BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, LPCTSTR user, LPCTSTR domain, LPCTSTR password, SecPkgContext_Bindings* Bindings) { SECURITY_STATUS status; ntlm->http = http; ntlm->Bindings = Bindings; ntlm->table = InitSecurityInterfaceEx(0); if (!ntlm->table) return FALSE; sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password); status = ntlm->table->QuerySecurityPackageInfo(NTLM_SSP_NAME, &ntlm->pPackageInfo); if (status != SEC_E_OK) { WLog_ERR(TAG, "QuerySecurityPackageInfo status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); return FALSE; } ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken; status = ntlm->table->AcquireCredentialsHandle(NULL, NTLM_SSP_NAME, SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL, &ntlm->credentials, &ntlm->expiration); if (status != SEC_E_OK) { WLog_ERR(TAG, "AcquireCredentialsHandle status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); return FALSE; } ntlm->haveContext = FALSE; ntlm->haveInputBuffer = FALSE; ZeroMemory(&ntlm->inputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->outputBuffer, sizeof(SecBuffer)); ZeroMemory(&ntlm->ContextSizes, sizeof(SecPkgContext_Sizes)); ntlm->fContextReq = 0; if (ntlm->http) { /* flags for HTTP authentication */ ntlm->fContextReq |= ISC_REQ_CONFIDENTIALITY; } else { /** * flags for RPC authentication: * RPC_C_AUTHN_LEVEL_PKT_INTEGRITY: * ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH | * ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT */ ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE; ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH; ntlm->fContextReq |= ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT; } return TRUE; }
static SECURITY_STATUS SEC_ENTRY winpr_ExportSecurityContext(PCtxtHandle phContext, ULONG fFlags, PSecBuffer pPackedContext, HANDLE* pToken) { SEC_CHAR* Name; SECURITY_STATUS status; SecurityFunctionTableW* table; Name = (SEC_CHAR*) sspi_SecureHandleGetUpperPointer(phContext); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableWByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->ExportSecurityContext) return SEC_E_UNSUPPORTED_FUNCTION; status = table->ExportSecurityContext(phContext, fFlags, pPackedContext, pToken); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "ExportSecurityContext status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
SECURITY_STATUS SEC_ENTRY negotiate_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp) { SECURITY_STATUS status; NEGOTIATE_CONTEXT* context; context = (NEGOTIATE_CONTEXT*) sspi_SecureHandleGetLowerPointer(phContext); if (!context) { context = negotiate_ContextNew(); if (!context) return SEC_E_INTERNAL_ERROR; sspi_SecureHandleSetLowerPointer(phNewContext, context); sspi_SecureHandleSetUpperPointer(phNewContext, (void*) NEGO_SSP_NAME); } negotiate_SetSubPackage(context, (const char*) NTLM_SSP_NAME); /* server-side Kerberos not yet implemented */ status = context->sspiA->AcceptSecurityContext(phCredential, &(context->SubContext), pInput, fContextReq, TargetDataRep, &(context->SubContext), pOutput, pfContextAttr, ptsTimeStamp); if (status != SEC_E_OK) { WLog_WARN(TAG, "AcceptSecurityContext status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
UINT32 SSPI_GSSAPI sspi_gss_init_sec_context( UINT32* minor_status, sspi_gss_cred_id_t claimant_cred_handle, sspi_gss_ctx_id_t* context_handle, sspi_gss_name_t target_name, sspi_gss_OID mech_type, UINT32 req_flags, UINT32 time_req, sspi_gss_channel_bindings_t input_chan_bindings, sspi_gss_buffer_t input_token, sspi_gss_OID* actual_mech_type, sspi_gss_buffer_t output_token, UINT32* ret_flags, UINT32* time_rec) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_init_sec_context)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_init_sec_context(minor_status, claimant_cred_handle, context_handle, target_name, mech_type, req_flags, time_req, input_chan_bindings, input_token, actual_mech_type, output_token, ret_flags, time_rec); WLog_DBG(TAG, "gss_init_sec_context: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
static SECURITY_STATUS SEC_ENTRY winpr_ImportSecurityContextA(SEC_CHAR* pszPackage, PSecBuffer pPackedContext, HANDLE pToken, PCtxtHandle phContext) { char* Name = NULL; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (char*) sspi_SecureHandleGetUpperPointer(phContext); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->ImportSecurityContextA) return SEC_E_UNSUPPORTED_FUNCTION; status = table->ImportSecurityContextA(pszPackage, pPackedContext, pToken, phContext); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "ImportSecurityContextA status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_AcquireCredentialsHandleA(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry) { SECURITY_STATUS status; SecurityFunctionTableA* table = sspi_GetSecurityFunctionTableAByNameA(pszPackage); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->AcquireCredentialsHandleA) return SEC_E_UNSUPPORTED_FUNCTION; status = table->AcquireCredentialsHandleA(pszPrincipal, pszPackage, fCredentialUse, pvLogonID, pAuthData, pGetKeyFn, pvGetKeyArgument, phCredential, ptsExpiry); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "AcquireCredentialsHandleA status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
UINT32 SSPI_GSSAPI sspi_gss_accept_sec_context( UINT32* minor_status, sspi_gss_ctx_id_t* context_handle, sspi_gss_cred_id_t acceptor_cred_handle, sspi_gss_buffer_t input_token_buffer, sspi_gss_channel_bindings_t input_chan_bindings, sspi_gss_name_t* src_name, sspi_gss_OID* mech_type, sspi_gss_buffer_t output_token, UINT32* ret_flags, UINT32* time_rec, sspi_gss_cred_id_t* delegated_cred_handle) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_accept_sec_context)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_accept_sec_context(minor_status, context_handle, acceptor_cred_handle, input_token_buffer, input_chan_bindings, src_name, mech_type, output_token, ret_flags, time_rec, delegated_cred_handle); WLog_DBG(TAG, "gss_accept_sec_context: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
static SECURITY_STATUS SEC_ENTRY winpr_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo) { char* Name; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (char*) sspi_SecureHandleGetUpperPointer(phContext); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->EncryptMessage) return SEC_E_UNSUPPORTED_FUNCTION; status = table->EncryptMessage(phContext, fQOP, pMessage, MessageSeqNo); if (status != SEC_E_OK) { WLog_ERR(TAG, "EncryptMessage status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP) { char* Name; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (char*) sspi_SecureHandleGetUpperPointer(phContext); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->VerifySignature) return SEC_E_UNSUPPORTED_FUNCTION; status = table->VerifySignature(phContext, pMessage, MessageSeqNo, pfQOP); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "VerifySignature status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR* pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry) { SEC_CHAR* Name; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (SEC_CHAR*) sspi_SecureHandleGetUpperPointer(phCredential); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->InitializeSecurityContextA) return SEC_E_UNSUPPORTED_FUNCTION; status = table->InitializeSecurityContextA(phCredential, phContext, pszTargetName, fContextReq, Reserved1, TargetDataRep, pInput, Reserved2, phNewContext, pOutput, pfContextAttr, ptsExpiry); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "InitializeSecurityContextA status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_SetContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer) { SEC_CHAR* Name; SECURITY_STATUS status; SecurityFunctionTableW* table; Name = (SEC_CHAR*) sspi_SecureHandleGetUpperPointer(phContext); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableWByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->SetContextAttributesW) return SEC_E_UNSUPPORTED_FUNCTION; status = table->SetContextAttributesW(phContext, ulAttribute, pBuffer, cbBuffer); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "SetContextAttributesW status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_CompleteAuthToken(PCtxtHandle phContext, PSecBufferDesc pToken) { char* Name = NULL; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (char*) sspi_SecureHandleGetUpperPointer(phContext); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->CompleteAuthToken) return SEC_E_UNSUPPORTED_FUNCTION; status = table->CompleteAuthToken(phContext, pToken); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "CompleteAuthToken status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_ImpersonateSecurityContext(PCtxtHandle phContext) { SEC_CHAR* Name; SECURITY_STATUS status; SecurityFunctionTableW* table; Name = (SEC_CHAR*) sspi_SecureHandleGetUpperPointer(phContext); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableWByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->ImpersonateSecurityContext) return SEC_E_UNSUPPORTED_FUNCTION; status = table->ImpersonateSecurityContext(phContext); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "ImpersonateSecurityContext status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp) { char* Name; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (char*) sspi_SecureHandleGetUpperPointer(phCredential); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->AcceptSecurityContext) return SEC_E_UNSUPPORTED_FUNCTION; status = table->AcceptSecurityContext(phCredential, phContext, pInput, fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr, ptsTimeStamp); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "AcceptSecurityContext status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
SECURITY_STATUS SEC_ENTRY negotiate_AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp) { SECURITY_STATUS status; NEGOTIATE_CONTEXT* context; context = (NEGOTIATE_CONTEXT*) sspi_SecureHandleGetLowerPointer(phContext); if (!context) { context = negotiate_ContextNew(); if (!context) return SEC_E_INTERNAL_ERROR; sspi_SecureHandleSetLowerPointer(phNewContext, context); sspi_SecureHandleSetUpperPointer(phNewContext, (void*) NEGOTIATE_PACKAGE_NAME); } status = context->sspiA->AcceptSecurityContext(phCredential, &(context->SubContext), pInput, fContextReq, TargetDataRep, &(context->SubContext), pOutput, pfContextAttr, ptsTimeStamp); if (status != SEC_E_OK) { WLog_WARN(TAG, "AcceptSecurityContext status %s [%08X]", GetSecurityStatusString(status), status); } return status; }
UINT32 SSPI_GSSAPI sspi_gss_add_cred( UINT32* minor_status, sspi_gss_cred_id_t input_cred_handle, sspi_gss_name_t desired_name, sspi_gss_OID desired_mech, sspi_gss_cred_usage_t cred_usage, UINT32 initiator_time_req, UINT32 acceptor_time_req, sspi_gss_cred_id_t* output_cred_handle, sspi_gss_OID_set* actual_mechs, UINT32* initiator_time_rec, UINT32* acceptor_time_rec) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_add_cred)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_add_cred(minor_status, input_cred_handle, desired_name, desired_mech, cred_usage, initiator_time_req, acceptor_time_req, output_cred_handle, actual_mechs, initiator_time_rec, acceptor_time_rec); WLog_DBG(TAG, "gss_add_cred: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
static SECURITY_STATUS SEC_ENTRY winpr_QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void* pBuffer) { char* Name; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (char*) sspi_SecureHandleGetUpperPointer(phCredential); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->QueryCredentialsAttributesA) return SEC_E_UNSUPPORTED_FUNCTION; status = table->QueryCredentialsAttributesA(phCredential, ulAttribute, pBuffer); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "QueryCredentialsAttributesA status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static SECURITY_STATUS SEC_ENTRY winpr_FreeCredentialsHandle(PCredHandle phCredential) { char* Name; SECURITY_STATUS status; SecurityFunctionTableA* table; Name = (char*) sspi_SecureHandleGetUpperPointer(phCredential); if (!Name) return SEC_E_SECPKG_NOT_FOUND; table = sspi_GetSecurityFunctionTableAByNameA(Name); if (!table) return SEC_E_SECPKG_NOT_FOUND; if (!table->FreeCredentialsHandle) return SEC_E_UNSUPPORTED_FUNCTION; status = table->FreeCredentialsHandle(phCredential); if (IsSecurityStatusError(status)) { WLog_WARN(TAG, "FreeCredentialsHandle status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } return status; }
static void ntlm_client_uninit(rdpNtlm* ntlm) { free(ntlm->identity.User); ntlm->identity.User = NULL; free(ntlm->identity.Domain); ntlm->identity.Domain = NULL; free(ntlm->identity.Password); ntlm->identity.Password = NULL; free(ntlm->ServicePrincipalName); ntlm->ServicePrincipalName = NULL; if (ntlm->table) { SECURITY_STATUS status; status = ntlm->table->FreeCredentialsHandle(&ntlm->credentials); if (status != SEC_E_OK) { WLog_WARN(TAG, "FreeCredentialsHandle status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } status = ntlm->table->FreeContextBuffer(ntlm->pPackageInfo); if (status != SEC_E_OK) { WLog_WARN(TAG, "FreeContextBuffer status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } status = ntlm->table->DeleteSecurityContext(&ntlm->context); if (status != SEC_E_OK) { WLog_WARN(TAG, "DeleteSecurityContext status %s [0x%08"PRIX32"]", GetSecurityStatusString(status), status); } ntlm->table = NULL; } }
SECURITY_STATUS nla_decrypt_ts_credentials(rdpNla* nla) { int length; BYTE* buffer; ULONG pfQOP; SecBuffer Buffers[2]; SecBufferDesc Message; SECURITY_STATUS status; Buffers[0].BufferType = SECBUFFER_TOKEN; /* Signature */ Buffers[1].BufferType = SECBUFFER_DATA; /* TSCredentials */ if (nla->authInfo.cbBuffer < 1) { WLog_ERR(TAG, "nla_decrypt_ts_credentials missing authInfo buffer"); return SEC_E_INVALID_TOKEN; } length = nla->authInfo.cbBuffer; buffer = (BYTE*) malloc(length); if (!buffer) return SEC_E_INSUFFICIENT_MEMORY; CopyMemory(buffer, nla->authInfo.pvBuffer, length); Buffers[0].cbBuffer = nla->ContextSizes.cbSecurityTrailer; Buffers[0].pvBuffer = buffer; Buffers[1].cbBuffer = length - nla->ContextSizes.cbSecurityTrailer; Buffers[1].pvBuffer = &buffer[nla->ContextSizes.cbSecurityTrailer]; Message.cBuffers = 2; Message.ulVersion = SECBUFFER_VERSION; Message.pBuffers = (PSecBuffer) &Buffers; status = nla->table->DecryptMessage(&nla->context, &Message, nla->recvSeqNum++, &pfQOP); if (status != SEC_E_OK) { WLog_ERR(TAG, "DecryptMessage failure %s [%08X]", GetSecurityStatusString(status), status); return status; } if(!nla_read_ts_credentials(nla, &Buffers[1])) { free(buffer); return SEC_E_INSUFFICIENT_MEMORY; } free(buffer); return SEC_E_OK; }
UINT32 SSPI_GSSAPI sspi_gss_create_empty_oid_set( UINT32* minor_status, sspi_gss_OID_set* oid_set) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_create_empty_oid_set)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_create_empty_oid_set(minor_status, oid_set); WLog_DBG(TAG, "gss_create_empty_oid_set: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
UINT32 SSPI_GSSAPI sspi_gss_release_buffer( UINT32* minor_status, sspi_gss_buffer_t buffer) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_release_buffer)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_release_buffer(minor_status, buffer); WLog_DBG(TAG, "gss_release_buffer: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
UINT32 SSPI_GSSAPI sspi_gss_import_sec_context( UINT32* minor_status, sspi_gss_buffer_t interprocess_token, sspi_gss_ctx_id_t* context_handle) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_import_sec_context)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_import_sec_context(minor_status, interprocess_token, context_handle); WLog_DBG(TAG, "gss_import_sec_context: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
SECURITY_STATUS SEC_ENTRY sspi_VerifySignature(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP) { SECURITY_STATUS status; if (!g_Initialized) InitializeSspiModule(0); if (!(g_SspiW && g_SspiW->VerifySignature)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_SspiW->VerifySignature(phContext, pMessage, MessageSeqNo, pfQOP); WLog_Print(g_Log, WLOG_DEBUG, "VerifySignature: %s (0x%04X)", GetSecurityStatusString(status), status); return status; }
UINT32 SSPI_GSSAPI sspi_gss_context_time( UINT32* minor_status, sspi_gss_ctx_id_t context_handle, UINT32* time_rec) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_context_time)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_context_time(minor_status, context_handle, time_rec); WLog_DBG(TAG, "gss_context_time: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
UINT32 SSPI_GSSAPI sspi_gss_inquire_names_for_mech( UINT32* minor_status, sspi_gss_OID mechanism, sspi_gss_OID_set* name_types) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_inquire_names_for_mech)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_inquire_names_for_mech(minor_status, mechanism, name_types); WLog_DBG(TAG, "gss_inquire_names_for_mech: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
SECURITY_STATUS SEC_ENTRY sspi_RevertSecurityContext(PCtxtHandle phContext) { SECURITY_STATUS status; if (!g_Initialized) InitializeSspiModule(0); if (!(g_SspiW && g_SspiW->RevertSecurityContext)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_SspiW->RevertSecurityContext(phContext); WLog_Print(g_Log, WLOG_DEBUG, "RevertSecurityContext: %s (0x%04X)", GetSecurityStatusString(status), status); return status; }
UINT32 SSPI_GSSAPI sspi_gss_set_neg_mechs( UINT32* minor_status, sspi_gss_cred_id_t cred_handle, const sspi_gss_OID_set mech_set) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_set_neg_mechs)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_set_neg_mechs(minor_status, cred_handle, mech_set); WLog_DBG(TAG, "gss_set_neg_mechs: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
UINT32 SSPI_GSSAPI sspi_gss_duplicate_name( UINT32* minor_status, const sspi_gss_name_t input_name, sspi_gss_name_t* dest_name) { SECURITY_STATUS status; InitOnceExecuteOnce(&g_Initialized, sspi_GssApiInit, NULL, NULL); if (!(g_GssApi && g_GssApi->gss_duplicate_name)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_GssApi->gss_duplicate_name(minor_status, input_name, dest_name); WLog_DBG(TAG, "gss_duplicate_name: %s (0x%08"PRIX32")", GetSecurityStatusString(status), status); return status; }
SECURITY_STATUS SEC_ENTRY sspi_SetContextAttributesA(PCtxtHandle phContext, ULONG ulAttribute, void* pBuffer, ULONG cbBuffer) { SECURITY_STATUS status; if (!g_Initialized) InitializeSspiModule(0); if (!(g_SspiA && g_SspiA->SetContextAttributesA)) return SEC_E_UNSUPPORTED_FUNCTION; status = g_SspiA->SetContextAttributesA(phContext, ulAttribute, pBuffer, cbBuffer); WLog_Print(g_Log, WLOG_DEBUG, "SetContextAttributesA: %s (0x%04X)", GetSecurityStatusString(status), status); return status; }