/*++ Copyright (c) 1995 Microsoft Corporation Module Name: sspi.c Abstract: This file contains the implementation for SSPI Authentication The following functions are exported by this module: UnloadAuthenticateUser AuthenticateUser PreAuthenticateUser AuthenticateUserUI Author: Sudheer Koneru (SudK) Created 2/17/96 Revision History: --*/ #include "msnspmh.h" #ifdef DEBUG_WINSSPI #include #endif #include "auth.h" LPSTR StrChrA(LPCSTR lpStart, WORD wMatch); // from shlwapi.h DWORD g_cSspiContexts; #ifdef UNIX_SHMEM_CREDS /* On Unix: once a user puts in his credentials, we want to save * it in Shared memory so that other processes can use this data. * The login/password/domain are saved encrypted and you need the * routines in libntlmssp.so to unencrypt them. * When the process exits, the shared memory is cleaned up. If the * credentials are outdated during a session, we ask the user for * new credentials and try again. */ static BOOL g_fNeedNewCreds = FALSE; static FARPROC g_UXPCEFn = NULL; #endif #define NAME_SEPERATOR 0x5c // this is a backslash character which // seperates the domain name from user name VOID WINAPI UnloadAuthenticateUser(LPVOID *lppvContext, LPSTR lpszScheme, LPSTR lpszHost) { PWINCONTEXT pWinContext = (PWINCONTEXT) (*lppvContext); if (!SSPI_InitGlobals()) return; if (*lppvContext == NULL) { return; } if (pWinContext->pInBuffer != NULL && pWinContext->pInBuffer != pWinContext->szInBuffer) { LocalFree (pWinContext->pInBuffer); } pWinContext->pInBuffer = NULL; pWinContext->dwInBufferLength = 0; // Free SSPI security context // if (pWinContext->pSspContextHandle != NULL) (*(g_pSspData->pFuncTbl->DeleteSecurityContext))(pWinContext->pSspContextHandle); // Free SSPI credential handle // if (pWinContext->pCredential) (*(g_pSspData->pFuncTbl->FreeCredentialHandle))(pWinContext->pCredential); pWinContext->pCredential = NULL; pWinContext->pSspContextHandle = NULL; if ( (pWinContext->lpszServerName != NULL) && (pWinContext->lpszServerName != pWinContext->szServerName) ) { LocalFree(pWinContext->lpszServerName); } LocalFree(pWinContext); *lppvContext = NULL; g_cSspiContexts--; return; } //+--------------------------------------------------------------------------- // // Function: SaveServerName // // Synopsis: This function saves the destination server name in this // connection context for AuthenticateUserUI // // Arguments: [lpszServerName] - points to the target server name // [pWinContext] - points to the connection context // // Returns: TRUE if server name is successfully saved in connection context. // Otherwise, FALSE is returned. // //---------------------------------------------------------------------------- BOOL SaveServerName ( LPSTR lpszServerName, PWINCONTEXT pWinContext ) { DWORD dwLen = lstrlen(lpszServerName); if (dwLen < DEFAULT_SERVER_NAME_LEN) { lstrcpy(pWinContext->szServerName, lpszServerName); pWinContext->lpszServerName = pWinContext->szServerName; } else { // // Server name is longer, need to allocate memory for the name // // Free already allocated memory if any if (pWinContext->lpszServerName && pWinContext->lpszServerName != pWinContext->szServerName) { LocalFree (pWinContext->lpszServerName); } pWinContext->lpszServerName = (char *) LocalAlloc(0, dwLen+1); if (pWinContext->lpszServerName == NULL) return FALSE; lstrcpy(pWinContext->lpszServerName, lpszServerName); } return TRUE; } // Function bHasExtendedChars // Check if an ANSI string contains extended characters BOOL bHasExtendedChars(char const *str) { signed char const *p; for (p = (signed char const *)str; *p; p++) if ( *p < 0) return TRUE; return FALSE; } //+--------------------------------------------------------------------------- // // Function: BuildNTLMauthData // // Synopsis: This function builds SEC_WINNT_AUTH_IDENTITY structure // from the user name and password specified. If domain name // is not specified in the user name, the Domain field in // the structure is set to NULL. NOTE: This structure is // specific to the NTLM SSPI package. // This function allocates a chunck of memory big enough for // storing user name, domain, and password. Then setup // pointers in pAuthData to use sections of this memory. // // Arguments: [pAuthData] - points to the SEC_WINNT_AUTH_IDENTITY structure // [lpszUserName] - points to the user name, which may also // include user's domain name. // [lpszPassword] - points to user's password // // Returns: TRUE if SEC_WINNT_AUTH_IDENTITY structure is successfully // initialized and built. Otherwise, FALSE is returned. // //---------------------------------------------------------------------------- BOOL BuildNTLMauthData ( PSEC_WINNT_AUTH_IDENTITY pAuthData, LPTSTR lpszUserName, LPTSTR lpszPassword ) { DWORD dwUserLen, dwDomainLen, dwPwdLen; LPTSTR pName; LPTSTR pDomain = NULL; BOOL bUnicodeAuth = FALSE; // SEC_WINNT_AUTH_IDENTITY_UNICODE is supported on Windows NT/2000 if ( GetVersion() < 0x80000000 && (bHasExtendedChars(lpszUserName) || bHasExtendedChars(lpszPassword))) bUnicodeAuth = TRUE; pAuthData->Flags = bUnicodeAuth ? SEC_WINNT_AUTH_IDENTITY_UNICODE : SEC_WINNT_AUTH_IDENTITY_ANSI; // // Check to see if domain name is specified in lpszUserName // pName = StrChrA (lpszUserName, NAME_SEPERATOR); if (pName) // Domain name specified { // Make sure that we don't change the original string in lpszUserName // because that it would be reused for other connections // Calculate no. of bytes in domain name dwDomainLen = (int)(pName - lpszUserName); // Convert to no. of characters pAuthData->DomainLength = dwDomainLen / sizeof(TCHAR); pDomain = lpszUserName; pName++; } else // No domain specified { pName = lpszUserName; pAuthData->Domain = NULL; pDomain = NULL; dwDomainLen = pAuthData->DomainLength = 0; } dwUserLen = pAuthData->UserLength = lstrlen (pName); dwPwdLen = pAuthData->PasswordLength = lstrlen (lpszPassword); // // Allocate memory for all: name, domain, and password // The memory block is big enough for Unicode. Some bytes will be wasted in the ANSI case // pAuthData->User = (LPTSTR) LocalAlloc(LMEM_ZEROINIT, (dwUserLen + dwDomainLen + dwPwdLen + 3)*sizeof(wchar_t)); if (pAuthData->User == NULL) return (FALSE); if (bUnicodeAuth) { // Convert the user name into Unicode and store in pAuthData->User if (0 == MultiByteToWideChar(CP_ACP, 0, pName, -1, (LPWSTR)(pAuthData->User), dwUserLen+1)) return FALSE; } else CopyMemory (pAuthData->User, pName, dwUserLen); // Setup memory pointer for password // pAuthData->Password = pAuthData->User + (dwUserLen + 1) * sizeof(wchar_t); if (bUnicodeAuth) { if (0 == MultiByteToWideChar(CP_ACP, 0, lpszPassword, -1, (LPWSTR)(pAuthData->Password), dwPwdLen+1)) return FALSE; } else CopyMemory (pAuthData->Password, lpszPassword, dwPwdLen); if (pAuthData->DomainLength > 0) { // Setup memory pointer for domain // pAuthData->Domain = pAuthData->Password + (dwPwdLen + 1) * sizeof(wchar_t); if (bUnicodeAuth) { // pDomain is not null terminated, so provide the length if (0 == MultiByteToWideChar(CP_ACP, 0, pDomain, dwDomainLen, (LPWSTR)(pAuthData->Domain), dwDomainLen)) return FALSE; } else CopyMemory (pAuthData->Domain, pDomain, dwDomainLen); // Need not to zero terminate pAuthData->Domain, since the memory contents were initialized to zero. } else { pAuthData->Domain = NULL; } return (TRUE); } //+--------------------------------------------------------------------------- // // Function: FreeNTLMauthData // // Synopsis: This function frees memory allocated for the // SEC_WINNT_AUTH_IDENTITY structure // // Arguments: [pAuthData] - points to the SEC_WINNT_AUTH_IDENTITY structure // // Returns: void. // //---------------------------------------------------------------------------- VOID FreeNTLMauthData ( PSEC_WINNT_AUTH_IDENTITY pAuthData ) { // // Free User which points to memory for all domain, name, and password // if (pAuthData->User) LocalFree (pAuthData->User); } //+--------------------------------------------------------------------------- // // Function: NewWinContext // // Synopsis: This function creates a new context and a new credential // handle for this connection. If a user name/password is // specified, the credential handle is created for the // specified user. Otherwise, the credential handle is created // for the local logon user. // // Arguments: [pkgId] - the package ID (index into SSPI package list) // [lpszScheme] - the name of the current authentication scheme, // which is also the SSPI package name // [ppCtxt] - this returns the pointer of the created context // to the caller. // [lpszUserName] - the name of a specific user to be used // for authentication. If this is NULL, the // credential of the currently logon user is // used for authentication. // [lpszPassword] - the password of the specified user, if any. // // Returns: ERROR_SUCCESS - if the new context is created successfully // ERROR_NOT_ENOUGH_MEMORY - if memory allocation failed // ERROR_INVALID_PARAMETER - the SSPI call for creating the // security credential handle failed // //---------------------------------------------------------------------------- DWORD NewWinContext ( INT pkgId, LPSTR lpszScheme, PWINCONTEXT *ppCtxt, BOOL fCanUseLogon, LPSTR lpszUserName, LPSTR lpszPassword ) { SECURITY_STATUS ss; TimeStamp Lifetime; PWINCONTEXT pWinContext; SEC_WINNT_AUTH_IDENTITY AuthData; PSEC_WINNT_AUTH_IDENTITY pAuthData; DWORD Capabilities ; DWORD SecurityBlobSize; // // need space for maxtoken size for in+out, + base64 encoding overhead for each. // really 1.34 overhead, but just round up to 1.5 // SecurityBlobSize = GetPkgMaxToken(pkgId); SecurityBlobSize += (SecurityBlobSize/2); // // note: for compatibility sake, make the buffer size the MAX_BLOB_SIZE at the minimum // consider removing this once we're convinced all packages return good cbMaxToken values. // if( SecurityBlobSize < MAX_BLOB_SIZE ) { SecurityBlobSize = MAX_BLOB_SIZE; } pWinContext = (PWINCONTEXT) LocalAlloc( 0, sizeof(WINCONTEXT) + (SecurityBlobSize*2) ); if (pWinContext == NULL) return (ERROR_NOT_ENOUGH_MEMORY); // Initialize context // ZeroMemory( pWinContext, sizeof(WINCONTEXT) ); pWinContext->pkgId = (DWORD)pkgId; pWinContext->szOutBuffer = (char*)(pWinContext+1); pWinContext->cbOutBuffer = SecurityBlobSize; pWinContext->szInBuffer = pWinContext->szOutBuffer + pWinContext->cbOutBuffer; pWinContext->cbInBuffer = SecurityBlobSize; // // Get bitmask representing the package capabilities // Capabilities = GetPkgCapabilities( pkgId ); if ( ( Capabilities & SSPAUTHPKG_SUPPORT_NTLM_CREDS ) == 0 ) { // Always used cached credential for msn, dpa, etc. pAuthData = NULL; } else if (lpszUserName && lpszPassword) { // App Compat fix -- always use the app specified creds when available if ((lpszUserName[0] == '\0') && (lpszPassword[0] == '\0')) { if(fCanUseLogon) { pAuthData = NULL; } else { return ERROR_INTERNET_INCORRECT_PASSWORD; } } else { // Build AuthData from the specified user name/password if (!BuildNTLMauthData (&AuthData, lpszUserName, lpszPassword)) return (ERROR_NOT_ENOUGH_MEMORY); pAuthData = &AuthData; } } #ifdef UNIX_SHMEM_CREDS else if (fCanUseLogon && UnixCachedCredentialExists()) { pAuthData = NULL; } #else else if (fCanUseLogon) { // The zone policy allows silent use of the logon credential. pAuthData = NULL; } #endif /* UNIX_SHMEM_CREDS */ else { // We must prompt the user for credentials. return ERROR_INTERNET_INCORRECT_PASSWORD; } // // Call SSPI function acquire security credential for this package // ss = (*(g_pSspData->pFuncTbl->AcquireCredentialsHandle))( NULL, // New principal lpszScheme, // SSPI Package Name SECPKG_CRED_OUTBOUND,// Credential Use NULL, // Logon ID pAuthData, // Auth Data NULL, // Get key func NULL, // Get key arg &pWinContext->Credential, // Credential Handle &Lifetime ); if (pAuthData) FreeNTLMauthData (pAuthData); if (ss != STATUS_SUCCESS) { LocalFree (pWinContext); #ifdef UNIX_SHMEM_CREDS //If NTLM failed due to bad shared mem creds, prompt the user again... if (lstrcmpi(lpszScheme, "NTLM") == 0) { g_fNeedNewCreds = TRUE; return ERROR_INTERNET_INCORRECT_PASSWORD; } else #endif return (ERROR_INVALID_PARAMETER); } #ifdef UNIX_SHMEM_CREDS // if NTLM, the credentials were valid... if (lstrcmpi(lpszScheme, "NTLM") == 0) g_fNeedNewCreds = FALSE; #endif pWinContext->pCredential = &pWinContext->Credential; *ppCtxt = pWinContext; g_cSspiContexts++; return (ERROR_SUCCESS); } #ifdef UNIX_SHMEM_CREDS BOOL UnixCachedCredentialExists( ) { BOOL fCached; if (g_fNeedNewCreds) return FALSE; if (!g_UXPCEFn) g_UXPCEFn = GetProcAddress(GetModuleHandle("ntlmssp"), "UnixXProcCredExists"); fCached = g_UXPCEFn(); return fCached; } #endif /* UNIX_SHMEM_CREDS */ //+--------------------------------------------------------------------------- // // Function: RedoNTLMAuth4User // // Synopsis: This function recreates a NTLM credential handle for the // specified user and generate a NEGOTIATE message in // the provided buffer with the new credential handle. // // Arguments: [pWinContext] - points to the connection context // [pkgId] - specifies the SSPI pkg to be used for authentication // [lpszUserName] - the name of the specific user to be used // for authentication. // [lpszPassword] - the password of the specified user, // [lpszServerName] - the target server name // [lpszScheme] - the name of the current authentication scheme, // which is also the SSPI package name // [lpOutBuffer] - points to the buffer for the new authorization // header including the UUENCODED NEGOTIATE msg // [lpdwOutBufferLength] - returns the length of the generated // authorization header. // // Returns: ERROR_SUCCESS - if the new authorization header is successfully // created for the new user name/password // ERROR_NOT_ENOUGH_MEMORY - if memory allocation failed // ERROR_INVALID_HANDLE - the SSPI call for generating the // new NEGOTIATE msg failed // //---------------------------------------------------------------------------- DWORD RedoNTLMAuth4User ( PWINCONTEXT pWinContext, INT pkgId, LPSTR lpszUserName, LPSTR lpszPassword, LPSTR lpszServerName, LPSTR lpszScheme, LPSTR lpOutBuffer, LPDWORD lpdwOutBufferLength, PCSTR lpszUrl, SECURITY_STATUS *pssResult ) { SECURITY_STATUS ss; DWORD dwStatus; TimeStamp Lifetime; SEC_WINNT_AUTH_IDENTITY AuthData; PSEC_WINNT_AUTH_IDENTITY pAuthData = NULL; ULONG fContextReq = ISC_REQ_DELEGATE; DWORD dwMaxLen; //BOOL fCanUseCredMgr = FALSE; if (pWinContext->pSspContextHandle) { (*(g_pSspData->pFuncTbl->DeleteSecurityContext))(pWinContext->pSspContextHandle); pWinContext->pSspContextHandle = NULL; } // Free existing credential handle // if (pWinContext->pCredential) { (*(g_pSspData->pFuncTbl->FreeCredentialHandle))(pWinContext->pCredential); pWinContext->pCredential = NULL; } // App Compat fix -- always use the app specified creds when available if ((lpszUserName[0] == '\0') && (lpszPassword[0] == '\0')) { pAuthData = NULL; } else { // // Build the NTLM SSPI AuthData from the specified user name/password // if (!BuildNTLMauthData (&AuthData, lpszUserName, lpszPassword)) return (ERROR_NOT_ENOUGH_MEMORY); pAuthData = &AuthData; } // // Call SSPI function acquire security credential for this user // ss = (*(g_pSspData->pFuncTbl->AcquireCredentialsHandle))( NULL, // New principal lpszScheme, // SSPI Package Name SECPKG_CRED_OUTBOUND,// Credential Use NULL, // Logon ID pAuthData, // Auth Data NULL, // Get key func NULL, // Get key arg &pWinContext->Credential, // Credential Handle &Lifetime ); // if (!fCanUseCredMgr) if (pAuthData) { FreeNTLMauthData (&AuthData); // don't need it any more } if (ss != STATUS_SUCCESS) { return (ERROR_INVALID_HANDLE); } pWinContext->pCredential = &pWinContext->Credential; dwMaxLen = *lpdwOutBufferLength; // // Generate NEGOTIATE message in the provided buffer for this user // dwStatus = GetSecAuthMsg( g_pSspData, pWinContext->pCredential, pkgId, NULL, &(pWinContext->SspContextHandle), fContextReq, NULL, 0, lpOutBuffer, lpdwOutBufferLength, lpszServerName, TRUE, lpszScheme, lpszUrl, pssResult); if (dwStatus != SPM_STATUS_OK) { *lpdwOutBufferLength = 0; // no exchange blob generated return(ERROR_INVALID_HANDLE); } pWinContext->pSspContextHandle = &(pWinContext->SspContextHandle); // // If we are not in the initial state, continue to a RESPONSE message // if (pWinContext->pInBuffer != NULL && pWinContext->dwInBufferLength > 0) { *lpdwOutBufferLength = dwMaxLen; ZeroMemory( lpOutBuffer, dwMaxLen ); dwStatus = GetSecAuthMsg( g_pSspData, pWinContext->pCredential, pWinContext->pkgId, pWinContext->pSspContextHandle, (PCtxtHandle) &(pWinContext->SspContextHandle), fContextReq, pWinContext->pInBuffer, pWinContext->dwInBufferLength, lpOutBuffer, lpdwOutBufferLength, pWinContext->lpszServerName, TRUE, lpszScheme, lpszUrl, pssResult); // Clear out the input exchange blob // if (pWinContext->pInBuffer != NULL) { if (pWinContext->pInBuffer != pWinContext->szInBuffer) LocalFree (pWinContext->pInBuffer); pWinContext->pInBuffer = NULL; pWinContext->dwInBufferLength = 0; } if (dwStatus != SPM_STATUS_OK) { *lpdwOutBufferLength = 0; // no exchange blob generated return(ERROR_INVALID_HANDLE); } } return (ERROR_SUCCESS); } // // functions // /*++ Routine Description: Generates a Basic User Authentication string for WinINet or other callers can use Arguments: lpContext - if the package accepts the request & authentication requires multiple transactions, the package will supply a context value which will be used in subsequent calls, Currently this contains a pointer to a pointer of a User defined Void Pointer. Can be Assume to be NULL if this is the first instance of a Realm - Host Combo lpszServerName - the name of the server we are performing authentication for. We may want to supply the full URL lpszScheme - the name of the authentication scheme we are seeking, e.g. "MSN", in case the package supports multiple schemes dwFlags - on input, flags modifying how the package should behave, e.g. "only authenticate if you don't have to get user information" On output contains flags relevant to future HTTP requests, e.g. "don't cache any data from this connection". Note, this information should not be specific to HTTP - we may want to use the same flags for FTP, etc. lpszInBuffer - pointer to the string containing the response from the server (if any) dwInBufferLength - number of bytes in lpszInBuffer. No CR-LF sequence, no terminating NUL lpOutBuffer - pointer to a buffer where the challenge response will be written by the package if it can handle the request lpdwOutBufferLength - on input, contains the size of lpOutBuffer. On output, contains the number of bytes to return to the server in the next GET request (or whatever). If lpOutBuffer is too small, the package should return ERROR_INSUFFICIENT_BUFFER and set *lpdwOutBufferLength to be the required length We will keep a list of the authentication packages and the schemes they support, along with the entry point name (should be the same for all packages) in the registry. Wininet should keep enough information such that it can make a reasonable guess as to whether we need to authenticate a connection attempt, or whether we can use previously authenticated information Return Value: DWORD Success - non-zero Failure - 0. Error status is available by calling GetLastError() --*/ DWORD WINAPI AuthenticateUser( IN OUT LPVOID *lppvContext, IN LPSTR lpszServerName, IN LPSTR lpszScheme, IN BOOL fCanUseLogon, IN LPSTR lpszInBuffer, IN DWORD dwInBufferLength, IN LPSTR lpszUserName, IN LPSTR lpszPassword, IN PCSTR lpszUrl, OUT SECURITY_STATUS *pssResult ) { PWINCONTEXT pWinContext; LPSTR pServerBlob = NULL; int pkgId; DWORD SPMStatus; ULONG fContextReq = ISC_REQ_DELEGATE; BOOL bNonBlock = TRUE; if (!SSPI_InitGlobals()) return ERROR_INVALID_PARAMETER; pkgId = GetPkgId(lpszScheme); if (pkgId == -1) return (ERROR_INVALID_PARAMETER); if (*lppvContext == NULL) // a new connection { char msg[1024]; DWORD dwStatus; // // First time we are getting called here, there should be no input blob // if (dwInBufferLength != 0) return (ERROR_INVALID_PARAMETER); dwStatus = NewWinContext (pkgId, lpszScheme, &pWinContext, fCanUseLogon, lpszUserName, lpszPassword); if (dwStatus != ERROR_SUCCESS) return (dwStatus); (*lppvContext) = (LPVOID) pWinContext; #ifdef DEBUG_WINSSPI (void)wsprintf (msg, "AuthenticateUser> Scheme= %s Server= '%s'\n", lpszScheme, lpszServerName); OutputDebugString(msg); #endif } else { pWinContext = (PWINCONTEXT) (*lppvContext); // // The package Id better be the same. Cant just switch packageId // arbitrarily // if (pWinContext->pkgId != (DWORD)pkgId) return (ERROR_INVALID_PARAMETER); pServerBlob = lpszInBuffer; //++(pWinContext->dwCallId); // Increment Call Id // // BUGBUG: Hack for now to know when auth failed // The only time we get lpszInBuffer to be empty is when // Web server failed the authentication request // if (dwInBufferLength == 0) { // // This means auth has failed as far as NTLM/MSN are concerned. // Will result in UI being done again for new passwd // // Make sure we should have the same server name as before // if ( pWinContext->lpszServerName != NULL && lstrcmp (pWinContext->lpszServerName, lpszServerName) != 0 ) { return(ERROR_INVALID_PARAMETER); } if (!SaveServerName (lpszServerName, pWinContext)) return (ERROR_NOT_ENOUGH_MEMORY); // // Delete the original SSPI context handle and // let UI recreate one. // if (pWinContext->pSspContextHandle) { (*(g_pSspData->pFuncTbl->DeleteSecurityContext))(pWinContext->pSspContextHandle); pWinContext->pSspContextHandle = NULL; } if (pWinContext->pInBuffer != NULL && pWinContext->pInBuffer != pWinContext->szInBuffer) { LocalFree (pWinContext->pInBuffer); } pWinContext->pInBuffer = NULL; pWinContext->dwInBufferLength = 0; // // clear buffer length for the exchange blob // pWinContext->dwOutBufferLength = 0; // // The following is a temporary workaround for bugs in IE3 // Should remove this special case for DPA package once IE3 // bug is fixed (or once we move to new Wininet interface. // //***** BUGBUG *** Begin Special Case for DPA if (lstrcmpi (lpszScheme, "DPA") == 0) { fContextReq |= ISC_REQ_PROMPT_FOR_CREDS; } //***** BUGBUG *** End Special Case for DPA else return (ERROR_INTERNET_INCORRECT_PASSWORD); } } // // Setup dwOutBufferLength to represent max. memory in szOutBuffer // pWinContext->dwOutBufferLength = pWinContext->cbOutBuffer; ZeroMemory (pWinContext->szOutBuffer, pWinContext->cbOutBuffer); // // This will generate an authorization header with UUEncoded blob from SSPI. // BUGBUG: Better make sure outbuf buffer is big enough for this. // SPMStatus = GetSecAuthMsg( g_pSspData, pWinContext->pCredential, pkgId, pWinContext->pSspContextHandle, &(pWinContext->SspContextHandle), fContextReq, pServerBlob, dwInBufferLength, pWinContext->szOutBuffer, &pWinContext->dwOutBufferLength, lpszServerName, bNonBlock, lpszScheme, lpszUrl, pssResult); if (SPMStatus != SPM_STATUS_OK) // Fail to generate blob { pWinContext->dwOutBufferLength = 0; // no exchange blob generated // // if SSPI is requesting an opportunity to prompt for user credential // if (SPMStatus == SPM_STATUS_WOULD_BLOCK) { if (!SaveServerName (lpszServerName, pWinContext)) return (ERROR_NOT_ENOUGH_MEMORY); // If there is a exchange blob, this is not the first call // if (pServerBlob && dwInBufferLength > 0) { // Save the exchange blob in the connection context // so we can call SSPI again with the exchange blob if (dwInBufferLength > MAX_BLOB_SIZE) { pWinContext->pInBuffer = (PCHAR) LocalAlloc(0, dwInBufferLength); if (pWinContext->pInBuffer == NULL) return (ERROR_NOT_ENOUGH_MEMORY); } else pWinContext->pInBuffer = pWinContext->szInBuffer; CopyMemory( pWinContext->szInBuffer, pServerBlob, dwInBufferLength ); pWinContext->dwInBufferLength = dwInBufferLength; } else { // // Delete the original SSPI context handle and // let UI recreate one. // if (pWinContext->pSspContextHandle) { (*(g_pSspData->pFuncTbl->DeleteSecurityContext))(pWinContext->pSspContextHandle); pWinContext->pSspContextHandle = NULL; } // // clear buffer length for the exchange blob // if (pWinContext->pInBuffer != NULL && pWinContext->pInBuffer != pWinContext->szInBuffer) { LocalFree (pWinContext->pInBuffer); } pWinContext->pInBuffer = NULL; pWinContext->dwInBufferLength = 0; } pWinContext->dwOutBufferLength = 0; return(ERROR_INTERNET_INCORRECT_PASSWORD); } return (ERROR_INTERNET_LOGIN_FAILURE); } else if (pWinContext->pSspContextHandle == NULL) { // This means that we've just created a security context // pWinContext->pSspContextHandle = &(pWinContext->SspContextHandle); } return (ERROR_INTERNET_FORCE_RETRY); } DWORD WINAPI PreAuthenticateUser( IN OUT LPVOID *lppvContext, IN LPSTR lpszServerName, IN LPSTR lpszScheme, IN DWORD dwFlags, OUT LPSTR lpOutBuffer, IN OUT LPDWORD lpdwOutBufferLength, IN LPSTR lpszUserName, IN LPSTR lpszPassword, IN PCSTR lpszUrl, SECURITY_STATUS *pssResult ) { INT pkgId; DWORD dwStatus; PWINCONTEXT pWinContext; BOOL bNonBlock = TRUE; ULONG fContextReq = ISC_REQ_DELEGATE; DWORD Capabilities ; if (!SSPI_InitGlobals()) return ERROR_INVALID_PARAMETER; if (lpszServerName == NULL || *lpszServerName == '\0') return(ERROR_INVALID_PARAMETER); pkgId = GetPkgId(lpszScheme); if (pkgId == -1) { return(ERROR_INVALID_PARAMETER); } Capabilities = GetPkgCapabilities( pkgId ); // // If this is for an existing connection // if (*lppvContext != NULL) { pWinContext = (PWINCONTEXT) (*lppvContext); if ((DWORD)pkgId != pWinContext->pkgId) return(ERROR_INVALID_PARAMETER); // // For package that does not handle its own UI, if there is no // generated blob, it means that we have just collected // user name/password. // if ( ( pWinContext->dwOutBufferLength == 0 ) && ( Capabilities & SSPAUTHPKG_SUPPORT_NTLM_CREDS ) ) { if (lpszUserName == NULL || lpszPassword == NULL) { return(ERROR_INVALID_PARAMETER); } // // Need to recreate a credential handle and // generate a new NEGOTIATE message in lpOutBuffer // dwStatus = RedoNTLMAuth4User (pWinContext, pkgId, lpszUserName, lpszPassword, lpszServerName , lpszScheme, lpOutBuffer, lpdwOutBufferLength, lpszUrl, pssResult); if (dwStatus != ERROR_SUCCESS) return (dwStatus); return(ERROR_SUCCESS); } else if (pWinContext->dwOutBufferLength == 0) // // For other packages, If there is no generated blob, // something is wrong // return(ERROR_INVALID_PARAMETER); } // If not NTLM, don't pre-auth. else if ( (Capabilities & SSPAUTHPKG_SUPPORT_NTLM_CREDS ) == 0 ) { return (ERROR_INVALID_HANDLE); } else { // probably sending 1st request on a new connection for the same URL // Create a new context and SSPI credential handle for this connection // // Set fCanUseLogon to TRUE : we would not be pre-authing // unless we have a valid pwc which means we already checked // zone policy for silent logon. dwStatus = NewWinContext (pkgId, lpszScheme, &pWinContext, TRUE, lpszUserName, lpszPassword); if (dwStatus != ERROR_SUCCESS) return (dwStatus); #ifdef DEBUG_WINSSPI (void)wsprintf (msg, "PreAuthenticateUser> New Context for Scheme= %s Server= '%s'\n", lpszScheme, lpszServerName); OutputDebugString(msg); #endif pWinContext->dwOutBufferLength = pWinContext->cbOutBuffer; ZeroMemory (pWinContext->szOutBuffer, pWinContext->cbOutBuffer); // // This will generate an authorization header with the // UUEncoded blob from SSPI. // BUGBUG: Better make sure outbuf buffer is big enough for this. // dwStatus = GetSecAuthMsg( g_pSspData, pWinContext->pCredential, pkgId, NULL, &(pWinContext->SspContextHandle), fContextReq, NULL, 0, pWinContext->szOutBuffer, &pWinContext->dwOutBufferLength, lpszServerName, bNonBlock, lpszScheme, lpszUrl, pssResult); if (dwStatus != SPM_STATUS_OK) { // This is a rare case // pWinContext->dwOutBufferLength = 0; // no exchange blob generated return(ERROR_INVALID_HANDLE); } (*lppvContext) = (LPVOID) pWinContext; // Save the pointer of the created security ctxt // pWinContext->pSspContextHandle = &(pWinContext->SspContextHandle); } // // Copy exchange blob to the output buffer // Make sure output buffer provided is big enough // if (*lpdwOutBufferLength < pWinContext->dwOutBufferLength) { *lpdwOutBufferLength = pWinContext->dwOutBufferLength + 1; return(ERROR_INSUFFICIENT_BUFFER); } CopyMemory (lpOutBuffer, pWinContext->szOutBuffer, pWinContext->dwOutBufferLength); if (*lpdwOutBufferLength > pWinContext->dwOutBufferLength) lpOutBuffer[pWinContext->dwOutBufferLength] = '\0'; *lpdwOutBufferLength = pWinContext->dwOutBufferLength; // // The exchange blob has being copied to request header, so clear its len // pWinContext->dwOutBufferLength = 0; return(ERROR_SUCCESS); } DWORD WINAPI AuthenticateUserUI( IN OUT LPVOID* lppvContext, IN HWND hWnd, IN DWORD dwError, IN DWORD dwFlags, IN OUT InvalidPassType* pAuthInfo, IN LPSTR lpszScheme, IN PCSTR lpszUrl, OUT SECURITY_STATUS* pssResult ) { DWORD SPMStatus; PWINCONTEXT pWinContext = NULL; BOOL bNonBlock = FALSE; ULONG fContextReq = ISC_REQ_PROMPT_FOR_CREDS | ISC_REQ_DELEGATE; if (!SSPI_InitGlobals()) return ERROR_INVALID_PARAMETER; if (*lppvContext == NULL) { return(ERROR_INVALID_PARAMETER); } pWinContext = (PWINCONTEXT) (*lppvContext); if (pWinContext->lpszServerName == NULL) return(ERROR_INVALID_PARAMETER); pWinContext->dwOutBufferLength = pWinContext->cbOutBuffer; ZeroMemory (pWinContext->szOutBuffer, pWinContext->cbOutBuffer); // // Now make the password logon happen by calling GetSecAuthMsg (without // context handle) with the ISC_REQ_PROMPT_FOR_CREDS flag set // // After this will it call PreAuthenticateUser // SPMStatus = GetSecAuthMsg( g_pSspData, pWinContext->pCredential, pWinContext->pkgId, pWinContext->pSspContextHandle, (PCtxtHandle) &(pWinContext->SspContextHandle), fContextReq, pWinContext->pInBuffer, pWinContext->dwInBufferLength, pWinContext->szOutBuffer, &pWinContext->dwOutBufferLength, pWinContext->lpszServerName, bNonBlock, lpszScheme, lpszUrl, pssResult); // Clear out the input exchange blob // if (pWinContext->pInBuffer != NULL) { if (pWinContext->pInBuffer != pWinContext->szInBuffer) LocalFree (pWinContext->pInBuffer); pWinContext->pInBuffer = NULL; pWinContext->dwInBufferLength = 0; } if (SPMStatus != SPM_STATUS_OK) { pWinContext->dwOutBufferLength = 0; return (ERROR_CANCELLED); } if (pWinContext->pSspContextHandle == NULL) pWinContext->pSspContextHandle = &(pWinContext->SspContextHandle); // // BUGBUG // Setup the UserName and Password to be " " to work around bugs in Wininet // lstrcpy (pAuthInfo->lpszUsername, " "); lstrcpy (pAuthInfo->lpszPassword, " "); return (ERROR_INTERNET_FORCE_RETRY); }