mirror of
git://source.winehq.org/git/wine.git
synced 2024-11-05 18:01:34 +00:00
0524963d7d
Signed-off-by: Jacek Caban <jacek@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>
323 lines
13 KiB
C
323 lines
13 KiB
C
/*
|
|
* Copyright 2005, 2006 Kai Blin
|
|
* Copyright 2016 Jacek Caban for CodeWeavers
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
|
*/
|
|
|
|
#include <assert.h>
|
|
#include <stdarg.h>
|
|
#include <stdio.h>
|
|
|
|
#include "windef.h"
|
|
#include "winbase.h"
|
|
#include "rpc.h"
|
|
#include "sspi.h"
|
|
|
|
#include "secur32_priv.h"
|
|
|
|
#include "wine/debug.h"
|
|
|
|
WINE_DEFAULT_DEBUG_CHANNEL(secur32);
|
|
|
|
#define KERBEROS_MAX_BUF 12000
|
|
|
|
/***********************************************************************
|
|
* QueryCredentialsAttributesA
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesA(CredHandle *phCredential, ULONG ulAttribute, void *pBuffer)
|
|
{
|
|
FIXME("(%p %d %p)\n", phCredential, ulAttribute, pBuffer);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* QueryCredentialsAttributesW
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_QueryCredentialsAttributesW(CredHandle *phCredential, ULONG ulAttribute, void *pBuffer)
|
|
{
|
|
FIXME("(%p, %d, %p)\n", phCredential, ulAttribute, pBuffer);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* AcquireCredentialsHandleW
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleW(SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse,
|
|
LUID *pLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pGetKeyArgument, CredHandle *phCredential, TimeStamp *ptsExpiry)
|
|
{
|
|
FIXME("(%s %s 0x%08x %p %p %p %p %p %p)\n", debugstr_w(pszPrincipal), debugstr_w(pszPackage), fCredentialUse,
|
|
pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
|
|
return SEC_E_NO_CREDENTIALS;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* AcquireCredentialsHandleA
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_AcquireCredentialsHandleA(SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse,
|
|
LUID *pLogonID, void *pAuthData, SEC_GET_KEY_FN pGetKeyFn, void *pGetKeyArgument, CredHandle *phCredential, TimeStamp *ptsExpiry)
|
|
{
|
|
FIXME("(%s %s 0x%08x %p %p %p %p %p %p)\n", debugstr_a(pszPrincipal), debugstr_a(pszPackage), fCredentialUse,
|
|
pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* InitializeSecurityContextW
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextW(CredHandle *phCredential, CtxtHandle *phContext, SEC_WCHAR *pszTargetName,
|
|
ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, SecBufferDesc *pInput, ULONG Reserved2, CtxtHandle *phNewContext,
|
|
SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
|
|
{
|
|
FIXME("(%p %p %s 0x%08x %d %d %p %d %p %p %p %p)\n", phCredential, phContext, debugstr_w(pszTargetName),
|
|
fContextReq, Reserved1, TargetDataRep, pInput, Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* InitializeSecurityContextA
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_InitializeSecurityContextA(CredHandle *phCredential, CtxtHandle *phContext, SEC_CHAR *pszTargetName,
|
|
ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, SecBufferDesc *pInput, ULONG Reserved2, CtxtHandle *phNewContext,
|
|
SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
|
|
{
|
|
FIXME("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext, debugstr_a(pszTargetName), fContextReq,
|
|
Reserved1, TargetDataRep, pInput, Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* AcceptSecurityContext
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_AcceptSecurityContext(CredHandle *phCredential, CtxtHandle *phContext, SecBufferDesc *pInput,
|
|
ULONG fContextReq, ULONG TargetDataRep, CtxtHandle *phNewContext, SecBufferDesc *pOutput, ULONG *pfContextAttr, TimeStamp *ptsExpiry)
|
|
{
|
|
FIXME("(%p %p %p %d %d %p %p %p %p)\n", phCredential, phContext, pInput, fContextReq, TargetDataRep, phNewContext, pOutput,
|
|
pfContextAttr, ptsExpiry);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* CompleteAuthToken
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_CompleteAuthToken(CtxtHandle *phContext, SecBufferDesc *pToken)
|
|
{
|
|
FIXME("(%p %p)\n", phContext, pToken);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* DeleteSecurityContext
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_DeleteSecurityContext(CtxtHandle *phContext)
|
|
{
|
|
FIXME("(%p)\n", phContext);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* QueryContextAttributesW
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesW(CtxtHandle *phContext, ULONG ulAttribute, void *pBuffer)
|
|
{
|
|
FIXME("(%p %d %p)\n", phContext, ulAttribute, pBuffer);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* QueryContextAttributesA
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_QueryContextAttributesA(CtxtHandle *phContext, ULONG ulAttribute, void *pBuffer)
|
|
{
|
|
FIXME("(%p %d %p)\n", phContext, ulAttribute, pBuffer);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* ImpersonateSecurityContext
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_ImpersonateSecurityContext(CtxtHandle *phContext)
|
|
{
|
|
FIXME("(%p)\n", phContext);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* RevertSecurityContext
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_RevertSecurityContext(CtxtHandle *phContext)
|
|
{
|
|
FIXME("(%p)\n", phContext);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* MakeSignature
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature(CtxtHandle *phContext, ULONG fQOP, SecBufferDesc *pMessage, ULONG MessageSeqNo)
|
|
{
|
|
FIXME("(%p %d %p %d)\n", phContext, fQOP, pMessage, MessageSeqNo);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* VerifySignature
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature(CtxtHandle *phContext, SecBufferDesc *pMessage, ULONG MessageSeqNo, PULONG pfQOP)
|
|
{
|
|
FIXME("(%p %p %d %p)\n", phContext, pMessage, MessageSeqNo, pfQOP);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* FreeCredentialsHandle
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_FreeCredentialsHandle(PCredHandle phCredential)
|
|
{
|
|
FIXME("(%p)\n", phCredential);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* EncryptMessage
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_EncryptMessage(CtxtHandle *phContext, ULONG fQOP, SecBufferDesc *pMessage, ULONG MessageSeqNo)
|
|
{
|
|
FIXME("(%p %d %p %d)\n", phContext, fQOP, pMessage, MessageSeqNo);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
/***********************************************************************
|
|
* DecryptMessage
|
|
*/
|
|
static SECURITY_STATUS SEC_ENTRY kerberos_DecryptMessage(CtxtHandle *phContext, SecBufferDesc *pMessage, ULONG MessageSeqNo, PULONG pfQOP)
|
|
{
|
|
FIXME("(%p %p %d %p)\n", phContext, pMessage, MessageSeqNo, pfQOP);
|
|
return SEC_E_UNSUPPORTED_FUNCTION;
|
|
}
|
|
|
|
static const SecurityFunctionTableA kerberosTableA = {
|
|
1,
|
|
NULL, /* EnumerateSecurityPackagesA */
|
|
kerberos_QueryCredentialsAttributesA, /* QueryCredentialsAttributesA */
|
|
kerberos_AcquireCredentialsHandleA, /* AcquireCredentialsHandleA */
|
|
kerberos_FreeCredentialsHandle, /* FreeCredentialsHandle */
|
|
NULL, /* Reserved2 */
|
|
kerberos_InitializeSecurityContextA, /* InitializeSecurityContextA */
|
|
kerberos_AcceptSecurityContext, /* AcceptSecurityContext */
|
|
kerberos_CompleteAuthToken, /* CompleteAuthToken */
|
|
kerberos_DeleteSecurityContext, /* DeleteSecurityContext */
|
|
NULL, /* ApplyControlToken */
|
|
kerberos_QueryContextAttributesA, /* QueryContextAttributesA */
|
|
kerberos_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
|
|
kerberos_RevertSecurityContext, /* RevertSecurityContext */
|
|
kerberos_MakeSignature, /* MakeSignature */
|
|
kerberos_VerifySignature, /* VerifySignature */
|
|
FreeContextBuffer, /* FreeContextBuffer */
|
|
NULL, /* QuerySecurityPackageInfoA */
|
|
NULL, /* Reserved3 */
|
|
NULL, /* Reserved4 */
|
|
NULL, /* ExportSecurityContext */
|
|
NULL, /* ImportSecurityContextA */
|
|
NULL, /* AddCredentialsA */
|
|
NULL, /* Reserved8 */
|
|
NULL, /* QuerySecurityContextToken */
|
|
kerberos_EncryptMessage, /* EncryptMessage */
|
|
kerberos_DecryptMessage, /* DecryptMessage */
|
|
NULL, /* SetContextAttributesA */
|
|
};
|
|
|
|
static const SecurityFunctionTableW kerberosTableW = {
|
|
1,
|
|
NULL, /* EnumerateSecurityPackagesW */
|
|
kerberos_QueryCredentialsAttributesW, /* QueryCredentialsAttributesW */
|
|
kerberos_AcquireCredentialsHandleW, /* AcquireCredentialsHandleW */
|
|
kerberos_FreeCredentialsHandle, /* FreeCredentialsHandle */
|
|
NULL, /* Reserved2 */
|
|
kerberos_InitializeSecurityContextW, /* InitializeSecurityContextW */
|
|
kerberos_AcceptSecurityContext, /* AcceptSecurityContext */
|
|
kerberos_CompleteAuthToken, /* CompleteAuthToken */
|
|
kerberos_DeleteSecurityContext, /* DeleteSecurityContext */
|
|
NULL, /* ApplyControlToken */
|
|
kerberos_QueryContextAttributesW, /* QueryContextAttributesW */
|
|
kerberos_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
|
|
kerberos_RevertSecurityContext, /* RevertSecurityContext */
|
|
kerberos_MakeSignature, /* MakeSignature */
|
|
kerberos_VerifySignature, /* VerifySignature */
|
|
FreeContextBuffer, /* FreeContextBuffer */
|
|
NULL, /* QuerySecurityPackageInfoW */
|
|
NULL, /* Reserved3 */
|
|
NULL, /* Reserved4 */
|
|
NULL, /* ExportSecurityContext */
|
|
NULL, /* ImportSecurityContextW */
|
|
NULL, /* AddCredentialsW */
|
|
NULL, /* Reserved8 */
|
|
NULL, /* QuerySecurityContextToken */
|
|
kerberos_EncryptMessage, /* EncryptMessage */
|
|
kerberos_DecryptMessage, /* DecryptMessage */
|
|
NULL, /* SetContextAttributesW */
|
|
};
|
|
|
|
#define KERBEROS_COMMENT \
|
|
{'M','i','c','r','o','s','o','f','t',' ','K','e','r','b','e','r','o','s',' ','V','1','.','0',0}
|
|
static CHAR kerberos_comment_A[] = KERBEROS_COMMENT;
|
|
static WCHAR kerberos_comment_W[] = KERBEROS_COMMENT;
|
|
|
|
#define KERBEROS_NAME {'K','e','r','b','e','r','o','s',0}
|
|
static char kerberos_name_A[] = KERBEROS_NAME;
|
|
static WCHAR kerberos_name_W[] = KERBEROS_NAME;
|
|
|
|
#define CAPS \
|
|
( SECPKG_FLAG_INTEGRITY \
|
|
| SECPKG_FLAG_PRIVACY \
|
|
| SECPKG_FLAG_TOKEN_ONLY \
|
|
| SECPKG_FLAG_DATAGRAM \
|
|
| SECPKG_FLAG_CONNECTION \
|
|
| SECPKG_FLAG_MULTI_REQUIRED \
|
|
| SECPKG_FLAG_EXTENDED_ERROR \
|
|
| SECPKG_FLAG_IMPERSONATION \
|
|
| SECPKG_FLAG_ACCEPT_WIN32_NAME \
|
|
| SECPKG_FLAG_NEGOTIABLE \
|
|
| SECPKG_FLAG_GSS_COMPATIBLE \
|
|
| SECPKG_FLAG_LOGON \
|
|
| SECPKG_FLAG_MUTUAL_AUTH \
|
|
| SECPKG_FLAG_DELEGATION \
|
|
| SECPKG_FLAG_READONLY_WITH_CHECKSUM \
|
|
| SECPKG_FLAG_RESTRICTED_TOKENS \
|
|
| SECPKG_FLAG_APPCONTAINER_CHECKS)
|
|
|
|
static const SecPkgInfoW infoW = {
|
|
CAPS,
|
|
1,
|
|
RPC_C_AUTHN_GSS_KERBEROS,
|
|
KERBEROS_MAX_BUF,
|
|
kerberos_name_W,
|
|
kerberos_comment_W
|
|
};
|
|
|
|
static const SecPkgInfoA infoA = {
|
|
CAPS,
|
|
1,
|
|
RPC_C_AUTHN_GSS_KERBEROS,
|
|
KERBEROS_MAX_BUF,
|
|
kerberos_name_A,
|
|
kerberos_comment_A
|
|
};
|
|
|
|
void SECUR32_initKerberosSP(void)
|
|
{
|
|
SecureProvider *provider = SECUR32_addProvider(&kerberosTableA, &kerberosTableW, NULL);
|
|
SECUR32_addPackages(provider, 1, &infoA, &infoW);
|
|
}
|