archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetcore/winhttp/v5.1/auth/basic.cxx

186 lines
5.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include <wininetp.h>
  2. #include <splugin.hxx>
  3. #include "htuu.h"
  5. /*---------------------------------------------------------------------------
  6. BASIC_CTX
  7. ---------------------------------------------------------------------------*/
  10. /*---------------------------------------------------------------------------
  11. Constructor
  12. ---------------------------------------------------------------------------*/
  13. BASIC_CTX::BASIC_CTX(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy,
  14. SPMData* pSPM, AUTH_CREDS* pCreds)
  15. : AUTHCTX(pSPM, pCreds)
  16. {
  17. _fIsProxy = fIsProxy;
  18. _pRequest = pRequest;
  19. }
  22. /*---------------------------------------------------------------------------
  23. Destructor
  24. ---------------------------------------------------------------------------*/
  25. BASIC_CTX::~BASIC_CTX()
  26. {}
  29. /*---------------------------------------------------------------------------
  30. PreAuthUser
  31. ---------------------------------------------------------------------------*/
  32. DWORD BASIC_CTX::PreAuthUser(IN LPSTR pBuf, IN OUT LPDWORD pcbBuf)
  33. {
  34. DWORD dwRetVal = ERROR_WINHTTP_INTERNAL_ERROR;
  35. LPSTR pszUserPass = NULL;
  36. DWORD cbUserPass;
  37. LPSTR lpszPass = NULL;
  39. if (!_pCreds->lpszUser || !(lpszPass = _pCreds->GetPass()))
  40. {
  41. dwRetVal = ERROR_INVALID_PARAMETER;
  42. goto done;
  43. }
  45. // Prefix the header value with the auth type.
  46. const static BYTE szBasic[] = "Basic ";
  47. const DWORD BASIC_LEN = sizeof(szBasic) - 1;
  49. if (*pcbBuf < BASIC_LEN)
  50. {
  51. dwRetVal = ERROR_INSUFFICIENT_BUFFER;
  52. goto done;
  53. }
  55. memcpy (pBuf, szBasic, BASIC_LEN);
  56. pBuf += BASIC_LEN;
  58. // Generate rest of header value by uuencoding user:pass.
  59. DWORD cbMaxUserPathLen = strlen(_pCreds->lpszUser) + 1
  60. + strlen(lpszPass) + 1
  61. + 10;
  62. // HTUU_encode() parse the buffer 3 bytes at a time;
  63. // In the worst case we will be two bytes short, so add at least 2 here.
  64. // longer buffer doesn't matter, HTUU_encode will adjust appropreiately.
  66. pszUserPass = New CHAR[cbMaxUserPathLen];
  68. if (pszUserPass == NULL)
  69. {
  70. dwRetVal = ERROR_NOT_ENOUGH_MEMORY;
  71. goto done;
  72. }
  74. cbUserPass = wsprintf(pszUserPass, "%s:%s", _pCreds->lpszUser, lpszPass);
  76. INET_ASSERT (cbUserPass < cbMaxUserPathLen);
  78. if( -1 == HTUU_encode ((PBYTE) pszUserPass, cbUserPass, pBuf, *pcbBuf - BASIC_LEN))
  79. goto done;
  81. *pcbBuf = BASIC_LEN + lstrlen (pBuf);
  83. _pvContext = (LPVOID) 1;
  85. dwRetVal = ERROR_SUCCESS;
  87. done:
  88. if (pszUserPass != NULL)
  89. delete [] pszUserPass;
  91. if (lpszPass)
  92. {
  93. SecureZeroMemory(lpszPass, strlen(lpszPass));
  94. FREE_MEMORY(lpszPass);
  95. }
  97. return dwRetVal;
  98. }
  100. /*---------------------------------------------------------------------------
  101. UpdateFromHeaders
  102. ---------------------------------------------------------------------------*/
  103. DWORD BASIC_CTX::UpdateFromHeaders(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy)
  104. {
  105. DWORD dwAuthIdx, cbRealm, dwError;
  106. LPSTR szRealm = NULL;
  108. // Get the associated header.
  109. if ((dwError = FindHdrIdxFromScheme(&dwAuthIdx)) != ERROR_SUCCESS)
  110. goto exit;
  112. // Get any realm.
  113. dwError = GetAuthHeaderData(pRequest, fIsProxy, "Realm",
  114. &szRealm, &cbRealm, ALLOCATE_BUFFER, dwAuthIdx);
  116. // No realm is OK.
  117. if (dwError != ERROR_SUCCESS)
  118. szRealm = NULL;
  120. // If we already have a Creds, ensure that the realm matches. If not,
  121. // find or create a new one and set it in the auth context.
  122. if (_pCreds)
  123. {
  124. INET_ASSERT(_pCreds->lpszRealm);
  125. if (/*_pCreds->lpszRealm && */szRealm && lstrcmp(_pCreds->lpszRealm, szRealm))
  126. {
  127. // Realms don't match - create a new Creds entry, release the old.
  128. delete _pCreds;
  129. _pCreds = CreateCreds(pRequest, fIsProxy, _pSPMData, szRealm);
  130. INET_ASSERT(_pCreds->pSPM == _pSPMData);
  131. }
  132. }
  133. // If no password cache is set in the auth context,
  134. // find or create one and set it in the auth context.
  135. else
  136. {
  137. // Find or create a password cache entry.
  138. _pCreds = CreateCreds(pRequest, fIsProxy, _pSPMData, szRealm);
  139. if (!_pCreds)
  140. {
  141. dwError = ERROR_WINHTTP_INTERNAL_ERROR;
  142. goto exit;
  143. }
  144. INET_ASSERT(_pCreds->pSPM == _pSPMData);
  145. // _pCreds->nLockCount++;
  146. }
  148. if (!_pCreds)
  149. {
  150. INET_ASSERT(FALSE);
  151. dwError = ERROR_WINHTTP_INTERNAL_ERROR;
  152. goto exit;
  153. }
  155. dwError = ERROR_SUCCESS;
  157. exit:
  159. if (szRealm)
  160. delete []szRealm;
  162. return dwError;
  163. }
  166. /*---------------------------------------------------------------------------
  167. PostAuthUser
  168. ---------------------------------------------------------------------------*/
  169. DWORD BASIC_CTX::PostAuthUser()
  170. {
  171. DWORD dwRet;
  173. if (! _pvContext && !_pRequest->GetCreds()
  174. && _pCreds->lpszUser && _pCreds->xszPass.GetPtr())
  175. dwRet = ERROR_WINHTTP_FORCE_RETRY;
  176. else
  177. dwRet = ERROR_WINHTTP_INCORRECT_PASSWORD;
  179. _pRequest->SetCreds(NULL);
  180. _pvContext = (LPVOID) 1;
  181. return dwRet;
  182. }