More SSPI logging.
This commit is contained in:
parent
5b0ee9b7ab
commit
48ccf73a36
@ -54,19 +54,21 @@ BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, char* user, char* domain, char*
|
|||||||
|
|
||||||
if (status != SEC_E_OK)
|
if (status != SEC_E_OK)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "QuerySecurityPackageInfo status: 0x%08X", status);
|
WLog_ERR(TAG, "QuerySecurityPackageInfo status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken;
|
ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken;
|
||||||
|
|
||||||
status = ntlm->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME,
|
status = ntlm->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME,
|
||||||
SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL,
|
SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL,
|
||||||
&ntlm->credentials, &ntlm->expiration);
|
&ntlm->credentials, &ntlm->expiration);
|
||||||
|
|
||||||
if (status != SEC_E_OK)
|
if (status != SEC_E_OK)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "AcquireCredentialsHandle status: 0x%08X", status);
|
WLog_ERR(TAG, "AcquireCredentialsHandle status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -86,11 +88,11 @@ BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, char* user, char* domain, char*
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* flags for RPC authentication:
|
* flags for RPC authentication:
|
||||||
* RPC_C_AUTHN_LEVEL_PKT_INTEGRITY:
|
* RPC_C_AUTHN_LEVEL_PKT_INTEGRITY:
|
||||||
* ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH |
|
* ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH |
|
||||||
* ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT
|
* ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT
|
||||||
*/
|
*/
|
||||||
|
|
||||||
ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE;
|
ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE;
|
||||||
ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH;
|
ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH;
|
||||||
@ -223,21 +225,33 @@ BOOL ntlm_authenticate(rdpNtlm* ntlm)
|
|||||||
}
|
}
|
||||||
|
|
||||||
status = ntlm->table->InitializeSecurityContext(&ntlm->credentials,
|
status = ntlm->table->InitializeSecurityContext(&ntlm->credentials,
|
||||||
(ntlm->haveContext) ? &ntlm->context : NULL,
|
(ntlm->haveContext) ? &ntlm->context : NULL,
|
||||||
(ntlm->ServicePrincipalName) ? ntlm->ServicePrincipalName : NULL,
|
(ntlm->ServicePrincipalName) ? ntlm->ServicePrincipalName : NULL,
|
||||||
ntlm->fContextReq, 0, SECURITY_NATIVE_DREP,
|
ntlm->fContextReq, 0, SECURITY_NATIVE_DREP,
|
||||||
(ntlm->haveInputBuffer) ? &ntlm->inputBufferDesc : NULL,
|
(ntlm->haveInputBuffer) ? &ntlm->inputBufferDesc : NULL,
|
||||||
0, &ntlm->context, &ntlm->outputBufferDesc,
|
0, &ntlm->context, &ntlm->outputBufferDesc,
|
||||||
&ntlm->pfContextAttr, &ntlm->expiration);
|
&ntlm->pfContextAttr, &ntlm->expiration);
|
||||||
|
|
||||||
|
WLog_VRB(TAG, "InitializeSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
if ((status == SEC_I_COMPLETE_AND_CONTINUE) || (status == SEC_I_COMPLETE_NEEDED) || (status == SEC_E_OK))
|
if ((status == SEC_I_COMPLETE_AND_CONTINUE) || (status == SEC_I_COMPLETE_NEEDED) || (status == SEC_E_OK))
|
||||||
{
|
{
|
||||||
if (ntlm->table->CompleteAuthToken)
|
if (ntlm->table->CompleteAuthToken)
|
||||||
ntlm->table->CompleteAuthToken(&ntlm->context, &ntlm->outputBufferDesc);
|
|
||||||
|
|
||||||
if (ntlm->table->QueryContextAttributes(&ntlm->context, SECPKG_ATTR_SIZES, &ntlm->ContextSizes) != SEC_E_OK)
|
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "QueryContextAttributes SECPKG_ATTR_SIZES failure");
|
SECURITY_STATUS cStatus;
|
||||||
|
cStatus = ntlm->table->CompleteAuthToken(&ntlm->context, &ntlm->outputBufferDesc);
|
||||||
|
if (cStatus != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "CompleteAuthToken status %s [%08X]",
|
||||||
|
GetSecurityStatusString(cStatus), cStatus);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
status = ntlm->table->QueryContextAttributes(&ntlm->context, SECPKG_ATTR_SIZES, &ntlm->ContextSizes);
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_ERR(TAG, "QueryContextAttributes SECPKG_ATTR_SIZES failure %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -275,9 +289,26 @@ void ntlm_client_uninit(rdpNtlm* ntlm)
|
|||||||
|
|
||||||
if (ntlm->table)
|
if (ntlm->table)
|
||||||
{
|
{
|
||||||
ntlm->table->FreeCredentialsHandle(&ntlm->credentials);
|
SECURITY_STATUS status;
|
||||||
ntlm->table->FreeContextBuffer(ntlm->pPackageInfo);
|
|
||||||
ntlm->table->DeleteSecurityContext(&ntlm->context);
|
status = ntlm->table->FreeCredentialsHandle(&ntlm->credentials);
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "FreeCredentialsHandle status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
status = ntlm->table->FreeContextBuffer(ntlm->pPackageInfo);
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "FreeContextBuffer status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
status = ntlm->table->DeleteSecurityContext(&ntlm->context);
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "DeleteSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
ntlm->table = NULL;
|
ntlm->table = NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -132,37 +132,37 @@ int rpc_client_transition_to_state(rdpRpc* rpc, RPC_CLIENT_STATE state)
|
|||||||
|
|
||||||
switch (state)
|
switch (state)
|
||||||
{
|
{
|
||||||
case RPC_CLIENT_STATE_INITIAL:
|
case RPC_CLIENT_STATE_INITIAL:
|
||||||
str = "RPC_CLIENT_STATE_INITIAL";
|
str = "RPC_CLIENT_STATE_INITIAL";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RPC_CLIENT_STATE_ESTABLISHED:
|
case RPC_CLIENT_STATE_ESTABLISHED:
|
||||||
str = "RPC_CLIENT_STATE_ESTABLISHED";
|
str = "RPC_CLIENT_STATE_ESTABLISHED";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RPC_CLIENT_STATE_WAIT_SECURE_BIND_ACK:
|
case RPC_CLIENT_STATE_WAIT_SECURE_BIND_ACK:
|
||||||
str = "RPC_CLIENT_STATE_WAIT_SECURE_BIND_ACK";
|
str = "RPC_CLIENT_STATE_WAIT_SECURE_BIND_ACK";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RPC_CLIENT_STATE_WAIT_UNSECURE_BIND_ACK:
|
case RPC_CLIENT_STATE_WAIT_UNSECURE_BIND_ACK:
|
||||||
str = "RPC_CLIENT_STATE_WAIT_UNSECURE_BIND_ACK";
|
str = "RPC_CLIENT_STATE_WAIT_UNSECURE_BIND_ACK";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RPC_CLIENT_STATE_WAIT_SECURE_ALTER_CONTEXT_RESPONSE:
|
case RPC_CLIENT_STATE_WAIT_SECURE_ALTER_CONTEXT_RESPONSE:
|
||||||
str = "RPC_CLIENT_STATE_WAIT_SECURE_ALTER_CONTEXT_RESPONSE";
|
str = "RPC_CLIENT_STATE_WAIT_SECURE_ALTER_CONTEXT_RESPONSE";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RPC_CLIENT_STATE_CONTEXT_NEGOTIATED:
|
case RPC_CLIENT_STATE_CONTEXT_NEGOTIATED:
|
||||||
str = "RPC_CLIENT_STATE_CONTEXT_NEGOTIATED";
|
str = "RPC_CLIENT_STATE_CONTEXT_NEGOTIATED";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RPC_CLIENT_STATE_WAIT_RESPONSE:
|
case RPC_CLIENT_STATE_WAIT_RESPONSE:
|
||||||
str = "RPC_CLIENT_STATE_WAIT_RESPONSE";
|
str = "RPC_CLIENT_STATE_WAIT_RESPONSE";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case RPC_CLIENT_STATE_FINAL:
|
case RPC_CLIENT_STATE_FINAL:
|
||||||
str = "RPC_CLIENT_STATE_FINAL";
|
str = "RPC_CLIENT_STATE_FINAL";
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
rpc->State = state;
|
rpc->State = state;
|
||||||
@ -181,77 +181,77 @@ int rpc_client_recv_pdu(rdpRpc* rpc, RPC_PDU* pdu)
|
|||||||
{
|
{
|
||||||
switch (rpc->VirtualConnection->State)
|
switch (rpc->VirtualConnection->State)
|
||||||
{
|
{
|
||||||
case VIRTUAL_CONNECTION_STATE_INITIAL:
|
case VIRTUAL_CONNECTION_STATE_INITIAL:
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case VIRTUAL_CONNECTION_STATE_OUT_CHANNEL_WAIT:
|
case VIRTUAL_CONNECTION_STATE_OUT_CHANNEL_WAIT:
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case VIRTUAL_CONNECTION_STATE_WAIT_A3W:
|
case VIRTUAL_CONNECTION_STATE_WAIT_A3W:
|
||||||
|
|
||||||
rts = (rpcconn_rts_hdr_t*) Stream_Buffer(pdu->s);
|
rts = (rpcconn_rts_hdr_t*) Stream_Buffer(pdu->s);
|
||||||
|
|
||||||
if (!rts_match_pdu_signature(rpc, &RTS_PDU_CONN_A3_SIGNATURE, rts))
|
if (!rts_match_pdu_signature(rpc, &RTS_PDU_CONN_A3_SIGNATURE, rts))
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "unexpected RTS PDU: Expected CONN/A3");
|
WLog_ERR(TAG, "unexpected RTS PDU: Expected CONN/A3");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
status = rts_recv_CONN_A3_pdu(rpc, Stream_Buffer(pdu->s), Stream_Length(pdu->s));
|
status = rts_recv_CONN_A3_pdu(rpc, Stream_Buffer(pdu->s), Stream_Length(pdu->s));
|
||||||
|
|
||||||
if (status < 0)
|
if (status < 0)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "rts_recv_CONN_A3_pdu failure");
|
WLog_ERR(TAG, "rts_recv_CONN_A3_pdu failure");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rpc_virtual_connection_transition_to_state(rpc,
|
rpc_virtual_connection_transition_to_state(rpc,
|
||||||
rpc->VirtualConnection, VIRTUAL_CONNECTION_STATE_WAIT_C2);
|
rpc->VirtualConnection, VIRTUAL_CONNECTION_STATE_WAIT_C2);
|
||||||
|
|
||||||
status = 1;
|
status = 1;
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case VIRTUAL_CONNECTION_STATE_WAIT_C2:
|
case VIRTUAL_CONNECTION_STATE_WAIT_C2:
|
||||||
|
|
||||||
rts = (rpcconn_rts_hdr_t*) Stream_Buffer(pdu->s);
|
rts = (rpcconn_rts_hdr_t*) Stream_Buffer(pdu->s);
|
||||||
|
|
||||||
if (!rts_match_pdu_signature(rpc, &RTS_PDU_CONN_C2_SIGNATURE, rts))
|
if (!rts_match_pdu_signature(rpc, &RTS_PDU_CONN_C2_SIGNATURE, rts))
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "unexpected RTS PDU: Expected CONN/C2");
|
WLog_ERR(TAG, "unexpected RTS PDU: Expected CONN/C2");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
status = rts_recv_CONN_C2_pdu(rpc, Stream_Buffer(pdu->s), Stream_Length(pdu->s));
|
status = rts_recv_CONN_C2_pdu(rpc, Stream_Buffer(pdu->s), Stream_Length(pdu->s));
|
||||||
|
|
||||||
if (status < 0)
|
if (status < 0)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "rts_recv_CONN_C2_pdu failure");
|
WLog_ERR(TAG, "rts_recv_CONN_C2_pdu failure");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rpc_virtual_connection_transition_to_state(rpc,
|
rpc_virtual_connection_transition_to_state(rpc,
|
||||||
rpc->VirtualConnection, VIRTUAL_CONNECTION_STATE_OPENED);
|
rpc->VirtualConnection, VIRTUAL_CONNECTION_STATE_OPENED);
|
||||||
|
|
||||||
rpc_client_transition_to_state(rpc, RPC_CLIENT_STATE_ESTABLISHED);
|
rpc_client_transition_to_state(rpc, RPC_CLIENT_STATE_ESTABLISHED);
|
||||||
|
|
||||||
if (rpc_send_bind_pdu(rpc) < 0)
|
if (rpc_send_bind_pdu(rpc) < 0)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "rpc_send_bind_pdu failure");
|
WLog_ERR(TAG, "rpc_send_bind_pdu failure");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rpc_client_transition_to_state(rpc, RPC_CLIENT_STATE_WAIT_SECURE_BIND_ACK);
|
rpc_client_transition_to_state(rpc, RPC_CLIENT_STATE_WAIT_SECURE_BIND_ACK);
|
||||||
|
|
||||||
status = 1;
|
status = 1;
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case VIRTUAL_CONNECTION_STATE_OPENED:
|
case VIRTUAL_CONNECTION_STATE_OPENED:
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case VIRTUAL_CONNECTION_STATE_FINAL:
|
case VIRTUAL_CONNECTION_STATE_FINAL:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if (rpc->State < RPC_CLIENT_STATE_CONTEXT_NEGOTIATED)
|
else if (rpc->State < RPC_CLIENT_STATE_CONTEXT_NEGOTIATED)
|
||||||
@ -361,7 +361,7 @@ int rpc_client_recv_fragment(rdpRpc* rpc, wStream* fragment)
|
|||||||
if (rpc->StubCallId != header->common.call_id)
|
if (rpc->StubCallId != header->common.call_id)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "invalid call_id: actual: %d, expected: %d, frag_count: %d",
|
WLog_ERR(TAG, "invalid call_id: actual: %d, expected: %d, frag_count: %d",
|
||||||
rpc->StubCallId, header->common.call_id, rpc->StubFragCount);
|
rpc->StubCallId, header->common.call_id, rpc->StubFragCount);
|
||||||
}
|
}
|
||||||
|
|
||||||
call = rpc_client_call_find_by_id(rpc, rpc->StubCallId);
|
call = rpc_client_call_find_by_id(rpc, rpc->StubCallId);
|
||||||
@ -503,7 +503,7 @@ int rpc_client_default_out_channel_recv(rdpRpc* rpc)
|
|||||||
rpc_ncacn_http_ntlm_uninit(rpc, (RpcChannel*)outChannel);
|
rpc_ncacn_http_ntlm_uninit(rpc, (RpcChannel*)outChannel);
|
||||||
|
|
||||||
rpc_out_channel_transition_to_state(outChannel,
|
rpc_out_channel_transition_to_state(outChannel,
|
||||||
CLIENT_OUT_CHANNEL_STATE_NEGOTIATED);
|
CLIENT_OUT_CHANNEL_STATE_NEGOTIATED);
|
||||||
|
|
||||||
/* Send CONN/A1 PDU over OUT channel */
|
/* Send CONN/A1 PDU over OUT channel */
|
||||||
|
|
||||||
@ -514,12 +514,12 @@ int rpc_client_default_out_channel_recv(rdpRpc* rpc)
|
|||||||
}
|
}
|
||||||
|
|
||||||
rpc_out_channel_transition_to_state(outChannel,
|
rpc_out_channel_transition_to_state(outChannel,
|
||||||
CLIENT_OUT_CHANNEL_STATE_OPENED);
|
CLIENT_OUT_CHANNEL_STATE_OPENED);
|
||||||
|
|
||||||
if (inChannel->State == CLIENT_IN_CHANNEL_STATE_OPENED)
|
if (inChannel->State == CLIENT_IN_CHANNEL_STATE_OPENED)
|
||||||
{
|
{
|
||||||
rpc_virtual_connection_transition_to_state(rpc,
|
rpc_virtual_connection_transition_to_state(rpc,
|
||||||
connection, VIRTUAL_CONNECTION_STATE_OUT_CHANNEL_WAIT);
|
connection, VIRTUAL_CONNECTION_STATE_OUT_CHANNEL_WAIT);
|
||||||
}
|
}
|
||||||
|
|
||||||
status = 1;
|
status = 1;
|
||||||
@ -559,7 +559,7 @@ int rpc_client_default_out_channel_recv(rdpRpc* rpc)
|
|||||||
http_response_free(response);
|
http_response_free(response);
|
||||||
|
|
||||||
rpc_virtual_connection_transition_to_state(rpc,
|
rpc_virtual_connection_transition_to_state(rpc,
|
||||||
rpc->VirtualConnection, VIRTUAL_CONNECTION_STATE_WAIT_A3W);
|
rpc->VirtualConnection, VIRTUAL_CONNECTION_STATE_WAIT_A3W);
|
||||||
|
|
||||||
status = 1;
|
status = 1;
|
||||||
}
|
}
|
||||||
@ -575,7 +575,7 @@ int rpc_client_default_out_channel_recv(rdpRpc* rpc)
|
|||||||
while (Stream_GetPosition(fragment) < RPC_COMMON_FIELDS_LENGTH)
|
while (Stream_GetPosition(fragment) < RPC_COMMON_FIELDS_LENGTH)
|
||||||
{
|
{
|
||||||
status = rpc_out_channel_read(outChannel, Stream_Pointer(fragment),
|
status = rpc_out_channel_read(outChannel, Stream_Pointer(fragment),
|
||||||
RPC_COMMON_FIELDS_LENGTH - Stream_GetPosition(fragment));
|
RPC_COMMON_FIELDS_LENGTH - Stream_GetPosition(fragment));
|
||||||
|
|
||||||
if (status < 0)
|
if (status < 0)
|
||||||
return -1;
|
return -1;
|
||||||
@ -594,7 +594,7 @@ int rpc_client_default_out_channel_recv(rdpRpc* rpc)
|
|||||||
if (header->frag_length > rpc->max_recv_frag)
|
if (header->frag_length > rpc->max_recv_frag)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "rpc_client_recv: invalid fragment size: %d (max: %d)",
|
WLog_ERR(TAG, "rpc_client_recv: invalid fragment size: %d (max: %d)",
|
||||||
header->frag_length, rpc->max_recv_frag);
|
header->frag_length, rpc->max_recv_frag);
|
||||||
winpr_HexDump(TAG, WLOG_ERROR, Stream_Buffer(fragment), Stream_GetPosition(fragment));
|
winpr_HexDump(TAG, WLOG_ERROR, Stream_Buffer(fragment), Stream_GetPosition(fragment));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -602,7 +602,7 @@ int rpc_client_default_out_channel_recv(rdpRpc* rpc)
|
|||||||
while (Stream_GetPosition(fragment) < header->frag_length)
|
while (Stream_GetPosition(fragment) < header->frag_length)
|
||||||
{
|
{
|
||||||
status = rpc_out_channel_read(outChannel, Stream_Pointer(fragment),
|
status = rpc_out_channel_read(outChannel, Stream_Pointer(fragment),
|
||||||
header->frag_length - Stream_GetPosition(fragment));
|
header->frag_length - Stream_GetPosition(fragment));
|
||||||
|
|
||||||
if (status < 0)
|
if (status < 0)
|
||||||
{
|
{
|
||||||
@ -778,7 +778,7 @@ int rpc_client_in_channel_recv(rdpRpc* rpc)
|
|||||||
rpc_ncacn_http_ntlm_uninit(rpc, (RpcChannel*) inChannel);
|
rpc_ncacn_http_ntlm_uninit(rpc, (RpcChannel*) inChannel);
|
||||||
|
|
||||||
rpc_in_channel_transition_to_state(inChannel,
|
rpc_in_channel_transition_to_state(inChannel,
|
||||||
CLIENT_IN_CHANNEL_STATE_NEGOTIATED);
|
CLIENT_IN_CHANNEL_STATE_NEGOTIATED);
|
||||||
|
|
||||||
/* Send CONN/B1 PDU over IN channel */
|
/* Send CONN/B1 PDU over IN channel */
|
||||||
|
|
||||||
@ -789,12 +789,12 @@ int rpc_client_in_channel_recv(rdpRpc* rpc)
|
|||||||
}
|
}
|
||||||
|
|
||||||
rpc_in_channel_transition_to_state(inChannel,
|
rpc_in_channel_transition_to_state(inChannel,
|
||||||
CLIENT_IN_CHANNEL_STATE_OPENED);
|
CLIENT_IN_CHANNEL_STATE_OPENED);
|
||||||
|
|
||||||
if (outChannel->State == CLIENT_OUT_CHANNEL_STATE_OPENED)
|
if (outChannel->State == CLIENT_OUT_CHANNEL_STATE_OPENED)
|
||||||
{
|
{
|
||||||
rpc_virtual_connection_transition_to_state(rpc,
|
rpc_virtual_connection_transition_to_state(rpc,
|
||||||
connection, VIRTUAL_CONNECTION_STATE_OUT_CHANNEL_WAIT);
|
connection, VIRTUAL_CONNECTION_STATE_OUT_CHANNEL_WAIT);
|
||||||
}
|
}
|
||||||
|
|
||||||
status = 1;
|
status = 1;
|
||||||
@ -883,11 +883,11 @@ int rpc_in_channel_send_pdu(RpcInChannel* inChannel, BYTE* buffer, UINT32 length
|
|||||||
clientCall->State = RPC_CLIENT_CALL_STATE_DISPATCHED;
|
clientCall->State = RPC_CLIENT_CALL_STATE_DISPATCHED;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* This protocol specifies that only RPC PDUs are subject to the flow control abstract
|
* This protocol specifies that only RPC PDUs are subject to the flow control abstract
|
||||||
* data model. RTS PDUs and the HTTP request and response headers are not subject to flow control.
|
* data model. RTS PDUs and the HTTP request and response headers are not subject to flow control.
|
||||||
* Implementations of this protocol MUST NOT include them when computing any of the variables
|
* Implementations of this protocol MUST NOT include them when computing any of the variables
|
||||||
* specified by this abstract data model.
|
* specified by this abstract data model.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (header->ptype == PTYPE_REQUEST)
|
if (header->ptype == PTYPE_REQUEST)
|
||||||
{
|
{
|
||||||
@ -900,6 +900,7 @@ int rpc_in_channel_send_pdu(RpcInChannel* inChannel, BYTE* buffer, UINT32 length
|
|||||||
|
|
||||||
int rpc_client_write_call(rdpRpc* rpc, BYTE* data, int length, UINT16 opnum)
|
int rpc_client_write_call(rdpRpc* rpc, BYTE* data, int length, UINT16 opnum)
|
||||||
{
|
{
|
||||||
|
SECURITY_STATUS status;
|
||||||
UINT32 offset;
|
UINT32 offset;
|
||||||
BYTE* buffer = NULL;
|
BYTE* buffer = NULL;
|
||||||
UINT32 stub_data_pad;
|
UINT32 stub_data_pad;
|
||||||
@ -918,9 +919,11 @@ int rpc_client_write_call(rdpRpc* rpc, BYTE* data, int length, UINT16 opnum)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ntlm->table->QueryContextAttributes(&ntlm->context, SECPKG_ATTR_SIZES, &ntlm->ContextSizes) != SEC_E_OK)
|
status = ntlm->table->QueryContextAttributes(&ntlm->context, SECPKG_ATTR_SIZES, &ntlm->ContextSizes);
|
||||||
|
if (status != SEC_E_OK)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "QueryContextAttributes SECPKG_ATTR_SIZES failure");
|
WLog_ERR(TAG, "QueryContextAttributes SECPKG_ATTR_SIZES failure %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -994,7 +997,8 @@ int rpc_client_write_call(rdpRpc* rpc, BYTE* data, int length, UINT16 opnum)
|
|||||||
|
|
||||||
if (encrypt_status != SEC_E_OK)
|
if (encrypt_status != SEC_E_OK)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "EncryptMessage status: 0x%08X", encrypt_status);
|
WLog_ERR(TAG, "EncryptMessage status %s [%08X]",
|
||||||
|
GetSecurityStatusString(encrypt_status), encrypt_status);
|
||||||
goto out_free_pdu;
|
goto out_free_pdu;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -27,6 +27,8 @@
|
|||||||
#include "negotiate.h"
|
#include "negotiate.h"
|
||||||
|
|
||||||
#include "../sspi.h"
|
#include "../sspi.h"
|
||||||
|
#include "../log.h"
|
||||||
|
#define TAG WINPR_TAG("negociate")
|
||||||
|
|
||||||
extern const SecurityFunctionTableA NTLM_SecurityFunctionTableA;
|
extern const SecurityFunctionTableA NTLM_SecurityFunctionTableA;
|
||||||
extern const SecurityFunctionTableW NTLM_SecurityFunctionTableW;
|
extern const SecurityFunctionTableW NTLM_SecurityFunctionTableW;
|
||||||
@ -59,9 +61,9 @@ void negotiate_ContextFree(NEGOTIATE_CONTEXT* context)
|
|||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
|
SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
|
||||||
SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
||||||
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
||||||
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
NEGOTIATE_CONTEXT* context;
|
NEGOTIATE_CONTEXT* context;
|
||||||
@ -80,16 +82,16 @@ SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW(PCredHandle phCre
|
|||||||
}
|
}
|
||||||
|
|
||||||
status = context->sspiW->InitializeSecurityContextW(phCredential, &(context->SubContext),
|
status = context->sspiW->InitializeSecurityContextW(phCredential, &(context->SubContext),
|
||||||
pszTargetName, fContextReq, Reserved1, TargetDataRep, pInput, Reserved2, &(context->SubContext),
|
pszTargetName, fContextReq, Reserved1, TargetDataRep, pInput, Reserved2, &(context->SubContext),
|
||||||
pOutput, pfContextAttr, ptsExpiry);
|
pOutput, pfContextAttr, ptsExpiry);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
|
SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
|
||||||
SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
||||||
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
||||||
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
NEGOTIATE_CONTEXT* context;
|
NEGOTIATE_CONTEXT* context;
|
||||||
@ -108,15 +110,15 @@ SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextA(PCredHandle phCre
|
|||||||
}
|
}
|
||||||
|
|
||||||
status = context->sspiA->InitializeSecurityContextA(phCredential, &(context->SubContext),
|
status = context->sspiA->InitializeSecurityContextA(phCredential, &(context->SubContext),
|
||||||
pszTargetName, fContextReq, Reserved1, TargetDataRep, pInput, Reserved2, &(context->SubContext),
|
pszTargetName, fContextReq, Reserved1, TargetDataRep, pInput, Reserved2, &(context->SubContext),
|
||||||
pOutput, pfContextAttr, ptsExpiry);
|
pOutput, pfContextAttr, ptsExpiry);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY negotiate_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
|
SECURITY_STATUS SEC_ENTRY negotiate_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
|
||||||
PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
|
PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
|
||||||
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
|
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
|
||||||
{
|
{
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
NEGOTIATE_CONTEXT* context;
|
NEGOTIATE_CONTEXT* context;
|
||||||
@ -135,9 +137,14 @@ SECURITY_STATUS SEC_ENTRY negotiate_AcceptSecurityContext(PCredHandle phCredenti
|
|||||||
}
|
}
|
||||||
|
|
||||||
status = context->sspiA->AcceptSecurityContext(phCredential, &(context->SubContext),
|
status = context->sspiA->AcceptSecurityContext(phCredential, &(context->SubContext),
|
||||||
pInput, fContextReq, TargetDataRep, &(context->SubContext),
|
pInput, fContextReq, TargetDataRep, &(context->SubContext),
|
||||||
pOutput, pfContextAttr, ptsTimeStamp);
|
pOutput, pfContextAttr, ptsTimeStamp);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "AcceptSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -284,15 +291,15 @@ SECURITY_STATUS SEC_ENTRY negotiate_SetContextAttributesA(PCtxtHandle phContext,
|
|||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
|
SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
|
||||||
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
||||||
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SSPI_CREDENTIALS* credentials;
|
SSPI_CREDENTIALS* credentials;
|
||||||
SEC_WINNT_AUTH_IDENTITY* identity;
|
SEC_WINNT_AUTH_IDENTITY* identity;
|
||||||
|
|
||||||
if ((fCredentialUse != SECPKG_CRED_OUTBOUND) &&
|
if ((fCredentialUse != SECPKG_CRED_OUTBOUND) &&
|
||||||
(fCredentialUse != SECPKG_CRED_INBOUND) &&
|
(fCredentialUse != SECPKG_CRED_INBOUND) &&
|
||||||
(fCredentialUse != SECPKG_CRED_BOTH))
|
(fCredentialUse != SECPKG_CRED_BOTH))
|
||||||
{
|
{
|
||||||
return SEC_E_INVALID_PARAMETER;
|
return SEC_E_INVALID_PARAMETER;
|
||||||
}
|
}
|
||||||
@ -318,15 +325,15 @@ SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleW(SEC_WCHAR* pszPrin
|
|||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
|
SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
|
||||||
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
||||||
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SSPI_CREDENTIALS* credentials;
|
SSPI_CREDENTIALS* credentials;
|
||||||
SEC_WINNT_AUTH_IDENTITY* identity;
|
SEC_WINNT_AUTH_IDENTITY* identity;
|
||||||
|
|
||||||
if ((fCredentialUse != SECPKG_CRED_OUTBOUND) &&
|
if ((fCredentialUse != SECPKG_CRED_OUTBOUND) &&
|
||||||
(fCredentialUse != SECPKG_CRED_INBOUND) &&
|
(fCredentialUse != SECPKG_CRED_INBOUND) &&
|
||||||
(fCredentialUse != SECPKG_CRED_BOTH))
|
(fCredentialUse != SECPKG_CRED_BOTH))
|
||||||
{
|
{
|
||||||
return SEC_E_INVALID_PARAMETER;
|
return SEC_E_INVALID_PARAMETER;
|
||||||
}
|
}
|
||||||
|
@ -37,6 +37,9 @@
|
|||||||
|
|
||||||
#include "sspi_winpr.h"
|
#include "sspi_winpr.h"
|
||||||
|
|
||||||
|
#include "../log.h"
|
||||||
|
#define TAG WINPR_TAG("sspi")
|
||||||
|
|
||||||
/* Authentication Functions: http://msdn.microsoft.com/en-us/library/windows/desktop/aa374731/ */
|
/* Authentication Functions: http://msdn.microsoft.com/en-us/library/windows/desktop/aa374731/ */
|
||||||
|
|
||||||
extern const SecPkgInfoA NTLM_SecPkgInfoA;
|
extern const SecPkgInfoA NTLM_SecPkgInfoA;
|
||||||
@ -399,7 +402,7 @@ int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDEN
|
|||||||
if (srcIdentity->Flags == SEC_WINNT_AUTH_IDENTITY_ANSI)
|
if (srcIdentity->Flags == SEC_WINNT_AUTH_IDENTITY_ANSI)
|
||||||
{
|
{
|
||||||
status = sspi_SetAuthIdentity(identity, (char*) srcIdentity->User,
|
status = sspi_SetAuthIdentity(identity, (char*) srcIdentity->User,
|
||||||
(char*) srcIdentity->Domain, (char*) srcIdentity->Password);
|
(char*) srcIdentity->Domain, (char*) srcIdentity->Password);
|
||||||
|
|
||||||
if (status <= 0)
|
if (status <= 0)
|
||||||
return -1;
|
return -1;
|
||||||
@ -580,13 +583,13 @@ void sspi_ContextBufferFree(void* contextBuffer)
|
|||||||
|
|
||||||
switch (allocatorIndex)
|
switch (allocatorIndex)
|
||||||
{
|
{
|
||||||
case EnumerateSecurityPackagesIndex:
|
case EnumerateSecurityPackagesIndex:
|
||||||
FreeContextBuffer_EnumerateSecurityPackages(contextBuffer);
|
FreeContextBuffer_EnumerateSecurityPackages(contextBuffer);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case QuerySecurityPackageInfoIndex:
|
case QuerySecurityPackageInfoIndex:
|
||||||
FreeContextBuffer_QuerySecurityPackageInfo(contextBuffer);
|
FreeContextBuffer_QuerySecurityPackageInfo(contextBuffer);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -786,8 +789,8 @@ void FreeContextBuffer_QuerySecurityPackageInfo(void* contextBuffer)
|
|||||||
/* Credential Management */
|
/* Credential Management */
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
|
SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
|
||||||
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
||||||
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
SecurityFunctionTableW* table = sspi_GetSecurityFunctionTableWByNameW(pszPackage);
|
SecurityFunctionTableW* table = sspi_GetSecurityFunctionTableWByNameW(pszPackage);
|
||||||
@ -799,14 +802,19 @@ SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipa
|
|||||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||||
|
|
||||||
status = table->AcquireCredentialsHandleW(pszPrincipal, pszPackage, fCredentialUse,
|
status = table->AcquireCredentialsHandleW(pszPrincipal, pszPackage, fCredentialUse,
|
||||||
pvLogonID, pAuthData, pGetKeyFn, pvGetKeyArgument, phCredential, ptsExpiry);
|
pvLogonID, pAuthData, pGetKeyFn, pvGetKeyArgument, phCredential, ptsExpiry);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "AcquireCredentialsHandleW status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
|
SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
|
||||||
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn,
|
||||||
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
SecurityFunctionTableA* table = sspi_GetSecurityFunctionTableAByNameA(pszPackage);
|
SecurityFunctionTableA* table = sspi_GetSecurityFunctionTableAByNameA(pszPackage);
|
||||||
@ -818,7 +826,13 @@ SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal
|
|||||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||||
|
|
||||||
status = table->AcquireCredentialsHandleA(pszPrincipal, pszPackage, fCredentialUse,
|
status = table->AcquireCredentialsHandleA(pszPrincipal, pszPackage, fCredentialUse,
|
||||||
pvLogonID, pAuthData, pGetKeyFn, pvGetKeyArgument, phCredential, ptsExpiry);
|
pvLogonID, pAuthData, pGetKeyFn, pvGetKeyArgument, phCredential, ptsExpiry);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "AcquireCredentialsHandleA status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
@ -844,6 +858,12 @@ SECURITY_STATUS SEC_ENTRY winpr_ExportSecurityContext(PCtxtHandle phContext, ULO
|
|||||||
|
|
||||||
status = table->ExportSecurityContext(phContext, fFlags, pPackedContext, pToken);
|
status = table->ExportSecurityContext(phContext, fFlags, pPackedContext, pToken);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "ExportSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -868,6 +888,11 @@ SECURITY_STATUS SEC_ENTRY winpr_FreeCredentialsHandle(PCredHandle phCredential)
|
|||||||
|
|
||||||
status = table->FreeCredentialsHandle(phCredential);
|
status = table->FreeCredentialsHandle(phCredential);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "FreeCredentialsHandle status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -892,6 +917,12 @@ SECURITY_STATUS SEC_ENTRY winpr_ImportSecurityContextW(SEC_WCHAR* pszPackage, PS
|
|||||||
|
|
||||||
status = table->ImportSecurityContextW(pszPackage, pPackedContext, pToken, phContext);
|
status = table->ImportSecurityContextW(pszPackage, pPackedContext, pToken, phContext);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "ImportSecurityContextW status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -916,6 +947,12 @@ SECURITY_STATUS SEC_ENTRY winpr_ImportSecurityContextA(SEC_CHAR* pszPackage, PSe
|
|||||||
|
|
||||||
status = table->ImportSecurityContextA(pszPackage, pPackedContext, pToken, phContext);
|
status = table->ImportSecurityContextA(pszPackage, pPackedContext, pToken, phContext);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "ImportSecurityContextA status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -940,6 +977,12 @@ SECURITY_STATUS SEC_ENTRY winpr_QueryCredentialsAttributesW(PCredHandle phCreden
|
|||||||
|
|
||||||
status = table->QueryCredentialsAttributesW(phCredential, ulAttribute, pBuffer);
|
status = table->QueryCredentialsAttributesW(phCredential, ulAttribute, pBuffer);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "QueryCredentialsAttributesW status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -964,14 +1007,20 @@ SECURITY_STATUS SEC_ENTRY winpr_QueryCredentialsAttributesA(PCredHandle phCreden
|
|||||||
|
|
||||||
status = table->QueryCredentialsAttributesA(phCredential, ulAttribute, pBuffer);
|
status = table->QueryCredentialsAttributesA(phCredential, ulAttribute, pBuffer);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "QueryCredentialsAttributesA status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Context Management */
|
/* Context Management */
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY winpr_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
|
SECURITY_STATUS SEC_ENTRY winpr_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
|
||||||
PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
|
PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
|
||||||
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
|
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
|
||||||
{
|
{
|
||||||
char* Name;
|
char* Name;
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
@ -991,7 +1040,13 @@ SECURITY_STATUS SEC_ENTRY winpr_AcceptSecurityContext(PCredHandle phCredential,
|
|||||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||||
|
|
||||||
status = table->AcceptSecurityContext(phCredential, phContext, pInput, fContextReq,
|
status = table->AcceptSecurityContext(phCredential, phContext, pInput, fContextReq,
|
||||||
TargetDataRep, phNewContext, pOutput, pfContextAttr, ptsTimeStamp);
|
TargetDataRep, phNewContext, pOutput, pfContextAttr, ptsTimeStamp);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "AcceptSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
@ -1017,6 +1072,12 @@ SECURITY_STATUS SEC_ENTRY winpr_ApplyControlToken(PCtxtHandle phContext, PSecBuf
|
|||||||
|
|
||||||
status = table->ApplyControlToken(phContext, pInput);
|
status = table->ApplyControlToken(phContext, pInput);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "ApplyControlToken status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1041,6 +1102,12 @@ SECURITY_STATUS SEC_ENTRY winpr_CompleteAuthToken(PCtxtHandle phContext, PSecBuf
|
|||||||
|
|
||||||
status = table->CompleteAuthToken(phContext, pToken);
|
status = table->CompleteAuthToken(phContext, pToken);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "CompleteAuthToken status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1065,6 +1132,12 @@ SECURITY_STATUS SEC_ENTRY winpr_DeleteSecurityContext(PCtxtHandle phContext)
|
|||||||
|
|
||||||
status = table->DeleteSecurityContext(phContext);
|
status = table->DeleteSecurityContext(phContext);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "DeleteSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1099,13 +1172,19 @@ SECURITY_STATUS SEC_ENTRY winpr_ImpersonateSecurityContext(PCtxtHandle phContext
|
|||||||
|
|
||||||
status = table->ImpersonateSecurityContext(phContext);
|
status = table->ImpersonateSecurityContext(phContext);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "ImpersonateSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY winpr_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
|
SECURITY_STATUS SEC_ENTRY winpr_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
|
||||||
SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
||||||
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
||||||
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SEC_CHAR* Name;
|
SEC_CHAR* Name;
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
@ -1125,16 +1204,22 @@ SECURITY_STATUS SEC_ENTRY winpr_InitializeSecurityContextW(PCredHandle phCredent
|
|||||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||||
|
|
||||||
status = table->InitializeSecurityContextW(phCredential, phContext,
|
status = table->InitializeSecurityContextW(phCredential, phContext,
|
||||||
pszTargetName, fContextReq, Reserved1, TargetDataRep,
|
pszTargetName, fContextReq, Reserved1, TargetDataRep,
|
||||||
pInput, Reserved2, phNewContext, pOutput, pfContextAttr, ptsExpiry);
|
pInput, Reserved2, phNewContext, pOutput, pfContextAttr, ptsExpiry);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "InitializeSecurityContextW status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
SECURITY_STATUS SEC_ENTRY winpr_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
|
SECURITY_STATUS SEC_ENTRY winpr_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
|
||||||
SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
|
||||||
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
|
||||||
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
|
||||||
{
|
{
|
||||||
SEC_CHAR* Name;
|
SEC_CHAR* Name;
|
||||||
SECURITY_STATUS status;
|
SECURITY_STATUS status;
|
||||||
@ -1154,8 +1239,14 @@ SECURITY_STATUS SEC_ENTRY winpr_InitializeSecurityContextA(PCredHandle phCredent
|
|||||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||||
|
|
||||||
status = table->InitializeSecurityContextA(phCredential, phContext,
|
status = table->InitializeSecurityContextA(phCredential, phContext,
|
||||||
pszTargetName, fContextReq, Reserved1, TargetDataRep,
|
pszTargetName, fContextReq, Reserved1, TargetDataRep,
|
||||||
pInput, Reserved2, phNewContext, pOutput, pfContextAttr, ptsExpiry);
|
pInput, Reserved2, phNewContext, pOutput, pfContextAttr, ptsExpiry);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "InitializeSecurityContextA status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
@ -1181,6 +1272,12 @@ SECURITY_STATUS SEC_ENTRY winpr_QueryContextAttributesW(PCtxtHandle phContext, U
|
|||||||
|
|
||||||
status = table->QueryContextAttributesW(phContext, ulAttribute, pBuffer);
|
status = table->QueryContextAttributesW(phContext, ulAttribute, pBuffer);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "QueryContextAttributesW status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1205,6 +1302,12 @@ SECURITY_STATUS SEC_ENTRY winpr_QueryContextAttributesA(PCtxtHandle phContext, U
|
|||||||
|
|
||||||
status = table->QueryContextAttributesA(phContext, ulAttribute, pBuffer);
|
status = table->QueryContextAttributesA(phContext, ulAttribute, pBuffer);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "QueryContextAttributesA status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1229,6 +1332,12 @@ SECURITY_STATUS SEC_ENTRY winpr_QuerySecurityContextToken(PCtxtHandle phContext,
|
|||||||
|
|
||||||
status = table->QuerySecurityContextToken(phContext, phToken);
|
status = table->QuerySecurityContextToken(phContext, phToken);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "QuerySecurityContextToken status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1253,6 +1362,12 @@ SECURITY_STATUS SEC_ENTRY winpr_SetContextAttributesW(PCtxtHandle phContext, ULO
|
|||||||
|
|
||||||
status = table->SetContextAttributesW(phContext, ulAttribute, pBuffer, cbBuffer);
|
status = table->SetContextAttributesW(phContext, ulAttribute, pBuffer, cbBuffer);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "SetContextAttributesW status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1277,6 +1392,12 @@ SECURITY_STATUS SEC_ENTRY winpr_SetContextAttributesA(PCtxtHandle phContext, ULO
|
|||||||
|
|
||||||
status = table->SetContextAttributesA(phContext, ulAttribute, pBuffer, cbBuffer);
|
status = table->SetContextAttributesA(phContext, ulAttribute, pBuffer, cbBuffer);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "SetContextAttributesA status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1301,6 +1422,12 @@ SECURITY_STATUS SEC_ENTRY winpr_RevertSecurityContext(PCtxtHandle phContext)
|
|||||||
|
|
||||||
status = table->RevertSecurityContext(phContext);
|
status = table->RevertSecurityContext(phContext);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "RevertSecurityContext status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1327,6 +1454,12 @@ SECURITY_STATUS SEC_ENTRY winpr_DecryptMessage(PCtxtHandle phContext, PSecBuffer
|
|||||||
|
|
||||||
status = table->DecryptMessage(phContext, pMessage, MessageSeqNo, pfQOP);
|
status = table->DecryptMessage(phContext, pMessage, MessageSeqNo, pfQOP);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "DecryptMessage status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1351,6 +1484,12 @@ SECURITY_STATUS SEC_ENTRY winpr_EncryptMessage(PCtxtHandle phContext, ULONG fQOP
|
|||||||
|
|
||||||
status = table->EncryptMessage(phContext, fQOP, pMessage, MessageSeqNo);
|
status = table->EncryptMessage(phContext, fQOP, pMessage, MessageSeqNo);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_ERR(TAG, "EncryptMessage status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1375,6 +1514,12 @@ SECURITY_STATUS SEC_ENTRY winpr_MakeSignature(PCtxtHandle phContext, ULONG fQOP,
|
|||||||
|
|
||||||
status = table->MakeSignature(phContext, fQOP, pMessage, MessageSeqNo);
|
status = table->MakeSignature(phContext, fQOP, pMessage, MessageSeqNo);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "MakeSignature status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1399,6 +1544,12 @@ SECURITY_STATUS SEC_ENTRY winpr_VerifySignature(PCtxtHandle phContext, PSecBuffe
|
|||||||
|
|
||||||
status = table->VerifySignature(phContext, pMessage, MessageSeqNo, pfQOP);
|
status = table->VerifySignature(phContext, pMessage, MessageSeqNo, pfQOP);
|
||||||
|
|
||||||
|
if (status != SEC_E_OK)
|
||||||
|
{
|
||||||
|
WLog_WARN(TAG, "VerifySignature status %s [%08X]",
|
||||||
|
GetSecurityStatusString(status), status);
|
||||||
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user