67 #define AUTH_PRIVATE(auth) ((struct rpc_sspi_data *)auth->ah_private) 76 AUTH *auth, *save_auth;
83 if ((auth =
calloc(
sizeof(*auth), 1)) ==
NULL) {
97 if (gss_duplicate_name(&min_stat,
name, &gd->
name)
116 gd->
gc.gc_svc = gd->
sec->svc;
142 log_debug(
"in authgss_create_default() for %s", service);
144 sname.
value = service;
147 maj_stat = gss_import_name(&min_stat, &sname,
148 (gss_OID)GSS_C_NT_HOSTBASED_SERVICE,
154 log_debug(
"authgss_create_default: sspi_import_name failed with %x", maj_stat);
165 log_debug(
"authgss_create_default: AcquireCredentialsHandleA failed with %x", maj_stat);
177 gss_release_name(&min_stat, &
name);
218 *seq = gd->
gc.gc_seq;
224 log_debug(
"authsspi_marshal: xdr_rpc_sspi_cred failed");
235 log_debug(
"authsspi_marshal: failed to xdr GSS CRED");
249 maj_stat = gss_get_mic(&min_stat, gd->
ctx, gd->
sec.qop,
255 log_debug(
"authsspi_marshal: sspi_get_mic failed with %x", maj_stat);
267 gss_release_buffer(&min_stat, &
checksum);
282 log_debug(
"in authgss_validate(for seq=%d)", seq);
312 cur_seq = gd->
gc.gc_seq;
326 maj_stat = gss_verify_mic(&min_stat, gd->
ctx, &signbuf,
332 log_debug(
"authsspi_validate: VerifySignature failed with %x", maj_stat);
348 uint32_t maj_stat, call_stat, ret_flags,
i;
349 unsigned long flags =
361 log_debug(
"trying to refresh credentials\n");
373 memset(&gr, 0,
sizeof(gr));
375 send_token.length = 0;
386 log_debug(
"The token we just received (length %d):",
387 recv_tokenp->length);
388 log_hexdump(0,
"", recv_tokenp->value, recv_tokenp->length, 0);
391 maj_stat = gss_init_sec_context(&min_stat,
407 out_desc.pBuffers = wtkn;
410 wtkn[0].
cbBuffer = send_token.length;
411 wtkn[0].pvBuffer = send_token.value;
412 log_debug(
"calling InitializeSecurityContextA for %s", gd->
name);
421 ((
i==0)?
NULL:&in_desc),
430 gss_release_buffer(&min_stat, &gr.
gr_token);
437 log_debug(
"InitializeSecurityContext failed with %x", maj_stat);
440 send_token.length = wtkn[0].
cbBuffer;
441 send_token.value = wtkn[0].pvBuffer;
442 if (send_token.length != 0) {
443 memset(&gr, 0,
sizeof(gr));
446 log_debug(
"The token being sent (length %d):",
448 log_hexdump(0,
"", send_token.value, send_token.length, 0);
456 gss_release_buffer(&min_stat, &send_token);
467 if (gr.gr_ctx.length != 0) {
469 if (gd->
gc.gc_ctx.value)
470 gss_release_buffer(&min_stat,
475 gd->
gc.gc_ctx = gr.gr_ctx;
477 if (gr.gr_token.length != 0) {
480 recv_tokenp = &gr.gr_token;
481 in_desc.cBuffers = 1;
482 in_desc.pBuffers = rtkn;
485 rtkn[0].
cbBuffer = gr.gr_token.length;
486 rtkn[0].pvBuffer = gr.gr_token.value;
496 u_int seq, qop_state = 0;
501 bufin.
value = (
unsigned char *)&seq;
502 bufin.
length =
sizeof(seq);
504 maj_stat = gss_verify_mic(&min_stat, gd->
ctx,
505 &bufin, &bufout, &qop_state);
510 log_debug(
"authgss_refresh: sspi_verify_mic failed with %x", maj_stat);
522 log_debug(
"authgss_refresh: established GSS context");
530 gss_release_buffer(&min_stat, &gr.
gr_token);
565 log_debug(
"in authgss_destroy_context()");
568 if (gd ==
NULL)
return;
580 gss_release_buffer(&min_stat, &gd->
gc.gc_ctx);
582 memset(&gd->
gc.gc_ctx, 0,
sizeof(gd->
gc.gc_ctx));
583 gss_delete_sec_context(&min_stat, &gd->
ctx,
NULL);
603 if (gd ==
NULL)
return;
609 gss_release_name(&min_stat, &gd->
name);
629 return ((*xdr_func)(xdrs, xdr_ptr));
633 gd->
sec->svc, gd->
gc.gc_seq));
646 return ((*xdr_func)(xdrs, xdr_ptr));
670 memset(&ContextSizes, 0,
sizeof(ContextSizes));
672 if (maj_stat !=
SEC_E_OK)
return maj_stat;
677 desc.pBuffers = sec_tkn;
681 sec_tkn[0].pvBuffer = bufin->
value;
690 bufout->
value = sec_tkn[1].pvBuffer;
693 free(sec_tkn[1].pvBuffer);
712 desc.pBuffers = sec_tkn;
716 sec_tkn[0].pvBuffer = bufin->
value;
719 sec_tkn[1].pvBuffer = bufout->
value;
738 if (*name_out ==
NULL)
741 strcpy(*name_out,
"nfs/");
744 log_debug(
"imported service name is: %s\n", *name_out);
773 BuffDesc.pBuffers = SecBuff;
781 SecBuff[1].pvBuffer = bufin->
value;
794 memcpy(
p, SecBuff[0].pvBuffer, SecBuff[0].cbBuffer);
796 memcpy(
p, SecBuff[1].pvBuffer, SecBuff[1].cbBuffer);
798 memcpy(
p, SecBuff[2].pvBuffer, SecBuff[2].cbBuffer);
800 free(SecBuff[0].pvBuffer);
801 free(SecBuff[2].pvBuffer);
828 BuffDesc.pBuffers = SecBuff;
832 SecBuff[0].pvBuffer = bufin->
value;
836 SecBuff[1].pvBuffer =
NULL;
841 if (maj_stat !=
SEC_E_OK)
return maj_stat;
858 #define fd_out stdout 869 p = (
char *)
ptr->mech->elements;
878 else if (40 <= *
p && *
p < 80) {
882 else if (80 <= *
p && *
p < 127) {
950 for (
i = 0;
i <
len;
i += 0x10) {
953 jm = jm > 16 ? 16 : jm;
955 for (
j = 0;
j < jm;
j++) {
961 for (;
j < 16;
j++) {
967 for (
j = 0;
j < jm;
j++) {
990 void print_negotiated_flags(
unsigned long flags) {
return; }
#define ISC_REQ_SEQUENCE_DETECT
#define SEC_E_INTERNAL_ERROR
bool_t xdr_rpc_sspi_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, PCtxtHandle ctx, sspi_qop_t qop, rpc_sspi_svc_t svc, u_int seq)
bool_t xdr_rpc_sspi_cred(XDR *xdrs, struct rpc_sspi_cred *p)
#define AUTH_PRIVATE(auth)
static struct auth_ops authsspi_ops
char * strncat(char *DstString, const char *SrcString, ACPI_SIZE Count)
#define ISC_REQ_PROMPT_FOR_CREDS
#define ISC_REQ_EXTENDED_ERROR
ACPI_SIZE strlen(const char *String)
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
#define SecIsValidHandle(x)
uint32_t sspi_verify_mic(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *qop_state)
void print_negotiated_attrs(PCtxtHandle ctx)
SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle phCredential)
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
static char sec_pkg_name[]
static bool_t authsspi_unwrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, u_int seq)
AUTH * authsspi_create(CLIENT *clnt, sspi_name_t name, struct rpc_sspi_sec *sec)
#define ISC_REQ_MANUAL_CRED_VALIDATION
#define SecInvalidateHandle(x)
bool_t xdr_rpc_sspi_init_res(XDR *xdrs, struct rpc_sspi_init_res *p)
GLenum GLuint GLenum GLsizei const GLchar * buf
#define SECURITY_NATIVE_DREP
#define ISC_REQ_USE_SUPPLIED_CREDS
bool_t(* xdrproc_t)(XDR *,...)
bool_t authsspi_service(AUTH *auth, int svc)
uint32_t sspi_unwrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state, u_int *qop_state)
#define SECPKG_ATTR_SIZES
void print_rpc_gss_sec(struct rpc_sspi_sec *ptr)
struct opaque_auth _null_auth
static bool_t authsspi_validate(AUTH *auth, struct opaque_auth *verf, u_int seq)
#define SEC_E_INSUFFICIENT_MEMORY
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
#define SECBUFFER_PADDING
static const WCHAR desc[]
_Check_return_ _CRTIMP char *__cdecl strdup(_In_opt_z_ const char *_Src)
uint32_t sspi_get_mic(PCtxtHandle ctx, u_int qop, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout)
static bool_t authsspi_wrap(AUTH *auth, XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr)
SECURITY_STATUS WINAPI VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
AUTH * authsspi_create_default(CLIENT *clnt, char *service, int svc)
#define SEC_I_CONTINUE_NEEDED
static void authsspi_nextverf(AUTH *auth)
DWORD WINAPI GetCurrentThreadId(VOID)
#define ISC_REQ_INTEGRITY
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint GLint GLint j
static void authsspi_destroy(AUTH *auth)
#define ISC_REQ_NULL_SESSION
void log_debug(const char *fmt,...)
static bool_t authsspi_marshal(AUTH *auth, XDR *xdrs, u_int *seq)
#define ISC_REQ_FRAGMENT_SUPPLIED
struct opaque_auth ah_verf
SECURITY_STATUS WINAPI AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialsUse, PLUID pvLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn, PVOID pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
uint32_t sspi_import_name(sspi_buffer_desc *name_in, sspi_name_t *name_out)
SECURITY_STATUS WINAPI InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
#define ISC_REQ_USE_SESSION_KEY
uint32_t sspi_wrap(PCtxtHandle ctx, u_int seq, sspi_buffer_desc *bufin, sspi_buffer_desc *bufout, u_int *conf_state)
static struct timeval AUTH_TIMEOUT
#define ISC_REQ_ALLOCATE_MEMORY
SECURITY_STATUS WINAPI QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
#define memcpy(s1, s2, n)
static bool_t authsspi_refresh(AUTH *auth, void *)
#define ISC_REQ_USE_DCE_STYLE
static cab_ULONG checksum(const cab_UBYTE *data, cab_UWORD bytes, cab_ULONG csum)
#define RPCSEC_SSPI_VERSION
#define QueryContextAttributes
#define ISC_REQ_CONNECTION
static void authsspi_destroy_context(AUTH *auth)
void sspi_release_buffer(sspi_buffer_desc *buf)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
#define SEC_E_NO_AUTHENTICATING_AUTHORITY
#define SECBUFFER_VERSION
_Check_return_opt_ _CRTIMP int __cdecl fflush(_Inout_opt_ FILE *_File)
bool_t xdr_rpc_sspi_init_args(XDR *xdrs, sspi_buffer_desc *p)
#define SECPKG_ATTR_FLAGS
struct rpc_sspi_sec * sec
#define clnt_call(rh, proc, xargs, argsp, xres, resp, secs)
struct __auth::auth_ops * ah_ops
#define ISC_REQ_CALL_LEVEL
void xdrmem_create(XDR *xdrs, char *addr, u_int size, enum xdr_op op)
SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
#define ISC_REQ_MUTUAL_AUTH
void int int ULONGLONG int va_list * ap
int32_t * xdrrec_getoutbase(XDR *xdrs)
char * strcpy(char *DstString, const char *SrcString)
struct opaque_auth ah_cred
#define mem_free(ptr, bsize)
#define ISC_REQ_CONFIDENTIALITY
#define ISC_REQ_REPLAY_DETECT
_Check_return_opt_ _CRTIMP int __cdecl vfprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format, va_list _ArgList)
SECURITY_STATUS WINAPI MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
#define XDR_DESTROY(xdrs)
sspi_buffer_desc gr_token
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
sspi_buffer_desc gc_wire_verf
unsigned int(__cdecl typeof(jpeg_read_scanlines))(struct jpeg_decompress_struct *