From d1280c1bd12095ddc198ea2b62e0579fa88fde86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= Date: Sat, 24 Mar 2012 00:14:45 -0400 Subject: [PATCH] libfreerdp-sspi: start implementing ASCII and Unicode methods --- include/freerdp/sspi/sspi.h | 370 +++++++++++++++++++++----- libfreerdp-sspi/CMakeLists.txt | 14 +- libfreerdp-sspi/Kerberos/kerberos.c | 26 +- libfreerdp-sspi/NTLM/ntlm.c | 54 ++-- libfreerdp-sspi/NTLM/ntlm_av_pairs.c | 2 +- libfreerdp-sspi/NTLM/ntlm_av_pairs.h | 2 +- libfreerdp-sspi/NTLM/ntlm_compute.c | 4 +- libfreerdp-sspi/NTLM/ntlm_message.c | 12 +- libfreerdp-sspi/NTLM/ntlm_message.h | 12 +- libfreerdp-sspi/Negotiate/negotiate.c | 28 +- libfreerdp-sspi/credssp.c | 26 +- libfreerdp-sspi/sspi.c | 145 +++++----- libfreerdp-sspi/sspi.h | 4 +- 13 files changed, 471 insertions(+), 228 deletions(-) diff --git a/include/freerdp/sspi/sspi.h b/include/freerdp/sspi/sspi.h index 4c8acced7..621b1fa58 100644 --- a/include/freerdp/sspi/sspi.h +++ b/include/freerdp/sspi/sspi.h @@ -33,12 +33,26 @@ #pragma comment(lib, "secur32.lib") #endif +#else + +#define SEC_ENTRY + +typedef sint8 CHAR; +typedef uint16 WCHAR; + +typedef CHAR* LPSTR; +typedef WCHAR* LPWSTR; + +typedef uint64* ULONG_PTR; + #endif #ifndef NATIVE_SSPI -typedef sint16 SEC_WCHAR; -typedef sint8 SEC_CHAR; +#define SEC_ENTRY __stdcall + +typedef CHAR SEC_CHAR; +typedef WCHAR SEC_WCHAR; struct _SECURITY_INTEGER { @@ -52,16 +66,37 @@ typedef SECURITY_INTEGER* PTimeStamp; typedef uint32 SECURITY_STATUS; -struct _SecPkgInfo +struct _SecPkgInfoA { uint32 fCapabilities; uint16 wVersion; uint16 wRPCID; uint32 cbMaxToken; - char* Name; - char* Comment; + SEC_CHAR* Name; + SEC_CHAR* Comment; }; -typedef struct _SecPkgInfo SecPkgInfo; +typedef struct _SecPkgInfoA SecPkgInfoA; +typedef SecPkgInfoA* PSecPkgInfoA; + +struct _SecPkgInfoW +{ + uint32 fCapabilities; + uint16 wVersion; + uint16 wRPCID; + uint32 cbMaxToken; + SEC_WCHAR* Name; + SEC_WCHAR* Comment; +}; +typedef struct _SecPkgInfoW SecPkgInfoW; +typedef SecPkgInfoW* PSecPkgInfoW; + +#ifdef UNICODE +#define SecPkgInfo SecPkgInfoW +#define PSecPkgInfo PSecPkgInfoW +#else +#define SecPkgInfo SecPkgInfoA +#define PSecPkgInfo PSecPkgInfoA +#endif #endif @@ -419,11 +454,27 @@ typedef struct _SecPkgContext_TargetInformation SecPkgContext_TargetInformation; #define SECPKG_CRED_ATTR_NAMES 1 -struct _SecPkgCredentials_Names +struct _SecPkgCredentials_NamesA { - char* sUserName; + SEC_CHAR* sUserName; }; -typedef struct _SecPkgCredentials_Names SecPkgCredentials_Names; +typedef struct _SecPkgCredentials_NamesA SecPkgCredentials_NamesA; +typedef SecPkgCredentials_NamesA* PSecPkgCredentials_NamesA; + +struct _SecPkgCredentials_NamesW +{ + SEC_WCHAR* sUserName; +}; +typedef struct _SecPkgCredentials_NamesW SecPkgCredentials_NamesW; +typedef SecPkgCredentials_NamesW* PSecPkgCredentials_NamesW; + +#ifdef UNICODE +#define SecPkgCredentials_Names SecPkgCredentials_NamesW +#define PSecPkgCredentials_Names PSecPkgCredentials_NamesW +#else +#define SecPkgCredentials_Names SecPkgCredentials_NamesA +#define PSecPkgCredentials_Names PSecPkgCredentials_NamesA +#endif #endif @@ -550,13 +601,15 @@ typedef struct _SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY; struct _SecHandle { - uint32* dwLower; - uint32* dwUpper; + ULONG_PTR dwLower; + ULONG_PTR dwUpper; }; typedef struct _SecHandle SecHandle; typedef SecHandle CredHandle; +typedef CredHandle* PCredHandle; typedef SecHandle CtxtHandle; +typedef CtxtHandle* PCtxtHandle; #endif @@ -597,74 +650,165 @@ struct _SecBuffer void* pvBuffer; }; typedef struct _SecBuffer SecBuffer; +typedef SecBuffer* PSecBuffer; struct _SecBufferDesc { uint32 ulVersion; uint32 cBuffers; - SecBuffer* pBuffers; + PSecBuffer pBuffers; }; typedef struct _SecBufferDesc SecBufferDesc; +typedef SecBufferDesc* PSecBufferDesc; -typedef SECURITY_STATUS (*ENUMERATE_SECURITY_PACKAGES_FN)(uint32* pcPackages, SecPkgInfo** ppPackageInfo); +typedef void (SEC_ENTRY * SEC_GET_KEY_FN)(void* Arg, void* Principal, uint32 KeyVer, void** Key, SECURITY_STATUS* Status); -typedef SECURITY_STATUS (*QUERY_CREDENTIAL_ATTRIBUTES_FN)(CredHandle* phCredential, uint32 ulAttribute, void* pBuffer); +typedef SECURITY_STATUS (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_A)(uint32* pcPackages, PSecPkgInfoA* ppPackageInfo); +typedef SECURITY_STATUS (SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)(uint32* pcPackages, PSecPkgInfoW* ppPackageInfo); -typedef SECURITY_STATUS (*ACQUIRE_CREDENTIALS_HANDLE_FN)(char* pszPrincipal, char* pszPackage, +#ifdef UNICODE +#define EnumerateSecurityPackages EnumerateSecurityPackagesW +#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W +#else +#define EnumerateSecurityPackages EnumerateSecurityPackagesA +#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A +#endif + +typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer); +typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer); + +#ifdef UNICODE +#define QueryCredentialsAttributes QueryCredentialsAttributesW +#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W +#else +#define QueryCredentialsAttributes QueryCredentialsAttributesA +#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A +#endif + +typedef SECURITY_STATUS (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_A)(LPSTR pszPrincipal, LPSTR pszPackage, uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, - void* pvGetKeyArgument, CredHandle* phCredential, TimeStamp* ptsExpiry); + void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry); +typedef SECURITY_STATUS (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(LPWSTR pszPrincipal, LPWSTR pszPackage, + uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, + void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry); -typedef SECURITY_STATUS (*FREE_CREDENTIALS_HANDLE_FN)(CredHandle* phCredential); +#ifdef UNICODE +#define AcquireCredentialsHandle AcquireCredentialsHandleW +#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W +#else +#define AcquireCredentialsHandle AcquireCredentialsHandleA +#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A +#endif -typedef SECURITY_STATUS (*INITIALIZE_SECURITY_CONTEXT_FN)(CredHandle* phCredential, CtxtHandle* phContext, - char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, - SecBufferDesc* pInput, uint32 Reserved2, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry); +typedef SECURITY_STATUS (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(PCredHandle phCredential); -typedef SECURITY_STATUS (*ACCEPT_SECURITY_CONTEXT_FN)(CredHandle* phCredential, CtxtHandle* phContext, - SecBufferDesc* pInput, uint32 fContextReq, uint32 TargetDataRep, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp); +typedef SECURITY_STATUS (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_A)(PCredHandle phCredential, PCtxtHandle phContext, + SEC_CHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, + PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry); +typedef SECURITY_STATUS (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(PCredHandle phCredential, PCtxtHandle phContext, + SEC_WCHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, + PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry); -typedef SECURITY_STATUS (*COMPLETE_AUTH_TOKEN_FN)(CtxtHandle* phContext, SecBufferDesc* pToken); +#ifdef UNICODE +#define InitializeSecurityContext InitializeSecurityContextW +#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W +#else +#define InitializeSecurityContext InitializeSecurityContextA +#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A +#endif -typedef SECURITY_STATUS (*DELETE_SECURITY_CONTEXT_FN)(CtxtHandle* phContext); +typedef SECURITY_STATUS (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(PCredHandle phCredential, PCtxtHandle phContext, + PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp); -typedef SECURITY_STATUS (*APPLY_CONTROL_TOKEN_FN)(CtxtHandle* phContext, SecBufferDesc* pInput); +typedef SECURITY_STATUS (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(PCtxtHandle phContext, PSecBufferDesc pToken); -typedef SECURITY_STATUS (*QUERY_CONTEXT_ATTRIBUTES_FN)(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer); +typedef SECURITY_STATUS (SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)(PCtxtHandle phContext); -typedef SECURITY_STATUS (*IMPERSONATE_SECURITY_CONTEXT_FN)(CtxtHandle* phContext); +typedef SECURITY_STATUS (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(PCtxtHandle phContext, PSecBufferDesc pInput); -typedef SECURITY_STATUS (*REVERT_SECURITY_CONTEXT_FN)(CtxtHandle* phContext); +typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer); +typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer); -typedef SECURITY_STATUS (*MAKE_SIGNATURE_FN)(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo); +#ifdef UNICODE +#define QueryContextAttributes QueryContextAttributesW +#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W +#else +#define QueryContextAttributes QueryContextAttributesA +#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A +#endif -typedef SECURITY_STATUS (*VERIFY_SIGNATURE_FN)(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP); +typedef SECURITY_STATUS (SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)(PCtxtHandle phContext); -typedef SECURITY_STATUS (*FREE_CONTEXT_BUFFER_FN)(void* pvContextBuffer); +typedef SECURITY_STATUS (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(PCtxtHandle phContext); -typedef SECURITY_STATUS (*QUERY_SECURITY_PACKAGE_INFO_FN)(char* pszPackageName, SecPkgInfo** ppPackageInfo); +typedef SECURITY_STATUS (SEC_ENTRY * MAKE_SIGNATURE_FN)(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo); -typedef SECURITY_STATUS (*EXPORT_SECURITY_CONTEXT_FN)(CtxtHandle* phContext, uint32 fFlags, SecBuffer* pPackedContext, void* pToken); +typedef SECURITY_STATUS (SEC_ENTRY * VERIFY_SIGNATURE_FN)(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP); -typedef SECURITY_STATUS (*IMPORT_SECURITY_CONTEXT_FN)(char* pszPackage, SecBuffer* pPackedContext, void* pToken, CtxtHandle* phContext); +typedef SECURITY_STATUS (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(void* pvContextBuffer); -typedef SECURITY_STATUS (*ADD_CREDENTIALS_FN)(void); +typedef SECURITY_STATUS (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_A)(SEC_CHAR* pszPackageName, PSecPkgInfoA* ppPackageInfo); +typedef SECURITY_STATUS (SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)(SEC_WCHAR* pszPackageName, PSecPkgInfoW* ppPackageInfo); -typedef SECURITY_STATUS (*QUERY_SECURITY_CONTEXT_TOKEN_FN)(CtxtHandle* phContext, void* phToken); +#ifdef UNICODE +#define QuerySecurityPackageInfo QuerySecurityPackageInfoW +#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W +#else +#define QuerySecurityPackageInfo QuerySecurityPackageInfoA +#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A +#endif -typedef SECURITY_STATUS (*ENCRYPT_MESSAGE_FN)(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo); +typedef SECURITY_STATUS (SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)(PCtxtHandle phContext, uint32 fFlags, PSecBuffer pPackedContext, void* pToken); -typedef SECURITY_STATUS (*DECRYPT_MESSAGE_FN)(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP); +typedef SECURITY_STATUS (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_A)(SEC_CHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext); +typedef SECURITY_STATUS (SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)(SEC_WCHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext); -typedef SECURITY_STATUS (*SET_CONTEXT_ATTRIBUTES_FN)(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer); +#ifdef UNICODE +#define ImportSecurityContext ImportSecurityContextW +#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W +#else +#define ImportSecurityContext ImportSecurityContextA +#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A +#endif + +typedef SECURITY_STATUS (SEC_ENTRY * ADD_CREDENTIALS_FN_A)(PCredHandle hCredentials, SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, + uint32 fCredentialUse, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PTimeStamp ptsExpiry); +typedef SECURITY_STATUS (SEC_ENTRY * ADD_CREDENTIALS_FN_W)(PCredHandle hCredentials, SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, + uint32 fCredentialUse, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PTimeStamp ptsExpiry); + +#ifdef UNICODE +#define AddCredentials AddCredentialsW +#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W +#else +#define AddCredentials AddCredentialsA +#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A +#endif + +typedef SECURITY_STATUS (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(PCtxtHandle phContext, void* phToken); + +typedef SECURITY_STATUS (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo); + +typedef SECURITY_STATUS (SEC_ENTRY * DECRYPT_MESSAGE_FN)(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP); + +typedef SECURITY_STATUS (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer); +typedef SECURITY_STATUS (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer); + +#ifdef UNICODE +#define SetContextAttributes SetContextAttributesW +#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W +#else +#define SetContextAttributes SetContextAttributesA +#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_A +#endif struct _SecurityFunctionTable { uint32 dwVersion; ENUMERATE_SECURITY_PACKAGES_FN EnumerateSecurityPackages; - void* Reserved1; - QUERY_CREDENTIAL_ATTRIBUTES_FN QueryCredentialsAttributes; + QUERY_CREDENTIALS_ATTRIBUTES_FN QueryCredentialsAttributes; ACQUIRE_CREDENTIALS_HANDLE_FN AcquireCredentialsHandle; FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle; void* Reserved2; @@ -693,51 +837,137 @@ struct _SecurityFunctionTable }; typedef struct _SecurityFunctionTable SecurityFunctionTable; +struct _SecurityFunctionTableA +{ + uint32 dwVersion; + ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesW; + QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesW; + ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleW; + FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle; + void* Reserved2; + INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextW; + ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext; + COMPLETE_AUTH_TOKEN_FN CompleteAuthToken; + DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext; + APPLY_CONTROL_TOKEN_FN ApplyControlToken; + QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesW; + IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext; + REVERT_SECURITY_CONTEXT_FN RevertSecurityContext; + MAKE_SIGNATURE_FN MakeSignature; + VERIFY_SIGNATURE_FN VerifySignature; + FREE_CONTEXT_BUFFER_FN FreeContextBuffer; + QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoW; + void* Reserved3; + void* Reserved4; + EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext; + IMPORT_SECURITY_CONTEXT_FN_A ImportSecurityContextW; + ADD_CREDENTIALS_FN_A AddCredentialsW; + void* Reserved8; + QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken; + ENCRYPT_MESSAGE_FN EncryptMessage; + DECRYPT_MESSAGE_FN DecryptMessage; + SET_CONTEXT_ATTRIBUTES_FN_A SetContextAttributesW; +}; +typedef struct _SecurityFunctionTableA SecurityFunctionTableA; +typedef SecurityFunctionTableA* PSecurityFunctionTableA; + +struct _SecurityFunctionTableW +{ + uint32 dwVersion; + ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW; + QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW; + ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW; + FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle; + void* Reserved2; + INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW; + ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext; + COMPLETE_AUTH_TOKEN_FN CompleteAuthToken; + DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext; + APPLY_CONTROL_TOKEN_FN ApplyControlToken; + QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW; + IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext; + REVERT_SECURITY_CONTEXT_FN RevertSecurityContext; + MAKE_SIGNATURE_FN MakeSignature; + VERIFY_SIGNATURE_FN VerifySignature; + FREE_CONTEXT_BUFFER_FN FreeContextBuffer; + QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW; + void* Reserved3; + void* Reserved4; + EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext; + IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW; + ADD_CREDENTIALS_FN_W AddCredentialsW; + void* Reserved8; + QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken; + ENCRYPT_MESSAGE_FN EncryptMessage; + DECRYPT_MESSAGE_FN DecryptMessage; + SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW; +}; +typedef struct _SecurityFunctionTableW SecurityFunctionTableW; +typedef SecurityFunctionTableW* PSecurityFunctionTableW; + +#ifdef UNICODE +#define SecurityFunctionTable SecurityFunctionTableW +#define PSecurityFunctionTable PSecurityFunctionTableW +#else +#define SecurityFunctionTable SecurityFunctionTableA +#define PSecurityFunctionTable PSecurityFunctionTableA +#endif + /* Package Management */ -FREERDP_API SECURITY_STATUS EnumerateSecurityPackages(uint32* pcPackages, SecPkgInfo** ppPackageInfo); -FREERDP_API SecurityFunctionTable* InitSecurityInterface(void); -FREERDP_API SECURITY_STATUS QuerySecurityPackageInfo(char* pszPackageName, SecPkgInfo** ppPackageInfo); +FREERDP_API SECURITY_STATUS EnumerateSecurityPackagesA(uint32* pcPackages, PSecPkgInfoA* ppPackageInfo); +FREERDP_API SECURITY_STATUS EnumerateSecurityPackagesW(uint32* pcPackages, PSecPkgInfoW* ppPackageInfo); +FREERDP_API SecurityFunctionTableA* InitSecurityInterfaceA(void); +FREERDP_API SecurityFunctionTableW* InitSecurityInterfaceW(void); +FREERDP_API SECURITY_STATUS QuerySecurityPackageInfoA(SEC_CHAR* pszPackageName, PSecPkgInfoA* ppPackageInfo); +FREERDP_API SECURITY_STATUS QuerySecurityPackageInfoW(SEC_WCHAR* pszPackageName, PSecPkgInfoW* ppPackageInfo); /* Credential Management */ -FREERDP_API SECURITY_STATUS AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, +FREERDP_API SECURITY_STATUS AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, - void* pvGetKeyArgument, CredHandle* phCredential, TimeStamp* ptsExpiry); + void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry); +FREERDP_API SECURITY_STATUS AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, + uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, + void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry); -FREERDP_API SECURITY_STATUS ExportSecurityContext(CtxtHandle* phContext, uint32 fFlags, SecBuffer* pPackedContext, void* pToken); -FREERDP_API SECURITY_STATUS FreeCredentialsHandle(CredHandle* phCredential); -FREERDP_API SECURITY_STATUS ImportSecurityContext(char* pszPackage, SecBuffer* pPackedContext, void* pToken, CtxtHandle* phContext); -FREERDP_API SECURITY_STATUS QueryCredentialsAttributes(CredHandle* phCredential, uint32 ulAttribute, void* pBuffer); +FREERDP_API SECURITY_STATUS ExportSecurityContext(PCtxtHandle phContext, uint32 fFlags, PSecBuffer pPackedContext, void* pToken); +FREERDP_API SECURITY_STATUS FreeCredentialsHandle(PCredHandle phCredential); + +FREERDP_API SECURITY_STATUS ImportSecurityContextA(SEC_CHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext); +FREERDP_API SECURITY_STATUS ImportSecurityContextW(SEC_WCHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext); + +FREERDP_API SECURITY_STATUS QueryCredentialsAttributesA(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer); +FREERDP_API SECURITY_STATUS QueryCredentialsAttributesW(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer); /* Context Management */ -FREERDP_API SECURITY_STATUS AcceptSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, - SecBufferDesc* pInput, uint32 fContextReq, uint32 TargetDataRep, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp); +FREERDP_API SECURITY_STATUS AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, + PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp); -FREERDP_API SECURITY_STATUS ApplyControlToken(CtxtHandle* phContext, SecBufferDesc* pInput); -FREERDP_API SECURITY_STATUS CompleteAuthToken(CtxtHandle* phContext, SecBufferDesc* pToken); -FREERDP_API SECURITY_STATUS DeleteSecurityContext(CtxtHandle* phContext); +FREERDP_API SECURITY_STATUS ApplyControlToken(PCtxtHandle phContext, PSecBufferDesc pInput); +FREERDP_API SECURITY_STATUS CompleteAuthToken(PCtxtHandle phContext, PSecBufferDesc pToken); +FREERDP_API SECURITY_STATUS DeleteSecurityContext(PCtxtHandle phContext); FREERDP_API SECURITY_STATUS FreeContextBuffer(void* pvContextBuffer); -FREERDP_API SECURITY_STATUS ImpersonateSecurityContext(CtxtHandle* phContext); +FREERDP_API SECURITY_STATUS ImpersonateSecurityContext(PCtxtHandle phContext); -FREERDP_API SECURITY_STATUS InitializeSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, +FREERDP_API SECURITY_STATUS InitializeSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, - SecBufferDesc* pInput, uint32 Reserved2, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry); + PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry); -FREERDP_API SECURITY_STATUS QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer); -FREERDP_API SECURITY_STATUS QuerySecurityContextToken(CtxtHandle* phContext, void* phToken); -FREERDP_API SECURITY_STATUS SetContextAttributes(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer); -FREERDP_API SECURITY_STATUS RevertSecurityContext(CtxtHandle* phContext); +FREERDP_API SECURITY_STATUS QueryContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer); +FREERDP_API SECURITY_STATUS QuerySecurityContextToken(PCtxtHandle phContext, void* phToken); +FREERDP_API SECURITY_STATUS SetContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer); +FREERDP_API SECURITY_STATUS RevertSecurityContext(PCtxtHandle phContext); /* Message Support */ -FREERDP_API SECURITY_STATUS DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP); -FREERDP_API SECURITY_STATUS EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo); -FREERDP_API SECURITY_STATUS MakeSignature(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo); -FREERDP_API SECURITY_STATUS VerifySignature(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP); +FREERDP_API SECURITY_STATUS DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP); +FREERDP_API SECURITY_STATUS EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo); +FREERDP_API SECURITY_STATUS MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo); +FREERDP_API SECURITY_STATUS VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP); #endif diff --git a/libfreerdp-sspi/CMakeLists.txt b/libfreerdp-sspi/CMakeLists.txt index 2d3e37340..d90f430a2 100644 --- a/libfreerdp-sspi/CMakeLists.txt +++ b/libfreerdp-sspi/CMakeLists.txt @@ -42,13 +42,21 @@ set(FREERDP_SSPI_NEGOTIATE_SRCS Negotiate/negotiate.h) set(FREERDP_SSPI_SRCS - ${FREERDP_SSPI_NTLM_SRCS} - ${FREERDP_SSPI_KERBEROS_SRCS} - ${FREERDP_SSPI_NEGOTIATE_SRCS} sspi.c sspi.h credssp.c) +if(NOT WITH_NATIVE_SSPI) + set(FREERDP_SSPI_SRCS + ${FREERDP_SSPI_NTLM_SRCS} + ${FREERDP_SSPI_KERBEROS_SRCS} + ${FREERDP_SSPI_NEGOTIATE_SRCS} + ${FREERDP_SSPI_SRCS}) +else() + add_definitions(-DNATIVE_SSPI) +endif() + + add_library(freerdp-sspi ${FREERDP_SSPI_SRCS}) include_directories(${OPENSSL_INCLUDE_DIR}) diff --git a/libfreerdp-sspi/Kerberos/kerberos.c b/libfreerdp-sspi/Kerberos/kerberos.c index a9a3e39f8..0bb3f0f60 100644 --- a/libfreerdp-sspi/Kerberos/kerberos.c +++ b/libfreerdp-sspi/Kerberos/kerberos.c @@ -275,9 +275,9 @@ KRB_CONTEXT* krb_ContextNew() return context; } -SECURITY_STATUS krb_AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, +SECURITY_STATUS SEC_ENTRY krb_AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, - void* pvGetKeyArgument, CredHandle* phCredential, TimeStamp* ptsExpiry) + void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry) { CREDENTIALS* credentials; SEC_WINNT_AUTH_IDENTITY* identity; @@ -298,7 +298,7 @@ SECURITY_STATUS krb_AcquireCredentialsHandle(char* pszPrincipal, char* pszPackag return SEC_E_OK; } -SECURITY_STATUS krb_FreeCredentialsHandle(CredHandle* phCredential) +SECURITY_STATUS SEC_ENTRY krb_FreeCredentialsHandle(PCredHandle phCredential) { CREDENTIALS* credentials; @@ -315,7 +315,7 @@ SECURITY_STATUS krb_FreeCredentialsHandle(CredHandle* phCredential) return SEC_E_OK; } -SECURITY_STATUS krb_QueryCredentialsAttributes(CredHandle* phCredential, uint32 ulAttribute, void* pBuffer) +SECURITY_STATUS SEC_ENTRY krb_QueryCredentialsAttributes(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer) { if (ulAttribute == SECPKG_CRED_ATTR_NAMES) { @@ -381,16 +381,16 @@ void krb_SetContextIdentity(KRB_CONTEXT* context, SEC_WINNT_AUTH_IDENTITY* ident } } -SECURITY_STATUS krb_InitializeSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, +SECURITY_STATUS SEC_ENTRY krb_InitializeSecurityContext(PCredHandle phCredential, CtxtHandle* phContext, char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, - SecBufferDesc* pInput, uint32 Reserved2, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) + PSecBufferDesc pInput, uint32 Reserved2, CtxtHandle* phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) { KRB_CONTEXT* krb_ctx; //SECURITY_STATUS status; //CREDENTIALS* credentials; - //SecBuffer* input_SecBuffer; - //SecBuffer* output_SecBuffer; + //PSecBuffer input_SecBuffer; + //PSecBuffer output_SecBuffer; int errcode; errcode = 0; @@ -1167,22 +1167,22 @@ SECURITY_STATUS krb_QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttri return SEC_E_UNSUPPORTED_FUNCTION; } -SECURITY_STATUS krb_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS SEC_ENTRY krb_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { return SEC_E_OK; } -SECURITY_STATUS krb_DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS SEC_ENTRY krb_DecryptMessage(CtxtHandle* phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { return SEC_E_OK; } -SECURITY_STATUS krb_MakeSignature(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS SEC_ENTRY krb_MakeSignature(CtxtHandle* phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { return SEC_E_OK; } -SECURITY_STATUS krb_VerifySignature(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS SEC_ENTRY krb_VerifySignature(CtxtHandle* phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { return SEC_E_OK; } diff --git a/libfreerdp-sspi/NTLM/ntlm.c b/libfreerdp-sspi/NTLM/ntlm.c index 8f7620677..4ae536843 100644 --- a/libfreerdp-sspi/NTLM/ntlm.c +++ b/libfreerdp-sspi/NTLM/ntlm.c @@ -140,7 +140,7 @@ void ntlm_ContextFree(NTLM_CONTEXT* context) SECURITY_STATUS ntlm_AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, - void* pvGetKeyArgument, CredHandle* phCredential, TimeStamp* ptsExpiry) + void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry) { CREDENTIALS* credentials; SEC_WINNT_AUTH_IDENTITY* identity; @@ -173,7 +173,7 @@ SECURITY_STATUS ntlm_AcquireCredentialsHandle(char* pszPrincipal, char* pszPacka return SEC_E_OK; } -SECURITY_STATUS ntlm_FreeCredentialsHandle(CredHandle* phCredential) +SECURITY_STATUS ntlm_FreeCredentialsHandle(PCredHandle phCredential) { CREDENTIALS* credentials; @@ -190,7 +190,7 @@ SECURITY_STATUS ntlm_FreeCredentialsHandle(CredHandle* phCredential) return SEC_E_OK; } -SECURITY_STATUS ntlm_QueryCredentialsAttributes(CredHandle* phCredential, uint32 ulAttribute, void* pBuffer) +SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributes(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer) { if (ulAttribute == SECPKG_CRED_ATTR_NAMES) { @@ -210,15 +210,15 @@ SECURITY_STATUS ntlm_QueryCredentialsAttributes(CredHandle* phCredential, uint32 /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375512/ */ -SECURITY_STATUS ntlm_AcceptSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, - SecBufferDesc* pInput, uint32 fContextReq, uint32 TargetDataRep, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp) +SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(PCredHandle phCredential, CtxtHandle* phContext, + PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, CtxtHandle* phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp) { NTLM_CONTEXT* context; SECURITY_STATUS status; CREDENTIALS* credentials; - SecBuffer* input_buffer; - SecBuffer* output_buffer; + PSecBuffer input_buffer; + PSecBuffer output_buffer; context = sspi_SecureHandleGetLowerPointer(phContext); @@ -307,21 +307,21 @@ SECURITY_STATUS ntlm_AcceptSecurityContext(CredHandle* phCredential, CtxtHandle* return SEC_E_OUT_OF_SEQUENCE; } -SECURITY_STATUS ntlm_ImpersonateSecurityContext(CtxtHandle* phContext) +SECURITY_STATUS SEC_ENTRY ntlm_ImpersonateSecurityContext(CtxtHandle* phContext) { return SEC_E_OK; } -SECURITY_STATUS ntlm_InitializeSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, +SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContext(PCredHandle phCredential, CtxtHandle* phContext, char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, - SecBufferDesc* pInput, uint32 Reserved2, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) + PSecBufferDesc pInput, uint32 Reserved2, CtxtHandle* phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) { NTLM_CONTEXT* context; SECURITY_STATUS status; CREDENTIALS* credentials; - SecBuffer* input_buffer; - SecBuffer* output_buffer; + PSecBuffer input_buffer; + PSecBuffer output_buffer; context = sspi_SecureHandleGetLowerPointer(phContext); @@ -411,7 +411,7 @@ SECURITY_STATUS ntlm_InitializeSecurityContext(CredHandle* phCredential, CtxtHan /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375354 */ -SECURITY_STATUS ntlm_DeleteSecurityContext(CtxtHandle* phContext) +SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(CtxtHandle* phContext) { NTLM_CONTEXT* context; @@ -425,7 +425,7 @@ SECURITY_STATUS ntlm_DeleteSecurityContext(CtxtHandle* phContext) /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa379337/ */ -SECURITY_STATUS ntlm_QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer) +SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer) { if (!phContext) return SEC_E_INVALID_HANDLE; @@ -448,12 +448,12 @@ SECURITY_STATUS ntlm_QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttr return SEC_E_UNSUPPORTED_FUNCTION; } -SECURITY_STATUS ntlm_RevertSecurityContext(CtxtHandle* phContext) +SECURITY_STATUS SEC_ENTRY ntlm_RevertSecurityContext(CtxtHandle* phContext) { return SEC_E_OK; } -SECURITY_STATUS ntlm_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { int index; int length; @@ -464,8 +464,8 @@ SECURITY_STATUS ntlm_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBuffe uint8* signature; uint32 version = 1; NTLM_CONTEXT* context; - SecBuffer* data_buffer = NULL; - SecBuffer* signature_buffer = NULL; + PSecBuffer data_buffer = NULL; + PSecBuffer signature_buffer = NULL; context = sspi_SecureHandleGetLowerPointer(phContext); @@ -473,7 +473,7 @@ SECURITY_STATUS ntlm_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBuffe { if (pMessage->pBuffers[index].BufferType == SECBUFFER_DATA) data_buffer = &pMessage->pBuffers[index]; - else if (pMessage->pBuffers[index].BufferType == SECBUFFER_PADDING) + else if (pMessage->pBuffers[index].BufferType == SECBUFFER_TOKEN) signature_buffer = &pMessage->pBuffers[index]; } @@ -530,7 +530,7 @@ SECURITY_STATUS ntlm_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBuffe return SEC_E_OK; } -SECURITY_STATUS ntlm_DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(CtxtHandle* phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { int index; int length; @@ -541,8 +541,8 @@ SECURITY_STATUS ntlm_DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessa uint32 version = 1; NTLM_CONTEXT* context; uint8 expected_signature[16]; - SecBuffer* data_buffer = NULL; - SecBuffer* signature_buffer = NULL; + PSecBuffer data_buffer = NULL; + PSecBuffer signature_buffer = NULL; context = sspi_SecureHandleGetLowerPointer(phContext); @@ -550,7 +550,7 @@ SECURITY_STATUS ntlm_DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessa { if (pMessage->pBuffers[index].BufferType == SECBUFFER_DATA) data_buffer = &pMessage->pBuffers[index]; - else if (pMessage->pBuffers[index].BufferType == SECBUFFER_PADDING) + else if (pMessage->pBuffers[index].BufferType == SECBUFFER_TOKEN) signature_buffer = &pMessage->pBuffers[index]; } @@ -596,12 +596,12 @@ SECURITY_STATUS ntlm_DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessa return SEC_E_OK; } -SECURITY_STATUS ntlm_MakeSignature(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(CtxtHandle* phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { return SEC_E_OK; } -SECURITY_STATUS ntlm_VerifySignature(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(CtxtHandle* phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { return SEC_E_OK; } diff --git a/libfreerdp-sspi/NTLM/ntlm_av_pairs.c b/libfreerdp-sspi/NTLM/ntlm_av_pairs.c index 961594ff1..efeeedb55 100644 --- a/libfreerdp-sspi/NTLM/ntlm_av_pairs.c +++ b/libfreerdp-sspi/NTLM/ntlm_av_pairs.c @@ -155,7 +155,7 @@ void ntlm_input_av_pairs(NTLM_CONTEXT* context, STREAM* s) * @param s */ -void ntlm_output_av_pairs(NTLM_CONTEXT* context, SecBuffer* buffer) +void ntlm_output_av_pairs(NTLM_CONTEXT* context, PSecBuffer buffer) { STREAM* s; AV_PAIRS* av_pairs = context->av_pairs; diff --git a/libfreerdp-sspi/NTLM/ntlm_av_pairs.h b/libfreerdp-sspi/NTLM/ntlm_av_pairs.h index 7559eac3a..d908cf332 100644 --- a/libfreerdp-sspi/NTLM/ntlm_av_pairs.h +++ b/libfreerdp-sspi/NTLM/ntlm_av_pairs.h @@ -23,7 +23,7 @@ #include "ntlm.h" void ntlm_input_av_pairs(NTLM_CONTEXT* context, STREAM* s); -void ntlm_output_av_pairs(NTLM_CONTEXT* context, SecBuffer* buffer); +void ntlm_output_av_pairs(NTLM_CONTEXT* context, PSecBuffer buffer); void ntlm_populate_av_pairs(NTLM_CONTEXT* context); void ntlm_populate_server_av_pairs(NTLM_CONTEXT* context); void ntlm_print_av_pairs(NTLM_CONTEXT* context); diff --git a/libfreerdp-sspi/NTLM/ntlm_compute.c b/libfreerdp-sspi/NTLM/ntlm_compute.c index 288740ae3..fbd058686 100644 --- a/libfreerdp-sspi/NTLM/ntlm_compute.c +++ b/libfreerdp-sspi/NTLM/ntlm_compute.c @@ -421,7 +421,7 @@ void ntlm_decrypt_random_session_key(NTLM_CONTEXT* context) * @param signing_key Destination signing key */ -void ntlm_generate_signing_key(uint8* exported_session_key, SecBuffer* sign_magic, uint8* signing_key) +void ntlm_generate_signing_key(uint8* exported_session_key, PSecBuffer sign_magic, uint8* signing_key) { int length; uint8* value; @@ -477,7 +477,7 @@ void ntlm_generate_server_signing_key(NTLM_CONTEXT* context) * @param sealing_key Destination sealing key */ -void ntlm_generate_sealing_key(uint8* exported_session_key, SecBuffer* seal_magic, uint8* sealing_key) +void ntlm_generate_sealing_key(uint8* exported_session_key, PSecBuffer seal_magic, uint8* sealing_key) { uint8* p; CryptoMd5 md5; diff --git a/libfreerdp-sspi/NTLM/ntlm_message.c b/libfreerdp-sspi/NTLM/ntlm_message.c index 9c78303a9..b00be61fb 100644 --- a/libfreerdp-sspi/NTLM/ntlm_message.c +++ b/libfreerdp-sspi/NTLM/ntlm_message.c @@ -145,7 +145,7 @@ void ntlm_print_negotiate_flags(uint32 flags) printf("}\n"); } -SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, SecBuffer* buffer) +SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buffer) { STREAM* s; int length; @@ -219,7 +219,7 @@ SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, SecBuffer* buf return SEC_I_CONTINUE_NEEDED; } -SECURITY_STATUS ntlm_write_NegotiateMessage(NTLM_CONTEXT* context, SecBuffer* buffer) +SECURITY_STATUS ntlm_write_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buffer) { STREAM* s; int length; @@ -311,7 +311,7 @@ SECURITY_STATUS ntlm_write_NegotiateMessage(NTLM_CONTEXT* context, SecBuffer* bu return SEC_I_CONTINUE_NEEDED; } -SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, SecBuffer* buffer) +SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buffer) { uint8* p; STREAM* s; @@ -511,7 +511,7 @@ SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, SecBuffer* buf return SEC_I_CONTINUE_NEEDED; } -SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, SecBuffer* buffer) +SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buffer) { STREAM* s; int length; @@ -634,7 +634,7 @@ SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, SecBuffer* bu return SEC_I_CONTINUE_NEEDED; } -SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, SecBuffer* buffer) +SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer buffer) { STREAM* s; int length; @@ -905,7 +905,7 @@ SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, SecBuffer* * @param buffer */ -SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, SecBuffer* buffer) +SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer buffer) { STREAM* s; int length; diff --git a/libfreerdp-sspi/NTLM/ntlm_message.h b/libfreerdp-sspi/NTLM/ntlm_message.h index 41f146a3d..bac961cea 100644 --- a/libfreerdp-sspi/NTLM/ntlm_message.h +++ b/libfreerdp-sspi/NTLM/ntlm_message.h @@ -22,11 +22,11 @@ #include "ntlm.h" -SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, SecBuffer* buffer); -SECURITY_STATUS ntlm_write_NegotiateMessage(NTLM_CONTEXT* context, SecBuffer* buffer); -SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, SecBuffer* buffer); -SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, SecBuffer* buffer); -SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, SecBuffer* buffer); -SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, SecBuffer* buffer); +SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buffer); +SECURITY_STATUS ntlm_write_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buffer); +SECURITY_STATUS ntlm_read_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buffer); +SECURITY_STATUS ntlm_write_ChallengeMessage(NTLM_CONTEXT* context, PSecBuffer buffer); +SECURITY_STATUS ntlm_read_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer buffer); +SECURITY_STATUS ntlm_write_AuthenticateMessage(NTLM_CONTEXT* context, PSecBuffer buffer); #endif /* FREERDP_SSPI_NTLM_MESSAGE_H */ diff --git a/libfreerdp-sspi/Negotiate/negotiate.c b/libfreerdp-sspi/Negotiate/negotiate.c index 802a0df96..2f333b5db 100644 --- a/libfreerdp-sspi/Negotiate/negotiate.c +++ b/libfreerdp-sspi/Negotiate/negotiate.c @@ -81,16 +81,16 @@ void negotiate_SetContextIdentity(NEGOTIATE_CONTEXT* context, SEC_WINNT_AUTH_IDE } } -SECURITY_STATUS negotiate_InitializeSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, +SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, - SecBufferDesc* pInput, uint32 Reserved2, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) + PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) { NEGOTIATE_CONTEXT* context; //SECURITY_STATUS status; CREDENTIALS* credentials; - //SecBuffer* input_SecBuffer; - SecBuffer* output_SecBuffer; + //PSecBuffer input_SecBuffer; + PSecBuffer output_SecBuffer; //KrbTGTREQ krb_tgtreq; context = sspi_SecureHandleGetLowerPointer(phContext); @@ -148,7 +148,7 @@ void negotiate_ContextFree(NEGOTIATE_CONTEXT* context) xfree(context); } -SECURITY_STATUS negotiate_QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer) +SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer) { if (!phContext) return SEC_E_INVALID_HANDLE; @@ -171,9 +171,9 @@ SECURITY_STATUS negotiate_QueryContextAttributes(CtxtHandle* phContext, uint32 u return SEC_E_UNSUPPORTED_FUNCTION; } -SECURITY_STATUS negotiate_AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, +SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, - void* pvGetKeyArgument, CredHandle* phCredential, TimeStamp* ptsExpiry) + void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry) { CREDENTIALS* credentials; SEC_WINNT_AUTH_IDENTITY* identity; @@ -194,7 +194,7 @@ SECURITY_STATUS negotiate_AcquireCredentialsHandle(char* pszPrincipal, char* psz return SEC_E_OK; } -SECURITY_STATUS negotiate_QueryCredentialsAttributes(CredHandle* phCredential, uint32 ulAttribute, void* pBuffer) +SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributes(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer) { if (ulAttribute == SECPKG_CRED_ATTR_NAMES) { @@ -212,7 +212,7 @@ SECURITY_STATUS negotiate_QueryCredentialsAttributes(CredHandle* phCredential, u return SEC_E_UNSUPPORTED_FUNCTION; } -SECURITY_STATUS negotiate_FreeCredentialsHandle(CredHandle* phCredential) +SECURITY_STATUS SEC_ENTRY negotiate_FreeCredentialsHandle(PCredHandle phCredential) { CREDENTIALS* credentials; @@ -229,22 +229,22 @@ SECURITY_STATUS negotiate_FreeCredentialsHandle(CredHandle* phCredential) return SEC_E_OK; } -SECURITY_STATUS negotiate_EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS SEC_ENTRY negotiate_EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { return SEC_E_OK; } -SECURITY_STATUS negotiate_DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS SEC_ENTRY negotiate_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { return SEC_E_OK; } -SECURITY_STATUS negotiate_MakeSignature(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS SEC_ENTRY negotiate_MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { return SEC_E_OK; } -SECURITY_STATUS negotiate_VerifySignature(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS negotiate_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { return SEC_E_OK; } diff --git a/libfreerdp-sspi/credssp.c b/libfreerdp-sspi/credssp.c index 4db8f0056..c51ee15c7 100644 --- a/libfreerdp-sspi/credssp.c +++ b/libfreerdp-sspi/credssp.c @@ -152,7 +152,7 @@ int credssp_ntlm_server_init(rdpCredssp* credssp) return 1; } -#define NTLM_PACKAGE_NAME "NTLM" +#define NTLM_PACKAGE_NAME L"NTLM" int credssp_client_authenticate(rdpCredssp* credssp) { @@ -163,7 +163,7 @@ int credssp_client_authenticate(rdpCredssp* credssp) CredHandle credentials; TimeStamp expiration; SecPkgInfo* pPackageInfo; - SecBuffer* p_buffer; + PSecBuffer p_buffer; SecBuffer input_buffer; SecBuffer output_buffer; SecBufferDesc input_buffer_desc; @@ -249,7 +249,7 @@ int credssp_client_authenticate(rdpCredssp* credssp) SecBufferDesc Message; Buffers[0].BufferType = SECBUFFER_DATA; /* TLS Public Key */ - Buffers[1].BufferType = SECBUFFER_PADDING; /* Signature */ + Buffers[1].BufferType = SECBUFFER_TOKEN; /* Signature */ Buffers[0].cbBuffer = credssp->PublicKey.cbBuffer; Buffers[0].pvBuffer = xmalloc(Buffers[0].cbBuffer); @@ -260,7 +260,7 @@ int credssp_client_authenticate(rdpCredssp* credssp) Message.cBuffers = 2; Message.ulVersion = SECBUFFER_VERSION; - Message.pBuffers = (SecBuffer*) &Buffers; + Message.pBuffers = (PSecBuffer) &Buffers; sspi_SecBufferAlloc(&credssp->pubKeyAuth, Buffers[0].cbBuffer + Buffers[1].cbBuffer); @@ -368,7 +368,7 @@ int credssp_server_authenticate(rdpCredssp* credssp) CredHandle credentials; TimeStamp expiration; SecPkgInfo* pPackageInfo; - SecBuffer* p_buffer; + PSecBuffer p_buffer; SecBuffer input_buffer; SecBuffer output_buffer; SecBufferDesc input_buffer_desc; @@ -485,7 +485,7 @@ int credssp_server_authenticate(rdpCredssp* credssp) SecBufferDesc Message; Buffers[0].BufferType = SECBUFFER_DATA; /* TLS Public Key */ - Buffers[1].BufferType = SECBUFFER_PADDING; /* Signature */ + Buffers[1].BufferType = SECBUFFER_TOKEN; /* Signature */ Buffers[0].cbBuffer = credssp->PublicKey.cbBuffer; Buffers[0].pvBuffer = xmalloc(Buffers[0].cbBuffer); @@ -496,7 +496,7 @@ int credssp_server_authenticate(rdpCredssp* credssp) Message.cBuffers = 2; Message.ulVersion = SECBUFFER_VERSION; - Message.pBuffers = (SecBuffer*) &Buffers; + Message.pBuffers = (PSecBuffer) &Buffers; p = (uint8*) Buffers[0].pvBuffer; p[0]++; /* Public Key +1 */ @@ -596,7 +596,7 @@ SECURITY_STATUS credssp_verify_public_key_echo(rdpCredssp* credssp) pub_key_auth = (uint8*) credssp->pubKeyAuth.pvBuffer; public_key_length = credssp->PublicKey.cbBuffer; - Buffers[0].BufferType = SECBUFFER_PADDING; /* Signature */ + Buffers[0].BufferType = SECBUFFER_TOKEN; /* Signature */ Buffers[1].BufferType = SECBUFFER_DATA; /* Encrypted TLS Public Key */ Buffers[0].cbBuffer = credssp->ContextSizes.cbMaxSignature; @@ -609,7 +609,7 @@ SECURITY_STATUS credssp_verify_public_key_echo(rdpCredssp* credssp) Message.cBuffers = 2; Message.ulVersion = SECBUFFER_VERSION; - Message.pBuffers = (SecBuffer*) &Buffers; + Message.pBuffers = (PSecBuffer) &Buffers; status = credssp->table->DecryptMessage(&credssp->context, &Message, 0, &pfQOP); @@ -652,7 +652,7 @@ SECURITY_STATUS credssp_encrypt_ts_credentials(rdpCredssp* credssp) credssp_encode_ts_credentials(credssp); Buffers[0].BufferType = SECBUFFER_DATA; /* TSCredentials */ - Buffers[1].BufferType = SECBUFFER_PADDING; /* Signature */ + Buffers[1].BufferType = SECBUFFER_TOKEN; /* Signature */ Buffers[0].cbBuffer = credssp->ts_credentials.cbBuffer; Buffers[0].pvBuffer = xmalloc(Buffers[0].cbBuffer); @@ -663,7 +663,7 @@ SECURITY_STATUS credssp_encrypt_ts_credentials(rdpCredssp* credssp) Message.cBuffers = 2; Message.ulVersion = SECBUFFER_VERSION; - Message.pBuffers = (SecBuffer*) &Buffers; + Message.pBuffers = (PSecBuffer) &Buffers; sspi_SecBufferAlloc(&credssp->authInfo, Buffers[0].cbBuffer + Buffers[1].cbBuffer); @@ -1067,6 +1067,6 @@ const SecPkgInfo CREDSSP_SecPkgInfo = 1, /* wVersion */ 0xFFFF, /* wRPCID */ 0x000090A8, /* cbMaxToken */ - "CREDSSP", /* Name */ - "Microsoft CredSSP Security Provider" /* Comment */ + L"CREDSSP", /* Name */ + L"Microsoft CredSSP Security Provider" /* Comment */ }; diff --git a/libfreerdp-sspi/sspi.c b/libfreerdp-sspi/sspi.c index cd91241ab..fb421b3d1 100644 --- a/libfreerdp-sspi/sspi.c +++ b/libfreerdp-sspi/sspi.c @@ -25,10 +25,11 @@ /* Authentication Functions: http://msdn.microsoft.com/en-us/library/windows/desktop/aa374731/ */ +#ifndef NATIVE_SSPI + extern const SecPkgInfo NTLM_SecPkgInfo; extern const SecPkgInfo CREDSSP_SecPkgInfo; -const SecurityFunctionTable SSPI_SecurityFunctionTable; extern const SecurityFunctionTable NTLM_SecurityFunctionTable; extern const SecurityFunctionTable CREDSSP_SecurityFunctionTable; @@ -38,6 +39,8 @@ const SecPkgInfo* SecPkgInfo_LIST[] = &CREDSSP_SecPkgInfo }; +const SecurityFunctionTable SSPI_SecurityFunctionTable; + struct _SecurityFunctionTable_NAME { char* Name; @@ -51,6 +54,8 @@ const SecurityFunctionTable_NAME SecurityFunctionTable_NAME_LIST[] = { "CREDSSP", &CREDSSP_SecurityFunctionTable } }; +#endif + #define SecHandle_LOWER_MAX 0xFFFFFFFF #define SecHandle_UPPER_MAX 0xFFFFFFFE @@ -129,40 +134,6 @@ void* sspi_ContextBufferAlloc(uint32 allocatorIndex, size_t size) return sspi_ContextBufferAlloc(allocatorIndex, size); } -void FreeContextBuffer_EnumerateSecurityPackages(void* contextBuffer); -void FreeContextBuffer_QuerySecurityPackageInfo(void* contextBuffer); - -void sspi_ContextBufferFree(void* contextBuffer) -{ - int index; - uint32 allocatorIndex; - - for (index = 0; index < (int) ContextBufferAllocTable.cMaxEntries; index++) - { - if (contextBuffer == ContextBufferAllocTable.entries[index].contextBuffer) - { - contextBuffer = ContextBufferAllocTable.entries[index].contextBuffer; - allocatorIndex = ContextBufferAllocTable.entries[index].allocatorIndex; - - ContextBufferAllocTable.cEntries--; - - ContextBufferAllocTable.entries[index].allocatorIndex = 0; - ContextBufferAllocTable.entries[index].contextBuffer = NULL; - - switch (allocatorIndex) - { - case EnumerateSecurityPackagesIndex: - FreeContextBuffer_EnumerateSecurityPackages(contextBuffer); - break; - - case QuerySecurityPackageInfoIndex: - FreeContextBuffer_QuerySecurityPackageInfo(contextBuffer); - break; - } - } - } -} - CREDENTIALS* sspi_CredentialsNew() { CREDENTIALS* credentials; @@ -185,13 +156,13 @@ void sspi_CredentialsFree(CREDENTIALS* credentials) xfree(credentials); } -void sspi_SecBufferAlloc(SecBuffer* SecBuffer, size_t size) +void sspi_SecBufferAlloc(PSecBuffer SecBuffer, size_t size) { SecBuffer->cbBuffer = size; SecBuffer->pvBuffer = xzalloc(size); } -void sspi_SecBufferFree(SecBuffer* SecBuffer) +void sspi_SecBufferFree(PSecBuffer SecBuffer) { SecBuffer->cbBuffer = 0; xfree(SecBuffer->pvBuffer); @@ -238,7 +209,7 @@ void sspi_SecureHandleSetLowerPointer(SecHandle* handle, void* pointer) if (!handle) return; - handle->dwLower = (uint32*) (~((size_t) pointer)); + handle->dwLower = (ULONG_PTR) (~((size_t) pointer)); } void* sspi_SecureHandleGetUpperPointer(SecHandle* handle) @@ -258,7 +229,7 @@ void sspi_SecureHandleSetUpperPointer(SecHandle* handle, void* pointer) if (!handle) return; - handle->dwUpper = (uint32*) (~((size_t) pointer)); + handle->dwUpper = (ULONG_PTR) (~((size_t) pointer)); } void sspi_SecureHandleFree(SecHandle* handle) @@ -269,6 +240,18 @@ void sspi_SecureHandleFree(SecHandle* handle) xfree(handle); } +void sspi_GlobalInit() +{ + sspi_ContextBufferAllocTableNew(); +} + +void sspi_GlobalFinish() +{ + sspi_ContextBufferAllocTableFree(); +} + +#ifndef NATIVE_SSPI + SecurityFunctionTable* sspi_GetSecurityFunctionTableByName(const char* Name) { int index; @@ -287,17 +270,39 @@ SecurityFunctionTable* sspi_GetSecurityFunctionTableByName(const char* Name) return NULL; } -void sspi_GlobalInit() -{ - sspi_ContextBufferAllocTableNew(); -} +void FreeContextBuffer_EnumerateSecurityPackages(void* contextBuffer); +void FreeContextBuffer_QuerySecurityPackageInfo(void* contextBuffer); -void sspi_GlobalFinish() +void sspi_ContextBufferFree(void* contextBuffer) { - sspi_ContextBufferAllocTableFree(); -} + int index; + uint32 allocatorIndex; -#ifndef NATIVE_SSPI + for (index = 0; index < (int) ContextBufferAllocTable.cMaxEntries; index++) + { + if (contextBuffer == ContextBufferAllocTable.entries[index].contextBuffer) + { + contextBuffer = ContextBufferAllocTable.entries[index].contextBuffer; + allocatorIndex = ContextBufferAllocTable.entries[index].allocatorIndex; + + ContextBufferAllocTable.cEntries--; + + ContextBufferAllocTable.entries[index].allocatorIndex = 0; + ContextBufferAllocTable.entries[index].contextBuffer = NULL; + + switch (allocatorIndex) + { + case EnumerateSecurityPackagesIndex: + FreeContextBuffer_EnumerateSecurityPackages(contextBuffer); + break; + + case QuerySecurityPackageInfoIndex: + FreeContextBuffer_QuerySecurityPackageInfo(contextBuffer); + break; + } + } + } +} /* Package Management */ @@ -408,7 +413,7 @@ void FreeContextBuffer_QuerySecurityPackageInfo(void* contextBuffer) SECURITY_STATUS AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn, - void* pvGetKeyArgument, CredHandle* phCredential, TimeStamp* ptsExpiry) + void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry) { SECURITY_STATUS status; SecurityFunctionTable* table = sspi_GetSecurityFunctionTableByName(pszPackage); @@ -425,12 +430,12 @@ SECURITY_STATUS AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage, return status; } -SECURITY_STATUS ExportSecurityContext(CtxtHandle* phContext, uint32 fFlags, SecBuffer* pPackedContext, void* pToken) +SECURITY_STATUS ExportSecurityContext(PCtxtHandle phContext, uint32 fFlags, PSecBuffer pPackedContext, void* pToken) { return SEC_E_OK; } -SECURITY_STATUS FreeCredentialsHandle(CredHandle* phCredential) +SECURITY_STATUS FreeCredentialsHandle(PCredHandle phCredential) { char* Name; SECURITY_STATUS status; @@ -454,12 +459,12 @@ SECURITY_STATUS FreeCredentialsHandle(CredHandle* phCredential) return status; } -SECURITY_STATUS ImportSecurityContext(char* pszPackage, SecBuffer* pPackedContext, void* pToken, CtxtHandle* phContext) +SECURITY_STATUS ImportSecurityContext(char* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext) { return SEC_E_OK; } -SECURITY_STATUS QueryCredentialsAttributes(CredHandle* phCredential, uint32 ulAttribute, void* pBuffer) +SECURITY_STATUS QueryCredentialsAttributes(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer) { char* Name; SECURITY_STATUS status; @@ -485,9 +490,9 @@ SECURITY_STATUS QueryCredentialsAttributes(CredHandle* phCredential, uint32 ulAt /* Context Management */ -SECURITY_STATUS AcceptSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, - SecBufferDesc* pInput, uint32 fContextReq, uint32 TargetDataRep, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp) +SECURITY_STATUS AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, + PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp) { char* Name; SECURITY_STATUS status; @@ -512,17 +517,17 @@ SECURITY_STATUS AcceptSecurityContext(CredHandle* phCredential, CtxtHandle* phCo return status; } -SECURITY_STATUS ApplyControlToken(CtxtHandle* phContext, SecBufferDesc* pInput) +SECURITY_STATUS ApplyControlToken(PCtxtHandle phContext, PSecBufferDesc pInput) { return SEC_E_OK; } -SECURITY_STATUS CompleteAuthToken(CtxtHandle* phContext, SecBufferDesc* pToken) +SECURITY_STATUS CompleteAuthToken(PCtxtHandle phContext, PSecBufferDesc pToken) { return SEC_E_OK; } -SECURITY_STATUS DeleteSecurityContext(CtxtHandle* phContext) +SECURITY_STATUS DeleteSecurityContext(PCtxtHandle phContext) { char* Name; SECURITY_STATUS status; @@ -556,15 +561,15 @@ SECURITY_STATUS FreeContextBuffer(void* pvContextBuffer) return SEC_E_OK; } -SECURITY_STATUS ImpersonateSecurityContext(CtxtHandle* phContext) +SECURITY_STATUS ImpersonateSecurityContext(PCtxtHandle phContext) { return SEC_E_OK; } -SECURITY_STATUS InitializeSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, +SECURITY_STATUS InitializeSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep, - SecBufferDesc* pInput, uint32 Reserved2, CtxtHandle* phNewContext, - SecBufferDesc* pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) + PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext, + PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry) { char* Name; SECURITY_STATUS status; @@ -590,7 +595,7 @@ SECURITY_STATUS InitializeSecurityContext(CredHandle* phCredential, CtxtHandle* return status; } -SECURITY_STATUS QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer) +SECURITY_STATUS QueryContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer) { char* Name; SECURITY_STATUS status; @@ -614,24 +619,24 @@ SECURITY_STATUS QueryContextAttributes(CtxtHandle* phContext, uint32 ulAttribute return status; } -SECURITY_STATUS QuerySecurityContextToken(CtxtHandle* phContext, void* phToken) +SECURITY_STATUS QuerySecurityContextToken(PCtxtHandle phContext, void* phToken) { return SEC_E_OK; } -SECURITY_STATUS SetContextAttributes(CtxtHandle* phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer) +SECURITY_STATUS SetContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer) { return SEC_E_OK; } -SECURITY_STATUS RevertSecurityContext(CtxtHandle* phContext) +SECURITY_STATUS RevertSecurityContext(PCtxtHandle phContext) { return SEC_E_OK; } /* Message Support */ -SECURITY_STATUS DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { char* Name; SECURITY_STATUS status; @@ -655,7 +660,7 @@ SECURITY_STATUS DecryptMessage(CtxtHandle* phContext, SecBufferDesc* pMessage, u return status; } -SECURITY_STATUS EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { char* Name; SECURITY_STATUS status; @@ -679,7 +684,7 @@ SECURITY_STATUS EncryptMessage(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc return status; } -SECURITY_STATUS MakeSignature(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* pMessage, uint32 MessageSeqNo) +SECURITY_STATUS MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo) { char* Name; SECURITY_STATUS status; @@ -703,7 +708,7 @@ SECURITY_STATUS MakeSignature(CtxtHandle* phContext, uint32 fQOP, SecBufferDesc* return status; } -SECURITY_STATUS VerifySignature(CtxtHandle* phContext, SecBufferDesc* pMessage, uint32 MessageSeqNo, uint32* pfQOP) +SECURITY_STATUS VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP) { char* Name; SECURITY_STATUS status; diff --git a/libfreerdp-sspi/sspi.h b/libfreerdp-sspi/sspi.h index 14e846647..0cac339c4 100644 --- a/libfreerdp-sspi/sspi.h +++ b/libfreerdp-sspi/sspi.h @@ -33,8 +33,8 @@ typedef struct _CREDENTIALS CREDENTIALS; CREDENTIALS* sspi_CredentialsNew(); void sspi_CredentialsFree(CREDENTIALS* credentials); -void sspi_SecBufferAlloc(SecBuffer* SecBuffer, size_t size); -void sspi_SecBufferFree(SecBuffer* SecBuffer); +void sspi_SecBufferAlloc(PSecBuffer SecBuffer, size_t size); +void sspi_SecBufferFree(PSecBuffer SecBuffer); SecHandle* sspi_SecureHandleAlloc(); void sspi_SecureHandleInit(SecHandle* handle);