archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/inetcore/digest/digesta.cxx

1034 lines
27 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1998 Microsoft Corporation
  5. Module Name:
  7. digesta.cxx
  9. Abstract:
  11. sspi ansi interface for digest package.
  13. Author:
  15. Adriaan Canter (adriaanc) 01-Aug-1998
  17. --*/
  18. #include "include.hxx"
  21. static SecurityFunctionTableA
  23. SecTableA =
  24. {
  25. SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
  26. EnumerateSecurityPackagesA,
  27. NULL, // QueryCredentialsAttributesA
  28. AcquireCredentialsHandleA,
  29. FreeCredentialsHandle,
  30. NULL, // SspiLogonUserA
  31. InitializeSecurityContextA,
  32. AcceptSecurityContext,
  33. CompleteAuthToken,
  34. DeleteSecurityContext,
  35. ApplyControlToken,
  36. QueryContextAttributesA,
  37. ImpersonateSecurityContext,
  38. RevertSecurityContext,
  39. MakeSignature,
  40. VerifySignature,
  41. FreeContextBuffer,
  42. QuerySecurityPackageInfoA,
  43. NULL, // Reserved3
  44. NULL, // Reserved4
  45. NULL, // ExportSecurityContext
  46. NULL, // ImportSecurityContextA
  47. NULL, // Reserved7
  48. NULL, // Reserved8
  49. NULL, // QuerySecurityContextToken
  50. NULL, // EncryptMessage
  51. NULL // DecryptMessage
  52. };
  56. //--------------------------------------------------------------------------
  57. //
  58. // Function: InitSecurityInterfaceA
  59. //
  60. // Synopsis:
  61. //
  62. // Effects:
  63. //
  64. // Arguments:
  65. //
  66. // Requires:
  67. //
  68. // Returns:
  69. //
  70. // Notes:
  71. //
  72. //
  73. //--------------------------------------------------------------------------
  74. extern "C" PSecurityFunctionTableA SEC_ENTRY
  75. InitSecurityInterfaceA(VOID)
  76. {
  77. PSecurityFunctionTableA pSecTableA = &SecTableA;
  78. return pSecTableA;
  79. }
  82. //--------------------------------------------------------------------------
  83. //
  84. // Function: AcquireCredentialsHandleA
  85. //
  86. // Synopsis:
  87. //
  88. // Effects:
  89. //
  90. // Arguments:
  91. //
  92. // Requires:
  93. //
  94. // Returns:
  95. //
  96. // Notes:
  97. //
  98. // HEINOUS SSPI HACK here: AcquireCredentialsHandle is called with the package
  99. // name ("Digest") as the package identifier. When AcquireCredentialsHandle returns
  100. // to the caller PCredHandle->dwLower is set by security.dll to be the index of
  101. // the package returned. EnumerateSecurityPackages. This is how SSPI resolves the
  102. // correct provider dll when subsequent calls are made through the dispatch table
  103. // (PSecurityFunctionTale). Any credential *or* context handle handed out by the
  104. // package must have the dwLower member set to this index so that subsequent calls
  105. // can resolve the dll from the handle.
  106. //
  107. //--------------------------------------------------------------------------
  108. extern "C" SECURITY_STATUS SEC_ENTRY
  109. AcquireCredentialsHandleA(
  110. LPSTR pszPrincipal, // Name of principal
  111. LPSTR pszPackageName, // Name of package
  112. DWORD dwCredentialUse, // Flags indicating use
  113. VOID SEC_FAR * pvLogonId, // Pointer to logon ID
  114. VOID SEC_FAR * pAuthData, // Package specific data
  115. SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
  116. VOID SEC_FAR * pvGetKeyArgument, // Value to pass to GetKey()
  117. PCredHandle phCredential, // (out) Cred Handle
  118. PTimeStamp ptsExpiry // (out) Lifetime (optional)
  119. )
  120. {
  121. if (!InitGlobals())
  122. return SEC_E_INTERNAL_ERROR;
  124. SECURITY_STATUS ssResult;
  126. // Outbound credentials only.
  127. if (!(dwCredentialUse & SECPKG_CRED_OUTBOUND)
  128. || (dwCredentialUse & SECPKG_CRED_INBOUND))
  129. {
  130. DIGEST_ASSERT(FALSE);
  131. ssResult = SEC_E_UNKNOWN_CREDENTIALS;
  132. goto exit;
  133. }
  135. // Logon to cache.
  137. // Logon to the cache and get the session context.
  138. CSess *pSess;
  139. PSEC_WINNT_AUTH_IDENTITY_EXA pSecIdExA;
  140. PSEC_WINNT_AUTH_IDENTITY pSecId;
  142. // HTTP clients will pass in this structure.
  143. pSecIdExA = (PSEC_WINNT_AUTH_IDENTITY_EXA) pAuthData;
  145. // Non-HTTP clients (OE4, OE5) will pass in this structure.
  146. pSecId = (PSEC_WINNT_AUTH_IDENTITY) pAuthData;
  148. // Check for HTTP client application logon.
  149. if (pAuthData
  150. && (pSecIdExA->Version == sizeof(SEC_WINNT_AUTH_IDENTITY_EXA))
  151. && pSecIdExA->User
  152. && pSecIdExA->UserLength == sizeof(DIGEST_PKG_DATA))
  153. {
  154. DIGEST_PKG_DATA *pPkgData;
  155. pPkgData = (DIGEST_PKG_DATA*) pSecIdExA->User;
  156. pSess = g_pCache->LogOnToCache(pPkgData->szAppCtx,
  157. pPkgData->szUserCtx, TRUE);
  158. }
  159. // Check for non-HTTP client application logon.
  160. else
  161. {
  162. // Find or create the single non-HTTP session.
  163. pSess = g_pCache->LogOnToCache(NULL, NULL, FALSE);
  165. // If user+pass+realm (domain) is passed in, create and
  166. // attach a matching credential to this session.
  167. if (pAuthData
  168. && pSecId->User
  169. && pSecId->UserLength
  170. && pSecId->Domain
  171. && pSecId->DomainLength
  172. && pSecId->Password
  173. && pSecId->PasswordLength)
  174. {
  175. // Create a credential with the information passed in.
  176. CCred *pCred;
  177. CCredInfo *pInfo;
  178. pInfo = new CCredInfo(NULL, (LPSTR) pSecId->Domain,
  179. (LPSTR) pSecId->User, (LPSTR) pSecId->Password, NULL, NULL);
  180. if (pInfo)
  181. {
  182. pCred = g_pCache->CreateCred(pSess, pInfo);
  183. delete pInfo;
  184. }
  185. }
  186. }
  188. // BUGBUG - return better error codes.
  189. if (!pSess)
  190. {
  191. DIGEST_ASSERT(FALSE);
  192. ssResult = SEC_E_INTERNAL_ERROR;
  193. goto exit;
  194. }
  196. // Hand out the session handle.
  197. phCredential->dwUpper = g_pCache->MapSessionToHandle(pSess);
  199. // ***** phCredential->dwLower will be set by security.dll *****
  201. ssResult = SEC_E_OK;
  203. exit:
  204. return ssResult;
  205. }
  209. //--------------------------------------------------------------------------
  210. //
  211. // Function: FreeCredentialsHandle
  212. //
  213. // Synopsis:
  214. //
  215. // Effects:
  216. //
  217. // Arguments:
  218. //
  219. // Requires:
  220. //
  221. // Returns:
  222. //
  223. // Notes:
  224. //
  225. //
  226. //--------------------------------------------------------------------------
  227. extern "C" SECURITY_STATUS SEC_ENTRY
  228. FreeCredentialsHandle(PCredHandle phCredential)
  229. {
  230. // bugbug - asserted.
  231. if (!InitGlobals())
  232. return SEC_E_INTERNAL_ERROR;
  234. SECURITY_STATUS ssResult;
  236. // Get the session context from the handle.
  237. CSess *pSess;
  239. pSess = g_pCache->MapHandleToSession(phCredential->dwUpper);
  240. if (!pSess)
  241. {
  242. DIGEST_ASSERT(FALSE);
  243. ssResult = SEC_E_UNKNOWN_CREDENTIALS;
  244. goto exit;
  245. }
  247. // Logoff from the cache.
  248. if (g_pCache->LogOffFromCache(pSess) != ERROR_SUCCESS)
  249. {
  250. DIGEST_ASSERT(FALSE);
  251. ssResult = SEC_E_INTERNAL_ERROR;
  252. goto exit;
  253. }
  254. ssResult = SEC_E_OK;
  255. exit:
  256. return ssResult;
  257. }
  260. //--------------------------------------------------------------------------
  261. //
  262. // Function: InitializeSecurityContextA
  263. //
  264. // Synopsis:
  265. //
  266. // Effects:
  267. //
  268. // Arguments:
  269. //
  270. // Requires:
  271. //
  272. // Returns:
  273. //
  274. // Notes:
  275. //
  276. //--------------------------------------------------------------------------
  277. extern "C" SECURITY_STATUS SEC_ENTRY
  278. InitializeSecurityContextA(
  279. PCredHandle phCredential, // Cred to base context
  280. PCtxtHandle phContext, // Existing context (OPT)
  281. LPSTR pszTargetName, // Name of target
  282. DWORD fContextReq, // Context Requirements
  283. DWORD Reserved1, // Reserved, MBZ
  284. DWORD TargetDataRep, // Data rep of target
  285. PSecBufferDesc pInput, // Input Buffers
  286. DWORD Reserved2, // Reserved, MBZ
  287. PCtxtHandle phNewContext, // (out) New Context handle
  288. PSecBufferDesc pOutput, // (inout) Output Buffers
  289. DWORD SEC_FAR * pfContextAttr, // (out) Context attrs
  290. PTimeStamp ptsExpiry // (out) Life span (OPT)
  291. )
  292. {
  293. if (!InitGlobals())
  294. return SEC_E_INTERNAL_ERROR;
  296. LPSTR szHost, szRealm, szUser, szPass, szNonce;
  297. DWORD cbHost, cbRealm, cbUser, cbPass, cbNonce;
  299. LPSTR szCtx = NULL;
  300. SECURITY_STATUS ssResult = SEC_E_OK;
  302. // Client nonce NULL except for md5-sess.
  303. LPSTR szCNonce = NULL;
  305. CSess *pSess;
  306. CCred *pCred;
  307. CParams *pParams = NULL;
  308. CCredInfo *pInfo = NULL;
  310. // Rude credential flush for all apps.
  311. if (!phCredential && (fContextReq & ISC_REQ_NULL_SESSION))
  312. {
  313. g_pCache->FlushCreds(NULL, NULL);
  314. ssResult = SEC_E_OK;
  315. goto exit;
  316. }
  318. // Get the session pointer from the handle.
  319. pSess = g_pCache->MapHandleToSession(phCredential->dwUpper);
  320. if (!pSess)
  321. {
  322. DIGEST_ASSERT(FALSE);
  323. ssResult = SEC_E_UNKNOWN_CREDENTIALS;
  324. goto exit;
  325. }
  327. // Legacy conn. oriented client may require a continue
  328. // message on null buffer input.
  329. if (!pSess->fHTTP && !pInput && pOutput)
  330. {
  331. *((LPDWORD) (pOutput->pBuffers[0].pvBuffer)) = 0;
  332. pOutput->pBuffers[0].cbBuffer = sizeof(DWORD);
  333. ssResult = SEC_I_CONTINUE_NEEDED;
  334. goto exit;
  335. }
  337. // Flush creds for indicated session.
  338. if (fContextReq & ISC_REQ_NULL_SESSION)
  339. {
  340. g_pCache->FlushCreds(pSess, NULL);
  341. ssResult = SEC_E_OK;
  342. goto exit;
  343. }
  345. DIGEST_ASSERT(phCredential && pInput && pOutput);
  347. // Parse the challenge to a params object.
  348. if (CDigest::ParseChallenge(pSess, pInput,
  349. &pParams, fContextReq) != ERROR_SUCCESS)
  350. {
  351. // DIGEST_ASSERT(FALSE);
  352. ssResult = SEC_E_INVALID_TOKEN;
  353. goto exit;
  354. }
  356. // Get host, realm (required) and any nonce, user & pass.
  357. pParams->GetParam(CParams::HOST, &szHost, &cbHost);
  358. pParams->GetParam(CParams::REALM, &szRealm, &cbRealm);
  359. pParams->GetParam(CParams::NONCE, &szNonce, &cbNonce);
  360. pParams->GetParam(CParams::USER, &szUser, &cbUser);
  361. pParams->GetParam(CParams::PASS, &szPass, &cbPass);
  364. // If prompting UI is indicated.
  365. if (fContextReq & ISC_REQ_PROMPT_FOR_CREDS)
  366. {
  367. CCredInfo *pInfoIn, *pInfoOut;
  369. // Attempt to get one or more cred infos
  370. pInfoIn = g_pCache->FindCred(pSess, szHost, szRealm,
  371. szUser, NULL, NULL, FIND_CRED_UI);
  373. // Get the persistence key from pSess
  374. szCtx = CSess::GetCtx(pSess);
  375. DIGEST_ASSERT(szCtx);
  377. // If this is prompting for UI specifying md5-sess,
  378. // create a client nonce to associate with cred.
  379. if (pParams->IsMd5Sess())
  380. szCNonce = CDigest::MakeCNonce();
  382. pParams->GetParam(CParams::HOST, &szHost, &cbHost);
  384. // Prompt with authentication dialog.
  385. if (DigestErrorDlg(szCtx, szHost, szRealm,
  386. szUser, szNonce, szCNonce,
  387. pInfoIn, &pInfoOut, pParams->GetHwnd()) == ERROR_SUCCESS)
  388. {
  389. DIGEST_ASSERT(pInfoOut);
  391. // Create the credential.
  392. pCred = g_pCache->CreateCred(pSess, pInfoOut);
  394. // Record that the host is trusted.
  395. if (pSess->fHTTP)
  396. CCredCache::SetTrustedHostInfo(szCtx, pParams);
  398. }
  399. else
  400. {
  401. ssResult = SEC_E_NO_CREDENTIALS;
  402. goto exit;
  403. }
  405. // Retrieve the credentials just created.
  406. pInfo = g_pCache->FindCred(pSess, szHost, szRealm,
  407. pInfoOut->szUser, szNonce, szCNonce, FIND_CRED_AUTH);
  409. // Clean up one or more cred infos.
  410. // BUGBUG - null out pointers after freeing.
  411. while (pInfoIn)
  412. {
  413. CCredInfo *pNext;
  414. pNext = pInfoIn->pNext;
  415. delete pInfoIn;
  416. pInfoIn = pNext;
  417. }
  419. if (pInfoOut)
  420. delete pInfoOut;
  422. if (szCNonce)
  423. delete szCNonce;
  425. if (!pInfo)
  426. {
  427. ssResult = SEC_E_NO_CREDENTIALS;
  428. goto exit;
  429. }
  431. }
  433. // Otherwise we are attempting to authenticate. We may be either
  434. // authenticating in response to a challenge or pre-authenticating.
  435. else
  436. {
  437. // Get the persistence key from pSess
  438. szCtx = CSess::GetCtx(pSess);
  439. DIGEST_ASSERT(szCtx);
  441. // For HTTP sessions we check the trusted host list unless
  442. // 1) credentials are supplied, or 2) a context has been passed
  443. // in which specifically instructs to ignore the host list.
  444. if (pSess->fHTTP && !pParams->IsPreAuth() && !pParams->AreCredsSupplied())
  445. {
  446. if (!phContext || !(phContext->dwUpper & DIGEST_PKG_FLAGS_IGNORE_TRUSTED_HOST_LIST))
  447. {
  448. if (!CCredCache::IsTrustedHost(szCtx, szHost))
  449. {
  450. ssResult = SEC_E_NO_CREDENTIALS;
  451. goto exit;
  452. }
  453. }
  454. }
  456. // If preauthenticating.
  457. if (pParams->IsPreAuth())
  458. {
  459. // If using supplied credentials.
  460. if (pParams->AreCredsSupplied())
  461. {
  462. // Create a cred info using supplied values. Include passed-in NC.
  463. pInfo = new CCredInfo(szHost, szRealm, szUser, szPass, szNonce, szCNonce);
  464. pInfo->cCount = pParams->GetNC();
  466. if (!(pInfo && pInfo->dwStatus == ERROR_SUCCESS))
  467. {
  468. DIGEST_ASSERT(FALSE);
  469. ssResult = SEC_E_INTERNAL_ERROR;
  470. goto exit;
  471. }
  472. }
  473. // Otherwise attempt to find cred info in cache.
  474. else
  475. {
  476. // Attempt to find the credentials from realm and any user.
  477. pInfo = g_pCache->FindCred(pSess, szHost, szRealm,
  478. szUser, NULL, NULL, FIND_CRED_PREAUTH);
  479. }
  481. // Return if no credentials exist.
  482. if (!pInfo)
  483. {
  484. ssResult = SEC_E_NO_CREDENTIALS;
  485. goto exit;
  486. }
  487. }
  488. // Otherwise auth in response to challenge.
  489. else
  490. {
  491. // Check if logoff is requested.
  492. CHAR* szLogoff;
  493. szLogoff = pParams->GetParam(CParams::LOGOFF);
  494. if (szLogoff && !lstrcmpi(szLogoff, "TRUE"))
  495. {
  496. g_pCache->FlushCreds(NULL, szRealm);
  497. ssResult = SEC_E_CONTEXT_EXPIRED;
  498. goto exit;
  499. }
  501. // If a context is passed in examine the stale header unless specifically
  502. // directed not to.
  503. if (pSess->fHTTP
  504. && phContext
  505. && !pParams->AreCredsSupplied()
  506. && !(phContext->dwUpper & DIGEST_PKG_FLAGS_IGNORE_STALE_HEADER))
  507. {
  508. CHAR* szStale;
  509. DWORD cbStale;
  510. pParams->GetParam(CParams::STALE, &szStale, &cbStale);
  511. if (!szStale || !lstrcmpi(szStale, "FALSE"))
  512. {
  513. ssResult = SEC_E_NO_CREDENTIALS;
  514. goto exit;
  515. }
  516. }
  518. // If this is authenticating specifying md5-sess,
  519. // create a client nonce to associate with cred.
  520. if (pParams->IsMd5Sess())
  521. szCNonce = CDigest::MakeCNonce();
  523. // If credentials are supplied, create an entry in
  524. // the credential cache. We search as usual subsequently.
  525. if (pParams->AreCredsSupplied())
  526. {
  527. // Create a cred info using supplied values.
  528. pInfo = new CCredInfo(szHost, szRealm, szUser, szPass, szNonce, szCNonce);
  530. if (!(pInfo && pInfo->dwStatus == ERROR_SUCCESS))
  531. {
  532. DIGEST_ASSERT(FALSE);
  533. ssResult = SEC_E_INTERNAL_ERROR;
  534. goto exit;
  535. }
  537. pCred = g_pCache->CreateCred(pSess, pInfo);
  538. delete pInfo;
  539. }
  541. // Attempt to find the credentials from realm and any user.
  542. pInfo = g_pCache->FindCred(pSess, szHost, szRealm,
  543. szUser, szNonce, szCNonce, FIND_CRED_AUTH);
  545. // Return if no credentials exist.
  546. if (!pInfo)
  547. {
  548. ssResult = SEC_E_NO_CREDENTIALS;
  549. goto exit;
  550. }
  551. }
  552. }
  554. // We should now have the appropriate cred info. Generate the response.
  555. DIGEST_ASSERT(pInfo);
  556. if (CDigest::GenerateResponse(pSess, pParams,
  557. pInfo, pOutput) != ERROR_SUCCESS)
  558. {
  559. DIGEST_ASSERT(FALSE);
  560. ssResult = SEC_E_INTERNAL_ERROR;
  561. goto exit;
  562. }
  564. // Delete cred info if allocated.
  565. // bugbug - move further down.
  566. if (pInfo)
  567. delete pInfo;
  569. ssResult = SEC_E_OK;
  571. exit:
  573. if ((ssResult != SEC_E_OK) &&
  574. (ssResult != SEC_I_CONTINUE_NEEDED))
  575. pOutput->pBuffers[0].cbBuffer = 0;
  577. // BUGBUG - delete pInfo if not NULL.
  578. // Delete persistence key if allocated.
  579. if (szCtx)
  580. delete szCtx;
  582. // Identify the new context.
  583. if (phNewContext && phCredential)
  584. phNewContext->dwLower = phCredential->dwLower;
  586. // Delete the params object.
  587. if (pParams)
  588. delete pParams;
  590. return ssResult;
  591. }
  595. //--------------------------------------------------------------------------
  596. //
  597. // Function: AcceptSecurityContext
  598. //
  599. // Synopsis:
  600. //
  601. // Effects:
  602. //
  603. // Arguments:
  604. //
  605. // Requires:
  606. //
  607. // Returns:
  608. //
  609. // Notes:
  610. //
  611. //
  612. //--------------------------------------------------------------------------
  613. extern "C" SECURITY_STATUS SEC_ENTRY
  614. AcceptSecurityContext(
  615. PCredHandle phCredential, // Cred to base context
  616. PCtxtHandle phContext, // Existing context (OPT)
  617. PSecBufferDesc pInput, // Input buffer
  618. unsigned long fContextReq, // Context Requirements
  619. unsigned long TargetDataRep, // Target Data Rep
  620. PCtxtHandle phNewContext, // (out) New context handle
  621. PSecBufferDesc pOutput, // (inout) Output buffers
  622. unsigned long SEC_FAR * pfContextAttr, // (out) Context attributes
  623. PTimeStamp ptsExpiry // (out) Life span (OPT)
  624. )
  625. {
  626. // BUGBUG - don't need initglobals.
  627. if (!InitGlobals())
  628. return SEC_E_INTERNAL_ERROR;
  630. return(SEC_E_UNSUPPORTED_FUNCTION);
  631. }
  638. //--------------------------------------------------------------------------
  639. //
  640. // Function: DeleteSecurityContext
  641. //
  642. // Synopsis:
  643. //
  644. // Effects:
  645. //
  646. // Arguments:
  647. //
  648. // Requires:
  649. //
  650. // Returns:
  651. //
  652. // Notes:
  653. //
  654. //
  655. //--------------------------------------------------------------------------
  656. extern "C" SECURITY_STATUS SEC_ENTRY
  657. DeleteSecurityContext(
  658. PCtxtHandle phContext // Context to delete
  659. )
  660. {
  661. if (!InitGlobals())
  662. return SEC_E_INTERNAL_ERROR;
  664. return SEC_E_UNSUPPORTED_FUNCTION;
  665. }
  669. //--------------------------------------------------------------------------
  670. //
  671. // Function: ApplyControlToken
  672. //
  673. // Synopsis:
  674. //
  675. // Effects:
  676. //
  677. // Arguments:
  678. //
  679. // Requires:
  680. //
  681. // Returns:
  682. //
  683. // Notes:
  684. //
  685. //
  686. //--------------------------------------------------------------------------
  687. extern "C" SECURITY_STATUS SEC_ENTRY
  688. ApplyControlToken(
  689. PCtxtHandle phContext, // Context to modify
  690. PSecBufferDesc pInput // Input token to apply
  691. )
  692. {
  693. if (!InitGlobals())
  694. return SEC_E_INTERNAL_ERROR;
  696. SECURITY_STATUS ssResult;
  698. // Current flags used are
  699. // DIGEST_PKG_FLAG_IGNORE_TRUSTED_HOST_LIST
  700. // DIGEST_PKG_FLAG_IGNORE_STALE_HEADER
  701. phContext->dwUpper |= *((LPDWORD) (pInput->pBuffers[0].pvBuffer));
  703. ssResult = SEC_E_OK;
  704. return ssResult;
  705. }
  710. //--------------------------------------------------------------------------
  711. //
  712. // Function: EnumerateSecurityPackagesA
  713. //
  714. // Synopsis:
  715. //
  716. // Effects:
  717. //
  718. // Arguments:
  719. //
  720. // Requires:
  721. //
  722. // Returns:
  723. //
  724. // Notes:
  725. //
  726. //
  727. //--------------------------------------------------------------------------
  728. SECURITY_STATUS SEC_ENTRY
  729. EnumerateSecurityPackagesA(DWORD SEC_FAR *pcPackages,
  730. PSecPkgInfoA SEC_FAR *ppSecPkgInfo)
  731. {
  733. SECURITY_STATUS ssResult;
  734. // BUGBUG - ALLOW ASSERTS?
  735. ssResult = QuerySecurityPackageInfoA(PACKAGE_NAME, ppSecPkgInfo);
  736. if (ssResult == SEC_E_OK)
  737. {
  738. *pcPackages = 1;
  739. }
  740. return ssResult;
  741. }
  745. //--------------------------------------------------------------------------
  746. //
  747. // Function: QuerySecurityPackageInfoA
  748. //
  749. // Synopsis:
  750. //
  751. // Effects:
  752. //
  753. // Arguments:
  754. //
  755. // Requires:
  756. //
  757. // Returns:
  758. //
  759. // Notes:
  760. //
  761. //
  762. //--------------------------------------------------------------------------
  763. SECURITY_STATUS SEC_ENTRY
  764. QuerySecurityPackageInfoA(LPSTR szPackageName,
  765. PSecPkgInfoA SEC_FAR *ppSecPkgInfo)
  766. {
  767. // BUGBUG - ALLOW ASSERTS?
  768. PSecPkgInfoA pSecPkgInfo;
  769. DWORD cbSecPkgInfo;
  770. SECURITY_STATUS ssResult;
  771. LPSTR pCur;
  774. if (strcmp(szPackageName, PACKAGE_NAME))
  775. {
  776. ssResult = SEC_E_SECPKG_NOT_FOUND;
  777. goto exit;
  778. }
  780. cbSecPkgInfo = sizeof(SecPkgInfoA)
  781. + sizeof(PACKAGE_NAME)
  782. + sizeof(PACKAGE_COMMENT);
  784. pSecPkgInfo = (PSecPkgInfoA) LocalAlloc(0,cbSecPkgInfo);
  786. if (!pSecPkgInfo)
  787. {
  788. ssResult = SEC_E_INSUFFICIENT_MEMORY;
  789. goto exit;
  790. }
  792. pSecPkgInfo->fCapabilities = PACKAGE_CAPABILITIES;
  793. pSecPkgInfo->wVersion = PACKAGE_VERSION;
  794. pSecPkgInfo->wRPCID = PACKAGE_RPCID;
  795. pSecPkgInfo->cbMaxToken = PACKAGE_MAXTOKEN;
  797. pCur = (LPSTR) (pSecPkgInfo) + sizeof(SecPkgInfoA);
  799. pSecPkgInfo->Name = pCur;
  800. memcpy(pSecPkgInfo->Name, PACKAGE_NAME, sizeof(PACKAGE_NAME));
  801. pCur += sizeof(PACKAGE_NAME);
  803. pSecPkgInfo->Comment = pCur;
  804. memcpy(pSecPkgInfo->Comment, PACKAGE_COMMENT, sizeof(PACKAGE_COMMENT));
  806. *ppSecPkgInfo = pSecPkgInfo;
  808. ssResult = SEC_E_OK;
  810. exit:
  811. return ssResult;
  812. }
  816. //--------------------------------------------------------------------------
  817. //
  818. // Function: FreeContextBuffer
  819. //
  820. // Synopsis:
  821. //
  822. // Effects:
  823. //
  824. // Arguments:
  825. //
  826. // Requires:
  827. //
  828. // Returns:
  829. //
  830. // Notes:
  831. //
  832. //
  833. //--------------------------------------------------------------------------
  834. extern "C" SECURITY_STATUS SEC_ENTRY
  835. FreeContextBuffer(void SEC_FAR *pvContextBuffer)
  836. {
  837. if (!InitGlobals())
  838. return SEC_E_INTERNAL_ERROR;
  840. LocalFree(pvContextBuffer);
  841. return SEC_E_OK;
  842. }
  846. //--------------------------------------------------------------------------
  847. //
  848. // Function: CompleteAuthToken
  849. //
  850. // Synopsis:
  851. //
  852. // Effects:
  853. //
  854. // Arguments:
  855. //
  856. // Requires:
  857. //
  858. // Returns:
  859. //
  860. // Notes:
  861. //
  862. //
  863. //--------------------------------------------------------------------------
  864. extern "C" SECURITY_STATUS SEC_ENTRY
  865. CompleteAuthToken(
  866. PCtxtHandle phContext, // Context to complete
  867. PSecBufferDesc pToken // Token to complete
  868. )
  869. {
  870. if (!InitGlobals())
  871. return SEC_E_INTERNAL_ERROR;
  873. return SEC_E_UNSUPPORTED_FUNCTION;
  874. }
  878. //--------------------------------------------------------------------------
  879. //
  880. // Function: ImpersonateSecurityContext
  881. //
  882. // Synopsis:
  883. //
  884. // Effects:
  885. //
  886. // Arguments:
  887. //
  888. // Requires:
  889. //
  890. // Returns:
  891. //
  892. // Notes:
  893. //
  894. //
  895. //--------------------------------------------------------------------------
  896. extern "C" SECURITY_STATUS SEC_ENTRY
  897. ImpersonateSecurityContext(
  898. PCtxtHandle phContext // Context to impersonate
  899. )
  900. {
  901. if (!InitGlobals())
  902. return SEC_E_INTERNAL_ERROR;
  904. return SEC_E_UNSUPPORTED_FUNCTION;
  905. }
  909. //--------------------------------------------------------------------------
  910. //
  911. // Function: RevertSecurityContext
  912. //
  913. // Synopsis:
  914. //
  915. // Effects:
  916. //
  917. // Arguments:
  918. //
  919. // Requires:
  920. //
  921. // Returns:
  922. //
  923. // Notes:
  924. //
  925. //
  926. //--------------------------------------------------------------------------
  927. extern "C" SECURITY_STATUS SEC_ENTRY
  928. RevertSecurityContext(
  929. PCtxtHandle phContext // Context from which to re
  930. )
  931. {
  932. if (!InitGlobals())
  933. return SEC_E_INTERNAL_ERROR;
  935. return SEC_E_UNSUPPORTED_FUNCTION;
  936. }
  939. //--------------------------------------------------------------------------
  940. //
  941. // Function: QueryContextAttributesA
  942. //
  943. // Synopsis:
  944. //
  945. // Effects:
  946. //
  947. // Arguments:
  948. //
  949. // Requires:
  950. //
  951. // Returns:
  952. //
  953. // Notes:
  954. //
  955. //
  956. //--------------------------------------------------------------------------
  957. extern "C" SECURITY_STATUS SEC_ENTRY
  958. QueryContextAttributesA(
  959. PCtxtHandle phContext, // Context to query
  960. unsigned long ulAttribute, // Attribute to query
  961. void SEC_FAR * pBuffer // Buffer for attributes
  962. )
  963. {
  964. if (!InitGlobals())
  965. return SEC_E_INTERNAL_ERROR;
  967. return SEC_E_UNSUPPORTED_FUNCTION;
  968. }
  971. //--------------------------------------------------------------------------
  972. //
  973. // Function: MakeSignature
  974. //
  975. // Synopsis:
  976. //
  977. // Effects:
  978. //
  979. // Arguments: [phContext] -- context to use
  980. // [fQOP] -- quality of protection to use
  981. // [pMessage] -- message
  982. // [MessageSeqNo] -- sequence number of message
  983. //
  984. // Requires:
  985. //
  986. // Returns:
  987. //
  988. // Notes:
  989. //
  990. //--------------------------------------------------------------------------
  991. extern "C" SECURITY_STATUS SEC_ENTRY
  992. MakeSignature( PCtxtHandle phContext,
  993. ULONG fQOP,
  994. PSecBufferDesc pMessage,
  995. ULONG MessageSeqNo)
  996. {
  997. if (!InitGlobals())
  998. return SEC_E_INTERNAL_ERROR;
  1000. return SEC_E_UNSUPPORTED_FUNCTION;
  1001. }
  1004. //--------------------------------------------------------------------------
  1005. //
  1006. // Function: VerifySignature
  1007. //
  1008. // Synopsis:
  1009. //
  1010. // Effects:
  1011. //
  1012. // Arguments: [phContext] -- Context performing the unseal
  1013. // [pMessage] -- Message to verify
  1014. // [MessageSeqNo] -- Sequence number of this message
  1015. // [pfQOPUsed] -- quality of protection used
  1016. //
  1017. // Requires:
  1018. //
  1019. // Returns:
  1020. //
  1021. // Notes:
  1022. //
  1023. //--------------------------------------------------------------------------
  1024. extern "C" SECURITY_STATUS SEC_ENTRY
  1025. VerifySignature(PCtxtHandle phContext,
  1026. PSecBufferDesc pMessage,
  1027. ULONG MessageSeqNo,
  1028. ULONG * pfQOP)
  1029. {
  1030. if (!InitGlobals())
  1031. return SEC_E_INTERNAL_ERROR;
  1033. return SEC_E_UNSUPPORTED_FUNCTION;
  1034. }