#ifndef FREERDP_SSPI_H
#define FREERDP_SSPI_H
+#include "config.h"
+
+//#define NATIVE_SSPI
+
#include <wchar.h>
#include <winpr/windows.h>
-#include <freerdp/api.h>
+#include <winpr/winpr.h>
#include <freerdp/types.h>
#ifdef _WIN32
#ifdef NATIVE_SSPI
#define SECURITY_WIN32
#include <sspi.h>
-#pragma comment(lib, "secur32.lib")
+#include <security.h>
#else
#define FREERDP_SSPI
#define SEC_ENTRY __stdcall
#define PSecPkgInfo PSecPkgInfoA
#endif
+#define NTLMSP_NAME _T("NTLM")
+
#endif
#define SECPKG_ID_NONE 0xFFFF
struct _SecBuffer
{
- uint32 cbBuffer;
+ ULONG cbBuffer;
uint32 BufferType;
void* pvBuffer;
};
#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A
#endif
-typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer);
-typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer);
+typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer);
+typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer);
#ifdef UNICODE
#define QueryCredentialsAttributes QueryCredentialsAttributesW
#endif
typedef SECURITY_STATUS (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_A)(LPSTR pszPrincipal, LPSTR pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry);
typedef SECURITY_STATUS (SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)(LPWSTR pszPrincipal, LPWSTR pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry);
#ifdef UNICODE
typedef SECURITY_STATUS (SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)(PCredHandle phCredential);
typedef SECURITY_STATUS (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_A)(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_CHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry);
+ SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
typedef SECURITY_STATUS (SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_WCHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsExpiry);
+ SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
#ifdef UNICODE
#define InitializeSecurityContext InitializeSecurityContextW
#endif
typedef SECURITY_STATUS (SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)(PCredHandle phCredential, PCtxtHandle phContext,
- PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp);
+ PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp);
typedef SECURITY_STATUS (SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)(PCtxtHandle phContext, PSecBufferDesc pToken);
typedef SECURITY_STATUS (SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)(PCtxtHandle phContext, PSecBufferDesc pInput);
-typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer);
-typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer);
+typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer);
+typedef SECURITY_STATUS (SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer);
#ifdef UNICODE
#define QueryContextAttributes QueryContextAttributesW
typedef SECURITY_STATUS (SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)(PCtxtHandle phContext);
-typedef SECURITY_STATUS (SEC_ENTRY * MAKE_SIGNATURE_FN)(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo);
+typedef SECURITY_STATUS (SEC_ENTRY * MAKE_SIGNATURE_FN)(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo);
-typedef SECURITY_STATUS (SEC_ENTRY * VERIFY_SIGNATURE_FN)(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP);
+typedef SECURITY_STATUS (SEC_ENTRY * VERIFY_SIGNATURE_FN)(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP);
typedef SECURITY_STATUS (SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)(void* pvContextBuffer);
typedef SECURITY_STATUS (SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)(PCtxtHandle phContext, void* phToken);
-typedef SECURITY_STATUS (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo);
+typedef SECURITY_STATUS (SEC_ENTRY * ENCRYPT_MESSAGE_FN)(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo);
-typedef SECURITY_STATUS (SEC_ENTRY * DECRYPT_MESSAGE_FN)(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP);
+typedef SECURITY_STATUS (SEC_ENTRY * DECRYPT_MESSAGE_FN)(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP);
-typedef SECURITY_STATUS (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer);
-typedef SECURITY_STATUS (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer);
+typedef SECURITY_STATUS (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer);
+typedef SECURITY_STATUS (SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer);
#ifdef UNICODE
#define SetContextAttributes SetContextAttributesW
/* Package Management */
-FREERDP_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesA(uint32* pcPackages, PSecPkgInfoA* ppPackageInfo);
-FREERDP_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesW(uint32* pcPackages, PSecPkgInfoW* ppPackageInfo);
-FREERDP_API SecurityFunctionTableA* SEC_ENTRY InitSecurityInterfaceA(void);
-FREERDP_API SecurityFunctionTableW* SEC_ENTRY InitSecurityInterfaceW(void);
-FREERDP_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoA(SEC_CHAR* pszPackageName, PSecPkgInfoA* ppPackageInfo);
-FREERDP_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoW(SEC_WCHAR* pszPackageName, PSecPkgInfoW* ppPackageInfo);
+WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesA(uint32* pcPackages, PSecPkgInfoA* ppPackageInfo);
+WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesW(uint32* pcPackages, PSecPkgInfoW* ppPackageInfo);
+WINPR_API SecurityFunctionTableA* SEC_ENTRY InitSecurityInterfaceA(void);
+WINPR_API SecurityFunctionTableW* SEC_ENTRY InitSecurityInterfaceW(void);
+WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoA(SEC_CHAR* pszPackageName, PSecPkgInfoA* ppPackageInfo);
+WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoW(SEC_WCHAR* pszPackageName, PSecPkgInfoW* ppPackageInfo);
/* Credential Management */
-FREERDP_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry);
-FREERDP_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry);
-FREERDP_API SECURITY_STATUS SEC_ENTRY ExportSecurityContext(PCtxtHandle phContext, uint32 fFlags, PSecBuffer pPackedContext, void* pToken);
-FREERDP_API SECURITY_STATUS SEC_ENTRY FreeCredentialsHandle(PCredHandle phCredential);
+WINPR_API SECURITY_STATUS SEC_ENTRY ExportSecurityContext(PCtxtHandle phContext, uint32 fFlags, PSecBuffer pPackedContext, void* pToken);
+WINPR_API SECURITY_STATUS SEC_ENTRY FreeCredentialsHandle(PCredHandle phCredential);
-FREERDP_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextA(SEC_CHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext);
-FREERDP_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextW(SEC_WCHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext);
+WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextA(SEC_CHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext);
+WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextW(SEC_WCHAR* pszPackage, PSecBuffer pPackedContext, void* pToken, PCtxtHandle phContext);
-FREERDP_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer);
-FREERDP_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer);
+WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer);
+WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer);
/* Context Management */
-FREERDP_API SECURITY_STATUS SEC_ENTRY AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
- PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, TimeStamp* ptsTimeStamp);
-
-FREERDP_API SECURITY_STATUS SEC_ENTRY ApplyControlToken(PCtxtHandle phContext, PSecBufferDesc pInput);
-FREERDP_API SECURITY_STATUS SEC_ENTRY CompleteAuthToken(PCtxtHandle phContext, PSecBufferDesc pToken);
-FREERDP_API SECURITY_STATUS SEC_ENTRY DeleteSecurityContext(PCtxtHandle phContext);
-FREERDP_API SECURITY_STATUS SEC_ENTRY FreeContextBuffer(void* pvContextBuffer);
-FREERDP_API SECURITY_STATUS SEC_ENTRY ImpersonateSecurityContext(PCtxtHandle phContext);
-
-FREERDP_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_CHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry);
-FREERDP_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_WCHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry);
-
-FREERDP_API SECURITY_STATUS SEC_ENTRY QueryContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer);
-FREERDP_API SECURITY_STATUS SEC_ENTRY QuerySecurityContextToken(PCtxtHandle phContext, void* phToken);
-FREERDP_API SECURITY_STATUS SEC_ENTRY SetContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer);
-FREERDP_API SECURITY_STATUS SEC_ENTRY RevertSecurityContext(PCtxtHandle phContext);
+WINPR_API SECURITY_STATUS SEC_ENTRY AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
+ PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp);
+
+WINPR_API SECURITY_STATUS SEC_ENTRY ApplyControlToken(PCtxtHandle phContext, PSecBufferDesc pInput);
+WINPR_API SECURITY_STATUS SEC_ENTRY CompleteAuthToken(PCtxtHandle phContext, PSecBufferDesc pToken);
+WINPR_API SECURITY_STATUS SEC_ENTRY DeleteSecurityContext(PCtxtHandle phContext);
+WINPR_API SECURITY_STATUS SEC_ENTRY FreeContextBuffer(void* pvContextBuffer);
+WINPR_API SECURITY_STATUS SEC_ENTRY ImpersonateSecurityContext(PCtxtHandle phContext);
+
+WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
+ SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
+WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
+ SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
+
+WINPR_API SECURITY_STATUS SEC_ENTRY QueryContextAttributes(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer);
+WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityContextToken(PCtxtHandle phContext, void* phToken);
+WINPR_API SECURITY_STATUS SEC_ENTRY SetContextAttributes(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer);
+WINPR_API SECURITY_STATUS SEC_ENTRY RevertSecurityContext(PCtxtHandle phContext);
/* Message Support */
-FREERDP_API SECURITY_STATUS SEC_ENTRY DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP);
-FREERDP_API SECURITY_STATUS SEC_ENTRY EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo);
-FREERDP_API SECURITY_STATUS SEC_ENTRY MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo);
-FREERDP_API SECURITY_STATUS SEC_ENTRY VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP);
+WINPR_API SECURITY_STATUS SEC_ENTRY DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP);
+WINPR_API SECURITY_STATUS SEC_ENTRY EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo);
+WINPR_API SECURITY_STATUS SEC_ENTRY MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo);
+WINPR_API SECURITY_STATUS SEC_ENTRY VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP);
#endif
/* Custom API */
-FREERDP_API void sspi_GlobalInit();
-FREERDP_API void sspi_GlobalFinish();
+WINPR_API void sspi_GlobalInit();
+WINPR_API void sspi_GlobalFinish();
-FREERDP_API void sspi_SecBufferAlloc(PSecBuffer SecBuffer, size_t size);
-FREERDP_API void sspi_SecBufferFree(PSecBuffer SecBuffer);
+WINPR_API void sspi_SecBufferAlloc(PSecBuffer SecBuffer, size_t size);
+WINPR_API void sspi_SecBufferFree(PSecBuffer SecBuffer);
#endif /* FREERDP_SSPI_H */
BYTE Data4[8];
} GUID, UUID, *PGUID;
+typedef struct _LUID
+{
+ DWORD LowPart;
+ LONG HighPart;
+} LUID, *PLUID;
+
#ifdef UNICODE
#define _T(x) L ## x
#else
#include "rpc.h"
-#define NTLM_PACKAGE_NAME _T("NTLM")
-
boolean ntlm_client_init(rdpNtlm* ntlm, boolean confidentiality, char* user, char* domain, char* password)
{
size_t size;
ntlm->confidentiality = confidentiality;
+#ifdef NATIVE_SSPI
+ {
+ HMODULE hSSPI;
+ INIT_SECURITY_INTERFACE InitSecurityInterface;
+ PSecurityFunctionTable pSecurityInterface = NULL;
+
+ hSSPI = LoadLibrary(_T("secur32.dll"));
+
+#ifdef UNICODE
+ InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceW");
+#else
+ InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceA");
+#endif
+ ntlm->table = (*InitSecurityInterface)();
+ }
+#else
ntlm->table = InitSecurityInterface();
+#endif
ntlm->identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
ntlm->identity.Password = (uint16*) freerdp_uniconv_out(ntlm->uniconv, (char*) password, &size);
ntlm->identity.PasswordLength = (uint32) size;
- status = QuerySecurityPackageInfo(NTLM_PACKAGE_NAME, &ntlm->pPackageInfo);
+ status = ntlm->table->QuerySecurityPackageInfo(NTLMSP_NAME, &ntlm->pPackageInfo);
if (status != SEC_E_OK)
{
ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken;
- status = ntlm->table->AcquireCredentialsHandle(NULL, NTLM_PACKAGE_NAME,
+ status = ntlm->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME,
SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL, &ntlm->credentials, &ntlm->expiration);
if (status != SEC_E_OK)
void ntlm_client_uninit(rdpNtlm* ntlm)
{
- FreeCredentialsHandle(&ntlm->credentials);
- FreeContextBuffer(ntlm->pPackageInfo);
+ ntlm->table->FreeCredentialsHandle(&ntlm->credentials);
+ ntlm->table->FreeContextBuffer(ntlm->pPackageInfo);
}
rdpNtlm* ntlm_new()
UNICONV* uniconv;
CtxtHandle context;
uint32 cbMaxToken;
- uint32 fContextReq;
+ ULONG fContextReq;
uint32 pfContextAttr;
TimeStamp expiration;
PSecBuffer pBuffer;
}
SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
- void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry)
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
+ void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
- void* pvGetKeyArgument, PCredHandle phCredential, TimeStamp* ptsExpiry)
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
+ void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
CREDENTIALS* credentials;
SEC_WINNT_AUTH_IDENTITY* identity;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesW(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesW(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesA(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
if (ulAttribute == SECPKG_CRED_ATTR_NAMES)
{
}
SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_WCHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_CHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
KRB_CONTEXT* krb_ctx;
//SECURITY_STATUS status;
KDCENTRY* kdclist;
KDCENTRY* entry;
KRB_CONTEXT* krb_ctx;
- uint32 fContextReq;
+ ULONG fContextReq;
uint32 pfContextAttr;
TimeStamp expiration;
}
}
-SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesW(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesA(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
{
if (!phContext)
return SEC_E_INVALID_HANDLE;
return SEC_E_UNSUPPORTED_FUNCTION;
}
-SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
{
return SEC_E_OK;
}
}
SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
CREDENTIALS* credentials;
}
SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
CREDENTIALS* credentials;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesW(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesW(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
if (ulAttribute == SECPKG_CRED_ATTR_NAMES)
{
return SEC_E_UNSUPPORTED_FUNCTION;
}
-SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesA(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY ntlm_QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
if (ulAttribute == SECPKG_CRED_ATTR_NAMES)
{
* @see http://msdn.microsoft.com/en-us/library/windows/desktop/aa374707
*/
SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
- PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsTimeStamp)
+ PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
{
NTLM_CONTEXT* context;
SECURITY_STATUS status;
}
SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_WCHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
return SEC_E_OK;
}
* @see http://msdn.microsoft.com/en-us/library/windows/desktop/aa375512%28v=vs.85%29.aspx
*/
SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_CHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
NTLM_CONTEXT* context;
SECURITY_STATUS status;
/* http://msdn.microsoft.com/en-us/library/windows/desktop/aa379337/ */
-SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesA(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
{
if (!phContext)
return SEC_E_INVALID_HANDLE;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
int index;
int length;
void* data;
HMAC_CTX hmac;
- uint8 digest[16];
- uint8 checksum[8];
- uint8* signature;
- uint32 version = 1;
+ BYTE digest[16];
+ BYTE checksum[8];
+ BYTE* signature;
+ ULONG version = 1;
NTLM_CONTEXT* context;
PSecBuffer data_buffer = NULL;
PSecBuffer signature_buffer = NULL;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
{
int index;
int length;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
{
return SEC_E_OK;
}
}
SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_WCHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_CHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
NEGOTIATE_CONTEXT* context;
- //SECURITY_STATUS status;
CREDENTIALS* credentials;
- //PSecBuffer input_SecBuffer;
PSecBuffer output_SecBuffer;
- //KrbTGTREQ krb_tgtreq;
context = sspi_SecureHandleGetLowerPointer(phContext);
{
context = negotiate_ContextNew();
- credentials = (CREDENTIALS*) sspi_SecureHandleGetLowerPointer(phCredential);
+ credentials = (CREDENTIALS*) sspi_SecureHandleGetLowerPointer(phCredential);
negotiate_SetContextIdentity(context, &credentials->identity);
sspi_SecureHandleSetLowerPointer(phNewContext, context);
sspi_SecureHandleSetUpperPointer(phNewContext, (void*) NEGOTIATE_PACKAGE_NAME);
}
- if((!pInput) && (context->state == NEGOTIATE_STATE_INITIAL))
+ if ((!pInput) && (context->state == NEGOTIATE_STATE_INITIAL))
{
if (!pOutput)
return SEC_E_INVALID_TOKEN;
free(context);
}
-SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributes(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
{
if (!phContext)
return SEC_E_INVALID_HANDLE;
}
SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
return SEC_E_OK;
}
SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
CREDENTIALS* credentials;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesW(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesW(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesA(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
if (ulAttribute == SECPKG_CRED_ATTR_NAMES)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY negotiate_EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY negotiate_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY negotiate_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY negotiate_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG* pfQOP)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY negotiate_MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY negotiate_MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY negotiate_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY negotiate_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG* pfQOP)
{
return SEC_E_OK;
}
return 1;
}
-#define NTLM_PACKAGE_NAME _T("NTLM")
-
int credssp_client_authenticate(rdpCredssp* credssp)
{
uint32 cbMaxToken;
- uint32 fContextReq;
+ ULONG fContextReq;
uint32 pfContextAttr;
SECURITY_STATUS status;
CredHandle credentials;
if (credssp_ntlm_client_init(credssp) == 0)
return 0;
+#ifdef NATIVE_SSPI
+ {
+ HMODULE hSSPI;
+ INIT_SECURITY_INTERFACE InitSecurityInterface;
+ PSecurityFunctionTable pSecurityInterface = NULL;
+
+ hSSPI = LoadLibrary(_T("secur32.dll"));
+
+#ifdef UNICODE
+ InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceW");
+#else
+ InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceA");
+#endif
+ credssp->table = (*InitSecurityInterface)();
+ }
+#else
credssp->table = InitSecurityInterface();
+#endif
- status = QuerySecurityPackageInfo(NTLM_PACKAGE_NAME, &pPackageInfo);
+ status = credssp->table->QuerySecurityPackageInfo(NTLMSP_NAME, &pPackageInfo);
if (status != SEC_E_OK)
{
cbMaxToken = pPackageInfo->cbMaxToken;
- status = credssp->table->AcquireCredentialsHandle(NULL, NTLM_PACKAGE_NAME,
+ status = credssp->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME,
SECPKG_CRED_OUTBOUND, NULL, &credssp->identity, NULL, NULL, &credentials, &expiration);
if (status != SEC_E_OK)
status = credssp->table->InitializeSecurityContext(&credentials,
(have_context) ? &credssp->context : NULL,
- NULL, fContextReq, 0, SECURITY_NATIVE_DREP,
+ NULL, fContextReq, 0, SECURITY_NETWORK_DREP,
(have_input_buffer) ? &input_buffer_desc : NULL,
0, &credssp->context, &output_buffer_desc, &pfContextAttr, &expiration);
SecBufferDesc Message;
SECURITY_STATUS encrypt_status;
- Buffers[0].BufferType = SECBUFFER_DATA; /* TLS Public Key */
- Buffers[1].BufferType = SECBUFFER_TOKEN; /* Signature */
+ Buffers[0].BufferType = SECBUFFER_TOKEN; /* Signature */
+ Buffers[1].BufferType = SECBUFFER_DATA; /* TLS Public Key */
- Buffers[0].cbBuffer = credssp->PublicKey.cbBuffer;
- Buffers[0].pvBuffer = xmalloc(Buffers[0].cbBuffer);
- memcpy(Buffers[0].pvBuffer, credssp->PublicKey.pvBuffer, Buffers[0].cbBuffer);
+ Buffers[0].cbBuffer = credssp->ContextSizes.cbMaxSignature;
+ Buffers[0].pvBuffer = xzalloc(Buffers[0].cbBuffer);
- Buffers[1].cbBuffer = credssp->ContextSizes.cbMaxSignature;
- Buffers[1].pvBuffer = xzalloc(Buffers[1].cbBuffer);
+ Buffers[1].cbBuffer = credssp->PublicKey.cbBuffer;
+ Buffers[1].pvBuffer = xmalloc(Buffers[1].cbBuffer);
+ memcpy(Buffers[1].pvBuffer, credssp->PublicKey.pvBuffer, Buffers[1].cbBuffer);
Message.cBuffers = 2;
Message.ulVersion = SECBUFFER_VERSION;
return 0;
}
+#ifdef WITH_DEBUG_CREDSSP
+ printf("CredSSP.Signature: (%d)\n", Buffers[0].cbBuffer);
+ freerdp_hexdump((uint8*) Buffers[0].pvBuffer, Buffers[0].cbBuffer);
+ printf("CredSSP.PublicKey: (%d)\n", credssp->PublicKey.cbBuffer);
+ freerdp_hexdump((uint8*) credssp->PublicKey.pvBuffer, credssp->PublicKey.cbBuffer);
+ printf("CredSSP.PublicKey (encrypted) (%d):\n", Buffers[1].cbBuffer);
+ freerdp_hexdump((uint8*) Buffers[1].pvBuffer, Buffers[1].cbBuffer);
+#endif
+
p = (uint8*) credssp->pubKeyAuth.pvBuffer;
- memcpy(p, Buffers[1].pvBuffer, Buffers[1].cbBuffer); /* Message Signature */
- memcpy(&p[Buffers[1].cbBuffer], Buffers[0].pvBuffer, Buffers[0].cbBuffer); /* Encrypted Public Key */
+ memcpy(p, Buffers[0].pvBuffer, Buffers[0].cbBuffer); /* Message Signature */
+ memcpy(&p[Buffers[0].cbBuffer], Buffers[1].pvBuffer, Buffers[1].cbBuffer); /* Encrypted Public Key */
xfree(Buffers[0].pvBuffer);
xfree(Buffers[1].pvBuffer);
}
/* Free resources */
- FreeCredentialsHandle(&credentials);
- FreeContextBuffer(pPackageInfo);
+ credssp->table->FreeCredentialsHandle(&credentials);
+ credssp->table->FreeContextBuffer(pPackageInfo);
return 1;
}
int credssp_server_authenticate(rdpCredssp* credssp)
{
uint32 cbMaxToken;
- uint32 fContextReq;
- uint32 pfContextAttr;
+ ULONG fContextReq;
+ ULONG pfContextAttr;
SECURITY_STATUS status;
CredHandle credentials;
TimeStamp expiration;
if (credssp_ntlm_server_init(credssp) == 0)
return 0;
+#ifdef NATIVE_SSPI
+ {
+ HMODULE hSSPI;
+ INIT_SECURITY_INTERFACE InitSecurityInterface;
+ PSecurityFunctionTable pSecurityInterface = NULL;
+
+ hSSPI = LoadLibrary(_T("secur32.dll"));
+
+#ifdef UNICODE
+ InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceW");
+#else
+ InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceA");
+#endif
+ credssp->table = (*InitSecurityInterface)();
+ }
+#else
credssp->table = InitSecurityInterface();
+#endif
- status = QuerySecurityPackageInfo(NTLM_PACKAGE_NAME, &pPackageInfo);
+ status = credssp->table->QuerySecurityPackageInfo(NTLMSP_NAME, &pPackageInfo);
if (status != SEC_E_OK)
{
cbMaxToken = pPackageInfo->cbMaxToken;
- status = credssp->table->AcquireCredentialsHandle(NULL, NTLM_PACKAGE_NAME,
+ status = credssp->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME,
SECPKG_CRED_INBOUND, NULL, &credssp->identity, NULL, NULL, &credentials, &expiration);
if (status != SEC_E_OK)
status = credssp->table->AcceptSecurityContext(&credentials,
have_context? &credssp->context: NULL,
- &input_buffer_desc, fContextReq, SECURITY_NATIVE_DREP, &credssp->context,
+ &input_buffer_desc, fContextReq, SECURITY_NETWORK_DREP, &credssp->context,
&output_buffer_desc, &pfContextAttr, &expiration);
if (input_buffer.pvBuffer != NULL)
}
}
- FreeContextBuffer(pPackageInfo);
+ credssp->table->FreeContextBuffer(pPackageInfo);
return 1;
}
status = credssp->table->DecryptMessage(&credssp->context, &Message, 0, &pfQOP);
if (status != SEC_E_OK)
+ {
+ printf("DecryptMessage failure: 0x%08X\n", status);
return status;
+ }
public_key1 = (uint8*) credssp->PublicKey.pvBuffer;
public_key2 = (uint8*) Buffers[1].pvBuffer;
/* Credential Management */
SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW(SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
SECURITY_STATUS status;
}
SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage,
- uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+ ULONG fCredentialUse, PLUID pvLogonID, void* pAuthData, void* pGetKeyFn,
void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
{
SECURITY_STATUS status;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
SEC_WCHAR* Name;
SECURITY_STATUS status;
return status;
}
-SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(PCredHandle phCredential, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer)
{
char* Name;
SECURITY_STATUS status;
/* Context Management */
SECURITY_STATUS SEC_ENTRY AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext,
- PSecBufferDesc pInput, uint32 fContextReq, uint32 TargetDataRep, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsTimeStamp)
+ PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
{
char* Name;
SECURITY_STATUS status;
}
SECURITY_STATUS SEC_ENTRY InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_WCHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_WCHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
SEC_CHAR* Name;
SECURITY_STATUS status;
}
SECURITY_STATUS SEC_ENTRY InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,
- SEC_CHAR* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
- PSecBufferDesc pInput, uint32 Reserved2, PCtxtHandle phNewContext,
- PSecBufferDesc pOutput, uint32* pfContextAttr, PTimeStamp ptsExpiry)
+ SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
+ PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
+ PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
{
SEC_CHAR* Name;
SECURITY_STATUS status;
return status;
}
-SECURITY_STATUS SEC_ENTRY QueryContextAttributesW(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
{
SEC_CHAR* Name;
SECURITY_STATUS status;
return status;
}
-SECURITY_STATUS SEC_ENTRY QueryContextAttributesA(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer)
+SECURITY_STATUS SEC_ENTRY QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer)
{
SEC_CHAR* Name;
SECURITY_STATUS status;
return SEC_E_OK;
}
-SECURITY_STATUS SEC_ENTRY SetContextAttributes(PCtxtHandle phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer)
+SECURITY_STATUS SEC_ENTRY SetContextAttributes(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer)
{
return SEC_E_OK;
}
/* Message Support */
-SECURITY_STATUS SEC_ENTRY DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
{
char* Name;
SECURITY_STATUS status;
return status;
}
-SECURITY_STATUS SEC_ENTRY EncryptMessage(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
char* Name;
SECURITY_STATUS status;
return status;
}
-SECURITY_STATUS SEC_ENTRY MakeSignature(PCtxtHandle phContext, uint32 fQOP, PSecBufferDesc pMessage, uint32 MessageSeqNo)
+SECURITY_STATUS SEC_ENTRY MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
{
char* Name;
SECURITY_STATUS status;
return status;
}
-SECURITY_STATUS SEC_ENTRY VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+SECURITY_STATUS SEC_ENTRY VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
{
char* Name;
SECURITY_STATUS status;