Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

282 lines
5.6 KiB

  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows NT Security
  4. // Copyright (C) Microsoft Corporation, 1997 - 1999
  5. //
  6. // File: defce.h
  7. //
  8. // Contents: Default Chain Engine Manager
  9. //
  10. // History: 21-Apr-98 kirtd Created
  11. //
  12. //----------------------------------------------------------------------------
  13. #if !defined(__DEFCE_H__)
  14. #define __DEFCE_H__
  15. //
  16. // Forward class declarations
  17. //
  18. class CDefaultChainEngineMgr;
  19. class CImpersonationEngine;
  20. //
  21. // Class pointer definitions
  22. //
  23. typedef CDefaultChainEngineMgr* PCDEFAULTCHAINENGINEMGR;
  24. typedef CImpersonationEngine* PCIMPERSONATIONENGINE;
  25. //
  26. // Some default definitions
  27. //
  28. #define DEFAULT_ENGINE_URL_RETRIEVAL_TIMEOUT 15000
  29. //
  30. // CDefaultChainEngineMgr. Manage the default chain engines
  31. //
  32. class CDefaultChainEngineMgr
  33. {
  34. public:
  35. //
  36. // Constructor
  37. //
  38. CDefaultChainEngineMgr ();
  39. ~CDefaultChainEngineMgr ();
  40. //
  41. // Initialization
  42. //
  43. BOOL Initialize ();
  44. VOID Uninitialize ();
  45. //
  46. // Get default chain engines
  47. //
  48. BOOL GetDefaultEngine (
  49. IN HCERTCHAINENGINE hDefaultHandle,
  50. OUT HCERTCHAINENGINE* phDefaultEngine
  51. );
  52. BOOL GetDefaultLocalMachineEngine (
  53. OUT HCERTCHAINENGINE* phDefaultEngine
  54. );
  55. BOOL GetDefaultCurrentUserEngine (
  56. OUT HCERTCHAINENGINE* phDefaultEngine
  57. );
  58. //
  59. // Flush default engines
  60. //
  61. VOID FlushDefaultEngine (IN HCERTCHAINENGINE hDefaultHandle);
  62. private:
  63. //
  64. // Lock
  65. //
  66. CRITICAL_SECTION m_Lock;
  67. //
  68. // Local Machine Default Engine
  69. //
  70. HCERTCHAINENGINE m_hLocalMachineEngine;
  71. //
  72. // Process User Default Engine
  73. //
  74. HCERTCHAINENGINE m_hProcessUserEngine;
  75. //
  76. // Impersonated Users Default Engine Cache
  77. //
  78. HLRUCACHE m_hImpersonationCache;
  79. //
  80. // Private methods
  81. //
  82. BOOL GetDefaultCurrentImpersonatedUserEngine (
  83. IN HANDLE hUserToken,
  84. OUT HCERTCHAINENGINE* phDefaultEngine
  85. );
  86. BOOL IsImpersonatingUser (
  87. OUT HANDLE* phUserToken
  88. );
  89. BOOL GetTokenId (
  90. IN HANDLE hUserToken,
  91. OUT PCRYPT_DATA_BLOB pTokenId
  92. );
  93. VOID FreeTokenId (
  94. IN PCRYPT_DATA_BLOB pTokenId
  95. );
  96. BOOL FindImpersonationEngine (
  97. IN PCRYPT_DATA_BLOB pTokenId,
  98. OUT PCIMPERSONATIONENGINE* ppEngine
  99. );
  100. // NOTE: The impersonation engine accepts ownership of the chain engine
  101. // upon success
  102. BOOL CreateImpersonationEngine (
  103. IN PCRYPT_DATA_BLOB pTokenId,
  104. IN HCERTCHAINENGINE hChainEngine,
  105. OUT PCIMPERSONATIONENGINE* ppEngine
  106. );
  107. VOID AddToImpersonationCache (
  108. IN PCIMPERSONATIONENGINE pEngine
  109. );
  110. };
  111. VOID WINAPI
  112. DefaultChainEngineMgrOnImpersonationEngineRemoval (
  113. IN LPVOID pv,
  114. IN LPVOID pvRemovalContext
  115. );
  116. DWORD WINAPI
  117. DefaultChainEngineMgrHashTokenIdentifier (
  118. IN PCRYPT_DATA_BLOB pIdentifier
  119. );
  120. #define DEFAULT_IMPERSONATION_CACHE_BUCKETS 3
  121. #define MAX_IMPERSONATION_CACHE_ENTRIES 3
  122. //
  123. // CImpersonationEngine, simply a ref-counted chain engine handle which
  124. // can be added to the LRU cache
  125. //
  126. class CImpersonationEngine
  127. {
  128. public:
  129. //
  130. // Constructor
  131. //
  132. CImpersonationEngine (
  133. IN HLRUCACHE hCache,
  134. IN HCERTCHAINENGINE hChainEngine,
  135. IN PCRYPT_DATA_BLOB pTokenId,
  136. OUT BOOL& rfResult
  137. );
  138. ~CImpersonationEngine ();
  139. //
  140. // Reference counting
  141. //
  142. inline VOID AddRef ();
  143. inline VOID Release ();
  144. //
  145. // Access to the chain engine
  146. //
  147. inline HCERTCHAINENGINE ChainEngine ();
  148. //
  149. // Access to the LRU entry handle
  150. //
  151. inline HLRUENTRY LruEntry ();
  152. private:
  153. //
  154. // Reference count
  155. //
  156. ULONG m_cRefs;
  157. //
  158. // Chain Engine
  159. //
  160. HCERTCHAINENGINE m_hChainEngine;
  161. //
  162. // LRU entry handle
  163. //
  164. HLRUENTRY m_hLruEntry;
  165. };
  166. //
  167. // Inline methods
  168. //
  169. //+---------------------------------------------------------------------------
  170. //
  171. // Member: CImpersonationEngine::AddRef, public
  172. //
  173. // Synopsis: add a reference to the object
  174. //
  175. //----------------------------------------------------------------------------
  176. inline VOID
  177. CImpersonationEngine::AddRef ()
  178. {
  179. InterlockedIncrement( (LONG *)&m_cRefs );
  180. }
  181. //+---------------------------------------------------------------------------
  182. //
  183. // Member: CImpersonationEngine::Release, public
  184. //
  185. // Synopsis: release a reference on the object
  186. //
  187. //----------------------------------------------------------------------------
  188. inline VOID
  189. CImpersonationEngine::Release ()
  190. {
  191. if ( InterlockedDecrement( (LONG *)&m_cRefs ) == 0 )
  192. {
  193. delete this;
  194. }
  195. }
  196. //+---------------------------------------------------------------------------
  197. //
  198. // Member: CImpersonationEngine::ChainEngine, public
  199. //
  200. // Synopsis: return the cert chain engine
  201. //
  202. //----------------------------------------------------------------------------
  203. inline HCERTCHAINENGINE
  204. CImpersonationEngine::ChainEngine ()
  205. {
  206. return( m_hChainEngine );
  207. }
  208. //+---------------------------------------------------------------------------
  209. //
  210. // Member: CImpersonationEngine::LruEntry, public
  211. //
  212. // Synopsis: return the LRU entry handle
  213. //
  214. //----------------------------------------------------------------------------
  215. inline HLRUENTRY
  216. CImpersonationEngine::LruEntry ()
  217. {
  218. return( m_hLruEntry );
  219. }
  220. #endif