archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/protocols/schannel/lsa/package.c

487 lines
14 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright (C) Microsoft Corporation, 1992 - 1995.
  5. //
  6. // File: package.c
  7. //
  8. // Contents:
  9. //
  10. // Classes:
  11. //
  12. // Functions:
  13. //
  14. // History: 10-02-96 RichardW Created
  15. //
  16. //----------------------------------------------------------------------------
  18. #include "sslp.h"
  19. #include <ntmsv1_0.h>
  20. #include <wow64t.h>
  22. #define UNISP_NAME_WO L"Microsoft Unified Security Protocol Provider"
  23. #define SSL2SP_NAME_WO L"Microsoft SSL"
  24. #define SSL3SP_NAME_WO L"Microsoft SSL 3.0"
  25. #define PCT1SP_NAME_WO L"Microsoft PCT"
  27. #define SCHANNEL_PACKAGE_NAME L"Schannel"
  28. #define SCHANNEL_PACKAGE_COMMENT L"Schannel Security Package"
  29. #define SCHANNEL_DLL_NAME L"schannel.dll"
  31. DWORD dwSchannelPackageCapabilities = SECPKG_FLAG_INTEGRITY |
  32. SECPKG_FLAG_PRIVACY |
  33. SECPKG_FLAG_CONNECTION |
  34. SECPKG_FLAG_MULTI_REQUIRED |
  35. SECPKG_FLAG_EXTENDED_ERROR |
  36. SECPKG_FLAG_IMPERSONATION |
  37. SECPKG_FLAG_ACCEPT_WIN32_NAME |
  38. // SECPKG_FLAG_NEGOTIABLE |
  39. SECPKG_FLAG_MUTUAL_AUTH |
  40. SECPKG_FLAG_STREAM;
  42. BOOL SslGlobalStrongEncryptionPermitted = FALSE;
  44. // List of (QueryContextAttributes) attributes that are to be
  45. // thunked down to the LSA process.
  46. ULONG ThunkedContextLevels[] = {
  47. SECPKG_ATTR_AUTHORITY,
  48. SECPKG_ATTR_ISSUER_LIST,
  49. SECPKG_ATTR_ISSUER_LIST_EX,
  50. SECPKG_ATTR_LOCAL_CERT_CONTEXT,
  51. SECPKG_ATTR_LOCAL_CRED,
  52. SECPKG_ATTR_EAP_KEY_BLOCK,
  53. SECPKG_ATTR_USE_VALIDATED,
  54. SECPKG_ATTR_CREDENTIAL_NAME,
  55. SECPKG_ATTR_TARGET_INFORMATION,
  56. SECPKG_ATTR_APP_DATA
  57. };
  60. //
  61. // This package exports the following: A unified ssl/tls/pct provider,
  62. // and the same unified provider under a different name. We have to
  63. // keep the original one for backward compatibility, but whistler
  64. // components can start using the new friendlier name.
  65. //
  67. SECPKG_FUNCTION_TABLE SpTable[] = {
  68. { // The Unified Provider
  69. NULL,
  70. NULL,
  71. SpCallPackage,
  72. SpLogonTerminated,
  73. SpCallPackageUntrusted,
  74. SpCallPackagePassthrough,
  75. NULL,
  76. NULL,
  77. SpInitialize,
  78. SpShutdown,
  79. SpUniGetInfo,
  80. SpAcceptCredentials,
  81. SpUniAcquireCredentialsHandle,
  82. SpQueryCredentialsAttributes,
  83. SpFreeCredentialsHandle,
  84. SpSaveCredentials,
  85. SpGetCredentials,
  86. SpDeleteCredentials,
  87. SpInitLsaModeContext,
  88. SpAcceptLsaModeContext,
  89. SpDeleteContext,
  90. SpApplyControlToken,
  91. SpGetUserInfo,
  92. SpGetExtendedInformation,
  93. SpLsaQueryContextAttributes,
  94. NULL,
  95. NULL,
  96. SpSetContextAttributes
  97. },
  98. { // The Unified Provider
  99. NULL,
  100. NULL,
  101. SpCallPackage,
  102. SpLogonTerminated,
  103. SpCallPackageUntrusted,
  104. SpCallPackagePassthrough,
  105. NULL,
  106. NULL,
  107. SpInitialize,
  108. SpShutdown,
  109. SpSslGetInfo,
  110. SpAcceptCredentials,
  111. SpUniAcquireCredentialsHandle,
  112. SpQueryCredentialsAttributes,
  113. SpFreeCredentialsHandle,
  114. SpSaveCredentials,
  115. SpGetCredentials,
  116. SpDeleteCredentials,
  117. SpInitLsaModeContext,
  118. SpAcceptLsaModeContext,
  119. SpDeleteContext,
  120. SpApplyControlToken,
  121. SpGetUserInfo,
  122. SpGetExtendedInformation,
  123. SpLsaQueryContextAttributes,
  124. NULL,
  125. NULL,
  126. SpSetContextAttributes
  127. }
  128. };
  131. ULONG_PTR SpPackageId;
  132. PLSA_SECPKG_FUNCTION_TABLE LsaTable ;
  133. BOOL SpInitialized = FALSE ;
  134. HINSTANCE hDllInstance ;
  135. BOOL ReplaceBaseProvider = TRUE;
  136. TOKEN_SOURCE SslTokenSource ;
  137. SECURITY_STRING SslNamePrefix = { 8, 10, L"X509" };
  138. SECURITY_STRING SslComputerName ;
  139. SECURITY_STRING SslDomainName ;
  140. SECURITY_STRING SslPackageName ;
  141. SECURITY_STRING SslMsvName ;
  142. extern PWSTR SslDnsDomainName ;
  144. //+---------------------------------------------------------------------------
  145. //
  146. // Function: SpLsaModeInitialize
  147. //
  148. // Synopsis: LSA Mode Initialization Function
  149. //
  150. // Arguments: [LsaVersion] --
  151. // [PackageVersion] --
  152. // [Table] --
  153. // [TableCount] --
  154. //
  155. // History: 10-03-96 RichardW Created
  156. //
  157. // Notes:
  158. //
  159. //----------------------------------------------------------------------------
  160. SECURITY_STATUS
  161. SEC_ENTRY
  162. SpLsaModeInitialize(
  163. IN ULONG LsaVersion,
  164. OUT PULONG PackageVersion,
  165. OUT PSECPKG_FUNCTION_TABLE * Table,
  166. OUT PULONG TableCount)
  167. {
  168. HKEY hKey;
  169. int err;
  170. DWORD type;
  171. DWORD size;
  173. *PackageVersion = SECPKG_INTERFACE_VERSION_2;
  174. *Table = SpTable ;
  175. *TableCount = sizeof( SpTable ) / sizeof( SECPKG_FUNCTION_TABLE );
  178. return( SEC_E_OK );
  179. }
  182. //+---------------------------------------------------------------------------
  183. //
  184. // Function: SpInitialize
  185. //
  186. // Synopsis: Package Initialization Function
  187. //
  188. // Arguments: [dwPackageID] --
  189. // [pParameters] --
  190. // [Table] --
  191. //
  192. // History: 10-03-96 RichardW Created
  193. //
  194. // Notes:
  195. //
  196. //----------------------------------------------------------------------------
  197. SECURITY_STATUS
  198. SEC_ENTRY
  199. SpInitialize(
  200. ULONG_PTR dwPackageID,
  201. PSECPKG_PARAMETERS pParameters,
  202. PLSA_SECPKG_FUNCTION_TABLE Table)
  203. {
  204. WCHAR ComputerName[ 32 ];
  205. DWORD Size ;
  206. UNICODE_STRING Temp ;
  208. if ( !SpInitialized )
  209. {
  210. SpPackageId = dwPackageID ;
  211. LsaTable = Table ;
  213. CopyMemory( SslTokenSource.SourceName, "SChannel", 8 );
  214. AllocateLocallyUniqueId( &SslTokenSource.SourceIdentifier );
  216. Size = sizeof( ComputerName ) / sizeof( WCHAR );
  218. GetComputerName( ComputerName, &Size );
  220. RtlInitUnicodeString( &Temp, ComputerName );
  222. SslDuplicateString( &SslComputerName, &Temp );
  224. SslDuplicateString( &SslDomainName, &pParameters->DomainName );
  226. RtlInitUnicodeString( &SslPackageName, UNISP_NAME_W );
  228. RtlCreateUnicodeStringFromAsciiz( &SslMsvName, MSV1_0_PACKAGE_NAME );
  230. if ( !SslDnsDomainName )
  231. {
  232. DWORD DnsDomainLength = 0 ;
  234. GetComputerNameEx( ComputerNameDnsDomain, NULL, &DnsDomainLength );
  236. SslDnsDomainName = LocalAlloc( LMEM_FIXED,
  237. (DnsDomainLength + 1) * sizeof(WCHAR) );
  239. if ( SslDnsDomainName )
  240. {
  241. DnsDomainLength++ ;
  243. GetComputerNameEx( ComputerNameDnsDomain, SslDnsDomainName, &DnsDomainLength );
  245. }
  246. }
  248. if ((pParameters->MachineState & SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED) != 0)
  249. {
  250. SslGlobalStrongEncryptionPermitted = TRUE;
  251. }
  253. SpInitialized = TRUE;
  254. }
  256. return(S_OK);
  257. }
  259. //+---------------------------------------------------------------------------
  260. //
  261. // Function: SpUniGetInfo
  262. //
  263. // Synopsis: Get Package Information
  264. //
  265. // Arguments: [pInfo] --
  266. //
  267. // History: 10-03-96 RichardW Created
  268. //
  269. // Notes:
  270. //
  271. //----------------------------------------------------------------------------
  272. SECURITY_STATUS
  273. SEC_ENTRY
  274. SpUniGetInfo(
  275. PSecPkgInfo pInfo
  276. )
  277. {
  278. pInfo->wVersion = 1;
  279. pInfo->wRPCID = UNISP_RPC_ID;
  280. pInfo->fCapabilities = dwSchannelPackageCapabilities;
  281. pInfo->cbMaxToken = 0x4000;
  282. pInfo->Name = ReplaceBaseProvider ? UNISP_NAME_WO : UNISP_NAME_W ;
  283. pInfo->Comment = UNISP_NAME_W ;
  285. return(S_OK);
  286. }
  288. //+---------------------------------------------------------------------------
  289. //
  290. // Function: SpSslGetInfo
  291. //
  292. // Synopsis: Get Package Information
  293. //
  294. // Arguments: [pInfo] --
  295. //
  296. // History: 10-03-96 RichardW Created
  297. //
  298. // Notes:
  299. //
  300. //----------------------------------------------------------------------------
  301. SECURITY_STATUS
  302. SEC_ENTRY
  303. SpSslGetInfo(
  304. PSecPkgInfo pInfo
  305. )
  306. {
  307. pInfo->wVersion = 1;
  308. pInfo->wRPCID = UNISP_RPC_ID;
  309. pInfo->fCapabilities = dwSchannelPackageCapabilities;
  310. pInfo->cbMaxToken = 0x4000;
  311. pInfo->Name = SCHANNEL_PACKAGE_NAME;
  312. pInfo->Comment = SCHANNEL_PACKAGE_COMMENT;
  314. return(S_OK);
  315. }
  317. //+---------------------------------------------------------------------------
  318. //
  319. // Function: SslDuplicateString
  320. //
  321. // Synopsis: Duplicate a unicode string
  322. //
  323. // Arguments: [Dest] --
  324. // [Source] --
  325. //
  326. // History: 10-18-96 RichardW Created
  327. //
  328. // Notes:
  329. //
  330. //----------------------------------------------------------------------------
  331. NTSTATUS
  332. SslDuplicateString(
  333. PUNICODE_STRING Dest,
  334. PUNICODE_STRING Source
  335. )
  336. {
  337. Dest->Buffer = (PWSTR) SPExternalAlloc( Source->Length + sizeof(WCHAR) );
  338. if ( Dest->Buffer )
  339. {
  340. Dest->Length = Source->Length ;
  341. Dest->MaximumLength = Source->Length + sizeof(WCHAR) ;
  342. CopyMemory( Dest->Buffer, Source->Buffer, Source->Length );
  343. Dest->Buffer[ Dest->Length / 2 ] = L'\0';
  345. return( STATUS_SUCCESS );
  346. }
  348. return( STATUS_NO_MEMORY );
  349. }
  351. //+---------------------------------------------------------------------------
  352. //
  353. // Function: SpGetExtendedInformation
  354. //
  355. // Synopsis: Return extended information to the LSA
  356. //
  357. // Arguments: [Class] -- Information Class
  358. // [pInfo] -- Returned Information Pointer
  359. //
  360. // History: 3-24-97 ramas Created
  361. //
  362. // Notes:
  363. //
  364. //----------------------------------------------------------------------------
  365. SECURITY_STATUS
  366. SEC_ENTRY
  367. SpGetExtendedInformation(
  368. SECPKG_EXTENDED_INFORMATION_CLASS Class,
  369. PSECPKG_EXTENDED_INFORMATION * pInfo
  370. )
  371. {
  372. PSECPKG_EXTENDED_INFORMATION Info ;
  373. PWSTR pszPath;
  374. SECURITY_STATUS Status ;
  375. ULONG Size ;
  377. switch ( Class )
  378. {
  379. case SecpkgContextThunks:
  380. Info = (PSECPKG_EXTENDED_INFORMATION) LsaTable->AllocateLsaHeap(
  381. sizeof( SECPKG_EXTENDED_INFORMATION ) +
  382. sizeof( ThunkedContextLevels ) );
  384. if ( Info )
  385. {
  386. Info->Class = Class ;
  387. Info->Info.ContextThunks.InfoLevelCount =
  388. sizeof( ThunkedContextLevels ) / sizeof( ULONG );
  389. CopyMemory( Info->Info.ContextThunks.Levels,
  390. ThunkedContextLevels,
  391. sizeof( ThunkedContextLevels ) );
  393. Status = SEC_E_OK ;
  395. }
  396. else
  397. {
  398. Status = SEC_E_INSUFFICIENT_MEMORY ;
  399. }
  401. break;
  403. #ifdef LATER
  404. case SecpkgGssInfo:
  405. Info = (PSECPKG_EXTENDED_INFORMATION) LsaTable->AllocateLsaHeap(
  406. sizeof( SECPKG_EXTENDED_INFORMATION ) +
  407. sizeof( Md5Oid ) );
  409. if ( Info )
  410. {
  411. Info->Class = Class ;
  413. Info->Info.GssInfo.EncodedIdLength = sizeof( Md5Oid );
  415. CopyMemory( Info->Info.GssInfo.EncodedId,
  416. Md5Oid,
  417. sizeof( Md5Oid ) );
  419. Status = SEC_E_OK ;
  421. }
  422. else
  423. {
  424. Status = SEC_E_INSUFFICIENT_MEMORY ;
  425. }
  426. #endif
  428. case SecpkgWowClientDll:
  430. //
  431. // This indicates that we're smart enough to handle wow client processes
  432. //
  434. Info = (PSECPKG_EXTENDED_INFORMATION)
  435. LsaTable->AllocateLsaHeap( sizeof( SECPKG_EXTENDED_INFORMATION ) +
  436. (MAX_PATH * sizeof(WCHAR) ) );
  438. if ( Info == NULL )
  439. {
  440. Status = STATUS_INSUFFICIENT_RESOURCES ;
  441. break;
  442. }
  443. pszPath = (PWSTR) (Info + 1);
  445. Size = GetSystemWow64Directory(pszPath, MAX_PATH);
  446. if(Size == 0)
  447. {
  448. // This call will fail on x86 platforms.
  449. Status = SEC_E_UNSUPPORTED_FUNCTION;
  450. LsaTable->FreeLsaHeap(Info);
  451. break;
  452. }
  454. if(Size + 1 + wcslen(SCHANNEL_DLL_NAME) >= MAX_PATH)
  455. {
  456. Status = STATUS_INSUFFICIENT_RESOURCES ;
  457. LsaTable->FreeLsaHeap(Info);
  458. break;
  459. }
  461. wcscat(pszPath, L"\\");
  462. wcscat(pszPath, SCHANNEL_DLL_NAME);
  464. Size += 1 + wcslen(SCHANNEL_DLL_NAME);
  466. Info->Class = SecpkgWowClientDll ;
  467. Info->Info.WowClientDll.WowClientDllPath.Buffer = pszPath;
  468. Info->Info.WowClientDll.WowClientDllPath.Length = (USHORT) (Size * sizeof(WCHAR));
  469. Info->Info.WowClientDll.WowClientDllPath.MaximumLength = (USHORT) ((Size + 1) * sizeof(WCHAR) );
  471. Status = SEC_E_OK;
  472. break;
  474. default:
  475. Status = SEC_E_UNSUPPORTED_FUNCTION ;
  476. Info = NULL ;
  477. break;
  479. }
  481. *pInfo = Info ;
  482. return Status ;
  483. }