2 * Copyright 2005 Kai Blin
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 * This file implements the negotiate provider.
19 * FIXME: So far, this beast doesn't do anything.
26 #include "secur32_priv.h"
27 #include "wine/debug.h"
29 WINE_DEFAULT_DEBUG_CHANNEL(secur32);
31 static char nego_name_A[] = "Negotiate";
32 static WCHAR nego_name_W[] = {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0};
34 static SECURITY_STATUS nego_QueryCredentialsAttributes(PCredHandle phCredential,
35 ULONG ulAttribute, PVOID pBuffer)
39 /* FIXME: More attributes to be added here. Need to fix the sspi.h header
45 ret = SEC_E_UNSUPPORTED_FUNCTION;
50 /***********************************************************************
51 * QueryCredentialsAttributesA
53 static SECURITY_STATUS SEC_ENTRY nego_QueryCredentialsAttributesA(
54 PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer)
58 TRACE("(%p, %d, %p)\n", phCredential, ulAttribute, pBuffer);
62 case SECPKG_CRED_ATTR_NAMES:
63 FIXME("SECPKG_CRED_ATTR_NAMES: stub\n");
64 ret = SEC_E_UNSUPPORTED_FUNCTION;
67 ret = nego_QueryCredentialsAttributes(phCredential, ulAttribute,
73 /***********************************************************************
74 * QueryCredentialsAttributesW
76 static SECURITY_STATUS SEC_ENTRY nego_QueryCredentialsAttributesW(
77 PCredHandle phCredential, ULONG ulAttribute, PVOID pBuffer)
81 TRACE("(%p, %d, %p)\n", phCredential, ulAttribute, pBuffer);
85 case SECPKG_CRED_ATTR_NAMES:
86 FIXME("SECPKG_CRED_ATTR_NAMES: stub\n");
87 ret = SEC_E_UNSUPPORTED_FUNCTION;
90 ret = nego_QueryCredentialsAttributes(phCredential, ulAttribute,
97 /***********************************************************************
98 * AcquireCredentialsHandleA
100 static SECURITY_STATUS SEC_ENTRY nego_AcquireCredentialsHandleA(
101 SEC_CHAR *pszPrincipal, SEC_CHAR *pszPackage, ULONG fCredentialUse,
102 PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
103 PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
105 TRACE("(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p) stub\n",
106 debugstr_a(pszPrincipal), debugstr_a(pszPackage), fCredentialUse,
107 pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
108 return SEC_E_UNSUPPORTED_FUNCTION;
111 /***********************************************************************
112 * AcquireCredentialsHandleW
114 static SECURITY_STATUS SEC_ENTRY nego_AcquireCredentialsHandleW(
115 SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialUse,
116 PLUID pLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn,
117 PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
119 TRACE("(%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p) stub\n",
120 debugstr_w(pszPrincipal), debugstr_w(pszPackage), fCredentialUse,
121 pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
122 return SEC_E_UNSUPPORTED_FUNCTION;
125 /***********************************************************************
126 * InitializeSecurityContextA
128 static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextA(
129 PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR *pszTargetName,
130 ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
131 PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
132 PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
136 TRACE("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext,
137 debugstr_a(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
138 Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
140 ret = SEC_E_UNSUPPORTED_FUNCTION;
144 ret = SEC_E_INVALID_HANDLE;
149 /***********************************************************************
150 * InitializeSecurityContextW
152 static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextW(
153 PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName,
154 ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep,
155 PSecBufferDesc pInput,ULONG Reserved2, PCtxtHandle phNewContext,
156 PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
160 TRACE("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext,
161 debugstr_w(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
162 Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
165 ret = SEC_E_UNSUPPORTED_FUNCTION;
169 ret = SEC_E_INVALID_HANDLE;
174 /***********************************************************************
175 * AcceptSecurityContext
177 static SECURITY_STATUS SEC_ENTRY nego_AcceptSecurityContext(
178 PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput,
179 ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
180 PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
184 TRACE("%p %p %p %d %d %p %p %p %p\n", phCredential, phContext, pInput,
185 fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr,
189 ret = SEC_E_UNSUPPORTED_FUNCTION;
193 ret = SEC_E_INVALID_HANDLE;
198 /***********************************************************************
201 static SECURITY_STATUS SEC_ENTRY nego_CompleteAuthToken(PCtxtHandle phContext,
202 PSecBufferDesc pToken)
206 TRACE("%p %p\n", phContext, pToken);
209 ret = SEC_E_UNSUPPORTED_FUNCTION;
213 ret = SEC_E_INVALID_HANDLE;
218 /***********************************************************************
219 * DeleteSecurityContext
221 static SECURITY_STATUS SEC_ENTRY nego_DeleteSecurityContext(PCtxtHandle phContext)
225 TRACE("%p\n", phContext);
228 ret = SEC_E_UNSUPPORTED_FUNCTION;
232 ret = SEC_E_INVALID_HANDLE;
237 /***********************************************************************
240 static SECURITY_STATUS SEC_ENTRY nego_ApplyControlToken(PCtxtHandle phContext,
241 PSecBufferDesc pInput)
245 TRACE("%p %p\n", phContext, pInput);
248 ret = SEC_E_UNSUPPORTED_FUNCTION;
252 ret = SEC_E_INVALID_HANDLE;
257 /***********************************************************************
258 * QueryContextAttributesW
260 static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesW(PCtxtHandle phContext,
261 ULONG ulAttribute, void *pBuffer)
265 /* FIXME: From reading wrapper.h, I think the dwUpper part of a context is
266 * the SecurePackage part and the dwLower part is the actual context
267 * handle. It should be easy to extract the context attributes from that.
269 TRACE("%p %d %p\n", phContext, ulAttribute, pBuffer);
272 ret = SEC_E_UNSUPPORTED_FUNCTION;
276 ret = SEC_E_INVALID_HANDLE;
281 /***********************************************************************
282 * QueryContextAttributesA
284 static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesA(PCtxtHandle phContext,
285 ULONG ulAttribute, void *pBuffer)
287 return nego_QueryContextAttributesW(phContext, ulAttribute, pBuffer);
290 /***********************************************************************
291 * ImpersonateSecurityContext
293 static SECURITY_STATUS SEC_ENTRY nego_ImpersonateSecurityContext(PCtxtHandle phContext)
297 TRACE("%p\n", phContext);
300 ret = SEC_E_UNSUPPORTED_FUNCTION;
304 ret = SEC_E_INVALID_HANDLE;
309 /***********************************************************************
310 * RevertSecurityContext
312 static SECURITY_STATUS SEC_ENTRY nego_RevertSecurityContext(PCtxtHandle phContext)
316 TRACE("%p\n", phContext);
319 ret = SEC_E_UNSUPPORTED_FUNCTION;
323 ret = SEC_E_INVALID_HANDLE;
328 /***********************************************************************
331 static SECURITY_STATUS SEC_ENTRY nego_MakeSignature(PCtxtHandle phContext, ULONG fQOP,
332 PSecBufferDesc pMessage, ULONG MessageSeqNo)
336 TRACE("%p %d %p %d\n", phContext, fQOP, pMessage, MessageSeqNo);
339 ret = SEC_E_UNSUPPORTED_FUNCTION;
343 ret = SEC_E_INVALID_HANDLE;
348 /***********************************************************************
351 static SECURITY_STATUS SEC_ENTRY nego_VerifySignature(PCtxtHandle phContext,
352 PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
356 TRACE("%p %p %d %p\n", phContext, pMessage, MessageSeqNo, pfQOP);
359 ret = SEC_E_UNSUPPORTED_FUNCTION;
363 ret = SEC_E_INVALID_HANDLE;
370 static const SecurityFunctionTableA negoTableA = {
372 NULL, /* EnumerateSecurityPackagesA */
373 nego_QueryCredentialsAttributesA, /* QueryCredentialsAttributesA */
374 nego_AcquireCredentialsHandleA, /* AcquireCredentialsHandleA */
375 FreeCredentialsHandle, /* FreeCredentialsHandle */
376 NULL, /* Reserved2 */
377 nego_InitializeSecurityContextA, /* InitializeSecurityContextA */
378 nego_AcceptSecurityContext, /* AcceptSecurityContext */
379 nego_CompleteAuthToken, /* CompleteAuthToken */
380 nego_DeleteSecurityContext, /* DeleteSecurityContext */
381 nego_ApplyControlToken, /* ApplyControlToken */
382 nego_QueryContextAttributesA, /* QueryContextAttributesA */
383 nego_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
384 nego_RevertSecurityContext, /* RevertSecurityContext */
385 nego_MakeSignature, /* MakeSignature */
386 nego_VerifySignature, /* VerifySignature */
387 FreeContextBuffer, /* FreeContextBuffer */
388 NULL, /* QuerySecurityPackageInfoA */
389 NULL, /* Reserved3 */
390 NULL, /* Reserved4 */
391 NULL, /* ExportSecurityContext */
392 NULL, /* ImportSecurityContextA */
393 NULL, /* AddCredentialsA */
394 NULL, /* Reserved8 */
395 NULL, /* QuerySecurityContextToken */
396 NULL, /* EncryptMessage */
397 NULL, /* DecryptMessage */
398 NULL, /* SetContextAttributesA */
401 static const SecurityFunctionTableW negoTableW = {
403 NULL, /* EnumerateSecurityPackagesW */
404 nego_QueryCredentialsAttributesW, /* QueryCredentialsAttributesW */
405 nego_AcquireCredentialsHandleW, /* AcquireCredentialsHandleW */
406 FreeCredentialsHandle, /* FreeCredentialsHandle */
407 NULL, /* Reserved2 */
408 nego_InitializeSecurityContextW, /* InitializeSecurityContextW */
409 nego_AcceptSecurityContext, /* AcceptSecurityContext */
410 nego_CompleteAuthToken, /* CompleteAuthToken */
411 nego_DeleteSecurityContext, /* DeleteSecurityContext */
412 nego_ApplyControlToken, /* ApplyControlToken */
413 nego_QueryContextAttributesW, /* QueryContextAttributesW */
414 nego_ImpersonateSecurityContext, /* ImpersonateSecurityContext */
415 nego_RevertSecurityContext, /* RevertSecurityContext */
416 nego_MakeSignature, /* MakeSignature */
417 nego_VerifySignature, /* VerifySignature */
418 FreeContextBuffer, /* FreeContextBuffer */
419 NULL, /* QuerySecurityPackageInfoW */
420 NULL, /* Reserved3 */
421 NULL, /* Reserved4 */
422 NULL, /* ExportSecurityContext */
423 NULL, /* ImportSecurityContextW */
424 NULL, /* AddCredentialsW */
425 NULL, /* Reserved8 */
426 NULL, /* QuerySecurityContextToken */
427 NULL, /* EncryptMessage */
428 NULL, /* DecryptMessage */
429 NULL, /* SetContextAttributesW */
432 static WCHAR negotiate_comment_W[] = { 'M', 'i', 'c', 'r', 'o', 's', 'o',
433 'f', 't', ' ', 'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', 'N', 'e', 'g', 'o',
434 't', 'i', 'a', 't', 'o', 'r', 0};
436 static CHAR negotiate_comment_A[] = "Microsoft Package Negotiator";
440 void SECUR32_initNegotiateSP(void)
442 SecureProvider *provider = SECUR32_addProvider(&negoTableA, &negoTableW,
444 /* According to Windows, Negotiate has the following capabilities.
447 static const LONG caps =
448 SECPKG_FLAG_INTEGRITY |
449 SECPKG_FLAG_PRIVACY |
450 SECPKG_FLAG_CONNECTION |
451 SECPKG_FLAG_MULTI_REQUIRED |
452 SECPKG_FLAG_EXTENDED_ERROR |
453 SECPKG_FLAG_IMPERSONATION |
454 SECPKG_FLAG_ACCEPT_WIN32_NAME |
455 SECPKG_FLAG_READONLY_WITH_CHECKSUM;
457 static const USHORT version = 1;
458 static const USHORT rpcid = 15;
459 static const ULONG max_token = 12000;
460 const SecPkgInfoW infoW = { caps, version, rpcid, max_token, nego_name_W,
461 negotiate_comment_W};
462 const SecPkgInfoA infoA = { caps, version, rpcid, max_token, nego_name_A,
463 negotiate_comment_A};
465 SECUR32_addPackages(provider, 1L, &infoA, &infoW);