archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/net/ias/protocol/radius/tunnelpassword.cpp

328 lines
9.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //#--------------------------------------------------------------
  2. //
  3. // File: tunnelpassword.cpp
  4. //
  5. // Synopsis: Implementation of CTunnelPassword class methods
  6. //
  7. //
  8. // History: 04/16/98 MKarki Created
  9. //
  10. // Copyright (C) Microsoft Corporation
  11. // All rights reserved.
  12. //
  13. //----------------------------------------------------------------
  14. #include "radcommon.h"
  15. #include "tunnelpassword.h"
  16. #include "align.h"
  17. #include "iastlutl.h"
  18. #include "radpack.h"
  19. using namespace IASTL;
  21. const DWORD MAX_TUNNELPASSWORD_LENGTH =
  22. (MAX_ATTRIBUTE_LENGTH/AUTHENTICATOR_SIZE)*AUTHENTICATOR_SIZE;
  25. //////////
  26. // Extracts the Vendor-Type field from a Microsoft VSA. Returns zero if the
  27. // attribute is not a valid Microsoft VSA.
  28. //////////
  29. BYTE
  30. WINAPI
  31. ExtractMicrosoftVendorType(
  32. const IASATTRIBUTE& attr
  33. ) throw ()
  34. {
  35. if (attr.Value.itType == IASTYPE_OCTET_STRING &&
  36. attr.Value.OctetString.dwLength > 6 &&
  37. !memcmp(attr.Value.OctetString.lpValue, "\x00\x00\x01\x37", 4))
  38. {
  39. return *(attr.Value.OctetString.lpValue + 4);
  40. }
  42. return (BYTE)0;
  43. }
  45. //////////
  46. // Encrypts the vendor specific attributes in a request.
  47. //////////
  48. HRESULT EncryptVSAs(
  49. const CPacketRadius& packet,
  50. IAttributesRaw* request
  51. ) throw ()
  52. {
  53. try
  54. {
  55. IASAttributeVectorWithBuffer<16> attrs;
  56. attrs.load(request, RADIUS_ATTRIBUTE_VENDOR_SPECIFIC);
  58. for (IASAttributeVector::iterator i = attrs.begin();
  59. i != attrs.end();
  60. ++i)
  61. {
  62. if (i->pAttribute->Value.OctetString.dwLength <= 253)
  63. {
  64. RadiusAttribute attr =
  65. {
  66. RADIUS_VENDOR_SPECIFIC,
  67. static_cast<BYTE>(i->pAttribute->Value.OctetString.dwLength),
  68. i->pAttribute->Value.OctetString.lpValue
  69. };
  71. CryptParameters parms;
  72. GetCryptParameters(attr, parms);
  74. if (parms.encrypted)
  75. {
  76. packet.cryptBuffer(
  77. TRUE,
  78. parms.salted,
  79. attr.value + parms.offset,
  80. attr.length - parms.offset
  81. );
  82. }
  83. }
  84. }
  85. }
  86. catch (const _com_error& ce)
  87. {
  88. return ce.Error();
  89. }
  91. return S_OK;
  92. }
  95. //++--------------------------------------------------------------
  96. //
  97. // Function: Process
  98. //
  99. // Synopsis: This is the CTunnelPassword class public method
  100. // responsible for encrypting the Tunnel Passwords
  101. // present in an out-bound RADIUS packet
  102. //
  103. // Arguments:
  104. // PACKETTYPE - Radius packet type
  105. // IAttributesRaw*
  106. // CPacketRadius*
  107. //
  108. // Returns: HRESULT - status
  109. //
  110. // History: MKarki Created 04/16/98
  111. //
  112. //----------------------------------------------------------------
  113. HRESULT
  114. CTunnelPassword::Process (
  115. PACKETTYPE ePacketType,
  116. IAttributesRaw *pIAttributesRaw,
  117. CPacketRadius *pCPacketRadius
  118. )
  119. {
  120. HRESULT hr = S_OK;
  121. DWORD dwCount = 0;
  122. DWORD dwAttributeCount = 0;
  123. DWORD dwTunnelAttributeCount = 0;
  124. static DWORD dwTunnelPasswordType = TUNNEL_PASSWORD_ATTRIB;
  125. PATTRIBUTE pAttribute = NULL;
  126. PATTRIBUTEPOSITION pAttribPos = NULL;
  128. _ASSERT (pIAttributesRaw && pCPacketRadius);
  130. __try
  131. {
  132. //
  133. // the tunnel-password attribute only goes
  134. // into an access-accept packet
  135. //
  136. if (ACCESS_ACCEPT != ePacketType) { __leave; }
  138. // Encrypt the MPPE keys.
  139. hr = EncryptVSAs(*pCPacketRadius, pIAttributesRaw);
  140. if (FAILED(hr)) { __leave; }
  142. //
  143. // get the count of the total attributes in the collection
  144. //
  145. hr = pIAttributesRaw->GetAttributeCount (&dwAttributeCount);
  146. if (FAILED (hr))
  147. {
  148. IASTracePrintf (
  149. "Unable to obtain attribute count in request "
  150. "while processing tunnel-password"
  151. );
  152. __leave;
  153. }
  154. else if (0 == dwAttributeCount)
  155. {
  156. __leave;
  157. }
  159. //
  160. // allocate memory for the ATTRIBUTEPOSITION array
  161. //
  162. pAttribPos = reinterpret_cast <PATTRIBUTEPOSITION> (
  163. CoTaskMemAlloc (
  164. sizeof (ATTRIBUTEPOSITION)*dwAttributeCount));
  165. if (NULL == pAttribPos)
  166. {
  167. IASTracePrintf (
  168. "Unable to allocate memory for attribute position array "
  169. "while processing tunnel-password"
  170. );
  171. hr = E_OUTOFMEMORY;
  172. __leave;
  173. }
  175. //
  176. // get the Tunnel-Password attributes from
  177. // the collection
  178. //
  179. dwTunnelAttributeCount = dwAttributeCount;
  180. hr = pIAttributesRaw->GetAttributes (
  181. &dwTunnelAttributeCount,
  182. pAttribPos,
  183. 1,
  184. &dwTunnelPasswordType
  185. );
  186. if (FAILED (hr))
  187. {
  188. IASTracePrintf (
  189. "Unable to get attributes from request "
  190. "while processing tunnel-password"
  191. );
  192. __leave;
  193. }
  194. else if (0 == dwTunnelAttributeCount)
  195. {
  196. __leave;
  197. }
  200. //
  201. // remove the Tunnel-Password attributes from the collection
  202. //
  203. hr = pIAttributesRaw->RemoveAttributes (
  204. dwTunnelAttributeCount,
  205. pAttribPos
  206. );
  207. if (FAILED (hr))
  208. {
  209. IASTracePrintf (
  210. "Unable to remove attributes from request "
  211. "while processing tunnel-password"
  212. );
  213. __leave;
  214. }
  216. //
  217. // now process the Tunnel-Password attributes
  219. for (DWORD i = 0; i < dwTunnelAttributeCount; ++i)
  220. {
  221. hr = EncryptTunnelPassword (
  222. pCPacketRadius,
  223. pIAttributesRaw,
  224. pAttribPos[i].pAttribute
  225. );
  226. if (FAILED (hr)) { __leave; }
  227. }
  229. }
  230. __finally
  231. {
  232. //
  233. // release all the Tunnel Attributes now
  234. //
  235. for (dwCount = 0; dwCount < dwTunnelAttributeCount; dwCount++)
  236. {
  237. ::IASAttributeRelease (pAttribPos[dwCount].pAttribute);
  238. }
  240. //
  241. // free the dynamically allocated memory
  242. //
  243. if (pAttribPos) { CoTaskMemFree (pAttribPos); }
  244. }
  246. return (hr);
  248. } // end of CRecvFromPipe::TunnelPasswordSupport method
  250. //++--------------------------------------------------------------
  251. //
  252. // Function: EncryptPassword
  253. //
  254. // Synopsis: This is the CTunnelPassword class private method
  255. // responsible for encrypting the Tunnel Password
  256. // present in an out-bound RADIUS packet. The Encrypted
  257. // password is put in an IAS attribute which is added
  258. // to the attribute collection of the outbound request.
  259. //
  260. // Arguments:
  261. // CPacketRadius*
  262. // IAttributesRaw*
  263. // PIASATTRIBUTE
  264. //
  265. // Returns: HRESULT - status
  266. //
  267. // History: MKarki Created 04/16/98
  268. //
  269. //----------------------------------------------------------------
  270. HRESULT
  271. CTunnelPassword::EncryptTunnelPassword (
  272. CPacketRadius *pCPacketRadius,
  273. IAttributesRaw *pIAttributesRaw,
  274. PIASATTRIBUTE plaintext
  275. )
  276. {
  277. // Extract the password.
  278. const IAS_OCTET_STRING& pwd = plaintext->Value.OctetString;
  280. // We must have at least 4 bytes.
  281. if (pwd.dwLength < 4) { return E_INVALIDARG; }
  283. // How many bytes do we need including padding.
  284. ULONG nbyte = ROUND_UP_COUNT(pwd.dwLength - 3, 16) + 3;
  285. if (nbyte > 253) { return E_INVALIDARG; }
  287. // Create a new IASATTRIBUTE for the encrypted value.
  288. PIASATTRIBUTE encrypted;
  289. if (IASAttributeAlloc(1, &encrypted)) { return E_OUTOFMEMORY; }
  290. encrypted->dwId = RADIUS_ATTRIBUTE_TUNNEL_PASSWORD;
  291. encrypted->dwFlags = plaintext->dwFlags;
  292. encrypted->Value.itType = IASTYPE_OCTET_STRING;
  293. encrypted->Value.OctetString.dwLength = nbyte;
  294. encrypted->Value.OctetString.lpValue = (PBYTE)CoTaskMemAlloc(nbyte);
  296. HRESULT hr;
  297. PBYTE val = encrypted->Value.OctetString.lpValue;
  298. if (val)
  299. {
  300. // Copy in the value.
  301. memcpy(val, pwd.lpValue, pwd.dwLength);
  303. // Zero out the padding.
  304. memset(val + pwd.dwLength, 0, nbyte - pwd.dwLength);
  306. // Encrypt the password.
  307. pCPacketRadius->cryptBuffer(
  308. TRUE,
  309. TRUE,
  310. val + 1,
  311. nbyte - 1
  312. );
  314. // Add the encrypted attribute to the request.
  315. ATTRIBUTEPOSITION pos;
  316. pos.pAttribute = encrypted;
  317. hr = pIAttributesRaw->AddAttributes(1, &pos);
  318. }
  319. else
  320. {
  321. hr = E_OUTOFMEMORY;
  322. }
  324. // Release the encrypted password.
  325. IASAttributeRelease(encrypted);
  327. return hr;
  328. }