Commit Graph

350 Commits

Author SHA1 Message Date
Kai Blin e6ac20e814 secur32: Revert "secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials".
This reverts commit 7788c8ed0d, as well
as commit ec443be738. Due to erroneous
user input, these commits actually broke more than they fixed.
2009-08-12 12:51:02 +02:00
Kai Blin dfb2b429a0 secur32: Load Negotiate provider again. 2009-08-12 12:50:03 +02:00
Juan Lang 15512454fb secur32: Implement QueryContextAttributes for SECPKG_ATTR_CONNECTION_INFO. 2009-08-10 13:08:54 +02:00
Juan Lang 570c57ac95 secur32: Trace values of SCHANNEL_CRED structure. 2009-08-07 15:27:24 +02:00
Juan Lang 5ee34ea870 secur32: Implement QueryContextAttributes for SECPKG_ATTR_REMOTE_CERT_CONTEXT. 2009-08-06 12:01:41 +02:00
Juan Lang 3a493d7782 secur32: Sanity check handle index before indexing table. 2009-08-06 12:01:30 +02:00
Alexandre Julliard a6b05ea96c secur32: Avoid the close-on-exec race with pipe() on kernels that support pipe2(). 2009-07-01 12:14:08 +02:00
Kai Blin 66b6415193 secur32: Don't return STATUS_SUCCESS from LsaGetLogonSessionData stub. 2009-06-03 15:34:31 +02:00
Henri Verbeet a1465ba45f secur32: Initialize cbBuffer to 0 for NULL buffers.
This prevents schan_resize_current_buffer() from thinking there's a buffer.
2009-05-25 11:23:24 +02:00
Kai Blin ec443be738 secur32: Don't try to use ntlm_auth --use-cred-cache.
If ntlm_auth actually uses the cred cache, it will not give a session key.
As the Wine NTLM code depends on the session key to do transport crypto, don't
attempt to use the winbind cred cache.

This completely reverts my attempted fix 7788c8ed and also parts of Rob's
888a8e27 and 8a2125f9. It does not affect the code using wine's own credential
cache.
2009-05-20 13:34:16 +02:00
Austin English 07c214170d secur32/tests: Sign compare fixes. 2009-05-11 12:47:48 +02:00
Ge van Geldorp 74dba4e602 secur32/tests: Fix GetUserNameEx() tests. 2009-04-14 15:20:30 -05:00
Ge van Geldorp d31bb3f08d secur32: Implement more GetUserNameEx() formats. 2009-04-14 15:20:30 -05:00
Kai Blin 7788c8ed0d secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials.
Samba 3.0.28a (as shipped with Ubuntu 8.04) seems to break when using
cached credentials backed by winbindd, returning a BH error in our test
if we still need to provide a password. Handle this and report a more
correct error.
2009-04-14 11:28:34 -05:00
Paul Vriens 825354afe6 secur32/tests: Document some crashes on Windows. 2009-04-09 16:12:59 +02:00
Ge van Geldorp c98513f9c8 secur32/tests: Add simple tests for GetUserNameExA/W(). 2009-04-07 14:21:08 +02:00
Ge van Geldorp dcb3e52e2d secur32: Implement GetUserNameEx(NameSamCompatible). 2009-04-07 14:21:01 +02:00
Francois Gouget c3aa03d244 secur32/tests: Use win_skip() to skip over unimplemented functionality. 2009-02-23 12:21:28 +01:00
Alexandre Julliard 21a7b21b65 secur32: Properly initialize the helper structure when fork support is missing. 2009-02-16 11:53:22 +01:00
Juan Lang b9ae777d96 secur32: Fix a handful of test failures on Win9x. 2009-02-04 12:24:45 +01:00
Andrew Talbot 247b7c5a83 secur32: Declare a function static. 2009-01-26 15:48:48 +01:00
Michael Stefaniuc e01ae46cac secur32: Remove superfluous pointer casts. 2009-01-22 12:04:52 +01:00
Michael Stefaniuc 230fb06d2e include: Change the rest of sspi.h to use LONG/ULONG for Win64 compatibility. 2009-01-06 12:44:04 +01:00
Michael Stefaniuc 57ab0cd9a6 include: sspi.h: Use the Win types as per MSDN.
This improves the Win64 compatibility.
2009-01-06 12:43:46 +01:00
Henri Verbeet e4505389ad secur32: Implement schannel DecryptMessage(). 2008-12-29 11:48:42 +01:00
Henri Verbeet 3954c4ec65 secur32: Implement schannel EncryptMessage(). 2008-12-29 11:48:35 +01:00
Henri Verbeet 95fd876266 secur32: Handle SECPKG_ATTR_STREAM_SIZES in schan_QueryContextAttributesW(). 2008-12-29 11:48:27 +01:00
Henri Verbeet 3c114a88ca secur32: Add stubs for schannel QueryContextAttributesA() and QueryContextAttributesW(). 2008-12-29 11:48:18 +01:00
Henri Verbeet 24c5e6edbf secur32: Dump the buffer descs in schan_InitializeSecurityContextW(). 2008-12-29 11:48:12 +01:00
Henri Verbeet 7bf267624d secur32: Try an EMPTY buffer if we can't find one of type TOKEN. 2008-12-29 11:48:06 +01:00
Alexandre Julliard 866240d4fd secur32: Check for lack of fork() support. 2008-12-22 18:04:39 +01:00
Andrew Talbot f397252071 secur32: Sign-compare warning fix. 2008-11-10 11:15:07 +01:00
Henri Verbeet e00e5a37e2 secur32: Implement schannel InitializeSecurityContextW. 2008-10-20 12:23:08 +02:00
Henri Verbeet e0e9195c81 secur32: Improve error handling for gnutls_global_init(). 2008-10-20 12:22:51 +02:00
Henri Verbeet 60435135f9 secur32: Don't leak the credentials handle when pgnutls_certificate_allocate_credentials() fails. 2008-10-20 12:22:27 +02:00
Henri Verbeet f6129d7d35 secur32: Don't make the pBuffer parameter to schan_QueryCredentialsAttributes() const. 2008-10-20 12:22:22 +02:00
Henri Verbeet 420cb678e1 secur32: Forward schannel InitializeSecurityContextA to InitializeSecurityContextW. 2008-10-07 12:10:23 +02:00
Henri Verbeet 937488c298 secur32: Improve error handling for gnutls_certificate_allocate_credentials(). 2008-10-07 12:10:07 +02:00
Henri Verbeet 79d88ffe56 secur32: Use ~0UL instead of -1 for invalid schannel handles. 2008-10-07 12:09:50 +02:00
Kai Blin ab05d35c6d secur32: Make GetComputerObjectName(A|W) tests work on win2k3 domains. 2008-09-29 17:23:30 -05:00
Juan Lang b95e146ccb secur32: Fix test failure with neither gnutls nor ntlm_auth available. 2008-09-29 17:23:23 -05:00
Francois Gouget 975b582763 secur32: Fix compilation with GNU TLS 1.0.16. 2008-09-24 13:12:19 +02:00
James Hawkins 4a0b67d72a secur32: Fix a failing test in win95. 2008-09-24 13:12:09 +02:00
Henri Verbeet 74539728b9 secur32: Allow gnutls debug output to be shown. 2008-09-23 14:03:18 +02:00
Henri Verbeet fde1e003fa secur32: Allocate schannel client credentials. 2008-09-23 14:03:18 +02:00
Henri Verbeet 7176dc261d secur32: Basic implementation of schannel AcquireCredentialsHandle/FreeCredentialsHandle.
All this does so far is create a handle and store the credential type in there.
2008-09-23 14:03:18 +02:00
Henri Verbeet 874c9ef6c7 secur32: Require gnutls for schannel. 2008-09-23 14:03:11 +02:00
Henri Verbeet 4ac3fe7f89 secur32: Skip schannel tests if schannel is unavailable. 2008-09-23 13:47:32 +02:00
Marcus Meissner 73b16d47ad secur32: Fixed size passed to GetComputerNameExW. 2008-09-15 11:43:37 +02:00
James Hawkins 852b367361 secur32: Fix two failing tests in win2k. 2008-09-11 11:49:45 +02:00
Reece Dunn f14fe767b3 secur32: Fixed the logic on some of the schannel tests. 2008-09-08 14:08:35 +02:00
Reece Dunn c718981a19 secur32: Fixed the schannel tests on Vista. 2008-09-08 14:08:30 +02:00
H. Verbeet af96a43ce9 secur32: Reserved3 / Reserved4 are actually EncryptMessage / DecryptMessage. 2008-08-20 10:26:56 +02:00
Reece Dunn 922414b60a secur32: Fix the schannel tests crashing on Vista. 2008-08-01 12:22:43 +02:00
Reece Dunn e413bbeea2 secur32: Fix the ntlm tests crashing on Vista. 2008-08-01 12:22:36 +02:00
Kai Blin 84935f5ce0 secur32: Fix GetComputerObjectName tests for domain members.
At least for XP domain members, all EXTENDED_NAME_FORMATS apart from
NameSamCompatible return ERROR_ACCESS_DENIED. Given that the function
returns an error for all formats on non-members, just ignore
ERROR_ACCESS_DENIED as well.
2008-07-16 17:52:40 +02:00
Francois Gouget dbaec0a101 Assorted spelling fixes. 2008-07-10 13:40:15 +02:00
Zhangrong Huang d42a601b52 secur32: Allow loading external schannel.dll. 2008-07-03 13:08:18 +02:00
Alistair Leslie-Hughes e53e82bf12 secur32: Fix crash under win98. 2008-06-23 19:58:10 +02:00
Dan Kegel 06abaaf218 secur32/tests: Don't free if not allocated. 2008-06-04 12:55:42 +02:00
James Hawkins 6848da72d9 secur32: Fix a few tests that fail in win2k3. 2008-05-22 11:31:06 +02:00
Andrew Talbot 140c0423f5 secur32: Memory allocation size fix. 2008-05-13 10:40:03 +02:00
Kai Blin 3da466a9f7 secur32: Fix ntlm tests on Vista. 2008-05-07 17:48:16 +02:00
Kai Blin 2e04c18cf4 secur32: Remove test for sft->Reserved8 field.
This seems to be set on Win98.
2008-05-05 21:02:08 +02:00
Kai Blin bee29a6c2e secur32: Don't call waitpid() in dispatcher.
As Wine ignores SIGCHLD, waitpid() works on Linux only by accident. On
FreeBSD it doesn't work.
2008-05-02 11:24:32 +02:00
Andrew Talbot 49939ed544 secur32: Remove unused variables. 2008-04-25 11:28:43 +02:00
Andrew Talbot 599f58cc7c secur32: Assign to structs instead of using memcpy. 2008-03-17 11:41:23 +01:00
Jacek Caban 87368bb623 secur32: Improve SECPKG_ATTR_CIPHER_STRENGTHS stub. 2008-03-12 19:20:33 +01:00
Jacek Caban d11e30e484 secur32: Fixed dynamic loading in schannel test. 2008-03-12 19:20:27 +01:00
Rob Shearman 088ae3b81c secur32: Fix ntlm_GetCachedCredential to not call strlenW on a NULL pointer.
pszHost should just be set to pszTargetName if pszTargetName doesn't
contain any other information.
2008-03-10 19:12:54 +01:00
Rob Shearman 48000893f9 makefiles: Simplify the use of the IMPORTLIB variable in the DLL makefiles.
Only specify the root to keep platform-specifics out of the individual 
DLL makefiles.
2008-03-04 20:55:01 +01:00
Rob Shearman 0d2a623150 secur32: Initialise more pointers in helper to NULL.
This is to avoid calling HeapFree on random pointers when 
DeleteSecurityContext is called on a context that hasn't had a second 
InitializeSecurityContext called on it, which would otherwise intialise 
those pointers.
2008-02-04 11:10:54 +01:00
Rob Shearman 8a2125f932 secur32: Try to retrive credentials by using the credential manager to retrieve credentials saved for the target server in InitializeContextHandleW, if possible. 2008-02-04 11:10:50 +01:00
Rob Shearman 506ba701bb secur32: If using cached credentials failed in InitializeSecurityContext then fail with SEC_E_NO_CREDENTIALS instead of carrying on with a blank password. 2008-02-04 11:10:05 +01:00
Rob Shearman 72ffc3fad9 secur32: Move the detection of NULL credentials from AcquireCredentialsHandle to InitializeSecurityContext.
Only use cached credentials if the credentials were NULL. Don't pass a 
domain into ntlm_auth when using cached credentials as 
ntlm_auth/winbindd should be able to figure that out.
2008-02-04 11:10:01 +01:00
Andrew Talbot e4ca5c5647 secur32: Remove unneeded casts. 2008-01-21 11:38:45 +01:00
Zhangrong Huang 26bc15a811 secur32: Fix possible crash while loading SSP providers from registry. 2007-12-21 13:46:15 +01:00
Michael Stefaniuc 8537c46c93 secur32/tests: InitFunctionPtrs() needs to use the global crypt32dll variable. 2007-12-19 12:19:00 +01:00
Francois Gouget 31bcb3f6f4 secur32/tests: Dynamically load various APIs and don't link with crypt32.dll to make the test run on Windows 95. 2007-12-18 12:32:55 +01:00
Alexandre Julliard ad9396302d Removed some unneeded imports. 2007-12-06 21:24:24 +01:00
Michael Stefaniuc d117938f7a secur32: Remove the SECUR32_ALLOC() macro around HeapAlloc(). 2007-12-06 12:07:12 +01:00
Kai Blin fdfa760c85 secur32: ntlm_auth returns BH if the connection to winbindd fails. 2007-10-09 12:34:35 +02:00
Andrew Talbot 9b1082ef3b secur32: Fix some memory leaks. 2007-10-05 10:26:20 +02:00
Kai Blin 5afd341aec secur32: Remove hardcoded assumption that the SECBUFFER_DATA is always at index 1 for en/decrypting. 2007-10-02 11:42:10 +02:00
Kai Blin b53e1ffa47 secur32: Implement LsaRegisterLogonProcess stub. 2007-08-30 20:06:56 +02:00
Kai Blin 6efe40b3a6 secur32: Implement LsaLogonUser stub. 2007-08-30 11:57:18 +02:00
Kai Blin 0c6e2c20bd secur32: Implement LsaGetLogonSessionData stub. 2007-08-30 11:57:18 +02:00
Kai Blin 8942443a42 secur32: Implement LsaFreeReturnBuffer stub. 2007-08-30 11:57:18 +02:00
Kai Blin d1339bc0fa secur32: Implement LsaEnumerateLogonSessions stub. 2007-08-30 11:57:18 +02:00
Kai Blin ae06588d9b secur32: Implement LsaLookupAuthenticationPackage stub. 2007-08-30 11:57:18 +02:00
Kai Blin 78b047e4e4 secur32: Give a hint where to find ntlm_auth. 2007-08-30 11:57:18 +02:00
Alexandre Julliard 4cda5ca96c secur32: Set the close on exec flag on the ntlm_auth pipes. 2007-08-27 18:27:59 +02:00
Andrew Talbot d01c8407a9 secur32: Constify some variables. 2007-08-27 12:01:47 +02:00
Paul Vriens 22e48388d5 secur32/tests: Run tests on win95 again. 2007-08-16 11:08:09 +02:00
Rob Shearman 610a3b1ad2 secur32: Remove valid_session_key from NegoHelper since it is only ever set and not read. 2007-08-08 15:32:00 +02:00
Rob Shearman 888a8e27b8 secur32: Split the NTLM credential and context handles into separate objects.
This prevents races with two threads using the helper object at the same
time on two different context handles, eliminates the need to free the
credential handle after freeing the context handles and also prevents a
crash caused by not clearing session_key in DeleteSecurityContext.
2007-08-08 15:32:00 +02:00
Paul Vriens fe7e83fd0c secur32/tests: Use skip when functions are not available. 2007-07-05 19:54:38 +02:00
Rob Shearman 98820d4ef4 secur32: Add tests for multiple use of a credential handle. 2007-07-04 13:42:44 +02:00
Rob Shearman 2ede1370d3 secur32: Don't free the password in InitializeSecurityContextW to enable the credentials handle to be re-used in further InitializeSecurityContextW calls. 2007-07-03 12:29:19 +02:00
Kai Blin c1e724bc88 secur32: Downgrade WARN to TRACE, fix another TRACE. 2007-05-29 11:54:22 +02:00
Rob Shearman aa1be492cd secur32: Fix NTLM's InitializeSecurityContextA/W to be flexible with the index of the token buffer in both the input and output buffer descriptions. 2007-05-25 20:17:11 +02:00
Rob Shearman 4d275bcf10 secur32: Don't set the output buffer type in NTLM's IntializeSecurityContextA/W. 2007-05-25 20:16:58 +02:00
Rob Shearman 661b49785e secur32: Make the NTLM SSP cope with a NULL phCredential parameter when InitializeSecurityContext is called more than once. 2007-05-25 20:16:42 +02:00
Rob Shearman ee47c5a23a secur32: Fix the wrapper InitializeSecurityContextA/W functions to handle phContext and phNewContext parameters being optional for some SSPs. 2007-05-25 20:16:38 +02:00
Rob Shearman 087eedc3f5 secur32: Fix the dwVersion field in the security function tables returned by InitSecurityInterfaceA/W. 2007-05-25 19:30:04 +02:00
Andrew Talbot d64165fcd7 secur32: Exclude unused headers. 2007-05-21 12:31:04 +02:00
Kai Blin 7e6c5aad3c secur32: Move NTLM debug output to a seperate "ntlm" channel. 2007-04-16 12:08:44 +02:00
Andrew Talbot e7730a1668 secur32: Replace const pointer parameters with correct pointers to const. 2007-03-27 12:38:26 +02:00
Jan Zerebecki e293d630ff secur32: Add DebugInfo to critical sections. 2007-03-12 13:39:54 +01:00
Stefan Huehner 51a7ca3440 Change some functions arguments from () -> (void). 2007-03-12 12:25:31 +01:00
Kai Blin df3a7a7b43 secur32: Check for actual return value on invalid QuerySecurityPackageInfo call. 2007-03-08 13:54:06 +01:00
Rob Shearman b814c45f00 secur32: NTLM's AcquireCredentialHandleA/W should accept domains and usernames with lengths of 0.
Add tests for these cases.
2007-03-06 21:59:39 +01:00
Rob Shearman d9229bd1c5 secur32: NTLM - don't bother nul terminating the password string as nothing relies on it being nul terminated. 2007-03-06 21:59:34 +01:00
Rob Shearman 3012038e73 secur32: NTLM - don't copy more data from User, Domain and Password
pointers in the SEC_WINNT_AUTH_IDENTITY structure than the
corresponding Length fields say the pointers hold.
2007-03-06 21:59:28 +01:00
Kai Blin 0210f5eb1d secur32: Use skip for skipped tests, reduce indentation. 2007-03-05 12:08:13 +01:00
Rob Shearman 12f2f09a6c secur32: SealMessage and UnsealMessage are aliases of EncryptMessage and DecryptMessage respectively. 2007-03-01 20:42:49 +01:00
Kai Blin 7325bbd127 secur32: Fix ntlm_auth version number check when registering the NTLM SSP. 2007-02-06 12:30:21 +01:00
Kai Blin 809e4124d7 secur32: Bump minimal required samba version to 3.0.25, 3.0.24 is a bugfix release. 2007-02-06 12:30:16 +01:00
Andrew Talbot da90b4a8dd secur32: Declare a function static. 2007-02-05 12:25:36 +01:00
Kai Blin 747ab4bf74 secur32: Fix off-by-one error in converting the password to unicode. 2007-01-24 12:56:33 +01:00
Kai Blin dc98ac1adb secur32: Fix off-by-one error when copying the password to the helper.
This fixes NTLM authentication with Outlook2003.
2007-01-24 12:07:41 +01:00
Francois Gouget aab5e5856e Don't put single quotes around '%s' when using the debugstr_*() functions. 2007-01-18 12:55:50 +01:00
Francois Gouget 933bf76b5d secur32: Use '%u' to print GetLastError(). 2007-01-18 12:55:10 +01:00
Paul Vriens 7ba9ee9e76 secur32/tests: Fix compilation for older gcc versions (and MinGW). 2007-01-15 14:39:10 +01:00
Paul Vriens 6c3efd1c32 secur32/tests: Cast-qual warning fixes. 2007-01-12 20:41:17 +01:00
Patrik Stridvall f46da1f985 secur32: Use constants instead of hardcoded values. 2006-12-24 15:12:34 +01:00
Andrew Talbot 2ec6c1bf96 secur32/tests: Cast-qual warnings fix. 2006-12-15 12:19:00 +01:00
Dmitry Timoshkov 098e82d81e secur32: Make some data const. 2006-12-14 20:11:44 +01:00
Marcus Meissner f0280cbd1e made functions and variables static in some testcases. 2006-12-11 12:18:29 +01:00
Kai Blin 3dc6390e72 secur32: Improve version detection, move all the version detection to ntlm.c.
Also, as starting with Samba 3.0.24, ntlm_auth will have all the features
we need, require that as minimal version and remove odd old-version
compatibility hacks.
2006-11-29 12:37:20 +01:00
Andrew Talbot fde63f9742 secur32: Cast-qual warning fix. 2006-11-14 11:34:42 +01:00
Kai Blin 1037e20bc7 secur32: Fix handling of ISC_REQ* flags in InitializeSecurityContext. 2006-11-14 11:34:19 +01:00
Francois Gouget b2656633a6 Add some documentation headers to make winapi_check happy. 2006-11-13 13:01:15 +01:00
Kai Blin 48f934ee96 secur32: work around a bug in ntlm_auth that breaks RPC. 2006-11-10 11:34:41 +01:00
Kai Blin d5c0acd057 secur32: Implement NTLM2 encryption. 2006-11-09 14:33:31 +01:00
Kai Blin 1360339422 secur32: Implement ntlmv2 signing. 2006-11-09 10:39:20 +01:00
Kai Blin 78bcfdfce6 secur32: MD5 functions are WINAPI. 2006-11-09 10:39:09 +01:00
Kai Blin a51e02c5d6 secur32: Use a helper function for creating the signature as this simplifies implementing NTLM2 signing a lot. 2006-11-08 20:12:34 +01:00
Kai Blin 6720a129f3 secur32: Delete session key and arc4 context when the session based security context is deleted. 2006-11-08 20:08:09 +01:00
Francois Gouget ea483682c5 secur32: sspi.h must not include wtypes.h. 2006-11-08 12:11:00 +01:00
Kai Blin 3af72bec1e secur32: Test and fix DecryptMessage for multiple data buffers. 2006-11-06 13:47:29 +01:00
Kai Blin cd8332ae1c secur32: Fix handling of buffers that don't have the SECBUFFER_TOKEN as the first buffer.
Thanks to Robert Shearman for catching this one and providing some of the test code.
2006-11-04 12:07:05 +01:00
Kai Blin e1bfe4c18a secur32: Get rid of some HeapAlloc() calls to make code more readable. 2006-11-04 12:02:06 +01:00
Kai Blin 0c3f45eda0 secur32: Avoid double HeapFree() of password and session key. 2006-11-04 12:02:01 +01:00
Rob Shearman 7be4853911 secur32: Make the path to ntlm_auth easier to change by moving the executable name to the top of ntlm.c. 2006-11-02 21:57:20 +01:00
Paul Vriens dd6c4c6800 secur32: Make sure crashing tests are not run. 2006-10-31 12:05:27 +01:00
Kai Blin 344ce9e69b secur32: Add include guard to hmac_md5.h. 2006-10-20 11:41:18 +02:00
Kai Blin 306048bdeb secur32: Stop leaking the session key memory. 2006-10-16 17:05:23 +02:00
Kai Blin e338a30e59 secur32: Get rid of NEGO_* helper modes, they will never be used. Negotiate should not be done via ntlm_auth. 2006-10-16 11:27:25 +02:00
Kai Blin b629b6defd secur32: Implement RFC2104 (HMAC) with MD5 for NTLMv2. 2006-10-16 11:27:15 +02:00