search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
usp10: Avoid buffer overrun in ReplaceInsertChars.
[wine.git] / dlls / secur32 / secur32_priv.h
blob1baa543fe15cf2467b6c74ef6d25e316ba18e776
1 /*
2 * secur32 private definitions.
3 *
4 * Copyright (C) 2004 Juan Lang
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21 #ifndef __SECUR32_PRIV_H__
22 #define __SECUR32_PRIV_H__
23
24 #include <sys/types.h>
25 #include <limits.h>
26 #include "wine/list.h"
27 #include "schannel.h"
28
29 typedef struct _SecureProvider
30 {
31 struct list entry;
32 BOOL loaded;
33 PWSTR moduleName;
34 HMODULE lib;
35 SecurityFunctionTableA fnTableA;
36 SecurityFunctionTableW fnTableW;
37 } SecureProvider;
38
39 typedef struct _SecurePackage
40 {
41 struct list entry;
42 SecPkgInfoW infoW;
43 SecureProvider *provider;
44 } SecurePackage;
45
46 typedef enum _helper_mode {
47 NTLM_SERVER,
48 NTLM_CLIENT,
49 NUM_HELPER_MODES
50 } HelperMode;
51
52 typedef struct tag_arc4_info {
53 unsigned char x, y;
54 unsigned char state[256];
55 } arc4_info;
56
57 typedef struct _NegoHelper {
58 pid_t helper_pid;
59 HelperMode mode;
60 int pipe_in;
61 int pipe_out;
62 int major;
63 int minor;
64 int micro;
65 char *com_buf;
66 int com_buf_size;
67 int com_buf_offset;
68 BYTE *session_key;
69 ULONG neg_flags;
70 struct {
71 struct {
72 ULONG seq_num;
73 arc4_info *a4i;
74 } ntlm;
75 struct {
76 BYTE *send_sign_key;
77 BYTE *send_seal_key;
78 BYTE *recv_sign_key;
79 BYTE *recv_seal_key;
80 ULONG send_seq_no;
81 ULONG recv_seq_no;
82 arc4_info *send_a4i;
83 arc4_info *recv_a4i;
84 } ntlm2;
85 } crypt;
86 } NegoHelper, *PNegoHelper;
87
88 typedef struct _NtlmCredentials
89 {
90 HelperMode mode;
91
92 /* these are all in the Unix codepage */
93 char *username_arg;
94 char *domain_arg;
95 char *password; /* not nul-terminated */
96 int pwlen;
97 int no_cached_credentials; /* don't try to use cached Samba credentials */
98 } NtlmCredentials, *PNtlmCredentials;
99
100 typedef enum _sign_direction {
101 NTLM_SEND,
102 NTLM_RECV
103 } SignDirection;
104
105 /* Allocates space for and initializes a new provider. If fnTableA or fnTableW
106 * is non-NULL, assumes the provider is built-in, and if moduleName is non-NULL,
107 * means must load the LSA/user mode functions tables from external SSP/AP module.
108 * Otherwise moduleName must not be NULL.
109 * Returns a pointer to the stored provider entry, for use adding packages.
110 */
111 SecureProvider *SECUR32_addProvider(const SecurityFunctionTableA *fnTableA,
112 const SecurityFunctionTableW *fnTableW, PCWSTR moduleName) DECLSPEC_HIDDEN;
113
114 /* Allocates space for and adds toAdd packages with the given provider.
115 * provider must not be NULL, and either infoA or infoW may be NULL, but not
116 * both.
117 */
118 void SECUR32_addPackages(SecureProvider *provider, ULONG toAdd,
119 const SecPkgInfoA *infoA, const SecPkgInfoW *infoW) DECLSPEC_HIDDEN;
120
121 /* Tries to find the package named packageName. If it finds it, implicitly
122 * loads the package if it isn't already loaded.
123 */
124 SecurePackage *SECUR32_findPackageW(PCWSTR packageName) DECLSPEC_HIDDEN;
125
126 /* Tries to find the package named packageName. (Thunks to _findPackageW)
127 */
128 SecurePackage *SECUR32_findPackageA(PCSTR packageName) DECLSPEC_HIDDEN;
129
130 /* A few string helpers; will return NULL if str is NULL. Free return with
131 * HeapFree */
132 PWSTR SECUR32_AllocWideFromMultiByte(PCSTR str) DECLSPEC_HIDDEN;
133 PSTR SECUR32_AllocMultiByteFromWide(PCWSTR str) DECLSPEC_HIDDEN;
134
135 /* Initialization functions for built-in providers */
136 void SECUR32_initSchannelSP(void) DECLSPEC_HIDDEN;
137 void SECUR32_initNegotiateSP(void) DECLSPEC_HIDDEN;
138 void SECUR32_initNTLMSP(void) DECLSPEC_HIDDEN;
139 void SECUR32_initKerberosSP(void) DECLSPEC_HIDDEN;
140
141 /* Cleanup functions for built-in providers */
142 void SECUR32_deinitSchannelSP(void) DECLSPEC_HIDDEN;
143
144 /* Functions from dispatcher.c used elsewhere in the code */
145 SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog,
146 char * const argv[]) DECLSPEC_HIDDEN;
147
148 SECURITY_STATUS run_helper(PNegoHelper helper, char *buffer,
149 unsigned int max_buflen, int *buflen) DECLSPEC_HIDDEN;
150
151 void cleanup_helper(PNegoHelper helper) DECLSPEC_HIDDEN;
152
153 void check_version(PNegoHelper helper) DECLSPEC_HIDDEN;
154
155 /* Functions from base64_codec.c used elsewhere */
156 SECURITY_STATUS encodeBase64(PBYTE in_buf, int in_len, char* out_buf,
157 int max_len, int *out_len) DECLSPEC_HIDDEN;
158
159 SECURITY_STATUS decodeBase64(char *in_buf, int in_len, BYTE *out_buf,
160 int max_len, int *out_len) DECLSPEC_HIDDEN;
161
162 /* Functions from util.c */
163 ULONG ComputeCrc32(const BYTE *pData, INT iLen, ULONG initial_crc) DECLSPEC_HIDDEN;
164 SECURITY_STATUS SECUR32_CreateNTLM1SessionKey(PBYTE password, int len, PBYTE session_key) DECLSPEC_HIDDEN;
165 SECURITY_STATUS SECUR32_CreateNTLM2SubKeys(PNegoHelper helper) DECLSPEC_HIDDEN;
166 arc4_info *SECUR32_arc4Alloc(void) DECLSPEC_HIDDEN;
167 void SECUR32_arc4Init(arc4_info *a4i, const BYTE *key, unsigned int keyLen) DECLSPEC_HIDDEN;
168 void SECUR32_arc4Process(arc4_info *a4i, BYTE *inoutString, unsigned int length) DECLSPEC_HIDDEN;
169 void SECUR32_arc4Cleanup(arc4_info *a4i) DECLSPEC_HIDDEN;
170
171 /* NTLMSSP flags indicating the negotiated features */
172 #define NTLMSSP_NEGOTIATE_UNICODE 0x00000001
173 #define NTLMSSP_NEGOTIATE_OEM 0x00000002
174 #define NTLMSSP_REQUEST_TARGET 0x00000004
175 #define NTLMSSP_NEGOTIATE_SIGN 0x00000010
176 #define NTLMSSP_NEGOTIATE_SEAL 0x00000020
177 #define NTLMSSP_NEGOTIATE_DATAGRAM_STYLE 0x00000040
178 #define NTLMSSP_NEGOTIATE_LM_SESSION_KEY 0x00000080
179 #define NTLMSSP_NEGOTIATE_NTLM 0x00000200
180 #define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x00001000
181 #define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000
182 #define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x00004000
183 #define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000
184 #define NTLMSSP_NEGOTIATE_TARGET_TYPE_DOMAIN 0x00010000
185 #define NTLMSSP_NEGOTIATE_TARGET_TYPE_SERVER 0x00020000
186 #define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
187 #define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000
188 #define NTLMSSP_NEGOTIATE_128 0x20000000
189 #define NTLMSSP_NEGOTIATE_KEY_EXCHANGE 0x40000000
190 #define NTLMSSP_NEGOTIATE_56 0x80000000
191
192 SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(SEC_WCHAR *, SEC_WCHAR *,
193 ULONG, PLUID, PVOID, SEC_GET_KEY_FN, PVOID, PCredHandle, PTimeStamp) DECLSPEC_HIDDEN;
194 SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(PCredHandle, PCtxtHandle,
195 SEC_WCHAR *, ULONG fContextReq, ULONG, ULONG, PSecBufferDesc, ULONG, PCtxtHandle,
196 PSecBufferDesc, ULONG *, PTimeStamp) DECLSPEC_HIDDEN;
197 SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(PCredHandle, PCtxtHandle, PSecBufferDesc,
198 ULONG, ULONG, PCtxtHandle, PSecBufferDesc, ULONG *, PTimeStamp) DECLSPEC_HIDDEN;
199 SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesA(PCtxtHandle, ULONG, void *) DECLSPEC_HIDDEN;
200 SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle, ULONG, void *) DECLSPEC_HIDDEN;
201 SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle, ULONG, PSecBufferDesc, ULONG) DECLSPEC_HIDDEN;
202 SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle, PSecBufferDesc, ULONG, PULONG) DECLSPEC_HIDDEN;
203 SECURITY_STATUS SEC_ENTRY ntlm_FreeCredentialsHandle(PCredHandle) DECLSPEC_HIDDEN;
204 SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle) DECLSPEC_HIDDEN;
205 SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle, ULONG, PSecBufferDesc, ULONG) DECLSPEC_HIDDEN;
206 SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle, PSecBufferDesc, ULONG, PULONG) DECLSPEC_HIDDEN;
207
208 SecPkgInfoW *ntlm_package_infoW DECLSPEC_HIDDEN;
209 SecPkgInfoA *ntlm_package_infoA DECLSPEC_HIDDEN;
210
211 /* schannel internal interface */
212 typedef struct schan_imp_session_opaque *schan_imp_session;
213
214 typedef struct schan_credentials
215 {
216 ULONG credential_use;
217 void *credentials;
218 DWORD enabled_protocols;
219 } schan_credentials;
220
221 struct schan_transport;
222
223 struct schan_buffers
224 {
225 SIZE_T offset;
226 SIZE_T limit;
227 const SecBufferDesc *desc;
228 int current_buffer_idx;
229 BOOL allow_buffer_resize;
230 int (*get_next_buffer)(const struct schan_transport *, struct schan_buffers *);
231 };
232
233 struct schan_transport
234 {
235 struct schan_context *ctx;
236 struct schan_buffers in;
237 struct schan_buffers out;
238 };
239
240 char *schan_get_buffer(const struct schan_transport *t, struct schan_buffers *s, SIZE_T *count) DECLSPEC_HIDDEN;
241 extern int schan_pull(struct schan_transport *t, void *buff, size_t *buff_len) DECLSPEC_HIDDEN;
242 extern int schan_push(struct schan_transport *t, const void *buff, size_t *buff_len) DECLSPEC_HIDDEN;
243
244 extern schan_imp_session schan_session_for_transport(struct schan_transport* t) DECLSPEC_HIDDEN;
245
246 /* schannel implementation interface */
247 extern BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred) DECLSPEC_HIDDEN;
248 extern void schan_imp_dispose_session(schan_imp_session session) DECLSPEC_HIDDEN;
249 extern void schan_imp_set_session_transport(schan_imp_session session,
250 struct schan_transport *t) DECLSPEC_HIDDEN;
251 extern void schan_imp_set_session_target(schan_imp_session session, const char *target) DECLSPEC_HIDDEN;
252 extern SECURITY_STATUS schan_imp_handshake(schan_imp_session session) DECLSPEC_HIDDEN;
253 extern unsigned int schan_imp_get_session_cipher_block_size(schan_imp_session session) DECLSPEC_HIDDEN;
254 extern unsigned int schan_imp_get_max_message_size(schan_imp_session session) DECLSPEC_HIDDEN;
255 extern SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session,
256 SecPkgContext_ConnectionInfo *info) DECLSPEC_HIDDEN;
257 extern SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, HCERTSTORE,
258 PCCERT_CONTEXT *cert) DECLSPEC_HIDDEN;
259 extern SECURITY_STATUS schan_imp_send(schan_imp_session session, const void *buffer,
260 SIZE_T *length) DECLSPEC_HIDDEN;
261 extern SECURITY_STATUS schan_imp_recv(schan_imp_session session, void *buffer,
262 SIZE_T *length) DECLSPEC_HIDDEN;
263 extern BOOL schan_imp_allocate_certificate_credentials(schan_credentials*) DECLSPEC_HIDDEN;
264 extern void schan_imp_free_certificate_credentials(schan_credentials*) DECLSPEC_HIDDEN;
265 extern DWORD schan_imp_enabled_protocols(void) DECLSPEC_HIDDEN;
266 extern BOOL schan_imp_init(void) DECLSPEC_HIDDEN;
267 extern void schan_imp_deinit(void) DECLSPEC_HIDDEN;
268
269
270 #endif /* ndef __SECUR32_PRIV_H__ */
Windows API implementation