2 * Copyright 2005 Kai Blin
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 * This file implements the negotiate provider.
19 * FIXME: So far, this beast doesn't do anything.
26 #include "secur32_priv.h"
27 #include "wine/debug.h"
29 WINE_DEFAULT_DEBUG_CHANNEL(secur32);
31 /* Disable for now, see longer comment for SECUR32_initNegotiateSP below */
33 static char nego_name_A[] = "Negotiate";
34 static WCHAR nego_name_W[] = {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0};
37 static SECURITY_STATUS nego_QueryCredentialsAttributes(PCredHandle phCredential,
38 ULONG ulAttribute, PVOID pBuffer)
42 /* FIXME: More attributes to be added here. Need to fix the sspi.h header
48 ret = SEC_E_UNSUPPORTED_FUNCTION;
53 /***********************************************************************
54 * QueryCredentialsAttributesA
56 static SECURITY_STATUS SEC_ENTRY nego_QueryCredentialsAttributesA(
57 PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer)
61 TRACE("(%p, %d, %p)\n", phCredential, ulAttribute, pBuffer);
65 case SECPKG_CRED_ATTR_NAMES:
66 FIXME("SECPKG_CRED_ATTR_NAMES: stub\n");
67 ret = SEC_E_UNSUPPORTED_FUNCTION;
70 ret = nego_QueryCredentialsAttributes(phCredential, ulAttribute,
76 /***********************************************************************
77 * QueryCredentialsAttributesW
79 static SECURITY_STATUS SEC_ENTRY nego_QueryCredentialsAttributesW(
80 PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer)
84 TRACE("(%p, %d, %p)\n", phCredential, ulAttribute, pBuffer);
88 case SECPKG_CRED_ATTR_NAMES:
89 FIXME("SECPKG_CRED_ATTR_NAMES: stub\n");
90 ret = SEC_E_UNSUPPORTED_FUNCTION;
93 ret = nego_QueryCredentialsAttributes(phCredential, ulAttribute,
100 /***********************************************************************
101 * AcquireCredentialsHandleA
103 static SECURITY_STATUS SEC_ENTRY nego_AcquireCredentialsHandleA(
104 SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse,
105 PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
106 PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
108 TRACE("(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p) stub\n",
109 debugstr_a(pszPrincipal), debugstr_a(pszPackage), fCredentialUse,
110 pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
111 return SEC_E_UNSUPPORTED_FUNCTION;
114 /***********************************************************************
115 * AcquireCredentialsHandleW
117 static SECURITY_STATUS SEC_ENTRY nego_AcquireCredentialsHandleW(
118 SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse,
119 PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
120 PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
122 TRACE("(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p) stub\n",
123 debugstr_w(pszPrincipal), debugstr_w(pszPackage), fCredentialUse,
124 pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
125 return SEC_E_UNSUPPORTED_FUNCTION;
128 /***********************************************************************
129 * InitializeSecurityContextA
131 static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextA(
132 PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName,
133 ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
134 PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
135 PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
139 TRACE("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext,
140 debugstr_a(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
141 Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
143 ret = SEC_E_UNSUPPORTED_FUNCTION;
147 ret = SEC_E_INVALID_HANDLE;
152 /***********************************************************************
153 * InitializeSecurityContextW
155 static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextW(
156 PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName,
157 ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
158 PSecBufferDesc pInput,ULONG Reserved2, PCtxtHandle phNewContext,
159 PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
163 TRACE("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext,
164 debugstr_w(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
165 Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
168 ret = SEC_E_UNSUPPORTED_FUNCTION;
172 ret = SEC_E_INVALID_HANDLE;
177 /***********************************************************************
178 * AcceptSecurityContext
180 static SECURITY_STATUS SEC_ENTRY nego_AcceptSecurityContext(
181 PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput,
182 ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
183 PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
187 TRACE("%p %p %p %d %d %p %p %p %p\n", phCredential, phContext, pInput,
188 fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr,
192 ret = SEC_E_UNSUPPORTED_FUNCTION;
196 ret = SEC_E_INVALID_HANDLE;
201 /***********************************************************************
204 static SECURITY_STATUS SEC_ENTRY nego_CompleteAuthToken(PCtxtHandle phContext,
205 PSecBufferDesc pToken)
209 TRACE("%p %p\n", phContext, pToken);
212 ret = SEC_E_UNSUPPORTED_FUNCTION;
216 ret = SEC_E_INVALID_HANDLE;
221 /***********************************************************************
222 * DeleteSecurityContext
224 static SECURITY_STATUS SEC_ENTRY nego_DeleteSecurityContext(PCtxtHandle phContext)
228 TRACE("%p\n", phContext);
231 ret = SEC_E_UNSUPPORTED_FUNCTION;
235 ret = SEC_E_INVALID_HANDLE;
240 /***********************************************************************
243 static SECURITY_STATUS SEC_ENTRY nego_ApplyControlToken(PCtxtHandle phContext,
244 PSecBufferDesc pInput)
248 TRACE("%p %p\n", phContext, pInput);
251 ret = SEC_E_UNSUPPORTED_FUNCTION;
255 ret = SEC_E_INVALID_HANDLE;
260 /***********************************************************************
261 * QueryContextAttributesW
263 static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesW(PCtxtHandle phContext,
264 ULONG ulAttribute, void *pBuffer)
268 /* FIXME: From reading wrapper.h, I think the dwUpper part of a context is
269 * the SecurePackage part and the dwLower part is the actual context
270 * handle. It should be easy to extract the context attributes from that.
272 TRACE("%p %d %p\n", phContext, ulAttribute, pBuffer);
275 ret = SEC_E_UNSUPPORTED_FUNCTION;
279 ret = SEC_E_INVALID_HANDLE;
284 /***********************************************************************
285 * QueryContextAttributesA
287 static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesA(PCtxtHandle phContext,
288 ULONG ulAttribute, void *pBuffer)
290 return nego_QueryContextAttributesW(phContext, ulAttribute, pBuffer);
293 /***********************************************************************
294 * ImpersonateSecurityContext
296 static SECURITY_STATUS SEC_ENTRY nego_ImpersonateSecurityContext(PCtxtHandle phContext)
300 TRACE("%p\n", phContext);
303 ret = SEC_E_UNSUPPORTED_FUNCTION;
307 ret = SEC_E_INVALID_HANDLE;
312 /***********************************************************************
313 * RevertSecurityContext
315 static SECURITY_STATUS SEC_ENTRY nego_RevertSecurityContext(PCtxtHandle phContext)
319 TRACE("%p\n", phContext);
322 ret = SEC_E_UNSUPPORTED_FUNCTION;
326 ret = SEC_E_INVALID_HANDLE;
331 /***********************************************************************
334 static SECURITY_STATUS SEC_ENTRY nego_MakeSignature(PCtxtHandle phContext, ULONG fQOP,
335 PSecBufferDesc pMessage, ULONG MessageSeqNo)
339 TRACE("%p %d %p %d\n", phContext, fQOP, pMessage, MessageSeqNo);
342 ret = SEC_E_UNSUPPORTED_FUNCTION;
346 ret = SEC_E_INVALID_HANDLE;
351 /***********************************************************************
354 static SECURITY_STATUS SEC_ENTRY nego_VerifySignature(PCtxtHandle phContext,
355 PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
359 TRACE("%p %p %d %p\n", phContext, pMessage, MessageSeqNo, pfQOP);
362 ret = SEC_E_UNSUPPORTED_FUNCTION;
366 ret = SEC_E_INVALID_HANDLE;
373 static const SecurityFunctionTableA negoTableA = {
375 NULL, /* EnumerateSecurityPackagesA */
376 nego_QueryCredentialsAttributesA, /* QueryCredentialsAttributesA */
377 nego_AcquireCredentialsHandleA, /* AcquireCredentialsHandleA */
378 FreeCredentialsHandle, /* FreeCredentialsHandle */
379 NULL, /* Reserved2 */
380 nego_InitializeSecurityContextA, /* InitializeSecurityContextA */
381 nego_AcceptSecurityContext, /* AcceptSecurityContext */
382 nego_CompleteAuthToken, /* CompleteAuthToken */
383 nego_DeleteSecurityContext, /* DeleteSecurityContext */
384 nego_ApplyControlToken, /* ApplyControlToken */
385 nego_QueryContextAttributesA, /* QueryContextAttributesA */
386 nego_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
387 nego_RevertSecurityContext, /* RevertSecurityContext */
388 nego_MakeSignature, /* MakeSignature */
389 nego_VerifySignature, /* VerifySignature */
390 FreeContextBuffer, /* FreeContextBuffer */
391 NULL, /* QuerySecurityPackageInfoA */
392 NULL, /* Reserved3 */
393 NULL, /* Reserved4 */
394 NULL, /* ExportSecurityContext */
395 NULL, /* ImportSecurityContextA */
396 NULL, /* AddCredentialsA */
397 NULL, /* Reserved8 */
398 NULL, /* QuerySecurityContextToken */
399 NULL, /* EncryptMessage */
400 NULL, /* DecryptMessage */
401 NULL, /* SetContextAttributesA */
404 static const SecurityFunctionTableW negoTableW = {
406 NULL, /* EnumerateSecurityPackagesW */
407 nego_QueryCredentialsAttributesW, /* QueryCredentialsAttributesW */
408 nego_AcquireCredentialsHandleW, /* AcquireCredentialsHandleW */
409 FreeCredentialsHandle, /* FreeCredentialsHandle */
410 NULL, /* Reserved2 */
411 nego_InitializeSecurityContextW, /* InitializeSecurityContextW */
412 nego_AcceptSecurityContext, /* AcceptSecurityContext */
413 nego_CompleteAuthToken, /* CompleteAuthToken */
414 nego_DeleteSecurityContext, /* DeleteSecurityContext */
415 nego_ApplyControlToken, /* ApplyControlToken */
416 nego_QueryContextAttributesW, /* QueryContextAttributesW */
417 nego_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
418 nego_RevertSecurityContext, /* RevertSecurityContext */
419 nego_MakeSignature, /* MakeSignature */
420 nego_VerifySignature, /* VerifySignature */
421 FreeContextBuffer, /* FreeContextBuffer */
422 NULL, /* QuerySecurityPackageInfoW */
423 NULL, /* Reserved3 */
424 NULL, /* Reserved4 */
425 NULL, /* ExportSecurityContext */
426 NULL, /* ImportSecurityContextW */
427 NULL, /* AddCredentialsW */
428 NULL, /* Reserved8 */
429 NULL, /* QuerySecurityContextToken */
430 NULL, /* EncryptMessage */
431 NULL, /* DecryptMessage */
432 NULL, /* SetContextAttributesW */
435 /* Disable for now, see comment below.*/
437 static WCHAR negotiate_comment_W[] = { 'M', 'i', 'c', 'r', 'o', 's', 'o',
438 'f', 't', ' ', 'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', 'N', 'e', 'g', 'o',
439 't', 'i', 'a', 't', 'o', 'r', 0};
441 static CHAR negotiate_comment_A[] = "Microsoft Package Negotiator";
445 void SECUR32_initNegotiateSP(void)
447 /* Disable until we really implement a Negotiate provider.
448 * For now, the NTLM provider will pretend to be the Negotiate provider as well.
449 * Windows seems to be able to deal with it, and it makes several programs
452 SecureProvider *provider = SECUR32_addProvider(&negoTableA, &negoTableW,
454 /* According to Windows, Negotiate has the following capabilities.
457 static const LONG caps =
458 SECPKG_FLAG_INTEGRITY |
459 SECPKG_FLAG_PRIVACY |
460 SECPKG_FLAG_CONNECTION |
461 SECPKG_FLAG_MULTI_REQUIRED |
462 SECPKG_FLAG_EXTENDED_ERROR |
463 SECPKG_FLAG_IMPERSONATION |
464 SECPKG_FLAG_ACCEPT_WIN32_NAME |
465 SECPKG_FLAG_READONLY_WITH_CHECKSUM;
467 static const USHORT version = 1;
468 static const USHORT rpcid = 15;
469 static const ULONG max_token = 12000;
470 const SecPkgInfoW infoW = { caps, version, rpcid, max_token, nego_name_W,
471 negotiate_comment_W};
472 const SecPkgInfoA infoA = { caps, version, rpcid, max_token, nego_name_A,
473 negotiate_comment_A};
475 SECUR32_addPackages(provider, 1L, &infoA, &infoW);