Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

286 lines
6.0 KiB

/*++
Copyright (c) 1996 Microsoft Corporation
Module Name:
certcach.hxx
Abstract:
Contains class definition for certificate cache object.
The class acts a container for common certificates.
Contents:
SECURITY_CACHE_LIST
SECURITY_CACHE_LIST_ENTRY
Author:
Arthur L Bierer (arthurbi) 20-Apr-1996
Revision History:
20-Apr-1996 arthurbi
Created
--*/
//
// SECURITY_INFO_LIST_ENTRY - contains all security info
// pertaining to all connections to a server.
//
class SECURITY_CACHE_LIST_ENTRY {
friend class SECURITY_CACHE_LIST;
private:
//
// _List - Generic List entry structure.
//
LIST_ENTRY _List;
//
// _cRef - Reference count for this element.
//
LONG _cRef;
//
// _CertInfo - Certificate and other security
// attributes for the connection to
// this machine.
//
INTERNET_SECURITY_INFO _CertInfo;
//
// _dwSecurityFlags - Overrides for warnings.
//
DWORD _dwSecurityFlags;
//
// _dwStatusFlags - Tracker for all secure connection failure flags.
//
DWORD _dwStatusFlags;
//
// _ServerName - The name of the server
//
ICSTRING _ServerName;
//
// _pCertChainList - If there is Client Authentication do be done with this server,
// then we'll cache it and remeber it later.
//
CERT_CONTEXT_ARRAY *_pCertContextArray;
//
// _fInCache - indicates this element is held by the cache
//
BOOL _fInCache;
#if INET_DEBUG
DWORD m_Signature;
#endif
public:
LONG AddRef(VOID);
LONG Release(VOID);
//
// Cleans up object, so it can be reused
//
BOOL InCache() { return _fInCache; }
VOID
Clear();
SECURITY_CACHE_LIST_ENTRY(
IN LPSTR lpszHostName
);
~SECURITY_CACHE_LIST_ENTRY();
//
// Copy CERT_INFO IN Method -
// copies a structure into our object.
//
SECURITY_CACHE_LIST_ENTRY& operator=(LPINTERNET_SECURITY_INFO Cert)
{
if(_CertInfo.pCertificate)
{
WRAP_REVERT_USER_VOID(CertFreeCertificateContext,
(_CertInfo.pCertificate));
}
_CertInfo.dwSize = sizeof(_CertInfo);
WRAP_REVERT_USER(CertDuplicateCertificateContext,
(Cert->pCertificate),
_CertInfo.pCertificate);
_CertInfo.dwProtocol = Cert->dwProtocol;
_CertInfo.aiCipher = Cert->aiCipher;
_CertInfo.dwCipherStrength = Cert->dwCipherStrength;
_CertInfo.aiHash = Cert->aiHash;
_CertInfo.dwHashStrength = Cert->dwHashStrength;
_CertInfo.aiExch = Cert->aiExch;
_CertInfo.dwExchStrength = Cert->dwExchStrength;
return *this;
}
//
// Copy CERT_INFO OUT Method -
// need to copy ourselves out.
//
VOID
CopyOut(INTERNET_SECURITY_INFO &Cert)
{
Cert.dwSize = sizeof(Cert);
WRAP_REVERT_USER(CertDuplicateCertificateContext,
(_CertInfo.pCertificate),
Cert.pCertificate);
Cert.dwProtocol = _CertInfo.dwProtocol;
Cert.aiCipher = _CertInfo.aiCipher;
Cert.dwCipherStrength = _CertInfo.dwCipherStrength;
Cert.aiHash = _CertInfo.aiHash;
Cert.dwHashStrength = _CertInfo.dwHashStrength;
Cert.aiExch = _CertInfo.aiExch;
Cert.dwExchStrength = _CertInfo.dwExchStrength;
}
//
// Sets and Gets the Client Authentication CertChain -
// we piggy back this pointer into the cache so we can cache
// previously generated and selected client auth certs.
//
VOID SetCertContextArray(CERT_CONTEXT_ARRAY *pCertContextArray) {
if (_pCertContextArray) {
delete _pCertContextArray;
}
_pCertContextArray = pCertContextArray;
}
CERT_CONTEXT_ARRAY * GetCertContextArray() {
return _pCertContextArray;
}
DWORD GetSecureFlags() {
return _dwSecurityFlags;
}
VOID SetSecureFlags(DWORD dwFlags) {
_dwSecurityFlags |= dwFlags;
}
VOID ClearSecureFlags(DWORD dwFlags) {
_dwSecurityFlags &= (~dwFlags);
}
DWORD GetStatusFlags(VOID)
{
return _dwStatusFlags;
}
VOID SetStatusFlags(DWORD dwFlags)
{
_dwStatusFlags |= dwFlags;
}
VOID ClearStatusFlags(DWORD dwFlags)
{
_dwStatusFlags &= (~dwFlags);
}
};
class SECURITY_CACHE_LIST {
private:
//
// _List - serialized list of SECURITY_CACHE_LIST_ENTRY objects
//
SERIALIZED_LIST _List;
#if INET_DEBUG
DWORD m_Signature;
#endif
public:
SECURITY_CACHE_LIST_ENTRY *
Find(
IN LPSTR lpszHostname
);
VOID Initialize(VOID) {
InitializeSerializedList(&_List);
#if INET_DEBUG
m_Signature = 0x4c436553; // "SeCL"
#endif
}
VOID Terminate(VOID) {
DEBUG_ENTER((DBG_OBJECTS,
None,
"SECURITY_CACHE_LIST::Terminate",
"{%#x}",
this
));
ClearList();
TerminateSerializedList(&_List);
DEBUG_LEAVE(0);
}
VOID
ClearList(
VOID
);
DWORD
Add(
IN SECURITY_CACHE_LIST_ENTRY * entry
);
#if 0
BOOL
IsCertInCache(
IN LPSTR lpszHostname
)
{
SECURITY_CACHE_LIST_ENTRY *entry =
Find(lpszHostname);
if ( entry )
return TRUE;
return FALSE;
}
#endif
};