archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetsrv/iis/admin/movesite/auth.cpp

269 lines
6.8 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #define _WIN32_DCOM
  3. #include "util.h"
  4. #include <atlbase.h>
  5. #include <initguid.h>
  6. #include <comdef.h>
  8. #include <stdlib.h>
  9. #include <stdio.h>
  10. #include <wchar.h>
  12. #include <iiscnfg.h> // MD_ & IIS_MD_ #defines header file.
  14. #include "common.h" // log file routines
  15. #include "auth.h"
  18. COSERVERINFO * CreateServerInfoStruct(WCHAR* pwszServer, WCHAR* pwszUser, WCHAR* pwszDomain,
  19. WCHAR* pwszPassword, DWORD dwAuthnLevel, BOOL bUsesImpersonation )
  20. {
  22. COSERVERINFO * pcsiName = NULL;
  24. pcsiName = new COSERVERINFO;
  26. if (!pcsiName)
  27. {
  28. return NULL;
  29. }
  30. ZeroMemory(pcsiName, sizeof(COSERVERINFO));
  33. if( !bUsesImpersonation )
  34. {
  35. pcsiName->pwszName = pwszServer;
  36. return pcsiName;
  37. }
  40. // Build the COAUTHIDENTITY STRUCT
  41. COAUTHIDENTITY * pAuthIdentityData = new COAUTHIDENTITY;
  43. if (!pAuthIdentityData)
  44. {
  45. return NULL;
  46. }
  47. ZeroMemory(pAuthIdentityData, sizeof(COAUTHIDENTITY));
  49. if( pwszUser )
  50. {
  51. pAuthIdentityData->User = new WCHAR[32];
  52. wcscpy(pAuthIdentityData->User, pwszUser);
  53. pAuthIdentityData->UserLength = wcslen(pwszUser);
  55. if( pwszPassword )
  56. {
  57. pAuthIdentityData->Password = new WCHAR[32];
  58. wcscpy(pAuthIdentityData->Password, pwszPassword);
  59. pAuthIdentityData->PasswordLength = wcslen(pwszPassword);
  60. }
  62. if( pwszDomain )
  63. {
  64. pAuthIdentityData->Domain = new WCHAR[32];
  65. wcscpy(pAuthIdentityData->Domain, pwszDomain);
  66. pAuthIdentityData->DomainLength = wcslen(pwszDomain);
  67. }
  68. }
  70. pAuthIdentityData->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
  72. COAUTHINFO * pAuthInfo = new COAUTHINFO;
  74. if (!pAuthInfo)
  75. {
  76. return NULL;
  77. }
  79. ZeroMemory(pAuthInfo, sizeof(COAUTHINFO));
  81. pAuthInfo->dwAuthnSvc = RPC_C_AUTHN_WINNT ;
  82. pAuthInfo->dwAuthzSvc = RPC_C_AUTHZ_NONE;
  83. pAuthInfo->dwAuthnLevel = dwAuthnLevel;
  84. pAuthInfo->dwImpersonationLevel = RPC_C_IMP_LEVEL_IMPERSONATE;
  85. pAuthInfo->pAuthIdentityData = pAuthIdentityData;
  88. pcsiName->pAuthInfo = pAuthInfo;
  89. pcsiName->pwszName = pwszServer;
  91. return pcsiName;
  93. }
  96. // Validate that the user passed into the program has the rights to
  97. // connnect to the IMSAdminBaseObject on both machines.
  99. BOOL ValidateNode(COSERVERINFO * pCoServerInfo, WCHAR *pwszMBPath, WCHAR* KeyType )
  100. {
  101. HRESULT hRes;
  102. METADATA_HANDLE hKey;
  103. CComPtr <IMSAdminBase> pIMeta = 0L;
  104. MULTI_QI rgmqi[1] = { &IID_IMSAdminBase,0,0 };
  105. BOOL bReturn = false;
  107. if( !pCoServerInfo )
  108. return false;
  111. if( SUCCEEDED(hRes = CoCreateInstanceEx(CLSID_MSAdminBase,NULL,
  112. CLSCTX_ALL, pCoServerInfo,1, rgmqi) ) )
  113. pIMeta = reinterpret_cast<IMSAdminBase*>(rgmqi[0].pItf);
  114. else
  115. {
  116. fwprintf( stderr, L"error creating IMSAdminbase on machine: %s. HRESULT=%x\n",
  117. pCoServerInfo->pwszName, hRes);
  118. return false;
  119. }
  121. if( UsesImpersonation(pCoServerInfo) )
  122. {
  123. if (!SUCCEEDED(hRes = SetBlanket(pIMeta,pCoServerInfo->pAuthInfo->pAuthIdentityData->User,
  124. pCoServerInfo->pAuthInfo->pAuthIdentityData->Domain,
  125. pCoServerInfo->pAuthInfo->pAuthIdentityData->Password) ) )
  126. {
  127. fwprintf( stderr, L"error setting CoSetProxyBlanket on machine: %s for user: %s HRESULT=%x\n",
  128. pCoServerInfo->pwszName,pCoServerInfo->pAuthInfo->pAuthIdentityData->User, hRes);
  129. pIMeta = 0;
  130. return false;
  131. }
  132. }
  134. // Try to open a handle to the metabase to verify that the user can connect to the
  135. // web services key in the metabase
  137. if( !SUCCEEDED( hRes = pIMeta->OpenKey(METADATA_MASTER_ROOT_HANDLE, L"/LM",
  138. METADATA_PERMISSION_READ , 10000, &hKey) ) )
  139. {
  140. fwprintf( stderr, L"Error opening key: /LM on computer: %s. HRESULT=%x\n",
  141. pCoServerInfo->pwszName, hRes);
  142. pIMeta = 0;
  143. return false;
  144. }
  146. bReturn = IsKeyType(pIMeta,hKey,pwszMBPath,KeyType);
  148. if( !SUCCEEDED(hRes = pIMeta->CloseKey(hKey) ) )
  149. {
  150. fwprintf( stderr, L"Error closing key: /LM/W3SVC on computer: %s. HRESULT=%x\n",
  151. pCoServerInfo->pwszName, hRes);
  152. }
  154. pIMeta = 0;
  155. return bReturn;
  157. }
  159. BOOL AUTHUSER(COSERVERINFO * pCoServerInfo)
  160. {
  161. HRESULT hRes;
  162. METADATA_HANDLE hKey;
  163. CComPtr <IMSAdminBase> pIMeta = 0L;
  164. MULTI_QI rgmqi[1] = { &IID_IMSAdminBase,0,0 };
  167. if( !pCoServerInfo )
  168. return false;
  171. if( SUCCEEDED(hRes = CoCreateInstanceEx(CLSID_MSAdminBase,NULL,
  172. CLSCTX_ALL, pCoServerInfo,1, rgmqi) ) )
  173. pIMeta = reinterpret_cast<IMSAdminBase*>(rgmqi[0].pItf);
  174. else
  175. {
  176. fwprintf( stderr, L"error creating IMSAdminbase on machine: %s. HRESULT=%x\n",
  177. pCoServerInfo->pwszName, hRes);
  178. return false;
  179. }
  181. if( UsesImpersonation(pCoServerInfo) )
  182. {
  183. if (!SUCCEEDED(hRes = SetBlanket(pIMeta,pCoServerInfo->pAuthInfo->pAuthIdentityData->User,
  184. pCoServerInfo->pAuthInfo->pAuthIdentityData->Domain,
  185. pCoServerInfo->pAuthInfo->pAuthIdentityData->Password) ) )
  186. {
  187. fwprintf( stderr, L"error setting CoSetProxyBlanket on machine: %s for user: %s HRESULT=%x\n",
  188. pCoServerInfo->pwszName,pCoServerInfo->pAuthInfo->pAuthIdentityData->User, hRes);
  189. pIMeta = 0;
  190. return false;
  191. }
  192. }
  194. // Try to open a handle to the metabase to verify that the user can connect to the
  195. // web services key in the metabase
  197. if( !SUCCEEDED( hRes = pIMeta->OpenKey(METADATA_MASTER_ROOT_HANDLE, L"/LM/W3SVC",
  198. METADATA_PERMISSION_READ , 10000, &hKey) ) )
  199. {
  200. fwprintf( stderr, L"Error opening key: /LM/W3SVC on computer: %s. HRESULT=%x\n",
  201. pCoServerInfo->pwszName, hRes);
  202. pIMeta = 0;
  203. return false;
  204. }
  206. if( !SUCCEEDED(hRes = pIMeta->CloseKey(hKey) ) )
  207. {
  208. fwprintf( stderr, L"Error closing key: /LM/W3SVC on computer: %s. HRESULT=%x\n",
  209. pCoServerInfo->pwszName, hRes);
  210. }
  212. pIMeta = 0;
  213. return true;
  214. }
  216. VOID FreeServerInfoStruct(
  217. COSERVERINFO * pServerInfo
  218. )
  219. /*++
  221. Routine Description:
  223. As mentioned above -- free the server info structure
  225. Arguments:
  227. COSERVERINFO * pServerInfo : Server info structure
  229. Return Value:
  231. None
  233. --*/
  234. {
  235. if (pServerInfo)
  236. {
  237. if (pServerInfo->pAuthInfo)
  238. {
  239. if (pServerInfo->pAuthInfo->pAuthIdentityData)
  240. {
  242. delete pServerInfo->pAuthInfo->pAuthIdentityData->User;
  243. delete pServerInfo->pAuthInfo->pAuthIdentityData->Domain;
  244. delete pServerInfo->pAuthInfo->pAuthIdentityData->Password;
  247. delete pServerInfo->pAuthInfo->pAuthIdentityData;
  248. }
  250. delete pServerInfo->pAuthInfo;
  251. }
  253. delete pServerInfo;
  254. }
  255. }
  257. BOOL UsesImpersonation(COSERVERINFO * pServerInfo)
  258. {
  259. if( !pServerInfo )
  260. return false;
  262. if( pServerInfo->pAuthInfo )
  263. {
  264. if( pServerInfo->pAuthInfo->pAuthIdentityData )
  265. if(pServerInfo->pAuthInfo->pAuthIdentityData->User )
  266. return true;
  267. }
  269. return false;
  270. }