archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/net/ias/protocol/radius/valacct.cpp

248 lines
6.7 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //#--------------------------------------------------------------
  2. //
  3. // File: valacct.cpp
  4. //
  5. // Synopsis: Implementation of CValAccounting class methods
  6. //
  7. //
  8. // History: 10/20/97 MKarki Created
  9. //
  10. // Copyright (C) 1997-98 Microsoft Corporation
  11. // All rights reserved.
  12. //
  13. //----------------------------------------------------------------
  14. #include "radcommon.h"
  15. #include "valacct.h"
  17. namespace {
  18. BYTE NULL_AUTHENTICATOR[AUTHENTICATOR_SIZE];
  19. }
  21. //++--------------------------------------------------------------
  22. //
  23. // Function: CValAccounting
  24. //
  25. // Synopsis: This is CValAccounting class constructor
  26. //
  27. // Arguments: NONE
  28. //
  29. // Returns: NONE
  30. //
  31. //
  32. // History: MKarki Created 10/20/97
  33. //
  34. //----------------------------------------------------------------
  35. CValAccounting::CValAccounting()
  36. {
  37. } // end of CValAccounting class constructor
  39. //++--------------------------------------------------------------
  40. //
  41. // Function: CValAccounting
  42. //
  43. // Synopsis: This is CValAccounting class destructor
  44. //
  45. // Arguments: NONE
  46. //
  47. // Returns: NONE
  48. //
  49. //
  50. // History: MKarki Created 10/20/97
  51. //
  52. //----------------------------------------------------------------
  53. CValAccounting::~CValAccounting()
  54. {
  55. } // end of CValAccounting class destructor
  57. //++--------------------------------------------------------------
  58. //
  59. // Function: ValidateInPacket
  60. //
  61. // Synopsis: This is CValAccounting class public method
  62. // which carries out the validation of an inbound
  63. // RADIUS accounting packet
  64. //
  65. // Arguments:
  66. // [in] CPacketRadius*
  67. //
  68. // Returns: HRESULT - status
  69. //
  70. // History: MKarki Created 10/20/97
  71. //
  72. // Called By: CPreValidator::StartInValidation class method
  73. //
  74. //++--------------------------------------------------------------
  75. HRESULT
  76. CValAccounting::ValidateInPacket (
  77. CPacketRadius *pCPacketRadius
  78. )
  79. {
  80. HRESULT hr = S_OK;
  81. DWORD dwClientAddress = 0;
  82. CClient *pCClient = NULL;
  84. _ASSERT (pCPacketRadius);
  86. __try
  87. {
  88. //
  89. // get the packet authenticated
  90. //
  91. hr = AuthenticatePacket (pCPacketRadius);
  92. if (FAILED (hr)) {__leave; }
  95. //
  96. // validate the attributes
  97. //
  98. hr = m_pCValAttributes->Validate (pCPacketRadius);
  99. if (FAILED (hr)) { __leave; }
  101. //
  102. // now give the packet for processing
  103. //
  104. hr = m_pCPreProcessor->StartInProcessing (pCPacketRadius);
  105. if (FAILED (hr)) { __leave; }
  107. //
  108. // we have successfully done the processing here
  109. //
  110. }
  111. __finally
  112. {
  113. }
  115. return (hr);
  117. } // end of CValAccounting::ValidateInPacket method
  119. //++--------------------------------------------------------------
  120. //
  121. // Function: AuthenticatePacket
  122. //
  123. // Synopsis: This is CValAccounting class private method
  124. // that authenticates the packet, by generating a
  125. // request authenticator with the packet and then
  126. // comparing it with the authenticator in the packet
  127. //
  128. // Arguments: [in] - CPacketRadius*
  129. //
  130. // Returns: HRESULT - status
  131. //
  132. // History: MKarki Created 10/21/97
  133. //
  134. // Called By: CValAccounting::ProcessInPacket method
  135. //
  136. //----------------------------------------------------------------
  137. HRESULT
  138. CValAccounting::AuthenticatePacket (
  139. CPacketRadius *pCPacketRadius
  140. )
  141. {
  142. BYTE InAuthenticator [AUTHENTICATOR_SIZE];
  143. BYTE OutAuthenticator[AUTHENTICATOR_SIZE];
  144. BOOL bStatus = FALSE;
  145. HRESULT hr = S_OK;
  147. _ASSERT (pCPacketRadius);
  149. __try
  150. {
  151. //
  152. // the request authenticator is all zero's for calculating
  153. // the actual authenticator
  154. //
  155. ZeroMemory (InAuthenticator, AUTHENTICATOR_SIZE);
  157. //
  158. // now calculate the request authenticator
  159. //
  160. bStatus = pCPacketRadius->GenerateInAuthenticator (
  161. reinterpret_cast <PBYTE> (&InAuthenticator),
  162. reinterpret_cast <PBYTE> (&OutAuthenticator)
  163. );
  164. if (FALSE == bStatus)
  165. {
  166. hr = E_FAIL;
  167. __leave;
  168. }
  170. //
  171. // get the request authenticator from the packet
  172. //
  173. DWORD dwBufSize = AUTHENTICATOR_SIZE;
  174. hr = pCPacketRadius->GetInAuthenticator (
  175. reinterpret_cast <PBYTE> (InAuthenticator),
  176. &dwBufSize
  177. );
  178. if (FAILED (hr)) { __leave; }
  180. //
  181. // now compare the authenticator we just generated with the
  182. // the one sent in the packet
  183. //
  184. if (memcmp (InAuthenticator,OutAuthenticator,AUTHENTICATOR_SIZE) != 0)
  185. {
  186. // Is the authenticator all zeros?
  187. if (!memcmp(
  188. InAuthenticator,
  189. NULL_AUTHENTICATOR,
  190. AUTHENTICATOR_SIZE
  191. ))
  192. {
  193. // Yes, so check for a zero length shared secret.
  194. IIasClient* client;
  195. hr = pCPacketRadius->GetClient(&client);
  196. if (SUCCEEDED(hr))
  197. {
  198. DWORD secretSize;
  199. client->GetSecret(&secretSize);
  201. client->Release();
  203. if (secretSize == 0)
  204. {
  205. // Zero-length shared secret AND all zero authenticator.
  206. __leave;
  207. }
  208. }
  209. }
  211. IASTracePrintf (
  212. "In correct authenticator in the accounting packet..."
  213. );
  214. //
  215. // generate an Audit event
  216. //
  217. PCWSTR strings[] = { pCPacketRadius->GetClientName() };
  218. IASReportEvent(
  219. RADIUS_E_BAD_AUTHENTICATOR,
  220. 1,
  221. 0,
  222. strings,
  223. NULL
  224. );
  226. m_pCReportEvent->Process (
  227. RADIUS_BAD_AUTHENTICATOR,
  228. pCPacketRadius->GetInCode (),
  229. pCPacketRadius->GetInLength (),
  230. pCPacketRadius->GetInAddress (),
  231. NULL,
  232. static_cast <LPVOID> (pCPacketRadius->GetInPacket())
  233. );
  234. hr = RADIUS_E_ERRORS_OCCURRED;
  235. __leave;
  236. }
  238. //
  239. // success
  240. //
  241. }
  242. __finally
  243. {
  244. }
  246. return (hr);
  248. } // end of CValAccounting::AuthenticatePacket method