archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetsrv/iis/iisrearc/iisplus/sfwp/dll/certstore.cxx

633 lines
14 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1998 Microsoft Corporation
  5. Module Name :
  6. certstore.cxx
  8. Abstract:
  9. Wrapper of a certificate store
  11. Author:
  12. Bilal Alam (BAlam) 29-March-2000
  14. Environment:
  15. Win32 - User Mode
  17. Project:
  18. Stream Filter Worker Process
  19. --*/
  21. #include "precomp.hxx"
  23. LIST_ENTRY CERT_STORE::sm_ToBeDeletedListHead;
  24. CRITICAL_SECTION CERT_STORE::sm_csToBeDeletedList;
  25. BOOL CERT_STORE::sm_fInitcsToBeDeletedList;
  26. CERT_STORE_HASH * CERT_STORE::sm_pCertStoreHash;
  27. HANDLE CERT_STORE::sm_hDeletionThread = NULL;
  28. BOOL CERT_STORE::sm_fDeletionThreadShutdown = FALSE;
  29. HANDLE CERT_STORE::sm_hWakeupEvent = NULL;
  31. CERT_STORE::CERT_STORE()
  32. : _cRefs( 1 ),
  33. _hStore( NULL ),
  34. _hWaitHandle( NULL ),
  35. _hStoreChangeEvent( NULL )
  36. {
  37. _dwSignature = CERT_STORE_SIGNATURE;
  38. }
  40. CERT_STORE::~CERT_STORE()
  41. {
  42. _dwSignature = CERT_STORE_SIGNATURE_FREE;
  43. if ( _hWaitHandle != NULL )
  44. {
  45. // don't continue until callback completed
  46. UnregisterWaitEx( _hWaitHandle,
  47. INVALID_HANDLE_VALUE );
  48. _hWaitHandle = NULL;
  49. }
  51. if ( _hStoreChangeEvent != NULL )
  52. {
  53. CloseHandle( _hStoreChangeEvent );
  54. _hStoreChangeEvent = NULL;
  55. }
  57. if ( _hStore != NULL )
  58. {
  59. CertCloseStore( _hStore, 0 );
  60. _hStore = NULL;
  61. }
  62. }
  64. //static
  65. VOID
  66. WINAPI
  67. CERT_STORE::CertStoreChangeRoutine(
  68. VOID * pvContext,
  69. BOOLEAN fTimedOut
  70. )
  71. /*++
  73. Routine Description:
  75. Called when a certificate store has changed
  77. Arguments:
  79. pvContext - Points to CERT_STORE which changed
  80. fTimedOut - Should always be FALSE since our wait is INFINITE
  82. Return Value:
  84. HRESULT
  86. Warning:
  88. Do not touch anything inside pCertStore (pvContext)
  89. This callback may happen when pCertStore is already being destroyed
  91. It is still safe to flush caches based on pCertStore because
  92. nothing inside pCertStore is accessed when flushing caches
  93. and in the case that the old pCertStore address got reused
  94. and placed in the cache again, in the worst case fresh item is flushed
  95. and will be reloaded again
  97. --*/
  98. {
  100. UNREFERENCED_PARAMETER( fTimedOut );
  101. CERT_STORE * pCertStore = NULL;
  103. DBG_ASSERT( pvContext != NULL );
  104. DBG_ASSERT( fTimedOut == FALSE );
  106. pCertStore = (CERT_STORE*) pvContext;
  108. //
  109. // Remove the thing from the hash table for one
  110. //
  112. sm_pCertStoreHash->DeleteRecord( pCertStore );
  114. //
  115. // Instruct the server certificate cache to flush any certs which
  116. // were referencing this cert store.
  117. // Also flush all CTLs that were referencing cert store
  118. //
  119. SERVER_CERT::FlushByStore( pCertStore );
  120. IIS_CTL::FlushByStore( pCertStore );
  123. }
  126. //static
  127. DWORD
  128. WINAPI
  129. CERT_STORE::DeletionWorkerThread(
  130. VOID * pvContext
  131. )
  132. /*++
  134. Routine Description:
  136. thread handling deletion of the CERT_STORE instances
  137. to prevent deadlocks that would happen if deletion of the
  138. CERT_STORE instance happened on the Change notification
  139. callback thread
  141. Arguments:
  143. pvContext - not used
  145. Return Value:
  147. HRESULT
  149. Warning:
  152. --*/
  153. {
  155. UNREFERENCED_PARAMETER( pvContext );
  157. for(;;)
  158. {
  160. DWORD dwWaitStatus;
  162. dwWaitStatus =
  163. WaitForSingleObject( sm_hWakeupEvent,
  164. INFINITE // time-out interval
  165. );
  167. DBG_ASSERT ( dwWaitStatus == WAIT_OBJECT_0 );
  169. if( sm_fDeletionThreadShutdown == TRUE )
  170. {
  171. return NO_ERROR;
  172. }
  174. //
  175. // handle the Wakeup event
  176. //
  178. DeleteAllPendingInstances();
  180. }
  181. }
  184. //static
  185. VOID
  186. CERT_STORE::DeleteAllPendingInstances(
  187. VOID
  188. )
  189. /*++
  191. Routine Description:
  193. delete all CERT_STORE instances that are on the ToBeDeleted list
  195. Arguments:
  197. none
  199. Return Value:
  201. HRESULT
  203. --*/
  205. {
  206. LIST_ENTRY * pCurrentEntry = NULL;
  208. for(;;)
  209. {
  210. //
  211. // Loop through each element on the list and call destructor on it
  212. //
  213. pCurrentEntry = NULL;
  215. EnterCriticalSection( &sm_csToBeDeletedList );
  216. if (! IsListEmpty( &sm_ToBeDeletedListHead ) )
  217. {
  218. pCurrentEntry = RemoveHeadList( &sm_ToBeDeletedListHead );
  219. }
  220. LeaveCriticalSection( &sm_csToBeDeletedList );
  222. if ( pCurrentEntry == NULL )
  223. {
  224. break;
  225. }
  227. CERT_STORE * pCertStore =
  228. CONTAINING_RECORD( pCurrentEntry,
  229. CERT_STORE,
  230. _ToBeDeletedListEntry );
  231. //
  232. // Note: Never call the destructor under the
  233. // critical section because that may cause deadlock
  234. // Destructor is waiting for completion callback to return and there
  235. // used to be a deadlock with sm_csToBeDeletedList, WriteLock on the
  236. // IIS_CTL hash table and the wait on the change notification callback completion
  237. //
  238. delete pCertStore;
  239. }
  240. }
  243. HRESULT
  244. CERT_STORE::Open(
  245. STRU & strStoreName
  246. )
  247. /*++
  249. Routine Description:
  251. Open specified certificate store
  253. Arguments:
  255. strStoreName - name of certificate store to open
  257. Return Value:
  259. HRESULT
  261. --*/
  262. {
  263. HRESULT hr = NO_ERROR;
  264. BOOL fRet = TRUE;
  266. DBG_ASSERT( CheckSignature() );
  268. //
  269. // Remember the name
  270. //
  272. hr = _strStoreName.Copy( strStoreName );
  273. if ( FAILED( hr ) )
  274. {
  275. return hr;
  276. }
  278. DBG_ASSERT( _hStore == NULL );
  280. //
  281. // Get the handle
  282. //
  284. _hStore = CertOpenStore( CERT_STORE_PROV_SYSTEM,
  285. 0,
  286. NULL,
  287. CERT_SYSTEM_STORE_LOCAL_MACHINE,
  288. strStoreName.QueryStr() );
  289. if ( _hStore == NULL )
  290. {
  291. return HRESULT_FROM_WIN32( GetLastError() );
  292. }
  294. //
  295. // Setup a change notification so that we are informed the cert store
  296. // has changed
  297. //
  299. _hStoreChangeEvent = CreateEvent( NULL, FALSE, FALSE, NULL );
  300. if ( _hStoreChangeEvent == NULL )
  301. {
  302. return HRESULT_FROM_WIN32( GetLastError() );
  303. }
  305. fRet = RegisterWaitForSingleObject( &_hWaitHandle,
  306. _hStoreChangeEvent,
  307. CERT_STORE::CertStoreChangeRoutine,
  308. this,
  309. INFINITE,
  310. WT_EXECUTEONLYONCE );
  311. if ( !fRet )
  312. {
  313. DBG_ASSERT( _hWaitHandle == NULL );
  315. return HRESULT_FROM_WIN32( GetLastError() );
  316. }
  318. fRet = CertControlStore( _hStore,
  319. 0,
  320. CERT_STORE_CTRL_NOTIFY_CHANGE,
  321. &_hStoreChangeEvent );
  322. if ( !fRet )
  323. {
  324. return HRESULT_FROM_WIN32( GetLastError() );
  325. }
  327. return NO_ERROR;
  328. }
  330. //static
  331. HRESULT
  332. CERT_STORE::Initialize(
  333. VOID
  334. )
  335. /*++
  337. Routine Description:
  339. Initialize CERT_STORE globals
  341. Arguments:
  343. None
  345. Return Value:
  347. HRESULT
  349. --*/
  350. {
  351. HRESULT hr = E_FAIL;
  353. InitializeListHead( &sm_ToBeDeletedListHead );
  355. BOOL fRet = InitializeCriticalSectionAndSpinCount(
  356. &sm_csToBeDeletedList,
  357. 0x80000000 /* precreate event */ |
  358. IIS_DEFAULT_CS_SPIN_COUNT );
  359. if ( !fRet )
  360. {
  361. hr = HRESULT_FROM_WIN32( GetLastError() );
  362. goto Failed;
  364. }
  365. sm_fInitcsToBeDeletedList = TRUE;
  367. //
  368. // Setup wakeup event used for communication
  369. // with the thread handling deletion of CERT_STORE instances
  370. //
  372. sm_hWakeupEvent = CreateEvent( NULL, // event attributes
  373. FALSE, // FALSE mean auto reset event
  374. FALSE, // initial state
  375. NULL // name
  376. );
  377. if ( sm_hWakeupEvent == NULL )
  378. {
  379. hr = HRESULT_FROM_WIN32( GetLastError() );
  380. goto Failed;
  381. }
  384. DBG_ASSERT( sm_pCertStoreHash == NULL );
  386. sm_pCertStoreHash = new CERT_STORE_HASH();
  387. if ( sm_pCertStoreHash == NULL )
  388. {
  389. hr = HRESULT_FROM_WIN32( GetLastError() );
  390. goto Failed;
  391. }
  393. sm_fDeletionThreadShutdown = FALSE;
  395. sm_hDeletionThread = ::CreateThread(
  396. NULL, // default security descriptor
  397. 16000, // Initial size as configured
  398. CERT_STORE::DeletionWorkerThread, // thread function
  399. NULL, // thread argument
  400. 0, // create running
  401. NULL // don't care for thread identifier
  402. );
  403. if ( sm_hDeletionThread == NULL )
  404. {
  405. hr = HRESULT_FROM_WIN32( GetLastError() );
  406. goto Failed;
  407. }
  409. return NO_ERROR;
  411. Failed:
  412. Terminate();
  413. return hr;
  414. }
  416. //static
  417. VOID
  418. CERT_STORE::Terminate(
  419. VOID
  420. )
  421. /*++
  423. Routine Description:
  425. Terminate CERT_STORE globals
  427. Cleanup is expected to be called before Terminate()
  428. if Initialize() completed with success
  430. Arguments:
  432. None
  434. Return Value:
  436. None
  438. --*/
  439. {
  440. DWORD dwWaitStatus = 0;
  443. if ( sm_hDeletionThread != NULL )
  444. {
  445. DBG_ASSERT( sm_ToBeDeletedListHead.Flink == NULL );
  447. InterlockedExchange( (LPLONG) &sm_fDeletionThreadShutdown, 1 );
  449. SetEvent( sm_hWakeupEvent );
  451. //
  452. // Issue: Jaroslad
  453. // what is SetEvent fails?
  454. //
  456. dwWaitStatus = WaitForSingleObject( sm_hDeletionThread,
  457. INFINITE );
  459. DBG_ASSERT( dwWaitStatus == WAIT_OBJECT_0 );
  460. CloseHandle( sm_hDeletionThread );
  461. sm_hDeletionThread = NULL;
  463. }
  465. if ( sm_pCertStoreHash != NULL )
  466. {
  467. delete sm_pCertStoreHash;
  468. sm_pCertStoreHash = NULL;
  469. }
  471. if ( sm_hWakeupEvent != NULL )
  472. {
  473. CloseHandle( sm_hWakeupEvent );
  474. sm_hWakeupEvent = NULL;
  475. }
  477. if ( sm_fInitcsToBeDeletedList )
  478. {
  479. DeleteCriticalSection( &sm_csToBeDeletedList );
  480. sm_fInitcsToBeDeletedList = FALSE;
  481. }
  482. }
  484. //static
  485. VOID
  486. CERT_STORE::Cleanup(
  487. VOID
  488. )
  489. /*++
  491. Routine Description:
  493. Cleanup CERT_STORE hash table
  495. This function must be called before the Terminate() call
  496. When Cleanup() is called, the overall cleanup should have reached
  497. the stage where there are no more external references
  498. to a CERT_STORE instance
  501. Arguments:
  503. None
  505. Return Value:
  507. None
  509. --*/
  510. {
  511. DWORD dwWaitStatus = 0;
  513. //
  514. // delete all the cached CERT_STORE instances
  515. //
  516. sm_pCertStoreHash->Clear();
  518. //
  519. // indicate that Deletion thread is to shut down
  520. //
  522. InterlockedExchange( (LPLONG) &sm_fDeletionThreadShutdown, 1 );
  524. SetEvent( sm_hWakeupEvent );
  526. //
  527. // Issue: Jaroslad
  528. // what is SetEvent fails?
  529. //
  531. //
  532. // Wait for Deletion thread to shut down
  533. //
  534. dwWaitStatus = WaitForSingleObject( sm_hDeletionThread,
  535. INFINITE );
  537. DBG_ASSERT( dwWaitStatus == WAIT_OBJECT_0 );
  538. CloseHandle( sm_hDeletionThread );
  539. sm_hDeletionThread = NULL;
  541. //
  542. // delete all the deletion pending instances of CERT_STORE
  543. //
  544. DeleteAllPendingInstances();
  546. }
  548. //static
  549. HRESULT
  550. CERT_STORE::OpenStore(
  551. STRU & strStoreName,
  552. CERT_STORE ** ppStore
  553. )
  554. /*++
  556. Routine Description:
  558. Open certificate store from cache
  560. Arguments:
  562. strStoreName - Store name to open
  563. ppStore - Filled with store on success
  565. Return Value:
  567. HRESULT
  569. --*/
  570. {
  571. HRESULT hr = NO_ERROR;
  572. CERT_STORE * pCertStore = NULL;
  573. LK_RETCODE lkrc;
  575. if ( ppStore == NULL )
  576. {
  577. DBG_ASSERT( FALSE );
  578. hr = HRESULT_FROM_WIN32( ERROR_INVALID_PARAMETER );
  579. goto Finished;
  580. }
  581. *ppStore = NULL;
  583. //
  584. // Lookup in cache first
  585. //
  587. DBG_ASSERT( sm_pCertStoreHash != NULL );
  589. lkrc = sm_pCertStoreHash->FindKey( strStoreName.QueryStr(),
  590. &pCertStore );
  591. if ( lkrc != LK_SUCCESS )
  592. {
  593. //
  594. // OK. Create one and add to cache
  595. //
  597. pCertStore = new CERT_STORE();
  598. if ( pCertStore == NULL )
  599. {
  600. hr = HRESULT_FROM_WIN32( GetLastError() );
  601. goto Finished;
  602. }
  604. hr = pCertStore->Open( strStoreName );
  605. if ( FAILED( hr ) )
  606. {
  607. goto Finished;
  608. }
  610. lkrc = sm_pCertStoreHash->InsertRecord( pCertStore );
  612. //
  613. // Ignore the error. We will do the right thing if we couldn't
  614. // add to hash (i.e. no extra reference happens and callers deref
  615. // will delete the object as desired)
  616. //
  617. }
  619. DBG_ASSERT( pCertStore != NULL );
  621. *ppStore = pCertStore;
  623. return NO_ERROR;
  625. Finished:
  626. if ( pCertStore != NULL )
  627. {
  628. pCertStore->DereferenceStore();
  629. pCertStore = NULL;
  630. }
  632. return hr;
  633. }