FreeRDP
kerberos.c File Reference
#include <winpr/config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <fcntl.h>
#include <ctype.h>
#include <winpr/assert.h>
#include <winpr/crt.h>
#include <winpr/sspi.h>
#include <winpr/print.h>
#include <winpr/tchar.h>
#include <winpr/sysinfo.h>
#include <winpr/registry.h>
#include <winpr/endian.h>
#include <winpr/crypto.h>
#include "kerberos.h"
#include "../sspi.h"
#include "../../log.h"

Macros

#define TAG   WINPR_TAG("sspi.Kerberos")
 
#define KRB_TGT_REQ   16
 
#define KRB_TGT_REP   17
 

Functions

static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA (SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
 
static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleW (SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
 
static SECURITY_STATUS SEC_ENTRY kerberos_FreeCredentialsHandle (PCredHandle phCredential)
 
static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesW (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer)
 
static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesA (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer)
 
static BOOL kerberos_hash_channel_bindings (WINPR_DIGEST_CTX *md5, SEC_CHANNEL_BINDINGS *bindings)
 
static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextA (PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
 
static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextW (PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
 
static SECURITY_STATUS SEC_ENTRY kerberos_AcceptSecurityContext (PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpity)
 
static KRB_CONTEXTget_context (PCtxtHandle phContext)
 
static SECURITY_STATUS SEC_ENTRY kerberos_DeleteSecurityContext (PCtxtHandle phContext)
 
static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesA (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
 
static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesW (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
 
static SECURITY_STATUS SEC_ENTRY kerberos_SetContextAttributesW (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
 
static SECURITY_STATUS SEC_ENTRY kerberos_SetContextAttributesA (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
 
static SECURITY_STATUS SEC_ENTRY kerberos_SetCredentialsAttributesX (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer, BOOL unicode)
 
static SECURITY_STATUS SEC_ENTRY kerberos_SetCredentialsAttributesW (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
 
static SECURITY_STATUS SEC_ENTRY kerberos_SetCredentialsAttributesA (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
 
static SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage (PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
 
static SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage (PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP)
 
static SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature (PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
 
static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature (PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP)
 

Variables

const SecPkgInfoA KERBEROS_SecPkgInfoA
 
static WCHAR KERBEROS_SecPkgInfoW_Name [] = { 'K', 'e', 'r', 'b', 'e', 'r', 'o', 's', '\0' }
 
static WCHAR KERBEROS_SecPkgInfoW_Comment []
 
const SecPkgInfoW KERBEROS_SecPkgInfoW
 
const SecurityFunctionTableA KERBEROS_SecurityFunctionTableA
 
const SecurityFunctionTableW KERBEROS_SecurityFunctionTableW
 

Macro Definition Documentation

◆ KRB_TGT_REP

#define KRB_TGT_REP   17

◆ KRB_TGT_REQ

#define KRB_TGT_REQ   16

◆ TAG

#define TAG   WINPR_TAG("sspi.Kerberos")

FreeRDP: A Remote Desktop Protocol Client Kerberos Auth Protocol

Copyright 2015 ANSSI, Author Thomas Calderon Copyright 2017 Dorian Ducournau doria.nosp@m.n.du.nosp@m.courn.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2022 David Fort conta.nosp@m.ct@h.nosp@m.arden.nosp@m.ing-.nosp@m.consu.nosp@m.ltin.nosp@m.g.com Copyright 2022 Isaac Klein fifth.nosp@m.degr.nosp@m.ee@pr.nosp@m.oton.nosp@m.mail..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Function Documentation

◆ get_context()

static KRB_CONTEXT* get_context ( PCtxtHandle  phContext)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kerberos_AcceptSecurityContext()

static SECURITY_STATUS SEC_ENTRY kerberos_AcceptSecurityContext ( PCredHandle  phCredential,
PCtxtHandle  phContext,
PSecBufferDesc  pInput,
ULONG  fContextReq,
ULONG  TargetDataRep,
PCtxtHandle  phNewContext,
PSecBufferDesc  pOutput,
ULONG *  pfContextAttr,
PTimeStamp  ptsExpity 
)
static
Here is the call graph for this function:

◆ kerberos_AcquireCredentialsHandleA()

static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA ( SEC_CHAR pszPrincipal,
SEC_CHAR pszPackage,
ULONG  fCredentialUse,
void *  pvLogonID,
void *  pAuthData,
SEC_GET_KEY_FN  pGetKeyFn,
void *  pvGetKeyArgument,
PCredHandle  phCredential,
PTimeStamp  ptsExpiry 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kerberos_AcquireCredentialsHandleW()

static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleW ( SEC_WCHAR pszPrincipal,
SEC_WCHAR pszPackage,
ULONG  fCredentialUse,
void *  pvLogonID,
void *  pAuthData,
SEC_GET_KEY_FN  pGetKeyFn,
void *  pvGetKeyArgument,
PCredHandle  phCredential,
PTimeStamp  ptsExpiry 
)
static
Here is the call graph for this function:

◆ kerberos_DecryptMessage()

static SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage ( PCtxtHandle  phContext,
PSecBufferDesc  pMessage,
ULONG  MessageSeqNo,
ULONG *  pfQOP 
)
static
Here is the call graph for this function:

◆ kerberos_DeleteSecurityContext()

static SECURITY_STATUS SEC_ENTRY kerberos_DeleteSecurityContext ( PCtxtHandle  phContext)
static
Here is the call graph for this function:

◆ kerberos_EncryptMessage()

static SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage ( PCtxtHandle  phContext,
ULONG  fQOP,
PSecBufferDesc  pMessage,
ULONG  MessageSeqNo 
)
static
Here is the call graph for this function:

◆ kerberos_FreeCredentialsHandle()

static SECURITY_STATUS SEC_ENTRY kerberos_FreeCredentialsHandle ( PCredHandle  phCredential)
static
Here is the call graph for this function:

◆ kerberos_hash_channel_bindings()

static BOOL kerberos_hash_channel_bindings ( WINPR_DIGEST_CTX *  md5,
SEC_CHANNEL_BINDINGS bindings 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kerberos_InitializeSecurityContextA()

static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextA ( PCredHandle  phCredential,
PCtxtHandle  phContext,
SEC_CHAR pszTargetName,
ULONG  fContextReq,
ULONG  Reserved1,
ULONG  TargetDataRep,
PSecBufferDesc  pInput,
ULONG  Reserved2,
PCtxtHandle  phNewContext,
PSecBufferDesc  pOutput,
ULONG *  pfContextAttr,
PTimeStamp  ptsExpiry 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kerberos_InitializeSecurityContextW()

static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextW ( PCredHandle  phCredential,
PCtxtHandle  phContext,
SEC_WCHAR pszTargetName,
ULONG  fContextReq,
ULONG  Reserved1,
ULONG  TargetDataRep,
PSecBufferDesc  pInput,
ULONG  Reserved2,
PCtxtHandle  phNewContext,
PSecBufferDesc  pOutput,
ULONG *  pfContextAttr,
PTimeStamp  ptsExpiry 
)
static
Here is the call graph for this function:

◆ kerberos_MakeSignature()

static SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature ( PCtxtHandle  phContext,
ULONG  fQOP,
PSecBufferDesc  pMessage,
ULONG  MessageSeqNo 
)
static
Here is the call graph for this function:

◆ kerberos_QueryContextAttributesA()

static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesA ( PCtxtHandle  phContext,
ULONG  ulAttribute,
void *  pBuffer 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kerberos_QueryContextAttributesW()

static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesW ( PCtxtHandle  phContext,
ULONG  ulAttribute,
void *  pBuffer 
)
static
Here is the call graph for this function:

◆ kerberos_QueryCredentialsAttributesA()

static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesA ( PCredHandle  phCredential,
ULONG  ulAttribute,
void *  pBuffer 
)
static
Here is the call graph for this function:

◆ kerberos_QueryCredentialsAttributesW()

static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesW ( PCredHandle  phCredential,
ULONG  ulAttribute,
void *  pBuffer 
)
static
Here is the caller graph for this function:

◆ kerberos_SetContextAttributesA()

static SECURITY_STATUS SEC_ENTRY kerberos_SetContextAttributesA ( PCtxtHandle  phContext,
ULONG  ulAttribute,
void *  pBuffer,
ULONG  cbBuffer 
)
static

◆ kerberos_SetContextAttributesW()

static SECURITY_STATUS SEC_ENTRY kerberos_SetContextAttributesW ( PCtxtHandle  phContext,
ULONG  ulAttribute,
void *  pBuffer,
ULONG  cbBuffer 
)
static

◆ kerberos_SetCredentialsAttributesA()

static SECURITY_STATUS SEC_ENTRY kerberos_SetCredentialsAttributesA ( PCredHandle  phCredential,
ULONG  ulAttribute,
void *  pBuffer,
ULONG  cbBuffer 
)
static
Here is the call graph for this function:

◆ kerberos_SetCredentialsAttributesW()

static SECURITY_STATUS SEC_ENTRY kerberos_SetCredentialsAttributesW ( PCredHandle  phCredential,
ULONG  ulAttribute,
void *  pBuffer,
ULONG  cbBuffer 
)
static
Here is the call graph for this function:

◆ kerberos_SetCredentialsAttributesX()

static SECURITY_STATUS SEC_ENTRY kerberos_SetCredentialsAttributesX ( PCredHandle  phCredential,
ULONG  ulAttribute,
void *  pBuffer,
ULONG  cbBuffer,
BOOL  unicode 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kerberos_VerifySignature()

static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature ( PCtxtHandle  phContext,
PSecBufferDesc  pMessage,
ULONG  MessageSeqNo,
ULONG *  pfQOP 
)
static
Here is the call graph for this function:

Variable Documentation

◆ KERBEROS_SecPkgInfoA

const SecPkgInfoA KERBEROS_SecPkgInfoA
Initial value:
= {
0x000F3BBF,
1,
0x0010,
0x0000BB80,
"Kerberos",
"Kerberos Security Package"
}

◆ KERBEROS_SecPkgInfoW

const SecPkgInfoW KERBEROS_SecPkgInfoW
Initial value:
= {
0x000F3BBF,
1,
0x0010,
0x0000BB80,
}
static WCHAR KERBEROS_SecPkgInfoW_Comment[]
Definition: kerberos.c:66
static WCHAR KERBEROS_SecPkgInfoW_Name[]
Definition: kerberos.c:64

◆ KERBEROS_SecPkgInfoW_Comment

WCHAR KERBEROS_SecPkgInfoW_Comment[]
static
Initial value:
= { 'K', 'e', 'r', 'b', 'e', 'r', 'o', 's', ' ',
'S', 'e', 'c', 'u', 'r', 'i', 't', 'y', ' ',
'P', 'a', 'c', 'k', 'a', 'g', 'e', '\0' }

◆ KERBEROS_SecPkgInfoW_Name

WCHAR KERBEROS_SecPkgInfoW_Name[] = { 'K', 'e', 'r', 'b', 'e', 'r', 'o', 's', '\0' }
static

◆ KERBEROS_SecurityFunctionTableA

const SecurityFunctionTableA KERBEROS_SecurityFunctionTableA

◆ KERBEROS_SecurityFunctionTableW

const SecurityFunctionTableW KERBEROS_SecurityFunctionTableW