2012-06-19 18:19:53 +04:00
|
|
|
/**
|
|
|
|
* WinPR: Windows Portable Runtime
|
|
|
|
* Security Support Provider Interface
|
|
|
|
*
|
|
|
|
* Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2012-08-15 01:20:53 +04:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include "config.h"
|
|
|
|
#endif
|
|
|
|
|
2012-06-19 18:19:53 +04:00
|
|
|
#include <winpr/sspicli.h>
|
|
|
|
|
|
|
|
/**
|
|
|
|
* sspicli.dll:
|
|
|
|
*
|
|
|
|
* EnumerateSecurityPackagesA
|
|
|
|
* EnumerateSecurityPackagesW
|
|
|
|
* GetUserNameExW
|
|
|
|
* ImportSecurityContextA
|
2013-09-24 06:39:28 +04:00
|
|
|
* LogonUser
|
|
|
|
* LogonUserEx
|
2012-06-19 18:19:53 +04:00
|
|
|
* LogonUserExExW
|
|
|
|
* SspiCompareAuthIdentities
|
|
|
|
* SspiCopyAuthIdentity
|
|
|
|
* SspiDecryptAuthIdentity
|
|
|
|
* SspiEncodeAuthIdentityAsStrings
|
|
|
|
* SspiEncodeStringsAsAuthIdentity
|
|
|
|
* SspiEncryptAuthIdentity
|
|
|
|
* SspiExcludePackage
|
|
|
|
* SspiFreeAuthIdentity
|
|
|
|
* SspiGetTargetHostName
|
|
|
|
* SspiIsAuthIdentityEncrypted
|
|
|
|
* SspiLocalFree
|
|
|
|
* SspiMarshalAuthIdentity
|
|
|
|
* SspiPrepareForCredRead
|
|
|
|
* SspiPrepareForCredWrite
|
|
|
|
* SspiUnmarshalAuthIdentity
|
|
|
|
* SspiValidateAuthIdentity
|
|
|
|
* SspiZeroAuthIdentity
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _WIN32
|
|
|
|
|
|
|
|
#include <winpr/crt.h>
|
|
|
|
|
2013-09-24 06:39:28 +04:00
|
|
|
#ifdef HAVE_UNISTD_H
|
|
|
|
#include <unistd.h>
|
|
|
|
#endif
|
|
|
|
|
2015-03-11 17:11:08 +03:00
|
|
|
#include <pthread.h>
|
|
|
|
|
2013-09-24 08:07:48 +04:00
|
|
|
#include <pwd.h>
|
|
|
|
#include <grp.h>
|
|
|
|
|
|
|
|
#include "../handle/handle.h"
|
|
|
|
|
|
|
|
#include "../security/security.h"
|
|
|
|
|
2015-03-11 17:11:08 +03:00
|
|
|
static BOOL LogonUserCloseHandle(HANDLE handle);
|
|
|
|
|
|
|
|
static BOOL LogonUserIsHandled(HANDLE handle)
|
|
|
|
{
|
|
|
|
WINPR_ACCESS_TOKEN* pLogonUser = (WINPR_ACCESS_TOKEN*) handle;
|
|
|
|
|
2015-03-24 11:18:06 +03:00
|
|
|
if (!pLogonUser || (pLogonUser->Type != HANDLE_TYPE_ACCESS_TOKEN))
|
2015-03-11 17:11:08 +03:00
|
|
|
{
|
|
|
|
SetLastError(ERROR_INVALID_HANDLE);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2015-03-11 19:57:01 +03:00
|
|
|
static int LogonUserGetFd(HANDLE handle)
|
2015-03-11 17:11:08 +03:00
|
|
|
{
|
2015-03-11 19:57:01 +03:00
|
|
|
WINPR_ACCESS_TOKEN *pLogonUser = (WINPR_ACCESS_TOKEN *)handle;
|
|
|
|
|
|
|
|
if (!LogonUserIsHandled(handle))
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
/* TODO: File fd not supported */
|
|
|
|
(void)pLogonUser;
|
|
|
|
|
|
|
|
return -1;
|
2015-03-11 17:11:08 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
BOOL LogonUserCloseHandle(HANDLE handle) {
|
|
|
|
WINPR_ACCESS_TOKEN *token = (WINPR_ACCESS_TOKEN *) handle;
|
|
|
|
|
2015-05-11 10:07:39 +03:00
|
|
|
if (!handle || !LogonUserIsHandled(handle))
|
2015-03-11 17:11:08 +03:00
|
|
|
return FALSE;
|
|
|
|
|
2015-05-11 10:07:39 +03:00
|
|
|
free(token->Username);
|
|
|
|
free(token->Domain);
|
2015-03-11 17:11:08 +03:00
|
|
|
free(token);
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2015-03-16 02:29:37 +03:00
|
|
|
static HANDLE_OPS ops = {
|
|
|
|
LogonUserIsHandled,
|
|
|
|
LogonUserCloseHandle,
|
|
|
|
LogonUserGetFd,
|
|
|
|
NULL /* CleanupHandle */
|
|
|
|
};
|
|
|
|
|
2013-09-24 06:39:28 +04:00
|
|
|
BOOL LogonUserA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword,
|
|
|
|
DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken)
|
|
|
|
{
|
2013-09-24 08:07:48 +04:00
|
|
|
struct passwd* pw;
|
|
|
|
WINPR_ACCESS_TOKEN* token;
|
|
|
|
|
|
|
|
if (!lpszUsername)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-03-11 20:09:22 +03:00
|
|
|
token = (WINPR_ACCESS_TOKEN*) calloc(1, sizeof(WINPR_ACCESS_TOKEN));
|
2013-09-24 08:07:48 +04:00
|
|
|
|
|
|
|
if (!token)
|
|
|
|
return FALSE;
|
|
|
|
|
2015-07-03 10:36:58 +03:00
|
|
|
WINPR_HANDLE_SET_TYPE_AND_MODE(token, HANDLE_TYPE_ACCESS_TOKEN, FD_READ);
|
2013-09-24 08:07:48 +04:00
|
|
|
|
2015-03-16 02:29:37 +03:00
|
|
|
token->ops = &ops;
|
2015-03-11 19:57:01 +03:00
|
|
|
|
2013-09-24 08:07:48 +04:00
|
|
|
token->Username = _strdup(lpszUsername);
|
2015-06-17 23:08:02 +03:00
|
|
|
if (!token->Username)
|
|
|
|
{
|
|
|
|
free(token);
|
|
|
|
return FALSE;
|
|
|
|
}
|
2013-09-24 08:07:48 +04:00
|
|
|
|
|
|
|
if (lpszDomain)
|
2015-06-17 23:08:02 +03:00
|
|
|
{
|
2013-09-24 08:07:48 +04:00
|
|
|
token->Domain = _strdup(lpszDomain);
|
2015-06-17 23:08:02 +03:00
|
|
|
if (!token->Domain)
|
|
|
|
{
|
|
|
|
free(token->Username);
|
|
|
|
free(token);
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
}
|
2013-09-24 08:07:48 +04:00
|
|
|
|
|
|
|
pw = getpwnam(lpszUsername);
|
|
|
|
|
|
|
|
if (pw)
|
|
|
|
{
|
|
|
|
token->UserId = (DWORD) pw->pw_uid;
|
|
|
|
token->GroupId = (DWORD) pw->pw_gid;
|
|
|
|
}
|
|
|
|
|
|
|
|
*((ULONG_PTR*) phToken) = (ULONG_PTR) token;
|
|
|
|
|
2013-09-24 06:39:28 +04:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
BOOL LogonUserW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword,
|
|
|
|
DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken)
|
|
|
|
{
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
BOOL LogonUserExA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword,
|
|
|
|
DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken, PSID* ppLogonSid,
|
|
|
|
PVOID* ppProfileBuffer, LPDWORD pdwProfileLength, PQUOTA_LIMITS pQuotaLimits)
|
|
|
|
{
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
BOOL LogonUserExW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword,
|
|
|
|
DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken, PSID* ppLogonSid,
|
|
|
|
PVOID* ppProfileBuffer, LPDWORD pdwProfileLength, PQUOTA_LIMITS pQuotaLimits)
|
|
|
|
{
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
2012-06-19 18:19:53 +04:00
|
|
|
BOOL GetUserNameExA(EXTENDED_NAME_FORMAT NameFormat, LPSTR lpNameBuffer, PULONG nSize)
|
|
|
|
{
|
|
|
|
int length;
|
|
|
|
char* login;
|
|
|
|
|
|
|
|
switch (NameFormat)
|
|
|
|
{
|
|
|
|
case NameSamCompatible:
|
|
|
|
|
|
|
|
login = getlogin();
|
|
|
|
length = strlen(login);
|
|
|
|
|
|
|
|
if (*nSize >= length)
|
|
|
|
{
|
|
|
|
CopyMemory(lpNameBuffer, login, length + 1);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
*nSize = length + 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
case NameFullyQualifiedDN:
|
|
|
|
case NameDisplay:
|
|
|
|
case NameUniqueId:
|
|
|
|
case NameCanonical:
|
|
|
|
case NameUserPrincipal:
|
|
|
|
case NameCanonicalEx:
|
|
|
|
case NameServicePrincipal:
|
|
|
|
case NameDnsDomain:
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
BOOL GetUserNameExW(EXTENDED_NAME_FORMAT NameFormat, LPWSTR lpNameBuffer, PULONG nSize)
|
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|