archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetsrv/iis/iisrearc/iisplus/w3isapi/dll_manager.cxx

724 lines
18 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2000-2001 Microsoft Corporation
  5. Module Name :
  6. dll_manager.cxx
  8. Abstract:
  9. IIS Plus ISAPI Handler. Dll management classes.
  11. Author:
  12. Taylor Weiss (TaylorW) 03-Feb-2000
  13. Wade A. Hilmo (WadeH) 08-Mar-2001
  15. Project:
  16. w3isapi.dll
  18. --*/
  20. #include "precomp.hxx"
  21. #include "dll_manager.h"
  23. ISAPI_DLL_MANAGER * g_pDllManager = NULL;
  25. PTRACE_LOG ISAPI_DLL::sm_pTraceLog;
  26. ALLOC_CACHE_HANDLER * ISAPI_DLL::sm_pachIsapiDlls;
  28. //
  29. // Generic mapping for Application access check
  30. //
  32. GENERIC_MAPPING g_FileGenericMapping =
  33. {
  34. FILE_GENERIC_READ,
  35. FILE_GENERIC_WRITE,
  36. FILE_GENERIC_EXECUTE,
  37. FILE_ALL_ACCESS
  38. };
  40. //static
  41. HRESULT
  42. ISAPI_DLL::Initialize(
  43. VOID
  44. )
  45. {
  46. ALLOC_CACHE_CONFIGURATION acConfig;
  48. #if DBG
  49. sm_pTraceLog = CreateRefTraceLog( 2000, 0 );
  50. #endif
  52. //
  53. // Initialize a lookaside for this structure
  54. //
  56. acConfig.nConcurrency = 1;
  57. acConfig.nThreshold = 100;
  58. acConfig.cbSize = sizeof( ISAPI_DLL );
  60. DBG_ASSERT( sm_pachIsapiDlls == NULL );
  62. sm_pachIsapiDlls = new ALLOC_CACHE_HANDLER( "ISAPI_DLL",
  63. &acConfig );
  65. if ( sm_pachIsapiDlls == NULL )
  66. {
  67. return HRESULT_FROM_WIN32( ERROR_NOT_ENOUGH_MEMORY );
  68. }
  70. return NO_ERROR;
  71. }
  73. //static
  74. VOID
  75. ISAPI_DLL::Terminate(
  76. VOID
  77. )
  78. {
  79. if ( sm_pTraceLog != NULL )
  80. {
  81. DestroyRefTraceLog( sm_pTraceLog );
  82. sm_pTraceLog = NULL;
  83. }
  85. if ( sm_pachIsapiDlls != NULL )
  86. {
  87. delete sm_pachIsapiDlls;
  88. sm_pachIsapiDlls = NULL;
  89. }
  90. }
  92. HRESULT
  93. ISAPI_DLL::SetName(
  94. const WCHAR * szModuleName,
  95. HANDLE hImpersonation
  96. )
  97. {
  98. HRESULT hr;
  99. BOOL fImpersonateForUnc = FALSE;
  101. DBG_ASSERT( CheckSignature() );
  103. hr = m_strModuleName.Copy( szModuleName );
  105. if ( FAILED( hr ) )
  106. {
  107. return hr;
  108. }
  110. //
  111. // Store a copy of the anti-canon module name
  112. //
  114. hr = MakePathCanonicalizationProof(
  115. const_cast<LPWSTR>( szModuleName ),
  116. &m_strAntiCanonModuleName
  117. );
  119. if ( SUCCEEDED( hr ) )
  120. {
  121. //
  122. // Verify that the file exists by getting its attributes.
  123. //
  124. // Note that in the UNC case, we have to do an impersonation
  125. // before we can make this call.
  126. //
  128. if ( wcsncmp( szModuleName, L"\\\\", 2 ) == 0 )
  129. {
  130. fImpersonateForUnc = SetThreadToken( NULL, hImpersonation );
  132. if ( !fImpersonateForUnc )
  133. {
  134. hr = HRESULT_FROM_WIN32( GetLastError() );
  136. DBGPRINTF((
  137. DBG_CONTEXT,
  138. "Attempt impersonate to get file attributes on %S failed "
  139. "with error 0x%08x.\r\n",
  140. szModuleName,
  141. hr
  142. ));
  144. return hr;
  145. }
  146. }
  148. if ( GetFileAttributes( m_strAntiCanonModuleName.QueryStr() ) ==
  149. 0xffffffff )
  150. {
  151. IF_DEBUG( DLL_MANAGER )
  152. {
  153. DBGPRINTF((
  154. DBG_CONTEXT,
  155. "Attempt to get file attributes on %S failed "
  156. "with error %d.\r\n",
  157. szModuleName,
  158. GetLastError()
  159. ));
  160. }
  162. //
  163. // CODEWORK - This smoke and mirrors game with the last
  164. // error is to preserve the old behavior that extensions
  165. // that are not found return 500 errors to the client
  166. // instead of 404.
  167. //
  169. if ( GetLastError() == ERROR_FILE_NOT_FOUND )
  170. {
  171. SetLastError( ERROR_MOD_NOT_FOUND );
  172. }
  174. hr = HRESULT_FROM_WIN32( GetLastError() );
  175. }
  176. }
  178. if ( fImpersonateForUnc )
  179. {
  180. RevertToSelf();
  181. }
  183. return hr;
  184. }
  186. HRESULT
  187. ISAPI_DLL::SetFastSid(
  188. IN PSID pSid
  189. )
  190. {
  191. DBG_ASSERT( pSid != NULL );
  193. if ( GetLengthSid( pSid ) <= sizeof( m_abFastSid ) )
  194. {
  195. memcpy( m_abFastSid,
  196. pSid,
  197. GetLengthSid( pSid ) );
  199. m_pFastSid = m_abFastSid;
  200. }
  202. return NO_ERROR;
  203. }
  205. HRESULT
  206. ISAPI_DLL::Load(
  207. IN HANDLE hImpersonation,
  208. IN PSID pSid
  209. )
  210. {
  211. HRESULT hr;
  212. HSE_VERSION_INFO VersionInfo;
  213. BOOL fImpersonatingForUnc = FALSE;
  215. DBG_ASSERT( CheckSignature() );
  217. //
  218. // Check to see if the dll is already loaded.
  219. // If so, just return NO_ERROR.
  220. //
  222. if ( m_fIsLoaded )
  223. {
  224. return NO_ERROR;
  225. }
  227. //
  228. // So the dll is not loaded. Grab the lock and
  229. // check again (another thread may have snuck in between
  230. // the first test and now and already loaded it...
  231. //
  233. Lock();
  235. if ( !m_fIsLoaded )
  236. {
  237. //
  238. // Load the ACL for the dll file and do an access check
  239. // before loading the dll itself. This is a slightly different
  240. // approach than what earlier versions of IIS did. We are
  241. // not going to be actually doing impersonation at the time
  242. // we load the dll as earlier versions did. As a result,
  243. // DllMain's DLL_PROCESS_ATTACH will run in the context of
  244. // the worker process primary token instead of as the
  245. // authenticated user.
  246. //
  247. // This new approach is the right way to do it, but it might
  248. // introduce an incompatibility with any extensions that implement
  249. // code in DllMain that depends on running as the authenticated
  250. // user. It is very, very unlikely that we'll see this problem.
  251. // If we do, the solution is to impersonate the token before
  252. // calling LoadLibraryEx.
  253. //
  255. //
  256. // Before calling LoadAcl, we should check to see if this
  257. // dll lives on a UNC path. If it does, then we need to
  258. // do the impersonation before attempting to load the ACL,
  259. // since we can't assume that the inetinfo or w3wp process
  260. // token can jump off the box.
  261. //
  263. if ( wcsncmp( m_strModuleName.QueryStr(), L"\\\\", 2 ) == 0 )
  264. {
  265. fImpersonatingForUnc = SetThreadToken( NULL, hImpersonation );
  267. if ( !fImpersonatingForUnc )
  268. {
  269. hr = HRESULT_FROM_WIN32( GetLastError() );
  271. DBGPRINTF(( DBG_CONTEXT,
  272. "[ISAPI_DLL::Load] SetThreadToken failed for %S. Error %0x08x\n",
  273. m_strModuleName.QueryStr(),
  274. hr
  275. ));
  277. goto Failed;
  278. }
  279. }
  281. hr = LoadAcl( m_strAntiCanonModuleName );
  283. if ( FAILED( hr ) )
  284. {
  285. goto Failed;
  286. }
  288. if ( !AccessCheck( hImpersonation,
  289. pSid ) )
  290. {
  291. hr = HRESULT_FROM_WIN32( ERROR_ACCESS_DENIED );
  292. goto Failed;
  293. }
  295. //
  296. // Since we've just passed an AccessCheck, we can cache
  297. // the fast SID now.
  298. //
  300. if ( pSid != NULL )
  301. {
  302. hr = SetFastSid( pSid );
  304. if ( FAILED( hr ) )
  305. {
  306. goto Failed;
  307. }
  308. }
  310. m_hModule = LoadLibraryEx( m_strAntiCanonModuleName.QueryStr(),
  311. NULL,
  312. LOAD_WITH_ALTERED_SEARCH_PATH
  313. );
  315. if ( m_hModule == NULL )
  316. {
  317. hr = HRESULT_FROM_WIN32( GetLastError() );
  319. DBGPRINTF(( DBG_CONTEXT,
  320. "[ISAPI_DLL::Load] LoadLibrary %S failed. Error %d\n",
  321. m_strModuleName.QueryStr(),
  322. GetLastError()
  323. ));
  325. goto Failed;
  326. }
  328. //
  329. // Lose the impersonation token before we call any more entry points...
  330. //
  332. if ( fImpersonatingForUnc )
  333. {
  334. RevertToSelf();
  335. fImpersonatingForUnc = FALSE;
  336. }
  338. //
  339. // Get the entry points
  340. //
  342. m_pfnGetExtensionVersion =
  343. (PFN_GETEXTENSIONVERSION)GetProcAddress( m_hModule,
  344. "GetExtensionVersion"
  345. );
  347. m_pfnTerminateExtension =
  348. (PFN_TERMINATEEXTENSION)GetProcAddress( m_hModule,
  349. "TerminateExtension"
  350. );
  352. m_pfnHttpExtensionProc =
  353. (PFN_HTTPEXTENSIONPROC)GetProcAddress( m_hModule,
  354. "HttpExtensionProc"
  355. );
  357. //
  358. // HttpExtensionProc and GetExtensionVersion are required
  359. //
  361. if( !m_pfnGetExtensionVersion ||
  362. !m_pfnHttpExtensionProc )
  363. {
  364. hr = HRESULT_FROM_WIN32( ERROR_PROC_NOT_FOUND );
  366. //
  367. // Make sure we dont call TerminateExtension on
  368. // cleanup.
  369. //
  371. m_pfnTerminateExtension = NULL;
  373. goto Failed;
  374. }
  376. if( !m_pfnGetExtensionVersion( &VersionInfo ) )
  377. {
  378. hr = GetLastError() == ERROR_SUCCESS ?
  379. E_FAIL :
  380. HRESULT_FROM_WIN32( GetLastError() );
  382. goto Failed;
  383. }
  385. DBGPRINTF(( DBG_CONTEXT,
  386. "ISAPI_DLL::Load() Loaded extension %S, "
  387. " description \"%s\"\n",
  388. m_strModuleName.QueryStr(),
  389. VersionInfo.lpszExtensionDesc ));
  391. m_fIsLoaded = TRUE;
  392. }
  394. Unlock();
  396. return NO_ERROR;
  398. Failed:
  400. DBG_ASSERT( FAILED( hr ) );
  402. //
  403. // Clean up after the failed load attempt
  404. //
  406. if ( fImpersonatingForUnc )
  407. {
  408. RevertToSelf();
  409. fImpersonatingForUnc = FALSE;
  410. }
  412. if ( m_pfnHttpExtensionProc )
  413. {
  414. m_pfnHttpExtensionProc = NULL;
  415. }
  417. if ( m_pfnGetExtensionVersion )
  418. {
  419. m_pfnGetExtensionVersion = NULL;
  420. }
  422. if ( m_pfnTerminateExtension )
  423. {
  424. m_pfnTerminateExtension = NULL;
  425. }
  427. if ( m_hModule )
  428. {
  429. FreeLibrary( m_hModule );
  430. m_hModule = NULL;
  431. }
  433. Unlock();
  435. return hr;
  436. }
  438. VOID
  439. ISAPI_DLL::Unload( VOID )
  440. {
  441. if( m_pfnTerminateExtension )
  442. {
  443. m_pfnTerminateExtension( HSE_TERM_MUST_UNLOAD );
  444. m_pfnTerminateExtension = NULL;
  445. }
  447. m_pfnGetExtensionVersion = NULL;
  448. m_pfnHttpExtensionProc = NULL;
  450. if( m_hModule )
  451. {
  452. FreeLibrary( m_hModule );
  453. }
  454. }
  456. HRESULT
  457. ISAPI_DLL::LoadAcl( STRU &strModuleName )
  458. {
  459. DWORD cbSecDesc = m_buffSD.QuerySize();
  460. DWORD dwError;
  462. DBG_ASSERT( CheckSignature() );
  464. //
  465. // Force an access check on the next request
  466. //
  468. while ( !GetFileSecurity( strModuleName.QueryStr(),
  469. (OWNER_SECURITY_INFORMATION |
  470. GROUP_SECURITY_INFORMATION |
  471. DACL_SECURITY_INFORMATION),
  472. m_buffSD.QueryPtr(),
  473. m_buffSD.QuerySize(),
  474. &cbSecDesc ))
  475. {
  476. if ( ( dwError = GetLastError() ) != ERROR_INSUFFICIENT_BUFFER )
  477. {
  478. return HRESULT_FROM_WIN32( dwError );
  479. }
  481. if ( !m_buffSD.Resize( cbSecDesc ) )
  482. {
  483. return HRESULT_FROM_WIN32( ERROR_NOT_ENOUGH_MEMORY );
  484. }
  486. //
  487. // Hopefully, we have sufficient buffer now, retry
  488. //
  489. }
  491. return NOERROR;
  492. }
  494. BOOL
  495. ISAPI_DLL::AccessCheck(
  496. IN HANDLE hImpersonation,
  497. IN PSID pSid
  498. )
  499. {
  500. BOOL fRet = TRUE;
  501. DWORD dwGrantedAccess = 0;
  502. BYTE PrivSet[400];
  503. DWORD cbPrivilegeSet = sizeof(PrivSet);
  504. BOOL fAccessGranted;
  506. DBG_ASSERT( CheckSignature() );
  508. //
  509. // First compare to the fast check SID if possible
  510. //
  512. if ( pSid != NULL && QueryFastSid() != NULL )
  513. {
  514. if ( EqualSid( pSid, QueryFastSid() ) )
  515. {
  516. return TRUE;
  517. }
  518. }
  520. //
  521. // Ok, just do the real access check
  522. //
  524. fRet = ( ::AccessCheck( QuerySecDesc(),
  525. hImpersonation,
  526. FILE_GENERIC_EXECUTE,
  527. &g_FileGenericMapping,
  528. (PRIVILEGE_SET *) &PrivSet,
  529. &cbPrivilegeSet,
  530. &dwGrantedAccess,
  531. &fAccessGranted )
  532. && fAccessGranted);
  534. return fRet;
  535. }
  537. HRESULT
  538. ISAPI_DLL_MANAGER::GetIsapi(
  539. IN const WCHAR * szModuleName,
  540. OUT ISAPI_DLL ** ppIsapiDll,
  541. IN HANDLE hImpersonation,
  542. IN PSID pSid
  543. )
  544. {
  545. HRESULT hr = NOERROR;
  546. ISAPI_DLL * pIsapiDll = NULL;
  547. LK_RETCODE lkrc;
  549. IF_DEBUG( DLL_MANAGER )
  550. {
  551. DBGPRINTF((
  552. DBG_CONTEXT,
  553. "DllManager looking for %S.\r\n",
  554. szModuleName
  555. ));
  556. }
  558. //
  559. // Check for the ISAPI in the hash table. If we don't
  560. // find it, then we'll need to create an entry in the
  561. // hash for it.
  562. //
  564. lkrc = m_IsapiHash.FindKey( szModuleName, &pIsapiDll );
  566. if ( lkrc == LK_SUCCESS )
  567. {
  568. IF_DEBUG( DLL_MANAGER )
  569. {
  570. DBGPRINTF((
  571. DBG_CONTEXT,
  572. "Found ISAPI_DLL %p (%S).\r\n",
  573. pIsapiDll,
  574. pIsapiDll->QueryModuleName()
  575. ));
  576. }
  577. }
  578. else
  579. {
  580. //
  581. // Create a new entry
  582. //
  584. IF_DEBUG( DLL_MANAGER )
  585. {
  586. DBGPRINTF((
  587. DBG_CONTEXT,
  588. "Creating new ISAPI_DLL object for %S.\r\n",
  589. szModuleName
  590. ));
  591. }
  593. pIsapiDll = new ISAPI_DLL;
  595. if ( !pIsapiDll )
  596. {
  597. hr = HRESULT_FROM_WIN32( ERROR_NOT_ENOUGH_MEMORY );
  598. goto Failed;
  599. }
  601. if ( FAILED( hr = pIsapiDll->SetName( szModuleName, hImpersonation ) ) )
  602. {
  603. pIsapiDll->DereferenceIsapiDll();
  604. pIsapiDll = NULL;
  605. goto Failed;
  606. }
  608. //
  609. // Insert the new object into the hash table. If someone
  610. // else beat us to it, then we'll just release our new one.
  611. //
  613. lkrc = m_IsapiHash.InsertRecord( pIsapiDll );
  615. if ( lkrc == LK_SUCCESS )
  616. {
  617. IF_DEBUG( DLL_MANAGER )
  618. {
  619. DBGPRINTF((
  620. DBG_CONTEXT,
  621. "Added ISAPI_DLL %p to table for %S.\r\n",
  622. pIsapiDll,
  623. szModuleName
  624. ));
  625. }
  626. }
  627. else
  628. {
  629. pIsapiDll->DereferenceIsapiDll();
  630. pIsapiDll = NULL;
  632. if ( lkrc == LK_KEY_EXISTS )
  633. {
  634. IF_DEBUG( DLL_MANAGER )
  635. {
  636. DBGPRINTF((
  637. DBG_CONTEXT,
  638. "InsertRecord for %S returned LK_KEY_EXISTS.\r\n",
  639. szModuleName
  640. ));
  641. }
  643. //
  644. // Ok, so let's get the existing one
  645. //
  647. lkrc = m_IsapiHash.FindKey( szModuleName, &pIsapiDll );
  648. }
  650. if ( lkrc != LK_SUCCESS )
  651. {
  652. hr = HRESULT_FROM_WIN32( lkrc );
  653. goto Failed;
  654. }
  655. }
  656. }
  658. DBG_ASSERT( pIsapiDll );
  660. //
  661. // Call the Load function for the ISAPI_DLL. Note that the ISAPI_DLL
  662. // function is smart enough to deal with locking on GetExtensionVersion
  663. // and in only allowing it to happen one time.
  664. //
  666. hr = pIsapiDll->Load( hImpersonation,
  667. pSid );
  669. if ( FAILED( hr ) )
  670. {
  671. goto Failed;
  672. }
  674. //
  675. // We've got the extension, but we still need to do
  676. // an access check to make sure that the client
  677. // is allowed to run it.
  678. //
  680. DBG_ASSERT( pIsapiDll );
  682. if ( !pIsapiDll->AccessCheck( hImpersonation,
  683. pSid ) )
  684. {
  685. hr = HRESULT_FROM_WIN32( ERROR_ACCESS_DENIED );
  686. goto Failed;
  687. }
  689. //
  690. // We're about to return successfully. Set the out parameter now.
  691. //
  693. *ppIsapiDll = pIsapiDll;
  695. DBG_ASSERT( SUCCEEDED( hr ) );
  697. return hr;
  699. Failed:
  701. DBG_ASSERT( FAILED( hr ) );
  703. IF_DEBUG( DLL_MANAGER )
  704. {
  705. DBGPRINTF((
  706. DBG_CONTEXT,
  707. "Error %d(0x%08x) occurred getting ISAPI_DLL object for %S.\r\n",
  708. hr,
  709. hr,
  710. szModuleName
  711. ));
  712. }
  714. if ( pIsapiDll )
  715. {
  716. pIsapiDll->DereferenceIsapiDll();
  717. pIsapiDll = NULL;
  718. }
  720. return hr;
  721. }