archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/protocols/kerberos/utest/kernel/kerbktst.c

1046 lines
25 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*--
  3. Copyright (c) 1987-1993 Microsoft Corporation
  5. Module Name:
  7. ssptest.c
  9. Abstract:
  11. Test program for the NtLmSsp service.
  13. Author:
  15. 28-Jun-1993 (cliffv)
  17. Environment:
  19. User mode only.
  20. Contains NT-specific code.
  21. Requires ANSI C extensions: slash-slash comments, long external names.
  23. Revision History:
  25. --*/
  27. #ifndef UNICODE
  28. #define UNICODE
  29. #endif // UNICODE
  31. #include <ntos.h>
  32. #include <ntlsa.h>
  33. #include <ntsam.h>
  34. #ifndef SECURITY_WIN32
  35. #define SECURITY_WIN32
  36. #endif // SECURITY_WIN32
  37. #define SECURITY_KERNEL
  38. #define SECURITY_PACKAGE
  39. #define SECURITY_KERBEROS
  40. #include <security.h>
  41. #include <zwapi.h>
  43. BOOLEAN QuietMode = FALSE;
  44. ULONG DoTests = FALSE;
  47. VOID
  48. DumpBuffer(
  49. PVOID Buffer,
  50. DWORD BufferSize
  51. )
  52. /*++
  54. Routine Description:
  56. Dumps the buffer content on to the debugger output.
  58. Arguments:
  60. Buffer: buffer pointer.
  62. BufferSize: size of the buffer.
  64. Return Value:
  66. none
  68. --*/
  69. {
  70. #define NUM_CHARS 16
  72. DWORD i, limit;
  73. CHAR TextBuffer[NUM_CHARS + 1];
  74. PUCHAR BufferPtr = Buffer;
  77. DbgPrint("------------------------------------\n");
  79. //
  80. // Hex dump of the bytes
  81. //
  82. limit = ((BufferSize - 1) / NUM_CHARS + 1) * NUM_CHARS;
  84. for (i = 0; i < limit; i++) {
  86. if (i < BufferSize) {
  88. DbgPrint("%02x ", BufferPtr[i]);
  90. if (BufferPtr[i] < 31 ) {
  91. TextBuffer[i % NUM_CHARS] = '.';
  92. } else if (BufferPtr[i] == '\0') {
  93. TextBuffer[i % NUM_CHARS] = ' ';
  94. } else {
  95. TextBuffer[i % NUM_CHARS] = (CHAR) BufferPtr[i];
  96. }
  98. } else {
  100. DbgPrint(" ");
  101. TextBuffer[i % NUM_CHARS] = ' ';
  103. }
  105. if ((i + 1) % NUM_CHARS == 0) {
  106. TextBuffer[NUM_CHARS] = 0;
  107. DbgPrint(" %s\n", TextBuffer);
  108. }
  110. }
  112. DbgPrint("------------------------------------\n");
  113. }
  116. VOID
  117. PrintTime(
  118. LPSTR Comment,
  119. TimeStamp ConvertTime
  120. )
  121. /*++
  123. Routine Description:
  125. Print the specified time
  127. Arguments:
  129. Comment - Comment to print in front of the time
  131. Time - Local time to print
  133. Return Value:
  135. None
  137. --*/
  138. {
  139. LARGE_INTEGER LocalTime;
  141. LocalTime.HighPart = ConvertTime.HighPart;
  142. LocalTime.LowPart = ConvertTime.LowPart;
  144. DbgPrint( "%s", Comment );
  146. //
  147. // If the time is infinite,
  148. // just say so.
  149. //
  151. if ( LocalTime.HighPart == 0x7FFFFFFF && LocalTime.LowPart == 0xFFFFFFFF ) {
  152. DbgPrint( "Infinite\n" );
  154. //
  155. // Otherwise print it more clearly
  156. //
  158. } else {
  160. TIME_FIELDS TimeFields;
  162. RtlTimeToTimeFields( &LocalTime, &TimeFields );
  164. DbgPrint( "%ld/%ld/%ld %ld:%2.2ld:%2.2ld\n",
  165. TimeFields.Month,
  166. TimeFields.Day,
  167. TimeFields.Year,
  168. TimeFields.Hour,
  169. TimeFields.Minute,
  170. TimeFields.Second );
  171. }
  173. }
  175. VOID
  176. PrintStatus(
  177. ULONG NetStatus
  178. )
  179. /*++
  181. Routine Description:
  183. Print a net status code.
  185. Arguments:
  187. NetStatus - The net status code to print.
  189. Return Value:
  191. None
  193. --*/
  194. {
  195. DbgPrint( "Status = %lu 0x%lx", NetStatus, NetStatus );
  197. switch (NetStatus) {
  199. case SEC_E_NO_SPM:
  200. DbgPrint( " SEC_E_NO_SPM" );
  201. break;
  202. case SEC_E_BAD_PKGID:
  203. DbgPrint( " SEC_E_BAD_PKGID" ); break;
  204. case SEC_E_NOT_OWNER:
  205. DbgPrint( " SEC_E_NOT_OWNER" ); break;
  206. case SEC_E_CANNOT_INSTALL:
  207. DbgPrint( " SEC_E_CANNOT_INSTALL" ); break;
  208. case SEC_E_INVALID_TOKEN:
  209. DbgPrint( " SEC_E_INVALID_TOKEN" ); break;
  210. case SEC_E_CANNOT_PACK:
  211. DbgPrint( " SEC_E_CANNOT_PACK" ); break;
  212. case SEC_E_QOP_NOT_SUPPORTED:
  213. DbgPrint( " SEC_E_QOP_NOT_SUPPORTED" ); break;
  214. case SEC_E_NO_IMPERSONATION:
  215. DbgPrint( " SEC_E_NO_IMPERSONATION" ); break;
  216. case SEC_E_LOGON_DENIED:
  217. DbgPrint( " SEC_E_LOGON_DENIED" ); break;
  218. case SEC_E_UNKNOWN_CREDENTIALS:
  219. DbgPrint( " SEC_E_UNKNOWN_CREDENTIALS" ); break;
  220. case SEC_E_NO_CREDENTIALS:
  221. DbgPrint( " SEC_E_NO_CREDENTIALS" ); break;
  222. case SEC_E_MESSAGE_ALTERED:
  223. DbgPrint( " SEC_E_MESSAGE_ALTERED" ); break;
  224. case SEC_E_OUT_OF_SEQUENCE:
  225. DbgPrint( " SEC_E_OUT_OF_SEQUENCE" ); break;
  226. case SEC_E_INSUFFICIENT_MEMORY:
  227. DbgPrint( " SEC_E_INSUFFICIENT_MEMORY" ); break;
  228. case SEC_E_INVALID_HANDLE:
  229. DbgPrint( " SEC_E_INVALID_HANDLE" ); break;
  230. case SEC_E_NOT_SUPPORTED:
  231. DbgPrint( " SEC_E_NOT_SUPPORTED" ); break;
  234. }
  236. DbgPrint( "\n" );
  237. }
  239. //+-------------------------------------------------------------------------
  240. //
  241. // Function: SecAllocate
  242. //
  243. // Synopsis:
  244. //
  245. // Effects:
  246. //
  247. // Arguments:
  248. //
  249. // Requires:
  250. //
  251. // Returns:
  252. //
  253. // Notes:
  254. //
  255. //
  256. //--------------------------------------------------------------------------
  259. VOID * SEC_ENTRY
  260. SspAlloc(ULONG Flags, ULONG cbMemory)
  261. {
  262. NTSTATUS scRet;
  263. PVOID Buffer = NULL;
  264. scRet = ZwAllocateVirtualMemory(
  265. NtCurrentProcess(),
  266. &Buffer,
  267. 0L,
  268. &cbMemory,
  269. MEM_COMMIT,
  270. PAGE_READWRITE
  271. );
  272. if (!NT_SUCCESS(scRet))
  273. {
  274. return(NULL);
  275. }
  276. return(Buffer);
  277. UNREFERENCED_PARAMETER(Flags);
  278. }
  282. //+-------------------------------------------------------------------------
  283. //
  284. // Function: SecFree
  285. //
  286. // Synopsis:
  287. //
  288. // Effects:
  289. //
  290. // Arguments:
  291. //
  292. // Requires:
  293. //
  294. // Returns:
  295. //
  296. // Notes:
  297. //
  298. //
  299. //--------------------------------------------------------------------------
  302. void SEC_ENTRY
  303. SspFree(PVOID pvMemory)
  304. {
  305. ULONG Length = 0;
  307. (VOID) ZwFreeVirtualMemory(
  308. NtCurrentProcess(),
  309. &pvMemory,
  310. &Length,
  311. MEM_RELEASE
  312. );
  313. }
  318. VOID
  319. TestSspRoutine(
  320. )
  321. /*++
  323. Routine Description:
  325. Test base SSP functionality
  327. Arguments:
  329. None
  331. Return Value:
  333. None
  335. --*/
  336. {
  337. SECURITY_STATUS SecStatus;
  338. SECURITY_STATUS AcceptStatus;
  339. SECURITY_STATUS InitStatus;
  340. CredHandle ServerCredHandle;
  341. CredHandle ClientCredentialHandle;
  342. CtxtHandle ClientContextHandle;
  343. CtxtHandle ServerContextHandle;
  344. TimeStamp Lifetime;
  345. ULONG ContextAttributes;
  346. ULONG PackageCount, Index;
  347. PSecPkgInfo PackageInfo = NULL;
  348. HANDLE Token = NULL;
  349. static int Calls;
  350. ULONG ClientFlags;
  351. ULONG ServerFlags;
  352. LPWSTR DomainName = NULL;
  353. LPWSTR UserName = NULL;
  354. LPWSTR TargetName = NULL;
  355. UNICODE_STRING TargetString;
  356. UNICODE_STRING PackageName;
  359. SecBufferDesc NegotiateDesc;
  360. SecBuffer NegotiateBuffer;
  362. SecBufferDesc ChallengeDesc;
  363. SecBuffer ChallengeBuffer;
  365. SecBufferDesc AuthenticateDesc;
  366. SecBuffer AuthenticateBuffer;
  368. SecPkgContext_Sizes ContextSizes;
  369. SecPkgContext_Names ContextNames;
  370. SecPkgContext_Lifespan ContextLifespan;
  371. PSecPkgCredentials_Names CredNames;
  373. SecBufferDesc SignMessage;
  374. SecBuffer SigBuffers[2];
  375. UCHAR bDataBuffer[20];
  376. UCHAR bSigBuffer[100];
  378. //
  379. // Allow tests to be disabled
  380. //
  383. if (!DoTests)
  384. {
  385. return;
  386. }
  388. NegotiateBuffer.pvBuffer = NULL;
  389. ChallengeBuffer.pvBuffer = NULL;
  390. AuthenticateBuffer.pvBuffer = NULL;
  392. SigBuffers[1].pvBuffer = bSigBuffer;
  393. SigBuffers[1].cbBuffer = sizeof(bSigBuffer);
  394. SigBuffers[1].BufferType = SECBUFFER_TOKEN;
  396. SigBuffers[0].pvBuffer = bDataBuffer;
  397. SigBuffers[0].cbBuffer = sizeof(bDataBuffer);
  398. SigBuffers[0].BufferType = SECBUFFER_DATA;
  399. memset(bDataBuffer,0xeb,sizeof(bDataBuffer));
  401. SignMessage.pBuffers = SigBuffers;
  402. SignMessage.cBuffers = 2;
  403. SignMessage.ulVersion = 0;
  405. DomainName = L"makalu";
  406. UserName = L"mikesw";
  409. PackageName.Buffer = (LPWSTR) SspAlloc(0,100);
  410. if (PackageName.Buffer == NULL)
  411. {
  412. return;
  413. }
  415. wcscpy(
  416. PackageName.Buffer,
  417. L"Kerberos"
  418. );
  419. RtlInitUnicodeString(
  420. &PackageName,
  421. PackageName.Buffer
  422. );
  423. //
  424. // Get info about the security packages.
  425. //
  427. SecStatus = EnumerateSecurityPackages( &PackageCount, &PackageInfo );
  429. if ( SecStatus != STATUS_SUCCESS ) {
  430. DbgPrint( "EnumerateSecurityPackages failed:" );
  431. PrintStatus( SecStatus );
  432. return;
  433. }
  435. DbgPrint( "PackageCount: %ld\n", PackageCount );
  436. for (Index = 0; Index < PackageCount ; Index++ )
  437. {
  438. DbgPrint( "Package %d:\n",Index);
  439. DbgPrint( "Name: %ws Comment: %ws\n", PackageInfo[Index].Name, PackageInfo[Index].Comment );
  440. DbgPrint( "Cap: %ld Version: %ld RPCid: %ld MaxToken: %ld\n\n",
  441. PackageInfo[Index].fCapabilities,
  442. PackageInfo[Index].wVersion,
  443. PackageInfo[Index].wRPCID,
  444. PackageInfo[Index].cbMaxToken );
  447. }
  450. #ifdef notdef
  451. //
  452. // Get info about the security packages.
  453. //
  455. SecStatus = QuerySecurityPackageInfo( &PackageName, &PackageInfo );
  457. if ( SecStatus != STATUS_SUCCESS ) {
  458. DbgPrint( "QuerySecurityPackageInfo failed:" );
  459. PrintStatus( SecStatus );
  460. return;
  461. }
  463. if ( !QuietMode ) {
  464. DbgPrint( "Name: %ws Comment: %ws\n", PackageInfo->Name, PackageInfo->Comment );
  465. DbgPrint( "Cap: %ld Version: %ld RPCid: %ld MaxToken: %ld\n\n",
  466. PackageInfo->fCapabilities,
  467. PackageInfo->wVersion,
  468. PackageInfo->wRPCID,
  469. PackageInfo->cbMaxToken );
  470. }
  472. FreeContextBuffer(PackageInfo);
  473. #endif
  475. //
  476. // Acquire a credential handle for the server side
  477. //
  479. SecStatus = AcquireCredentialsHandle(
  480. NULL, // New principal
  481. &PackageName, // Package Name
  482. SECPKG_CRED_INBOUND,
  483. NULL,
  484. NULL,
  485. NULL,
  486. NULL,
  487. &ServerCredHandle,
  488. &Lifetime );
  490. if ( SecStatus != STATUS_SUCCESS ) {
  491. DbgPrint( "AcquireCredentialsHandle failed: ");
  492. PrintStatus( SecStatus );
  493. return;
  494. }
  496. if ( !QuietMode ) {
  497. DbgPrint( "ServerCredHandle: 0x%lx 0x%lx ",
  498. ServerCredHandle.dwLower, ServerCredHandle.dwUpper );
  499. PrintTime( "Lifetime: ", Lifetime );
  500. }
  504. //
  505. // Acquire a credential handle for the client side
  506. //
  510. SecStatus = AcquireCredentialsHandle(
  511. NULL, // New principal
  512. &PackageName, // Package Name
  513. SECPKG_CRED_OUTBOUND,
  514. NULL,
  515. NULL,
  516. NULL,
  517. NULL,
  518. &ClientCredentialHandle,
  519. &Lifetime );
  521. if ( SecStatus != STATUS_SUCCESS ) {
  522. DbgPrint( "AcquireCredentialsHandle failed: " );
  523. PrintStatus( SecStatus );
  524. return;
  525. }
  528. if ( !QuietMode ) {
  529. DbgPrint( "ClientCredentialHandle: 0x%lx 0x%lx ",
  530. ClientCredentialHandle.dwLower, ClientCredentialHandle.dwUpper );
  531. PrintTime( "Lifetime: ", Lifetime );
  532. }
  536. //
  537. // Query some cred attributes
  538. //
  540. CredNames = SspAlloc(0, sizeof(*CredNames));
  541. if (CredNames == NULL)
  542. {
  543. DbgPrint("Failed to allocate CredNames\n");
  544. return;
  545. }
  547. SecStatus = QueryCredentialsAttributes(
  548. &ClientCredentialHandle,
  549. SECPKG_CRED_ATTR_NAMES,
  550. CredNames );
  552. if ( SecStatus != STATUS_SUCCESS ) {
  553. DbgPrint( "QueryCredentialsAttributes (Client) (names): " );
  554. PrintStatus( SecStatus );
  555. if ( !NT_SUCCESS(SecStatus) ) {
  556. return;
  557. }
  558. }
  560. DbgPrint("Client credential names: %ws\n",CredNames->sUserName);
  561. FreeContextBuffer(CredNames->sUserName);
  563. //
  564. // Do the same for the client
  565. //
  567. SecStatus = QueryCredentialsAttributes(
  568. &ServerCredHandle,
  569. SECPKG_CRED_ATTR_NAMES,
  570. CredNames );
  572. if ( SecStatus != STATUS_SUCCESS ) {
  573. DbgPrint( "QueryCredentialsAttributes (Server) (names): " );
  574. PrintStatus( SecStatus );
  575. if ( !NT_SUCCESS(SecStatus) ) {
  576. return;
  577. }
  578. }
  580. DbgPrint("Server credential names: %ws\n",CredNames->sUserName);
  581. FreeContextBuffer(CredNames->sUserName);
  583. SspFree(CredNames);
  585. //
  586. // Get the NegotiateMessage (ClientSide)
  587. //
  589. NegotiateDesc.ulVersion = 0;
  590. NegotiateDesc.cBuffers = 1;
  591. NegotiateDesc.pBuffers = &NegotiateBuffer;
  593. NegotiateBuffer.cbBuffer = PackageInfo->cbMaxToken;
  594. NegotiateBuffer.BufferType = SECBUFFER_TOKEN;
  595. NegotiateBuffer.pvBuffer = SspAlloc( 0, NegotiateBuffer.cbBuffer );
  596. if ( NegotiateBuffer.pvBuffer == NULL ) {
  597. DbgPrint( "Allocate NegotiateMessage failed\n" );
  598. return;
  599. }
  601. ClientFlags = ISC_REQ_SEQUENCE_DETECT | ISC_REQ_MUTUAL_AUTH; // | ISC_REQ_USE_DCE_STYLE | ISC_REQ_DATAGRAM; // | ISC_REQ_DELEGATE;
  603. TargetName = (LPWSTR) SspAlloc(0,100);
  604. if (TargetName == NULL)
  605. {
  606. return;
  607. }
  609. wcscpy(
  610. TargetName,
  611. DomainName
  612. );
  613. wcscat(
  614. TargetName,
  615. L"\\"
  616. );
  617. wcscat(
  618. TargetName,
  619. UserName
  620. );
  622. RtlInitUnicodeString(
  623. &TargetString,
  624. TargetName
  625. );
  627. InitStatus = InitializeSecurityContext(
  628. &ClientCredentialHandle,
  629. NULL, // No Client context yet
  630. &TargetString, // Faked target name
  631. ClientFlags,
  632. 0, // Reserved 1
  633. SECURITY_NATIVE_DREP,
  634. NULL, // No initial input token
  635. 0, // Reserved 2
  636. &ClientContextHandle,
  637. &NegotiateDesc,
  638. &ContextAttributes,
  639. &Lifetime );
  641. if ( InitStatus != STATUS_SUCCESS ) {
  642. if ( !QuietMode || !NT_SUCCESS(InitStatus) ) {
  643. DbgPrint( "InitializeSecurityContext (negotiate): " );
  644. PrintStatus( InitStatus );
  645. }
  646. if ( !NT_SUCCESS(InitStatus) ) {
  647. return;
  648. }
  649. }
  651. if ( !QuietMode ) {
  652. DbgPrint( "\n\nNegotiate Message:\n" );
  654. DbgPrint( "ClientContextHandle: 0x%lx 0x%lx Attributes: 0x%lx ",
  655. ClientContextHandle.dwLower, ClientContextHandle.dwUpper,
  656. ContextAttributes );
  657. PrintTime( "Lifetime: ", Lifetime );
  659. // DumpBuffer( NegotiateBuffer.pvBuffer, NegotiateBuffer.cbBuffer );
  660. }
  667. //
  668. // Get the ChallengeMessage (ServerSide)
  669. //
  671. NegotiateBuffer.BufferType |= SECBUFFER_READONLY;
  672. ChallengeDesc.ulVersion = 0;
  673. ChallengeDesc.cBuffers = 1;
  674. ChallengeDesc.pBuffers = &ChallengeBuffer;
  676. ChallengeBuffer.cbBuffer = PackageInfo->cbMaxToken;
  677. ChallengeBuffer.BufferType = SECBUFFER_TOKEN;
  678. ChallengeBuffer.pvBuffer = SspAlloc( 0, ChallengeBuffer.cbBuffer );
  679. if ( ChallengeBuffer.pvBuffer == NULL ) {
  680. DbgPrint( "Allocate ChallengeMessage failed\n");
  681. return;
  682. }
  683. ServerFlags = 0;
  685. AcceptStatus = AcceptSecurityContext(
  686. &ServerCredHandle,
  687. NULL, // No Server context yet
  688. &NegotiateDesc,
  689. ServerFlags,
  690. SECURITY_NATIVE_DREP,
  691. &ServerContextHandle,
  692. &ChallengeDesc,
  693. &ContextAttributes,
  694. &Lifetime );
  696. if ( AcceptStatus != STATUS_SUCCESS ) {
  697. if ( !QuietMode || !NT_SUCCESS(AcceptStatus) ) {
  698. DbgPrint( "AcceptSecurityContext (Challenge): " );
  699. PrintStatus( AcceptStatus );
  700. }
  701. if ( !NT_SUCCESS(AcceptStatus) ) {
  702. return;
  703. }
  704. }
  706. if ( !QuietMode ) {
  707. DbgPrint( "\n\nChallenge Message:\n" );
  709. DbgPrint( "ServerContextHandle: 0x%lx 0x%lx Attributes: 0x%lx ",
  710. ServerContextHandle.dwLower, ServerContextHandle.dwUpper,
  711. ContextAttributes );
  712. PrintTime( "Lifetime: ", Lifetime );
  714. // DumpBuffer( ChallengeBuffer.pvBuffer, ChallengeBuffer.cbBuffer );
  715. }
  720. if (InitStatus != STATUS_SUCCESS)
  721. {
  723. //
  724. // Get the AuthenticateMessage (ClientSide)
  725. //
  727. ChallengeBuffer.BufferType |= SECBUFFER_READONLY;
  728. AuthenticateDesc.ulVersion = 0;
  729. AuthenticateDesc.cBuffers = 1;
  730. AuthenticateDesc.pBuffers = &AuthenticateBuffer;
  732. AuthenticateBuffer.cbBuffer = PackageInfo->cbMaxToken;
  733. AuthenticateBuffer.BufferType = SECBUFFER_TOKEN;
  734. AuthenticateBuffer.pvBuffer = SspAlloc( 0, AuthenticateBuffer.cbBuffer );
  735. if ( AuthenticateBuffer.pvBuffer == NULL ) {
  736. DbgPrint( "Allocate AuthenticateMessage failed: \n" );
  737. return;
  738. }
  740. SecStatus = InitializeSecurityContext(
  741. NULL,
  742. &ClientContextHandle,
  743. NULL,
  744. 0,
  745. 0, // Reserved 1
  746. SECURITY_NATIVE_DREP,
  747. &ChallengeDesc,
  748. 0, // Reserved 2
  749. &ClientContextHandle,
  750. &AuthenticateDesc,
  751. &ContextAttributes,
  752. &Lifetime );
  754. if ( SecStatus != STATUS_SUCCESS ) {
  755. DbgPrint( "InitializeSecurityContext (Authenticate): " );
  756. PrintStatus( SecStatus );
  757. if ( !NT_SUCCESS(SecStatus) ) {
  758. return;
  759. }
  760. }
  762. if ( !QuietMode ) {
  763. DbgPrint( "\n\nAuthenticate Message:\n" );
  765. DbgPrint( "ClientContextHandle: 0x%lx 0x%lx Attributes: 0x%lx ",
  766. ClientContextHandle.dwLower, ClientContextHandle.dwUpper,
  767. ContextAttributes );
  768. PrintTime( "Lifetime: ", Lifetime );
  770. // DumpBuffer( AuthenticateBuffer.pvBuffer, AuthenticateBuffer.cbBuffer );
  771. }
  773. if (AcceptStatus != STATUS_SUCCESS)
  774. {
  776. //
  777. // Finally authenticate the user (ServerSide)
  778. //
  780. AuthenticateBuffer.BufferType |= SECBUFFER_READONLY;
  782. SecStatus = AcceptSecurityContext(
  783. NULL,
  784. &ServerContextHandle,
  785. &AuthenticateDesc,
  786. 0,
  787. SECURITY_NATIVE_DREP,
  788. &ServerContextHandle,
  789. NULL,
  790. &ContextAttributes,
  791. &Lifetime );
  793. if ( SecStatus != STATUS_SUCCESS ) {
  794. DbgPrint( "AcceptSecurityContext (Challenge): " );
  795. PrintStatus( SecStatus );
  796. if ( !NT_SUCCESS(SecStatus) ) {
  797. return;
  798. }
  799. }
  801. if ( !QuietMode ) {
  802. DbgPrint( "\n\nFinal Authentication:\n" );
  804. DbgPrint( "ServerContextHandle: 0x%lx 0x%lx Attributes: 0x%lx ",
  805. ServerContextHandle.dwLower, ServerContextHandle.dwUpper,
  806. ContextAttributes );
  807. PrintTime( "Lifetime: ", Lifetime );
  808. DbgPrint(" \n" );
  809. }
  810. }
  812. }
  816. SecStatus = QueryContextAttributes(
  817. &ServerContextHandle,
  818. SECPKG_ATTR_NAMES,
  819. &ContextNames );
  821. if ( SecStatus != STATUS_SUCCESS ) {
  822. DbgPrint( "QueryContextAttributes (Server) (names): " );
  823. PrintStatus( SecStatus );
  824. if ( !NT_SUCCESS(SecStatus) ) {
  825. return;
  826. }
  827. }
  829. DbgPrint("Server Context names: %ws\n",ContextNames.sUserName);
  830. FreeContextBuffer(ContextNames.sUserName);
  833. //
  834. // Impersonate the client (ServerSide)
  835. //
  837. SecStatus = ImpersonateSecurityContext( &ServerContextHandle );
  839. if ( SecStatus != STATUS_SUCCESS ) {
  840. DbgPrint( "ImpersonateSecurityContext: " );
  841. PrintStatus( SecStatus );
  842. if ( !NT_SUCCESS(SecStatus) ) {
  843. return;
  844. }
  845. }
  846. SecStatus = RevertSecurityContext( &ServerContextHandle );
  848. if ( SecStatus != STATUS_SUCCESS ) {
  849. DbgPrint( "RevertSecurityContext: " );
  850. PrintStatus( SecStatus );
  851. if ( !NT_SUCCESS(SecStatus) ) {
  852. return;
  853. }
  854. }
  856. #ifdef notdef
  857. //
  858. // Impersonate the client manually
  859. //
  861. SecStatus = QuerySecurityContextToken( &ServerContextHandle,&Token );
  862. if ( SecStatus != STATUS_SUCCESS ) {
  863. DbgPrint( "ImpersonateSecurityContext: " );
  864. PrintStatus( SecStatus );
  865. if ( !NT_SUCCESS(SecStatus) ) {
  866. return;
  867. }
  868. }
  870. NtClose(Token);
  872. #endif
  873. #ifdef notdef
  874. //
  875. // Sign a message
  876. //
  878. SecStatus = MakeSignature(
  879. &ClientContextHandle,
  880. 0,
  881. &SignMessage,
  882. 0 );
  884. if ( SecStatus != STATUS_SUCCESS ) {
  885. DbgPrint( "MakeSignature: " );
  886. PrintStatus( SecStatus );
  887. if ( !NT_SUCCESS(SecStatus) ) {
  888. return;
  889. }
  890. }
  892. if ( !QuietMode ) {
  894. DbgPrint("\n Signature: \n");
  895. // DumpBuffer(SigBuffers[1].pvBuffer,SigBuffers[1].cbBuffer);
  897. }
  900. //
  901. // Verify the signature
  902. //
  904. SecStatus = VerifySignature(
  905. &ServerContextHandle,
  906. &SignMessage,
  907. 0,
  908. 0 );
  910. if ( SecStatus != STATUS_SUCCESS ) {
  911. DbgPrint( "VerifySignature: " );
  912. PrintStatus( SecStatus );
  913. if ( !NT_SUCCESS(SecStatus) ) {
  914. return;
  915. }
  916. }
  920. //
  921. // Sign a message, this time to check if it can detect a change in the
  922. // message
  923. //
  925. SecStatus = MakeSignature(
  926. &ClientContextHandle,
  927. 0,
  928. &SignMessage,
  929. 0 );
  931. if ( SecStatus != STATUS_SUCCESS ) {
  932. DbgPrint( "MakeSignature: " );
  933. PrintStatus( SecStatus );
  934. if ( !NT_SUCCESS(SecStatus) ) {
  935. return;
  936. }
  937. }
  939. if ( !QuietMode ) {
  941. DbgPrint("\n Signature: \n");
  942. // DumpBuffer(SigBuffers[1].pvBuffer,SigBuffers[1].cbBuffer);
  944. }
  946. //
  947. // Mess up the message to see if VerifySignature works
  948. //
  950. bDataBuffer[10] = 0xec;
  952. //
  953. // Verify the signature
  954. //
  956. SecStatus = VerifySignature(
  957. &ServerContextHandle,
  958. &SignMessage,
  959. 0,
  960. 0 );
  962. if ( SecStatus != SEC_E_MESSAGE_ALTERED ) {
  963. DbgPrint( "VerifySignature: " );
  964. PrintStatus( SecStatus );
  965. if ( !NT_SUCCESS(SecStatus) ) {
  966. return;
  967. }
  968. }
  969. #endif
  971. //
  972. // Delete both contexts.
  973. //
  976. SecStatus = DeleteSecurityContext( &ClientContextHandle );
  978. if ( SecStatus != STATUS_SUCCESS ) {
  979. DbgPrint( "DeleteSecurityContext failed: " );
  980. PrintStatus( SecStatus );
  981. return;
  982. }
  984. SecStatus = DeleteSecurityContext( &ServerContextHandle );
  986. if ( SecStatus != STATUS_SUCCESS ) {
  987. DbgPrint( "DeleteSecurityContext failed: " );
  988. PrintStatus( SecStatus );
  989. return;
  990. }
  994. //
  995. // Free both credential handles
  996. //
  998. SecStatus = FreeCredentialsHandle( &ServerCredHandle );
  1000. if ( SecStatus != STATUS_SUCCESS ) {
  1001. DbgPrint( "FreeCredentialsHandle failed: " );
  1002. PrintStatus( SecStatus );
  1003. return;
  1004. }
  1006. SecStatus = FreeCredentialsHandle( &ClientCredentialHandle );
  1008. if ( SecStatus != STATUS_SUCCESS ) {
  1009. DbgPrint( "FreeCredentialsHandle failed: " );
  1010. PrintStatus( SecStatus );
  1011. return;
  1012. }
  1015. //
  1016. // Final Cleanup
  1017. //
  1019. if (PackageInfo != NULL)
  1020. {
  1021. FreeContextBuffer(PackageInfo);
  1022. }
  1024. if (PackageName.Buffer != NULL)
  1025. {
  1026. SspFree(PackageName.Buffer);
  1027. }
  1028. if ( NegotiateBuffer.pvBuffer != NULL ) {
  1029. (VOID) SspFree( NegotiateBuffer.pvBuffer );
  1030. }
  1032. if ( ChallengeBuffer.pvBuffer != NULL ) {
  1033. (VOID) SspFree( ChallengeBuffer.pvBuffer );
  1034. }
  1036. if ( AuthenticateBuffer.pvBuffer != NULL ) {
  1037. (VOID) SspFree( AuthenticateBuffer.pvBuffer );
  1038. }
  1040. if (TargetName != NULL)
  1041. {
  1042. SspFree(TargetName);
  1043. }
  1044. }