archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/protocols/kerberos/common2/sockets.cxx

763 lines
19 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1996.
  5. //
  6. // File: sockets.cxx
  7. //
  8. // Contents: Code for kerberos client sockets
  9. //
  10. // Classes:
  11. //
  12. // Functions:
  13. //
  14. // History: 26-Jul-1996 MikeSw Created
  15. //
  16. //----------------------------------------------------------------------------
  18. #ifdef WIN32_CHICAGO
  19. #include <kerb.hxx>
  20. #include <kerbp.h>
  21. #endif // WIN32_CHICAGO
  23. #ifndef WIN32_CHICAGO
  24. extern "C"
  25. {
  26. #include <nt.h>
  27. #include <ntrtl.h>
  28. #include <nturtl.h>
  29. #ifndef WIN32_CHICAGO
  30. #include <winsock2.h>
  31. #else // WIN32_CHICAGO
  32. #include <winsock.h>
  33. #endif // WIN32_CHICAGO
  34. #include <dsgetdc.h>
  35. }
  36. #include <kerbcomm.h>
  37. #include <kerberr.h>
  38. #include <kerbcon.h>
  39. #include <midles.h>
  40. #include <authen.hxx>
  41. #include "debug.h"
  42. #else // WIN32_CHICAGO
  43. extern "C"
  44. {
  45. #include <winsock.h>
  46. }
  47. #endif // WIN32_CHICAGO
  50. LONG SocketStarts = -1;
  51. ULONG TcpFragLength = 0x7fffffff ;
  52. ULONG TcpFragDelay = 0 ;
  54. //+-------------------------------------------------------------------------
  55. //
  56. // Function: KerbInitializeSockets
  57. //
  58. // Synopsis:
  59. //
  60. // Effects:
  61. //
  62. // Arguments:
  63. //
  64. // Requires:
  65. //
  66. // Returns:
  67. //
  68. // Notes:
  69. //
  70. //
  71. //--------------------------------------------------------------------------
  74. NTSTATUS
  75. KerbInitializeSockets(
  76. IN WORD VersionRequired,
  77. IN ULONG MinSockets,
  78. OUT BOOLEAN *TcpNotInstalled
  79. )
  80. {
  81. NTSTATUS Status = STATUS_SUCCESS;
  82. int Error;
  83. WSADATA SocketData;
  84. #ifndef WIN32_CHICAGO
  85. WSAPROTOCOL_INFO *lpProtocolBuf = NULL;
  86. DWORD dwBufLen = 0;
  87. INT protocols[2];
  88. int nRet = 0;
  89. #endif // WIN32_CHICAGO
  91. //
  92. // Initialze sockets
  93. //
  95. *TcpNotInstalled = FALSE;
  97. if (InterlockedIncrement(&SocketStarts) != 0)
  98. {
  99. return(STATUS_SUCCESS);
  100. }
  102. Error = WSAStartup(VersionRequired, &SocketData);
  103. if (Error != 0)
  104. {
  105. DebugLog((DEB_ERROR,"WSAStartup failed: 0x%x\n",Error));
  106. Status = STATUS_NO_LOGON_SERVERS;
  107. goto Cleanup;
  108. }
  111. //
  112. // Make sure the version is high enough for us
  113. //
  115. if ((LOBYTE(SocketData.wVersion) < HIBYTE(VersionRequired)) ||
  116. (((LOBYTE(SocketData.wVersion) == HIBYTE(VersionRequired)) &&
  117. (HIBYTE(SocketData.wVersion) < LOBYTE(VersionRequired)))))
  118. {
  119. DebugLog((DEB_ERROR,"Invalid socket version: wanted 0x%x, got 0x%x\n",
  120. VersionRequired, SocketData.wVersion));
  121. Status = STATUS_NO_LOGON_SERVERS;
  122. goto Cleanup;
  123. }
  125. if (SocketData.iMaxSockets < MinSockets)
  126. {
  127. DebugLog((DEB_ERROR,"Not enough sockets available: wanted %d, got %d\n",
  128. MinSockets, SocketData.iMaxSockets ));
  129. Status = STATUS_NO_LOGON_SERVERS;
  130. goto Cleanup;
  131. }
  133. #ifndef WIN32_CHICAGO
  134. //
  135. // Check if TCP is an available xport
  136. //
  138. protocols[0] = IPPROTO_TCP;
  139. protocols[1] = NULL;
  140. nRet = WSAEnumProtocols(protocols, lpProtocolBuf, &dwBufLen);
  141. if (nRet == 0)
  142. {
  143. //
  144. // Tcp is not installed as a xport.
  145. //
  147. D_DebugLog((DEB_T_SOCK,"WSAEnumProtocols returned 0x%x.\n", nRet));
  148. *TcpNotInstalled = TRUE;
  149. }
  150. #endif // WIN32_CHICAGO
  151. Cleanup:
  152. if (!NT_SUCCESS(Status))
  153. {
  154. if (SocketStarts != -1)
  155. {
  156. WSACleanup();
  157. InterlockedDecrement(&SocketStarts);
  158. }
  159. }
  160. return(Status);
  161. }
  164. //+-------------------------------------------------------------------------
  165. //
  166. // Function: KerbCleanupSockets
  167. //
  168. // Synopsis: Cleansup socket handling code
  169. //
  170. // Effects: calls WSACleanup()
  171. //
  172. // Arguments:
  173. //
  174. // Requires:
  175. //
  176. // Returns:
  177. //
  178. // Notes:
  179. //
  180. //
  181. //--------------------------------------------------------------------------
  184. VOID
  185. KerbCleanupSockets(
  186. )
  187. {
  188. if (InterlockedDecrement(&SocketStarts) < 0)
  189. {
  190. WSACleanup();
  191. }
  193. }
  196. //+-------------------------------------------------------------------------
  197. //
  198. // Function: KerbCloseSocket
  199. //
  200. // Synopsis: Closes a socket binding handle
  201. //
  202. // Effects: calls closesocket on the handle
  203. //
  204. // Arguments: SocketHandle - handle to close
  205. //
  206. // Requires:
  207. //
  208. // Returns: none
  209. //
  210. // Notes:
  211. //
  212. //
  213. //--------------------------------------------------------------------------
  215. VOID
  216. KerbCloseSocket(
  217. IN SOCKET SocketHandle
  218. )
  219. {
  220. int SockError;
  221. if (SocketHandle != 0)
  222. {
  223. SockError = closesocket(SocketHandle);
  224. if (SockError != 0)
  225. {
  226. DebugLog((DEB_ERROR,"CloseSocket failed: last error = %d\n",WSAGetLastError()));
  227. }
  228. }
  229. }
  232. //+-------------------------------------------------------------------------
  233. //
  234. // Function: KerbBindSocketByAddress
  235. //
  236. // Synopsis: Binds to the KDC socket on the specified address
  237. //
  238. // Effects:
  239. //
  240. // Arguments: Address - Address to bind to
  241. // AddressType - Address type, as specified by DC locator
  242. // ContextHandle - Receives bound socket
  243. //
  244. // Requires:
  245. //
  246. // Returns:
  247. //
  248. // Notes:
  249. //
  250. //
  251. //--------------------------------------------------------------------------
  253. NTSTATUS
  254. KerbBindSocketByAddress(
  255. IN PUNICODE_STRING Address,
  256. IN ULONG AddressType,
  257. IN BOOLEAN UseDatagram,
  258. IN USHORT PortNumber,
  259. OUT SOCKET * ContextHandle
  260. )
  261. {
  262. NTSTATUS Status = STATUS_SUCCESS;
  263. SOCKET ClientSocket = INVALID_SOCKET;
  264. struct sockaddr_in ServerAddress;
  265. struct sockaddr_in ClientAddress;
  266. LPHOSTENT ServerInfo = NULL;
  267. STRING AnsiAddress = {0};
  269. AnsiAddress.Buffer = NULL;
  271. Status = RtlUnicodeStringToAnsiString(
  272. &AnsiAddress,
  273. Address,
  274. TRUE
  275. );
  277. if (!NT_SUCCESS(Status))
  278. {
  279. goto Cleanup;
  280. }
  283. ClientSocket = socket(
  284. PF_INET,
  285. (UseDatagram ? SOCK_DGRAM : SOCK_STREAM),
  286. 0
  287. );
  288. if (ClientSocket == INVALID_SOCKET)
  289. {
  290. DebugLog((DEB_ERROR,"Failed to create socket: %d\n",WSAGetLastError()));
  291. Status = STATUS_NO_LOGON_SERVERS;
  292. goto Cleanup;
  293. }
  295. if (UseDatagram)
  296. {
  297. //
  298. // Bind client socket to any local interface and port
  299. //
  301. ClientAddress.sin_family = AF_INET;
  302. ClientAddress.sin_addr.s_addr = INADDR_ANY;
  303. ClientAddress.sin_port = 0; // no specific port
  305. if (bind(
  306. ClientSocket,
  307. (LPSOCKADDR) &ClientAddress,
  308. sizeof(ClientAddress)
  309. ) == SOCKET_ERROR )
  310. {
  311. DebugLog((DEB_ERROR,"Failed to bind client socket: %d\n",WSAGetLastError()));
  312. Status = STATUS_NO_LOGON_SERVERS;
  313. goto Cleanup;
  314. }
  315. }
  317. if (AddressType == DS_INET_ADDRESS)
  318. {
  319. ULONG InetAddress;
  320. //
  321. // Get the address of the server
  322. //
  324. InetAddress = inet_addr(AnsiAddress.Buffer);
  327. if (InetAddress == SOCKET_ERROR)
  328. {
  329. DebugLog((DEB_ERROR,"Failed to convert %Z to address: %d\n", &AnsiAddress, WSAGetLastError()));
  330. Status = STATUS_NO_LOGON_SERVERS;
  331. goto Cleanup;
  332. }
  334. ServerAddress.sin_family = AF_INET;
  336. RtlCopyMemory(
  337. &ServerAddress.sin_addr,
  338. &InetAddress,
  339. sizeof(ULONG)
  340. );
  342. }
  343. else
  344. {
  345. //
  346. // Get the address of the server
  347. //
  349. ServerInfo = gethostbyname(AnsiAddress.Buffer);
  350. if (ServerInfo == NULL)
  351. {
  352. DebugLog((DEB_ERROR,"Failed to get host %Z by name: %d\n", &AnsiAddress, WSAGetLastError()));
  353. Status = STATUS_NO_LOGON_SERVERS;
  354. goto Cleanup;
  355. }
  357. ServerAddress.sin_family = ServerInfo->h_addrtype;
  359. RtlCopyMemory(
  360. &ServerAddress.sin_addr,
  361. ServerInfo->h_addr,
  362. sizeof(ULONG)
  363. );
  365. }
  367. ServerAddress.sin_port = htons(PortNumber);
  369. if (connect(
  370. ClientSocket,
  371. (LPSOCKADDR) &ServerAddress,
  372. sizeof(ServerAddress)
  373. ) == SOCKET_ERROR)
  374. {
  375. DebugLog((DEB_ERROR,"Failed to connect to server %Z: %d\n",&AnsiAddress, WSAGetLastError()));
  376. Status = STATUS_NO_LOGON_SERVERS;
  377. goto Cleanup;
  378. }
  379. *ContextHandle = ClientSocket;
  380. D_DebugLog((DEB_TRACE,"Successfully bound to %Z\n",&AnsiAddress));
  382. Cleanup:
  383. if (AnsiAddress.Buffer != NULL)
  384. {
  385. RtlFreeAnsiString(&AnsiAddress);
  386. }
  387. if (!NT_SUCCESS(Status))
  388. {
  389. if (ClientSocket != INVALID_SOCKET)
  390. {
  391. closesocket(ClientSocket);
  392. }
  393. }
  394. return(Status);
  397. }
  400. //+-------------------------------------------------------------------------
  401. //
  402. // Function: KerbCallKdc
  403. //
  404. // Synopsis: Socket client stub for calling the KDC.
  405. //
  406. // Effects:
  407. //
  408. // Arguments:
  409. //
  410. // Requires:
  411. //
  412. // Returns:
  413. //
  414. // Notes:
  415. //
  416. //
  417. //--------------------------------------------------------------------------
  419. extern ULONG KerbGlobalMaxDatagramSize;
  421. NTSTATUS
  422. KerbCallKdc(
  423. IN PUNICODE_STRING KdcAddress,
  424. IN ULONG AddressType,
  425. IN ULONG Timeout,
  426. IN BOOLEAN UseDatagram,
  427. IN USHORT PortNumber,
  428. IN PKERB_MESSAGE_BUFFER Input,
  429. OUT PKERB_MESSAGE_BUFFER Output
  430. )
  431. {
  432. NTSTATUS Status = STATUS_SUCCESS;
  433. ULONG Bytes;
  434. int NumberReady;
  435. SOCKET Socket = 0;
  436. PUCHAR RemainingBuffer;
  437. ULONG RemainingSize;
  438. fd_set ReadHandles;
  439. struct timeval TimeoutTime;
  440. ULONG NetworkSize;
  441. BOOLEAN RetriedOnce = FALSE;
  443. #ifndef WIN32_CHICAGO
  444. WSABUF Buffers[2] = {0};
  445. LPWSABUF SendBuffers = NULL;
  446. ULONG BufferCount = 0;
  447. int SendStatus;
  448. #endif // WIN32_CHICAGO
  450. //
  451. // Start out by binding to the KDC
  452. //
  454. DebugLog((DEB_TRACE, "Calling KDC: %S\n", KdcAddress->Buffer));
  456. Status = KerbBindSocketByAddress(
  457. KdcAddress,
  458. AddressType,
  459. UseDatagram,
  460. PortNumber,
  461. &Socket
  462. );
  463. if (!NT_SUCCESS(Status))
  464. {
  465. goto Cleanup;
  466. }
  468. RemainingBuffer = Input->Buffer;
  469. RemainingSize = Input->BufferSize;
  471. #ifndef WIN32_CHICAGO
  473. //
  474. // Use winsock2
  475. //
  477. Buffers[0].len = sizeof(ULONG);
  478. NetworkSize = htonl(RemainingSize);
  479. Buffers[0].buf = (PCHAR) &NetworkSize;
  480. Buffers[1].len = Input->BufferSize;
  481. Buffers[1].buf = (PCHAR) Input->Buffer;
  483. if (UseDatagram)
  484. {
  485. BufferCount = 1;
  486. SendBuffers = &Buffers[1];
  487. RemainingSize = Buffers[1].len;
  488. }
  489. else
  490. {
  491. BufferCount = 2;
  492. SendBuffers = &Buffers[0];
  493. RemainingSize = Buffers[0].len + Buffers[1].len;
  494. }
  496. RetrySend:
  498. SendStatus = WSASend(
  499. Socket,
  500. SendBuffers,
  501. BufferCount,
  502. &Bytes,
  503. 0, // no flags
  504. NULL, // no overlapped
  505. NULL // no completion routine
  506. );
  508. if ((SendStatus != 0) || (Bytes == 0))
  509. {
  510. DsysAssert(SendStatus == SOCKET_ERROR);
  511. DebugLog((DEB_ERROR,"Failed to send data: %d\n",WSAGetLastError()));
  512. Status = SEC_E_NO_AUTHENTICATING_AUTHORITY;
  513. goto Cleanup;
  514. }
  515. if (Bytes < RemainingSize)
  516. {
  517. RemainingSize -= Bytes;
  518. if (Bytes > SendBuffers->len)
  519. {
  520. //
  521. // We sent the whole of a buffer, so move on to the next
  522. //
  524. Bytes -= SendBuffers->len;
  526. DsysAssert(BufferCount > 1);
  527. BufferCount--;
  528. SendBuffers++;
  529. SendBuffers->len -= Bytes;
  530. SendBuffers->buf += Bytes;
  531. }
  532. else
  533. {
  534. SendBuffers->len -= Bytes;
  535. SendBuffers->buf += Bytes;
  536. }
  537. goto RetrySend;
  538. }
  543. #else // WIN32_CHICAGO
  545. //
  546. // Use winsock1 for win9x
  547. //
  549. //
  550. // For TCP, send length first
  551. //
  553. RetrySend:
  555. if (!UseDatagram)
  556. {
  557. NetworkSize = htonl(RemainingSize);
  558. Bytes = send(Socket, (char *)&NetworkSize,sizeof(ULONG), 0);
  559. if (Bytes != sizeof(ULONG) )
  560. {
  561. DebugLog((DEB_ERROR,"Failed to send TCP packet length: bytes sent = %d, last err = %d\n",
  562. Bytes,
  563. WSAGetLastError()));
  564. Status = SEC_E_NO_AUTHENTICATING_AUTHORITY;
  565. goto Cleanup;
  566. }
  567. }
  568. do
  569. {
  570. if (!UseDatagram)
  571. {
  572. if ( RemainingSize > TcpFragLength )
  573. {
  574. SendSize = TcpFragLength ;
  575. }
  576. else
  577. {
  578. SendSize = RemainingSize ;
  579. }
  580. if ( TcpFragDelay )
  581. {
  582. Sleep( TcpFragDelay );
  583. }
  584. }
  585. else
  586. {
  587. SendSize = RemainingSize ;
  588. }
  589. D_DebugLog(( DEB_T_SOCK, "Sending %x bytes to %wZ\n",
  590. SendSize, KdcAddress ));
  591. Bytes = send(Socket, (char *) RemainingBuffer, SendSize, 0);
  592. if (Bytes == SOCKET_ERROR)
  593. {
  594. DebugLog((DEB_ERROR,"Failed to send data: %d\n",WSAGetLastError()));
  595. Status = SEC_E_NO_AUTHENTICATING_AUTHORITY;
  596. goto Cleanup;
  597. }
  598. if (Bytes != SendSize)
  599. {
  600. DebugLog((DEB_ERROR,"Failed to send all data - only send %d out of %d\n",
  601. Bytes, RemainingSize ));
  602. Status = SEC_E_NO_AUTHENTICATING_AUTHORITY;
  603. goto Cleanup;
  604. }
  605. RemainingBuffer += Bytes;
  606. RemainingSize -= Bytes;
  607. } while ((Bytes != 0) && (RemainingSize != 0));
  609. #endif
  611. //
  612. // Now select on the socket and wait for a response
  613. // ReadHandles and TimeoutTime must be reset each time, cause winsock
  614. // zeroes them out in case of error
  616. ReadHandles.fd_count = 1;
  617. ReadHandles.fd_array[0] = Socket;
  618. TimeoutTime.tv_sec = Timeout;
  619. TimeoutTime.tv_usec = 0;
  621. D_DebugLog(( DEB_T_SOCK, "Socket being used for select is 0x%x\n", ReadHandles.fd_array[0] ));
  622. NumberReady = select(
  623. 1,
  624. &ReadHandles,
  625. NULL,
  626. NULL,
  627. &TimeoutTime
  628. );
  629. if ((NumberReady == SOCKET_ERROR) ||
  630. (NumberReady == 0))
  631. {
  633. DebugLog((DEB_ERROR,"Failed to select on response on socket 0x%x from kdc: %d\n", ReadHandles.fd_array[0], WSAGetLastError()));
  635. DebugLog((DEB_ERROR,"select returned %d\n",NumberReady));
  637. //
  638. // Retry again and wait.
  639. //
  641. if ((NumberReady == 0) && (!RetriedOnce))
  642. {
  643. RetriedOnce = TRUE;
  644. goto RetrySend;
  645. }
  646. Status = STATUS_NO_LOGON_SERVERS;
  647. goto Cleanup;
  648. }
  651. //
  652. // Now receive the data
  653. //
  655. if (UseDatagram)
  656. {
  657. Output->BufferSize = max( KerbGlobalMaxDatagramSize, KERB_MAX_KDC_RESPONSE_SIZE );
  658. Output->Buffer = (PUCHAR) MIDL_user_allocate(Output->BufferSize);
  659. if (Output->Buffer == NULL)
  660. {
  661. Status = STATUS_INSUFFICIENT_RESOURCES;
  662. goto Cleanup;
  663. }
  664. Bytes = recv(
  665. Socket,
  666. (char *) Output->Buffer,
  667. Output->BufferSize,
  668. 0
  669. );
  670. if ((Bytes == SOCKET_ERROR) || (Bytes == 0))
  671. {
  672. DebugLog((DEB_ERROR,"Failed to receive socket data: %d\n",WSAGetLastError()));
  673. Status = SEC_E_NO_AUTHENTICATING_AUTHORITY;
  674. goto Cleanup;
  675. }
  676. Output->BufferSize = Bytes;
  677. }
  678. else
  679. {
  680. Bytes = recv(
  681. Socket,
  682. (char *) &NetworkSize,
  683. sizeof(ULONG),
  684. 0
  685. );
  686. if (Bytes != sizeof(ULONG) )
  687. {
  688. DebugLog((DEB_ERROR,"Failed to receive socket data: %d\n",WSAGetLastError()));
  689. Status = SEC_E_NO_AUTHENTICATING_AUTHORITY;
  690. goto Cleanup;
  691. }
  692. RemainingSize = ntohl(NetworkSize);
  693. Output->BufferSize = RemainingSize;
  694. Output->Buffer = (PUCHAR) MIDL_user_allocate(RemainingSize);
  695. if (Output->Buffer == NULL)
  696. {
  697. Status = STATUS_INSUFFICIENT_RESOURCES;
  698. goto Cleanup;
  699. }
  700. while (RemainingSize != 0)
  701. {
  702. //
  703. // Make sure there is data ready
  704. //
  706. D_DebugLog(( DEB_T_SOCK, "Socket being used for select is 0x%x\n", ReadHandles.fd_array[0] ));
  707. NumberReady = select(
  708. 1,
  709. &ReadHandles,
  710. NULL,
  711. NULL,
  712. &TimeoutTime
  713. );
  714. if ((NumberReady == SOCKET_ERROR) ||
  715. (NumberReady == 0))
  716. {
  717. DebugLog((DEB_ERROR,"Failed to select on response on socket 0x%x from kdc: %d\n", ReadHandles.fd_array[0], WSAGetLastError()));
  719. DebugLog((DEB_ERROR,"select returned %d\n",NumberReady));
  721. Status = STATUS_NO_LOGON_SERVERS;
  722. goto Cleanup;
  723. }
  725. //
  726. // Receive the data
  727. //
  729. Bytes = recv(
  730. Socket,
  731. (char *) Output->Buffer + Output->BufferSize - RemainingSize,
  732. RemainingSize,
  733. 0
  734. );
  735. if ((Bytes == SOCKET_ERROR) || (Bytes == 0))
  736. {
  737. DebugLog((DEB_ERROR,"Failed to receive socket data: %d\n",WSAGetLastError()));
  738. Status = SEC_E_NO_AUTHENTICATING_AUTHORITY;
  739. goto Cleanup;
  740. }
  741. RemainingSize -= Bytes;
  742. }
  743. }
  745. Cleanup:
  746. if (Socket != 0)
  747. {
  748. KerbCloseSocket(Socket);
  749. }
  750. if (!NT_SUCCESS(Status))
  751. {
  752. if (Output->Buffer != NULL)
  753. {
  754. MIDL_user_free(Output->Buffer);
  755. Output->Buffer = NULL;
  756. }
  757. }
  758. return(Status);
  762. }