archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/inetcore/winhttp/v5/common/secinit.cxx

426 lines
9.0 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1994 Microsoft Corporation
  5. Module Name:
  7. secinit.cxx
  9. Abstract:
  11. Contains load function for security.dll on NT and secur32.dll on win95
  12. Also handles WinTrust.dll function loading.
  14. Author:
  16. Sophia Chung (sophiac) 6-Feb-1996
  18. Environment:
  20. User Mode - Win32
  22. Revision History:
  24. --*/
  25. #include <wininetp.h>
  27. //
  28. // InitializationLock - protects against multiple threads loading security.dll
  29. // (secur32.dll) and entry points
  30. //
  32. CCritSec InitializationSecLock;
  34. HCRYPTPROV GlobalFortezzaCryptProv;
  36. //
  37. // GlobalSecFuncTable - Pointer to Global Structure of Pointers that are used
  38. // for storing the entry points into the SCHANNEL.dll
  39. //
  41. PSecurityFunctionTable GlobalSecFuncTable = NULL;
  43. //
  44. // pWinVerifyTrust - Pointer to Entry Point in WINTRUST.DLL
  45. //
  47. WIN_VERIFY_TRUST_FN pWinVerifyTrust;
  48. WT_HELPER_PROV_DATA_FROM_STATE_DATA_FN pWTHelperProvDataFromStateData;
  50. //
  51. // hSecurity - NULL when security.dll/secur32.dll is not loaded
  52. //
  54. HINSTANCE hSecurity = NULL;
  56. //
  57. // hWinTrust - NULL when WinTrust DLL is not loaded.
  58. //
  60. HINSTANCE hWinTrust = NULL;
  62. HCERTSTORE g_hMyCertStore = NULL;
  64. BOOL g_bFortezzaInstalled = FALSE;
  65. BOOL g_bCheckedForFortezza = FALSE;
  67. CRYPT_INSTALL_DEFAULT_CONTEXT_FN g_CryptInstallDefaultContext = NULL;
  68. CRYPT_UNINSTALL_DEFAULT_CONTEXT_FN g_CryptUninstallDefaultContext = NULL;
  69. CERT_FIND_CHAIN_IN_STORE_FN g_CertFindChainInStore = NULL;
  70. CERT_FREE_CERTIFICATE_CHAIN_FN g_CertFreeCertificateChain = NULL;
  73. DWORD
  74. LoadWinTrust(
  75. VOID
  76. )
  78. /*++
  80. Routine Description:
  82. This function loads the WinTrust.DLL and binds a pointer to a function
  83. that is needed in the WinTrust DLL.
  85. Arguments:
  87. NONE.
  89. Return Value:
  91. WINDOWS Error Code.
  93. --*/
  95. {
  96. DWORD error = ERROR_SUCCESS;
  98. if (!LOCK_SECURITY())
  99. {
  100. return ERROR_NOT_ENOUGH_MEMORY;
  101. }
  103. if( hWinTrust == NULL )
  104. {
  105. LPSTR lpszDllFileName = WINTRUST_DLLNAME;
  106. pWinVerifyTrust = NULL;
  108. //
  109. // Load the DLL
  110. //
  112. hWinTrust = LoadLibrary(lpszDllFileName);
  114. if ( hWinTrust )
  115. {
  116. pWinVerifyTrust = (WIN_VERIFY_TRUST_FN)
  117. GetProcAddress(hWinTrust, WIN_VERIFY_TRUST_NAME);
  118. pWTHelperProvDataFromStateData = (WT_HELPER_PROV_DATA_FROM_STATE_DATA_FN)
  119. GetProcAddress(hWinTrust, WT_HELPER_PROV_DATA_FROM_STATE_DATA_NAME);
  120. }
  123. if ( !hWinTrust || !pWinVerifyTrust )
  124. {
  125. error = GetLastError();
  127. if ( error == ERROR_SUCCESS )
  128. {
  129. error = ERROR_WINHTTP_INTERNAL_ERROR;
  130. }
  131. }
  132. }
  134. INET_ASSERT(pWinVerifyTrust);
  137. if ( error != ERROR_SUCCESS )
  138. {
  139. if (hWinTrust)
  140. {
  141. FreeLibrary(hWinTrust);
  142. hWinTrust = NULL;
  143. }
  144. }
  146. UNLOCK_SECURITY();
  148. return error;
  149. }
  153. BOOL
  154. SecurityInitialize(
  155. VOID
  156. )
  157. /*++
  159. Routine Description:
  161. This function initializes the global lock required for the security
  162. pkgs.
  164. Arguments:
  166. NONE.
  168. Return Value:
  170. WINDOWS Error Code.
  172. --*/
  173. {
  174. return InitializationSecLock.Init();
  175. }
  177. VOID
  178. SecurityTerminate(
  179. VOID
  180. )
  181. /*++
  183. Routine Description:
  185. This function Deletes the global lock required for the security
  186. pkgs.
  188. Arguments:
  190. NONE.
  192. Return Value:
  194. WINDOWS Error Code.
  196. --*/
  197. {
  198. InitializationSecLock.FreeLock();
  199. }
  202. VOID
  203. UnloadSecurity(
  204. VOID
  205. )
  207. /*++
  209. Routine Description:
  211. This function terminates the global data required for the security
  212. pkgs and dynamically unloads security APIs from security.dll (NT)
  213. or secur32.dll (WIN95).
  215. Arguments:
  217. NONE.
  219. Return Value:
  221. WINDOWS Error Code.
  223. --*/
  225. {
  226. DWORD i;
  228. if (!LOCK_SECURITY())
  229. {
  230. INET_ASSERT(FALSE);
  231. return;
  232. }
  234. //
  235. // free all security pkg credential handles
  236. //
  238. for (i = 0; SecProviders[i].pszName != NULL; i++) {
  239. if (SecProviders[i].fEnabled) {
  240. if (SecProviders[i].pCertCtxt == NULL && !IsCredClear(SecProviders[i].hCreds)) {
  241. // Beta1 Hack. Because of some circular dependency between dlls
  242. // both crypt32 and schannel's PROCESS_DETACH gets called before wininet.
  243. // This is catastrophic if we have a cert context attached to the credentials
  244. // handle. In this case we will just leak the handle since the process is dying
  245. // anyway. We really need to fix this.
  246. WRAP_REVERT_USER_VOID(g_FreeCredentialsHandle,
  247. (&SecProviders[i].hCreds));
  248. }
  249. }
  250. #if 0 // See comments above.
  251. if (SecProviders[i].pCertCtxt != NULL) {
  252. CertFreeCertificateContext(SecProviders[i].pCertCtxt);
  253. SecProviders[i].pCertCtxt = NULL;
  254. }
  255. #endif
  257. }
  259. //
  260. // close cert store. Protect against fault if DLL already unloaded
  261. //
  263. if (g_hMyCertStore != NULL)
  264. {
  265. SAFE_WRAP_REVERT_USER_VOID(CertCloseStore,
  266. (g_hMyCertStore, CERT_CLOSE_STORE_FORCE_FLAG));
  267. g_hMyCertStore = NULL;
  268. }
  270. // IMPORTANT : Don't free GlobalFortezzaCryptProv. When we free the cert context
  271. // from the SecProviders[] array above it gets freed automatically.
  272. if (GlobalFortezzaCryptProv != NULL)
  273. {
  274. GlobalFortezzaCryptProv = NULL;
  275. }
  278. //
  279. // unload dll
  280. //
  282. if (hSecurity != NULL) {
  283. FreeLibrary(hSecurity);
  284. hSecurity = NULL;
  285. }
  287. UNLOCK_SECURITY();
  289. }
  292. DWORD
  293. LoadSecurity(
  294. VOID
  295. )
  296. /*++
  298. Routine Description:
  300. This function dynamically loads security APIs from security.dll (NT)
  301. or secur32.dll (WIN95).
  303. Arguments:
  305. NONE.
  307. Return Value:
  309. WINDOWS Error Code.
  310. --*/
  311. {
  312. DWORD Error = ERROR_SUCCESS;
  313. INITSECURITYINTERFACE pfInitSecurityInterface = NULL;
  315. if (!LOCK_SECURITY())
  316. return ERROR_NOT_ENOUGH_MEMORY;
  318. if (g_hMyCertStore == NULL)
  319. {
  321. //
  322. // CRYPT32.DLL is delayloaded. Need SEH in case it fails.
  323. //
  324. // Don't worry about an error, because not supporting
  325. // client auth shouldn't stop us from scenarios
  326. // which do not require it as part of the SSL handshake.
  327. //
  329. SAFE_WRAP_REVERT_USER(CertOpenSystemStore, (0, "MY"), g_hMyCertStore);
  331. }
  332. if (Error == ERROR_SUCCESS)
  333. {
  334. Error = LoadWinTrust();
  335. }
  336. if ( Error != ERROR_SUCCESS )
  337. {
  338. goto quit;
  339. }
  341. if( hSecurity != NULL )
  342. {
  343. goto quit;
  344. }
  346. //
  347. // load dll.
  348. //
  350. //
  351. // This is better for performance. Rather than call through
  352. // SSPI, we go right to the DLL doing the work.
  353. //
  355. hSecurity = LoadLibrary( "schannel" );
  357. if ( hSecurity == NULL ) {
  358. Error = GetLastError();
  359. goto quit;
  360. }
  362. //
  363. // get function addresses.
  364. //
  366. #ifdef UNICODE
  367. pfInitSecurityInterface =
  368. (INITSECURITYINTERFACE) GetProcAddress( hSecurity,
  369. "InitSecurityInterfaceW" );
  370. #else
  371. pfInitSecurityInterface =
  372. (INITSECURITYINTERFACE) GetProcAddress( hSecurity,
  373. "InitSecurityInterfaceA" );
  374. #endif
  377. if ( pfInitSecurityInterface == NULL )
  378. {
  379. Error = GetLastError();
  380. goto quit;
  381. }
  384. GlobalSecFuncTable = (SecurityFunctionTable*) ((*pfInitSecurityInterface) ());
  386. if ( GlobalSecFuncTable == NULL ) {
  387. Error = GetLastError(); // BUGBUG does this work?
  388. goto quit;
  389. }
  391. HMODULE hCrypt32;
  392. hCrypt32 = GetModuleHandle("crypt32");
  394. INET_ASSERT(hCrypt32 != NULL);
  396. // We don't error out here because not finding these entry points
  397. // just affects Fortezza. The rest will still work fine.
  398. if (hCrypt32)
  399. {
  400. g_CryptInstallDefaultContext = (CRYPT_INSTALL_DEFAULT_CONTEXT_FN)
  401. GetProcAddress(hCrypt32, CRYPT_INSTALL_DEFAULT_CONTEXT_NAME);
  403. g_CryptUninstallDefaultContext = (CRYPT_UNINSTALL_DEFAULT_CONTEXT_FN)
  404. GetProcAddress(hCrypt32, CRYPT_UNINSTALL_DEFAULT_CONTEXT_NAME);
  406. g_CertFindChainInStore = (CERT_FIND_CHAIN_IN_STORE_FN)
  407. GetProcAddress(hCrypt32, CERT_FIND_CHAIN_IN_STORE_NAME);
  409. g_CertFreeCertificateChain = (CERT_FREE_CERTIFICATE_CHAIN_FN)
  410. GetProcAddress(hCrypt32, CERT_FREE_CERTIFICATE_CHAIN_NAME);
  411. }
  413. quit:
  415. if ( Error != ERROR_SUCCESS )
  416. {
  417. FreeLibrary( hSecurity );
  418. hSecurity = NULL;
  419. }
  421. UNLOCK_SECURITY();
  423. return( Error );
  424. }