archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/admin/dcpromo/exe/answerfile.cpp

475 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. // Copyright (C) 2002 Microsoft Corporation
  2. //
  3. // answerfile reader object
  4. //
  5. // 5 April 2002 sburns
  9. #include "headers.hxx"
  10. #include "AnswerFile.hpp"
  11. #include "resource.h"
  15. static const String SECTION_NAME(L"DCInstall");
  20. const String AnswerFile::OPTION_ADMIN_PASSWORD (L"AdministratorPassword");
  21. const String AnswerFile::OPTION_ALLOW_ANON_ACCESS (L"AllowAnonymousAccess");
  22. const String AnswerFile::OPTION_AUTO_CONFIG_DNS (L"AutoConfigDNS");
  23. const String AnswerFile::OPTION_CHILD_NAME (L"ChildName");
  24. const String AnswerFile::OPTION_CRITICAL_REPLICATION_ONLY (L"CriticalReplicationOnly");
  25. const String AnswerFile::OPTION_DATABASE_PATH (L"DatabasePath");
  26. const String AnswerFile::OPTION_DISABLE_CANCEL_ON_DNS_INSTALL (L"DisableCancelForDnsInstall");
  27. const String AnswerFile::OPTION_DNS_ON_NET (L"DNSOnNetwork");
  28. const String AnswerFile::OPTION_GC_CONFIRM (L"ConfirmGc");
  29. const String AnswerFile::OPTION_IS_LAST_DC (L"IsLastDCInDomain");
  30. const String AnswerFile::OPTION_LOG_PATH (L"LogPath");
  31. const String AnswerFile::OPTION_NEW_DOMAIN (L"NewDomain");
  32. const String AnswerFile::OPTION_NEW_DOMAIN_NAME (L"NewDomainDNSName");
  33. const String AnswerFile::OPTION_NEW_DOMAIN_NETBIOS_NAME (L"DomainNetbiosName");
  34. const String AnswerFile::OPTION_PARENT_DOMAIN_NAME (L"ParentDomainDNSName");
  35. const String AnswerFile::OPTION_PASSWORD (L"Password");
  36. const String AnswerFile::OPTION_REBOOT (L"RebootOnSuccess");
  37. const String AnswerFile::OPTION_REMOVE_APP_PARTITIONS (L"RemoveApplicationPartitions");
  38. const String AnswerFile::OPTION_REPLICATION_SOURCE (L"ReplicationSourceDC");
  39. const String AnswerFile::OPTION_REPLICA_DOMAIN_NAME (L"ReplicaDomainDNSName");
  40. const String AnswerFile::OPTION_REPLICA_OR_MEMBER (L"ReplicaOrMember");
  41. const String AnswerFile::OPTION_REPLICA_OR_NEW_DOMAIN (L"ReplicaOrNewDomain");
  42. const String AnswerFile::OPTION_SAFE_MODE_ADMIN_PASSWORD (L"SafeModeAdminPassword");
  43. const String AnswerFile::OPTION_SET_FOREST_VERSION (L"SetForestVersion");
  44. const String AnswerFile::OPTION_SITE_NAME (L"SiteName");
  45. const String AnswerFile::OPTION_SOURCE_PATH (L"ReplicationSourcePath");
  46. const String AnswerFile::OPTION_SYSKEY (L"Syskey");
  47. const String AnswerFile::OPTION_SYSVOL_PATH (L"SYSVOLPath");
  48. const String AnswerFile::OPTION_USERNAME (L"UserName");
  49. const String AnswerFile::OPTION_USER_DOMAIN (L"UserDomain");
  52. const String AnswerFile::VALUE_CHILD (L"Child");
  53. const String AnswerFile::VALUE_DOMAIN (L"Domain");
  54. const String AnswerFile::VALUE_NO (L"No");
  55. const String AnswerFile::VALUE_NO_DONT_PROMPT (L"NoAndNoPromptEither");
  56. const String AnswerFile::VALUE_REPLICA (L"Replica");
  57. const String AnswerFile::VALUE_TREE (L"Tree");
  58. const String AnswerFile::VALUE_YES (L"Yes");
  62. static StringList PASSWORD_OPTIONS_LIST;
  63. static bool passwordOptionsListInitialized = false;
  67. void
  68. GetAllKeys(const String& filename, StringList& resultList)
  69. {
  70. LOG_FUNCTION(GetAllKeys);
  71. ASSERT(FS::IsValidPath(filename));
  73. resultList.clear();
  75. // our first call is with a large buffer, hoping that it will suffice...
  77. #ifdef DBG
  79. // on chk builds, use a small buffer size so that our growth algorithm
  80. // gets exercised
  82. unsigned bufSizeInCharacters = 3;
  84. #else
  85. unsigned bufSizeInCharacters = 1023;
  86. #endif
  88. PWSTR buffer = 0;
  90. do
  91. {
  92. buffer = new WCHAR[bufSizeInCharacters + 1];
  94. // REVIEWED-2002/02/22-sburns byte count correctly passed in
  96. ::ZeroMemory(buffer, (bufSizeInCharacters + 1) * sizeof WCHAR);
  98. DWORD result =
  100. // REVIEWED-2002/02/22-sburns call correctly passes size in characters.
  102. ::GetPrivateProfileString(
  103. SECTION_NAME.c_str(),
  104. 0,
  105. L"default",
  106. buffer,
  107. bufSizeInCharacters,
  108. filename.c_str());
  110. if (!result)
  111. {
  112. break;
  113. }
  115. // A value was found. check to see if it was truncated. Since lpKeyName
  116. // was null, check result against character count - 2
  118. if (result == bufSizeInCharacters - 2)
  119. {
  120. // buffer was too small, so the value was truncated. Resize the
  121. // buffer and try again.
  123. // no need to scribble out the buffer: we're retrieving key names,
  124. // not values.
  126. delete[] buffer;
  128. bufSizeInCharacters *= 2;
  129. if (bufSizeInCharacters > USHRT_MAX) // effectively ~32K max
  130. {
  131. // too big. way too big. We'll make do with the truncated value.
  133. ASSERT(false);
  134. break;
  135. }
  136. continue;
  137. }
  139. // copy out the strings results into list elements
  141. PWSTR p = buffer;
  142. while (*p)
  143. {
  144. resultList.push_back(p);
  146. // REVIEWED-2002/04/08-sburns wcslen is ok, since we arrange for
  147. // the buffer to be null terminated
  149. p += wcslen(p) + 1;
  150. }
  152. break;
  153. }
  155. //lint -e506 ok that this looks like "loop forever"
  157. while (true);
  159. delete[] buffer;
  160. }
  164. AnswerFile::AnswerFile(const String& filename_)
  165. :
  166. filename(filename_),
  167. isSafeModePasswordPresent(false)
  168. {
  169. LOG_CTOR(AnswerFile);
  171. // the caller is expected to have verified this
  173. ASSERT(FS::PathExists(filename));
  175. GetAllKeys(filename, keysPresent);
  177. isSafeModePasswordPresent = IsKeyPresent(OPTION_SAFE_MODE_ADMIN_PASSWORD);
  179. // remove read-only file attribute
  181. DWORD attrs = 0;
  182. HRESULT hr = Win::GetFileAttributes(filename, attrs);
  183. if (SUCCEEDED(hr) && attrs & FILE_ATTRIBUTE_READONLY)
  184. {
  185. LOG(L"Removing readonly attribute on " + filename);
  187. hr = Win::SetFileAttributes(filename, attrs & ~FILE_ATTRIBUTE_READONLY);
  189. // if this failed, well, we tried. The user runs the risk of cleartext
  190. // passwords left in his file.
  192. LOG_HRESULT(hr);
  193. }
  195. // Read all the password options into the encrypted value map, erasing
  196. // them as we go.
  198. if (!passwordOptionsListInitialized)
  199. {
  200. ASSERT(PASSWORD_OPTIONS_LIST.empty());
  201. PASSWORD_OPTIONS_LIST.clear();
  202. PASSWORD_OPTIONS_LIST.push_back(OPTION_PASSWORD);
  203. PASSWORD_OPTIONS_LIST.push_back(OPTION_ADMIN_PASSWORD);
  204. PASSWORD_OPTIONS_LIST.push_back(OPTION_SYSKEY);
  205. PASSWORD_OPTIONS_LIST.push_back(OPTION_SAFE_MODE_ADMIN_PASSWORD);
  206. passwordOptionsListInitialized = true;
  207. }
  209. String empty;
  210. for (
  211. StringList::iterator i = PASSWORD_OPTIONS_LIST.begin();
  212. i != PASSWORD_OPTIONS_LIST.end();
  213. ++i)
  214. {
  215. if (IsKeyPresent(*i))
  216. {
  217. ovMap[*i] = EncryptedReadKey(*i);
  218. hr = WriteKey(*i, empty);
  220. if (FAILED(hr))
  221. {
  222. popup.Error(
  223. Win::GetDesktopWindow(),
  224. hr,
  225. String::format(
  226. IDS_FAILED_PASSWORD_WRITE_TO_ANSWERFILE,
  227. i->c_str(),
  228. filename.c_str()));
  229. }
  230. }
  231. }
  232. }
  236. AnswerFile::~AnswerFile()
  237. {
  238. LOG_DTOR(AnswerFile);
  239. }
  243. String
  244. AnswerFile::ReadKey(const String& key) const
  245. {
  246. LOG_FUNCTION2(AnswerFile::ReadKey, key);
  247. ASSERT(!key.empty());
  249. String result =
  251. // REVIEWED-2002/02/22-sburns no cch/cb issue here.
  253. Win::GetPrivateProfileString(SECTION_NAME, key, String(), filename);
  255. // Don't log the value, as it may be a password.
  256. // LOG(L"value=" + result);
  258. return result.strip(String::BOTH);
  259. }
  263. EncryptedString
  264. AnswerFile::EncryptedReadKey(const String& key) const
  265. {
  266. LOG_FUNCTION2(AnswerFile::EncodedReadKey, key);
  267. ASSERT(!key.empty());
  269. EncryptedString retval;
  271. #ifdef DBG
  273. // on chk builds, use a small buffer size so that our growth algorithm
  274. // gets exercised
  276. unsigned bufSizeInCharacters = 3;
  278. #else
  279. unsigned bufSizeInCharacters = 1023;
  280. #endif
  282. PWSTR buffer = 0;
  284. do
  285. {
  286. // +1 for extra null-termination paranoia
  288. buffer = new WCHAR[bufSizeInCharacters + 1];
  290. // REVIEWED-2002/02/22-sburns byte count correctly passed in
  292. ::ZeroMemory(buffer, (bufSizeInCharacters + 1) * sizeof WCHAR);
  294. DWORD result =
  296. // REVIEWED-2002/02/22-sburns call correctly passes size in characters.
  298. ::GetPrivateProfileString(
  299. SECTION_NAME.c_str(),
  300. key.c_str(),
  301. L"",
  302. buffer,
  303. bufSizeInCharacters,
  304. filename.c_str());
  306. if (!result)
  307. {
  308. break;
  309. }
  311. // A value was found. check to see if it was truncated. neither
  312. // lpAppName nor lpKeyName were null, so check result against character
  313. // count - 1
  315. if (result == bufSizeInCharacters - 1)
  316. {
  317. // buffer was too small, so the value was truncated. Resize the
  318. // buffer and try again.
  320. // Since the buffer may have contained passwords, scribble it
  321. // out
  323. // REVIEWED-2002/02/22-sburns byte count correctly passed in
  325. ::SecureZeroMemory(buffer, (bufSizeInCharacters + 1) * sizeof WCHAR);
  327. delete[] buffer;
  329. bufSizeInCharacters *= 2;
  330. if (bufSizeInCharacters > USHRT_MAX) // effectively ~32K max
  331. {
  332. // too big. way too big. We'll make do with the truncated value.
  334. ASSERT(false);
  335. break;
  336. }
  337. continue;
  338. }
  340. // don't need to trim whitespace, GetPrivateProfileString does that
  341. // for us.
  343. retval.Encrypt(buffer);
  345. break;
  346. }
  347. while (true);
  349. // Since the buffer may have contained passwords, scribble it
  350. // out
  352. // REVIEWED-2002/02/22-sburns byte count correctly passed in
  354. ::SecureZeroMemory(buffer, (bufSizeInCharacters + 1) * sizeof WCHAR);
  356. delete[] buffer;
  358. // Don't log the value, as it may be a password.
  359. // LOG(L"value=" + result);
  361. return retval;
  362. }
  366. HRESULT
  367. AnswerFile::WriteKey(const String& key, const String& value) const
  368. {
  369. LOG_FUNCTION2(AnswerFile::WriteKey, key);
  370. ASSERT(!key.empty());
  372. HRESULT hr =
  373. Win::WritePrivateProfileString(SECTION_NAME, key, value, filename);
  375. return hr;
  376. }
  380. bool
  381. AnswerFile::IsKeyPresent(const String& key) const
  382. {
  383. LOG_FUNCTION2(AnswerFile::IsKeyPresent, key);
  384. ASSERT(!key.empty());
  386. bool result = false;
  388. // If GetAllKeys failed, then we won't find the option in the keys list
  389. // and will assume that the option is not specified. This is the best
  390. // we can do in the case where we can't read the keys.
  392. if (
  393. std::find(keysPresent.begin(), keysPresent.end(), key)
  394. != keysPresent.end() )
  395. {
  396. result = true;
  397. }
  399. LOG_BOOL(result);
  401. return result;
  402. }
  406. bool
  407. IsPasswordOption(const String& option)
  408. {
  409. ASSERT(passwordOptionsListInitialized);
  411. bool result = false;
  413. if (
  414. std::find(
  415. PASSWORD_OPTIONS_LIST.begin(),
  416. PASSWORD_OPTIONS_LIST.end(),
  417. option)
  418. != PASSWORD_OPTIONS_LIST.end() )
  419. {
  420. result = true;
  421. }
  423. return result;
  424. }
  428. String
  429. AnswerFile::GetOption(const String& option) const
  430. {
  431. LOG_FUNCTION2(AnswerFile::GetOption, option);
  433. String result = ReadKey(option);
  435. if (!IsPasswordOption(option))
  436. {
  437. LOG(result);
  438. }
  439. else
  440. {
  441. // should use GetEncryptedAnswerFileOption for passwords
  443. ASSERT(false);
  444. }
  446. return result;
  447. }
  451. EncryptedString
  452. AnswerFile::GetEncryptedOption(const String& option) const
  453. {
  454. LOG_FUNCTION2(AnswerFile::GetEncryptedOption, option);
  456. OptionEncryptedValueMap::const_iterator ci = ovMap.find(option);
  457. if (ci != ovMap.end())
  458. {
  459. return ci->second;
  460. }
  462. return EncryptedString();
  463. }
  467. bool
  468. AnswerFile::IsSafeModeAdminPwdOptionPresent() const
  469. {
  470. LOG_FUNCTION(AnswerFile::IsSafeModeAdminPwdOptionPresent);
  471. LOG_BOOL(isSafeModePasswordPresent);
  473. return isSafeModePasswordPresent;
  474. }