ReactOS 0.4.15-dev-7953-g1f49173
auth_sspi.c
Go to the documentation of this file.
1/* NFSv4.1 client for Windows
2 * Copyright © 2012 The Regents of the University of Michigan
3 *
4 * Olga Kornievskaia <aglo@umich.edu>
5 * Casey Bodley <cbodley@umich.edu>
6 *
7 * This library is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as published by
9 * the Free Software Foundation; either version 2.1 of the License, or (at
10 * your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful, but
13 * without any warranty; without even the implied warranty of merchantability
14 * or fitness for a particular purpose. See the GNU Lesser General Public
15 * License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA
20 */
21
22#include <wintirpc.h>
23#include <stdio.h>
24#include <stdlib.h>
25//#include <unistd.h>
26#include <string.h>
27#include <errno.h>
28#include <rpc/types.h>
29#include <rpc/xdr.h>
30#include <rpc/auth.h>
31#include <rpc/auth_sspi.h>
32#include <rpc/clnt.h>
33
34static void authsspi_nextverf(AUTH *auth);
35static bool_t authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq);
36static bool_t authsspi_refresh(AUTH *auth, void *);
37static bool_t authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq);
38static void authsspi_destroy(AUTH *auth);
39static void authsspi_destroy_context(AUTH *auth);
40static bool_t authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr);
41static bool_t authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq);
42
43static struct auth_ops authsspi_ops = {
44 authsspi_nextverf,
45 authsspi_marshal,
46 authsspi_validate,
47 authsspi_refresh,
48 authsspi_destroy,
49 authsspi_wrap,
50 authsspi_unwrap
51};
52
53struct rpc_sspi_data {
54 bool_t established; /* context established */
55 bool_t inprogress;
56 sspi_buffer_desc gc_wire_verf; /* save GSS_S_COMPLETE NULL RPC verfier
57 * to process at end of context negotiation*/
58 CLIENT *clnt; /* client handle */
59 sspi_name_t name; /* service name */
60 struct rpc_sspi_sec *sec; /* security tuple */
61 CtxtHandle ctx; /* context id */
62 struct rpc_sspi_cred gc; /* client credentials */
63 u_int win; /* sequence window */
64 TimeStamp expiry;
65};
66
67#define AUTH_PRIVATE(auth) ((struct rpc_sspi_data *)auth->ah_private)
68
69static struct timeval AUTH_TIMEOUT = { 25, 0 };
70void print_rpc_gss_sec(struct rpc_sspi_sec *ptr);
71void print_negotiated_attrs(PCtxtHandle ctx);
72
73AUTH *
74authsspi_create(CLIENT *clnt, sspi_name_t name, struct rpc_sspi_sec *sec)
75{
76 AUTH *auth, *save_auth;
77 struct rpc_sspi_data *gd;
78
79 log_debug("in authgss_create()");
80
81 memset(&rpc_createerr, 0, sizeof(rpc_createerr));
82
83 if ((auth = calloc(sizeof(*auth), 1)) == NULL) {
84 rpc_createerr.cf_stat = RPC_SYSTEMERROR;
85 rpc_createerr.cf_error.re_errno = ENOMEM;
86 return (NULL);
87 }
88 if ((gd = calloc(sizeof(*gd), 1)) == NULL) {
89 rpc_createerr.cf_stat = RPC_SYSTEMERROR;
90 rpc_createerr.cf_error.re_errno = ENOMEM;
91 free(auth);
92 return (NULL);
93 }
94
95#if 0
96 if (name != SSPI_C_NO_NAME) {
97 if (gss_duplicate_name(&min_stat, name, &gd->name)
98 != GSS_S_COMPLETE) {
99 rpc_createerr.cf_stat = RPC_SYSTEMERROR;
100 rpc_createerr.cf_error.re_errno = ENOMEM;
101 free(auth);
102 return (NULL);
103 }
104 }
105 else
106#else
107 gd->name = strdup(name);
108#endif
109
110 gd->clnt = clnt;
111 SecInvalidateHandle(&gd->ctx);
112 gd->sec = sec;
113
114 gd->gc.gc_v = RPCSEC_SSPI_VERSION;
115 gd->gc.gc_proc = RPCSEC_SSPI_INIT;
116 gd->gc.gc_svc = gd->sec->svc;
117
118 auth->ah_ops = &authsspi_ops;
119 auth->ah_private = (caddr_t)gd;
120
121 save_auth = clnt->cl_auth;
122 clnt->cl_auth = auth;
123
124 if (!authsspi_refresh(auth, NULL))
125 auth = NULL;
126
127 clnt->cl_auth = save_auth;
128
129 return (auth);
130}
131
132AUTH *
133authsspi_create_default(CLIENT *clnt, char *service, int svc)
134{
135 AUTH *auth = NULL;
136 uint32_t maj_stat = 0;
137 sspi_buffer_desc sname;
138 sspi_name_t name = SSPI_C_NO_NAME;
139 unsigned char sec_pkg_name[] = "Kerberos";
140 struct rpc_sspi_sec *sec;
141
142 log_debug("in authgss_create_default() for %s", service);
143
144 sname.value = service;
145 sname.length = (int)strlen(service);
146#if 0
147 maj_stat = gss_import_name(&min_stat, &sname,
148 (gss_OID)GSS_C_NT_HOSTBASED_SERVICE,
149 &name);
150#else
151 maj_stat = sspi_import_name(&sname, &name);
152#endif
153 if (maj_stat != SEC_E_OK) {
154 log_debug("authgss_create_default: sspi_import_name failed with %x", maj_stat);
155 return (NULL);
156 }
157 sec = calloc(1, sizeof(struct rpc_sspi_sec));
158 if (sec == NULL)
159 goto out_err;
160 sec->svc = svc;
161 // Let's acquire creds here for now
162 maj_stat = AcquireCredentialsHandleA(NULL, sec_pkg_name, SECPKG_CRED_BOTH,
163 NULL, NULL, NULL, NULL, &sec->cred, &sec->expiry);
164 if (maj_stat != SEC_E_OK) {
165 log_debug("authgss_create_default: AcquireCredentialsHandleA failed with %x", maj_stat);
166 free(sec);
167 goto out;
168 }
169
170 auth = authsspi_create(clnt, name, sec);
171 if (auth == NULL)
172 goto out_free_sec;
173
174out:
175 if (name != SSPI_C_NO_NAME) {
176#if 0
177 gss_release_name(&min_stat, &name);
178#else
179 free(name);
180#endif
181 }
182
183 return (auth);
184out_free_sec:
185 if (rpc_createerr.cf_error.re_errno == ENOMEM) {
186 FreeCredentialsHandle(&sec->cred);
187 free(sec);
188 }
189out_err:
190 rpc_createerr.cf_stat = RPC_SYSTEMERROR;
191 rpc_createerr.cf_error.re_errno = ENOMEM;
192 goto out;
193}
194
195static void
196authsspi_nextverf(AUTH *auth)
197{
198 log_debug("in authgss_nextverf()");
199 /* no action necessary */
200}
201
202static bool_t
203authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq)
204{
205 XDR tmpxdrs;
206 char tmp[MAX_AUTH_BYTES];
207 struct rpc_sspi_data *gd;
208 sspi_buffer_desc rpcbuf, checksum;
209 uint32_t maj_stat;
210 bool_t xdr_stat;
211
212 log_debug("in authgss_marshal()");
213
214 gd = AUTH_PRIVATE(auth);
215
216 if (gd->established) {
217 gd->gc.gc_seq++;
218 *seq = gd->gc.gc_seq;
219 }
220
221 xdrmem_create(&tmpxdrs, tmp, sizeof(tmp), XDR_ENCODE);
222
223 if (!xdr_rpc_sspi_cred(&tmpxdrs, &gd->gc)) {
224 log_debug("authsspi_marshal: xdr_rpc_sspi_cred failed");
225 XDR_DESTROY(&tmpxdrs);
226 return (FALSE);
227 }
228 auth->ah_cred.oa_flavor = RPCSEC_GSS;
229 auth->ah_cred.oa_base = tmp;
230 auth->ah_cred.oa_length = XDR_GETPOS(&tmpxdrs);
231
232 XDR_DESTROY(&tmpxdrs);
233
234 if (!xdr_opaque_auth(xdrs, &auth->ah_cred)) {
235 log_debug("authsspi_marshal: failed to xdr GSS CRED");
236 return (FALSE);
237 }
238 if (gd->gc.gc_proc == RPCSEC_SSPI_INIT ||
239 gd->gc.gc_proc == RPCSEC_SSPI_CONTINUE_INIT) {
240 return (xdr_opaque_auth(xdrs, &_null_auth));
241 }
242 /* Checksum serialized RPC header, up to and including credential. */
243 rpcbuf.length = XDR_GETPOS(xdrs) - 4;
244 //XDR_SETPOS(xdrs, 0);
245 //rpcbuf.value = XDR_INLINE(xdrs, rpcbuf.length);
246 rpcbuf.value = xdrrec_getoutbase(xdrs) + 1;
247
248#if 0
249 maj_stat = gss_get_mic(&min_stat, gd->ctx, gd->sec.qop,
250 &rpcbuf, &checksum);
251#else
252 maj_stat = sspi_get_mic(&gd->ctx, 0, gd->gc.gc_seq, &rpcbuf, &checksum);
253#endif
254 if (maj_stat != SEC_E_OK) {
255 log_debug("authsspi_marshal: sspi_get_mic failed with %x", maj_stat);
256 if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
257 gd->established = FALSE;
258 authsspi_destroy_context(auth);
259 }
260 return (FALSE);
261 }
262 auth->ah_verf.oa_flavor = RPCSEC_GSS;
263 auth->ah_verf.oa_base = checksum.value;
264 auth->ah_verf.oa_length = checksum.length;
265 xdr_stat = xdr_opaque_auth(xdrs, &auth->ah_verf);
266#if 0
267 gss_release_buffer(&min_stat, &checksum);
268#else
269 sspi_release_buffer(&checksum);
270#endif
271 return (xdr_stat);
272}
273
274static bool_t
275authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq)
276{
277 struct rpc_sspi_data *gd;
278 u_int num, qop_state, cur_seq;
279 sspi_buffer_desc signbuf, checksum;
280 uint32_t maj_stat;
281
282 log_debug("in authgss_validate(for seq=%d)", seq);
283
284 gd = AUTH_PRIVATE(auth);
285
286 if (gd->established == FALSE) {
287 /* would like to do this only on NULL rpc --
288 * gc->established is good enough.
289 * save the on the wire verifier to validate last
290 * INIT phase packet after decode if the major
291 * status is GSS_S_COMPLETE
292 */
293 if ((gd->gc_wire_verf.value =
294 mem_alloc(verf->oa_length)) == NULL) {
295 return (FALSE);
296 }
297 memcpy(gd->gc_wire_verf.value, verf->oa_base, verf->oa_length);
298 gd->gc_wire_verf.length = verf->oa_length;
299 return (TRUE);
300 }
301
302 if (gd->gc.gc_proc == RPCSEC_SSPI_DESTROY)
303 return TRUE;
304
305 if (gd->gc.gc_proc == RPCSEC_SSPI_INIT ||
306 gd->gc.gc_proc == RPCSEC_SSPI_CONTINUE_INIT) {
307 num = htonl(gd->win);
308 }
309 else {
310 if (seq == -1) {
311 num = htonl(gd->gc.gc_seq);
312 cur_seq = gd->gc.gc_seq;
313 }
314 else {
315 num = htonl(seq);
316 cur_seq = seq;
317 }
318 }
319
320 signbuf.value = &num;
321 signbuf.length = sizeof(num);
322
323 checksum.value = verf->oa_base;
324 checksum.length = verf->oa_length;
325#if 0
326 maj_stat = gss_verify_mic(&min_stat, gd->ctx, &signbuf,
327 &checksum, &qop_state);
328#else
329 maj_stat = sspi_verify_mic(&gd->ctx, cur_seq, &signbuf, &checksum, &qop_state);
330#endif
331 if (maj_stat != SEC_E_OK) {
332 log_debug("authsspi_validate: VerifySignature failed with %x", maj_stat);
333 if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
334 gd->established = FALSE;
335 authsspi_destroy_context(auth);
336 }
337 return (FALSE);
338 }
339 return (TRUE);
340}
341
342static bool_t
343authsspi_refresh(AUTH *auth, void *tmp)
344{
345 struct rpc_sspi_data *gd;
346 struct rpc_sspi_init_res gr;
347 sspi_buffer_desc *recv_tokenp, send_token;
348 uint32_t maj_stat, call_stat, ret_flags, i;
349 unsigned long flags =
350 ISC_REQ_MUTUAL_AUTH|ISC_REQ_INTEGRITY|ISC_REQ_ALLOCATE_MEMORY;
351 SecBufferDesc out_desc, in_desc;
352 SecBuffer wtkn[1], rtkn[1];
353
354 log_debug("in authgss_refresh()");
355
356 gd = AUTH_PRIVATE(auth);
357
358 if ((gd->established && tmp == NULL) || gd->inprogress)
359 return (TRUE);
360 else if (tmp) {
361 log_debug("trying to refresh credentials\n");
362 DeleteSecurityContext(&gd->ctx);
363 sspi_release_buffer(&gd->gc.gc_ctx);
364 SecInvalidateHandle(&gd->ctx);
365 mem_free(gd->gc_wire_verf.value, gd->gc_wire_verf.length);
366 gd->gc_wire_verf.value = NULL;
367 gd->gc_wire_verf.length = 0;
368 gd->established = FALSE;
369 gd->gc.gc_proc = RPCSEC_SSPI_INIT;
370 }
371
372 /* GSS context establishment loop. */
373 memset(&gr, 0, sizeof(gr));
374 recv_tokenp = SSPI_C_NO_BUFFER;
375 send_token.length = 0;
376 send_token.value = NULL;
377
378 print_rpc_gss_sec(gd->sec);
379
380 if (gd->sec->svc == RPCSEC_SSPI_SVC_PRIVACY)
381 flags |= ISC_REQ_CONFIDENTIALITY;
382
383 for (i=0;;i++) {
384 /* print the token we just received */
385 if (recv_tokenp != SSPI_C_NO_BUFFER) {
386 log_debug("The token we just received (length %d):",
387 recv_tokenp->length);
388 log_hexdump(0, "", recv_tokenp->value, recv_tokenp->length, 0);
389 }
390#if 0
391 maj_stat = gss_init_sec_context(&min_stat,
392 gd->sec.cred,
393 &gd->ctx,
394 gd->name,
395 gd->sec.mech,
396 gd->sec.req_flags,
397 0, /* time req */
398 NULL, /* channel */
399 recv_tokenp,
400 NULL, /* used mech */
401 &send_token,
402 &ret_flags,
403 NULL); /* time rec */
404#else
405 gd->inprogress = TRUE;
406 out_desc.cBuffers = 1;
407 out_desc.pBuffers = wtkn;
408 out_desc.ulVersion = SECBUFFER_VERSION;
409 wtkn[0].BufferType = SECBUFFER_TOKEN;
410 wtkn[0].cbBuffer = send_token.length;
411 wtkn[0].pvBuffer = send_token.value;
412 log_debug("calling InitializeSecurityContextA for %s", gd->name);
413
414 maj_stat = InitializeSecurityContextA(
415 &gd->sec->cred,
416 ((i==0)?NULL:&gd->ctx),
417 gd->name,
418 flags,
419 0,
420 SECURITY_NATIVE_DREP,
421 ((i==0)?NULL:&in_desc),
422 0,
423 &gd->ctx,
424 &out_desc,
425 &ret_flags,
426 &gd->expiry);
427#endif
428 if (recv_tokenp != SSPI_C_NO_BUFFER) {
429#if 0
430 gss_release_buffer(&min_stat, &gr.gr_token);
431#else
432 sspi_release_buffer(&gr.gr_token);
433#endif
434 recv_tokenp = SSPI_C_NO_BUFFER;
435 }
436 if (maj_stat != SEC_E_OK && maj_stat != SEC_I_CONTINUE_NEEDED) {
437 log_debug("InitializeSecurityContext failed with %x", maj_stat);
438 break;
439 }
440 send_token.length = wtkn[0].cbBuffer;
441 send_token.value = wtkn[0].pvBuffer;
442 if (send_token.length != 0) {
443 memset(&gr, 0, sizeof(gr));
444
445 /* print the token we are about to send */
446 log_debug("The token being sent (length %d):",
447 send_token.length);
448 log_hexdump(0, "", send_token.value, send_token.length, 0);
449
450 call_stat = clnt_call(gd->clnt, NULLPROC,
451 (xdrproc_t)xdr_rpc_sspi_init_args,
452 &send_token,
453 (xdrproc_t)xdr_rpc_sspi_init_res,
454 (caddr_t)&gr, AUTH_TIMEOUT);
455#if 0
456 gss_release_buffer(&min_stat, &send_token);
457#else
458 // 11/29/2010 [aglo] can't call sspi_relase_buffer, causes heap
459 // corruption (later) to try and free the buffer directly.
460 FreeContextBuffer(send_token.value);
461#endif
462 if (call_stat != RPC_SUCCESS ||
463 (gr.gr_major != SEC_E_OK &&
464 gr.gr_major != SEC_I_CONTINUE_NEEDED))
465 break;
466
467 if (gr.gr_ctx.length != 0) {
468#if 0
469 if (gd->gc.gc_ctx.value)
470 gss_release_buffer(&min_stat,
471 &gd->gc.gc_ctx);
472#else
473 sspi_release_buffer(&gd->gc.gc_ctx);
474#endif
475 gd->gc.gc_ctx = gr.gr_ctx;
476 }
477 if (gr.gr_token.length != 0) {
478 if (maj_stat != SEC_I_CONTINUE_NEEDED)
479 break;
480 recv_tokenp = &gr.gr_token;
481 in_desc.cBuffers = 1;
482 in_desc.pBuffers = rtkn;
483 in_desc.ulVersion = SECBUFFER_VERSION;
484 rtkn[0].BufferType = SECBUFFER_TOKEN;
485 rtkn[0].cbBuffer = gr.gr_token.length;
486 rtkn[0].pvBuffer = gr.gr_token.value;
487 }
488 gd->gc.gc_proc = RPCSEC_SSPI_CONTINUE_INIT;
489 }
490
491 /* GSS_S_COMPLETE => check gss header verifier,
492 * usually checked in gss_validate
493 */
494 if (maj_stat == SEC_E_OK) {
495 sspi_buffer_desc bufin;
496 u_int seq, qop_state = 0;
497
498 print_negotiated_attrs(&gd->ctx);
499
500 seq = htonl(gr.gr_win);
501 bufin.value = (unsigned char *)&seq;
502 bufin.length = sizeof(seq);
503#if 0
504 maj_stat = gss_verify_mic(&min_stat, gd->ctx,
505 &bufin, &bufout, &qop_state);
506#else
507 maj_stat = sspi_verify_mic(&gd->ctx, 0, &bufin, &gd->gc_wire_verf, &qop_state);
508#endif
509 if (maj_stat != SEC_E_OK) {
510 log_debug("authgss_refresh: sspi_verify_mic failed with %x", maj_stat);
511 if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
512 gd->established = FALSE;
513 authsspi_destroy_context(auth);
514 }
515 break;
516 }
517 gd->established = TRUE;
518 gd->inprogress = FALSE;
519 gd->gc.gc_proc = RPCSEC_SSPI_DATA;
520 gd->gc.gc_seq = 0;
521 gd->win = gr.gr_win;
522 log_debug("authgss_refresh: established GSS context");
523 break;
524 }
525 }
526 /* End context negotiation loop. */
527 if (gd->gc.gc_proc != RPCSEC_SSPI_DATA) {
528 if (gr.gr_token.length != 0)
529#if 0
530 gss_release_buffer(&min_stat, &gr.gr_token);
531#else
532 sspi_release_buffer(&gr.gr_token);
533#endif
534 authsspi_destroy(auth);
535 auth = NULL;
536 rpc_createerr.cf_stat = RPC_AUTHERROR;
537
538 return (FALSE);
539 }
540 return (TRUE);
541}
542
543bool_t
544authsspi_service(AUTH *auth, int svc)
545{
546 struct rpc_sspi_data *gd;
547
548 log_debug("in authgss_service()");
549
550 if (!auth)
551 return(FALSE);
552 gd = AUTH_PRIVATE(auth);
553 if (!gd || !gd->established)
554 return (FALSE);
555 gd->sec->svc = svc;
556 gd->gc.gc_svc = svc;
557 return (TRUE);
558}
559
560static void
561authsspi_destroy_context(AUTH *auth)
562{
563 struct rpc_sspi_data *gd;
564
565 log_debug("in authgss_destroy_context()");
566
567 gd = AUTH_PRIVATE(auth);
568 if (gd == NULL) return;
569
570 if (SecIsValidHandle(&gd->ctx)) {
571 if (gd->established) {
572 gd->gc.gc_proc = RPCSEC_SSPI_DESTROY;
573 clnt_call(gd->clnt, NULLPROC, (xdrproc_t)xdr_void, NULL,
574 (xdrproc_t)xdr_void, NULL, AUTH_TIMEOUT);
575 DeleteSecurityContext(&gd->ctx);
576 }
577 sspi_release_buffer(&gd->gc.gc_ctx);
578 SecInvalidateHandle(&gd->ctx);
579#if 0
580 gss_release_buffer(&min_stat, &gd->gc.gc_ctx);
581 /* XXX ANDROS check size of context - should be 8 */
582 memset(&gd->gc.gc_ctx, 0, sizeof(gd->gc.gc_ctx));
583 gss_delete_sec_context(&min_stat, &gd->ctx, NULL);
584#endif
585 }
586
587 /* free saved wire verifier (if any) */
588 mem_free(gd->gc_wire_verf.value, gd->gc_wire_verf.length);
589 gd->gc_wire_verf.value = NULL;
590 gd->gc_wire_verf.length = 0;
591
592 gd->established = FALSE;
593}
594
595static void
596authsspi_destroy(AUTH *auth)
597{
598 struct rpc_sspi_data *gd;
599
600 log_debug("in authgss_destroy()");
601
602 gd = AUTH_PRIVATE(auth);
603 if (gd == NULL) return;
604
605 authsspi_destroy_context(auth);
606
607#if 0
608 if (gd->name != SSPI_C_NO_NAME)
609 gss_release_name(&min_stat, &gd->name);
610#else
611 free(gd->name);
612#endif
613 FreeCredentialsHandle(&gd->sec->cred);
614 free(gd->sec);
615 free(gd);
616 free(auth);
617}
618
619bool_t
620authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
621{
622 struct rpc_sspi_data *gd;
623
624 log_debug("in authgss_wrap()");
625
626 gd = AUTH_PRIVATE(auth);
627
628 if (!gd->established || gd->sec->svc == RPCSEC_SSPI_SVC_NONE) {
629 return ((*xdr_func)(xdrs, xdr_ptr));
630 }
631 return (xdr_rpc_sspi_data(xdrs, xdr_func, xdr_ptr,
632 &gd->ctx, gd->sec->qop,
633 gd->sec->svc, gd->gc.gc_seq));
634}
635
636bool_t
637authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq)
638{
639 struct rpc_sspi_data *gd;
640
641 log_debug("in authgss_unwrap()");
642
643 gd = AUTH_PRIVATE(auth);
644
645 if (!gd->established || gd->sec->svc == RPCSEC_SSPI_SVC_NONE) {
646 return ((*xdr_func)(xdrs, xdr_ptr));
647 }
648 return (xdr_rpc_sspi_data(xdrs, xdr_func, xdr_ptr,
649 &gd->ctx, gd->sec->qop,
650 gd->sec->svc, seq));
651}
652
653#ifdef __REACTOS__
654uint32_t sspi_get_mic(void *dummy, u_int qop, u_int seq,
655 sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
656{
657 PCtxtHandle ctx = dummy;
658#else
659uint32_t sspi_get_mic(PCtxtHandle ctx, u_int qop, u_int seq,
660 sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
661{
662#endif
663 uint32_t maj_stat;
664 SecPkgContext_Sizes ContextSizes;
665 SecBufferDesc desc;
666 SecBuffer sec_tkn[2];
667
668 log_hexdump(0, "sspi_get_mic: calculating checksum of", bufin->value, bufin->length, 0);
669
670 memset(&ContextSizes, 0, sizeof(ContextSizes));
671 maj_stat = QueryContextAttributesA(ctx, SECPKG_ATTR_SIZES, &ContextSizes);
672 if (maj_stat != SEC_E_OK) return maj_stat;
673
674 if (ContextSizes.cbMaxSignature == 0) return SEC_E_INTERNAL_ERROR;
675
676 desc.cBuffers = 2;
677 desc.pBuffers = sec_tkn;
678 desc.ulVersion = SECBUFFER_VERSION;
679 sec_tkn[0].BufferType = SECBUFFER_DATA;
680 sec_tkn[0].cbBuffer = bufin->length;
681 sec_tkn[0].pvBuffer = bufin->value;
682 sec_tkn[1].BufferType = SECBUFFER_TOKEN;
683 sec_tkn[1].cbBuffer = ContextSizes.cbMaxSignature;
684 sec_tkn[1].pvBuffer = calloc(ContextSizes.cbMaxSignature, sizeof(char));
685 if (sec_tkn[1].pvBuffer == NULL) return SEC_E_INSUFFICIENT_MEMORY;
686
687 maj_stat = MakeSignature(ctx, 0, &desc, seq);
688 if (maj_stat == SEC_E_OK) {
689 bufout->length = sec_tkn[1].cbBuffer;
690 bufout->value = sec_tkn[1].pvBuffer;
691 log_hexdump(0, "sspi_get_mic: verifier is", bufout->value, bufout->length, 0);
692 } else
693 free(sec_tkn[1].pvBuffer);
694
695 return maj_stat;
696}
697
698#ifndef __REACTOS__
699uint32_t sspi_verify_mic(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin,
700 sspi_buffer_desc *bufout, u_int *qop_state)
701{
702#else
703uint32_t sspi_verify_mic(void *dummy, u_int seq, sspi_buffer_desc *bufin,
704 sspi_buffer_desc *bufout, u_int *qop_state)
705{
706 PCtxtHandle ctx = dummy;
707#endif
708 SecBufferDesc desc;
709 SecBuffer sec_tkn[2];
710
711 desc.cBuffers = 2;
712 desc.pBuffers = sec_tkn;
713 desc.ulVersion = SECBUFFER_VERSION;
714 sec_tkn[0].BufferType = SECBUFFER_DATA;
715 sec_tkn[0].cbBuffer = bufin->length;
716 sec_tkn[0].pvBuffer = bufin->value;
717 sec_tkn[1].BufferType = SECBUFFER_TOKEN;
718 sec_tkn[1].cbBuffer = bufout->length;
719 sec_tkn[1].pvBuffer = bufout->value;
720
721 log_hexdump(0, "sspi_verify_mic: calculating checksum over", bufin->value, bufin->length, 0);
722 log_hexdump(0, "sspi_verify_mic: received checksum ", bufout->value, bufout->length, 0);
723
724 return VerifySignature(ctx, &desc, seq, qop_state);
725}
726
727void sspi_release_buffer(sspi_buffer_desc *buf)
728{
729 if (buf->value)
730 free(buf->value);
731 buf->value = NULL;
732 buf->length = 0;
733}
734
735uint32_t sspi_import_name(sspi_buffer_desc *name_in, sspi_name_t *name_out)
736{
737 *name_out = calloc(name_in->length + 5, sizeof(char));
738 if (*name_out == NULL)
739 return SEC_E_INSUFFICIENT_MEMORY;
740
741 strcpy(*name_out, "nfs/");
742 strncat(*name_out, name_in->value, name_in->length);
743
744 log_debug("imported service name is: %s\n", *name_out);
745
746 return SEC_E_OK;
747}
748
749#ifndef __REACTOS__
750uint32_t sspi_wrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin,
751 sspi_buffer_desc *bufout, u_int *conf_state)
752{
753#else
754uint32_t sspi_wrap(void *dummy, u_int seq, sspi_buffer_desc *bufin,
755 sspi_buffer_desc *bufout, u_int *conf_state)
756{
757 PCtxtHandle ctx = dummy;
758#endif
759 uint32_t maj_stat;
760 SecBufferDesc BuffDesc;
761 SecBuffer SecBuff[3];
762 ULONG ulQop = 0;
763 SecPkgContext_Sizes ContextSizes;
764 PBYTE p;
765
766 maj_stat = QueryContextAttributes(ctx, SECPKG_ATTR_SIZES,
767 &ContextSizes);
768 if (maj_stat != SEC_E_OK)
769 goto out;
770
771 BuffDesc.ulVersion = 0;
772 BuffDesc.cBuffers = 3;
773 BuffDesc.pBuffers = SecBuff;
774
775 SecBuff[0].cbBuffer = ContextSizes.cbSecurityTrailer;
776 SecBuff[0].BufferType = SECBUFFER_TOKEN;
777 SecBuff[0].pvBuffer = malloc(ContextSizes.cbSecurityTrailer);
778
779 SecBuff[1].cbBuffer = bufin->length;
780 SecBuff[1].BufferType = SECBUFFER_DATA;
781 SecBuff[1].pvBuffer = bufin->value;
782 log_hexdump(0, "plaintext:", bufin->value, bufin->length, 0);
783
784 SecBuff[2].cbBuffer = ContextSizes.cbBlockSize;
785 SecBuff[2].BufferType = SECBUFFER_PADDING;
786 SecBuff[2].pvBuffer = malloc(ContextSizes.cbBlockSize);
787
788 maj_stat = EncryptMessage(ctx, ulQop, &BuffDesc, seq);
789 if (maj_stat != SEC_E_OK)
790 goto out_free;
791
792 bufout->length = SecBuff[0].cbBuffer + SecBuff[1].cbBuffer + SecBuff[2].cbBuffer;
793 p = bufout->value = malloc(bufout->length);
794 memcpy(p, SecBuff[0].pvBuffer, SecBuff[0].cbBuffer);
795 p += SecBuff[0].cbBuffer;
796 memcpy(p, SecBuff[1].pvBuffer, SecBuff[1].cbBuffer);
797 p += SecBuff[1].cbBuffer;
798 memcpy(p, SecBuff[2].pvBuffer, SecBuff[2].cbBuffer);
799out_free:
800 free(SecBuff[0].pvBuffer);
801 free(SecBuff[2].pvBuffer);
802
803 if (!maj_stat)
804 log_hexdump(0, "cipher:", bufout->value, bufout->length, 0);
805out:
806 return maj_stat;
807}
808
809#ifndef __REACTOS__
810uint32_t sspi_unwrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin,
811 sspi_buffer_desc *bufout, u_int *conf_state,
812 u_int *qop_state)
813{
814#else
815uint32_t sspi_unwrap(void *dummy, u_int seq, sspi_buffer_desc *bufin,
816 sspi_buffer_desc *bufout, u_int *conf_state,
817 u_int *qop_state)
818{
819 PCtxtHandle ctx = dummy;
820#endif
821 uint32_t maj_stat;
822 SecBufferDesc BuffDesc;
823 SecBuffer SecBuff[2];
824 ULONG ulQop = 0;
825
826 BuffDesc.ulVersion = 0;
827 BuffDesc.cBuffers = 2;
828 BuffDesc.pBuffers = SecBuff;
829
830 SecBuff[0].cbBuffer = bufin->length;
831 SecBuff[0].BufferType = SECBUFFER_STREAM;
832 SecBuff[0].pvBuffer = bufin->value;
833
834 SecBuff[1].cbBuffer = 0;
835 SecBuff[1].BufferType = SECBUFFER_DATA;
836 SecBuff[1].pvBuffer = NULL;
837
838 log_hexdump(0, "cipher:", bufin->value, bufin->length, 0);
839
840 maj_stat = DecryptMessage(ctx, &BuffDesc, seq, &ulQop);
841 if (maj_stat != SEC_E_OK) return maj_stat;
842
843 bufout->length = SecBuff[1].cbBuffer;
844 bufout->value = malloc(bufout->length);
845 memcpy(bufout->value, SecBuff[1].pvBuffer, bufout->length);
846
847 log_hexdump(0, "data:", bufout->value, bufout->length, 0);
848
849 *conf_state = 1;
850 *qop_state = 0;
851
852 return SEC_E_OK;
853}
854
855/* useful as i add more mechanisms */
856#define DEBUG
857#ifdef DEBUG
858#define fd_out stdout
859void print_rpc_gss_sec(struct rpc_sspi_sec *ptr)
860{
861 int i;
862 char *p;
863
864 fprintf(fd_out, "rpc_gss_sec:");
865 if(ptr->mech == NULL)
866 fprintf(fd_out, "NULL gss_OID mech");
867 else {
868 fprintf(fd_out, " mechanism_OID: {");
869 p = (char *)ptr->mech->elements;
870 for (i=0; i < ptr->mech->length; i++)
871 /* First byte of OIDs encoded to save a byte */
872 if (i == 0) {
873 int first, second;
874 if (*p < 40) {
875 first = 0;
876 second = *p;
877 }
878 else if (40 <= *p && *p < 80) {
879 first = 1;
880 second = *p - 40;
881 }
882 else if (80 <= *p && *p < 127) {
883 first = 2;
884 second = *p - 80;
885 }
886 else {
887 /* Invalid value! */
888 first = -1;
889 second = -1;
890 }
891 fprintf(fd_out, " %u %u", first, second);
892 p++;
893 }
894 else {
895 fprintf(fd_out, " %u", (unsigned char)*p++);
896 }
897 fprintf(fd_out, " }\n");
898 }
899 fprintf(fd_out, " qop: %d\n", ptr->qop);
900 fprintf(fd_out, " service: %d\n", ptr->svc);
901 fprintf(fd_out, " cred: %p\n", ptr->cred);
902}
903
904void print_negotiated_attrs(PCtxtHandle ctx)
905{
906 SecPkgContext_Sizes ContextSizes;
907 unsigned long flags;
908 uint32_t maj_stat;
909
910 maj_stat = QueryContextAttributesA(ctx, SECPKG_ATTR_FLAGS, &flags);
911 if (maj_stat != SEC_E_OK) return;
912
913 log_debug("negotiated flags %x\n", flags);
914 if (flags & ISC_REQ_DELEGATE) log_debug("ISC_REQ_DELEGATE");
915 if (flags & ISC_REQ_MUTUAL_AUTH) log_debug("ISC_REQ_MUTUAL_AUTH");
916 if (flags & ISC_REQ_REPLAY_DETECT) log_debug("ISC_REQ_REPLAY_DETECT");
917 if (flags & ISC_REQ_SEQUENCE_DETECT) log_debug("ISC_REQ_SEQUENCE_DETECT");
918 if (flags & ISC_REQ_CONFIDENTIALITY) log_debug("ISC_REQ_CONFIDENTIALITY");
919 if (flags & ISC_REQ_USE_SESSION_KEY) log_debug("ISC_REQ_USE_SESSION_KEY");
920 if (flags & ISC_REQ_PROMPT_FOR_CREDS) log_debug("ISC_REQ_PROMPT_FOR_CREDS");
921 if (flags & ISC_REQ_USE_SUPPLIED_CREDS) log_debug("ISC_REQ_USE_SUPPLIED_CREDS");
922 if (flags & ISC_REQ_ALLOCATE_MEMORY) log_debug("ISC_REQ_ALLOCATE_MEMORY");
923 if (flags & ISC_REQ_USE_DCE_STYLE) log_debug("ISC_REQ_USE_DCE_STYLE");
924 if (flags & ISC_REQ_DATAGRAM) log_debug("ISC_REQ_DATAGRAM");
925 if (flags & ISC_REQ_CONNECTION) log_debug("ISC_REQ_CONNECTION");
926 if (flags & ISC_REQ_CALL_LEVEL) log_debug("ISC_REQ_CALL_LEVEL");
927 if (flags & ISC_REQ_FRAGMENT_SUPPLIED) log_debug("ISC_REQ_FRAGMENT_SUPPLIED");
928 if (flags & ISC_REQ_EXTENDED_ERROR) log_debug("ISC_REQ_EXTENDED_ERROR");
929 if (flags & ISC_REQ_STREAM) log_debug("ISC_REQ_STREAM");
930 if (flags & ISC_REQ_INTEGRITY) log_debug("ISC_REQ_INTEGRITY");
931 if (flags & ISC_REQ_IDENTIFY) log_debug("ISC_REQ_IDENTIFY");
932 if (flags & ISC_REQ_NULL_SESSION) log_debug("ISC_REQ_NULL_SESSION");
933 if (flags & ISC_REQ_MANUAL_CRED_VALIDATION) log_debug("ISC_REQ_MANUAL_CRED_VALIDATION");
934
935 maj_stat = QueryContextAttributesA(ctx, SECPKG_ATTR_SIZES, &ContextSizes);
936 if (maj_stat != SEC_E_OK) return;
937
938 log_debug("signature size is %d\n", ContextSizes.cbMaxSignature);
939
940}
941
942void log_hexdump(bool_t on, const u_char *title, const u_char *buf,
943 int len, int offset)
944{
945 int i, j, jm, c;
946
947 if (!on) return;
948
949 fprintf(fd_out, "%04x: %s (len=%d)\n", GetCurrentThreadId(), title, len);
950 for (i = 0; i < len; i += 0x10) {
951 fprintf(fd_out, " %04x: ", (u_int)(i + offset));
952 jm = len - i;
953 jm = jm > 16 ? 16 : jm;
954
955 for (j = 0; j < jm; j++) {
956 if ((j % 2) == 1)
957 fprintf(fd_out, "%02x ", (u_int) buf[i+j]);
958 else
959 fprintf(fd_out, "%02x", (u_int) buf[i+j]);
960 }
961 for (; j < 16; j++) {
962 if ((j % 2) == 1) fprintf(fd_out, " ");
963 else fprintf(fd_out, " ");
964 }
965 fprintf(fd_out, " ");
966
967 for (j = 0; j < jm; j++) {
968 c = buf[i+j];
969 c = isprint(c) ? c : '.';
970 fprintf(fd_out, "%c", c);
971 }
972 fprintf(fd_out, "\n");
973 }
974 fflush(fd_out);
975}
976
977void log_debug(const char *fmt, ...)
978{
979 va_list ap;
980
981 va_start(ap, fmt);
982 fprintf(fd_out, "%04x: rpcsec_gss: ", GetCurrentThreadId());
983 vfprintf(fd_out, fmt, ap);
984 fprintf(fd_out, "\n");
985 fflush(fd_out);
986 va_end(ap);
987}
988#else
989void print_rpc_gss_sec(struct rpc_sspi_sec *ptr) { return; }
990void print_negotiated_flags(unsigned long flags) {return; }
991void log_hexdump(bool_t on, const u_char *title, const u_char *buf,
992 int len, int offset) { return; }
993void log_debug(const char *fmt, ...) { return; }
994#endif
xdr_void
bool_t xdr_void(void)
Definition: xdr.c:92
strncat
char * strncat(char *DstString, const char *SrcString, ACPI_SIZE Count)
Definition: utclib.c:605
ENOMEM
#define ENOMEM
Definition: acclib.h:84
strlen
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
isprint
#define isprint(c)
Definition: acclib.h:73
strcpy
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388
va_list
char * va_list
Definition: acmsvcex.h:78
va_end
#define va_end(ap)
Definition: acmsvcex.h:90
va_start
#define va_start(ap, A)
Definition: acmsvcex.h:91
xdr_opaque_auth
bool_t xdr_opaque_auth()
authsspi_service
bool_t authsspi_service(AUTH *auth, int svc)
Definition: auth_sspi.c:544
AUTH_TIMEOUT
static struct timeval AUTH_TIMEOUT
Definition: auth_sspi.c:69
authsspi_validate
static bool_t authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq)
Definition: auth_sspi.c:275
sspi_get_mic
uint32_t sspi_get_mic(PCtxtHandle ctx, u_int qop, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
Definition: auth_sspi.c:659
sspi_release_buffer
void sspi_release_buffer(sspi_buffer_desc *buf)
Definition: auth_sspi.c:727
authsspi_marshal
static bool_t authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq)
Definition: auth_sspi.c:203
authsspi_create
AUTH * authsspi_create(CLIENT *clnt, sspi_name_t name, struct rpc_sspi_sec *sec)
Definition: auth_sspi.c:74
print_negotiated_attrs
void print_negotiated_attrs(PCtxtHandle ctx)
Definition: auth_sspi.c:904
authsspi_wrap
static bool_t authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
Definition: auth_sspi.c:620
authsspi_unwrap
static bool_t authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq)
Definition: auth_sspi.c:637
authsspi_create_default
AUTH * authsspi_create_default(CLIENT *clnt, char *service, int svc)
Definition: auth_sspi.c:133
fd_out
#define fd_out
Definition: auth_sspi.c:858
log_hexdump
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
Definition: auth_sspi.c:942
authsspi_destroy
static void authsspi_destroy(AUTH *auth)
Definition: auth_sspi.c:596
sspi_import_name
uint32_t sspi_import_name(sspi_buffer_desc *name_in, sspi_name_t *name_out)
Definition: auth_sspi.c:735
authsspi_nextverf
static void authsspi_nextverf(AUTH *auth)
Definition: auth_sspi.c:196
sspi_verify_mic
uint32_t sspi_verify_mic(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *qop_state)
Definition: auth_sspi.c:699
authsspi_refresh
static bool_t authsspi_refresh(AUTH *auth, void *)
Definition: auth_sspi.c:343
authsspi_ops
static struct auth_ops authsspi_ops
Definition: auth_sspi.c:43
sspi_wrap
uint32_t sspi_wrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state)
Definition: auth_sspi.c:750
print_rpc_gss_sec
void print_rpc_gss_sec(struct rpc_sspi_sec *ptr)
Definition: auth_sspi.c:859
log_debug
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
sspi_unwrap
uint32_t sspi_unwrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state, u_int *qop_state)
Definition: auth_sspi.c:810
authsspi_destroy_context
static void authsspi_destroy_context(AUTH *auth)
Definition: auth_sspi.c:561
AUTH_PRIVATE
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
auth_sspi.h
SSPI_C_NO_BUFFER
#define SSPI_C_NO_BUFFER
Definition: auth_sspi.h:60
RPCSEC_SSPI_DATA
@ RPCSEC_SSPI_DATA
Definition: auth_sspi.h:31
RPCSEC_SSPI_DESTROY
@ RPCSEC_SSPI_DESTROY
Definition: auth_sspi.h:34
RPCSEC_SSPI_INIT
@ RPCSEC_SSPI_INIT
Definition: auth_sspi.h:32
RPCSEC_SSPI_CONTINUE_INIT
@ RPCSEC_SSPI_CONTINUE_INIT
Definition: auth_sspi.h:33
SSPI_C_NO_NAME
#define SSPI_C_NO_NAME
Definition: auth_sspi.h:59
RPCSEC_SSPI_SVC_NONE
@ RPCSEC_SSPI_SVC_NONE
Definition: auth_sspi.h:39
RPCSEC_SSPI_SVC_PRIVACY
@ RPCSEC_SSPI_SVC_PRIVACY
Definition: auth_sspi.h:41
RPCSEC_SSPI_VERSION
#define RPCSEC_SSPI_VERSION
Definition: auth_sspi.h:44
sspi_name_t
#define sspi_name_t
Definition: auth_sspi.h:46
xdr_rpc_sspi_init_args
bool_t xdr_rpc_sspi_init_args(XDR *xdrs, sspi_buffer_desc *p)
Definition: authsspi_prot.c:56
xdr_rpc_sspi_init_res
bool_t xdr_rpc_sspi_init_res(XDR *xdrs, struct rpc_sspi_init_res *p)
Definition: authsspi_prot.c:72
xdr_rpc_sspi_cred
bool_t xdr_rpc_sspi_cred(XDR *xdrs, struct rpc_sspi_cred *p)
Definition: authsspi_prot.c:34
xdr_rpc_sspi_data
bool_t xdr_rpc_sspi_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, PCtxtHandle ctx, sspi_qop_t qop, rpc_sspi_svc_t svc, u_int seq)
Definition: authsspi_prot.c:288
caddr_t
#define caddr_t
Definition: ftp.c:24
NULLPROC
#define NULLPROC
Definition: clnt.h:294
clnt_call
#define clnt_call(rh, proc, xargs, argsp, xres, resp, secs)
Definition: clnt.h:202
RPC_SUCCESS
@ RPC_SUCCESS
Definition: clnt_stat.h:22
RPC_AUTHERROR
@ RPC_AUTHERROR
Definition: clnt_stat.h:38
RPC_SYSTEMERROR
@ RPC_SYSTEMERROR
Definition: clnt_stat.h:43
free
#define free
Definition: debug_ros.c:5
malloc
#define malloc
Definition: debug_ros.c:4
MAX_AUTH_BYTES
#define MAX_AUTH_BYTES
Definition: auth.h:77
u_int
UINT32 u_int
Definition: types.h:82
mem_free
#define mem_free(ptr, bsize)
Definition: types.h:124
NULL
#define NULL
Definition: types.h:112
mem_alloc
#define mem_alloc(bsize)
Definition: types.h:123
bool_t
int32_t bool_t
Definition: types.h:101
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
u_char
UCHAR u_char
Definition: types.h:80
uint32_t
UINT32 uint32_t
Definition: types.h:75
checksum
static cab_ULONG checksum(const cab_UBYTE *data, cab_UWORD bytes, cab_ULONG csum)
Definition: fdi.c:353
int
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31
c
const GLubyte * c
Definition: glext.h:8905
buf
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
flags
GLbitfield flags
Definition: glext.h:7161
first
const GLint * first
Definition: glext.h:5794
p
GLfloat GLfloat p
Definition: glext.h:8902
num
GLuint GLuint num
Definition: glext.h:9618
len
GLenum GLsizei len
Definition: glext.h:6722
offset
GLintptr offset
Definition: glext.h:5920
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
j
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
fprintf
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
fflush
_Check_return_opt_ _CRTIMP int __cdecl fflush(_Inout_opt_ FILE *_File)
vfprintf
_Check_return_opt_ _CRTIMP int __cdecl vfprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format, va_list _ArgList)
c
#define c
Definition: ke_i.h:80
memcpy
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
htonl
#define htonl(x)
Definition: module.h:214
for
#define for
Definition: utility.h:88
ptr
static PVOID ptr
Definition: dispmode.c:27
desc
static const WCHAR desc[]
Definition: protectdata.c:36
sec_pkg_name
static char sec_pkg_name[]
Definition: ntlm.c:180
RPCSEC_GSS
#define RPCSEC_GSS
Definition: nfs41_ops.h:867
PBYTE
BYTE * PBYTE
Definition: pedump.c:66
title
static char title[]
Definition: ps.c:92
ISC_REQ_DATAGRAM
#define ISC_REQ_DATAGRAM
Definition: sspi.h:372
ISC_REQ_MANUAL_CRED_VALIDATION
#define ISC_REQ_MANUAL_CRED_VALIDATION
Definition: sspi.h:381
SECBUFFER_STREAM
#define SECBUFFER_STREAM
Definition: sspi.h:169
ISC_REQ_CONFIDENTIALITY
#define ISC_REQ_CONFIDENTIALITY
Definition: sspi.h:366
SecIsValidHandle
#define SecIsValidHandle(x)
Definition: sspi.h:63
ISC_REQ_STREAM
#define ISC_REQ_STREAM
Definition: sspi.h:377
ISC_REQ_ALLOCATE_MEMORY
#define ISC_REQ_ALLOCATE_MEMORY
Definition: sspi.h:370
SECPKG_CRED_BOTH
#define SECPKG_CRED_BOTH
Definition: sspi.h:292
ISC_REQ_EXTENDED_ERROR
#define ISC_REQ_EXTENDED_ERROR
Definition: sspi.h:376
SECBUFFER_TOKEN
#define SECBUFFER_TOKEN
Definition: sspi.h:161
ISC_REQ_USE_SUPPLIED_CREDS
#define ISC_REQ_USE_SUPPLIED_CREDS
Definition: sspi.h:369
ISC_REQ_NULL_SESSION
#define ISC_REQ_NULL_SESSION
Definition: sspi.h:380
ISC_REQ_PROMPT_FOR_CREDS
#define ISC_REQ_PROMPT_FOR_CREDS
Definition: sspi.h:368
ISC_REQ_SEQUENCE_DETECT
#define ISC_REQ_SEQUENCE_DETECT
Definition: sspi.h:365
ISC_REQ_CALL_LEVEL
#define ISC_REQ_CALL_LEVEL
Definition: sspi.h:374
SECBUFFER_PADDING
#define SECBUFFER_PADDING
Definition: sspi.h:168
ISC_REQ_REPLAY_DETECT
#define ISC_REQ_REPLAY_DETECT
Definition: sspi.h:364
SECURITY_NATIVE_DREP
#define SECURITY_NATIVE_DREP
Definition: sspi.h:473
ISC_REQ_INTEGRITY
#define ISC_REQ_INTEGRITY
Definition: sspi.h:378
ISC_REQ_DELEGATE
#define ISC_REQ_DELEGATE
Definition: sspi.h:362
SECBUFFER_DATA
#define SECBUFFER_DATA
Definition: sspi.h:160
ISC_REQ_FRAGMENT_SUPPLIED
#define ISC_REQ_FRAGMENT_SUPPLIED
Definition: sspi.h:375
ISC_REQ_USE_SESSION_KEY
#define ISC_REQ_USE_SESSION_KEY
Definition: sspi.h:367
SECPKG_ATTR_SIZES
#define SECPKG_ATTR_SIZES
Definition: sspi.h:521
ISC_REQ_IDENTIFY
#define ISC_REQ_IDENTIFY
Definition: sspi.h:379
ISC_REQ_MUTUAL_AUTH
#define ISC_REQ_MUTUAL_AUTH
Definition: sspi.h:363
SecInvalidateHandle
#define SecInvalidateHandle(x)
Definition: sspi.h:58
SECPKG_ATTR_FLAGS
#define SECPKG_ATTR_FLAGS
Definition: sspi.h:535
SECBUFFER_VERSION
#define SECBUFFER_VERSION
Definition: sspi.h:187
ISC_REQ_CONNECTION
#define ISC_REQ_CONNECTION
Definition: sspi.h:373
QueryContextAttributes
#define QueryContextAttributes
Definition: sspi.h:512
ISC_REQ_USE_DCE_STYLE
#define ISC_REQ_USE_DCE_STYLE
Definition: sspi.h:371
out
static FILE * out
Definition: regtests2xml.c:44
caddr_t
char * caddr_t
Definition: rosdhcp.h:36
calloc
#define calloc
Definition: rosglue.h:14
_null_auth
struct opaque_auth _null_auth
Definition: rpc_commondata.c:37
strdup
_Check_return_ _CRTIMP char *__cdecl strdup(_In_opt_z_ const char *_Src)
memset
#define memset(x, y, z)
Definition: compat.h:39
FreeContextBuffer
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
Definition: sspi.c:699
_SECURITY_INTEGER
Definition: sspi.h:74
_SecBufferDesc
Definition: sspi.h:180
_SecBufferDesc::cBuffers
ULONG cBuffers
Definition: sspi.h:182
_SecBufferDesc::ulVersion
ULONG ulVersion
Definition: sspi.h:181
_SecBuffer
Definition: sspi.h:152
_SecBuffer::BufferType
ULONG BufferType
Definition: sspi.h:154
_SecBuffer::cbBuffer
ULONG cbBuffer
Definition: sspi.h:153
_SecHandle
Definition: sspi.h:52
_SecPkgContext_Sizes
Definition: sspi.h:560
_SecPkgContext_Sizes::cbBlockSize
ULONG cbBlockSize
Definition: sspi.h:563
_SecPkgContext_Sizes::cbSecurityTrailer
ULONG cbSecurityTrailer
Definition: sspi.h:564
_SecPkgContext_Sizes::cbMaxSignature
ULONG cbMaxSignature
Definition: sspi.h:562
__auth
Definition: auth.h:205
__auth::ah_cred
struct opaque_auth ah_cred
Definition: auth.h:206
__auth::ah_private
void * ah_private
Definition: auth.h:225
__auth::ah_ops
struct __auth::auth_ops * ah_ops
__auth::ah_verf
struct opaque_auth ah_verf
Definition: auth.h:207
__rpc_client
Definition: clnt.h:121
__rpc_client::cl_auth
AUTH * cl_auth
Definition: clnt.h:122
__rpc_xdr
Definition: xdr.h:103
_sspi_buffer_desc
Definition: auth_sspi.h:54
_sspi_buffer_desc::length
int length
Definition: auth_sspi.h:55
_sspi_buffer_desc::value
void * value
Definition: auth_sspi.h:56
define::value
char * value
Definition: compiler.c:67
fmt
Definition: dsound.c:943
name
Definition: name.c:39
opaque_auth
Definition: auth.h:195
opaque_auth::oa_length
u_int oa_length
Definition: auth.h:198
opaque_auth::oa_base
caddr_t oa_base
Definition: auth.h:197
rpc_createerr
Definition: clnt.h:495
rpc_createerr::cf_error
struct rpc_err cf_error
Definition: clnt.h:497
rpc_createerr::cf_stat
enum clnt_stat cf_stat
Definition: clnt.h:496
rpc_sspi_cred
Definition: auth_sspi.h:74
rpc_sspi_data
Definition: auth_sspi.c:53
rpc_sspi_data::name
sspi_name_t name
Definition: auth_sspi.c:59
rpc_sspi_data::gc
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
rpc_sspi_data::expiry
TimeStamp expiry
Definition: auth_sspi.c:64
rpc_sspi_data::gc_wire_verf
sspi_buffer_desc gc_wire_verf
Definition: auth_sspi.c:56
rpc_sspi_data::sec
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60
rpc_sspi_data::established
bool_t established
Definition: auth_sspi.c:54
rpc_sspi_data::inprogress
bool_t inprogress
Definition: auth_sspi.c:55
rpc_sspi_data::clnt
CLIENT * clnt
Definition: auth_sspi.c:58
rpc_sspi_data::ctx
CtxtHandle ctx
Definition: auth_sspi.c:61
rpc_sspi_data::win
u_int win
Definition: auth_sspi.c:63
rpc_sspi_init_res
Definition: auth_sspi.h:83
rpc_sspi_init_res::gr_win
u_int gr_win
Definition: auth_sspi.h:87
rpc_sspi_init_res::gr_token
sspi_buffer_desc gr_token
Definition: auth_sspi.h:88
rpc_sspi_sec
Definition: auth_sspi.h:64
rpc_sspi_sec::expiry
TimeStamp expiry
Definition: auth_sspi.h:70
rpc_sspi_sec::svc
rpc_sspi_svc_t svc
Definition: auth_sspi.h:67
rpc_sspi_sec::cred
CredHandle cred
Definition: auth_sspi.h:68
ULONG
uint32_t ULONG
Definition: typedefs.h:59
GetCurrentThreadId
DWORD WINAPI GetCurrentThreadId(void)
Definition: thread.c:459
SEC_E_OK
#define SEC_E_OK
Definition: winerror.h:2356
SEC_E_INTERNAL_ERROR
#define SEC_E_INTERNAL_ERROR
Definition: winerror.h:2913
SEC_E_NO_AUTHENTICATING_AUTHORITY
#define SEC_E_NO_AUTHENTICATING_AUTHORITY
Definition: winerror.h:2926
SEC_E_INSUFFICIENT_MEMORY
#define SEC_E_INSUFFICIENT_MEMORY
Definition: winerror.h:2909
SEC_I_CONTINUE_NEEDED
#define SEC_I_CONTINUE_NEEDED
Definition: winerror.h:2927
ap
void int int ULONGLONG int va_list * ap
Definition: winesup.h:36
EncryptMessage
SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: wrapper.c:1006
MakeSignature
SECURITY_STATUS WINAPI MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: wrapper.c:623
DecryptMessage
SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: wrapper.c:1036
VerifySignature
SECURITY_STATUS WINAPI VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: wrapper.c:653
QueryContextAttributesA
SECURITY_STATUS WINAPI QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
Definition: wrapper.c:505
AcquireCredentialsHandleA
SECURITY_STATUS WINAPI AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialsUse, PLUID pvLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn, PVOID pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
Definition: wrapper.c:59
InitializeSecurityContextA
SECURITY_STATUS WINAPI InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
Definition: wrapper.c:237
DeleteSecurityContext
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
Definition: wrapper.c:450
FreeCredentialsHandle
SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle phCredential)
Definition: wrapper.c:151
XDR_ENCODE
@ XDR_ENCODE
Definition: xdr.h:85
XDR_DESTROY
#define XDR_DESTROY(xdrs)
Definition: xdr.h:214
xdrproc_t
bool_t(* xdrproc_t)(XDR *,...)
Definition: xdr.h:144
XDR_GETPOS
#define XDR_GETPOS(xdrs)
Definition: xdr.h:199
xdrmem_create
void xdrmem_create(XDR *xdrs, char *addr, u_int size, enum xdr_op op)
Definition: xdr_mem.c:94
xdrrec_getoutbase
int32_t * xdrrec_getoutbase(XDR *xdrs)
Definition: xdr_rec.c:415