Ejemplo n.º 1
0
bool CSSPIHandler::InitProtocol(const char *protocol)
{
	if(QuerySecurityPackageInfoA( (char*)protocol, &m_secPackInfo ) != SEC_E_OK)
		return false;
	if(!m_secPackInfo)
		return false;

	m_currentProtocol = protocol;
	return true;
}
Ejemplo n.º 2
0
static void test_kerberos(void)
{
    SecPkgInfoA *info;
    TimeStamp ttl;
    CredHandle cred;
    SECURITY_STATUS status;

    SEC_CHAR provider[] = {'K','e','r','b','e','r','o','s',0};

    static const ULONG expected_flags =
          SECPKG_FLAG_INTEGRITY
        | SECPKG_FLAG_PRIVACY
        | SECPKG_FLAG_TOKEN_ONLY
        | SECPKG_FLAG_DATAGRAM
        | SECPKG_FLAG_CONNECTION
        | SECPKG_FLAG_MULTI_REQUIRED
        | SECPKG_FLAG_EXTENDED_ERROR
        | SECPKG_FLAG_IMPERSONATION
        | SECPKG_FLAG_ACCEPT_WIN32_NAME
        | SECPKG_FLAG_NEGOTIABLE
        | SECPKG_FLAG_GSS_COMPATIBLE
        | SECPKG_FLAG_LOGON
        | SECPKG_FLAG_MUTUAL_AUTH
        | SECPKG_FLAG_DELEGATION
        | SECPKG_FLAG_READONLY_WITH_CHECKSUM;
    static const ULONG optional_mask =
          SECPKG_FLAG_RESTRICTED_TOKENS
        | SECPKG_FLAG_APPCONTAINER_CHECKS;

    status = QuerySecurityPackageInfoA(provider, &info);
    ok(status == SEC_E_OK, "Kerberos package not installed, skipping test\n");
    if(status != SEC_E_OK)
        return;

    ok( (info->fCapabilities & ~optional_mask) == expected_flags, "got %08x, expected %08x\n", info->fCapabilities, expected_flags );
    ok( info->wVersion == 1, "got %u\n", info->wVersion );
    ok( info->wRPCID == RPC_C_AUTHN_GSS_KERBEROS, "got %u\n", info->wRPCID );
    ok( info->cbMaxToken >= 12000, "got %u\n", info->cbMaxToken );
    ok( !lstrcmpA( info->Name, "Kerberos" ), "got %s\n", info->Name );
    ok( !lstrcmpA( info->Comment, "Microsoft Kerberos V1.0" ), "got %s\n", info->Comment );
    FreeContextBuffer( info );

    status = AcquireCredentialsHandleA( NULL, provider, SECPKG_CRED_OUTBOUND, NULL,
                                        NULL, NULL, NULL, &cred, &ttl );
    todo_wine ok( status == SEC_E_OK, "AcquireCredentialsHandleA returned %08x\n", status );
    if(status == SEC_E_OK)
        FreeCredentialHandle( &cred );
}
Ejemplo n.º 3
0
BOOL DoAuthentication (void)
{
	SECURITY_STATUS   	ss;
	DWORD 			  	cbIn;
	DWORD		      	cbOut;
	DWORD 			  	g_cbMaxMessage;
	BOOL              	done = FALSE;
	BOOL		      	fDone = FALSE;
	BOOL              	fNewConversation = TRUE;
	TimeStamp         	Lifetime;
	PSecPkgInfoA	  	pkgInfo;
	CredHandle        	hcred;
	CredHandle 	      	hCcred;
	struct _SecHandle 	hctxt;
	struct _SecHandle 	hCctxt;
	PBYTE 			  	g_pInBuf = NULL;
	PBYTE 			  	g_pOutBuf = NULL;
	SEC_CHAR          	g_lpPackageName[1024];
	PBYTE				nonce, clientnonce, lmhash, nthash;
	PCHAR pUserName = NULL;
	DWORD cbUserName = 0;



	lstrcpynA (g_lpPackageName, "NTLM",5);
	ss = QuerySecurityPackageInfoA ( g_lpPackageName, &pkgInfo);
	if (!SEC_SUCCESS(ss)) MyHandleError("Could not query package");

	g_cbMaxMessage = pkgInfo->cbMaxToken;
	FreeContextBuffer(pkgInfo);
	g_pInBuf = (PBYTE) malloc (g_cbMaxMessage);
	g_pOutBuf = (PBYTE) malloc (g_cbMaxMessage);
   
	if (NULL == g_pInBuf || NULL == g_pOutBuf) MyHandleError("Memory allocation");

	ss = AcquireCredentialsHandleA (NULL, g_lpPackageName, SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, &hcred, &Lifetime);

	if (!SEC_SUCCESS (ss)) MyHandleError("AcquireCreds failed");
	cbOut = g_cbMaxMessage;

	if (!GenClientContext ( NULL, 0, g_pOutBuf, &cbOut, &fDone, "NTLM", &hCcred, &hCctxt))
		MyHandleError("Cant't generate client context");

	printf ("Type%hhd message (%lu bytes):\n",g_pOutBuf[8], cbOut);//type1
	PrintHexDump (cbOut, (PBYTE)g_pOutBuf);

	memcpy(g_pInBuf,g_pOutBuf, cbOut);
	cbIn = cbOut;
	cbOut = g_cbMaxMessage;


	if (!GenServerContext (g_pInBuf, cbIn, g_pOutBuf, &cbOut, &done, fNewConversation, &hcred, &hctxt))
		MyHandleError("GenServerContext failed");

	fNewConversation = FALSE;

	printf ("Type%hhd message (%lu bytes):\n",g_pOutBuf[8], cbOut); //type2
	PrintHexDump (cbOut, (PBYTE)g_pOutBuf);
	
	memcpy(g_pInBuf,g_pOutBuf, cbOut);
	cbIn = cbOut;
	cbOut = g_cbMaxMessage;

	nonce = (PBYTE) malloc (16);
	memcpy (nonce, (void *)&g_pOutBuf[24], 8);
	
	if (!GenClientContext (g_pInBuf, cbIn, g_pOutBuf, &cbOut, &fDone, "NTLM", &hCcred, &hCctxt))
		MyHandleError("GenClientContext failed");

	printf ("Type%hhd message (%lu bytes):\n",g_pOutBuf[8], cbOut);//type3
	PrintHexDump (cbOut, (PBYTE)g_pOutBuf);

	GetUserNameExA(NameSamCompatible, pUserName, &cbUserName);
	pUserName = (PCHAR) malloc (cbUserName);
	GetUserNameExA(NameSamCompatible, pUserName, &cbUserName);
	cbUserName = (DWORD)((int)strchr(pUserName,'\\'));
	*(char *)cbUserName = 0;

	printf("g_pOutBuf[22]=%d\n",g_pOutBuf[22]);

	if (g_pOutBuf[22] > 24) 
	{
		printf("NTLMv2\n");
		nthash = (PBYTE) malloc (16);
		cbIn = g_pOutBuf[24] + (g_pOutBuf[25] << 8);
		memcpy (nthash, (void *)&g_pOutBuf[cbIn], 16);

		cbIn += 16;
		clientnonce = (PBYTE) malloc (cbOut - cbIn - 16);
		//memcpy (clientnonce, (void *)&g_pOutBuf[cbIn], 84);
		memcpy (clientnonce, (void *)&g_pOutBuf[cbIn], cbOut - cbIn - 16);

		printf("Nonce:  ");
		PrintHex (8, nonce);
		printf("\nClientNonce: ");
		PrintHex (cbOut - cbIn - 16, clientnonce);
		printf("\nNThash: ");
		PrintHex (16, nthash);
		printf("\n");
		
		printf("\nJTR: %s::%s", (unsigned char *)((int)cbUserName+1), (unsigned char *)pUserName);
		printf(":");
		PrintHex (8, nonce);
		printf(":");
		PrintHex (16, nthash);
		printf(":");
		PrintHex (cbOut - cbIn - 16, clientnonce);

		printf("\n");
	}
	else if (g_pOutBuf[22] == 24)
	{
		printf("NTLM\n");
		lmhash = (PBYTE) malloc (24);
		cbIn = g_pOutBuf[16] + (g_pOutBuf[17] << 8);
		memcpy (lmhash, (void *)&g_pOutBuf[cbIn], 24);

		nthash = (PBYTE) malloc (24);
		cbIn = g_pOutBuf[24] + (g_pOutBuf[25] << 8);
		memcpy (nthash, (void *)&g_pOutBuf[cbIn], 24);

		printf("\nNonce:  ");
		PrintHex (8, nonce);
		printf("\nLMhash: ");
		PrintHex (24, lmhash);
		printf("\nNThash: ");
		PrintHex (24, nthash);

		printf("\nJTR: %s::%s", (unsigned char *)((int)cbUserName+1), (unsigned char *)pUserName);
		printf(":");
		PrintHex (24, lmhash);
		printf(":");
		PrintHex (24, nthash);
		printf(":");
		PrintHex (8, nonce);
		printf("\n");
		
	}
	else
	{
		printf("Unknown hashtype");
	}


	return(TRUE);
}
Ejemplo n.º 4
0
OM_uint32  gss_init_sec_context (
        OM_uint32 *minor_status,
        gss_cred_id_t claimant_cred_handle,
        gss_ctx_id_t *context_handle,
        gss_name_t target_name,
        gss_OID mech_type,
        int req_flags,
        int time_req,
        gss_channel_bindings_t input_channel_bindings,
        gss_buffer_t input_token,
        gss_OID *actual_mech_types,
        gss_buffer_t output_token,
        int *ret_flags,
        OM_int32 *time_rec)
{
	SecPkgInfoA *secPackInfo = NULL;
	gss_cred_id_t credhandle={0};
	gss_ctx_id_t *pctx;

	// SECBUFFER_TOKEN
	// This buffer type is used to indicate the security token portion of the message. 
	// This is read-only for input parameters or read/write for output parameters.
	SecBuffer InputBuf[1] = {input_token?input_token->length:0,SECBUFFER_TOKEN,input_token?input_token->value:0};
	SecBuffer OutputBuf[1] = {0,SECBUFFER_TOKEN,NULL};
	SecBufferDesc InBuffer[1] = {SECBUFFER_VERSION, 1, InputBuf};
	SecBufferDesc OutBuffer[1] = {SECBUFFER_VERSION, 1, OutputBuf};
	OM_uint32 ret;
	TimeStamp tr;
	unsigned long rf;
	SECURITY_STATUS retq;

	//
	// Previously gserver passed ISC_REQ_ALLOCATE_MEMORY to InitializeSecurityContext
	// but it returns SEC_E_BUFFER_TOO_SMALL - I think this is because
	// only Digest and Schannel will allocate output buffers for you, even though the documentation
	// doesn't make that clear for InitializeSecurityContext (see AcquireCredentialsHandle doco).
	//
	if((retq=QuerySecurityPackageInfoA( "Kerberos", &secPackInfo )) != SEC_E_OK)
		return 0;

	OutputBuf->BufferType = SECBUFFER_TOKEN; // preping a token here
	OutputBuf->cbBuffer = secPackInfo->cbMaxToken;
	OutputBuf->pvBuffer = malloc(secPackInfo->cbMaxToken);

	if(claimant_cred_handle.dwLower==0 && claimant_cred_handle.dwUpper==0)
	{
		static gss_cred_id_t global_client_cred={0};
		if(global_client_cred.dwLower==0 || global_client_cred.dwUpper==0)
		{
			ret = AcquireCredentialsHandleA(NULL,"Kerberos",SECPKG_CRED_OUTBOUND,NULL,NULL,NULL,NULL,&global_client_cred,NULL);
			if(ret)
				return ret;
		}
		credhandle = global_client_cred;
	}
	else
		credhandle = claimant_cred_handle;

	if(context_handle->dwLower==0 && context_handle->dwUpper==0)
		pctx = NULL;
	else
		pctx = context_handle;

	// note - only Digest and Schannel will allocate output buffers for you. 
	// so kerberos and other security contexts should not use ISC_REQ_ALLOCATE_MEMORY
	// and also should not free them by calling the FreeContextBuffer function.
	ret = InitializeSecurityContextA(
		&credhandle, pctx, target_name, req_flags, 0, SECURITY_NETWORK_DREP,
		input_token?InBuffer:NULL,0, pctx?NULL:context_handle, OutBuffer, &rf, &tr); 

	// really need to return if that didn't work...
	if (ret != SEC_E_OK /*GSS_S_COMPLETE*/ && ret != SEC_I_CONTINUE_NEEDED /*GSS_S_CONTINUE_NEEDED*/ )
	{
		free(OutputBuf->pvBuffer);
		OutputBuf->pvBuffer = NULL;
		return ret;
	}

	output_token->length = OutputBuf[0].cbBuffer;
	output_token->value = malloc((OutputBuf[0].cbBuffer)+100);
	if (output_token->value!=NULL)
		memcpy(output_token->value,OutputBuf[0].pvBuffer,output_token->length);
	
	// only call this if InitializeSecurityContext successfully created the buffers for us
	// FreeContextBuffer(OutBuffer);

	// manually made the memory, so manually release it...
	free(OutputBuf->pvBuffer);
	OutputBuf->pvBuffer = NULL;

	*minor_status = 0;
	if(time_rec)
		*time_rec=tr.LowPart;
	if(ret_flags)
		*ret_flags=rf;
	return ret;
}
Ejemplo n.º 5
0
OM_uint32  gss_accept_sec_context (
        OM_uint32 *minor_status,
        gss_ctx_id_t *context_handle,
        gss_cred_id_t verifier_cred_handle,
        gss_buffer_t input_token,
        gss_channel_bindings_t input_chan_bindings,
        gss_name_t *src_name,
        gss_OID *actual_mech_type,
        gss_buffer_t output_token,
        OM_uint32 *ret_flags,
        OM_uint32 *time_rec,
        gss_cred_id_t *delegated_cred_handle)
{
	gss_cred_id_t credhandle={0};
	gss_ctx_id_t *pctx;
	DWORD cbmaxtoken;
	PVOID pbuf;

	// Get max token size
	PSecPkgInfo pspi = NULL;
	QuerySecurityPackageInfoA("Kerberos", &pspi);
	cbmaxtoken = pspi->cbMaxToken;
	FreeContextBuffer(pspi);

	pbuf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, (cbmaxtoken<12000)?12000:cbmaxtoken);
	SecBuffer InputBuf[1] = {input_token->length,SECBUFFER_TOKEN,input_token->value};
	SecBuffer OutputBuf[1] = {cbmaxtoken,SECBUFFER_TOKEN,pbuf};
	SecBufferDesc InBuffer[1] = {SECBUFFER_VERSION, 1, InputBuf};
	SecBufferDesc OutBuffer[1] = {SECBUFFER_VERSION, 1, OutputBuf};
	OM_uint32 ret;
	TimeStamp tr;
	unsigned long rf;

	if(context_handle->dwLower==0 && context_handle->dwUpper==0)
		pctx = NULL;
	else
		pctx = context_handle;

	ret = AcceptSecurityContext(&verifier_cred_handle, pctx, InBuffer, ASC_REQ_MUTUAL_AUTH,
				SECURITY_NETWORK_DREP, context_handle, OutBuffer, &rf, &tr);
	output_token->length = OutputBuf[0].cbBuffer;
	output_token->value = malloc((OutputBuf[0].cbBuffer)+100);
	if (output_token->value!=NULL)
		memcpy(output_token->value,OutputBuf[0].pvBuffer,OutputBuf[0].cbBuffer);
	HeapFree(GetProcessHeap(), 0, pbuf);

	if(!ret)
	{
		SecPkgContext_NamesA names = {0};
		QueryContextAttributes(context_handle, SECPKG_ATTR_NAMES, &names);
		*src_name = strdup(names.sUserName);
		FreeContextBuffer(&names);
	}

	*minor_status = 0;
	if(time_rec)
		*time_rec=tr.LowPart;
	if(ret_flags)
		*ret_flags=rf;
	return ret;
}