archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/net/ias/protocol/radius/valproxy.cpp

353 lines
8.8 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //#--------------------------------------------------------------
  2. //
  3. // File: valproxy.cpp
  4. //
  5. // Synopsis: Implementation of CValProxy class methods
  6. //
  7. //
  8. // History: 9/23/97 MKarki Created
  9. //
  10. // Copyright (C) 1997-2001 Microsoft Corporation
  11. // All rights reserved.
  12. //
  13. //----------------------------------------------------------------
  14. #include "radcommon.h"
  15. #include "valproxy.h"
  16. #include "radpkt.h"
  18. //++--------------------------------------------------------------
  19. //
  20. // Function: CValProxy
  21. //
  22. // Synopsis: This is the constructor of the CValProxy
  23. // class
  24. //
  25. // Arguments: NONE
  26. //
  27. // Returns: NONE
  28. //
  29. //
  30. // History: MKarki Created 9/28/97
  31. //
  32. //----------------------------------------------------------------
  33. CValProxy::CValProxy(
  34. VOID
  35. )
  36. : m_pCSendToPipe (NULL)
  37. {
  38. } // end of CValProxy constructor
  40. //++--------------------------------------------------------------
  41. //
  42. // Function: ~CValProxy
  43. //
  44. // Synopsis: This is the destructor of the CValProxy
  45. // class
  46. //
  47. // Arguments: NONE
  48. //
  49. // Returns: NONE
  50. //
  51. //
  52. // History: MKarki Created 9/28/97
  53. //
  54. //----------------------------------------------------------------
  55. CValProxy::~CValProxy(
  56. VOID
  57. )
  58. {
  59. } // end of CValProxy destructor
  61. //++--------------------------------------------------------------
  62. //
  63. // Function: Init
  64. //
  65. // Synopsis: This is the CValProxy public method used
  66. // in initialization of the class object
  67. //
  68. // Arguments: NONE
  69. //
  70. // Returns: status
  71. //
  72. //
  73. // History: MKarki Created 9/28/97
  74. //
  75. //----------------------------------------------------------------
  76. BOOL
  77. CValProxy::Init (
  78. CValAttributes *pCValAttributes,
  79. CPreProcessor *pCPreProcessor,
  80. CClients *pCClients,
  81. CHashMD5 *pCHashMD5,
  82. CSendToPipe *pCSendToPipe,
  83. CReportEvent *pCReportEvent
  84. )
  85. {
  86. BOOL bRetVal = FALSE;
  87. BOOL bStatus = FALSE;
  89. __try
  90. {
  92. //
  93. // call the base classes init method
  94. //
  95. bStatus = CValidator::Init (
  96. pCValAttributes,
  97. pCPreProcessor,
  98. pCClients,
  99. pCHashMD5,
  100. pCReportEvent
  101. );
  102. if (FALSE == bStatus) { __leave; }
  105. //
  106. // set the proxy state
  107. //
  108. m_pCSendToPipe = pCSendToPipe;
  110. //
  111. // initalization complete
  112. //
  113. bRetVal = TRUE;
  114. }
  115. __finally
  116. {
  117. //
  118. // nothing here for now
  119. //
  120. }
  122. return (bRetVal);
  124. } // end of CValProxy::Init method
  126. //++--------------------------------------------------------------
  127. //
  128. // Function: ValidateInPacket
  129. //
  130. // Synopsis: This is CValProxy class public method
  131. // that validates inbound Access Request packet
  132. //
  133. // Arguments: [IN] - CPacketRadius*
  134. //
  135. // Returns: HRESULT - status
  136. //
  137. //
  138. // History: MKarki Created 9/28/97
  139. //
  140. // Calleed By: CPreValidator class method
  141. //
  142. //----------------------------------------------------------------
  143. HRESULT
  144. CValProxy::ValidateInPacket(
  145. CPacketRadius * pCPacketRadius
  146. )
  147. {
  148. BOOL bRetVal = FALSE;
  149. HRESULT hr = S_OK;
  150. __try
  151. {
  152. //
  153. // validate the attributes
  154. //
  155. hr = m_pCValAttributes->Validate (pCPacketRadius);
  156. if (FAILED(hr)) { __leave; }
  158. //
  159. // authenticate packet now
  160. //
  162. BYTE ReqAuthenticator[AUTHENTICATOR_SIZE];
  163. hr = AuthenticatePacket (
  164. pCPacketRadius,
  165. ReqAuthenticator
  166. );
  167. if (FAILED(hr)) { __leave; }
  170. //
  171. // now give the packet for processing
  172. //
  173. hr = m_pCPreProcessor->StartInProcessing (pCPacketRadius);
  174. if (FAILED(hr)) { __leave; }
  176. //
  177. // successfully processed packet
  178. //
  179. bRetVal = TRUE;
  180. }
  181. __finally
  182. {
  183. //
  184. // nothing here for now
  185. //
  186. }
  188. if (bRetVal)
  189. {
  190. return S_OK;
  191. }
  192. else
  193. {
  194. if (FAILED(hr))
  195. {
  196. return hr;
  197. }
  198. else
  199. {
  200. return E_FAIL;
  201. }
  202. }
  203. } // end of CValProxy::ValidateInPacket method
  206. //++--------------------------------------------------------------
  207. //
  208. // Function: ValidateOutPacket
  209. //
  210. // Synopsis: This is CValProxy class public method
  211. // that validates outbound Access Request packet
  212. //
  213. // Arguments: NONE
  214. //
  215. // Returns: HRESULT - status
  216. //
  217. //
  218. // History: MKarki Created 9/28/97
  219. //
  220. // Calleed By: CPreValidator class method
  221. //
  222. //----------------------------------------------------------------
  223. HRESULT
  224. CValProxy::ValidateOutPacket(
  225. CPacketRadius * pCPacketRadius
  226. )
  227. {
  228. return S_OK;
  229. } // end of CValProxy::ValidateOutPacket method
  232. //++--------------------------------------------------------------
  233. //
  234. // Function: AuthenticatePacket
  235. //
  236. // Synopsis: This is CValProxy class private method
  237. // that authenticates the packet, by generating a
  238. // response authenticator with the packet and then
  239. // comparing it with the request authenticator
  240. //
  241. // Arguments: [in] - CPacketRadius*
  242. //
  243. // Returns: BOOL - status
  244. //
  245. //
  246. // History: MKarki Created 9/28/97
  247. //
  248. // Called By: CValProxy::ValidateInPacket method
  249. //
  250. //----------------------------------------------------------------
  251. HRESULT
  252. CValProxy::AuthenticatePacket (
  253. CPacketRadius *pCPacketRadius,
  254. PBYTE pbyAuthenticator
  255. )
  256. {
  257. BOOL bRetVal = FALSE;
  258. BOOL bStatus = FALSE;
  259. PRADIUSPACKET pPacketRadius = NULL;
  260. DWORD dwPacketHeaderSize = 0;
  261. DWORD dwAttributesLength = 0;
  262. BYTE HashResult[AUTHENTICATOR_SIZE];
  263. IIasClient *pIIasClient = NULL;
  264. HRESULT hr = S_OK;
  266. __try
  267. {
  268. //
  269. // check that the arguments passed in are correct
  270. //
  271. if ((NULL == pCPacketRadius) || (NULL == pbyAuthenticator))
  272. __leave;
  274. //
  275. // get a pointer to the raw packet
  276. //
  277. pPacketRadius = reinterpret_cast <PRADIUSPACKET>
  278. (pCPacketRadius->GetInPacket ());
  280. //
  281. // get the size of the packet without the attributes and
  282. // request authenticator
  283. //
  284. dwPacketHeaderSize = sizeof (RADIUSPACKET)
  285. - sizeof (BYTE)
  286. - AUTHENTICATOR_SIZE;
  288. //
  289. // get the total attributes length now
  290. //
  291. dwAttributesLength = ntohs (pPacketRadius->wLength)
  292. - (dwPacketHeaderSize + AUTHENTICATOR_SIZE);
  295. //
  296. // get the CClients object
  297. //
  298. hr = pCPacketRadius->GetClient (&pIIasClient);
  299. if (FAILED (hr)) { __leave; }
  301. //
  302. // get the shared secret from the client object
  303. //
  304. DWORD dwSecretSize;
  305. const BYTE* bySecret = pIIasClient->GetSecret(&dwSecretSize);
  307. //
  308. // do the hashing here
  309. //
  310. m_pCHashMD5->HashIt (
  311. reinterpret_cast <PBYTE> (&HashResult),
  312. NULL,
  313. 0,
  314. reinterpret_cast <PBYTE> (pPacketRadius),
  315. dwPacketHeaderSize,
  316. pbyAuthenticator,
  317. AUTHENTICATOR_SIZE,
  318. pPacketRadius->AttributeStart,
  319. dwAttributesLength,
  320. const_cast<BYTE*>(bySecret),
  321. dwSecretSize,
  322. 0,
  323. 0
  324. );
  326. if (memcmp (
  327. HashResult,
  328. pPacketRadius->Authenticator,
  329. AUTHENTICATOR_SIZE
  330. )
  331. != 0
  332. )
  333. __leave;
  336. //
  337. // we have successfully authenticated this packet
  338. //
  339. bRetVal = TRUE;
  342. }
  343. __finally
  344. {
  345. if (NULL != pIIasClient)
  346. {
  347. pIIasClient->Release ();
  348. }
  349. }
  352. return S_OK;
  353. } // end of CValProxy::AuthenticatePacket method