|
|
#include <wininetp.h>
#include <urlmon.h>
#include <splugin.hxx>
#include <security.h>
#include "auth.h"
#define SSP_SPM_NT_DLL "security.dll"
#define SSP_SPM_WIN95_DLL "secur32.dll"
#define MAX_SILENT_RETRIES 3
#define OUTPUT_BUFFER_LEN 10000
#define HEADER_IDX 0
#define REALM_IDX 1
#define HOST_IDX 2
#define URL_IDX 3
#define METHOD_IDX 4
#define USER_IDX 5
#define PASS_IDX 6
#define NONCE_IDX 7
#define NC_IDX 8
#define HWND_IDX 9
#define NUM_BUFF 10
#define ISC_MODE_AUTH 0
#define ISC_MODE_PREAUTH 1
#define ISC_MODE_UI 2
struct DIGEST_PKG_DATA{ LPSTR szAppCtx; LPSTR szUserCtx;};
/*-----------------------------------------------------------------------------
DIGEST_CTX-----------------------------------------------------------------------------*/
// Globals
PSecurityFunctionTable DIGEST_CTX::g_pFuncTbl = NULL;CredHandle DIGEST_CTX::g_hCred;
/*---------------------------------------------------------------------------
DIGEST_CTX::GetFuncTbl---------------------------------------------------------------------------*/VOID DIGEST_CTX::GetFuncTbl(){ HINSTANCE hSecLib; INIT_SECURITY_INTERFACE addrProcISI = NULL;#ifndef UNIX
OSVERSIONINFO VerInfo;
VerInfo.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
GetVersionEx (&VerInfo);
if (VerInfo.dwPlatformId == VER_PLATFORM_WIN32_NT) { hSecLib = LoadLibrary (SSP_SPM_NT_DLL); } else if (VerInfo.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS)#endif /* UNIX */
{ hSecLib = LoadLibrary (SSP_SPM_WIN95_DLL); } addrProcISI = (INIT_SECURITY_INTERFACE) GetProcAddress(hSecLib, SECURITY_ENTRYPOINT_ANSI); g_pFuncTbl = (*addrProcISI)();}
/*---------------------------------------------------------------------------
DIGEST_CTX::GetRequestUri---------------------------------------------------------------------------*/LPSTR DIGEST_CTX::GetRequestUri(){ DEBUG_ENTER (( DBG_HTTPAUTH, String, "DIGEST_CTX::GetRequestUri", "this=%#x", this ));
LPSTR szUrl; DWORD cbUrl;
URL_COMPONENTS sUrl;
memset(&sUrl, 0, sizeof(sUrl)); sUrl.dwStructSize = sizeof(sUrl); sUrl.dwHostNameLength = -1; sUrl.dwUrlPathLength = -1; sUrl.dwExtraInfoLength = -1;
szUrl = _pRequest->GetURL();
// Generate request-uri
if (InternetCrackUrl(szUrl, strlen(szUrl), 0, &sUrl)) { cbUrl = sUrl.dwUrlPathLength; szUrl = new CHAR[cbUrl+1];
if (!szUrl) { // Alloc failure. Return NULL. We will
// use _pRequest->GetURL instead.
DEBUG_LEAVE(NULL); return NULL; } memcpy(szUrl, sUrl.lpszUrlPath, cbUrl); szUrl[cbUrl] = '\0'; } else { // ICU failed. Return NULL which
// will cause _pRequest->GetURL
// to be used.
DEBUG_LEAVE(NULL); return NULL; }
DEBUG_LEAVE(szUrl); return szUrl;}
/*---------------------------------------------------------------------------
DIGEST_CTX::InitSecurityBuffers---------------------------------------------------------------------------*/VOID DIGEST_CTX::InitSecurityBuffers(LPSTR szOutBuf, DWORD cbOutBuf, LPDWORD pdwSecFlags, DWORD dwISCMode){ DEBUG_ENTER (( DBG_HTTPAUTH, None, "DIGEST_CTX::InitSecurityBuffers", "this=%#x szout=%#x cbout=%d secflags=%#x iscmode=%#x", this, szOutBuf, cbOutBuf, (pdwSecFlags ? *pdwSecFlags : NULL), dwISCMode ));
// Input Buffer.
_SecBuffInDesc.cBuffers = NUM_BUFF; _SecBuffInDesc.pBuffers = _SecBuffIn;
// Set Header
_SecBuffIn[HEADER_IDX].pvBuffer = _szData; _SecBuffIn[HEADER_IDX].cbBuffer = _cbData; _SecBuffIn[HEADER_IDX].BufferType = SECBUFFER_TOKEN; // If credentials are supplied will be set to
// ISC_REQ_USE_SUPPLIED_CREDS.
// If prompting for auth dialog will be set to
// ISC_REQ_PROMPT_FOR_CREDS.
*pdwSecFlags = 0; // Set realm if no header, otherwise NULL.
if (_SecBuffIn[HEADER_IDX].pvBuffer) { _SecBuffIn[REALM_IDX].pvBuffer = NULL; _SecBuffIn[REALM_IDX].cbBuffer = 0; } else { // We are preauthenticating using the realm
_SecBuffIn[REALM_IDX].pvBuffer = _pPWC->lpszRealm; _SecBuffIn[REALM_IDX].cbBuffer = strlen(_pPWC->lpszRealm); } // Host.
_SecBuffIn[HOST_IDX].pvBuffer = _pPWC->lpszHost; _SecBuffIn[HOST_IDX].cbBuffer = strlen(_pPWC->lpszHost); _SecBuffIn[HOST_IDX].BufferType = SECBUFFER_TOKEN;
// Request URI.
if (!_szRequestUri) { _szRequestUri = GetRequestUri(); if (_szRequestUri) _SecBuffIn[URL_IDX].pvBuffer = _szRequestUri; else _SecBuffIn[URL_IDX].pvBuffer = _pRequest->GetURL(); }
_SecBuffIn[URL_IDX].cbBuffer = strlen((LPSTR) _SecBuffIn[URL_IDX].pvBuffer); _SecBuffIn[URL_IDX].BufferType = SECBUFFER_TOKEN;
// HTTP method.
_SecBuffIn[METHOD_IDX].cbBuffer = MapHttpMethodType(_pRequest->GetMethodType(), (LPCSTR*) &_SecBuffIn[METHOD_IDX].pvBuffer); _SecBuffIn[METHOD_IDX].BufferType = SECBUFFER_TOKEN;
// User and pass might be provided from pwc entry. Use only if
// we have a challenge header (we don't pre-auth using supplied creds).
if (dwISCMode == ISC_MODE_AUTH && _pPWC->lpszUser && *_pPWC->lpszUser && _pPWC->lpszPass && *_pPWC->lpszPass) { // User.
_SecBuffIn[USER_IDX].pvBuffer = _pPWC->lpszUser; _SecBuffIn[USER_IDX].cbBuffer = strlen(_pPWC->lpszUser); _SecBuffIn[USER_IDX].BufferType = SECBUFFER_TOKEN;
// Pass.
_SecBuffIn[PASS_IDX].pvBuffer = _pPWC->lpszPass; _SecBuffIn[PASS_IDX].cbBuffer = strlen(_pPWC->lpszPass); _SecBuffIn[PASS_IDX].BufferType = SECBUFFER_TOKEN; *pdwSecFlags = ISC_REQ_USE_SUPPLIED_CREDS; } else { // User.
_SecBuffIn[USER_IDX].pvBuffer = NULL; _SecBuffIn[USER_IDX].cbBuffer = 0; _SecBuffIn[USER_IDX].BufferType = SECBUFFER_TOKEN;
// Pass.
_SecBuffIn[PASS_IDX].pvBuffer = NULL; _SecBuffIn[PASS_IDX].cbBuffer = 0; _SecBuffIn[PASS_IDX].BufferType = SECBUFFER_TOKEN; }
if (dwISCMode == ISC_MODE_UI) *pdwSecFlags = ISC_REQ_PROMPT_FOR_CREDS; // Out Buffer.
_SecBuffOutDesc.cBuffers = 1; _SecBuffOutDesc.pBuffers = _SecBuffOut; _SecBuffOut[0].pvBuffer = szOutBuf; _SecBuffOut[0].cbBuffer = cbOutBuf; _SecBuffOut[0].BufferType = SECBUFFER_TOKEN;
DEBUG_LEAVE(0);}
/*---------------------------------------------------------------------------
Constructor---------------------------------------------------------------------------*/DIGEST_CTX::DIGEST_CTX(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy, SPMData *pSPM, PWC* pPWC) : AUTHCTX(pSPM, pPWC){ SECURITY_STATUS ssResult; _fIsProxy = fIsProxy; _pRequest = pRequest;
_szAlloc = NULL; _szData = NULL; _pvContext = NULL; _szRequestUri = NULL; _cbData = 0; _cbContext = 0; _nRetries = 0; // Zero out the security buffers and request context.
memset(&_SecBuffInDesc, 0, sizeof(_SecBuffInDesc)); memset(&_SecBuffOutDesc, 0, sizeof(_SecBuffInDesc)); memset(_SecBuffIn, 0, sizeof(_SecBuffIn)); memset(_SecBuffOut, 0, sizeof(_SecBuffOut)); memset(&_hCtxt, 0, sizeof(_hCtxt)); // Is this the first time that the digest SSPI package
// is being called for this process.
if (!g_pFuncTbl) { // Get the global SSPI dispatch table.
GetFuncTbl();
DIGEST_PKG_DATA PkgData; SEC_WINNT_AUTH_IDENTITY_EXA SecIdExA;
// Logon with szAppCtx = szUserCtx = NULL.
PkgData.szAppCtx = PkgData.szUserCtx = NULL; memset(&SecIdExA, 0, sizeof(SEC_WINNT_AUTH_IDENTITY_EXA));
SecIdExA.Version = sizeof(SEC_WINNT_AUTH_IDENTITY_EXA); SecIdExA.User = (unsigned char*) &PkgData; SecIdExA.UserLength = sizeof(DIGEST_PKG_DATA); // Get the global credentials handle.
ssResult = (*(g_pFuncTbl->AcquireCredentialsHandleA)) (NULL, "Digest", SECPKG_CRED_OUTBOUND, NULL, &SecIdExA, NULL, 0, &g_hCred, NULL); }}
/*---------------------------------------------------------------------------
DIGEST_CTX::PromptForCreds---------------------------------------------------------------------------*/DWORD DIGEST_CTX::PromptForCreds(HWND hWnd){ DEBUG_ENTER (( DBG_HTTPAUTH, Dword, "DIGEST_CTX::PromptForCreds", "this=%#x hwnd=%#x", this, hWnd ));
SECURITY_STATUS ssResult; // Prompt for the credentials.
INET_ASSERT(_pvContext); _cbContext = OUTPUT_BUFFER_LEN;
DWORD sf; InitSecurityBuffers((LPSTR) _pvContext, _cbContext, &sf, ISC_MODE_UI);
_SecBuffIn[HWND_IDX].pvBuffer = &hWnd; _SecBuffIn[HWND_IDX].cbBuffer = sizeof(HWND);
ssResult = (*(g_pFuncTbl->InitializeSecurityContextA))(&g_hCred, &_hCtxt, NULL, sf, 0, 0, &_SecBuffInDesc, 0, &_hCtxt, &_SecBuffOutDesc, NULL, NULL);
_cbContext = _SecBuffOutDesc.pBuffers[0].cbBuffer;
if (ssResult == SEC_E_NO_CREDENTIALS) { DEBUG_LEAVE(ERROR_CANCELLED); return ERROR_CANCELLED; }
DEBUG_LEAVE((DWORD) ssResult); return (DWORD) ssResult;}
/*---------------------------------------------------------------------------
Destructor---------------------------------------------------------------------------*/DIGEST_CTX::~DIGEST_CTX(){ if (_szAlloc) delete _szAlloc;
if (_pvContext) delete _pvContext;
if (_szRequestUri) delete _szRequestUri;}
/*---------------------------------------------------------------------------
PreAuthUser---------------------------------------------------------------------------*/DWORD DIGEST_CTX::PreAuthUser(OUT LPSTR pBuff, IN OUT LPDWORD pcbBuff){ DEBUG_ENTER (( DBG_HTTPAUTH, Dword, "DIGEST_CTX::PreAuthUser", "this=%#x pBuf=%#x pcbBuf=%#x {%d}", this, pBuff, pcbBuff, *pcbBuff ));
AuthLock();
SECURITY_STATUS ssResult = SEC_E_OK; INET_ASSERT(_pSPMData == _pPWC->pSPM);
// If a response has been generated copy into output buffer.
if (_cbContext) { memcpy(pBuff, _pvContext, _cbContext); *pcbBuff = _cbContext; } // Otherwise attempt to preauthenticate.
else { // Call into the SSPI package.
DWORD sf; InitSecurityBuffers(pBuff, *pcbBuff, &sf, ISC_MODE_PREAUTH); ssResult = (*(g_pFuncTbl->InitializeSecurityContext))(&g_hCred, NULL, NULL, sf, 0, 0, &_SecBuffInDesc, 0, &_hCtxt, &_SecBuffOutDesc, NULL, NULL); *pcbBuff = _SecBuffOut[0].cbBuffer; }
AuthUnlock(); DEBUG_LEAVE((DWORD) ssResult); return (DWORD) ssResult;}
/*---------------------------------------------------------------------------
UpdateFromHeaders---------------------------------------------------------------------------*/DWORD DIGEST_CTX::UpdateFromHeaders(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy){ DEBUG_ENTER (( DBG_HTTPAUTH, Dword, "DIGEST_CTX::UpdateFromHeaders", "this=%#x request=%#x isproxy=%B", this, pRequest, fIsProxy ));
DWORD dwError, cbExtra, dwAuthIdx; LPSTR szAuthHeader, szExtra, szScheme; LPSTR szRealm; DWORD cbRealm;
AuthLock(); // Get the associated header.
if ((dwError = FindHdrIdxFromScheme(&dwAuthIdx)) != ERROR_SUCCESS) goto exit;
// If this auth ctx does not have pwc then it has been
// just been constructed in response to a 401.
if (!_pPWC) { // Get any realm.
dwError = GetAuthHeaderData(pRequest, fIsProxy, "Realm", &szRealm, &cbRealm, ALLOCATE_BUFFER, dwAuthIdx);
_pPWC = FindOrCreatePWC(pRequest, fIsProxy, _pSPMData, szRealm);
if (_pPWC) { INET_ASSERT(_pPWC->pSPM == _pSPMData); _pPWC->nLockCount++; } else { dwError = ERROR_INTERNET_INTERNAL_ERROR; goto exit; } }
// Updating the buffer - delete old one if necessary.
if (_szAlloc) { delete _szAlloc; _szAlloc = _szData = NULL; _cbData = 0; }
// Get the entire authentication header.
dwError = GetAuthHeaderData(pRequest, fIsProxy, NULL, &_szAlloc, &_cbData, ALLOCATE_BUFFER, dwAuthIdx); // Point just past scheme
_szData = _szAlloc; while (*_szData != ' ') { _szData++; _cbData--; }
// The request will be retried.
dwError = ERROR_SUCCESS;exit: AuthUnlock(); DEBUG_LEAVE(dwError); return dwError;}
/*---------------------------------------------------------------------------
PostAuthUser---------------------------------------------------------------------------*/DWORD DIGEST_CTX::PostAuthUser(){ DEBUG_ENTER (( DBG_HTTPAUTH, Dword, "DIGEST_CTX::PostAuthUser", "this=%#x", this ));
INET_ASSERT(_pSPMData == _pPWC->pSPM);
AuthLock(); DWORD dwError; SECURITY_STATUS ssResult;
// Allocate an output buffer if not done so already.
if (!_pvContext) { _pvContext = new CHAR[OUTPUT_BUFFER_LEN]; if (!_pvContext) { dwError = ERROR_NOT_ENOUGH_MEMORY; goto exit; } }
_cbContext = OUTPUT_BUFFER_LEN;
if (_nRetries++ < MAX_SILENT_RETRIES) { // If we pre-authenticated, treat as second
// or subsequent attempt. We depend on the
// server correctly sending stale=FALSE (or no stale)
// if the credentials sent during pre-auth were bad.
// In this case the digest pkg will return SEC_E_NO_CREDENTIALS
// and we will prompt for credentials.
// BUGBUG - Use ApplyControlToken
if (_nRetries == 1 && _pRequest->GetPWC()) { // Increment num of retries to 2
_nRetries++;
// The dwLower member has to have the correct value
// so that secur32.dll can route to correct provider.
_hCtxt.dwLower = g_hCred.dwLower; }
// Call into the SSPI package.
DWORD sf; InitSecurityBuffers((LPSTR) _pvContext, _cbContext, &sf, ISC_MODE_AUTH); ssResult = (*(g_pFuncTbl->InitializeSecurityContext)) (&g_hCred, (_nRetries == 1 ? NULL : &_hCtxt), NULL, sf, 0, 0, &_SecBuffInDesc, 0, &_hCtxt, &_SecBuffOutDesc, NULL, NULL); _cbContext = _SecBuffOutDesc.pBuffers[0].cbBuffer; switch(ssResult) { case SEC_E_OK: { dwError = ERROR_INTERNET_FORCE_RETRY; break; } case SEC_E_NO_CREDENTIALS: { dwError = ERROR_INTERNET_INCORRECT_PASSWORD; break; } case SEC_E_CONTEXT_EXPIRED: { dwError = ERROR_INTERNET_LOGIN_FAILURE_DISPLAY_ENTITY_BODY; break; } default: dwError = ERROR_INTERNET_LOGIN_FAILURE; } } else { _cbContext = 0; _nRetries = 0; dwError = ERROR_INTERNET_INCORRECT_PASSWORD; }
exit: _pRequest->SetPWC(NULL); AuthUnlock(); DEBUG_LEAVE(dwError); return dwError;}
/*---------------------------------------------------------------------------
Flush creds---------------------------------------------------------------------------*/VOID DIGEST_CTX::FlushCreds(){ DEBUG_ENTER (( DBG_HTTPAUTH, None, "DIGEST_CTX::FlushCreds", NULL ));
DWORD ssResult; if (g_pFuncTbl) { DWORD sf = ISC_REQ_NULL_SESSION; ssResult = (*(g_pFuncTbl->InitializeSecurityContext))(&g_hCred, NULL, NULL, sf, 0, 0, NULL, 0, NULL, NULL, NULL, NULL); }
DEBUG_LEAVE(0);}
/*---------------------------------------------------------------------------
Logoff---------------------------------------------------------------------------*/VOID DIGEST_CTX::Logoff(){ DEBUG_ENTER (( DBG_HTTPAUTH, None, "DIGEST_CTX::Logoff", NULL ));
DWORD ssResult; if (g_pFuncTbl) { ssResult = (*(g_pFuncTbl->FreeCredentialsHandle))(&g_hCred); }
DEBUG_LEAVE(0);}
|
