archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
3.8 GiB
Tree: 1b390dddff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b390dddff'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/services/ca/certclib/cainfop.cpp

1266 lines
29 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+--------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1996 - 1999
  5. //
  6. // File: cainfop.cpp
  7. //
  8. // Contents:
  9. //
  10. //---------------------------------------------------------------------------
  11. #include "pch.cpp"
  13. #pragma hdrstop
  15. #include <certca.h>
  16. #include <lm.h>
  17. #include <cainfop.h>
  18. #include <cainfoc.h>
  21. #include <winldap.h>
  22. #include <ntlsa.h>
  23. #include <dsgetdc.h>
  24. #include <accctrl.h>
  26. #include "certacl.h"
  27. #include "oidmgr.h"
  28. #include "csldap.h"
  30. #define __dwFILE__ __dwFILE_CERTCLIB_CAINFOP_CPP__
  32. CRITICAL_SECTION g_csDomainSidCache;
  33. extern BOOL g_fInitDone;
  35. //we only keep one copy of the localSystem's sid
  36. PSID g_pLocalSid=NULL;
  39. #define DOMAIN_SID_CACHE_INC 10
  41. typedef struct _DOMAIN_SID_CACHE
  42. {
  43. LPWSTR wszDomain;
  44. PSID pSid;
  45. } DOMAIN_SID_CACHE, *PDOMAIN_SID_CACHE;
  47. PDOMAIN_SID_CACHE g_DomainSidCache = NULL;
  48. DWORD g_cDomainSidCache = 0;
  49. DWORD g_cMaxDomainSidCache = 0;
  52. LPWSTR g_pwszEnterpriseRoot = NULL;
  53. DWORD myGetEnterpriseDnsName(OUT LPWSTR *pwszDomain);
  55. HRESULT
  56. CAGetAuthoritativeDomainDn(
  57. IN LDAP* LdapHandle,
  58. OUT CERTSTR *DomainDn,
  59. OUT CERTSTR *ConfigDn
  60. )
  61. /*++
  63. Routine Description:
  65. This routine simply queries the operational attributes for the
  66. domaindn and configdn.
  68. The strings returned by this routine must be freed by the caller
  69. using RtlFreeHeap() using the process heap.
  71. Parameters:
  73. LdapHandle : a valid handle to an ldap session
  75. DomainDn : a pointer to a string to be allocated in this routine
  77. ConfigDn : a pointer to a string to be allocated in this routine
  79. Return Values:
  81. An error from the win32 error space.
  83. ERROR_SUCCESS and
  85. Other operation errors.
  87. --*/
  88. {
  89. HRESULT hr=E_FAIL;
  91. BSTR bstrDomainDN=NULL;
  92. BSTR bstrConfigDN=NULL;
  94. hr=myGetAuthoritativeDomainDn(LdapHandle, &bstrDomainDN, &bstrConfigDN);
  96. if(S_OK != hr)
  97. _JumpError(hr, error, "myGetAuthoritativeDomainDn");
  99. //convert BSTR to CERTSTR
  100. if(DomainDn)
  101. {
  102. (*DomainDn) = CertAllocString(bstrDomainDN);
  104. if(NULL == (*DomainDn))
  105. {
  106. hr=E_OUTOFMEMORY;
  107. _JumpError(hr, error, "CertAllocString");
  108. }
  109. }
  111. if(ConfigDn)
  112. {
  113. (*ConfigDn) = CertAllocString(bstrConfigDN);
  115. if(NULL == (*ConfigDn))
  116. {
  117. hr=E_OUTOFMEMORY;
  119. if(DomainDn)
  120. {
  121. if(*DomainDn)
  122. {
  123. CertFreeString(*DomainDn);
  124. *DomainDn=NULL;
  125. }
  126. }
  127. _JumpError(hr, error, "CertAllocString");
  128. }
  129. }
  131. hr=S_OK;
  133. error:
  135. if(bstrDomainDN)
  136. SysFreeString(bstrDomainDN);
  138. if(bstrConfigDN)
  139. SysFreeString(bstrConfigDN);
  141. return hr;
  142. }
  145. DWORD
  146. DNStoRFC1779Name(WCHAR *rfcDomain,
  147. ULONG *rfcDomainLength,
  148. LPCWSTR dnsDomain)
  149. /*++
  151. Routine Description:
  153. This routine takes the DNS-style name of a domain controller and
  154. contructs the corresponding RFC1779 style name, using the
  155. domainComponent prefix.
  157. Parameters:
  159. rfcDomain - this is the destination string
  160. rfcDomainLength - this is the length in wchars of rfcDomain
  161. dnsDomain - NULL-terminated dns name.
  163. Return Values:
  165. ERROR_SUCCESS if succesful;
  166. ERROR_INSUFFICIENT_BUFFER if there is not enough space in the dst string -
  167. rfcDomainLength will set to number of characters needed.
  169. --*/
  170. {
  171. DWORD WinError = ERROR_SUCCESS;
  173. WCHAR *NextToken;
  174. ULONG length = 1; // include the null character
  175. WCHAR Buffer[DNS_MAX_NAME_LENGTH+1];
  177. if (!rfcDomainLength || !dnsDomain) {
  178. return ERROR_INVALID_PARAMETER;
  179. }
  181. if (wcslen(dnsDomain) > DNS_MAX_NAME_LENGTH) {
  182. return ERROR_INVALID_PARAMETER;
  183. }
  185. RtlCopyMemory(Buffer, dnsDomain, (wcslen(dnsDomain)+1)*sizeof(WCHAR));
  187. if (rfcDomain && *rfcDomainLength > 0) {
  188. RtlZeroMemory(rfcDomain, *rfcDomainLength*sizeof(WCHAR));
  189. }
  191. //
  192. // Start contructing the string
  193. //
  194. NextToken = wcstok(Buffer, L".");
  196. if ( NextToken )
  197. {
  198. //
  199. // Append the intial DC=
  200. //
  201. length += 3;
  202. if ( length <= *rfcDomainLength && rfcDomain )
  203. {
  204. wcscpy(rfcDomain, L"DC=");
  205. }
  206. }
  208. while ( NextToken )
  209. {
  210. length += wcslen(NextToken);
  212. if (length <= *rfcDomainLength && rfcDomain)
  213. {
  214. wcscat(rfcDomain, NextToken);
  215. }
  217. NextToken = wcstok(NULL, L".");
  219. if ( NextToken )
  220. {
  221. length += 4;
  223. if (length <= *rfcDomainLength && rfcDomain)
  224. {
  225. wcscat(rfcDomain, L",DC=");
  226. }
  227. }
  228. }
  231. if ( length > *rfcDomainLength )
  232. {
  233. WinError = ERROR_INSUFFICIENT_BUFFER;
  234. }
  236. //
  237. // Return how much space was needed
  238. //
  239. *rfcDomainLength = length;
  241. return WinError;
  243. }
  246. VOID
  247. FreeSidCache()
  248. {
  249. if (NULL != g_DomainSidCache)
  250. {
  251. DWORD i;
  253. for (i = 0; i < g_cDomainSidCache; i++)
  254. {
  255. if (NULL != g_DomainSidCache[i].wszDomain)
  256. {
  257. LocalFree(g_DomainSidCache[i].wszDomain);
  258. }
  259. if (NULL != g_DomainSidCache[i].pSid)
  260. {
  261. LocalFree(g_DomainSidCache[i].pSid);
  262. }
  263. }
  264. LocalFree(g_DomainSidCache);
  265. g_DomainSidCache = NULL;
  266. }
  267. }
  270. DWORD
  271. myGetSidFromDomain(
  272. IN LPWSTR wszDomain,
  273. OUT PSID *ppDomainSid)
  274. {
  275. NTSTATUS dwStatus;
  276. DWORD dwErr = ERROR_SUCCESS;
  277. LSA_HANDLE hPolicy = NULL;
  278. LSA_UNICODE_STRING uszServer = {0};
  279. LSA_OBJECT_ATTRIBUTES oa;
  280. SECURITY_QUALITY_OF_SERVICE sqos;
  281. LSA_UNICODE_STRING uszDCName = {0}, *puszDCName = NULL;
  282. PPOLICY_DNS_DOMAIN_INFO pDomainInfo = NULL;
  283. PSID pSidOut = NULL;
  284. PDOMAIN_CONTROLLER_INFO pDcInfo = NULL;
  285. LPWSTR wszDomainControllerName = NULL;
  287. LPWSTR pwszDomain = wszDomain;
  289. if (!g_fInitDone)
  290. {
  291. return(HRESULT_FROM_WIN32(ERROR_DLL_INIT_FAILED));
  292. }
  294. __try
  295. {
  296. EnterCriticalSection(&g_csDomainSidCache);
  297. if(pwszDomain == NULL)
  298. {
  299. dwErr = myGetEnterpriseDnsName(&pwszDomain);
  300. if(dwErr != ERROR_SUCCESS)
  301. {
  302. _LeaveError(dwErr, "myGetEnterpriseDnsName");
  303. }
  304. }
  306. if(g_DomainSidCache && g_cDomainSidCache > 0)
  307. {
  308. DWORD i;
  309. for(i=0; i < g_cDomainSidCache; i++)
  310. {
  311. if(lstrcmpi(g_DomainSidCache[i].wszDomain, pwszDomain) == 0)
  312. {
  313. pSidOut = (PSID)LocalAlloc(LMEM_FIXED, GetLengthSid(g_DomainSidCache[i].pSid));
  314. if(pSidOut == NULL)
  315. {
  316. dwErr = ERROR_OUTOFMEMORY;
  317. _LeaveError(dwErr, "LocalAlloc");
  318. }
  320. CopySid(GetLengthSid(g_DomainSidCache[i].pSid), pSidOut, g_DomainSidCache[i].pSid);
  322. *ppDomainSid = pSidOut;
  323. pSidOut = NULL;
  324. __leave;
  325. }
  326. }
  327. }
  329. sqos.Length = sizeof(sqos);
  330. sqos.ImpersonationLevel = SecurityImpersonation;
  331. sqos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  332. sqos.EffectiveOnly = FALSE;
  334. InitializeObjectAttributes(&oa, NULL, 0, NULL, NULL);
  335. oa.SecurityQualityOfService = &sqos;
  337. dwErr = DsGetDcName(
  338. NULL,
  339. pwszDomain,
  340. NULL,
  341. NULL,
  342. DS_RETURN_DNS_NAME,
  343. &pDcInfo);
  344. if(dwErr != ERROR_SUCCESS)
  345. {
  346. _LeaveError(dwErr, "DsGetDcName");
  347. }
  348. if((pDcInfo == NULL) ||
  349. ((pDcInfo->Flags & DS_DNS_CONTROLLER_FLAG) == 0) ||
  350. (pDcInfo->DomainControllerName == NULL))
  351. {
  352. dwErr = ERROR_CANT_ACCESS_DOMAIN_INFO;
  353. _LeaveError(dwErr, "DsGetDcName");
  354. }
  357. wszDomainControllerName = pDcInfo->DomainControllerName;
  360. // skip past forward slashes (why are they there?)
  361. while(*wszDomainControllerName == L'\\')
  362. {
  363. wszDomainControllerName++;
  364. }
  366. if(!RtlCreateUnicodeString(&uszDCName, wszDomainControllerName))
  367. {
  368. dwErr = GetLastError();
  369. _LeaveError(dwErr, "RtlCreateUnicodeString");
  370. }
  371. puszDCName = &uszDCName;
  374. dwStatus = LsaOpenPolicy(puszDCName, &oa, POLICY_EXECUTE, &hPolicy);
  375. dwErr = LsaNtStatusToWinError(dwStatus);
  376. RtlFreeUnicodeString(&uszDCName);
  378. if(dwErr != ERROR_SUCCESS)
  379. {
  380. _LeaveError(dwErr, "LsaOpenPolicy");
  381. }
  382. dwStatus = LsaQueryInformationPolicy(hPolicy,
  383. PolicyDnsDomainInformation,
  384. (LPVOID *)&pDomainInfo);
  385. dwErr = LsaNtStatusToWinError(dwStatus);
  386. if(dwErr != ERROR_SUCCESS)
  387. {
  388. _LeaveError(dwErr, "LsaQueryInformationPolicy");
  389. }
  391. pSidOut = (PSID)LocalAlloc(LMEM_FIXED, GetLengthSid(pDomainInfo->Sid));
  392. if(pSidOut == NULL)
  393. {
  394. dwErr = ERROR_OUTOFMEMORY;
  395. _LeaveError(dwErr, "LocalAlloc");
  396. }
  398. CopySid(GetLengthSid(pDomainInfo->Sid), pSidOut, pDomainInfo->Sid);
  400. *ppDomainSid = pSidOut;
  401. pSidOut = NULL;
  405. // Add to the cache.
  407. if(g_cMaxDomainSidCache < g_cDomainSidCache+1)
  408. {
  409. // Grow the cache
  410. PDOMAIN_SID_CACHE pNewCache = NULL;
  411. DWORD cNewCacheSize = g_cMaxDomainSidCache+DOMAIN_SID_CACHE_INC;
  413. pNewCache = (PDOMAIN_SID_CACHE)LocalAlloc(LMEM_FIXED, sizeof(DOMAIN_SID_CACHE)*cNewCacheSize);
  414. if(pNewCache == NULL)
  415. {
  416. _LeaveError(dwErr, "LocalAlloc");
  417. }
  419. ZeroMemory(pNewCache, sizeof(DOMAIN_SID_CACHE)*cNewCacheSize);
  420. if(g_DomainSidCache)
  421. {
  422. if(g_cDomainSidCache)
  423. {
  424. CopyMemory(pNewCache, g_DomainSidCache, sizeof(DOMAIN_SID_CACHE)*g_cDomainSidCache);
  425. }
  426. LocalFree(g_DomainSidCache);
  427. }
  428. g_DomainSidCache = pNewCache;
  429. g_cMaxDomainSidCache = cNewCacheSize;
  430. }
  432. g_DomainSidCache[g_cDomainSidCache].pSid = (PSID)LocalAlloc(LMEM_FIXED, GetLengthSid(pDomainInfo->Sid));
  433. if(g_DomainSidCache[g_cDomainSidCache].pSid == NULL)
  434. {
  435. _LeaveError(dwErr, "LocalAlloc");
  436. }
  438. CopySid(GetLengthSid(pDomainInfo->Sid), g_DomainSidCache[g_cDomainSidCache].pSid, pDomainInfo->Sid);
  439. g_DomainSidCache[g_cDomainSidCache].wszDomain = (LPWSTR)LocalAlloc(LMEM_FIXED, sizeof(WCHAR)*(wcslen(pwszDomain)+1));
  440. if(g_DomainSidCache[g_cDomainSidCache].wszDomain == NULL)
  441. {
  442. LocalFree(g_DomainSidCache[g_cDomainSidCache].pSid);
  443. g_DomainSidCache[g_cDomainSidCache].pSid = NULL;
  444. _LeaveError(dwErr, "LocalAlloc");
  445. }
  446. wcscpy(g_DomainSidCache[g_cDomainSidCache].wszDomain, pwszDomain);
  447. g_cDomainSidCache++;
  448. }
  449. __except(dwErr = myHEXCEPTIONCODE(), EXCEPTION_EXECUTE_HANDLER)
  450. {
  451. }
  452. LeaveCriticalSection(&g_csDomainSidCache);
  454. if (NULL != pwszDomain && wszDomain != pwszDomain)
  455. {
  456. LocalFree(pwszDomain);
  457. }
  458. if (NULL != pDcInfo)
  459. {
  460. NetApiBufferFree(pDcInfo);
  461. }
  462. if (NULL != pDomainInfo)
  463. {
  464. LsaFreeMemory(pDomainInfo);
  465. }
  466. if (NULL != hPolicy)
  467. {
  468. LsaClose(hPolicy);
  469. }
  470. return dwErr;
  471. }
  474. // CACleanup is called multiple times!
  476. VOID
  477. CACleanup()
  478. {
  479. if (NULL != g_pwszEnterpriseRoot)
  480. {
  481. LocalFree(g_pwszEnterpriseRoot);
  482. g_pwszEnterpriseRoot = NULL;
  483. }
  484. if (NULL != g_pLocalSid)
  485. {
  486. FreeSid(g_pLocalSid);
  487. g_pLocalSid = NULL;
  488. }
  489. if (NULL != g_pwszEnterpriseRootOID)
  490. {
  491. LocalFree(g_pwszEnterpriseRootOID);
  492. g_pwszEnterpriseRootOID = NULL;
  493. }
  494. FreeSidCache();
  495. }
  498. DWORD
  499. myGetEnterpriseDnsName(
  500. OUT WCHAR **ppwszDomain)
  501. {
  502. HRESULT hr;
  503. LSA_HANDLE hPolicy = NULL;
  504. POLICY_DNS_DOMAIN_INFO *pDomainInfo = NULL;
  506. if (NULL == g_pwszEnterpriseRoot)
  507. {
  508. LSA_OBJECT_ATTRIBUTES oa;
  509. SECURITY_QUALITY_OF_SERVICE sqos;
  510. NTSTATUS dwStatus;
  512. sqos.Length = sizeof(sqos);
  513. sqos.ImpersonationLevel = SecurityImpersonation;
  514. sqos.ContextTrackingMode = SECURITY_DYNAMIC_TRACKING;
  515. sqos.EffectiveOnly = FALSE;
  517. InitializeObjectAttributes(&oa, NULL, 0, NULL, NULL);
  518. oa.SecurityQualityOfService = &sqos;
  520. dwStatus = LsaOpenPolicy(
  521. NULL,
  522. &oa,
  523. POLICY_READ | POLICY_EXECUTE,
  524. &hPolicy);
  525. hr = LsaNtStatusToWinError(dwStatus);
  526. _JumpIfError(hr, error, "LsaOpenPolicy");
  528. dwStatus = LsaQueryInformationPolicy(
  529. hPolicy,
  530. PolicyDnsDomainInformation,
  531. (VOID **) &pDomainInfo);
  532. hr = LsaNtStatusToWinError(dwStatus);
  533. _JumpIfError(hr, error, "LsaNtStatusToWinError");
  535. if (0 >= pDomainInfo->DnsForestName.Length ||
  536. NULL == pDomainInfo->DnsForestName.Buffer)
  537. {
  538. hr = ERROR_CANT_ACCESS_DOMAIN_INFO;
  539. _JumpError(hr, error, "DomainInfo");
  540. }
  542. hr = myDupString(
  543. pDomainInfo->DnsForestName.Buffer,
  544. &g_pwszEnterpriseRoot);
  545. _JumpIfError(hr, error, "myDupString");
  546. }
  547. hr = myDupString(g_pwszEnterpriseRoot, ppwszDomain);
  548. _JumpIfError(hr, error, "myDupString");
  550. error:
  551. if (NULL != pDomainInfo)
  552. {
  553. LsaFreeMemory(pDomainInfo);
  554. }
  555. if (NULL != hPolicy)
  556. {
  557. LsaClose(hPolicy);
  558. }
  559. return(hr);
  560. }
  563. CCAProperty::CCAProperty(LPCWSTR wszName)
  564. {
  565. m_awszValues = NULL;
  566. m_pNext = NULL;
  567. m_wszName = CertAllocString(wszName);
  568. }
  571. CCAProperty::~CCAProperty()
  572. {
  573. _Cleanup();
  574. }
  576. HRESULT CCAProperty::_Cleanup()
  577. {
  579. // NOTE: this should only be called via
  580. // DeleteChain
  582. if(m_wszName)
  583. {
  584. CertFreeString(m_wszName);
  585. m_wszName = NULL;
  586. }
  588. if(m_awszValues)
  589. {
  590. LocalFree(m_awszValues);
  591. m_awszValues = NULL;
  592. }
  595. m_pNext = NULL;
  596. return S_OK;
  598. }
  601. HRESULT CCAProperty::Find(LPCWSTR wszName, CCAProperty **ppCAProp)
  602. {
  603. CCAProperty *pCurrent = this;
  605. if((wszName == NULL) || (ppCAProp == NULL))
  606. {
  607. return E_POINTER;
  608. }
  610. if(this == NULL)
  611. {
  612. return E_POINTER;
  613. }
  615. if((m_wszName != NULL) &&(lstrcmpi(wszName, m_wszName) == 0))
  616. {
  617. *ppCAProp = this;
  618. return S_OK;
  619. }
  621. if(m_pNext)
  622. {
  623. return m_pNext->Find(wszName, ppCAProp);
  624. }
  625. // Didn't find one
  626. *ppCAProp = NULL;
  627. return HRESULT_FROM_WIN32(ERROR_NOT_FOUND);
  628. }
  631. HRESULT CCAProperty::Append(CCAProperty **ppCAPropChain, CCAProperty *pNewProp)
  632. {
  633. CCAProperty *pCurrent;
  635. if((ppCAPropChain == NULL) || (pNewProp == NULL))
  636. {
  637. return E_POINTER;
  638. }
  640. if(*ppCAPropChain == NULL)
  641. {
  642. *ppCAPropChain = pNewProp;
  643. return S_OK;
  644. }
  646. pCurrent = *ppCAPropChain;
  648. while(pCurrent->m_pNext != NULL)
  649. {
  650. pCurrent = pCurrent->m_pNext;
  651. }
  653. pCurrent->m_pNext = pNewProp;
  655. return S_OK;
  657. }
  660. HRESULT CCAProperty::GetValue(LPWSTR **pawszProperties)
  661. {
  662. HRESULT hr;
  664. if(pawszProperties == NULL)
  665. {
  666. return E_POINTER;
  667. }
  668. *pawszProperties = m_awszValues;
  669. m_awszValues = NULL;
  670. hr = SetValue(*pawszProperties);
  671. if(hr != S_OK)
  672. {
  673. m_awszValues = *pawszProperties;
  674. *pawszProperties = NULL;
  675. }
  676. return hr;
  677. }
  680. HRESULT CCAProperty::SetValue(LPWSTR *awszProperties)
  681. {
  682. DWORD cbStringTotal = 0;
  683. DWORD cStrings=1;
  684. WCHAR **pwszAttr;
  685. WCHAR *wszCurString;
  688. if(m_awszValues)
  689. {
  690. LocalFree(m_awszValues);
  691. m_awszValues = NULL;
  692. }
  693. if(NULL == awszProperties)
  694. {
  695. return S_OK;
  696. }
  698. for(pwszAttr = awszProperties; *pwszAttr != NULL; pwszAttr++)
  699. {
  700. cStrings += 1;
  701. cbStringTotal += (wcslen(*pwszAttr) + 1)*sizeof(WCHAR);
  702. }
  703. m_awszValues = (WCHAR **)LocalAlloc(LMEM_FIXED, cStrings*sizeof(WCHAR *) + cbStringTotal);
  705. if(m_awszValues == NULL)
  706. {
  707. return E_OUTOFMEMORY;
  708. }
  710. wszCurString = (WCHAR *)(m_awszValues + cStrings);
  712. cStrings = 0;
  714. for(pwszAttr = awszProperties; *pwszAttr != NULL; pwszAttr++)
  715. {
  716. m_awszValues[cStrings] = wszCurString;
  717. wcscpy(wszCurString, *pwszAttr);
  718. wszCurString += wcslen(wszCurString) + 1;
  719. cStrings += 1;
  720. }
  722. m_awszValues[cStrings] = NULL;
  724. return S_OK;
  725. }
  728. HRESULT CCAProperty::DeleteChain(CCAProperty **ppCAProp)
  729. {
  730. if(ppCAProp == NULL)
  731. {
  732. return E_POINTER;
  733. }
  734. if(*ppCAProp == NULL)
  735. {
  736. return S_OK;
  737. }
  738. DeleteChain(&(*ppCAProp)->m_pNext);
  740. delete *ppCAProp;
  741. return S_OK;
  743. }
  745. HRESULT CCAProperty::LoadFromRegValue(HKEY hkReg, LPCWSTR wszValue)
  746. {
  747. DWORD err;
  748. DWORD dwType;
  749. DWORD dwSize;
  750. DWORD cbStringTotal = 0;
  751. WCHAR **pwszAttr;
  752. WCHAR *wszCurString;
  753. CERTSTR bstrRegValue;
  754. HRESULT hr = S_OK;
  755. WCHAR *wszValues = NULL;
  758. if(m_awszValues)
  759. {
  760. LocalFree(m_awszValues);
  761. m_awszValues = NULL;
  762. }
  764. if((hkReg == NULL ) || (wszValue == NULL))
  765. {
  766. return E_POINTER;
  767. }
  770. err = RegQueryValueEx(hkReg,
  771. wszValue,
  772. NULL,
  773. &dwType,
  774. NULL,
  775. &dwSize);
  777. if(ERROR_SUCCESS != err)
  778. {
  779. hr = myHError(err);
  780. goto error;
  781. }
  783. if(sizeof(WCHAR) != dwSize)
  784. {
  785. switch(dwType)
  786. {
  787. case REG_SZ:
  788. m_awszValues = (WCHAR **)LocalAlloc(LMEM_FIXED, 2*sizeof(WCHAR *) + dwSize);
  789. if(m_awszValues == NULL)
  790. {
  791. hr = E_OUTOFMEMORY;
  792. goto error;
  793. }
  794. err = RegQueryValueEx(hkReg,
  795. wszValue,
  796. NULL,
  797. &dwType,
  798. (PBYTE)(m_awszValues+2),
  799. &dwSize);
  801. if(ERROR_SUCCESS != err)
  802. {
  803. hr = myHError(err);
  804. goto error;
  805. }
  806. m_awszValues[0] = (WCHAR *)(m_awszValues+2);
  807. m_awszValues[1] = NULL;
  809. break;
  811. case REG_MULTI_SZ:
  812. {
  813. WCHAR *wszCur;
  814. DWORD cStrings = 1;
  816. wszValues = (WCHAR *)LocalAlloc(LMEM_FIXED, dwSize);
  817. if(wszValues == NULL)
  818. {
  819. hr = E_OUTOFMEMORY;
  820. goto error;
  821. }
  822. err = RegQueryValueEx(hkReg,
  823. wszValue,
  824. NULL,
  825. &dwType,
  826. (PBYTE)wszValues,
  827. &dwSize);
  829. if(ERROR_SUCCESS != err)
  830. {
  831. hr = myHError(err);
  832. goto error;
  833. }
  834. wszCur = wszValues;
  835. while(wcslen(wszCur) > 0)
  836. {
  837. cStrings++;
  838. wszCur += wcslen(wszCur)+1;
  839. }
  840. m_awszValues = (WCHAR **)LocalAlloc(LMEM_FIXED, cStrings*sizeof(WCHAR *) + dwSize);
  841. if(m_awszValues == NULL)
  842. {
  843. hr = E_OUTOFMEMORY;
  844. goto error;
  845. }
  847. CopyMemory((PBYTE)(m_awszValues + cStrings), wszValues, dwSize);
  848. wszCur = (WCHAR *)(m_awszValues + cStrings);
  849. cStrings = 0;
  850. while(wcslen(wszCur) > 0)
  851. {
  852. m_awszValues[cStrings] = wszCur;
  853. cStrings++;
  854. wszCur += wcslen(wszCur)+1;
  855. }
  856. m_awszValues[cStrings] = NULL;
  857. break;
  858. }
  859. default:
  860. hr = HRESULT_FROM_WIN32(ERROR_INVALID_DATA);
  861. goto error;
  863. }
  864. }
  866. error:
  868. if(wszValues)
  869. {
  870. LocalFree(wszValues);
  871. }
  872. return hr;
  873. }
  876. HRESULT CCAProperty::UpdateToRegValue(HKEY hkReg, LPCWSTR wszValue)
  877. {
  878. DWORD err;
  879. DWORD dwType;
  880. DWORD dwSize;
  881. DWORD cbStringTotal = 0;
  882. WCHAR **pwszAttr;
  883. WCHAR *wszCurString;
  886. CERTSTR bstrRegValue = NULL;
  887. HRESULT hr = S_OK;
  890. if((hkReg == NULL ) || (wszValue == NULL))
  891. {
  892. return E_POINTER;
  893. }
  896. if(m_awszValues == NULL)
  897. {
  898. bstrRegValue = CertAllocString(TEXT(""));
  899. if(bstrRegValue == NULL)
  900. {
  901. hr = E_OUTOFMEMORY;
  902. goto error;
  903. }
  904. }
  905. else
  906. {
  907. LPWSTR *pwszCur = m_awszValues;
  908. LPWSTR wszCopy = NULL;
  909. DWORD cValues = 0;
  911. while(*pwszCur)
  912. {
  913. cValues += wcslen(*pwszCur) + 1;
  914. pwszCur++;
  915. }
  916. cValues++;
  917. bstrRegValue = CertAllocStringLen(NULL, cValues);
  918. if(bstrRegValue == NULL)
  919. {
  920. hr = E_OUTOFMEMORY;
  921. goto error;
  922. }
  924. pwszCur = m_awszValues;
  925. wszCopy = bstrRegValue;
  926. while(*pwszCur)
  927. {
  928. CopyMemory(wszCopy, *pwszCur, sizeof(WCHAR)*(wcslen(*pwszCur)+1));
  929. wszCopy += (wcslen(*pwszCur)+1);
  930. pwszCur++;
  931. }
  932. *wszCopy = NULL;
  933. }
  934. err = RegSetValueEx(hkReg,
  935. wszValue,
  936. NULL,
  937. REG_MULTI_SZ,
  938. (PBYTE)bstrRegValue,
  939. CertStringByteLen(bstrRegValue));
  940. if(ERROR_SUCCESS != err )
  941. {
  942. hr = myHError(err);
  943. goto error;
  944. }
  946. error:
  948. if(bstrRegValue)
  949. {
  950. CertFreeString(bstrRegValue);
  951. }
  953. return hr;
  954. }
  956. HRESULT CertFreeString(CERTSTR cstrString)
  957. {
  958. WCHAR *pData = (WCHAR *)(((PBYTE)cstrString)-sizeof(UINT));
  959. if(cstrString == NULL)
  960. {
  961. return E_POINTER;
  962. }
  963. LocalFree(pData);
  964. return S_OK;
  965. }
  967. CERTSTR CertAllocString(LPCWSTR wszString)
  968. {
  969. if(wszString == NULL)
  970. {
  971. return NULL;
  972. }
  973. return CertAllocStringLen(wszString, wcslen(wszString)+1);
  974. }
  977. CERTSTR CertAllocStringLen(LPCWSTR wszString, UINT len)
  978. {
  979. CERTSTR szResult;
  980. szResult = CertAllocStringByteLen(NULL, len*sizeof(WCHAR));
  981. if (NULL != szResult && NULL != wszString)
  982. {
  983. CopyMemory(szResult, wszString, min(wcslen(wszString)+1, len)*sizeof(WCHAR));
  984. }
  986. return szResult;
  987. }
  989. CERTSTR CertAllocStringByteLen(LPCSTR szString, UINT len)
  990. {
  991. PBYTE pbResult;
  993. pbResult = (PBYTE)LocalAlloc(LMEM_FIXED, len + sizeof(UINT) + sizeof(WCHAR));
  994. if (NULL == pbResult)
  995. return NULL;
  997. *((UINT *)pbResult) = len;
  998. pbResult += sizeof(UINT);
  1000. *((UNALIGNED WCHAR *)(pbResult+len)) = L'\0';
  1001. if(szString)
  1002. {
  1003. CopyMemory(pbResult, szString, min(len, strlen(szString)+1));
  1004. }
  1006. return (CERTSTR)pbResult;
  1007. }
  1009. UINT CertStringLen(CERTSTR cstrString)
  1010. {
  1011. if(cstrString == NULL)
  1012. {
  1013. return 0;
  1014. }
  1015. return(*((UINT *)((PBYTE)cstrString - sizeof(UINT))))/sizeof(WCHAR);
  1016. }
  1018. UINT CertStringByteLen(CERTSTR cstrString)
  1019. {
  1020. if(cstrString == NULL)
  1021. {
  1022. return 0;
  1023. }
  1024. return(*((UINT *)((PBYTE)cstrString - sizeof(UINT))));
  1025. }
  1031. HRESULT CAAccessCheckp(HANDLE ClientToken, PSECURITY_DESCRIPTOR pSD)
  1032. {
  1033. return CAAccessCheckpEx(ClientToken, pSD, CERTTYPE_ACCESS_CHECK_ENROLL);
  1034. }
  1037. HRESULT CAAccessCheckpEx(HANDLE ClientToken, PSECURITY_DESCRIPTOR pSD, DWORD dwOption)
  1038. {
  1040. HRESULT hr = S_OK;
  1041. HANDLE hClientToken = NULL;
  1042. HANDLE hHandle = NULL;
  1044. PRIVILEGE_SET ps;
  1045. DWORD dwPSSize = sizeof(ps);
  1046. GENERIC_MAPPING AccessMapping;
  1047. BOOL fAccessAllowed = FALSE;
  1048. DWORD grantAccess;
  1049. PTOKEN_USER pUserInfo = NULL;
  1050. DWORD cbUserInfo = 0;
  1051. SID_IDENTIFIER_AUTHORITY IDAuthorityNT = SECURITY_NT_AUTHORITY;
  1052. OBJECT_TYPE_LIST aObjectTypeList[] = {
  1053. {
  1054. ACCESS_OBJECT_GUID, // Level
  1055. 0, // Sbz
  1056. const_cast<GUID *>(&GUID_ENROLL)
  1057. }
  1058. };
  1059. DWORD cObjectTypeList = sizeof(aObjectTypeList)/sizeof(aObjectTypeList[0]);
  1062. OBJECT_TYPE_LIST aAutoEnrollList[] = {
  1063. {
  1064. ACCESS_OBJECT_GUID, // Level
  1065. 0, // Sbz
  1066. const_cast<GUID *>(&GUID_AUTOENROLL)
  1067. }
  1068. };
  1069. DWORD cAutoEnrollList = sizeof(aAutoEnrollList)/sizeof(aAutoEnrollList[0]);
  1072. if(pSD == NULL)
  1073. {
  1074. hr = E_ACCESSDENIED;
  1075. goto error;
  1076. }
  1078. if(ClientToken == NULL)
  1079. {
  1080. hHandle = GetCurrentThread();
  1081. if (NULL == hHandle)
  1082. {
  1083. hr = myHLastError();
  1084. }
  1085. else
  1086. {
  1088. if (!OpenThreadToken(hHandle,
  1089. TOKEN_QUERY,
  1090. TRUE, // open as self
  1091. &hClientToken))
  1092. {
  1093. hr = myHLastError();
  1094. CloseHandle(hHandle);
  1095. hHandle = NULL;
  1096. }
  1097. }
  1098. if(hr != S_OK)
  1099. {
  1100. hHandle = GetCurrentProcess();
  1101. if (NULL == hHandle)
  1102. {
  1103. hr = myHLastError();
  1104. }
  1105. else
  1106. {
  1107. HANDLE hProcessToken = NULL;
  1108. hr = S_OK;
  1111. if (!OpenProcessToken(hHandle,
  1112. TOKEN_DUPLICATE,
  1113. &hProcessToken))
  1114. {
  1115. hr = myHLastError();
  1116. CloseHandle(hHandle);
  1117. hHandle = NULL;
  1118. }
  1119. else
  1120. {
  1121. if(!DuplicateToken(hProcessToken,
  1122. SecurityImpersonation,
  1123. &hClientToken))
  1124. {
  1125. hr = myHLastError();
  1126. CloseHandle(hHandle);
  1127. hHandle = NULL;
  1128. }
  1129. CloseHandle(hProcessToken);
  1130. }
  1131. }
  1132. }
  1133. }
  1134. else
  1135. {
  1136. hClientToken = ClientToken;
  1137. }
  1140. // First, we check the special case. If the ClientToken
  1141. // primary SID is for Local System, then we get the
  1142. // real domain relative sid for this machine
  1144. GetTokenInformation(hClientToken, TokenUser, NULL, 0, &cbUserInfo);
  1145. if(cbUserInfo == 0)
  1146. {
  1147. hr = myHLastError();
  1148. goto error;
  1149. }
  1150. pUserInfo = (PTOKEN_USER)LocalAlloc(LMEM_FIXED, cbUserInfo);
  1151. if(pUserInfo == NULL)
  1152. {
  1153. hr = E_OUTOFMEMORY;
  1154. goto error;
  1155. }
  1156. if(!GetTokenInformation(hClientToken, TokenUser, pUserInfo, cbUserInfo, &cbUserInfo))
  1157. {
  1158. hr = myHLastError();
  1159. goto error;
  1160. }
  1162. // Check it see if we're local-system
  1163. if(0 == (CERTTYPE_ACCESS_CHECK_NO_MAPPING & dwOption))
  1164. {
  1165. if(NULL == g_pLocalSid)
  1166. {
  1167. if(!AllocateAndInitializeSid(&IDAuthorityNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0,0,0,0,0,0,0, &g_pLocalSid))
  1168. {
  1169. hr = myHLastError();
  1170. g_pLocalSid=NULL;
  1171. goto error;
  1172. }
  1173. }
  1175. if(EqualSid(g_pLocalSid, pUserInfo->User.Sid))
  1176. {
  1177. // This is local system.
  1178. // Derive the real token
  1180. if(hClientToken != ClientToken)
  1181. {
  1182. CloseHandle(hClientToken);
  1183. }
  1184. hClientToken = NULL;
  1186. if(!myNetLogonUser(NULL, NULL, NULL, &hClientToken))
  1187. {
  1188. hr = myHLastError();
  1189. goto error;
  1190. }
  1191. }
  1192. }
  1194. if(CERTTYPE_ACCESS_CHECK_ENROLL & dwOption)
  1195. {
  1196. if(!AccessCheckByType(
  1197. pSD, // security descriptor
  1198. NULL, // SID of object being checked
  1199. hClientToken, // handle to client access token
  1200. ACTRL_DS_CONTROL_ACCESS, // requested access rights
  1201. aObjectTypeList, // array of object types
  1202. cObjectTypeList, // number of object type elements
  1203. &AccessMapping, // map generic to specific rights
  1204. &ps, // receives privileges used
  1205. &dwPSSize, // size of privilege-set buffer
  1206. &grantAccess, // retrieves mask of granted rights
  1207. &fAccessAllowed)) // retrieves results of access check);
  1208. {
  1209. hr = myHLastError();
  1210. _JumpIfError(hr, error, "AccessCheckByType");
  1211. }
  1212. }
  1213. else
  1214. {
  1215. if(0 == (CERTTYPE_ACCESS_CHECK_AUTO_ENROLL & dwOption))
  1216. {
  1217. hr=E_INVALIDARG;
  1218. goto error;
  1219. }
  1221. if(!AccessCheckByType(
  1222. pSD, // security descriptor
  1223. NULL, // SID of object being checked
  1224. hClientToken, // handle to client access token
  1225. ACTRL_DS_CONTROL_ACCESS, // requested access rights
  1226. aAutoEnrollList, // array of object types
  1227. cAutoEnrollList, // number of object type elements
  1228. &AccessMapping, // map generic to specific rights
  1229. &ps, // receives privileges used
  1230. &dwPSSize, // size of privilege-set buffer
  1231. &grantAccess, // retrieves mask of granted rights
  1232. &fAccessAllowed)) // retrieves results of access check);
  1233. {
  1234. hr = myHLastError();
  1235. _JumpIfError(hr, error, "AccessCheckByType");
  1236. }
  1237. }
  1239. if(fAccessAllowed)
  1240. {
  1241. hr = S_OK;
  1242. }
  1243. else
  1244. {
  1245. hr = myHLastError();
  1246. }
  1249. error:
  1250. if(pUserInfo)
  1251. {
  1252. LocalFree(pUserInfo);
  1253. }
  1254. if(hHandle)
  1255. {
  1256. CloseHandle(hHandle);
  1257. }
  1258. if(hClientToken != ClientToken)
  1259. {
  1260. if(hClientToken)
  1261. {
  1262. CloseHandle(hClientToken);
  1263. }
  1264. }
  1265. return hr;
  1266. }