archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/cryptoapi/test/capi20/trpfx/rpfx.cpp

340 lines
11 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //depot/Lab03_DEV/Ds/security/cryptoapi/test/capi20/trpfx/rpfx.cpp#2 - edit change 21738 (text)
  2. //--------------------------------------------------------------------
  3. // rpfx - implementation
  4. // Copyright (C) Microsoft Corporation, 2001
  5. //
  6. // Created by: Duncan Bryce (duncanb), 11-11-2001
  7. //
  8. // Core functionality of the rpfx tool
  11. #include "pch.h"
  13. HINSTANCE g_hThisModule = NULL;
  16. //--------------------------------------------------------------------------
  17. void __cdecl SeTransFunc(unsigned int u, EXCEPTION_POINTERS* pExp) {
  18. throw SeException(u);
  19. }
  21. //--------------------------------------------------------------------------
  22. void PrintHelp() {
  23. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_HELP);
  24. }
  26. //--------------------------------------------------------------------------
  27. extern "C" LPVOID MIDL_user_allocate(size_t cb) {
  28. return LocalAlloc(LPTR, cb);
  29. }
  31. //--------------------------------------------------------------------------
  32. extern "C" void MIDL_user_free(LPVOID pvBuffer) {
  33. LocalFree(pvBuffer);
  34. }
  36. //--------------------------------------------------------------------------
  37. HRESULT ParseServerFile(LPWSTR wszFileName, StringList & vServers) {
  38. FILE *pFile = NULL;
  39. HRESULT hr;
  40. WCHAR *wszCurrent = NULL;
  41. WCHAR wszServer[1024];
  43. ZeroMemory(&wszServer, sizeof(wszServer));
  45. pFile = _wfopen(wszFileName, L"r");
  46. if(NULL == pFile) {
  47. _JumpLastError(hr, error, "_wfopen");
  48. }
  50. while (1 == fwscanf(pFile, L"%s", wszServer)) {
  51. if (L'\0' != *wszServer) {
  52. // Not worth bothering to do more than this for a simple command-line tool like this
  53. _MyAssert(wcslen(wszServer) < ARRAYSIZE(wszServer));
  55. wszCurrent = (LPWSTR)LocalAlloc(LPTR, sizeof(WCHAR)*(wcslen(wszServer)+1));
  56. _JumpIfOutOfMemory(hr, error, wszCurrent);
  57. wcscpy(wszCurrent, wszServer);
  59. _SafeStlCall(vServers.push_back(wszCurrent), hr, error, "vServers.push_back(wszServer)");
  60. wszCurrent = NULL;
  61. }
  63. fgetwc(pFile);
  64. }
  66. hr = S_OK;
  67. error:
  68. if (NULL != pFile) {
  69. fclose(pFile);
  70. }
  71. if (NULL != wszCurrent) {
  72. LocalFree(wszCurrent);
  73. }
  74. // Caller is responsible for freeing strings in vServers.
  76. return hr;
  77. }
  80. //---------------------------------------------------------------------------------
  81. HRESULT RemoteInstall(CmdArgs *pca) {
  82. bool bExportable = false;
  83. bool bFreeServerList = false;
  84. bool bImpersonated = false;
  85. DWORD dwResult;
  86. HANDLE hToken = NULL;
  87. HRESULT hr;
  88. KEYSVC_BLOB blobPFX;
  89. KEYSVC_UNICODE_STRING strPassword;
  90. KEYSVCC_HANDLE hKeySvcCli = NULL;
  91. LPSTR szMachineName = NULL;
  92. LPWSTR wszDomainName = NULL; // doesn't need to be freed
  93. LPWSTR wszFileName = NULL; // doesn't need to be freed
  94. LPWSTR wszPassword = NULL; // doesn't need to be freed
  95. LPWSTR wszPFXPassword = NULL; // doesn't need to be freed
  96. LPWSTR wszServerName = NULL; // doesn't need to be freed
  97. LPWSTR wszServerFileName = NULL; // doesn't need to be freed
  98. LPWSTR wszUserAndDomain = NULL; // doesn't need to be freed
  99. LPWSTR wszUserName = NULL; // doesn't need to be freed
  100. StringList vServers;
  101. ULONG ulPFXImportFlags;
  102. unsigned int nArgID;
  104. ZeroMemory(&blobPFX, sizeof(blobPFX));
  105. ZeroMemory(&strPassword, sizeof(strPassword));
  107. // We're doing a remote PFX install. Attempt to parse the information
  108. // we need from the command line. We need:
  109. //
  110. // a) The path to the PFX file to install
  111. //
  113. if (FindArg(pca, L"file", &wszFileName, &nArgID)) {
  114. MarkArgUsed(pca, nArgID);
  115. } else {
  116. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_ERROR_PARAMETER_MISSING, L"pfxfile");
  117. hr = E_INVALIDARG;
  118. _JumpError(hr, error, "RemoteInstall: pfxfile missing");
  119. }
  121. // b) Either a machine name to install the file on, or a file which contains
  122. // a carriage-return delimted list of machines to install the file on
  123. //
  125. if (FindArg(pca, L"server", &wszServerName, &nArgID)) {
  126. MarkArgUsed(pca, nArgID);
  128. _SafeStlCall(vServers.push_back(wszServerName), hr, error, "vServers.push_back");
  129. wszServerName = NULL; // we'll clean up all strings in vServers
  130. } else {
  131. // No remote machine was specified. See if they specified a server file:
  132. if (FindArg(pca, L"serverlist", &wszServerFileName, &nArgID)) {
  133. MarkArgUsed(pca, nArgID);
  135. bFreeServerList = true;
  136. hr = ParseServerFile(wszServerFileName, vServers);
  137. _JumpIfError(hr, error, "ParseServerFile");
  138. } else {
  139. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_ERROR_ONEOF_2_PARAMETERS_MISSING, L"server", L"serverfile");
  140. hr = E_INVALIDARG;
  141. _JumpError(hr, error, "RemoteInstall: pfx destination missing");
  142. }
  143. }
  145. // c) The password to use when importing the pfx file:
  146. //
  148. if (FindArg(pca, L"pfxpwd", &wszPFXPassword, &nArgID)) {
  149. MarkArgUsed(pca, nArgID);
  150. InitKeysvcUnicodeString(&strPassword, wszPFXPassword);
  151. } else {
  152. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_ERROR_PARAMETER_MISSING, L"pfxpassword");
  153. hr = E_INVALIDARG;
  154. _JumpError(hr, error, "RemoteInstall: pfxpassword missing");
  155. }
  157. // d) Optionally, flags controlling key creation on the remote machine.
  158. // Only CRYPT_EXPORTABLE may be currently specified
  159. //
  161. if (FindArg(pca, L"exportable", NULL, &nArgID)) {
  162. MarkArgUsed(pca, nArgID);
  163. bExportable = true;
  164. }
  166. // e) Optionally, a username & password combination to use when authenticating to the remote machines
  167. //
  169. if (FindArg(pca, L"user", &wszUserAndDomain, &nArgID)) {
  170. MarkArgUsed(pca, nArgID);
  172. if (FindArg(pca, L"pwd", &wszPassword, &nArgID)) {
  173. MarkArgUsed(pca, nArgID);
  175. // Parse the username string to see if we have UPN or NT4 style.
  176. WCHAR *wszSplit = wcschr(wszUserAndDomain, L'\\');
  177. if (NULL != wszSplit) {
  178. wszDomainName = wszUserAndDomain;
  179. *wszSplit = L'\0';
  180. wszUserName = wszSplit+1;
  181. } else {
  182. wszUserName = wszUserAndDomain;
  183. }
  185. if (!LogonUser(wszUserName, wszDomainName, wszPassword, LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, &hToken)) {
  186. _JumpLastError(hr, error, "LogonUser");
  187. }
  189. if (!ImpersonateLoggedOnUser(hToken)) {
  190. _JumpLastError(hr, error, "ImpersonateLoggedOnUser");
  191. }
  192. bImpersonated = true;
  194. } else {
  195. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_ERROR_PARAMETER_MISSING, L"password");
  196. hr = E_INVALIDARG;
  197. _JumpError(hr, error, "RemoteInstall: password missing");
  198. }
  199. }
  201. hr = VerifyAllArgsUsed(pca);
  202. _JumpIfError(hr, error, "VerifyAllArgsUsed");
  204. // Calculate the import flags we're going to use based on the command line options:
  205. //
  206. ulPFXImportFlags = CRYPT_MACHINE_KEYSET;
  207. if (bExportable) {
  208. ulPFXImportFlags |= CRYPT_EXPORTABLE;
  209. }
  211. for (StringIter wszIter = vServers.begin(); wszIter != vServers.end(); wszIter++) {
  212. szMachineName = MBFromWide(*wszIter);
  213. if (NULL == szMachineName) {
  214. _JumpLastError(hr, error, "MBFromWide");
  215. }
  217. // Attempt to bind to the remote machine:
  218. dwResult = RKeyOpenKeyService(szMachineName, KeySvcMachine, NULL, (void *)0 /*allow insecure connection*/, NULL, &hKeySvcCli);
  219. if (ERROR_SUCCESS != dwResult) {
  220. hKeySvcCli = NULL; // handle is invalid on error
  221. hr = HRESULT_FROM_WIN32(dwResult);
  222. _JumpError(hr, NextServer, "RKeyOpenKeyService");
  223. }
  225. // If we haven't yet, map the PFX file:
  226. if (NULL == blobPFX.pb) {
  227. hr = MyMapFile(wszFileName, &blobPFX.pb, &blobPFX.cb);
  228. _JumpIfError(hr, error, "MyMapFile");
  229. }
  231. // Install the PFX file on the remote machine:
  232. dwResult = RKeyPFXInstall(hKeySvcCli, &blobPFX, &strPassword, ulPFXImportFlags);
  233. if (ERROR_SUCCESS != dwResult) {
  234. hr = HRESULT_FROM_WIN32(dwResult);
  235. _JumpError(hr, NextServer, "RKeyPFXInstall");
  236. }
  238. NextServer:
  239. if (FAILED(hr)) {
  240. WCHAR * wszError;
  241. HRESULT hr2=GetSystemErrorString(hr, &wszError);
  242. if (FAILED(hr2)) {
  243. _IgnoreError(hr2, "GetSystemErrorString");
  244. } else {
  245. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_REMOTE_INSTALL_ERROR, *wszIter, wszError);
  246. LocalFree(wszError);
  247. }
  248. } else {
  249. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_REMOTE_INSTALL_SUCCESS, *wszIter);
  250. }
  252. if (NULL != hKeySvcCli) {
  253. RKeyCloseKeyService(hKeySvcCli, NULL);
  254. hKeySvcCli = NULL;
  255. }
  256. }
  258. hr = S_OK;
  259. error:
  260. if (NULL != hToken) {
  261. CloseHandle(hToken);
  262. }
  263. if (bImpersonated) {
  264. RevertToSelf();
  265. }
  266. if (NULL != blobPFX.pb) {
  267. MyUnmapFile(blobPFX.pb);
  268. }
  269. if (NULL != hKeySvcCli) {
  270. RKeyCloseKeyService(hKeySvcCli, NULL /*reserved*/);
  271. }
  272. if (NULL != szMachineName) {
  273. LocalFree(szMachineName);
  274. }
  275. if (bFreeServerList) {
  276. for (StringIter wszIter = vServers.begin(); wszIter != vServers.end(); wszIter++) {
  277. LocalFree(*wszIter);
  278. }
  279. }
  280. if (FAILED(hr) && E_INVALIDARG!=hr) {
  281. WCHAR * wszError;
  282. HRESULT hr2=GetSystemErrorString(hr, &wszError);
  283. if (FAILED(hr2)) {
  284. _IgnoreError(hr2, "GetSystemErrorString");
  285. } else {
  286. DisplayMsg(FORMAT_MESSAGE_FROM_HMODULE, IDS_ERROR_GENERAL, wszError);
  287. LocalFree(wszError);
  288. }
  289. }
  290. return hr;
  291. }
  295. //--------------------------------------------------------------------
  296. extern "C" int WINAPI WinMain
  297. (HINSTANCE hinstExe,
  298. HINSTANCE hinstExePrev,
  299. LPSTR pszCommandLine,
  300. int nCommandShow)
  301. {
  302. g_hThisModule = hinstExe;
  304. HRESULT hr;
  305. CmdArgs caArgs;
  306. int nArgs = 0;
  307. WCHAR **rgwszArgs = NULL;
  309. hr = InitializeConsoleOutput();
  310. _JumpIfError(hr, error, "InitializeConsoleOutput");
  312. rgwszArgs = CommandLineToArgvW(GetCommandLineW(), &nArgs);
  313. if (nArgs < 0 || NULL == rgwszArgs) {
  314. _JumpError(HRESULT_FROM_WIN32(GetLastError()), error, "GetCommandLineW");
  315. }
  317. // analyze args
  318. caArgs.nArgs=nArgs;
  319. caArgs.nNextArg=1;
  320. caArgs.rgwszArgs=rgwszArgs;
  322. // check for help command
  323. if (true==CheckNextArg(&caArgs, L"?", NULL) || caArgs.nNextArg==caArgs.nArgs) {
  324. PrintHelp();
  326. // Default to the "install" command.
  327. } else {
  328. hr = RemoteInstall(&caArgs);
  329. _JumpIfError(hr, error, "RemoteInstall");
  330. }
  334. hr=S_OK;
  335. error:
  336. return hr;
  337. }