Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
19f8c79f
Commit
19f8c79f
authored
May 10, 2012
by
Hans Leidekker
Committed by
Alexandre Julliard
May 10, 2012
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
secur32: Implement a Negotiate provider that forwards to NTLM.
parent
31815778
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
318 additions
and
291 deletions
+318
-291
negotiate.c
dlls/secur32/negotiate.c
+270
-214
ntlm.c
dlls/secur32/ntlm.c
+18
-77
secur32_priv.h
dlls/secur32/secur32_priv.h
+30
-0
No files found.
dlls/secur32/negotiate.c
View file @
19f8c79f
/*
/*
* Copyright 2005 Kai Blin
* Copyright 2005 Kai Blin
* Copyright 2012 Hans Leidekker for CodeWeavers
*
*
* This library is free software; you can redistribute it and/or
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* modify it under the terms of the GNU Lesser General Public
...
@@ -15,137 +16,151 @@
...
@@ -15,137 +16,151 @@
* License along with this library; if not, write to the Free Software
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
*
* This file implements
the negotiate provider.
* This file implements
a Negotiate provider that simply forwards to
*
FIXME: So far, this beast doesn't do anything
.
*
the NTLM provider
.
*/
*/
#include <assert.h>
#include <stdarg.h>
#include <stdarg.h>
#include "windef.h"
#include "windef.h"
#include "winbase.h"
#include "winbase.h"
#include "sspi.h"
#include "sspi.h"
#include "rpc.h"
#include "wincred.h"
#include "secur32_priv.h"
#include "secur32_priv.h"
#include "wine/debug.h"
#include "wine/debug.h"
#include "wine/unicode.h"
WINE_DEFAULT_DEBUG_CHANNEL
(
secur32
);
WINE_DEFAULT_DEBUG_CHANNEL
(
secur32
);
/* Disable for now, see longer comment for SECUR32_initNegotiateSP below */
#if 0
static char nego_name_A[] = "Negotiate";
static WCHAR nego_name_W[] = {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0};
#endif
static
SECURITY_STATUS
nego_QueryCredentialsAttributes
(
PCredHandle
phCredential
,
ULONG
ulAttribute
,
PVOID
pBuffer
)
{
SECURITY_STATUS
ret
;
/* FIXME: More attributes to be added here. Need to fix the sspi.h header
* for that, too.
*/
switch
(
ulAttribute
)
{
default:
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
}
return
ret
;
}
/***********************************************************************
/***********************************************************************
* QueryCredentialsAttributesA
* QueryCredentialsAttributesA
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryCredentialsAttributesA
(
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryCredentialsAttributesA
(
PCredHandle
phCredential
,
ULONG
ulAttribute
,
PVOID
pBuffer
)
PCredHandle
phCredential
,
ULONG
ulAttribute
,
PVOID
pBuffer
)
{
{
SECURITY_STATUS
ret
;
FIXME
(
"%p, %u, %p
\n
"
,
phCredential
,
ulAttribute
,
pBuffer
);
return
SEC_E_UNSUPPORTED_FUNCTION
;
TRACE
(
"(%p, %d, %p)
\n
"
,
phCredential
,
ulAttribute
,
pBuffer
);
switch
(
ulAttribute
)
{
case
SECPKG_CRED_ATTR_NAMES
:
FIXME
(
"SECPKG_CRED_ATTR_NAMES: stub
\n
"
);
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
break
;
default:
ret
=
nego_QueryCredentialsAttributes
(
phCredential
,
ulAttribute
,
pBuffer
);
}
return
ret
;
}
}
/***********************************************************************
/***********************************************************************
* QueryCredentialsAttributesW
* QueryCredentialsAttributesW
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryCredentialsAttributesW
(
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryCredentialsAttributesW
(
PCredHandle
phCredential
,
ULONG
ulAttribute
,
PVOID
pBuffer
)
PCredHandle
phCredential
,
ULONG
ulAttribute
,
PVOID
pBuffer
)
{
{
FIXME
(
"%p, %u, %p
\n
"
,
phCredential
,
ulAttribute
,
pBuffer
);
return
SEC_E_UNSUPPORTED_FUNCTION
;
}
/***********************************************************************
* AcquireCredentialsHandleW
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_AcquireCredentialsHandleW
(
SEC_WCHAR
*
pszPrincipal
,
SEC_WCHAR
*
pszPackage
,
ULONG
fCredentialUse
,
PLUID
pLogonID
,
PVOID
pAuthData
,
SEC_GET_KEY_FN
pGetKeyFn
,
PVOID
pGetKeyArgument
,
PCredHandle
phCredential
,
PTimeStamp
ptsExpiry
)
{
static
SEC_WCHAR
ntlmW
[]
=
{
'N'
,
'T'
,
'L'
,
'M'
,
0
};
SECURITY_STATUS
ret
;
SECURITY_STATUS
ret
;
TRACE
(
"(%p, %d, %p)
\n
"
,
phCredential
,
ulAttribute
,
pBuffer
);
TRACE
(
"%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p
\n
"
,
debugstr_w
(
pszPrincipal
),
debugstr_w
(
pszPackage
),
fCredentialUse
,
pLogonID
,
pAuthData
,
pGetKeyFn
,
pGetKeyArgument
,
phCredential
,
ptsExpiry
);
switch
(
ulAttribute
)
FIXME
(
"forwarding to NTLM
\n
"
);
ret
=
ntlm_AcquireCredentialsHandleW
(
pszPrincipal
,
ntlmW
,
fCredentialUse
,
pLogonID
,
pAuthData
,
pGetKeyFn
,
pGetKeyArgument
,
phCredential
,
ptsExpiry
);
if
(
ret
==
SEC_E_OK
)
{
{
case
SECPKG_CRED_ATTR_NAMES
:
NtlmCredentials
*
cred
=
(
NtlmCredentials
*
)
phCredential
->
dwLower
;
FIXME
(
"SECPKG_CRED_ATTR_NAMES: stub
\n
"
);
cred
->
no_cached_credentials
=
(
pAuthData
==
NULL
);
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
break
;
default:
ret
=
nego_QueryCredentialsAttributes
(
phCredential
,
ulAttribute
,
pBuffer
);
}
}
return
ret
;
return
ret
;
}
}
/***********************************************************************
/***********************************************************************
* AcquireCredentialsHandleA
* AcquireCredentialsHandleA
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_AcquireCredentialsHandleA
(
static
SECURITY_STATUS
SEC_ENTRY
nego_AcquireCredentialsHandleA
(
SEC_CHAR
*
pszPrincipal
,
SEC_CHAR
*
pszPackage
,
ULONG
fCredentialUse
,
SEC_CHAR
*
pszPrincipal
,
SEC_CHAR
*
pszPackage
,
ULONG
fCredentialUse
,
PLUID
pLogonID
,
PVOID
pAuthData
,
SEC_GET_KEY_FN
pGetKeyFn
,
PLUID
pLogonID
,
PVOID
pAuthData
,
SEC_GET_KEY_FN
pGetKeyFn
,
PVOID
pGetKeyArgument
,
PCredHandle
phCredential
,
PTimeStamp
ptsExpiry
)
PVOID
pGetKeyArgument
,
PCredHandle
phCredential
,
PTimeStamp
ptsExpiry
)
{
TRACE
(
"(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p) stub
\n
"
,
debugstr_a
(
pszPrincipal
),
debugstr_a
(
pszPackage
),
fCredentialUse
,
pLogonID
,
pAuthData
,
pGetKeyFn
,
pGetKeyArgument
,
phCredential
,
ptsExpiry
);
return
SEC_E_UNSUPPORTED_FUNCTION
;
}
/***********************************************************************
* AcquireCredentialsHandleW
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_AcquireCredentialsHandleW
(
SEC_WCHAR
*
pszPrincipal
,
SEC_WCHAR
*
pszPackage
,
ULONG
fCredentialUse
,
PLUID
pLogonID
,
PVOID
pAuthData
,
SEC_GET_KEY_FN
pGetKeyFn
,
PVOID
pGetKeyArgument
,
PCredHandle
phCredential
,
PTimeStamp
ptsExpiry
)
{
{
TRACE
(
"(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p) stub
\n
"
,
SECURITY_STATUS
ret
=
SEC_E_INSUFFICIENT_MEMORY
;
debugstr_w
(
pszPrincipal
),
debugstr_w
(
pszPackage
),
fCredentialUse
,
SEC_WCHAR
*
user
=
NULL
,
*
domain
=
NULL
,
*
passwd
=
NULL
,
*
package
=
NULL
;
pLogonID
,
pAuthData
,
pGetKeyFn
,
pGetKeyArgument
,
phCredential
,
ptsExpiry
);
SEC_WINNT_AUTH_IDENTITY_W
*
identityW
=
NULL
;
return
SEC_E_UNSUPPORTED_FUNCTION
;
}
/***********************************************************************
TRACE
(
"%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p
\n
"
,
* InitializeSecurityContextA
debugstr_a
(
pszPrincipal
),
debugstr_a
(
pszPackage
),
fCredentialUse
,
*/
pLogonID
,
pAuthData
,
pGetKeyFn
,
pGetKeyArgument
,
phCredential
,
ptsExpiry
);
static
SECURITY_STATUS
SEC_ENTRY
nego_InitializeSecurityContextA
(
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
SEC_CHAR
*
pszTargetName
,
ULONG
fContextReq
,
ULONG
Reserved1
,
ULONG
TargetDataRep
,
PSecBufferDesc
pInput
,
ULONG
Reserved2
,
PCtxtHandle
phNewContext
,
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
{
SECURITY_STATUS
ret
;
TRACE
(
"%p %p %s 0x%08x %d %d %p %d %p %p %p %p
\n
"
,
phCredential
,
phContext
,
if
(
pszPackage
)
debugstr_a
(
pszTargetName
),
fContextReq
,
Reserved1
,
TargetDataRep
,
pInput
,
{
Reserved1
,
phNewContext
,
pOutput
,
pfContextAttr
,
ptsExpiry
);
int
package_len
=
MultiByteToWideChar
(
CP_ACP
,
0
,
pszPackage
,
-
1
,
NULL
,
0
);
if
(
phCredential
){
package
=
HeapAlloc
(
GetProcessHeap
(),
0
,
package_len
*
sizeof
(
SEC_WCHAR
)
);
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
if
(
!
package
)
return
SEC_E_INSUFFICIENT_MEMORY
;
MultiByteToWideChar
(
CP_ACP
,
0
,
pszPackage
,
-
1
,
package
,
package_len
);
}
}
else
if
(
pAuthData
)
{
{
ret
=
SEC_E_INVALID_HANDLE
;
SEC_WINNT_AUTH_IDENTITY_A
*
identity
=
pAuthData
;
int
user_len
,
domain_len
,
passwd_len
;
if
(
identity
->
Flags
==
SEC_WINNT_AUTH_IDENTITY_ANSI
)
{
identityW
=
HeapAlloc
(
GetProcessHeap
(),
0
,
sizeof
(
*
identityW
)
);
if
(
!
identityW
)
goto
done
;
if
(
!
identity
->
UserLength
)
user_len
=
0
;
else
{
user_len
=
MultiByteToWideChar
(
CP_ACP
,
0
,
(
LPCSTR
)
identity
->
User
,
identity
->
UserLength
,
NULL
,
0
);
user
=
HeapAlloc
(
GetProcessHeap
(),
0
,
user_len
*
sizeof
(
SEC_WCHAR
)
);
if
(
!
user
)
goto
done
;
MultiByteToWideChar
(
CP_ACP
,
0
,
(
LPCSTR
)
identity
->
User
,
identity
->
UserLength
,
user
,
user_len
);
}
if
(
!
identity
->
DomainLength
)
domain_len
=
0
;
else
{
domain_len
=
MultiByteToWideChar
(
CP_ACP
,
0
,
(
LPCSTR
)
identity
->
Domain
,
identity
->
DomainLength
,
NULL
,
0
);
domain
=
HeapAlloc
(
GetProcessHeap
(),
0
,
domain_len
*
sizeof
(
SEC_WCHAR
)
);
if
(
!
domain
)
goto
done
;
MultiByteToWideChar
(
CP_ACP
,
0
,
(
LPCSTR
)
identity
->
Domain
,
identity
->
DomainLength
,
domain
,
domain_len
);
}
if
(
!
identity
->
PasswordLength
)
passwd_len
=
0
;
else
{
passwd_len
=
MultiByteToWideChar
(
CP_ACP
,
0
,
(
LPCSTR
)
identity
->
Password
,
identity
->
PasswordLength
,
NULL
,
0
);
passwd
=
HeapAlloc
(
GetProcessHeap
(),
0
,
passwd_len
*
sizeof
(
SEC_WCHAR
)
);
if
(
!
passwd
)
goto
done
;
MultiByteToWideChar
(
CP_ACP
,
0
,
(
LPCSTR
)
identity
->
Password
,
identity
->
PasswordLength
,
passwd
,
passwd_len
);
}
identityW
->
Flags
=
SEC_WINNT_AUTH_IDENTITY_UNICODE
;
identityW
->
User
=
user
;
identityW
->
UserLength
=
user_len
;
identityW
->
Domain
=
domain
;
identityW
->
DomainLength
=
domain_len
;
identityW
->
Password
=
passwd
;
identityW
->
PasswordLength
=
passwd_len
;
}
else
identityW
=
(
SEC_WINNT_AUTH_IDENTITY_W
*
)
identity
;
}
}
ret
=
nego_AcquireCredentialsHandleW
(
NULL
,
package
,
fCredentialUse
,
pLogonID
,
identityW
,
pGetKeyFn
,
pGetKeyArgument
,
phCredential
,
ptsExpiry
);
done:
HeapFree
(
GetProcessHeap
(),
0
,
package
);
HeapFree
(
GetProcessHeap
(),
0
,
user
);
HeapFree
(
GetProcessHeap
(),
0
,
domain
);
HeapFree
(
GetProcessHeap
(),
0
,
passwd
);
HeapFree
(
GetProcessHeap
(),
0
,
identityW
);
return
ret
;
return
ret
;
}
}
...
@@ -153,24 +168,50 @@ static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextA(
...
@@ -153,24 +168,50 @@ static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextA(
* InitializeSecurityContextW
* InitializeSecurityContextW
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_InitializeSecurityContextW
(
static
SECURITY_STATUS
SEC_ENTRY
nego_InitializeSecurityContextW
(
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
SEC_WCHAR
*
pszTargetName
,
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
SEC_WCHAR
*
pszTargetName
,
ULONG
fContextReq
,
ULONG
Reserved1
,
ULONG
TargetDataRep
,
ULONG
fContextReq
,
ULONG
Reserved1
,
ULONG
TargetDataRep
,
PSecBufferDesc
pInput
,
ULONG
Reserved2
,
PCtxtHandle
phNewContext
,
PSecBufferDesc
pInput
,
ULONG
Reserved2
,
PCtxtHandle
phNewContext
,
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
{
TRACE
(
"%p, %p, %s, 0x%08x, %u, %u, %p, %u, %p, %p, %p, %p
\n
"
,
phCredential
,
phContext
,
debugstr_w
(
pszTargetName
),
fContextReq
,
Reserved1
,
TargetDataRep
,
pInput
,
Reserved1
,
phNewContext
,
pOutput
,
pfContextAttr
,
ptsExpiry
);
return
ntlm_InitializeSecurityContextW
(
phCredential
,
phContext
,
pszTargetName
,
fContextReq
,
Reserved1
,
TargetDataRep
,
pInput
,
Reserved2
,
phNewContext
,
pOutput
,
pfContextAttr
,
ptsExpiry
);
}
/***********************************************************************
* InitializeSecurityContextA
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_InitializeSecurityContextA
(
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
SEC_CHAR
*
pszTargetName
,
ULONG
fContextReq
,
ULONG
Reserved1
,
ULONG
TargetDataRep
,
PSecBufferDesc
pInput
,
ULONG
Reserved2
,
PCtxtHandle
phNewContext
,
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
{
{
SECURITY_STATUS
ret
;
SECURITY_STATUS
ret
;
SEC_WCHAR
*
target
=
NULL
;
TRACE
(
"%p, %p, %s, 0x%08x, %u, %u, %p, %u, %p, %p, %p, %p
\n
"
,
phCredential
,
phContext
,
debugstr_a
(
pszTargetName
),
fContextReq
,
Reserved1
,
TargetDataRep
,
pInput
,
Reserved1
,
phNewContext
,
pOutput
,
pfContextAttr
,
ptsExpiry
);
TRACE
(
"%p %p %s %d %d %d %p %d %p %p %p %p
\n
"
,
phCredential
,
phContext
,
if
(
pszTargetName
)
debugstr_w
(
pszTargetName
),
fContextReq
,
Reserved1
,
TargetDataRep
,
pInput
,
Reserved1
,
phNewContext
,
pOutput
,
pfContextAttr
,
ptsExpiry
);
if
(
phCredential
)
{
{
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
int
target_len
=
MultiByteToWideChar
(
CP_ACP
,
0
,
pszTargetName
,
-
1
,
NULL
,
0
);
}
target
=
HeapAlloc
(
GetProcessHeap
(),
0
,
target_len
*
sizeof
(
SEC_WCHAR
)
);
else
if
(
!
target
)
return
SEC_E_INSUFFICIENT_MEMORY
;
{
MultiByteToWideChar
(
CP_ACP
,
0
,
pszTargetName
,
-
1
,
target
,
target_len
);
ret
=
SEC_E_INVALID_HANDLE
;
}
}
ret
=
nego_InitializeSecurityContextW
(
phCredential
,
phContext
,
target
,
fContextReq
,
Reserved1
,
TargetDataRep
,
pInput
,
Reserved2
,
phNewContext
,
pOutput
,
pfContextAttr
,
ptsExpiry
);
HeapFree
(
GetProcessHeap
(),
0
,
target
);
return
ret
;
return
ret
;
}
}
...
@@ -178,24 +219,17 @@ static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextW(
...
@@ -178,24 +219,17 @@ static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextW(
* AcceptSecurityContext
* AcceptSecurityContext
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_AcceptSecurityContext
(
static
SECURITY_STATUS
SEC_ENTRY
nego_AcceptSecurityContext
(
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
PSecBufferDesc
pInput
,
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
PSecBufferDesc
pInput
,
ULONG
fContextReq
,
ULONG
TargetDataRep
,
PCtxtHandle
phNewContext
,
ULONG
fContextReq
,
ULONG
TargetDataRep
,
PCtxtHandle
phNewContext
,
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
{
{
SECURITY_STATUS
ret
;
TRACE
(
"%p, %p, %p, 0x%08x, %u, %p, %p, %p, %p
\n
"
,
phCredential
,
phContext
,
pInput
,
fContextReq
,
TargetDataRep
,
phNewContext
,
pOutput
,
pfContextAttr
,
ptsExpiry
);
TRACE
(
"%p %p %p %d %d %p %p %p %p
\n
"
,
phCredential
,
phContext
,
pInput
,
return
ntlm_AcceptSecurityContext
(
phCredential
,
phContext
,
pInput
,
fContextReq
,
TargetDataRep
,
phNewContext
,
pOutput
,
pfContextAttr
,
fContextReq
,
TargetDataRep
,
phNewContext
,
ptsExpiry
);
pOutput
,
pfContextAttr
,
ptsExpiry
);
if
(
phCredential
)
{
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
}
else
{
ret
=
SEC_E_INVALID_HANDLE
;
}
return
ret
;
}
}
/***********************************************************************
/***********************************************************************
...
@@ -223,18 +257,9 @@ static SECURITY_STATUS SEC_ENTRY nego_CompleteAuthToken(PCtxtHandle phContext,
...
@@ -223,18 +257,9 @@ static SECURITY_STATUS SEC_ENTRY nego_CompleteAuthToken(PCtxtHandle phContext,
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_DeleteSecurityContext
(
PCtxtHandle
phContext
)
static
SECURITY_STATUS
SEC_ENTRY
nego_DeleteSecurityContext
(
PCtxtHandle
phContext
)
{
{
SECURITY_STATUS
ret
;
TRACE
(
"%p
\n
"
,
phContext
);
TRACE
(
"%p
\n
"
,
phContext
);
if
(
phContext
)
{
return
ntlm_DeleteSecurityContext
(
phContext
);
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
}
else
{
ret
=
SEC_E_INVALID_HANDLE
;
}
return
ret
;
}
}
/***********************************************************************
/***********************************************************************
...
@@ -260,25 +285,32 @@ static SECURITY_STATUS SEC_ENTRY nego_ApplyControlToken(PCtxtHandle phContext,
...
@@ -260,25 +285,32 @@ static SECURITY_STATUS SEC_ENTRY nego_ApplyControlToken(PCtxtHandle phContext,
/***********************************************************************
/***********************************************************************
* QueryContextAttributesW
* QueryContextAttributesW
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryContextAttributesW
(
PCtxtHandle
phContext
,
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryContextAttributesW
(
ULONG
ulAttribute
,
void
*
pBuffer
)
PCtxtHandle
phContext
,
ULONG
ulAttribute
,
void
*
pBuffer
)
{
{
SECURITY_STATUS
ret
;
TRACE
(
"%p, %u, %p
\n
"
,
phContext
,
ulAttribute
,
pBuffer
)
;
/* FIXME: From reading wrapper.h, I think the dwUpper part of a context is
switch
(
ulAttribute
)
* the SecurePackage part and the dwLower part is the actual context
* handle. It should be easy to extract the context attributes from that.
*/
TRACE
(
"%p %d %p
\n
"
,
phContext
,
ulAttribute
,
pBuffer
);
if
(
phContext
)
{
{
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
case
SECPKG_ATTR_SIZES
:
{
SecPkgContext_Sizes
*
sizes
=
(
SecPkgContext_Sizes
*
)
pBuffer
;
sizes
->
cbMaxToken
=
2888
;
sizes
->
cbMaxSignature
=
16
;
sizes
->
cbSecurityTrailer
=
16
;
sizes
->
cbBlockSize
=
0
;
return
SEC_E_OK
;
}
}
else
case
SECPKG_ATTR_NEGOTIATION_INFO
:
{
{
ret
=
SEC_E_INVALID_HANDLE
;
SecPkgContext_NegotiationInfoW
*
info
=
(
SecPkgContext_NegotiationInfoW
*
)
pBuffer
;
info
->
PackageInfo
=
ntlm_package_infoW
;
info
->
NegotiationState
=
SECPKG_NEGOTIATION_COMPLETE
;
return
SEC_E_OK
;
}
default:
return
ntlm_QueryContextAttributesW
(
phContext
,
ulAttribute
,
pBuffer
);
}
}
return
ret
;
}
}
/***********************************************************************
/***********************************************************************
...
@@ -287,7 +319,29 @@ static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesW(PCtxtHandle phCont
...
@@ -287,7 +319,29 @@ static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesW(PCtxtHandle phCont
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryContextAttributesA
(
PCtxtHandle
phContext
,
static
SECURITY_STATUS
SEC_ENTRY
nego_QueryContextAttributesA
(
PCtxtHandle
phContext
,
ULONG
ulAttribute
,
void
*
pBuffer
)
ULONG
ulAttribute
,
void
*
pBuffer
)
{
{
return
nego_QueryContextAttributesW
(
phContext
,
ulAttribute
,
pBuffer
);
TRACE
(
"%p, %u, %p
\n
"
,
phContext
,
ulAttribute
,
pBuffer
);
switch
(
ulAttribute
)
{
case
SECPKG_ATTR_SIZES
:
{
SecPkgContext_Sizes
*
sizes
=
(
SecPkgContext_Sizes
*
)
pBuffer
;
sizes
->
cbMaxToken
=
2888
;
sizes
->
cbMaxSignature
=
16
;
sizes
->
cbSecurityTrailer
=
16
;
sizes
->
cbBlockSize
=
0
;
return
SEC_E_OK
;
}
case
SECPKG_ATTR_NEGOTIATION_INFO
:
{
SecPkgContext_NegotiationInfoA
*
info
=
(
SecPkgContext_NegotiationInfoA
*
)
pBuffer
;
info
->
PackageInfo
=
ntlm_package_infoA
;
info
->
NegotiationState
=
SECPKG_NEGOTIATION_COMPLETE
;
return
SEC_E_OK
;
}
default:
return
ntlm_QueryContextAttributesA
(
phContext
,
ulAttribute
,
pBuffer
);
}
}
}
/***********************************************************************
/***********************************************************************
...
@@ -331,52 +385,64 @@ static SECURITY_STATUS SEC_ENTRY nego_RevertSecurityContext(PCtxtHandle phContex
...
@@ -331,52 +385,64 @@ static SECURITY_STATUS SEC_ENTRY nego_RevertSecurityContext(PCtxtHandle phContex
/***********************************************************************
/***********************************************************************
* MakeSignature
* MakeSignature
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_MakeSignature
(
PCtxtHandle
phContext
,
ULONG
fQOP
,
static
SECURITY_STATUS
SEC_ENTRY
nego_MakeSignature
(
PCtxtHandle
phContext
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
)
ULONG
fQOP
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
)
{
{
SECURITY_STATUS
ret
;
TRACE
(
"%p, 0x%08x, %p, %u
\n
"
,
phContext
,
fQOP
,
pMessage
,
MessageSeqNo
)
;
TRACE
(
"%p %d %p %d
\n
"
,
phContext
,
fQOP
,
pMessage
,
MessageSeqNo
);
return
ntlm_MakeSignature
(
phContext
,
fQOP
,
pMessage
,
MessageSeqNo
);
if
(
phContext
)
{
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
}
else
{
ret
=
SEC_E_INVALID_HANDLE
;
}
return
ret
;
}
}
/***********************************************************************
/***********************************************************************
* VerifySignature
* VerifySignature
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
nego_VerifySignature
(
PCtxtHandle
phContext
,
static
SECURITY_STATUS
SEC_ENTRY
nego_VerifySignature
(
PCtxtHandle
phContext
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
,
PULONG
pfQOP
)
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
,
PULONG
pfQOP
)
{
{
SECURITY_STATUS
ret
;
TRACE
(
"%p, %p, %u, %p
\n
"
,
phContext
,
pMessage
,
MessageSeqNo
,
pfQOP
)
;
TRACE
(
"%p %p %d %p
\n
"
,
phContext
,
pMessage
,
MessageSeqNo
,
pfQOP
);
return
ntlm_VerifySignature
(
phContext
,
pMessage
,
MessageSeqNo
,
pfQOP
);
if
(
phContext
)
}
{
ret
=
SEC_E_UNSUPPORTED_FUNCTION
;
/***********************************************************************
}
* FreeCredentialsHandle
else
*/
{
SECURITY_STATUS
SEC_ENTRY
nego_FreeCredentialsHandle
(
PCredHandle
phCredential
)
ret
=
SEC_E_INVALID_HANDLE
;
{
}
TRACE
(
"%p
\n
"
,
phCredential
);
return
ret
;
return
ntlm_FreeCredentialsHandle
(
phCredential
);
}
}
/***********************************************************************
* EncryptMessage
*/
SECURITY_STATUS
SEC_ENTRY
nego_EncryptMessage
(
PCtxtHandle
phContext
,
ULONG
fQOP
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
)
{
TRACE
(
"%p, 0x%08x, %p, %u
\n
"
,
phContext
,
fQOP
,
pMessage
,
MessageSeqNo
);
return
ntlm_EncryptMessage
(
phContext
,
fQOP
,
pMessage
,
MessageSeqNo
);
}
/***********************************************************************
* DecryptMessage
*/
SECURITY_STATUS
SEC_ENTRY
nego_DecryptMessage
(
PCtxtHandle
phContext
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
,
PULONG
pfQOP
)
{
TRACE
(
"%p, %p, %u, %p
\n
"
,
phContext
,
pMessage
,
MessageSeqNo
,
pfQOP
);
return
ntlm_DecryptMessage
(
phContext
,
pMessage
,
MessageSeqNo
,
pfQOP
);
}
static
const
SecurityFunctionTableA
negoTableA
=
{
static
const
SecurityFunctionTableA
negoTableA
=
{
1
,
1
,
NULL
,
/* EnumerateSecurityPackagesA */
NULL
,
/* EnumerateSecurityPackagesA */
nego_QueryCredentialsAttributesA
,
/* QueryCredentialsAttributesA */
nego_QueryCredentialsAttributesA
,
/* QueryCredentialsAttributesA */
nego_AcquireCredentialsHandleA
,
/* AcquireCredentialsHandleA */
nego_AcquireCredentialsHandleA
,
/* AcquireCredentialsHandleA */
FreeCredentialsHandle
,
/* FreeCredentialsHandle */
nego_FreeCredentialsHandle
,
/* FreeCredentialsHandle */
NULL
,
/* Reserved2 */
NULL
,
/* Reserved2 */
nego_InitializeSecurityContextA
,
/* InitializeSecurityContextA */
nego_InitializeSecurityContextA
,
/* InitializeSecurityContextA */
nego_AcceptSecurityContext
,
/* AcceptSecurityContext */
nego_AcceptSecurityContext
,
/* AcceptSecurityContext */
nego_CompleteAuthToken
,
/* CompleteAuthToken */
nego_CompleteAuthToken
,
/* CompleteAuthToken */
...
@@ -396,18 +462,18 @@ static const SecurityFunctionTableA negoTableA = {
...
@@ -396,18 +462,18 @@ static const SecurityFunctionTableA negoTableA = {
NULL
,
/* AddCredentialsA */
NULL
,
/* AddCredentialsA */
NULL
,
/* Reserved8 */
NULL
,
/* Reserved8 */
NULL
,
/* QuerySecurityContextToken */
NULL
,
/* QuerySecurityContextToken */
NULL
,
/* EncryptMessage */
nego_EncryptMessage
,
/* EncryptMessage */
NULL
,
/* DecryptMessage */
nego_DecryptMessage
,
/* DecryptMessage */
NULL
,
/* SetContextAttributesA */
NULL
,
/* SetContextAttributesA */
};
};
static
const
SecurityFunctionTableW
negoTableW
=
{
static
const
SecurityFunctionTableW
negoTableW
=
{
1
,
1
,
NULL
,
/* EnumerateSecurityPackagesW */
NULL
,
/* EnumerateSecurityPackagesW */
nego_QueryCredentialsAttributesW
,
/* QueryCredentialsAttributesW */
nego_QueryCredentialsAttributesW
,
/* QueryCredentialsAttributesW */
nego_AcquireCredentialsHandleW
,
/* AcquireCredentialsHandleW */
nego_AcquireCredentialsHandleW
,
/* AcquireCredentialsHandleW */
FreeCredentialsHandle
,
/* FreeCredentialsHandle */
nego_FreeCredentialsHandle
,
/* FreeCredentialsHandle */
NULL
,
/* Reserved2 */
NULL
,
/* Reserved2 */
nego_InitializeSecurityContextW
,
/* InitializeSecurityContextW */
nego_InitializeSecurityContextW
,
/* InitializeSecurityContextW */
nego_AcceptSecurityContext
,
/* AcceptSecurityContext */
nego_AcceptSecurityContext
,
/* AcceptSecurityContext */
nego_CompleteAuthToken
,
/* CompleteAuthToken */
nego_CompleteAuthToken
,
/* CompleteAuthToken */
...
@@ -427,51 +493,41 @@ static const SecurityFunctionTableW negoTableW = {
...
@@ -427,51 +493,41 @@ static const SecurityFunctionTableW negoTableW = {
NULL
,
/* AddCredentialsW */
NULL
,
/* AddCredentialsW */
NULL
,
/* Reserved8 */
NULL
,
/* Reserved8 */
NULL
,
/* QuerySecurityContextToken */
NULL
,
/* QuerySecurityContextToken */
NULL
,
/* EncryptMessage */
nego_EncryptMessage
,
/* EncryptMessage */
NULL
,
/* DecryptMessage */
nego_DecryptMessage
,
/* DecryptMessage */
NULL
,
/* SetContextAttributesW */
NULL
,
/* SetContextAttributesW */
};
};
/* Disable for now, see comment below.*/
#define NEGO_MAX_TOKEN 12000
#if 0
static WCHAR negotiate_comment_W[] = { 'M', 'i', 'c', 'r', 'o', 's', 'o',
static
WCHAR
nego_name_W
[]
=
{
'N'
,
'e'
,
'g'
,
'o'
,
't'
,
'i'
,
'a'
,
't'
,
'e'
,
0
};
'f', 't', ' ', 'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', 'N', 'e', 'g', 'o',
static
char
nego_name_A
[]
=
"Negotiate"
;
't', 'i', 'a', 't', 'o', 'r', 0};
static
WCHAR
negotiate_comment_W
[]
=
{
'M'
,
'i'
,
'c'
,
'r'
,
'o'
,
's'
,
'o'
,
'f'
,
't'
,
' '
,
'P'
,
'a'
,
'c'
,
'k'
,
'a'
,
'g'
,
'e'
,
' '
,
'N'
,
'e'
,
'g'
,
'o'
,
't'
,
'i'
,
'a'
,
't'
,
'o'
,
'r'
,
0
};
static
CHAR
negotiate_comment_A
[]
=
"Microsoft Package Negotiator"
;
static
CHAR
negotiate_comment_A
[]
=
"Microsoft Package Negotiator"
;
#endif
#define CAPS ( \
SECPKG_FLAG_INTEGRITY | \
SECPKG_FLAG_PRIVACY | \
SECPKG_FLAG_CONNECTION | \
SECPKG_FLAG_MULTI_REQUIRED | \
SECPKG_FLAG_EXTENDED_ERROR | \
SECPKG_FLAG_IMPERSONATION | \
SECPKG_FLAG_ACCEPT_WIN32_NAME | \
SECPKG_FLAG_NEGOTIABLE | \
SECPKG_FLAG_GSS_COMPATIBLE | \
SECPKG_FLAG_LOGON | \
SECPKG_FLAG_RESTRICTED_TOKENS )
void
SECUR32_initNegotiateSP
(
void
)
void
SECUR32_initNegotiateSP
(
void
)
{
{
/* Disable until we really implement a Negotiate provider.
SecureProvider
*
provider
=
SECUR32_addProvider
(
&
negoTableA
,
&
negoTableW
,
NULL
);
* For now, the NTLM provider will pretend to be the Negotiate provider as well.
* Windows seems to be able to deal with it, and it makes several programs
* happy. */
#if 0
SecureProvider *provider = SECUR32_addProvider(&negoTableA, &negoTableW,
NULL);
/* According to Windows, Negotiate has the following capabilities.
*/
static const LONG caps =
SECPKG_FLAG_INTEGRITY |
SECPKG_FLAG_PRIVACY |
SECPKG_FLAG_CONNECTION |
SECPKG_FLAG_MULTI_REQUIRED |
SECPKG_FLAG_EXTENDED_ERROR |
SECPKG_FLAG_IMPERSONATION |
SECPKG_FLAG_ACCEPT_WIN32_NAME |
SECPKG_FLAG_READONLY_WITH_CHECKSUM;
static const USHORT version = 1;
static const USHORT rpcid = 15;
static const ULONG max_token = 12000;
const SecPkgInfoW infoW = { caps, version, rpcid, max_token, nego_name_W,
negotiate_comment_W};
const SecPkgInfoA infoA = { caps, version, rpcid, max_token, nego_name_A,
negotiate_comment_A};
const
SecPkgInfoW
infoW
=
{
CAPS
,
1
,
RPC_C_AUTHN_GSS_NEGOTIATE
,
NEGO_MAX_TOKEN
,
nego_name_W
,
negotiate_comment_W
};
const
SecPkgInfoA
infoA
=
{
CAPS
,
1
,
RPC_C_AUTHN_GSS_NEGOTIATE
,
NEGO_MAX_TOKEN
,
nego_name_A
,
negotiate_comment_A
};
SECUR32_addPackages
(
provider
,
1L
,
&
infoA
,
&
infoW
);
SECUR32_addPackages
(
provider
,
1L
,
&
infoA
,
&
infoW
);
#endif
}
}
dlls/secur32/ntlm.c
View file @
19f8c79f
...
@@ -43,18 +43,6 @@ WINE_DECLARE_DEBUG_CHANNEL(winediag);
...
@@ -43,18 +43,6 @@ WINE_DECLARE_DEBUG_CHANNEL(winediag);
static
CHAR
ntlm_auth
[]
=
"ntlm_auth"
;
static
CHAR
ntlm_auth
[]
=
"ntlm_auth"
;
typedef
struct
_NtlmCredentials
{
HelperMode
mode
;
/* these are all in the Unix codepage */
char
*
username_arg
;
char
*
domain_arg
;
char
*
password
;
/* not nul-terminated */
int
pwlen
;
int
no_cached_credentials
;
/* don't try to use cached Samba credentials */
}
NtlmCredentials
,
*
PNtlmCredentials
;
/***********************************************************************
/***********************************************************************
* QueryCredentialsAttributesA
* QueryCredentialsAttributesA
*/
*/
...
@@ -136,7 +124,7 @@ static char *ntlm_GetDomainArg(LPCWSTR domainW, INT domainW_length)
...
@@ -136,7 +124,7 @@ static char *ntlm_GetDomainArg(LPCWSTR domainW, INT domainW_length)
/***********************************************************************
/***********************************************************************
* AcquireCredentialsHandleW
* AcquireCredentialsHandleW
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_AcquireCredentialsHandleW
(
SECURITY_STATUS
SEC_ENTRY
ntlm_AcquireCredentialsHandleW
(
SEC_WCHAR
*
pszPrincipal
,
SEC_WCHAR
*
pszPackage
,
ULONG
fCredentialUse
,
SEC_WCHAR
*
pszPrincipal
,
SEC_WCHAR
*
pszPackage
,
ULONG
fCredentialUse
,
PLUID
pLogonID
,
PVOID
pAuthData
,
SEC_GET_KEY_FN
pGetKeyFn
,
PLUID
pLogonID
,
PVOID
pAuthData
,
SEC_GET_KEY_FN
pGetKeyFn
,
PVOID
pGetKeyArgument
,
PCredHandle
phCredential
,
PTimeStamp
ptsExpiry
)
PVOID
pGetKeyArgument
,
PCredHandle
phCredential
,
PTimeStamp
ptsExpiry
)
...
@@ -425,7 +413,7 @@ static BOOL ntlm_GetCachedCredential(const SEC_WCHAR *pszTargetName, PCREDENTIAL
...
@@ -425,7 +413,7 @@ static BOOL ntlm_GetCachedCredential(const SEC_WCHAR *pszTargetName, PCREDENTIAL
/***********************************************************************
/***********************************************************************
* InitializeSecurityContextW
* InitializeSecurityContextW
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_InitializeSecurityContextW
(
SECURITY_STATUS
SEC_ENTRY
ntlm_InitializeSecurityContextW
(
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
SEC_WCHAR
*
pszTargetName
,
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
SEC_WCHAR
*
pszTargetName
,
ULONG
fContextReq
,
ULONG
Reserved1
,
ULONG
TargetDataRep
,
ULONG
fContextReq
,
ULONG
Reserved1
,
ULONG
TargetDataRep
,
PSecBufferDesc
pInput
,
ULONG
Reserved2
,
PCtxtHandle
phNewContext
,
PSecBufferDesc
pInput
,
ULONG
Reserved2
,
PCtxtHandle
phNewContext
,
...
@@ -970,7 +958,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextA(
...
@@ -970,7 +958,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextA(
/***********************************************************************
/***********************************************************************
* AcceptSecurityContext
* AcceptSecurityContext
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_AcceptSecurityContext
(
SECURITY_STATUS
SEC_ENTRY
ntlm_AcceptSecurityContext
(
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
PSecBufferDesc
pInput
,
PCredHandle
phCredential
,
PCtxtHandle
phContext
,
PSecBufferDesc
pInput
,
ULONG
fContextReq
,
ULONG
TargetDataRep
,
PCtxtHandle
phNewContext
,
ULONG
fContextReq
,
ULONG
TargetDataRep
,
PCtxtHandle
phNewContext
,
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
PSecBufferDesc
pOutput
,
ULONG
*
pfContextAttr
,
PTimeStamp
ptsExpiry
)
...
@@ -1343,7 +1331,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_CompleteAuthToken(PCtxtHandle phContext,
...
@@ -1343,7 +1331,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_CompleteAuthToken(PCtxtHandle phContext,
/***********************************************************************
/***********************************************************************
* DeleteSecurityContext
* DeleteSecurityContext
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_DeleteSecurityContext
(
PCtxtHandle
phContext
)
SECURITY_STATUS
SEC_ENTRY
ntlm_DeleteSecurityContext
(
PCtxtHandle
phContext
)
{
{
PNegoHelper
helper
;
PNegoHelper
helper
;
...
@@ -1372,7 +1360,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle phContex
...
@@ -1372,7 +1360,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle phContex
/***********************************************************************
/***********************************************************************
* QueryContextAttributesW
* QueryContextAttributesW
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_QueryContextAttributesW
(
PCtxtHandle
phContext
,
SECURITY_STATUS
SEC_ENTRY
ntlm_QueryContextAttributesW
(
PCtxtHandle
phContext
,
ULONG
ulAttribute
,
void
*
pBuffer
)
ULONG
ulAttribute
,
void
*
pBuffer
)
{
{
TRACE
(
"%p %d %p
\n
"
,
phContext
,
ulAttribute
,
pBuffer
);
TRACE
(
"%p %d %p
\n
"
,
phContext
,
ulAttribute
,
pBuffer
);
...
@@ -1427,7 +1415,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phCont
...
@@ -1427,7 +1415,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phCont
/***********************************************************************
/***********************************************************************
* QueryContextAttributesA
* QueryContextAttributesA
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_QueryContextAttributesA
(
PCtxtHandle
phContext
,
SECURITY_STATUS
SEC_ENTRY
ntlm_QueryContextAttributesA
(
PCtxtHandle
phContext
,
ULONG
ulAttribute
,
void
*
pBuffer
)
ULONG
ulAttribute
,
void
*
pBuffer
)
{
{
return
ntlm_QueryContextAttributesW
(
phContext
,
ulAttribute
,
pBuffer
);
return
ntlm_QueryContextAttributesW
(
phContext
,
ulAttribute
,
pBuffer
);
...
@@ -1607,8 +1595,8 @@ static SECURITY_STATUS ntlm_CreateSignature(PNegoHelper helper, PSecBufferDesc p
...
@@ -1607,8 +1595,8 @@ static SECURITY_STATUS ntlm_CreateSignature(PNegoHelper helper, PSecBufferDesc p
/***********************************************************************
/***********************************************************************
* MakeSignature
* MakeSignature
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_MakeSignature
(
PCtxtHandle
phContext
,
ULONG
fQOP
,
SECURITY_STATUS
SEC_ENTRY
ntlm_MakeSignature
(
PCtxtHandle
phContext
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
)
ULONG
fQOP
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
)
{
{
PNegoHelper
helper
;
PNegoHelper
helper
;
int
token_idx
;
int
token_idx
;
...
@@ -1642,8 +1630,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle phContext, ULONG
...
@@ -1642,8 +1630,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle phContext, ULONG
/***********************************************************************
/***********************************************************************
* VerifySignature
* VerifySignature
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_VerifySignature
(
PCtxtHandle
phContext
,
SECURITY_STATUS
SEC_ENTRY
ntlm_VerifySignature
(
PCtxtHandle
phContext
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
,
PULONG
pfQOP
)
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
,
PULONG
pfQOP
)
{
{
PNegoHelper
helper
;
PNegoHelper
helper
;
ULONG
fQOP
=
0
;
ULONG
fQOP
=
0
;
...
@@ -1714,8 +1702,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext,
...
@@ -1714,8 +1702,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext,
/***********************************************************************
/***********************************************************************
* FreeCredentialsHandle
* FreeCredentialsHandle
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_FreeCredentialsHandle
(
SECURITY_STATUS
SEC_ENTRY
ntlm_FreeCredentialsHandle
(
PCredHandle
phCredential
)
PCredHandle
phCredential
)
{
{
SECURITY_STATUS
ret
;
SECURITY_STATUS
ret
;
...
@@ -1740,8 +1727,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_FreeCredentialsHandle(
...
@@ -1740,8 +1727,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_FreeCredentialsHandle(
/***********************************************************************
/***********************************************************************
* EncryptMessage
* EncryptMessage
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_EncryptMessage
(
PCtxtHandle
phContext
,
SECURITY_STATUS
SEC_ENTRY
ntlm_EncryptMessage
(
PCtxtHandle
phContext
,
ULONG
fQOP
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
)
ULONG
fQOP
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
)
{
{
PNegoHelper
helper
;
PNegoHelper
helper
;
int
token_idx
,
data_idx
;
int
token_idx
,
data_idx
;
...
@@ -1811,8 +1798,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext,
...
@@ -1811,8 +1798,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext,
/***********************************************************************
/***********************************************************************
* DecryptMessage
* DecryptMessage
*/
*/
static
SECURITY_STATUS
SEC_ENTRY
ntlm_DecryptMessage
(
PCtxtHandle
phContext
,
SECURITY_STATUS
SEC_ENTRY
ntlm_DecryptMessage
(
PCtxtHandle
phContext
,
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
,
PULONG
pfQOP
)
PSecBufferDesc
pMessage
,
ULONG
MessageSeqNo
,
PULONG
pfQOP
)
{
{
SECURITY_STATUS
ret
;
SECURITY_STATUS
ret
;
ULONG
ntlmssp_flags_save
;
ULONG
ntlmssp_flags_save
;
...
@@ -1971,50 +1958,8 @@ static const SecPkgInfoA infoA = {
...
@@ -1971,50 +1958,8 @@ static const SecPkgInfoA infoA = {
ntlm_comment_A
ntlm_comment_A
};
};
#define NEGO_COMMENT { 'M', 'i', 'c', 'r', 'o', 's', 'o', 'f', 't', ' ', \
SecPkgInfoA
*
ntlm_package_infoA
=
(
SecPkgInfoA
*
)
&
infoA
;
'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', \
SecPkgInfoW
*
ntlm_package_infoW
=
(
SecPkgInfoW
*
)
&
infoW
;
'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'o', 'r', 0}
static
CHAR
nego_comment_A
[]
=
NEGO_COMMENT
;
static
WCHAR
nego_comment_W
[]
=
NEGO_COMMENT
;
#define NEGO_NAME {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0}
static
CHAR
nego_name_A
[]
=
NEGO_NAME
;
static
WCHAR
nego_name_W
[]
=
NEGO_NAME
;
#define NEGO_CAPS (\
SECPKG_FLAG_INTEGRITY | \
SECPKG_FLAG_PRIVACY | \
SECPKG_FLAG_CONNECTION | \
SECPKG_FLAG_MULTI_REQUIRED | \
SECPKG_FLAG_EXTENDED_ERROR | \
SECPKG_FLAG_IMPERSONATION | \
SECPKG_FLAG_ACCEPT_WIN32_NAME | \
SECPKG_FLAG_READONLY_WITH_CHECKSUM )
/* Not used for now, just kept here for completeness sake. We need to use the
* NTLM_MAX_BUF value. If the hack works, we might want to refactor the code a
* bit. */
#define NEGO_MAX_TOKEN 12000
static
const
SecPkgInfoW
nego_infoW
=
{
NEGO_CAPS
,
1
,
RPC_C_AUTHN_GSS_NEGOTIATE
,
NTLM_MAX_BUF
,
nego_name_W
,
nego_comment_W
};
static
const
SecPkgInfoA
nego_infoA
=
{
NEGO_CAPS
,
1
,
RPC_C_AUTHN_GSS_NEGOTIATE
,
NTLM_MAX_BUF
,
nego_name_A
,
nego_comment_A
};
void
SECUR32_initNTLMSP
(
void
)
void
SECUR32_initNTLMSP
(
void
)
{
{
...
@@ -2040,11 +1985,7 @@ void SECUR32_initNTLMSP(void)
...
@@ -2040,11 +1985,7 @@ void SECUR32_initNTLMSP(void)
helper
->
micro
>=
MIN_NTLM_AUTH_MICRO_VERSION
))
)
helper
->
micro
>=
MIN_NTLM_AUTH_MICRO_VERSION
))
)
{
{
SecureProvider
*
provider
=
SECUR32_addProvider
(
&
ntlmTableA
,
&
ntlmTableW
,
NULL
);
SecureProvider
*
provider
=
SECUR32_addProvider
(
&
ntlmTableA
,
&
ntlmTableW
,
NULL
);
SecureProvider
*
nego_provider
=
SECUR32_addProvider
(
&
ntlmTableA
,
&
ntlmTableW
,
NULL
);
SECUR32_addPackages
(
provider
,
1L
,
ntlm_package_infoA
,
ntlm_package_infoW
);
SECUR32_addPackages
(
provider
,
1L
,
&
infoA
,
&
infoW
);
/* HACK: Also pretend this is the Negotiate provider */
SECUR32_addPackages
(
nego_provider
,
1L
,
&
nego_infoA
,
&
nego_infoW
);
}
}
else
else
{
{
...
...
dlls/secur32/secur32_priv.h
View file @
19f8c79f
...
@@ -85,6 +85,18 @@ typedef struct _NegoHelper {
...
@@ -85,6 +85,18 @@ typedef struct _NegoHelper {
}
crypt
;
}
crypt
;
}
NegoHelper
,
*
PNegoHelper
;
}
NegoHelper
,
*
PNegoHelper
;
typedef
struct
_NtlmCredentials
{
HelperMode
mode
;
/* these are all in the Unix codepage */
char
*
username_arg
;
char
*
domain_arg
;
char
*
password
;
/* not nul-terminated */
int
pwlen
;
int
no_cached_credentials
;
/* don't try to use cached Samba credentials */
}
NtlmCredentials
,
*
PNtlmCredentials
;
typedef
enum
_sign_direction
{
typedef
enum
_sign_direction
{
NTLM_SEND
,
NTLM_SEND
,
NTLM_RECV
NTLM_RECV
...
@@ -176,6 +188,24 @@ void SECUR32_arc4Cleanup(arc4_info *a4i) DECLSPEC_HIDDEN;
...
@@ -176,6 +188,24 @@ void SECUR32_arc4Cleanup(arc4_info *a4i) DECLSPEC_HIDDEN;
#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000
#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
SECURITY_STATUS
SEC_ENTRY
ntlm_AcquireCredentialsHandleW
(
SEC_WCHAR
*
,
SEC_WCHAR
*
,
ULONG
,
PLUID
,
PVOID
,
SEC_GET_KEY_FN
,
PVOID
,
PCredHandle
,
PTimeStamp
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_InitializeSecurityContextW
(
PCredHandle
,
PCtxtHandle
,
SEC_WCHAR
*
,
ULONG
fContextReq
,
ULONG
,
ULONG
,
PSecBufferDesc
,
ULONG
,
PCtxtHandle
,
PSecBufferDesc
,
ULONG
*
,
PTimeStamp
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_AcceptSecurityContext
(
PCredHandle
,
PCtxtHandle
,
PSecBufferDesc
,
ULONG
,
ULONG
,
PCtxtHandle
,
PSecBufferDesc
,
ULONG
*
,
PTimeStamp
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_QueryContextAttributesA
(
PCtxtHandle
,
ULONG
,
void
*
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_QueryContextAttributesW
(
PCtxtHandle
,
ULONG
,
void
*
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_EncryptMessage
(
PCtxtHandle
,
ULONG
,
PSecBufferDesc
,
ULONG
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_DecryptMessage
(
PCtxtHandle
,
PSecBufferDesc
,
ULONG
,
PULONG
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_FreeCredentialsHandle
(
PCredHandle
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_DeleteSecurityContext
(
PCtxtHandle
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_MakeSignature
(
PCtxtHandle
,
ULONG
,
PSecBufferDesc
,
ULONG
)
DECLSPEC_HIDDEN
;
SECURITY_STATUS
SEC_ENTRY
ntlm_VerifySignature
(
PCtxtHandle
,
PSecBufferDesc
,
ULONG
,
PULONG
)
DECLSPEC_HIDDEN
;
SecPkgInfoW
*
ntlm_package_infoW
;
SecPkgInfoA
*
ntlm_package_infoA
;
/* schannel internal interface */
/* schannel internal interface */
typedef
struct
schan_imp_session_opaque
*
schan_imp_session
;
typedef
struct
schan_imp_session_opaque
*
schan_imp_session
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment