archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/protocols/schannel/inc/cache.h

251 lines
6.8 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1995.
  5. //
  6. // File: cache.h
  7. //
  8. // Contents:
  9. //
  10. // Classes:
  11. //
  12. // Functions:
  13. //
  14. // History: 09-23-97 jbanes Ported over SGC stuff from NT 4 tree.
  15. //
  16. //----------------------------------------------------------------------------
  18. #include <sslcache.h>
  20. #define SP_CACHE_MAGIC 0xCACE
  22. #define SP_CACHE_FLAG_EMPTY 0x00000001
  23. #define SP_CACHE_FLAG_READONLY 0x00000002
  24. #define SP_CACHE_FLAG_MASTER_EPHEM 0x00000004
  25. #define SP_CACHE_FLAG_USE_VALIDATED 0x00000010 // Whether user has validated client credential.
  27. struct _SPContext;
  29. typedef struct _SessCacheItem {
  31. DWORD Magic;
  32. DWORD dwFlags;
  34. LONG cRef;
  36. DWORD ZombieJuju;
  37. DWORD fProtocol;
  38. DWORD CreationTime;
  39. DWORD Lifespan;
  40. DWORD DeferredJuju;
  42. // List of cache entries assigned to a particular cache index.
  43. LIST_ENTRY IndexEntryList;
  45. // Global list of cache entries sorted by creation time.
  46. LIST_ENTRY EntryList;
  48. // Process ID of process that owns this cache entry.
  49. ULONG ProcessID;
  52. HMAPPER * phMapper;
  54. // Handle to "Schannel" key container used to store the server's master
  55. // secret. This will either be the one corresponding to the server's
  56. // credentials or the 512-bit ephemeral key.
  57. HCRYPTPROV hMasterProv;
  59. // Master secret, from which all session keys are derived.
  60. HCRYPTKEY hMasterKey;
  62. ALG_ID aiCipher;
  63. DWORD dwStrength;
  64. ALG_ID aiHash;
  65. DWORD dwCipherSuiteIndex; // used for managing reconnects
  67. ExchSpec SessExchSpec;
  68. DWORD dwExchStrength;
  70. PCERT_CONTEXT pRemoteCert;
  71. PUBLICKEY * pRemotePublic;
  73. struct _SessCacheItem *pClonedItem;
  76. // Server Side Client Auth related items
  77. /* HLOCATOR */
  78. HLOCATOR hLocator;
  79. SECURITY_STATUS LocatorStatus;
  81. // Local credentials.
  82. PSPCredentialGroup pServerCred;
  83. PSPCredential pActiveServerCred;
  84. CRED_THUMBPRINT CredThumbprint; // credential group
  85. CRED_THUMBPRINT CertThumbprint; // local certificate
  87. // Cipher level (domestic, export, sgc, etc);
  88. DWORD dwCF;
  90. // Server certificate (pct only)
  91. DWORD cbServerCertificate;
  92. PBYTE pbServerCertificate;
  94. // cache ID (usually machine name or ip address)
  95. LPWSTR szCacheID;
  96. LUID LogonId;
  98. // Session ID for this session
  99. DWORD cbSessionID;
  100. UCHAR SessionID[SP_MAX_SESSION_ID];
  102. // Clear key (pct only)
  103. DWORD cbClearKey;
  104. UCHAR pClearKey[SP_MAX_MASTER_KEY];
  106. DWORD cbKeyArgs;
  107. UCHAR pKeyArgs[SP_MAX_KEY_ARGS];
  109. // This contains the client certificate that was sent to the server.
  110. PCCERT_CONTEXT pClientCert;
  112. // When a client credential is created automatically, the credential
  113. // information is stored here.
  114. PSPCredential pClientCred;
  116. DWORD cbAppData;
  117. PBYTE pbAppData;
  119. } SessCacheItem, *PSessCacheItem;
  122. typedef struct
  123. {
  124. PLIST_ENTRY SessionCache;
  126. DWORD dwClientLifespan;
  127. DWORD dwServerLifespan;
  128. DWORD dwCleanupInterval;
  129. DWORD dwCacheSize;
  130. DWORD dwMaximumEntries;
  131. DWORD dwUsedEntries;
  133. LIST_ENTRY EntryList;
  134. RTL_RESOURCE Lock;
  135. BOOL LockInitialized;
  137. } SCHANNEL_CACHE;
  139. extern SCHANNEL_CACHE SchannelCache;
  141. #define SP_CACHE_CLIENT_LIFESPAN (10 * 3600 * 1000) // 10 hours
  142. #define SP_CACHE_SERVER_LIFESPAN (10 * 3600 * 1000) // 10 hours
  143. #define SP_CACHE_CLEANUP_INTERVAL (5 * 60 * 1000) // 5 minutes
  144. #define SP_MAXIMUM_CACHE_ELEMENTS 10000
  145. #define SP_MASTER_KEY_CS_COUNT 50
  147. extern BOOL g_fMultipleProcessClientCache;
  148. extern BOOL g_fCacheInitialized;
  150. // Perf counter values.
  151. extern LONG g_cClientHandshakes;
  152. extern LONG g_cServerHandshakes;
  153. extern LONG g_cClientReconnects;
  154. extern LONG g_cServerReconnects;
  157. #define HasTimeElapsed(StartTime, CurrentTime, Interval) \
  158. (((CurrentTime) > (StartTime) && \
  159. (CurrentTime) - (StartTime) > (Interval)) || \
  160. ((CurrentTime) < (StartTime) && \
  161. (CurrentTime) + (MAXULONG - (StartTime)) >= (Interval)))
  164. /* SPInitSessionCache() */
  165. /* inits the internal cache to CacheSize items */
  166. SP_STATUS SPInitSessionCache(VOID);
  168. SP_STATUS
  169. SPShutdownSessionCache(VOID);
  171. // Reference and dereference cache items
  172. LONG SPCacheReference(PSessCacheItem pItem);
  174. LONG SPCacheDereference(PSessCacheItem pItem);
  176. void
  177. SPCachePurgeCredential(
  178. PSPCredentialGroup pCred);
  180. void
  181. SPCachePurgeProcessId(
  182. ULONG ProcessId);
  184. NTSTATUS
  185. SPCachePurgeEntries(
  186. LUID *LoginId,
  187. ULONG ProcessID,
  188. LPWSTR pwszTargetName,
  189. DWORD Flags);
  191. NTSTATUS
  192. SPCacheGetInfo(
  193. LUID * LogonId,
  194. LPWSTR pszTargetName,
  195. DWORD dwFlags,
  196. PSSL_SESSION_CACHE_INFO_RESPONSE pCacheInfo);
  198. NTSTATUS
  199. SPCacheGetPerfmonInfo(
  200. DWORD dwFlags,
  201. PSSL_PERFMON_INFO_RESPONSE pPerfmonInfo);
  203. /* Retrieve item from cache by SessionID.
  204. * Auto-Reference the item if successful */
  205. BOOL SPCacheRetrieveBySession(
  206. struct _SPContext * pContext,
  207. PBYTE pbSessionID,
  208. DWORD cbSessionID,
  209. PSessCacheItem *ppRetItem);
  211. /* Retrieve item from cache by ID.
  212. * Auto-Reference the item if successful */
  213. BOOL
  214. SPCacheRetrieveByName(
  215. LPWSTR pwszName,
  216. PSPCredentialGroup pCredGroup,
  217. PSessCacheItem *ppRetItem);
  219. /* find an empty cache item for use by a context */
  220. BOOL
  221. SPCacheRetrieveNew(
  222. BOOL fServer,
  223. LPWSTR pszTargetName,
  224. PSessCacheItem * ppRetItem);
  226. /* Locks a recently retrieved item into the cache */
  227. BOOL
  228. SPCacheAdd(
  229. struct _SPContext * pContext);
  231. void
  232. SPCacheAssignNewServerCredential(
  233. PSessCacheItem pItem,
  234. PSPCredentialGroup pCred);
  236. /* Helper for REDO sessions */
  237. BOOL
  238. SPCacheClone(PSessCacheItem *ppRetItem);
  240. NTSTATUS
  241. SetCacheAppData(
  242. PSessCacheItem pItem,
  243. PBYTE pbAppData,
  244. DWORD cbAppData);
  246. NTSTATUS
  247. GetCacheAppData(
  248. PSessCacheItem pItem,
  249. PBYTE *ppbAppData,
  250. DWORD *pcbAppData);