archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/net/ias/providers/nap/dll/action.cpp

372 lines
9.7 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) Microsoft Corporation
  4. //
  5. // SYNOPSIS
  6. //
  7. // Defines the class Action.
  8. //
  9. ///////////////////////////////////////////////////////////////////////////////
  11. #include "ias.h"
  12. #include "action.h"
  13. #include "attrcvt.h"
  14. #include "eapprofile.h"
  15. #include "sdoias.h"
  16. #include "TunnelTagger.h"
  18. _COM_SMARTPTR_TYPEDEF(ISdo, __uuidof(ISdo));
  19. _COM_SMARTPTR_TYPEDEF(ISdoCollection, __uuidof(ISdoCollection));
  21. Action::Action(
  22. PCWSTR name,
  23. DWORD nameAttr,
  24. _variant_t& action,
  25. const TunnelTagger& tagger
  26. )
  27. : attributes(4),
  28. realmsTarget(RADIUS_ATTRIBUTE_USER_NAME)
  29. {
  30. using _com_util::CheckError;
  32. //////////
  33. // Add the policy name attribute.
  34. //////////
  36. IASAttribute policyName(true);
  37. policyName->dwId = nameAttr;
  38. policyName.setString(name);
  39. policyName.setFlag(IAS_INCLUDE_IN_RESPONSE);
  40. attributes.push_back(policyName);
  42. //////////
  43. // Get an enumerator for the attributes collection.
  44. //////////
  46. ISdoCollectionPtr profile(action);
  47. IUnknownPtr unk;
  48. CheckError(profile->get__NewEnum(&unk));
  49. IEnumVARIANTPtr iter(unk);
  51. //////////
  52. // Iterate through the attributes.
  53. //////////
  55. _variant_t element;
  56. unsigned long fetched;
  57. while (iter->Next(1, &element, &fetched) == S_OK && fetched == 1)
  58. {
  59. // Convert to an SDO.
  60. ISdoPtr attribute(element);
  61. element.Clear();
  63. // Get the necessary properties.
  64. _variant_t id, value, syntax;
  65. CheckError(attribute->GetProperty(PROPERTY_ATTRIBUTE_ID, &id));
  66. CheckError(attribute->GetProperty(PROPERTY_ATTRIBUTE_VALUE, &value));
  67. CheckError(attribute->GetProperty(PROPERTY_ATTRIBUTE_SYNTAX, &syntax));
  69. // Attribute-Manipulation-Rule gets processed 'as is'.
  70. if (V_I4(&id) == IAS_ATTRIBUTE_MANIPULATION_RULE)
  71. {
  72. realms.setRealms(&value);
  73. continue;
  74. }
  75. // As does the EAP per-policy config.
  76. else if (V_I4(&id) == IAS_ATTRIBUTE_EAP_CONFIG)
  77. {
  78. EapProfile eap;
  79. CheckError(eap.Load(value));
  80. while (!eap.IsEmpty())
  81. {
  82. IASAttribute config(true);
  84. EapProfile::ConfigData data;
  85. eap.Pop(data);
  87. config->dwId = IAS_ATTRIBUTE_EAP_CONFIG;
  88. config->Value.itType = IASTYPE_OCTET_STRING;
  89. config->Value.OctetString.dwLength = data.length;
  90. config->Value.OctetString.lpValue = data.value;
  92. attributes.push_back(config);
  93. }
  94. continue;
  95. }
  97. // For everything else we process the VARIANTs one at a time.
  98. VARIANT *begin, *end;
  99. if (V_VT(&value) == (VT_VARIANT | VT_ARRAY))
  100. {
  101. begin = (VARIANT*)V_ARRAY(&value)->pvData;
  102. end = begin + V_ARRAY(&value)->rgsabound[0].cElements;
  103. }
  104. else
  105. {
  106. begin = &value;
  107. end = begin + 1;
  108. }
  110. // Iterate through each value.
  111. for (VARIANT* v = begin; v != end; ++v)
  112. {
  113. // Process based on the attribute ID.
  114. switch (V_I4(&id))
  115. {
  116. case IAS_ATTRIBUTE_MANIPULATION_TARGET:
  117. {
  118. realmsTarget = V_I4(v);
  119. break;
  120. }
  121. case IAS_ATTRIBUTE_AUTH_PROVIDER_TYPE:
  122. {
  123. IASAttribute type(true);
  124. type->dwId = IAS_ATTRIBUTE_PROVIDER_TYPE;
  125. type->Value.itType = IASTYPE_ENUM;
  126. type->Value.Integer = V_I4(v);
  127. authProvider.push_back(type);
  128. break;
  129. }
  130. case IAS_ATTRIBUTE_AUTH_PROVIDER_NAME:
  131. {
  132. IASAttribute name(true);
  133. name->dwId = IAS_ATTRIBUTE_PROVIDER_NAME;
  134. name.setString(V_BSTR(v));
  135. authProvider.push_back(name);
  136. break;
  137. }
  138. case IAS_ATTRIBUTE_ACCT_PROVIDER_TYPE:
  139. {
  140. IASAttribute type(true);
  141. type->dwId = IAS_ATTRIBUTE_PROVIDER_TYPE;
  142. type->Value.itType = IASTYPE_ENUM;
  143. type->Value.Integer = V_I4(v);
  144. acctProvider.push_back(type);
  145. break;
  146. }
  147. case IAS_ATTRIBUTE_ACCT_PROVIDER_NAME:
  148. {
  149. IASAttribute name(true);
  150. name->dwId = IAS_ATTRIBUTE_PROVIDER_NAME;
  151. name.setString(V_BSTR(v));
  152. acctProvider.push_back(name);
  153. break;
  154. }
  155. case RADIUS_ATTRIBUTE_VENDOR_SPECIFIC:
  156. {
  157. IASAttribute attr(VSAFromString(V_BSTR(v)), false);
  158. attr->dwId = RADIUS_ATTRIBUTE_VENDOR_SPECIFIC;
  159. attr.setFlag(IAS_INCLUDE_IN_ACCEPT);
  160. attributes.push_back(attr);
  161. break;
  162. }
  163. default:
  164. {
  165. IASTYPEENUM type = (IASTYPEENUM)V_I4(&syntax);
  166. IASAttribute attr(IASAttributeFromVariant(v, type), false);
  167. attr->dwId = V_I4(&id);
  168. attr.setFlag(IAS_INCLUDE_IN_ACCEPT);
  169. attributes.push_back(attr);
  170. }
  171. }
  172. }
  173. }
  175. tagger.Tag(attributes);
  176. }
  179. void Action::doAction(IASRequest& request) const
  180. {
  181. // Populate the provider information:
  182. switch (request.get_Request())
  183. {
  184. case IAS_REQUEST_ACCESS_REQUEST:
  185. authProvider.store(request);
  186. break;
  188. case IAS_REQUEST_ACCOUNTING:
  189. acctProvider.store(request);
  190. break;
  191. }
  193. // Perform attribute manipulation.
  194. if (!realms.empty())
  195. {
  196. IASAttribute attr;
  197. attr.load(request, realmsTarget, IASTYPE_OCTET_STRING);
  199. if (attr)
  200. {
  201. CComBSTR newVal;
  202. realms.process(IAS_OCT2WIDE(attr->Value.OctetString), &newVal);
  203. if (newVal)
  204. {
  205. if (realmsTarget == RADIUS_ATTRIBUTE_USER_NAME)
  206. {
  207. IASAttribute userName(true);
  208. userName->dwId = RADIUS_ATTRIBUTE_USER_NAME;
  209. userName->dwFlags = attr->dwFlags;
  210. userName.setOctetString(newVal);
  211. userName.store(request);
  213. // Now that the new User-Name is safely stored, we can rename
  214. // the old User-Name.
  215. attr->dwId = IAS_ATTRIBUTE_ORIGINAL_USER_NAME;
  216. }
  217. else
  218. {
  219. // No need to save the old, so modify in place.
  220. attr.setOctetString(newVal);
  221. }
  222. }
  223. }
  224. }
  226. // Store the profile attributes.
  227. attributes.store(request);
  229. }
  231. /////////
  232. // Various formats of VSA strings.
  233. /////////
  234. enum Format
  235. {
  236. FORMAT_RAW_HEX,
  237. FORMAT_STRING,
  238. FORMAT_INTEGER,
  239. FORMAT_HEX,
  240. FORMAT_INET_ADDR
  241. };
  243. /////////
  244. // Layout of the VSA strings.
  245. /////////
  246. struct VSAFormat
  247. {
  248. WCHAR format[2];
  249. WCHAR vendorID[8];
  250. union
  251. {
  252. WCHAR rawValue[1];
  253. struct
  254. {
  255. WCHAR vendorType[2];
  256. WCHAR vendorLength[2];
  257. WCHAR value[1];
  258. };
  259. };
  260. };
  262. //////////
  263. // Convert a hex digit to the number it represents.
  264. //////////
  265. BYTE digit2Num(WCHAR digit) throw ()
  266. {
  267. if ((digit >= L'0') && (digit <= L'9'))
  268. {
  269. return digit - L'0';
  270. }
  271. else if ((digit >= L'A') && (digit <= L'F'))
  272. {
  273. return digit - (L'A' - 10);
  274. }
  275. else
  276. {
  277. return digit - (L'a' - 10);
  278. }
  279. }
  281. //////////
  282. // Pack a hex digit into a byte stream.
  283. //////////
  284. PBYTE packHex(PCWSTR src, ULONG srclen, PBYTE dst) throw ()
  285. {
  286. for (ULONG dstlen = srclen / 2; dstlen; --dstlen)
  287. {
  288. *dst = digit2Num(*src++) << 4;
  289. *dst++ |= digit2Num(*src++);
  290. }
  292. return dst;
  293. }
  295. //////////
  296. // Convert a string describing a VSA into an IASATTRIBUTE.
  297. //////////
  298. PIASATTRIBUTE Action::VSAFromString(PCWSTR string)
  299. {
  300. // Number of characters to process.
  301. SIZE_T len = wcslen(string);
  303. // Overlay the layout struct.
  304. VSAFormat* vsa = (VSAFormat*)string;
  306. // Get the string format.
  307. ULONG format = digit2Num(vsa->format[0]);
  308. format <<= 8;
  309. format |= digit2Num(vsa->format[1]);
  311. // Temporary buffer used for formatting the VSA.
  312. BYTE buffer[253], *dst = buffer;
  314. // Pack the Vendor-ID.
  315. dst = packHex(vsa->vendorID, 8, dst);
  317. // Pack the Vendor-Type and Vendor-Length for conformant VSAs.
  318. if (format != FORMAT_RAW_HEX)
  319. {
  320. dst = packHex(vsa->vendorType, 2, dst);
  321. dst = packHex(vsa->vendorLength, 2, dst);
  322. }
  324. // Pack the value.
  325. switch (format)
  326. {
  327. case FORMAT_RAW_HEX:
  328. {
  329. dst = packHex(
  330. vsa->rawValue,
  331. len - 10,
  332. dst
  333. );
  334. break;
  335. }
  337. case FORMAT_INTEGER:
  338. case FORMAT_HEX:
  339. case FORMAT_INET_ADDR:
  340. {
  341. dst = packHex(
  342. vsa->value,
  343. len - 14,
  344. dst
  345. );
  346. break;
  347. }
  349. case FORMAT_STRING:
  350. {
  351. int nchar = WideCharToMultiByte(
  352. CP_ACP,
  353. 0,
  354. vsa->value,
  355. len - 14,
  356. (PSTR)dst,
  357. sizeof(buffer) - 6,
  358. NULL,
  359. NULL
  360. );
  361. dst += nchar;
  362. break;
  363. }
  364. }
  366. // Store the temporary buffer in an attribute ...
  367. IASAttribute attr(true);
  368. attr.setOctetString(dst - buffer, buffer);
  370. // ... and return.
  371. return attr.detach();
  372. }