the fact that we've received a permanent license
Argument:
None.
--*/
VOIDReceivedPermanentLicense(){ static fReceivedPermanent = FALSE;
if (!fReceivedPermanent) { RtlEnterCriticalSection(&g_EventCritSec);
if (IsLicensingTimeBombExpired()) { // We expired at some time in the past (before the last reboot)
fReceivedPermanent = TRUE; HKEY hKey = NULL; DWORD dwDisp; LONG lReturn; lReturn = RegCreateKeyEx( HKEY_LOCAL_MACHINE, HYDRA_SERVER_PARAM, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hKey, &dwDisp );
if( ERROR_SUCCESS == lReturn ) { //
// setting the LicensingGracePeriodEnded DWORD value, the data of the value is not used
//
DWORD dwDays = 0;
lReturn = RegSetValueEx( hKey, HS_PARAM_GRACE_PERIOD_ENDED, 0, REG_DWORD, ( PBYTE )&dwDays, sizeof( DWORD ) );
} if(hKey) { RegCloseKey(hKey); } } else if (!fReceivedPermanent) { FILETIME ftNow; SYSTEMTIME stNow;
fReceivedPermanent = TRUE;
GetSystemTime( &stNow );
SystemTimeToFileTime( &stNow , &ftNow );
LsCsp_StoreSecret( (TLSIsBetaNTServer()) ? BETA_LICENSING_TIME_BOMB_LATEST_VERSION : RTM_LICENSING_TIME_BOMB_LATEST_VERSION, ( LPBYTE ) &ftNow, sizeof( ftNow ) );
g_LicenseTimeBomb.dwLowDateTime = ftNow.dwLowDateTime; g_LicenseTimeBomb.dwHighDateTime = ftNow.dwHighDateTime; }
RtlLeaveCriticalSection(&g_EventCritSec); }}
/*++
Function:
CheckLicensingTimeBombExpiration();
Description:
The following events are logged when the terminal server has not registered itself with a license server:
(1) The grace period for registration has expired (2) The grace period for registration is about to expire. By default, the system starts logging this event 15 days prior to the grace period expiration.
Argument:
None.
Return:
Nothing.
--*/
VOIDCheckLicensingTimeBombExpiration(){ SYSTEMTIME SysWarning, SysExpiration; FILETIME FileWarning, FileExpiration, CurrentTime; struct tm tmWarning, tmExpiration; DWORD dwWarningDays;
//
// if the licensing timebomb has expired, go ahead and log the event now
//
if( IsLicensingTimeBombExpired() ) { if( FALSE == RegisteredWithLicenseServer()) { LicenseLogEvent( EVENTLOG_ERROR_TYPE, EVENT_LICENSING_GRACE_PERIOD_EXPIRED, 0, NULL ); }
return; }
//
// get the timebomb expiration in system time format
//
RtlEnterCriticalSection(&g_EventCritSec);
FileExpiration.dwLowDateTime = g_LicenseTimeBomb.dwLowDateTime; FileExpiration.dwHighDateTime = g_LicenseTimeBomb.dwHighDateTime;
RtlLeaveCriticalSection(&g_EventCritSec);
if( !FileTimeToSystemTime( &FileExpiration, &SysExpiration ) ) {#if DBG
DbgPrint( "LICPROT: LogLicensingTimeBombExpirationEvent: FileTimeToSystemTime failed: 0x%x\n", GetLastError() );#endif
return; }
//
// convert the timebomb expiration to tm format
//
tmExpiration.tm_year = SysExpiration.wYear - 1900; tmExpiration.tm_mon = SysExpiration.wMonth - 1; tmExpiration.tm_mday = SysExpiration.wDay; tmExpiration.tm_wday = SysExpiration.wDayOfWeek; tmExpiration.tm_hour = SysExpiration.wHour; tmExpiration.tm_min = SysExpiration.wMinute; tmExpiration.tm_sec = SysExpiration.wSecond; tmExpiration.tm_isdst = -1;
memcpy( &tmWarning, &tmExpiration, sizeof( tm ) );
//
// Get the number of days prior to expiration to start logging event
//
dwWarningDays = GetExpirationWarningDays();
//
// subtract these number of days from the expiration date
//
tmWarning.tm_mday -= dwWarningDays;
//
// get the accurate date
//
if( ( ( time_t ) -1 ) == mktime( &tmWarning ) ) {#if DBG
DbgPrint( "LICPROT: LogLicensingTimeBombExpirationEvent: mktime failed\n" );#endif
return; }
//
// convert the date to systemtime format
//
memset( &SysWarning, 0, sizeof( SYSTEMTIME ) );
SysWarning.wYear = (WORD) tmWarning.tm_year + 1900; SysWarning.wMonth = (WORD) tmWarning.tm_mon + 1; SysWarning.wDay = (WORD) tmWarning.tm_mday; SysWarning.wDayOfWeek = (WORD) tmWarning.tm_wday; SysWarning.wHour = (WORD) tmWarning.tm_hour; SysWarning.wMinute = (WORD) tmWarning.tm_min; SysWarning.wSecond = (WORD) tmWarning.tm_sec;
//
// convert from systemtime to filetime
//
if( !SystemTimeToFileTime( &SysWarning, &FileWarning ) ) {#if DBG
DbgPrint( "LICPROT: LogLicensingTimeBombExpirationEvent: SystemTimeToFileTime failed: 0x%x\n", GetLastError() );#endif
return; }
//
// get the current time
//
GetSystemTimeAsFileTime( &CurrentTime );
//
// Log an event if we are within the warning period
//
if( 0 > CompareFileTime( &FileWarning, &CurrentTime ) ) { LPTSTR szDate = TEXT("err"); LPTSTR ptszLogString[1]; int cchDate; BOOL fAllocated = FALSE;
//
// get the expiration date in string format.
//
cchDate = GetDateFormat(LOCALE_SYSTEM_DEFAULT, LOCALE_NOUSEROVERRIDE, &SysWarning, NULL, NULL, 0);
if (0 != cchDate) { szDate = (LPTSTR) LocalAlloc(LMEM_FIXED,cchDate * sizeof(TCHAR));
if (NULL != szDate) { fAllocated = TRUE;
if (0 == GetDateFormat(LOCALE_SYSTEM_DEFAULT, LOCALE_NOUSEROVERRIDE, &SysWarning, NULL, szDate, cchDate)) { LocalFree(szDate); fAllocated = FALSE; szDate = TEXT("err"); } } else { szDate = TEXT("err"); } }
//
// log the event
//
ptszLogString[0] = szDate;
LicenseLogEvent( EVENTLOG_WARNING_TYPE, EVENT_LICENSING_GRACE_PERIOD_ABOUT_TO_EXPIRE, 1, ptszLogString );
if (fAllocated) { LocalFree(szDate); } }
return;}
/*++
Function:
GetExpirationWarningDays
Descriptions:
Get the number of days prior to grace period expiration to log warning.
Arguments:
none.
Returns:
Nothing.
--*/
DWORDGetExpirationWarningDays(){ HKEY hKey = NULL; DWORD dwDays = GRACE_PERIOD_EXPIRATION_WARNING_DAYS, dwValueType, dwDisp, cbValue = sizeof( DWORD ); LONG lReturn;
lReturn = RegCreateKeyEx( HKEY_LOCAL_MACHINE, HYDRA_SERVER_PARAM, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hKey, &dwDisp );
if( ERROR_SUCCESS == lReturn ) { //
// query the number of days prior to expiration to log warnings
//
lReturn = RegQueryValueEx( hKey, HS_PARAM_GRACE_PERIOD_EXPIRATION_WARNING_DAYS, NULL, &dwValueType, ( LPBYTE )&dwDays, &cbValue );
if( ERROR_SUCCESS == lReturn ) { //
// check if the warning days value is within bound
//
if( dwDays > GRACE_PERIOD ) { dwDays = GRACE_PERIOD_EXPIRATION_WARNING_DAYS; } } else { //
// can't query the value, set the default
//
dwDays = GRACE_PERIOD_EXPIRATION_WARNING_DAYS;
lReturn = RegSetValueEx( hKey, HS_PARAM_GRACE_PERIOD_EXPIRATION_WARNING_DAYS, 0, REG_DWORD, ( PBYTE )&dwDays, sizeof( DWORD ) ); } }
if( hKey ) { RegCloseKey( hKey ); }
return( dwDays );}
/****************************************************************************
* * _AllowLicensingGracePeriodConnection * * Check if the licensing grace period has expired. * * ENTRY: * Nothing. * * EXIT: * TRUE - Allow connection * FALSE - Disallow connection * ****************************************************************************/
BOOLAllowLicensingGracePeriodConnection(){ return !IsLicensingTimeBombExpired();}
DWORD WINAPIGracePeriodCheckingThread( LPVOID lpParam){ HANDLE hExit = (HANDLE) lpParam; DWORD dwWaitStatus; DWORD dwWaitInterval = GRACE_PERIOD_EVENT_LOG_INTERVAL; HKEY hKey = NULL;
// Yield our first time slice
Sleep(0);
while (1) { LONG lReturn; DWORD dwDisp, dwValueType, dwDays, cbValue = sizeof( DWORD );
lReturn = RegCreateKeyEx( HKEY_LOCAL_MACHINE, HYDRA_SERVER_PARAM, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hKey, &dwDisp );
if( ERROR_SUCCESS == lReturn ) { //
// query the presence of LicensingGracePeriodEnded value.
//
lReturn = RegQueryValueEx( hKey, HS_PARAM_GRACE_PERIOD_ENDED, NULL, &dwValueType, ( LPBYTE )&dwDays, &cbValue );
} if(ERROR_SUCCESS != lReturn) {
CheckLicensingTimeBombExpiration();
dwWaitStatus = WaitForSingleObject(hExit, dwWaitInterval);
if (WAIT_OBJECT_0 == dwWaitStatus) { g_GracePeriodThreadExitEvent = NULL; // hExit was signalled
CloseHandle(hExit);
goto done; } } else { g_GracePeriodThreadExitEvent = NULL;
CloseHandle(hExit); goto done; }
if(hKey != NULL) { RegCloseKey(hKey); hKey = NULL; } }
done:
if(hKey != NULL) { RegCloseKey(hKey); } return 1;}
DWORDStartCheckingGracePeriod(){ HANDLE hThread = NULL; DWORD Status = ERROR_SUCCESS;
if (NULL != g_GracePeriodThreadExitEvent) { // already started
return ERROR_SUCCESS; }
RtlEnterCriticalSection(&g_EventCritSec);
// Check one more time
if (NULL != g_GracePeriodThreadExitEvent) { // already started
goto done; }
//
// Create the event to signal thread exit
//
g_GracePeriodThreadExitEvent = CreateEvent( NULL, FALSE, FALSE, NULL ); if( NULL == g_GracePeriodThreadExitEvent ) { Status = GetLastError(); goto done; }
//
// Create the caching thread
//
hThread = CreateThread( NULL, 0, GracePeriodCheckingThread, ( LPVOID )g_GracePeriodThreadExitEvent, 0, NULL );
if (hThread == NULL) { HANDLE hLocal = g_GracePeriodThreadExitEvent;
g_GracePeriodThreadExitEvent = NULL; CloseHandle(hLocal); Status = GetLastError();
goto done; }
CloseHandle(hThread);
done: RtlLeaveCriticalSection(&g_EventCritSec);
return ERROR_SUCCESS;}
DWORDStopCheckingGracePeriod(){ //
// Signal the thread to exit
//
if (NULL == g_GracePeriodThreadExitEvent) { // already stopped
return ERROR_SUCCESS; }
RtlEnterCriticalSection(&g_EventCritSec);
// Check one more time
if (NULL == g_GracePeriodThreadExitEvent) { // already stopped
goto done; }
HANDLE hLocal = g_GracePeriodThreadExitEvent;
g_GracePeriodThreadExitEvent = NULL;
SetEvent( hLocal );
done: RtlLeaveCriticalSection(&g_EventCritSec);
return ERROR_SUCCESS;}
/*++
Function:
RegisteredWithLicenseServer
Description:
Check if this system has been registered with a license server. Currently, we determine if the system has been registered by checking if it has an X509 certificate. We may use different checks in the future.
Arguments:
none.
Return:
TRUE if the system has beem registered or FALSE otherwise.
--*/
BOOLRegisteredWithLicenseServer(){ LICENSE_STATUS Status; DWORD dwSize = 0;
//
// check if we have an X509 certificate issued by a license server.
//
Status = LsCsp_GetServerData( LsCspInfo_X509Certificate, NULL, &dwSize ); if( LICENSE_STATUS_OK == Status ) { return( TRUE ); }
return( FALSE );}
} // extern "C"
|
