//*************************************************************************** // // Copyright (c) 1998-1999 Microsoft Corporation // // PXYCACHE.CPP // // alanbos 22-Sep-98 Created. // // Defines the CSWbemProxyCache class // //*************************************************************************** #include "precomp.h" // Need to try and figure out the domain static BSTR BuildDomainUser (BSTR bsSimpleUser) { BSTR bsDomainUser = NULL; HANDLE hToken = NULL; if (OpenThreadToken (GetCurrentThread (), TOKEN_QUERY, TRUE, &hToken) || OpenProcessToken (GetCurrentProcess (), TOKEN_READ, &hToken)) { // Get the user sid TOKEN_USER tu; DWORD dwLen = 0; GetTokenInformation (hToken, TokenUser, &tu, sizeof(tu), &dwLen); if (0 < dwLen) { BYTE* pTemp = new BYTE[dwLen]; if (pTemp) { DWORD dwRealLen = dwLen; if (GetTokenInformation (hToken, TokenUser, pTemp, dwRealLen, &dwLen)) { PSID pSid = ((TOKEN_USER*)pTemp)->User.Sid; // Do the first lookup to get the buffer sizes required. DWORD dwNameLen = 0; DWORD dwDomainLen = 0; LPWSTR pUser = 0; LPWSTR pDomain = 0; SID_NAME_USE Use; LookupAccountSidW (NULL, pSid, pUser, &dwNameLen, pDomain, &dwDomainLen, &Use); DWORD dwLastErr = GetLastError(); if (ERROR_INSUFFICIENT_BUFFER == dwLastErr) { // Allocate the required buffers and look them up again. pUser = new WCHAR [dwNameLen + 1]; if (pUser) { pDomain = new WCHAR [dwDomainLen + wcslen (bsSimpleUser) + 2]; if (pDomain) { if (LookupAccountSidW (NULL, pSid, pUser, &dwNameLen, pDomain, &dwDomainLen, &Use)) { // Now get the domain out if (pDomain) { wcscat (pDomain, L"\\"); wcscat (pDomain, bsSimpleUser); bsDomainUser = SysAllocString (pDomain); } } delete [] pDomain; } delete [] pUser; } } } delete [] pTemp; } } CloseHandle(hToken); } return bsDomainUser; } //*************************************************************************** // // CSWbemProxyCache::CSWbemProxyCache // // CONSTRUCTOR // Create a new proxy cache based on the supplied proxy and // authentication parameters. // //*************************************************************************** CSWbemProxyCache::CSWbemProxyCache ( IUnknown *pUnk, BSTR bsAuthority, BSTR bsUser, BSTR bsPassword, CWbemLocatorSecurity *pLocatorSecurity) { InitializeCriticalSection (&m_cs); EnterCriticalSection (&m_cs); InitializeMembers (pUnk); /* // Don't need this any more - the scenario this was fixing (see SMS Bug DB #53347) works in Whistler // without this workaround. Also, this is causing Scripting to fail with UPN names since DetermineLoginTypeEx // below doesn't recognize UPN user names. if (CSWbemSecurity::IsNT() && bsUser && (0 < wcslen (bsUser))) { // On NT make sure we have a valid domain name if one is not specified BSTR bsDomain = NULL; BSTR bsSimpleUser = NULL; BSTR bsPrincipalDummy = NULL; if (SUCCEEDED (DetermineLoginTypeEx (bsDomain, bsSimpleUser, bsPrincipalDummy, bsAuthority, bsUser))) { if (!bsDomain || (0 == wcslen (bsDomain))) m_bsUser = BuildDomainUser (bsSimpleUser); } SysFreeString (bsPrincipalDummy); SysFreeString (bsSimpleUser); SysFreeString (bsDomain); } */ // Unless we've already set this, do it now if (!m_bsUser) m_bsUser = SysAllocString (bsUser); m_bsAuthority = SysAllocString (bsAuthority); m_bsPassword = SysAllocString (bsPassword); m_bUsingExplicitUserName = m_bsUser && (0 < wcslen (m_bsUser)); InitializeCache (pUnk, pLocatorSecurity, (pLocatorSecurity) && pLocatorSecurity->IsAuthenticationSet (), (pLocatorSecurity) && pLocatorSecurity->IsImpersonationSet ()); // No longer need the credentials at this point - zap 'em ClearCredentials (); LeaveCriticalSection (&m_cs); } //*************************************************************************** // // CSWbemProxyCache::CSWbemProxyCache // // CONSTRUCTOR // Create a new proxy cache based on the supplied proxy and // authentication parameters. // //*************************************************************************** CSWbemProxyCache::CSWbemProxyCache ( IUnknown *pUnk, COAUTHIDENTITY *pCoAuthIdentity, BSTR bsPrincipal, BSTR bsAuthority) { InitializeCriticalSection (&m_cs); EnterCriticalSection (&m_cs); InitializeMembers (pUnk); if (bsAuthority) m_bsAuthority = SysAllocString (bsAuthority); if (bsPrincipal) m_bsPrincipal = SysAllocString (bsPrincipal); if (pCoAuthIdentity) WbemAllocAuthIdentity (pCoAuthIdentity->User, pCoAuthIdentity->Password, pCoAuthIdentity->Domain, &m_pCoAuthIdentity); m_bUsingExplicitUserName = m_pCoAuthIdentity && m_pCoAuthIdentity->User && (0 < wcslen (m_pCoAuthIdentity->User)); InitializeCache (pUnk); LeaveCriticalSection (&m_cs); } CSWbemProxyCache::CSWbemProxyCache ( IUnknown *pUnk, CSWbemSecurity *pSecurity) { InitializeCriticalSection (&m_cs); EnterCriticalSection (&m_cs); InitializeMembers (pUnk); if (pSecurity) { m_pCoAuthIdentity = pSecurity->GetCoAuthIdentity (); m_bsPrincipal = SysAllocString (pSecurity->GetPrincipal ()); m_bsAuthority = SysAllocString (pSecurity->GetAuthority ()); m_bUsingExplicitUserName = pSecurity->IsUsingExplicitUserName (); } InitializeCache (pUnk, pSecurity); LeaveCriticalSection (&m_cs); } void CSWbemProxyCache::InitializeMembers (IUnknown *pUnk) { m_cRef = 1; m_pCoAuthIdentity = NULL; m_bsPrincipal = NULL; m_bsAuthority = NULL; m_bsUser = NULL; m_bsPassword = NULL; m_bUsingExplicitUserName = false; m_bUseDefaultInfo = true; //DetermineBlanketOptions (pUnk); } //*************************************************************************** // // CSWbemProxyCache::~CSWbemProxyCache // // DESTRUCTOR // //*************************************************************************** CSWbemProxyCache::~CSWbemProxyCache () { EnterCriticalSection (&m_cs); ClearCredentials (); if (m_bsAuthority) SysFreeString (m_bsAuthority); if (m_bsPrincipal) SysFreeString (m_bsPrincipal); if (m_pCoAuthIdentity) { WbemFreeAuthIdentity (m_pCoAuthIdentity); m_pCoAuthIdentity = NULL; } for (int i = 0; i < WBEMS_MAX_AUTHN_LEVEL + 1 - WBEMS_MIN_AUTHN_LEVEL; i++) for (int j = 0; j < WBEMS_MAX_IMP_LEVEL + 1 - WBEMS_MIN_IMP_LEVEL; j++) if (pUnkArray [i][j]) { pUnkArray [i][j] -> Release (); pUnkArray [i] [j] = NULL; } LeaveCriticalSection (&m_cs); DeleteCriticalSection (&m_cs); } //*************************************************************************** // HRESULT CSWbemProxyCache::QueryInterface // long CSWbemProxyCache::AddRef // long CSWbemProxyCache::Release // // DESCRIPTION: // // Standard Com IUNKNOWN functions. // //*************************************************************************** STDMETHODIMP CSWbemProxyCache::QueryInterface ( IN REFIID riid, OUT LPVOID *ppv ) { *ppv=NULL; if (IID_IUnknown==riid) *ppv=this; if (NULL!=*ppv) { ((LPUNKNOWN)*ppv)->AddRef(); return NOERROR; } return ResultFromScode(E_NOINTERFACE); } STDMETHODIMP_(ULONG) CSWbemProxyCache::AddRef(void) { long l = InterlockedIncrement(&m_cRef); return l; } STDMETHODIMP_(ULONG) CSWbemProxyCache::Release(void) { LONG cRef = InterlockedDecrement(&m_cRef); if (0 != cRef) { _ASSERT(cRef > 0); return cRef; } delete this; return 0; } //*************************************************************************** // // CSWbemProxyCache::SetBlanketOptions // // DESCRIPTION: // // Called from constructor only to set up interaction mode with // SetBlanket calls. // //*************************************************************************** bool CSWbemProxyCache::DetermineBlanketOptions (IUnknown *pUnk) { bool result = false; if (CSWbemSecurity::IsNT() && (4 < CSWbemSecurity::GetNTMajorVersion ())) { HANDLE hToken = NULL; if (OpenThreadToken (GetCurrentThread(), TOKEN_QUERY, true, &hToken)) { // Certainly a candidate to use default settings for // authorization and authentication service on the blanket. // Check if we are delegating. DWORD dwBytesReturned = 0; SECURITY_IMPERSONATION_LEVEL impLevel; if (GetTokenInformation(hToken, TokenImpersonationLevel, &impLevel, sizeof(SECURITY_IMPERSONATION_LEVEL), &dwBytesReturned) && (SecurityDelegation == impLevel)) { // Looks promising - now check for whether we are using kerberos IClientSecurity *pSec; DWORD dwAuthnSvc, dwAuthzSvc, dwImp, dwAuth, dwCapabilities; if (pUnk && SUCCEEDED(pUnk->QueryInterface(IID_IClientSecurity, (void **) &pSec))) { if (SUCCEEDED (pSec->QueryBlanket(pUnk, &dwAuthnSvc, &dwAuthzSvc, NULL, &dwAuth, &dwImp, NULL, &dwCapabilities))) { if (RPC_C_AUTHN_WINNT != dwAuthnSvc) result = true; } pSec->Release (); } } CloseHandle (hToken); } } return result; } //*************************************************************************** // // CSWbemProxyCache::InitializeCache // // DESCRIPTION: // // Called from constructor only to set up cache and initial pUnk.. // // PARAMETERS: // // pUnk "seed" pUnk // pSecurity if specified, is an ISWbemSecurity used to // override the intial authn/imp/etc. settings // //*************************************************************************** void CSWbemProxyCache::InitializeCache ( IUnknown *pUnk, ISWbemSecurity *pSecurity, bool bPropagateAuthentication, bool bPropagateImpersonation ) { for (int i = 0; i < WBEMS_MAX_AUTHN_LEVEL + 1 - WBEMS_MIN_AUTHN_LEVEL; i++) for (int j = 0; j < WBEMS_MAX_IMP_LEVEL + 1 - WBEMS_MIN_IMP_LEVEL; j++) pUnkArray [i] [j] = NULL; if (pUnk) { DWORD dwAuthnLevel = RPC_C_AUTHN_LEVEL_DEFAULT; DWORD dwImpLevel = RPC_C_IMP_LEVEL_IMPERSONATE; HRESULT hr = GetAuthImp (pUnk, &dwAuthnLevel, &dwImpLevel); if(FAILED(hr)) { dwAuthnLevel = RPC_C_AUTHN_LEVEL_DEFAULT; dwImpLevel = CSWbemSecurity::GetDefaultImpersonationLevel (); } /* * If we have been passed a "seed" Security object, use the auth/imp * settings of that Seed as our initial setting. Otherwise * use the settings supplied in the current proxy. */ if (pSecurity) { if (!bPropagateImpersonation || FAILED(pSecurity->get_ImpersonationLevel (&m_dwInitialImpLevel))) m_dwInitialImpLevel = (WbemImpersonationLevelEnum) dwImpLevel; if (!bPropagateAuthentication || FAILED(pSecurity->get_AuthenticationLevel (&m_dwInitialAuthnLevel))) m_dwInitialAuthnLevel = (WbemAuthenticationLevelEnum) dwAuthnLevel; /* * If settings are identical, use the proxy we have but set the * blanket to ensure user/password/authority are set. */ if (((WbemImpersonationLevelEnum) dwImpLevel == m_dwInitialImpLevel) && ((WbemAuthenticationLevelEnum) dwAuthnLevel == m_dwInitialAuthnLevel)) { SecureProxy (pUnk, m_dwInitialAuthnLevel, m_dwInitialImpLevel); pUnkArray [m_dwInitialAuthnLevel - WBEMS_MIN_AUTHN_LEVEL] [m_dwInitialImpLevel - WBEMS_MIN_IMP_LEVEL] = pUnk; pUnk->AddRef (); } else { // Need to create a new proxy IClientSecurity *pCliSec = NULL; if (S_OK == pUnk->QueryInterface (IID_IClientSecurity, (PPVOID) &pCliSec)) { IUnknown *pNewUnk = NULL; // If successful this AddRef's pUnk HRESULT sc = pCliSec->CopyProxy(pUnk, &pNewUnk); if (S_OK == sc) { SecureProxy (pNewUnk, m_dwInitialAuthnLevel, m_dwInitialImpLevel); pUnkArray [m_dwInitialAuthnLevel - WBEMS_MIN_AUTHN_LEVEL] [m_dwInitialImpLevel - WBEMS_MIN_IMP_LEVEL] = pNewUnk; // NB: pNewUnk already AddRef'd above by CopyProxy } pCliSec->Release (); } } } else { m_dwInitialAuthnLevel = (WbemAuthenticationLevelEnum) dwAuthnLevel; m_dwInitialImpLevel = (WbemImpersonationLevelEnum) dwImpLevel; pUnkArray [m_dwInitialAuthnLevel - WBEMS_MIN_AUTHN_LEVEL] [m_dwInitialImpLevel - WBEMS_MIN_IMP_LEVEL] = pUnk; pUnk->AddRef (); } } } //*************************************************************************** // // CSWbemProxyCache::GetProxy // // DESCRIPTION: // // Return a proxy from the cache with the desired authentication and // impersonation level. // // PARAMETERS: // // authnLevel required authentication level // impLevel required impersonation level // forceResecure whether to force a resecure of an extant proxy // // RETURN VALUES: // Pointer to copied proxy, or NULL. If not NULL, caller must Release. // //*************************************************************************** IUnknown *CSWbemProxyCache::GetProxy ( WbemAuthenticationLevelEnum authnLevel, WbemImpersonationLevelEnum impLevel, bool forceResecure) { EnterCriticalSection (&m_cs); IUnknown *pUnk = pUnkArray [authnLevel - WBEMS_MIN_AUTHN_LEVEL] [impLevel - WBEMS_MIN_IMP_LEVEL]; if (pUnk) { // Already cached this proxy - reuse pUnk->AddRef (); // Force a resecure? This is useful if we have just changed the // privileges in the current token and need to stim RPC to pick // them up. if (forceResecure) SecureProxy (pUnk, authnLevel, impLevel); } else { // Need to create a copy of the proxy; use the first // created element as a base IUnknown *pUnkFirst = pUnkArray [m_dwInitialAuthnLevel - WBEMS_MIN_AUTHN_LEVEL] [m_dwInitialImpLevel - WBEMS_MIN_IMP_LEVEL]; if (pUnkFirst) { // Now copy the proxy IClientSecurity *pCliSec = NULL; if (S_OK == pUnkFirst->QueryInterface (IID_IClientSecurity, (PPVOID) &pCliSec)) { // If successful this AddRef's pUnk HRESULT sc = pCliSec->CopyProxy(pUnkFirst, &pUnk); if (S_OK == sc) { SecureProxy (pUnk, authnLevel, impLevel); pUnkArray [authnLevel - WBEMS_MIN_AUTHN_LEVEL] [impLevel - WBEMS_MIN_IMP_LEVEL] = pUnk; // AddRef because we are handing pUnk back pUnk->AddRef (); } pCliSec->Release (); } } } LeaveCriticalSection (&m_cs); return pUnk; } //*************************************************************************** // // CSWbemProxyCache::SecureProxy // // DESCRIPTION: // // Secure the given proxy using the provided settings // // PARAMETERS: // // authnLevel authentication level of proxy // impLevel impersonation level of proxy // // RETURN VALUES: // none // //*************************************************************************** void CSWbemProxyCache::SecureProxy ( IUnknown *pUnk, WbemAuthenticationLevelEnum authnLevel, WbemImpersonationLevelEnum impLevel) { /* * Due to the vagaries of the IClientSecurity::SetBlanket call, * any COAUTHIDENTITY pointer passed into that call must remain * valid either until SetBlanket is called again or all proxies * on the object are released. So we need to store any returned * COAUTHIDENTITY so that it remains valid for the lifetime * of this cache. */ EnterCriticalSection (&m_cs); if (pUnk) { /* * Note that our implicit assumption is that we only ever * need one COAUTHIDENTITY per cache. This is because * the ingredients of the structure (user, password and * authority) are set at cache initialization time and * never change thereafter. */ if (m_pCoAuthIdentity) { SetInterfaceSecurityDecrypt (pUnk, m_pCoAuthIdentity, m_bsPrincipal, authnLevel, impLevel, GetCapabilities (), m_bUseDefaultInfo); } else { // See if we get one BSTR bsPrincipal = NULL; SetInterfaceSecurityEncrypt (pUnk, m_bsAuthority, m_bsUser, m_bsPassword, authnLevel, impLevel, GetCapabilities (), &m_pCoAuthIdentity, &bsPrincipal, m_bUseDefaultInfo); if (bsPrincipal) { if (m_bsPrincipal) SysFreeString (m_bsPrincipal); m_bsPrincipal = bsPrincipal; } } } LeaveCriticalSection (&m_cs); return; } //*************************************************************************** // // CSWbemProxyCache::GetCapabilities // // DESCRIPTION: // // Return the EOAC capabilities value depending on the OS platform and // user credentials (or absence thereof). // // RETURN VALUES: // // The determined capabilities. // //*************************************************************************** DWORD CSWbemProxyCache::GetCapabilities () { /* * For NT5 (and presumably greater) we enable Static * Cloaking on the proxy. This allows RPC to use the * Privilege settings in the Impersonation token. * * Note that we use static cloaking so that thread identity * is only used during CoSetProxyBlanket calls; dynamic * cloaking forces it to be used on all calls to the proxy, * so is much less efficient. Since we don't allow different * users to access the same proxy, static cloaking is sufficient. * * It makes no sense to explicitly supply a User/Password and specify * cloaking, as DCOM authentication of proxy uses either * an explicit SEC_WINNT_AUTH_IDENTITY (for User & Password) * or the current proxy identity (in the process token or * impersonation token). Requesting cloaking implies that the * proxy identity in the impersonation token is to be used, and * therefore that any User/Password is irrelevant (and vice-versa). * * See MSDN documentation on CoSetProxyBlanket for more info. */ DWORD dwCapabilities = EOAC_NONE; if (CSWbemSecurity::IsNT () && (4 < CSWbemSecurity::GetNTMajorVersion ()) && !m_bUsingExplicitUserName) dwCapabilities |= EOAC_STATIC_CLOAKING; return dwCapabilities ; } COAUTHIDENTITY *CSWbemProxyCache::GetCoAuthIdentity () { HRESULT hr = E_FAIL; COAUTHIDENTITY *pAuthIdent = NULL; if (m_pCoAuthIdentity) hr = WbemAllocAuthIdentity (m_pCoAuthIdentity->User, m_pCoAuthIdentity->Password, m_pCoAuthIdentity->Domain, &pAuthIdent); return pAuthIdent; } void CSWbemProxyCache::ClearCredentials () { if (m_bsUser) { _wcsnset (m_bsUser, L'0', wcslen (m_bsUser)); SysFreeString (m_bsUser); m_bsUser = NULL; } if (m_bsPassword) { _wcsnset (m_bsPassword, L'0', wcslen (m_bsPassword)); SysFreeString (m_bsPassword); m_bsPassword = NULL; } }