stackoom
  简体   繁体   中英

can i execute a dos command from a C# class library?

 原文  2011-04-13 08:55:22       c#/ class/ iis/ module

Question

I have to do an IIS module that blocks access to users who don't have a certificate from a certain CA. I did a CTL - certificate trust list. I tested it using netsh http add sslcert ip.... and it works. Now all i have to do is implement the call of netsh in the c# class library. I tryed to use: 

        Process pnet = new Process();
        pnet.StartInfo.FileName = "netsh";
        pnet.StartInfo.Arguments = "http delete sslcert ipport=0.0.0.0:443";
        pnet.StartInfo.UseShellExecute = false;
        pnet.StartInfo.CreateNoWindow = true;
        pnet.Start();
        pnet.Close();

This works in a C# console application, but in the C# library class, doesn't start. 

       namespace IISproject
       {
       public class MyModule : IHttpModule
       {
       #region IHttpModule Members
       public void Dispose()
       { 
       }
       public void Init(HttpApplication context)
       {
       context.PreRequestHandlerExecute += new EventHandler(OnPreRequestHandlerExecute);
    }
    #endregion
    public void OnPreRequestHandlerExecute(Object source, EventArgs e)
    {
        HttpApplication app = (HttpApplication)source;
        HttpRequest request = app.Context.Request;
        if (!String.IsNullOrEmpty(request.Headers["Referer"]))
        {
            throw new HttpException(403,
                                                    "Uh-uh!");
        }
        Process pnet = new Process();
        pnet.StartInfo.FileName = "netsh";
        pnet.StartInfo.Arguments = "http delete sslcert ipport=0.0.0.0:443";
        pnet.StartInfo.UseShellExecute = false;
        pnet.StartInfo.CreateNoWindow = true;
        pnet.Start();
        pnet.Close(); 
    }
}

What am i doing wrong?10x

2 answers

solution1
 1  2011-04-13 09:11:50

The first suspect in these kinds of situations in my book, absent details, is some sort of path issue. Try fully qualifying the command path and see if it works any better. 

pnet.StartInfo.FileName = Environment.SystemDirectory + @"\netsh.exe"; // or something like that

I would be cautious about the general pattern of invoking an external command this way, though, but since you are providing both the file name and its arguments, it should be a reasonably safe thing to do. If you have the time, and haven't done so already, you might want to look into if there is an API to do what you want. Chances are there is; netsh probably isn't magic .

solution2
 1  2011-04-13 09:13:30

What am i doing wrong?10x

I'd say: you are not caring for security enough. Obviously IIS will not spawn any odd application. You need to run it in an application pool configured to run as a user with permissions to launch that process.

You might get mileage out of windows integrated authentication; that way the user logging into the web-server will implicitely determine the permissions with which the process is launched.

That said, you will be much better of emplying a native API (ADSI, WMI?) to achieve the goal

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do I execute a DOS SET command from C# and have the variable persist after the exe closes? running dos command line from C#? Can't execute mongo command from C# driver when I permisions I get a can't execute binary file error when running a bash command from C# how i can execute CMD command in c# console application? How I can execute a Batch Command in C# directly? Build Windows Universal C# class library from command line Copying files using C# and dos command Dos command in c# - RedirectStandardError/Output problem I can't execute BasicReport class C#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM