ReactOS  0.4.13-dev-551-gf37fb1f
auth_sspi.c File Reference
#include <wintirpc.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <rpc/types.h>
#include <rpc/xdr.h>
#include <rpc/auth.h>
#include <rpc/auth_sspi.h>
#include <rpc/clnt.h>
Include dependency graph for auth_sspi.c:

Go to the source code of this file.

Classes

struct  rpc_sspi_data
 

Macros

#define AUTH_PRIVATE(auth)   ((struct rpc_sspi_data *)auth->ah_private)
 
#define DEBUG
 
#define fd_out   stdout
 

Functions

static void authsspi_nextverf (AUTH *auth)
 
static bool_t authsspi_marshal (AUTH *auth, XDR *xdrs, u_int *seq)
 
static bool_t authsspi_refresh (AUTH *auth, void *)
 
static bool_t authsspi_validate (AUTH *auth, struct opaque_auth *verf, u_int seq)
 
static void authsspi_destroy (AUTH *auth)
 
static void authsspi_destroy_context (AUTH *auth)
 
static bool_t authsspi_wrap (AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
 
static bool_t authsspi_unwrap (AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq)
 
void print_rpc_gss_sec (struct rpc_sspi_sec *ptr)
 
void print_negotiated_attrs (PCtxtHandle ctx)
 
AUTHauthsspi_create (CLIENT *clnt, sspi_name_t name, struct rpc_sspi_sec *sec)
 
AUTHauthsspi_create_default (CLIENT *clnt, char *service, int svc)
 
bool_t authsspi_service (AUTH *auth, int svc)
 
uint32_t sspi_get_mic (PCtxtHandle ctx, u_int qop, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
 
uint32_t sspi_verify_mic (PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *qop_state)
 
void sspi_release_buffer (sspi_buffer_desc *buf)
 
uint32_t sspi_import_name (sspi_buffer_desc *name_in, sspi_name_t *name_out)
 
uint32_t sspi_wrap (PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state)
 
uint32_t sspi_unwrap (PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state, u_int *qop_state)
 
void log_hexdump (bool_t on, const u_char *title, const u_char *buf, int len, int offset)
 
void log_debug (const char *fmt,...)
 

Variables

static struct auth_ops authsspi_ops
 
static struct timeval AUTH_TIMEOUT = { 25, 0 }
 

Macro Definition Documentation

◆ AUTH_PRIVATE

#define AUTH_PRIVATE (   auth)    ((struct rpc_sspi_data *)auth->ah_private)

Definition at line 67 of file auth_sspi.c.

◆ DEBUG

#define DEBUG

Definition at line 856 of file auth_sspi.c.

◆ fd_out

#define fd_out   stdout

Definition at line 858 of file auth_sspi.c.

Function Documentation

◆ authsspi_create()

AUTH* authsspi_create ( CLIENT clnt,
sspi_name_t  name,
struct rpc_sspi_sec sec 
)

Definition at line 74 of file auth_sspi.c.

75 {
76  AUTH *auth, *save_auth;
77  struct rpc_sspi_data *gd;
78 
79  log_debug("in authgss_create()");
80 
81  memset(&rpc_createerr, 0, sizeof(rpc_createerr));
82 
83  if ((auth = calloc(sizeof(*auth), 1)) == NULL) {
85  rpc_createerr.cf_error.re_errno = ENOMEM;
86  return (NULL);
87  }
88  if ((gd = calloc(sizeof(*gd), 1)) == NULL) {
90  rpc_createerr.cf_error.re_errno = ENOMEM;
91  free(auth);
92  return (NULL);
93  }
94 
95 #if 0
96  if (name != SSPI_C_NO_NAME) {
97  if (gss_duplicate_name(&min_stat, name, &gd->name)
98  != GSS_S_COMPLETE) {
100  rpc_createerr.cf_error.re_errno = ENOMEM;
101  free(auth);
102  return (NULL);
103  }
104  }
105  else
106 #else
107  gd->name = strdup(name);
108 #endif
109 
110  gd->clnt = clnt;
111  SecInvalidateHandle(&gd->ctx);
112  gd->sec = sec;
113 
114  gd->gc.gc_v = RPCSEC_SSPI_VERSION;
115  gd->gc.gc_proc = RPCSEC_SSPI_INIT;
116  gd->gc.gc_svc = gd->sec->svc;
117 
118  auth->ah_ops = &authsspi_ops;
119  auth->ah_private = (caddr_t)gd;
120 
121  save_auth = clnt->cl_auth;
122  clnt->cl_auth = auth;
123 
124  if (!authsspi_refresh(auth, NULL))
125  auth = NULL;
126 
127  clnt->cl_auth = save_auth;
128 
129  return (auth);
130 }
static struct auth_ops authsspi_ops
Definition: auth_sspi.c:43
#define free
Definition: debug_ros.c:5
Definition: auth.h:205
CLIENT * clnt
Definition: auth_sspi.c:58
#define SSPI_C_NO_NAME
Definition: auth_sspi.h:59
Definition: arc.h:48
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
#define SecInvalidateHandle(x)
Definition: sspi.h:58
_Check_return_ _CRTIMP char *__cdecl strdup(_In_opt_z_ const char *_Src)
smooth NULL
Definition: ftsmooth.c:416
sspi_name_t name
Definition: auth_sspi.c:59
void * ah_private
Definition: auth.h:225
AUTH * cl_auth
Definition: clnt.h:122
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
enum clnt_stat cf_stat
Definition: clnt.h:496
CtxtHandle ctx
Definition: auth_sspi.c:61
static bool_t authsspi_refresh(AUTH *auth, void *)
Definition: auth_sspi.c:343
#define RPCSEC_SSPI_VERSION
Definition: auth_sspi.h:44
#define caddr_t
Definition: ftp.c:24
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60
struct __auth::auth_ops * ah_ops
struct rpc_err cf_error
Definition: clnt.h:497
Definition: name.c:36
#define calloc
Definition: rosglue.h:14
#define memset(x, y, z)
Definition: compat.h:39

Referenced by authsspi_create_default().

◆ authsspi_create_default()

AUTH* authsspi_create_default ( CLIENT clnt,
char service,
int  svc 
)

Definition at line 133 of file auth_sspi.c.

134 {
135  AUTH *auth = NULL;
136  uint32_t maj_stat = 0;
137  sspi_buffer_desc sname;
139  unsigned char sec_pkg_name[] = "Kerberos";
140  struct rpc_sspi_sec *sec;
141 
142  log_debug("in authgss_create_default() for %s", service);
143 
144  sname.value = service;
145  sname.length = (int)strlen(service);
146 #if 0
147  maj_stat = gss_import_name(&min_stat, &sname,
148  (gss_OID)GSS_C_NT_HOSTBASED_SERVICE,
149  &name);
150 #else
151  maj_stat = sspi_import_name(&sname, &name);
152 #endif
153  if (maj_stat != SEC_E_OK) {
154  log_debug("authgss_create_default: sspi_import_name failed with %x", maj_stat);
155  return (NULL);
156  }
157  sec = calloc(1, sizeof(struct rpc_sspi_sec));
158  if (sec == NULL)
159  goto out_err;
160  sec->svc = svc;
161  // Let's acquire creds here for now
163  NULL, NULL, NULL, NULL, &sec->cred, &sec->expiry);
164  if (maj_stat != SEC_E_OK) {
165  log_debug("authgss_create_default: AcquireCredentialsHandleA failed with %x", maj_stat);
166  free(sec);
167  goto out;
168  }
169 
170  auth = authsspi_create(clnt, name, sec);
171  if (auth == NULL)
172  goto out_free_sec;
173 
174 out:
175  if (name != SSPI_C_NO_NAME) {
176 #if 0
177  gss_release_name(&min_stat, &name);
178 #else
179  free(name);
180 #endif
181  }
182 
183  return (auth);
184 out_free_sec:
185  if (rpc_createerr.cf_error.re_errno == ENOMEM) {
187  free(sec);
188  }
189 out_err:
191  rpc_createerr.cf_error.re_errno = ENOMEM;
192  goto out;
193 }
rpc_sspi_svc_t svc
Definition: auth_sspi.h:67
CredHandle cred
Definition: auth_sspi.h:68
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
#define free
Definition: debug_ros.c:5
Definition: auth.h:205
#define SSPI_C_NO_NAME
Definition: auth_sspi.h:59
SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle phCredential)
Definition: wrapper.c:151
Definition: arc.h:48
static char sec_pkg_name[]
Definition: ntlm.c:180
AUTH * authsspi_create(CLIENT *clnt, sspi_name_t name, struct rpc_sspi_sec *sec)
Definition: auth_sspi.c:74
smooth NULL
Definition: ftsmooth.c:416
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
#define sspi_name_t
Definition: auth_sspi.h:46
SECURITY_STATUS WINAPI AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialsUse, PLUID pvLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn, PVOID pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
Definition: wrapper.c:59
uint32_t sspi_import_name(sspi_buffer_desc *name_in, sspi_name_t *name_out)
Definition: auth_sspi.c:735
enum clnt_stat cf_stat
Definition: clnt.h:496
static FILE * out
Definition: regtests2xml.c:44
#define SEC_E_OK
Definition: winerror.h:2356
#define SECPKG_CRED_BOTH
Definition: sspi.h:278
UINT32 uint32_t
Definition: types.h:75
struct rpc_err cf_error
Definition: clnt.h:497
Definition: name.c:36
#define calloc
Definition: rosglue.h:14
TimeStamp expiry
Definition: auth_sspi.h:70
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31

Referenced by create_new_rpc_auth(), and create_rpcsec_auth_client().

◆ authsspi_destroy()

static void authsspi_destroy ( AUTH auth)
static

Definition at line 596 of file auth_sspi.c.

597 {
598  struct rpc_sspi_data *gd;
599 
600  log_debug("in authgss_destroy()");
601 
602  gd = AUTH_PRIVATE(auth);
603  if (gd == NULL) return;
604 
606 
607 #if 0
608  if (gd->name != SSPI_C_NO_NAME)
609  gss_release_name(&min_stat, &gd->name);
610 #else
611  free(gd->name);
612 #endif
613  FreeCredentialsHandle(&gd->sec->cred);
614  free(gd->sec);
615  free(gd);
616  free(auth);
617 }
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
#define free
Definition: debug_ros.c:5
#define SSPI_C_NO_NAME
Definition: auth_sspi.h:59
SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle phCredential)
Definition: wrapper.c:151
smooth NULL
Definition: ftsmooth.c:416
sspi_name_t name
Definition: auth_sspi.c:59
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
static void authsspi_destroy_context(AUTH *auth)
Definition: auth_sspi.c:561
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60

Referenced by authsspi_refresh().

◆ authsspi_destroy_context()

static void authsspi_destroy_context ( AUTH auth)
static

Definition at line 561 of file auth_sspi.c.

562 {
563  struct rpc_sspi_data *gd;
564 
565  log_debug("in authgss_destroy_context()");
566 
567  gd = AUTH_PRIVATE(auth);
568  if (gd == NULL) return;
569 
570  if (SecIsValidHandle(&gd->ctx)) {
571  if (gd->established) {
572  gd->gc.gc_proc = RPCSEC_SSPI_DESTROY;
576  }
577  sspi_release_buffer(&gd->gc.gc_ctx);
578  SecInvalidateHandle(&gd->ctx);
579 #if 0
580  gss_release_buffer(&min_stat, &gd->gc.gc_ctx);
581  /* XXX ANDROS check size of context - should be 8 */
582  memset(&gd->gc.gc_ctx, 0, sizeof(gd->gc.gc_ctx));
583  gss_delete_sec_context(&min_stat, &gd->ctx, NULL);
584 #endif
585  }
586 
587  /* free saved wire verifier (if any) */
589  gd->gc_wire_verf.value = NULL;
590  gd->gc_wire_verf.length = 0;
591 
592  gd->established = FALSE;
593 }
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
#define SecIsValidHandle(x)
Definition: sspi.h:63
CLIENT * clnt
Definition: auth_sspi.c:58
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
#define SecInvalidateHandle(x)
Definition: sspi.h:58
bool_t(* xdrproc_t)(XDR *,...)
Definition: xdr.h:144
smooth NULL
Definition: ftsmooth.c:416
#define NULLPROC
Definition: clnt.h:294
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
CtxtHandle ctx
Definition: auth_sspi.c:61
static struct timeval AUTH_TIMEOUT
Definition: auth_sspi.c:69
bool_t xdr_void(void)
Definition: xdr.c:92
bool_t established
Definition: auth_sspi.c:54
void sspi_release_buffer(sspi_buffer_desc *buf)
Definition: auth_sspi.c:727
#define clnt_call(rh, proc, xargs, argsp, xres, resp, secs)
Definition: clnt.h:202
#define mem_free(ptr, bsize)
Definition: types.h:124
#define memset(x, y, z)
Definition: compat.h:39
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
Definition: wrapper.c:450
sspi_buffer_desc gc_wire_verf
Definition: auth_sspi.c:56

Referenced by authsspi_destroy(), authsspi_marshal(), authsspi_refresh(), and authsspi_validate().

◆ authsspi_marshal()

static bool_t authsspi_marshal ( AUTH auth,
XDR xdrs,
u_int seq 
)
static

Definition at line 203 of file auth_sspi.c.

204 {
205  XDR tmpxdrs;
206  char tmp[MAX_AUTH_BYTES];
207  struct rpc_sspi_data *gd;
208  sspi_buffer_desc rpcbuf, checksum;
209  uint32_t maj_stat;
210  bool_t xdr_stat;
211 
212  log_debug("in authgss_marshal()");
213 
214  gd = AUTH_PRIVATE(auth);
215 
216  if (gd->established) {
217  gd->gc.gc_seq++;
218  *seq = gd->gc.gc_seq;
219  }
220 
221  xdrmem_create(&tmpxdrs, tmp, sizeof(tmp), XDR_ENCODE);
222 
223  if (!xdr_rpc_sspi_cred(&tmpxdrs, &gd->gc)) {
224  log_debug("authsspi_marshal: xdr_rpc_sspi_cred failed");
225  XDR_DESTROY(&tmpxdrs);
226  return (FALSE);
227  }
228  auth->ah_cred.oa_flavor = RPCSEC_GSS;
229  auth->ah_cred.oa_base = tmp;
230  auth->ah_cred.oa_length = XDR_GETPOS(&tmpxdrs);
231 
232  XDR_DESTROY(&tmpxdrs);
233 
234  if (!xdr_opaque_auth(xdrs, &auth->ah_cred)) {
235  log_debug("authsspi_marshal: failed to xdr GSS CRED");
236  return (FALSE);
237  }
238  if (gd->gc.gc_proc == RPCSEC_SSPI_INIT ||
239  gd->gc.gc_proc == RPCSEC_SSPI_CONTINUE_INIT) {
240  return (xdr_opaque_auth(xdrs, &_null_auth));
241  }
242  /* Checksum serialized RPC header, up to and including credential. */
243  rpcbuf.length = XDR_GETPOS(xdrs) - 4;
244  //XDR_SETPOS(xdrs, 0);
245  //rpcbuf.value = XDR_INLINE(xdrs, rpcbuf.length);
246  rpcbuf.value = xdrrec_getoutbase(xdrs) + 1;
247 
248 #if 0
249  maj_stat = gss_get_mic(&min_stat, gd->ctx, gd->sec.qop,
250  &rpcbuf, &checksum);
251 #else
252  maj_stat = sspi_get_mic(&gd->ctx, 0, gd->gc.gc_seq, &rpcbuf, &checksum);
253 #endif
254  if (maj_stat != SEC_E_OK) {
255  log_debug("authsspi_marshal: sspi_get_mic failed with %x", maj_stat);
256  if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
257  gd->established = FALSE;
259  }
260  return (FALSE);
261  }
262  auth->ah_verf.oa_flavor = RPCSEC_GSS;
263  auth->ah_verf.oa_base = checksum.value;
264  auth->ah_verf.oa_length = checksum.length;
265  xdr_stat = xdr_opaque_auth(xdrs, &auth->ah_verf);
266 #if 0
267  gss_release_buffer(&min_stat, &checksum);
268 #else
270 #endif
271  return (xdr_stat);
272 }
bool_t xdr_rpc_sspi_cred(XDR *xdrs, struct rpc_sspi_cred *p)
Definition: authsspi_prot.c:34
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
#define MAX_AUTH_BYTES
Definition: auth.h:77
#define XDR_GETPOS(xdrs)
Definition: xdr.h:199
int32_t bool_t
Definition: types.h:101
Definition: xdr.h:103
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
struct opaque_auth _null_auth
uint32_t sspi_get_mic(PCtxtHandle ctx, u_int qop, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
Definition: auth_sspi.c:659
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
struct opaque_auth ah_verf
Definition: auth.h:207
CtxtHandle ctx
Definition: auth_sspi.c:61
Definition: xdr.h:85
static cab_ULONG checksum(const cab_UBYTE *data, cab_UWORD bytes, cab_ULONG csum)
Definition: fdi.c:353
#define SEC_E_OK
Definition: winerror.h:2356
static void authsspi_destroy_context(AUTH *auth)
Definition: auth_sspi.c:561
bool_t established
Definition: auth_sspi.c:54
void sspi_release_buffer(sspi_buffer_desc *buf)
Definition: auth_sspi.c:727
#define SEC_E_NO_AUTHENTICATING_AUTHORITY
Definition: winerror.h:2926
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60
void xdrmem_create(XDR *xdrs, char *addr, u_int size, enum xdr_op op)
Definition: xdr_mem.c:94
UINT32 uint32_t
Definition: types.h:75
bool_t xdr_opaque_auth()
int32_t * xdrrec_getoutbase(XDR *xdrs)
Definition: xdr_rec.c:415
struct opaque_auth ah_cred
Definition: auth.h:206
#define XDR_DESTROY(xdrs)
Definition: xdr.h:214
#define RPCSEC_GSS
Definition: nfs41_ops.h:867

◆ authsspi_nextverf()

static void authsspi_nextverf ( AUTH auth)
static

Definition at line 196 of file auth_sspi.c.

197 {
198  log_debug("in authgss_nextverf()");
199  /* no action necessary */
200 }
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977

◆ authsspi_refresh()

static bool_t authsspi_refresh ( AUTH auth,
void tmp 
)
static

Definition at line 343 of file auth_sspi.c.

344 {
345  struct rpc_sspi_data *gd;
346  struct rpc_sspi_init_res gr;
347  sspi_buffer_desc *recv_tokenp, send_token;
348  uint32_t maj_stat, call_stat, ret_flags, i;
349  unsigned long flags =
351  SecBufferDesc out_desc, in_desc;
352  SecBuffer wtkn[1], rtkn[1];
353 
354  log_debug("in authgss_refresh()");
355 
356  gd = AUTH_PRIVATE(auth);
357 
358  if ((gd->established && tmp == NULL) || gd->inprogress)
359  return (TRUE);
360  else if (tmp) {
361  log_debug("trying to refresh credentials\n");
363  sspi_release_buffer(&gd->gc.gc_ctx);
364  SecInvalidateHandle(&gd->ctx);
366  gd->gc_wire_verf.value = NULL;
367  gd->gc_wire_verf.length = 0;
368  gd->established = FALSE;
369  gd->gc.gc_proc = RPCSEC_SSPI_INIT;
370  }
371 
372  /* GSS context establishment loop. */
373  memset(&gr, 0, sizeof(gr));
374  recv_tokenp = SSPI_C_NO_BUFFER;
375  send_token.length = 0;
376  send_token.value = NULL;
377 
378  print_rpc_gss_sec(gd->sec);
379 
380  if (gd->sec->svc == RPCSEC_SSPI_SVC_PRIVACY)
382 
383  for (i=0;;i++) {
384  /* print the token we just received */
385  if (recv_tokenp != SSPI_C_NO_BUFFER) {
386  log_debug("The token we just received (length %d):",
387  recv_tokenp->length);
388  log_hexdump(0, "", recv_tokenp->value, recv_tokenp->length, 0);
389  }
390 #if 0
391  maj_stat = gss_init_sec_context(&min_stat,
392  gd->sec.cred,
393  &gd->ctx,
394  gd->name,
395  gd->sec.mech,
396  gd->sec.req_flags,
397  0, /* time req */
398  NULL, /* channel */
399  recv_tokenp,
400  NULL, /* used mech */
401  &send_token,
402  &ret_flags,
403  NULL); /* time rec */
404 #else
405  gd->inprogress = TRUE;
406  out_desc.cBuffers = 1;
407  out_desc.pBuffers = wtkn;
408  out_desc.ulVersion = SECBUFFER_VERSION;
409  wtkn[0].BufferType = SECBUFFER_TOKEN;
410  wtkn[0].cbBuffer = send_token.length;
411  wtkn[0].pvBuffer = send_token.value;
412  log_debug("calling InitializeSecurityContextA for %s", gd->name);
413 
414  maj_stat = InitializeSecurityContextA(
415  &gd->sec->cred,
416  ((i==0)?NULL:&gd->ctx),
417  gd->name,
418  flags,
419  0,
421  ((i==0)?NULL:&in_desc),
422  0,
423  &gd->ctx,
424  &out_desc,
425  &ret_flags,
426  &gd->expiry);
427 #endif
428  if (recv_tokenp != SSPI_C_NO_BUFFER) {
429 #if 0
430  gss_release_buffer(&min_stat, &gr.gr_token);
431 #else
432  sspi_release_buffer(&gr.gr_token);
433 #endif
434  recv_tokenp = SSPI_C_NO_BUFFER;
435  }
436  if (maj_stat != SEC_E_OK && maj_stat != SEC_I_CONTINUE_NEEDED) {
437  log_debug("InitializeSecurityContext failed with %x", maj_stat);
438  break;
439  }
440  send_token.length = wtkn[0].cbBuffer;
441  send_token.value = wtkn[0].pvBuffer;
442  if (send_token.length != 0) {
443  memset(&gr, 0, sizeof(gr));
444 
445  /* print the token we are about to send */
446  log_debug("The token being sent (length %d):",
447  send_token.length);
448  log_hexdump(0, "", send_token.value, send_token.length, 0);
449 
450  call_stat = clnt_call(gd->clnt, NULLPROC,
452  &send_token,
454  (caddr_t)&gr, AUTH_TIMEOUT);
455 #if 0
456  gss_release_buffer(&min_stat, &send_token);
457 #else
458  // 11/29/2010 [aglo] can't call sspi_relase_buffer, causes heap
459  // corruption (later) to try and free the buffer directly.
460  FreeContextBuffer(send_token.value);
461 #endif
462  if (call_stat != RPC_SUCCESS ||
463  (gr.gr_major != SEC_E_OK &&
464  gr.gr_major != SEC_I_CONTINUE_NEEDED))
465  break;
466 
467  if (gr.gr_ctx.length != 0) {
468 #if 0
469  if (gd->gc.gc_ctx.value)
470  gss_release_buffer(&min_stat,
471  &gd->gc.gc_ctx);
472 #else
473  sspi_release_buffer(&gd->gc.gc_ctx);
474 #endif
475  gd->gc.gc_ctx = gr.gr_ctx;
476  }
477  if (gr.gr_token.length != 0) {
478  if (maj_stat != SEC_I_CONTINUE_NEEDED)
479  break;
480  recv_tokenp = &gr.gr_token;
481  in_desc.cBuffers = 1;
482  in_desc.pBuffers = rtkn;
483  in_desc.ulVersion = SECBUFFER_VERSION;
484  rtkn[0].BufferType = SECBUFFER_TOKEN;
485  rtkn[0].cbBuffer = gr.gr_token.length;
486  rtkn[0].pvBuffer = gr.gr_token.value;
487  }
488  gd->gc.gc_proc = RPCSEC_SSPI_CONTINUE_INIT;
489  }
490 
491  /* GSS_S_COMPLETE => check gss header verifier,
492  * usually checked in gss_validate
493  */
494  if (maj_stat == SEC_E_OK) {
495  sspi_buffer_desc bufin;
496  u_int seq, qop_state = 0;
497 
499 
500  seq = htonl(gr.gr_win);
501  bufin.value = (unsigned char *)&seq;
502  bufin.length = sizeof(seq);
503 #if 0
504  maj_stat = gss_verify_mic(&min_stat, gd->ctx,
505  &bufin, &bufout, &qop_state);
506 #else
507  maj_stat = sspi_verify_mic(&gd->ctx, 0, &bufin, &gd->gc_wire_verf, &qop_state);
508 #endif
509  if (maj_stat != SEC_E_OK) {
510  log_debug("authgss_refresh: sspi_verify_mic failed with %x", maj_stat);
511  if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
512  gd->established = FALSE;
514  }
515  break;
516  }
517  gd->established = TRUE;
518  gd->inprogress = FALSE;
519  gd->gc.gc_proc = RPCSEC_SSPI_DATA;
520  gd->gc.gc_seq = 0;
521  gd->win = gr.gr_win;
522  log_debug("authgss_refresh: established GSS context");
523  break;
524  }
525  }
526  /* End context negotiation loop. */
527  if (gd->gc.gc_proc != RPCSEC_SSPI_DATA) {
528  if (gr.gr_token.length != 0)
529 #if 0
530  gss_release_buffer(&min_stat, &gr.gr_token);
531 #else
532  sspi_release_buffer(&gr.gr_token);
533 #endif
534  authsspi_destroy(auth);
535  auth = NULL;
537 
538  return (FALSE);
539  }
540  return (TRUE);
541 }
#define SSPI_C_NO_BUFFER
Definition: auth_sspi.h:60
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
#define TRUE
Definition: types.h:120
#define htonl(x)
Definition: module.h:212
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
Definition: sspi.c:699
ULONG ulVersion
Definition: sspi.h:167
uint32_t sspi_verify_mic(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *qop_state)
Definition: auth_sspi.c:699
void print_negotiated_attrs(PCtxtHandle ctx)
Definition: auth_sspi.c:904
CLIENT * clnt
Definition: auth_sspi.c:58
char * value
Definition: wpp.c:37
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
Definition: auth_sspi.c:942
char * caddr_t
Definition: rosdhcp.h:36
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
#define SecInvalidateHandle(x)
Definition: sspi.h:58
bool_t xdr_rpc_sspi_init_res(XDR *xdrs, struct rpc_sspi_init_res *p)
Definition: authsspi_prot.c:72
#define SECURITY_NATIVE_DREP
Definition: sspi.h:459
bool_t(* xdrproc_t)(XDR *,...)
Definition: xdr.h:144
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
void print_rpc_gss_sec(struct rpc_sspi_sec *ptr)
Definition: auth_sspi.c:859
smooth NULL
Definition: ftsmooth.c:416
sspi_name_t name
Definition: auth_sspi.c:59
#define SEC_I_CONTINUE_NEEDED
Definition: winerror.h:2927
#define ISC_REQ_INTEGRITY
Definition: sspi.h:364
static void authsspi_destroy(AUTH *auth)
Definition: auth_sspi.c:596
#define NULLPROC
Definition: clnt.h:294
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
bool_t inprogress
Definition: auth_sspi.c:55
enum clnt_stat cf_stat
Definition: clnt.h:496
SECURITY_STATUS WINAPI InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
Definition: wrapper.c:237
CtxtHandle ctx
Definition: auth_sspi.c:61
GLbitfield flags
Definition: glext.h:7161
static struct timeval AUTH_TIMEOUT
Definition: auth_sspi.c:69
#define ISC_REQ_ALLOCATE_MEMORY
Definition: sspi.h:356
#define SECBUFFER_TOKEN
Definition: sspi.h:147
ULONG BufferType
Definition: sspi.h:140
#define SEC_E_OK
Definition: winerror.h:2356
static void authsspi_destroy_context(AUTH *auth)
Definition: auth_sspi.c:561
bool_t established
Definition: auth_sspi.c:54
void sspi_release_buffer(sspi_buffer_desc *buf)
Definition: auth_sspi.c:727
#define SEC_E_NO_AUTHENTICATING_AUTHORITY
Definition: winerror.h:2926
#define SECBUFFER_VERSION
Definition: sspi.h:173
ULONG cbBuffer
Definition: sspi.h:139
UINT32 u_int
Definition: types.h:82
bool_t xdr_rpc_sspi_init_args(XDR *xdrs, sspi_buffer_desc *p)
Definition: authsspi_prot.c:56
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60
#define clnt_call(rh, proc, xargs, argsp, xres, resp, secs)
Definition: clnt.h:202
#define ISC_REQ_MUTUAL_AUTH
Definition: sspi.h:349
UINT32 uint32_t
Definition: types.h:75
#define mem_free(ptr, bsize)
Definition: types.h:124
#define ISC_REQ_CONFIDENTIALITY
Definition: sspi.h:352
ULONG cBuffers
Definition: sspi.h:168
#define memset(x, y, z)
Definition: compat.h:39
TimeStamp expiry
Definition: auth_sspi.c:64
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
Definition: wrapper.c:450
sspi_buffer_desc gc_wire_verf
Definition: auth_sspi.c:56

Referenced by authsspi_create().

◆ authsspi_service()

bool_t authsspi_service ( AUTH auth,
int  svc 
)

Definition at line 544 of file auth_sspi.c.

545 {
546  struct rpc_sspi_data *gd;
547 
548  log_debug("in authgss_service()");
549 
550  if (!auth)
551  return(FALSE);
552  gd = AUTH_PRIVATE(auth);
553  if (!gd || !gd->established)
554  return (FALSE);
555  gd->sec->svc = svc;
556  gd->gc.gc_svc = svc;
557  return (TRUE);
558 }
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
#define TRUE
Definition: types.h:120
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
bool_t established
Definition: auth_sspi.c:54
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60

◆ authsspi_unwrap()

bool_t authsspi_unwrap ( AUTH auth,
XDR xdrs,
xdrproc_t  xdr_func,
caddr_t  xdr_ptr,
u_int  seq 
)
static

Definition at line 637 of file auth_sspi.c.

638 {
639  struct rpc_sspi_data *gd;
640 
641  log_debug("in authgss_unwrap()");
642 
643  gd = AUTH_PRIVATE(auth);
644 
645  if (!gd->established || gd->sec->svc == RPCSEC_SSPI_SVC_NONE) {
646  return ((*xdr_func)(xdrs, xdr_ptr));
647  }
648  return (xdr_rpc_sspi_data(xdrs, xdr_func, xdr_ptr,
649  &gd->ctx, gd->sec->qop,
650  gd->sec->svc, seq));
651 }
bool_t xdr_rpc_sspi_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, PCtxtHandle ctx, sspi_qop_t qop, rpc_sspi_svc_t svc, u_int seq)
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
CtxtHandle ctx
Definition: auth_sspi.c:61
bool_t established
Definition: auth_sspi.c:54
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60

◆ authsspi_validate()

static bool_t authsspi_validate ( AUTH auth,
struct opaque_auth verf,
u_int  seq 
)
static

Definition at line 275 of file auth_sspi.c.

276 {
277  struct rpc_sspi_data *gd;
278  u_int num, qop_state, cur_seq;
279  sspi_buffer_desc signbuf, checksum;
280  uint32_t maj_stat;
281 
282  log_debug("in authgss_validate(for seq=%d)", seq);
283 
284  gd = AUTH_PRIVATE(auth);
285 
286  if (gd->established == FALSE) {
287  /* would like to do this only on NULL rpc --
288  * gc->established is good enough.
289  * save the on the wire verifier to validate last
290  * INIT phase packet after decode if the major
291  * status is GSS_S_COMPLETE
292  */
293  if ((gd->gc_wire_verf.value =
294  mem_alloc(verf->oa_length)) == NULL) {
295  return (FALSE);
296  }
297  memcpy(gd->gc_wire_verf.value, verf->oa_base, verf->oa_length);
298  gd->gc_wire_verf.length = verf->oa_length;
299  return (TRUE);
300  }
301 
302  if (gd->gc.gc_proc == RPCSEC_SSPI_DESTROY)
303  return TRUE;
304 
305  if (gd->gc.gc_proc == RPCSEC_SSPI_INIT ||
306  gd->gc.gc_proc == RPCSEC_SSPI_CONTINUE_INIT) {
307  num = htonl(gd->win);
308  }
309  else {
310  if (seq == -1) {
311  num = htonl(gd->gc.gc_seq);
312  cur_seq = gd->gc.gc_seq;
313  }
314  else {
315  num = htonl(seq);
316  cur_seq = seq;
317  }
318  }
319 
320  signbuf.value = &num;
321  signbuf.length = sizeof(num);
322 
323  checksum.value = verf->oa_base;
324  checksum.length = verf->oa_length;
325 #if 0
326  maj_stat = gss_verify_mic(&min_stat, gd->ctx, &signbuf,
327  &checksum, &qop_state);
328 #else
329  maj_stat = sspi_verify_mic(&gd->ctx, cur_seq, &signbuf, &checksum, &qop_state);
330 #endif
331  if (maj_stat != SEC_E_OK) {
332  log_debug("authsspi_validate: VerifySignature failed with %x", maj_stat);
333  if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
334  gd->established = FALSE;
336  }
337  return (FALSE);
338  }
339  return (TRUE);
340 }
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
#define TRUE
Definition: types.h:120
u_int oa_length
Definition: auth.h:198
#define htonl(x)
Definition: module.h:212
caddr_t oa_base
Definition: auth.h:197
uint32_t sspi_verify_mic(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *qop_state)
Definition: auth_sspi.c:699
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
#define mem_alloc(bsize)
Definition: types.h:123
smooth NULL
Definition: ftsmooth.c:416
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
GLuint GLuint num
Definition: glext.h:9618
CtxtHandle ctx
Definition: auth_sspi.c:61
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
static cab_ULONG checksum(const cab_UBYTE *data, cab_UWORD bytes, cab_ULONG csum)
Definition: fdi.c:353
#define SEC_E_OK
Definition: winerror.h:2356
static void authsspi_destroy_context(AUTH *auth)
Definition: auth_sspi.c:561
bool_t established
Definition: auth_sspi.c:54
#define SEC_E_NO_AUTHENTICATING_AUTHORITY
Definition: winerror.h:2926
UINT32 u_int
Definition: types.h:82
UINT32 uint32_t
Definition: types.h:75
sspi_buffer_desc gc_wire_verf
Definition: auth_sspi.c:56

◆ authsspi_wrap()

bool_t authsspi_wrap ( AUTH auth,
XDR xdrs,
xdrproc_t  xdr_func,
caddr_t  xdr_ptr 
)
static

Definition at line 620 of file auth_sspi.c.

621 {
622  struct rpc_sspi_data *gd;
623 
624  log_debug("in authgss_wrap()");
625 
626  gd = AUTH_PRIVATE(auth);
627 
628  if (!gd->established || gd->sec->svc == RPCSEC_SSPI_SVC_NONE) {
629  return ((*xdr_func)(xdrs, xdr_ptr));
630  }
631  return (xdr_rpc_sspi_data(xdrs, xdr_func, xdr_ptr,
632  &gd->ctx, gd->sec->qop,
633  gd->sec->svc, gd->gc.gc_seq));
634 }
bool_t xdr_rpc_sspi_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, PCtxtHandle ctx, sspi_qop_t qop, rpc_sspi_svc_t svc, u_int seq)
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
CtxtHandle ctx
Definition: auth_sspi.c:61
bool_t established
Definition: auth_sspi.c:54
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60

◆ log_debug()

void log_debug ( const char fmt,
  ... 
)

Definition at line 977 of file auth_sspi.c.

978 {
979  va_list ap;
980 
981  va_start(ap, fmt);
982  fprintf(fd_out, "%04x: rpcsec_gss: ", GetCurrentThreadId());
983  vfprintf(fd_out, fmt, ap);
984  fprintf(fd_out, "\n");
985  fflush(fd_out);
986  va_end(ap);
987 }
#define va_end(ap)
Definition: acmsvcex.h:90
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
char * va_list
Definition: acmsvcex.h:78
DWORD WINAPI GetCurrentThreadId(VOID)
Definition: thread.c:420
_Check_return_opt_ _CRTIMP int __cdecl fflush(_Inout_opt_ FILE *_File)
#define va_start(ap, A)
Definition: acmsvcex.h:91
#define fd_out
Definition: auth_sspi.c:858
void int int ULONGLONG int va_list * ap
Definition: winesup.h:32
_Check_return_opt_ _CRTIMP int __cdecl vfprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format, va_list _ArgList)
Definition: dsound.c:943

Referenced by _svcauth_gss(), authgss_create(), authgss_create_default(), authgss_destroy(), authgss_destroy_context(), authgss_get_private_data(), authgss_marshal(), authgss_nextverf(), authgss_refresh(), authgss_service(), authgss_unwrap(), authgss_validate(), authgss_wrap(), authsspi_create(), authsspi_create_default(), authsspi_destroy(), authsspi_destroy_context(), authsspi_marshal(), authsspi_nextverf(), authsspi_refresh(), authsspi_service(), authsspi_unwrap(), authsspi_validate(), authsspi_wrap(), print_negotiated_attrs(), sspi_import_name(), svcauth_gss_accept_sec_context(), svcauth_gss_acquire_cred(), svcauth_gss_destroy(), svcauth_gss_import_name(), svcauth_gss_nextverf(), svcauth_gss_release_cred(), svcauth_gss_set_svc_name(), svcauth_gss_unwrap(), svcauth_gss_validate(), svcauth_gss_wrap(), xdr_rpc_sspi_cred(), xdr_rpc_sspi_init_args(), xdr_rpc_sspi_init_res(), xdr_rpc_sspi_unwrap_data(), and xdr_rpc_sspi_wrap_data().

◆ log_hexdump()

void log_hexdump ( bool_t  on,
const u_char title,
const u_char buf,
int  len,
int  offset 
)

Definition at line 942 of file auth_sspi.c.

944 {
945  int i, j, jm, c;
946 
947  if (!on) return;
948 
949  fprintf(fd_out, "%04x: %s (len=%d)\n", GetCurrentThreadId(), title, len);
950  for (i = 0; i < len; i += 0x10) {
951  fprintf(fd_out, " %04x: ", (u_int)(i + offset));
952  jm = len - i;
953  jm = jm > 16 ? 16 : jm;
954 
955  for (j = 0; j < jm; j++) {
956  if ((j % 2) == 1)
957  fprintf(fd_out, "%02x ", (u_int) buf[i+j]);
958  else
959  fprintf(fd_out, "%02x", (u_int) buf[i+j]);
960  }
961  for (; j < 16; j++) {
962  if ((j % 2) == 1) fprintf(fd_out, " ");
963  else fprintf(fd_out, " ");
964  }
965  fprintf(fd_out, " ");
966 
967  for (j = 0; j < jm; j++) {
968  c = buf[i+j];
969  c = isprint(c) ? c : '.';
970  fprintf(fd_out, "%c", c);
971  }
972  fprintf(fd_out, "\n");
973  }
974  fflush(fd_out);
975 }
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
GLintptr offset
Definition: glext.h:5920
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
DWORD WINAPI GetCurrentThreadId(VOID)
Definition: thread.c:420
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
const GLubyte * c
Definition: glext.h:8905
GLenum GLsizei len
Definition: glext.h:6722
_Check_return_opt_ _CRTIMP int __cdecl fflush(_Inout_opt_ FILE *_File)
UINT32 u_int
Definition: types.h:82
#define fd_out
Definition: auth_sspi.c:858
#define isprint(c)
Definition: acclib.h:73
#define c
Definition: ke_i.h:80
static char title[]
Definition: ps.c:92

Referenced by authgss_refresh(), authsspi_refresh(), sspi_get_mic(), sspi_unwrap(), sspi_verify_mic(), and sspi_wrap().

◆ print_negotiated_attrs()

void print_negotiated_attrs ( PCtxtHandle  ctx)

Definition at line 904 of file auth_sspi.c.

905 {
906  SecPkgContext_Sizes ContextSizes;
907  unsigned long flags;
908  uint32_t maj_stat;
909 
911  if (maj_stat != SEC_E_OK) return;
912 
913  log_debug("negotiated flags %x\n", flags);
914  if (flags & ISC_REQ_DELEGATE) log_debug("ISC_REQ_DELEGATE");
915  if (flags & ISC_REQ_MUTUAL_AUTH) log_debug("ISC_REQ_MUTUAL_AUTH");
916  if (flags & ISC_REQ_REPLAY_DETECT) log_debug("ISC_REQ_REPLAY_DETECT");
917  if (flags & ISC_REQ_SEQUENCE_DETECT) log_debug("ISC_REQ_SEQUENCE_DETECT");
918  if (flags & ISC_REQ_CONFIDENTIALITY) log_debug("ISC_REQ_CONFIDENTIALITY");
919  if (flags & ISC_REQ_USE_SESSION_KEY) log_debug("ISC_REQ_USE_SESSION_KEY");
920  if (flags & ISC_REQ_PROMPT_FOR_CREDS) log_debug("ISC_REQ_PROMPT_FOR_CREDS");
921  if (flags & ISC_REQ_USE_SUPPLIED_CREDS) log_debug("ISC_REQ_USE_SUPPLIED_CREDS");
922  if (flags & ISC_REQ_ALLOCATE_MEMORY) log_debug("ISC_REQ_ALLOCATE_MEMORY");
923  if (flags & ISC_REQ_USE_DCE_STYLE) log_debug("ISC_REQ_USE_DCE_STYLE");
924  if (flags & ISC_REQ_DATAGRAM) log_debug("ISC_REQ_DATAGRAM");
925  if (flags & ISC_REQ_CONNECTION) log_debug("ISC_REQ_CONNECTION");
926  if (flags & ISC_REQ_CALL_LEVEL) log_debug("ISC_REQ_CALL_LEVEL");
927  if (flags & ISC_REQ_FRAGMENT_SUPPLIED) log_debug("ISC_REQ_FRAGMENT_SUPPLIED");
928  if (flags & ISC_REQ_EXTENDED_ERROR) log_debug("ISC_REQ_EXTENDED_ERROR");
929  if (flags & ISC_REQ_STREAM) log_debug("ISC_REQ_STREAM");
930  if (flags & ISC_REQ_INTEGRITY) log_debug("ISC_REQ_INTEGRITY");
931  if (flags & ISC_REQ_IDENTIFY) log_debug("ISC_REQ_IDENTIFY");
932  if (flags & ISC_REQ_NULL_SESSION) log_debug("ISC_REQ_NULL_SESSION");
933  if (flags & ISC_REQ_MANUAL_CRED_VALIDATION) log_debug("ISC_REQ_MANUAL_CRED_VALIDATION");
934 
935  maj_stat = QueryContextAttributesA(ctx, SECPKG_ATTR_SIZES, &ContextSizes);
936  if (maj_stat != SEC_E_OK) return;
937 
938  log_debug("signature size is %d\n", ContextSizes.cbMaxSignature);
939 
940 }
#define ISC_REQ_SEQUENCE_DETECT
Definition: sspi.h:351
#define ISC_REQ_PROMPT_FOR_CREDS
Definition: sspi.h:354
#define ISC_REQ_EXTENDED_ERROR
Definition: sspi.h:362
#define ISC_REQ_STREAM
Definition: sspi.h:363
#define ISC_REQ_DELEGATE
Definition: sspi.h:348
ULONG cbMaxSignature
Definition: sspi.h:548
#define ISC_REQ_MANUAL_CRED_VALIDATION
Definition: sspi.h:367
#define ISC_REQ_USE_SUPPLIED_CREDS
Definition: sspi.h:355
#define SECPKG_ATTR_SIZES
Definition: sspi.h:507
#define ISC_REQ_INTEGRITY
Definition: sspi.h:364
#define ISC_REQ_NULL_SESSION
Definition: sspi.h:366
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
#define ISC_REQ_FRAGMENT_SUPPLIED
Definition: sspi.h:361
CtxtHandle ctx
Definition: auth_sspi.c:61
#define ISC_REQ_USE_SESSION_KEY
Definition: sspi.h:353
GLbitfield flags
Definition: glext.h:7161
#define ISC_REQ_ALLOCATE_MEMORY
Definition: sspi.h:356
SECURITY_STATUS WINAPI QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
Definition: wrapper.c:505
#define ISC_REQ_DATAGRAM
Definition: sspi.h:358
#define ISC_REQ_USE_DCE_STYLE
Definition: sspi.h:357
#define ISC_REQ_IDENTIFY
Definition: sspi.h:365
#define SEC_E_OK
Definition: winerror.h:2356
#define ISC_REQ_CONNECTION
Definition: sspi.h:359
#define SECPKG_ATTR_FLAGS
Definition: sspi.h:521
#define ISC_REQ_CALL_LEVEL
Definition: sspi.h:360
#define ISC_REQ_MUTUAL_AUTH
Definition: sspi.h:349
UINT32 uint32_t
Definition: types.h:75
#define ISC_REQ_CONFIDENTIALITY
Definition: sspi.h:352
#define ISC_REQ_REPLAY_DETECT
Definition: sspi.h:350

Referenced by authsspi_refresh().

◆ print_rpc_gss_sec()

void print_rpc_gss_sec ( struct rpc_sspi_sec ptr)

Definition at line 859 of file auth_sspi.c.

860 {
861  int i;
862  char *p;
863 
864  fprintf(fd_out, "rpc_gss_sec:");
865  if(ptr->mech == NULL)
866  fprintf(fd_out, "NULL gss_OID mech");
867  else {
868  fprintf(fd_out, " mechanism_OID: {");
869  p = (char *)ptr->mech->elements;
870  for (i=0; i < ptr->mech->length; i++)
871  /* First byte of OIDs encoded to save a byte */
872  if (i == 0) {
873  int first, second;
874  if (*p < 40) {
875  first = 0;
876  second = *p;
877  }
878  else if (40 <= *p && *p < 80) {
879  first = 1;
880  second = *p - 40;
881  }
882  else if (80 <= *p && *p < 127) {
883  first = 2;
884  second = *p - 80;
885  }
886  else {
887  /* Invalid value! */
888  first = -1;
889  second = -1;
890  }
891  fprintf(fd_out, " %u %u", first, second);
892  p++;
893  }
894  else {
895  fprintf(fd_out, " %u", (unsigned char)*p++);
896  }
897  fprintf(fd_out, " }\n");
898  }
899  fprintf(fd_out, " qop: %d\n", ptr->qop);
900  fprintf(fd_out, " service: %d\n", ptr->svc);
901  fprintf(fd_out, " cred: %p\n", ptr->cred);
902 }
const GLint * first
Definition: glext.h:5794
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
static PVOID ptr
Definition: dispmode.c:27
smooth NULL
Definition: ftsmooth.c:416
#define for
Definition: utility.h:88
#define fd_out
Definition: auth_sspi.c:858
GLfloat GLfloat p
Definition: glext.h:8902

Referenced by authgss_refresh(), and authsspi_refresh().

◆ sspi_get_mic()

uint32_t sspi_get_mic ( PCtxtHandle  ctx,
u_int  qop,
u_int  seq,
sspi_buffer_desc bufin,
sspi_buffer_desc bufout 
)

Definition at line 659 of file auth_sspi.c.

661 {
662 #endif
663  uint32_t maj_stat;
664  SecPkgContext_Sizes ContextSizes;
666  SecBuffer sec_tkn[2];
667 
668  log_hexdump(0, "sspi_get_mic: calculating checksum of", bufin->value, bufin->length, 0);
669 
670  memset(&ContextSizes, 0, sizeof(ContextSizes));
671  maj_stat = QueryContextAttributesA(ctx, SECPKG_ATTR_SIZES, &ContextSizes);
672  if (maj_stat != SEC_E_OK) return maj_stat;
673 
674  if (ContextSizes.cbMaxSignature == 0) return SEC_E_INTERNAL_ERROR;
675 
676  desc.cBuffers = 2;
677  desc.pBuffers = sec_tkn;
678  desc.ulVersion = SECBUFFER_VERSION;
679  sec_tkn[0].BufferType = SECBUFFER_DATA;
680  sec_tkn[0].cbBuffer = bufin->length;
681  sec_tkn[0].pvBuffer = bufin->value;
682  sec_tkn[1].BufferType = SECBUFFER_TOKEN;
683  sec_tkn[1].cbBuffer = ContextSizes.cbMaxSignature;
684  sec_tkn[1].pvBuffer = calloc(ContextSizes.cbMaxSignature, sizeof(char));
685  if (sec_tkn[1].pvBuffer == NULL) return SEC_E_INSUFFICIENT_MEMORY;
686 
687  maj_stat = MakeSignature(ctx, 0, &desc, seq);
688  if (maj_stat == SEC_E_OK) {
689  bufout->length = sec_tkn[1].cbBuffer;
690  bufout->value = sec_tkn[1].pvBuffer;
691  log_hexdump(0, "sspi_get_mic: verifier is", bufout->value, bufout->length, 0);
692  } else
693  free(sec_tkn[1].pvBuffer);
694 
695  return maj_stat;
696 }
#define SEC_E_INTERNAL_ERROR
Definition: winerror.h:2913
#define free
Definition: debug_ros.c:5
#define SECBUFFER_DATA
Definition: sspi.h:146
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
Definition: auth_sspi.c:942
ULONG cbMaxSignature
Definition: sspi.h:548
#define SECPKG_ATTR_SIZES
Definition: sspi.h:507
#define SEC_E_INSUFFICIENT_MEMORY
Definition: winerror.h:2909
const struct builtin_class_descr * desc
Definition: regcontrol.c:48
smooth NULL
Definition: ftsmooth.c:416
CtxtHandle ctx
Definition: auth_sspi.c:61
SECURITY_STATUS WINAPI QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
Definition: wrapper.c:505
#define SECBUFFER_TOKEN
Definition: sspi.h:147
ULONG BufferType
Definition: sspi.h:140
#define SEC_E_OK
Definition: winerror.h:2356
#define SECBUFFER_VERSION
Definition: sspi.h:173
ULONG cbBuffer
Definition: sspi.h:139
UINT32 uint32_t
Definition: types.h:75
#define calloc
Definition: rosglue.h:14
#define memset(x, y, z)
Definition: compat.h:39
SECURITY_STATUS WINAPI MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: wrapper.c:623

Referenced by authsspi_marshal(), and xdr_rpc_sspi_wrap_data().

◆ sspi_import_name()

uint32_t sspi_import_name ( sspi_buffer_desc name_in,
sspi_name_t name_out 
)

Definition at line 735 of file auth_sspi.c.

736 {
737  *name_out = calloc(name_in->length + 5, sizeof(char));
738  if (*name_out == NULL)
740 
741  strcpy(*name_out, "nfs/");
742  strncat(*name_out, name_in->value, name_in->length);
743 
744  log_debug("imported service name is: %s\n", *name_out);
745 
746  return SEC_E_OK;
747 }
char * strncat(char *DstString, const char *SrcString, ACPI_SIZE Count)
Definition: utclib.c:605
#define SEC_E_INSUFFICIENT_MEMORY
Definition: winerror.h:2909
smooth NULL
Definition: ftsmooth.c:416
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
#define SEC_E_OK
Definition: winerror.h:2356
#define calloc
Definition: rosglue.h:14
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388

Referenced by authsspi_create_default().

◆ sspi_release_buffer()

void sspi_release_buffer ( sspi_buffer_desc buf)

Definition at line 727 of file auth_sspi.c.

728 {
729  if (buf->value)
730  free(buf->value);
731  buf->value = NULL;
732  buf->length = 0;
733 }
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
#define free
Definition: debug_ros.c:5
smooth NULL
Definition: ftsmooth.c:416

Referenced by authsspi_destroy_context(), authsspi_marshal(), authsspi_refresh(), xdr_rpc_sspi_unwrap_data(), and xdr_rpc_sspi_wrap_data().

◆ sspi_unwrap()

uint32_t sspi_unwrap ( PCtxtHandle  ctx,
u_int  seq,
sspi_buffer_desc bufin,
sspi_buffer_desc bufout,
u_int conf_state,
u_int qop_state 
)

Definition at line 810 of file auth_sspi.c.

813 {
814 #else
815 uint32_t sspi_unwrap(void *dummy, u_int seq, sspi_buffer_desc *bufin,
816  sspi_buffer_desc *bufout, u_int *conf_state,
817  u_int *qop_state)
818 {
820 #endif
821  uint32_t maj_stat;
822  SecBufferDesc BuffDesc;
823  SecBuffer SecBuff[2];
824  ULONG ulQop = 0;
825 
826  BuffDesc.ulVersion = 0;
827  BuffDesc.cBuffers = 2;
828  BuffDesc.pBuffers = SecBuff;
829 
830  SecBuff[0].cbBuffer = bufin->length;
831  SecBuff[0].BufferType = SECBUFFER_STREAM;
832  SecBuff[0].pvBuffer = bufin->value;
833 
834  SecBuff[1].cbBuffer = 0;
835  SecBuff[1].BufferType = SECBUFFER_DATA;
836  SecBuff[1].pvBuffer = NULL;
837 
838  log_hexdump(0, "cipher:", bufin->value, bufin->length, 0);
839 
840  maj_stat = DecryptMessage(ctx, &BuffDesc, seq, &ulQop);
841  if (maj_stat != SEC_E_OK) return maj_stat;
842 
843  bufout->length = SecBuff[1].cbBuffer;
844  bufout->value = malloc(bufout->length);
845  memcpy(bufout->value, SecBuff[1].pvBuffer, bufout->length);
846 
847  log_hexdump(0, "data:", bufout->value, bufout->length, 0);
848 
849  *conf_state = 1;
850  *qop_state = 0;
851 
852  return SEC_E_OK;
853 }
#define SECBUFFER_STREAM
Definition: sspi.h:155
ULONG ulVersion
Definition: sspi.h:167
#define SECBUFFER_DATA
Definition: sspi.h:146
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
Definition: auth_sspi.c:942
uint32_t sspi_unwrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state, u_int *qop_state)
Definition: auth_sspi.c:810
smooth NULL
Definition: ftsmooth.c:416
CtxtHandle ctx
Definition: auth_sspi.c:61
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
ULONG BufferType
Definition: sspi.h:140
#define SEC_E_OK
Definition: winerror.h:2356
ULONG cbBuffer
Definition: sspi.h:139
UINT32 u_int
Definition: types.h:82
unsigned char dummy
Definition: maze.c:118
SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: wrapper.c:1036
UINT32 uint32_t
Definition: types.h:75
unsigned int ULONG
Definition: retypes.h:1
#define malloc
Definition: debug_ros.c:4
ULONG cBuffers
Definition: sspi.h:168

Referenced by xdr_rpc_sspi_unwrap_data().

◆ sspi_verify_mic()

uint32_t sspi_verify_mic ( PCtxtHandle  ctx,
u_int  seq,
sspi_buffer_desc bufin,
sspi_buffer_desc bufout,
u_int qop_state 
)

Definition at line 699 of file auth_sspi.c.

701 {
702 #else
704  sspi_buffer_desc *bufout, u_int *qop_state)
705 {
707 #endif
709  SecBuffer sec_tkn[2];
710 
711  desc.cBuffers = 2;
712  desc.pBuffers = sec_tkn;
713  desc.ulVersion = SECBUFFER_VERSION;
714  sec_tkn[0].BufferType = SECBUFFER_DATA;
715  sec_tkn[0].cbBuffer = bufin->length;
716  sec_tkn[0].pvBuffer = bufin->value;
717  sec_tkn[1].BufferType = SECBUFFER_TOKEN;
718  sec_tkn[1].cbBuffer = bufout->length;
719  sec_tkn[1].pvBuffer = bufout->value;
720 
721  log_hexdump(0, "sspi_verify_mic: calculating checksum over", bufin->value, bufin->length, 0);
722  log_hexdump(0, "sspi_verify_mic: received checksum ", bufout->value, bufout->length, 0);
723 
724  return VerifySignature(ctx, &desc, seq, qop_state);
725 }
uint32_t sspi_verify_mic(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *qop_state)
Definition: auth_sspi.c:699
#define SECBUFFER_DATA
Definition: sspi.h:146
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
Definition: auth_sspi.c:942
const struct builtin_class_descr * desc
Definition: regcontrol.c:48
SECURITY_STATUS WINAPI VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: wrapper.c:653
CtxtHandle ctx
Definition: auth_sspi.c:61
#define SECBUFFER_TOKEN
Definition: sspi.h:147
ULONG BufferType
Definition: sspi.h:140
#define SECBUFFER_VERSION
Definition: sspi.h:173
ULONG cbBuffer
Definition: sspi.h:139
UINT32 u_int
Definition: types.h:82
unsigned char dummy
Definition: maze.c:118
UINT32 uint32_t
Definition: types.h:75

Referenced by authsspi_refresh(), authsspi_validate(), and xdr_rpc_sspi_unwrap_data().

◆ sspi_wrap()

uint32_t sspi_wrap ( PCtxtHandle  ctx,
u_int  seq,
sspi_buffer_desc bufin,
sspi_buffer_desc bufout,
u_int conf_state 
)

Definition at line 750 of file auth_sspi.c.

752 {
753 #else
754 uint32_t sspi_wrap(void *dummy, u_int seq, sspi_buffer_desc *bufin,
755  sspi_buffer_desc *bufout, u_int *conf_state)
756 {
758 #endif
759  uint32_t maj_stat;
760  SecBufferDesc BuffDesc;
761  SecBuffer SecBuff[3];
762  ULONG ulQop = 0;
763  SecPkgContext_Sizes ContextSizes;
764  PBYTE p;
765 
767  &ContextSizes);
768  if (maj_stat != SEC_E_OK)
769  goto out;
770 
771  BuffDesc.ulVersion = 0;
772  BuffDesc.cBuffers = 3;
773  BuffDesc.pBuffers = SecBuff;
774 
775  SecBuff[0].cbBuffer = ContextSizes.cbSecurityTrailer;
776  SecBuff[0].BufferType = SECBUFFER_TOKEN;
777  SecBuff[0].pvBuffer = malloc(ContextSizes.cbSecurityTrailer);
778 
779  SecBuff[1].cbBuffer = bufin->length;
780  SecBuff[1].BufferType = SECBUFFER_DATA;
781  SecBuff[1].pvBuffer = bufin->value;
782  log_hexdump(0, "plaintext:", bufin->value, bufin->length, 0);
783 
784  SecBuff[2].cbBuffer = ContextSizes.cbBlockSize;
785  SecBuff[2].BufferType = SECBUFFER_PADDING;
786  SecBuff[2].pvBuffer = malloc(ContextSizes.cbBlockSize);
787 
788  maj_stat = EncryptMessage(ctx, ulQop, &BuffDesc, seq);
789  if (maj_stat != SEC_E_OK)
790  goto out_free;
791 
792  bufout->length = SecBuff[0].cbBuffer + SecBuff[1].cbBuffer + SecBuff[2].cbBuffer;
793  p = bufout->value = malloc(bufout->length);
794  memcpy(p, SecBuff[0].pvBuffer, SecBuff[0].cbBuffer);
795  p += SecBuff[0].cbBuffer;
796  memcpy(p, SecBuff[1].pvBuffer, SecBuff[1].cbBuffer);
797  p += SecBuff[1].cbBuffer;
798  memcpy(p, SecBuff[2].pvBuffer, SecBuff[2].cbBuffer);
799 out_free:
800  free(SecBuff[0].pvBuffer);
801  free(SecBuff[2].pvBuffer);
802 
803  if (!maj_stat)
804  log_hexdump(0, "cipher:", bufout->value, bufout->length, 0);
805 out:
806  return maj_stat;
807 }
ULONG ulVersion
Definition: sspi.h:167
#define free
Definition: debug_ros.c:5
#define SECBUFFER_DATA
Definition: sspi.h:146
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
Definition: auth_sspi.c:942
ULONG cbBlockSize
Definition: sspi.h:549
#define SECPKG_ATTR_SIZES
Definition: sspi.h:507
#define SECBUFFER_PADDING
Definition: sspi.h:154
static FILE * out
Definition: regtests2xml.c:44
CtxtHandle ctx
Definition: auth_sspi.c:61
uint32_t sspi_wrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state)
Definition: auth_sspi.c:750
ULONG cbSecurityTrailer
Definition: sspi.h:550
#define SECBUFFER_TOKEN
Definition: sspi.h:147
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
ULONG BufferType
Definition: sspi.h:140
#define SEC_E_OK
Definition: winerror.h:2356
#define QueryContextAttributes
Definition: sspi.h:498
ULONG cbBuffer
Definition: sspi.h:139
UINT32 u_int
Definition: types.h:82
unsigned char dummy
Definition: maze.c:118
UINT32 uint32_t
Definition: types.h:75
unsigned int ULONG
Definition: retypes.h:1
#define malloc
Definition: debug_ros.c:4
GLfloat GLfloat p
Definition: glext.h:8902
ULONG cBuffers
Definition: sspi.h:168
BYTE * PBYTE
Definition: pedump.c:66
SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: wrapper.c:1006

Referenced by xdr_rpc_sspi_wrap_data().

Variable Documentation

◆ AUTH_TIMEOUT

struct timeval AUTH_TIMEOUT = { 25, 0 }
static

Definition at line 69 of file auth_sspi.c.

Referenced by authsspi_destroy_context(), and authsspi_refresh().

◆ authsspi_ops

struct auth_ops authsspi_ops
static
Initial value:
= {
}
static bool_t authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq)
Definition: auth_sspi.c:637
static bool_t authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq)
Definition: auth_sspi.c:275
static bool_t authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
Definition: auth_sspi.c:620
static void authsspi_nextverf(AUTH *auth)
Definition: auth_sspi.c:196
static void authsspi_destroy(AUTH *auth)
Definition: auth_sspi.c:596
static bool_t authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq)
Definition: auth_sspi.c:203
static bool_t authsspi_refresh(AUTH *auth, void *)
Definition: auth_sspi.c:343

Definition at line 43 of file auth_sspi.c.

Referenced by authsspi_create().