archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetsrv/iis/iisrearc/iisplus/urlauth/azapplication.cxx

790 lines
19 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2000 Microsoft Corporation
  5. Module Name:
  7. application.cxx
  9. Abstract:
  11. Encapsulates the IAzApplication object. Does all the grunt work to
  12. get an AzContext, determine operations, and build up server variable
  13. table
  15. Author:
  17. Bilal Alam (balam) Nov 26, 2001
  19. --*/
  21. #include "precomp.hxx"
  23. BSTR AZ_APPLICATION::sm_bstrOperationName;
  24. DWORD AZ_APPLICATION::sm_cParameterCount;
  25. VARIANT AZ_APPLICATION::sm_vNameArray;
  27. CHAR * AZ_APPLICATION::sm_rgParameterNames[] = {
  28. "ALL_HTTP",
  29. "APPL_MD_PATH",
  30. "APPL_PHYSICAL_PATH",
  31. "AUTH_PASSWORD",
  32. "AUTH_TYPE",
  33. "AUTH_USER",
  34. "CERT_COOKIE",
  35. "CERT_FLAGS",
  36. "CERT_ISSUER",
  37. "CERT_KEYSIZE",
  38. "CERT_SECRETKEYSIZE",
  39. "CERT_SERIALNUMBER",
  40. "CERT_SERVER_ISSUER",
  41. "CERT_SERVER_SUBJECT",
  42. "CERT_SUBJECT",
  43. "CONTENT_LENGTH",
  44. "CONTENT_TYPE",
  45. "GATEWAY_INTERFACE",
  46. "LOGON_USER",
  47. "HTTPS",
  48. "HTTPS_KEYSIZE",
  49. "HTTPS_SECRETKEYSIZE",
  50. "HTTPS_SERVER_ISSUER",
  51. "HTTPS_SERVER_SUBJECT",
  52. "INSTANCE_ID",
  53. "INSTANCE_META_PATH",
  54. "PATH_INFO",
  55. "PATH_TRANSLATED",
  56. "QUERY_STRING",
  57. "REMOTE_ADDR",
  58. "REMOTE_HOST",
  59. "REMOTE_USER",
  60. "REQUEST_METHOD",
  61. "SERVER_NAME",
  62. "LOCAL_ADDR",
  63. "SERVER_PORT",
  64. "SERVER_PORT_SECURE",
  65. "SERVER_PROTOCOL",
  66. "SERVER_SOFTWARE",
  67. "UNMAPPED_REMOTE_USER",
  68. "URL",
  69. "HTTP_METHOD",
  70. "HTTP_VERSION",
  71. "APP_POOL_ID",
  72. "SCRIPT_TRANSLATED",
  73. "UNENCODED_URL",
  74. NULL
  75. };
  77. //static
  78. HRESULT
  79. AZ_APPLICATION::Initialize(
  80. VOID
  81. )
  82. /*++
  84. Routine Description:
  86. Global initialization of AZ_APPLICATION
  88. Arguments:
  90. None
  92. Return Value:
  94. HRESULT
  96. --*/
  97. {
  98. VARIANT vName;
  99. SAFEARRAY * psaNames = NULL;
  100. SAFEARRAYBOUND rgsaBound[ 1 ];
  101. LONG lArrayIndex[ 1 ];
  102. HRESULT hr = NO_ERROR;
  103. BSTR bstrName = NULL;
  104. STACK_STRU( strTemp, 512 );
  106. VariantInit( &sm_vNameArray );
  108. //
  109. // Allocate the single operation BSTR only once
  110. //
  112. sm_bstrOperationName = SysAllocString( URL_AUTH_OPERATION_NAME );
  113. if ( sm_bstrOperationName == NULL )
  114. {
  115. hr = HRESULT_FROM_WIN32( GetLastError() );
  116. goto Finished;
  117. }
  119. //
  120. // Allocate the parameter name array for use with AccessCheck() and
  121. // business logic
  122. //
  124. //
  125. // How many parameters in array?
  126. //
  128. DBG_ASSERT( sm_cParameterCount == 0 );
  130. while ( sm_rgParameterNames[ sm_cParameterCount ] != NULL )
  131. {
  132. sm_cParameterCount++;
  133. }
  135. DBG_ASSERT( sm_cParameterCount > 0 );
  137. //
  138. // Allocate the array
  139. //
  141. rgsaBound[ 0 ].lLbound = 0;
  142. rgsaBound[ 0 ].cElements = sm_cParameterCount;
  144. psaNames = SafeArrayCreate( VT_VARIANT, 1, rgsaBound );
  145. if ( psaNames == NULL )
  146. {
  147. hr = HRESULT_FROM_WIN32( GetLastError() );
  148. goto Finished;
  149. }
  151. //
  152. // Create a new BSTR for each parameter name and add to safe array
  153. //
  155. lArrayIndex[ 0 ] = 0;
  157. for ( DWORD j = 0; j < sm_cParameterCount; j++ )
  158. {
  159. DBG_ASSERT( sm_rgParameterNames[ j ] != NULL );
  161. hr = strTemp.CopyA( sm_rgParameterNames[ j ] );
  162. if ( FAILED( hr ) )
  163. {
  164. goto Finished;
  165. }
  167. bstrName = SysAllocString( strTemp.QueryStr() );
  168. if ( bstrName == NULL )
  169. {
  170. hr = HRESULT_FROM_WIN32( GetLastError() );
  171. goto Finished;
  172. }
  174. VariantInit( &vName );
  176. vName.vt = VT_BSTR;
  177. vName.bstrVal = bstrName;
  179. hr = SafeArrayPutElement( psaNames,
  180. lArrayIndex,
  181. &vName );
  183. if ( FAILED( hr ) )
  184. {
  185. goto Finished;
  186. }
  188. bstrName = NULL;
  190. (lArrayIndex[ 0 ])++;
  191. }
  193. //
  194. // Finally, setup the variant for the array
  195. //
  197. sm_vNameArray.vt = VT_ARRAY;
  198. sm_vNameArray.parray = psaNames;
  200. psaNames = NULL;
  202. Finished:
  204. if ( bstrName != NULL )
  205. {
  206. SysFreeString( bstrName );
  207. bstrName = NULL;
  208. }
  210. if ( psaNames != NULL )
  211. {
  212. SafeArrayDestroy( psaNames );
  213. psaNames = NULL;
  214. }
  216. return hr;
  217. }
  219. //static
  220. VOID
  221. AZ_APPLICATION::Terminate(
  222. VOID
  223. )
  224. /*++
  226. Routine Description:
  228. Cleanup globals for AZ_APPLICATION
  230. Arguments:
  232. None
  234. Return Value:
  236. None
  238. --*/
  239. {
  240. VariantClear( &sm_vNameArray );
  242. if ( sm_bstrOperationName != NULL )
  243. {
  244. SysFreeString( sm_bstrOperationName );
  245. sm_bstrOperationName = NULL;
  246. }
  247. }
  249. HRESULT
  250. AZ_APPLICATION::Create(
  251. VOID
  252. )
  253. /*++
  255. Routine Description:
  257. Initialize an AZ_APPLICATION object
  259. Arguments:
  261. None
  263. Return Value:
  265. HRESULT
  267. --*/
  268. {
  269. IAzOperation * pIOperation;
  270. HRESULT hr;
  271. VARIANT vNoParam;
  272. LONG operationId;
  273. SAFEARRAY * psaOperations = NULL;
  274. SAFEARRAYBOUND rgsaBound[ 1 ];
  275. LONG lArrayIndex[ 1 ];
  276. VARIANT vOperation;
  278. DBG_ASSERT( _pIApplication != NULL );
  280. //
  281. // We need to get the one operation we care about.
  282. //
  284. VariantInit( &vNoParam );
  285. vNoParam.vt = VT_ERROR;
  286. vNoParam.scode = DISP_E_PARAMNOTFOUND;
  288. hr = _pIApplication->OpenOperation( sm_bstrOperationName,
  289. vNoParam,
  290. &pIOperation );
  291. if ( FAILED( hr ) )
  292. {
  293. return hr;
  294. }
  296. DBG_ASSERT( pIOperation != NULL );
  298. //
  299. // Get the operation ID
  300. //
  302. hr = pIOperation->get_OperationID( &operationId );
  304. pIOperation->Release();
  306. //
  307. // Now do some grunt work and create a variant array for use in our call
  308. // to AccessCheck(). How do developers live with this crap?
  309. //
  311. rgsaBound[ 0 ].lLbound = 0;
  312. rgsaBound[ 0 ].cElements = 1;
  314. psaOperations = SafeArrayCreate( VT_VARIANT, 1, rgsaBound );
  315. if ( psaOperations == NULL )
  316. {
  317. return HRESULT_FROM_WIN32( GetLastError() );
  318. }
  320. lArrayIndex[ 0 ] = 0;
  322. VariantInit( &vOperation );
  323. vOperation.vt = VT_I4;
  324. vOperation.lVal = operationId;
  326. hr = SafeArrayPutElement( psaOperations,
  327. lArrayIndex,
  328. &vOperation );
  329. if ( FAILED( hr ) )
  330. {
  331. SafeArrayDestroy( psaOperations );
  332. return hr;
  333. }
  335. VariantInit( &_vOperations );
  336. _vOperations.vt = VT_ARRAY;
  337. _vOperations.parray = psaOperations;
  338. psaOperations = NULL;
  340. return NO_ERROR;
  341. }
  343. HRESULT
  344. AZ_APPLICATION::BuildValueArray(
  345. EXTENSION_CONTROL_BLOCK * pecb,
  346. VARIANT * pValueArray
  347. )
  348. /*++
  350. Routine Description:
  352. Build value array for the given ECB. This just means retrieving all the
  353. server variables and building up an array with these values
  355. Arguments:
  357. pecb - ECB from which operations and sever variable table are built
  358. pValueArray - Filled with a variant for the array of values :-(
  360. Return Value:
  362. HRESULT
  364. --*/
  365. {
  366. SAFEARRAY * psaValues = NULL;
  367. SAFEARRAYBOUND rgsaBound[ 1 ];
  368. LONG lArrayIndex[ 1 ];
  369. VARIANT vValue;
  370. HRESULT hr = NO_ERROR;
  371. STACK_BUFFER( buffVariable, 512 );
  372. STACK_STRU( strVariable, 512 );
  373. DWORD cbVariable;
  374. BSTR bstrValue = NULL;
  375. BOOL fRet;
  377. if ( pecb == NULL ||
  378. pValueArray == NULL )
  379. {
  380. DBG_ASSERT( FALSE );
  381. return HRESULT_FROM_WIN32( ERROR_INVALID_PARAMETER );
  382. }
  384. //
  385. // First create a safe array of required size
  386. //
  388. rgsaBound[ 0 ].lLbound = 0;
  389. rgsaBound[ 0 ].cElements = sm_cParameterCount;
  391. psaValues = SafeArrayCreate( VT_VARIANT, 1, rgsaBound );
  392. if ( psaValues == NULL )
  393. {
  394. hr = HRESULT_FROM_WIN32( GetLastError() );
  395. goto Finished;
  396. }
  398. lArrayIndex[ 0 ] = 0;
  400. //
  401. // Now iterate thru variables, retrieve each one and add to array
  402. //
  404. for ( DWORD i = 0; i < sm_cParameterCount; i++ )
  405. {
  406. DBG_ASSERT( sm_rgParameterNames[ i ] != NULL );
  408. //
  409. // First get the variable
  410. //
  412. cbVariable = buffVariable.QuerySize();
  414. fRet = pecb->GetServerVariable( pecb->ConnID,
  415. sm_rgParameterNames[ i ],
  416. buffVariable.QueryPtr(),
  417. &cbVariable );
  418. if ( !fRet )
  419. {
  420. if ( GetLastError() != ERROR_INSUFFICIENT_BUFFER )
  421. {
  422. hr = HRESULT_FROM_WIN32( GetLastError() );
  423. goto Finished;
  424. }
  426. DBG_ASSERT( cbVariable > buffVariable.QuerySize() );
  428. fRet = buffVariable.Resize( cbVariable );
  429. if ( !fRet )
  430. {
  431. hr = HRESULT_FROM_WIN32( GetLastError() );
  432. goto Finished;
  433. }
  435. cbVariable = buffVariable.QuerySize();
  437. fRet = pecb->GetServerVariable( pecb->ConnID,
  438. sm_rgParameterNames[ i ],
  439. buffVariable.QueryPtr(),
  440. &cbVariable );
  441. if ( !fRet )
  442. {
  443. hr = HRESULT_FROM_WIN32( GetLastError() );
  444. goto Finished;
  445. }
  446. }
  448. //
  449. // Convert to UNICODE
  450. //
  452. hr = strVariable.CopyA( (CHAR*) buffVariable.QueryPtr() );
  453. if ( FAILED( hr ) )
  454. {
  455. goto Finished;
  456. }
  458. //
  459. // Make a BSTR
  460. //
  462. bstrValue = SysAllocString( strVariable.QueryStr() );
  463. if ( bstrValue == NULL )
  464. {
  465. hr = HRESULT_FROM_WIN32( GetLastError() );
  466. goto Finished;
  467. }
  469. VariantInit( &vValue );
  471. vValue.vt = VT_BSTR;
  472. vValue.bstrVal = bstrValue;
  474. hr = SafeArrayPutElement( psaValues,
  475. lArrayIndex,
  476. &vValue );
  478. if ( FAILED( hr ) )
  479. {
  480. goto Finished;
  481. }
  483. bstrValue = NULL;
  485. (lArrayIndex[ 0 ])++;
  486. }
  488. //
  489. // Finally, setup the variant for the array
  490. //
  492. pValueArray->vt = VT_ARRAY;
  493. pValueArray->parray = psaValues;
  495. psaValues = NULL;
  497. Finished:
  499. if ( bstrValue != NULL )
  500. {
  501. SysFreeString( bstrValue );
  502. bstrValue = NULL;
  503. }
  505. if ( psaValues != NULL )
  506. {
  507. SafeArrayDestroy( psaValues );
  508. psaValues = NULL;
  509. }
  511. return hr;
  512. }
  514. HRESULT
  515. AZ_APPLICATION::DoAccessCheck(
  516. EXTENSION_CONTROL_BLOCK * pecb,
  517. WCHAR * pszScopeName,
  518. BOOL * pfAccessGranted
  519. )
  520. /*++
  522. Routine Description:
  524. Check access
  526. Arguments:
  528. pecb - ECB from which operations and sever variable table are built
  529. pszScopeName - Scope name
  530. pfAccessGranted - Set to TRUE if access is granted
  532. Return Value:
  534. HRESULT
  536. --*/
  537. {
  538. BOOL fRet;
  539. HANDLE hToken;
  540. HRESULT hr = NO_ERROR;
  541. VARIANT vNoParam;
  542. IAzClientContext * pIClientContext = NULL;
  543. SAFEARRAY * psaScopes = NULL;
  544. SAFEARRAYBOUND rgsaBound[ 1 ];
  545. LONG lArrayIndex[ 1 ];
  546. VARIANT vScope;
  547. VARIANT vScopes;
  548. BSTR bstrScope = NULL;
  549. BSTR bstrObjectName = NULL;
  550. STACK_BUFFER( buffUrl, 256 );
  551. DWORD cbBuffUrl;
  552. VARIANT vAccessCheckOutput;
  553. VARIANT * pResults = NULL;
  554. LONG lTokenHandle;
  555. VARIANT vValueArray;
  557. if ( pecb == NULL ||
  558. pfAccessGranted == NULL )
  559. {
  560. DBG_ASSERT( FALSE );
  561. return HRESULT_FROM_WIN32( ERROR_INVALID_PARAMETER );
  562. }
  564. VariantInit( &vNoParam );
  565. VariantInit( &vScope );
  566. VariantInit( &vScopes );
  567. VariantInit( &vAccessCheckOutput );
  568. VariantInit( &vValueArray );
  570. *pfAccessGranted = FALSE;
  572. //
  573. // First, get the token for this request.
  574. //
  576. fRet = pecb->ServerSupportFunction( pecb->ConnID,
  577. HSE_REQ_GET_IMPERSONATION_TOKEN,
  578. (VOID*)&hToken,
  579. NULL,
  580. NULL );
  582. if ( !fRet )
  583. {
  584. hr = HRESULT_FROM_WIN32( GetLastError() );
  585. goto Finished;
  586. }
  588. //
  589. // Now, get the AzClientContext from the token
  590. //
  592. DBG_ASSERT( _pIApplication != NULL );
  594. vNoParam.vt = VT_ERROR;
  595. vNoParam.scode = DISP_E_PARAMNOTFOUND;
  597. //
  598. // BUGBUG: This AZRoles API needs to be Win64 friendly
  599. //
  601. #if defined( _WIN64 )
  602. LARGE_INTEGER liLarge;
  603. liLarge.QuadPart = (LONGLONG) hToken;
  604. lTokenHandle = liLarge.LowPart;
  605. #else
  606. lTokenHandle = (LONG) hToken;
  607. #endif
  609. hr = _pIApplication->InitializeClientContextFromToken( lTokenHandle,
  610. vNoParam,
  611. &pIClientContext );
  612. if ( FAILED( hr ) )
  613. {
  614. goto Finished;
  615. }
  617. DBG_ASSERT( pIClientContext != NULL );
  619. //
  620. // Determine the object name. We'll just use the URL (probably want to
  621. // expose a "FULL_URL" variable which is just the Unicode-untranslated
  622. // (i.e. pathinfo/URL not split) string.
  623. //
  625. cbBuffUrl = buffUrl.QuerySize();
  627. fRet = pecb->GetServerVariable( pecb->ConnID,
  628. "UNICODE_URL",
  629. (CHAR*) buffUrl.QueryPtr(),
  630. &cbBuffUrl );
  631. if ( !fRet )
  632. {
  633. if ( GetLastError() != ERROR_INSUFFICIENT_BUFFER )
  634. {
  635. hr = HRESULT_FROM_WIN32( GetLastError() );
  636. goto Finished;
  637. }
  639. DBG_ASSERT( cbBuffUrl > buffUrl.QuerySize() );
  641. fRet = buffUrl.Resize( cbBuffUrl );
  642. if ( !fRet )
  643. {
  644. hr = HRESULT_FROM_WIN32( GetLastError() );
  645. goto Finished;
  646. }
  648. cbBuffUrl = buffUrl.QuerySize();
  650. fRet = pecb->GetServerVariable( pecb->ConnID,
  651. "UNICODE_URL",
  652. (CHAR*) buffUrl.QueryPtr(),
  653. &cbBuffUrl );
  654. if ( !fRet )
  655. {
  656. hr = HRESULT_FROM_WIN32( GetLastError() );
  657. goto Finished;
  658. }
  659. }
  661. //
  662. // How many more heap allocations can we do???
  663. //
  665. bstrObjectName = SysAllocString( (WCHAR*) buffUrl.QueryPtr() );
  666. if ( bstrObjectName == NULL )
  667. {
  668. hr = HRESULT_FROM_WIN32( GetLastError() );
  669. goto Finished;
  670. }
  672. //
  673. // Setup the scope variant array for this request. This is excruciating!
  674. //
  676. rgsaBound[ 0 ].lLbound = 0;
  677. rgsaBound[ 0 ].cElements = 1;
  679. psaScopes = SafeArrayCreate( VT_VARIANT, 1, rgsaBound );
  680. if ( psaScopes == NULL )
  681. {
  682. hr = HRESULT_FROM_WIN32( GetLastError() );
  683. goto Finished;
  684. }
  686. bstrScope = SysAllocString( pszScopeName ? pszScopeName : L"" );
  687. if ( bstrScope == NULL )
  688. {
  689. hr = HRESULT_FROM_WIN32( GetLastError() );
  690. goto Finished;
  691. }
  693. vScope.vt = VT_BSTR;
  694. vScope.bstrVal = bstrScope;
  696. lArrayIndex[ 0 ] = 0;
  698. hr = SafeArrayPutElement( psaScopes,
  699. lArrayIndex,
  700. &vScope );
  701. if ( FAILED( hr ) )
  702. {
  703. goto Finished;
  704. }
  705. bstrScope = NULL;
  707. vScopes.vt = VT_ARRAY;
  708. vScopes.parray = psaScopes;
  709. psaScopes = NULL;
  711. //
  712. // Build up the value array for use with business logic
  713. //
  715. hr = BuildValueArray( pecb,
  716. &vValueArray );
  718. //
  719. // After that ordeal, we're ready to call AccessCheck()!
  720. //
  722. hr = pIClientContext->AccessCheck( bstrObjectName,
  723. vScopes,
  724. _vOperations,
  725. sm_vNameArray,
  726. vValueArray,
  727. vNoParam,
  728. vNoParam,
  729. vNoParam,
  730. &vAccessCheckOutput );
  731. if ( FAILED( hr ) )
  732. {
  733. goto Finished;
  734. }
  736. //
  737. // Joy continues. Need to parse out what AccessCheck() returned
  738. //
  740. //
  741. // Return variant should be 1 dimension, 0 based array
  742. //
  744. DBG_ASSERT( vAccessCheckOutput.parray->rgsabound[ 0 ].lLbound == 0 );
  745. DBG_ASSERT( vAccessCheckOutput.parray->rgsabound[ 0 ].cElements == 1 );
  747. SafeArrayAccessData( vAccessCheckOutput.parray, (VOID**) &pResults );
  749. DBG_ASSERT( pResults[ 0 ].vt == VT_I4 );
  751. //
  752. // Finally, we can tell whether access was allowed or not
  753. //
  755. *pfAccessGranted = pResults[ 0 ].lVal == 0 ? TRUE : FALSE;
  757. SafeArrayUnaccessData( vAccessCheckOutput.parray );
  759. Finished:
  761. if ( pIClientContext != NULL )
  762. {
  763. pIClientContext->Release();
  764. pIClientContext = NULL;
  765. }
  767. if ( bstrScope != NULL )
  768. {
  769. SysFreeString( bstrScope );
  770. bstrScope = NULL;
  771. }
  773. if ( bstrObjectName != NULL )
  774. {
  775. SysFreeString( bstrObjectName );
  776. bstrObjectName = NULL;
  777. }
  779. if ( psaScopes != NULL )
  780. {
  781. SafeArrayDestroy( psaScopes );
  782. psaScopes = NULL;
  783. }
  785. VariantClear( &vScopes );
  786. VariantClear( &vAccessCheckOutput );
  787. VariantClear( &vValueArray );
  789. return hr;
  790. }