archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/inetcore/winhttp/v5/api/certcach.cxx

493 lines
9.3 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1996 Microsoft Corporation
  5. Module Name:
  7. certcach.cxx
  9. Abstract:
  11. Contains class implementation for certificate cache object.
  12. This object will hold various Certificate entries.
  14. Contents:
  15. SECURITY_CACHE_LIST_ENTRY::SECURITY_CACHE_LIST_ENTRY
  16. SECURITY_CACHE_LIST_ENTRY::~SECURITY_CACHE_LIST_ENTRY
  17. SECURITY_CACHE_LIST_ENTRY::AddRef
  18. SECURITY_CACHE_LIST_ENTRY::Release
  19. SECURITY_CACHE_LIST_ENTRY::Clear
  20. SECURITY_CACHE_LIST::Find
  21. SECURITY_CACHE_LIST::Add
  22. SECURITY_CACHE_LIST::ClearList
  24. TODO: Add Cert validation. What if Cert is given but different?
  26. Author:
  28. Arthur L Bierer (arthurbi) 20-Apr-1996
  30. Revision History:
  32. 20-Apr-1996 arthurbi
  33. Created
  35. --*/
  36. #include <wininetp.h>
  38. //
  39. // private manifests
  40. //
  42. #define MAX_CERT_CACHE_CERTS 16
  44. //
  45. // private types
  46. //
  48. //
  49. // SECURITY_CACHE_LIST_ENTRY member functions
  50. //
  53. SECURITY_CACHE_LIST_ENTRY::SECURITY_CACHE_LIST_ENTRY(
  54. IN LPSTR lpszHostName
  55. )
  57. /*++
  59. Routine Description:
  61. SECURITY_CACHE_LIST_ENTRY constructor. Create object; don't add it to list
  63. Arguments:
  65. lpszHostName - name of host for which this cache entry created
  67. Return Value:
  69. None.
  71. --*/
  73. {
  74. DEBUG_ENTER((DBG_OBJECTS,
  75. None,
  76. "SECURITY_CACHE_LIST_ENTRY::SECURITY_CACHE_LIST_ENTRY",
  77. "%q",
  78. lpszHostName
  79. ));
  81. #if INET_DEBUG
  82. _List.Flink = _List.Blink = NULL;
  83. #endif
  84. _cRef = 1;
  85. _fInCache = FALSE;
  86. _ServerName = lpszHostName;
  87. ZeroMemory(&_CertInfo, sizeof(_CertInfo));
  88. _dwSecurityFlags = 0;
  89. _dwStatusFlags = 0;
  90. _pCertContextArray = NULL;
  92. #if INET_DEBUG
  93. m_Signature = 0x454c4353; // 'SCLE'
  94. #endif
  96. DEBUG_LEAVE(0);
  97. }
  100. SECURITY_CACHE_LIST_ENTRY::~SECURITY_CACHE_LIST_ENTRY()
  102. /*++
  104. Routine Description:
  106. SECURITY_CACHE_LIST_ENTRY destructor.
  108. Arguments:
  110. None.
  112. Return Value:
  114. None.
  116. --*/
  118. {
  119. DEBUG_ENTER((DBG_OBJECTS,
  120. None,
  121. "~SECURITY_CACHE_LIST_ENTRY",
  122. "{%#x [%q]}",
  123. this,
  124. _ServerName.StringAddress()
  125. ));
  127. INET_ASSERT((_List.Flink == NULL) && (_List.Blink == NULL));
  129. Clear();
  131. DEBUG_LEAVE(0);
  132. }
  135. LONG
  136. SECURITY_CACHE_LIST_ENTRY::AddRef(
  137. VOID
  138. )
  140. /*++
  142. Routine Description:
  144. Increment reference count of SECURITY_CACHE_LIST_ENTRY
  146. Arguments:
  148. None.
  150. Return Value:
  152. LONG - reference count after increment
  154. --*/
  156. {
  157. DEBUG_ENTER((DBG_OBJECTS,
  158. Int,
  159. "SECURITY_CACHE_LIST_ENTRY::AddRef",
  160. "{%#x [%q, %d]}",
  161. this,
  162. _ServerName.StringAddress(),
  163. _cRef
  164. ));
  166. InterlockedIncrement(&_cRef);
  168. DEBUG_LEAVE(_cRef);
  170. return _cRef;
  171. }
  174. LONG
  175. SECURITY_CACHE_LIST_ENTRY::Release(
  176. VOID
  177. )
  179. /*++
  181. Routine Description:
  183. Decrement reference count and destroy object if (<=) zero
  185. Arguments:
  187. None.
  189. Return Value:
  191. LONG - reference count after decrement
  193. --*/
  195. {
  196. DEBUG_ENTER((DBG_OBJECTS,
  197. Int,
  198. "SECURITY_CACHE_LIST_ENTRY::Release",
  199. "{%q [%d]}",
  200. _ServerName.StringAddress(),
  201. _cRef
  202. ));
  204. LONG cRet;
  206. if (0 >= (cRet = InterlockedDecrement(&_cRef))) {
  207. delete this;
  208. }
  210. DEBUG_LEAVE(cRet);
  212. return cRet;
  213. }
  216. VOID
  217. SECURITY_CACHE_LIST_ENTRY::Clear()
  219. /*++
  221. Routine Description:
  223. Clear out SECURITY_CACHE_LIST_ENTRY
  225. Arguments:
  227. Clear -
  229. Return Value:
  231. None.
  233. --*/
  235. {
  236. if (_CertInfo.pCertificate != NULL)
  237. {
  238. SAFE_WRAP_REVERT_USER_VOID(CertFreeCertificateContext, (_CertInfo.pCertificate));
  239. _CertInfo.pCertificate = NULL;
  240. }
  242. ZeroMemory(&_CertInfo, sizeof(_CertInfo));
  243. _CertInfo.dwSize = sizeof(_CertInfo);
  245. _dwSecurityFlags = 0;
  246. _dwStatusFlags = 0;
  247. _ServerName = NULL;
  248. if( _pCertContextArray )
  249. {
  250. delete _pCertContextArray;
  251. _pCertContextArray = NULL;
  252. }
  253. }
  255. //
  256. // SECURITY_CACHE_LIST member functions
  257. //
  260. VOID
  261. SECURITY_CACHE_LIST::ClearList(
  262. VOID
  263. )
  265. /*++
  267. Routine Description:
  269. description-of-function.
  271. Arguments:
  273. None.
  275. Return Value:
  277. None.
  279. --*/
  281. {
  282. DEBUG_ENTER((DBG_OBJECTS,
  283. None,
  284. "SECURITY_CACHE_LIST::ClearList",
  285. NULL
  286. ));
  288. if (!LockSerializedList(&_List))
  289. {
  290. DEBUG_PRINT(OBJECTS,
  291. ERROR,
  292. ("Failed to obtain lock -- SECURITY_CACHE_LIST potentially leaked\n"
  293. ));
  294. goto quit;
  295. }
  297. while (!IsSerializedListEmpty(&_List)) {
  299. SECURITY_CACHE_LIST_ENTRY * CacheEntry;
  301. //
  302. // remove the PROXY_SERVER_LIST_ENTRY at the head of the serialized
  303. // list
  304. //
  306. LPVOID entry = SlDequeueHead(&_List);
  308. //
  309. // entry should not be NULL - IsSerializedListEmpty() told us we
  310. // could expect something
  311. //
  313. INET_ASSERT(entry != NULL);
  315. //
  316. // get the address of the object (should be the same as entry) and
  317. // delete it
  318. //
  320. CacheEntry = CONTAINING_RECORD(entry, SECURITY_CACHE_LIST_ENTRY, _List);
  322. DEBUG_PRINT(OBJECTS,
  323. INFO,
  324. ("releasing %q (%d)\n",
  325. CacheEntry->_ServerName.StringAddress(),
  326. CacheEntry->_cRef
  327. ));
  329. CacheEntry->Release();
  330. }
  332. UnlockSerializedList(&_List);
  334. quit:
  335. DEBUG_LEAVE(0);
  336. }
  339. DWORD
  340. SECURITY_CACHE_LIST::Add(
  341. IN SECURITY_CACHE_LIST_ENTRY * entry
  342. )
  344. /*++
  346. Routine Description:
  348. Adds a CertInfo Structure to the list front of the list.
  350. Arguments:
  352. lpszHost - Hostname to add.
  354. Return Value:
  356. DWORD
  357. Success - ERROR_SUCCESS
  359. Failure - ERROR_NOT_ENOUGH_MEMORY
  361. --*/
  363. {
  364. DEBUG_ENTER((DBG_HTTP,
  365. Dword,
  366. "SECURITY_CACHE_LIST::Add",
  367. "%#x [%q, %d]",
  368. entry,
  369. entry ? entry->_ServerName.StringAddress() : "",
  370. entry ? entry->_cRef : 0
  371. ));
  373. DWORD error = ERROR_SUCCESS;
  375. INET_ASSERT(entry != NULL);
  377. if (entry != NULL) {
  378. if (LockSerializedList(&_List))
  379. {
  381. //
  382. // If we've grown too much, nuke the oldest one.
  383. //
  385. if (ElementsOnSerializedList(&_List) >= MAX_CERT_CACHE_CERTS) {
  387. SECURITY_CACHE_LIST_ENTRY *pOld;
  388. LPVOID old_entry = SlDequeueTail(&_List);
  390. INET_ASSERT(old_entry != NULL);
  392. pOld = CONTAINING_RECORD(old_entry, SECURITY_CACHE_LIST_ENTRY, _List);
  394. //
  395. // entry should not be NULL - IsSerializedListEmpty() told us we
  396. // could expect something
  397. //
  399. pOld->_fInCache = FALSE;
  401. //
  402. // Clean Our old object, and reinstatiate with a new name.
  403. //
  405. pOld->Release();
  406. }
  407. if (InsertAtHeadOfSerializedList(&_List, &entry->_List)) {
  408. entry->AddRef();
  409. entry->_fInCache = TRUE;
  410. }
  411. UnlockSerializedList(&_List);
  412. }
  413. else
  414. error = ERROR_NOT_ENOUGH_MEMORY;
  415. }
  417. DEBUG_LEAVE(error);
  419. return error;
  420. }
  423. SECURITY_CACHE_LIST_ENTRY *
  424. SECURITY_CACHE_LIST::Find(
  425. IN LPSTR lpszHost
  426. )
  428. /*++
  430. Routine Description:
  432. Searches the linked list for the Cert, and returns
  433. the found entry, or NULL if not found.
  435. Arguments:
  437. lpszHost - Hostname to search on.
  439. Return Value:
  441. CERT_CACHE_LIST_ENTRY *
  442. Success - Pointer to found entry.
  444. Failure - NULL, not found.
  446. --*/
  448. {
  449. DEBUG_ENTER((DBG_HTTP,
  450. Pointer,
  451. "SECURITY_CACHE_LIST::Find",
  452. "%q",
  453. lpszHost
  454. ));
  456. SECURITY_CACHE_LIST_ENTRY * info = NULL;
  458. //
  459. // BUGBUG need to validate against Server Certifcate on every
  460. // connection, this Find only validates by Hostname.
  461. // What about DNS spoofing? Won't we be hosed?
  462. //
  464. //
  465. // TODO if found, need to push to front of list.
  466. //
  468. if (LockSerializedList(&_List))
  469. {
  470. for (PLIST_ENTRY entry = HeadOfSerializedList(&_List);
  471. entry != (PLIST_ENTRY)SlSelf(&_List);
  472. entry = entry->Flink)
  473. {
  474. info = CONTAINING_RECORD(entry, SECURITY_CACHE_LIST_ENTRY, _List);
  476. //
  477. // check to see if they match.
  478. //
  480. if (info->_ServerName.Stricmp(lpszHost) == 0) {
  481. info->AddRef();
  482. break; // match.
  483. }
  484. info = NULL;
  485. }
  486. UnlockSerializedList(&_List);
  487. }
  489. DEBUG_LEAVE(info);
  491. return info;
  492. }