archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetcore/winhttp/v5/auth/basic.cxx

165 lines
5.0 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include <wininetp.h>
  2. #include <splugin.hxx>
  3. #include "htuu.h"
  5. /*---------------------------------------------------------------------------
  6. BASIC_CTX
  7. ---------------------------------------------------------------------------*/
  10. /*---------------------------------------------------------------------------
  11. Constructor
  12. ---------------------------------------------------------------------------*/
  13. BASIC_CTX::BASIC_CTX(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy,
  14. SPMData* pSPM, AUTH_CREDS* pCreds)
  15. : AUTHCTX(pSPM, pCreds)
  16. {
  17. _fIsProxy = fIsProxy;
  18. _pRequest = pRequest;
  19. }
  22. /*---------------------------------------------------------------------------
  23. Destructor
  24. ---------------------------------------------------------------------------*/
  25. BASIC_CTX::~BASIC_CTX()
  26. {}
  29. /*---------------------------------------------------------------------------
  30. PreAuthUser
  31. ---------------------------------------------------------------------------*/
  32. DWORD BASIC_CTX::PreAuthUser(IN LPSTR pBuf, IN OUT LPDWORD pcbBuf)
  33. {
  34. if (!_pCreds->lpszUser || !_pCreds->lpszPass)
  35. return ERROR_INVALID_PARAMETER;
  37. // Prefix the header value with the auth type.
  38. const static BYTE szBasic[] = "Basic ";
  40. #define BASIC_LEN sizeof(szBasic)-1
  42. memcpy (pBuf, szBasic, BASIC_LEN);
  43. pBuf += BASIC_LEN;
  45. DWORD cbUserLen = _pCreds->lpszUser ? strlen(_pCreds->lpszUser) : 0;
  46. DWORD cbPassLen = _pCreds->lpszPass ? strlen(_pCreds->lpszPass) : 0;
  48. // Generate rest of header value by uuencoding user:pass.
  49. DWORD cbMaxUserPathLen = cbUserLen + 1 + cbPassLen + 1
  50. + 2; // HTUU_encode() parse the buffer 3 bytes at a time;
  51. // In the worst case we will be two bytes short, so add 2 here.
  52. // longer buffer doesn't matter, HTUU_encode will adjust appropreiately.
  54. LPSTR pszUserPass = New CHAR[cbMaxUserPathLen];
  55. if (pszUserPass)
  56. {
  57. DWORD cbUserPass;
  59. cbUserPass = wsprintf(pszUserPass, "%s:%s", _pCreds->lpszUser, _pCreds->lpszPass);
  61. INET_ASSERT (cbUserPass < cbMaxUserPathLen);
  63. HTUU_encode ((PBYTE) pszUserPass, cbUserPass,
  64. pBuf, *pcbBuf);
  66. delete [] pszUserPass;
  68. *pcbBuf = BASIC_LEN + lstrlen (pBuf);
  70. _pvContext = (LPVOID) 1;
  71. return ERROR_SUCCESS;
  72. }
  73. else
  74. {
  75. return ERROR_NOT_ENOUGH_MEMORY;
  76. }
  77. }
  79. /*---------------------------------------------------------------------------
  80. UpdateFromHeaders
  81. ---------------------------------------------------------------------------*/
  82. DWORD BASIC_CTX::UpdateFromHeaders(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy)
  83. {
  84. DWORD dwAuthIdx, cbRealm, dwError;
  85. LPSTR szRealm = NULL;
  87. // Get the associated header.
  88. if ((dwError = FindHdrIdxFromScheme(&dwAuthIdx)) != ERROR_SUCCESS)
  89. goto exit;
  91. // Get any realm.
  92. dwError = GetAuthHeaderData(pRequest, fIsProxy, "Realm",
  93. &szRealm, &cbRealm, ALLOCATE_BUFFER, dwAuthIdx);
  95. // No realm is OK.
  96. if (dwError != ERROR_SUCCESS)
  97. szRealm = NULL;
  99. // If we already have a Creds, ensure that the realm matches. If not,
  100. // find or create a new one and set it in the auth context.
  101. if (_pCreds)
  102. {
  103. INET_ASSERT(_pCreds->lpszRealm);
  104. if (/*_pCreds->lpszRealm && */szRealm && lstrcmp(_pCreds->lpszRealm, szRealm))
  105. {
  106. // Realms don't match - create a new Creds entry, release the old.
  107. delete _pCreds;
  108. _pCreds = CreateCreds(pRequest, fIsProxy, _pSPMData, szRealm);
  109. INET_ASSERT(_pCreds->pSPM == _pSPMData);
  110. }
  111. }
  112. // If no password cache is set in the auth context,
  113. // find or create one and set it in the auth context.
  114. else
  115. {
  116. // Find or create a password cache entry.
  117. _pCreds = CreateCreds(pRequest, fIsProxy, _pSPMData, szRealm);
  118. if (!_pCreds)
  119. {
  120. dwError = ERROR_WINHTTP_INTERNAL_ERROR;
  121. goto exit;
  122. }
  123. INET_ASSERT(_pCreds->pSPM == _pSPMData);
  124. // _pCreds->nLockCount++;
  125. }
  127. if (!_pCreds)
  128. {
  129. INET_ASSERT(FALSE);
  130. dwError = ERROR_WINHTTP_INTERNAL_ERROR;
  131. goto exit;
  132. }
  134. dwError = ERROR_SUCCESS;
  136. exit:
  138. if (szRealm)
  139. delete []szRealm;
  141. return dwError;
  142. }
  145. /*---------------------------------------------------------------------------
  146. PostAuthUser
  147. ---------------------------------------------------------------------------*/
  148. DWORD BASIC_CTX::PostAuthUser()
  149. {
  150. DWORD dwRet;
  152. if (! _pvContext && !_pRequest->GetCreds()
  153. && _pCreds->lpszUser && _pCreds->lpszPass)
  154. dwRet = ERROR_WINHTTP_FORCE_RETRY;
  155. else
  156. dwRet = ERROR_WINHTTP_INCORRECT_PASSWORD;
  158. _pRequest->SetCreds(NULL);
  159. _pvContext = (LPVOID) 1;
  160. return dwRet;
  161. }