e6ac20e814
secur32: Revert "secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials".
...
This reverts commit 7788c8ed0dec443be738
2009-08-12 12:51:02 +02:00
dfb2b429a0
secur32: Load Negotiate provider again.
2009-08-12 12:50:03 +02:00
15512454fb
secur32: Implement QueryContextAttributes for SECPKG_ATTR_CONNECTION_INFO.
2009-08-10 13:08:54 +02:00
570c57ac95
secur32: Trace values of SCHANNEL_CRED structure.
2009-08-07 15:27:24 +02:00
5ee34ea870
secur32: Implement QueryContextAttributes for SECPKG_ATTR_REMOTE_CERT_CONTEXT.
2009-08-06 12:01:41 +02:00
3a493d7782
secur32: Sanity check handle index before indexing table.
2009-08-06 12:01:30 +02:00
a6b05ea96c
secur32: Avoid the close-on-exec race with pipe() on kernels that support pipe2().
2009-07-01 12:14:08 +02:00
66b6415193
secur32: Don't return STATUS_SUCCESS from LsaGetLogonSessionData stub.
2009-06-03 15:34:31 +02:00
a1465ba45f
secur32: Initialize cbBuffer to 0 for NULL buffers.
...
This prevents schan_resize_current_buffer() from thinking there's a buffer.
2009-05-25 11:23:24 +02:00
ec443be738
secur32: Don't try to use ntlm_auth --use-cred-cache.
...
If ntlm_auth actually uses the cred cache, it will not give a session key.
As the Wine NTLM code depends on the session key to do transport crypto, don't
attempt to use the winbind cred cache.
This completely reverts my attempted fix 7788c8ed888a8e278a2125f9
2009-05-20 13:34:16 +02:00
07c214170d
secur32/tests: Sign compare fixes.
2009-05-11 12:47:48 +02:00
74dba4e602
secur32/tests: Fix GetUserNameEx() tests.
2009-04-14 15:20:30 -05:00
d31bb3f08d
secur32: Implement more GetUserNameEx() formats.
2009-04-14 15:20:30 -05:00
7788c8ed0d
secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials.
...
Samba 3.0.28a (as shipped with Ubuntu 8.04) seems to break when using
cached credentials backed by winbindd, returning a BH error in our test
if we still need to provide a password. Handle this and report a more
correct error.
2009-04-14 11:28:34 -05:00
825354afe6
secur32/tests: Document some crashes on Windows.
2009-04-09 16:12:59 +02:00
c98513f9c8
secur32/tests: Add simple tests for GetUserNameExA/W().
2009-04-07 14:21:08 +02:00
dcb3e52e2d
secur32: Implement GetUserNameEx(NameSamCompatible).
2009-04-07 14:21:01 +02:00
c3aa03d244
secur32/tests: Use win_skip() to skip over unimplemented functionality.
2009-02-23 12:21:28 +01:00
21a7b21b65
secur32: Properly initialize the helper structure when fork support is missing.
2009-02-16 11:53:22 +01:00
b9ae777d96
secur32: Fix a handful of test failures on Win9x.
2009-02-04 12:24:45 +01:00
247b7c5a83
secur32: Declare a function static.
2009-01-26 15:48:48 +01:00
e01ae46cac
secur32: Remove superfluous pointer casts.
2009-01-22 12:04:52 +01:00
230fb06d2e
include: Change the rest of sspi.h to use LONG/ULONG for Win64 compatibility.
2009-01-06 12:44:04 +01:00
57ab0cd9a6
include: sspi.h: Use the Win types as per MSDN.
...
This improves the Win64 compatibility.
2009-01-06 12:43:46 +01:00
e4505389ad
secur32: Implement schannel DecryptMessage().
2008-12-29 11:48:42 +01:00
3954c4ec65
secur32: Implement schannel EncryptMessage().
2008-12-29 11:48:35 +01:00
95fd876266
secur32: Handle SECPKG_ATTR_STREAM_SIZES in schan_QueryContextAttributesW().
2008-12-29 11:48:27 +01:00
3c114a88ca
secur32: Add stubs for schannel QueryContextAttributesA() and QueryContextAttributesW().
2008-12-29 11:48:18 +01:00
24c5e6edbf
secur32: Dump the buffer descs in schan_InitializeSecurityContextW().
2008-12-29 11:48:12 +01:00
7bf267624d
secur32: Try an EMPTY buffer if we can't find one of type TOKEN.
2008-12-29 11:48:06 +01:00
866240d4fd
secur32: Check for lack of fork() support.
2008-12-22 18:04:39 +01:00
f397252071
secur32: Sign-compare warning fix.
2008-11-10 11:15:07 +01:00
e00e5a37e2
secur32: Implement schannel InitializeSecurityContextW.
2008-10-20 12:23:08 +02:00
e0e9195c81
secur32: Improve error handling for gnutls_global_init().
2008-10-20 12:22:51 +02:00
60435135f9
secur32: Don't leak the credentials handle when pgnutls_certificate_allocate_credentials() fails.
2008-10-20 12:22:27 +02:00
f6129d7d35
secur32: Don't make the pBuffer parameter to schan_QueryCredentialsAttributes() const.
2008-10-20 12:22:22 +02:00
420cb678e1
secur32: Forward schannel InitializeSecurityContextA to InitializeSecurityContextW.
2008-10-07 12:10:23 +02:00
937488c298
secur32: Improve error handling for gnutls_certificate_allocate_credentials().
2008-10-07 12:10:07 +02:00
79d88ffe56
secur32: Use ~0UL instead of -1 for invalid schannel handles.
2008-10-07 12:09:50 +02:00
ab05d35c6d
secur32: Make GetComputerObjectName(A|W) tests work on win2k3 domains.
2008-09-29 17:23:30 -05:00
b95e146ccb
secur32: Fix test failure with neither gnutls nor ntlm_auth available.
2008-09-29 17:23:23 -05:00
975b582763
secur32: Fix compilation with GNU TLS 1.0.16.
2008-09-24 13:12:19 +02:00
4a0b67d72a
secur32: Fix a failing test in win95.
2008-09-24 13:12:09 +02:00
74539728b9
secur32: Allow gnutls debug output to be shown.
2008-09-23 14:03:18 +02:00
fde1e003fa
secur32: Allocate schannel client credentials.
2008-09-23 14:03:18 +02:00
7176dc261d
secur32: Basic implementation of schannel AcquireCredentialsHandle/FreeCredentialsHandle.
...
All this does so far is create a handle and store the credential type in there.
2008-09-23 14:03:18 +02:00
874c9ef6c7
secur32: Require gnutls for schannel.
2008-09-23 14:03:11 +02:00
4ac3fe7f89
secur32: Skip schannel tests if schannel is unavailable.
2008-09-23 13:47:32 +02:00
73b16d47ad
secur32: Fixed size passed to GetComputerNameExW.
2008-09-15 11:43:37 +02:00
852b367361
secur32: Fix two failing tests in win2k.
2008-09-11 11:49:45 +02:00
f14fe767b3
secur32: Fixed the logic on some of the schannel tests.
2008-09-08 14:08:35 +02:00
c718981a19
secur32: Fixed the schannel tests on Vista.
2008-09-08 14:08:30 +02:00
af96a43ce9
secur32: Reserved3 / Reserved4 are actually EncryptMessage / DecryptMessage.
2008-08-20 10:26:56 +02:00
922414b60a
secur32: Fix the schannel tests crashing on Vista.
2008-08-01 12:22:43 +02:00
e413bbeea2
secur32: Fix the ntlm tests crashing on Vista.
2008-08-01 12:22:36 +02:00
84935f5ce0
secur32: Fix GetComputerObjectName tests for domain members.
...
At least for XP domain members, all EXTENDED_NAME_FORMATS apart from
NameSamCompatible return ERROR_ACCESS_DENIED. Given that the function
returns an error for all formats on non-members, just ignore
ERROR_ACCESS_DENIED as well.
2008-07-16 17:52:40 +02:00
dbaec0a101
Assorted spelling fixes.
2008-07-10 13:40:15 +02:00
d42a601b52
secur32: Allow loading external schannel.dll.
2008-07-03 13:08:18 +02:00
e53e82bf12
secur32: Fix crash under win98.
2008-06-23 19:58:10 +02:00
06abaaf218
secur32/tests: Don't free if not allocated.
2008-06-04 12:55:42 +02:00
6848da72d9
secur32: Fix a few tests that fail in win2k3.
2008-05-22 11:31:06 +02:00
140c0423f5
secur32: Memory allocation size fix.
2008-05-13 10:40:03 +02:00
3da466a9f7
secur32: Fix ntlm tests on Vista.
2008-05-07 17:48:16 +02:00
2e04c18cf4
secur32: Remove test for sft->Reserved8 field.
...
This seems to be set on Win98.
2008-05-05 21:02:08 +02:00
bee29a6c2e
secur32: Don't call waitpid() in dispatcher.
...
As Wine ignores SIGCHLD, waitpid() works on Linux only by accident. On
FreeBSD it doesn't work.
2008-05-02 11:24:32 +02:00
49939ed544
secur32: Remove unused variables.
2008-04-25 11:28:43 +02:00
599f58cc7c
secur32: Assign to structs instead of using memcpy.
2008-03-17 11:41:23 +01:00
87368bb623
secur32: Improve SECPKG_ATTR_CIPHER_STRENGTHS stub.
2008-03-12 19:20:33 +01:00
d11e30e484
secur32: Fixed dynamic loading in schannel test.
2008-03-12 19:20:27 +01:00
088ae3b81c
secur32: Fix ntlm_GetCachedCredential to not call strlenW on a NULL pointer.
...
pszHost should just be set to pszTargetName if pszTargetName doesn't
contain any other information.
2008-03-10 19:12:54 +01:00
48000893f9
makefiles: Simplify the use of the IMPORTLIB variable in the DLL makefiles.
...
Only specify the root to keep platform-specifics out of the individual
DLL makefiles.
2008-03-04 20:55:01 +01:00
0d2a623150
secur32: Initialise more pointers in helper to NULL.
...
This is to avoid calling HeapFree on random pointers when
DeleteSecurityContext is called on a context that hasn't had a second
InitializeSecurityContext called on it, which would otherwise intialise
those pointers.
2008-02-04 11:10:54 +01:00
8a2125f932
secur32: Try to retrive credentials by using the credential manager to retrieve credentials saved for the target server in InitializeContextHandleW, if possible.
2008-02-04 11:10:50 +01:00
506ba701bb
secur32: If using cached credentials failed in InitializeSecurityContext then fail with SEC_E_NO_CREDENTIALS instead of carrying on with a blank password.
2008-02-04 11:10:05 +01:00
72ffc3fad9
secur32: Move the detection of NULL credentials from AcquireCredentialsHandle to InitializeSecurityContext.
...
Only use cached credentials if the credentials were NULL. Don't pass a
domain into ntlm_auth when using cached credentials as
ntlm_auth/winbindd should be able to figure that out.
2008-02-04 11:10:01 +01:00
e4ca5c5647
secur32: Remove unneeded casts.
2008-01-21 11:38:45 +01:00
26bc15a811
secur32: Fix possible crash while loading SSP providers from registry.
2007-12-21 13:46:15 +01:00
8537c46c93
secur32/tests: InitFunctionPtrs() needs to use the global crypt32dll variable.
2007-12-19 12:19:00 +01:00
31bcb3f6f4
secur32/tests: Dynamically load various APIs and don't link with crypt32.dll to make the test run on Windows 95.
2007-12-18 12:32:55 +01:00
ad9396302d
Removed some unneeded imports.
2007-12-06 21:24:24 +01:00
d117938f7a
secur32: Remove the SECUR32_ALLOC() macro around HeapAlloc().
2007-12-06 12:07:12 +01:00
fdfa760c85
secur32: ntlm_auth returns BH if the connection to winbindd fails.
2007-10-09 12:34:35 +02:00
9b1082ef3b
secur32: Fix some memory leaks.
2007-10-05 10:26:20 +02:00
5afd341aec
secur32: Remove hardcoded assumption that the SECBUFFER_DATA is always at index 1 for en/decrypting.
2007-10-02 11:42:10 +02:00
b53e1ffa47
secur32: Implement LsaRegisterLogonProcess stub.
2007-08-30 20:06:56 +02:00
6efe40b3a6
secur32: Implement LsaLogonUser stub.
2007-08-30 11:57:18 +02:00
0c6e2c20bd
secur32: Implement LsaGetLogonSessionData stub.
2007-08-30 11:57:18 +02:00
8942443a42
secur32: Implement LsaFreeReturnBuffer stub.
2007-08-30 11:57:18 +02:00
d1339bc0fa
secur32: Implement LsaEnumerateLogonSessions stub.
2007-08-30 11:57:18 +02:00
ae06588d9b
secur32: Implement LsaLookupAuthenticationPackage stub.
2007-08-30 11:57:18 +02:00
78b047e4e4
secur32: Give a hint where to find ntlm_auth.
2007-08-30 11:57:18 +02:00
4cda5ca96c
secur32: Set the close on exec flag on the ntlm_auth pipes.
2007-08-27 18:27:59 +02:00
d01c8407a9
secur32: Constify some variables.
2007-08-27 12:01:47 +02:00
22e48388d5
secur32/tests: Run tests on win95 again.
2007-08-16 11:08:09 +02:00
610a3b1ad2
secur32: Remove valid_session_key from NegoHelper since it is only ever set and not read.
2007-08-08 15:32:00 +02:00
888a8e27b8
secur32: Split the NTLM credential and context handles into separate objects.
...
This prevents races with two threads using the helper object at the same
time on two different context handles, eliminates the need to free the
credential handle after freeing the context handles and also prevents a
crash caused by not clearing session_key in DeleteSecurityContext.
2007-08-08 15:32:00 +02:00
fe7e83fd0c
secur32/tests: Use skip when functions are not available.
2007-07-05 19:54:38 +02:00
98820d4ef4
secur32: Add tests for multiple use of a credential handle.
2007-07-04 13:42:44 +02:00
2ede1370d3
secur32: Don't free the password in InitializeSecurityContextW to enable the credentials handle to be re-used in further InitializeSecurityContextW calls.
2007-07-03 12:29:19 +02:00
c1e724bc88
secur32: Downgrade WARN to TRACE, fix another TRACE.
2007-05-29 11:54:22 +02:00
aa1be492cd
secur32: Fix NTLM's InitializeSecurityContextA/W to be flexible with the index of the token buffer in both the input and output buffer descriptions.
2007-05-25 20:17:11 +02:00
4d275bcf10
secur32: Don't set the output buffer type in NTLM's IntializeSecurityContextA/W.
2007-05-25 20:16:58 +02:00
661b49785e
secur32: Make the NTLM SSP cope with a NULL phCredential parameter when InitializeSecurityContext is called more than once.
2007-05-25 20:16:42 +02:00
ee47c5a23a
secur32: Fix the wrapper InitializeSecurityContextA/W functions to handle phContext and phNewContext parameters being optional for some SSPs.
2007-05-25 20:16:38 +02:00
087eedc3f5
secur32: Fix the dwVersion field in the security function tables returned by InitSecurityInterfaceA/W.
2007-05-25 19:30:04 +02:00
d64165fcd7
secur32: Exclude unused headers.
2007-05-21 12:31:04 +02:00
7e6c5aad3c
secur32: Move NTLM debug output to a seperate "ntlm" channel.
2007-04-16 12:08:44 +02:00
e7730a1668
secur32: Replace const pointer parameters with correct pointers to const.
2007-03-27 12:38:26 +02:00
e293d630ff
secur32: Add DebugInfo to critical sections.
2007-03-12 13:39:54 +01:00
51a7ca3440
Change some functions arguments from () -> (void).
2007-03-12 12:25:31 +01:00
df3a7a7b43
secur32: Check for actual return value on invalid QuerySecurityPackageInfo call.
2007-03-08 13:54:06 +01:00
b814c45f00
secur32: NTLM's AcquireCredentialHandleA/W should accept domains and usernames with lengths of 0.
...
Add tests for these cases.
2007-03-06 21:59:39 +01:00
d9229bd1c5
secur32: NTLM - don't bother nul terminating the password string as nothing relies on it being nul terminated.
2007-03-06 21:59:34 +01:00
3012038e73
secur32: NTLM - don't copy more data from User, Domain and Password
...
pointers in the SEC_WINNT_AUTH_IDENTITY structure than the
corresponding Length fields say the pointers hold.
2007-03-06 21:59:28 +01:00
0210f5eb1d
secur32: Use skip for skipped tests, reduce indentation.
2007-03-05 12:08:13 +01:00
12f2f09a6c
secur32: SealMessage and UnsealMessage are aliases of EncryptMessage and DecryptMessage respectively.
2007-03-01 20:42:49 +01:00
7325bbd127
secur32: Fix ntlm_auth version number check when registering the NTLM SSP.
2007-02-06 12:30:21 +01:00
809e4124d7
secur32: Bump minimal required samba version to 3.0.25, 3.0.24 is a bugfix release.
2007-02-06 12:30:16 +01:00
da90b4a8dd
secur32: Declare a function static.
2007-02-05 12:25:36 +01:00
747ab4bf74
secur32: Fix off-by-one error in converting the password to unicode.
2007-01-24 12:56:33 +01:00
dc98ac1adb
secur32: Fix off-by-one error when copying the password to the helper.
...
This fixes NTLM authentication with Outlook2003.
2007-01-24 12:07:41 +01:00
aab5e5856e
Don't put single quotes around '%s' when using the debugstr_*() functions.
2007-01-18 12:55:50 +01:00
933bf76b5d
secur32: Use '%u' to print GetLastError().
2007-01-18 12:55:10 +01:00
7ba9ee9e76
secur32/tests: Fix compilation for older gcc versions (and MinGW).
2007-01-15 14:39:10 +01:00
6c3efd1c32
secur32/tests: Cast-qual warning fixes.
2007-01-12 20:41:17 +01:00
f46da1f985
secur32: Use constants instead of hardcoded values.
2006-12-24 15:12:34 +01:00
2ec6c1bf96
secur32/tests: Cast-qual warnings fix.
2006-12-15 12:19:00 +01:00
098e82d81e
secur32: Make some data const.
2006-12-14 20:11:44 +01:00
f0280cbd1e
made functions and variables static in some testcases.
2006-12-11 12:18:29 +01:00
3dc6390e72
secur32: Improve version detection, move all the version detection to ntlm.c.
...
Also, as starting with Samba 3.0.24, ntlm_auth will have all the features
we need, require that as minimal version and remove odd old-version
compatibility hacks.
2006-11-29 12:37:20 +01:00
fde63f9742
secur32: Cast-qual warning fix.
2006-11-14 11:34:42 +01:00
1037e20bc7
secur32: Fix handling of ISC_REQ* flags in InitializeSecurityContext.
2006-11-14 11:34:19 +01:00
b2656633a6
Add some documentation headers to make winapi_check happy.
2006-11-13 13:01:15 +01:00
48f934ee96
secur32: work around a bug in ntlm_auth that breaks RPC.
2006-11-10 11:34:41 +01:00
d5c0acd057
secur32: Implement NTLM2 encryption.
2006-11-09 14:33:31 +01:00
1360339422
secur32: Implement ntlmv2 signing.
2006-11-09 10:39:20 +01:00
78bcfdfce6
secur32: MD5 functions are WINAPI.
2006-11-09 10:39:09 +01:00
a51e02c5d6
secur32: Use a helper function for creating the signature as this simplifies implementing NTLM2 signing a lot.
2006-11-08 20:12:34 +01:00
6720a129f3
secur32: Delete session key and arc4 context when the session based security context is deleted.
2006-11-08 20:08:09 +01:00
ea483682c5
secur32: sspi.h must not include wtypes.h.
2006-11-08 12:11:00 +01:00
3af72bec1e
secur32: Test and fix DecryptMessage for multiple data buffers.
2006-11-06 13:47:29 +01:00
cd8332ae1c
secur32: Fix handling of buffers that don't have the SECBUFFER_TOKEN as the first buffer.
...
Thanks to Robert Shearman for catching this one and providing some of the test code.
2006-11-04 12:07:05 +01:00
e1bfe4c18a
secur32: Get rid of some HeapAlloc() calls to make code more readable.
2006-11-04 12:02:06 +01:00
0c3f45eda0
secur32: Avoid double HeapFree() of password and session key.
2006-11-04 12:02:01 +01:00
7be4853911
secur32: Make the path to ntlm_auth easier to change by moving the executable name to the top of ntlm.c.
2006-11-02 21:57:20 +01:00
dd6c4c6800
secur32: Make sure crashing tests are not run.
2006-10-31 12:05:27 +01:00
344ce9e69b
secur32: Add include guard to hmac_md5.h.
2006-10-20 11:41:18 +02:00
306048bdeb
secur32: Stop leaking the session key memory.
2006-10-16 17:05:23 +02:00
e338a30e59
secur32: Get rid of NEGO_* helper modes, they will never be used. Negotiate should not be done via ntlm_auth.
2006-10-16 11:27:25 +02:00
b629b6defd
secur32: Implement RFC2104 (HMAC) with MD5 for NTLMv2.
2006-10-16 11:27:15 +02:00
Kai Blin