2012-02-23 08:41:22 +04:00
|
|
|
/**
|
|
|
|
* FreeRDP: A Remote Desktop Protocol Implementation
|
|
|
|
* Security Support Provider Interface (SSPI) Tests
|
|
|
|
*
|
|
|
|
* Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2012-05-06 04:45:13 +04:00
|
|
|
#include <winpr/sspi.h>
|
2012-02-23 08:41:22 +04:00
|
|
|
#include <freerdp/freerdp.h>
|
2012-05-06 04:45:13 +04:00
|
|
|
|
2012-02-23 08:41:22 +04:00
|
|
|
#include <freerdp/utils/stream.h>
|
|
|
|
#include <freerdp/utils/memory.h>
|
|
|
|
#include <freerdp/utils/hexdump.h>
|
|
|
|
|
|
|
|
#include "test_sspi.h"
|
|
|
|
|
|
|
|
#define NTLM_PACKAGE_NAME "NTLM"
|
|
|
|
|
|
|
|
int init_sspi_suite(void)
|
|
|
|
{
|
2012-02-25 00:00:49 +04:00
|
|
|
sspi_GlobalInit();
|
2012-02-23 08:41:22 +04:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int clean_sspi_suite(void)
|
|
|
|
{
|
2012-02-25 00:00:49 +04:00
|
|
|
sspi_GlobalFinish();
|
2012-02-23 08:41:22 +04:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int add_sspi_suite(void)
|
|
|
|
{
|
|
|
|
add_test_suite(sspi);
|
|
|
|
|
|
|
|
add_test_function(EnumerateSecurityPackages);
|
|
|
|
add_test_function(QuerySecurityPackageInfo);
|
|
|
|
add_test_function(AcquireCredentialsHandle);
|
2012-02-24 00:56:50 +04:00
|
|
|
add_test_function(InitializeSecurityContext);
|
2012-02-23 08:41:22 +04:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
void test_EnumerateSecurityPackages(void)
|
|
|
|
{
|
|
|
|
uint32 cPackages;
|
|
|
|
SECURITY_STATUS status;
|
2012-03-16 04:48:38 +04:00
|
|
|
SecPkgInfo* pPackageInfo;
|
2012-02-23 08:41:22 +04:00
|
|
|
|
|
|
|
status = EnumerateSecurityPackages(&cPackages, &pPackageInfo);
|
|
|
|
|
|
|
|
if (status == SEC_E_OK)
|
|
|
|
{
|
|
|
|
int index;
|
|
|
|
|
|
|
|
printf("\nEnumerateSecurityPackages (%d):\n", cPackages);
|
|
|
|
|
|
|
|
for (index = 0; index < cPackages; index++)
|
|
|
|
{
|
|
|
|
printf("\"%s\", \"%s\"\n",
|
|
|
|
pPackageInfo[index].Name, pPackageInfo[index].Comment);
|
|
|
|
}
|
|
|
|
}
|
2012-02-25 00:35:48 +04:00
|
|
|
|
|
|
|
FreeContextBuffer(pPackageInfo);
|
2012-02-23 08:41:22 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
void test_QuerySecurityPackageInfo(void)
|
|
|
|
{
|
|
|
|
SECURITY_STATUS status;
|
2012-03-16 04:48:38 +04:00
|
|
|
SecPkgInfo* pPackageInfo;
|
2012-02-23 08:41:22 +04:00
|
|
|
|
|
|
|
status = QuerySecurityPackageInfo("NTLM", &pPackageInfo);
|
|
|
|
|
|
|
|
if (status == SEC_E_OK)
|
|
|
|
{
|
|
|
|
printf("\nQuerySecurityPackageInfo:\n");
|
|
|
|
printf("\"%s\", \"%s\"\n", pPackageInfo->Name, pPackageInfo->Comment);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
const char* test_User = "User";
|
|
|
|
const char* test_Domain = "Domain";
|
|
|
|
const char* test_Password = "Password";
|
|
|
|
|
|
|
|
void test_AcquireCredentialsHandle(void)
|
|
|
|
{
|
|
|
|
SECURITY_STATUS status;
|
2012-03-16 04:48:38 +04:00
|
|
|
CredHandle credentials;
|
2012-03-24 05:28:53 +04:00
|
|
|
TimeStamp expiration;
|
2012-03-16 04:48:38 +04:00
|
|
|
SEC_WINNT_AUTH_IDENTITY identity;
|
|
|
|
SecurityFunctionTable* table;
|
|
|
|
SecPkgCredentials_Names credential_names;
|
2012-02-23 08:41:22 +04:00
|
|
|
|
|
|
|
table = InitSecurityInterface();
|
|
|
|
|
|
|
|
identity.User = (uint16*) xstrdup(test_User);
|
|
|
|
identity.UserLength = sizeof(test_User);
|
|
|
|
identity.Domain = (uint16*) xstrdup(test_Domain);
|
|
|
|
identity.DomainLength = sizeof(test_Domain);
|
|
|
|
identity.Password = (uint16*) xstrdup(test_Password);
|
|
|
|
identity.PasswordLength = sizeof(test_Password);
|
2012-03-16 04:48:38 +04:00
|
|
|
identity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
|
2012-02-23 08:41:22 +04:00
|
|
|
|
|
|
|
status = table->AcquireCredentialsHandle(NULL, NTLM_PACKAGE_NAME,
|
|
|
|
SECPKG_CRED_OUTBOUND, NULL, &identity, NULL, NULL, &credentials, &expiration);
|
|
|
|
|
|
|
|
if (status == SEC_E_OK)
|
|
|
|
{
|
2012-02-24 00:56:50 +04:00
|
|
|
status = table->QueryCredentialsAttributes(&credentials, SECPKG_CRED_ATTR_NAMES, &credential_names);
|
2012-02-23 08:41:22 +04:00
|
|
|
|
2012-02-24 00:56:50 +04:00
|
|
|
if (status == SEC_E_OK)
|
|
|
|
{
|
|
|
|
printf("\nQueryCredentialsAttributes: %s\n", credential_names.sUserName);
|
|
|
|
}
|
2012-02-23 08:41:22 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-02-24 00:56:50 +04:00
|
|
|
void test_InitializeSecurityContext(void)
|
|
|
|
{
|
2012-02-24 06:26:00 +04:00
|
|
|
uint32 cbMaxLen;
|
2012-02-24 00:56:50 +04:00
|
|
|
uint32 fContextReq;
|
2012-02-24 06:26:00 +04:00
|
|
|
void* output_buffer;
|
2012-03-16 04:48:38 +04:00
|
|
|
CtxtHandle context;
|
2012-02-24 00:56:50 +04:00
|
|
|
uint32 pfContextAttr;
|
|
|
|
SECURITY_STATUS status;
|
2012-03-16 04:48:38 +04:00
|
|
|
CredHandle credentials;
|
2012-03-24 05:28:53 +04:00
|
|
|
TimeStamp expiration;
|
2012-03-16 04:48:38 +04:00
|
|
|
SecPkgInfo* pPackageInfo;
|
|
|
|
SEC_WINNT_AUTH_IDENTITY identity;
|
|
|
|
SecurityFunctionTable* table;
|
|
|
|
SecBuffer* p_SecBuffer;
|
|
|
|
SecBuffer output_SecBuffer;
|
|
|
|
SecBufferDesc output_SecBuffer_desc;
|
2012-02-23 08:41:22 +04:00
|
|
|
|
2012-02-24 00:56:50 +04:00
|
|
|
table = InitSecurityInterface();
|
2012-02-23 08:41:22 +04:00
|
|
|
|
2012-02-24 06:26:00 +04:00
|
|
|
status = QuerySecurityPackageInfo(NTLM_PACKAGE_NAME, &pPackageInfo);
|
|
|
|
|
|
|
|
if (status != SEC_E_OK)
|
|
|
|
{
|
|
|
|
printf("QuerySecurityPackageInfo status: 0x%08X\n", status);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
cbMaxLen = pPackageInfo->cbMaxToken;
|
|
|
|
|
2012-02-24 00:56:50 +04:00
|
|
|
identity.User = (uint16*) xstrdup(test_User);
|
|
|
|
identity.UserLength = sizeof(test_User);
|
|
|
|
identity.Domain = (uint16*) xstrdup(test_Domain);
|
|
|
|
identity.DomainLength = sizeof(test_Domain);
|
|
|
|
identity.Password = (uint16*) xstrdup(test_Password);
|
|
|
|
identity.PasswordLength = sizeof(test_Password);
|
2012-03-16 04:48:38 +04:00
|
|
|
identity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
|
2012-02-23 08:41:22 +04:00
|
|
|
|
2012-02-24 00:56:50 +04:00
|
|
|
status = table->AcquireCredentialsHandle(NULL, NTLM_PACKAGE_NAME,
|
|
|
|
SECPKG_CRED_OUTBOUND, NULL, &identity, NULL, NULL, &credentials, &expiration);
|
2012-02-23 08:41:22 +04:00
|
|
|
|
2012-02-24 06:26:00 +04:00
|
|
|
if (status != SEC_E_OK)
|
2012-02-24 00:56:50 +04:00
|
|
|
{
|
2012-02-24 06:26:00 +04:00
|
|
|
printf("AcquireCredentialsHandle status: 0x%08X\n", status);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
fContextReq = ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT | ISC_REQ_CONFIDENTIALITY | ISC_REQ_DELEGATE;
|
2012-02-23 08:41:22 +04:00
|
|
|
|
2012-02-24 06:26:00 +04:00
|
|
|
output_buffer = xmalloc(cbMaxLen);
|
|
|
|
|
2012-03-16 04:48:38 +04:00
|
|
|
output_SecBuffer_desc.ulVersion = 0;
|
|
|
|
output_SecBuffer_desc.cBuffers = 1;
|
|
|
|
output_SecBuffer_desc.pBuffers = &output_SecBuffer;
|
2012-02-24 06:26:00 +04:00
|
|
|
|
2012-03-16 04:48:38 +04:00
|
|
|
output_SecBuffer.cbBuffer = cbMaxLen;
|
|
|
|
output_SecBuffer.BufferType = SECBUFFER_TOKEN;
|
|
|
|
output_SecBuffer.pvBuffer = output_buffer;
|
2012-02-24 06:26:00 +04:00
|
|
|
|
|
|
|
status = table->InitializeSecurityContext(&credentials, NULL, NULL, fContextReq, 0, 0, NULL, 0,
|
2012-03-16 04:48:38 +04:00
|
|
|
&context, &output_SecBuffer_desc, &pfContextAttr, &expiration);
|
2012-02-24 06:26:00 +04:00
|
|
|
|
|
|
|
if (status != SEC_I_CONTINUE_NEEDED)
|
|
|
|
{
|
|
|
|
printf("InitializeSecurityContext status: 0x%08X\n", status);
|
|
|
|
return;
|
2012-02-24 00:56:50 +04:00
|
|
|
}
|
2012-02-24 06:26:00 +04:00
|
|
|
|
2012-03-16 04:48:38 +04:00
|
|
|
printf("cBuffers: %d ulVersion: %d\n", output_SecBuffer_desc.cBuffers, output_SecBuffer_desc.ulVersion);
|
2012-02-24 06:26:00 +04:00
|
|
|
|
2012-03-16 04:48:38 +04:00
|
|
|
p_SecBuffer = &output_SecBuffer_desc.pBuffers[0];
|
2012-02-24 06:26:00 +04:00
|
|
|
|
2012-03-16 04:48:38 +04:00
|
|
|
printf("BufferType: 0x%04X cbBuffer:%d\n", p_SecBuffer->BufferType, p_SecBuffer->cbBuffer);
|
2012-02-24 06:26:00 +04:00
|
|
|
|
2012-03-16 04:48:38 +04:00
|
|
|
freerdp_hexdump((uint8*) p_SecBuffer->pvBuffer, p_SecBuffer->cbBuffer);
|
2012-02-25 00:00:49 +04:00
|
|
|
|
|
|
|
table->FreeCredentialsHandle(&credentials);
|
2012-02-25 00:35:48 +04:00
|
|
|
|
|
|
|
FreeContextBuffer(pPackageInfo);
|
2012-02-24 00:56:50 +04:00
|
|
|
}
|
2012-02-24 06:26:00 +04:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|