archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
 
 
 
 
 
 
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetcore/wininet/inc/certcach.hxx

305 lines
6.5 KiB
Raw Blame History

/*++
Copyright (c) 1996 Microsoft Corporation
Module Name:
certcach.hxx
Abstract:
Contains class definition for certificate cache object.
The class acts a container for common certificates.
Contents:
SECURITY_CACHE_LIST
SECURITY_CACHE_LIST_ENTRY
Author:
Arthur L Bierer (arthurbi) 20-Apr-1996
Revision History:
20-Apr-1996 arthurbi
Created
--*/
//
// Flags, use wininet.w defined ones, so we don't collide.
//
#define CERTCACHE_FLAG_FOUND_CERT INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS
#define CERTCACHE_FLAG_IGNORE_CERT_CN_INVALID_SEND INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP
//
// SECURITY_INFO_LIST_ENTRY - contains all security info
// pertaining to all connections to a server.
//
class SECURITY_CACHE_LIST_ENTRY {
friend class SECURITY_CACHE_LIST;
private:
//
// _List - Generic List entry structure.
//
LIST_ENTRY _List;
//
// _cRef - Reference count for this element.
//
LONG _cRef;
//
// _CertInfo - Certificate and other security
// attributes for the connection to
// this machine.
//
INTERNET_SECURITY_INFO _CertInfo;
//
// _dwSecurityFlags - Overrides for warnings.
//
DWORD _dwSecurityFlags;
//
// _ServerName - The name of the server
//
ICSTRING _ServerName;
//
// _pCertChainList - If there is Client Authentication do be done with this server,
// then we'll cache it and remeber it later.
//
CERT_CONTEXT_ARRAY *_pCertContextArray;
//
// _fInCache - indicates this element is held by the cache
//
BOOL _fInCache;
//
// _fForceNewSession - indicates a new session needs to be negotiated
//
BOOL _fForceNewSession;
//
//
// _fValidateAll - easy way out to mark if all cert errors
// except revocation are being checked
//
BOOL _fValidateAll;
#if INET_DEBUG
DWORD m_Signature;
#endif
public:
LONG AddRef(VOID);
LONG Release(VOID);
//
// Cleans up object, so it can be reused
//
BOOL InCache() { return _fInCache; }
VOID
Clear();
VOID
SetForceNewSession(BOOL fForce) { _fForceNewSession = fForce; }
BOOL
GetForceNewSession(VOID) { return _fForceNewSession; }
VOID
SetFullyValidated(BOOL fValidateAll) { _fValidateAll = fValidateAll; }
BOOL
GetFullyValidated() { return _fValidateAll; }
SECURITY_CACHE_LIST_ENTRY(
IN LPSTR lpszHostName
);
~SECURITY_CACHE_LIST_ENTRY();
//
// Copy CERT_INFO IN Method -
// copies a structure into our object.
//
SECURITY_CACHE_LIST_ENTRY& operator=(LPINTERNET_SECURITY_INFO Cert)
{
if(_CertInfo.pCertificate)
{
CertFreeCertificateContext(_CertInfo.pCertificate);
}
_CertInfo.dwSize = sizeof(_CertInfo);
_CertInfo.pCertificate = CertDuplicateCertificateContext(Cert->pCertificate);
_CertInfo.dwProtocol = Cert->dwProtocol;
_CertInfo.aiCipher = Cert->aiCipher;
_CertInfo.dwCipherStrength = Cert->dwCipherStrength;
_CertInfo.aiHash = Cert->aiHash;
_CertInfo.dwHashStrength = Cert->dwHashStrength;
_CertInfo.aiExch = Cert->aiExch;
_CertInfo.dwExchStrength = Cert->dwExchStrength;
return *this;
}
//
// Copy CERT_INFO OUT Method -
// need to copy ourselves out.
//
VOID
CopyOut(INTERNET_SECURITY_INFO &Cert)
{
Cert.dwSize = sizeof(Cert);
Cert.pCertificate = CertDuplicateCertificateContext(_CertInfo.pCertificate);
Cert.dwProtocol = _CertInfo.dwProtocol;
Cert.aiCipher = _CertInfo.aiCipher;
Cert.dwCipherStrength = _CertInfo.dwCipherStrength;
Cert.aiHash = _CertInfo.aiHash;
Cert.dwHashStrength = _CertInfo.dwHashStrength;
Cert.aiExch = _CertInfo.aiExch;
Cert.dwExchStrength = _CertInfo.dwExchStrength;
}
//
// Sets and Gets the Client Authentication CertChain -
// we piggy back this pointer into the cache so we can cache
// previously generated and selected client auth certs.
//
VOID SetCertContextArray(CERT_CONTEXT_ARRAY *pCertContextArray) {
if (_pCertContextArray) {
delete _pCertContextArray;
}
_pCertContextArray = pCertContextArray;
}
CERT_CONTEXT_ARRAY * GetCertContextArray() {
return _pCertContextArray;
}
DWORD GetSecureFlags() {
return _dwSecurityFlags;
}
VOID SetSecureFlags(DWORD dwFlags) {
_dwSecurityFlags |= dwFlags;
}
VOID ClearSecureFlags(DWORD dwFlags) {
_dwSecurityFlags &= (~dwFlags);
}
LPSTR GetHostName(VOID) {
return _ServerName.StringAddress();
}
};
class SECURITY_CACHE_LIST {
private:
//
// _List - serialized list of SECURITY_CACHE_LIST_ENTRY objects
//
SERIALIZED_LIST _List;
#if INET_DEBUG
DWORD m_Signature;
#endif
public:
SECURITY_CACHE_LIST_ENTRY *
Find(
IN LPSTR lpszHostname
);
VOID Remove(
IN LPSTR lpszHostname
);
VOID Initialize(VOID) {
InitializeSerializedList(&_List);
#if INET_DEBUG
m_Signature = 0x4c436553; // "SeCL"
#endif
}
VOID Terminate(VOID) {
DEBUG_ENTER((DBG_OBJECTS,
None,
"SECURITY_CACHE_LIST::Terminate",
"{%#x}",
this
));
ClearList();
TerminateSerializedList(&_List);
DEBUG_LEAVE(0);
}
VOID
ClearList(
VOID
);
DWORD
Add(
IN SECURITY_CACHE_LIST_ENTRY * entry
);
VOID
ClearClientAuthCertChains(
VOID
);
#if 0
BOOL
IsCertInCache(
IN LPSTR lpszHostname
)
{
SECURITY_CACHE_LIST_ENTRY *entry =
Find(lpszHostname);
if ( entry )
return TRUE;
return FALSE;
}
#endif
};