archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetcore/winhttp/v5/auth/sspspm.cxx

490 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*#----------------------------------------------------------------------------
  2. **
  3. ** File: sspspm.c
  4. **
  5. ** Synopsis: Security Protocol Module for SSPI Authentication providers.
  6. **
  7. ** This module contains major funtions of the SEC_SSPI.DLL which
  8. ** allows the Internet Explorer to use SSPI providers for authentication.
  9. ** The function exported to the Internet Explorer is Ssp_Load() which
  10. ** passes the address of the Ssp__DownCall() function to the Explorer.
  11. ** Then the Explorer will call Ssp__DownCall() when it needs service from
  12. ** this SPM DLL. The two major functions called by Ssp__DownCall() to
  13. ** service Explorer's request are Ssp__PreProcessRequest() and
  14. ** Ssp__ProcessResponse(). In brief, Ssp__PreProcessRequest() is
  15. ** called before the Explorer sends out a request which does not have
  16. ** any 'Authorization' header yet. And Ssp__ProcessResponse() is called
  17. ** whenever the Explorer receives an 401 'Unauthorized' response from the
  18. ** server. This SPM DLL supports all SSPI packages which are installed
  19. ** on the machine.
  20. **
  21. ** This SPM DLL is called by the Internet Explorer only for its
  22. ** The Internet Explorer only calls this SPM DLL when it needs
  23. ** authentication data in its request/response. In other words, the
  24. ** Explorer never calls this SPM DLL when an authentication succeeded;
  25. ** it never calls this DLL when it decide to give up on a connection
  26. ** because of server response timeout. Because of this fact, this SPM
  27. ** DLL never has sufficient information on the state of each server
  28. ** connection; it only know its state based on the content of the last
  29. ** request and the content of the current response. For this reason, this
  30. ** SPM DLL does not keep state information for each host it has visited
  31. ** unless the information is essential.
  32. ** The security context handle returned from the first call of
  33. ** InitializeSecurityContext() for NEGOTIATE message generation is
  34. ** always the identical for a SSPI package when the same server host is
  35. ** passed. Since the server host name is always in the request/response
  36. ** header, the only information essential in generating a NEGOTIATE or
  37. ** RESPONSE is already available in the header. So unlike most SSPI
  38. ** application, this DLL will not keep the security context handle which
  39. ** it received from the SSPI function calls. Whenever it needs to call
  40. ** the SSPI function for generating a RESPONSE, it will first call the
  41. ** SSPI function without the CHALLENGE to get a security context handle.
  42. ** Then it calls the SSPI function again with the CHALLENGE to generate
  43. ** a RESPONSE.
  44. **
  45. **
  46. ** Copyright (C) 1995 Microsoft Corporation. All Rights Reserved.
  47. **
  48. ** Authors: LucyC Created 25 Sept. 1995
  49. **
  50. **---------------------------------------------------------------------------*/
  51. #include <wininetp.h>
  52. #include <ntlmsp.h>
  53. #include "sspspm.h"
  55. //
  56. // Global variable where all the SSPI Pkgs data is collected
  57. //
  59. SspData *g_pSspData;
  62. HINSTANCE g_hSecLib;
  64. /*-----------------------------------------------------------------------------
  65. **
  66. ** Function: SpmAddSSPIPkg
  67. **
  68. ** Synopsis: This function adds a SSPI package to the SPM's package list.
  69. **
  70. ** Arguments: pData - Points to the private SPM data structure containing
  71. ** the package list and the package info.
  72. ** pPkgName - package name
  73. ** cbMaxToken - max size of security token
  74. **
  75. ** Returns: The index in the package list where this new package is added.
  76. ** If failed to add the new package, SSPPKG_ERROR is returned.
  77. **
  78. ** History: LucyC Created 21 Oct. 1995
  79. **
  80. **---------------------------------------------------------------------------*/
  81. static UCHAR
  82. SpmAddSSPIPkg (
  83. SspData *pData,
  84. LPTSTR pPkgName,
  85. ULONG cbMaxToken
  86. )
  87. {
  88. if ( !(pData->PkgList[pData->PkgCnt] =
  89. (SSPAuthPkg *)LocalAlloc(0, sizeof(SSPAuthPkg))))
  90. {
  91. return SSPPKG_ERROR;
  92. }
  94. if ( !(pData->PkgList[pData->PkgCnt]->pName =
  95. (LPSTR)LocalAlloc(0, lstrlen(pPkgName)+1)))
  96. {
  97. LocalFree(pData->PkgList[pData->PkgCnt]);
  98. pData->PkgList[pData->PkgCnt] = NULL;
  99. return SSPPKG_ERROR;
  100. }
  102. lstrcpy (pData->PkgList[pData->PkgCnt]->pName, pPkgName);
  103. pData->PkgList[ pData->PkgCnt ]->Capabilities = 0 ;
  105. pData->PkgList[ pData->PkgCnt ]->cbMaxToken = cbMaxToken;
  107. //
  108. // Determine if this package supports anything of interest to
  109. // us.
  110. //
  112. if ( lstrcmpi( pPkgName, NTLMSP_NAME_A ) == 0 )
  113. {
  114. //
  115. // NTLM supports the standard credential structure
  116. //
  118. pData->PkgList[ pData->PkgCnt ]->Capabilities |= SSPAUTHPKG_SUPPORT_NTLM_CREDS ;
  119. }
  120. else if ( lstrcmpi( pPkgName, "Negotiate" ) == 0 )
  121. {
  122. //
  123. // Negotiate supports that cred structure too
  124. //
  126. pData->PkgList[ pData->PkgCnt ]->Capabilities |= SSPAUTHPKG_SUPPORT_NTLM_CREDS ;
  128. }
  129. else
  130. {
  131. //
  132. // Add more comparisons here, eventually.
  133. //
  135. ;
  136. }
  138. pData->PkgCnt++;
  139. return (pData->PkgCnt - 1);
  140. }
  142. /*-----------------------------------------------------------------------------
  143. **
  144. ** Function: SpmFreePkgList
  145. **
  146. ** Synopsis: This function frees memory allocated for the package list.
  147. **
  148. ** Arguments: pData - Points to the private SPM data structure containing
  149. ** the package list and the package info.
  150. **
  151. ** Returns: void.
  152. **
  153. ** History: LucyC Created 21 Oct. 1995
  154. **
  155. **---------------------------------------------------------------------------*/
  156. static VOID
  157. SpmFreePkgList (
  158. SspData *pData
  159. )
  160. {
  161. int ii;
  163. for (ii = 0; ii < pData->PkgCnt; ii++)
  164. {
  165. LocalFree(pData->PkgList[ii]->pName);
  167. LocalFree(pData->PkgList[ii]);
  168. }
  170. LocalFree(pData->PkgList);
  171. }
  174. /*-----------------------------------------------------------------------------
  175. **
  176. ** Function: Ssp__Unload
  177. **
  178. ** Synopsis: This function is called by the Internet Explorer before
  179. ** the SPM DLL is unloaded from the memory.
  180. **
  181. ** Arguments: fpUI - From Explorer for making all UI_SERVICE call
  182. ** pvOpaqueOS - From Explorer for making all UI_SERVICE call
  183. ** htspm - the SPM structure which contains the global data
  184. ** storage for this SPM DLL.
  185. **
  186. ** Returns: always returns SPM_STATUS_OK, which means successful.
  187. **
  188. ** History: LucyC Created 25 Sept. 1995
  189. **
  190. **---------------------------------------------------------------------------*/
  191. DWORD SSPI_Unload()
  192. {
  193. if (!AuthLock())
  194. {
  195. return SPM_STATUS_INSUFFICIENT_BUFFER;
  196. }
  198. if (g_pSspData != NULL)
  199. {
  200. SpmFreePkgList(g_pSspData);
  201. LocalFree(g_pSspData);
  202. g_pSspData = NULL;
  203. }
  205. if (g_hSecLib)
  206. {
  207. FreeLibrary (g_hSecLib);
  208. g_hSecLib = NULL;
  209. }
  211. AuthUnlock();
  213. return SPM_STATUS_OK;
  214. }
  216. /*-----------------------------------------------------------------------------
  217. **
  218. ** Function: SspSPM_InitData
  219. **
  220. ** Synopsis: This function allocates and initializes global data structure
  221. ** of the SPM DLL.
  222. **
  223. ** Arguments:
  224. **
  225. ** Returns: Pointer to the allocated global data structure.
  226. **
  227. ** History: LucyC Created 25 Sept. 1995
  228. **
  229. **---------------------------------------------------------------------------*/
  230. LPVOID SSPI_InitGlobals(void)
  231. {
  232. SspData *pData = NULL;
  233. OSVERSIONINFO VerInfo;
  234. INIT_SECURITY_INTERFACE addrProcISI = NULL;
  236. SECURITY_STATUS sstat;
  237. ULONG ii, cntPkg;
  238. PSecPkgInfo pPkgInfo = NULL;
  239. PSecurityFunctionTable pFuncTbl = NULL;
  241. if (g_pSspData)
  242. return g_pSspData;
  244. static BOOL Initializing = FALSE;
  245. static BOOL Initialized = FALSE;
  247. if (InterlockedExchange((LPLONG)&Initializing, TRUE)) {
  248. while (!Initialized) {
  249. SleepEx(0, TRUE);
  250. }
  251. goto quit;
  252. }
  254. //
  255. // Initialize SSP SPM Global Data
  256. //
  258. VerInfo.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
  259. if (!GetVersionEx (&VerInfo)) // If this fails, something has gone wrong
  260. {
  261. goto quit;
  262. }
  264. if (VerInfo.dwPlatformId != VER_PLATFORM_WIN32_NT)
  265. {
  266. goto quit;
  267. }
  269. if (!(pData = (SspData *) LocalAlloc(0, sizeof(SspData)))) {
  271. goto quit;
  273. }
  275. //
  276. // Keep these information in global SPM
  277. //
  278. ZeroMemory (pData, sizeof(SspData));
  280. //
  281. // Load Security DLL
  282. //
  283. g_hSecLib = LoadLibrary (SSP_SPM_NT_DLL);
  284. if (g_hSecLib == NULL)
  285. {
  286. // This should never happen.
  287. LocalFree(pData);
  288. pData = NULL;
  289. goto Cleanup;
  290. }
  292. addrProcISI = (INIT_SECURITY_INTERFACE) GetProcAddress( g_hSecLib,
  293. SECURITY_ENTRYPOINT);
  294. if (addrProcISI == NULL)
  295. {
  296. LocalFree(pData);
  297. pData = NULL;
  298. goto Cleanup;
  299. }
  301. //
  302. // Get the SSPI function table
  303. //
  304. pFuncTbl = (*addrProcISI)();
  306. //
  307. // Get list of packages supported
  308. //
  309. sstat = (*(pFuncTbl->EnumerateSecurityPackages))(&cntPkg, &pPkgInfo);
  310. if (sstat != SEC_E_OK || pPkgInfo == NULL)
  311. {
  312. //
  313. // ??? Should we give up here ???
  314. // EnumerateSecurityPackage() failed
  315. //
  316. goto Cleanup;
  317. }
  319. if (cntPkg)
  320. {
  321. //
  322. // Create the package list
  323. //
  324. if (!(pData->PkgList = (PSSPAuthPkg *)LocalAlloc(0,
  325. cntPkg*sizeof(PSSPAuthPkg))))
  326. {
  327. goto Cleanup;
  328. }
  329. }
  331. for (ii = 0; ii < cntPkg; ii++)
  332. {
  333. //DebugTrace(SSPSPMID, "Found %s SSPI package\n",
  334. // pPkgInfo[ii].Name);
  336. if (SpmAddSSPIPkg (pData,
  337. pPkgInfo[ii].Name,
  338. pPkgInfo[ii].cbMaxToken
  339. ) == SSPPKG_ERROR)
  340. {
  341. goto Cleanup;
  342. }
  343. }
  345. pData->pFuncTbl = pFuncTbl;
  346. pData->bKeepList = TRUE;
  348. if (pData->PkgCnt == 0)
  349. {
  350. goto Cleanup;
  351. }
  353. g_pSspData = pData;
  354. pData = NULL;
  356. Cleanup:
  359. if( pPkgInfo != NULL )
  360. {
  361. //
  362. // Free buffer returned by the enumerate security package function
  363. //
  365. (*(pFuncTbl->FreeContextBuffer))(pPkgInfo);
  366. }
  368. if( pData != NULL )
  369. {
  370. SpmFreePkgList (pData);
  371. }
  373. if (g_hSecLib)
  374. {
  375. FreeLibrary (g_hSecLib);
  376. g_hSecLib = NULL;
  377. }
  380. quit:
  381. Initialized = TRUE;
  383. return (g_pSspData);
  384. }
  386. INT
  387. GetPkgId(LPTSTR lpszPkgName)
  388. {
  389. int ii;
  391. if ( g_pSspData == NULL )
  392. {
  393. return -1;
  394. }
  396. if (!AuthLock())
  397. {
  398. return -1;
  399. }
  401. for (ii = 0; ii < g_pSspData->PkgCnt; ii++)
  402. {
  403. if (!lstrcmp(g_pSspData->PkgList[ii]->pName, lpszPkgName))
  404. {
  405. AuthUnlock();
  406. return(ii);
  407. }
  408. }
  410. AuthUnlock();
  411. return(-1);
  412. }
  414. DWORD
  415. GetPkgCapabilities(
  416. INT Package
  417. )
  418. {
  419. if (!AuthLock())
  420. {
  421. return 0;
  422. }
  424. DWORD dwCaps;
  425. if ( Package < g_pSspData->PkgCnt )
  426. {
  427. dwCaps = g_pSspData->PkgList[ Package ]->Capabilities ;
  428. }
  429. else
  430. dwCaps = 0 ;
  432. AuthUnlock();
  433. return dwCaps;
  434. }
  436. ULONG
  437. GetPkgMaxToken(
  438. INT Package
  439. )
  440. {
  441. if (!AuthLock())
  442. {
  443. return MAX_AUTH_MSG_SIZE;
  444. }
  446. ULONG dwMaxToken;
  448. if ( Package < g_pSspData->PkgCnt )
  449. {
  450. dwMaxToken = g_pSspData->PkgList[ Package ]->cbMaxToken;
  451. }
  452. else {
  453. // be compatible with old static buffer size
  454. dwMaxToken = MAX_AUTH_MSG_SIZE;
  455. }
  457. AuthUnlock();
  458. return dwMaxToken;
  459. }
  461. //
  462. // Calls to this function are serialized
  463. //
  465. DWORD_PTR SSPI_InitScheme (LPCSTR lpszScheme)
  466. {
  467. int ii;
  469. if (!SSPI_InitGlobals())
  470. return 0;
  472. if (!AuthLock())
  473. {
  474. return 0;
  475. }
  476. // Once initialized, check to see if this scheme is installed
  477. for (ii = 0; ii < g_pSspData->PkgCnt &&
  478. lstrcmp (g_pSspData->PkgList[ii]->pName, lpszScheme); ii++);
  480. if (ii >= g_pSspData->PkgCnt)
  481. {
  482. // This scheme is not installed on this machine
  483. AuthUnlock();
  484. return (0);
  485. }
  487. AuthUnlock();
  488. return ((DWORD_PTR)g_pSspData);
  489. }