ReactOS 0.4.15-dev-5836-g942b022
auth_sspi.c
Go to the documentation of this file.
1/* NFSv4.1 client for Windows
2 * Copyright 2012 The Regents of the University of Michigan
3 *
4 * Olga Kornievskaia <aglo@umich.edu>
5 * Casey Bodley <cbodley@umich.edu>
6 *
7 * This library is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as published by
9 * the Free Software Foundation; either version 2.1 of the License, or (at
10 * your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful, but
13 * without any warranty; without even the implied warranty of merchantability
14 * or fitness for a particular purpose. See the GNU Lesser General Public
15 * License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA
20 */
21
22#include <wintirpc.h>
23#include <stdio.h>
24#include <stdlib.h>
25//#include <unistd.h>
26#include <string.h>
27#include <errno.h>
28#include <rpc/types.h>
29#include <rpc/xdr.h>
30#include <rpc/auth.h>
31#include <rpc/auth_sspi.h>
32#include <rpc/clnt.h>
33
34static void authsspi_nextverf(AUTH *auth);
35static bool_t authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq);
36static bool_t authsspi_refresh(AUTH *auth, void *);
37static bool_t authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq);
38static void authsspi_destroy(AUTH *auth);
39static void authsspi_destroy_context(AUTH *auth);
40static bool_t authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr);
41static bool_t authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq);
42
43static struct auth_ops authsspi_ops = {
51};
52
54 bool_t established; /* context established */
56 sspi_buffer_desc gc_wire_verf; /* save GSS_S_COMPLETE NULL RPC verfier
57 * to process at end of context negotiation*/
58 CLIENT *clnt; /* client handle */
59 sspi_name_t name; /* service name */
60 struct rpc_sspi_sec *sec; /* security tuple */
61 CtxtHandle ctx; /* context id */
62 struct rpc_sspi_cred gc; /* client credentials */
63 u_int win; /* sequence window */
65};
66
67#define AUTH_PRIVATE(auth) ((struct rpc_sspi_data *)auth->ah_private)
68
69static struct timeval AUTH_TIMEOUT = { 25, 0 };
72
73AUTH *
75{
76 AUTH *auth, *save_auth;
77 struct rpc_sspi_data *gd;
78
79 log_debug("in authgss_create()");
80
82
83 if ((auth = calloc(sizeof(*auth), 1)) == NULL) {
85 rpc_createerr.cf_error.re_errno = ENOMEM;
86 return (NULL);
87 }
88 if ((gd = calloc(sizeof(*gd), 1)) == NULL) {
90 rpc_createerr.cf_error.re_errno = ENOMEM;
91 free(auth);
92 return (NULL);
93 }
94
95#if 0
96 if (name != SSPI_C_NO_NAME) {
97 if (gss_duplicate_name(&min_stat, name, &gd->name)
98 != GSS_S_COMPLETE) {
100 rpc_createerr.cf_error.re_errno = ENOMEM;
101 free(auth);
102 return (NULL);
103 }
104 }
105 else
106#else
107 gd->name = strdup(name);
108#endif
109
110 gd->clnt = clnt;
112 gd->sec = sec;
113
114 gd->gc.gc_v = RPCSEC_SSPI_VERSION;
115 gd->gc.gc_proc = RPCSEC_SSPI_INIT;
116 gd->gc.gc_svc = gd->sec->svc;
117
118 auth->ah_ops = &authsspi_ops;
119 auth->ah_private = (caddr_t)gd;
120
121 save_auth = clnt->cl_auth;
122 clnt->cl_auth = auth;
123
124 if (!authsspi_refresh(auth, NULL))
125 auth = NULL;
126
127 clnt->cl_auth = save_auth;
128
129 return (auth);
130}
131
132AUTH *
133authsspi_create_default(CLIENT *clnt, char *service, int svc)
134{
135 AUTH *auth = NULL;
136 uint32_t maj_stat = 0;
137 sspi_buffer_desc sname;
139 unsigned char sec_pkg_name[] = "Kerberos";
140 struct rpc_sspi_sec *sec;
141
142 log_debug("in authgss_create_default() for %s", service);
143
144 sname.value = service;
145 sname.length = (int)strlen(service);
146#if 0
147 maj_stat = gss_import_name(&min_stat, &sname,
148 (gss_OID)GSS_C_NT_HOSTBASED_SERVICE,
149 &name);
150#else
151 maj_stat = sspi_import_name(&sname, &name);
152#endif
153 if (maj_stat != SEC_E_OK) {
154 log_debug("authgss_create_default: sspi_import_name failed with %x", maj_stat);
155 return (NULL);
156 }
157 sec = calloc(1, sizeof(struct rpc_sspi_sec));
158 if (sec == NULL)
159 goto out_err;
160 sec->svc = svc;
161 // Let's acquire creds here for now
163 NULL, NULL, NULL, NULL, &sec->cred, &sec->expiry);
164 if (maj_stat != SEC_E_OK) {
165 log_debug("authgss_create_default: AcquireCredentialsHandleA failed with %x", maj_stat);
166 free(sec);
167 goto out;
168 }
169
170 auth = authsspi_create(clnt, name, sec);
171 if (auth == NULL)
172 goto out_free_sec;
173
174out:
175 if (name != SSPI_C_NO_NAME) {
176#if 0
177 gss_release_name(&min_stat, &name);
178#else
179 free(name);
180#endif
181 }
182
183 return (auth);
184out_free_sec:
185 if (rpc_createerr.cf_error.re_errno == ENOMEM) {
187 free(sec);
188 }
189out_err:
191 rpc_createerr.cf_error.re_errno = ENOMEM;
192 goto out;
193}
194
195static void
197{
198 log_debug("in authgss_nextverf()");
199 /* no action necessary */
200}
201
202static bool_t
203authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq)
204{
205 XDR tmpxdrs;
206 char tmp[MAX_AUTH_BYTES];
207 struct rpc_sspi_data *gd;
209 uint32_t maj_stat;
210 bool_t xdr_stat;
211
212 log_debug("in authgss_marshal()");
213
214 gd = AUTH_PRIVATE(auth);
215
216 if (gd->established) {
217 gd->gc.gc_seq++;
218 *seq = gd->gc.gc_seq;
219 }
220
221 xdrmem_create(&tmpxdrs, tmp, sizeof(tmp), XDR_ENCODE);
222
223 if (!xdr_rpc_sspi_cred(&tmpxdrs, &gd->gc)) {
224 log_debug("authsspi_marshal: xdr_rpc_sspi_cred failed");
225 XDR_DESTROY(&tmpxdrs);
226 return (FALSE);
227 }
228 auth->ah_cred.oa_flavor = RPCSEC_GSS;
229 auth->ah_cred.oa_base = tmp;
230 auth->ah_cred.oa_length = XDR_GETPOS(&tmpxdrs);
231
232 XDR_DESTROY(&tmpxdrs);
233
234 if (!xdr_opaque_auth(xdrs, &auth->ah_cred)) {
235 log_debug("authsspi_marshal: failed to xdr GSS CRED");
236 return (FALSE);
237 }
238 if (gd->gc.gc_proc == RPCSEC_SSPI_INIT ||
239 gd->gc.gc_proc == RPCSEC_SSPI_CONTINUE_INIT) {
240 return (xdr_opaque_auth(xdrs, &_null_auth));
241 }
242 /* Checksum serialized RPC header, up to and including credential. */
243 rpcbuf.length = XDR_GETPOS(xdrs) - 4;
244 //XDR_SETPOS(xdrs, 0);
245 //rpcbuf.value = XDR_INLINE(xdrs, rpcbuf.length);
246 rpcbuf.value = xdrrec_getoutbase(xdrs) + 1;
247
248#if 0
249 maj_stat = gss_get_mic(&min_stat, gd->ctx, gd->sec.qop,
250 &rpcbuf, &checksum);
251#else
252 maj_stat = sspi_get_mic(&gd->ctx, 0, gd->gc.gc_seq, &rpcbuf, &checksum);
253#endif
254 if (maj_stat != SEC_E_OK) {
255 log_debug("authsspi_marshal: sspi_get_mic failed with %x", maj_stat);
256 if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
257 gd->established = FALSE;
259 }
260 return (FALSE);
261 }
262 auth->ah_verf.oa_flavor = RPCSEC_GSS;
263 auth->ah_verf.oa_base = checksum.value;
264 auth->ah_verf.oa_length = checksum.length;
265 xdr_stat = xdr_opaque_auth(xdrs, &auth->ah_verf);
266#if 0
267 gss_release_buffer(&min_stat, &checksum);
268#else
270#endif
271 return (xdr_stat);
272}
273
274static bool_t
275authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq)
276{
277 struct rpc_sspi_data *gd;
278 u_int num, qop_state, cur_seq;
279 sspi_buffer_desc signbuf, checksum;
280 uint32_t maj_stat;
281
282 log_debug("in authgss_validate(for seq=%d)", seq);
283
284 gd = AUTH_PRIVATE(auth);
285
286 if (gd->established == FALSE) {
287 /* would like to do this only on NULL rpc --
288 * gc->established is good enough.
289 * save the on the wire verifier to validate last
290 * INIT phase packet after decode if the major
291 * status is GSS_S_COMPLETE
292 */
293 if ((gd->gc_wire_verf.value =
294 mem_alloc(verf->oa_length)) == NULL) {
295 return (FALSE);
296 }
297 memcpy(gd->gc_wire_verf.value, verf->oa_base, verf->oa_length);
298 gd->gc_wire_verf.length = verf->oa_length;
299 return (TRUE);
300 }
301
302 if (gd->gc.gc_proc == RPCSEC_SSPI_DESTROY)
303 return TRUE;
304
305 if (gd->gc.gc_proc == RPCSEC_SSPI_INIT ||
306 gd->gc.gc_proc == RPCSEC_SSPI_CONTINUE_INIT) {
307 num = htonl(gd->win);
308 }
309 else {
310 if (seq == -1) {
311 num = htonl(gd->gc.gc_seq);
312 cur_seq = gd->gc.gc_seq;
313 }
314 else {
315 num = htonl(seq);
316 cur_seq = seq;
317 }
318 }
319
320 signbuf.value = &num;
321 signbuf.length = sizeof(num);
322
323 checksum.value = verf->oa_base;
324 checksum.length = verf->oa_length;
325#if 0
326 maj_stat = gss_verify_mic(&min_stat, gd->ctx, &signbuf,
327 &checksum, &qop_state);
328#else
329 maj_stat = sspi_verify_mic(&gd->ctx, cur_seq, &signbuf, &checksum, &qop_state);
330#endif
331 if (maj_stat != SEC_E_OK) {
332 log_debug("authsspi_validate: VerifySignature failed with %x", maj_stat);
333 if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
334 gd->established = FALSE;
336 }
337 return (FALSE);
338 }
339 return (TRUE);
340}
341
342static bool_t
343authsspi_refresh(AUTH *auth, void *tmp)
344{
345 struct rpc_sspi_data *gd;
346 struct rpc_sspi_init_res gr;
347 sspi_buffer_desc *recv_tokenp, send_token;
348 uint32_t maj_stat, call_stat, ret_flags, i;
349 unsigned long flags =
351 SecBufferDesc out_desc, in_desc;
352 SecBuffer wtkn[1], rtkn[1];
353
354 log_debug("in authgss_refresh()");
355
356 gd = AUTH_PRIVATE(auth);
357
358 if ((gd->established && tmp == NULL) || gd->inprogress)
359 return (TRUE);
360 else if (tmp) {
361 log_debug("trying to refresh credentials\n");
363 sspi_release_buffer(&gd->gc.gc_ctx);
366 gd->gc_wire_verf.value = NULL;
367 gd->gc_wire_verf.length = 0;
368 gd->established = FALSE;
369 gd->gc.gc_proc = RPCSEC_SSPI_INIT;
370 }
371
372 /* GSS context establishment loop. */
373 memset(&gr, 0, sizeof(gr));
374 recv_tokenp = SSPI_C_NO_BUFFER;
375 send_token.length = 0;
376 send_token.value = NULL;
377
379
380 if (gd->sec->svc == RPCSEC_SSPI_SVC_PRIVACY)
382
383 for (i=0;;i++) {
384 /* print the token we just received */
385 if (recv_tokenp != SSPI_C_NO_BUFFER) {
386 log_debug("The token we just received (length %d):",
387 recv_tokenp->length);
388 log_hexdump(0, "", recv_tokenp->value, recv_tokenp->length, 0);
389 }
390#if 0
391 maj_stat = gss_init_sec_context(&min_stat,
392 gd->sec.cred,
393 &gd->ctx,
394 gd->name,
395 gd->sec.mech,
396 gd->sec.req_flags,
397 0, /* time req */
398 NULL, /* channel */
399 recv_tokenp,
400 NULL, /* used mech */
401 &send_token,
402 &ret_flags,
403 NULL); /* time rec */
404#else
405 gd->inprogress = TRUE;
406 out_desc.cBuffers = 1;
407 out_desc.pBuffers = wtkn;
408 out_desc.ulVersion = SECBUFFER_VERSION;
409 wtkn[0].BufferType = SECBUFFER_TOKEN;
410 wtkn[0].cbBuffer = send_token.length;
411 wtkn[0].pvBuffer = send_token.value;
412 log_debug("calling InitializeSecurityContextA for %s", gd->name);
413
415 &gd->sec->cred,
416 ((i==0)?NULL:&gd->ctx),
417 gd->name,
418 flags,
419 0,
421 ((i==0)?NULL:&in_desc),
422 0,
423 &gd->ctx,
424 &out_desc,
425 &ret_flags,
426 &gd->expiry);
427#endif
428 if (recv_tokenp != SSPI_C_NO_BUFFER) {
429#if 0
430 gss_release_buffer(&min_stat, &gr.gr_token);
431#else
433#endif
434 recv_tokenp = SSPI_C_NO_BUFFER;
435 }
436 if (maj_stat != SEC_E_OK && maj_stat != SEC_I_CONTINUE_NEEDED) {
437 log_debug("InitializeSecurityContext failed with %x", maj_stat);
438 break;
439 }
440 send_token.length = wtkn[0].cbBuffer;
441 send_token.value = wtkn[0].pvBuffer;
442 if (send_token.length != 0) {
443 memset(&gr, 0, sizeof(gr));
444
445 /* print the token we are about to send */
446 log_debug("The token being sent (length %d):",
447 send_token.length);
448 log_hexdump(0, "", send_token.value, send_token.length, 0);
449
450 call_stat = clnt_call(gd->clnt, NULLPROC,
452 &send_token,
454 (caddr_t)&gr, AUTH_TIMEOUT);
455#if 0
456 gss_release_buffer(&min_stat, &send_token);
457#else
458 // 11/29/2010 [aglo] can't call sspi_relase_buffer, causes heap
459 // corruption (later) to try and free the buffer directly.
460 FreeContextBuffer(send_token.value);
461#endif
462 if (call_stat != RPC_SUCCESS ||
463 (gr.gr_major != SEC_E_OK &&
464 gr.gr_major != SEC_I_CONTINUE_NEEDED))
465 break;
466
467 if (gr.gr_ctx.length != 0) {
468#if 0
469 if (gd->gc.gc_ctx.value)
470 gss_release_buffer(&min_stat,
471 &gd->gc.gc_ctx);
472#else
473 sspi_release_buffer(&gd->gc.gc_ctx);
474#endif
475 gd->gc.gc_ctx = gr.gr_ctx;
476 }
477 if (gr.gr_token.length != 0) {
478 if (maj_stat != SEC_I_CONTINUE_NEEDED)
479 break;
480 recv_tokenp = &gr.gr_token;
481 in_desc.cBuffers = 1;
482 in_desc.pBuffers = rtkn;
483 in_desc.ulVersion = SECBUFFER_VERSION;
484 rtkn[0].BufferType = SECBUFFER_TOKEN;
485 rtkn[0].cbBuffer = gr.gr_token.length;
486 rtkn[0].pvBuffer = gr.gr_token.value;
487 }
488 gd->gc.gc_proc = RPCSEC_SSPI_CONTINUE_INIT;
489 }
490
491 /* GSS_S_COMPLETE => check gss header verifier,
492 * usually checked in gss_validate
493 */
494 if (maj_stat == SEC_E_OK) {
495 sspi_buffer_desc bufin;
496 u_int seq, qop_state = 0;
497
499
500 seq = htonl(gr.gr_win);
501 bufin.value = (unsigned char *)&seq;
502 bufin.length = sizeof(seq);
503#if 0
504 maj_stat = gss_verify_mic(&min_stat, gd->ctx,
505 &bufin, &bufout, &qop_state);
506#else
507 maj_stat = sspi_verify_mic(&gd->ctx, 0, &bufin, &gd->gc_wire_verf, &qop_state);
508#endif
509 if (maj_stat != SEC_E_OK) {
510 log_debug("authgss_refresh: sspi_verify_mic failed with %x", maj_stat);
511 if (maj_stat == SEC_E_NO_AUTHENTICATING_AUTHORITY) {
512 gd->established = FALSE;
514 }
515 break;
516 }
517 gd->established = TRUE;
518 gd->inprogress = FALSE;
519 gd->gc.gc_proc = RPCSEC_SSPI_DATA;
520 gd->gc.gc_seq = 0;
521 gd->win = gr.gr_win;
522 log_debug("authgss_refresh: established GSS context");
523 break;
524 }
525 }
526 /* End context negotiation loop. */
527 if (gd->gc.gc_proc != RPCSEC_SSPI_DATA) {
528 if (gr.gr_token.length != 0)
529#if 0
530 gss_release_buffer(&min_stat, &gr.gr_token);
531#else
533#endif
534 authsspi_destroy(auth);
535 auth = NULL;
537
538 return (FALSE);
539 }
540 return (TRUE);
541}
542
543bool_t
544authsspi_service(AUTH *auth, int svc)
545{
546 struct rpc_sspi_data *gd;
547
548 log_debug("in authgss_service()");
549
550 if (!auth)
551 return(FALSE);
552 gd = AUTH_PRIVATE(auth);
553 if (!gd || !gd->established)
554 return (FALSE);
555 gd->sec->svc = svc;
556 gd->gc.gc_svc = svc;
557 return (TRUE);
558}
559
560static void
562{
563 struct rpc_sspi_data *gd;
564
565 log_debug("in authgss_destroy_context()");
566
567 gd = AUTH_PRIVATE(auth);
568 if (gd == NULL) return;
569
570 if (SecIsValidHandle(&gd->ctx)) {
571 if (gd->established) {
572 gd->gc.gc_proc = RPCSEC_SSPI_DESTROY;
576 }
577 sspi_release_buffer(&gd->gc.gc_ctx);
579#if 0
580 gss_release_buffer(&min_stat, &gd->gc.gc_ctx);
581 /* XXX ANDROS check size of context - should be 8 */
582 memset(&gd->gc.gc_ctx, 0, sizeof(gd->gc.gc_ctx));
583 gss_delete_sec_context(&min_stat, &gd->ctx, NULL);
584#endif
585 }
586
587 /* free saved wire verifier (if any) */
589 gd->gc_wire_verf.value = NULL;
590 gd->gc_wire_verf.length = 0;
591
592 gd->established = FALSE;
593}
594
595static void
597{
598 struct rpc_sspi_data *gd;
599
600 log_debug("in authgss_destroy()");
601
602 gd = AUTH_PRIVATE(auth);
603 if (gd == NULL) return;
604
606
607#if 0
608 if (gd->name != SSPI_C_NO_NAME)
609 gss_release_name(&min_stat, &gd->name);
610#else
611 free(gd->name);
612#endif
613 FreeCredentialsHandle(&gd->sec->cred);
614 free(gd->sec);
615 free(gd);
616 free(auth);
617}
618
619bool_t
620authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
621{
622 struct rpc_sspi_data *gd;
623
624 log_debug("in authgss_wrap()");
625
626 gd = AUTH_PRIVATE(auth);
627
628 if (!gd->established || gd->sec->svc == RPCSEC_SSPI_SVC_NONE) {
629 return ((*xdr_func)(xdrs, xdr_ptr));
630 }
631 return (xdr_rpc_sspi_data(xdrs, xdr_func, xdr_ptr,
632 &gd->ctx, gd->sec->qop,
633 gd->sec->svc, gd->gc.gc_seq));
634}
635
636bool_t
637authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq)
638{
639 struct rpc_sspi_data *gd;
640
641 log_debug("in authgss_unwrap()");
642
643 gd = AUTH_PRIVATE(auth);
644
645 if (!gd->established || gd->sec->svc == RPCSEC_SSPI_SVC_NONE) {
646 return ((*xdr_func)(xdrs, xdr_ptr));
647 }
648 return (xdr_rpc_sspi_data(xdrs, xdr_func, xdr_ptr,
649 &gd->ctx, gd->sec->qop,
650 gd->sec->svc, seq));
651}
652
653#ifdef __REACTOS__
654uint32_t sspi_get_mic(void *dummy, u_int qop, u_int seq,
655 sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
656{
658#else
660 sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
661{
662#endif
663 uint32_t maj_stat;
664 SecPkgContext_Sizes ContextSizes;
666 SecBuffer sec_tkn[2];
667
668 log_hexdump(0, "sspi_get_mic: calculating checksum of", bufin->value, bufin->length, 0);
669
670 memset(&ContextSizes, 0, sizeof(ContextSizes));
671 maj_stat = QueryContextAttributesA(ctx, SECPKG_ATTR_SIZES, &ContextSizes);
672 if (maj_stat != SEC_E_OK) return maj_stat;
673
674 if (ContextSizes.cbMaxSignature == 0) return SEC_E_INTERNAL_ERROR;
675
676 desc.cBuffers = 2;
677 desc.pBuffers = sec_tkn;
678 desc.ulVersion = SECBUFFER_VERSION;
679 sec_tkn[0].BufferType = SECBUFFER_DATA;
680 sec_tkn[0].cbBuffer = bufin->length;
681 sec_tkn[0].pvBuffer = bufin->value;
682 sec_tkn[1].BufferType = SECBUFFER_TOKEN;
683 sec_tkn[1].cbBuffer = ContextSizes.cbMaxSignature;
684 sec_tkn[1].pvBuffer = calloc(ContextSizes.cbMaxSignature, sizeof(char));
685 if (sec_tkn[1].pvBuffer == NULL) return SEC_E_INSUFFICIENT_MEMORY;
686
687 maj_stat = MakeSignature(ctx, 0, &desc, seq);
688 if (maj_stat == SEC_E_OK) {
689 bufout->length = sec_tkn[1].cbBuffer;
690 bufout->value = sec_tkn[1].pvBuffer;
691 log_hexdump(0, "sspi_get_mic: verifier is", bufout->value, bufout->length, 0);
692 } else
693 free(sec_tkn[1].pvBuffer);
694
695 return maj_stat;
696}
697
698#ifndef __REACTOS__
700 sspi_buffer_desc *bufout, u_int *qop_state)
701{
702#else
704 sspi_buffer_desc *bufout, u_int *qop_state)
705{
707#endif
709 SecBuffer sec_tkn[2];
710
711 desc.cBuffers = 2;
712 desc.pBuffers = sec_tkn;
713 desc.ulVersion = SECBUFFER_VERSION;
714 sec_tkn[0].BufferType = SECBUFFER_DATA;
715 sec_tkn[0].cbBuffer = bufin->length;
716 sec_tkn[0].pvBuffer = bufin->value;
717 sec_tkn[1].BufferType = SECBUFFER_TOKEN;
718 sec_tkn[1].cbBuffer = bufout->length;
719 sec_tkn[1].pvBuffer = bufout->value;
720
721 log_hexdump(0, "sspi_verify_mic: calculating checksum over", bufin->value, bufin->length, 0);
722 log_hexdump(0, "sspi_verify_mic: received checksum ", bufout->value, bufout->length, 0);
723
724 return VerifySignature(ctx, &desc, seq, qop_state);
725}
726
728{
729 if (buf->value)
730 free(buf->value);
731 buf->value = NULL;
732 buf->length = 0;
733}
734
736{
737 *name_out = calloc(name_in->length + 5, sizeof(char));
738 if (*name_out == NULL)
740
741 strcpy(*name_out, "nfs/");
742 strncat(*name_out, name_in->value, name_in->length);
743
744 log_debug("imported service name is: %s\n", *name_out);
745
746 return SEC_E_OK;
747}
748
749#ifndef __REACTOS__
751 sspi_buffer_desc *bufout, u_int *conf_state)
752{
753#else
754uint32_t sspi_wrap(void *dummy, u_int seq, sspi_buffer_desc *bufin,
755 sspi_buffer_desc *bufout, u_int *conf_state)
756{
758#endif
759 uint32_t maj_stat;
760 SecBufferDesc BuffDesc;
761 SecBuffer SecBuff[3];
762 ULONG ulQop = 0;
763 SecPkgContext_Sizes ContextSizes;
764 PBYTE p;
765
767 &ContextSizes);
768 if (maj_stat != SEC_E_OK)
769 goto out;
770
771 BuffDesc.ulVersion = 0;
772 BuffDesc.cBuffers = 3;
773 BuffDesc.pBuffers = SecBuff;
774
775 SecBuff[0].cbBuffer = ContextSizes.cbSecurityTrailer;
776 SecBuff[0].BufferType = SECBUFFER_TOKEN;
777 SecBuff[0].pvBuffer = malloc(ContextSizes.cbSecurityTrailer);
778
779 SecBuff[1].cbBuffer = bufin->length;
780 SecBuff[1].BufferType = SECBUFFER_DATA;
781 SecBuff[1].pvBuffer = bufin->value;
782 log_hexdump(0, "plaintext:", bufin->value, bufin->length, 0);
783
784 SecBuff[2].cbBuffer = ContextSizes.cbBlockSize;
785 SecBuff[2].BufferType = SECBUFFER_PADDING;
786 SecBuff[2].pvBuffer = malloc(ContextSizes.cbBlockSize);
787
788 maj_stat = EncryptMessage(ctx, ulQop, &BuffDesc, seq);
789 if (maj_stat != SEC_E_OK)
790 goto out_free;
791
792 bufout->length = SecBuff[0].cbBuffer + SecBuff[1].cbBuffer + SecBuff[2].cbBuffer;
793 p = bufout->value = malloc(bufout->length);
794 memcpy(p, SecBuff[0].pvBuffer, SecBuff[0].cbBuffer);
795 p += SecBuff[0].cbBuffer;
796 memcpy(p, SecBuff[1].pvBuffer, SecBuff[1].cbBuffer);
797 p += SecBuff[1].cbBuffer;
798 memcpy(p, SecBuff[2].pvBuffer, SecBuff[2].cbBuffer);
799out_free:
800 free(SecBuff[0].pvBuffer);
801 free(SecBuff[2].pvBuffer);
802
803 if (!maj_stat)
804 log_hexdump(0, "cipher:", bufout->value, bufout->length, 0);
805out:
806 return maj_stat;
807}
808
809#ifndef __REACTOS__
811 sspi_buffer_desc *bufout, u_int *conf_state,
812 u_int *qop_state)
813{
814#else
816 sspi_buffer_desc *bufout, u_int *conf_state,
817 u_int *qop_state)
818{
820#endif
821 uint32_t maj_stat;
822 SecBufferDesc BuffDesc;
823 SecBuffer SecBuff[2];
824 ULONG ulQop = 0;
825
826 BuffDesc.ulVersion = 0;
827 BuffDesc.cBuffers = 2;
828 BuffDesc.pBuffers = SecBuff;
829
830 SecBuff[0].cbBuffer = bufin->length;
831 SecBuff[0].BufferType = SECBUFFER_STREAM;
832 SecBuff[0].pvBuffer = bufin->value;
833
834 SecBuff[1].cbBuffer = 0;
835 SecBuff[1].BufferType = SECBUFFER_DATA;
836 SecBuff[1].pvBuffer = NULL;
837
838 log_hexdump(0, "cipher:", bufin->value, bufin->length, 0);
839
840 maj_stat = DecryptMessage(ctx, &BuffDesc, seq, &ulQop);
841 if (maj_stat != SEC_E_OK) return maj_stat;
842
843 bufout->length = SecBuff[1].cbBuffer;
844 bufout->value = malloc(bufout->length);
845 memcpy(bufout->value, SecBuff[1].pvBuffer, bufout->length);
846
847 log_hexdump(0, "data:", bufout->value, bufout->length, 0);
848
849 *conf_state = 1;
850 *qop_state = 0;
851
852 return SEC_E_OK;
853}
854
855/* useful as i add more mechanisms */
856#define DEBUG
857#ifdef DEBUG
858#define fd_out stdout
860{
861 int i;
862 char *p;
863
864 fprintf(fd_out, "rpc_gss_sec:");
865 if(ptr->mech == NULL)
866 fprintf(fd_out, "NULL gss_OID mech");
867 else {
868 fprintf(fd_out, " mechanism_OID: {");
869 p = (char *)ptr->mech->elements;
870 for (i=0; i < ptr->mech->length; i++)
871 /* First byte of OIDs encoded to save a byte */
872 if (i == 0) {
873 int first, second;
874 if (*p < 40) {
875 first = 0;
876 second = *p;
877 }
878 else if (40 <= *p && *p < 80) {
879 first = 1;
880 second = *p - 40;
881 }
882 else if (80 <= *p && *p < 127) {
883 first = 2;
884 second = *p - 80;
885 }
886 else {
887 /* Invalid value! */
888 first = -1;
889 second = -1;
890 }
891 fprintf(fd_out, " %u %u", first, second);
892 p++;
893 }
894 else {
895 fprintf(fd_out, " %u", (unsigned char)*p++);
896 }
897 fprintf(fd_out, " }\n");
898 }
899 fprintf(fd_out, " qop: %d\n", ptr->qop);
900 fprintf(fd_out, " service: %d\n", ptr->svc);
901 fprintf(fd_out, " cred: %p\n", ptr->cred);
902}
903
905{
906 SecPkgContext_Sizes ContextSizes;
907 unsigned long flags;
908 uint32_t maj_stat;
909
911 if (maj_stat != SEC_E_OK) return;
912
913 log_debug("negotiated flags %x\n", flags);
914 if (flags & ISC_REQ_DELEGATE) log_debug("ISC_REQ_DELEGATE");
915 if (flags & ISC_REQ_MUTUAL_AUTH) log_debug("ISC_REQ_MUTUAL_AUTH");
916 if (flags & ISC_REQ_REPLAY_DETECT) log_debug("ISC_REQ_REPLAY_DETECT");
917 if (flags & ISC_REQ_SEQUENCE_DETECT) log_debug("ISC_REQ_SEQUENCE_DETECT");
918 if (flags & ISC_REQ_CONFIDENTIALITY) log_debug("ISC_REQ_CONFIDENTIALITY");
919 if (flags & ISC_REQ_USE_SESSION_KEY) log_debug("ISC_REQ_USE_SESSION_KEY");
920 if (flags & ISC_REQ_PROMPT_FOR_CREDS) log_debug("ISC_REQ_PROMPT_FOR_CREDS");
921 if (flags & ISC_REQ_USE_SUPPLIED_CREDS) log_debug("ISC_REQ_USE_SUPPLIED_CREDS");
922 if (flags & ISC_REQ_ALLOCATE_MEMORY) log_debug("ISC_REQ_ALLOCATE_MEMORY");
923 if (flags & ISC_REQ_USE_DCE_STYLE) log_debug("ISC_REQ_USE_DCE_STYLE");
924 if (flags & ISC_REQ_DATAGRAM) log_debug("ISC_REQ_DATAGRAM");
925 if (flags & ISC_REQ_CONNECTION) log_debug("ISC_REQ_CONNECTION");
926 if (flags & ISC_REQ_CALL_LEVEL) log_debug("ISC_REQ_CALL_LEVEL");
927 if (flags & ISC_REQ_FRAGMENT_SUPPLIED) log_debug("ISC_REQ_FRAGMENT_SUPPLIED");
928 if (flags & ISC_REQ_EXTENDED_ERROR) log_debug("ISC_REQ_EXTENDED_ERROR");
929 if (flags & ISC_REQ_STREAM) log_debug("ISC_REQ_STREAM");
930 if (flags & ISC_REQ_INTEGRITY) log_debug("ISC_REQ_INTEGRITY");
931 if (flags & ISC_REQ_IDENTIFY) log_debug("ISC_REQ_IDENTIFY");
932 if (flags & ISC_REQ_NULL_SESSION) log_debug("ISC_REQ_NULL_SESSION");
933 if (flags & ISC_REQ_MANUAL_CRED_VALIDATION) log_debug("ISC_REQ_MANUAL_CRED_VALIDATION");
934
935 maj_stat = QueryContextAttributesA(ctx, SECPKG_ATTR_SIZES, &ContextSizes);
936 if (maj_stat != SEC_E_OK) return;
937
938 log_debug("signature size is %d\n", ContextSizes.cbMaxSignature);
939
940}
941
942void log_hexdump(bool_t on, const u_char *title, const u_char *buf,
943 int len, int offset)
944{
945 int i, j, jm, c;
946
947 if (!on) return;
948
949 fprintf(fd_out, "%04x: %s (len=%d)\n", GetCurrentThreadId(), title, len);
950 for (i = 0; i < len; i += 0x10) {
951 fprintf(fd_out, " %04x: ", (u_int)(i + offset));
952 jm = len - i;
953 jm = jm > 16 ? 16 : jm;
954
955 for (j = 0; j < jm; j++) {
956 if ((j % 2) == 1)
957 fprintf(fd_out, "%02x ", (u_int) buf[i+j]);
958 else
959 fprintf(fd_out, "%02x", (u_int) buf[i+j]);
960 }
961 for (; j < 16; j++) {
962 if ((j % 2) == 1) fprintf(fd_out, " ");
963 else fprintf(fd_out, " ");
964 }
965 fprintf(fd_out, " ");
966
967 for (j = 0; j < jm; j++) {
968 c = buf[i+j];
969 c = isprint(c) ? c : '.';
970 fprintf(fd_out, "%c", c);
971 }
972 fprintf(fd_out, "\n");
973 }
974 fflush(fd_out);
975}
976
977void log_debug(const char *fmt, ...)
978{
979 va_list ap;
980
981 va_start(ap, fmt);
982 fprintf(fd_out, "%04x: rpcsec_gss: ", GetCurrentThreadId());
984 fprintf(fd_out, "\n");
985 fflush(fd_out);
986 va_end(ap);
987}
988#else
989void print_rpc_gss_sec(struct rpc_sspi_sec *ptr) { return; }
990void print_negotiated_flags(unsigned long flags) {return; }
991void log_hexdump(bool_t on, const u_char *title, const u_char *buf,
992 int len, int offset) { return; }
993void log_debug(const char *fmt, ...) { return; }
994#endif
bool_t xdr_void(void)
Definition: xdr.c:92
char * strncat(char *DstString, const char *SrcString, ACPI_SIZE Count)
Definition: utclib.c:605
#define ENOMEM
Definition: acclib.h:84
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
#define isprint(c)
Definition: acclib.h:73
char * strcpy(char *DstString, const char *SrcString)
Definition: utclib.c:388
char * va_list
Definition: acmsvcex.h:78
#define va_end(ap)
Definition: acmsvcex.h:90
#define va_start(ap, A)
Definition: acmsvcex.h:91
bool_t xdr_opaque_auth()
bool_t authsspi_service(AUTH *auth, int svc)
Definition: auth_sspi.c:544
static struct timeval AUTH_TIMEOUT
Definition: auth_sspi.c:69
static bool_t authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq)
Definition: auth_sspi.c:275
uint32_t sspi_get_mic(PCtxtHandle ctx, u_int qop, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
Definition: auth_sspi.c:659
void sspi_release_buffer(sspi_buffer_desc *buf)
Definition: auth_sspi.c:727
static bool_t authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq)
Definition: auth_sspi.c:203
AUTH * authsspi_create(CLIENT *clnt, sspi_name_t name, struct rpc_sspi_sec *sec)
Definition: auth_sspi.c:74
void print_negotiated_attrs(PCtxtHandle ctx)
Definition: auth_sspi.c:904
static bool_t authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
Definition: auth_sspi.c:620
static bool_t authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq)
Definition: auth_sspi.c:637
AUTH * authsspi_create_default(CLIENT *clnt, char *service, int svc)
Definition: auth_sspi.c:133
#define fd_out
Definition: auth_sspi.c:858
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
Definition: auth_sspi.c:942
static void authsspi_destroy(AUTH *auth)
Definition: auth_sspi.c:596
uint32_t sspi_import_name(sspi_buffer_desc *name_in, sspi_name_t *name_out)
Definition: auth_sspi.c:735
static void authsspi_nextverf(AUTH *auth)
Definition: auth_sspi.c:196
uint32_t sspi_verify_mic(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *qop_state)
Definition: auth_sspi.c:699
static bool_t authsspi_refresh(AUTH *auth, void *)
Definition: auth_sspi.c:343
static struct auth_ops authsspi_ops
Definition: auth_sspi.c:43
uint32_t sspi_wrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state)
Definition: auth_sspi.c:750
void print_rpc_gss_sec(struct rpc_sspi_sec *ptr)
Definition: auth_sspi.c:859
void log_debug(const char *fmt,...)
Definition: auth_sspi.c:977
uint32_t sspi_unwrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state, u_int *qop_state)
Definition: auth_sspi.c:810
static void authsspi_destroy_context(AUTH *auth)
Definition: auth_sspi.c:561
#define AUTH_PRIVATE(auth)
Definition: auth_sspi.c:67
#define SSPI_C_NO_BUFFER
Definition: auth_sspi.h:60
@ RPCSEC_SSPI_DATA
Definition: auth_sspi.h:31
@ RPCSEC_SSPI_DESTROY
Definition: auth_sspi.h:34
@ RPCSEC_SSPI_INIT
Definition: auth_sspi.h:32
@ RPCSEC_SSPI_CONTINUE_INIT
Definition: auth_sspi.h:33
#define SSPI_C_NO_NAME
Definition: auth_sspi.h:59
@ RPCSEC_SSPI_SVC_NONE
Definition: auth_sspi.h:39
@ RPCSEC_SSPI_SVC_PRIVACY
Definition: auth_sspi.h:41
#define RPCSEC_SSPI_VERSION
Definition: auth_sspi.h:44
#define sspi_name_t
Definition: auth_sspi.h:46
bool_t xdr_rpc_sspi_init_args(XDR *xdrs, sspi_buffer_desc *p)
Definition: authsspi_prot.c:56
bool_t xdr_rpc_sspi_init_res(XDR *xdrs, struct rpc_sspi_init_res *p)
Definition: authsspi_prot.c:72
bool_t xdr_rpc_sspi_cred(XDR *xdrs, struct rpc_sspi_cred *p)
Definition: authsspi_prot.c:34
bool_t xdr_rpc_sspi_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, PCtxtHandle ctx, sspi_qop_t qop, rpc_sspi_svc_t svc, u_int seq)
#define caddr_t
Definition: ftp.c:24
#define NULLPROC
Definition: clnt.h:294
#define clnt_call(rh, proc, xargs, argsp, xres, resp, secs)
Definition: clnt.h:202
@ RPC_SUCCESS
Definition: clnt_stat.h:22
@ RPC_AUTHERROR
Definition: clnt_stat.h:38
@ RPC_SYSTEMERROR
Definition: clnt_stat.h:43
#define free
Definition: debug_ros.c:5
#define malloc
Definition: debug_ros.c:4
#define MAX_AUTH_BYTES
Definition: auth.h:77
UINT32 u_int
Definition: types.h:82
#define mem_free(ptr, bsize)
Definition: types.h:124
#define NULL
Definition: types.h:112
#define mem_alloc(bsize)
Definition: types.h:123
int32_t bool_t
Definition: types.h:101
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
UCHAR u_char
Definition: types.h:80
UINT32 uint32_t
Definition: types.h:75
static cab_ULONG checksum(const cab_UBYTE *data, cab_UWORD bytes, cab_ULONG csum)
Definition: fdi.c:353
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *
Definition: typeof.h:31
const GLubyte * c
Definition: glext.h:8905
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
GLbitfield flags
Definition: glext.h:7161
const GLint * first
Definition: glext.h:5794
GLfloat GLfloat p
Definition: glext.h:8902
GLuint GLuint num
Definition: glext.h:9618
GLenum GLsizei len
Definition: glext.h:6722
GLintptr offset
Definition: glext.h:5920
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
Definition: glfuncs.h:250
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
_Check_return_opt_ _CRTIMP int __cdecl fflush(_Inout_opt_ FILE *_File)
_Check_return_opt_ _CRTIMP int __cdecl vfprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format, va_list _ArgList)
#define c
Definition: ke_i.h:80
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
#define htonl(x)
Definition: module.h:212
#define for
Definition: utility.h:88
static PVOID ptr
Definition: dispmode.c:27
static const WCHAR desc[]
Definition: protectdata.c:36
static char sec_pkg_name[]
Definition: ntlm.c:180
#define RPCSEC_GSS
Definition: nfs41_ops.h:867
BYTE * PBYTE
Definition: pedump.c:66
static char title[]
Definition: ps.c:92
#define ISC_REQ_DATAGRAM
Definition: sspi.h:372
#define ISC_REQ_MANUAL_CRED_VALIDATION
Definition: sspi.h:381
#define SECBUFFER_STREAM
Definition: sspi.h:169
#define ISC_REQ_CONFIDENTIALITY
Definition: sspi.h:366
#define SecIsValidHandle(x)
Definition: sspi.h:63
#define ISC_REQ_STREAM
Definition: sspi.h:377
#define ISC_REQ_ALLOCATE_MEMORY
Definition: sspi.h:370
#define SECPKG_CRED_BOTH
Definition: sspi.h:292
#define ISC_REQ_EXTENDED_ERROR
Definition: sspi.h:376
#define SECBUFFER_TOKEN
Definition: sspi.h:161
#define ISC_REQ_USE_SUPPLIED_CREDS
Definition: sspi.h:369
#define ISC_REQ_NULL_SESSION
Definition: sspi.h:380
#define ISC_REQ_PROMPT_FOR_CREDS
Definition: sspi.h:368
#define ISC_REQ_SEQUENCE_DETECT
Definition: sspi.h:365
#define ISC_REQ_CALL_LEVEL
Definition: sspi.h:374
#define SECBUFFER_PADDING
Definition: sspi.h:168
#define ISC_REQ_REPLAY_DETECT
Definition: sspi.h:364
#define SECURITY_NATIVE_DREP
Definition: sspi.h:473
#define ISC_REQ_INTEGRITY
Definition: sspi.h:378
#define ISC_REQ_DELEGATE
Definition: sspi.h:362
#define SECBUFFER_DATA
Definition: sspi.h:160
#define ISC_REQ_FRAGMENT_SUPPLIED
Definition: sspi.h:375
#define ISC_REQ_USE_SESSION_KEY
Definition: sspi.h:367
#define SECPKG_ATTR_SIZES
Definition: sspi.h:521
#define ISC_REQ_IDENTIFY
Definition: sspi.h:379
#define ISC_REQ_MUTUAL_AUTH
Definition: sspi.h:363
#define SecInvalidateHandle(x)
Definition: sspi.h:58
#define SECPKG_ATTR_FLAGS
Definition: sspi.h:535
#define SECBUFFER_VERSION
Definition: sspi.h:187
#define ISC_REQ_CONNECTION
Definition: sspi.h:373
#define QueryContextAttributes
Definition: sspi.h:512
#define ISC_REQ_USE_DCE_STYLE
Definition: sspi.h:371
static FILE * out
Definition: regtests2xml.c:44
char * caddr_t
Definition: rosdhcp.h:36
#define calloc
Definition: rosglue.h:14
struct opaque_auth _null_auth
_Check_return_ _CRTIMP char *__cdecl strdup(_In_opt_z_ const char *_Src)
#define memset(x, y, z)
Definition: compat.h:39
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
Definition: sspi.c:699
ULONG cBuffers
Definition: sspi.h:182
ULONG ulVersion
Definition: sspi.h:181
ULONG BufferType
Definition: sspi.h:154
ULONG cbBuffer
Definition: sspi.h:153
ULONG cbBlockSize
Definition: sspi.h:563
ULONG cbSecurityTrailer
Definition: sspi.h:564
ULONG cbMaxSignature
Definition: sspi.h:562
Definition: auth.h:205
struct opaque_auth ah_cred
Definition: auth.h:206
void * ah_private
Definition: auth.h:225
struct __auth::auth_ops * ah_ops
struct opaque_auth ah_verf
Definition: auth.h:207
AUTH * cl_auth
Definition: clnt.h:122
Definition: xdr.h:103
char * value
Definition: compiler.c:67
Definition: dsound.c:943
Definition: name.c:39
u_int oa_length
Definition: auth.h:198
caddr_t oa_base
Definition: auth.h:197
struct rpc_err cf_error
Definition: clnt.h:497
enum clnt_stat cf_stat
Definition: clnt.h:496
sspi_name_t name
Definition: auth_sspi.c:59
struct rpc_sspi_cred gc
Definition: auth_sspi.c:62
TimeStamp expiry
Definition: auth_sspi.c:64
sspi_buffer_desc gc_wire_verf
Definition: auth_sspi.c:56
struct rpc_sspi_sec * sec
Definition: auth_sspi.c:60
bool_t established
Definition: auth_sspi.c:54
bool_t inprogress
Definition: auth_sspi.c:55
CLIENT * clnt
Definition: auth_sspi.c:58
CtxtHandle ctx
Definition: auth_sspi.c:61
sspi_buffer_desc gr_token
Definition: auth_sspi.h:88
TimeStamp expiry
Definition: auth_sspi.h:70
rpc_sspi_svc_t svc
Definition: auth_sspi.h:67
CredHandle cred
Definition: auth_sspi.h:68
uint32_t ULONG
Definition: typedefs.h:59
DWORD WINAPI GetCurrentThreadId(void)
Definition: thread.c:459
#define SEC_E_OK
Definition: winerror.h:2356
#define SEC_E_INTERNAL_ERROR
Definition: winerror.h:2913
#define SEC_E_NO_AUTHENTICATING_AUTHORITY
Definition: winerror.h:2926
#define SEC_E_INSUFFICIENT_MEMORY
Definition: winerror.h:2909
#define SEC_I_CONTINUE_NEEDED
Definition: winerror.h:2927
void int int ULONGLONG int va_list * ap
Definition: winesup.h:36
SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: wrapper.c:1006
SECURITY_STATUS WINAPI MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: wrapper.c:623
SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: wrapper.c:1036
SECURITY_STATUS WINAPI VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: wrapper.c:653
SECURITY_STATUS WINAPI QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
Definition: wrapper.c:505
SECURITY_STATUS WINAPI AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialsUse, PLUID pvLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn, PVOID pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
Definition: wrapper.c:59
SECURITY_STATUS WINAPI InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
Definition: wrapper.c:237
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
Definition: wrapper.c:450
SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle phCredential)
Definition: wrapper.c:151
@ XDR_ENCODE
Definition: xdr.h:85
#define XDR_DESTROY(xdrs)
Definition: xdr.h:214
bool_t(* xdrproc_t)(XDR *,...)
Definition: xdr.h:144
#define XDR_GETPOS(xdrs)
Definition: xdr.h:199
void xdrmem_create(XDR *xdrs, char *addr, u_int size, enum xdr_op op)
Definition: xdr_mem.c:94
int32_t * xdrrec_getoutbase(XDR *xdrs)
Definition: xdr_rec.c:415