You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5823 lines
126 KiB
5823 lines
126 KiB
//+--------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
// Copyright (C) Microsoft Corporation, 1996 - 1999
|
|
//
|
|
// File: certlib.cpp
|
|
//
|
|
// Contents: Cert Server wrapper routines
|
|
//
|
|
//---------------------------------------------------------------------------
|
|
|
|
#include <pch.cpp>
|
|
|
|
#pragma hdrstop
|
|
|
|
#include <stdlib.h>
|
|
#include <time.h>
|
|
#include <locale.h>
|
|
extern "C" {
|
|
#include <luidate.h>
|
|
}
|
|
#include <wininet.h>
|
|
|
|
#include "csdisp.h"
|
|
#include "csprop.h"
|
|
#include <winnlsp.h>
|
|
#include <winldap.h>
|
|
#include <ntsecapi.h>
|
|
#include "csldap.h"
|
|
#include <tfc.h>
|
|
#include "cainfop.h"
|
|
#include <dsgetdc.h>
|
|
#include <lm.h>
|
|
|
|
#define __dwFILE__ __dwFILE_CERTLIB_CERTLIB_CPP__
|
|
|
|
|
|
#define wszSANITIZEESCAPECHAR L"!"
|
|
#define wszURLESCAPECHAR L"%"
|
|
#define wcSANITIZEESCAPECHAR L'!'
|
|
|
|
char
|
|
PrintableChar(char ch)
|
|
{
|
|
if (ch < ' ' || ch > '~')
|
|
{
|
|
ch = '.';
|
|
}
|
|
return(ch);
|
|
}
|
|
|
|
|
|
VOID
|
|
mydbgDumpHex(
|
|
IN DWORD dwSubSysId,
|
|
IN DWORD Flags,
|
|
IN BYTE const *pb,
|
|
IN ULONG cb)
|
|
{
|
|
if (DbgIsSSActive(dwSubSysId))
|
|
{
|
|
DumpHex(Flags, pb, cb);
|
|
}
|
|
}
|
|
|
|
|
|
VOID
|
|
DumpHex(
|
|
IN DWORD Flags,
|
|
IN BYTE const *pb,
|
|
IN ULONG cb)
|
|
{
|
|
char const *pszsep;
|
|
ULONG r;
|
|
ULONG i;
|
|
ULONG cbremain;
|
|
BOOL fZero = FALSE;
|
|
DWORD cchIndent;
|
|
DWORD cchAsciiSep;
|
|
char szAddress[8 + 1];
|
|
char szHexDump[1 + 1 + 3 * 16 + 1];
|
|
char szAsciiDump[16 + 1];
|
|
char *psz;
|
|
|
|
cchIndent = DH_INDENTMASK & Flags;
|
|
if ((DH_MULTIADDRESS & Flags) && 16 >= cb)
|
|
{
|
|
Flags |= DH_NOADDRESS;
|
|
}
|
|
cbremain = 0;
|
|
for (r = 0; r < cb; r += 16)
|
|
{
|
|
szAddress[0] = '\0';
|
|
if (0 == (DH_NOADDRESS & Flags))
|
|
{
|
|
sprintf(szAddress, 64 * 1024 < cb? "%06x": "%04x", r);
|
|
CSASSERT(strlen(szAddress) < ARRAYSIZE(szAddress));
|
|
}
|
|
|
|
cbremain = cb - r;
|
|
if (r != 0 && pb[r] == 0 && cbremain >= 16)
|
|
{
|
|
ULONG j;
|
|
|
|
for (j = r + 1; j < cb; j++)
|
|
{
|
|
if (pb[j] != 0)
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
if (j == cb)
|
|
{
|
|
fZero = TRUE;
|
|
break;
|
|
}
|
|
}
|
|
|
|
psz = szHexDump;
|
|
for (i = 0; i < min(cbremain, 16); i++)
|
|
{
|
|
pszsep = " ";
|
|
if ((i % 8) == 0) // 0 or 8
|
|
{
|
|
pszsep = " ";
|
|
if (i == 0) // 0
|
|
{
|
|
if (0 == (DH_NOTABPREFIX & Flags))
|
|
{
|
|
pszsep = "\t";
|
|
}
|
|
else if (DH_NOADDRESS & Flags)
|
|
{
|
|
pszsep = "";
|
|
}
|
|
}
|
|
}
|
|
CSASSERT(strlen(pszsep) <= 2);
|
|
psz += sprintf(psz, "%hs%02x", pszsep, pb[r + i]);
|
|
}
|
|
*psz = '\0';
|
|
CSASSERT(strlen(szHexDump) < ARRAYSIZE(szHexDump));
|
|
|
|
cchAsciiSep = 0;
|
|
szAsciiDump[0] = '\0';
|
|
if (0 == (DH_NOASCIIHEX & Flags) && 0 != i)
|
|
{
|
|
cchAsciiSep = 3 + (16 - i)*3 + ((i <= 8)? 1 : 0);
|
|
for (i = 0; i < min(cbremain, 16); i++)
|
|
{
|
|
szAsciiDump[i] = PrintableChar(pb[r + i]);
|
|
}
|
|
szAsciiDump[i] = '\0';
|
|
CSASSERT(strlen(szAsciiDump) < ARRAYSIZE(szAsciiDump));
|
|
}
|
|
char szBuf[
|
|
sizeof(szAddress) +
|
|
sizeof(szHexDump) +
|
|
3 +
|
|
sizeof(szAsciiDump)];
|
|
_snprintf(
|
|
szBuf,
|
|
ARRAYSIZE(szBuf),
|
|
"%hs%hs%*hs%hs",
|
|
szAddress,
|
|
szHexDump,
|
|
cchAsciiSep,
|
|
"",
|
|
szAsciiDump);
|
|
szBuf[ARRAYSIZE(szBuf) - 1] = '\0';
|
|
CSASSERT(strlen(szBuf) + 1 < ARRAYSIZE(szBuf));
|
|
|
|
#define szFMTHEXDUMP "%*hs%hs\n"
|
|
if (DH_PRIVATEDATA & Flags)
|
|
{
|
|
wprintf(TEXT(szFMTHEXDUMP), cchIndent, "", szBuf);
|
|
}
|
|
else
|
|
{
|
|
CONSOLEPRINT7((MAXDWORD, szFMTHEXDUMP, cchIndent, "", szBuf));
|
|
}
|
|
}
|
|
if (fZero)
|
|
{
|
|
CONSOLEPRINT1((MAXDWORD, "\tRemaining %lx bytes are zero\n", cbremain));
|
|
}
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myDateToFileTime(
|
|
IN DATE const *pDate,
|
|
OUT FILETIME *pft)
|
|
{
|
|
SYSTEMTIME st;
|
|
HRESULT hr = S_OK;
|
|
|
|
if (*pDate == 0.0)
|
|
{
|
|
GetSystemTime(&st);
|
|
}
|
|
else
|
|
{
|
|
if (!VariantTimeToSystemTime(*pDate, &st))
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
|
|
_JumpError(hr, error, "VariantTimeToSystemTime");
|
|
}
|
|
}
|
|
|
|
if (!SystemTimeToFileTime(&st, pft))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "SystemTimeToFileTime");
|
|
}
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
HRESULT
|
|
myMakeExprDate(
|
|
IN OUT DATE *pDate,
|
|
IN LONG lDelta,
|
|
IN enum ENUM_PERIOD enumPeriod)
|
|
{
|
|
HRESULT hr;
|
|
FILETIME ft;
|
|
|
|
hr = myDateToFileTime(pDate, &ft);
|
|
_JumpIfError(hr, error, "myDateToFileTime");
|
|
|
|
myMakeExprDateTime(&ft, lDelta, enumPeriod);
|
|
|
|
hr = myFileTimeToDate(&ft, pDate);
|
|
_JumpIfError(hr, error, "myFileTimeToDate");
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
typedef struct _UNITSTABLE
|
|
{
|
|
WCHAR const *pwszString;
|
|
enum ENUM_PERIOD enumPeriod;
|
|
} UNITSTABLE;
|
|
|
|
UNITSTABLE g_aut[] =
|
|
{
|
|
{ wszPERIODSECONDS, ENUM_PERIOD_SECONDS },
|
|
{ wszPERIODMINUTES, ENUM_PERIOD_MINUTES },
|
|
{ wszPERIODHOURS, ENUM_PERIOD_HOURS },
|
|
{ wszPERIODDAYS, ENUM_PERIOD_DAYS },
|
|
{ wszPERIODWEEKS, ENUM_PERIOD_WEEKS },
|
|
{ wszPERIODMONTHS, ENUM_PERIOD_MONTHS },
|
|
{ wszPERIODYEARS, ENUM_PERIOD_YEARS },
|
|
};
|
|
#define CUNITSTABLEMAX (sizeof(g_aut)/sizeof(g_aut[0]))
|
|
|
|
|
|
HRESULT
|
|
myTranslatePeriodUnits(
|
|
IN WCHAR const *pwszPeriod,
|
|
IN LONG lCount,
|
|
OUT enum ENUM_PERIOD *penumPeriod,
|
|
OUT LONG *plCount)
|
|
{
|
|
HRESULT hr;
|
|
UNITSTABLE const *put;
|
|
|
|
for (put = g_aut; put < &g_aut[CUNITSTABLEMAX]; put++)
|
|
{
|
|
if (0 == mylstrcmpiS(pwszPeriod, put->pwszString))
|
|
{
|
|
*penumPeriod = put->enumPeriod;
|
|
if (0 > lCount)
|
|
{
|
|
lCount = MAXLONG;
|
|
}
|
|
*plCount = lCount;
|
|
hr = S_OK;
|
|
goto error;
|
|
}
|
|
}
|
|
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
|
|
|
|
error:
|
|
CSASSERT(hr == S_OK);
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myTranslateUnlocalizedPeriodString(
|
|
IN enum ENUM_PERIOD enumPeriod,
|
|
OUT WCHAR const **ppwszPeriodString)
|
|
{
|
|
HRESULT hr;
|
|
UNITSTABLE const *put;
|
|
|
|
*ppwszPeriodString = NULL;
|
|
for (put = g_aut; put < &g_aut[CUNITSTABLEMAX]; put++)
|
|
{
|
|
if (enumPeriod == put->enumPeriod)
|
|
{
|
|
*ppwszPeriodString = put->pwszString;
|
|
hr = S_OK;
|
|
goto error;
|
|
}
|
|
}
|
|
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
|
|
|
|
error:
|
|
CSASSERT(hr == S_OK);
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myFileTimePeriodToWszTimePeriod(
|
|
IN FILETIME const *pftGMT,
|
|
IN BOOL fExact,
|
|
OUT WCHAR **ppwszTimePeriod)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cPeriodUnits;
|
|
PERIODUNITS *rgPeriodUnits = NULL;
|
|
WCHAR const *pwszUnitSep;
|
|
DWORD i;
|
|
WCHAR awc[MAX_PATH];
|
|
WCHAR *pwsz;
|
|
|
|
*ppwszTimePeriod = NULL;
|
|
hr = caTranslateFileTimePeriodToPeriodUnits(
|
|
pftGMT,
|
|
fExact,
|
|
&cPeriodUnits,
|
|
&rgPeriodUnits);
|
|
_JumpIfError(hr, error, "caTranslateFileTimePeriodToPeriodUnits");
|
|
|
|
CSASSERT(0 < cPeriodUnits);
|
|
pwszUnitSep = L"";
|
|
pwsz = awc;
|
|
for (i = 0; i < cPeriodUnits; i++)
|
|
{
|
|
WCHAR const *pwszPeriodString;
|
|
|
|
hr = myTranslateUnlocalizedPeriodString(
|
|
rgPeriodUnits[i].enumPeriod,
|
|
&pwszPeriodString);
|
|
_JumpIfError(hr, error, "myTranslateUnlocalizedPeriodString");
|
|
|
|
pwsz += wsprintf(
|
|
pwsz,
|
|
L"%ws%u %ws",
|
|
pwszUnitSep,
|
|
rgPeriodUnits[i].lCount,
|
|
pwszPeriodString);
|
|
pwszUnitSep = L", ";
|
|
}
|
|
hr = myDupString(awc, ppwszTimePeriod);
|
|
_JumpIfError(hr, error, "myDupString");
|
|
|
|
error:
|
|
if (NULL != rgPeriodUnits)
|
|
{
|
|
LocalFree(rgPeriodUnits);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myFileTimeToDate(
|
|
IN FILETIME const *pft,
|
|
OUT DATE *pDate)
|
|
{
|
|
SYSTEMTIME st;
|
|
HRESULT hr = S_OK;
|
|
|
|
if (!FileTimeToSystemTime(pft, &st))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "FileTimeToSystemTime");
|
|
}
|
|
if (!SystemTimeToVariantTime(&st, pDate))
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
|
|
_JumpError(hr, error, "SystemTimeToVariantTime");
|
|
}
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
mySystemTimeToGMTSystemTime(
|
|
IN OUT SYSTEMTIME *pSys)
|
|
{
|
|
// Conversion path: SystemTimeLocal -> ftLocal -> ftGMT -> SystemTimeGMT
|
|
|
|
FILETIME ftLocal, ftGMT;
|
|
HRESULT hr = S_OK;
|
|
|
|
if (!SystemTimeToFileTime(pSys, &ftLocal))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "SystemTimeToFileTime");
|
|
}
|
|
|
|
if (!LocalFileTimeToFileTime(&ftLocal, &ftGMT))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "LocalFileTimeToFileTime");
|
|
}
|
|
|
|
if (!FileTimeToSystemTime(&ftGMT, pSys))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "FileTimeToSystemTime");
|
|
}
|
|
|
|
error:
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGMTFileTimeToWszLocalTime(
|
|
IN FILETIME const *pftGMT,
|
|
IN BOOL fSeconds,
|
|
OUT WCHAR **ppwszLocalTime)
|
|
{
|
|
HRESULT hr;
|
|
FILETIME ftLocal;
|
|
|
|
*ppwszLocalTime = NULL;
|
|
|
|
if (!FileTimeToLocalFileTime(pftGMT, &ftLocal))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "FileTimeToLocalFileTime");
|
|
}
|
|
hr = myFileTimeToWszTime(&ftLocal, fSeconds, ppwszLocalTime);
|
|
_JumpIfError(hr, error, "myFileTimeToWszTime");
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myFileTimeToWszTime(
|
|
IN FILETIME const *pft,
|
|
IN BOOL fSeconds,
|
|
OUT WCHAR **ppwszTime)
|
|
{
|
|
HRESULT hr;
|
|
SYSTEMTIME st;
|
|
WCHAR awcDate[128];
|
|
WCHAR awcTime[128];
|
|
WCHAR *pwsz;
|
|
|
|
*ppwszTime = NULL;
|
|
|
|
if (!FileTimeToSystemTime(pft, &st))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "FileTimeToSystemTime");
|
|
}
|
|
|
|
if (0 == GetDateFormat(
|
|
LOCALE_USER_DEFAULT,
|
|
DATE_SHORTDATE,
|
|
&st,
|
|
NULL,
|
|
awcDate,
|
|
sizeof(awcDate)/sizeof(awcDate[0])))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetDateFormat");
|
|
}
|
|
|
|
if (0 == GetTimeFormat(
|
|
LOCALE_USER_DEFAULT,
|
|
TIME_NOSECONDS,
|
|
&st,
|
|
NULL,
|
|
awcTime,
|
|
sizeof(awcTime)/sizeof(awcTime[0])))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetTimeFormat");
|
|
}
|
|
|
|
if (fSeconds)
|
|
{
|
|
wsprintf(
|
|
&awcTime[wcslen(awcTime)],
|
|
L" %02u.%03us",
|
|
st.wSecond,
|
|
st.wMilliseconds);
|
|
}
|
|
|
|
pwsz = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
(wcslen(awcDate) + 1 + wcslen(awcTime) + 1) * sizeof(WCHAR));
|
|
if (NULL == pwsz)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(pwsz, awcDate);
|
|
wcscat(pwsz, L" ");
|
|
wcscat(pwsz, awcTime);
|
|
|
|
*ppwszTime = pwsz;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGMTDateToWszLocalTime(
|
|
IN DATE const *pDateGMT,
|
|
IN BOOL fSeconds,
|
|
OUT WCHAR **ppwszLocalTime)
|
|
{
|
|
HRESULT hr;
|
|
FILETIME ftGMT;
|
|
|
|
*ppwszLocalTime = NULL;
|
|
|
|
hr = myDateToFileTime(pDateGMT, &ftGMT);
|
|
_JumpIfError(hr, error, "myDateToFileTime");
|
|
|
|
hr = myGMTFileTimeToWszLocalTime(&ftGMT, fSeconds, ppwszLocalTime);
|
|
_JumpIfError(hr, error, "FileTimeToLocalFileTime");
|
|
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myWszLocalTimeToGMTDate(
|
|
IN WCHAR const *pwszLocalTime,
|
|
OUT DATE *pDateGMT)
|
|
{
|
|
HRESULT hr;
|
|
FILETIME ftGMT;
|
|
|
|
hr = myWszLocalTimeToGMTFileTime(pwszLocalTime, &ftGMT);
|
|
_JumpIfError2(hr, error, "myWszLocalTimeToGMTFileTime", E_INVALIDARG);
|
|
|
|
hr = myFileTimeToDate(&ftGMT, pDateGMT);
|
|
_JumpIfError(hr, error, "myFileTimeToDate");
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myWszLocalTimeToGMTFileTime(
|
|
IN WCHAR const *pwszLocalTime,
|
|
OUT FILETIME *pftGMT)
|
|
{
|
|
HRESULT hr;
|
|
time_t time;
|
|
USHORT parselen;
|
|
struct tm *ptm;
|
|
SYSTEMTIME stLocal;
|
|
FILETIME ftLocal;
|
|
char *pszLocalTime = NULL;
|
|
|
|
if (!ConvertWszToSz(&pszLocalTime, pwszLocalTime, -1))
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "ConvertWszToSz");
|
|
}
|
|
|
|
hr = LUI_ParseDateTime(pszLocalTime, (time_t *) &time, &parselen, 0);
|
|
if (S_OK != hr)
|
|
{
|
|
_PrintError2(hr, "LUI_ParseDateTime", hr);
|
|
hr = E_INVALIDARG;
|
|
_JumpError2(hr, error, "LUI_ParseDateTime", hr);
|
|
}
|
|
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"myWszLocalTimeToGMTDate = %ws: %x -- %ws\n",
|
|
pwszLocalTime,
|
|
time,
|
|
_wctime(&time)));
|
|
|
|
ptm = gmtime(&time);
|
|
if (ptm == NULL)
|
|
{
|
|
hr = E_UNEXPECTED;
|
|
_JumpError(hr, error, "gmTime");
|
|
}
|
|
|
|
stLocal.wYear = (WORD) ptm->tm_year + 1900;
|
|
stLocal.wMonth = (WORD) ptm->tm_mon + 1;
|
|
stLocal.wDayOfWeek = (WORD) ptm->tm_wday;
|
|
stLocal.wDay = (WORD) ptm->tm_mday;
|
|
stLocal.wHour = (WORD) ptm->tm_hour;
|
|
stLocal.wMinute = (WORD) ptm->tm_min;
|
|
stLocal.wSecond = (WORD) ptm->tm_sec;
|
|
stLocal.wMilliseconds = 0;
|
|
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"%u/%u/%u %u:%02u:%02u.%03u DayOfWeek=%u\n",
|
|
stLocal.wMonth,
|
|
stLocal.wDay,
|
|
stLocal.wYear,
|
|
stLocal.wHour,
|
|
stLocal.wMinute,
|
|
stLocal.wSecond,
|
|
stLocal.wMilliseconds,
|
|
stLocal.wDayOfWeek));
|
|
|
|
if (!SystemTimeToFileTime(&stLocal, &ftLocal))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "SystemTimeToFileTime");
|
|
}
|
|
|
|
if (!LocalFileTimeToFileTime(&ftLocal, pftGMT))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "LocalFileTimeToFileTime");
|
|
}
|
|
|
|
error:
|
|
if (NULL != pszLocalTime)
|
|
{
|
|
LocalFree(pszLocalTime);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
// counts # of string in a multisz string
|
|
DWORD CountMultiSz(LPCWSTR pcwszString)
|
|
{
|
|
DWORD dwCount = 0;
|
|
|
|
if(!pcwszString)
|
|
return 0;
|
|
while(*pcwszString)
|
|
{
|
|
dwCount++;
|
|
pcwszString += wcslen(pcwszString)+1;
|
|
}
|
|
return dwCount;
|
|
}
|
|
|
|
//
|
|
// myRegValueToVariant and myVariantToRegValue map registry values
|
|
// to/from variant:
|
|
//
|
|
// REG_SZ <-> VT_BSTR
|
|
// REG_BINARY <-> VT_ARRAY|VT_UI1
|
|
// REG_DWORD <-> VT_I4 (VT_I2)
|
|
// REG_MULTI_SZ <-> VT_ARRAY|VT_BSTR
|
|
//
|
|
|
|
HRESULT myRegValueToVariant(
|
|
IN DWORD dwType,
|
|
IN DWORD cbValue,
|
|
IN BYTE const *pbValue,
|
|
OUT VARIANT *pVar)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
SAFEARRAYBOUND sab;
|
|
LPWSTR pwszCrtString = (LPWSTR)pbValue;
|
|
BSTR bstr = NULL;
|
|
SAFEARRAY* psa;
|
|
|
|
VariantInit(pVar);
|
|
|
|
switch(dwType)
|
|
{
|
|
case REG_SZ:
|
|
if(sizeof(WCHAR)<=cbValue)
|
|
cbValue -= sizeof(WCHAR);
|
|
V_BSTR(pVar) = NULL;
|
|
if (!ConvertWszToBstr(
|
|
&(V_BSTR(pVar)),
|
|
(WCHAR const *) pbValue,
|
|
cbValue))
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "ConvertWszToBstr");
|
|
}
|
|
V_VT(pVar) = VT_BSTR;
|
|
break;
|
|
|
|
case REG_BINARY:
|
|
sab.cElements = cbValue;
|
|
sab.lLbound = 0;
|
|
psa = SafeArrayCreate(
|
|
VT_UI1,
|
|
1,
|
|
&sab);
|
|
if(!psa)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "SafeArrayCreate");
|
|
}
|
|
for(DWORD c=0; c<sab.cElements; c++)
|
|
{
|
|
hr = SafeArrayPutElement(psa, (LONG*)&c, (LPVOID)&pbValue[c]);
|
|
_JumpIfError(hr, error, "SafeArrayPutElement");
|
|
}
|
|
|
|
V_VT(pVar) = VT_ARRAY|VT_UI1;
|
|
V_ARRAY(pVar) = psa;
|
|
break;
|
|
|
|
case REG_DWORD:
|
|
V_VT(pVar) = VT_I4;
|
|
V_I4(pVar) = *(LONG const *) pbValue;
|
|
break;
|
|
|
|
case REG_MULTI_SZ:
|
|
sab.cElements = CountMultiSz((LPCWSTR)pbValue);
|
|
sab.lLbound = 0;
|
|
psa = SafeArrayCreate(
|
|
VT_BSTR,
|
|
1,
|
|
&sab);
|
|
if(!psa)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "SafeArrayCreate");
|
|
}
|
|
for(DWORD cStr=0; cStr<sab.cElements; cStr++)
|
|
{
|
|
if(!ConvertWszToBstr(
|
|
&bstr,
|
|
pwszCrtString,
|
|
-1))
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "ConvertWszToBstr");
|
|
}
|
|
|
|
hr = SafeArrayPutElement(psa, (LONG*)&cStr, bstr);
|
|
_JumpIfError(hr, error, "SafeArrayPutElement");
|
|
|
|
pwszCrtString += wcslen(pwszCrtString)+1;
|
|
|
|
SysFreeString(bstr);
|
|
bstr = NULL;
|
|
}
|
|
|
|
V_VT(pVar) = VT_ARRAY|VT_BSTR;
|
|
V_ARRAY(pVar) = psa;
|
|
break;
|
|
|
|
default:
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "invalid type");
|
|
}
|
|
|
|
error:
|
|
if(bstr)
|
|
SysFreeString(bstr);
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myVariantToRegValue(
|
|
IN VARIANT const *pvarPropertyValue,
|
|
OUT DWORD *pdwType,
|
|
OUT DWORD *pcbprop,
|
|
OUT BYTE **ppbprop)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
DWORD cbprop = 0;
|
|
BYTE *pbprop = NULL; // no free
|
|
LONG lLbound, lUbound;
|
|
void * pData = NULL;
|
|
LPSAFEARRAY psa = NULL; // no free
|
|
BSTR bstr = NULL; // no free
|
|
|
|
*ppbprop = NULL;
|
|
*pcbprop = 0;
|
|
|
|
switch (pvarPropertyValue->vt)
|
|
{
|
|
case VT_BYREF|VT_BSTR:
|
|
case VT_BSTR:
|
|
bstr = (pvarPropertyValue->vt & VT_BYREF)?
|
|
*V_BSTRREF(pvarPropertyValue):
|
|
V_BSTR(pvarPropertyValue);
|
|
|
|
*pdwType = REG_SZ;
|
|
|
|
if (NULL == bstr)
|
|
{
|
|
bstr = L"";
|
|
}
|
|
|
|
pbprop = (BYTE *) bstr;
|
|
cbprop = (wcslen(bstr) + 1) * sizeof(WCHAR);
|
|
break;
|
|
|
|
case VT_BYREF|VT_ARRAY|VT_UI1:
|
|
case VT_ARRAY|VT_UI1:
|
|
psa = (pvarPropertyValue->vt & VT_BYREF)?
|
|
*V_ARRAYREF(pvarPropertyValue):
|
|
V_ARRAY(pvarPropertyValue);
|
|
*pdwType = REG_BINARY;
|
|
if(1!=SafeArrayGetDim(psa))
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "only 1 dim array of bytes allowed");
|
|
}
|
|
|
|
hr = SafeArrayGetLBound(
|
|
psa,
|
|
1,
|
|
&lLbound);
|
|
_JumpIfError(hr, error, "SafeArrayGetLBound");
|
|
|
|
hr = SafeArrayGetUBound(
|
|
psa,
|
|
1,
|
|
&lUbound);
|
|
_JumpIfError(hr, error, "SafeArrayGetLBound");
|
|
|
|
hr = SafeArrayAccessData(psa, &pData);
|
|
_JumpIfError(hr, error, "SafeArrayGetLBound");
|
|
|
|
cbprop = lUbound-lLbound+1;
|
|
pbprop = (LPBYTE)pData;
|
|
break;
|
|
|
|
case VT_BYREF|VT_I2:
|
|
case VT_I2:
|
|
*pdwType = REG_DWORD;
|
|
pbprop = (BYTE *)((pvarPropertyValue->vt & VT_BYREF)?
|
|
V_I2REF(pvarPropertyValue):
|
|
&V_I2(pvarPropertyValue));
|
|
cbprop = sizeof(V_I2(pvarPropertyValue));
|
|
break;
|
|
|
|
case VT_BYREF|VT_I4:
|
|
case VT_I4:
|
|
*pdwType = REG_DWORD;
|
|
pbprop = (BYTE *) ((pvarPropertyValue->vt & VT_BYREF)?
|
|
V_I4REF(pvarPropertyValue):
|
|
&V_I4(pvarPropertyValue));
|
|
cbprop = sizeof(pvarPropertyValue->lVal);
|
|
break;
|
|
|
|
case VT_BYREF|VT_ARRAY|VT_BSTR:
|
|
case VT_ARRAY|VT_BSTR:
|
|
psa = (pvarPropertyValue->vt & VT_BYREF)?
|
|
*V_ARRAYREF(pvarPropertyValue):
|
|
V_ARRAY(pvarPropertyValue);
|
|
|
|
*pdwType = REG_MULTI_SZ;
|
|
if(1!=SafeArrayGetDim(psa))
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "only 1 dim array of bstr allowed");
|
|
}
|
|
|
|
hr = SafeArrayGetLBound(
|
|
psa,
|
|
1,
|
|
&lLbound);
|
|
_JumpIfError(hr, error, "SafeArrayGetLBound");
|
|
|
|
hr = SafeArrayGetUBound(
|
|
psa,
|
|
1,
|
|
&lUbound);
|
|
_JumpIfError(hr, error, "SafeArrayGetLBound");
|
|
|
|
hr = SafeArrayAccessData(psa, &pData);
|
|
_JumpIfError(hr, error, "SafeArrayGetLBound");
|
|
|
|
for(LONG c=0;c<=lUbound-lLbound;c++)
|
|
{
|
|
BSTR str = ((BSTR *) pData)[c];
|
|
|
|
if (NULL == str)
|
|
{
|
|
hr = E_POINTER;
|
|
_JumpError(hr, error, "BSTR NULL");
|
|
}
|
|
cbprop += wcslen(str)+1;
|
|
}
|
|
cbprop += 1;
|
|
cbprop *= sizeof(WCHAR);
|
|
|
|
{
|
|
BYTE* pbprop2 = (BYTE *) LocalAlloc(LMEM_FIXED, cbprop);
|
|
if (NULL == pbprop2)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
*ppbprop = pbprop2;
|
|
|
|
for(LONG c=0;c<=lUbound-lLbound;c++)
|
|
{
|
|
wcscpy((LPWSTR)pbprop2, ((BSTR*)pData)[c]);
|
|
pbprop2 += (wcslen((LPWSTR)pbprop2)+1)*sizeof(WCHAR);
|
|
}
|
|
|
|
*(LPWSTR)pbprop2 = L'\0';
|
|
}
|
|
break;
|
|
|
|
default:
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "invalid variant type");
|
|
}
|
|
|
|
if (NULL != pbprop)
|
|
{
|
|
*ppbprop = (BYTE *) LocalAlloc(LMEM_FIXED, cbprop);
|
|
if (NULL == *ppbprop)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
CopyMemory(*ppbprop, pbprop, cbprop);
|
|
}
|
|
|
|
*pcbprop = cbprop;
|
|
|
|
error:
|
|
|
|
if(pData)
|
|
{
|
|
CSASSERT(psa);
|
|
SafeArrayUnaccessData(psa);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myUnmarshalVariant(
|
|
IN DWORD PropType,
|
|
IN DWORD cbValue,
|
|
IN BYTE const *pbValue,
|
|
OUT VARIANT *pvarValue)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
|
|
CSASSERT(NULL != pvarValue);
|
|
VariantInit(pvarValue);
|
|
|
|
// pb = NULL, cb = 0 always returns VT_EMPTY
|
|
|
|
if (NULL == pbValue)
|
|
{
|
|
CSASSERT(0 == cbValue);
|
|
CSASSERT(VT_EMPTY == pvarValue->vt);
|
|
goto error;
|
|
}
|
|
|
|
switch (PROPTYPE_MASK & PropType)
|
|
{
|
|
case PROPTYPE_STRING:
|
|
if (0 == (PROPMARSHAL_LOCALSTRING & PropType) &&
|
|
sizeof(WCHAR) <= cbValue)
|
|
{
|
|
cbValue -= sizeof(WCHAR);
|
|
}
|
|
if (*(WCHAR const*)(pbValue+cbValue) != L'\0' &&
|
|
wcslen((WCHAR const *) pbValue) * sizeof(WCHAR) != cbValue)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "bad string len");
|
|
}
|
|
// FALLTHROUGH:
|
|
|
|
case PROPTYPE_BINARY:
|
|
// CSASSERT(0 != cbValue);
|
|
pvarValue->bstrVal = NULL;
|
|
if (!ConvertWszToBstr(
|
|
&pvarValue->bstrVal,
|
|
(WCHAR const *) pbValue,
|
|
cbValue))
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "ConvertWszToBstr");
|
|
}
|
|
pvarValue->vt = VT_BSTR;
|
|
break;
|
|
|
|
case PROPTYPE_LONG:
|
|
if (sizeof(LONG) != cbValue)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "bad PROPTYPE_LONG len");
|
|
}
|
|
pvarValue->vt = VT_I4;
|
|
pvarValue->lVal = *(LONG const *) pbValue;
|
|
break;
|
|
|
|
case PROPTYPE_DATE:
|
|
if (sizeof(FILETIME) != cbValue)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "bad PROPTYPE_DATE len");
|
|
}
|
|
hr = myFileTimeToDate(
|
|
(FILETIME const *) pbValue,
|
|
&pvarValue->date);
|
|
_JumpIfError(hr, error, "myFileTimeToDate");
|
|
|
|
pvarValue->vt = VT_DATE;
|
|
break;
|
|
|
|
default:
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "PropType parameter");
|
|
}
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myUnmarshalFormattedVariant(
|
|
IN DWORD Flags,
|
|
IN DWORD PropId,
|
|
IN DWORD PropType,
|
|
IN DWORD cbValue,
|
|
IN BYTE const *pbValue,
|
|
OUT VARIANT *pvarValue)
|
|
{
|
|
HRESULT hr;
|
|
BSTR strCert;
|
|
|
|
hr = myUnmarshalVariant(
|
|
PropType,
|
|
cbValue,
|
|
pbValue,
|
|
pvarValue);
|
|
_JumpIfError(hr, error, "myUnmarshalVariant");
|
|
|
|
if (PROPTYPE_BINARY == (PROPTYPE_MASK & PropType))
|
|
{
|
|
CSASSERT(VT_BSTR == pvarValue->vt);
|
|
|
|
CSASSERT(CSExpr(CV_OUT_BASE64HEADER == CRYPT_STRING_BASE64HEADER));
|
|
CSASSERT(CSExpr(CV_OUT_BASE64 == CRYPT_STRING_BASE64));
|
|
CSASSERT(CSExpr(CV_OUT_BINARY == CRYPT_STRING_BINARY));
|
|
CSASSERT(CSExpr(CV_OUT_BASE64REQUESTHEADER == CRYPT_STRING_BASE64REQUESTHEADER));
|
|
CSASSERT(CSExpr(CV_OUT_HEX == CRYPT_STRING_HEX));
|
|
CSASSERT(CSExpr(CV_OUT_HEXASCII == CRYPT_STRING_HEXASCII));
|
|
CSASSERT(CSExpr(CV_OUT_HEXADDR == CRYPT_STRING_HEXADDR));
|
|
CSASSERT(CSExpr(CV_OUT_HEXASCIIADDR == CRYPT_STRING_HEXASCIIADDR));
|
|
|
|
switch (Flags)
|
|
{
|
|
case CV_OUT_BASE64HEADER:
|
|
if (CR_PROP_BASECRL == PropId || CR_PROP_DELTACRL == PropId)
|
|
{
|
|
Flags = CV_OUT_BASE64X509CRLHEADER;
|
|
}
|
|
else
|
|
if (MAXDWORD == PropId)
|
|
{
|
|
Flags = CV_OUT_BASE64REQUESTHEADER;
|
|
}
|
|
break;
|
|
|
|
case CV_OUT_BASE64:
|
|
case CV_OUT_BINARY:
|
|
case CV_OUT_BASE64REQUESTHEADER:
|
|
case CV_OUT_BASE64X509CRLHEADER:
|
|
case CV_OUT_HEX:
|
|
case CV_OUT_HEXASCII:
|
|
case CV_OUT_HEXADDR:
|
|
case CV_OUT_HEXASCIIADDR:
|
|
break;
|
|
|
|
default:
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "Flags");
|
|
}
|
|
|
|
if (CV_OUT_BINARY != Flags)
|
|
{
|
|
strCert = NULL;
|
|
hr = EncodeCertString(pbValue, cbValue, Flags, &strCert);
|
|
_JumpIfError(hr, error, "EncodeCertString");
|
|
|
|
SysFreeString(pvarValue->bstrVal);
|
|
pvarValue->bstrVal = strCert;
|
|
}
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myMarshalVariant(
|
|
IN VARIANT const *pvarPropertyValue,
|
|
IN DWORD PropType,
|
|
OUT DWORD *pcbprop,
|
|
OUT BYTE **ppbprop)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
DWORD cbprop = 0;
|
|
BYTE *pbprop = NULL;
|
|
BSTR str = NULL;
|
|
FILETIME ft;
|
|
LONG lval;
|
|
|
|
*ppbprop = NULL;
|
|
|
|
// VT_EMPTY always produces same result: *ppbprop = NULL, *pcbprop = 0
|
|
if (VT_EMPTY != pvarPropertyValue->vt)
|
|
{
|
|
switch (PROPTYPE_MASK & PropType)
|
|
{
|
|
case PROPTYPE_BINARY:
|
|
case PROPTYPE_STRING:
|
|
switch (pvarPropertyValue->vt)
|
|
{
|
|
case VT_BYREF | VT_BSTR:
|
|
if (NULL != pvarPropertyValue->pbstrVal)
|
|
{
|
|
str = *pvarPropertyValue->pbstrVal;
|
|
}
|
|
break;
|
|
|
|
case VT_BSTR:
|
|
str = pvarPropertyValue->bstrVal;
|
|
break;
|
|
}
|
|
if (NULL == str)
|
|
{
|
|
if (PROPTYPE_STRING == (PROPTYPE_MASK & PropType) &&
|
|
(PROPMARSHAL_NULLBSTROK & PropType) &&
|
|
VT_NULL == pvarPropertyValue->vt)
|
|
{
|
|
cbprop = 0;
|
|
}
|
|
else
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(
|
|
pvarPropertyValue->vt,
|
|
error,
|
|
"variant BSTR type/value");
|
|
}
|
|
}
|
|
else
|
|
{
|
|
pbprop = (BYTE *) str;
|
|
if (PROPTYPE_BINARY == (PROPTYPE_MASK & PropType))
|
|
{
|
|
cbprop = SysStringByteLen(str) + sizeof(WCHAR);
|
|
}
|
|
else
|
|
{
|
|
cbprop = (wcslen(str) + 1) * sizeof(WCHAR);
|
|
}
|
|
}
|
|
break;
|
|
|
|
case PROPTYPE_LONG:
|
|
// VB likes to send small constant integers as VT_I2
|
|
|
|
if (VT_I2 == pvarPropertyValue->vt)
|
|
{
|
|
lval = pvarPropertyValue->iVal;
|
|
}
|
|
else if (VT_I4 == pvarPropertyValue->vt)
|
|
{
|
|
lval = pvarPropertyValue->lVal;
|
|
}
|
|
else if (VT_EMPTY == pvarPropertyValue->vt)
|
|
{
|
|
pbprop = NULL;
|
|
cbprop = 0;
|
|
break;
|
|
}
|
|
else
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(pvarPropertyValue->vt, error, "variant LONG type");
|
|
}
|
|
pbprop = (BYTE *) &lval;
|
|
cbprop = sizeof(lval);
|
|
break;
|
|
|
|
case PROPTYPE_DATE:
|
|
if (VT_DATE == pvarPropertyValue->vt)
|
|
{
|
|
hr = myDateToFileTime(&pvarPropertyValue->date, &ft);
|
|
_JumpIfError(hr, error, "myDateToFileTime");
|
|
}
|
|
else if (VT_EMPTY == pvarPropertyValue->vt)
|
|
{
|
|
pbprop = NULL;
|
|
cbprop = 0;
|
|
break;
|
|
}
|
|
else
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(pvarPropertyValue->vt, error, "variant DATE type");
|
|
}
|
|
|
|
pbprop = (BYTE *) &ft;
|
|
cbprop = sizeof(ft);
|
|
break;
|
|
|
|
default:
|
|
hr = E_INVALIDARG;
|
|
_JumpError(pvarPropertyValue->vt, error, "variant type/value");
|
|
}
|
|
if (NULL != pbprop)
|
|
{
|
|
*ppbprop = (BYTE *) LocalAlloc(LMEM_FIXED, cbprop);
|
|
if (NULL == *ppbprop)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
CopyMemory(*ppbprop, pbprop, cbprop);
|
|
if (NULL != str &&
|
|
sizeof(WCHAR) <= cbprop &&
|
|
((PROPMARSHAL_LOCALSTRING & PropType) ||
|
|
PROPTYPE_BINARY == (PROPTYPE_MASK & PropType)))
|
|
{
|
|
cbprop -= sizeof(WCHAR);
|
|
}
|
|
}
|
|
}
|
|
*pcbprop = cbprop;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
myIsMinusSignString(
|
|
IN WCHAR const *pwsz)
|
|
{
|
|
return(
|
|
NULL != pwsz &&
|
|
L'\0' != pwsz[0] &&
|
|
L'\0' == pwsz[1] &&
|
|
myIsMinusSign(pwsz[0]));
|
|
}
|
|
|
|
|
|
// IsCharRegKeyChar -- Determines if a character is valid for use in a file
|
|
// name AND in a registry key name.
|
|
#define wszInvalidFileAndKeyChars L"<>\"/\\:|?*"
|
|
#define wszUnsafeURLChars L"#\"&<>[]^`{}|"
|
|
#define wszUnsafeDSChars L"()='\"`,;+"
|
|
|
|
BOOL
|
|
myIsCharSanitized(
|
|
IN WCHAR wc)
|
|
{
|
|
BOOL fCharOk = TRUE;
|
|
if (L' ' > wc ||
|
|
L'~' < wc ||
|
|
NULL != wcschr(
|
|
wszInvalidFileAndKeyChars
|
|
wszUnsafeURLChars
|
|
wszSANITIZEESCAPECHAR
|
|
wszURLESCAPECHAR
|
|
wszUnsafeDSChars,
|
|
wc))
|
|
{
|
|
fCharOk = FALSE;
|
|
}
|
|
return(fCharOk);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
mySanitizeName(
|
|
IN WCHAR const *pwszName,
|
|
OUT WCHAR **ppwszNameOut)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
WCHAR const *pwszPassedName;
|
|
WCHAR *pwszDst;
|
|
WCHAR *pwszOut = NULL;
|
|
WCHAR wcChar;
|
|
DWORD dwSize;
|
|
|
|
*ppwszNameOut = NULL;
|
|
pwszPassedName = pwszName;
|
|
|
|
dwSize = 0;
|
|
|
|
if (NULL == pwszName)
|
|
{
|
|
hr = E_POINTER;
|
|
_JumpError(hr, error, "pwszName NULL");
|
|
}
|
|
|
|
while (L'\0' != (wcChar = *pwszPassedName++))
|
|
{
|
|
if (myIsCharSanitized(wcChar))
|
|
{
|
|
dwSize++;
|
|
}
|
|
else
|
|
{
|
|
dwSize += 5; // format !XXXX
|
|
}
|
|
}
|
|
if (0 == dwSize)
|
|
{
|
|
goto error; // done
|
|
}
|
|
|
|
pwszOut = (WCHAR *) LocalAlloc(LMEM_ZEROINIT, (dwSize + 1) * sizeof(WCHAR));
|
|
if (NULL == pwszOut)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
pwszDst = pwszOut;
|
|
while (L'\0' != (wcChar = *pwszName++))
|
|
{
|
|
if (myIsCharSanitized(wcChar))
|
|
{
|
|
*pwszDst++ = wcChar;
|
|
}
|
|
else
|
|
{
|
|
pwszDst += wsprintf(
|
|
pwszDst,
|
|
L"%ws%04x",
|
|
wszSANITIZEESCAPECHAR,
|
|
wcChar);
|
|
}
|
|
}
|
|
*pwszDst = wcChar; // L'\0' terminator
|
|
|
|
*ppwszNameOut = pwszOut;
|
|
pwszOut = NULL;
|
|
|
|
hr = S_OK;
|
|
error:
|
|
if (NULL != pwszOut)
|
|
{
|
|
LocalFree(pwszOut);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
ScanHexEscapeDigits(
|
|
IN WCHAR const *pwszHex,
|
|
OUT WCHAR *pwcRevert)
|
|
{
|
|
BOOL ret = FALSE;
|
|
DWORD i;
|
|
WCHAR wc;
|
|
WCHAR wszValue[5];
|
|
|
|
for (i = 0; i < 4; i++)
|
|
{
|
|
wc = pwszHex[i];
|
|
wszValue[i] = wc;
|
|
if (!isascii(wc) || !isxdigit((char) wc))
|
|
{
|
|
goto error;
|
|
}
|
|
}
|
|
wszValue[4] = L'\0';
|
|
if (1 != swscanf(wszValue, L"%04x", &i))
|
|
{
|
|
goto error;
|
|
}
|
|
*pwcRevert = (WCHAR) i;
|
|
ret = TRUE;
|
|
|
|
error:
|
|
return(ret);
|
|
}
|
|
|
|
|
|
// This function will truncate the output if pwszName contains "!0000".
|
|
// The output string is L'\0' terminated, so the length is not returned.
|
|
|
|
HRESULT
|
|
myRevertSanitizeName(
|
|
IN WCHAR const *pwszName,
|
|
OUT WCHAR **ppwszNameOut)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cwc;
|
|
WCHAR wc;
|
|
WCHAR wcRevert;
|
|
WCHAR *pwszRevert;
|
|
|
|
*ppwszNameOut = NULL;
|
|
|
|
if (NULL == pwszName)
|
|
{
|
|
hr = E_POINTER;
|
|
_JumpError(hr, error, "NULL sanitized name");
|
|
}
|
|
cwc = wcslen(pwszName);
|
|
*ppwszNameOut = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
|
|
if (NULL == *ppwszNameOut)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "Out of memory");
|
|
}
|
|
|
|
pwszRevert = *ppwszNameOut;
|
|
while (L'\0' != *pwszName)
|
|
{
|
|
wc = *pwszName++;
|
|
|
|
if (wcSANITIZEESCAPECHAR == wc &&
|
|
ScanHexEscapeDigits(pwszName, &wcRevert))
|
|
{
|
|
wc = wcRevert;
|
|
pwszName += 4;
|
|
}
|
|
*pwszRevert++ = wc;
|
|
}
|
|
*pwszRevert = L'\0';
|
|
CSASSERT(wcslen(*ppwszNameOut) <= cwc);
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return hr;
|
|
}
|
|
|
|
|
|
#define cwcCNMAX 64 // 64 chars max for DS CN
|
|
#define cwcCHOPHASHMAX (1 + 5) // "-%05hu" decimal USHORT hash digits
|
|
#define cwcCHOPBASE (cwcCNMAX - (cwcCHOPHASHMAX + cwcSUFFIXMAX))
|
|
|
|
HRESULT
|
|
mySanitizedNameToDSName(
|
|
IN WCHAR const *pwszSanitizedName,
|
|
OUT WCHAR **ppwszNameOut)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cwc;
|
|
DWORD cwcCopy;
|
|
WCHAR wszDSName[cwcCHOPBASE + cwcCHOPHASHMAX + 1];
|
|
|
|
*ppwszNameOut = NULL;
|
|
|
|
if (NULL == pwszSanitizedName)
|
|
{
|
|
hr = E_POINTER;
|
|
_JumpError(hr, error, "NULL sanitized name");
|
|
}
|
|
cwc = wcslen(pwszSanitizedName);
|
|
cwcCopy = cwc;
|
|
if (cwcCHOPBASE < cwcCopy)
|
|
{
|
|
cwcCopy = cwcCHOPBASE;
|
|
}
|
|
CopyMemory(wszDSName, pwszSanitizedName, cwcCopy * sizeof(WCHAR));
|
|
wszDSName[cwcCopy] = L'\0';
|
|
|
|
if (cwcCHOPBASE < cwc)
|
|
{
|
|
// Hash the rest of the name into a USHORT
|
|
USHORT usHash = 0;
|
|
DWORD i;
|
|
WCHAR *pwsz;
|
|
|
|
// Truncate an incomplete sanitized Unicode character
|
|
|
|
pwsz = wcsrchr(wszDSName, L'!');
|
|
if (NULL != pwsz && wcslen(pwsz) < 5)
|
|
{
|
|
cwcCopy -= wcslen(pwsz);
|
|
*pwsz = L'\0';
|
|
}
|
|
|
|
for (i = cwcCopy; i < cwc; i++)
|
|
{
|
|
USHORT usLowBit = (USHORT) ((0x8000 & usHash)? 1 : 0);
|
|
|
|
usHash = ((usHash << 1) | usLowBit) + pwszSanitizedName[i];
|
|
}
|
|
wsprintf(&wszDSName[cwcCopy], L"-%05hu", usHash);
|
|
CSASSERT(wcslen(wszDSName) < ARRAYSIZE(wszDSName));
|
|
}
|
|
|
|
hr = myDupString(wszDSName, ppwszNameOut);
|
|
_JumpIfError(hr, error, "myDupString");
|
|
|
|
DBGPRINT((DBG_SS_CERTLIBI, "mySanitizedNameToDSName(%ws)\n", *ppwszNameOut));
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
CertNameToHashString(
|
|
IN CERT_NAME_BLOB const *pCertName,
|
|
OUT WCHAR **ppwszHash)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
WCHAR wszHash[CBMAX_CRYPT_HASH_LEN * 3]; // 20 bytes @ 3 WCHARs/byte
|
|
DWORD cbString;
|
|
HCRYPTPROV hProv = NULL;
|
|
HCRYPTHASH hHash = NULL;
|
|
BYTE rgbHashVal[CBMAX_CRYPT_HASH_LEN];
|
|
DWORD cbHashVal;
|
|
|
|
if (0 == pCertName->cbData)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "empty cert name");
|
|
}
|
|
|
|
CSASSERT(NULL != ppwszHash);
|
|
|
|
// get a cryptographic provider
|
|
|
|
if (!CryptAcquireContext(
|
|
&hProv,
|
|
NULL, // container
|
|
MS_DEF_PROV, // provider name
|
|
PROV_RSA_FULL, // provider type
|
|
CRYPT_VERIFYCONTEXT)) // dwflags
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptAcquireContext");
|
|
}
|
|
|
|
// get a hash
|
|
|
|
if (!CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptCreateHash");
|
|
}
|
|
|
|
// hash the name
|
|
|
|
if (!CryptHashData(hHash, pCertName->pbData, pCertName->cbData, 0))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptHashData");
|
|
}
|
|
|
|
cbHashVal = CBMAX_CRYPT_HASH_LEN;
|
|
if (!CryptGetHashParam(hHash, HP_HASHVAL, rgbHashVal, &cbHashVal, 0))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptGetHashParam");
|
|
}
|
|
|
|
cbString = sizeof(wszHash);
|
|
hr = MultiByteIntegerToWszBuf(
|
|
TRUE, // byte multiple
|
|
cbHashVal,
|
|
rgbHashVal,
|
|
&cbString,
|
|
wszHash);
|
|
_JumpIfError(hr, error, "MultiByteIntegerToWszBuf");
|
|
|
|
// Generated string looks like this:
|
|
//
|
|
// 04 e7 23 92 98 9f d8 45 80 c9 ef 87 81 29 41 5d bc 4f 63 20
|
|
//
|
|
// We need to trim the spaces. We'll do it inplace.
|
|
|
|
{
|
|
WCHAR *pwcSrc;
|
|
WCHAR *pwcDest;
|
|
|
|
for (pwcSrc = pwcDest = wszHash; L'\0' != *pwcSrc; pwcSrc++)
|
|
{
|
|
if (L' ' != *pwcSrc)
|
|
{
|
|
*pwcDest++ = *pwcSrc;
|
|
}
|
|
}
|
|
*pwcDest = L'\0';
|
|
}
|
|
|
|
*ppwszHash = (WCHAR *) LocalAlloc(LMEM_FIXED, cbString);
|
|
_JumpIfAllocFailed(*ppwszHash, error);
|
|
|
|
wcscpy(*ppwszHash, wszHash);
|
|
|
|
error:
|
|
if (NULL != hHash)
|
|
{
|
|
CryptDestroyHash(hHash);
|
|
}
|
|
if (NULL != hProv)
|
|
{
|
|
CryptReleaseContext(hProv, 0);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myCombineStrings(
|
|
IN WCHAR const *pwszNew,
|
|
IN BOOL fAppendNew,
|
|
OPTIONAL IN WCHAR const *pwszSeparator,
|
|
IN OUT WCHAR **ppwszInOut)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cwc;
|
|
WCHAR *pwsz;
|
|
|
|
if (NULL == pwszSeparator)
|
|
{
|
|
pwszSeparator = L"";
|
|
}
|
|
cwc = wcslen(pwszNew);
|
|
if (NULL != *ppwszInOut)
|
|
{
|
|
cwc += wcslen(*ppwszInOut) + wcslen(pwszSeparator);
|
|
}
|
|
pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
|
|
if (NULL == pwsz)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "Policy:LocalAlloc");
|
|
}
|
|
*pwsz = L'\0';
|
|
if (fAppendNew)
|
|
{
|
|
if (NULL != *ppwszInOut)
|
|
{
|
|
wcscat(pwsz, *ppwszInOut);
|
|
wcscat(pwsz, pwszSeparator);
|
|
}
|
|
wcscat(pwsz, pwszNew);
|
|
}
|
|
else
|
|
{
|
|
wcscat(pwsz, pwszNew);
|
|
if (NULL != *ppwszInOut)
|
|
{
|
|
wcscat(pwsz, pwszSeparator);
|
|
wcscat(pwsz, *ppwszInOut);
|
|
}
|
|
}
|
|
if (NULL != *ppwszInOut)
|
|
{
|
|
LocalFree(*ppwszInOut);
|
|
}
|
|
*ppwszInOut = pwsz;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myAppendString(
|
|
IN WCHAR const *pwszNew,
|
|
OPTIONAL IN WCHAR const *pwszSeparator,
|
|
IN OUT WCHAR **ppwszInOut)
|
|
{
|
|
return(myCombineStrings(pwszNew, TRUE, pwszSeparator, ppwszInOut));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myPrependString(
|
|
IN WCHAR const *pwszNew,
|
|
OPTIONAL IN WCHAR const *pwszSeparator,
|
|
IN OUT WCHAR **ppwszInOut)
|
|
{
|
|
return(myCombineStrings(pwszNew, FALSE, pwszSeparator, ppwszInOut));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetRDNAttributeFromNameBlob(
|
|
IN CERT_NAME_BLOB const *pNameBlob,
|
|
IN LPCSTR pcszAttributeOID,
|
|
OUT WCHAR **ppwszCN)
|
|
{
|
|
HRESULT hr;
|
|
CERT_NAME_INFO *pNameInfo = NULL;
|
|
DWORD cbNameInfo;
|
|
CERT_RDN *prdn;
|
|
CERT_RDN *prdnEnd;
|
|
WCHAR const *pwszCN = NULL;
|
|
|
|
*ppwszCN = NULL;
|
|
|
|
if (!myDecodeName(
|
|
X509_ASN_ENCODING,
|
|
X509_UNICODE_NAME,
|
|
pNameBlob->pbData,
|
|
pNameBlob->cbData,
|
|
CERTLIB_USE_LOCALALLOC,
|
|
&pNameInfo,
|
|
&cbNameInfo))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "myDecodeName");
|
|
}
|
|
|
|
for (
|
|
prdn = pNameInfo->rgRDN, prdnEnd = &prdn[pNameInfo->cRDN];
|
|
NULL == pwszCN && prdn < prdnEnd;
|
|
prdn++)
|
|
{
|
|
CERT_RDN_ATTR *prdna;
|
|
CERT_RDN_ATTR *prdnaEnd;
|
|
|
|
for (
|
|
prdna = prdn->rgRDNAttr, prdnaEnd = &prdna[prdn->cRDNAttr];
|
|
prdna < prdnaEnd;
|
|
prdna++)
|
|
{
|
|
CSASSERT(
|
|
prdna->dwValueType == CERT_RDN_PRINTABLE_STRING ||
|
|
prdna->dwValueType == CERT_RDN_UNICODE_STRING ||
|
|
prdna->dwValueType == CERT_RDN_TELETEX_STRING ||
|
|
prdna->dwValueType == CERT_RDN_IA5_STRING ||
|
|
prdna->dwValueType == CERT_RDN_UTF8_STRING);
|
|
|
|
if (0 != strcmp(pcszAttributeOID, prdna->pszObjId) ||
|
|
NULL == prdna->Value.pbData ||
|
|
sizeof(WCHAR) > prdna->Value.cbData ||
|
|
L'\0' == *(WCHAR *) prdna->Value.pbData)
|
|
{
|
|
continue;
|
|
}
|
|
pwszCN = (WCHAR const *) prdna->Value.pbData;
|
|
//break; don't break, we're interested in the last CN found, not the first
|
|
}
|
|
}
|
|
if (NULL != pwszCN)
|
|
{
|
|
hr = myDupString(pwszCN, ppwszCN);
|
|
_JumpIfError(hr, error, "myDupString");
|
|
}
|
|
else
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_NOT_FOUND);
|
|
}
|
|
|
|
error:
|
|
if (NULL != pNameInfo)
|
|
{
|
|
LocalFree(pNameInfo);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetCommonName(
|
|
IN CERT_NAME_BLOB const *pNameBlob,
|
|
IN BOOL fAllowDefault,
|
|
OUT WCHAR **ppwszCN)
|
|
{
|
|
HRESULT hr;
|
|
|
|
hr = myGetRDNAttributeFromNameBlob(pNameBlob, szOID_COMMON_NAME, ppwszCN);
|
|
if (S_OK != hr)
|
|
{
|
|
_PrintError(hr, "myGetRDNAttributeFromNameBlob");
|
|
*ppwszCN = NULL;
|
|
if (HRESULT_FROM_WIN32(ERROR_NOT_FOUND) != hr)
|
|
{
|
|
_JumpError(hr, error, "myGetRDNAttributeFromNameBlob");
|
|
}
|
|
}
|
|
if (NULL == *ppwszCN)
|
|
{
|
|
if (!fAllowDefault)
|
|
{
|
|
hr = CERTSRV_E_BAD_REQUESTSUBJECT;
|
|
_JumpError(hr, error, "No CN");
|
|
}
|
|
|
|
hr = CertNameToHashString(pNameBlob, ppwszCN);
|
|
_JumpIfError(hr, error, "CertNameToHashString");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// Decode OCTET string, and convert UTF8 string to Unicode.
|
|
// Can return S_OK and NULL pointer.
|
|
|
|
HRESULT
|
|
myDecodeCMCRegInfo(
|
|
IN BYTE const *pbOctet,
|
|
IN DWORD cbOctet,
|
|
OUT WCHAR **ppwszRA)
|
|
{
|
|
HRESULT hr;
|
|
CRYPT_DATA_BLOB *pBlob = NULL;
|
|
DWORD cb;
|
|
|
|
*ppwszRA = NULL;
|
|
if (!myDecodeObject(
|
|
X509_ASN_ENCODING,
|
|
X509_OCTET_STRING,
|
|
pbOctet,
|
|
cbOctet,
|
|
CERTLIB_USE_LOCALALLOC,
|
|
(VOID **) &pBlob,
|
|
&cb))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "myDecodeObject");
|
|
}
|
|
if (0 != pBlob->cbData && NULL != pBlob->pbData)
|
|
{
|
|
if (!myConvertUTF8ToWsz(
|
|
ppwszRA,
|
|
(CHAR const *) pBlob->pbData,
|
|
pBlob->cbData))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "myConvertUTF8ToWsz");
|
|
}
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pBlob)
|
|
{
|
|
LocalFree(pBlob);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
DWORD
|
|
myGetCertNameProperty(
|
|
IN BOOL fFirstRDN, // else last matching RDN
|
|
IN CERT_NAME_INFO const *pNameInfo,
|
|
IN char const *pszObjId,
|
|
OUT WCHAR const **ppwszName)
|
|
{
|
|
HRESULT hr;
|
|
CERT_RDN_ATTR const *prdnaT;
|
|
CERT_RDN const *prdn;
|
|
CERT_RDN const *prdnEnd;
|
|
|
|
prdnaT = NULL;
|
|
for (
|
|
prdn = pNameInfo->rgRDN, prdnEnd = &prdn[pNameInfo->cRDN];
|
|
prdn < prdnEnd;
|
|
prdn++)
|
|
{
|
|
CERT_RDN_ATTR *prdna;
|
|
CERT_RDN_ATTR *prdnaEnd;
|
|
|
|
for (
|
|
prdna = prdn->rgRDNAttr, prdnaEnd = &prdna[prdn->cRDNAttr];
|
|
prdna < prdnaEnd;
|
|
prdna++)
|
|
{
|
|
if (0 == strcmp(prdna->pszObjId, pszObjId))
|
|
{
|
|
prdnaT = prdna;
|
|
if (fFirstRDN)
|
|
{
|
|
goto done;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if (NULL == prdnaT)
|
|
{
|
|
hr = CERTSRV_E_PROPERTY_EMPTY;
|
|
goto error;
|
|
}
|
|
|
|
done:
|
|
*ppwszName = (WCHAR const *) prdnaT->Value.pbData;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
|
|
}
|
|
|
|
|
|
VOID
|
|
myUuidCreate(
|
|
OUT UUID *pUuid)
|
|
{
|
|
HRESULT hr;
|
|
BYTE *pb;
|
|
|
|
ZeroMemory(pUuid, sizeof(*pUuid));
|
|
hr = UuidCreate(pUuid);
|
|
if (S_OK != hr)
|
|
{
|
|
BYTE *pbEnd;
|
|
|
|
CSASSERT((HRESULT) RPC_S_UUID_LOCAL_ONLY == hr);
|
|
|
|
// No net card? Fake up a GUID:
|
|
|
|
pb = (BYTE *) pUuid;
|
|
pbEnd = (BYTE *) pb + sizeof(*pUuid);
|
|
|
|
GetSystemTimeAsFileTime((FILETIME *) pb);
|
|
pb += sizeof(FILETIME);
|
|
|
|
while (pb < pbEnd)
|
|
{
|
|
*(DWORD *) pb = GetTickCount();
|
|
pb += sizeof(DWORD);
|
|
}
|
|
CSASSERT(pb == pbEnd);
|
|
}
|
|
}
|
|
|
|
|
|
VOID
|
|
myGenerateGuidSerialNumber(
|
|
OUT GUID *pguidSerialNumber)
|
|
{
|
|
BYTE *pb;
|
|
|
|
myUuidCreate(pguidSerialNumber);
|
|
|
|
pb = &((BYTE *) pguidSerialNumber)[sizeof(*pguidSerialNumber) - 1];
|
|
|
|
// make sure the last byte is never zero
|
|
if (0 == *pb)
|
|
{
|
|
*pb = 'z';
|
|
}
|
|
|
|
// Some clients can't handle negative serial numbers:
|
|
*pb &= 0x7f;
|
|
}
|
|
|
|
|
|
BOOL
|
|
myAreBlobsSame(
|
|
IN BYTE const *pbData1,
|
|
IN DWORD cbData1,
|
|
IN BYTE const *pbData2,
|
|
IN DWORD cbData2)
|
|
{
|
|
BOOL ret = FALSE;
|
|
|
|
if (cbData1 != cbData2)
|
|
{
|
|
goto error;
|
|
}
|
|
if (NULL != pbData1 && NULL != pbData2)
|
|
{
|
|
if (0 != memcmp(pbData1, pbData2, cbData1))
|
|
{
|
|
goto error;
|
|
}
|
|
}
|
|
|
|
// else at least one is NULL -- they'd better both be NULL, & the count 0.
|
|
|
|
else if (pbData1 != pbData2 || 0 != cbData1)
|
|
{
|
|
goto error;
|
|
}
|
|
ret = TRUE;
|
|
|
|
error:
|
|
return(ret);
|
|
}
|
|
|
|
|
|
BOOL
|
|
myAreSerialNumberBlobsSame(
|
|
IN CRYPT_INTEGER_BLOB const *pBlob1,
|
|
IN CRYPT_INTEGER_BLOB const *pBlob2)
|
|
{
|
|
DWORD cbData1 = pBlob1->cbData;
|
|
DWORD cbData2 = pBlob2->cbData;
|
|
|
|
if (NULL != pBlob1->pbData)
|
|
{
|
|
while (0 != cbData1 && 0 == pBlob1->pbData[cbData1 - 1])
|
|
{
|
|
cbData1--;
|
|
}
|
|
}
|
|
if (NULL != pBlob2->pbData)
|
|
{
|
|
while (0 != cbData2 && 0 == pBlob2->pbData[cbData2 - 1])
|
|
{
|
|
cbData2--;
|
|
}
|
|
}
|
|
return(myAreBlobsSame(pBlob1->pbData, cbData1, pBlob2->pbData, cbData2));
|
|
}
|
|
|
|
|
|
// myAreCertContextBlobsSame -- return TRUE if the certs are identical.
|
|
|
|
BOOL
|
|
myAreCertContextBlobsSame(
|
|
IN CERT_CONTEXT const *pcc1,
|
|
IN CERT_CONTEXT const *pcc2)
|
|
{
|
|
return(myAreBlobsSame(
|
|
pcc1->pbCertEncoded,
|
|
pcc1->cbCertEncoded,
|
|
pcc2->pbCertEncoded,
|
|
pcc2->cbCertEncoded));
|
|
}
|
|
|
|
|
|
WCHAR const g_wszCert[] = L"cert";
|
|
|
|
HRESULT
|
|
myIsDirWriteable(
|
|
IN WCHAR const *pwszPath,
|
|
IN BOOL fFilePath)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszBase;
|
|
WCHAR *pwsz;
|
|
WCHAR wszDir[MAX_PATH];
|
|
WCHAR wszTempFile[MAX_PATH];
|
|
|
|
if (fFilePath &&
|
|
iswalpha(pwszPath[0]) &&
|
|
L':' == pwszPath[1] &&
|
|
L'\0' == pwszPath[2])
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_BAD_PATHNAME);
|
|
_JumpErrorStr(hr, error, "not a file path", pwszPath);
|
|
}
|
|
if (!GetFullPathName(
|
|
pwszPath,
|
|
ARRAYSIZE(wszDir),
|
|
wszDir,
|
|
&pwsz))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpErrorStr(hr, error, "GetFullPathName", pwszPath);
|
|
}
|
|
if (fFilePath)
|
|
{
|
|
if (NULL == pwsz)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_BAD_PATHNAME);
|
|
_JumpErrorStr(hr, error, "not a file path", pwszPath);
|
|
}
|
|
pwszBase = wszDir;
|
|
if (iswalpha(wszDir[0]) &&
|
|
L':' == wszDir[1] &&
|
|
L'\\' == wszDir[2])
|
|
{
|
|
pwszBase += 3;
|
|
}
|
|
else if (L'\\' == wszDir[0] && L'\\' == wszDir[1])
|
|
{
|
|
pwszBase += 2;
|
|
}
|
|
|
|
if (pwsz > pwszBase && L'\\' == pwsz[-1])
|
|
{
|
|
pwsz--;
|
|
}
|
|
*pwsz = L'\0';
|
|
}
|
|
|
|
if (!GetTempFileName(wszDir, g_wszCert, 0, wszTempFile))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpErrorStr(hr, error, "GetTempFileName", wszDir);
|
|
|
|
}
|
|
if (!DeleteFile(wszTempFile))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpErrorStr(hr, error, "DeleteFile", wszTempFile);
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetComputerObjectName(
|
|
IN EXTENDED_NAME_FORMAT NameFormat,
|
|
OUT WCHAR **ppwszComputerObjectName)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszComputerObjectName = NULL;
|
|
DWORD cwc;
|
|
|
|
*ppwszComputerObjectName = NULL;
|
|
|
|
cwc = 0;
|
|
if (!GetComputerObjectName(NameFormat, NULL, &cwc))
|
|
{
|
|
hr = myHLastError();
|
|
if (HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER) != hr)
|
|
{
|
|
_JumpError(hr, error, "GetComputerObjectName");
|
|
}
|
|
}
|
|
|
|
pwszComputerObjectName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
|
|
if (NULL == pwszComputerObjectName)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
if (!GetComputerObjectName(NameFormat, pwszComputerObjectName, &cwc))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetComputerObjectName");
|
|
}
|
|
|
|
*ppwszComputerObjectName = pwszComputerObjectName;
|
|
pwszComputerObjectName = NULL;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pwszComputerObjectName)
|
|
{
|
|
LocalFree(pwszComputerObjectName);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetComputerNames(
|
|
OUT WCHAR **ppwszDnsName,
|
|
OUT WCHAR **ppwszOldName)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cwc;
|
|
WCHAR *pwszOldName = NULL;
|
|
|
|
*ppwszOldName = NULL;
|
|
*ppwszDnsName = NULL;
|
|
|
|
cwc = MAX_COMPUTERNAME_LENGTH + 1;
|
|
pwszOldName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
|
|
if (NULL == pwszOldName)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
if (!GetComputerName(pwszOldName, &cwc))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetComputerName");
|
|
}
|
|
|
|
hr = myGetMachineDnsName(ppwszDnsName);
|
|
_JumpIfError(hr, error, "myGetMachineDnsName");
|
|
|
|
*ppwszOldName = pwszOldName;
|
|
pwszOldName = NULL;
|
|
|
|
error:
|
|
if (NULL != pwszOldName)
|
|
{
|
|
LocalFree(pwszOldName);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
HRESULT
|
|
myGetComputerNameEx(
|
|
IN COMPUTER_NAME_FORMAT NameFormat,
|
|
OUT WCHAR **ppwszName)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszName = NULL;
|
|
DWORD cwc;
|
|
|
|
*ppwszName = NULL;
|
|
|
|
cwc = 0;
|
|
if (!GetComputerNameEx(NameFormat, NULL, &cwc))
|
|
{
|
|
hr = myHLastError();
|
|
if (HRESULT_FROM_WIN32(ERROR_MORE_DATA) != hr)
|
|
{
|
|
_JumpError(hr, error, "GetComputerNameEx");
|
|
}
|
|
}
|
|
pwszName = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
|
|
if (NULL == pwszName)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
if (!GetComputerNameEx(NameFormat, pwszName, &cwc))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetComputerNameEx");
|
|
}
|
|
|
|
*ppwszName = pwszName;
|
|
pwszName = NULL;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pwszName)
|
|
{
|
|
LocalFree(pwszName);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
typedef LANGID (WINAPI FNSETTHREADUILANGUAGE)(
|
|
IN WORD wReserved);
|
|
|
|
LANGID
|
|
mySetThreadUILanguage(
|
|
IN WORD wReserved)
|
|
{
|
|
HMODULE hModule;
|
|
LANGID lang = 0;
|
|
HANDLE hStdOut;
|
|
static FNSETTHREADUILANGUAGE *s_pfn = NULL;
|
|
|
|
// Make the SetThreadUILanguage call only if a console exists:
|
|
// FILE_TYPE_CHAR (what about FILE_TYPE_PIPE, FILE_TYPE_DISK)
|
|
|
|
hStdOut = GetStdHandle(STD_OUTPUT_HANDLE);
|
|
if (INVALID_HANDLE_VALUE != hStdOut &&
|
|
FILE_TYPE_CHAR == (~FILE_TYPE_REMOTE & GetFileType(hStdOut)))
|
|
{
|
|
if (NULL == s_pfn)
|
|
{
|
|
hModule = GetModuleHandle(TEXT("kernel32.dll"));
|
|
if (NULL == hModule)
|
|
{
|
|
goto error;
|
|
}
|
|
|
|
// load system function
|
|
s_pfn = (FNSETTHREADUILANGUAGE *) GetProcAddress(
|
|
hModule,
|
|
"SetThreadUILanguage");
|
|
if (NULL == s_pfn)
|
|
{
|
|
goto error;
|
|
}
|
|
}
|
|
lang = (*s_pfn)(wReserved);
|
|
}
|
|
|
|
error:
|
|
return(lang);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myFormConfigString(
|
|
IN WCHAR const *pwszServer,
|
|
IN WCHAR const *pwszCAName,
|
|
OUT WCHAR **ppwszConfig)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszConfig = NULL;
|
|
|
|
*ppwszConfig = NULL;
|
|
|
|
pwszConfig = (WCHAR *) LocalAlloc(LPTR,
|
|
(wcslen(pwszServer) + wcslen(pwszCAName) + 2) * sizeof(WCHAR));
|
|
if (NULL == pwszConfig)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
wcscpy(pwszConfig, pwszServer);
|
|
wcscat(pwszConfig, L"\\");
|
|
wcscat(pwszConfig, pwszCAName);
|
|
|
|
*ppwszConfig = pwszConfig;
|
|
|
|
hr = S_OK;
|
|
error:
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myCLSIDToWsz(
|
|
IN CLSID const *pclsid,
|
|
OUT WCHAR **ppwsz)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwsz = NULL;
|
|
WCHAR *pwsz1;
|
|
WCHAR *pwsz2;
|
|
|
|
*ppwsz = NULL;
|
|
hr = StringFromCLSID(*pclsid, &pwsz);
|
|
_JumpIfError(hr, error, "StringFromCLSID");
|
|
|
|
for (pwsz1 = pwsz; L'\0' != *pwsz1; pwsz1++)
|
|
{
|
|
if (L'A' <= *pwsz1 && L'F' >= *pwsz1)
|
|
{
|
|
*pwsz1 += L'a' - L'A';
|
|
}
|
|
}
|
|
|
|
pwsz1 = pwsz;
|
|
pwsz2 = &pwsz[wcslen(pwsz) - 1];
|
|
if (wcLBRACE == *pwsz1 && wcRBRACE == *pwsz2)
|
|
{
|
|
pwsz1++;
|
|
*pwsz2 = L'\0';
|
|
}
|
|
hr = myDupString(pwsz1, ppwsz);
|
|
_JumpIfError(hr, error, "myDupString");
|
|
|
|
error:
|
|
if (NULL != pwsz)
|
|
{
|
|
CoTaskMemFree(pwsz);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myLoadRCString(
|
|
IN HINSTANCE hInstance,
|
|
IN int iRCId,
|
|
OUT WCHAR **ppwsz)
|
|
{
|
|
#define CS_RCALLOCATEBLOCK 256
|
|
HRESULT hr;
|
|
WCHAR *pwszTemp = NULL;
|
|
int sizeTemp;
|
|
int size;
|
|
int cBlocks = 1;
|
|
|
|
*ppwsz = NULL;
|
|
|
|
size = 0;
|
|
while (NULL == pwszTemp)
|
|
{
|
|
sizeTemp = cBlocks * CS_RCALLOCATEBLOCK;
|
|
|
|
pwszTemp = (WCHAR*)LocalAlloc(LMEM_FIXED | LMEM_ZEROINIT,
|
|
sizeTemp * sizeof(WCHAR));
|
|
if (NULL == pwszTemp)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
size = LoadString(
|
|
hInstance,
|
|
iRCId,
|
|
pwszTemp,
|
|
sizeTemp);
|
|
if (0 == size)
|
|
{
|
|
hr = myHLastError();
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIB,
|
|
"myLoadRCString(hInstance=%x, iRCId=%u) --> %x\n",
|
|
hInstance,
|
|
iRCId,
|
|
hr));
|
|
if (S_OK != hr &&
|
|
HRESULT_FROM_WIN32(ERROR_RESOURCE_NAME_NOT_FOUND) != hr)
|
|
{
|
|
_JumpError(hr, error, "LoadString");
|
|
}
|
|
}
|
|
|
|
if (size < sizeTemp - 1)
|
|
{
|
|
// ok, size is big enough
|
|
break;
|
|
}
|
|
++cBlocks;
|
|
LocalFree(pwszTemp);
|
|
pwszTemp = NULL;
|
|
}
|
|
|
|
*ppwsz = (WCHAR*) LocalAlloc(LPTR, (size+1) * sizeof(WCHAR));
|
|
if (NULL == *ppwsz)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
if (0 == size)
|
|
{
|
|
// two possible cases, 1) real empty string or
|
|
// 2) id not found in resource. either case make it empty string
|
|
**ppwsz = L'\0';
|
|
}
|
|
else
|
|
{
|
|
// copy it
|
|
wcscpy(*ppwsz, pwszTemp);
|
|
}
|
|
|
|
hr = S_OK;
|
|
error:
|
|
if (NULL != pwszTemp)
|
|
{
|
|
LocalFree(pwszTemp);
|
|
}
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
_IsConfigLocal(
|
|
IN WCHAR const *pwszConfig,
|
|
IN WCHAR const *pwszDnsName,
|
|
IN WCHAR const *pwszOldName,
|
|
OPTIONAL OUT WCHAR **ppwszMachine,
|
|
OUT BOOL *pfLocal)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszMachine = NULL;
|
|
WCHAR const *pwsz;
|
|
DWORD cwc;
|
|
|
|
*pfLocal = FALSE;
|
|
if (NULL != ppwszMachine)
|
|
{
|
|
*ppwszMachine = NULL;
|
|
}
|
|
|
|
while (L'\\' == *pwszConfig)
|
|
{
|
|
pwszConfig++;
|
|
}
|
|
pwsz = wcschr(pwszConfig, L'\\');
|
|
if (NULL != pwsz)
|
|
{
|
|
cwc = SAFE_SUBTRACT_POINTERS(pwsz, pwszConfig);
|
|
}
|
|
else
|
|
{
|
|
cwc = wcslen(pwszConfig);
|
|
}
|
|
pwszMachine = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
|
|
if (NULL == pwszMachine)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
CopyMemory(pwszMachine, pwszConfig, cwc * sizeof(WCHAR));
|
|
pwszMachine[cwc] = L'\0';
|
|
|
|
if (0 == mylstrcmpiL(pwszMachine, pwszDnsName) ||
|
|
0 == mylstrcmpiL(pwszMachine, pwszOldName))
|
|
{
|
|
*pfLocal = TRUE;
|
|
}
|
|
if (NULL != ppwszMachine)
|
|
{
|
|
*ppwszMachine = pwszMachine;
|
|
pwszMachine = NULL;
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pwszMachine)
|
|
{
|
|
LocalFree(pwszMachine);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myIsConfigLocal(
|
|
IN WCHAR const *pwszConfig,
|
|
OPTIONAL OUT WCHAR **ppwszMachine,
|
|
OUT BOOL *pfLocal)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszDnsName = NULL;
|
|
WCHAR *pwszOldName = NULL;
|
|
|
|
*pfLocal = FALSE;
|
|
if (NULL != ppwszMachine)
|
|
{
|
|
*ppwszMachine = NULL;
|
|
}
|
|
|
|
hr = myGetComputerNames(&pwszDnsName, &pwszOldName);
|
|
_JumpIfError(hr, error, "myGetComputerNames");
|
|
|
|
hr = _IsConfigLocal(
|
|
pwszConfig,
|
|
pwszDnsName,
|
|
pwszOldName,
|
|
ppwszMachine,
|
|
pfLocal);
|
|
_JumpIfError(hr, error, "_IsConfigLocal");
|
|
|
|
error:
|
|
if (NULL != pwszDnsName)
|
|
{
|
|
LocalFree(pwszDnsName);
|
|
}
|
|
if (NULL != pwszOldName)
|
|
{
|
|
LocalFree(pwszOldName);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myIsConfigLocal2(
|
|
IN WCHAR const *pwszConfig,
|
|
IN WCHAR const *pwszDnsName,
|
|
IN WCHAR const *pwszOldName,
|
|
OUT BOOL *pfLocal)
|
|
{
|
|
HRESULT hr;
|
|
|
|
hr = _IsConfigLocal(
|
|
pwszConfig,
|
|
pwszDnsName,
|
|
pwszOldName,
|
|
NULL,
|
|
pfLocal);
|
|
_JumpIfError(hr, error, "_IsConfigLocal");
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetConfig(
|
|
IN DWORD dwUIFlag,
|
|
OUT WCHAR **ppwszConfig)
|
|
{
|
|
HRESULT hr;
|
|
HRESULT hr2;
|
|
BSTR strConfig = NULL;
|
|
WCHAR *pwszConfig = NULL;
|
|
WCHAR *pwszActiveCA = NULL;
|
|
WCHAR *pwszCommonName = NULL;
|
|
WCHAR *pwszDnsName = NULL;
|
|
|
|
CSASSERT(NULL != ppwszConfig);
|
|
*ppwszConfig = NULL;
|
|
|
|
hr = ConfigGetConfig(DISPSETUP_COM, dwUIFlag, &strConfig);
|
|
if (S_OK != hr)
|
|
{
|
|
if (CC_LOCALCONFIG != dwUIFlag)
|
|
{
|
|
_JumpError(hr, error, "ConfigGetConfig");
|
|
}
|
|
hr2 = hr;
|
|
|
|
hr = myGetCertRegStrValue(
|
|
NULL,
|
|
NULL,
|
|
NULL,
|
|
wszREGACTIVE,
|
|
&pwszActiveCA);
|
|
_PrintIfError(hr, "myGetCertRegStrValue");
|
|
|
|
if (S_OK == hr)
|
|
{
|
|
hr = myGetCertRegStrValue(
|
|
pwszActiveCA,
|
|
NULL,
|
|
NULL,
|
|
wszREGCOMMONNAME,
|
|
&pwszCommonName);
|
|
_PrintIfError(hr, "myGetCertRegStrValue");
|
|
}
|
|
if (S_OK != hr)
|
|
{
|
|
hr = hr2;
|
|
_JumpError(hr, error, "ConfigGetConfig");
|
|
}
|
|
hr = myGetMachineDnsName(&pwszDnsName);
|
|
_JumpIfError(hr, error, "myGetMachineDnsName");
|
|
|
|
hr = myFormConfigString(pwszDnsName, pwszCommonName, &pwszConfig);
|
|
_JumpIfError(hr, error, "myFormConfigString");
|
|
|
|
if (!ConvertWszToBstr(&strConfig, pwszConfig, MAXDWORD))
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "ConvertWszToBstr");
|
|
}
|
|
}
|
|
*ppwszConfig = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
SysStringByteLen(strConfig) + sizeof(WCHAR));
|
|
if (NULL == *ppwszConfig)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(*ppwszConfig, strConfig);
|
|
CSASSERT(
|
|
wcslen(*ppwszConfig) * sizeof(WCHAR) ==
|
|
SysStringByteLen(strConfig));
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pwszActiveCA)
|
|
{
|
|
LocalFree(pwszActiveCA);
|
|
}
|
|
if (NULL != pwszCommonName)
|
|
{
|
|
LocalFree(pwszCommonName);
|
|
}
|
|
if (NULL != pwszDnsName)
|
|
{
|
|
LocalFree(pwszDnsName);
|
|
}
|
|
if (NULL != pwszConfig)
|
|
{
|
|
LocalFree(pwszConfig);
|
|
}
|
|
if (NULL != strConfig)
|
|
{
|
|
SysFreeString(strConfig);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myBuildPathAndExt(
|
|
IN WCHAR const *pwszDir,
|
|
IN WCHAR const *pwszFile,
|
|
OPTIONAL IN WCHAR const *pwszExt,
|
|
OUT WCHAR **ppwszPath)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwsz;
|
|
DWORD cwc;
|
|
|
|
*ppwszPath = NULL;
|
|
cwc = wcslen(pwszDir) + 1 + wcslen(pwszFile) + 1;
|
|
if (NULL != pwszExt)
|
|
{
|
|
cwc += wcslen(pwszExt);
|
|
}
|
|
|
|
pwsz = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
|
|
if (NULL == pwsz)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(pwsz, pwszDir);
|
|
if (L'\\' != pwsz[wcslen(pwsz) - 1])
|
|
{
|
|
wcscat(pwsz, L"\\");
|
|
}
|
|
wcscat(pwsz, pwszFile);
|
|
if (NULL != pwszExt)
|
|
{
|
|
wcscat(pwsz, pwszExt);
|
|
}
|
|
*ppwszPath = pwsz;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myDeleteFilePattern(
|
|
IN WCHAR const *pwszDir,
|
|
OPTIONAL IN WCHAR const *pwszPattern, // defaults to L"*.*"
|
|
IN BOOL fRecurse)
|
|
{
|
|
HRESULT hr;
|
|
HRESULT hr2;
|
|
HANDLE hf;
|
|
WIN32_FIND_DATA wfd;
|
|
WCHAR *pwszFindPath = NULL;
|
|
WCHAR *pwszDeleteFile;
|
|
WCHAR *pwszDeletePath = NULL;
|
|
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"myDeleteFilePattern(%ws, %ws, %ws)\n",
|
|
pwszDir,
|
|
pwszPattern,
|
|
fRecurse? L"Recurse" : L"NO Recurse"));
|
|
|
|
if (NULL == pwszPattern)
|
|
{
|
|
pwszPattern = L"*.*";
|
|
}
|
|
|
|
hr = myBuildPathAndExt(pwszDir, pwszPattern, NULL, &pwszFindPath);
|
|
_JumpIfError(hr, error, "myBuildPathAndExt");
|
|
|
|
pwszDeletePath = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
(wcslen(pwszDir) + 1 + MAX_PATH) * sizeof(WCHAR));
|
|
if (NULL == pwszDeletePath)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(pwszDeletePath, pwszFindPath);
|
|
pwszDeleteFile = wcsrchr(pwszDeletePath, L'\\');
|
|
CSASSERT(NULL != pwszDeleteFile);
|
|
pwszDeleteFile++;
|
|
|
|
hf = FindFirstFile(pwszFindPath, &wfd);
|
|
if (INVALID_HANDLE_VALUE == hf)
|
|
{
|
|
hr = myHLastError();
|
|
if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) == hr ||
|
|
HRESULT_FROM_WIN32(ERROR_PATH_NOT_FOUND) == hr)
|
|
{
|
|
hr = S_OK;
|
|
goto error;
|
|
}
|
|
_JumpErrorStr(hr, error, "FindFirstFile", pwszFindPath);
|
|
}
|
|
do
|
|
{
|
|
wcscpy(pwszDeleteFile, wfd.cFileName);
|
|
if (wfd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
|
|
{
|
|
if (fRecurse &&
|
|
0 != lstrcmp(L".", wfd.cFileName) &&
|
|
0 != lstrcmp(L"..", wfd.cFileName))
|
|
{
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"myDeleteFilePattern(DIR): %ws\n",
|
|
pwszDeletePath));
|
|
hr2 = myRemoveFilesAndDirectory(pwszDeletePath, TRUE);
|
|
if (S_OK != hr2)
|
|
{
|
|
if (S_OK == hr)
|
|
{
|
|
hr = hr2; // only return first error
|
|
}
|
|
_PrintErrorStr(hr2, "myRemoveFilesAndDirectory", pwszDeletePath);
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"myDeleteFilePattern: %ws\n",
|
|
pwszDeletePath));
|
|
if (!DeleteFile(pwszDeletePath))
|
|
{
|
|
hr2 = myHLastError();
|
|
if (S_OK == hr)
|
|
{
|
|
hr = hr2; // only return first error
|
|
}
|
|
_PrintErrorStr(hr2, "DeleteFile", pwszDeletePath);
|
|
}
|
|
}
|
|
} while (FindNextFile(hf, &wfd));
|
|
FindClose(hf);
|
|
|
|
error:
|
|
if (NULL != pwszFindPath)
|
|
{
|
|
LocalFree(pwszFindPath);
|
|
}
|
|
if (NULL != pwszDeletePath)
|
|
{
|
|
LocalFree(pwszDeletePath);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myRemoveFilesAndDirectory(
|
|
IN WCHAR const *pwszPath,
|
|
IN BOOL fRecurse)
|
|
{
|
|
HRESULT hr;
|
|
HRESULT hr2;
|
|
|
|
hr = myDeleteFilePattern(pwszPath, NULL, fRecurse);
|
|
if (S_OK != hr)
|
|
{
|
|
_PrintErrorStr(hr, "myDeleteFilePattern", pwszPath);
|
|
}
|
|
if (!RemoveDirectory(pwszPath))
|
|
{
|
|
hr2 = myHLastError();
|
|
if (HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND) != hr2 &&
|
|
HRESULT_FROM_WIN32(ERROR_PATH_NOT_FOUND) != hr2)
|
|
{
|
|
if (S_OK == hr)
|
|
{
|
|
hr = hr2; // only return first error
|
|
}
|
|
_JumpErrorStr(hr2, error, "RemoveDirectory", pwszPath);
|
|
}
|
|
}
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
myIsFullPath(
|
|
IN WCHAR const *pwszPath,
|
|
OUT DWORD *pdwFlag)
|
|
{
|
|
BOOL fFullPath = FALSE;
|
|
|
|
*pdwFlag = 0;
|
|
if (NULL != pwszPath)
|
|
{
|
|
if (L'\\' == pwszPath[0] && L'\\' == pwszPath[1])
|
|
{
|
|
fFullPath = TRUE;
|
|
*pdwFlag = UNC_PATH;
|
|
}
|
|
else
|
|
if (iswalpha(pwszPath[0]) &&
|
|
L':' == pwszPath[1] &&
|
|
L'\\' == pwszPath[2])
|
|
{
|
|
fFullPath = TRUE;
|
|
*pdwFlag = LOCAL_PATH;
|
|
}
|
|
}
|
|
return(fFullPath);
|
|
}
|
|
|
|
|
|
|
|
// Convert local full path to UNC, as in c:\foo... --> \\server\c$\foo...
|
|
// If pwszServer is NULL or empty, preserve the local full path
|
|
|
|
HRESULT
|
|
myConvertLocalPathToUNC(
|
|
OPTIONAL IN WCHAR const *pwszServer,
|
|
IN WCHAR const *pwszFile,
|
|
OUT WCHAR **ppwszFileUNC)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cwc;
|
|
WCHAR const *pwsz;
|
|
WCHAR *pwszDst;
|
|
WCHAR *pwszFileUNC = NULL;
|
|
|
|
if (!iswalpha(pwszFile[0]) || L':' != pwszFile[1] || L'\\' != pwszFile[2])
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "non-local path");
|
|
}
|
|
if (NULL != pwszServer && L'\0' == *pwszServer)
|
|
{
|
|
pwszServer = NULL;
|
|
}
|
|
cwc = wcslen(pwszFile) + 1;
|
|
if (NULL != pwszServer)
|
|
{
|
|
cwc += 2 + wcslen(pwszServer) + 1;
|
|
}
|
|
|
|
pwszFileUNC = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
|
|
if (NULL == pwszFileUNC)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc pwszFiles");
|
|
}
|
|
|
|
pwsz = pwszFile;
|
|
pwszDst = pwszFileUNC;
|
|
if (NULL != pwszServer)
|
|
{
|
|
wcscpy(pwszDst, L"\\\\"); // --> "\\"
|
|
wcscat(pwszDst, pwszServer); // --> "\\server"
|
|
pwszDst += wcslen(pwszDst);
|
|
*pwszDst++ = L'\\'; // --> "\\server\"
|
|
*pwszDst++ = *pwsz++; // --> "\\server\c"
|
|
*pwszDst++ = L'$'; // --> "\\server\c$"
|
|
pwsz++; // skip colon
|
|
}
|
|
wcscpy(pwszDst, pwsz); // --> "\\server\c$\foo..."
|
|
|
|
*ppwszFileUNC = pwszFileUNC;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
WCHAR const *
|
|
LocalStart(
|
|
IN WCHAR const *pwsz,
|
|
OUT BOOL *pfUNC)
|
|
{
|
|
WCHAR const *pwc;
|
|
|
|
*pfUNC = FALSE;
|
|
pwc = pwsz;
|
|
if (L'\\' != *pwc)
|
|
{
|
|
pwc++;
|
|
}
|
|
if (L'\\' == pwc[0] || L'\\' == pwc[1])
|
|
{
|
|
pwc = wcschr(&pwc[2], L'\\');
|
|
if (NULL != pwc &&
|
|
iswalpha(pwc[1]) &&
|
|
L'$' == pwc[2] &&
|
|
L'\\' == pwc[3])
|
|
{
|
|
pwsz = &pwc[1];
|
|
*pfUNC = TRUE;
|
|
}
|
|
}
|
|
return(pwsz);
|
|
}
|
|
|
|
|
|
ULONG
|
|
myLocalPathwcslen(
|
|
IN WCHAR const *pwsz)
|
|
{
|
|
BOOL fUNC;
|
|
|
|
return(wcslen(LocalStart(pwsz, &fUNC)));
|
|
}
|
|
|
|
|
|
VOID
|
|
myLocalPathwcscpy(
|
|
OUT WCHAR *pwszOut,
|
|
IN WCHAR const *pwszIn)
|
|
{
|
|
BOOL fUNC;
|
|
|
|
wcscpy(pwszOut, LocalStart(pwszIn, &fUNC));
|
|
if (fUNC)
|
|
{
|
|
CSASSERT(L'$' == pwszOut[1]);
|
|
pwszOut[1] = L':';
|
|
}
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myConvertUNCPathToLocal(
|
|
IN WCHAR const *pwszUNCPath,
|
|
OUT WCHAR **ppwszLocalPath)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cwc;
|
|
WCHAR *pwszLocalPath;
|
|
|
|
CSASSERT(NULL != pwszUNCPath);
|
|
CSASSERT(NULL != ppwszLocalPath);
|
|
*ppwszLocalPath = NULL;
|
|
|
|
if (L'\\' != pwszUNCPath[0] || L'\\' != pwszUNCPath[1])
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "bad parm");
|
|
}
|
|
cwc = myLocalPathwcslen(pwszUNCPath) + 1;
|
|
pwszLocalPath = (WCHAR *) LocalAlloc(LMEM_FIXED, cwc * sizeof(WCHAR));
|
|
if (NULL == pwszLocalPath)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
myLocalPathwcscpy(pwszLocalPath, pwszUNCPath);
|
|
*ppwszLocalPath = pwszLocalPath;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
//+-------------------------------------------------------------------------
|
|
// Description: create any number of directories in one call
|
|
//--------------------------------------------------------------------------
|
|
HRESULT
|
|
myCreateNestedDirectories(
|
|
WCHAR const *pwszDirectory)
|
|
{
|
|
HRESULT hr;
|
|
|
|
WCHAR rgszDir[MAX_PATH]; // static buffer
|
|
WCHAR *pszNext = const_cast<WCHAR*>(pwszDirectory); // point to end of current directory
|
|
|
|
// skip "X:\"
|
|
if ((pszNext[1] == L':') &&
|
|
(pszNext[2] == L'\\'))
|
|
pszNext += 3;
|
|
|
|
while (pszNext) // incr past
|
|
{
|
|
DWORD ch;
|
|
|
|
// find the next occurence of '\'
|
|
pszNext = wcschr(pszNext, L'\\');
|
|
if (pszNext == NULL)
|
|
{
|
|
// last directory: copy everything
|
|
wcscpy(rgszDir, pwszDirectory);
|
|
}
|
|
else
|
|
{
|
|
// else copy up to Next ptr
|
|
ch = SAFE_SUBTRACT_POINTERS(pszNext, pwszDirectory);
|
|
if (0 != ch)
|
|
{
|
|
CopyMemory(rgszDir, pwszDirectory, ch*sizeof(WCHAR));
|
|
|
|
// zero-term
|
|
rgszDir[ch] = L'\0';
|
|
|
|
// incr past '\\'
|
|
pszNext++;
|
|
}
|
|
else
|
|
{
|
|
//if ch = 0, means the first char is \, skip CreateDirectory
|
|
pszNext++; //must shift to next char to get out of loop
|
|
continue;
|
|
}
|
|
}
|
|
|
|
// UNDONE: PeteSk - add in directory security
|
|
if (!CreateDirectory(rgszDir, NULL))
|
|
{
|
|
hr = myHLastError();
|
|
if (HRESULT_FROM_WIN32(ERROR_ALREADY_EXISTS) != hr)
|
|
{
|
|
// something must be wrong with the path
|
|
_JumpError(hr, error, "CreateDirectory");
|
|
}
|
|
}
|
|
}
|
|
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myUncanonicalizeURLParm(
|
|
IN WCHAR const *pwszParmIn,
|
|
OUT WCHAR **ppwszParmOut)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cwc;
|
|
WCHAR *pwszCanon = NULL;
|
|
WCHAR *pwszUncanon = NULL;
|
|
static const WCHAR s_wszLdap[] = L"ldap:///";
|
|
|
|
*ppwszParmOut = NULL;
|
|
|
|
cwc = WSZARRAYSIZE(s_wszLdap) + wcslen(pwszParmIn);
|
|
pwszCanon = (WCHAR *) LocalAlloc(LMEM_FIXED, (cwc + 1) * sizeof(WCHAR));
|
|
if (NULL == pwszCanon)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(pwszCanon, s_wszLdap);
|
|
wcscat(&pwszCanon[WSZARRAYSIZE(s_wszLdap)], pwszParmIn);
|
|
|
|
hr = myInternetUncanonicalizeURL(pwszCanon, &pwszUncanon);
|
|
_JumpIfError(hr, error, "myInternetUncanonicalizeURL");
|
|
|
|
hr = myDupString(&pwszUncanon[WSZARRAYSIZE(s_wszLdap)], ppwszParmOut);
|
|
_JumpIfError(hr, error, "myDupString");
|
|
|
|
error:
|
|
if (NULL != pwszCanon)
|
|
{
|
|
LocalFree(pwszCanon);
|
|
}
|
|
if (NULL != pwszUncanon)
|
|
{
|
|
LocalFree(pwszUncanon);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// myFormatCertsrvStringArray FormatMessage arguments:
|
|
//
|
|
// %1 -- Machine full DNS name: pwszServerName_p1_2;
|
|
//
|
|
// %2 -- Machine short name: first DNS component of pwszServerName_p1_2
|
|
//
|
|
// %3 -- Sanitized CA name: pwszSanitizedName_p3_7
|
|
//
|
|
// %4 -- Cert Filename Suffix:
|
|
// if 0 == iCert_p4 && MAXDWORD == iCertTarget_p4: L""
|
|
// else if MAXDWORD != iCertTarget_p4 L"(%u-%u)"
|
|
// else L"(%u)"
|
|
//
|
|
// %5 -- DS DN path to Domain root: pwszDomainDN_p5
|
|
//
|
|
// %6 -- DS DN path to Configuration container: pwszConfigDN_p6
|
|
//
|
|
// %7 -- Sanitized CA name, truncated and hash suffix added if too long:
|
|
// pwszSanitizedName_p3_7
|
|
//
|
|
// %8 -- CRL Filename/Key Name Suffix: L"" if 0 == iCRL_p8; else L"(%u)"
|
|
//
|
|
// %9 -- CRL Filename Suffix: L"" if !fDeltaCRL_p9; else L"+"
|
|
//
|
|
// %10 -- DS CRL attribute: L"" if !fDSAttrib_p10_11; depends on fDeltaCRL_p9
|
|
//
|
|
// %11 -- DS CA Cert attribute: L"" if !fDSAttrib_p10_11
|
|
//
|
|
// %12 -- DS user cert attribute
|
|
//
|
|
// %13 -- DS KRA cert attribute
|
|
//
|
|
// %14 -- DS cross cert pair attribute
|
|
|
|
HRESULT
|
|
myFormatCertsrvStringArray(
|
|
IN BOOL fURL,
|
|
IN LPCWSTR pwszServerName_p1_2,
|
|
IN LPCWSTR pwszSanitizedName_p3_7,
|
|
IN DWORD iCert_p4,
|
|
IN DWORD iCertTarget_p4,
|
|
IN LPCWSTR pwszDomainDN_p5,
|
|
IN LPCWSTR pwszConfigDN_p6,
|
|
IN DWORD iCRL_p8,
|
|
IN BOOL fDeltaCRL_p9,
|
|
IN BOOL fDSAttrib_p10_11,
|
|
IN DWORD cStrings,
|
|
IN LPCWSTR *apwszStringsIn,
|
|
OUT LPWSTR *apwszStringsOut)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
LPCWSTR apwszInsertionArray[100]; // 100 'cause this is the max number of insertion numbers allowed by FormatMessage
|
|
LPWSTR pwszCurrent = NULL;
|
|
BSTR strShortMachineName = NULL;
|
|
DWORD i;
|
|
WCHAR *pwszSanitizedDSName = NULL;
|
|
WCHAR wszCertSuffix[2 * cwcFILENAMESUFFIXMAX];
|
|
WCHAR wszCRLSuffix[cwcFILENAMESUFFIXMAX];
|
|
WCHAR wszDeltaCRLSuffix[cwcFILENAMESUFFIXMAX];
|
|
WCHAR const *pwszT;
|
|
|
|
|
|
ZeroMemory(apwszStringsOut, cStrings * sizeof(apwszStringsOut[0]));
|
|
ZeroMemory(apwszInsertionArray, sizeof(apwszInsertionArray));
|
|
|
|
// Format the template into a real name
|
|
// Initialize the insertion string array.
|
|
|
|
//+================================================
|
|
// Machine DNS name (%1)
|
|
|
|
CSASSERT(L'1' == wszFCSAPARM_SERVERDNSNAME[1]);
|
|
apwszInsertionArray[1 - 1] = pwszServerName_p1_2;
|
|
|
|
//+================================================
|
|
// Short Machine Name (%2)
|
|
|
|
CSASSERT(L'2' == wszFCSAPARM_SERVERSHORTNAME[1]);
|
|
strShortMachineName = SysAllocString(pwszServerName_p1_2);
|
|
if (strShortMachineName == NULL)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpIfError(hr, error, "SysAllocString");
|
|
}
|
|
|
|
pwszCurrent = wcschr(strShortMachineName, L'.');
|
|
if (NULL != pwszCurrent)
|
|
{
|
|
*pwszCurrent = 0;
|
|
}
|
|
apwszInsertionArray[2 - 1] = strShortMachineName;
|
|
|
|
//+================================================
|
|
// sanitized name (%3)
|
|
|
|
CSASSERT(L'3' == wszFCSAPARM_SANITIZEDCANAME[1]);
|
|
apwszInsertionArray[3 - 1] = pwszSanitizedName_p3_7;
|
|
|
|
//+================================================
|
|
// Cert filename suffix (%4) | (%4-%4)
|
|
|
|
CSASSERT(L'4' == wszFCSAPARM_CERTFILENAMESUFFIX[1]);
|
|
wszCertSuffix[0] = L'\0';
|
|
if (0 != iCert_p4 || MAXDWORD != iCertTarget_p4)
|
|
{
|
|
wsprintf(
|
|
wszCertSuffix,
|
|
MAXDWORD != iCertTarget_p4? L"(%u-%u)" : L"(%u)",
|
|
iCert_p4,
|
|
iCertTarget_p4);
|
|
}
|
|
apwszInsertionArray[4 - 1] = wszCertSuffix;
|
|
|
|
//+================================================
|
|
// Domain DN (%5)
|
|
|
|
if (NULL == pwszDomainDN_p5 || L'\0' == *pwszDomainDN_p5)
|
|
{
|
|
pwszDomainDN_p5 = L"DC=UnavailableDomainDN";
|
|
}
|
|
CSASSERT(L'5' == wszFCSAPARM_DOMAINDN[1]);
|
|
apwszInsertionArray[5 - 1] = pwszDomainDN_p5;
|
|
|
|
//+================================================
|
|
// Config DN (%6)
|
|
|
|
if (NULL == pwszConfigDN_p6 || L'\0' == *pwszConfigDN_p6)
|
|
{
|
|
pwszConfigDN_p6 = L"DC=UnavailableConfigDN";
|
|
}
|
|
CSASSERT(L'6' == wszFCSAPARM_CONFIGDN[1]);
|
|
apwszInsertionArray[6 - 1] = pwszConfigDN_p6;
|
|
|
|
// Don't pass pwszSanitizedName_p3_7 to SysAllocStringLen with the extended
|
|
// length to avoid faulting past end of pwszSanitizedName_p3_7.
|
|
|
|
//+================================================
|
|
// Sanitized Short Name (%7)
|
|
|
|
CSASSERT(L'7' == wszFCSAPARM_SANITIZEDCANAMEHASH[1]);
|
|
hr = mySanitizedNameToDSName(pwszSanitizedName_p3_7, &pwszSanitizedDSName);
|
|
_JumpIfError(hr, error, "mySanitizedNameToDSName");
|
|
|
|
apwszInsertionArray[7 - 1] = pwszSanitizedDSName;
|
|
|
|
//+================================================
|
|
// CRL filename suffix (%8)
|
|
|
|
CSASSERT(L'8' == wszFCSAPARM_CRLFILENAMESUFFIX[1]);
|
|
wszCRLSuffix[0] = L'\0';
|
|
if (0 != iCRL_p8)
|
|
{
|
|
wsprintf(wszCRLSuffix, L"(%u)", iCRL_p8);
|
|
}
|
|
apwszInsertionArray[8 - 1] = wszCRLSuffix;
|
|
|
|
//+================================================
|
|
// Delta CRL filename suffix (%9)
|
|
|
|
CSASSERT(L'9' == wszFCSAPARM_CRLDELTAFILENAMESUFFIX[1]);
|
|
wszDeltaCRLSuffix[0] = L'\0';
|
|
if (fDeltaCRL_p9)
|
|
{
|
|
wcscpy(wszDeltaCRLSuffix, L"+");
|
|
}
|
|
apwszInsertionArray[9 - 1] = wszDeltaCRLSuffix;
|
|
|
|
//+================================================
|
|
// CRL attribute (%10)
|
|
|
|
CSASSERT(L'1' == wszFCSAPARM_DSCRLATTRIBUTE[1]);
|
|
CSASSERT(L'0' == wszFCSAPARM_DSCRLATTRIBUTE[2]);
|
|
pwszT = L"";
|
|
if (fDSAttrib_p10_11)
|
|
{
|
|
pwszT = fDeltaCRL_p9?
|
|
wszDSSEARCHDELTACRLATTRIBUTE :
|
|
wszDSSEARCHBASECRLATTRIBUTE;
|
|
}
|
|
apwszInsertionArray[10 - 1] = pwszT;
|
|
|
|
//+================================================
|
|
// CA cert attribute (%11)
|
|
|
|
CSASSERT(L'1' == wszFCSAPARM_DSCACERTATTRIBUTE[1]);
|
|
CSASSERT(L'1' == wszFCSAPARM_DSCACERTATTRIBUTE[2]);
|
|
pwszT = L"";
|
|
if (fDSAttrib_p10_11)
|
|
{
|
|
pwszT = wszDSSEARCHCACERTATTRIBUTE;
|
|
}
|
|
apwszInsertionArray[11 - 1] = pwszT;
|
|
|
|
//+================================================
|
|
// User cert attribute (%12)
|
|
|
|
CSASSERT(L'1' == wszFCSAPARM_DSUSERCERTATTRIBUTE[1]);
|
|
CSASSERT(L'2' == wszFCSAPARM_DSUSERCERTATTRIBUTE[2]);
|
|
pwszT = L"";
|
|
if (fDSAttrib_p10_11)
|
|
{
|
|
pwszT = wszDSSEARCHUSERCERTATTRIBUTE;
|
|
}
|
|
apwszInsertionArray[12 - 1] = pwszT;
|
|
|
|
//+================================================
|
|
// KRA cert attribute (%13)
|
|
|
|
CSASSERT(L'1' == wszFCSAPARM_DSKRACERTATTRIBUTE[1]);
|
|
CSASSERT(L'3' == wszFCSAPARM_DSKRACERTATTRIBUTE[2]);
|
|
pwszT = L"";
|
|
if (fDSAttrib_p10_11)
|
|
{
|
|
pwszT = wszDSSEARCHKRACERTATTRIBUTE;
|
|
}
|
|
apwszInsertionArray[13 - 1] = pwszT;
|
|
|
|
//+================================================
|
|
// Cross cert pair attribute (%14)
|
|
|
|
CSASSERT(L'1' == wszFCSAPARM_DSCROSSCERTPAIRATTRIBUTE[1]);
|
|
CSASSERT(L'4' == wszFCSAPARM_DSCROSSCERTPAIRATTRIBUTE[2]);
|
|
pwszT = L"";
|
|
if (fDSAttrib_p10_11)
|
|
{
|
|
pwszT = wszDSSEARCHCROSSCERTPAIRATTRIBUTE;
|
|
}
|
|
apwszInsertionArray[14 - 1] = pwszT;
|
|
|
|
//+================================================
|
|
// Now format the strings...
|
|
|
|
for (i = 0; i < cStrings; i++)
|
|
{
|
|
if (0 == FormatMessage(
|
|
FORMAT_MESSAGE_ALLOCATE_BUFFER |
|
|
FORMAT_MESSAGE_FROM_STRING |
|
|
FORMAT_MESSAGE_ARGUMENT_ARRAY,
|
|
(VOID *) apwszStringsIn[i],
|
|
0, // dwMessageID
|
|
0, // dwLanguageID
|
|
(LPWSTR) &apwszStringsOut[i],
|
|
wcslen(apwszStringsIn[i]),
|
|
(va_list *) apwszInsertionArray))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "FormatMessage");
|
|
}
|
|
if (fURL)
|
|
{
|
|
WCHAR *pwsz;
|
|
|
|
hr = myInternetCanonicalizeUrl(apwszStringsOut[i], &pwsz);
|
|
_JumpIfError(hr, error, "myInternetCanonicalizeUrl");
|
|
|
|
LocalFree(apwszStringsOut[i]);
|
|
apwszStringsOut[i] = pwsz;
|
|
}
|
|
}
|
|
|
|
error:
|
|
if (S_OK != hr)
|
|
{
|
|
for (i = 0; i < cStrings; i++)
|
|
{
|
|
if (NULL != apwszStringsOut[i])
|
|
{
|
|
LocalFree(apwszStringsOut[i]);
|
|
apwszStringsOut[i] = NULL;
|
|
}
|
|
}
|
|
}
|
|
if (NULL != strShortMachineName)
|
|
{
|
|
SysFreeString(strShortMachineName);
|
|
}
|
|
if (NULL != pwszSanitizedDSName)
|
|
{
|
|
LocalFree(pwszSanitizedDSName);
|
|
}
|
|
return (hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myAllocIndexedName(
|
|
IN WCHAR const *pwszName,
|
|
IN DWORD Index,
|
|
IN DWORD IndexTarget,
|
|
OUT WCHAR **ppwszIndexedName)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR wszIndex[1 + 2 * cwcDWORDSPRINTF + 3]; // L"(%u-%u)"
|
|
WCHAR *pwszIndexedName;
|
|
|
|
*ppwszIndexedName = NULL;
|
|
wszIndex[0] = L'\0';
|
|
if (0 != Index || MAXDWORD != IndexTarget)
|
|
{
|
|
wsprintf(
|
|
wszIndex,
|
|
MAXDWORD != IndexTarget? L"(%u-%u)" : L"(%u)",
|
|
Index,
|
|
IndexTarget);
|
|
}
|
|
pwszIndexedName = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
(wcslen(pwszName) + wcslen(wszIndex) + 1) * sizeof(WCHAR));
|
|
if (NULL == pwszIndexedName)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(pwszIndexedName, pwszName);
|
|
wcscat(pwszIndexedName, wszIndex);
|
|
*ppwszIndexedName = pwszIndexedName;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
int
|
|
myWtoI(
|
|
IN WCHAR const *string,
|
|
OUT BOOL *pfValid)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR wszBuf[16];
|
|
WCHAR *pwszT = wszBuf;
|
|
int cTmp = ARRAYSIZE(wszBuf);
|
|
int i = 0;
|
|
WCHAR const *pwsz;
|
|
BOOL fSawDigit = FALSE;
|
|
|
|
CSASSERT(NULL != pfValid);
|
|
*pfValid = FALSE;
|
|
|
|
cTmp = FoldString(MAP_FOLDDIGITS, string, -1, pwszT, cTmp);
|
|
if (cTmp == 0)
|
|
{
|
|
hr = myHLastError();
|
|
if (HRESULT_FROM_WIN32(ERROR_INSUFFICIENT_BUFFER) == hr)
|
|
{
|
|
hr = S_OK;
|
|
cTmp = FoldString(MAP_FOLDDIGITS, string, -1, NULL, 0);
|
|
|
|
pwszT = (WCHAR *) LocalAlloc(LMEM_FIXED, cTmp * sizeof(WCHAR));
|
|
if (NULL == pwszT)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
|
|
cTmp = FoldString(MAP_FOLDDIGITS, string, -1, pwszT, cTmp);
|
|
if (cTmp == 0)
|
|
{
|
|
hr = myHLastError();
|
|
}
|
|
}
|
|
_JumpIfError(hr, error, "FoldString");
|
|
}
|
|
pwsz = pwszT;
|
|
while (iswspace(*pwsz))
|
|
{
|
|
pwsz++;
|
|
}
|
|
if (L'0' == *pwsz && (L'x' == pwsz[1] || L'X' == pwsz[1]))
|
|
{
|
|
pwsz += 2;
|
|
while (iswxdigit(*pwsz))
|
|
{
|
|
i <<= 4;
|
|
if (iswdigit(*pwsz))
|
|
{
|
|
i |= *pwsz - L'0';
|
|
}
|
|
else if (L'A' <= *pwsz && L'F' >= *pwsz)
|
|
{
|
|
i |= *pwsz - L'A' + 10;
|
|
}
|
|
else
|
|
{
|
|
i |= *pwsz - L'a' + 10;
|
|
}
|
|
fSawDigit = TRUE;
|
|
pwsz++;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
while (iswdigit(*pwsz))
|
|
{
|
|
fSawDigit = TRUE;
|
|
pwsz++;
|
|
}
|
|
i = _wtoi(pwszT);
|
|
}
|
|
while (iswspace(*pwsz))
|
|
{
|
|
pwsz++;
|
|
}
|
|
if (L'\0' == *pwsz)
|
|
{
|
|
*pfValid = fSawDigit;
|
|
}
|
|
|
|
error:
|
|
if (NULL != pwszT && pwszT != wszBuf)
|
|
{
|
|
LocalFree(pwszT);
|
|
}
|
|
return(i);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetEnvString(
|
|
OUT WCHAR **ppwszOut,
|
|
IN WCHAR const *pwszVariable)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR awcBuf[MAX_PATH];
|
|
DWORD len;
|
|
|
|
len = GetEnvironmentVariable(pwszVariable, awcBuf, ARRAYSIZE(awcBuf));
|
|
if (0 == len)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpErrorStr2(
|
|
hr,
|
|
error,
|
|
"GetEnvironmentVariable",
|
|
pwszVariable,
|
|
HRESULT_FROM_WIN32(ERROR_ENVVAR_NOT_FOUND));
|
|
}
|
|
if (ARRAYSIZE(awcBuf) <= len)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW);
|
|
_JumpError(hr, error, "GetEnvironmentVariable");
|
|
}
|
|
*ppwszOut = (WCHAR *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
(wcslen(awcBuf) + 1) * sizeof(WCHAR));
|
|
if (NULL == *ppwszOut)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
wcscpy(*ppwszOut, awcBuf);
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
IsValidAttributeChar(
|
|
IN WCHAR wc)
|
|
{
|
|
BOOL fOk = TRUE;
|
|
|
|
if (myIsMinusSign(wc) || iswspace(wc))
|
|
{
|
|
fOk = FALSE;
|
|
}
|
|
return(fOk);
|
|
}
|
|
|
|
|
|
// myParseNextAttribute -- destructively parse a name, value attribute pair.
|
|
// Allow CR and/or LF delimiters -- MAC web pages seem to convert LFs into CRs.
|
|
|
|
HRESULT
|
|
myParseNextAttribute(
|
|
IN OUT WCHAR **ppwszBuf,
|
|
IN BOOL fURL, // Use = and & instead of : and \r\n
|
|
OUT WCHAR const **ppwszName,
|
|
OUT WCHAR const **ppwszValue)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszBuf = *ppwszBuf;
|
|
WCHAR wcSep = fURL? L'=' : L':';
|
|
WCHAR *wszTerm = fURL? L"&" : L"\r\n";
|
|
|
|
for (;;)
|
|
{
|
|
WCHAR *pwcToken;
|
|
WCHAR *pwcDst;
|
|
WCHAR *pwc;
|
|
WCHAR const *pwszTerm;
|
|
WCHAR wszQuote[2];
|
|
|
|
// Find the beginning of the next token
|
|
|
|
while (iswspace(*pwszBuf))
|
|
{
|
|
pwszBuf++;
|
|
}
|
|
pwcToken = pwszBuf;
|
|
pwszBuf = wcschr(pwszBuf, wcSep);
|
|
if (NULL == pwszBuf)
|
|
{
|
|
hr = S_FALSE;
|
|
goto error;
|
|
}
|
|
|
|
// If there's a wszTerm char before the next wcSep char, start over.
|
|
|
|
pwc = &pwcToken[wcscspn(pwcToken, wszTerm)];
|
|
if (pwc < pwszBuf)
|
|
{
|
|
pwszBuf = pwc + 1;
|
|
continue;
|
|
}
|
|
for (pwc = pwcDst = pwcToken; pwc < pwszBuf; pwc++)
|
|
{
|
|
if (IsValidAttributeChar(*pwc))
|
|
{
|
|
*pwcDst++ = *pwc;
|
|
}
|
|
}
|
|
pwszBuf++; // skip past the wcSep before it gets stomped
|
|
*pwcDst = L'\0'; // may stomp the wcSep separator
|
|
*ppwszName = pwcToken;
|
|
|
|
// Find beginning of Value string
|
|
|
|
while (NULL == wcschr(wszTerm, *pwszBuf) && iswspace(*pwszBuf))
|
|
{
|
|
pwszBuf++;
|
|
}
|
|
wszQuote[0] = L'\0';
|
|
pwszTerm = wszTerm;
|
|
if (fURL && (L'"' == *pwszBuf || L'\'' == *pwszBuf))
|
|
{
|
|
wszQuote[0] = *pwszBuf;
|
|
wszQuote[1] = L'\0';
|
|
pwszTerm = wszQuote;
|
|
pwszBuf++;
|
|
}
|
|
pwcToken = pwszBuf;
|
|
|
|
// find end of Value string
|
|
|
|
pwc = &pwcToken[wcscspn(pwcToken, pwszTerm)];
|
|
pwszBuf = pwc;
|
|
if (L'\0' != *pwszBuf)
|
|
{
|
|
// for case when last Value *is* terminated by a wszTerm char:
|
|
|
|
*pwszBuf++ = L'\0';
|
|
}
|
|
|
|
// trim trailing whitespace from Value string
|
|
|
|
while (--pwc >= pwcToken && iswspace(*pwc))
|
|
{
|
|
*pwc = L'\0';
|
|
}
|
|
if (L'\0' != wszQuote[0] && pwc >= pwcToken && wszQuote[0] == *pwc)
|
|
{
|
|
*pwc = L'\0';
|
|
}
|
|
if (L'\0' == **ppwszName || L'\0' == *pwcToken)
|
|
{
|
|
continue;
|
|
}
|
|
*ppwszValue = pwcToken;
|
|
break;
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
*ppwszBuf = pwszBuf;
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// Destructively parse an old-style 4 byte IP Address.
|
|
|
|
HRESULT
|
|
infParseIPV4Address(
|
|
IN WCHAR *pwszValue,
|
|
OUT BYTE *pb,
|
|
IN OUT DWORD *pcb)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cb;
|
|
|
|
DBGPRINT((DBG_SS_CERTLIBI, "infParseIPV4Address(%ws)\n", pwszValue));
|
|
if (CB_IPV4ADDRESS > *pcb)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW);
|
|
_JumpError(hr, error, "buffer too small");
|
|
}
|
|
for (cb = 0; cb < CB_IPV4ADDRESS; cb++)
|
|
{
|
|
WCHAR *pwszNext;
|
|
BOOL fValid;
|
|
DWORD dw;
|
|
|
|
pwszNext = &pwszValue[wcscspn(pwszValue, L".")];
|
|
if (L'.' == *pwszNext)
|
|
{
|
|
*pwszNext++ = L'\0';
|
|
}
|
|
dw = myWtoI(pwszValue, &fValid);
|
|
if (!fValid || 255 < dw)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpErrorStr(hr, error, "bad IP Address digit string", pwszValue);
|
|
}
|
|
pb[cb] = (BYTE) dw;
|
|
pwszValue = pwszNext;
|
|
}
|
|
if (L'\0' != *pwszValue)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "extra data");
|
|
}
|
|
*pcb = cb;
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"infParseIPV4Address: %u.%u.%u.%u\n",
|
|
pb[0],
|
|
pb[1],
|
|
pb[2],
|
|
pb[3]));
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// Destructively parse a new-style 16 byte IP Address.
|
|
|
|
#define MAKE16(b0, b1) (((b0) << 8) | (b1))
|
|
|
|
HRESULT
|
|
infParseIPV6AddressSub(
|
|
IN WCHAR *pwszValue,
|
|
OUT BYTE *pb,
|
|
IN OUT DWORD *pcb)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cbMax = *pcb;
|
|
DWORD cb;
|
|
|
|
DBGPRINT((DBG_SS_CERTLIBI, "infParseIPV6AddressSub(%ws)\n", pwszValue));
|
|
ZeroMemory(pb, cbMax);
|
|
|
|
for (cb = 0; cb < cbMax; cb += 2)
|
|
{
|
|
WCHAR *pwszNext;
|
|
BOOL fValid;
|
|
DWORD dw;
|
|
WCHAR awc[7];
|
|
|
|
pwszNext = &pwszValue[wcscspn(pwszValue, L":")];
|
|
if (L':' == *pwszNext)
|
|
{
|
|
*pwszNext++ = L'\0';
|
|
}
|
|
if (L'\0' == *pwszValue)
|
|
{
|
|
break;
|
|
}
|
|
if (4 < wcslen(pwszValue))
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpErrorStr(hr, error, "too many IP Address digits", pwszValue);
|
|
}
|
|
wcscpy(awc, L"0x");
|
|
wcscat(awc, pwszValue);
|
|
CSASSERT(wcslen(awc) < ARRAYSIZE(awc));
|
|
|
|
dw = myWtoI(awc, &fValid);
|
|
if (!fValid || 64 * 1024 <= dw)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpErrorStr(hr, error, "bad IP Address digit string", pwszValue);
|
|
}
|
|
pb[cb] = (BYTE) (dw >> 8);
|
|
pb[cb + 1] = (BYTE) dw;
|
|
pwszValue = pwszNext;
|
|
}
|
|
if (L'\0' != *pwszValue)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpErrorStr(hr, error, "extra data", pwszValue);
|
|
}
|
|
*pcb = cb;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// Destructively parse a new-style 16 byte IP Address.
|
|
|
|
HRESULT
|
|
infParseIPV6Address(
|
|
IN WCHAR *pwszValue,
|
|
OUT BYTE *pb,
|
|
IN OUT DWORD *pcb)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cbMax;
|
|
WCHAR *pwsz;
|
|
WCHAR *pwszLeft;
|
|
WCHAR *pwszRight;
|
|
BYTE abRight[CB_IPV6ADDRESS];
|
|
DWORD cbLeft;
|
|
DWORD cbRight;
|
|
DWORD i;
|
|
BOOL fV4Compat;
|
|
|
|
DBGPRINT((DBG_SS_CERTLIBI, "infParseIPV6Address(%ws)\n", pwszValue));
|
|
if (CB_IPV6ADDRESS > *pcb)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW);
|
|
_JumpError(hr, error, "buffer too small");
|
|
}
|
|
ZeroMemory(pb, CB_IPV6ADDRESS);
|
|
cbMax = CB_IPV6ADDRESS;
|
|
|
|
// If there's a period after the last colon, an IP V4 Address is attached.
|
|
// Parse it as an IP V4 Address, and reduce the expected size of the IP V6
|
|
// Address to be parsed from eight to six 16-bit address chunks.
|
|
|
|
pwsz = wcsrchr(pwszValue, L':');
|
|
if (NULL != pwsz)
|
|
{
|
|
if (NULL != wcschr(pwsz, L'.'))
|
|
{
|
|
DWORD cb = CB_IPV4ADDRESS;
|
|
|
|
hr = infParseIPV4Address(
|
|
&pwsz[1],
|
|
&pb[CB_IPV6ADDRESS - CB_IPV4ADDRESS],
|
|
&cb);
|
|
_JumpIfError(hr, error, "infParseIPV4Address");
|
|
|
|
CSASSERT(CB_IPV4ADDRESS == cb);
|
|
|
|
pwsz[1] = L'\0'; // get rid of the trailing IP V4 Address
|
|
|
|
// drop the trailing colon -- if it's not part of a double colon.
|
|
|
|
if (pwsz > pwszValue && L':' != *--pwsz)
|
|
{
|
|
pwsz[1] = L'\0';
|
|
}
|
|
cbMax -= CB_IPV4ADDRESS;
|
|
}
|
|
}
|
|
cbLeft = 0;
|
|
cbRight = 0;
|
|
pwszLeft = pwszValue;
|
|
pwszRight = wcsstr(pwszValue, L"::");
|
|
if (NULL != pwszRight)
|
|
{
|
|
*pwszRight = L'\0';
|
|
pwszRight += 2;
|
|
if (L'\0' != *pwszRight)
|
|
{
|
|
cbRight = cbMax;
|
|
hr = infParseIPV6AddressSub(pwszRight, abRight, &cbRight);
|
|
_JumpIfError(hr, error, "infParseIPV6AddressSub");
|
|
}
|
|
}
|
|
|
|
if (L'\0' != *pwszLeft)
|
|
{
|
|
cbLeft = cbMax;
|
|
hr = infParseIPV6AddressSub(pwszLeft, pb, &cbLeft);
|
|
_JumpIfError(hr, error, "infParseIPV6AddressSub");
|
|
}
|
|
if (NULL == pwszRight && cbLeft != cbMax)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "too few IP Address chunks");
|
|
}
|
|
if (cbLeft + cbRight + (NULL != pwszRight? 1 : 0) > cbMax)
|
|
{
|
|
hr = E_INVALIDARG;
|
|
_JumpError(hr, error, "too many IP Address chunks");
|
|
}
|
|
if (0 != cbRight)
|
|
{
|
|
CopyMemory(&pb[cbMax - cbRight], abRight, cbRight);
|
|
}
|
|
*pcb = CB_IPV6ADDRESS;
|
|
|
|
fV4Compat = TRUE;
|
|
for (i = 0; i < CB_IPV6ADDRESS - CB_IPV4ADDRESS - 2; i++)
|
|
{
|
|
if (0 != pb[i])
|
|
{
|
|
fV4Compat = FALSE;
|
|
break;
|
|
}
|
|
}
|
|
if (fV4Compat)
|
|
{
|
|
CSASSERT(i == CB_IPV6ADDRESS - CB_IPV4ADDRESS - 2);
|
|
fV4Compat = (0 == pb[i] && 0 == pb[i + 1]) ||
|
|
(0xff == pb[i] && 0xff == pb[i + 1]);
|
|
}
|
|
if (fV4Compat)
|
|
{
|
|
CSASSERT(i == CB_IPV6ADDRESS - CB_IPV4ADDRESS - 2);
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"infParseIPV6Address: ::%hs%u.%u.%u.%u\n",
|
|
0 == pb[i]? "" : "ffff:",
|
|
pb[12],
|
|
pb[13],
|
|
pb[14],
|
|
pb[15]));
|
|
}
|
|
else
|
|
{
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIBI,
|
|
"infParseIPV6Address: %x:%x:%x:%x:%x:%x:%x:%x\n",
|
|
MAKE16(pb[0], pb[1]),
|
|
MAKE16(pb[2], pb[3]),
|
|
MAKE16(pb[4], pb[5]),
|
|
MAKE16(pb[6], pb[7]),
|
|
MAKE16(pb[8], pb[9]),
|
|
MAKE16(pb[10], pb[11]),
|
|
MAKE16(pb[12], pb[13]),
|
|
MAKE16(pb[14], pb[15])));
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myParseIPAddress(
|
|
IN WCHAR const *pwszValue,
|
|
OUT BYTE *pbData,
|
|
OUT DWORD *pcbData)
|
|
{
|
|
HRESULT hr;
|
|
DWORD cb = *pcbData;
|
|
WCHAR *pwszDup = NULL;
|
|
|
|
// if pwszValue is an empty string, return zero length.
|
|
|
|
*pcbData = 0;
|
|
if (L'\0' != *pwszValue)
|
|
{
|
|
hr = myDupString(pwszValue, &pwszDup);
|
|
_JumpIfError(hr, error, "myDupString");
|
|
|
|
if (NULL == wcschr(pwszDup, L':'))
|
|
{
|
|
hr = infParseIPV4Address(pwszDup, pbData, &cb);
|
|
_JumpIfError(hr, error, "infParseIPV4Address");
|
|
}
|
|
else
|
|
{
|
|
hr = infParseIPV6Address(pwszDup, pbData, &cb);
|
|
_JumpIfError(hr, error, "infParseIPV6Address");
|
|
}
|
|
*pcbData = cb;
|
|
DBGDUMPHEX((
|
|
DBG_SS_CERTLIBI,
|
|
DH_NOADDRESS | DH_NOTABPREFIX | 8,
|
|
pbData,
|
|
*pcbData));
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pwszDup)
|
|
{
|
|
LocalFree(pwszDup);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myBuildOSVersionAttribute(
|
|
OUT BYTE **ppbVersion,
|
|
OUT DWORD *pcbVersion)
|
|
{
|
|
HRESULT hr;
|
|
DWORD i;
|
|
OSVERSIONINFO osvInfo;
|
|
CERT_NAME_VALUE cnvOSVer;
|
|
#define cwcVERSIONMAX 128
|
|
WCHAR wszVersion[12 * 4 + cwcVERSIONMAX];
|
|
|
|
*ppbVersion = NULL;
|
|
ZeroMemory(&osvInfo, sizeof(osvInfo));
|
|
|
|
// get the OSVersion
|
|
|
|
osvInfo.dwOSVersionInfoSize = sizeof(osvInfo);
|
|
if (!GetVersionEx(&osvInfo))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetVersionEx");
|
|
}
|
|
|
|
for (i = 0; ; i++)
|
|
{
|
|
swprintf(
|
|
wszVersion,
|
|
0 == i? L"%d.%d.%d.%d.%.*ws" : L"%d.%d.%d.%d",
|
|
osvInfo.dwMajorVersion,
|
|
osvInfo.dwMinorVersion,
|
|
osvInfo.dwBuildNumber,
|
|
osvInfo.dwPlatformId,
|
|
cwcVERSIONMAX,
|
|
osvInfo.szCSDVersion);
|
|
CSASSERT(ARRAYSIZE(wszVersion) > wcslen(wszVersion));
|
|
|
|
cnvOSVer.dwValueType = CERT_RDN_IA5_STRING;
|
|
cnvOSVer.Value.pbData = (BYTE *) wszVersion;
|
|
cnvOSVer.Value.cbData = 0;
|
|
|
|
if (!myEncodeObject(
|
|
X509_ASN_ENCODING,
|
|
X509_UNICODE_ANY_STRING,
|
|
&cnvOSVer,
|
|
0,
|
|
CERTLIB_USE_LOCALALLOC,
|
|
ppbVersion,
|
|
pcbVersion))
|
|
{
|
|
hr = myHLastError();
|
|
_PrintError(hr, "myEncodeObject");
|
|
if (0 == i)
|
|
{
|
|
continue;
|
|
}
|
|
goto error;
|
|
}
|
|
break;
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
WCHAR const *
|
|
myFixTemplateCase(
|
|
IN WCHAR const *pwszCertType)
|
|
{
|
|
DWORD i;
|
|
static WCHAR const *apwszCertType[] = {
|
|
wszCERTTYPE_CA,
|
|
wszCERTTYPE_SUBORDINATE_CA,
|
|
wszCERTTYPE_CROSS_CA,
|
|
};
|
|
|
|
for (i = 0; i < ARRAYSIZE(apwszCertType); i++)
|
|
{
|
|
if (0 == mylstrcmpiS(pwszCertType, apwszCertType[i]))
|
|
{
|
|
pwszCertType = apwszCertType[i];
|
|
break;
|
|
}
|
|
}
|
|
return(pwszCertType);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myBuildCertTypeExtension(
|
|
IN WCHAR const *pwszCertType,
|
|
OUT CERT_EXTENSION *pExt)
|
|
{
|
|
HRESULT hr;
|
|
CERT_TEMPLATE_EXT Template;
|
|
CERT_NAME_VALUE NameValue;
|
|
LPCSTR pszStructType;
|
|
char *pszObjId = NULL;
|
|
VOID *pv;
|
|
char *pszObjIdExt;
|
|
|
|
if (!ConvertWszToSz(&pszObjId, pwszCertType, -1))
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "ConvertWszToSz");
|
|
}
|
|
hr = myVerifyObjIdA(pszObjId);
|
|
if (S_OK == hr)
|
|
{
|
|
ZeroMemory(&Template, sizeof(Template));
|
|
|
|
Template.pszObjId = pszObjId;
|
|
//Template.dwMajorVersion = 0;
|
|
//Template.fMinorVersion = FALSE; // TRUE for a minor version
|
|
//Template.dwMinorVersion = 0;
|
|
|
|
pszStructType = X509_CERTIFICATE_TEMPLATE;
|
|
pv = &Template;
|
|
pszObjIdExt = szOID_CERTIFICATE_TEMPLATE;
|
|
}
|
|
else
|
|
{
|
|
NameValue.dwValueType = CERT_RDN_UNICODE_STRING;
|
|
NameValue.Value.pbData = (BYTE *) myFixTemplateCase(pwszCertType);
|
|
NameValue.Value.cbData = 0;
|
|
|
|
pszStructType = X509_UNICODE_ANY_STRING;
|
|
pv = &NameValue;
|
|
pszObjIdExt = szOID_ENROLL_CERTTYPE_EXTENSION;
|
|
}
|
|
if (!myEncodeObject(
|
|
X509_ASN_ENCODING,
|
|
pszStructType,
|
|
pv,
|
|
0,
|
|
CERTLIB_USE_LOCALALLOC,
|
|
&pExt->Value.pbData,
|
|
&pExt->Value.cbData))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "myEncodeObject");
|
|
}
|
|
pExt->pszObjId = pszObjIdExt;
|
|
pExt->fCritical = FALSE;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != pszObjId)
|
|
{
|
|
LocalFree(pszObjId);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
VOID
|
|
myPackExtensionArray(
|
|
IN BOOL fFreeData,
|
|
IN OUT DWORD *pcExt,
|
|
IN OUT CERT_EXTENSION **prgExt)
|
|
{
|
|
CERT_EXTENSION *rgExt = *prgExt;
|
|
DWORD cExt = *pcExt;
|
|
DWORD i;
|
|
DWORD j;
|
|
CERT_EXTENSION *pExti;
|
|
CERT_EXTENSION *pExtj;
|
|
|
|
for (i = 0; i < cExt; i++)
|
|
{
|
|
pExti = &rgExt[i];
|
|
|
|
if (NULL != pExti->pszObjId)
|
|
{
|
|
for (j = i + 1; j < cExt; j++)
|
|
{
|
|
pExtj = &rgExt[j];
|
|
|
|
if (NULL != pExtj->pszObjId &&
|
|
0 == strcmp(pExti->pszObjId, pExtj->pszObjId))
|
|
{
|
|
if (fFreeData)
|
|
{
|
|
LocalFree(pExtj->pszObjId);
|
|
if (NULL != pExtj->Value.pbData)
|
|
{
|
|
LocalFree(pExtj->Value.pbData);
|
|
}
|
|
}
|
|
pExtj->pszObjId = NULL;
|
|
pExtj->Value.pbData = NULL;
|
|
}
|
|
}
|
|
if (NULL == pExti->Value.pbData)
|
|
{
|
|
if (fFreeData)
|
|
{
|
|
LocalFree(pExti->pszObjId);
|
|
}
|
|
pExti->pszObjId = NULL;
|
|
}
|
|
}
|
|
}
|
|
for (i = j = 0; i < cExt; i++)
|
|
{
|
|
pExti = &rgExt[i];
|
|
pExtj = &rgExt[j];
|
|
|
|
CSASSERT((NULL != pExti->pszObjId) ^ (NULL == pExti->Value.pbData));
|
|
if (NULL != pExti->pszObjId && NULL != pExti->Value.pbData)
|
|
{
|
|
*pExtj = *pExti;
|
|
j++;
|
|
}
|
|
}
|
|
if (j < cExt)
|
|
{
|
|
ZeroMemory(&rgExt[j], (cExt - j) * sizeof(rgExt[0]));
|
|
*pcExt = j;
|
|
}
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myMergeExtensions(
|
|
IN DWORD cExtOrg,
|
|
IN CERT_EXTENSION *rgExtOrg,
|
|
IN DWORD cExtInf,
|
|
IN CERT_EXTENSION *rgExtInf,
|
|
OUT DWORD *pcExtMerged,
|
|
OUT CERT_EXTENSION **prgExtMerged)
|
|
{
|
|
HRESULT hr;
|
|
CERT_EXTENSION *rgExtMerged;
|
|
|
|
*prgExtMerged = NULL;
|
|
|
|
rgExtMerged = (CERT_EXTENSION *) LocalAlloc(
|
|
LMEM_FIXED,
|
|
(cExtInf + cExtOrg) * sizeof(rgExtMerged[0]));
|
|
if (NULL == rgExtMerged)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
if (0 != cExtInf)
|
|
{
|
|
CopyMemory(
|
|
&rgExtMerged[0],
|
|
&rgExtInf[0],
|
|
cExtInf * sizeof(rgExtMerged[0]));
|
|
}
|
|
if (0 != cExtOrg)
|
|
{
|
|
CopyMemory(
|
|
&rgExtMerged[cExtInf],
|
|
&rgExtOrg[0],
|
|
cExtOrg * sizeof(rgExtMerged[0]));
|
|
}
|
|
*pcExtMerged = cExtInf + cExtOrg;
|
|
*prgExtMerged = rgExtMerged;
|
|
myPackExtensionArray(FALSE, pcExtMerged, prgExtMerged);
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
IsWhistler(VOID)
|
|
{
|
|
HRESULT hr;
|
|
OSVERSIONINFO ovi;
|
|
static BOOL s_fDone = FALSE;
|
|
static BOOL s_fWhistler = FALSE;
|
|
|
|
if (!s_fDone)
|
|
{
|
|
s_fDone = TRUE;
|
|
|
|
// get and confirm platform info
|
|
|
|
ovi.dwOSVersionInfoSize = sizeof(ovi);
|
|
if (!GetVersionEx(&ovi))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetVersionEx");
|
|
}
|
|
if (VER_PLATFORM_WIN32_NT != ovi.dwPlatformId)
|
|
{
|
|
hr = ERROR_CANCELLED;
|
|
_JumpError(hr, error, "Not a supported OS");
|
|
}
|
|
if (5 < ovi.dwMajorVersion ||
|
|
(5 <= ovi.dwMajorVersion && 0 < ovi.dwMinorVersion))
|
|
{
|
|
s_fWhistler = TRUE;
|
|
}
|
|
}
|
|
|
|
error:
|
|
return(s_fWhistler);
|
|
}
|
|
|
|
|
|
static BOOL
|
|
GetFlags(
|
|
OUT DWORD *pdw)
|
|
{
|
|
HRESULT hr = S_FALSE;
|
|
|
|
*pdw = 0;
|
|
|
|
#if defined(_ALLOW_GET_FLAGS_)
|
|
hr = myGetCertRegDWValue(NULL, NULL, NULL, L"SFlags", pdw);
|
|
if (S_OK == hr)
|
|
{
|
|
DBGPRINT((
|
|
DBG_SS_CERTLIB,
|
|
"CertSrv\\Configuration\\SFlags override: %u\n",
|
|
*pdw));
|
|
}
|
|
#endif
|
|
return(S_OK == hr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
FIsAdvancedServer(VOID)
|
|
{
|
|
HRESULT hr;
|
|
OSVERSIONINFOEX ovi;
|
|
static BOOL s_fDone = FALSE;
|
|
static BOOL s_fIsAdvSvr = FALSE;
|
|
|
|
if (!s_fDone)
|
|
{
|
|
s_fDone = TRUE;
|
|
|
|
// get and confirm platform info
|
|
|
|
ovi.dwOSVersionInfoSize = sizeof(ovi);
|
|
if (!GetVersionEx((OSVERSIONINFO *) &ovi))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetVersionEx");
|
|
}
|
|
if (VER_PLATFORM_WIN32_NT != ovi.dwPlatformId)
|
|
{
|
|
hr = ERROR_CANCELLED;
|
|
_JumpError(hr, error, "Not a supported OS");
|
|
}
|
|
|
|
// if server or DC, if DTC or ADS bits are set, return TRUE
|
|
|
|
s_fIsAdvSvr =
|
|
(ovi.wProductType == VER_NT_SERVER ||
|
|
ovi.wProductType == VER_NT_DOMAIN_CONTROLLER) &&
|
|
(ovi.wSuiteMask & VER_SUITE_DATACENTER ||
|
|
ovi.wSuiteMask & VER_SUITE_ENTERPRISE);
|
|
|
|
{
|
|
DWORD dw;
|
|
|
|
if (GetFlags(&dw))
|
|
{
|
|
s_fIsAdvSvr = dw;
|
|
}
|
|
}
|
|
}
|
|
|
|
error:
|
|
return(s_fIsAdvSvr);
|
|
}
|
|
|
|
|
|
BOOL
|
|
FIsServer(VOID)
|
|
{
|
|
HRESULT hr;
|
|
OSVERSIONINFOEX ovi;
|
|
static BOOL s_fDone = FALSE;
|
|
static BOOL s_fIsSvr = FALSE;
|
|
|
|
if (!s_fDone)
|
|
{
|
|
s_fDone = TRUE;
|
|
|
|
// get and confirm platform info
|
|
|
|
ovi.dwOSVersionInfoSize = sizeof(ovi);
|
|
if (!GetVersionEx((OSVERSIONINFO *) &ovi))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetVersionEx");
|
|
}
|
|
if (VER_PLATFORM_WIN32_NT != ovi.dwPlatformId)
|
|
{
|
|
hr = ERROR_CANCELLED;
|
|
_JumpError(hr, error, "Not a supported OS");
|
|
}
|
|
|
|
// if server or DC, if DTC or ADS bits are set, return TRUE
|
|
s_fIsSvr =
|
|
(ovi.wProductType == VER_NT_SERVER ||
|
|
ovi.wProductType == VER_NT_DOMAIN_CONTROLLER) &&
|
|
0 == ((VER_SUITE_PERSONAL | VER_SUITE_BLADE) & ovi.wSuiteMask);
|
|
|
|
if (!s_fIsSvr && VER_NT_WORKSTATION == ovi.wProductType)
|
|
{
|
|
DWORD dw;
|
|
|
|
if (GetFlags(&dw))
|
|
{
|
|
s_fIsSvr = TRUE;
|
|
}
|
|
}
|
|
}
|
|
|
|
error:
|
|
return(s_fIsSvr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myAddLogSourceToRegistry(
|
|
IN LPWSTR pwszMsgDLL,
|
|
IN LPWSTR pwszApp)
|
|
{
|
|
HRESULT hr=S_OK;
|
|
DWORD dwData=0;
|
|
WCHAR const *pwszRegPath = L"SYSTEM\\CurrentControlSet\\Services\\EventLog\\Application\\";
|
|
WCHAR NameBuf[MAX_PATH];
|
|
|
|
HKEY hkey = NULL;
|
|
|
|
if (wcslen(pwszRegPath) + wcslen(pwszApp) >= ARRAYSIZE(NameBuf))
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_BUFFER_OVERFLOW);
|
|
_JumpErrorStr(hr, error, "NameBuf", pwszApp);
|
|
}
|
|
wcscpy(NameBuf, pwszRegPath);
|
|
wcscat(NameBuf, pwszApp);
|
|
|
|
// Create a new key for our application
|
|
hr = RegOpenKey(HKEY_LOCAL_MACHINE, NameBuf, &hkey);
|
|
if (S_OK != hr)
|
|
{
|
|
hr = RegCreateKey(HKEY_LOCAL_MACHINE, NameBuf, &hkey);
|
|
_JumpIfError(hr, error, "RegCreateKey");
|
|
}
|
|
|
|
// Add the Event-ID message-file name to the subkey
|
|
|
|
hr = RegSetValueEx(
|
|
hkey,
|
|
L"EventMessageFile",
|
|
0,
|
|
REG_EXPAND_SZ,
|
|
(const BYTE *) pwszMsgDLL,
|
|
(wcslen(pwszMsgDLL) + 1) * sizeof(WCHAR));
|
|
_JumpIfError(hr, error, "RegSetValueEx");
|
|
|
|
// Set the supported types flags and add it to the subkey
|
|
|
|
dwData = EVENTLOG_ERROR_TYPE |
|
|
EVENTLOG_WARNING_TYPE |
|
|
EVENTLOG_INFORMATION_TYPE;
|
|
|
|
hr = RegSetValueEx(
|
|
hkey,
|
|
L"TypesSupported",
|
|
0,
|
|
REG_DWORD,
|
|
(LPBYTE) &dwData,
|
|
sizeof(DWORD));
|
|
_JumpIfError(hr, error, "RegSetValueEx");
|
|
|
|
error:
|
|
if (NULL != hkey)
|
|
{
|
|
RegCloseKey(hkey);
|
|
}
|
|
return(myHError(hr));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myDupStringA(
|
|
IN CHAR const *pszIn,
|
|
IN CHAR **ppszOut)
|
|
{
|
|
DWORD cb;
|
|
HRESULT hr;
|
|
|
|
cb = (strlen(pszIn) + 1) * sizeof(CHAR);
|
|
*ppszOut = (CHAR *) LocalAlloc(LMEM_FIXED, cb);
|
|
if (NULL == *ppszOut)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
CopyMemory(*ppszOut, pszIn, cb);
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myIsCurrentUserBuiltinAdmin(
|
|
OUT bool *pfIsMember)
|
|
{
|
|
HANDLE hAccessToken = NULL, hDupToken = NULL;
|
|
PSID psidAdministrators = NULL;
|
|
SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
|
|
HRESULT hr = S_OK;
|
|
BOOL fIsMember = FALSE;
|
|
|
|
CSASSERT(pfIsMember);
|
|
|
|
if (!AllocateAndInitializeSid(
|
|
&siaNtAuthority,
|
|
2,
|
|
SECURITY_BUILTIN_DOMAIN_RID,
|
|
DOMAIN_ALIAS_RID_ADMINS,
|
|
0,
|
|
0,
|
|
0,
|
|
0,
|
|
0,
|
|
0,
|
|
&psidAdministrators))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "AllocateAndInitializeSid");
|
|
}
|
|
|
|
{
|
|
HANDLE hThread = GetCurrentThread();
|
|
if (NULL == hThread)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpIfError(hr, error, "GetCurrentThread");
|
|
}
|
|
|
|
// Get the access token for current thread
|
|
if (!OpenThreadToken(
|
|
hThread,
|
|
TOKEN_QUERY | TOKEN_DUPLICATE,
|
|
FALSE,
|
|
&hAccessToken))
|
|
{
|
|
hr = myHLastError();
|
|
|
|
if(hr==HRESULT_FROM_WIN32(ERROR_NO_TOKEN))
|
|
{
|
|
HANDLE hProcess = GetCurrentProcess();
|
|
if (NULL == hProcess)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "GetCurrentProcess");
|
|
}
|
|
|
|
if (!OpenProcessToken(hProcess,
|
|
TOKEN_DUPLICATE,
|
|
&hAccessToken))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "OpenProcessToken");
|
|
}
|
|
}
|
|
else
|
|
{
|
|
_JumpError(hr, error, "OpenThreadToken");
|
|
}
|
|
}
|
|
}
|
|
|
|
// CheckTokenMembership must operate on impersonation token, so make one
|
|
if (!DuplicateToken(hAccessToken, SecurityIdentification, &hDupToken))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "DuplicateToken");
|
|
}
|
|
|
|
if (!CheckTokenMembership(
|
|
hDupToken,
|
|
psidAdministrators,
|
|
&fIsMember))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CheckTokenMembership");
|
|
}
|
|
|
|
*pfIsMember = fIsMember?true:false;
|
|
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (hAccessToken)
|
|
CloseHandle(hAccessToken);
|
|
|
|
if (hDupToken)
|
|
CloseHandle(hDupToken);
|
|
|
|
// Free the SID we allocated
|
|
if (psidAdministrators)
|
|
FreeSid(psidAdministrators);
|
|
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
mySetRegistryLocalPathString(
|
|
IN HKEY hkey,
|
|
IN WCHAR const *pwszRegValueName,
|
|
IN WCHAR const *pwszUNCPath)
|
|
{
|
|
HRESULT hr;
|
|
WCHAR *pwszLocalPath = NULL;
|
|
|
|
hr = myConvertUNCPathToLocal(pwszUNCPath, &pwszLocalPath);
|
|
_JumpIfError(hr, error, "myConvertUNCPathToLocal");
|
|
|
|
hr = RegSetValueEx(
|
|
hkey,
|
|
pwszRegValueName,
|
|
0,
|
|
REG_SZ,
|
|
(BYTE *) pwszLocalPath,
|
|
(wcslen(pwszLocalPath) + 1) * sizeof(WCHAR));
|
|
_JumpIfError(hr, error, "RegSetValueEx");
|
|
|
|
error:
|
|
if (NULL != pwszLocalPath)
|
|
{
|
|
LocalFree(pwszLocalPath);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myLocalMachineIsDomainMember(
|
|
OUT bool *pfIsDomainMember)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
NTSTATUS status;
|
|
LSA_HANDLE PolicyHandle = NULL;
|
|
PPOLICY_PRIMARY_DOMAIN_INFO pPDI = NULL;
|
|
LSA_OBJECT_ATTRIBUTES ObjectAttributes;
|
|
|
|
CSASSERT(pfIsDomainMember);
|
|
|
|
*pfIsDomainMember = FALSE;
|
|
|
|
ZeroMemory(&ObjectAttributes, sizeof(ObjectAttributes));
|
|
|
|
status = LsaOpenPolicy(
|
|
NULL,
|
|
&ObjectAttributes,
|
|
GENERIC_READ | POLICY_VIEW_LOCAL_INFORMATION,
|
|
&PolicyHandle);
|
|
|
|
if(ERROR_SUCCESS != status)
|
|
{
|
|
hr = myHError(LsaNtStatusToWinError(status));
|
|
_JumpError(hr, error, "LsaOpenPolicy");
|
|
}
|
|
|
|
status = LsaQueryInformationPolicy( PolicyHandle,
|
|
PolicyPrimaryDomainInformation,
|
|
(PVOID*)&pPDI);
|
|
if(status)
|
|
{
|
|
hr = myHError(LsaNtStatusToWinError(status));
|
|
_JumpError(hr, error, "LsaQueryInformationPolicy");
|
|
}
|
|
|
|
if( pPDI->Sid )
|
|
{
|
|
// domain member if has domain SID
|
|
*pfIsDomainMember = TRUE;
|
|
|
|
}
|
|
|
|
error:
|
|
if(pPDI)
|
|
{
|
|
LsaFreeMemory((LPVOID)pPDI);
|
|
}
|
|
|
|
if(PolicyHandle)
|
|
{
|
|
LsaClose(PolicyHandle);
|
|
}
|
|
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myComputeMAC(
|
|
IN WCHAR const *pcwsFileName,
|
|
OUT WCHAR **ppwszMAC)
|
|
{
|
|
HRESULT hr;
|
|
HANDLE hFile = INVALID_HANDLE_VALUE;
|
|
HANDLE hFileMapping = NULL;
|
|
BYTE *pbFile = NULL;
|
|
|
|
DWORD cbImage, cbImageHigh = 0;
|
|
__int64 icbImage, icbHashed;
|
|
|
|
WCHAR rgwszMAC[CBMAX_CRYPT_HASH_LEN * 3]; // 20 bytes @ 3 WCHARs/byte
|
|
DWORD cbString;
|
|
|
|
DWORD dwFileMappingSize;
|
|
HCRYPTPROV hProv = NULL;
|
|
HCRYPTHASH hHash = NULL;
|
|
BYTE rgbHashVal[CBMAX_CRYPT_HASH_LEN];
|
|
DWORD cbHashVal = sizeof(rgbHashVal);
|
|
|
|
*ppwszMAC = NULL;
|
|
|
|
// find allocation granularity we can use
|
|
SYSTEM_INFO systemInfo;
|
|
GetSystemInfo(&systemInfo);
|
|
dwFileMappingSize = systemInfo.dwAllocationGranularity;
|
|
|
|
// get the file size
|
|
hFile = CreateFile(
|
|
pcwsFileName,
|
|
GENERIC_READ,
|
|
FILE_SHARE_READ,
|
|
NULL,
|
|
OPEN_EXISTING,
|
|
FILE_ATTRIBUTE_NORMAL,
|
|
0);
|
|
if (INVALID_HANDLE_VALUE == hFile)
|
|
{
|
|
hr = myHLastError();
|
|
if (S_OK == hr)
|
|
{
|
|
_PrintError(hr, "CreateFile");
|
|
hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
|
|
}
|
|
_JumpErrorStr(hr, error, "CreateFile", pcwsFileName);
|
|
}
|
|
|
|
if (0xffffffff == (cbImage = GetFileSize(hFile, &cbImageHigh)))
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_FILE_NOT_FOUND);
|
|
_JumpError(hr, error, "GetFileSize");
|
|
}
|
|
icbImage = ((__int64) cbImageHigh << 32) | cbImage;
|
|
|
|
// create mapping, indicating we will map the entire file sooner or later
|
|
hFileMapping = CreateFileMapping(hFile,
|
|
NULL,
|
|
PAGE_READONLY,
|
|
0,
|
|
0,
|
|
NULL);
|
|
if(hFileMapping == NULL)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CreateFileMapping");
|
|
}
|
|
|
|
// get a cryptographic provider
|
|
|
|
if (!CryptAcquireContext(
|
|
&hProv,
|
|
NULL, // container
|
|
MS_DEF_PROV, // provider name
|
|
PROV_RSA_FULL, // provider type
|
|
CRYPT_VERIFYCONTEXT)) // dwflags
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptAcquireContext");
|
|
}
|
|
|
|
// get a hash
|
|
if (!CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptCreateHash");
|
|
}
|
|
|
|
// begin looping over data
|
|
for (icbHashed = 0; icbHashed < icbImage; icbHashed += dwFileMappingSize)
|
|
{
|
|
DWORD cbBytesLeft = (DWORD) min(
|
|
(__int64) dwFileMappingSize,
|
|
icbImage - icbHashed);
|
|
|
|
// map the next blob into memory
|
|
pbFile = (BYTE *) MapViewOfFile(
|
|
hFileMapping,
|
|
FILE_MAP_READ,
|
|
(DWORD) (icbHashed>>32), //hi32
|
|
(DWORD) (icbHashed), //lo32
|
|
cbBytesLeft); // max num bytes to map
|
|
if (NULL == pbFile)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "MapViewOfFile");
|
|
}
|
|
|
|
// hash file
|
|
if (!CryptHashData(hHash, pbFile, cbBytesLeft, 0))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptHashData");
|
|
}
|
|
|
|
// unmap this portion
|
|
if (!UnmapViewOfFile(pbFile))
|
|
{
|
|
pbFile = NULL;
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "UnmapViewOfFile");
|
|
}
|
|
pbFile = NULL;
|
|
}
|
|
// end looping over data
|
|
|
|
// retry the hash
|
|
|
|
if (!CryptGetHashParam(hHash, HP_HASHVAL, rgbHashVal, &cbHashVal, 0))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "CryptGetHashParam");
|
|
}
|
|
|
|
cbString = sizeof(rgwszMAC);
|
|
hr = MultiByteIntegerToWszBuf(
|
|
TRUE, // byte multiple
|
|
cbHashVal,
|
|
rgbHashVal,
|
|
&cbString,
|
|
rgwszMAC);
|
|
_JumpIfError(hr, error, "MultiByteIntegerToWszBuf");
|
|
|
|
hr = myDupString(rgwszMAC, ppwszMAC);
|
|
_JumpIfError(hr, error, "myDupString");
|
|
|
|
error:
|
|
if (NULL != pbFile)
|
|
{
|
|
UnmapViewOfFile(pbFile);
|
|
}
|
|
if (NULL != hFileMapping)
|
|
{
|
|
CloseHandle(hFileMapping);
|
|
}
|
|
if (INVALID_HANDLE_VALUE != hFile)
|
|
{
|
|
CloseHandle(hFile);
|
|
}
|
|
if (NULL != hHash)
|
|
{
|
|
if (!CryptDestroyHash(hHash))
|
|
{
|
|
if (hr == S_OK)
|
|
{
|
|
hr = myHLastError();
|
|
}
|
|
}
|
|
}
|
|
if (NULL != hProv)
|
|
{
|
|
if (!CryptReleaseContext(hProv, 0))
|
|
{
|
|
if (hr == S_OK)
|
|
{
|
|
hr = myHLastError();
|
|
}
|
|
}
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myHExceptionCodePrintLineFile(
|
|
IN EXCEPTION_POINTERS const *pep,
|
|
IN DWORD dwLineFile)
|
|
{
|
|
return(myHExceptionCodePrint(
|
|
pep,
|
|
NULL,
|
|
__LINEFILETOFILE__(dwLineFile),
|
|
__LINEFILETOLINE__(dwLineFile)));
|
|
}
|
|
|
|
|
|
BOOL
|
|
myShouldPrintError(
|
|
IN HRESULT hr,
|
|
IN HRESULT hrquiet)
|
|
{
|
|
BOOL fPrint = TRUE;
|
|
|
|
if (myIsDelayLoadHResult(hr))
|
|
{
|
|
#if DBG_CERTSRV
|
|
if (!DbgIsSSActive(DBG_SS_MODLOAD))
|
|
#endif
|
|
{
|
|
fPrint = FALSE;
|
|
}
|
|
}
|
|
if (S_OK != hrquiet && hrquiet == hr)
|
|
{
|
|
#if DBG_CERTSRV
|
|
if (!DbgIsSSActive(DBG_SS_NOQUIET))
|
|
#endif
|
|
{
|
|
fPrint = FALSE;
|
|
}
|
|
}
|
|
return(fPrint);
|
|
}
|
|
|
|
|
|
VOID
|
|
CSPrintErrorLineFileData2(
|
|
OPTIONAL IN WCHAR const *pwszData,
|
|
IN DWORD dwLineFile,
|
|
IN HRESULT hr,
|
|
IN HRESULT hrquiet)
|
|
{
|
|
WCHAR awchr[cwcHRESULTSTRING];
|
|
|
|
if (DbgIsSSActive(DBG_SS_ERROR) &&
|
|
myShouldPrintError(hr, hrquiet))
|
|
{
|
|
DbgPrintf(
|
|
MAXDWORD,
|
|
"%u.%u.%u: %ws%ws%ws\n",
|
|
__LINEFILETOFILE__(dwLineFile),
|
|
__LINEFILETOLINE__(dwLineFile),
|
|
0,
|
|
myHResultToString(awchr, hr),
|
|
NULL != pwszData? L": " : L"",
|
|
NULL != pwszData? pwszData : L"");
|
|
|
|
DBGPRINT((
|
|
DBG_SS_ERROR,
|
|
"%u.%u.%u: %ws%ws%ws\n",
|
|
__LINEFILETOFILE__(dwLineFile),
|
|
__LINEFILETOLINE__(dwLineFile),
|
|
0,
|
|
myHResultToString(awchr, hr),
|
|
NULL != pwszData? L": " : L"",
|
|
NULL != pwszData? pwszData : L""));
|
|
}
|
|
}
|
|
|
|
|
|
VOID
|
|
CSPrintErrorLineFile(
|
|
IN DWORD dwLineFile,
|
|
IN HRESULT hr)
|
|
{
|
|
CSPrintErrorLineFileData2(NULL, dwLineFile, hr, S_OK);
|
|
}
|
|
|
|
|
|
VOID
|
|
CSPrintErrorLineFile2(
|
|
IN DWORD dwLineFile,
|
|
IN HRESULT hr,
|
|
IN HRESULT hrquiet)
|
|
{
|
|
CSPrintErrorLineFileData2(NULL, dwLineFile, hr, hrquiet);
|
|
}
|
|
|
|
|
|
VOID
|
|
CSPrintErrorLineFileData(
|
|
OPTIONAL IN WCHAR const *pwszData,
|
|
IN DWORD dwLineFile,
|
|
IN HRESULT hr)
|
|
{
|
|
CSPrintErrorLineFileData2(pwszData, dwLineFile, hr, S_OK);
|
|
}
|
|
|
|
|
|
// Finds a template in list based on name or OID.
|
|
// Caller is responsible for CACloseCertType(hCertType) in case of success
|
|
|
|
HRESULT
|
|
myFindCertTypeByNameOrOID(
|
|
IN const HCERTTYPE &hCertTypeList,
|
|
IN OPTIONAL LPCWSTR pcwszCertName,
|
|
IN OPTIONAL LPCWSTR pcwszCertOID,
|
|
OUT HCERTTYPE& hCertType)
|
|
{
|
|
HRESULT hr;
|
|
HCERTTYPE hCrtCertType;
|
|
HCERTTYPE hPrevCertType;
|
|
|
|
CSASSERT(pcwszCertName || pcwszCertOID);
|
|
|
|
hCertType = NULL;
|
|
hCrtCertType = hCertTypeList;
|
|
|
|
while (NULL != hCrtCertType)
|
|
{
|
|
LPWSTR *apwszCrtCertType;
|
|
BOOL fFound;
|
|
|
|
hr = CAGetCertTypeProperty(
|
|
hCrtCertType,
|
|
CERTTYPE_PROP_CN,
|
|
&apwszCrtCertType);
|
|
_JumpIfError(hr, error, "CAGetCertTypeProperty CERTTYPE_PROP_CN");
|
|
|
|
if (NULL != apwszCrtCertType)
|
|
{
|
|
fFound = NULL != apwszCrtCertType[0] &&
|
|
NULL != pcwszCertName &&
|
|
0 == mylstrcmpiS(apwszCrtCertType[0], pcwszCertName);
|
|
|
|
CAFreeCertTypeProperty(hCrtCertType, apwszCrtCertType);
|
|
if (fFound)
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
|
|
hr = CAGetCertTypeProperty(
|
|
hCrtCertType,
|
|
CERTTYPE_PROP_OID,
|
|
&apwszCrtCertType);
|
|
|
|
// ignore errors, V1 templates don't have OIDs
|
|
if (S_OK == hr && NULL != apwszCrtCertType)
|
|
{
|
|
fFound = NULL != apwszCrtCertType[0] &&
|
|
NULL != pcwszCertOID &&
|
|
0 == mylstrcmpiS(apwszCrtCertType[0], pcwszCertOID);
|
|
|
|
CAFreeCertTypeProperty(hCrtCertType, apwszCrtCertType);
|
|
if (fFound)
|
|
{
|
|
break;
|
|
}
|
|
}
|
|
hPrevCertType = hCrtCertType;
|
|
hr = CAEnumNextCertType(hPrevCertType, &hCrtCertType);
|
|
_JumpIfError(hr, error, "CAEnumNextCertType");
|
|
|
|
// hold on to the initial list
|
|
|
|
if (hCertTypeList != hPrevCertType)
|
|
{
|
|
CACloseCertType(hPrevCertType);
|
|
}
|
|
}
|
|
if (NULL == hCrtCertType)
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_NOT_FOUND);
|
|
_JumpError2(hr, error, "NULL hCrtCertType", hr);
|
|
}
|
|
hCertType = hCrtCertType;
|
|
hCrtCertType = NULL;
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != hCrtCertType && hCertTypeList != hCrtCertType)
|
|
{
|
|
CACloseCertType(hCrtCertType);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
// ConvertToString*
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT ConvertToStringI2I4(
|
|
LONG lVal,
|
|
LPWSTR *ppwszOut)
|
|
{
|
|
WCHAR wszVal[cwcDWORDSPRINTF]; // big enough to hold a LONG as string
|
|
_itow(lVal, wszVal, 10);
|
|
*ppwszOut = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
sizeof(WCHAR)*(wcslen(wszVal)+1));
|
|
if(!*ppwszOut)
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
wcscpy(*ppwszOut, wszVal);
|
|
return S_OK;
|
|
}
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT ConvertToStringUI2UI4(
|
|
ULONG ulVal,
|
|
LPWSTR *ppwszOut)
|
|
{
|
|
WCHAR wszVal[cwcDWORDSPRINTF]; // big enough to hold a LONG as string
|
|
_itow(ulVal, wszVal, 10);
|
|
*ppwszOut = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
sizeof(WCHAR)*(wcslen(wszVal)+1));
|
|
if(!*ppwszOut)
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
wcscpy(*ppwszOut, wszVal);
|
|
return S_OK;
|
|
}
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT ConvertToStringUI8(
|
|
ULARGE_INTEGER *puliVal,
|
|
LPWSTR *ppwszOut)
|
|
{
|
|
WCHAR wszVal[cwcULONG_INTEGERSPRINTF]; // big enough to hold a LONG as string
|
|
|
|
_ui64tow(puliVal->QuadPart, wszVal, 10);
|
|
*ppwszOut = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
sizeof(WCHAR)*(wcslen(wszVal)+1));
|
|
if(!*ppwszOut)
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
wcscpy(*ppwszOut, wszVal);
|
|
return S_OK;
|
|
}
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT ConvertToStringWSZ(
|
|
LPCWSTR pcwszVal,
|
|
LPWSTR *ppwszOut,
|
|
bool fDoublePercentsInString)
|
|
|
|
{
|
|
if(fDoublePercentsInString)
|
|
{
|
|
// replace each occurence of % with %%
|
|
return DoublePercentsInString(
|
|
pcwszVal,
|
|
ppwszOut);
|
|
}
|
|
else
|
|
{
|
|
*ppwszOut = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
sizeof(WCHAR)*(wcslen(pcwszVal)+1));
|
|
|
|
if(!*ppwszOut)
|
|
{
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
wcscpy(*ppwszOut, pcwszVal);
|
|
}
|
|
return S_OK;
|
|
}
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT ConvertToStringArrayUI1(
|
|
LPSAFEARRAY psa,
|
|
LPWSTR *ppwszOut)
|
|
{
|
|
SafeArrayEnum<BYTE> saenum(psa);
|
|
if(!saenum.IsValid())
|
|
{
|
|
return E_INVALIDARG;
|
|
}
|
|
BYTE b;
|
|
// byte array is formated as "0x00 0x00..." ie 5
|
|
// chars per byte
|
|
*ppwszOut = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
sizeof(WCHAR)*(saenum.GetCount()*5 + 1));
|
|
|
|
if(!*ppwszOut)
|
|
return E_OUTOFMEMORY;
|
|
|
|
LPWSTR pwszCrt = *ppwszOut;
|
|
while(S_OK==saenum.Next(b))
|
|
{
|
|
wsprintf(pwszCrt, L"0x%02X ", b); // eg "0x0f" or "0xa4"
|
|
pwszCrt+=5;
|
|
}
|
|
return S_OK;
|
|
}
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT ConvertToStringArrayBSTR(
|
|
LPSAFEARRAY psa,
|
|
LPWSTR *ppwszOut,
|
|
bool fDoublePercentsInString)
|
|
{
|
|
SafeArrayEnum<BSTR> saenum(psa);
|
|
if(!saenum.IsValid())
|
|
{
|
|
return E_INVALIDARG;
|
|
}
|
|
DWORD dwLen = 1;
|
|
BSTR bstr;
|
|
|
|
while(S_OK==saenum.Next(bstr))
|
|
{
|
|
dwLen+=2*wcslen(bstr)+10;
|
|
}
|
|
|
|
*ppwszOut = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
sizeof(WCHAR)*(dwLen));
|
|
|
|
if(!*ppwszOut)
|
|
return E_OUTOFMEMORY;
|
|
**ppwszOut = L'\0';
|
|
|
|
saenum.Reset();
|
|
|
|
WCHAR* pwszTemp = NULL;
|
|
|
|
while(S_OK==saenum.Next(bstr))
|
|
{
|
|
if(fDoublePercentsInString)
|
|
{
|
|
if (NULL != pwszTemp)
|
|
{
|
|
LocalFree(pwszTemp);
|
|
pwszTemp = NULL;
|
|
}
|
|
if (S_OK != DoublePercentsInString(bstr, &pwszTemp))
|
|
{
|
|
LocalFree(*ppwszOut);
|
|
*ppwszOut = NULL;
|
|
return E_OUTOFMEMORY;
|
|
}
|
|
wcscat(*ppwszOut, pwszTemp);
|
|
}
|
|
else
|
|
{
|
|
wcscat(*ppwszOut, bstr);
|
|
}
|
|
wcscat(*ppwszOut, L"\n");
|
|
}
|
|
|
|
LOCAL_FREE(pwszTemp);
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT DoublePercentsInString(
|
|
LPCWSTR pcwszIn,
|
|
LPWSTR *ppwszOut)
|
|
{
|
|
const WCHAR *pchSrc;
|
|
WCHAR *pchDest;
|
|
|
|
*ppwszOut = (LPWSTR) LocalAlloc(
|
|
LMEM_FIXED,
|
|
sizeof(WCHAR)*(2*wcslen(pcwszIn)+1));
|
|
|
|
if(!*ppwszOut)
|
|
return E_OUTOFMEMORY;
|
|
|
|
for(pchSrc = pcwszIn, pchDest = *ppwszOut;
|
|
L'\0'!=*pchSrc;
|
|
pchSrc++, pchDest++)
|
|
{
|
|
*pchDest = *pchSrc;
|
|
if(L'%'==*pchSrc)
|
|
*(++pchDest) = L'%';
|
|
}
|
|
*pchDest = L'\0';
|
|
|
|
return S_OK;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
ConvertToStringDATE(
|
|
IN DATE const *pDate,
|
|
IN BOOL fGMT,
|
|
OUT LPWSTR *ppwszOut)
|
|
{
|
|
HRESULT hr;
|
|
FILETIME ft;
|
|
|
|
hr = myDateToFileTime(pDate, &ft);
|
|
if (S_OK == hr)
|
|
{
|
|
if (fGMT)
|
|
{
|
|
hr = myFileTimeToWszTime(&ft, FALSE, ppwszOut);
|
|
}
|
|
else
|
|
{
|
|
hr = myGMTFileTimeToWszLocalTime(&ft, FALSE, ppwszOut);
|
|
}
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
typedef DWORD (WINAPI fnDsEnumerateDomainTrusts) (
|
|
IN LPWSTR ServerName OPTIONAL,
|
|
IN ULONG Flags,
|
|
OUT PDS_DOMAIN_TRUSTSW *Domains,
|
|
OUT PULONG DomainCount
|
|
);
|
|
|
|
typedef NET_API_STATUS (NET_API_FUNCTION fnNetApiBufferFree) (
|
|
IN LPVOID Buffer
|
|
);
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT myGetComputerDomainSid(PSID& rpsidDomain)
|
|
{
|
|
HRESULT hr = S_OK;
|
|
PDS_DOMAIN_TRUSTS pDomainInfo = NULL;
|
|
ULONG cDomainInfo = 0;
|
|
HMODULE hModule = NULL;
|
|
fnDsEnumerateDomainTrusts *pfnDsEnumerateDomainTrusts = NULL;
|
|
fnNetApiBufferFree *pfnNetApiBufferFree = NULL;
|
|
|
|
hModule = LoadLibrary(L"netapi32.dll");
|
|
if (NULL == hModule)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "LoadLibrary(netapi32.dll)");
|
|
}
|
|
|
|
pfnDsEnumerateDomainTrusts = (fnDsEnumerateDomainTrusts *) GetProcAddress(
|
|
hModule,
|
|
"DsEnumerateDomainTrustsW");
|
|
if (NULL == pfnDsEnumerateDomainTrusts)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "DsEnumerateDomainTrustsW");
|
|
}
|
|
|
|
pfnNetApiBufferFree = (fnNetApiBufferFree *) GetProcAddress(
|
|
hModule,
|
|
"NetApiBufferFree");
|
|
if(NULL == pfnNetApiBufferFree)
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "NetApiBufferFree");
|
|
}
|
|
|
|
hr = (*pfnDsEnumerateDomainTrusts)(
|
|
NULL,
|
|
DS_DOMAIN_PRIMARY,
|
|
&pDomainInfo,
|
|
&cDomainInfo);
|
|
_JumpIfError(hr, error, "DsEnumerateDomainTrusts");
|
|
|
|
CSASSERT(1==cDomainInfo);
|
|
|
|
rpsidDomain = (PSID)LocalAlloc(
|
|
LMEM_FIXED,
|
|
GetLengthSid(pDomainInfo->DomainSid));
|
|
_JumpIfAllocFailed(rpsidDomain, error);
|
|
|
|
CopySid(
|
|
GetLengthSid(pDomainInfo->DomainSid),
|
|
rpsidDomain,
|
|
pDomainInfo->DomainSid);
|
|
error:
|
|
if(pDomainInfo)
|
|
{
|
|
(*pfnNetApiBufferFree)(pDomainInfo);
|
|
}
|
|
if(hModule)
|
|
{
|
|
FreeLibrary(hModule);
|
|
}
|
|
return hr;
|
|
}
|
|
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
HRESULT myGetSidFromRid(
|
|
DWORD dwGroupRid,
|
|
OPTIONAL PSID *ppSid,
|
|
OPTIONAL LPWSTR* ppwszSid)
|
|
{
|
|
HRESULT hr;
|
|
LPWSTR pwszDomain = NULL;
|
|
LPWSTR pwszDomainSid = NULL;
|
|
PSID psidDomain = NULL;
|
|
LPWSTR pwszSid = NULL;
|
|
PSID psid = NULL;
|
|
static const cchRid = 10;
|
|
|
|
hr = myGetComputerDomainSid(psidDomain);
|
|
_JumpIfError(hr, error, "myGetComputerDomainSid");
|
|
|
|
if(!ConvertSidToStringSid(
|
|
psidDomain,
|
|
&pwszDomainSid))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "ConvertSidToStringSid");
|
|
}
|
|
myRegisterMemAlloc(pwszDomainSid, -1, CSM_LOCALALLOC);
|
|
|
|
pwszSid = (LPWSTR) LocalAlloc(LMEM_FIXED,
|
|
sizeof(WCHAR)*(wcslen(pwszDomainSid)+cchRid+2)); // add 2 for dash and '\0'
|
|
_JumpIfAllocFailed(pwszSid, error);
|
|
|
|
wsprintf(pwszSid, L"%s-%d", pwszDomainSid, dwGroupRid);
|
|
|
|
if(ppSid)
|
|
{
|
|
if(!ConvertStringSidToSid(
|
|
pwszSid,
|
|
&psid))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpErrorStr(hr, error, "ConvertSidToStringSid", pwszSid);
|
|
}
|
|
myRegisterMemAlloc(psid, -1, CSM_LOCALALLOC);
|
|
|
|
*ppSid = psid;
|
|
psid = NULL;
|
|
}
|
|
|
|
if(ppwszSid)
|
|
{
|
|
*ppwszSid = pwszSid;
|
|
pwszSid = NULL;
|
|
}
|
|
|
|
hr = S_OK;
|
|
|
|
error:
|
|
LOCAL_FREE(pwszDomain);
|
|
LOCAL_FREE(pwszDomainSid);
|
|
LOCAL_FREE(psidDomain);
|
|
LOCAL_FREE(psid);
|
|
LOCAL_FREE(pwszSid);
|
|
return hr;
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myEncodeUTF8(
|
|
IN WCHAR const *pwszIn,
|
|
OUT BYTE **ppbOut,
|
|
OUT DWORD *pcbOut)
|
|
{
|
|
HRESULT hr;
|
|
CERT_NAME_VALUE name;
|
|
|
|
*ppbOut = NULL;
|
|
name.dwValueType = CERT_RDN_UTF8_STRING;
|
|
name.Value.pbData = (BYTE *) pwszIn;
|
|
name.Value.cbData = 0;
|
|
|
|
if (!myEncodeObject(
|
|
X509_ASN_ENCODING,
|
|
X509_UNICODE_ANY_STRING,
|
|
&name,
|
|
0,
|
|
CERTLIB_USE_LOCALALLOC,
|
|
ppbOut,
|
|
pcbOut))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "myEncodeObject");
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myEncodeOtherNameBinary(
|
|
IN WCHAR const *pwszIn,
|
|
OUT BYTE **ppbOut,
|
|
OUT DWORD *pcbOut)
|
|
{
|
|
HRESULT hr;
|
|
CRYPT_DATA_BLOB blob;
|
|
|
|
*ppbOut = NULL;
|
|
blob.pbData = NULL;
|
|
|
|
if (0 == _wcsnicmp(wszPROPUTF8TAG, pwszIn, WSZARRAYSIZE(wszPROPUTF8TAG)))
|
|
{
|
|
hr = myEncodeUTF8(
|
|
&pwszIn[WSZARRAYSIZE(wszPROPUTF8TAG)],
|
|
ppbOut,
|
|
pcbOut);
|
|
_JumpIfError(hr, error, "Policy:myEncodeUTF8");
|
|
}
|
|
else
|
|
{
|
|
WCHAR const *pwsz;
|
|
BOOL fOctet = FALSE;
|
|
|
|
if (0 == _wcsnicmp(
|
|
wszPROPOCTETTAG,
|
|
pwszIn,
|
|
WSZARRAYSIZE(wszPROPOCTETTAG)))
|
|
{
|
|
pwsz = &pwszIn[WSZARRAYSIZE(wszPROPOCTETTAG)];
|
|
fOctet = TRUE;
|
|
}
|
|
else
|
|
if (0 == _wcsnicmp(wszPROPASNTAG, pwszIn, WSZARRAYSIZE(wszPROPASNTAG)))
|
|
{
|
|
pwsz = &pwszIn[WSZARRAYSIZE(wszPROPASNTAG)];
|
|
}
|
|
else
|
|
{
|
|
hr = HRESULT_FROM_WIN32(ERROR_DS_BAD_ATT_SCHEMA_SYNTAX);
|
|
_JumpError(hr, error, "Policy:polReencodeBinary");
|
|
}
|
|
|
|
// CryptStringToBinaryW(CRYPT_STRING_BASE64) fails on empty strings,
|
|
// because zero length means use wcslen + 1, which passes the L'\0'
|
|
// terminator to the base 64 conversion code.
|
|
|
|
if (L'\0' == *pwsz)
|
|
{
|
|
*ppbOut = (BYTE *) LocalAlloc(LMEM_FIXED, 0);
|
|
if (NULL == *ppbOut)
|
|
{
|
|
hr = E_OUTOFMEMORY;
|
|
_JumpError(hr, error, "LocalAlloc");
|
|
}
|
|
*pcbOut = 0;
|
|
}
|
|
else
|
|
{
|
|
hr = myCryptStringToBinary(
|
|
pwsz,
|
|
wcslen(pwsz),
|
|
CRYPT_STRING_BASE64,
|
|
ppbOut,
|
|
pcbOut,
|
|
NULL,
|
|
NULL);
|
|
_JumpIfError(hr, error, "myCryptStringToBinary");
|
|
}
|
|
|
|
if (fOctet)
|
|
{
|
|
blob.pbData = *ppbOut;
|
|
blob.cbData = *pcbOut;
|
|
*ppbOut = NULL;
|
|
|
|
if (!myEncodeObject(
|
|
X509_ASN_ENCODING,
|
|
X509_OCTET_STRING,
|
|
&blob,
|
|
0,
|
|
CERTLIB_USE_LOCALALLOC,
|
|
ppbOut,
|
|
pcbOut))
|
|
{
|
|
hr = myHLastError();
|
|
_JumpError(hr, error, "Policy:myEncodeObject");
|
|
}
|
|
}
|
|
}
|
|
hr = S_OK;
|
|
|
|
error:
|
|
if (NULL != blob.pbData)
|
|
{
|
|
LocalFree(blob.pbData);
|
|
}
|
|
return(hr);
|
|
}
|
|
|
|
|
|
// Wrappers to make sure zeroing memory survives compiler optimizations.
|
|
// Use to wipe private key and password data.
|
|
|
|
VOID
|
|
myZeroDataString(
|
|
IN WCHAR *pwsz)
|
|
{
|
|
HRESULT hr;
|
|
|
|
hr = S_OK;
|
|
__try
|
|
{
|
|
SecureZeroMemory(pwsz, wcslen(pwsz) * sizeof(*pwsz));
|
|
}
|
|
__except(hr = myHEXCEPTIONCODE(), EXCEPTION_EXECUTE_HANDLER)
|
|
{
|
|
_PrintError(hr, "Exception");
|
|
}
|
|
}
|
|
|
|
|
|
VOID
|
|
myZeroDataStringA(
|
|
IN char *psz)
|
|
{
|
|
HRESULT hr;
|
|
|
|
hr = S_OK;
|
|
__try
|
|
{
|
|
SecureZeroMemory(psz, strlen(psz) * sizeof(*psz));
|
|
}
|
|
__except(hr = myHEXCEPTIONCODE(), EXCEPTION_EXECUTE_HANDLER)
|
|
{
|
|
_PrintError(hr, "Exception");
|
|
}
|
|
}
|
|
|
|
|
|
// Locale-independent case-ignore string compare
|
|
|
|
int
|
|
mylstrcmpiL(
|
|
IN WCHAR const *pwsz1,
|
|
IN WCHAR const *pwsz2)
|
|
{
|
|
// CSTR_LESS_THAN(1) - CSTR_EQUAL(2) == -1 string 1 less than string 2
|
|
// CSTR_EQUAL(2) - CSTR_EQUAL(2) == 0 string 1 equal to string 2
|
|
// CSTR_GREATER_THAN(3) - CSTR_EQUAL(2) == 1 string 1 greater than string 2
|
|
|
|
return(CompareString(
|
|
IsWhistler()?
|
|
LOCALE_INVARIANT :
|
|
MAKELCID(
|
|
MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US),
|
|
SORT_DEFAULT),
|
|
NORM_IGNORECASE,
|
|
pwsz1,
|
|
-1,
|
|
pwsz2,
|
|
-1) -
|
|
CSTR_EQUAL);
|
|
}
|
|
|
|
// Locale-independent case-ignore string compare
|
|
// asserts the static string contains a strict subset of 7-bit ASCII characters.
|
|
|
|
int
|
|
mylstrcmpiS(
|
|
IN WCHAR const *pwszDynamic,
|
|
IN WCHAR const *pwszStatic)
|
|
{
|
|
#if DBG_CERTSRV
|
|
WCHAR const *pwszS;
|
|
|
|
for (pwszS = pwszStatic; L'\0' != *pwszS; pwszS++)
|
|
{
|
|
CSASSERT(L' ' <= *pwszS && L'~' >= *pwszS);
|
|
}
|
|
#endif //DBG_CERTSRV
|
|
|
|
return(mylstrcmpiL(pwszDynamic, pwszStatic));
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetLong(
|
|
WCHAR const *pwszIn,
|
|
LONG *pLong)
|
|
{
|
|
HRESULT hr = E_INVALIDARG;
|
|
WCHAR const *pwsz;
|
|
LONG l;
|
|
|
|
pwsz = pwszIn;
|
|
if (NULL == pwsz)
|
|
{
|
|
_JumpError(hr, error, "NULL parm");
|
|
}
|
|
if (L'\0' == *pwsz)
|
|
{
|
|
_JumpError(hr, error, "empty string");
|
|
}
|
|
if (L'0' == *pwsz && (L'x' == pwsz[1] || L'X' == pwsz[1]))
|
|
{
|
|
pwsz += 2;
|
|
l = 0;
|
|
for ( ; L'\0' != *pwsz; pwsz++)
|
|
{
|
|
if (!iswxdigit(*pwsz))
|
|
{
|
|
_JumpErrorStr(hr, error, "Non-hex digit", pwszIn);
|
|
}
|
|
l <<= 4;
|
|
if (iswdigit(*pwsz))
|
|
{
|
|
l |= *pwsz - L'0';
|
|
}
|
|
else if (L'A' <= *pwsz && L'F' >= *pwsz)
|
|
{
|
|
l |= *pwsz - L'A' + 10;
|
|
}
|
|
else
|
|
{
|
|
l |= *pwsz - L'a' + 10;
|
|
}
|
|
}
|
|
*pLong = l;
|
|
}
|
|
else
|
|
{
|
|
for ( ; L'\0' != *pwsz; pwsz++)
|
|
{
|
|
if (!iswdigit(*pwsz))
|
|
{
|
|
_JumpErrorStr2(hr, error, "Non-decimal digit", pwszIn, hr);
|
|
}
|
|
}
|
|
*pLong = _wtol(pwszIn);
|
|
}
|
|
hr = S_OK;
|
|
//wprintf(L"myGetLong(%ws) --> %x (%d)\n", pwszIn, *pLong, *pLong);
|
|
|
|
error:
|
|
return(hr);
|
|
}
|
|
|
|
|
|
HRESULT
|
|
myGetSignedLong(
|
|
WCHAR const *pwszIn,
|
|
LONG *pLong)
|
|
{
|
|
HRESULT hr = E_INVALIDARG;
|
|
WCHAR const *pwsz;
|
|
LONG sign = 1;
|
|
|
|
pwsz = pwszIn;
|
|
if (NULL == pwsz)
|
|
{
|
|
_JumpError(hr, error, "NULL parm");
|
|
}
|
|
if (myIsMinusSign(*pwsz))
|
|
{
|
|
pwsz++;
|
|
sign = -1;
|
|
}
|
|
else if (L'+' == *pwsz)
|
|
{
|
|
pwsz++;
|
|
}
|
|
hr = myGetLong(pwsz, pLong);
|
|
_JumpIfError2(hr, error, "myGetLong", hr);
|
|
|
|
*pLong *= sign;
|
|
//wprintf(L"myGetSignedLong(%ws) --> %x (%d)\n", pwszIn, *pLong, *pLong);
|
|
|
|
error:
|
|
return(hr);
|
|
}
|