archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetcore/winhttp/v5.1/api/creds.cxx

469 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1994-2000 Microsoft Corporation
  5. Module Name:
  7. Creds.cxx
  9. Abstract:
  11. Contains the Creds APIs
  13. Contents:
  14. WinHttpSetCredentialsA
  15. WinHttpSetCredentials
  16. WinHttpQueryAuthSchemes
  18. Author:
  20. Biao Wang (biaow) 27-June-2000
  22. Environment:
  24. Win32 user-mode DLL
  26. Revision History:
  28. 27-June-2000 biaow
  29. Created
  31. --*/
  33. #include <wininetp.h>
  35. /*
  36. BOOLAPI WinHttpQueryAuthParams(
  37. IN HINTERNET hRequest, // HINTERNET handle returned by WinHttpOpenRequest
  38. IN DWORD AuthScheme,
  39. OUT LPVOID* pAuthParams // Scheme-specific Advanced auth parameters
  40. )
  41. {
  42. //BUG-BUG Verify parameters
  44. // biaow: to implement this fully
  45. *pAuthParams = 0;
  47. return TRUE;
  48. }
  49. */
  51. BOOLAPI WinHttpQueryAuthSchemes(
  53. IN HINTERNET hRequest, // HINTERNET handle returned by HttpOpenRequest.
  54. OUT LPDWORD lpdwSupportedSchemes,// a bitmap of available Authentication Schemes
  55. OUT LPDWORD lpdwPreferredScheme, // WinHttp's preferred Authentication Method
  56. OUT LPDWORD pdwAuthTarget
  57. )
  58. {
  59. DEBUG_ENTER_API((DBG_API,
  60. Bool,
  61. "WinHttpQueryAuthSchemes",
  62. "%#x, %#x, %#x",
  63. hRequest,
  64. lpdwSupportedSchemes,
  65. lpdwPreferredScheme
  66. ));
  68. DWORD dwErr = ERROR_SUCCESS;
  69. HINTERNET hRequestMapped = NULL;
  70. BOOL fResult = FALSE;
  71. HINTERNET_HANDLE_TYPE HandleType;
  73. dwErr = ::MapHandleToAddress(hRequest, (LPVOID *)&hRequestMapped, FALSE);
  75. if ((dwErr != ERROR_SUCCESS) || (hRequestMapped == NULL))
  76. {
  77. dwErr = ERROR_INVALID_HANDLE;
  78. goto cleanup;
  79. }
  81. HTTP_REQUEST_HANDLE_OBJECT * pRequest;
  83. if ((::RGetHandleType(hRequestMapped, &HandleType) != ERROR_SUCCESS)
  84. || (HandleType != TypeHttpRequestHandle))
  85. {
  86. dwErr = ERROR_INVALID_HANDLE;
  87. goto cleanup;
  88. }
  90. pRequest = (HTTP_REQUEST_HANDLE_OBJECT *)hRequestMapped;
  92. if (::IsBadWritePtr(lpdwSupportedSchemes, sizeof(DWORD))
  93. || ::IsBadWritePtr(lpdwPreferredScheme, sizeof(DWORD))
  94. || ::IsBadWritePtr(pdwAuthTarget, sizeof(DWORD)))
  95. {
  96. dwErr = ERROR_INVALID_PARAMETER;
  97. goto cleanup;
  98. }
  100. if (!pRequest->_KnowSupportedSchemes)
  101. {
  102. dwErr = ERROR_INVALID_OPERATION;
  103. goto cleanup;
  104. }
  106. *lpdwSupportedSchemes = pRequest->_SupportedSchemes;
  107. *lpdwPreferredScheme = pRequest->_PreferredScheme;
  108. *pdwAuthTarget = pRequest->_AuthTarget;
  110. fResult = TRUE;
  112. DEBUG_PRINT(API,
  113. INFO,
  114. ("Supported Scheme = %x; Preferred Scheme = %x; Auth Target = %x\n",
  115. *lpdwSupportedSchemes,
  116. *lpdwPreferredScheme,
  117. *pdwAuthTarget
  118. ));
  120. cleanup:
  122. if (hRequestMapped)
  123. {
  124. DereferenceObject(hRequestMapped);
  125. }
  127. if (dwErr!= ERROR_SUCCESS)
  128. {
  129. ::SetLastError(dwErr);
  130. DEBUG_ERROR(HTTP, dwErr);
  131. }
  133. DEBUG_LEAVE_API(fResult);
  134. return fResult;
  135. }
  137. BOOL WinHttpSetCredentialsA (
  139. IN HINTERNET hRequest, // HINTERNET handle returned by HttpOpenRequest.
  142. IN DWORD AuthTargets, // Only WINHTTP_AUTH_TARGET_SERVER and
  143. // WINHTTP_AUTH_TARGET_PROXY are supported
  144. // in this version and they are mutually
  145. // exclusive
  147. IN DWORD AuthScheme, // must be one of the supported Auth Schemes
  148. // returned from HttpQueryAuthSchemes(), Apps
  149. // should use the Preferred Scheme returned
  151. IN LPCSTR pszUserName, // 1) NULL if default creds is to be used, in
  152. // which case pszPassword will be ignored
  154. IN LPCSTR pszPassword, // 1) "" == Blank Passowrd; 2)Parameter ignored
  155. // if pszUserName is NULL; 3) Invalid to pass in
  156. // NULL if pszUserName is not NULL
  157. IN LPVOID pAuthParams
  159. )
  160. {
  161. DEBUG_ENTER_API((DBG_API,
  162. Bool,
  163. "WinHttpSetCredentialsA",
  164. "%#x, %#x, %#x, %q, %q, %q",
  165. hRequest,
  166. AuthTargets,
  167. AuthScheme,
  168. pAuthParams,
  169. pszUserName ? "<username>" : "NULL",
  170. pszPassword ? "<password>" : "NULL"
  171. ));
  173. // Note: we assume WinHttp will explose an Unicode only API, so this function
  174. // will not be called directly by Apps. If this assumption is no longer true
  175. // in future revisions, we need to add more elaborate parameter validation here.
  177. DWORD dwErr = ERROR_SUCCESS;
  178. BOOL fResult = FALSE;
  179. HINTERNET hRequestMapped = NULL;
  180. HTTP_REQUEST_HANDLE_OBJECT* pRequest;
  181. HINTERNET_HANDLE_TYPE HandleType;
  182. PCSTR pszRealm = NULL;
  184. // validate API symantics
  186. if (pszUserName != NULL)
  187. {
  188. // in any case, it doesn't make sense (and therefore invalid) to pass
  189. // in a blank("") User Name
  190. if (pszUserName[0] == '\0')
  191. {
  192. dwErr = ERROR_INVALID_PARAMETER;
  193. goto cleanup;
  194. }
  195. else if (pszPassword == NULL)
  196. {
  197. // in any case, if an app passes in a UserName, it is invalid to
  198. // then pass in a NULL password (should use "" for blank passowrd)
  199. dwErr = ERROR_INVALID_PARAMETER;
  200. goto cleanup;
  201. }
  202. }
  204. switch (AuthScheme)
  205. {
  206. case WINHTTP_AUTH_SCHEME_BASIC:
  207. case WINHTTP_AUTH_SCHEME_NTLM:
  208. case WINHTTP_AUTH_SCHEME_PASSPORT:
  209. case WINHTTP_AUTH_SCHEME_DIGEST:
  210. case WINHTTP_AUTH_SCHEME_NEGOTIATE:
  211. break;
  212. default:
  213. dwErr = ERROR_INVALID_PARAMETER;
  214. goto cleanup;
  215. }
  217. // if an app picks BASIC auth, it must also supply an UserName and password
  218. if ((AuthScheme == WINHTTP_AUTH_SCHEME_BASIC) && (pszUserName == NULL))
  219. {
  220. dwErr = ERROR_INVALID_PARAMETER;
  221. goto cleanup;
  222. }
  224. // default credentials (UserName/Password == NULL/NULL) are allowed only for
  225. // NTLM/NEGOTIATE/PASSPORT auth
  226. if (pszUserName == NULL)
  227. {
  228. if ((AuthScheme != WINHTTP_AUTH_SCHEME_NTLM)
  229. && (AuthScheme != WINHTTP_AUTH_SCHEME_NEGOTIATE)
  230. && (AuthScheme != WINHTTP_AUTH_SCHEME_PASSPORT))
  231. {
  232. dwErr = ERROR_INVALID_PARAMETER;
  233. goto cleanup;
  234. }
  235. }
  237. dwErr = ::MapHandleToAddress(hRequest, (LPVOID *)&hRequestMapped, FALSE);
  239. if ((dwErr != ERROR_SUCCESS) || (hRequestMapped == NULL)) {
  241. dwErr = ERROR_INVALID_HANDLE;
  242. goto cleanup;
  243. }
  245. if ((::RGetHandleType(hRequestMapped, &HandleType) != ERROR_SUCCESS)
  246. || (HandleType != TypeHttpRequestHandle))
  247. {
  248. dwErr = ERROR_INVALID_HANDLE;
  249. goto cleanup;
  250. }
  252. pRequest =
  253. reinterpret_cast<HTTP_REQUEST_HANDLE_OBJECT*>(hRequestMapped);
  255. if (AuthScheme == WINHTTP_AUTH_SCHEME_DIGEST)
  256. {
  257. if (pAuthParams)
  258. {
  259. pszRealm = (PCSTR)pAuthParams;
  260. }
  261. else
  262. {
  263. pszRealm = pRequest->_pszRealm;
  264. }
  265. }
  267. if (AuthTargets == WINHTTP_AUTH_TARGET_PROXY)
  268. {
  269. delete pRequest->_pProxyCreds;
  270. pRequest->_pProxyCreds = New WINHTTP_REQUEST_CREDENTIALS();
  272. if (pRequest->_pProxyCreds == NULL
  273. || !pRequest->_pProxyCreds->Initialize(AuthScheme, pszRealm, pszUserName, pszPassword))
  274. {
  275. if (pRequest->_pProxyCreds != NULL)
  276. {
  277. delete pRequest->_pProxyCreds;
  278. pRequest->_pProxyCreds = NULL;
  279. }
  281. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  282. goto cleanup;
  283. }
  284. }
  285. else
  286. {
  287. delete pRequest->_pServerCreds;
  288. pRequest->_pServerCreds = New WINHTTP_REQUEST_CREDENTIALS();
  290. if (pRequest->_pServerCreds == NULL
  291. || !pRequest->_pServerCreds->Initialize(AuthScheme, pszRealm, pszUserName, pszPassword))
  292. {
  293. if (pRequest->_pServerCreds != NULL)
  294. {
  295. delete pRequest->_pServerCreds;
  296. pRequest->_pServerCreds = NULL;
  297. }
  299. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  300. goto cleanup;
  301. }
  302. }
  304. pRequest->_KnowSupportedSchemes = FALSE;
  305. pRequest->_PreferredScheme = 0x00000000;
  306. pRequest->_SupportedSchemes = 0x00000000;
  307. pRequest->_AuthTarget = 0x00000000;
  308. if (pRequest->_pszRealm)
  309. {
  310. FREE_MEMORY(pRequest->_pszRealm);
  311. pRequest->_pszRealm = NULL;
  312. }
  314. fResult = TRUE;
  316. cleanup:
  318. if (hRequestMapped)
  319. {
  320. DereferenceObject(hRequestMapped);
  321. }
  323. if (dwErr!=ERROR_SUCCESS)
  324. {
  325. ::SetLastError(dwErr);
  326. DEBUG_ERROR(HTTP, dwErr);
  327. }
  329. DEBUG_LEAVE_API(fResult);
  330. return fResult;
  331. }
  333. BOOLAPI
  334. WinHttpSetCredentials(
  336. IN HINTERNET hRequest, // HINTERNET handle returned by HttpOpenRequest.
  339. IN DWORD AuthTargets, // Only WINHTTP_AUTH_TARGET_SERVER and
  340. // WINHTTP_AUTH_TARGET_PROXY are supported
  341. // in this version and they are mutually
  342. // exclusive
  344. IN DWORD AuthScheme, // must be one of the supported Auth Schemes
  345. // returned from HttpQueryAuthSchemes(), Apps
  346. // should use the Preferred Scheme returned
  348. IN LPCWSTR pwszUserName, // 1) NULL if default creds is to be used, in
  349. // which case pszPassword will be ignored
  351. IN LPCWSTR pwszPassword, // 1) "" == Blank Passowrd; 2)Parameter ignored
  352. // if pszUserName is NULL; 3) Invalid to pass in
  353. // NULL if pszUserName is not NULL
  354. IN LPVOID pAuthParams
  356. )
  357. {
  358. DEBUG_ENTER_API((DBG_API,
  359. Bool,
  360. "WinHttpSetCredentials",
  361. "%#x, %#x, %#x, %wq, %wq, %wq",
  362. hRequest,
  363. AuthTargets,
  364. AuthScheme,
  365. pAuthParams,
  366. pwszUserName ? L"<username>" : L"NULL",
  367. pwszPassword ? L"<password>" : L"NULL"
  368. ));
  370. DWORD dwErr = ERROR_SUCCESS;
  371. BOOL fResult = FALSE;
  372. LPCWSTR pwszRealm = NULL;
  373. MEMORYPACKET mpRealm, mpUserName, mpPassword;
  375. if (!hRequest)
  376. {
  377. dwErr = ERROR_INVALID_HANDLE;
  378. goto cleanup;
  379. }
  381. // make sure only one bit in AuthScheme is set
  382. if ((AuthScheme & (AuthScheme - 1)) != 0x00000000)
  383. {
  384. dwErr = ERROR_INVALID_PARAMETER;
  385. goto cleanup;
  386. }
  388. // make sure the input strings are valid
  389. if (pwszUserName
  390. && ::IsBadStringPtrW(pwszUserName, (UINT_PTR)-1))
  391. {
  392. dwErr = ERROR_INVALID_PARAMETER;
  393. goto cleanup;
  394. }
  395. if (pwszPassword
  396. && ::IsBadStringPtrW(pwszPassword, (UINT_PTR)-1))
  397. {
  398. dwErr = ERROR_INVALID_PARAMETER;
  399. goto cleanup;
  400. }
  402. if ((AuthScheme == WINHTTP_AUTH_SCHEME_DIGEST) && pAuthParams)
  403. {
  404. pwszRealm = (LPCWSTR)pAuthParams;
  405. }
  406. if (pwszRealm
  407. && ::IsBadStringPtrW(pwszRealm, (UINT_PTR)-1))
  408. {
  409. dwErr = ERROR_INVALID_PARAMETER;
  410. goto cleanup;
  411. }
  413. // make sure AuthTargets are either Server or Proxy (not both)
  414. if ((AuthTargets != WINHTTP_AUTH_TARGET_SERVER)
  415. && (AuthTargets != WINHTTP_AUTH_TARGET_PROXY))
  416. {
  417. dwErr = ERROR_INVALID_PARAMETER;
  418. goto cleanup;
  419. }
  421. // convert Unicode strings to Ansi
  423. if (pwszUserName)
  424. {
  425. ALLOC_MB(pwszUserName, 0, mpUserName);
  426. if (!mpUserName.psStr)
  427. {
  428. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  429. goto cleanup;
  430. }
  431. UNICODE_TO_ANSI(pwszUserName, mpUserName);
  432. }
  433. if (pwszPassword)
  434. {
  435. ALLOC_MB(pwszPassword, 0, mpPassword);
  436. if (!mpPassword.psStr)
  437. {
  438. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  439. goto cleanup;
  440. }
  441. UNICODE_TO_ANSI(pwszPassword, mpPassword);
  442. }
  443. if (pwszRealm)
  444. {
  445. ALLOC_MB(pwszRealm, 0, mpRealm);
  446. if (!mpRealm.psStr)
  447. {
  448. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  449. goto cleanup;
  450. }
  451. UNICODE_TO_ANSI(pwszRealm, mpRealm);
  452. }
  454. fResult = ::WinHttpSetCredentialsA(hRequest, AuthTargets,
  455. AuthScheme, mpUserName.psStr, mpPassword.psStr, mpRealm.psStr);
  457. cleanup:
  458. ZERO_MEMORY_ALLOC(mpUserName);
  459. ZERO_MEMORY_ALLOC(mpPassword);
  461. if (dwErr!=ERROR_SUCCESS)
  462. {
  463. ::SetLastError(dwErr);
  464. DEBUG_ERROR(HTTP, dwErr);
  465. }
  467. DEBUG_LEAVE_API(fResult);
  468. return fResult;
  469. }