source-git / freerdp

Clone
Source Code
GIT

Blame winpr/libwinpr/sspi/CredSSP/credssp.c

c8 c8s master
  1.   5a9772fdc85fecb7337184707f474e5788ebd87e
  2.   winpr
  3.   libwinpr
  4.   sspi
  5.   CredSSP
  6.   credssp.c
Blob History Raw
Packit 1fb8d4 
/**
Packit 1fb8d4 
 * WinPR: Windows Portable Runtime
Packit 1fb8d4 
 * Credential Security Support Provider (CredSSP)
Packit 1fb8d4 
 *
Packit 1fb8d4 
 * Copyright 2010-2014 Marc-Andre Moreau <marcandre.moreau@gmail.com>
Packit 1fb8d4 
 *
Packit 1fb8d4 
 * Licensed under the Apache License, Version 2.0 (the "License");
Packit 1fb8d4 
 * you may not use this file except in compliance with the License.
Packit 1fb8d4 
 * You may obtain a copy of the License at
Packit 1fb8d4 
 *
Packit 1fb8d4 
 *		 http://www.apache.org/licenses/LICENSE-2.0
Packit 1fb8d4 
 *
Packit 1fb8d4 
 * Unless required by applicable law or agreed to in writing, software
Packit 1fb8d4 
 * distributed under the License is distributed on an "AS IS" BASIS,
Packit 1fb8d4 
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Packit 1fb8d4 
 * See the License for the specific language governing permissions and
Packit 1fb8d4 
 * limitations under the License.
Packit 1fb8d4 
 */
Packit 1fb8d4
Packit 1fb8d4 
#ifdef HAVE_CONFIG_H
Packit 1fb8d4 
#include "config.h"
Packit 1fb8d4 
#endif
Packit 1fb8d4
Packit 1fb8d4 
#include <winpr/crt.h>
Packit 1fb8d4 
#include <winpr/sspi.h>
Packit 1fb8d4
Packit 1fb8d4 
#include "credssp.h"
Packit 1fb8d4
Packit 1fb8d4 
#include "../sspi.h"
Packit 1fb8d4
Packit 1fb8d4 
static const char* CREDSSP_PACKAGE_NAME = "CredSSP";
Packit 1fb8d4
Packit Service 5a9772 
static SECURITY_STATUS SEC_ENTRY credssp_InitializeSecurityContextW(
Packit Service 5a9772 
    PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR* pszTargetName, ULONG fContextReq,
Packit Service 5a9772 
    ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
Packit Service 5a9772 
    PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
Packit 1fb8d4 
{
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit Service 5a9772 
static SECURITY_STATUS SEC_ENTRY credssp_InitializeSecurityContextA(
Packit Service 5a9772 
    PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR* pszTargetName, ULONG fContextReq,
Packit Service 5a9772 
    ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
Packit Service 5a9772 
    PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
Packit 1fb8d4 
{
Packit 1fb8d4 
	CREDSSP_CONTEXT* context;
Packit 1fb8d4 
	SSPI_CREDENTIALS* credentials;
Packit Service 5a9772 
	context = (CREDSSP_CONTEXT*)sspi_SecureHandleGetLowerPointer(phContext);
Packit 1fb8d4
Packit 1fb8d4 
	if (!context)
Packit 1fb8d4 
	{
Packit 1fb8d4 
		context = credssp_ContextNew();
Packit 1fb8d4
Packit 1fb8d4 
		if (!context)
Packit 1fb8d4 
			return SEC_E_INSUFFICIENT_MEMORY;
Packit 1fb8d4
Packit Service 5a9772 
		credentials = (SSPI_CREDENTIALS*)sspi_SecureHandleGetLowerPointer(phCredential);
Packit 1fb8d4
Packit 1fb8d4 
		if (!credentials)
Packit 1fb8d4 
		{
Packit 1fb8d4 
			credssp_ContextFree(context);
Packit 1fb8d4 
			return SEC_E_INVALID_HANDLE;
Packit 1fb8d4 
		}
Packit 1fb8d4
Packit 1fb8d4 
		sspi_SecureHandleSetLowerPointer(phNewContext, context);
Packit Service 5a9772 
		sspi_SecureHandleSetUpperPointer(phNewContext, (void*)CREDSSP_PACKAGE_NAME);
Packit 1fb8d4 
	}
Packit 1fb8d4
Packit 1fb8d4 
	return SEC_E_OK;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
CREDSSP_CONTEXT* credssp_ContextNew(void)
Packit 1fb8d4 
{
Packit 1fb8d4 
	CREDSSP_CONTEXT* context;
Packit Service 5a9772 
	context = (CREDSSP_CONTEXT*)calloc(1, sizeof(CREDSSP_CONTEXT));
Packit 1fb8d4
Packit 1fb8d4 
	if (!context)
Packit 1fb8d4 
		return NULL;
Packit 1fb8d4
Packit 1fb8d4 
	return context;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
void credssp_ContextFree(CREDSSP_CONTEXT* context)
Packit 1fb8d4 
{
Packit 1fb8d4 
	free(context);
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_QueryContextAttributes(PCtxtHandle phContext,
Packit Service 5a9772 
                                                                ULONG ulAttribute, void* pBuffer)
Packit 1fb8d4 
{
Packit 1fb8d4 
	if (!phContext)
Packit 1fb8d4 
		return SEC_E_INVALID_HANDLE;
Packit 1fb8d4
Packit 1fb8d4 
	if (!pBuffer)
Packit 1fb8d4 
		return SEC_E_INSUFFICIENT_MEMORY;
Packit 1fb8d4
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit Service 5a9772 
static SECURITY_STATUS SEC_ENTRY credssp_AcquireCredentialsHandleW(
Packit Service 5a9772 
    SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID,
Packit Service 5a9772 
    void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
Packit Service 5a9772 
    PTimeStamp ptsExpiry)
Packit 1fb8d4 
{
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit Service 5a9772 
static SECURITY_STATUS SEC_ENTRY credssp_AcquireCredentialsHandleA(
Packit Service 5a9772 
    SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID,
Packit Service 5a9772 
    void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
Packit Service 5a9772 
    PTimeStamp ptsExpiry)
Packit 1fb8d4 
{
Packit 1fb8d4 
	SSPI_CREDENTIALS* credentials;
Packit 1fb8d4 
	SEC_WINNT_AUTH_IDENTITY* identity;
Packit 1fb8d4
Packit 1fb8d4 
	if (fCredentialUse == SECPKG_CRED_OUTBOUND)
Packit 1fb8d4 
	{
Packit 1fb8d4 
		credentials = sspi_CredentialsNew();
Packit 1fb8d4
Packit 1fb8d4 
		if (!credentials)
Packit 1fb8d4 
			return SEC_E_INSUFFICIENT_MEMORY;
Packit 1fb8d4
Packit Service 5a9772 
		identity = (SEC_WINNT_AUTH_IDENTITY*)pAuthData;
Packit 1fb8d4 
		CopyMemory(&(credentials->identity), identity, sizeof(SEC_WINNT_AUTH_IDENTITY));
Packit Service 5a9772 
		sspi_SecureHandleSetLowerPointer(phCredential, (void*)credentials);
Packit Service 5a9772 
		sspi_SecureHandleSetUpperPointer(phCredential, (void*)CREDSSP_PACKAGE_NAME);
Packit 1fb8d4 
		return SEC_E_OK;
Packit 1fb8d4 
	}
Packit 1fb8d4
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_QueryCredentialsAttributesW(PCredHandle phCredential,
Packit Service 5a9772 
                                                                     ULONG ulAttribute,
Packit Service 5a9772 
                                                                     void* pBuffer)
Packit 1fb8d4 
{
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_QueryCredentialsAttributesA(PCredHandle phCredential,
Packit Service 5a9772 
                                                                     ULONG ulAttribute,
Packit Service 5a9772 
                                                                     void* pBuffer)
Packit 1fb8d4 
{
Packit 1fb8d4 
	if (ulAttribute == SECPKG_CRED_ATTR_NAMES)
Packit 1fb8d4 
	{
Packit Service 5a9772 
		SSPI_CREDENTIALS* credentials =
Packit Service 5a9772 
		    (SSPI_CREDENTIALS*)sspi_SecureHandleGetLowerPointer(phCredential);
Packit 1fb8d4
Packit 1fb8d4 
		if (!credentials)
Packit 1fb8d4 
			return SEC_E_INVALID_HANDLE;
Packit 1fb8d4
Packit 1fb8d4 
		return SEC_E_OK;
Packit 1fb8d4 
	}
Packit 1fb8d4
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_FreeCredentialsHandle(PCredHandle phCredential)
Packit 1fb8d4 
{
Packit 1fb8d4 
	SSPI_CREDENTIALS* credentials;
Packit 1fb8d4
Packit 1fb8d4 
	if (!phCredential)
Packit 1fb8d4 
		return SEC_E_INVALID_HANDLE;
Packit 1fb8d4
Packit Service 5a9772 
	credentials = (SSPI_CREDENTIALS*)sspi_SecureHandleGetLowerPointer(phCredential);
Packit 1fb8d4
Packit 1fb8d4 
	if (!credentials)
Packit 1fb8d4 
		return SEC_E_INVALID_HANDLE;
Packit 1fb8d4
Packit 1fb8d4 
	sspi_CredentialsFree(credentials);
Packit 1fb8d4 
	return SEC_E_OK;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
Packit Service 5a9772 
                                                        PSecBufferDesc pMessage, ULONG MessageSeqNo)
Packit 1fb8d4 
{
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_DecryptMessage(PCtxtHandle phContext,
Packit Service 5a9772 
                                                        PSecBufferDesc pMessage, ULONG MessageSeqNo,
Packit Service 5a9772 
                                                        ULONG* pfQOP)
Packit 1fb8d4 
{
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_MakeSignature(PCtxtHandle phContext, ULONG fQOP,
Packit Service 5a9772 
                                                       PSecBufferDesc pMessage, ULONG MessageSeqNo)
Packit 1fb8d4 
{
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit 1fb8d4 
static SECURITY_STATUS SEC_ENTRY credssp_VerifySignature(PCtxtHandle phContext,
Packit Service 5a9772 
                                                         PSecBufferDesc pMessage,
Packit Service 5a9772 
                                                         ULONG MessageSeqNo, ULONG* pfQOP)
Packit 1fb8d4 
{
Packit 1fb8d4 
	return SEC_E_UNSUPPORTED_FUNCTION;
Packit 1fb8d4 
}
Packit 1fb8d4
Packit Service 5a9772 
const SecurityFunctionTableA CREDSSP_SecurityFunctionTableA = {
Packit Service 5a9772 
	1,                                   /* dwVersion */
Packit Service 5a9772 
	NULL,                                /* EnumerateSecurityPackages */
Packit 1fb8d4 
	credssp_QueryCredentialsAttributesA, /* QueryCredentialsAttributes */
Packit Service 5a9772 
	credssp_AcquireCredentialsHandleA,   /* AcquireCredentialsHandle */
Packit Service 5a9772 
	credssp_FreeCredentialsHandle,       /* FreeCredentialsHandle */
Packit Service 5a9772 
	NULL,                                /* Reserved2 */
Packit Service 5a9772 
	credssp_InitializeSecurityContextA,  /* InitializeSecurityContext */
Packit Service 5a9772 
	NULL,                                /* AcceptSecurityContext */
Packit Service 5a9772 
	NULL,                                /* CompleteAuthToken */
Packit Service 5a9772 
	NULL,                                /* DeleteSecurityContext */
Packit Service 5a9772 
	NULL,                                /* ApplyControlToken */
Packit Service 5a9772 
	credssp_QueryContextAttributes,      /* QueryContextAttributes */
Packit Service 5a9772 
	NULL,                                /* ImpersonateSecurityContext */
Packit Service 5a9772 
	NULL,                                /* RevertSecurityContext */
Packit Service 5a9772 
	credssp_MakeSignature,               /* MakeSignature */
Packit Service 5a9772 
	credssp_VerifySignature,             /* VerifySignature */
Packit Service 5a9772 
	NULL,                                /* FreeContextBuffer */
Packit Service 5a9772 
	NULL,                                /* QuerySecurityPackageInfo */
Packit Service 5a9772 
	NULL,                                /* Reserved3 */
Packit Service 5a9772 
	NULL,                                /* Reserved4 */
Packit Service 5a9772 
	NULL,                                /* ExportSecurityContext */
Packit Service 5a9772 
	NULL,                                /* ImportSecurityContext */
Packit Service 5a9772 
	NULL,                                /* AddCredentials */
Packit Service 5a9772 
	NULL,                                /* Reserved8 */
Packit Service 5a9772 
	NULL,                                /* QuerySecurityContextToken */
Packit Service 5a9772 
	credssp_EncryptMessage,              /* EncryptMessage */
Packit Service 5a9772 
	credssp_DecryptMessage,              /* DecryptMessage */
Packit Service 5a9772 
	NULL,                                /* SetContextAttributes */
Packit 1fb8d4 
};
Packit 1fb8d4
Packit Service 5a9772 
const SecurityFunctionTableW CREDSSP_SecurityFunctionTableW = {
Packit Service 5a9772 
	1,                                   /* dwVersion */
Packit Service 5a9772 
	NULL,                                /* EnumerateSecurityPackages */
Packit 1fb8d4 
	credssp_QueryCredentialsAttributesW, /* QueryCredentialsAttributes */
Packit Service 5a9772 
	credssp_AcquireCredentialsHandleW,   /* AcquireCredentialsHandle */
Packit Service 5a9772 
	credssp_FreeCredentialsHandle,       /* FreeCredentialsHandle */
Packit Service 5a9772 
	NULL,                                /* Reserved2 */
Packit Service 5a9772 
	credssp_InitializeSecurityContextW,  /* InitializeSecurityContext */
Packit Service 5a9772 
	NULL,                                /* AcceptSecurityContext */
Packit Service 5a9772 
	NULL,                                /* CompleteAuthToken */
Packit Service 5a9772 
	NULL,                                /* DeleteSecurityContext */
Packit Service 5a9772 
	NULL,                                /* ApplyControlToken */
Packit Service 5a9772 
	credssp_QueryContextAttributes,      /* QueryContextAttributes */
Packit Service 5a9772 
	NULL,                                /* ImpersonateSecurityContext */
Packit Service 5a9772 
	NULL,                                /* RevertSecurityContext */
Packit Service 5a9772 
	credssp_MakeSignature,               /* MakeSignature */
Packit Service 5a9772 
	credssp_VerifySignature,             /* VerifySignature */
Packit Service 5a9772 
	NULL,                                /* FreeContextBuffer */
Packit Service 5a9772 
	NULL,                                /* QuerySecurityPackageInfo */
Packit Service 5a9772 
	NULL,                                /* Reserved3 */
Packit Service 5a9772 
	NULL,                                /* Reserved4 */
Packit Service 5a9772 
	NULL,                                /* ExportSecurityContext */
Packit Service 5a9772 
	NULL,                                /* ImportSecurityContext */
Packit Service 5a9772 
	NULL,                                /* AddCredentials */
Packit Service 5a9772 
	NULL,                                /* Reserved8 */
Packit Service 5a9772 
	NULL,                                /* QuerySecurityContextToken */
Packit Service 5a9772 
	credssp_EncryptMessage,              /* EncryptMessage */
Packit Service 5a9772 
	credssp_DecryptMessage,              /* DecryptMessage */
Packit Service 5a9772 
	NULL,                                /* SetContextAttributes */
Packit 1fb8d4 
};
Packit 1fb8d4
Packit Service 5a9772 
const SecPkgInfoA CREDSSP_SecPkgInfoA = {
Packit Service 5a9772 
	0x000110733,                          /* fCapabilities */
Packit Service 5a9772 
	1,                                    /* wVersion */
Packit Service 5a9772 
	0xFFFF,                               /* wRPCID */
Packit Service 5a9772 
	0x000090A8,                           /* cbMaxToken */
Packit Service 5a9772 
	"CREDSSP",                            /* Name */
Packit 1fb8d4 
	"Microsoft CredSSP Security Provider" /* Comment */
Packit 1fb8d4 
};
Packit 1fb8d4
Packit 1fb8d4 
static WCHAR CREDSSP_SecPkgInfoW_Name[] = { 'C', 'R', 'E', 'D', 'S', 'S', 'P', '\0' };
Packit 1fb8d4
Packit Service 5a9772 
static WCHAR CREDSSP_SecPkgInfoW_Comment[] = { 'M', 'i', 'c', 'r', 'o', 's', 'o', 'f', 't',
Packit Service 5a9772 
	                                           ' ', 'C', 'r', 'e', 'd', 'S', 'S', 'P', ' ',
Packit Service 5a9772 
	                                           'S', 'e', 'c', 'u', 'r', 'i', 't', 'y', ' ',
Packit Service 5a9772 
	                                           'P', 'r', 'o', 'v', 'i', 'd', 'e', 'r', '\0' };
Packit Service 5a9772
Packit Service 5a9772 
const SecPkgInfoW CREDSSP_SecPkgInfoW = {
Packit Service 5a9772 
	0x000110733,                /* fCapabilities */
Packit Service 5a9772 
	1,                          /* wVersion */
Packit Service 5a9772 
	0xFFFF,                     /* wRPCID */
Packit Service 5a9772 
	0x000090A8,                 /* cbMaxToken */
Packit Service 5a9772 
	CREDSSP_SecPkgInfoW_Name,   /* Name */
Packit 1fb8d4 
	CREDSSP_SecPkgInfoW_Comment /* Comment */
Packit 1fb8d4 
};

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation