d987cc3d83
secur32: Fix a typo in comment.
...
Signed-off-by: Andrey Gusev <andrey.goosev@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-05-17 14:20:35 +09:00
599b19a831
secur32/tests: Added missing flags handling to testEnumerateSecurityPackages.
...
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-04-19 13:45:24 +09:00
f198b5a45a
secur32: Use %LATEST_RECORD_VERSION gnutls priority.
...
It's based on [1], where it's reported to fix issues with older gnutls.
I tested what client hello packages Windows reports for different sets
of used protocol versions, and it always uses newest possible version.
There may be a concern about not using SSL3 client hello, which still
may negotiate newer protocol and was recommended for compatibility
reasons, but it's known to be problematic the other way those days and
recent gnutls won't use it by default anyway [2].
[1] http://us.battle.net/wow/en/forum/topic/20742995286?page=11
[2] 25ed275043
2016-03-29 10:39:41 +09:00
c1d61f649d
secur32: Don't print 32-bit values as long integers (Clang).
...
Signed-off-by: Charles Davis <cdavis5x@gmail.com>
Signed-off-by: Ken Thomases <ken@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-02-19 11:05:38 +09:00
63b392b144
secur32: Ignore pfQOP in VerifySignature (Clang).
...
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2015-12-25 14:05:45 +01:00
9ab03dd7bb
secur32/tests: Don't check the exact number of cipher bits.
...
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2015-12-21 19:50:27 +01:00
e8d54db727
secur32/tests: Handle skip cleanup in negotiate more cleanly.
...
Signed-off-by: Aric Stewart <aric@codeweavers.com>
2015-10-01 16:34:37 +09:00
52e68a7823
secur32: Avoid ssize_t type that causes printf format warnings.
2015-08-17 15:34:35 +09:00
419362c851
secur32: Implement a couple of identity helper functions.
2015-08-17 14:46:24 +09:00
bca49f1403
secur32: Added SECPKG_ATTR_SUPPORTED_ALGS tests.
2015-07-03 12:46:44 +09:00
cae3f98c69
secur32: Fixed compilation on very old gnutls versions.
2015-06-18 21:41:02 +09:00
72747526b1
secur32: Fixed compilation on with gnutls.
2015-06-17 20:01:30 +09:00
dedbd18836
secur32: Use gnutls_cipher_get_block_size to get cupher block size.
2015-06-16 23:56:46 +09:00
3617e2b2a9
secur32: Added support for a few more algorithms in schannel_get_cipher_algid.
2015-06-16 23:56:45 +09:00
f54a9f4db4
secur32: Add a loop around gnutls_record_send since it may send a partial record.
2015-04-29 13:07:54 +09:00
0fbbb1297d
secur32: Don't try to set an empty target name in schan_InitializeSecurityContextW.
...
Based on original patch by Nikos Mavrogiannopoulos.
2015-04-09 13:25:04 +09:00
8729575112
secur32: Return more context attributes in schan_InitializeSecurityContextW.
2015-04-06 18:06:17 +09:00
1d7f2c318a
secur32: Mark internal symbols with hidden visibility.
2015-04-01 14:13:30 +09:00
3604629361
secur32: Export SetContextAttributes[AW]().
2015-03-16 15:04:12 +09:00
48ea8a1cb4
secur32/tests: Don't call InitializeSecurityContext on an uninitialized buffer.
...
Also documents failure on an invalid buffer.
2015-01-22 17:31:44 +01:00
54b5660378
secur32: Always tell the user that libgnutls could not be loaded.
2015-01-05 20:29:19 +01:00
b8719ff852
secur32: Declare debug channels only when needed (Clang).
2014-12-04 14:03:25 +01:00
5a6558b854
secur32/tests: Switch requested protocol from SSL3 to TLS1.
2014-10-21 18:49:58 +09:00
0ff2fb8a4f
secur32/tests: Update test for the new certificate on winehq.org.
2014-09-25 16:08:05 +02:00
58a4aa5954
secur32/tests: Remove duplicated expression (PVS-Studio).
2014-08-18 12:45:14 +02:00
d0d6dcb70e
secur32/tests: Include winsock2.h before other headers.
2014-07-24 20:10:28 +02:00
877f1a759e
secur32: Removed superflous NULL check (Coverity).
2014-07-22 12:40:40 +02:00
293c53e22f
secur32: Fixed schannel tests on Windows 8.1.
2014-04-16 14:38:16 +02:00
8df0479870
secur32: Also recognize samba4 failure message if ntlm_auth could not connect to winbindd.
2014-04-14 20:19:01 +02:00
29a409b222
secur32/tests: Fixed tests with new winehq.org setup.
2014-03-03 17:02:53 +01:00
3218cc077e
secur32: Return success on graceful close of SSL connection.
2014-02-22 08:40:40 -06:00
cf0e96c6d0
configure: Rename substituted variables to a standard _CFLAGS and _LIBS format.
2014-01-30 14:51:33 +01:00
8aa64e3580
configure: Automatically expand _CFLAGS and _LIBS variables in all makefiles.
2014-01-30 12:42:56 +01:00
e3fa52a636
secur32: Ignore GNUTLS_A_UNRECOGNIZED_NAME warning alert.
2014-01-28 19:38:45 +01:00
bc59d7e830
secur32: Slightly simplify the GetUserNameExW implementation.
2014-01-13 17:37:46 +01:00
99ef0d6ff0
makefiles: Get rid of the MAKE_TEST_RULES variable.
2014-01-02 12:13:16 +01:00
5e7416e5c8
makefiles: Get rid of the MAKE_DLL_RULES variable.
2014-01-02 12:08:18 +01:00
9ad67a9a8e
secur32/tests: Constify a character string.
2013-12-30 19:01:37 +01:00
25a0375432
secur32/tests: Add a test for QueryCredentialsAttributes(SECPKG_CRED_ATTR_NAMES).
2013-12-13 16:21:08 +01:00
476f57fd63
secur32/tests: Make sure that QueryContextAttributes(SECPKG_ATTR_STREAM_SIZES) succeeds.
2013-12-13 14:37:42 +01:00
79511d98b7
secur32/tests: Use LoadLibrary instead of GetModuleHandle to load advapi32.dll APIs.
2013-12-13 14:37:40 +01:00
4d97b32323
secur32: Cache certificate context instead of store in schannel handle.
2013-10-21 21:06:17 +02:00
00e53de765
secur32: Compile tests with __WINESRC__ define.
2013-10-10 13:33:50 +02:00
0e681027a2
tests: Compile the tests by default with -D__WINESRC__.
2013-10-02 11:04:02 +02:00
2a39cb377a
dlls: Replace the remaining CONSTs.
2013-09-25 11:49:20 +02:00
3a0961aced
secur32/tests: Better defined InitializeSecurityContext tests.
2013-08-28 11:30:31 +02:00
55e37bdbf3
secur32/tests: Run the tests against the winehq.org server.
2013-07-30 14:43:36 +02:00
6c2f7d01c8
secur32: Don't use deprecated gnutls_certificate_credentials.
2013-06-28 19:41:33 +02:00
c518801495
secur32: Set the SSL server name to enable the SNI extension.
2013-06-13 17:10:02 +02:00
fee9cd3b24
configure: In gnutls-3.2, gnutls_mac_get_key_size() moved to crypto.h.
...
Based on a patch by Ben Kohler <bkohler@gmail.com>.
2013-06-11 11:37:21 +02:00
b7cdc0afde
secur32: Don't bother to free memory at process exit.
2013-05-15 10:26:18 +02:00
1470c5c3c1
configure: Use the pkg-config helper macro for gnutls.
2013-05-03 20:45:11 +02:00
930bf0016d
secur32: Added support for TLS 1.1 and TLS 1.2 on Mac.
2013-04-17 14:26:30 +02:00
194cc70fbe
secur32: Disable SSL2 protocol in default settings.
2013-04-01 12:18:55 +02:00
8036bd14f9
secur32: Pass enabled protocols to Mac Secure Transport.
2013-04-01 12:15:41 +02:00
66f80b57a4
secur32: Pass enabled protocols to GnuTLS.
2013-04-01 12:15:37 +02:00
fe474e3b6a
secur32: Take schannel backend capabilities into account when configuring enabled protocols.
2013-03-28 18:54:01 +01:00
79c5d5cc17
secur32: Added SECPKG_ATTR_SUPPORTED_PROTOCOLS tests.
2013-03-27 20:12:29 +01:00
e413b8a505
secur32: Added SECPKG_ATTR_SUPPORTED_PROTOCOLS implementation.
2013-03-27 20:12:28 +01:00
0f2e0365ea
secur32: Added support for grbitEnabledProtocols in schan_AcquireClientCredentials.
2013-03-27 20:12:28 +01:00
b7a75b468a
secur32: Pass whole schan_credentials struct to schannel backend implementations.
2013-03-25 16:28:18 +01:00
64c84ef5c4
secur32: Report SecPkgContext_ConnectionInfo in bits, not bytes.
2013-02-27 19:23:36 +01:00
7494f5bc5e
secur32: On Mac, add support for cipher suites defined in 10.8 SDK.
2013-02-07 16:37:49 +01:00
db22753a05
winhttp: Added schannel-based netconn_recv implementation.
2013-01-23 23:41:15 +01:00
63c7f8d8ee
secur32: Added SECPKG_ATTR_REMOTE_CERT_CONTEXT tests.
2013-01-21 16:19:35 +01:00
303ec3ef91
secur32: Return a cert context with context store in SECPKG_ATTR_REMOTE_CERT_CONTEXT MacOSX implementation.
2013-01-21 16:19:18 +01:00
5c5d12c8bc
secur32: Return a cert context with context store in SECPKG_ATTR_REMOTE_CERT_CONTEXT GnuTLS implementation.
2013-01-21 16:19:05 +01:00
1eaa25696b
secur32/tests: Fix tests on win8.
2012-12-07 17:26:40 +01:00
62e77128c5
secur32: Get rid of deprecated types.
2012-11-16 11:40:17 +01:00
8fe8e2f967
secur32: Avoid a FALSE:TRUE conditional expression.
2012-08-15 12:12:56 +02:00
8abcfeddd8
secur32: Recognize some more TLS versions.
2012-07-18 17:12:34 +02:00
98652ec1c6
secur32: On Mac, define modern ECDH cipher suites if the SDK doesn't.
2012-07-16 14:19:46 +02:00
4ccb8746fd
secur32: On Mac, recognize key exchange algorithm for cipher suites using ECDH.
2012-07-16 14:19:37 +02:00
2025e81585
secur32: Only read complete records in schan_InitializeSecurityContextW().
2012-07-09 15:04:03 -04:00
394519db67
secur32: Handle incomplete messages in schan_InitializeSecurityContextW().
2012-06-26 17:32:40 +02:00
8f39fb146a
secur32: We can't read more than expected_size - 5 in schan_DecryptMessage().
2012-06-26 17:31:02 +02:00
e2bd967a85
secur32: Handle padding only records in schan_DecryptMessage().
2012-06-26 17:30:55 +02:00
71945b7635
secur32: Make some SecurityFunction methods static.
2012-05-21 11:34:37 +02:00
cb90e6b1a6
secur32/tests: Add tests for the Negotiate provider.
2012-05-10 18:43:38 +02:00
19f8c79f9e
secur32: Implement a Negotiate provider that forwards to NTLM.
2012-05-10 18:43:04 +02:00
3181577810
secur32: Add an option to disable use of cached Samba credentials.
2012-05-10 18:42:40 +02:00
bd7e469760
secur32: Update NTLM capabilities to match native.
2012-05-10 18:42:30 +02:00
ebab1c72cf
secur32: Remove some unused variables.
2012-05-10 18:42:21 +02:00
81213a88e8
secur32: Fix potential leaks of the NTLM session key.
2012-05-10 18:42:15 +02:00
ee1e1f0fdb
secur32/tests: Don't compare the encrypted results if the session key is different.
2012-01-03 23:28:13 +01:00
962230064d
secur32/tests: Fail on missing NTLM.
2011-12-20 20:24:47 +01:00
3d9c7657bc
secur32: Fix the compilation on Solaris by including errno.h instead of sys/errno.h.
2011-12-02 17:25:56 +01:00
3de1c71364
secur32: Reap child process to avoid leaving a zombie.
2011-12-01 10:44:28 +01:00
d977044e76
secur32: Eliminate broken clean-up "cheat".
2011-11-30 11:45:26 +01:00
f4ac641af5
secur32: Clean up the helper in all cases where it was allocated.
2011-11-30 11:45:21 +01:00
e39e67ec3d
secur32: Eliminate a dead store.
2011-11-30 11:45:18 +01:00
5305c8e009
secur32: Make the cs critical section static.
2011-11-15 19:37:36 +01:00
7f17934de2
secur32: Superfluous semicolons fix.
2011-11-07 11:54:47 +01:00
65634bca0b
schannel: Don't use SSLCopyPeerCertificates on Mac OS 10.4.
2011-10-27 12:31:40 +02:00
0dd54eb0fd
secur32: Print the ntlm_auth diagnostic message to the winediag channel.
2011-10-27 12:25:13 +02:00
7bb7d08d19
secur32: Handle the schan_buffers limit field in schan_get_buffer() instead of schan_pull().
...
Aside from being the right place, we depend on schan_get_buffer() not
returning a buffer if there's no space left in schan_imp_recv() /
schan_imp_send().
2011-10-05 17:00:58 -05:00
929598fd00
secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_recv().
2011-10-03 14:38:49 -05:00
65aed972c0
secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_send().
2011-10-03 14:38:44 -05:00
5004c38dd5
secur32: Return failure if chan_EncryptMessage() can't encrypt the entire buffer.
2011-10-03 14:38:35 -05:00
0903855456
secur32: Use gnutls_record_get_max_size() to get the maximum message size.
2011-10-03 14:38:21 -05:00
3de330db54
tests: Remove unneeded assert.h includes.
2011-09-27 10:59:56 +02:00
0359f9d430
secur32/tests: Avoid crash on test failure.
2011-09-09 15:53:49 +02:00
52fa3bf42d
secur32: Avoid size_t and fix some printf formats.
2011-09-05 19:34:55 +02:00
982e7f96b1
secur32: Remove dead code (Clang).
2011-07-05 14:42:53 +02:00
e1fcd78928
secur32: Mark internal symbols with hidden visibility.
2011-04-26 15:31:27 +02:00
5015f388d1
secur32: Add alternative schannel implementation for Mac OS X.
...
It uses the native Secure Transport API rather than GnuTLS.
2011-03-14 19:31:07 +01:00
0b396208db
secur32: Separate GnuTLS schannel implementation into separate file.
2011-03-14 14:16:13 +01:00
c890bf4dc8
secur32: Make no-implementation error message non-GnuTLS-specific.
2011-03-14 14:10:54 +01:00
2cecf54427
secur32: Extract schan_imp_init/deinit functions.
2011-03-14 14:10:46 +01:00
9124cdc234
secur32: Extract schan_imp_allocate/free_certificate_credentials functions.
2011-03-14 14:10:38 +01:00
e02ac5f023
secur32: Use opaque type schan_imp_session in schan_imp interface.
2011-03-14 14:10:33 +01:00
6b5f7df5cb
secur32: Set session credentials in schan_imp_create_session.
2011-03-14 14:10:27 +01:00
3d47fce382
secur32: Set push & pull functions in schan_imp_create_session.
2011-03-14 14:10:21 +01:00
c86dafe51e
secur32: Extract GnuTLS-isms from schan_push to schan_push_adapter.
2011-03-14 14:10:17 +01:00
194aaef7cd
secur32: Extract GnuTLS-isms from schan_pull to schan_pull_adapter.
2011-03-14 14:10:13 +01:00
aeefb8188d
secur32: Extract schan_imp_create/dispose_session functions.
2011-03-14 14:10:02 +01:00
d7fe60c5b6
secur32: Extract schan_imp_set_session_transport function.
2011-03-14 14:09:55 +01:00
3608fe03a9
secur32: Extract schan_imp_handshake function.
2011-03-14 14:09:49 +01:00
842e0a5316
secur32: Use schan_imp_get_connection_info to get MAC size.
2011-03-14 14:09:42 +01:00
f7e598cfc8
secur32: Extract schan_imp_get_connection_info function.
2011-03-14 14:09:38 +01:00
ccae072a3c
secur32: Extract schan_imp_get_session_cipher_block_size function.
2011-03-14 14:09:32 +01:00
1b225a012e
secur32: Move some GnuTLS-specific helper functions.
2011-03-14 14:09:27 +01:00
12195b32df
secur32: Extract schan_imp_get_session_peer_certificate function.
2011-03-14 14:09:19 +01:00
9b85662fec
secur32: Extract schan_imp_recv function.
2011-03-14 14:09:12 +01:00
a5715ed625
secur32: Extract schan_imp_send function.
2011-03-14 14:09:03 +01:00
9942edacd4
secur32: Remove outdated comment that schannel is unimplemented.
2011-03-14 14:08:19 +01:00
9c84bfa9a4
secur32/tests: Remove win9x hacks.
2011-03-01 13:21:58 +01:00
1c659a5509
secur32/tests: Make sure return values are used (LLVM/Clang).
2011-02-11 14:49:41 +01:00
7868edd86e
secur32/tests: Don't check return values inside of if(0) (LLVM/Clang).
2011-02-10 10:28:00 -06:00
22c1843e08
secur32/tests: Make sure a return value is used (LLVM/Clang).
2011-02-09 09:29:13 -06:00
cf2de431ac
secur32/tests: Fix copy/paste error in test message ("first" -> "third").
2011-01-21 12:25:06 +01:00
fe05a73042
secur32/tests: Skip test on failure to acquire cred_handle.
2010-12-02 18:57:57 +01:00
30435a5951
secur32: Trace flags as hex values.
2010-10-22 12:03:45 +02:00
81b8ee863e
makefiles: Add a standard header for all makefiles to replace the common variable initializations.
2010-09-19 12:36:48 +02:00
ab52186086
secur32: Prevent schannel tests from crashing on Windows NT.
2010-09-18 13:09:33 +02:00
cdf8d455c2
secur32: Handle extra data in schan_InitializeSecurityContextW.
2010-09-18 13:05:30 +02:00
f2377e8981
secur32: Add some more schannel tests.
2010-09-15 16:36:45 -05:00
506af9205d
secur32: Fill a SECBUFFER_MISSING buffer if the message is not complete.
2010-09-15 16:36:17 -05:00
b335e94788
secur32: Only process full TLS frames in schan_DecryptMessage.
2010-09-15 16:36:11 -05:00
149ffe130f
secur32: Fill header and trailer buffers in schan_DecryptMessage.
2010-09-15 16:36:01 -05:00
b424b3431e
secur32: Validate buffers passed to schan_DecryptMessage.
2010-09-15 16:35:51 -05:00
b86d515ed6
dlls: Remove explicit imports of kernel32 and ntdll.
2010-07-21 17:38:36 +02:00
24592a7a62
secur32: Avoid using long.
2010-05-12 13:44:40 +02:00
9dd206d28e
secur32: Use NTLM2 instead of NTLMv2.
...
In the current code NTLMv2 is used when talking about second generation
NTLM crypto algorithms. Most other publiations call this NTLM2, and use
NTLMv2 to describe a different crypto handshake that can be used by
either NTLM1 or NTLM2 crypto.
2010-04-19 14:56:12 +02:00
43a98ecb21
secur32: Avoid using a pointer difference in a trace.
2010-04-09 16:14:07 +02:00
bef5645eb1
makefiles: Remove the no longer needed explicit separators for dependencies.
2010-03-16 13:28:19 +01:00
6164ce2d82
makefiles: Use the standard C_SRCS variable as the list of test files.
...
This enables it to be auto-updated by make_makefiles.
2010-02-22 10:47:11 +01:00
7c3b9a1551
secur32: Report an error if libgnutls isn't found.
2010-01-11 12:54:23 -06:00
697955c922
secur32: Don't allocate context handle in wrapper InitializeSecurityContextA/W if it is the same as the handle passed into the function.
2009-12-30 13:40:35 +01:00
1346834605
secur32: Fix memory leaks in ntlm_InitializeSecurityContextW.
2009-12-30 13:40:31 +01:00
Andrey Gusev