#include <winpr/config.h>
#include <winpr/crt.h>
#include <winpr/assert.h>
#include <winpr/sspi.h>
#include <winpr/tchar.h>
#include <winpr/registry.h>
#include <winpr/build-config.h>
#include "negotiate.h"
#include "../sspi.h"
#include "../../log.h"
|
void | ntlm_reset_cipher_state (PSecHandle) |
|
static INLINE size_t | asn_tlv_length (size_t len) |
|
static INLINE size_t | asn_contextual_length (size_t len) |
|
static BYTE * | negotiate_write_tlv (BYTE *buf, BYTE tag, size_t len, const BYTE *value) |
|
static BYTE * | negotiate_write_contextual_tlv (BYTE *buf, BYTE contextual, BYTE tag, size_t len, const BYTE *value) |
|
static BYTE * | negotiate_read_tlv (BYTE *buf, BYTE *tag, size_t *len, size_t *bytes_remain) |
|
static NEGOTIATE_CONTEXT * | negotiate_ContextNew (NEGOTIATE_CONTEXT *init_context) |
|
static void | negotiate_ContextFree (NEGOTIATE_CONTEXT *context) |
|
static BOOL | negotiate_oid_compare (const sspi_gss_OID_desc *oid1, const sspi_gss_OID_desc *oid2) |
|
static const char * | negotiate_mech_name (const sspi_gss_OID_desc *oid) |
|
static const Mech * | negotiate_GetMechByOID (sspi_gss_OID_desc oid) |
|
static PSecHandle | negotiate_FindCredential (MechCred *creds, const Mech *mech) |
|
static BOOL | negotiate_get_dword (HKEY hKey, const char *subkey, DWORD *pdwValue) |
|
static BOOL | negotiate_get_config (BOOL *kerberos, BOOL *ntlm) |
|
static BOOL | negotiate_write_neg_token (PSecBuffer output_buffer, NegToken *token) |
|
static BOOL | negotiate_read_neg_token (PSecBuffer input, NegToken *token) |
|
static SECURITY_STATUS | negotiate_mic_exchange (NEGOTIATE_CONTEXT *context, NegToken *input_token, NegToken *output_token, PSecBuffer output_buffer) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_InitializeSecurityContextW (PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_InitializeSecurityContextA (PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_AcceptSecurityContext (PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_CompleteAuthToken (PCtxtHandle phContext, PSecBufferDesc pToken) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_DeleteSecurityContext (PCtxtHandle phContext) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_ImpersonateSecurityContext (PCtxtHandle phContext) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_RevertSecurityContext (PCtxtHandle phContext) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_QueryContextAttributesW (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_QueryContextAttributesA (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_SetContextAttributesW (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_SetContextAttributesA (PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_AcquireCredentialsHandleW (SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_AcquireCredentialsHandleA (SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_QueryCredentialsAttributesW (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_QueryCredentialsAttributesA (PCredHandle phCredential, ULONG ulAttribute, void *pBuffer) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_FreeCredentialsHandle (PCredHandle phCredential) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_EncryptMessage (PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_DecryptMessage (PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_MakeSignature (PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo) |
|
static SECURITY_STATUS SEC_ENTRY | negotiate_VerifySignature (PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP) |
|
|
static const char | NEGO_REG_KEY [] |
|
const SecurityFunctionTableA | NTLM_SecurityFunctionTableA |
|
const SecurityFunctionTableW | NTLM_SecurityFunctionTableW |
|
const SecurityFunctionTableA | KERBEROS_SecurityFunctionTableA |
|
const SecurityFunctionTableW | KERBEROS_SecurityFunctionTableW |
|
const SecPkgInfoA | NEGOTIATE_SecPkgInfoA |
|
static WCHAR | NEGOTIATE_SecPkgInfoW_Name [] = { 'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', '\0' } |
|
static WCHAR | NEGOTIATE_SecPkgInfoW_Comment [] |
|
const SecPkgInfoW | NEGOTIATE_SecPkgInfoW |
|
static const sspi_gss_OID_desc | spnego_OID = { 6, "\x2b\x06\x01\x05\x05\x02" } |
|
static const sspi_gss_OID_desc | kerberos_OID = { 9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" } |
|
static const sspi_gss_OID_desc | kerberos_wrong_OID = { 9, "\x2a\x86\x48\x82\xf7\x12\x01\x02\x02" } |
|
static const sspi_gss_OID_desc | ntlm_OID = { 10, "\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" } |
|
static const SecPkg | SecPkgTable [] |
|
static const Mech | MechTable [] |
|
static const size_t | MECH_COUNT = sizeof(MechTable) / sizeof(Mech) |
|
const SecurityFunctionTableA | NEGOTIATE_SecurityFunctionTableA |
|
const SecurityFunctionTableW | NEGOTIATE_SecurityFunctionTableW |
|
◆ TAG
WinPR: Windows Portable Runtime Negotiate Security Package
Copyright 2011-2014 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2017 Dorian Ducournau doria.nosp@m.n.du.nosp@m.courn.nosp@m.au@g.nosp@m.mail..nosp@m.com
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
◆ NegState
Enumerator |
---|
NOSTATE | |
ACCEPT_COMPLETED | |
ACCEPT_INCOMPLETE | |
REJECT | |
REQUEST_MIC | |
◆ asn_contextual_length()
static INLINE size_t asn_contextual_length |
( |
size_t |
len | ) |
|
|
static |
◆ asn_tlv_length()
static INLINE size_t asn_tlv_length |
( |
size_t |
len | ) |
|
|
static |
◆ negotiate_AcceptSecurityContext()
◆ negotiate_AcquireCredentialsHandleA()
◆ negotiate_AcquireCredentialsHandleW()
◆ negotiate_CompleteAuthToken()
◆ negotiate_ContextFree()
◆ negotiate_ContextNew()
◆ negotiate_DecryptMessage()
◆ negotiate_DeleteSecurityContext()
◆ negotiate_EncryptMessage()
◆ negotiate_FindCredential()
static PSecHandle negotiate_FindCredential |
( |
MechCred * |
creds, |
|
|
const Mech * |
mech |
|
) |
| |
|
static |
◆ negotiate_FreeCredentialsHandle()
◆ negotiate_get_config()
static BOOL negotiate_get_config |
( |
BOOL * |
kerberos, |
|
|
BOOL * |
ntlm |
|
) |
| |
|
static |
◆ negotiate_get_dword()
static BOOL negotiate_get_dword |
( |
HKEY |
hKey, |
|
|
const char * |
subkey, |
|
|
DWORD * |
pdwValue |
|
) |
| |
|
static |
◆ negotiate_GetMechByOID()
static const Mech* negotiate_GetMechByOID |
( |
sspi_gss_OID_desc |
oid | ) |
|
|
static |
◆ negotiate_ImpersonateSecurityContext()
◆ negotiate_InitializeSecurityContextA()
static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextA |
( |
PCredHandle |
phCredential, |
|
|
PCtxtHandle |
phContext, |
|
|
SEC_CHAR * |
pszTargetName, |
|
|
ULONG |
fContextReq, |
|
|
ULONG |
Reserved1, |
|
|
ULONG |
TargetDataRep, |
|
|
PSecBufferDesc |
pInput, |
|
|
ULONG |
Reserved2, |
|
|
PCtxtHandle |
phNewContext, |
|
|
PSecBufferDesc |
pOutput, |
|
|
PULONG |
pfContextAttr, |
|
|
PTimeStamp |
ptsExpiry |
|
) |
| |
|
static |
◆ negotiate_InitializeSecurityContextW()
static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW |
( |
PCredHandle |
phCredential, |
|
|
PCtxtHandle |
phContext, |
|
|
SEC_WCHAR * |
pszTargetName, |
|
|
ULONG |
fContextReq, |
|
|
ULONG |
Reserved1, |
|
|
ULONG |
TargetDataRep, |
|
|
PSecBufferDesc |
pInput, |
|
|
ULONG |
Reserved2, |
|
|
PCtxtHandle |
phNewContext, |
|
|
PSecBufferDesc |
pOutput, |
|
|
PULONG |
pfContextAttr, |
|
|
PTimeStamp |
ptsExpiry |
|
) |
| |
|
static |
◆ negotiate_MakeSignature()
◆ negotiate_mech_name()
static const char* negotiate_mech_name |
( |
const sspi_gss_OID_desc * |
oid | ) |
|
|
static |
◆ negotiate_mic_exchange()
◆ negotiate_oid_compare()
static BOOL negotiate_oid_compare |
( |
const sspi_gss_OID_desc * |
oid1, |
|
|
const sspi_gss_OID_desc * |
oid2 |
|
) |
| |
|
static |
◆ negotiate_QueryContextAttributesA()
◆ negotiate_QueryContextAttributesW()
◆ negotiate_QueryCredentialsAttributesA()
◆ negotiate_QueryCredentialsAttributesW()
◆ negotiate_read_neg_token()
static BOOL negotiate_read_neg_token |
( |
PSecBuffer |
input, |
|
|
NegToken * |
token |
|
) |
| |
|
static |
◆ negotiate_read_tlv()
static BYTE* negotiate_read_tlv |
( |
BYTE * |
buf, |
|
|
BYTE * |
tag, |
|
|
size_t * |
len, |
|
|
size_t * |
bytes_remain |
|
) |
| |
|
static |
◆ negotiate_RevertSecurityContext()
◆ negotiate_SetContextAttributesA()
◆ negotiate_SetContextAttributesW()
◆ negotiate_VerifySignature()
◆ negotiate_write_contextual_tlv()
static BYTE* negotiate_write_contextual_tlv |
( |
BYTE * |
buf, |
|
|
BYTE |
contextual, |
|
|
BYTE |
tag, |
|
|
size_t |
len, |
|
|
const BYTE * |
value |
|
) |
| |
|
static |
◆ negotiate_write_neg_token()
static BOOL negotiate_write_neg_token |
( |
PSecBuffer |
output_buffer, |
|
|
NegToken * |
token |
|
) |
| |
|
static |
◆ negotiate_write_tlv()
static BYTE* negotiate_write_tlv |
( |
BYTE * |
buf, |
|
|
BYTE |
tag, |
|
|
size_t |
len, |
|
|
const BYTE * |
value |
|
) |
| |
|
static |
◆ ntlm_reset_cipher_state()
◆ kerberos_OID
const sspi_gss_OID_desc kerberos_OID = { 9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" } |
|
static |
◆ KERBEROS_SecurityFunctionTableA
◆ KERBEROS_SecurityFunctionTableW
◆ kerberos_wrong_OID
const sspi_gss_OID_desc kerberos_wrong_OID = { 9, "\x2a\x86\x48\x82\xf7\x12\x01\x02\x02" } |
|
static |
◆ MECH_COUNT
const size_t MECH_COUNT = sizeof(MechTable) / sizeof(Mech) |
|
static |
◆ MechTable
◆ NEGO_REG_KEY
const char NEGO_REG_KEY[] |
|
static |
Initial value:=
"Software\\" WINPR_VENDOR_STRING "\\" WINPR_PRODUCT_STRING "\\SSPI\\Negotiate"
◆ NEGOTIATE_SecPkgInfoA
Initial value:= {
0x00083BB3,
1,
0x0009,
0x00002FE0,
"Negotiate",
"Microsoft Package Negotiator"
}
◆ NEGOTIATE_SecPkgInfoW
Initial value:= {
0x00083BB3,
1,
0x0009,
0x00002FE0,
}
◆ NEGOTIATE_SecPkgInfoW_Comment
WCHAR NEGOTIATE_SecPkgInfoW_Comment[] |
|
static |
Initial value:= { 'M', 'i', 'c', 'r', 'o', 's', 'o', 'f', 't', ' ',
'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', 'N', 'e',
'g', 'o', 't', 'i', 'a', 't', 'o', 'r', '\0' }
◆ NEGOTIATE_SecPkgInfoW_Name
WCHAR NEGOTIATE_SecPkgInfoW_Name[] = { 'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', '\0' } |
|
static |
◆ NEGOTIATE_SecurityFunctionTableA
◆ NEGOTIATE_SecurityFunctionTableW
◆ ntlm_OID
const sspi_gss_OID_desc ntlm_OID = { 10, "\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" } |
|
static |
◆ NTLM_SecurityFunctionTableA
◆ NTLM_SecurityFunctionTableW
◆ SecPkgTable
const SecPkg SecPkgTable[] |
|
static |
◆ spnego_OID
const sspi_gss_OID_desc spnego_OID = { 6, "\x2b\x06\x01\x05\x05\x02" } |
|
static |
static SECURITY_STATUS SEC_ENTRY negotiate_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP)
Definition: negotiate.c:1451
static SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleW(SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
Definition: negotiate.c:1307
static SECURITY_STATUS SEC_ENTRY negotiate_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG *pfQOP)
Definition: negotiate.c:1495
static SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
Definition: negotiate.c:1251
static SECURITY_STATUS SEC_ENTRY negotiate_ImpersonateSecurityContext(PCtxtHandle phContext)
Definition: negotiate.c:1223
static SECURITY_STATUS SEC_ENTRY negotiate_SetContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
Definition: negotiate.c:1269
static SECURITY_STATUS SEC_ENTRY negotiate_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: negotiate.c:1429
static SECURITY_STATUS SEC_ENTRY negotiate_AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse, void *pvLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
Definition: negotiate.c:1348
static SECURITY_STATUS SEC_ENTRY negotiate_DeleteSecurityContext(PCtxtHandle phContext)
Definition: negotiate.c:1201
static const sspi_gss_OID_desc kerberos_OID
Definition: negotiate.c:95
static SECURITY_STATUS SEC_ENTRY negotiate_MakeSignature(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
Definition: negotiate.c:1473
static SECURITY_STATUS SEC_ENTRY negotiate_SetContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer, ULONG cbBuffer)
Definition: negotiate.c:1288
static SECURITY_STATUS SEC_ENTRY negotiate_FreeCredentialsHandle(PCredHandle phCredential)
Definition: negotiate.c:1406
static SECURITY_STATUS SEC_ENTRY negotiate_RevertSecurityContext(PCtxtHandle phContext)
Definition: negotiate.c:1228
const SecurityFunctionTableW NTLM_SecurityFunctionTableW
Definition: winpr/libwinpr/sspi/NTLM/ntlm.c:1297
static SECURITY_STATUS SEC_ENTRY negotiate_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp)
Definition: negotiate.c:908
#define KERBEROS_SSP_NAME
Definition: include/winpr/sspi.h:104
const SecurityFunctionTableW KERBEROS_SecurityFunctionTableW
Definition: kerberos.c:1009
#define NTLM_SSP_NAME
Definition: include/winpr/sspi.h:103
const SecurityFunctionTableA KERBEROS_SecurityFunctionTableA
Definition: kerberos.c:978
const SecurityFunctionTableA NTLM_SecurityFunctionTableA
Definition: winpr/libwinpr/sspi/NTLM/ntlm.c:1266
static SECURITY_STATUS SEC_ENTRY negotiate_CompleteAuthToken(PCtxtHandle phContext, PSecBufferDesc pToken)
Definition: negotiate.c:1182
static SECURITY_STATUS SEC_ENTRY negotiate_QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
Definition: negotiate.c:1233
static WCHAR NEGOTIATE_SecPkgInfoW_Name[]
Definition: negotiate.c:79
static SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void *pBuffer)
Definition: negotiate.c:1398
static const sspi_gss_OID_desc ntlm_OID
Definition: negotiate.c:97
static const SecPkg SecPkgTable[]
Definition: negotiate.c:99
static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
Definition: negotiate.c:887
static SECURITY_STATUS SEC_ENTRY negotiate_QueryCredentialsAttributesW(PCredHandle phCredential, ULONG ulAttribute, void *pBuffer)
Definition: negotiate.c:1390
if availableBytes return NULL
Definition: TPCircularBuffer.h:109
static SECURITY_STATUS SEC_ENTRY negotiate_InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry)
Definition: negotiate.c:654
static WCHAR NEGOTIATE_SecPkgInfoW_Comment[]
Definition: negotiate.c:81