1033{
1038 ULONG ctxt_attr = 0;
1041
1042 TRACE(
"%p %p %p %d %d %p %p %p %p\n", phCredential, phContext, pInput,
1043 fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr,
1044 ptsExpiry);
1045
1048
1050 TRACE(
"Using SECURITY_NETWORK_DREP\n");
1051 }
1052
1053 if(phContext ==
NULL)
1054 {
1055 static CHAR server_helper_protocol[] =
"--helper-protocol=squid-2.5-ntlmssp";
1057 server_helper_protocol,
1059
1060 if (!phCredential)
1061 {
1063 goto asc_end;
1064 }
1065
1067
1069 {
1071 goto asc_end;
1072 }
1073
1074
1076 {
1078 goto asc_end;
1079 }
1080
1082 {
1084 goto asc_end;
1085 }
1086
1087 if(pInput->pBuffers[0].cbBuffer > max_len)
1088 {
1090 goto asc_end;
1091 }
1092 else
1093 bin_len = pInput->pBuffers[0].cbBuffer;
1094
1097 {
1099 goto asc_end;
1100 }
1102
1103
1105 if(want_flags ==
NULL)
1106 {
1107 TRACE(
"Failed to allocate memory for the want_flags!\n");
1110 goto asc_end;
1111 }
1114 {
1115 FIXME(
"ASC_REQ_ALLOCATE_MEMORY stub\n");
1116 }
1118 {
1119 lstrcatA(want_flags,
" NTLMSSP_FEATURE_SEAL");
1120 }
1122 {
1123
1124 lstrcatA(want_flags,
" NTLMSSP_FEATURE_SESSION_KEY");
1126 }
1128 {
1129 FIXME(
"ASC_REQ_EXTENDED_ERROR stub\n");
1130 }
1132 {
1133 lstrcatA(want_flags,
" NTLMSSP_FEATURE_SIGN");
1134 }
1136 {
1137 FIXME(
"ASC_REQ_MUTUAL_AUTH stub\n");
1138 }
1140 {
1141 FIXME(
"ASC_REQ_REPLAY_DETECT stub\n");
1142 }
1144 {
1145 FIXME(
"ASC_REQ_SEQUENCE_DETECT stub\n");
1146 }
1148 {
1149 FIXME(
"ASC_REQ_STREAM stub\n");
1150 }
1151
1152
1154 {
1159 {
1161 goto asc_end;
1162 }
1164 TRACE(
"Helper doesn't understand new command set\n");
1165 }
1166
1167
1168
1169 memcpy(
bin, pInput->pBuffers[0].pvBuffer, bin_len);
1170
1172
1175 {
1177 goto asc_end;
1178 }
1179
1181
1184 {
1186 goto asc_end;
1187 }
1188
1190
1191
1193 {
1196 goto asc_end;
1197 }
1198
1201 {
1203 goto asc_end;
1204 }
1205
1206
1208 {
1211 goto asc_end;
1212 }
1213
1215 {
1218 goto asc_end;
1219 }
1220
1221 pOutput->pBuffers[0].cbBuffer = bin_len;
1223 memcpy(pOutput->pBuffers[0].pvBuffer,
bin, bin_len);
1225
1226 }
1227 else
1228 {
1229
1231 {
1233 goto asc_end;
1234 }
1235
1237 {
1239 goto asc_end;
1240 }
1241
1243
1245 {
1247 goto asc_end;
1248 }
1249
1250 if(pInput->pBuffers[0].cbBuffer > max_len)
1251 {
1253 goto asc_end;
1254 }
1255 else
1256 bin_len = pInput->pBuffers[0].cbBuffer;
1257
1258 memcpy(
bin, pInput->pBuffers[0].pvBuffer, bin_len);
1259
1261
1264 {
1265 goto asc_end;
1266 }
1267
1269
1272 {
1273 goto asc_end;
1274 }
1275
1277
1278
1279
1280
1281
1283 {
1285 {
1287 goto asc_end;
1288 }
1289 else
1290 {
1291 size_t ntlm_pipe_err_v3_len =
strlen(
"BH NT_STATUS_ACCESS_DENIED");
1292 size_t ntlm_pipe_err_v4_len =
strlen(
"BH NT_STATUS_UNSUCCESSFUL");
1293
1294 if( (buffer_len >= ntlm_pipe_err_v3_len &&
1295 strncmp(
buffer,
"BH NT_STATUS_ACCESS_DENIED", ntlm_pipe_err_v3_len) == 0) ||
1296 (buffer_len >= ntlm_pipe_err_v4_len &&
1297 strncmp(
buffer,
"BH NT_STATUS_UNSUCCESSFUL", ntlm_pipe_err_v4_len) == 0) )
1298 {
1299 TRACE(
"Connection to winbindd failed\n");
1301 }
1302 else
1304
1305 goto asc_end;
1306 }
1307 }
1308 pOutput->pBuffers[0].cbBuffer = 0;
1309
1310 TRACE(
"Getting negotiated flags\n");
1313 goto asc_end;
1314
1315 if(buffer_len < 3)
1316 {
1317 TRACE(
"No flags negotiated, or helper does not support GF command\n");
1318 }
1319 else
1320 {
1324 }
1325
1326 TRACE(
"Getting session key\n");
1329 goto asc_end;
1330
1331 if(buffer_len < 3)
1332 TRACE(
"Helper does not support GK command\n");
1333 else
1334 {
1336 {
1341 {
1343 goto asc_end;
1344 }
1345
1347 }
1349 {
1352 {
1353 TRACE(
"Failed to decode session key\n");
1354 }
1359 {
1361 goto asc_end;
1362 }
1364 }
1365 }
1368 helper->
crypt.ntlm.seq_num = 0
l;
1369 }
1370
1371 phNewContext->
dwUpper = ctxt_attr;
1373
1374asc_end:
1379}
ACPI_SIZE strlen(const char *String)
int strncmp(const char *String1, const char *String2, ACPI_SIZE Count)
SECURITY_STATUS decodeBase64(char *in_buf, int in_len, PBYTE out_buf, int max_len, int *out_len)
SECURITY_STATUS encodeBase64(PBYTE in_buf, int in_len, char *out_buf, int max_len, int *out_len)
#define HeapFree(x, y, z)
SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog, char *const argv[])
SECURITY_STATUS run_helper(PNegoHelper helper, char *buffer, unsigned int max_buflen, int *buflen)
void cleanup_helper(PNegoHelper helper)
void SECUR32_arc4Init(arc4_info *a4i, const BYTE *key, unsigned int keyLen)
arc4_info * SECUR32_arc4Alloc(void)
_Check_return_ _CRTIMP int __cdecl sscanf(_In_z_ const char *_Src, _In_z_ _Scanf_format_string_ const char *_Format,...)
LPSTR WINAPI lstrcpyA(LPSTR lpString1, LPCSTR lpString2)
LPSTR WINAPI lstrcatA(LPSTR lpString1, LPCSTR lpString2)
int WINAPI lstrlenA(LPCSTR lpString)
#define memcpy(s1, s2, n)
static struct _PeImage bin
struct _NtlmCredentials * PNtlmCredentials
struct _NegoHelper * PNegoHelper
#define ASC_REQ_ALLOCATE_MEMORY
#define ASC_REQ_CONNECTION
#define ASC_REQ_CONFIDENTIALITY
#define ASC_RET_CONNECTION
#define SECURITY_NETWORK_DREP
#define ISC_REQ_SEQUENCE_DETECT
#define ASC_REQ_REPLAY_DETECT
#define ASC_REQ_EXTENDED_ERROR
#define ASC_REQ_INTEGRITY
#define ASC_REQ_MUTUAL_AUTH
struct _NegoHelper::@548 crypt
#define SEC_E_INVALID_HANDLE
#define SEC_E_LOGON_DENIED
#define SEC_E_INTERNAL_ERROR
#define SEC_E_INVALID_TOKEN
#define SEC_E_INSUFFICIENT_MEMORY
#define SEC_I_CONTINUE_NEEDED
#define SEC_E_INCOMPLETE_MESSAGE