Commit Graph

398 Commits

Author SHA1 Message Date
Michael Stefaniuc 8fe8e2f967 secur32: Avoid a FALSE:TRUE conditional expression. 2012-08-15 12:12:56 +02:00
Henri Verbeet 8abcfeddd8 secur32: Recognize some more TLS versions. 2012-07-18 17:12:34 +02:00
Ken Thomases 98652ec1c6 secur32: On Mac, define modern ECDH cipher suites if the SDK doesn't. 2012-07-16 14:19:46 +02:00
Ken Thomases 4ccb8746fd secur32: On Mac, recognize key exchange algorithm for cipher suites using ECDH. 2012-07-16 14:19:37 +02:00
Henri Verbeet 2025e81585 secur32: Only read complete records in schan_InitializeSecurityContextW(). 2012-07-09 15:04:03 -04:00
Henri Verbeet 394519db67 secur32: Handle incomplete messages in schan_InitializeSecurityContextW(). 2012-06-26 17:32:40 +02:00
Henri Verbeet 8f39fb146a secur32: We can't read more than expected_size - 5 in schan_DecryptMessage(). 2012-06-26 17:31:02 +02:00
Henri Verbeet e2bd967a85 secur32: Handle padding only records in schan_DecryptMessage(). 2012-06-26 17:30:55 +02:00
Francois Gouget 71945b7635 secur32: Make some SecurityFunction methods static. 2012-05-21 11:34:37 +02:00
Hans Leidekker cb90e6b1a6 secur32/tests: Add tests for the Negotiate provider. 2012-05-10 18:43:38 +02:00
Hans Leidekker 19f8c79f9e secur32: Implement a Negotiate provider that forwards to NTLM. 2012-05-10 18:43:04 +02:00
Hans Leidekker 3181577810 secur32: Add an option to disable use of cached Samba credentials. 2012-05-10 18:42:40 +02:00
Hans Leidekker bd7e469760 secur32: Update NTLM capabilities to match native. 2012-05-10 18:42:30 +02:00
Hans Leidekker ebab1c72cf secur32: Remove some unused variables. 2012-05-10 18:42:21 +02:00
Hans Leidekker 81213a88e8 secur32: Fix potential leaks of the NTLM session key. 2012-05-10 18:42:15 +02:00
Alexandre Julliard ee1e1f0fdb secur32/tests: Don't compare the encrypted results if the session key is different. 2012-01-03 23:28:13 +01:00
André Hentschel 962230064d secur32/tests: Fail on missing NTLM. 2011-12-20 20:24:47 +01:00
Francois Gouget 3d9c7657bc secur32: Fix the compilation on Solaris by including errno.h instead of sys/errno.h. 2011-12-02 17:25:56 +01:00
Ken Thomases 3de1c71364 secur32: Reap child process to avoid leaving a zombie. 2011-12-01 10:44:28 +01:00
Ken Thomases d977044e76 secur32: Eliminate broken clean-up "cheat". 2011-11-30 11:45:26 +01:00
Ken Thomases f4ac641af5 secur32: Clean up the helper in all cases where it was allocated. 2011-11-30 11:45:21 +01:00
Ken Thomases e39e67ec3d secur32: Eliminate a dead store. 2011-11-30 11:45:18 +01:00
Francois Gouget 5305c8e009 secur32: Make the cs critical section static. 2011-11-15 19:37:36 +01:00
Andrew Talbot 7f17934de2 secur32: Superfluous semicolons fix. 2011-11-07 11:54:47 +01:00
Charles Davis 65634bca0b schannel: Don't use SSLCopyPeerCertificates on Mac OS 10.4. 2011-10-27 12:31:40 +02:00
Henri Verbeet 0dd54eb0fd secur32: Print the ntlm_auth diagnostic message to the winediag channel. 2011-10-27 12:25:13 +02:00
Henri Verbeet 7bb7d08d19 secur32: Handle the schan_buffers limit field in schan_get_buffer() instead of schan_pull().
Aside from being the right place, we depend on schan_get_buffer() not
returning a buffer if there's no space left in schan_imp_recv() /
schan_imp_send().
2011-10-05 17:00:58 -05:00
Henri Verbeet 929598fd00 secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_recv(). 2011-10-03 14:38:49 -05:00
Henri Verbeet 65aed972c0 secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_send(). 2011-10-03 14:38:44 -05:00
Henri Verbeet 5004c38dd5 secur32: Return failure if chan_EncryptMessage() can't encrypt the entire buffer. 2011-10-03 14:38:35 -05:00
Henri Verbeet 0903855456 secur32: Use gnutls_record_get_max_size() to get the maximum message size. 2011-10-03 14:38:21 -05:00
Francois Gouget 3de330db54 tests: Remove unneeded assert.h includes. 2011-09-27 10:59:56 +02:00
Alexandre Julliard 0359f9d430 secur32/tests: Avoid crash on test failure. 2011-09-09 15:53:49 +02:00
Alexandre Julliard 52fa3bf42d secur32: Avoid size_t and fix some printf formats. 2011-09-05 19:34:55 +02:00
Frédéric Delanoy 982e7f96b1 secur32: Remove dead code (Clang). 2011-07-05 14:42:53 +02:00
Marcus Meissner e1fcd78928 secur32: Mark internal symbols with hidden visibility. 2011-04-26 15:31:27 +02:00
Ken Thomases 5015f388d1 secur32: Add alternative schannel implementation for Mac OS X.
It uses the native Secure Transport API rather than GnuTLS.
2011-03-14 19:31:07 +01:00
Ken Thomases 0b396208db secur32: Separate GnuTLS schannel implementation into separate file. 2011-03-14 14:16:13 +01:00
Ken Thomases c890bf4dc8 secur32: Make no-implementation error message non-GnuTLS-specific. 2011-03-14 14:10:54 +01:00
Ken Thomases 2cecf54427 secur32: Extract schan_imp_init/deinit functions. 2011-03-14 14:10:46 +01:00
Ken Thomases 9124cdc234 secur32: Extract schan_imp_allocate/free_certificate_credentials functions. 2011-03-14 14:10:38 +01:00
Ken Thomases e02ac5f023 secur32: Use opaque type schan_imp_session in schan_imp interface. 2011-03-14 14:10:33 +01:00
Ken Thomases 6b5f7df5cb secur32: Set session credentials in schan_imp_create_session. 2011-03-14 14:10:27 +01:00
Ken Thomases 3d47fce382 secur32: Set push & pull functions in schan_imp_create_session. 2011-03-14 14:10:21 +01:00
Ken Thomases c86dafe51e secur32: Extract GnuTLS-isms from schan_push to schan_push_adapter. 2011-03-14 14:10:17 +01:00
Ken Thomases 194aaef7cd secur32: Extract GnuTLS-isms from schan_pull to schan_pull_adapter. 2011-03-14 14:10:13 +01:00
Ken Thomases aeefb8188d secur32: Extract schan_imp_create/dispose_session functions. 2011-03-14 14:10:02 +01:00
Ken Thomases d7fe60c5b6 secur32: Extract schan_imp_set_session_transport function. 2011-03-14 14:09:55 +01:00
Ken Thomases 3608fe03a9 secur32: Extract schan_imp_handshake function. 2011-03-14 14:09:49 +01:00
Ken Thomases 842e0a5316 secur32: Use schan_imp_get_connection_info to get MAC size. 2011-03-14 14:09:42 +01:00
Ken Thomases f7e598cfc8 secur32: Extract schan_imp_get_connection_info function. 2011-03-14 14:09:38 +01:00
Ken Thomases ccae072a3c secur32: Extract schan_imp_get_session_cipher_block_size function. 2011-03-14 14:09:32 +01:00
Ken Thomases 1b225a012e secur32: Move some GnuTLS-specific helper functions. 2011-03-14 14:09:27 +01:00
Ken Thomases 12195b32df secur32: Extract schan_imp_get_session_peer_certificate function. 2011-03-14 14:09:19 +01:00
Ken Thomases 9b85662fec secur32: Extract schan_imp_recv function. 2011-03-14 14:09:12 +01:00
Ken Thomases a5715ed625 secur32: Extract schan_imp_send function. 2011-03-14 14:09:03 +01:00
Ken Thomases 9942edacd4 secur32: Remove outdated comment that schannel is unimplemented. 2011-03-14 14:08:19 +01:00
Austin English 9c84bfa9a4 secur32/tests: Remove win9x hacks. 2011-03-01 13:21:58 +01:00
Austin English 1c659a5509 secur32/tests: Make sure return values are used (LLVM/Clang). 2011-02-11 14:49:41 +01:00
Austin English 7868edd86e secur32/tests: Don't check return values inside of if(0) (LLVM/Clang). 2011-02-10 10:28:00 -06:00
Austin English 22c1843e08 secur32/tests: Make sure a return value is used (LLVM/Clang). 2011-02-09 09:29:13 -06:00
Ken Thomases cf2de431ac secur32/tests: Fix copy/paste error in test message ("first" -> "third"). 2011-01-21 12:25:06 +01:00
Aric Stewart fe05a73042 secur32/tests: Skip test on failure to acquire cred_handle. 2010-12-02 18:57:57 +01:00
Juan Lang 30435a5951 secur32: Trace flags as hex values. 2010-10-22 12:03:45 +02:00
Alexandre Julliard 81b8ee863e makefiles: Add a standard header for all makefiles to replace the common variable initializations. 2010-09-19 12:36:48 +02:00
Piotr Caban ab52186086 secur32: Prevent schannel tests from crashing on Windows NT. 2010-09-18 13:09:33 +02:00
Piotr Caban cdf8d455c2 secur32: Handle extra data in schan_InitializeSecurityContextW. 2010-09-18 13:05:30 +02:00
Mikko Rasa f2377e8981 secur32: Add some more schannel tests. 2010-09-15 16:36:45 -05:00
Mikko Rasa 506af9205d secur32: Fill a SECBUFFER_MISSING buffer if the message is not complete. 2010-09-15 16:36:17 -05:00
Mikko Rasa b335e94788 secur32: Only process full TLS frames in schan_DecryptMessage. 2010-09-15 16:36:11 -05:00
Mikko Rasa 149ffe130f secur32: Fill header and trailer buffers in schan_DecryptMessage. 2010-09-15 16:36:01 -05:00
Mikko Rasa b424b3431e secur32: Validate buffers passed to schan_DecryptMessage. 2010-09-15 16:35:51 -05:00
Alexandre Julliard b86d515ed6 dlls: Remove explicit imports of kernel32 and ntdll. 2010-07-21 17:38:36 +02:00
Michael Stefaniuc 24592a7a62 secur32: Avoid using long. 2010-05-12 13:44:40 +02:00
Kai Blin 9dd206d28e secur32: Use NTLM2 instead of NTLMv2.
In the current code NTLMv2 is used when talking about second generation
NTLM crypto algorithms. Most other publiations call this NTLM2, and use
NTLMv2 to describe a different crypto handshake that can be used by
either NTLM1 or NTLM2 crypto.
2010-04-19 14:56:12 +02:00
Alexandre Julliard 43a98ecb21 secur32: Avoid using a pointer difference in a trace. 2010-04-09 16:14:07 +02:00
Alexandre Julliard bef5645eb1 makefiles: Remove the no longer needed explicit separators for dependencies. 2010-03-16 13:28:19 +01:00
Alexandre Julliard 6164ce2d82 makefiles: Use the standard C_SRCS variable as the list of test files.
This enables it to be auto-updated by make_makefiles.
2010-02-22 10:47:11 +01:00
Juan Lang 7c3b9a1551 secur32: Report an error if libgnutls isn't found. 2010-01-11 12:54:23 -06:00
Rob Shearman 697955c922 secur32: Don't allocate context handle in wrapper InitializeSecurityContextA/W if it is the same as the handle passed into the function. 2009-12-30 13:40:35 +01:00
Rob Shearman 1346834605 secur32: Fix memory leaks in ntlm_InitializeSecurityContextW. 2009-12-30 13:40:31 +01:00
Rob Shearman 693433a3f2 secur32: Simplify memory management by not allocating memory for the CredHandle and CtxtHandle pointers.
Instead store the handles directly in the SspiData structure and pass
the addresses of these into SSPI functions.
2009-12-30 13:40:25 +01:00
Rob Shearman 5f01280edf secur32: Fix memory leaks in tests. 2009-12-30 13:40:17 +01:00
Kai Blin 9a81b032c4 secur32: Pretend the NTLM provider also does Negotiate.
We had to enable the Negotiate provider a while back so programs that expected 
that provider to be present would be happy. This broke programs that expect a 
Negotiate provider to actually do something if it is present. This fix works 
around that new issue by thunking all calls to Negotiate to NTLM.
2009-12-30 13:31:12 +01:00
Hans Leidekker 44f9595454 secur32/tests: Fix a couple of memory leaks.
Found by Valgrind.
2009-12-21 15:01:24 +01:00
Lei Zhang c89211336b secur32: Fix memory leak in SECUR32_addPackages. 2009-12-17 13:09:49 +01:00
Rob Shearman 3cd88cfab3 secur32: Fix memory leak in NTLM's FreeCredentialsHandle. 2009-12-14 12:04:05 +01:00
Hans Leidekker aeb161f13f secur32: Handle EOF from gnutls_record_recv. 2009-11-19 11:50:40 +01:00
Rob Shearman f6c9c72e21 secur32: Output extra data in NTLM sign & seal test to diagnose failures seen on some Windows machines. 2009-11-09 19:38:58 +01:00
Kai Blin e987ec4299 secur32: Use empty credentials when cached creds fail. 2009-11-09 19:38:00 +01:00
Henri Verbeet 3e96881e4c secur32: Don't bother zeroing the handle table in SECUR32_initSchannelSP().
Handles are initialized when they're allocated.
2009-10-15 12:06:18 +02:00
Henri Verbeet 226519efbc secur32: Don't try to cleanup uninitialized handles in SECUR32_deinitSchannelSP(). 2009-10-15 12:06:18 +02:00
Henri Verbeet 5b47904231 secur32: Recognize the ARC4 cipher in schannel_get_cipher_algid(). 2009-10-15 12:06:18 +02:00
Ge van Geldorp 43a28649c3 secur32/tests: Add acceptable error code for Win7 ntlm test. 2009-10-06 12:00:32 +02:00
Hans Leidekker 8bb68933ea secur32: Test passing null authentication data to AcquireCredentialsHandle. 2009-10-06 11:58:19 +02:00
Paul Vriens 7b3213fd65 secur32/tests: Skip some tests on WinMe to avoid a crash. 2009-10-02 11:52:12 +02:00
Dylan Smith fd3c8335fd secur32: Free schannel handle table.
The table is initialized on process attach, and should be freed on process
detach (which is where SECUR32_deinitSchannelSP gets called).
2009-09-28 13:31:27 +02:00
Dylan Smith fdcfbe21c3 secur32: Remove redendant call to gnutls_certificate_get_peers.
Two identical calls are made with the same parameters, and there are no
documented side effects of this function, so I removed one of them.
2009-09-28 13:31:18 +02:00
Kai Blin e6ac20e814 secur32: Revert "secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials".
This reverts commit 7788c8ed0d, as well
as commit ec443be738. Due to erroneous
user input, these commits actually broke more than they fixed.
2009-08-12 12:51:02 +02:00
Kai Blin dfb2b429a0 secur32: Load Negotiate provider again. 2009-08-12 12:50:03 +02:00