winpr: isolate OpenSSL

2015-10-06 10:56:24 -04:00 · 2015-10-06 10:56:24 -04:00 · ac62d43e0f
commit ac62d43e0f
parent 94a2f9533e
10 changed files with 212 additions and 71 deletions
--- a/winpr/CMakeLists.txt
+++ b/winpr/CMakeLists.txt
@ -28,6 +28,7 @@ endif()
 # Include cmake modules
 include(CheckIncludeFiles)
 include(CheckLibraryExists)
+include(CheckSymbolExists)
 include(CheckStructHasMember)
 include(FindPkgConfig)
 include(TestBigEndian)
@ -40,6 +41,8 @@ include(CheckCmakeCompat)
 include(FindFeature)
 include(AutoVersioning)
 include(ConfigOptions)
+include(ComplexLibrary)
+include(FeatureSummary)
 include(CheckCCompilerFlag)
 include(GNUInstallDirsWrapper)
 include(CMakePackageConfigHelpers)
@ -50,7 +53,80 @@ set(WINPR_VERSION_MINOR "1")
 set(WINPR_VERSION_REVISION "0")
 set(WINPR_VERSION "${WINPR_VERSION_MAJOR}.${WINPR_VERSION_MINOR}")
 set(WINPR_VERSION_FULL "${WINPR_VERSION}.${WINPR_VERSION_REVISION}")
-set(WINPR_VERSION_FULL ${WINPR_VERSION_FULL} PARENT_SCOPE)
+
+if(FREERDP_BUILD)
+	set(WINPR_VERSION_FULL ${WINPR_VERSION_FULL} PARENT_SCOPE)
+else()
+	set(CMAKE_THREAD_PREFER_PTHREAD TRUE)
+
+	if(NOT IOS AND NOT ANDROID)
+		find_package(Threads REQUIRED)
+	endif()
+
+	# Include files
+	if(NOT IOS)
+		check_include_files(fcntl.h HAVE_FCNTL_H)
+		check_include_files(unistd.h HAVE_UNISTD_H)
+		check_include_files(execinfo.h HAVE_EXECINFO_H)
+		check_include_files(stdint.h HAVE_STDINT_H)
+		check_include_files(inttypes.h HAVE_INTTYPES_H)
+		check_include_files(sys/modem.h HAVE_SYS_MODEM_H)
+		check_include_files(sys/filio.h HAVE_SYS_FILIO_H)
+		check_include_files(sys/sockio.h HAVE_SYS_SOCKIO_H)
+		check_include_files(sys/strtio.h HAVE_SYS_STRTIO_H)
+		check_include_files(sys/select.h HAVE_SYS_SELECT_H)
+	else()
+		set(HAVE_FCNTL_H 1)
+		set(HAVE_UNISTD_H 1)
+		set(HAVE_STDINT_H 1)
+		set(HAVE_INTTYPES_H 1)
+		set(HAVE_SYS_FILIO_H 1)
+	endif()
+
+	if(NOT IOS)
+		check_struct_has_member("struct tm" tm_gmtoff time.h HAVE_TM_GMTOFF)
+	else()
+		set(HAVE_TM_GMTOFF 1)
+	endif()
+
+	if(NOT WIN32)
+		check_library_exists(pthread pthread_mutex_timedlock "" HAVE_PTHREAD_MUTEX_TIMEDLOCK)
+	endif()
+
+	set(OPENSSL_FEATURE_TYPE "OPTIONAL")
+	set(OPENSSL_FEATURE_PURPOSE "cryptography")
+	set(OPENSSL_FEATURE_DESCRIPTION "encryption, certificate validation, hashing functions")
+
+	set(MBEDTLS_FEATURE_TYPE "OPTIONAL")
+	set(MBEDTLS_FEATURE_PURPOSE "cryptography")
+	set(MBEDTLS_FEATURE_DESCRIPTION "encryption, certificate validation, hashing functions")
+
+	find_feature(OpenSSL ${OPENSSL_FEATURE_TYPE} ${OPENSSL_FEATURE_PURPOSE} ${OPENSSL_FEATURE_DESCRIPTION})
+	find_feature(MbedTLS ${MBEDTLS_FEATURE_TYPE} ${MBEDTLS_FEATURE_PURPOSE} ${MBEDTLS_FEATURE_DESCRIPTION})
+
+	if(OPENSSL_FOUND)
+		add_definitions("-DWITH_OPENSSL")
+	endif()
+
+	if(MBEDTLS_FOUND)
+		add_definitions("-DWITH_MBEDTLS")
+	endif()
+
+	# Include directories
+	include_directories(${CMAKE_CURRENT_BINARY_DIR})
+
+	# Configure files
+	add_definitions("-DHAVE_CONFIG_H")
+	configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h)
+
+	enable_testing()
+
+	if(MSVC)
+		set(TESTING_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}")
+	else()
+		set(TESTING_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/Testing")
+	endif()
+endif()

 # Default to release build type
 if(NOT CMAKE_BUILD_TYPE)
--- a/winpr/libwinpr/crypto/crypto.c
+++ b/winpr/libwinpr/crypto/crypto.c
@ -147,6 +147,7 @@ static wListDictionary* g_ProtectedMemoryBlocks = NULL;

 BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
 {
+#ifdef WITH_OPENSSL
 	BYTE* pCipherText;
 	int cbOut, cbFinal;
 	BYTE randomKey[256];
@ -163,6 +164,7 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
 	}

 	pMemBlock = (WINPR_PROTECTED_MEMORY_BLOCK*) calloc(1, sizeof(WINPR_PROTECTED_MEMORY_BLOCK));
+
 	if (!pMemBlock)
 		return FALSE;

@ -192,6 +194,7 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)

 	cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
 	pCipherText = (BYTE*) malloc(cbOut);
+
 	if (!pCipherText)
 	{
 		free(pMemBlock);
@ -206,10 +209,14 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
 	free(pCipherText);

 	return ListDictionary_Add(g_ProtectedMemoryBlocks, pData, pMemBlock);
+#else
+	return TRUE;
+#endif
 }

 BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
 {
+#ifdef WITH_OPENSSL
 	BYTE* pPlainText;
 	int cbOut, cbFinal;
 	WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;
@ -228,7 +235,9 @@ BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
 	/* AES Decryption */

 	cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
+
 	pPlainText = (BYTE*) malloc(cbOut);
+
 	if (!pPlainText)
 		return FALSE;

@ -250,6 +259,9 @@ BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
 	free(pMemBlock);

 	return TRUE;
+#else
+	return TRUE;
+#endif
 }

 BOOL CryptProtectData(DATA_BLOB* pDataIn, LPCWSTR szDataDescr, DATA_BLOB* pOptionalEntropy,
--- a/winpr/libwinpr/crypto/crypto.h
+++ b/winpr/libwinpr/crypto/crypto.h
@ -22,17 +22,12 @@

 #ifndef _WIN32

+#ifdef WITH_OPENSSL
+
 #include <openssl/evp.h>
 #include <openssl/aes.h>
 #include <openssl/rand.h>

-struct _WINPR_CERTSTORE
-{
-	LPCSTR lpszStoreProvider;
-	DWORD dwMsgAndCertEncodingType;
-};
-typedef struct _WINPR_CERTSTORE WINPR_CERTSTORE;
-
 struct _WINPR_PROTECTED_MEMORY_BLOCK
 {
 	BYTE* pData;
@ -48,4 +43,13 @@ typedef struct _WINPR_PROTECTED_MEMORY_BLOCK WINPR_PROTECTED_MEMORY_BLOCK;

 #endif

+struct _WINPR_CERTSTORE
+{
+	LPCSTR lpszStoreProvider;
+	DWORD dwMsgAndCertEncodingType;
+};
+typedef struct _WINPR_CERTSTORE WINPR_CERTSTORE;
+
+#endif
+
 #endif /* WINPR_CRYPTO_PRIVATE_H */
--- a/winpr/libwinpr/sspi/NTLM/ntlm.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm.c
@ -21,13 +21,6 @@
 #include "config.h"
 #endif

-#include <time.h>
-#include <openssl/des.h>
-#include <openssl/md4.h>
-#include <openssl/hmac.h>
-#include <openssl/rand.h>
-#include <openssl/engine.h>
-
 #include <winpr/crt.h>
 #include <winpr/sspi.h>
 #include <winpr/print.h>
@ -35,6 +28,9 @@
 #include <winpr/registry.h>
 #include <winpr/tchar.h>

+#include <openssl/rc4.h>
+#include <openssl/hmac.h>
+
 #include "ntlm.h"
 #include "../sspi.h"

@ -156,11 +152,18 @@ NTLM_CONTEXT* ntlm_ContextNew()
 	DWORD dwSize;
 	DWORD dwValue;
 	NTLM_CONTEXT* context;
+
 	context = (NTLM_CONTEXT*) calloc(1, sizeof(NTLM_CONTEXT));

 	if (!context)
 		return NULL;

+	context->SendRc4Seal = (void*) calloc(1, sizeof(RC4_KEY));
+	context->RecvRc4Seal = (void*) calloc(1, sizeof(RC4_KEY));
+
+	if (!context->SendRc4Seal || !context->RecvRc4Seal)
+		return NULL;
+
 	context->NTLMv2 = TRUE;
 	context->UseMIC = FALSE;
 	context->SendVersionInfo = TRUE;
@ -244,6 +247,8 @@ void ntlm_ContextFree(NTLM_CONTEXT* context)
 	if (!context)
 		return;

+	free(context->SendRc4Seal);
+	free(context->RecvRc4Seal);
 	sspi_SecBufferFree(&context->NegotiateMessage);
 	sspi_SecBufferFree(&context->ChallengeMessage);
 	sspi_SecBufferFree(&context->AuthenticateMessage);
@ -854,7 +859,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
 	/* Encrypt message using with RC4, result overwrites original buffer */

 	if (context->confidentiality)
-		RC4(&context->SendRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
+		RC4((RC4_KEY*) context->SendRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
 	else
 		CopyMemory(data_buffer->pvBuffer, data, length);

@ -866,7 +871,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
 #endif
 	free(data);
 	/* RC4-encrypt first 8 bytes of digest */
-	RC4(&context->SendRc4Seal, 8, digest, checksum);
+	RC4((RC4_KEY*) context->SendRc4Seal, 8, digest, checksum);
 	signature = (BYTE*) signature_buffer->pvBuffer;
 	/* Concatenate version, ciphertext and sequence number to build signature */
 	CopyMemory(signature, (void*) &version, 4);
@ -923,7 +928,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
 	/* Decrypt message using with RC4, result overwrites original buffer */

 	if (context->confidentiality)
-		RC4(&context->RecvRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
+		RC4((RC4_KEY*) context->RecvRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
 	else
 		CopyMemory(data_buffer->pvBuffer, data, length);

@ -942,7 +947,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
 #endif
 	free(data);
 	/* RC4-encrypt first 8 bytes of digest */
-	RC4(&context->RecvRc4Seal, 8, digest, checksum);
+	RC4((RC4_KEY*) context->RecvRc4Seal, 8, digest, checksum);
 	/* Concatenate version, ciphertext and sequence number to build signature */
 	CopyMemory(expected_signature, (void*) &version, 4);
 	CopyMemory(&expected_signature[4], (void*) checksum, 8);
--- a/winpr/libwinpr/sspi/NTLM/ntlm.h
+++ b/winpr/libwinpr/sspi/NTLM/ntlm.h
@ -25,16 +25,6 @@

 #include <winpr/nt.h>

-#include <time.h>
-#include <openssl/des.h>
-#include <openssl/md4.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-#include <openssl/rc4.h>
-#include <openssl/hmac.h>
-#include <openssl/rand.h>
-#include <openssl/engine.h>
-
 #include "../sspi.h"

 #define MESSAGE_TYPE_NEGOTIATE					1
@ -234,8 +224,8 @@ struct _NTLM_CONTEXT
 	BYTE MachineID[32];
 	BOOL SendVersionInfo;
 	BOOL confidentiality;
-	RC4_KEY SendRc4Seal;
-	RC4_KEY RecvRc4Seal;
+	void* SendRc4Seal;
+	void* RecvRc4Seal;
 	BYTE* SendSigningKey;
 	BYTE* RecvSigningKey;
 	BYTE* SendSealingKey;
--- a/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.c
@ -31,6 +31,8 @@
 #include <winpr/sysinfo.h>
 #include <winpr/tchar.h>

+#include <openssl/md5.h>
+
 #include "ntlm_compute.h"

 #include "ntlm_av_pairs.h"
@ -258,6 +260,7 @@ void ntlm_compute_channel_bindings(NTLM_CONTEXT* context)
 	BYTE* ChannelBindingToken;
 	UINT32 ChannelBindingTokenLength;
 	SEC_CHANNEL_BINDINGS* ChannelBindings;
+
 	ZeroMemory(context->ChannelBindingsHash, 16);
 	ChannelBindings = context->Bindings.Bindings;

--- a/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
@ -30,6 +30,10 @@
 #include <winpr/print.h>
 #include <winpr/sysinfo.h>

+#include <openssl/md5.h>
+#include <openssl/rc4.h>
+#include <openssl/hmac.h>
+
 #include "ntlm_compute.h"

 #include "../../log.h"
@ -194,14 +198,14 @@ int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
 	WINPR_SAM* sam;
 	WINPR_SAM_ENTRY* entry;
 	SSPI_CREDENTIALS* credentials = context->credentials;
+
 	sam = SamOpen(TRUE);

 	if (!sam)
 		return -1;

-	entry = SamLookupUserW(sam,
-						   (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
-						   (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2);
+	entry = SamLookupUserW(sam, (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
+			(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2);

 	if (entry)
 	{
@ -210,16 +214,15 @@ int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
 		winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);
 #endif
 		NTOWFv2FromHashW(entry->NtHash,
-						 (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
-						 (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
-						 (BYTE*) hash);
+				(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
+				(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
+				(BYTE*) hash);
 		SamFreeEntry(sam, entry);
 		SamClose(sam);
 		return 1;
 	}

-	entry = SamLookupUserW(sam,
-						   (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2, NULL, 0);
+	entry = SamLookupUserW(sam, (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2, NULL, 0);

 	if (entry)
 	{
@ -228,9 +231,9 @@ int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
 		winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);
 #endif
 		NTOWFv2FromHashW(entry->NtHash,
-						 (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
-						 (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
-						 (BYTE*) hash);
+				(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
+				(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
+				(BYTE*) hash);
 		SamFreeEntry(sam, entry);
 		SamClose(sam);
 		return 1;
@ -283,9 +286,9 @@ int ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
 	if (memcmp(context->NtlmHash, NTLM_NULL_BUFFER, 16) != 0)
 	{
 		NTOWFv2FromHashW(context->NtlmHash,
-						 (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
-						 (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
-						 (BYTE*) hash);
+				(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
+				(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
+				(BYTE*) hash);
 	}
 	else if (credentials->identity.PasswordLength > 256)
 	{
@ -294,15 +297,15 @@ int ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
 			return -1;

 		NTOWFv2FromHashW(context->NtlmHash,
-						 (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
-						 (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
-						 (BYTE*) hash);
+				(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
+				(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
+				(BYTE*) hash);
 	}
 	else if (credentials->identity.PasswordLength > 0)
 	{
 		NTOWFv2W((LPWSTR) credentials->identity.Password, credentials->identity.PasswordLength * 2,
-				 (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
-				 (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2, (BYTE*) hash);
+				(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
+				(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2, (BYTE*) hash);
 	}
 	else if (context->UseSamFileDatabase)
 	{
@ -544,6 +547,7 @@ int ntlm_generate_signing_key(BYTE* exported_session_key, PSecBuffer sign_magic,
 	int length;
 	BYTE* value;
 	MD5_CTX md5;
+
 	length = 16 + sign_magic->cbBuffer;
 	value = (BYTE*) malloc(length);

@ -657,8 +661,8 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
 		context->RecvSigningKey = context->ClientSigningKey;
 		context->SendSealingKey = context->ClientSealingKey;
 		context->RecvSealingKey = context->ServerSealingKey;
-		RC4_set_key(&context->SendRc4Seal, 16, context->ServerSealingKey);
-		RC4_set_key(&context->RecvRc4Seal, 16, context->ClientSealingKey);
+		RC4_set_key((RC4_KEY*) context->SendRc4Seal, 16, context->ServerSealingKey);
+		RC4_set_key((RC4_KEY*) context->RecvRc4Seal, 16, context->ClientSealingKey);
 	}
 	else
 	{
@ -666,8 +670,8 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
 		context->RecvSigningKey = context->ServerSigningKey;
 		context->SendSealingKey = context->ServerSealingKey;
 		context->RecvSealingKey = context->ClientSealingKey;
-		RC4_set_key(&context->SendRc4Seal, 16, context->ClientSealingKey);
-		RC4_set_key(&context->RecvRc4Seal, 16, context->ServerSealingKey);
+		RC4_set_key((RC4_KEY*) context->SendRc4Seal, 16, context->ClientSealingKey);
+		RC4_set_key((RC4_KEY*) context->RecvRc4Seal, 16, context->ServerSealingKey);
 	}
 }

@ -686,4 +690,3 @@ void ntlm_compute_message_integrity_check(NTLM_CONTEXT* context)
 	HMAC_Final(&hmac_ctx, context->MessageIntegrityCheck, NULL);
 	HMAC_CTX_cleanup(&hmac_ctx);
 }
-
--- a/winpr/libwinpr/sspi/Schannel/schannel.c
+++ b/winpr/libwinpr/sspi/Schannel/schannel.c
@ -39,6 +39,7 @@ SCHANNEL_CONTEXT* schannel_ContextNew()
 		return NULL;

 	context->openssl = schannel_openssl_new();
+
 	if (!context->openssl)
 	{
 		free(context);
--- a/winpr/libwinpr/sspi/Schannel/schannel_openssl.c
+++ b/winpr/libwinpr/sspi/Schannel/schannel_openssl.c
@ -21,12 +21,29 @@
 #include "config.h"
 #endif

+#include "schannel_openssl.h"
+
+#ifdef WITH_OPENSSL
+
 #include <winpr/crt.h>
 #include <winpr/sspi.h>
 #include <winpr/ssl.h>
 #include <winpr/print.h>

-#include "schannel_openssl.h"
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <openssl/bio.h>
+
+struct _SCHANNEL_OPENSSL
+{
+	SSL* ssl;
+	SSL_CTX* ctx;
+	BOOL connected;
+	BIO* bioRead;
+	BIO* bioWrite;
+	BYTE* ReadBuffer;
+	BYTE* WriteBuffer;
+};

 #include "../../log.h"
 #define TAG WINPR_TAG("sspi.schannel")
@ -172,7 +189,7 @@ int schannel_openssl_server_init(SCHANNEL_OPENSSL* context)
 {
 	int status;
 	long options = 0;
-	//context->ctx = SSL_CTX_new(SSLv23_server_method());
+
 	context->ctx = SSL_CTX_new(TLSv1_server_method());

 	if (!context->ctx)
@ -524,3 +541,47 @@ void schannel_openssl_free(SCHANNEL_OPENSSL* context)
 		free(context);
 	}
 }
+
+#else
+
+int schannel_openssl_client_init(SCHANNEL_OPENSSL* context)
+{
+	return 0;
+}
+
+int schannel_openssl_server_init(SCHANNEL_OPENSSL* context)
+{
+	return 0;
+}
+
+SECURITY_STATUS schannel_openssl_client_process_tokens(SCHANNEL_OPENSSL* context, PSecBufferDesc pInput, PSecBufferDesc pOutput)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS schannel_openssl_server_process_tokens(SCHANNEL_OPENSSL* context, PSecBufferDesc pInput, PSecBufferDesc pOutput)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS schannel_openssl_encrypt_message(SCHANNEL_OPENSSL* context, PSecBufferDesc pMessage)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS schannel_openssl_decrypt_message(SCHANNEL_OPENSSL* context, PSecBufferDesc pMessage)
+{
+	return SEC_E_OK;
+}
+
+SCHANNEL_OPENSSL* schannel_openssl_new(void)
+{
+	return NULL;
+}
+
+void schannel_openssl_free(SCHANNEL_OPENSSL* context)
+{
+
+}
+
+#endif
--- a/winpr/libwinpr/sspi/Schannel/schannel_openssl.h
+++ b/winpr/libwinpr/sspi/Schannel/schannel_openssl.h
@ -27,20 +27,6 @@
 /* OpenSSL includes windows.h */
 #include <winpr/windows.h>

-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/bio.h>
-
-struct _SCHANNEL_OPENSSL
-{
-	SSL* ssl;
-	SSL_CTX* ctx;
-	BOOL connected;
-	BIO* bioRead;
-	BIO* bioWrite;
-	BYTE* ReadBuffer;
-	BYTE* WriteBuffer;
-};
 typedef struct _SCHANNEL_OPENSSL SCHANNEL_OPENSSL;

 int schannel_openssl_client_init(SCHANNEL_OPENSSL* context);