negotiate.c File Reference

#include <winpr/config.h>
#include <winpr/crt.h>
#include <winpr/wtypes.h>
#include <winpr/assert.h>
#include <winpr/sspi.h>
#include <winpr/tchar.h>
#include <winpr/registry.h>
#include <winpr/build-config.h>
#include <winpr/asn1.h>
#include "negotiate.h"
#include "../NTLM/ntlm.h"
#include "../NTLM/ntlm_export.h"
#include "../Kerberos/kerberos.h"
#include "../sspi.h"
#include "../../log.h"

Macros
#define	TAG   WINPR_TAG("negotiate")

Enumerations
enum	NegState {   NOSTATE = -1 , ACCEPT_COMPLETED , ACCEPT_INCOMPLETE , REJECT ,   REQUEST_MIC }

Functions
static NEGOTIATE_CONTEXT *	negotiate_ContextNew (NEGOTIATE_CONTEXT *init_context)
static void	negotiate_ContextFree (NEGOTIATE_CONTEXT *context)
static const char *	negotiate_mech_name (const WinPrAsn1_OID *oid)
static const Mech *	negotiate_GetMechByOID (const WinPrAsn1_OID *oid)
static PSecHandle	negotiate_FindCredential (MechCred *creds, const Mech *mech)
static BOOL	negotiate_get_dword (HKEY hKey, const char *subkey, DWORD *pdwValue)
static BOOL	negotiate_get_config_from_auth_package_list (void *pAuthData, BOOL *kerberos, BOOL *ntlm)
static BOOL	negotiate_get_config (void *pAuthData, BOOL *kerberos, BOOL *ntlm)
static BOOL	negotiate_write_neg_token (PSecBuffer output_buffer, NegToken *token)
static BOOL	negotiate_read_neg_token (PSecBuffer input, NegToken *token)
static SECURITY_STATUS	negotiate_mic_exchange (NEGOTIATE_CONTEXT *context, NegToken *input_token, NegToken *output_token, PSecBuffer output_buffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_InitializeSecurityContextW (PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
static SECURITY_STATUS SEC_ENTRY	negotiate_InitializeSecurityContextA (PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
static const Mech *	guessMech (PSecBuffer input_buffer, BOOL *spNego, WinPrAsn1_OID *oid)
static SECURITY_STATUS SEC_ENTRY	negotiate_AcceptSecurityContext (PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
static SECURITY_STATUS SEC_ENTRY	negotiate_CompleteAuthToken (PCtxtHandle phContext, PSecBufferDesc pToken)
static SECURITY_STATUS SEC_ENTRY	negotiate_DeleteSecurityContext (PCtxtHandle phContext)
static SECURITY_STATUS SEC_ENTRY	negotiate_ImpersonateSecurityContext (PCtxtHandle phContext)
static SECURITY_STATUS SEC_ENTRY	negotiate_RevertSecurityContext (PCtxtHandle phContext)
static SECURITY_STATUS SEC_ENTRY	negotiate_QueryContextAttributesW (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_QueryContextAttributesA (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_SetContextAttributesW (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_SetContextAttributesA (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_SetCredentialsAttributesW (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_SetCredentialsAttributesA (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_AcquireCredentialsHandleW (SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
static SECURITY_STATUS SEC_ENTRY	negotiate_AcquireCredentialsHandleA (SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
static SECURITY_STATUS SEC_ENTRY	negotiate_QueryCredentialsAttributesW (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_QueryCredentialsAttributesA (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer)
static SECURITY_STATUS SEC_ENTRY	negotiate_FreeCredentialsHandle (PCredHandle phCredential)
static SECURITY_STATUS SEC_ENTRY	negotiate_EncryptMessage (PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
static SECURITY_STATUS SEC_ENTRY	negotiate_DecryptMessage (PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP)
static SECURITY_STATUS SEC_ENTRY	negotiate_MakeSignature (PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
static SECURITY_STATUS SEC_ENTRY	negotiate_VerifySignature (PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP)
BOOL	NEGOTIATE_init (void)

Variables
static const char	NEGO_REG_KEY []
const SecPkgInfoA	NEGOTIATE_SecPkgInfoA
static WCHAR	NEGOTIATE_SecPkgInfoW_NameBuffer [32] = { 0 }
static WCHAR	NEGOTIATE_SecPkgInfoW_CommentBuffer [32] = { 0 }
const SecPkgInfoW	NEGOTIATE_SecPkgInfoW
static const WinPrAsn1_OID	spnego_OID = { 6, (BYTE*)"\x2b\x06\x01\x05\x05\x02" }
static const WinPrAsn1_OID	kerberos_u2u_OID
static const WinPrAsn1_OID	kerberos_OID = { 9, (BYTE*)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" }
static const WinPrAsn1_OID	kerberos_wrong_OID
static const WinPrAsn1_OID	ntlm_OID = { 10, (BYTE*)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" }
static const WinPrAsn1_OID	negoex_OID = { 10, (BYTE*)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x1e" }
static const SecPkg	SecPkgTable []
static const Mech	MechTable []
static const size_t	MECH_COUNT = sizeof(MechTable) / sizeof(Mech)
static const NegToken	empty_neg_token
const SecurityFunctionTableA	NEGOTIATE_SecurityFunctionTableA
const SecurityFunctionTableW	NEGOTIATE_SecurityFunctionTableW

Macro Definition Documentation

TAG

#define TAG   WINPR_TAG("negotiate")

WinPR: Windows Portable Runtime Negotiate Security Package

Copyright 2011-2014 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2017 Dorian Ducournau doria.nosp@m.n.du.nosp@m.courn.nosp@m.au@g.nosp@m.mail..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Enumeration Type Documentation

NegState

enum NegState

Enumerator
NOSTATE
ACCEPT_COMPLETED
ACCEPT_INCOMPLETE
REJECT
REQUEST_MIC

Function Documentation

guessMech()

static const Mech* guessMech ( PSecBuffer  input_buffer, BOOL *  spNego, WinPrAsn1_OID *  oid  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_AcceptSecurityContext()

static SECURITY_STATUS SEC_ENTRY negotiate_AcceptSecurityContext ( PCredHandle  phCredential, PCtxtHandle  phContext, PSecBufferDesc  pInput, ULONG  fContextReq, ULONG  TargetDataRep, PCtxtHandle  phNewContext, PSecBufferDesc  pOutput, PULONG  pfContextAttr, PTimeStamp  ptsTimeStamp  )

static

Here is the call graph for this function:

negotiate_AcquireCredentialsHandleA()

static SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleA ( SEC_CHAR *  pszPrincipal, SEC_CHAR *  pszPackage, ULONG  fCredentialUse, void *  pvLogonID, void *  pAuthData, SEC_GET_KEY_FN  pGetKeyFn, void *  pvGetKeyArgument, PCredHandle  phCredential, PTimeStamp  ptsExpiry  )

static

Here is the call graph for this function:

negotiate_AcquireCredentialsHandleW()

static SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleW ( SEC_WCHAR *  pszPrincipal, SEC_WCHAR *  pszPackage, ULONG  fCredentialUse, void *  pvLogonID, void *  pAuthData, SEC_GET_KEY_FN  pGetKeyFn, void *  pvGetKeyArgument, PCredHandle  phCredential, PTimeStamp  ptsExpiry  )

static

Here is the call graph for this function:

negotiate_CompleteAuthToken()

static SECURITY_STATUS SEC_ENTRY negotiate_CompleteAuthToken ( PCtxtHandle  phContext, PSecBufferDesc  pToken  )

static

Here is the call graph for this function:

negotiate_ContextFree()

static void negotiate_ContextFree ( NEGOTIATE_CONTEXT *  context )

static

Here is the caller graph for this function:

negotiate_ContextNew()

static NEGOTIATE_CONTEXT* negotiate_ContextNew ( NEGOTIATE_CONTEXT *  init_context )

static

Here is the caller graph for this function:

negotiate_DecryptMessage()

static SECURITY_STATUS SEC_ENTRY negotiate_DecryptMessage ( PCtxtHandle  phContext, PSecBufferDesc  pMessage, ULONG  MessageSeqNo, ULONG *  pfQOP  )

static

Here is the call graph for this function:

negotiate_DeleteSecurityContext()

static SECURITY_STATUS SEC_ENTRY negotiate_DeleteSecurityContext ( PCtxtHandle  phContext )

static

Here is the call graph for this function:

negotiate_EncryptMessage()

static SECURITY_STATUS SEC_ENTRY negotiate_EncryptMessage ( PCtxtHandle  phContext, ULONG  fQOP, PSecBufferDesc  pMessage, ULONG  MessageSeqNo  )

static

Here is the call graph for this function:

negotiate_FindCredential()

static PSecHandle negotiate_FindCredential ( MechCred *  creds, const Mech *  mech  )

static

Here is the caller graph for this function:

negotiate_FreeCredentialsHandle()

static SECURITY_STATUS SEC_ENTRY negotiate_FreeCredentialsHandle ( PCredHandle  phCredential )

static

Here is the call graph for this function:

negotiate_get_config()

static BOOL negotiate_get_config ( void *  pAuthData, BOOL *  kerberos, BOOL *  ntlm  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_get_config_from_auth_package_list()

static BOOL negotiate_get_config_from_auth_package_list ( void *  pAuthData, BOOL *  kerberos, BOOL *  ntlm  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_get_dword()

static BOOL negotiate_get_dword ( HKEY  hKey, const char *  subkey, DWORD *  pdwValue  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_GetMechByOID()

static const Mech* negotiate_GetMechByOID ( const WinPrAsn1_OID *  oid )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_ImpersonateSecurityContext()

static SECURITY_STATUS SEC_ENTRY negotiate_ImpersonateSecurityContext ( PCtxtHandle  phContext )

static

NEGOTIATE_init()

BOOL NEGOTIATE_init

(

void

)

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_InitializeSecurityContextA()

static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextA ( PCredHandle  phCredential, PCtxtHandle  phContext, SEC_CHAR *  pszTargetName, ULONG  fContextReq, ULONG  Reserved1, ULONG  TargetDataRep, PSecBufferDesc  pInput, ULONG  Reserved2, PCtxtHandle  phNewContext, PSecBufferDesc  pOutput, PULONG  pfContextAttr, PTimeStamp  ptsExpiry  )

static

Here is the call graph for this function:

negotiate_InitializeSecurityContextW()

static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW ( PCredHandle  phCredential, PCtxtHandle  phContext, SEC_WCHAR *  pszTargetName, ULONG  fContextReq, ULONG  Reserved1, ULONG  TargetDataRep, PSecBufferDesc  pInput, ULONG  Reserved2, PCtxtHandle  phNewContext, PSecBufferDesc  pOutput, PULONG  pfContextAttr, PTimeStamp  ptsExpiry  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_MakeSignature()

static SECURITY_STATUS SEC_ENTRY negotiate_MakeSignature ( PCtxtHandle  phContext, ULONG  fQOP, PSecBufferDesc  pMessage, ULONG  MessageSeqNo  )

static

Here is the call graph for this function:

negotiate_mech_name()

static const char* negotiate_mech_name ( const WinPrAsn1_OID *  oid )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_mic_exchange()

static SECURITY_STATUS negotiate_mic_exchange ( NEGOTIATE_CONTEXT *  context, NegToken *  input_token, NegToken *  output_token, PSecBuffer  output_buffer  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_QueryContextAttributesA()

static SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributesA ( PCtxtHandle  phContext, ULONG  ulAttribute, void *  pBuffer  )

static

Here is the call graph for this function:

negotiate_QueryContextAttributesW()

static SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributesW ( PCtxtHandle  phContext, ULONG  ulAttribute, void *  pBuffer  )

static

Here is the call graph for this function:

negotiate_QueryCredentialsAttributesA()

static SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesA ( PCredHandle  phCredential, ULONG  ulAttribute, void *  pBuffer  )

static

negotiate_QueryCredentialsAttributesW()

static SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesW ( PCredHandle  phCredential, ULONG  ulAttribute, void *  pBuffer  )

static

negotiate_read_neg_token()

static BOOL negotiate_read_neg_token ( PSecBuffer  input, NegToken *  token  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

negotiate_RevertSecurityContext()

static SECURITY_STATUS SEC_ENTRY negotiate_RevertSecurityContext ( PCtxtHandle  phContext )

static

negotiate_SetContextAttributesA()

static SECURITY_STATUS SEC_ENTRY negotiate_SetContextAttributesA ( PCtxtHandle  phContext, ULONG  ulAttribute, void *  pBuffer, ULONG  cbBuffer  )

static

Here is the call graph for this function:

negotiate_SetContextAttributesW()

static SECURITY_STATUS SEC_ENTRY negotiate_SetContextAttributesW ( PCtxtHandle  phContext, ULONG  ulAttribute, void *  pBuffer, ULONG  cbBuffer  )

static

Here is the call graph for this function:

negotiate_SetCredentialsAttributesA()

static SECURITY_STATUS SEC_ENTRY negotiate_SetCredentialsAttributesA ( PCredHandle  phCredential, ULONG  ulAttribute, void *  pBuffer, ULONG  cbBuffer  )

static

Here is the call graph for this function:

negotiate_SetCredentialsAttributesW()

static SECURITY_STATUS SEC_ENTRY negotiate_SetCredentialsAttributesW ( PCredHandle  phCredential, ULONG  ulAttribute, void *  pBuffer, ULONG  cbBuffer  )

static

Here is the call graph for this function:

negotiate_VerifySignature()

static SECURITY_STATUS SEC_ENTRY negotiate_VerifySignature ( PCtxtHandle  phContext, PSecBufferDesc  pMessage, ULONG  MessageSeqNo, ULONG *  pfQOP  )

static

Here is the call graph for this function:

negotiate_write_neg_token()

static BOOL negotiate_write_neg_token ( PSecBuffer  output_buffer, NegToken *  token  )

static

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

empty_neg_token

const NegToken empty_neg_token

static

Initial value:

= { NOSTATE,        FALSE,          { 0, NULL },
                                              { 0, 0, NULL }, { 0, 0, NULL }, { 0, 0, NULL } }

kerberos_OID

const WinPrAsn1_OID kerberos_OID = { 9, (BYTE*)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" }

static

kerberos_u2u_OID

const WinPrAsn1_OID kerberos_u2u_OID

static

Initial value:

= { 10,
                                                    (BYTE*)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x03" }

kerberos_wrong_OID

const WinPrAsn1_OID kerberos_wrong_OID

static

Initial value:

= { 9,
                                                      (BYTE*)"\x2a\x86\x48\x82\xf7\x12\x01\x02\x02" }

MECH_COUNT

const size_t MECH_COUNT = sizeof(MechTable) / sizeof(Mech)

static

MechTable

const Mech MechTable[]

static

Initial value:

= {
        { &ntlm_OID, &SecPkgTable[0], 0, FALSE },
}

NEGO_REG_KEY

const char NEGO_REG_KEY[]

static

Initial value:

=
    "Software\\" WINPR_VENDOR_STRING "\\" WINPR_PRODUCT_STRING "\\SSPI\\Negotiate"

negoex_OID

const WinPrAsn1_OID negoex_OID = { 10, (BYTE*)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x1e" }

static

NEGOTIATE_SecPkgInfoA

const SecPkgInfoA NEGOTIATE_SecPkgInfoA

Initial value:

= {
        0x00083BB3,                    
        1,                             
        0x0009,                        
        0x00002FE0,                    
        "Negotiate",                   
        "Microsoft Package Negotiator" 
}

NEGOTIATE_SecPkgInfoW

const SecPkgInfoW NEGOTIATE_SecPkgInfoW

Initial value:

= {
        0x00083BB3,                         
        1,                                  
        0x0009,                             
        0x00002FE0,                         
        NEGOTIATE_SecPkgInfoW_NameBuffer,   
        NEGOTIATE_SecPkgInfoW_CommentBuffer 
}

NEGOTIATE_SecPkgInfoW_CommentBuffer

WCHAR NEGOTIATE_SecPkgInfoW_CommentBuffer[32] = { 0 }

static

NEGOTIATE_SecPkgInfoW_NameBuffer

WCHAR NEGOTIATE_SecPkgInfoW_NameBuffer[32] = { 0 }

static

NEGOTIATE_SecurityFunctionTableA

const SecurityFunctionTableA NEGOTIATE_SecurityFunctionTableA

NEGOTIATE_SecurityFunctionTableW

const SecurityFunctionTableW NEGOTIATE_SecurityFunctionTableW

ntlm_OID

const WinPrAsn1_OID ntlm_OID = { 10, (BYTE*)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" }

static

SecPkgTable

const SecPkg SecPkgTable[]

static

Initial value:

= { { NTLM_SSP_NAME, &NTLM_SecurityFunctionTableA,
                                            &NTLM_SecurityFunctionTableW } }

spnego_OID

const WinPrAsn1_OID spnego_OID = { 6, (BYTE*)"\x2b\x06\x01\x05\x05\x02" }

static