archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/protocols/schannel/lsa/spreg.c

781 lines
21 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 2000.
  5. //
  6. // File: spreg.c
  7. //
  8. // Contents: Schannel registry management routines.
  9. //
  10. // Classes:
  11. //
  12. // Functions:
  13. //
  14. // History: 11-24-97 jbanes Enabled TLS
  15. //
  16. //----------------------------------------------------------------------------
  18. #include <sslp.h>
  19. #include "spreg.h"
  21. HKEY g_hkBase = NULL;
  22. HANDLE g_hParamEvent = NULL;
  23. HANDLE g_hWait = NULL;
  25. HKEY g_hkFipsBase = NULL;
  26. HANDLE g_hFipsParamEvent = NULL;
  27. HANDLE g_hFipsWait = NULL;
  29. BOOL g_fManualCredValidation = MANUAL_CRED_VALIDATION_SETTING;
  30. BOOL g_PctClientDisabledByDefault = PCT_CLIENT_DISABLED_SETTING;
  31. BOOL g_Ssl2ClientDisabledByDefault = SSL2_CLIENT_DISABLED_SETTING;
  33. DWORD g_dwEventLogging = DEFAULT_EVENT_LOGGING_SETTING;
  34. DWORD g_ProtEnabled = DEFAULT_ENABLED_PROTOCOLS_SETTING;
  36. BOOL g_fFipsMode = FALSE;
  37. BOOL g_fFranceLocale = FALSE;
  39. typedef struct enamap
  40. {
  41. TCHAR *pKey;
  42. DWORD Mask;
  43. } enamap;
  45. enamap g_ProtMap[] =
  46. {
  47. {SP_REG_KEY_UNIHELLO TEXT("\\") SP_REG_KEY_CLIENT, SP_PROT_UNI_CLIENT},
  48. {SP_REG_KEY_UNIHELLO TEXT("\\") SP_REG_KEY_SERVER, SP_PROT_UNI_SERVER},
  49. {SP_REG_KEY_PCT1 TEXT("\\") SP_REG_KEY_CLIENT, SP_PROT_PCT1_CLIENT},
  50. {SP_REG_KEY_PCT1 TEXT("\\") SP_REG_KEY_SERVER, SP_PROT_PCT1_SERVER},
  51. {SP_REG_KEY_SSL2 TEXT("\\") SP_REG_KEY_CLIENT, SP_PROT_SSL2_CLIENT},
  52. {SP_REG_KEY_SSL2 TEXT("\\") SP_REG_KEY_SERVER, SP_PROT_SSL2_SERVER},
  53. {SP_REG_KEY_SSL3 TEXT("\\") SP_REG_KEY_CLIENT, SP_PROT_SSL3_CLIENT},
  54. {SP_REG_KEY_SSL3 TEXT("\\") SP_REG_KEY_SERVER, SP_PROT_SSL3_SERVER},
  55. {SP_REG_KEY_TLS1 TEXT("\\") SP_REG_KEY_CLIENT, SP_PROT_TLS1_CLIENT},
  56. {SP_REG_KEY_TLS1 TEXT("\\") SP_REG_KEY_SERVER, SP_PROT_TLS1_SERVER}
  57. };
  59. VOID
  60. SslWatchParamKey(
  61. PVOID pCtxt,
  62. BOOLEAN fWaitStatus);
  64. VOID
  65. FipsWatchParamKey(
  66. PVOID pCtxt,
  67. BOOLEAN fWaitStatus);
  69. BOOL
  70. SslReadRegOptions(
  71. BOOL fFirstTime);
  73. BOOL SPLoadRegOptions(void)
  74. {
  75. g_hParamEvent = CreateEvent(NULL,
  76. FALSE,
  77. FALSE,
  78. NULL);
  80. SslWatchParamKey(g_hParamEvent, FALSE);
  82. g_hFipsParamEvent = CreateEvent(NULL,
  83. FALSE,
  84. FALSE,
  85. NULL);
  87. FipsWatchParamKey(g_hFipsParamEvent, FALSE);
  89. return TRUE;
  90. }
  92. void SPUnloadRegOptions(void)
  93. {
  94. if (NULL != g_hWait)
  95. {
  96. RtlDeregisterWait(g_hWait);
  97. g_hWait = NULL;
  98. }
  100. if(NULL != g_hkBase)
  101. {
  102. RegCloseKey(g_hkBase);
  103. }
  105. if(NULL != g_hParamEvent)
  106. {
  107. CloseHandle(g_hParamEvent);
  108. }
  110. if (NULL != g_hFipsWait)
  111. {
  112. RtlDeregisterWait(g_hFipsWait);
  113. g_hFipsWait = NULL;
  114. }
  116. if(NULL != g_hkFipsBase)
  117. {
  118. RegCloseKey(g_hkFipsBase);
  119. }
  121. if(NULL != g_hFipsParamEvent)
  122. {
  123. CloseHandle(g_hFipsParamEvent);
  124. }
  125. }
  127. BOOL
  128. ReadRegistrySetting(
  129. HKEY hReadKey,
  130. HKEY hWriteKey,
  131. LPCTSTR pszValueName,
  132. DWORD * pdwValue,
  133. DWORD dwDefaultValue)
  134. {
  135. DWORD dwSize;
  136. DWORD dwType;
  137. DWORD dwOriginalValue = *pdwValue;
  139. dwSize = sizeof(DWORD);
  140. if(RegQueryValueEx(hReadKey,
  141. pszValueName,
  142. NULL,
  143. &dwType,
  144. (PUCHAR)pdwValue,
  145. &dwSize) != STATUS_SUCCESS)
  146. {
  147. *pdwValue = dwDefaultValue;
  149. if(hWriteKey)
  150. {
  151. RegSetValueEx(hWriteKey,
  152. pszValueName,
  153. 0,
  154. REG_DWORD,
  155. (PUCHAR)pdwValue,
  156. sizeof(DWORD));
  157. }
  158. }
  160. return (dwOriginalValue != *pdwValue);
  161. }
  164. ////////////////////////////////////////////////////////////////////
  165. //
  166. // Name: SslWatchParamKey
  167. //
  168. // Synopsis: Sets RegNotifyChangeKeyValue() on param key, initializes
  169. // debug level, then utilizes thread pool to wait on
  170. // changes to this registry key. Enables dynamic debug
  171. // level changes, as this function will also be callback
  172. // if registry key modified.
  173. //
  174. // Arguments: pCtxt is actually a HANDLE to an event. This event
  175. // will be triggered when key is modified.
  176. //
  177. // Notes: .
  178. //
  179. VOID
  180. SslWatchParamKey(
  181. PVOID pCtxt,
  182. BOOLEAN fWaitStatus)
  183. {
  184. NTSTATUS Status;
  185. LONG lRes = ERROR_SUCCESS;
  186. BOOL fFirstTime = FALSE;
  187. DWORD disp;
  189. if(g_hkBase == NULL)
  190. {
  191. // First time we've been called.
  192. Status = RegCreateKeyEx(HKEY_LOCAL_MACHINE,
  193. SP_REG_KEY_BASE,
  194. 0,
  195. TEXT(""),
  196. REG_OPTION_NON_VOLATILE,
  197. KEY_READ,
  198. NULL,
  199. &g_hkBase,
  200. &disp);
  201. if(Status)
  202. {
  203. DebugLog((DEB_WARN,"Failed to open SCHANNEL key: 0x%x\n", Status));
  204. return;
  205. }
  207. fFirstTime = TRUE;
  208. }
  210. if(pCtxt != NULL)
  211. {
  212. if (NULL != g_hWait)
  213. {
  214. Status = RtlDeregisterWait(g_hWait);
  215. if(!NT_SUCCESS(Status))
  216. {
  217. DebugLog((DEB_WARN, "Failed to Deregister wait on registry key: 0x%x\n", Status));
  218. goto Reregister;
  219. }
  220. }
  222. lRes = RegNotifyChangeKeyValue(
  223. g_hkBase,
  224. TRUE,
  225. REG_NOTIFY_CHANGE_NAME | REG_NOTIFY_CHANGE_LAST_SET,
  226. (HANDLE)pCtxt,
  227. TRUE);
  229. if (ERROR_SUCCESS != lRes)
  230. {
  231. DebugLog((DEB_ERROR,"Debug RegNotify setup failed: 0x%x\n", lRes));
  232. // we're tanked now. No further notifications, so get this one
  233. }
  234. }
  236. SslReadRegOptions(fFirstTime);
  238. #if DBG
  239. InitDebugSupport(g_hkBase);
  240. #endif
  242. Reregister:
  244. if(pCtxt != NULL)
  245. {
  246. Status = RtlRegisterWait(&g_hWait,
  247. (HANDLE)pCtxt,
  248. SslWatchParamKey,
  249. (HANDLE)pCtxt,
  250. INFINITE,
  251. WT_EXECUTEINPERSISTENTIOTHREAD|
  252. WT_EXECUTEONLYONCE);
  253. }
  254. }
  257. ////////////////////////////////////////////////////////////////////
  258. //
  259. // Name: FipsWatchParamKey
  260. //
  261. // Synopsis: Sets RegNotifyChangeKeyValue() on param key, initializes
  262. // debug level, then utilizes thread pool to wait on
  263. // changes to this registry key. Enables dynamic debug
  264. // level changes, as this function will also be callback
  265. // if registry key modified.
  266. //
  267. // Arguments: pCtxt is actually a HANDLE to an event. This event
  268. // will be triggered when key is modified.
  269. //
  270. // Notes: .
  271. //
  272. VOID
  273. FipsWatchParamKey(
  274. PVOID pCtxt,
  275. BOOLEAN fWaitStatus)
  276. {
  277. NTSTATUS Status;
  278. LONG lRes = ERROR_SUCCESS;
  279. DWORD disp;
  281. if(g_hkFipsBase == NULL)
  282. {
  283. // First time we've been called.
  284. Status = RegCreateKeyEx(HKEY_LOCAL_MACHINE,
  285. SP_REG_FIPS_BASE_KEY,
  286. 0,
  287. TEXT(""),
  288. REG_OPTION_NON_VOLATILE,
  289. KEY_READ,
  290. NULL,
  291. &g_hkFipsBase,
  292. &disp);
  293. if(Status)
  294. {
  295. DebugLog((DEB_WARN,"Failed to open FIPS key: 0x%x\n", Status));
  296. return;
  297. }
  298. }
  300. if(pCtxt != NULL)
  301. {
  302. if (NULL != g_hFipsWait)
  303. {
  304. Status = RtlDeregisterWait(g_hFipsWait);
  305. if(!NT_SUCCESS(Status))
  306. {
  307. DebugLog((DEB_WARN, "Failed to Deregister wait on registry key: 0x%x\n", Status));
  308. goto Reregister;
  309. }
  310. }
  312. lRes = RegNotifyChangeKeyValue(
  313. g_hkFipsBase,
  314. TRUE,
  315. REG_NOTIFY_CHANGE_NAME | REG_NOTIFY_CHANGE_LAST_SET,
  316. (HANDLE)pCtxt,
  317. TRUE);
  319. if (ERROR_SUCCESS != lRes)
  320. {
  321. DebugLog((DEB_ERROR,"Debug RegNotify setup failed: 0x%x\n", lRes));
  322. // we're tanked now. No further notifications, so get this one
  323. }
  324. }
  326. SslReadRegOptions(FALSE);
  328. Reregister:
  330. if(pCtxt != NULL)
  331. {
  332. Status = RtlRegisterWait(&g_hFipsWait,
  333. (HANDLE)pCtxt,
  334. FipsWatchParamKey,
  335. (HANDLE)pCtxt,
  336. INFINITE,
  337. WT_EXECUTEINPERSISTENTIOTHREAD|
  338. WT_EXECUTEONLYONCE);
  339. }
  340. }
  343. BOOL
  344. SslReadRegOptions(
  345. BOOL fFirstTime)
  346. {
  347. DWORD err;
  348. DWORD dwType;
  349. DWORD fVal;
  350. DWORD dwSize;
  351. DWORD dwValue;
  352. HKEY hKey;
  353. HKEY hWriteKey;
  354. DWORD disp;
  355. HKEY hSubKey;
  356. DWORD i;
  357. HKEY hkProtocols = NULL;
  358. HKEY hkCiphers = NULL;
  359. HKEY hkHashes = NULL;
  360. HKEY hkKeyExch = NULL;
  361. BOOL fFipsMode = FALSE;
  362. BOOL fSettingsChanged = FALSE;
  363. DWORD dwOriginalValue;
  365. DebugLog((DEB_TRACE,"Load configuration parameters from registry.\n"));
  368. // "FipsAlgorithmPolicy"
  369. ReadRegistrySetting(
  370. g_hkFipsBase,
  371. 0,
  372. SP_REG_FIPS_POLICY,
  373. &dwValue,
  374. 0);
  375. if(dwValue == 1)
  376. {
  377. fFipsMode = TRUE;
  378. }
  379. if(fFipsMode != g_fFipsMode)
  380. {
  381. g_fFipsMode = fFipsMode;
  382. fSettingsChanged = TRUE;
  383. }
  386. //
  387. // Read top-level configuration options.
  388. //
  390. // Open top-level key that has write access.
  391. if(RegOpenKeyEx(HKEY_LOCAL_MACHINE,
  392. SP_REG_KEY_BASE,
  393. 0,
  394. KEY_READ | KEY_SET_VALUE,
  395. &hWriteKey) != STATUS_SUCCESS)
  396. {
  397. hWriteKey = 0;
  398. }
  400. // "EventLogging"
  401. if(ReadRegistrySetting(
  402. g_hkBase,
  403. hWriteKey,
  404. SP_REG_VAL_EVENTLOG,
  405. &g_dwEventLogging,
  406. DEFAULT_EVENT_LOGGING_SETTING))
  407. {
  408. fSettingsChanged = TRUE;
  409. }
  411. // "ManualCredValidation"
  412. if(ReadRegistrySetting(
  413. g_hkBase,
  414. 0,
  415. SP_REG_VAL_MANUAL_CRED_VALIDATION,
  416. &g_fManualCredValidation,
  417. MANUAL_CRED_VALIDATION_SETTING))
  418. {
  419. fSettingsChanged = TRUE;
  420. }
  422. // "ClientCacheTime"
  423. if(ReadRegistrySetting(
  424. g_hkBase,
  425. 0,
  426. SP_REG_VAL_CLIENT_CACHE_TIME,
  427. &SchannelCache.dwClientLifespan,
  428. SP_CACHE_CLIENT_LIFESPAN))
  429. {
  430. fSettingsChanged = TRUE;
  431. }
  433. // "ServerCacheTime"
  434. if(ReadRegistrySetting(
  435. g_hkBase,
  436. 0,
  437. SP_REG_VAL_SERVER_CACHE_TIME,
  438. &SchannelCache.dwServerLifespan,
  439. SP_CACHE_SERVER_LIFESPAN))
  440. {
  441. fSettingsChanged = TRUE;
  442. }
  444. // "MaximumCacheSize"
  445. if(ReadRegistrySetting(
  446. g_hkBase,
  447. 0,
  448. SP_REG_VAL_MAXUMUM_CACHE_SIZE,
  449. &SchannelCache.dwMaximumEntries,
  450. SP_MAXIMUM_CACHE_ELEMENTS))
  451. {
  452. fSettingsChanged = TRUE;
  453. }
  455. if(fFirstTime)
  456. {
  457. SchannelCache.dwCacheSize = SchannelCache.dwMaximumEntries;
  458. }
  460. // "MultipleProcessClientCache"
  461. if(ReadRegistrySetting(
  462. g_hkBase,
  463. 0,
  464. SP_REG_VAL_MULTI_PROC_CLIENT_CACHE,
  465. &g_fMultipleProcessClientCache,
  466. FALSE))
  467. {
  468. fSettingsChanged = TRUE;
  469. }
  471. if(hWriteKey)
  472. {
  473. RegCloseKey(hWriteKey);
  474. hWriteKey = 0;
  475. }
  478. //
  479. // Enable/Disable Protocols
  480. //
  482. if(fFipsMode)
  483. {
  484. // Disable everything except TLS.
  485. g_ProtEnabled = SP_PROT_TLS1;
  486. }
  487. else
  488. {
  489. DWORD dwProtEnabled = DEFAULT_ENABLED_PROTOCOLS_SETTING;
  491. err = RegCreateKeyEx( g_hkBase,
  492. SP_REG_KEY_PROTOCOL,
  493. 0,
  494. TEXT(""),
  495. REG_OPTION_NON_VOLATILE,
  496. KEY_READ,
  497. NULL,
  498. &hkProtocols,
  499. &disp);
  501. if(err == ERROR_SUCCESS)
  502. {
  503. for(i=0; i < (sizeof(g_ProtMap)/sizeof(enamap)); i++)
  504. {
  505. if(g_ProtMap[i].Mask & SP_PROT_PCT1)
  506. {
  507. if(g_fFranceLocale)
  508. {
  509. // Don't allow PCT to be enabled in France.
  510. continue;
  511. }
  512. }
  514. err = RegCreateKeyEx( hkProtocols,
  515. g_ProtMap[i].pKey,
  516. 0,
  517. TEXT(""),
  518. REG_OPTION_NON_VOLATILE,
  519. KEY_READ,
  520. NULL,
  521. &hKey,
  522. &disp);
  523. if(!err)
  524. {
  525. dwSize = sizeof(DWORD);
  526. err = RegQueryValueEx(hKey, SP_REG_VAL_ENABLED, NULL, &dwType, (PUCHAR)&fVal, &dwSize);
  528. if(!err)
  529. {
  530. if(fVal)
  531. {
  532. dwProtEnabled |= g_ProtMap[i].Mask;
  533. }
  534. else
  535. {
  536. dwProtEnabled &= ~g_ProtMap[i].Mask;
  537. }
  538. }
  540. if(g_ProtMap[i].Mask & SP_PROT_PCT1_CLIENT)
  541. {
  542. // "DisabledByDefault"
  543. ReadRegistrySetting(
  544. hKey,
  545. 0,
  546. SP_REG_VAL_DISABLED_BY_DEFAULT,
  547. &g_PctClientDisabledByDefault,
  548. PCT_CLIENT_DISABLED_SETTING);
  549. }
  550. if(g_ProtMap[i].Mask & SP_PROT_SSL2_CLIENT)
  551. {
  552. // "DisabledByDefault"
  553. ReadRegistrySetting(
  554. hKey,
  555. 0,
  556. SP_REG_VAL_DISABLED_BY_DEFAULT,
  557. &g_Ssl2ClientDisabledByDefault,
  558. SSL2_CLIENT_DISABLED_SETTING);
  559. }
  561. RegCloseKey(hKey);
  562. }
  563. }
  565. RegCloseKey(hkProtocols);
  566. }
  568. if(g_ProtEnabled != dwProtEnabled)
  569. {
  570. g_ProtEnabled = dwProtEnabled;
  571. fSettingsChanged = TRUE;
  572. }
  573. }
  576. //
  577. // Enable/Disable Ciphers
  578. //
  580. if(fFipsMode)
  581. {
  582. // Disable everything except 3DES.
  583. for(i=0; i < g_cAvailableCiphers; i++)
  584. {
  585. if(g_AvailableCiphers[i].aiCipher != CALG_3DES)
  586. {
  587. g_AvailableCiphers[i].fProtocol = 0;
  588. }
  589. }
  590. }
  591. else
  592. {
  593. err = RegCreateKeyEx( g_hkBase,
  594. SP_REG_KEY_CIPHERS,
  595. 0,
  596. TEXT(""),
  597. REG_OPTION_NON_VOLATILE,
  598. KEY_READ,
  599. NULL,
  600. &hkCiphers,
  601. &disp);
  603. if(err == ERROR_SUCCESS)
  604. {
  605. for(i=0; i < g_cAvailableCiphers; i++)
  606. {
  607. dwOriginalValue = g_AvailableCiphers[i].fProtocol;
  609. g_AvailableCiphers[i].fProtocol = g_AvailableCiphers[i].fDefault;
  610. fVal = g_AvailableCiphers[i].fDefault;
  611. err = RegCreateKeyExA( hkCiphers,
  612. g_AvailableCiphers[i].szName,
  613. 0,
  614. "",
  615. REG_OPTION_NON_VOLATILE,
  616. KEY_READ,
  617. NULL,
  618. &hKey,
  619. &disp);
  620. if(!err)
  621. {
  622. dwSize = sizeof(DWORD);
  623. err = RegQueryValueEx(hKey, SP_REG_VAL_ENABLED, NULL, &dwType, (PUCHAR)&fVal, &dwSize);
  625. if(err)
  626. {
  627. fVal = g_AvailableCiphers[i].fDefault;
  628. }
  629. RegCloseKey(hKey);
  630. }
  631. g_AvailableCiphers[i].fProtocol &= fVal;
  633. if(g_AvailableCiphers[i].fProtocol != dwOriginalValue)
  634. {
  635. fSettingsChanged = TRUE;
  636. }
  637. }
  639. RegCloseKey(hkCiphers);
  640. }
  641. }
  644. //
  645. // Enable/Disable Hashes
  646. //
  648. err = RegCreateKeyEx( g_hkBase,
  649. SP_REG_KEY_HASHES,
  650. 0,
  651. TEXT(""),
  652. REG_OPTION_NON_VOLATILE,
  653. KEY_READ,
  654. NULL,
  655. &hkHashes,
  656. &disp);
  658. if(err == ERROR_SUCCESS)
  659. {
  660. for(i = 0; i < g_cAvailableHashes; i++)
  661. {
  662. dwOriginalValue = g_AvailableHashes[i].fProtocol;
  664. g_AvailableHashes[i].fProtocol = g_AvailableHashes[i].fDefault;
  665. fVal = g_AvailableHashes[i].fDefault;
  666. err = RegCreateKeyExA( hkHashes,
  667. g_AvailableHashes[i].szName,
  668. 0,
  669. "",
  670. REG_OPTION_NON_VOLATILE,
  671. KEY_READ,
  672. NULL,
  673. &hKey,
  674. &disp);
  675. if(!err)
  676. {
  677. dwSize = sizeof(DWORD);
  678. err = RegQueryValueEx(hKey, SP_REG_VAL_ENABLED, NULL, &dwType, (PUCHAR)&fVal, &dwSize);
  680. if(err)
  681. {
  682. fVal = g_AvailableHashes[i].fDefault;
  683. }
  684. RegCloseKey(hKey);
  685. }
  686. g_AvailableHashes[i].fProtocol &= fVal;
  688. if(dwOriginalValue != g_AvailableHashes[i].fProtocol)
  689. {
  690. fSettingsChanged = TRUE;
  691. }
  692. }
  694. RegCloseKey(hkHashes);
  695. }
  698. //
  699. // Enable/Disable Key Exchange algs.
  700. //
  702. if(fFipsMode)
  703. {
  704. // Disable everything except RSA.
  705. for(i=0; i < g_cAvailableExch; i++)
  706. {
  707. if(g_AvailableExch[i].aiExch != CALG_RSA_KEYX &&
  708. g_AvailableExch[i].aiExch != CALG_RSA_SIGN)
  709. {
  710. g_AvailableExch[i].fProtocol = 0;
  711. }
  712. }
  713. }
  714. else
  715. {
  716. err = RegCreateKeyEx( g_hkBase,
  717. SP_REG_KEY_KEYEXCH,
  718. 0,
  719. TEXT(""),
  720. REG_OPTION_NON_VOLATILE,
  721. KEY_READ,
  722. NULL,
  723. &hkKeyExch,
  724. &disp);
  726. if(err == ERROR_SUCCESS)
  727. {
  728. for(i = 0; i < g_cAvailableExch; i++)
  729. {
  730. dwOriginalValue = g_AvailableExch[i].fProtocol;
  732. g_AvailableExch[i].fProtocol = g_AvailableExch[i].fDefault;
  733. fVal = g_AvailableExch[i].fDefault;
  734. err = RegCreateKeyExA( hkKeyExch,
  735. g_AvailableExch[i].szName,
  736. 0,
  737. "",
  738. REG_OPTION_NON_VOLATILE,
  739. KEY_READ,
  740. NULL,
  741. &hKey,
  742. &disp);
  743. if(!err)
  744. {
  745. dwSize = sizeof(DWORD);
  746. err = RegQueryValueEx(hKey, SP_REG_VAL_ENABLED, NULL, &dwType, (PUCHAR)&fVal, &dwSize);
  748. if(err)
  749. {
  750. fVal = g_AvailableExch[i].fDefault;
  751. }
  752. g_AvailableExch[i].fProtocol &= fVal;
  754. RegCloseKey(hKey);
  755. }
  757. if(dwOriginalValue != g_AvailableExch[i].fProtocol)
  758. {
  759. fSettingsChanged = TRUE;
  760. }
  761. }
  763. RegCloseKey(hkKeyExch);
  764. }
  765. }
  767. //
  768. // Purge the session cache.
  769. //
  771. if(g_fCacheInitialized && fSettingsChanged)
  772. {
  773. SPCachePurgeEntries(NULL,
  774. 0,
  775. NULL,
  776. SSL_PURGE_CLIENT_ALL_ENTRIES |
  777. SSL_PURGE_SERVER_ALL_ENTRIES);
  778. }
  780. return TRUE;
  781. }