Author: sserapion
Date: Thu May 12 19:47:08 2011
New Revision: 51687
URL: http://svn.reactos.org/svn/reactos?rev=51687&view=rev
Log:
[ntlmssp]
- WIP code.
- Implement most of AcquireCredentialsHandle and some supporting code.
- Implement Memory protector and RNG routines(not completely working in ros!
see dllmain.c for comments).
- Started implementing context support routines.
- Made provisions for future LSA AP mode.
Added:
branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c (with props)
branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.c (with props)
branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.h (with props)
branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c (with props)
branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c (with props)
Modified:
branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c
branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c
branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c
branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c
branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h
branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild
branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c?rev=51687&r1=51686&r2=51687&view=diff
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c [iso-8859-1]
(original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c [iso-8859-1] Thu
May 12 19:47:08 2011
@@ -21,34 +21,138 @@
WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
-/***********************************************************************
- * InitializeSecurityContextW
- */
-SECURITY_STATUS SEC_ENTRY InitializeSecurityContextW(
- PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName,
- ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
- PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
+CRITICAL_SECTION ContextCritSect;
+LIST_ENTRY ValidContextList;
+
+NTSTATUS
+NtlmContextInitialize(VOID)
+{
+ InitializeCriticalSection(&ContextCritSect);
+ InitializeListHead(&ValidContextList);
+
+ return STATUS_SUCCESS;
+}
+
+VOID
+NtlmReferenceContext(IN ULONG_PTR Handle)
+{
+ PNTLMSSP_CONTEXT Context = (PNTLMSSP_CONTEXT)Handle;
+
+ EnterCriticalSection(&ContextCritSect);
+
+ ASSERT(Context->RefCount > 0);
+
+ /* A context that is not authenticated is only valid for a
+ pre-determined interval */
+ if (NtlmIntervalElapsed(Context->StartTime, Context->Timeout))
+ {
+ if ((Context->State != Authenticated) &&
+ (Context->State != AuthenticateSent) &&
+ (Context->State != PassedToService))
+ {
+ ERR("Context %p has timed out\n", Context);
+ LeaveCriticalSection(&ContextCritSect);
+ return;
+ }
+ }
+ Context->RefCount += 1;
+ LeaveCriticalSection(&ContextCritSect);
+}
+
+VOID
+NtlmDereferenceContext(IN ULONG_PTR Handle)
+{
+ PNTLMSSP_CONTEXT Context = (PNTLMSSP_CONTEXT)Handle;
+
+ EnterCriticalSection(&ContextCritSect);
+
+ ASSERT(Context->RefCount >= 1);
+
+ Context->RefCount -= 1;
+
+ /* If there are no references free the object */
+ if (Context->RefCount == 0)
+ {
+ ERR("Deleting context %p\n",Context);
+ /* free memory */
+ NtlmFree(Context);
+ }
+
+ LeaveCriticalSection(&ContextCritSect);
+}
+
+VOID
+NtlmContextTerminate(VOID)
+{
+ EnterCriticalSection(&ContextCritSect);
+
+ /* dereference all items */
+ while (!IsListEmpty(&ValidContextList))
+ {
+ PNTLMSSP_CONTEXT Context;
+ Context = CONTAINING_RECORD(ValidContextList.Flink,
+ NTLMSSP_CONTEXT,
+ Entry);
+
+ NtlmDereferenceContext((ULONG_PTR)Context);
+ }
+
+ LeaveCriticalSection(&ContextCritSect);
+
+ /* free critical section */
+ DeleteCriticalSection(&ContextCritSect);
+
+ return;
+}
+
+/* public functions */
+
+SECURITY_STATUS
+SEC_ENTRY
+InitializeSecurityContextW(IN OPTIONAL PCredHandle phCredential,
+ IN OPTIONAL PCtxtHandle phContext,
+ IN OPTIONAL SEC_WCHAR *pszTargetName,
+ IN ULONG fContextReq,
+ IN ULONG Reserved1,
+ IN ULONG TargetDataRep,
+ IN OPTIONAL PSecBufferDesc pInput,
+ IN ULONG Reserved2,
+ IN OUT OPTIONAL PCtxtHandle phNewContext,
+ IN OUT OPTIONAL PSecBufferDesc pOutput,
+ OUT ULONG *pfContextAttr,
+ OUT OPTIONAL PTimeStamp ptsExpiry)
{
SECURITY_STATUS ret = SEC_E_INVALID_HANDLE;
+ SecBuffer inputTokens[2];
+ SecBuffer outputTokens[2];
+ UCHAR sessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
TRACE("%p %p %s 0x%08x %d %d %p %d %p %p %p %p\n", phCredential, phContext,
debugstr_w(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
- FIXME("AcceptSecurityContext Unimplemented\n");
-
- return ret;
-}
-
-/***********************************************************************
- * InitializeSecurityContextA
- */
-SECURITY_STATUS SEC_ENTRY InitializeSecurityContextA(
- PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName,
- ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
- PSecBufferDesc pInput,ULONG Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
+ if(TargetDataRep == SECURITY_NETWORK_DREP)
+ WARN("SECURITY_NETWORK_DREP\n");
+
+ RtlZeroMemory(sessionKey, MSV1_0_USER_SESSION_KEY_LENGTH);
+
+ return ret;
+}
+
+SECURITY_STATUS
+SEC_ENTRY
+InitializeSecurityContextA(IN OPTIONAL PCredHandle phCredential,
+ IN OPTIONAL PCtxtHandle phContext,
+ IN OPTIONAL SEC_CHAR *pszTargetName,
+ IN ULONG fContextReq,
+ IN ULONG Reserved1,
+ IN ULONG TargetDataRep,
+ IN OPTIONAL PSecBufferDesc pInput,
+ IN ULONG Reserved2,
+ IN OUT OPTIONAL PCtxtHandle phNewContext,
+ IN OUT OPTIONAL PSecBufferDesc pOutput,
+ OUT ULONG *pfContextAttr,
+ OUT OPTIONAL PTimeStamp ptsExpiry)
{
SECURITY_STATUS ret;
SEC_WCHAR *target = NULL;
@@ -75,33 +179,41 @@
return ret;
}
-/***********************************************************************
- * QueryContextAttributesW
- */
-SECURITY_STATUS SEC_ENTRY QueryContextAttributesW(PCtxtHandle phContext,
- ULONG ulAttribute, void *pBuffer)
+SECURITY_STATUS
+SEC_ENTRY
+QueryContextAttributesW(PCtxtHandle phContext,
+ ULONG ulAttribute,
+ void *pBuffer)
{
TRACE("%p %d %p\n", phContext, ulAttribute, pBuffer);
if (!phContext)
return SEC_E_INVALID_HANDLE;
+ UNIMPLEMENTED;
+
return SEC_E_UNSUPPORTED_FUNCTION;
}
-
-/***********************************************************************
- * QueryContextAttributesA
- */
-SECURITY_STATUS SEC_ENTRY QueryContextAttributesA(PCtxtHandle phContext,
- ULONG ulAttribute, void *pBuffer)
+SECURITY_STATUS
+SEC_ENTRY
+QueryContextAttributesA(PCtxtHandle phContext,
+ ULONG ulAttribute,
+ void *pBuffer)
{
return QueryContextAttributesW(phContext, ulAttribute, pBuffer);
}
-SECURITY_STATUS SEC_ENTRY AcceptSecurityContext(
- PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput,
- ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
+SECURITY_STATUS
+SEC_ENTRY
+AcceptSecurityContext(IN PCredHandle phCredential,
+ IN OUT PCtxtHandle phContext,
+ IN PSecBufferDesc pInput,
+ IN ULONG fContextReq,
+ IN ULONG TargetDataRep,
+ IN OUT PCtxtHandle phNewContext,
+ IN OUT PSecBufferDesc pOutput,
+ OUT ULONG *pfContextAttr,
+ OUT PTimeStamp ptsExpiry)
{
SECURITY_STATUS ret = SEC_E_INVALID_HANDLE;
@@ -109,30 +221,28 @@
fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr,
ptsExpiry);
- FIXME("AcceptSecurityContext Unimplemented\n");
-
- return ret;
-}
-
-/***********************************************************************
- * DeleteSecurityContext
- */
-SECURITY_STATUS SEC_ENTRY DeleteSecurityContext(PCtxtHandle phContext)
+ UNIMPLEMENTED;
+
+ return ret;
+}
+
+SECURITY_STATUS
+SEC_ENTRY
+DeleteSecurityContext(PCtxtHandle phContext)
{
if (!phContext)
{
- ERR("Delete NULL context!\n");
return SEC_E_INVALID_HANDLE;
}
- FIXME("Delete context %p unimplemented\n", phContext);
+ NtlmDereferenceContext((ULONG_PTR)phContext);
+ phContext = NULL;
return SEC_E_OK;
}
-/***********************************************************************
- * ImpersonateSecurityContext
- */
-SECURITY_STATUS SEC_ENTRY ImpersonateSecurityContext(PCtxtHandle phContext)
+SECURITY_STATUS
+SEC_ENTRY
+ImpersonateSecurityContext(PCtxtHandle phContext)
{
SECURITY_STATUS ret;
@@ -151,7 +261,9 @@
/***********************************************************************
* RevertSecurityContext
*/
-SECURITY_STATUS SEC_ENTRY RevertSecurityContext(PCtxtHandle phContext)
+SECURITY_STATUS
+SEC_ENTRY
+RevertSecurityContext(PCtxtHandle phContext)
{
SECURITY_STATUS ret;
@@ -167,9 +279,20 @@
return ret;
}
-SECURITY_STATUS SEC_ENTRY FreeContextBuffer(PVOID pv)
+SECURITY_STATUS
+SEC_ENTRY
+FreeContextBuffer(PVOID pv)
{
HeapFree(GetProcessHeap(), 0, pv);
-
return SEC_E_OK;
}
+
+SECURITY_STATUS
+SEC_ENTRY
+ApplyControlToken(IN PCtxtHandle phContext,
+ IN PSecBufferDesc pInput)
+{
+
+ UNIMPLEMENTED;
+ return SEC_E_UNSUPPORTED_FUNCTION;
+}
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c?rev=51687&r1=51686&r2=51687&view=diff
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c [iso-8859-1]
(original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c [iso-8859-1]
Thu May 12 19:47:08 2011
@@ -21,11 +21,109 @@
WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
-/***********************************************************************
- * QueryCredentialsAttributesW
- */
-SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(
- PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer)
+CRITICAL_SECTION CredentialCritSect;
+LIST_ENTRY ValidCredentialList;
+
+
+/* private functions */
+NTSTATUS
+NtlmCredentialInitialize(VOID)
+{
+ InitializeCriticalSection(&CredentialCritSect);
+ InitializeListHead(&ValidCredentialList);
+ return STATUS_SUCCESS;
+}
+
+BOOL
+NtlmCompareCredentials(IN NTLMSSP_CREDENTIAL Credential1,
+ IN NTLMSSP_CREDENTIAL Credential2)
+{
+ UNIMPLEMENTED;
+ return FALSE;
+}
+
+/* FIXME: validate handles! */
+VOID
+NtlmReferenceCredential(IN ULONG_PTR Handle)
+{
+ PNTLMSSP_CREDENTIAL cred = (PNTLMSSP_CREDENTIAL)Handle;
+
+ EnterCriticalSection(&CredentialCritSect);
+
+ ASSERT(cred->RefCount > 0);
+ cred->RefCount += 1;
+
+ LeaveCriticalSection(&CredentialCritSect);
+}
+
+VOID
+NtlmDereferenceCredential(IN ULONG_PTR Handle)
+{
+ PNTLMSSP_CREDENTIAL cred = (PNTLMSSP_CREDENTIAL)Handle;
+
+ EnterCriticalSection(&CredentialCritSect);
+
+ TRACE("NtlmDereferenceCredential %p refcount %d\n", Handle,
cred->RefCount);
+
+ ASSERT(cred->RefCount >= 1);
+
+ cred->RefCount -= 1;
+
+ /* If there are no references free the object */
+ if (cred->RefCount == 0 )
+ {
+ TRACE("Deleting credential %p\n",cred);
+
+ /* free memory */
+ if(cred->DomainName.Buffer)
+ NtlmFree(cred->DomainName.Buffer);
+ if (cred->UserName.Buffer)
+ NtlmFree(cred->UserName.Buffer);
+ if (cred->Password.Buffer)
+ NtlmFree(cred->Password.Buffer);
+ if (cred->SecToken)
+ NtClose(cred->SecToken);
+
+ /* remove from list */
+ RemoveEntryList(&cred->Entry);
+
+ /* delete object */
+ NtlmFree(cred);
+ }
+ LeaveCriticalSection(&CredentialCritSect);
+}
+
+VOID
+NtlmCredentialTerminate(VOID)
+{
+ EnterCriticalSection(&CredentialCritSect);
+
+ /* dereference all items */
+ while (!IsListEmpty(&ValidCredentialList))
+ {
+ PNTLMSSP_CREDENTIAL Credential;
+ Credential = CONTAINING_RECORD(ValidCredentialList.Flink,
+ NTLMSSP_CREDENTIAL,
+ Entry);
+
+ NtlmDereferenceCredential((ULONG_PTR)Credential);
+ }
+
+ LeaveCriticalSection(&CredentialCritSect);
+
+ /* free critical section */
+ DeleteCriticalSection(&CredentialCritSect);
+
+ return;
+}
+
+/* public functions */
+
+SECURITY_STATUS
+SEC_ENTRY
+QueryCredentialsAttributesW(PCredHandle phCredential,
+ ULONG ulAttribute,
+ PVOID pBuffer)
{
SECURITY_STATUS ret;
@@ -42,12 +140,11 @@
return ret;
}
-
-/***********************************************************************
- * QueryCredentialsAttributesA
- */
-SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(
- PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer)
+SECURITY_STATUS
+SEC_ENTRY
+QueryCredentialsAttributesA(IN PCredHandle phCredential,
+ IN ULONG ulAttribute,
+ OUT PVOID pBuffer)
{
SECURITY_STATUS ret;
@@ -64,99 +161,166 @@
return ret;
}
-/***********************************************************************
- * AcquireCredentialsHandleW
- */
-SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW(
- SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse,
- PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
- PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
-{
- SECURITY_STATUS ret = SEC_E_UNSUPPORTED_FUNCTION;
- PNtlmCredentials cred = NULL;
- SEC_WCHAR *username = NULL, *domain = NULL;
-
- ERR("(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p)\n",
+SECURITY_STATUS
+SEC_ENTRY
+AcquireCredentialsHandleW(IN OPTIONAL SEC_WCHAR *pszPrincipal,
+ IN OPTIONAL SEC_WCHAR *pszPackage,
+ IN ULONG fCredentialUse,
+ IN PLUID pLogonID,
+ IN PVOID pAuthData,
+ IN SEC_GET_KEY_FN pGetKeyFn,
+ IN PVOID pGetKeyArgument,
+ OUT PCredHandle phCredential,
+ OUT PTimeStamp ptsExpiry)
+{
+
+ PNTLMSSP_CREDENTIAL cred = NULL;
+ SECURITY_STATUS ret = SEC_E_OK;
+ ULONG credFlags = fCredentialUse;
+ UNICODE_STRING username, domain, password;
+ BOOL foundCred = FALSE;
+ LUID luidToUse = SYSTEM_LUID;
+
+ TRACE("AcquireCredentialsHandleW(%s, %s, 0x%08x, %p, %p, %p, %p, %p,
%p)\n",
debugstr_w(pszPrincipal), debugstr_w(pszPackage), fCredentialUse,
pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
- FIXME("AcquireCredentialsHandleW Unimplemented\n");
- switch(fCredentialUse)
- {
- case SECPKG_CRED_INBOUND:
- cred = HeapAlloc(GetProcessHeap(), 0, sizeof(*cred));
- if (!cred)
- ret = SEC_E_INSUFFICIENT_MEMORY;
- else
- {
- cred->mode = NTLM_SERVER;
- cred->username_arg = NULL;
- cred->domain_arg = NULL;
- cred->password = NULL;
- cred->pwlen = 0;
- phCredential->dwUpper = fCredentialUse;
- phCredential->dwLower = (ULONG_PTR)cred;
- ret = SEC_E_OK;
- }
- break;
- case SECPKG_CRED_OUTBOUND:
- {
- cred = HeapAlloc(GetProcessHeap(), 0, sizeof(*cred));
- if (!cred)
- {
- ret = SEC_E_INSUFFICIENT_MEMORY;
- break;
- }
- cred->mode = NTLM_CLIENT;
- cred->username_arg = NULL;
- cred->domain_arg = NULL;
- cred->password = NULL;
- cred->pwlen = 0;
-
- if(pAuthData != NULL)
- {
- PSEC_WINNT_AUTH_IDENTITY_W auth_data = pAuthData;
-
- TRACE("Username is %s\n", debugstr_wn(auth_data->User,
auth_data->UserLength));
- TRACE("Domain name is %s\n",
debugstr_wn(auth_data->Domain, auth_data->DomainLength));
-
- //cred->username_arg = GetUsernameArg(auth_data->User,
auth_data->UserLength);
- //cred->domain_arg = GetDomainArg(auth_data->Domain,
auth_data->DomainLength);
- }
-
- phCredential->dwUpper = fCredentialUse;
- phCredential->dwLower = (ULONG_PTR)cred;
- TRACE("ACH phCredential->dwUpper: 0x%08lx, dwLower: 0x%08lx\n",
- phCredential->dwUpper, phCredential->dwLower);
- ret = SEC_E_OK;
- break;
- }
- case SECPKG_CRED_BOTH:
- FIXME("AcquireCredentialsHandle: SECPKG_CRED_BOTH stub\n");
- ret = SEC_E_UNSUPPORTED_FUNCTION;
- phCredential = NULL;
- break;
- default:
- phCredential = NULL;
- ret = SEC_E_UNKNOWN_CREDENTIALS;
- }
-
- HeapFree(GetProcessHeap(), 0, username);
- HeapFree(GetProcessHeap(), 0, domain);
+ if (pGetKeyFn || pGetKeyArgument)
+ {
+ WARN("msdn says these should always be null!\n");
+ return ret;
+ }
+
+ //initialize to null
+ RtlInitUnicodeString(&username, NULL);
+ RtlInitUnicodeString(&domain, NULL);
+ RtlInitUnicodeString(&password, NULL);
+
+ //if(fCredentialUse == SECPKG_CRED_OUTBOUND)
+ if(pAuthData)
+ {
+ PSEC_WINNT_AUTH_IDENTITY_W auth_data = pAuthData;
+
+ /* detect null session */
+ if ((auth_data->User) && (auth_data->Password) &&
+ (auth_data->Domain) && (!auth_data->UserLength) &&
+ (!auth_data->PasswordLength) &&(!auth_data->DomainLength))
+ {
+ WARN("Using null session.\n");
+ credFlags |= NTLM_CRED_NULLSESSION;
+ }
+
+ /* create unicode strings and null terminate buffers */
+
+ if(auth_data->User)
+ {
+ int len = auth_data->UserLength;
+ username.Buffer = NtlmAllocate((len+1) * sizeof(WCHAR));
+ if(username.Buffer)
+ {
+ username.MaximumLength = username.Length = len+1;
+ memcpy(username.Buffer, auth_data->User, len* sizeof(WCHAR));
+ username.Buffer[len+1] = L'\0';
+ }
+ else
+ return SEC_E_INSUFFICIENT_MEMORY;
+ }
+
+ if(auth_data->Password)
+ {
+ int len = auth_data->PasswordLength;
+ password.Buffer = NtlmAllocate((len+1) * sizeof(WCHAR));
+ if(password.Buffer)
+ {
+ password.MaximumLength = password.Length = len+1;
+ memcpy(password.Buffer, auth_data->Password, len*
sizeof(WCHAR));
+ password.Buffer[len+1] = L'\0';
+ }
+ else
+ return SEC_E_INSUFFICIENT_MEMORY;
+ }
+
+ if(auth_data->Domain)
+ {
+ int len = auth_data->DomainLength;
+ domain.Buffer = NtlmAllocate((len+1) * sizeof(WCHAR));
+ if(domain.Buffer)
+ {
+ domain.MaximumLength = domain.Length = len+1;
+ memcpy(domain.Buffer, auth_data->Domain, len* sizeof(WCHAR));
+ domain.Buffer[len+1] = L'\0';
+ }
+ else
+ return SEC_E_INSUFFICIENT_MEMORY;
+ }
+ }
+
+ /* FIXME: LOOKUP STORED CREDENTIALS!!! */
+
+ /* we need to build a credential */
+ /* refactor: move into seperate function */
+ if(!foundCred)
+ {
+ cred = (PNTLMSSP_CREDENTIAL)NtlmAllocate(sizeof(NTLMSSP_CREDENTIAL));
+ cred->RefCount = 1;
+ cred->ProcId = GetCurrentProcessId();//FIXME
+ cred->SecPackageFlags = credFlags;
+ cred->SecToken = NULL; //FIXME
+
+ /* FIX ME: check against LSA token */
+ if((cred->SecToken == NULL) && !(credFlags & NTLM_CRED_NULLSESSION))
+ {
+ /* check privilages? */
+ cred->LogonId = luidToUse;
+ }
+
+ if(domain.Buffer != NULL)
+ cred->DomainName = domain;
+
+ if(username.Buffer != NULL)
+ cred->UserName = username;
+
+ if(password.Buffer != NULL)
+ {
+ NtlmProtectMemory(password.Buffer, password.Length);
+ cred->Password = password;
+ }
+
+ EnterCriticalSection(&CredentialCritSect);
+ InsertHeadList(&ValidCredentialList, &cred->Entry);
+ LeaveCriticalSection(&CredentialCritSect);
+
+ TRACE("added credential %x\n",cred);
+ TRACE("%s %s %s",debugstr_w(username.Buffer),
debugstr_w(password.Buffer), debugstr_w(domain.Buffer));
+ }
+
+ /* return cred */
+ phCredential->dwUpper = credFlags;
+ phCredential->dwLower = (ULONG_PTR)cred;
+
+ //*ptsExpiry->HighPart = 0x7FFFFF36;
+ //*ptsExpiry->LowPart = 0xD5969FFF;
+
+
+ /* free strings as we used recycled credentials */
+ //if(foundCred)
return ret;
}
-
-/***********************************************************************
- * AcquireCredentialsHandleA
- */
-SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleA(
- SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse,
- PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
- PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
-{
- SECURITY_STATUS ret;
+SECURITY_STATUS
+SEC_ENTRY
+AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal,
+ SEC_CHAR *pszPackage,
+ ULONG fCredentialUse,
+ PLUID pLogonID,
+ PVOID pAuthData,
+ SEC_GET_KEY_FN pGetKeyFn,
+ PVOID pGetKeyArgument,
+ PCredHandle phCredential,
+ PTimeStamp ptsExpiry)
+{
+ SECURITY_STATUS ret = SEC_E_OK;
int user_sizeW, domain_sizeW, passwd_sizeW;
SEC_WCHAR *user = NULL, *domain = NULL, *passwd = NULL, *package = NULL;
@@ -164,7 +328,7 @@
PSEC_WINNT_AUTH_IDENTITY_W pAuthDataW = NULL;
PSEC_WINNT_AUTH_IDENTITY_A identity = NULL;
- ERR("(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p)\n",
+ TRACE("AcquireCredentialsHandleA(%s, %s, 0x%08x, %p, %p, %p, %p, %p,
%p)\n",
debugstr_a(pszPrincipal), debugstr_a(pszPackage), fCredentialUse,
pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
@@ -178,7 +342,6 @@
MultiByteToWideChar(CP_ACP, 0, pszPackage, -1, package, package_sizeW);
}
-
if(pAuthData != NULL)
{
identity = pAuthData;
@@ -259,28 +422,17 @@
return ret;
}
-/***********************************************************************
- * FreeCredentialsHandle
- */
-SECURITY_STATUS SEC_ENTRY FreeCredentialsHandle(
- PCredHandle phCredential)
-{
- SECURITY_STATUS ret;
-
- if(phCredential){
- PNtlmCredentials cred = (PNtlmCredentials) phCredential->dwLower;
- phCredential->dwUpper = 0;
- phCredential->dwLower = 0;
- if (cred->password)
- memset(cred->password, 0, cred->pwlen);
- HeapFree(GetProcessHeap(), 0, cred->password);
- HeapFree(GetProcessHeap(), 0, cred->username_arg);
- HeapFree(GetProcessHeap(), 0, cred->domain_arg);
- HeapFree(GetProcessHeap(), 0, cred);
- ret = SEC_E_OK;
- }
- else
- ret = SEC_E_OK;
-
- return ret;
-}
+SECURITY_STATUS
+SEC_ENTRY
+FreeCredentialsHandle(PCredHandle phCredential)
+{
+ TRACE("FreeCredentialsHandle %x %x %x\n", phCredential,
phCredential->dwLower);
+
+ if(!phCredential) /* fixme: more handle validation */
+ return SEC_E_INVALID_HANDLE;
+
+ NtlmDereferenceCredential((ULONG_PTR)phCredential->dwLower);
+ phCredential = NULL;
+
+ return SEC_E_OK;
+}
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c?rev=51687&view=auto
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c [iso-8859-1] Thu
May 12 19:47:08 2011
@@ -1,0 +1,128 @@
+/*
+ * Copyright 2011 Samuel SerapiĆ³n
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+#include "ntlm.h"
+#include <wincrypt.h>
+#include "rc4.h"
+
+HCRYPTPROV Prov;
+PVOID LockedMemoryPtr = NULL;
+ULONG LockedMemorySize = 0;
+
+WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
+
+BOOL
+NtlmInitializeRNG(VOID)
+{
+ BOOL ret;
+
+ /* prevent double initialization */
+ if(Prov)
+ return TRUE;
+
+ ret = CryptAcquireContext(&Prov,
+ NULL,
+ NULL,
+ PROV_RSA_FULL,
+ CRYPT_VERIFYCONTEXT);
+
+ if(!ret)
+ ERR("CryptAcquireContext failed with %x.\n",GetLastError());
+ return ret;
+}
+
+VOID
+NtlmTerminateRNG(VOID)
+{
+ if(Prov)
+ {
+ CryptReleaseContext(Prov,0);
+ Prov = 0;
+ }
+}
+
+NTSTATUS
+NtlmGenerateRandomBits(VOID *Bits, ULONG Size)
+{
+ if(CryptGenRandom(Prov, Size, (BYTE*)Bits))
+ return STATUS_SUCCESS;
+
+ /* fix me: translate win32 error? */
+ return STATUS_UNSUCCESSFUL;
+}
+
+BOOL
+NtlmProtectMemory(VOID *Data, ULONG Size)
+{
+ rc4_key rc4key;
+
+ if(Data == NULL || Size == 0)
+ return TRUE;
+
+ if(LockedMemoryPtr == NULL)
+ return FALSE;
+
+ rc4_init(&rc4key, (unsigned char*)LockedMemoryPtr, LockedMemorySize);
+ rc4_crypt(&rc4key, (unsigned char *)Data,(unsigned char *)Data, Size);
+
+ ZeroMemory(&rc4key, sizeof(rc4key));
+
+ return TRUE;
+}
+
+BOOL
+NtlmUnProtectMemory(VOID *Data, ULONG Size)
+{
+ return NtlmProtectMemory(Data, Size);
+}
+
+VOID
+NtlmTerminateProtectedMemory(VOID)
+{
+ if(LockedMemoryPtr)
+ {
+ ZeroMemory(LockedMemoryPtr, LockedMemorySize);
+ VirtualFree(LockedMemoryPtr, 0, MEM_RELEASE);
+ LockedMemoryPtr = NULL;
+ }
+}
+
+BOOL
+NtlmInitializeProtectedMemory(VOID)
+{
+ /* key size of the algorithm */
+ LockedMemorySize = 256;
+
+ LockedMemoryPtr = VirtualAlloc(NULL,
+ LockedMemorySize,
+ MEM_COMMIT,
+ PAGE_READWRITE);
+
+ if(!LockedMemoryPtr)
+ return FALSE;
+
+ /* do actual locking */
+ VirtualLock(LockedMemoryPtr, LockedMemorySize);
+
+ if(!NT_SUCCESS(NtlmGenerateRandomBits(LockedMemoryPtr, LockedMemorySize)))
+ {
+ NtlmTerminateProtectedMemory();
+ return FALSE;
+ }
+
+ return TRUE;
+}
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c
------------------------------------------------------------------------------
svn:eol-style = native
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c?rev=51687&r1=51686&r2=51687&view=diff
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c [iso-8859-1]
(original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c [iso-8859-1] Thu
May 12 19:47:08 2011
@@ -20,12 +20,37 @@
WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
+
+BOOL SetupIsActive(VOID);
+
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
- TRACE("(0x%p, %d, %p)\n",hinstDLL,fdwReason,lpvReserved);
+ TRACE("(0x%p, %d, %p)\n",hinstDLL,fdwReason,lpvReserved);
- if (fdwReason == DLL_PROCESS_ATTACH)
- DisableThreadLibraryCalls(hinstDLL);
+ switch (fdwReason)
+ {
+ case DLL_PROCESS_ATTACH:
+ DisableThreadLibraryCalls(hinstDLL);
- return TRUE;
+ /* hack: rsaehn has still not registered its crypto providers */
+ /* its not like we are going to logon to anything yet */
+ if(!SetupIsActive())
+ {
+ //REACTOS BUG: even after 2nd stage crypto providers are not
available!
+ //NtlmInitializeRNG();
+ //NtlmInitializeProtectedMemory();
+ }
+ NtlmCredentialInitialize();
+ NtlmContextInitialize();
+ break;
+ case DLL_PROCESS_DETACH:
+ NtlmContextTerminate();
+ NtlmCredentialTerminate();
+ NtlmTerminateRNG();
+ NtlmTerminateProtectedMemory();
+ break;
+ default:
+ break;
+ }
+ return TRUE;
}
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c?rev=51687&r1=51686&r2=51687&view=diff
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c [iso-8859-1]
(original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c [iso-8859-1] Thu May
12 19:47:08 2011
@@ -19,6 +19,9 @@
#include "ntlm.h"
WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
+
+/* FIXME: hardcoded NtlmUserMode */
+NTLM_MODE NtlmMode = NtlmUserMode;
static SecurityFunctionTableA ntlmTableA = {
SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
@@ -92,7 +95,6 @@
ret = QuerySecurityPackageInfoA(NULL, ppPackageInfo);
*pcPackages = 1;
- ERR("EnumerateSecurityPackagesW returning! \n");
return ret;
}
@@ -106,7 +108,6 @@
ret = QuerySecurityPackageInfoW(NULL, ppPackageInfo);
*pcPackages = 1;
- ERR("EnumerateSecurityPackagesW returning! \n");
return ret;
}
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h?rev=51687&r1=51686&r2=51687&view=diff
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h [iso-8859-1]
(original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h [iso-8859-1] Thu May
12 19:47:08 2011
@@ -23,18 +23,25 @@
#include <stdarg.h>
#include <stdio.h>
-#include "ntstatus.h"
+#include <ntstatus.h>
#define WIN32_NO_STATUS
-#include "windows.h"
+#include <windows.h>
+#include <ndk/ntndk.h>
#define SECURITY_WIN32
#define _NO_KSECDD_IMPORT_
-#include "rpc.h"
-#include "sspi.h"
-#include "ntsecapi.h"
-#include "ntsecpkg.h"
+#include <rpc.h>
+#include <sspi.h>
+#include <ntsecapi.h>
+#include <ntsecpkg.h>
#include "wine/unicode.h"
#include "wine/debug.h"
+
+/* globals */
+extern SECPKG_FUNCTION_TABLE NtLmPkgFuncTable; //functions we provide to LSA
in SpLsaModeInitialize
+extern PSECPKG_DLL_FUNCTIONS NtlmPkgDllFuncTable; //fuctions provided by LSA
in SpInstanceInit
+extern SECPKG_USER_FUNCTION_TABLE NtlmUmodeFuncTable; //fuctions we provide
via SpUserModeInitialize
+extern PLSA_SECPKG_FUNCTION_TABLE NtlmLsaFuncTable; // functions provided by
LSA in SpInitialize
#define NTLM_NAME_A "NTLM\0"
#define NTLM_NAME_W L"NTLM\0"
@@ -42,18 +49,20 @@
#define NTLM_COMMENT_A "NTLM Security Package\0"
#define NTLM_COMMENT_W L"NTLM Security Package\0"
-/* According to Windows, NTLM has the following capabilities. */
+/* NTLM has the following capabilities. */
#define NTLM_CAPS ( \
+ SECPKG_FLAG_ACCEPT_WIN32_NAME | \
+ SECPKG_FLAG_CONNECTION | \
+ SECPKG_FLAG_IMPERSONATION | \
SECPKG_FLAG_INTEGRITY | \
+ SECPKG_FLAG_LOGON | \
+ SECPKG_FLAG_MULTI_REQUIRED | \
+ SECPKG_FLAG_NEGOTIABLE | \
SECPKG_FLAG_PRIVACY | \
- SECPKG_FLAG_TOKEN_ONLY | \
- SECPKG_FLAG_CONNECTION | \
- SECPKG_FLAG_MULTI_REQUIRED | \
- SECPKG_FLAG_IMPERSONATION | \
- SECPKG_FLAG_ACCEPT_WIN32_NAME | \
- SECPKG_FLAG_READONLY_WITH_CHECKSUM)
+ SECPKG_FLAG_TOKEN_ONLY)
-#define NTLM_MAX_BUF 1904 /* wtf? */
+#define NTLM_MAX_BUF 1904
+#define NTLM_CRED_NULLSESSION SECPKG_CRED_RESERVED
/* NTLMSSP flags indicating the negotiated features */
#define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
@@ -76,176 +85,108 @@
#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
-typedef struct tag_arc4_info {
- unsigned char x, y;
- unsigned char state[256];
-} arc4_info;
-typedef enum _helper_mode /* remove? */
+typedef enum _NTLM_MODE {
+ NtlmLsaMode = 1,
+ NtlmUserMode
+} NTLM_MODE, *PNTLM_MODE;
+
+extern NTLM_MODE NtlmMode;
+
+typedef struct _NTLMSSP_CREDENTIAL
{
- NTLM_SERVER,
- NTLM_CLIENT,
- NUM_HELPER_MODES
-} HelperMode;
+ LIST_ENTRY Entry;
+ ULONG RefCount;
+ ULONG SecPackageFlags;
+ UNICODE_STRING DomainName;
+ UNICODE_STRING UserName;
+ UNICODE_STRING Password;
+ ULONG ProcId;
+ HANDLE SecToken;
+ LUID LogonId;
-typedef struct _NtlmCredentials /* remove? */
+} NTLMSSP_CREDENTIAL, *PNTLMSSP_CREDENTIAL;
+
+typedef enum {
+ Idle,
+ NegotiateSent,
+ ChallengeSent,
+ AuthenticateSent,
+ Authenticated,
+ PassedToService
+} NTLM_CONTEXT_STATE, *PNTLM_CONTEXT_STATE;
+
+typedef struct _NTLMSSP_CONTEXT
{
- HelperMode mode;
- char *username_arg;
- char *domain_arg;
- char *password;
- int pwlen;
-} NtlmCredentials, *PNtlmCredentials;
+ LIST_ENTRY Entry;
+ LARGE_INTEGER StartTime;//context creation time
+ ULONG Timeout;//how long context is valid pre-authentication
+ ULONG RefCount;
+ ULONG ProtocolFlags;
+ ULONG ContextFlags;
+ NTLM_CONTEXT_STATE State;
+ HANDLE SecToken;
+ PNTLMSSP_CREDENTIAL Credential; //creator
+ UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH]; //ChallengeSent
+ UCHAR SessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]; //LSA
+ BOOL isServer;
+ ULONG ProcId;
+} NTLMSSP_CONTEXT, *PNTLMSSP_CONTEXT;
-typedef struct _NegoHelper { /* remove? */
- HelperMode mode;
- int pipe_in;
- int pipe_out;
- int major;
- int minor;
- int micro;
- char *com_buf;
- int com_buf_size;
- int com_buf_offset;
- BYTE *session_key;
- ULONG neg_flags;
- struct {
- struct {
- ULONG seq_num;
- arc4_info *a4i;
- } ntlm;
- struct {
- BYTE *send_sign_key;
- BYTE *send_seal_key;
- BYTE *recv_sign_key;
- BYTE *recv_seal_key;
- ULONG send_seq_no;
- ULONG recv_seq_no;
- arc4_info *send_a4i;
- arc4_info *recv_a4i;
- } ntlm2;
- } crypt;
-} NegoHelper, *PNegoHelper;
+/* private functions */
-typedef enum _sign_direction { /* remove? */
- NTLM_SEND,
- NTLM_RECV
-} SignDirection;
+/* credentials.c */
+NTSTATUS
+NtlmCredentialInitialize(VOID);
-/* functions */
+VOID
+NtlmCredentialTerminate(VOID);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_QueryCredentialsAttributesA(
- PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer);
+/* context.c */
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_AcquireCredentialsHandleA(
- SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse,
- PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
- PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry);
+NTSTATUS
+NtlmContextInitialize(VOID);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_FreeCredentialsHandle(
- PCredHandle phCredential);
+VOID
+NtlmContextTerminate(VOID);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_InitializeSecurityContextA(
- PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR
*pszTargetName,
- ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
- PSecBufferDesc pInput,ULONG Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry);
+/* crypt.c */
+BOOL
+NtlmInitializeRNG(VOID);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_AcceptSecurityContext(
- PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput,
- ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry);
+VOID
+NtlmTerminateRNG(VOID);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_CompleteAuthToken(PCtxtHandle phContext,
- PSecBufferDesc pToken);
+NTSTATUS
+NtlmGenerateRandomBits(VOID *Bits,
+ ULONG Size);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_DeleteSecurityContext(
- PCtxtHandle phContext);
+BOOL
+NtlmInitializeProtectedMemory(VOID);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_QueryContextAttributesA(
- PCtxtHandle phContext,
- ULONG ulAttribute, void *pBuffer);
+VOID
+NtlmTerminateProtectedMemory(VOID);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_ImpersonateSecurityContext(
- PCtxtHandle phContext);
+BOOL
+NtlmProtectMemory(VOID *Data,
+ ULONG Size);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_RevertSecurityContext(
- PCtxtHandle phContext);
+BOOL
+NtlmUnProtectMemory(VOID *Data,
+ ULONG Size);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_MakeSignature(
- PCtxtHandle phContext, ULONG fQOP,
- PSecBufferDesc pMessage, ULONG MessageSeqNo);
+/* util.c */
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_VerifySignature(
- PCtxtHandle phContext,
- PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP);
+PVOID
+NtlmAllocate(IN ULONG Size);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_EncryptMessage(
- PCtxtHandle phContext,
- ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo);
+VOID
+NtlmFree(IN PVOID Buffer);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_DecryptMessage(
- PCtxtHandle phContext,
- PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP);
+BOOLEAN
+NtlmIntervalElapsed(IN LARGE_INTEGER Start,
+ IN LONG Timeout);
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_QueryCredentialsAttributesW(
- PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer);
-
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_QueryCredentialsAttributesA(
- PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer);
-
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_AcquireCredentialsHandleW(
- SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse,
- PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
- PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry);
-
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_InitializeSecurityContextW(
- PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR
*pszTargetName,
- ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
- PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry);
-
-SECURITY_STATUS
-SEC_ENTRY
-ntlm_QueryContextAttributesW(
- PCtxtHandle phContext,
- ULONG ulAttribute, void *pBuffer);
#endif
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild?rev=51687&r1=51686&r2=51687&view=diff
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild [iso-8859-1]
(original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild [iso-8859-1]
Thu May 12 19:47:08 2011
@@ -5,11 +5,13 @@
<include base="ntlmssp">.</include>
<library>wine</library>
<library>advapi32</library>
+ <library>crypt32</library>
<library>ntdll</library>
- <file>base64_codec.c</file>
<file>context.c</file>
<file>credentials.c</file>
- <file>hmac_md5.c</file>
+ <file>crypt.c</file>
+ <file>rc4.c</file>
+ <file>stubs.c</file>
<file>messages.c</file>
<file>ntlm.c</file>
<file>sign.c</file>
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec?rev=51687&r1=51686&r2=51687&view=diff
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec [iso-8859-1]
(original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec [iso-8859-1]
Thu May 12 19:47:08 2011
@@ -1,7 +1,7 @@
@ stdcall AcceptSecurityContext(ptr ptr ptr long long ptr ptr ptr ptr)
@ stdcall AcquireCredentialsHandleA(str str long ptr ptr ptr ptr ptr ptr)
-@ stdcall AcquireCredentialsHandleW(wstr wstr long ptr ptr ptr ptr ptr
ptr)secur32.AcquireCredentialsHandleW
-#@ stdcall ApplyControlToken(ptr ptr)
+@ stdcall AcquireCredentialsHandleW(wstr wstr long ptr ptr ptr ptr ptr ptr)
+@ stdcall ApplyControlToken(ptr ptr)
@ stdcall CompleteAuthToken(ptr ptr)
@ stdcall DeleteSecurityContext(ptr)
@ stdcall EnumerateSecurityPackagesA(ptr ptr)
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.c?rev=51687&view=auto
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.c (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.c [iso-8859-1] Thu May
12 19:47:08 2011
@@ -1,0 +1,98 @@
+/*
+ * rc4.c
+ *
+ * Copyright (c) 1996-2000 Whistle Communications, Inc.
+ * All rights reserved.
+ *
+ * Subject to the following obligations and disclaimer of warranty, use and
+ * redistribution of this software, in source or object code forms, with or
+ * without modifications are expressly permitted by Whistle Communications;
+ * provided, however, that:
+ * 1. Any and all reproductions of the source or object code must include the
+ * copyright notice above and the following disclaimer of warranties; and
+ * 2. No rights are granted, in any manner or form, to use Whistle
+ * Communications, Inc. trademarks, including the mark "WHISTLE
+ * COMMUNICATIONS" on advertising, endorsements, or otherwise except as
+ * such appears in the above copyright notice or in the software.
+ *
+ * THIS SOFTWARE IS BEING PROVIDED BY WHISTLE COMMUNICATIONS "AS IS", AND
+ * TO THE MAXIMUM EXTENT PERMITTED BY LAW, WHISTLE COMMUNICATIONS MAKES NO
+ * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THIS SOFTWARE,
+ * INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
+ * WHISTLE COMMUNICATIONS DOES NOT WARRANT, GUARANTEE, OR MAKE ANY
+ * REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS OF THE USE OF THIS
+ * SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY, RELIABILITY OR OTHERWISE.
+ * IN NO EVENT SHALL WHISTLE COMMUNICATIONS BE LIABLE FOR ANY DAMAGES
+ * RESULTING FROM OR ARISING OUT OF ANY USE OF THIS SOFTWARE, INCLUDING
+ * WITHOUT LIMITATION, ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * PUNITIVE, OR CONSEQUENTIAL DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES, LOSS OF USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF WHISTLE COMMUNICATIONS IS ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ *
+ * $FreeBSD: src/sys/crypto/rc4/rc4.c,v 1.2.2.1 2000/04/18 04:48:31 archie Exp
$
+ */
+#include "rc4.h"
+
+static inline void swap_bytes(unsigned char *a, unsigned char *b)
+{
+ unsigned char swapByte;
+
+ swapByte = *a;
+ *a = *b;
+ *b = swapByte;
+}
+
+/*
+ * Initialize an RC4 state buffer using the supplied key,
+ * which can have arbitrary length.
+ */
+void
+rc4_init(rc4_key *const state, const unsigned char *key, int keylen)
+{
+ unsigned char j;
+ int i;
+
+ /* Initialize state with identity permutation */
+ for (i = 0; i < 256; i++)
+ state->perm[i] = (unsigned char)i;
+ state->index1 = 0;
+ state->index2 = 0;
+
+ /* Randomize the permutation using key data */
+ for (j = i = 0; i < 256; i++) {
+ j += state->perm[i] + key[i % keylen];
+ swap_bytes(&state->perm[i], &state->perm[j]);
+ }
+}
+
+/*
+ * Encrypt some data using the supplied RC4 state buffer.
+ * The input and output buffers may be the same buffer.
+ * Since RC4 is a stream cypher, this function is used
+ * for both encryption and decryption.
+ */
+void
+rc4_crypt(rc4_key *const state, const unsigned char *inbuf, unsigned char
*outbuf, int buflen)
+{
+ int i;
+ unsigned char j;
+
+ for (i = 0; i < buflen; i++)
+ {
+ /* Update modification indicies */
+ state->index1++;
+ state->index2 += state->perm[state->index1];
+
+ /* Modify permutation */
+ swap_bytes(&state->perm[state->index1],
+ &state->perm[state->index2]);
+
+ /* Encrypt/decrypt next byte */
+ j = state->perm[state->index1] + state->perm[state->index2];
+ outbuf[i] = inbuf[i] ^ state->perm[j];
+ }
+}
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.c
------------------------------------------------------------------------------
svn:eol-style = native
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.h
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.h?rev=51687&view=auto
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.h (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.h [iso-8859-1] Thu May
12 19:47:08 2011
@@ -1,0 +1,10 @@
+
+typedef struct _rc4_key
+{
+ unsigned char perm[256];
+ unsigned char index1;
+ unsigned char index2;
+}rc4_key;
+
+void rc4_init(rc4_key *const state, const unsigned char *key, int keylen);
+void rc4_crypt(rc4_key *const state, const unsigned char *inbuf, unsigned char
*outbuf, int buflen);
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/rc4.h
------------------------------------------------------------------------------
svn:eol-style = native
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c?rev=51687&view=auto
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c [iso-8859-1] Thu
May 12 19:47:08 2011
@@ -1,0 +1,28 @@
+/*
+ * Copyright 2011 Samuel Serapion
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ */
+
+#include "ntlm.h"
+
+WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
+
+/* initialize all to null since we still dont use them */
+SECPKG_FUNCTION_TABLE NtLmPkgFuncTable; //functions we provide to LSA in
SpLsaModeInitialize
+PSECPKG_DLL_FUNCTIONS NtlmPkgDllFuncTable = NULL; //fuctions provided by LSA
in SpInstanceInit
+SECPKG_USER_FUNCTION_TABLE NtlmUmodeFuncTable; //fuctions we provide via
SpUserModeInitialize
+PLSA_SECPKG_FUNCTION_TABLE NtlmLsaFuncTable = NULL; // functions provided by
LSA in SpInitialize
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c
------------------------------------------------------------------------------
svn:eol-style = native
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c
URL:
http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c?rev=51687&view=auto
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c [iso-8859-1] Thu May
12 19:47:08 2011
@@ -1,0 +1,132 @@
+/*
+ * Copyright 2011 Samuel Serapion
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ */
+
+#include "ntlm.h"
+
+WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
+
+
+PVOID
+NtlmAllocate(IN ULONG Size)
+{
+ PVOID buffer = NULL;
+
+ if(Size == 0)
+ {
+ ERR("Allocating 0 bytes!\n");
+ return NULL;
+ }
+
+ switch(NtlmMode)
+ {
+ case NtlmLsaMode:
+ buffer = NtlmLsaFuncTable->AllocateLsaHeap(Size);
+ if (buffer != NULL)
+ RtlZeroMemory(buffer, Size);
+ break;
+ case NtlmUserMode:
+ buffer = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, Size);
+ break;
+ default:
+ ERR("NtlmState unknown!\n");
+ break;
+ }
+ return buffer;
+}
+
+VOID
+NtlmFree(IN PVOID Buffer)
+{
+ if (Buffer)
+ {
+ switch (NtlmMode)
+ {
+ case NtlmLsaMode:
+ NtlmLsaFuncTable->FreeLsaHeap(Buffer);
+ break;
+ case NtlmUserMode:
+ HeapFree(GetProcessHeap(),0,Buffer);
+ break;
+ default:
+ ERR("NtlmState unknown!\n");
+ break;
+ }
+ }
+ else
+ {
+ ERR("Trying to free NULL!\n");
+ }
+}
+
+BOOLEAN
+NtlmIntervalElapsed(IN LARGE_INTEGER Start,IN LONG Timeout)
+{
+ LARGE_INTEGER now;
+ LARGE_INTEGER elapsed;
+ LARGE_INTEGER interval;
+
+ /* timeout is never */
+ if (Timeout > 0xffffffff)
+ return FALSE;
+
+ /* get current time */
+ NtQuerySystemTime(&now);
+ elapsed.QuadPart = now.QuadPart - Start.QuadPart;
+
+ /* convert from milliseconds into 100ns */
+ interval.QuadPart = Int32x32To64(Timeout, 10000);
+
+ /* time overflowed or elapsed is greater than interval */
+ if (elapsed.QuadPart < 0 || elapsed.QuadPart > interval.QuadPart )
+ return TRUE;
+
+ return FALSE;
+}
+
+/* hack: see dllmain.c */
+/* from base/services/umpnpmgr/umpnpmgr.c */
+BOOL
+SetupIsActive(VOID)
+{
+ HKEY hKey = NULL;
+ DWORD regType, active, size;
+ LONG rc;
+ BOOL ret = FALSE;
+
+ rc = RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SYSTEM\\Setup", 0,
KEY_QUERY_VALUE, &hKey);
+ if (rc != ERROR_SUCCESS)
+ goto cleanup;
+
+ size = sizeof(DWORD);
+ rc = RegQueryValueExW(hKey, L"SystemSetupInProgress", NULL, ®Type,
(LPBYTE)&active, &size);
+ if (rc != ERROR_SUCCESS)
+ goto cleanup;
+ if (regType != REG_DWORD || size != sizeof(DWORD))
+ goto cleanup;
+
+ ret = (active != 0);
+
+cleanup:
+ if (hKey != NULL)
+ RegCloseKey(hKey);
+
+ TRACE("System setup in progress? %S\n", ret ? L"YES" : L"NO");
+
+ return ret;
+}
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c
------------------------------------------------------------------------------
svn:eol-style = native
