archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetcore/winhttp/v5/api/creds.cxx

438 lines
12 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1994-2000 Microsoft Corporation
  5. Module Name:
  7. Creds.cxx
  9. Abstract:
  11. Contains the Creds APIs
  13. Contents:
  14. WinHttpSetCredentialsA
  15. WinHttpSetCredentials
  16. WinHttpQueryAuthSchemes
  18. Author:
  20. Biao Wang (biaow) 27-June-2000
  22. Environment:
  24. Win32 user-mode DLL
  26. Revision History:
  28. 27-June-2000 biaow
  29. Created
  31. --*/
  33. #include <wininetp.h>
  35. /*
  36. BOOLAPI WinHttpQueryAuthParams(
  37. IN HINTERNET hRequest, // HINTERNET handle returned by WinHttpOpenRequest
  38. IN DWORD AuthScheme,
  39. OUT LPVOID* pAuthParams // Scheme-specific Advanced auth parameters
  40. )
  41. {
  42. //BUG-BUG Verify parameters
  44. // biaow: to implement this fully
  45. *pAuthParams = 0;
  47. return TRUE;
  48. }
  49. */
  51. BOOLAPI WinHttpQueryAuthSchemes(
  53. IN HINTERNET hRequest, // HINTERNET handle returned by HttpOpenRequest.
  54. OUT LPDWORD lpdwSupportedSchemes,// a bitmap of available Authentication Schemes
  55. OUT LPDWORD lpdwPreferredScheme, // WinHttp's preferred Authentication Method
  56. OUT LPDWORD pdwAuthTarget
  57. )
  58. {
  59. DEBUG_ENTER_API((DBG_API,
  60. Bool,
  61. "WinHttpQueryAuthSchemes",
  62. "%#x, %#x, %#x",
  63. hRequest,
  64. lpdwSupportedSchemes,
  65. lpdwPreferredScheme
  66. ));
  68. DWORD dwErr = ERROR_SUCCESS;
  69. HINTERNET hRequestMapped = NULL;
  70. BOOL fResult = FALSE;
  71. HINTERNET_HANDLE_TYPE HandleType;
  73. dwErr = ::MapHandleToAddress(hRequest, (LPVOID *)&hRequestMapped, FALSE);
  75. if ((dwErr != ERROR_SUCCESS) || (hRequestMapped == NULL))
  76. {
  77. dwErr = ERROR_INVALID_HANDLE;
  78. goto cleanup;
  79. }
  81. HTTP_REQUEST_HANDLE_OBJECT * pRequest;
  83. if ((::RGetHandleType(hRequestMapped, &HandleType) != ERROR_SUCCESS)
  84. || (HandleType != TypeHttpRequestHandle))
  85. {
  86. dwErr = ERROR_INVALID_HANDLE;
  87. goto cleanup;
  88. }
  90. pRequest = (HTTP_REQUEST_HANDLE_OBJECT *)hRequestMapped;
  92. if (::IsBadWritePtr(lpdwSupportedSchemes, sizeof(DWORD))
  93. || ::IsBadWritePtr(lpdwPreferredScheme, sizeof(DWORD))
  94. || ::IsBadWritePtr(pdwAuthTarget, sizeof(DWORD)))
  95. {
  96. dwErr = ERROR_INVALID_PARAMETER;
  97. goto cleanup;
  98. }
  100. if ((!pRequest->_SupportedSchemes) || (!pRequest->_PreferredScheme))
  101. {
  102. dwErr = ERROR_INVALID_OPERATION;
  103. goto cleanup;
  104. }
  106. *lpdwSupportedSchemes = pRequest->_SupportedSchemes;
  107. *lpdwPreferredScheme = pRequest->_PreferredScheme;
  108. *pdwAuthTarget = pRequest->_AuthTarget;
  110. fResult = TRUE;
  112. cleanup:
  114. if (hRequestMapped)
  115. {
  116. DereferenceObject(hRequestMapped);
  117. }
  119. if (dwErr!= ERROR_SUCCESS)
  120. {
  121. ::SetLastError(dwErr);
  122. DEBUG_ERROR(HTTP, dwErr);
  123. }
  125. DEBUG_LEAVE_API(fResult);
  126. return fResult;
  127. }
  129. BOOL WinHttpSetCredentialsA (
  131. IN HINTERNET hRequest, // HINTERNET handle returned by HttpOpenRequest.
  134. IN DWORD AuthTargets, // Only WINHTTP_AUTH_TARGET_SERVER and
  135. // WINHTTP_AUTH_TARGET_PROXY are supported
  136. // in this version and they are mutually
  137. // exclusive
  139. IN DWORD AuthScheme, // must be one of the supported Auth Schemes
  140. // returned from HttpQueryAuthSchemes(), Apps
  141. // should use the Preferred Scheme returned
  143. IN LPCSTR pszUserName, // 1) NULL if default creds is to be used, in
  144. // which case pszPassword will be ignored
  146. IN LPCSTR pszPassword, // 1) "" == Blank Passowrd; 2)Parameter ignored
  147. // if pszUserName is NULL; 3) Invalid to pass in
  148. // NULL if pszUserName is not NULL
  149. IN LPVOID pAuthParams
  151. )
  152. {
  153. DEBUG_ENTER_API((DBG_API,
  154. Bool,
  155. "WinHttpSetCredentialsA",
  156. "%#x, %#x, %#x, %q, %q, %q",
  157. hRequest,
  158. AuthTargets,
  159. AuthScheme,
  160. pAuthParams,
  161. pszUserName,
  162. pszPassword
  163. ));
  165. // Note: we assume WinHttp will explose an Unicode only API, so this function
  166. // will not be called directly by Apps. If this assumption is no longer true
  167. // in future revisions, we need to add more elaborate parameter validation here.
  169. DWORD dwErr = ERROR_SUCCESS;
  170. BOOL fResult = FALSE;
  171. HINTERNET hRequestMapped = NULL;
  172. HTTP_REQUEST_HANDLE_OBJECT* pRequest;
  173. HINTERNET_HANDLE_TYPE HandleType;
  174. PSTR pszRealm = NULL;
  176. // validate API symantics
  178. if (pszUserName != NULL)
  179. {
  180. // in any case, it doesn't make sense (and therefore invalid) to pass
  181. // in a blank("") User Name
  182. if (::strlen(pszUserName) == 0)
  183. {
  184. dwErr = ERROR_INVALID_PARAMETER;
  185. goto cleanup;
  186. }
  187. else if (pszPassword == NULL)
  188. {
  189. // in any case, if an app passes in a UserName, it is invalid to
  190. // then pass in a NULL password (should use "" for blank passowrd)
  191. dwErr = ERROR_INVALID_PARAMETER;
  192. goto cleanup;
  193. }
  194. }
  195. // biaow: is blank scheme OK?
  197. // if an app picks BASIC auth, it must also supply an UserName and password
  198. if ((AuthScheme == WINHTTP_AUTH_SCHEME_BASIC) && (pszUserName == NULL))
  199. {
  200. dwErr = ERROR_INVALID_PARAMETER;
  201. goto cleanup;
  202. }
  204. // default credentials (UserName/Password == NULL/NULL) are allowed only for
  205. // NTLM/NEGOTIATE/PASSPORT auth
  206. if (pszUserName == NULL)
  207. {
  208. if ((AuthScheme != WINHTTP_AUTH_SCHEME_NTLM)
  209. && (AuthScheme != WINHTTP_AUTH_SCHEME_NEGOTIATE)
  210. && (AuthScheme != WINHTTP_AUTH_SCHEME_PASSPORT))
  211. {
  212. dwErr = ERROR_INVALID_PARAMETER;
  213. goto cleanup;
  214. }
  215. }
  217. dwErr = ::MapHandleToAddress(hRequest, (LPVOID *)&hRequestMapped, FALSE);
  219. if ((dwErr != ERROR_SUCCESS) || (hRequestMapped == NULL)) {
  221. dwErr = ERROR_INVALID_HANDLE;
  222. goto cleanup;
  223. }
  225. if ((::RGetHandleType(hRequestMapped, &HandleType) != ERROR_SUCCESS)
  226. || (HandleType != TypeHttpRequestHandle))
  227. {
  228. dwErr = ERROR_INVALID_HANDLE;
  229. goto cleanup;
  230. }
  232. pRequest =
  233. reinterpret_cast<HTTP_REQUEST_HANDLE_OBJECT*>(hRequestMapped);
  235. if (AuthScheme == WINHTTP_AUTH_SCHEME_DIGEST)
  236. {
  237. if (pAuthParams)
  238. {
  239. pszRealm = NewString((PCSTR)pAuthParams);
  240. }
  241. else
  242. {
  243. pszRealm = pRequest->_pszRealm;
  244. }
  246. if (pszRealm == NULL)
  247. {
  248. dwErr = ERROR_INVALID_PARAMETER;
  249. goto cleanup;
  250. }
  251. }
  253. if (AuthTargets == WINHTTP_AUTH_TARGET_PROXY)
  254. {
  255. delete pRequest->_pProxyCreds;
  256. pRequest->_pProxyCreds = New WINHTTP_REQUEST_CREDENTIALS(AuthScheme,
  257. pszRealm, pszUserName, pszPassword);
  258. if (pRequest->_pProxyCreds == NULL)
  259. {
  260. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  261. goto cleanup;
  262. }
  263. }
  264. else
  265. {
  266. delete pRequest->_pServerCreds;
  267. pRequest->_pServerCreds = New WINHTTP_REQUEST_CREDENTIALS(AuthScheme,
  268. pszRealm, pszUserName, pszPassword);
  269. if (pRequest->_pServerCreds == NULL)
  270. {
  271. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  272. goto cleanup;
  273. }
  274. }
  276. pRequest->_PreferredScheme = 0x00000000;
  277. pRequest->_SupportedSchemes = 0x00000000;
  278. pRequest->_AuthTarget = 0x00000000;
  279. if (pRequest->_pszRealm)
  280. {
  281. FREE_MEMORY(pRequest->_pszRealm);
  282. pRequest->_pszRealm = NULL;
  283. }
  285. fResult = TRUE;
  287. cleanup:
  289. if (hRequestMapped)
  290. {
  291. DereferenceObject(hRequestMapped);
  292. }
  294. if (dwErr!=ERROR_SUCCESS)
  295. {
  296. ::SetLastError(dwErr);
  297. DEBUG_ERROR(HTTP, dwErr);
  298. }
  300. DEBUG_LEAVE_API(fResult);
  301. return fResult;
  302. }
  304. BOOLAPI
  305. WinHttpSetCredentials(
  307. IN HINTERNET hRequest, // HINTERNET handle returned by HttpOpenRequest.
  310. IN DWORD AuthTargets, // Only WINHTTP_AUTH_TARGET_SERVER and
  311. // WINHTTP_AUTH_TARGET_PROXY are supported
  312. // in this version and they are mutually
  313. // exclusive
  315. IN DWORD AuthScheme, // must be one of the supported Auth Schemes
  316. // returned from HttpQueryAuthSchemes(), Apps
  317. // should use the Preferred Scheme returned
  319. IN LPCWSTR pwszUserName, // 1) NULL if default creds is to be used, in
  320. // which case pszPassword will be ignored
  322. IN LPCWSTR pwszPassword, // 1) "" == Blank Passowrd; 2)Parameter ignored
  323. // if pszUserName is NULL; 3) Invalid to pass in
  324. // NULL if pszUserName is not NULL
  325. IN LPVOID pAuthParams
  327. )
  328. {
  329. DEBUG_ENTER_API((DBG_API,
  330. Bool,
  331. "WinHttpSetCredentials",
  332. "%#x, %#x, %#x, %wq, %wq, %wq",
  333. hRequest,
  334. AuthTargets,
  335. AuthScheme,
  336. pAuthParams,
  337. pwszUserName,
  338. pwszPassword
  339. ));
  341. DWORD dwErr = ERROR_SUCCESS;
  342. BOOL fResult = FALSE;
  343. LPCWSTR pwszRealm = NULL;
  344. MEMORYPACKET mpRealm, mpUserName, mpPassword;
  346. if (!hRequest)
  347. {
  348. dwErr = ERROR_INVALID_HANDLE;
  349. goto cleanup;
  350. }
  352. // make sure only one bit in AuthScheme is set
  353. if ((AuthScheme & (AuthScheme - 1)) != 0x00000000)
  354. {
  355. dwErr = ERROR_INVALID_PARAMETER;
  356. goto cleanup;
  357. }
  359. // make sure the input strings are valid
  360. if (pwszUserName
  361. && ::IsBadStringPtrW(pwszUserName, INTERNET_MAX_USER_NAME_LENGTH))
  362. {
  363. dwErr = ERROR_INVALID_PARAMETER;
  364. goto cleanup;
  365. }
  366. if (pwszPassword
  367. && ::IsBadStringPtrW(pwszPassword, INTERNET_MAX_PASSWORD_LENGTH))
  368. {
  369. dwErr = ERROR_INVALID_PARAMETER;
  370. goto cleanup;
  371. }
  373. if ((AuthScheme == WINHTTP_AUTH_SCHEME_DIGEST) && pAuthParams)
  374. {
  375. pwszRealm = (LPCWSTR)pAuthParams;
  376. }
  377. if (pwszRealm
  378. && ::IsBadStringPtrW(pwszRealm, INTERNET_MAX_REALM_LENGTH))
  379. {
  380. dwErr = ERROR_INVALID_PARAMETER;
  381. goto cleanup;
  382. }
  384. // make sure AuthTargets are either Server or Proxy (not both)
  385. if ((AuthTargets != WINHTTP_AUTH_TARGET_SERVER)
  386. && (AuthTargets != WINHTTP_AUTH_TARGET_PROXY))
  387. {
  388. dwErr = ERROR_INVALID_PARAMETER;
  389. goto cleanup;
  390. }
  392. // convert Unicode strings to Ansi
  394. if (pwszUserName)
  395. {
  396. ALLOC_MB(pwszUserName, 0, mpUserName);
  397. if (!mpUserName.psStr)
  398. {
  399. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  400. goto cleanup;
  401. }
  402. UNICODE_TO_ANSI(pwszUserName, mpUserName);
  403. }
  404. if (pwszPassword)
  405. {
  406. ALLOC_MB(pwszPassword, 0, mpPassword);
  407. if (!mpPassword.psStr)
  408. {
  409. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  410. goto cleanup;
  411. }
  412. UNICODE_TO_ANSI(pwszPassword, mpPassword);
  413. }
  414. if (pwszRealm)
  415. {
  416. ALLOC_MB(pwszRealm, 0, mpRealm);
  417. if (!mpRealm.psStr)
  418. {
  419. dwErr = ERROR_NOT_ENOUGH_MEMORY;
  420. goto cleanup;
  421. }
  422. UNICODE_TO_ANSI(pwszRealm, mpRealm);
  423. }
  425. fResult = ::WinHttpSetCredentialsA(hRequest, AuthTargets,
  426. AuthScheme, mpUserName.psStr, mpPassword.psStr, mpRealm.psStr);
  428. cleanup:
  430. if (dwErr!=ERROR_SUCCESS)
  431. {
  432. ::SetLastError(dwErr);
  433. DEBUG_ERROR(HTTP, dwErr);
  434. }
  436. DEBUG_LEAVE_API(fResult);
  437. return fResult;
  438. }