archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetsrv/iis/iisrearc/iisplus/sfwp/dll/siteconfig.hxx

486 lines
10 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #ifndef _SITECONFIG_HXX_
  2. #define _SITECONFIG_HXX_
  4. /*++
  6. Copyright (c) 1998 Microsoft Corporation
  8. Module Name :
  9. siteconfig.hxx
  11. Abstract:
  12. SSL configuration for a given site
  14. Author:
  15. Bilal Alam (BAlam) 29-March-2000
  17. Environment:
  18. Win32 - User Mode
  20. Project:
  21. Stream Filter Worker Process
  22. --*/
  24. class ENDPOINT_CONFIG_HASH;
  25. class SERVER_CERT;
  28. typedef ULONGLONG ENDPOINT_KEY;
  30. #define ENDPOINT_CONFIG_SIGNATURE (DWORD)'GFCS'
  31. #define ENDPOINT_CONFIG_SIGNATURE_FREE (DWORD)'gfcs'
  35. class ENDPOINT_CONFIG
  36. {
  37. public:
  39. const ENDPOINT_KEY*
  40. QueryEndpointKey(
  41. VOID
  42. ) const
  43. {
  44. return &_EndpointKey;
  45. }
  47. SERVER_CERT *
  48. QueryServerCert(
  49. VOID
  50. ) const
  51. {
  52. return _pServerCert;
  53. }
  55. IIS_CTL *
  56. QueryIisCtl(
  57. VOID
  58. ) const
  59. {
  60. return _pIisCtl;
  61. }
  64. BOOL
  65. CheckSignature(
  66. VOID
  67. ) const
  68. {
  69. return _dwSignature == ENDPOINT_CONFIG_SIGNATURE;
  70. }
  72. VOID
  73. ReferenceEndpointConfig(
  74. VOID
  75. )
  76. {
  77. InterlockedIncrement( &_cRefs );
  78. }
  80. VOID
  81. DereferenceEndpointConfig(
  82. VOID
  83. )
  84. {
  85. if ( InterlockedDecrement( &_cRefs ) == 0 )
  86. {
  87. delete this;
  88. }
  89. }
  91. BOOL
  92. QuerySslConfigured(
  93. VOID
  94. )
  95. {
  96. return _SiteCreds.QueryIsAvailable();
  97. }
  99. CredHandle *
  100. QueryCredentials(
  101. VOID
  102. )
  103. {
  104. return _SiteCreds.QueryCredentials();
  105. }
  107. BOOL
  108. QueryUseDSMapper(
  109. VOID
  110. )
  111. {
  112. if ( _pEndpointConfigData == NULL )
  113. {
  114. return FALSE;
  115. }
  116. else
  117. {
  118. return !!(_pEndpointConfigData->ParamDesc.DefaultFlags &
  119. HTTP_SERVICE_CONFIG_SSL_FLAG_USE_DS_MAPPER);
  120. }
  122. }
  124. BOOL
  125. QueryNegotiateClientCert(
  126. VOID
  127. )
  128. {
  129. //
  130. // _fRequireClientCert is used for SSL optimization
  131. // If RequireClientCert is set on the root level of the site
  132. // then IIS will ask for mutual authentication right away
  133. // That way the expensive renegotiation when the whole
  134. // ssl key exchange must be repeated is eliminated
  135. //
  137. if ( _pEndpointConfigData == NULL )
  138. {
  139. return FALSE;
  140. }
  141. else
  142. {
  143. return !!(_pEndpointConfigData->ParamDesc.DefaultFlags &
  144. HTTP_SERVICE_CONFIG_SSL_FLAG_NEGOTIATE_CLIENT_CERT);
  145. }
  147. }
  149. BOOL
  150. QueryNoRawFilter(
  151. VOID
  152. )
  153. {
  154. if ( _pEndpointConfigData == NULL )
  155. {
  156. return FALSE;
  157. }
  158. else
  159. {
  160. return !!(_pEndpointConfigData->ParamDesc.DefaultFlags &
  161. HTTP_SERVICE_CONFIG_SSL_FLAG_NO_RAW_FILTER);
  162. }
  163. }
  166. BOOL
  167. IsCtlRequired(
  168. VOID
  169. )
  170. {
  171. if ( _pEndpointConfigData == NULL )
  172. {
  173. return FALSE;
  174. }
  175. else
  176. {
  177. return
  178. _pEndpointConfigData->ParamDesc.pDefaultSslCtlIdentifier != NULL &&
  179. _pEndpointConfigData->ParamDesc.pDefaultSslCtlIdentifier[0] != L'\0';
  180. }
  181. }
  183. DWORD
  184. QueryCertCheckMode(
  185. VOID
  186. )
  187. {
  188. if ( _pEndpointConfigData == NULL )
  189. {
  190. return 0;
  191. }
  192. else
  193. {
  194. return _pEndpointConfigData->ParamDesc.DefaultCertCheckMode;
  195. }
  196. }
  198. DWORD
  199. QueryRevocationFreshnessTime(
  200. VOID
  201. )
  202. {
  203. if ( _pEndpointConfigData == NULL )
  204. {
  205. return 0;
  206. }
  207. else
  208. {
  209. return _pEndpointConfigData->ParamDesc.DefaultRevocationFreshnessTime;
  210. }
  211. }
  213. DWORD
  214. QueryRevocationUrlRetrievalTimeout(
  215. VOID
  216. )
  217. {
  218. if ( _pEndpointConfigData == NULL )
  219. {
  220. return 0;
  221. }
  222. else
  223. {
  224. return _pEndpointConfigData->ParamDesc.DefaultRevocationUrlRetrievalTimeout;
  225. }
  226. }
  228. HRESULT
  229. AcquireCredentials(
  230. VOID
  231. );
  233. static
  234. HRESULT
  235. Initialize(
  236. VOID
  237. );
  239. static
  240. VOID
  241. Terminate(
  242. VOID
  243. );
  245. static
  246. HRESULT
  247. GetEndpointConfig(
  248. CONNECTION_INFO * pConnectionInfo,
  249. ENDPOINT_CONFIG ** ppEndpointConfig,
  250. BOOL fCreateEmptyIfNotFound = FALSE
  251. );
  253. static
  254. ENDPOINT_KEY
  255. GenerateEndpointKey(
  256. DWORD LocalAddress,
  257. USHORT LocalPort
  258. )
  259. {
  260. LARGE_INTEGER liKey;
  262. // CODEWORK: this will break for IPv6
  263. // Currently only wildcard IPs are supported for IPv6
  264. liKey.HighPart = LocalAddress;
  265. liKey.LowPart = LocalPort;
  266. return liKey.QuadPart;
  267. }
  269. static
  270. HRESULT
  271. FlushByServerCert(
  272. SERVER_CERT * pServerCert
  273. );
  275. static
  276. HRESULT
  277. FlushByIisCtl(
  278. IIS_CTL * pIisCtl
  279. );
  282. static
  283. HRESULT
  284. FlushByEndpoint(
  285. DWORD LocalAddress,
  286. USHORT LocalPort
  287. );
  289. static
  290. VOID
  291. Cleanup(
  292. VOID
  293. );
  296. static
  297. VOID
  298. WINAPI
  299. ConfigStoreChangeCallback(
  300. PVOID pParam,
  301. BOOL fWaitFired
  302. );
  304. private:
  306. // Constructor is private
  307. // GetEndpointConfig() is to be called to get reference to the object
  308. //
  309. ENDPOINT_CONFIG(
  310. DWORD LocalAddress,
  311. USHORT LocalPort,
  312. SERVER_CERT * pServerCert,
  313. IIS_CTL * pIisCtl,
  314. PHTTP_SERVICE_CONFIG_SSL_SET pEndpointConfigData
  315. )
  316. {
  317. _cRefs = 1;
  318. _dwSignature = ENDPOINT_CONFIG_SIGNATURE;
  319. _LocalAddress = LocalAddress;
  320. _LocalPort = LocalPort;
  321. _EndpointKey = GenerateEndpointKey( LocalAddress, LocalPort );
  322. _pServerCert = pServerCert;
  323. _pEndpointConfigData = pEndpointConfigData; // takes ownership of the memory
  324. _pIisCtl = pIisCtl;
  325. }
  327. // Destructor is private
  328. // DereferenceEndpointConfig() is to be called for cleanup
  329. //
  330. virtual ~ENDPOINT_CONFIG();
  332. static
  333. LK_PREDICATE
  334. ServerCertPredicate(
  335. ENDPOINT_CONFIG * pEndpointConfig,
  336. void * pvState
  337. );
  339. static
  340. LK_PREDICATE
  341. IisCtlPredicate(
  342. ENDPOINT_CONFIG * pEndpointConfig,
  343. void * pvState
  344. );
  346. static
  347. LK_PREDICATE
  348. SiteIdPredicate(
  349. ENDPOINT_CONFIG * pEndpointConfig,
  350. void * pvState
  351. );
  353. static
  354. LK_PREDICATE
  355. EndpointPredicate(
  356. ENDPOINT_CONFIG * pEndpointConfig,
  357. void * pvState
  358. );
  360. static
  361. HRESULT
  362. GetEndpointConfigData(
  363. IN DWORD LocalAddress,
  364. IN USHORT LocalPort,
  365. OUT PHTTP_SERVICE_CONFIG_SSL_SET * ppEndpointConfigData,
  366. OUT BOOL * pfWildcardMatch
  367. );
  369. private:
  371. DWORD _dwSignature;
  372. LONG _cRefs;
  373. // key representing IP:Port
  374. ENDPOINT_KEY _EndpointKey;
  375. //
  376. // we don't really need to store _LocalAddress and _LocalPort
  377. // but for the debugging or logging it may be convenient
  378. // to have the info available
  379. //
  380. DWORD _LocalAddress;
  381. USHORT _LocalPort;
  382. //
  383. // SSL specific objects
  384. //
  385. SERVER_CERT * _pServerCert;
  386. IIS_CTL * _pIisCtl;
  387. SITE_CREDENTIALS _SiteCreds;
  388. //
  389. // SSL config and Enable Raw Filter flag
  390. //
  391. PHTTP_SERVICE_CONFIG_SSL_SET _pEndpointConfigData;
  392. //
  393. // Hash table caching endpoint configuration
  394. //
  395. static ENDPOINT_CONFIG_HASH * sm_pEndpointConfigHash;
  396. //
  397. // Objects needed to handle persistent endpoint config store
  398. // change notification
  399. //
  400. static HANDLE sm_hHttpApiConfigChangeEvent;
  401. static HKEY sm_hHttpApiConfigKey;
  402. static HANDLE sm_hWaitHandle;
  404. enum INIT_STATE {
  405. INIT_NONE,
  406. INIT_HTTPAPI,
  407. INIT_HASH,
  408. INIT_CHANGE_NOTIF
  409. };
  410. // Initialization state
  411. static INIT_STATE sm_InitState;
  412. };
  414. class ENDPOINT_CONFIG_HASH
  415. : public CTypedHashTable<
  416. ENDPOINT_CONFIG_HASH,
  417. ENDPOINT_CONFIG,
  418. const ENDPOINT_KEY *
  419. >
  420. {
  421. public:
  422. ENDPOINT_CONFIG_HASH()
  423. : CTypedHashTable< ENDPOINT_CONFIG_HASH,
  424. ENDPOINT_CONFIG,
  425. const ENDPOINT_KEY * > ( "ENDPOINT_CONFIG_HASH" )
  426. {
  427. }
  429. static
  430. const ENDPOINT_KEY *
  431. ExtractKey(
  432. const ENDPOINT_CONFIG * pEndpointConfig
  433. )
  434. {
  435. return pEndpointConfig->QueryEndpointKey();
  436. }
  438. static
  439. DWORD
  440. CalcKeyHash(
  441. const ENDPOINT_KEY * pEndpointKey
  442. )
  443. {
  444. return HashBlob( pEndpointKey,
  445. sizeof( ENDPOINT_KEY ) );
  446. }
  448. static
  449. bool
  450. EqualKeys(
  451. const ENDPOINT_KEY * pEndpointKey1,
  452. const ENDPOINT_KEY * pEndpointKey2
  453. )
  454. {
  455. return *pEndpointKey1 == *pEndpointKey2;
  456. }
  458. static
  459. void
  460. AddRefRecord(
  461. ENDPOINT_CONFIG * pEndpointConfig,
  462. int nIncr
  463. )
  464. {
  465. if ( nIncr == +1 )
  466. {
  467. pEndpointConfig->ReferenceEndpointConfig();
  468. }
  469. else if ( nIncr == -1 )
  470. {
  471. pEndpointConfig->DereferenceEndpointConfig();
  472. }
  473. }
  474. private:
  475. //
  476. // Not implemented methods
  477. // Declarations present to prevent compiler
  478. // to generate default ones.
  479. //
  480. ENDPOINT_CONFIG_HASH( const ENDPOINT_CONFIG_HASH& );
  481. ENDPOINT_CONFIG_HASH& operator=( const ENDPOINT_CONFIG_HASH& );
  484. };
  486. #endif