libwinpr-sspi: fix server-side negotiate module
This commit is contained in:
parent
a37c6bb653
commit
66d2b3ed93
@ -492,7 +492,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(PCredHandle phCredential, P
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY ntlm_ImpersonateSecurityContext(PCtxtHandle phContext)
|
||||
{
|
||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||
return SEC_E_OK;
|
||||
}
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
|
||||
@ -689,7 +689,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesA(PCtxtHandle phContext, UL
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY ntlm_RevertSecurityContext(PCtxtHandle phContext)
|
||||
{
|
||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||
return SEC_E_OK;
|
||||
}
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
|
||||
|
@ -209,6 +209,38 @@ SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributesW(PCtxtHandle phContex
|
||||
return status;
|
||||
}
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY negotiate_ImpersonateSecurityContext(PCtxtHandle phContext)
|
||||
{
|
||||
NEGOTIATE_CONTEXT* context;
|
||||
SECURITY_STATUS status = SEC_E_OK;
|
||||
|
||||
context = (NEGOTIATE_CONTEXT*) sspi_SecureHandleGetLowerPointer(phContext);
|
||||
|
||||
if (!phContext)
|
||||
return SEC_E_INVALID_HANDLE;
|
||||
|
||||
if (context->sspiW->ImpersonateSecurityContext)
|
||||
status = context->sspiW->ImpersonateSecurityContext(&(context->Context));
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY negotiate_RevertSecurityContext(PCtxtHandle phContext)
|
||||
{
|
||||
NEGOTIATE_CONTEXT* context;
|
||||
SECURITY_STATUS status = SEC_E_OK;
|
||||
|
||||
context = (NEGOTIATE_CONTEXT*) sspi_SecureHandleGetLowerPointer(phContext);
|
||||
|
||||
if (!phContext)
|
||||
return SEC_E_INVALID_HANDLE;
|
||||
|
||||
if (context->sspiW->RevertSecurityContext)
|
||||
status = context->sspiW->RevertSecurityContext(&(context->Context));
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
|
||||
{
|
||||
NEGOTIATE_CONTEXT* context;
|
||||
@ -240,10 +272,28 @@ SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleW(SEC_WCHAR* pszPrin
|
||||
credentials = sspi_CredentialsNew();
|
||||
|
||||
if (!credentials)
|
||||
return SEC_E_INSUFFICIENT_MEMORY;
|
||||
return SEC_E_INTERNAL_ERROR;
|
||||
|
||||
identity = (SEC_WINNT_AUTH_IDENTITY*) pAuthData;
|
||||
|
||||
if (identity)
|
||||
CopyMemory(&(credentials->identity), identity, sizeof(SEC_WINNT_AUTH_IDENTITY));
|
||||
|
||||
sspi_SecureHandleSetLowerPointer(phCredential, (void*) credentials);
|
||||
sspi_SecureHandleSetUpperPointer(phCredential, (void*) NEGOTIATE_PACKAGE_NAME);
|
||||
|
||||
return SEC_E_OK;
|
||||
}
|
||||
else if (fCredentialUse == SECPKG_CRED_INBOUND)
|
||||
{
|
||||
credentials = sspi_CredentialsNew();
|
||||
|
||||
if (!credentials)
|
||||
return SEC_E_INTERNAL_ERROR;
|
||||
|
||||
identity = (SEC_WINNT_AUTH_IDENTITY*) pAuthData;
|
||||
|
||||
if (identity)
|
||||
CopyMemory(&(credentials->identity), identity, sizeof(SEC_WINNT_AUTH_IDENTITY));
|
||||
|
||||
sspi_SecureHandleSetLowerPointer(phCredential, (void*) credentials);
|
||||
@ -267,10 +317,28 @@ SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleA(SEC_CHAR* pszPrinc
|
||||
credentials = sspi_CredentialsNew();
|
||||
|
||||
if (!credentials)
|
||||
return SEC_E_INSUFFICIENT_MEMORY;
|
||||
return SEC_E_INTERNAL_ERROR;
|
||||
|
||||
identity = (SEC_WINNT_AUTH_IDENTITY*) pAuthData;
|
||||
|
||||
if (identity)
|
||||
CopyMemory(&(credentials->identity), identity, sizeof(SEC_WINNT_AUTH_IDENTITY));
|
||||
|
||||
sspi_SecureHandleSetLowerPointer(phCredential, (void*) credentials);
|
||||
sspi_SecureHandleSetUpperPointer(phCredential, (void*) NEGOTIATE_PACKAGE_NAME);
|
||||
|
||||
return SEC_E_OK;
|
||||
}
|
||||
else if (fCredentialUse == SECPKG_CRED_INBOUND)
|
||||
{
|
||||
credentials = sspi_CredentialsNew();
|
||||
|
||||
if (!credentials)
|
||||
return SEC_E_INTERNAL_ERROR;
|
||||
|
||||
identity = (SEC_WINNT_AUTH_IDENTITY*) pAuthData;
|
||||
|
||||
if (identity)
|
||||
CopyMemory(&(credentials->identity), identity, sizeof(SEC_WINNT_AUTH_IDENTITY));
|
||||
|
||||
sspi_SecureHandleSetLowerPointer(phCredential, (void*) credentials);
|
||||
@ -375,8 +443,8 @@ const SecurityFunctionTableA NEGOTIATE_SecurityFunctionTableA =
|
||||
negotiate_DeleteSecurityContext, /* DeleteSecurityContext */
|
||||
NULL, /* ApplyControlToken */
|
||||
negotiate_QueryContextAttributesA, /* QueryContextAttributes */
|
||||
NULL, /* ImpersonateSecurityContext */
|
||||
NULL, /* RevertSecurityContext */
|
||||
negotiate_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
|
||||
negotiate_RevertSecurityContext, /* RevertSecurityContext */
|
||||
negotiate_MakeSignature, /* MakeSignature */
|
||||
negotiate_VerifySignature, /* VerifySignature */
|
||||
NULL, /* FreeContextBuffer */
|
||||
@ -407,8 +475,8 @@ const SecurityFunctionTableW NEGOTIATE_SecurityFunctionTableW =
|
||||
negotiate_DeleteSecurityContext, /* DeleteSecurityContext */
|
||||
NULL, /* ApplyControlToken */
|
||||
negotiate_QueryContextAttributesW, /* QueryContextAttributes */
|
||||
NULL, /* ImpersonateSecurityContext */
|
||||
NULL, /* RevertSecurityContext */
|
||||
negotiate_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
|
||||
negotiate_RevertSecurityContext, /* RevertSecurityContext */
|
||||
negotiate_MakeSignature, /* MakeSignature */
|
||||
negotiate_VerifySignature, /* VerifySignature */
|
||||
NULL, /* FreeContextBuffer */
|
||||
|
@ -812,7 +812,26 @@ SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY winpr_ExportSecurityContext(PCtxtHandle phContext, ULONG fFlags, PSecBuffer pPackedContext, HANDLE* pToken)
|
||||
{
|
||||
SEC_CHAR* Name;
|
||||
SECURITY_STATUS status;
|
||||
SecurityFunctionTableW* table;
|
||||
|
||||
Name = (SEC_CHAR*) sspi_SecureHandleGetUpperPointer(phContext);
|
||||
|
||||
if (!Name)
|
||||
return SEC_E_SECPKG_NOT_FOUND;
|
||||
|
||||
table = sspi_GetSecurityFunctionTableWByNameA(Name);
|
||||
|
||||
if (!table)
|
||||
return SEC_E_SECPKG_NOT_FOUND;
|
||||
|
||||
if (!table->ExportSecurityContext)
|
||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||
|
||||
status = table->ExportSecurityContext(phContext, fFlags, pPackedContext, pToken);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY winpr_FreeCredentialsHandle(PCredHandle phCredential)
|
||||
@ -841,7 +860,26 @@ SECURITY_STATUS SEC_ENTRY winpr_FreeCredentialsHandle(PCredHandle phCredential)
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY winpr_ImportSecurityContextW(SEC_WCHAR* pszPackage, PSecBuffer pPackedContext, HANDLE pToken, PCtxtHandle phContext)
|
||||
{
|
||||
SEC_CHAR* Name;
|
||||
SECURITY_STATUS status;
|
||||
SecurityFunctionTableW* table;
|
||||
|
||||
Name = (SEC_CHAR*) sspi_SecureHandleGetUpperPointer(phContext);
|
||||
|
||||
if (!Name)
|
||||
return SEC_E_SECPKG_NOT_FOUND;
|
||||
|
||||
table = sspi_GetSecurityFunctionTableWByNameA(Name);
|
||||
|
||||
if (!table)
|
||||
return SEC_E_SECPKG_NOT_FOUND;
|
||||
|
||||
if (!table->ImportSecurityContextW)
|
||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||
|
||||
status = table->ImportSecurityContextW(pszPackage, pPackedContext, pToken, phContext);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
SECURITY_STATUS SEC_ENTRY winpr_ImportSecurityContextA(SEC_CHAR* pszPackage, PSecBuffer pPackedContext, HANDLE pToken, PCtxtHandle phContext)
|
||||
@ -1043,7 +1081,7 @@ SECURITY_STATUS SEC_ENTRY winpr_ImpersonateSecurityContext(PCtxtHandle phContext
|
||||
if (!table)
|
||||
return SEC_E_SECPKG_NOT_FOUND;
|
||||
|
||||
if (!table->ImportSecurityContextW)
|
||||
if (!table->ImpersonateSecurityContext)
|
||||
return SEC_E_UNSUPPORTED_FUNCTION;
|
||||
|
||||
status = table->ImpersonateSecurityContext(phContext);
|
||||
|
Loading…
Reference in New Issue
Block a user