archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/ds/security/services/ca/certclib/logon.cpp

337 lines
8.8 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (C) Microsoft Corporation, 1998 - 1999
  6. //
  7. // File: logon.cpp
  8. //
  9. //--------------------------------------------------------------------------
  11. /*++
  13. Copyright (c) 1995, 1996 Scott A. Field
  15. Module Name:
  17. logon.c
  19. Abstract:
  21. This module implements the network logon type by interfacing
  22. with the NT Lan Man Security Support Provider (NTLMSSP).
  24. If the logon succeds via the provided credentials, we duplicate
  25. the resultant Impersonation token to a Primary level token.
  26. This allows the result to be used in a call to CreateProcessAsUser
  28. Author:
  30. Scott Field (sfield) 09-Jun-96
  32. Revision History:
  34. --*/
  35. #include "pch.cpp"
  37. #pragma hdrstop
  38. #define SECURITY_WIN32
  42. #include <windows.h>
  44. #include <rpc.h>
  45. #include <security.h>
  48. BOOL
  49. myNetLogonUser(
  50. LPTSTR UserName,
  51. LPTSTR DomainName,
  52. LPTSTR Password,
  53. PHANDLE phToken
  54. )
  55. {
  56. SECURITY_STATUS SecStatus;
  57. CredHandle CredentialHandle1;
  58. CredHandle CredentialHandle2;
  60. CtxtHandle ClientContextHandle;
  61. CtxtHandle ServerContextHandle;
  62. SecPkgCredentials_Names sNames;
  64. ULONG ContextAttributes;
  66. ULONG PackageCount;
  67. ULONG PackageIndex;
  68. PSecPkgInfo PackageInfo;
  69. DWORD cbMaxToken;
  71. TimeStamp Lifetime;
  72. SEC_WINNT_AUTH_IDENTITY AuthIdentity;
  74. SecBufferDesc NegotiateDesc;
  75. SecBuffer NegotiateBuffer;
  77. SecBufferDesc ChallengeDesc;
  78. SecBuffer ChallengeBuffer;
  80. BOOL bSuccess = FALSE ; // assume this function will fail
  82. NegotiateBuffer.pvBuffer = NULL;
  83. NegotiateBuffer.cbBuffer = 0;
  84. ChallengeBuffer.pvBuffer = NULL;
  85. ChallengeBuffer.cbBuffer = 0;
  86. sNames.sUserName = NULL;
  87. ClientContextHandle.dwUpper = MAXDWORD;
  88. ClientContextHandle.dwLower = MAXDWORD;
  89. ServerContextHandle.dwUpper = MAXDWORD;
  90. ServerContextHandle.dwLower = MAXDWORD;
  91. CredentialHandle1.dwUpper = MAXDWORD;
  92. CredentialHandle1.dwLower = MAXDWORD;
  93. CredentialHandle2.dwUpper = MAXDWORD;
  94. CredentialHandle2.dwLower = MAXDWORD;
  97. //
  98. // << this section could be cached in a repeat caller scenario >>
  99. //
  101. //
  102. // Get info about the security packages.
  103. //
  105. if(EnumerateSecurityPackages(
  106. &PackageCount,
  107. &PackageInfo
  108. ) != SEC_E_OK) return FALSE;
  110. //
  111. // loop through the packages looking for NTLM
  112. //
  114. cbMaxToken = 0;
  115. for(PackageIndex = 0 ; PackageIndex < PackageCount ; PackageIndex++ ) {
  116. if(PackageInfo[PackageIndex].Name != NULL) {
  117. if(LSTRCMPIS(PackageInfo[PackageIndex].Name, MICROSOFT_KERBEROS_NAME) == 0) {
  118. cbMaxToken = PackageInfo[PackageIndex].cbMaxToken;
  119. bSuccess = TRUE;
  120. break;
  121. }
  122. }
  123. }
  125. FreeContextBuffer( PackageInfo );
  127. if(!bSuccess) return FALSE;
  129. bSuccess = FALSE; // reset to assume failure
  131. //
  132. // << end of cached section >>
  133. //
  135. //
  136. // Acquire a credential handle for the server side
  137. //
  139. SecStatus = AcquireCredentialsHandle(
  140. NULL, // New principal
  141. MICROSOFT_KERBEROS_NAME, // Package Name
  142. SECPKG_CRED_INBOUND,
  143. NULL,
  144. NULL,
  145. NULL,
  146. NULL,
  147. &CredentialHandle1,
  148. &Lifetime
  149. );
  151. if ( SecStatus != SEC_E_OK ) {
  152. goto cleanup;
  153. }
  156. //
  157. // Acquire a credential handle for the client side
  158. //
  160. ZeroMemory( &AuthIdentity, sizeof(AuthIdentity) );
  162. if ( DomainName != NULL ) {
  163. AuthIdentity.Domain = DomainName;
  164. AuthIdentity.DomainLength = lstrlen(DomainName);
  165. }
  167. if ( UserName != NULL ) {
  168. AuthIdentity.User = UserName;
  169. AuthIdentity.UserLength = lstrlen(UserName);
  170. }
  172. if ( Password != NULL ) {
  173. AuthIdentity.Password = Password;
  174. AuthIdentity.PasswordLength = lstrlen(Password);
  175. }
  177. #ifdef UNICODE
  178. AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
  179. #else
  180. AuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
  181. #endif
  183. SecStatus = AcquireCredentialsHandle(
  184. NULL, // New principal
  185. MICROSOFT_KERBEROS_NAME, // Package Name
  186. SECPKG_CRED_OUTBOUND,
  187. NULL,
  188. (DomainName == NULL && UserName == NULL && Password == NULL) ?
  189. NULL : &AuthIdentity,
  190. NULL,
  191. NULL,
  192. &CredentialHandle2,
  193. &Lifetime
  194. );
  196. if ( SecStatus != SEC_E_OK ) {
  197. goto cleanup;
  198. }
  200. SecStatus = QueryCredentialsAttributes(&CredentialHandle1, SECPKG_CRED_ATTR_NAMES, &sNames);
  201. if ( SecStatus != SEC_E_OK ) {
  202. goto cleanup;
  203. }
  204. //
  205. // Get the NegotiateMessage (ClientSide)
  206. //
  208. NegotiateDesc.ulVersion = 0;
  209. NegotiateDesc.cBuffers = 1;
  210. NegotiateDesc.pBuffers = &NegotiateBuffer;
  212. NegotiateBuffer.cbBuffer = cbMaxToken;
  213. NegotiateBuffer.BufferType = SECBUFFER_TOKEN;
  214. NegotiateBuffer.pvBuffer = LocalAlloc( LMEM_FIXED, NegotiateBuffer.cbBuffer );
  216. if ( NegotiateBuffer.pvBuffer == NULL ) {
  217. goto cleanup;
  218. }
  220. SecStatus = InitializeSecurityContext(
  221. &CredentialHandle2,
  222. NULL, // No Client context yet
  223. sNames.sUserName, // target name
  224. ISC_REQ_SEQUENCE_DETECT,
  225. 0, // Reserved 1
  226. SECURITY_NATIVE_DREP,
  227. NULL, // No initial input token
  228. 0, // Reserved 2
  229. &ClientContextHandle,
  230. &NegotiateDesc,
  231. &ContextAttributes,
  232. &Lifetime
  233. );
  234. if(SecStatus != SEC_E_OK)
  235. {
  236. goto cleanup;
  237. }
  240. //
  241. // Get the ChallengeMessage (ServerSide)
  242. //
  244. NegotiateBuffer.BufferType |= SECBUFFER_READONLY;
  245. ChallengeDesc.ulVersion = 0;
  246. ChallengeDesc.cBuffers = 1;
  247. ChallengeDesc.pBuffers = &ChallengeBuffer;
  249. ChallengeBuffer.cbBuffer = cbMaxToken;
  250. ChallengeBuffer.BufferType = SECBUFFER_TOKEN;
  251. ChallengeBuffer.pvBuffer = LocalAlloc( LMEM_FIXED, ChallengeBuffer.cbBuffer );
  253. if ( ChallengeBuffer.pvBuffer == NULL ) {
  254. goto cleanup;
  255. }
  257. SecStatus = AcceptSecurityContext(
  258. &CredentialHandle1,
  259. NULL, // No Server context yet
  260. &NegotiateDesc,
  261. ISC_REQ_SEQUENCE_DETECT,
  262. SECURITY_NATIVE_DREP,
  263. &ServerContextHandle,
  264. &ChallengeDesc,
  265. &ContextAttributes,
  266. &Lifetime
  267. );
  268. if(SecStatus != SEC_E_OK)
  269. {
  270. goto cleanup;
  271. }
  274. if(QuerySecurityContextToken(&ServerContextHandle, phToken) != SEC_E_OK)
  275. goto cleanup;
  277. bSuccess = TRUE;
  279. cleanup:
  281. //
  282. // Delete context
  283. //
  285. if((ClientContextHandle.dwUpper != MAXDWORD) ||
  286. (ClientContextHandle.dwLower != MAXDWORD))
  287. {
  288. DeleteSecurityContext( &ClientContextHandle );
  289. }
  290. if((ServerContextHandle.dwUpper != MAXDWORD) ||
  291. (ServerContextHandle.dwLower != MAXDWORD))
  292. {
  293. DeleteSecurityContext( &ServerContextHandle );
  294. }
  296. //
  297. // Free credential handles
  298. //
  299. if((CredentialHandle1.dwUpper != MAXDWORD) ||
  300. (CredentialHandle1.dwLower != MAXDWORD))
  301. {
  302. FreeCredentialsHandle( &CredentialHandle1 );
  303. }
  304. if((CredentialHandle2.dwUpper != MAXDWORD) ||
  305. (CredentialHandle2.dwLower != MAXDWORD))
  306. {
  307. FreeCredentialsHandle( &CredentialHandle2 );
  308. }
  310. if ( NegotiateBuffer.pvBuffer != NULL ) {
  312. //
  313. // NegotiateBuffer.cbBuffer may change on the error path --
  314. // use the original allocation size.
  315. //
  317. SecureZeroMemory( NegotiateBuffer.pvBuffer, cbMaxToken );
  318. LocalFree( NegotiateBuffer.pvBuffer );
  319. }
  321. if ( ChallengeBuffer.pvBuffer != NULL ) {
  323. //
  324. // ChallengeBuffer.cbBuffer may change on the error path --
  325. // use the original allocation size.
  326. //
  328. SecureZeroMemory( ChallengeBuffer.pvBuffer, cbMaxToken );
  329. LocalFree( ChallengeBuffer.pvBuffer );
  330. }
  332. if ( sNames.sUserName != NULL ) {
  333. FreeContextBuffer( sNames.sUserName );
  334. }
  336. return bSuccess;
  337. }