Kai Blin
e6ac20e814
secur32: Revert "secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials".
...
This reverts commit 7788c8ed0d
, as well
as commit ec443be738
. Due to erroneous
user input, these commits actually broke more than they fixed.
2009-08-12 12:51:02 +02:00
Kai Blin
dfb2b429a0
secur32: Load Negotiate provider again.
2009-08-12 12:50:03 +02:00
Juan Lang
15512454fb
secur32: Implement QueryContextAttributes for SECPKG_ATTR_CONNECTION_INFO.
2009-08-10 13:08:54 +02:00
Juan Lang
570c57ac95
secur32: Trace values of SCHANNEL_CRED structure.
2009-08-07 15:27:24 +02:00
Juan Lang
5ee34ea870
secur32: Implement QueryContextAttributes for SECPKG_ATTR_REMOTE_CERT_CONTEXT.
2009-08-06 12:01:41 +02:00
Juan Lang
3a493d7782
secur32: Sanity check handle index before indexing table.
2009-08-06 12:01:30 +02:00
Alexandre Julliard
a6b05ea96c
secur32: Avoid the close-on-exec race with pipe() on kernels that support pipe2().
2009-07-01 12:14:08 +02:00
Kai Blin
66b6415193
secur32: Don't return STATUS_SUCCESS from LsaGetLogonSessionData stub.
2009-06-03 15:34:31 +02:00
Henri Verbeet
a1465ba45f
secur32: Initialize cbBuffer to 0 for NULL buffers.
...
This prevents schan_resize_current_buffer() from thinking there's a buffer.
2009-05-25 11:23:24 +02:00
Kai Blin
ec443be738
secur32: Don't try to use ntlm_auth --use-cred-cache.
...
If ntlm_auth actually uses the cred cache, it will not give a session key.
As the Wine NTLM code depends on the session key to do transport crypto, don't
attempt to use the winbind cred cache.
This completely reverts my attempted fix 7788c8ed
and also parts of Rob's
888a8e27
and 8a2125f9
. It does not affect the code using wine's own credential
cache.
2009-05-20 13:34:16 +02:00
Austin English
07c214170d
secur32/tests: Sign compare fixes.
2009-05-11 12:47:48 +02:00
Ge van Geldorp
74dba4e602
secur32/tests: Fix GetUserNameEx() tests.
2009-04-14 15:20:30 -05:00
Ge van Geldorp
d31bb3f08d
secur32: Implement more GetUserNameEx() formats.
2009-04-14 15:20:30 -05:00
Kai Blin
7788c8ed0d
secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials.
...
Samba 3.0.28a (as shipped with Ubuntu 8.04) seems to break when using
cached credentials backed by winbindd, returning a BH error in our test
if we still need to provide a password. Handle this and report a more
correct error.
2009-04-14 11:28:34 -05:00
Paul Vriens
825354afe6
secur32/tests: Document some crashes on Windows.
2009-04-09 16:12:59 +02:00
Ge van Geldorp
c98513f9c8
secur32/tests: Add simple tests for GetUserNameExA/W().
2009-04-07 14:21:08 +02:00
Ge van Geldorp
dcb3e52e2d
secur32: Implement GetUserNameEx(NameSamCompatible).
2009-04-07 14:21:01 +02:00
Francois Gouget
c3aa03d244
secur32/tests: Use win_skip() to skip over unimplemented functionality.
2009-02-23 12:21:28 +01:00
Alexandre Julliard
21a7b21b65
secur32: Properly initialize the helper structure when fork support is missing.
2009-02-16 11:53:22 +01:00
Juan Lang
b9ae777d96
secur32: Fix a handful of test failures on Win9x.
2009-02-04 12:24:45 +01:00
Andrew Talbot
247b7c5a83
secur32: Declare a function static.
2009-01-26 15:48:48 +01:00
Michael Stefaniuc
e01ae46cac
secur32: Remove superfluous pointer casts.
2009-01-22 12:04:52 +01:00
Michael Stefaniuc
230fb06d2e
include: Change the rest of sspi.h to use LONG/ULONG for Win64 compatibility.
2009-01-06 12:44:04 +01:00
Michael Stefaniuc
57ab0cd9a6
include: sspi.h: Use the Win types as per MSDN.
...
This improves the Win64 compatibility.
2009-01-06 12:43:46 +01:00
Henri Verbeet
e4505389ad
secur32: Implement schannel DecryptMessage().
2008-12-29 11:48:42 +01:00
Henri Verbeet
3954c4ec65
secur32: Implement schannel EncryptMessage().
2008-12-29 11:48:35 +01:00
Henri Verbeet
95fd876266
secur32: Handle SECPKG_ATTR_STREAM_SIZES in schan_QueryContextAttributesW().
2008-12-29 11:48:27 +01:00
Henri Verbeet
3c114a88ca
secur32: Add stubs for schannel QueryContextAttributesA() and QueryContextAttributesW().
2008-12-29 11:48:18 +01:00
Henri Verbeet
24c5e6edbf
secur32: Dump the buffer descs in schan_InitializeSecurityContextW().
2008-12-29 11:48:12 +01:00
Henri Verbeet
7bf267624d
secur32: Try an EMPTY buffer if we can't find one of type TOKEN.
2008-12-29 11:48:06 +01:00
Alexandre Julliard
866240d4fd
secur32: Check for lack of fork() support.
2008-12-22 18:04:39 +01:00
Andrew Talbot
f397252071
secur32: Sign-compare warning fix.
2008-11-10 11:15:07 +01:00
Henri Verbeet
e00e5a37e2
secur32: Implement schannel InitializeSecurityContextW.
2008-10-20 12:23:08 +02:00
Henri Verbeet
e0e9195c81
secur32: Improve error handling for gnutls_global_init().
2008-10-20 12:22:51 +02:00
Henri Verbeet
60435135f9
secur32: Don't leak the credentials handle when pgnutls_certificate_allocate_credentials() fails.
2008-10-20 12:22:27 +02:00
Henri Verbeet
f6129d7d35
secur32: Don't make the pBuffer parameter to schan_QueryCredentialsAttributes() const.
2008-10-20 12:22:22 +02:00
Henri Verbeet
420cb678e1
secur32: Forward schannel InitializeSecurityContextA to InitializeSecurityContextW.
2008-10-07 12:10:23 +02:00
Henri Verbeet
937488c298
secur32: Improve error handling for gnutls_certificate_allocate_credentials().
2008-10-07 12:10:07 +02:00
Henri Verbeet
79d88ffe56
secur32: Use ~0UL instead of -1 for invalid schannel handles.
2008-10-07 12:09:50 +02:00
Kai Blin
ab05d35c6d
secur32: Make GetComputerObjectName(A|W) tests work on win2k3 domains.
2008-09-29 17:23:30 -05:00
Juan Lang
b95e146ccb
secur32: Fix test failure with neither gnutls nor ntlm_auth available.
2008-09-29 17:23:23 -05:00
Francois Gouget
975b582763
secur32: Fix compilation with GNU TLS 1.0.16.
2008-09-24 13:12:19 +02:00
James Hawkins
4a0b67d72a
secur32: Fix a failing test in win95.
2008-09-24 13:12:09 +02:00
Henri Verbeet
74539728b9
secur32: Allow gnutls debug output to be shown.
2008-09-23 14:03:18 +02:00
Henri Verbeet
fde1e003fa
secur32: Allocate schannel client credentials.
2008-09-23 14:03:18 +02:00
Henri Verbeet
7176dc261d
secur32: Basic implementation of schannel AcquireCredentialsHandle/FreeCredentialsHandle.
...
All this does so far is create a handle and store the credential type in there.
2008-09-23 14:03:18 +02:00
Henri Verbeet
874c9ef6c7
secur32: Require gnutls for schannel.
2008-09-23 14:03:11 +02:00
Henri Verbeet
4ac3fe7f89
secur32: Skip schannel tests if schannel is unavailable.
2008-09-23 13:47:32 +02:00
Marcus Meissner
73b16d47ad
secur32: Fixed size passed to GetComputerNameExW.
2008-09-15 11:43:37 +02:00
James Hawkins
852b367361
secur32: Fix two failing tests in win2k.
2008-09-11 11:49:45 +02:00
Reece Dunn
f14fe767b3
secur32: Fixed the logic on some of the schannel tests.
2008-09-08 14:08:35 +02:00
Reece Dunn
c718981a19
secur32: Fixed the schannel tests on Vista.
2008-09-08 14:08:30 +02:00
H. Verbeet
af96a43ce9
secur32: Reserved3 / Reserved4 are actually EncryptMessage / DecryptMessage.
2008-08-20 10:26:56 +02:00
Reece Dunn
922414b60a
secur32: Fix the schannel tests crashing on Vista.
2008-08-01 12:22:43 +02:00
Reece Dunn
e413bbeea2
secur32: Fix the ntlm tests crashing on Vista.
2008-08-01 12:22:36 +02:00
Kai Blin
84935f5ce0
secur32: Fix GetComputerObjectName tests for domain members.
...
At least for XP domain members, all EXTENDED_NAME_FORMATS apart from
NameSamCompatible return ERROR_ACCESS_DENIED. Given that the function
returns an error for all formats on non-members, just ignore
ERROR_ACCESS_DENIED as well.
2008-07-16 17:52:40 +02:00
Francois Gouget
dbaec0a101
Assorted spelling fixes.
2008-07-10 13:40:15 +02:00
Zhangrong Huang
d42a601b52
secur32: Allow loading external schannel.dll.
2008-07-03 13:08:18 +02:00
Alistair Leslie-Hughes
e53e82bf12
secur32: Fix crash under win98.
2008-06-23 19:58:10 +02:00
Dan Kegel
06abaaf218
secur32/tests: Don't free if not allocated.
2008-06-04 12:55:42 +02:00
James Hawkins
6848da72d9
secur32: Fix a few tests that fail in win2k3.
2008-05-22 11:31:06 +02:00
Andrew Talbot
140c0423f5
secur32: Memory allocation size fix.
2008-05-13 10:40:03 +02:00
Kai Blin
3da466a9f7
secur32: Fix ntlm tests on Vista.
2008-05-07 17:48:16 +02:00
Kai Blin
2e04c18cf4
secur32: Remove test for sft->Reserved8 field.
...
This seems to be set on Win98.
2008-05-05 21:02:08 +02:00
Kai Blin
bee29a6c2e
secur32: Don't call waitpid() in dispatcher.
...
As Wine ignores SIGCHLD, waitpid() works on Linux only by accident. On
FreeBSD it doesn't work.
2008-05-02 11:24:32 +02:00
Andrew Talbot
49939ed544
secur32: Remove unused variables.
2008-04-25 11:28:43 +02:00
Andrew Talbot
599f58cc7c
secur32: Assign to structs instead of using memcpy.
2008-03-17 11:41:23 +01:00
Jacek Caban
87368bb623
secur32: Improve SECPKG_ATTR_CIPHER_STRENGTHS stub.
2008-03-12 19:20:33 +01:00
Jacek Caban
d11e30e484
secur32: Fixed dynamic loading in schannel test.
2008-03-12 19:20:27 +01:00
Rob Shearman
088ae3b81c
secur32: Fix ntlm_GetCachedCredential to not call strlenW on a NULL pointer.
...
pszHost should just be set to pszTargetName if pszTargetName doesn't
contain any other information.
2008-03-10 19:12:54 +01:00
Rob Shearman
48000893f9
makefiles: Simplify the use of the IMPORTLIB variable in the DLL makefiles.
...
Only specify the root to keep platform-specifics out of the individual
DLL makefiles.
2008-03-04 20:55:01 +01:00
Rob Shearman
0d2a623150
secur32: Initialise more pointers in helper to NULL.
...
This is to avoid calling HeapFree on random pointers when
DeleteSecurityContext is called on a context that hasn't had a second
InitializeSecurityContext called on it, which would otherwise intialise
those pointers.
2008-02-04 11:10:54 +01:00
Rob Shearman
8a2125f932
secur32: Try to retrive credentials by using the credential manager to retrieve credentials saved for the target server in InitializeContextHandleW, if possible.
2008-02-04 11:10:50 +01:00
Rob Shearman
506ba701bb
secur32: If using cached credentials failed in InitializeSecurityContext then fail with SEC_E_NO_CREDENTIALS instead of carrying on with a blank password.
2008-02-04 11:10:05 +01:00
Rob Shearman
72ffc3fad9
secur32: Move the detection of NULL credentials from AcquireCredentialsHandle to InitializeSecurityContext.
...
Only use cached credentials if the credentials were NULL. Don't pass a
domain into ntlm_auth when using cached credentials as
ntlm_auth/winbindd should be able to figure that out.
2008-02-04 11:10:01 +01:00
Andrew Talbot
e4ca5c5647
secur32: Remove unneeded casts.
2008-01-21 11:38:45 +01:00
Zhangrong Huang
26bc15a811
secur32: Fix possible crash while loading SSP providers from registry.
2007-12-21 13:46:15 +01:00
Michael Stefaniuc
8537c46c93
secur32/tests: InitFunctionPtrs() needs to use the global crypt32dll variable.
2007-12-19 12:19:00 +01:00
Francois Gouget
31bcb3f6f4
secur32/tests: Dynamically load various APIs and don't link with crypt32.dll to make the test run on Windows 95.
2007-12-18 12:32:55 +01:00
Alexandre Julliard
ad9396302d
Removed some unneeded imports.
2007-12-06 21:24:24 +01:00
Michael Stefaniuc
d117938f7a
secur32: Remove the SECUR32_ALLOC() macro around HeapAlloc().
2007-12-06 12:07:12 +01:00
Kai Blin
fdfa760c85
secur32: ntlm_auth returns BH if the connection to winbindd fails.
2007-10-09 12:34:35 +02:00
Andrew Talbot
9b1082ef3b
secur32: Fix some memory leaks.
2007-10-05 10:26:20 +02:00
Kai Blin
5afd341aec
secur32: Remove hardcoded assumption that the SECBUFFER_DATA is always at index 1 for en/decrypting.
2007-10-02 11:42:10 +02:00
Kai Blin
b53e1ffa47
secur32: Implement LsaRegisterLogonProcess stub.
2007-08-30 20:06:56 +02:00
Kai Blin
6efe40b3a6
secur32: Implement LsaLogonUser stub.
2007-08-30 11:57:18 +02:00
Kai Blin
0c6e2c20bd
secur32: Implement LsaGetLogonSessionData stub.
2007-08-30 11:57:18 +02:00
Kai Blin
8942443a42
secur32: Implement LsaFreeReturnBuffer stub.
2007-08-30 11:57:18 +02:00
Kai Blin
d1339bc0fa
secur32: Implement LsaEnumerateLogonSessions stub.
2007-08-30 11:57:18 +02:00
Kai Blin
ae06588d9b
secur32: Implement LsaLookupAuthenticationPackage stub.
2007-08-30 11:57:18 +02:00
Kai Blin
78b047e4e4
secur32: Give a hint where to find ntlm_auth.
2007-08-30 11:57:18 +02:00
Alexandre Julliard
4cda5ca96c
secur32: Set the close on exec flag on the ntlm_auth pipes.
2007-08-27 18:27:59 +02:00
Andrew Talbot
d01c8407a9
secur32: Constify some variables.
2007-08-27 12:01:47 +02:00
Paul Vriens
22e48388d5
secur32/tests: Run tests on win95 again.
2007-08-16 11:08:09 +02:00
Rob Shearman
610a3b1ad2
secur32: Remove valid_session_key from NegoHelper since it is only ever set and not read.
2007-08-08 15:32:00 +02:00
Rob Shearman
888a8e27b8
secur32: Split the NTLM credential and context handles into separate objects.
...
This prevents races with two threads using the helper object at the same
time on two different context handles, eliminates the need to free the
credential handle after freeing the context handles and also prevents a
crash caused by not clearing session_key in DeleteSecurityContext.
2007-08-08 15:32:00 +02:00
Paul Vriens
fe7e83fd0c
secur32/tests: Use skip when functions are not available.
2007-07-05 19:54:38 +02:00
Rob Shearman
98820d4ef4
secur32: Add tests for multiple use of a credential handle.
2007-07-04 13:42:44 +02:00
Rob Shearman
2ede1370d3
secur32: Don't free the password in InitializeSecurityContextW to enable the credentials handle to be re-used in further InitializeSecurityContextW calls.
2007-07-03 12:29:19 +02:00
Kai Blin
c1e724bc88
secur32: Downgrade WARN to TRACE, fix another TRACE.
2007-05-29 11:54:22 +02:00
Rob Shearman
aa1be492cd
secur32: Fix NTLM's InitializeSecurityContextA/W to be flexible with the index of the token buffer in both the input and output buffer descriptions.
2007-05-25 20:17:11 +02:00
Rob Shearman
4d275bcf10
secur32: Don't set the output buffer type in NTLM's IntializeSecurityContextA/W.
2007-05-25 20:16:58 +02:00
Rob Shearman
661b49785e
secur32: Make the NTLM SSP cope with a NULL phCredential parameter when InitializeSecurityContext is called more than once.
2007-05-25 20:16:42 +02:00
Rob Shearman
ee47c5a23a
secur32: Fix the wrapper InitializeSecurityContextA/W functions to handle phContext and phNewContext parameters being optional for some SSPs.
2007-05-25 20:16:38 +02:00
Rob Shearman
087eedc3f5
secur32: Fix the dwVersion field in the security function tables returned by InitSecurityInterfaceA/W.
2007-05-25 19:30:04 +02:00
Andrew Talbot
d64165fcd7
secur32: Exclude unused headers.
2007-05-21 12:31:04 +02:00
Kai Blin
7e6c5aad3c
secur32: Move NTLM debug output to a seperate "ntlm" channel.
2007-04-16 12:08:44 +02:00
Andrew Talbot
e7730a1668
secur32: Replace const pointer parameters with correct pointers to const.
2007-03-27 12:38:26 +02:00
Jan Zerebecki
e293d630ff
secur32: Add DebugInfo to critical sections.
2007-03-12 13:39:54 +01:00
Stefan Huehner
51a7ca3440
Change some functions arguments from () -> (void).
2007-03-12 12:25:31 +01:00
Kai Blin
df3a7a7b43
secur32: Check for actual return value on invalid QuerySecurityPackageInfo call.
2007-03-08 13:54:06 +01:00
Rob Shearman
b814c45f00
secur32: NTLM's AcquireCredentialHandleA/W should accept domains and usernames with lengths of 0.
...
Add tests for these cases.
2007-03-06 21:59:39 +01:00
Rob Shearman
d9229bd1c5
secur32: NTLM - don't bother nul terminating the password string as nothing relies on it being nul terminated.
2007-03-06 21:59:34 +01:00
Rob Shearman
3012038e73
secur32: NTLM - don't copy more data from User, Domain and Password
...
pointers in the SEC_WINNT_AUTH_IDENTITY structure than the
corresponding Length fields say the pointers hold.
2007-03-06 21:59:28 +01:00
Kai Blin
0210f5eb1d
secur32: Use skip for skipped tests, reduce indentation.
2007-03-05 12:08:13 +01:00
Rob Shearman
12f2f09a6c
secur32: SealMessage and UnsealMessage are aliases of EncryptMessage and DecryptMessage respectively.
2007-03-01 20:42:49 +01:00
Kai Blin
7325bbd127
secur32: Fix ntlm_auth version number check when registering the NTLM SSP.
2007-02-06 12:30:21 +01:00
Kai Blin
809e4124d7
secur32: Bump minimal required samba version to 3.0.25, 3.0.24 is a bugfix release.
2007-02-06 12:30:16 +01:00
Andrew Talbot
da90b4a8dd
secur32: Declare a function static.
2007-02-05 12:25:36 +01:00
Kai Blin
747ab4bf74
secur32: Fix off-by-one error in converting the password to unicode.
2007-01-24 12:56:33 +01:00
Kai Blin
dc98ac1adb
secur32: Fix off-by-one error when copying the password to the helper.
...
This fixes NTLM authentication with Outlook2003.
2007-01-24 12:07:41 +01:00
Francois Gouget
aab5e5856e
Don't put single quotes around '%s' when using the debugstr_*() functions.
2007-01-18 12:55:50 +01:00
Francois Gouget
933bf76b5d
secur32: Use '%u' to print GetLastError().
2007-01-18 12:55:10 +01:00
Paul Vriens
7ba9ee9e76
secur32/tests: Fix compilation for older gcc versions (and MinGW).
2007-01-15 14:39:10 +01:00
Paul Vriens
6c3efd1c32
secur32/tests: Cast-qual warning fixes.
2007-01-12 20:41:17 +01:00
Patrik Stridvall
f46da1f985
secur32: Use constants instead of hardcoded values.
2006-12-24 15:12:34 +01:00
Andrew Talbot
2ec6c1bf96
secur32/tests: Cast-qual warnings fix.
2006-12-15 12:19:00 +01:00
Dmitry Timoshkov
098e82d81e
secur32: Make some data const.
2006-12-14 20:11:44 +01:00
Marcus Meissner
f0280cbd1e
made functions and variables static in some testcases.
2006-12-11 12:18:29 +01:00
Kai Blin
3dc6390e72
secur32: Improve version detection, move all the version detection to ntlm.c.
...
Also, as starting with Samba 3.0.24, ntlm_auth will have all the features
we need, require that as minimal version and remove odd old-version
compatibility hacks.
2006-11-29 12:37:20 +01:00
Andrew Talbot
fde63f9742
secur32: Cast-qual warning fix.
2006-11-14 11:34:42 +01:00
Kai Blin
1037e20bc7
secur32: Fix handling of ISC_REQ* flags in InitializeSecurityContext.
2006-11-14 11:34:19 +01:00
Francois Gouget
b2656633a6
Add some documentation headers to make winapi_check happy.
2006-11-13 13:01:15 +01:00
Kai Blin
48f934ee96
secur32: work around a bug in ntlm_auth that breaks RPC.
2006-11-10 11:34:41 +01:00
Kai Blin
d5c0acd057
secur32: Implement NTLM2 encryption.
2006-11-09 14:33:31 +01:00
Kai Blin
1360339422
secur32: Implement ntlmv2 signing.
2006-11-09 10:39:20 +01:00
Kai Blin
78bcfdfce6
secur32: MD5 functions are WINAPI.
2006-11-09 10:39:09 +01:00
Kai Blin
a51e02c5d6
secur32: Use a helper function for creating the signature as this simplifies implementing NTLM2 signing a lot.
2006-11-08 20:12:34 +01:00
Kai Blin
6720a129f3
secur32: Delete session key and arc4 context when the session based security context is deleted.
2006-11-08 20:08:09 +01:00
Francois Gouget
ea483682c5
secur32: sspi.h must not include wtypes.h.
2006-11-08 12:11:00 +01:00
Kai Blin
3af72bec1e
secur32: Test and fix DecryptMessage for multiple data buffers.
2006-11-06 13:47:29 +01:00
Kai Blin
cd8332ae1c
secur32: Fix handling of buffers that don't have the SECBUFFER_TOKEN as the first buffer.
...
Thanks to Robert Shearman for catching this one and providing some of the test code.
2006-11-04 12:07:05 +01:00
Kai Blin
e1bfe4c18a
secur32: Get rid of some HeapAlloc() calls to make code more readable.
2006-11-04 12:02:06 +01:00
Kai Blin
0c3f45eda0
secur32: Avoid double HeapFree() of password and session key.
2006-11-04 12:02:01 +01:00
Rob Shearman
7be4853911
secur32: Make the path to ntlm_auth easier to change by moving the executable name to the top of ntlm.c.
2006-11-02 21:57:20 +01:00
Paul Vriens
dd6c4c6800
secur32: Make sure crashing tests are not run.
2006-10-31 12:05:27 +01:00
Kai Blin
344ce9e69b
secur32: Add include guard to hmac_md5.h.
2006-10-20 11:41:18 +02:00
Kai Blin
306048bdeb
secur32: Stop leaking the session key memory.
2006-10-16 17:05:23 +02:00
Kai Blin
e338a30e59
secur32: Get rid of NEGO_* helper modes, they will never be used. Negotiate should not be done via ntlm_auth.
2006-10-16 11:27:25 +02:00
Kai Blin
b629b6defd
secur32: Implement RFC2104 (HMAC) with MD5 for NTLMv2.
2006-10-16 11:27:15 +02:00