ReactOS  0.4.13-dev-259-g5ca9c9c
kerberos.c
Go to the documentation of this file.
1 /*
2  * Copyright 2005, 2006 Kai Blin
3  * Copyright 2016 Jacek Caban for CodeWeavers
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18  */
19 
20 #include "precomp.h"
21 
22 #include <assert.h>
23 
24 #include <wine/debug.h>
26 
27 #define KERBEROS_MAX_BUF 12000
28 
29 /***********************************************************************
30  * QueryCredentialsAttributesA
31  */
33 {
34  FIXME("(%p %d %p)\n", phCredential, ulAttribute, pBuffer);
36 }
37 
38 /***********************************************************************
39  * QueryCredentialsAttributesW
40  */
42 {
43  FIXME("(%p, %d, %p)\n", phCredential, ulAttribute, pBuffer);
45 }
46 
47 /***********************************************************************
48  * AcquireCredentialsHandleW
49  */
50 static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleW(SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse,
51  LUID *pLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pGetKeyArgument, CredHandle *phCredential, TimeStamp *ptsExpiry)
52 {
53  FIXME("(%s %s 0x%08x %p %p %p %p %p %p)\n", debugstr_w(pszPrincipal), debugstr_w(pszPackage), fCredentialUse,
54  pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
55  return SEC_E_NO_CREDENTIALS;
56 }
57 
58 /***********************************************************************
59  * AcquireCredentialsHandleA
60  */
61 static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse,
62  LUID *pLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pGetKeyArgument, CredHandle *phCredential, TimeStamp *ptsExpiry)
63 {
64  FIXME("(%s %s 0x%08x %p %p %p %p %p %p)\n", debugstr_a(pszPrincipal), debugstr_a(pszPackage), fCredentialUse,
65  pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
67 }
68 
69 /***********************************************************************
70  * InitializeSecurityContextW
71  */
73  ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, SecBufferDesc *pInput, ULONG Reserved2, CtxtHandle *phNewContext,
74  SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
75 {
76  FIXME("(%p %p %s 0x%08x %d %d %p %d %p %p %p %p)\n", phCredential, phContext, debugstr_w(pszTargetName),
77  fContextReq, Reserved1, TargetDataRep, pInput, Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
79 }
80 
81 /***********************************************************************
82  * InitializeSecurityContextA
83  */
85  ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, SecBufferDesc *pInput, ULONG Reserved2, CtxtHandle *phNewContext,
86  SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
87 {
88  FIXME("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext, debugstr_a(pszTargetName), fContextReq,
89  Reserved1, TargetDataRep, pInput, Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
91 }
92 
93 /***********************************************************************
94  * AcceptSecurityContext
95  */
97  ULONG fContextReq, ULONG TargetDataRep, CtxtHandle *phNewContext, SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
98 {
99  FIXME("(%p %p %p %d %d %p %p %p %p)\n", phCredential, phContext, pInput, fContextReq, TargetDataRep, phNewContext, pOutput,
100  pfContextAttr, ptsExpiry);
102 }
103 
104 /***********************************************************************
105  * CompleteAuthToken
106  */
108 {
109  FIXME("(%p %p)\n", phContext, pToken);
111 }
112 
113 /***********************************************************************
114  * DeleteSecurityContext
115  */
117 {
118  FIXME("(%p)\n", phContext);
120 }
121 
122 /***********************************************************************
123  * QueryContextAttributesW
124  */
126 {
127  FIXME("(%p %d %p)\n", phContext, ulAttribute, pBuffer);
129 }
130 
131 /***********************************************************************
132  * QueryContextAttributesA
133  */
135 {
136  FIXME("(%p %d %p)\n", phContext, ulAttribute, pBuffer);
138 }
139 
140 /***********************************************************************
141  * ImpersonateSecurityContext
142  */
144 {
145  FIXME("(%p)\n", phContext);
147 }
148 
149 /***********************************************************************
150  * RevertSecurityContext
151  */
153 {
154  FIXME("(%p)\n", phContext);
156 }
157 
158 /***********************************************************************
159  * MakeSignature
160  */
161 static SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature(CtxtHandle *phContext, ULONG fQOP, SecBufferDesc *pMessage, ULONG MessageSeqNo)
162 {
163  FIXME("(%p %d %p %d)\n", phContext, fQOP, pMessage, MessageSeqNo);
165 }
166 
167 /***********************************************************************
168  * VerifySignature
169  */
170 static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature(CtxtHandle *phContext, SecBufferDesc *pMessage, ULONG MessageSeqNo, PULONG pfQOP)
171 {
172  FIXME("(%p %p %d %p)\n", phContext, pMessage, MessageSeqNo, pfQOP);
174 }
175 
176 /***********************************************************************
177  * FreeCredentialsHandle
178  */
180 {
181  FIXME("(%p)\n", phCredential);
183 }
184 
185 /***********************************************************************
186  * EncryptMessage
187  */
188 static SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage(CtxtHandle *phContext, ULONG fQOP, SecBufferDesc *pMessage, ULONG MessageSeqNo)
189 {
190  FIXME("(%p %d %p %d)\n", phContext, fQOP, pMessage, MessageSeqNo);
192 }
193 
194 /***********************************************************************
195  * DecryptMessage
196  */
197 static SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage(CtxtHandle *phContext, SecBufferDesc *pMessage, ULONG MessageSeqNo, PULONG pfQOP)
198 {
199  FIXME("(%p %p %d %p)\n", phContext, pMessage, MessageSeqNo, pfQOP);
201 }
202 
204  1,
205  NULL, /* EnumerateSecurityPackagesA */
206  kerberos_QueryCredentialsAttributesA, /* QueryCredentialsAttributesA */
207  kerberos_AcquireCredentialsHandleA, /* AcquireCredentialsHandleA */
208  kerberos_FreeCredentialsHandle, /* FreeCredentialsHandle */
209  NULL, /* Reserved2 */
210  kerberos_InitializeSecurityContextA, /* InitializeSecurityContextA */
211  kerberos_AcceptSecurityContext, /* AcceptSecurityContext */
212  kerberos_CompleteAuthToken, /* CompleteAuthToken */
213  kerberos_DeleteSecurityContext, /* DeleteSecurityContext */
214  NULL, /* ApplyControlToken */
215  kerberos_QueryContextAttributesA, /* QueryContextAttributesA */
216  kerberos_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
217  kerberos_RevertSecurityContext, /* RevertSecurityContext */
218  kerberos_MakeSignature, /* MakeSignature */
219  kerberos_VerifySignature, /* VerifySignature */
220  FreeContextBuffer, /* FreeContextBuffer */
221  NULL, /* QuerySecurityPackageInfoA */
222  NULL, /* Reserved3 */
223  NULL, /* Reserved4 */
224  NULL, /* ExportSecurityContext */
225  NULL, /* ImportSecurityContextA */
226  NULL, /* AddCredentialsA */
227  NULL, /* Reserved8 */
228  NULL, /* QuerySecurityContextToken */
229  kerberos_EncryptMessage, /* EncryptMessage */
230  kerberos_DecryptMessage, /* DecryptMessage */
231  NULL, /* SetContextAttributesA */
232 };
233 
235  1,
236  NULL, /* EnumerateSecurityPackagesW */
237  kerberos_QueryCredentialsAttributesW, /* QueryCredentialsAttributesW */
238  kerberos_AcquireCredentialsHandleW, /* AcquireCredentialsHandleW */
239  kerberos_FreeCredentialsHandle, /* FreeCredentialsHandle */
240  NULL, /* Reserved2 */
241  kerberos_InitializeSecurityContextW, /* InitializeSecurityContextW */
242  kerberos_AcceptSecurityContext, /* AcceptSecurityContext */
243  kerberos_CompleteAuthToken, /* CompleteAuthToken */
244  kerberos_DeleteSecurityContext, /* DeleteSecurityContext */
245  NULL, /* ApplyControlToken */
246  kerberos_QueryContextAttributesW, /* QueryContextAttributesW */
247  kerberos_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
248  kerberos_RevertSecurityContext, /* RevertSecurityContext */
249  kerberos_MakeSignature, /* MakeSignature */
250  kerberos_VerifySignature, /* VerifySignature */
251  FreeContextBuffer, /* FreeContextBuffer */
252  NULL, /* QuerySecurityPackageInfoW */
253  NULL, /* Reserved3 */
254  NULL, /* Reserved4 */
255  NULL, /* ExportSecurityContext */
256  NULL, /* ImportSecurityContextW */
257  NULL, /* AddCredentialsW */
258  NULL, /* Reserved8 */
259  NULL, /* QuerySecurityContextToken */
260  kerberos_EncryptMessage, /* EncryptMessage */
261  kerberos_DecryptMessage, /* DecryptMessage */
262  NULL, /* SetContextAttributesW */
263 };
264 
265 #define KERBEROS_COMMENT \
266  {'M','i','c','r','o','s','o','f','t',' ','K','e','r','b','e','r','o','s',' ','V','1','.','0',0}
269 
270 #define KERBEROS_NAME {'K','e','r','b','e','r','o','s',0}
273 
274 #define CAPS \
275  ( SECPKG_FLAG_INTEGRITY \
276  | SECPKG_FLAG_PRIVACY \
277  | SECPKG_FLAG_TOKEN_ONLY \
278  | SECPKG_FLAG_DATAGRAM \
279  | SECPKG_FLAG_CONNECTION \
280  | SECPKG_FLAG_MULTI_REQUIRED \
281  | SECPKG_FLAG_EXTENDED_ERROR \
282  | SECPKG_FLAG_IMPERSONATION \
283  | SECPKG_FLAG_ACCEPT_WIN32_NAME \
284  | SECPKG_FLAG_NEGOTIABLE \
285  | SECPKG_FLAG_GSS_COMPATIBLE \
286  | SECPKG_FLAG_LOGON \
287  | SECPKG_FLAG_MUTUAL_AUTH \
288  | SECPKG_FLAG_DELEGATION \
289  | SECPKG_FLAG_READONLY_WITH_CHECKSUM \
290  | SECPKG_FLAG_RESTRICTED_TOKENS \
291  | SECPKG_FLAG_APPCONTAINER_CHECKS)
292 
293 static const SecPkgInfoW infoW = {
294  CAPS,
295  1,
300 };
301 
302 static const SecPkgInfoA infoA = {
303  CAPS,
304  1,
309 };
310 
312 {
314  SECUR32_addPackages(provider, 1, &infoA, &infoW);
315 }
void SECUR32_addPackages(SecureProvider *provider, ULONG toAdd, const SecPkgInfoA *infoA, const SecPkgInfoW *infoW) DECLSPEC_HIDDEN
Definition: secur32_wine.c:362
static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse, LUID *pLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pGetKeyArgument, CredHandle *phCredential, TimeStamp *ptsExpiry)
Definition: kerberos.c:61
static const SecurityFunctionTableW kerberosTableW
Definition: kerberos.c:234
static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature(CtxtHandle *phContext, SecBufferDesc *pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: kerberos.c:170
WCHAR SEC_WCHAR
Definition: sspi.h:29
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
Definition: sspi.c:699
char CHAR
Definition: xmlstorage.h:175
static const SecPkgInfoA infoA
Definition: kerberos.c:302
static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesW(CredHandle *phCredential, ULONG ulAttribute, void *pBuffer)
Definition: kerberos.c:41
static SECURITY_STATUS SEC_ENTRY kerberos_DeleteSecurityContext(CtxtHandle *phContext)
Definition: kerberos.c:116
static SECURITY_STATUS SEC_ENTRY kerberos_FreeCredentialsHandle(PCredHandle phCredential)
Definition: kerberos.c:179
#define SEC_E_UNSUPPORTED_FUNCTION
Definition: winerror.h:2911
SecureProvider * SECUR32_addProvider(const SecurityFunctionTableA *fnTableA, const SecurityFunctionTableW *fnTableW, PCWSTR moduleName) DECLSPEC_HIDDEN
Definition: secur32_wine.c:314
static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleW(SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse, LUID *pLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pGetKeyArgument, CredHandle *phCredential, TimeStamp *ptsExpiry)
Definition: kerberos.c:50
static SECURITY_STATUS SEC_ENTRY kerberos_CompleteAuthToken(CtxtHandle *phContext, SecBufferDesc *pToken)
Definition: kerberos.c:107
static char kerberos_name_A[]
Definition: kerberos.c:271
WINE_DEFAULT_DEBUG_CHANNEL(secur32)
static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesW(CtxtHandle *phContext, ULONG ulAttribute, void *pBuffer)
Definition: kerberos.c:125
#define KERBEROS_NAME
Definition: kerberos.c:270
#define debugstr_w
Definition: kernel32.h:32
static SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature(CtxtHandle *phContext, ULONG fQOP, SecBufferDesc *pMessage, ULONG MessageSeqNo)
Definition: kerberos.c:161
#define FIXME(fmt,...)
Definition: debug.h:110
smooth NULL
Definition: ftsmooth.c:416
PVOID pBuffer
static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesA(CredHandle *phCredential, ULONG ulAttribute, void *pBuffer)
Definition: kerberos.c:32
#define KERBEROS_MAX_BUF
Definition: kerberos.c:27
Definition: bcd.h:202
static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesA(CtxtHandle *phContext, ULONG ulAttribute, void *pBuffer)
Definition: kerberos.c:134
LONG SECURITY_STATUS
Definition: sspi.h:34
#define SEC_ENTRY
Definition: stubs.c:6
static SECURITY_STATUS SEC_ENTRY kerberos_AcceptSecurityContext(CredHandle *phCredential, CtxtHandle *phContext, SecBufferDesc *pInput, ULONG fContextReq, ULONG TargetDataRep, CtxtHandle *phNewContext, SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
Definition: kerberos.c:96
static const SecPkgInfoW infoW
Definition: kerberos.c:293
#define RPC_C_AUTHN_GSS_KERBEROS
Definition: rpcdce.h:160
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define debugstr_a
Definition: kernel32.h:31
static WCHAR kerberos_name_W[]
Definition: kerberos.c:272
static const SecurityFunctionTableA kerberosTableA
Definition: kerberos.c:203
static WCHAR kerberos_comment_W[]
Definition: kerberos.c:268
static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextW(CredHandle *phCredential, CtxtHandle *phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, SecBufferDesc *pInput, ULONG Reserved2, CtxtHandle *phNewContext, SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
Definition: kerberos.c:72
void(SEC_ENTRY * SEC_GET_KEY_FN)(void *Arg, void *Principal, ULONG KeyVer, void **Key, SECURITY_STATUS *Status)
Definition: sspi.h:175
static SECURITY_STATUS SEC_ENTRY kerberos_ImpersonateSecurityContext(CtxtHandle *phContext)
Definition: kerberos.c:143
static CHAR kerberos_comment_A[]
Definition: kerberos.c:267
unsigned int * PULONG
Definition: retypes.h:1
static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextA(CredHandle *phCredential, CtxtHandle *phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, SecBufferDesc *pInput, ULONG Reserved2, CtxtHandle *phNewContext, SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
Definition: kerberos.c:84
CHAR SEC_CHAR
Definition: sspi.h:30
Definition: bcd.h:201
unsigned int ULONG
Definition: retypes.h:1
#define SEC_E_NO_CREDENTIALS
Definition: winerror.h:2923
#define CAPS
Definition: kerberos.c:274
static SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage(CtxtHandle *phContext, ULONG fQOP, SecBufferDesc *pMessage, ULONG MessageSeqNo)
Definition: kerberos.c:188
static SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage(CtxtHandle *phContext, SecBufferDesc *pMessage, ULONG MessageSeqNo, PULONG pfQOP)
Definition: kerberos.c:197
static SECURITY_STATUS SEC_ENTRY kerberos_RevertSecurityContext(CtxtHandle *phContext)
Definition: kerberos.c:152
#define KERBEROS_COMMENT
Definition: kerberos.c:265
void SECUR32_initKerberosSP(void)
Definition: kerberos.c:311