windows-nt/Source/XPSP1/NT/inetsrv/iis/iisrearc/iisplus/inc/tokencache.hxx

302 lines
5.9 KiB
C++
Raw Normal View History

2020-09-26 03:20:57 -05:00
#ifndef _TOKENCACHE_HXX_
#define _TOKENCACHE_HXX_
#include "usercache.hxx"
#include "stringa.hxx"
#define DEFAULT_MD5_HASH_SIZE 16
class TOKEN_CACHE_KEY : public CACHE_KEY
{
public:
TOKEN_CACHE_KEY()
: _strHashKey( _achHashKey, sizeof( _achHashKey ) )
{
}
BOOL
QueryIsEqual(
const CACHE_KEY * pCompareKey
) const
{
TOKEN_CACHE_KEY * pTokenKey = (TOKEN_CACHE_KEY*) pCompareKey;
DBG_ASSERT( pTokenKey != NULL );
//
// If lengths are not equal, this is easy
//
if ( _strHashKey.QueryCCH() != pTokenKey->_strHashKey.QueryCCH() )
{
return FALSE;
}
//
// Do strcmp
//
return memcmp( _strHashKey.QueryStr(),
pTokenKey->_strHashKey.QueryStr(),
_strHashKey.QueryCCH() ) == 0;
}
DWORD
QueryKeyHash(
VOID
) const
{
return HashString( _strHashKey.QueryStr() );
}
HRESULT
SetKey(
TOKEN_CACHE_KEY * pCacheKey
)
{
return _strHashKey.Copy( pCacheKey->_strHashKey.QueryStr() );
}
HRESULT
GenMD5HashKey(
IN STRU & strKey,
OUT STRA * strHashKey
);
HRESULT
CreateCacheKey(
WCHAR * pszUserName,
WCHAR * pszDomainName,
WCHAR * pszPassword,
DWORD dwLogonMethod
);
private:
//
// The hashed binary data will be converted to ASCII hex representation,
// so the size would be twice as big as the original one
//
CHAR _achHashKey[ 2 * DEFAULT_MD5_HASH_SIZE + 1 ];
STRA _strHashKey;
};
//
// The check period for how long a token can be in the cache.
// Tokens can be in the cache for up to two times this value
// (in seconds)
//
#define DEFAULT_CACHED_TOKEN_TTL ( 15 * 60 )
#define SID_DEFAULT_SIZE 64
#define TOKEN_CACHE_ENTRY_SIGNATURE 'TC3W'
#define TOKEN_CACHE_ENTRY_FREE_SIGNATURE 'fC3W'
class TOKEN_CACHE_ENTRY : public CACHE_ENTRY
{
public:
TOKEN_CACHE_ENTRY( OBJECT_CACHE * pObjectCache )
: CACHE_ENTRY( pObjectCache ),
m_dwSignature( TOKEN_CACHE_ENTRY_SIGNATURE ),
m_hImpersonationToken( NULL ),
m_hPrimaryToken( NULL ),
m_pSid( NULL )
{
m_liPwdExpiry.HighPart = 0x7fffffff;
m_liPwdExpiry.LowPart = 0xffffffff;
}
CACHE_KEY *
QueryCacheKey(
VOID
) const
{
return (CACHE_KEY*) &m_cacheKey;
}
HRESULT
SetCacheKey(
TOKEN_CACHE_KEY * pCacheKey
)
{
return m_cacheKey.SetKey( pCacheKey );
}
BOOL
CheckSignature(
VOID
) const
{
return m_dwSignature == TOKEN_CACHE_ENTRY_SIGNATURE;
}
VOID *
operator new(
size_t size
)
{
DBG_ASSERT( size == sizeof( TOKEN_CACHE_ENTRY ) );
DBG_ASSERT( sm_pachTokenCacheEntry != NULL );
return sm_pachTokenCacheEntry->Alloc();
}
VOID
operator delete(
VOID * pTokenCacheEntry
)
{
DBG_ASSERT( pTokenCacheEntry != NULL );
DBG_ASSERT( sm_pachTokenCacheEntry != NULL );
DBG_REQUIRE( sm_pachTokenCacheEntry->Free( pTokenCacheEntry ) );
}
HANDLE
QueryImpersonationToken(
VOID
);
HANDLE
QueryPrimaryToken(
VOID
);
PSID
QuerySid(
VOID
);
LARGE_INTEGER *
QueryExpiry(
VOID
)
{
return &m_liPwdExpiry;
}
HRESULT
Create(
HANDLE hToken,
LARGE_INTEGER *pliPwdExpiry,
BOOL fImpersonation
);
static
HRESULT
Initialize(
VOID
);
static
VOID
Terminate(
VOID
);
private:
~TOKEN_CACHE_ENTRY()
{
if ( m_hImpersonationToken != NULL )
{
CloseHandle( m_hImpersonationToken );
m_hImpersonationToken = NULL;
}
if ( m_hPrimaryToken != NULL )
{
CloseHandle( m_hPrimaryToken );
m_hPrimaryToken = NULL;
}
DBG_ASSERT( CheckSignature() );
m_dwSignature = TOKEN_CACHE_ENTRY_FREE_SIGNATURE;
}
DWORD m_dwSignature;
//
// Cache key
//
TOKEN_CACHE_KEY m_cacheKey;
//
// The actual tokens
//
HANDLE m_hImpersonationToken;
HANDLE m_hPrimaryToken;
//
// Time to expire for the token
//
LARGE_INTEGER m_liPwdExpiry;
//
// Keep the sid for file cache purposes
//
PSID m_pSid;
BYTE m_abSid[ SID_DEFAULT_SIZE ];
//
// Allocation cache for TOKEN_CACHE_ENTRY's
//
static ALLOC_CACHE_HANDLER * sm_pachTokenCacheEntry;
};
class TOKEN_CACHE : public OBJECT_CACHE
{
public:
HRESULT
GetCachedToken(
IN LPWSTR pszUserName,
IN LPWSTR pszDomain,
IN LPWSTR pszPassword,
IN DWORD dwLogonMethod,
IN BOOL fPossibleUPNLogon,
OUT TOKEN_CACHE_ENTRY ** ppCachedToken,
OUT DWORD * pdwLogonError,
BOOL fAllowLocalSystem = FALSE
);
WCHAR *
QueryName(
VOID
) const
{
return L"TOKEN_CACHE";
}
HRESULT
Initialize(
VOID
);
VOID
Terminate(
VOID
);
private:
DWORD m_dwLastPriorityUPNLogon;
};
HRESULT
ToHex(
IN BUFFER & buffSrc,
OUT STRA & strDst
);
#endif