Application Security Testing: An Integral Part of DevOps
To generate a simple OLE Server that expose an interface to be connected from multiple clients follow these steps:
- Start a new ATL project selecting the SERVER - Executable (EXE)
- A new skeleton was created. select "Insert/New ATL Object" from the 'Insert' Menu and specify the parameters for the interface you want to create , don't forget to check the 'Support Connection Points' checkbox. it is recommended to check the marshlink checkbox and even to create a custom marshler if all you need is Local IPC.
- Select other options depended on your project and generate the interface code.
- Add methods/properties to your exposed interface.
- On the dispinterface(EventSink) add methods for the events to be passed to the calling process.
- Now as you can see in your interface generated header file your interface inheret from ConnectionPointContainerImpl<> to support connction points you must implement a proxy that uses the dispinterface discussed earlier. ATL Framework can do it for by simply right-clicking on the Interface implementation file and choosing implement connection point.
- A propery page will appear asking you to select header filename and interface to implement select the appropriate and click OK.
- Now from the exposed interface you can use the Fire_"EventName" to call the caller application with parameters.
- Start a new project (Win32,MFC,or whatever you wish)
- Import the IDL. you can use the #import directive to generate .tlh,.tli files .
- Now implement the dispinterface (The EventSink) using a class derived from the IDispatch + Invoke method and Query Interface.
- To 'install' the event sink you must use an instance of the exposed interface , use QueryInterface to get the IConnectionPointContainer from it, after an object of this type was retrieved use FindConnectionPoint to get the IConnectionPoint object and Advise method to connect the EventSink.