archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
 
 
 
 
 
 
Tree: b4a8d373d8
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b4a8d373d8'
${ noResults }
windows-nt-4.0/private/rpc/runtime/mtrt/secclnt.hxx

520 lines
9.3 KiB
Raw Blame History

/*++
Copyright (c) 1991 Microsoft Corporation
Module Name:
secclnt.hxx
Abstract:
This file contains an abstraction to the security support for clients
and that which is common to both servers and clients.
Author:
Michael Montague (mikemon) 10-Apr-1992
Revision History:
--*/
#ifndef __SECCLNT_HXX__
#define __SECCLNT_HXX__
typedef SecBufferDesc SECURITY_BUFFER_DESCRIPTOR;
typedef SecBuffer SECURITY_BUFFER;
#define MAXIMUM_SECURITY_BLOCK_SIZE 16
#ifdef NTENV
typedef struct
{
unsigned long Count;
SecPkgInfoW PAPI * SecurityPackages;
PSecurityFunctionTableW RpcSecurityInterface;
void * ProviderDll;
} SECURITY_PROVIDER_INFO;
#else // ifdef NTENV
typedef struct
{
unsigned long Count;
SecPkgInfoA PAPI * SecurityPackages;
PSecurityFunctionTableA RpcSecurityInterface;
void * ProviderDll;
} SECURITY_PROVIDER_INFO;
#endif // ifdef NTENV
extern SECURITY_PROVIDER_INFO PAPI * ProviderList;
extern unsigned long NumberOfProviders;
extern unsigned long LoadedProviders;
extern unsigned long AvailableProviders;
extern int SecuritySupportLoaded;
extern int FailedToLoad;
extern PSecurityFunctionTable RpcSecurityInterface;
extern SecPkgInfo PAPI * SecurityPackages;
extern unsigned long NumberOfSecurityPackages;
extern RPC_STATUS
InsureSecuritySupportLoaded (
);
extern RPC_STATUS
IsAuthenticationServiceSupported (
IN unsigned long AuthenticationService
);
class SECURITY_CREDENTIALS
/*++
Class Description:
This class is an abstraction of the credential handle provided by
the Security APIs.
Fields:
PackageIndex - Contains the index for this package in the array of
packages pointed to by SecurityPackages.
Credentials - Contains the credential handle used by the security
package.
--*/
{
private:
unsigned int ProviderIndex;
unsigned int PackageIndex;
CredHandle Credentials;
unsigned int ReferenceCount;
MUTEX CredentialsMutex;
#ifdef DOSWIN32RPC
SEC_CHAR __SEC_FAR * DefaultPrincName;
#endif
BOOL fCredentialsValid;
public:
SECURITY_CREDENTIALS (
IN OUT RPC_STATUS PAPI * Status
);
#ifdef DOSWIN32RPC
~SECURITY_CREDENTIALS (
);
#endif
RPC_STATUS
AcquireCredentialsForServer (
IN RPC_AUTH_KEY_RETRIEVAL_FN GetKeyFn,
IN void __RPC_FAR * Arg,
IN unsigned long AuthenticationService,
IN unsigned long AuthenticationLevel,
IN RPC_CHAR __RPC_FAR * Principal
);
RPC_STATUS
AcquireCredentialsForClient (
IN RPC_AUTH_IDENTITY_HANDLE AuthIdentity,
IN unsigned long AuthenticationService,
IN unsigned long AuthenticationLevel
);
#ifdef DOSWIN32RPC
SEC_CHAR __SEC_FAR *
InquireDefaultPrincName (
);
#endif
void
FreeCredentials (
);
unsigned int
MaximumTokenLength (
);
PCredHandle
InquireCredentials (
);
void
ReferenceCredentials(
);
void
DereferenceCredentials(
);
#ifdef NTENV
PSecurityFunctionTableW
InquireProviderFunctionTable (
);
int
CompareCredentials(
SECURITY_CREDENTIALS PAPI * Creds
);
CredHandle *
InqCredHandleCookie(
);
#else // NTENV
PSecurityFunctionTableA
InquireProviderFunctionTable (
);
#endif // NTENV
};
#ifdef NTENV
inline
CredHandle *
SECURITY_CREDENTIALS::InqCredHandleCookie(
)
{
return (&Credentials);
}
inline
int
SECURITY_CREDENTIALS::CompareCredentials(
SECURITY_CREDENTIALS PAPI * Creds
)
{
CredHandle * Cookie = Creds->InqCredHandleCookie();
if ( (Credentials.dwLower == Cookie->dwLower)
&&(Credentials.dwUpper == Cookie->dwUpper) )
{
return 0;
}
return 1;
}
#endif
inline
void
SECURITY_CREDENTIALS::ReferenceCredentials(
)
{
CredentialsMutex.Request();
ReferenceCount++;
CredentialsMutex.Clear();
}
inline
void
SECURITY_CREDENTIALS::DereferenceCredentials(
)
{
CredentialsMutex.Request();
ReferenceCount--;
if (ReferenceCount == 0)
{
CredentialsMutex.Clear();
FreeCredentials();
delete this;
}
else
{
CredentialsMutex.Clear();
}
}
inline unsigned int
SECURITY_CREDENTIALS::MaximumTokenLength (
)
/*++
Return Value:
The maximum size, in bytes, of the tokens passed around at security
context initialization time.
--*/
{
return(ProviderList[ProviderIndex].SecurityPackages[PackageIndex].cbMaxToken);
}
#ifdef NTENV
inline PSecurityFunctionTableW
SECURITY_CREDENTIALS::InquireProviderFunctionTable(
)
/*++
Return Value:
--*/
{
return(ProviderList[ProviderIndex].RpcSecurityInterface);
}
#else // NTENV
inline PSecurityFunctionTableA
SECURITY_CREDENTIALS::InquireProviderFunctionTable(
)
/*++
Return Value:
--*/
{
return(ProviderList[ProviderIndex].RpcSecurityInterface);
}
#endif // NTENV
inline PCredHandle
SECURITY_CREDENTIALS::InquireCredentials (
)
/*++
Return Value:
The credential handle for this object will be returned.
--*/
{
return(&Credentials);
}
class SECURITY_CONTEXT : public CLIENT_AUTH_INFO
/*++
Class Description:
This is an abstraction of a security context. It allows you to use
it to generate signatures and then verify them, as well as, sealing
and unsealing messages.
Fields:
DontForgetToDelete - Contains a flag indicating whether or not there
is a valid security context which needs to be deleted. A value
of non-zero indicates there is a valid security context.
SecurityContext - Contains a handle to the security context maintained
by the security package on our behalf.
MaxHeaderLength - Contains the maximum size of a header for this
security context.
MaxSignatureLength - Contains the maximum size of a signature for
this security context.
--*/
{
public:
unsigned AuthContextId;
SECURITY_CONTEXT (
CLIENT_AUTH_INFO *myAuthInfo,
unsigned myAuthContextId,
BOOL fUseDatagram,
RPC_STATUS __RPC_FAR * pStatus
);
~SECURITY_CONTEXT (
);
void
SetMaximumLengths (
);
unsigned int
MaximumHeaderLength (
);
unsigned int
MaximumSignatureLength (
);
unsigned int
BlockSize (
);
RPC_STATUS
CompleteSecurityToken (
IN OUT SECURITY_BUFFER_DESCRIPTOR PAPI * BufferDescriptor
);
RPC_STATUS
SignOrSeal (
IN unsigned long Sequence,
IN unsigned int SignNotSealFlag,
IN OUT SECURITY_BUFFER_DESCRIPTOR PAPI * BufferDescriptor
);
RPC_STATUS
VerifyOrUnseal (
IN unsigned long Sequence,
IN unsigned int VerifyNotUnsealFlag,
IN OUT SECURITY_BUFFER_DESCRIPTOR PAPI * BufferDescriptor
);
protected:
unsigned char DontForgetToDelete;
unsigned char UseDatagram;
CtxtHandle SecurityContext;
unsigned int MaxHeaderLength;
unsigned int MaxSignatureLength;
unsigned int cbBlockSize;
#ifdef NTENV
PSecurityFunctionTableW RpcSecurityInterface;
#else // NTENV
PSecurityFunctionTableA RpcSecurityInterface;
#endif
int FailedContext;
};
typedef SECURITY_CONTEXT * PSECURITY_CONTEXT;
inline
SECURITY_CONTEXT::~SECURITY_CONTEXT (
)
/*++
Routine Description:
If there is a valid security context, we need to delete it.
--*/
{
SECURITY_STATUS SecurityStatus;
if ( DontForgetToDelete != 0 )
{
SecurityStatus = (*RpcSecurityInterface->DeleteSecurityContext)(
&SecurityContext );
#if DBG
if (SecurityStatus != SEC_E_OK)
{
PrintToDebugger("DeleteSecContext Returned [%lx]\n", SecurityStatus);
}
#endif
ASSERT( SecurityStatus == SEC_E_OK );
}
}
inline unsigned int
SECURITY_CONTEXT::MaximumHeaderLength (
)
/*++
Return Value:
The maximum size of the header used by SECURITY_CONTEXT::SealMessage
will be returned. This is in bytes.
--*/
{
return(MaxHeaderLength);
}
inline unsigned int
SECURITY_CONTEXT::BlockSize (
)
/*++
Return Value:
For best effect, buffers to be signed or sealed should be a multiple
of this length.
--*/
{
return(cbBlockSize);
}
inline unsigned int
SECURITY_CONTEXT::MaximumSignatureLength (
)
/*++
Return Value:
The maximum size, in bytes, of the signature used by
SECURITY_CONTEXT::MakeSignature will be returned.
--*/
{
return(MaxSignatureLength);
}
class CSECURITY_CONTEXT : public SECURITY_CONTEXT
/*++
Class Description:
Fields:
--*/
{
private:
public:
CSECURITY_CONTEXT (
CLIENT_AUTH_INFO * myAuthInfo,
RPC_STATUS __RPC_FAR * pStatus
);
RPC_STATUS
InitializeFirstTime (
IN SECURITY_CREDENTIALS * Credentials,
IN RPC_CHAR * ServerPrincipalName,
IN unsigned long AuthenticationLevel,
IN OUT SECURITY_BUFFER_DESCRIPTOR PAPI * BufferDescriptor
);
RPC_STATUS
InitializeThirdLeg (
IN unsigned long DataRepresentation,
IN SECURITY_BUFFER_DESCRIPTOR PAPI * InputBufferDescriptor,
IN OUT SECURITY_BUFFER_DESCRIPTOR PAPI * OutputBufferDescriptor
);
};
inline
CSECURITY_CONTEXT::CSECURITY_CONTEXT (
CLIENT_AUTH_INFO * myAuthInfo,
RPC_STATUS __RPC_FAR * pStatus
)
: SECURITY_CONTEXT(myAuthInfo, 0, FALSE, pStatus)
{
}
#endif // __SECCLNT_HXX__