archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ias/protocol/radius/valproxy.cpp

369 lines
8.9 KiB
Raw Normal View History

Add source files
4 years ago
  1. //#--------------------------------------------------------------
  2. //
  3. // File: valproxy.cpp
  4. //
  5. // Synopsis: Implementation of CValProxy class methods
  6. //
  7. //
  8. // History: 9/23/97 MKarki Created
  9. //
  10. // Copyright (C) 1997-2001 Microsoft Corporation
  11. // All rights reserved.
  12. //
  13. //----------------------------------------------------------------
  14. #include "radcommon.h"
  15. #include "valproxy.h"
  16. #include "radpkt.h"
  18. //++--------------------------------------------------------------
  19. //
  20. // Function: CValProxy
  21. //
  22. // Synopsis: This is the constructor of the CValProxy
  23. // class
  24. //
  25. // Arguments: NONE
  26. //
  27. // Returns: NONE
  28. //
  29. //
  30. // History: MKarki Created 9/28/97
  31. //
  32. //----------------------------------------------------------------
  33. CValProxy::CValProxy(
  34. VOID
  35. )
  36. : m_pCProxyState (NULL),
  37. m_pCSendToPipe (NULL)
  38. {
  39. } // end of CValProxy constructor
  41. //++--------------------------------------------------------------
  42. //
  43. // Function: ~CValProxy
  44. //
  45. // Synopsis: This is the destructor of the CValProxy
  46. // class
  47. //
  48. // Arguments: NONE
  49. //
  50. // Returns: NONE
  51. //
  52. //
  53. // History: MKarki Created 9/28/97
  54. //
  55. //----------------------------------------------------------------
  56. CValProxy::~CValProxy(
  57. VOID
  58. )
  59. {
  60. } // end of CValProxy destructor
  62. //++--------------------------------------------------------------
  63. //
  64. // Function: Init
  65. //
  66. // Synopsis: This is the CValProxy public method used
  67. // in initialization of the class object
  68. //
  69. // Arguments: NONE
  70. //
  71. // Returns: status
  72. //
  73. //
  74. // History: MKarki Created 9/28/97
  75. //
  76. //----------------------------------------------------------------
  77. BOOL
  78. CValProxy::Init (
  79. CValAttributes *pCValAttributes,
  80. CPreProcessor *pCPreProcessor,
  81. CClients *pCClients,
  82. CHashMD5 *pCHashMD5,
  83. CProxyState *pCProxyState,
  84. CSendToPipe *pCSendToPipe,
  85. CReportEvent *pCReportEvent
  86. )
  87. {
  88. BOOL bRetVal = FALSE;
  89. BOOL bStatus = FALSE;
  91. __try
  92. {
  94. //
  95. // call the base classes init method
  96. //
  97. bStatus = CValidator::Init (
  98. pCValAttributes,
  99. pCPreProcessor,
  100. pCClients,
  101. pCHashMD5,
  102. pCReportEvent
  103. );
  104. if (FALSE == bStatus) { __leave; }
  107. //
  108. // set the proxy state
  109. //
  110. m_pCProxyState = pCProxyState;
  112. m_pCSendToPipe = pCSendToPipe;
  114. //
  115. // initalization complete
  116. //
  117. bRetVal = TRUE;
  118. }
  119. __finally
  120. {
  121. //
  122. // nothing here for now
  123. //
  124. }
  126. return (bRetVal);
  128. } // end of CValProxy::Init method
  130. //++--------------------------------------------------------------
  131. //
  132. // Function: ValidateInPacket
  133. //
  134. // Synopsis: This is CValProxy class public method
  135. // that validates inbound Access Request packet
  136. //
  137. // Arguments: [IN] - CPacketRadius*
  138. //
  139. // Returns: HRESULT - status
  140. //
  141. //
  142. // History: MKarki Created 9/28/97
  143. //
  144. // Calleed By: CPreValidator class method
  145. //
  146. //----------------------------------------------------------------
  147. HRESULT
  148. CValProxy::ValidateInPacket(
  149. CPacketRadius * pCPacketRadius
  150. )
  151. {
  152. BOOL bRetVal = FALSE;
  153. HRESULT hr = S_OK;
  154. __try
  155. {
  156. //
  157. // validate the attributes
  158. //
  159. hr = m_pCValAttributes->Validate (pCPacketRadius);
  160. if (FAILED(hr)) { __leave; }
  162. //
  163. // get the proxy state value out
  164. //
  165. BYTE ReqAuthenticator[AUTHENTICATOR_SIZE];
  166. BOOL bStatus = m_pCProxyState->ValidateProxyState (
  167. pCPacketRadius,
  168. ReqAuthenticator
  169. );
  170. if (FALSE == bStatus) { __leave; }
  173. //
  174. // authenticate packet now
  175. //
  177. hr = AuthenticatePacket (
  178. pCPacketRadius,
  179. ReqAuthenticator
  180. );
  181. if (FAILED(hr)) { __leave; }
  184. //
  185. // now give the packet for processing
  186. //
  187. hr = m_pCPreProcessor->StartInProcessing (pCPacketRadius);
  188. if (FAILED(hr)) { __leave; }
  190. //
  191. // successfully processed packet
  192. //
  193. bRetVal = TRUE;
  194. }
  195. __finally
  196. {
  197. //
  198. // nothing here for now
  199. //
  200. }
  202. if (bRetVal)
  203. {
  204. return S_OK;
  205. }
  206. else
  207. {
  208. if (FAILED(hr))
  209. {
  210. return hr;
  211. }
  212. else
  213. {
  214. return E_FAIL;
  215. }
  216. }
  217. } // end of CValProxy::ValidateInPacket method
  220. //++--------------------------------------------------------------
  221. //
  222. // Function: ValidateOutPacket
  223. //
  224. // Synopsis: This is CValProxy class public method
  225. // that validates outbound Access Request packet
  226. //
  227. // Arguments: NONE
  228. //
  229. // Returns: HRESULT - status
  230. //
  231. //
  232. // History: MKarki Created 9/28/97
  233. //
  234. // Calleed By: CPreValidator class method
  235. //
  236. //----------------------------------------------------------------
  237. HRESULT
  238. CValProxy::ValidateOutPacket(
  239. CPacketRadius * pCPacketRadius
  240. )
  241. {
  242. return S_OK;
  243. } // end of CValProxy::ValidateOutPacket method
  246. //++--------------------------------------------------------------
  247. //
  248. // Function: AuthenticatePacket
  249. //
  250. // Synopsis: This is CValProxy class private method
  251. // that authenticates the packet, by generating a
  252. // response authenticator with the packet and then
  253. // comparing it with the request authenticator
  254. //
  255. // Arguments: [in] - CPacketRadius*
  256. //
  257. // Returns: BOOL - status
  258. //
  259. //
  260. // History: MKarki Created 9/28/97
  261. //
  262. // Called By: CValProxy::ValidateInPacket method
  263. //
  264. //----------------------------------------------------------------
  265. HRESULT
  266. CValProxy::AuthenticatePacket (
  267. CPacketRadius *pCPacketRadius,
  268. PBYTE pbyAuthenticator
  269. )
  270. {
  271. BOOL bRetVal = FALSE;
  272. BOOL bStatus = FALSE;
  273. PRADIUSPACKET pPacketRadius = NULL;
  274. DWORD dwPacketHeaderSize = 0;
  275. DWORD dwAttributesLength = 0;
  276. BYTE HashResult[AUTHENTICATOR_SIZE];
  277. BYTE bySecret[MAX_SECRET_SIZE];
  278. IIasClient *pIIasClient = NULL;
  279. DWORD dwSecretSize = MAX_SECRET_SIZE;
  280. HRESULT hr = S_OK;
  282. __try
  283. {
  284. //
  285. // check that the arguments passed in are correct
  286. //
  287. if ((NULL == pCPacketRadius) || (NULL == pbyAuthenticator))
  288. __leave;
  290. //
  291. // get a pointer to the raw packet
  292. //
  293. pPacketRadius = reinterpret_cast <PRADIUSPACKET>
  294. (pCPacketRadius->GetInPacket ());
  296. //
  297. // get the size of the packet without the attributes and
  298. // request authenticator
  299. //
  300. dwPacketHeaderSize = sizeof (RADIUSPACKET)
  301. - sizeof (BYTE)
  302. - AUTHENTICATOR_SIZE;
  304. //
  305. // get the total attributes length now
  306. //
  307. dwAttributesLength = ntohs (pPacketRadius->wLength)
  308. - (dwPacketHeaderSize + AUTHENTICATOR_SIZE);
  311. //
  312. // get the CClients object
  313. //
  314. hr = pCPacketRadius->GetClient (&pIIasClient);
  315. if (FAILED (hr)) { __leave; }
  317. //
  318. // get the shared secret from the client object
  319. //
  320. hr = pIIasClient->GetSecret (bySecret, &dwSecretSize);
  321. if (FAILED (hr)) { __leave; }
  323. //
  324. // do the hashing here
  325. //
  326. m_pCHashMD5->HashIt (
  327. reinterpret_cast <PBYTE> (&HashResult),
  328. NULL,
  329. 0,
  330. reinterpret_cast <PBYTE> (pPacketRadius),
  331. dwPacketHeaderSize,
  332. pbyAuthenticator,
  333. AUTHENTICATOR_SIZE,
  334. pPacketRadius->AttributeStart,
  335. dwAttributesLength,
  336. reinterpret_cast <PBYTE> (bySecret),
  337. dwSecretSize,
  338. 0,
  339. 0
  340. );
  342. if (memcmp (
  343. HashResult,
  344. pPacketRadius->Authenticator,
  345. AUTHENTICATOR_SIZE
  346. )
  347. != 0
  348. )
  349. __leave;
  352. //
  353. // we have successfully authenticated this packet
  354. //
  355. bRetVal = TRUE;
  358. }
  359. __finally
  360. {
  361. if (NULL != pIIasClient)
  362. {
  363. pIIasClient->Release ();
  364. }
  365. }
  368. return S_OK;
  369. } // end of CValProxy::AuthenticatePacket method