search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
crypt32: Use the available ARRAY_SIZE() macro.
[wine.git] / dlls / secur32 / secur32.c
blob9240c108e541c7c8fbf07629ea27598dc5a96a6b
1 /* Copyright (C) 2004 Juan Lang
2 *
3 * This file implements loading of SSP DLLs.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
18 */
19 #include <assert.h>
20 #include <stdarg.h>
21
22 #include "ntstatus.h"
23 #define WIN32_NO_STATUS
24 #include "windef.h"
25 #include "winbase.h"
26 #include "winnls.h"
27 #include "winreg.h"
28 #include "winternl.h"
29 #include "shlwapi.h"
30 #include "sspi.h"
31 #include "secur32_priv.h"
32 #include "secext.h"
33 #include "ntsecapi.h"
34 #include "thunks.h"
35 #include "lmcons.h"
36
37 #include "wine/list.h"
38 #include "wine/debug.h"
39 #include "wine/unicode.h"
40
41 WINE_DEFAULT_DEBUG_CHANNEL(secur32);
42
43 /**
44 * Type definitions
45 */
46
47 typedef struct _SecurePackageTable
48 {
49 DWORD numPackages;
50 DWORD numAllocated;
51 struct list table;
52 } SecurePackageTable;
53
54 typedef struct _SecureProviderTable
55 {
56 DWORD numProviders;
57 DWORD numAllocated;
58 struct list table;
59 } SecureProviderTable;
60
61 /**
62 * Prototypes
63 */
64
65 /* Tries to load moduleName as a provider. If successful, enumerates what
66 * packages it can and adds them to the package and provider tables. Resizes
67 * tables as necessary.
68 */
69 static void _tryLoadProvider(PWSTR moduleName);
70
71 /* Initialization: read securityproviders value and attempt to open each dll
72 * there. For each DLL, call _tryLoadProvider to see if it's really an SSP.
73 * Two undocumented functions, AddSecurityPackage(A/W) and
74 * DeleteSecurityPackage(A/W), seem suspiciously like they'd register or
75 * unregister a dll, but I'm not sure.
76 */
77 static void SECUR32_initializeProviders(void);
78
79 /* Frees all loaded packages and providers */
80 static void SECUR32_freeProviders(void);
81
82 /**
83 * Globals
84 */
85
86 static CRITICAL_SECTION cs;
87 static CRITICAL_SECTION_DEBUG cs_debug =
88 {
89 0, 0, &cs,
90 { &cs_debug.ProcessLocksList, &cs_debug.ProcessLocksList },
91 0, 0, { (DWORD_PTR)(__FILE__ ": cs") }
92 };
93 static CRITICAL_SECTION cs = { &cs_debug, -1, 0, 0, 0, 0 };
94 static SecurePackageTable *packageTable = NULL;
95 static SecureProviderTable *providerTable = NULL;
96
97 static SecurityFunctionTableA securityFunctionTableA = {
98 SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
99 EnumerateSecurityPackagesA,
100 QueryCredentialsAttributesA,
101 AcquireCredentialsHandleA,
102 FreeCredentialsHandle,
103 NULL, /* Reserved2 */
104 InitializeSecurityContextA,
105 AcceptSecurityContext,
106 CompleteAuthToken,
107 DeleteSecurityContext,
108 ApplyControlToken,
109 QueryContextAttributesA,
110 ImpersonateSecurityContext,
111 RevertSecurityContext,
112 MakeSignature,
113 VerifySignature,
114 FreeContextBuffer,
115 QuerySecurityPackageInfoA,
116 EncryptMessage, /* Reserved3 */
117 DecryptMessage, /* Reserved4 */
118 ExportSecurityContext,
119 ImportSecurityContextA,
120 AddCredentialsA,
121 NULL, /* Reserved8 */
122 QuerySecurityContextToken,
123 EncryptMessage,
124 DecryptMessage,
125 SetContextAttributesA
126 };
127
128 static SecurityFunctionTableW securityFunctionTableW = {
129 SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
130 EnumerateSecurityPackagesW,
131 QueryCredentialsAttributesW,
132 AcquireCredentialsHandleW,
133 FreeCredentialsHandle,
134 NULL, /* Reserved2 */
135 InitializeSecurityContextW,
136 AcceptSecurityContext,
137 CompleteAuthToken,
138 DeleteSecurityContext,
139 ApplyControlToken,
140 QueryContextAttributesW,
141 ImpersonateSecurityContext,
142 RevertSecurityContext,
143 MakeSignature,
144 VerifySignature,
145 FreeContextBuffer,
146 QuerySecurityPackageInfoW,
147 EncryptMessage, /* Reserved3 */
148 DecryptMessage, /* Reserved4 */
149 ExportSecurityContext,
150 ImportSecurityContextW,
151 AddCredentialsW,
152 NULL, /* Reserved8 */
153 QuerySecurityContextToken,
154 EncryptMessage,
155 DecryptMessage,
156 SetContextAttributesW
157 };
158
159 /***********************************************************************
160 * InitSecurityInterfaceA (SECUR32.@)
161 */
162 PSecurityFunctionTableA WINAPI InitSecurityInterfaceA(void)
163 {
164 return &securityFunctionTableA;
165 }
166
167 /***********************************************************************
168 * InitSecurityInterfaceW (SECUR32.@)
169 */
170 PSecurityFunctionTableW WINAPI InitSecurityInterfaceW(void)
171 {
172 return &securityFunctionTableW;
173 }
174
175 static PWSTR SECUR32_strdupW(PCWSTR str)
176 {
177 PWSTR ret;
178
179 if (str)
180 {
181 ret = heap_alloc((lstrlenW(str) + 1) * sizeof(WCHAR));
182 if (ret)
183 lstrcpyW(ret, str);
184 }
185 else
186 ret = NULL;
187 return ret;
188 }
189
190 PWSTR SECUR32_AllocWideFromMultiByte(PCSTR str)
191 {
192 PWSTR ret;
193
194 if (str)
195 {
196 int charsNeeded = MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
197
198 if (charsNeeded)
199 {
200 ret = heap_alloc(charsNeeded * sizeof(WCHAR));
201 if (ret)
202 MultiByteToWideChar(CP_ACP, 0, str, -1, ret, charsNeeded);
203 }
204 else
205 ret = NULL;
206 }
207 else
208 ret = NULL;
209 return ret;
210 }
211
212 PSTR SECUR32_AllocMultiByteFromWide(PCWSTR str)
213 {
214 PSTR ret;
215
216 if (str)
217 {
218 int charsNeeded = WideCharToMultiByte(CP_ACP, 0, str, -1, NULL, 0,
219 NULL, NULL);
220
221 if (charsNeeded)
222 {
223 ret = heap_alloc(charsNeeded);
224 if (ret)
225 WideCharToMultiByte(CP_ACP, 0, str, -1, ret, charsNeeded,
226 NULL, NULL);
227 }
228 else
229 ret = NULL;
230 }
231 else
232 ret = NULL;
233 return ret;
234 }
235
236 static void _makeFnTableA(PSecurityFunctionTableA fnTableA,
237 const SecurityFunctionTableA *inFnTableA,
238 const SecurityFunctionTableW *inFnTableW)
239 {
240 if (fnTableA)
241 {
242 if (inFnTableA)
243 {
244 /* The size of the version 1 table is based on platform sdk's
245 * sspi.h, though the sample ssp also provided with platform sdk
246 * implies only functions through QuerySecurityPackageInfoA are
247 * implemented (yikes)
248 */
249 size_t tableSize = inFnTableA->dwVersion == 1 ?
250 (const BYTE *)&inFnTableA->SetContextAttributesA -
251 (const BYTE *)inFnTableA : sizeof(SecurityFunctionTableA);
252
253 memcpy(fnTableA, inFnTableA, tableSize);
254 /* override this, since we can do it internally anyway */
255 fnTableA->QuerySecurityPackageInfoA =
256 QuerySecurityPackageInfoA;
257 }
258 else if (inFnTableW)
259 {
260 /* functions with thunks */
261 if (inFnTableW->AcquireCredentialsHandleW)
262 fnTableA->AcquireCredentialsHandleA =
263 thunk_AcquireCredentialsHandleA;
264 if (inFnTableW->InitializeSecurityContextW)
265 fnTableA->InitializeSecurityContextA =
266 thunk_InitializeSecurityContextA;
267 if (inFnTableW->ImportSecurityContextW)
268 fnTableA->ImportSecurityContextA =
269 thunk_ImportSecurityContextA;
270 if (inFnTableW->AddCredentialsW)
271 fnTableA->AddCredentialsA =
272 thunk_AddCredentialsA;
273 if (inFnTableW->QueryCredentialsAttributesW)
274 fnTableA->QueryCredentialsAttributesA =
275 thunk_QueryCredentialsAttributesA;
276 if (inFnTableW->QueryContextAttributesW)
277 fnTableA->QueryContextAttributesA =
278 thunk_QueryContextAttributesA;
279 if (inFnTableW->SetContextAttributesW)
280 fnTableA->SetContextAttributesA =
281 thunk_SetContextAttributesA;
282 /* this can't be thunked, there's no extra param to know which
283 * package to forward to */
284 fnTableA->EnumerateSecurityPackagesA = NULL;
285 /* functions with no thunks needed */
286 fnTableA->AcceptSecurityContext = inFnTableW->AcceptSecurityContext;
287 fnTableA->CompleteAuthToken = inFnTableW->CompleteAuthToken;
288 fnTableA->DeleteSecurityContext = inFnTableW->DeleteSecurityContext;
289 fnTableA->ImpersonateSecurityContext =
290 inFnTableW->ImpersonateSecurityContext;
291 fnTableA->RevertSecurityContext = inFnTableW->RevertSecurityContext;
292 fnTableA->MakeSignature = inFnTableW->MakeSignature;
293 fnTableA->VerifySignature = inFnTableW->VerifySignature;
294 fnTableA->FreeContextBuffer = inFnTableW->FreeContextBuffer;
295 fnTableA->QuerySecurityPackageInfoA =
296 QuerySecurityPackageInfoA;
297 fnTableA->ExportSecurityContext =
298 inFnTableW->ExportSecurityContext;
299 fnTableA->QuerySecurityContextToken =
300 inFnTableW->QuerySecurityContextToken;
301 fnTableA->EncryptMessage = inFnTableW->EncryptMessage;
302 fnTableA->DecryptMessage = inFnTableW->DecryptMessage;
303 }
304 }
305 }
306
307 static void _makeFnTableW(PSecurityFunctionTableW fnTableW,
308 const SecurityFunctionTableA *inFnTableA,
309 const SecurityFunctionTableW *inFnTableW)
310 {
311 if (fnTableW)
312 {
313 if (inFnTableW)
314 {
315 /* The size of the version 1 table is based on platform sdk's
316 * sspi.h, though the sample ssp also provided with platform sdk
317 * implies only functions through QuerySecurityPackageInfoA are
318 * implemented (yikes)
319 */
320 size_t tableSize = inFnTableW->dwVersion == 1 ?
321 (const BYTE *)&inFnTableW->SetContextAttributesW -
322 (const BYTE *)inFnTableW : sizeof(SecurityFunctionTableW);
323
324 memcpy(fnTableW, inFnTableW, tableSize);
325 /* override this, since we can do it internally anyway */
326 fnTableW->QuerySecurityPackageInfoW =
327 QuerySecurityPackageInfoW;
328 }
329 else if (inFnTableA)
330 {
331 /* functions with thunks */
332 if (inFnTableA->AcquireCredentialsHandleA)
333 fnTableW->AcquireCredentialsHandleW =
334 thunk_AcquireCredentialsHandleW;
335 if (inFnTableA->InitializeSecurityContextA)
336 fnTableW->InitializeSecurityContextW =
337 thunk_InitializeSecurityContextW;
338 if (inFnTableA->ImportSecurityContextA)
339 fnTableW->ImportSecurityContextW =
340 thunk_ImportSecurityContextW;
341 if (inFnTableA->AddCredentialsA)
342 fnTableW->AddCredentialsW =
343 thunk_AddCredentialsW;
344 if (inFnTableA->QueryCredentialsAttributesA)
345 fnTableW->QueryCredentialsAttributesW =
346 thunk_QueryCredentialsAttributesW;
347 if (inFnTableA->QueryContextAttributesA)
348 fnTableW->QueryContextAttributesW =
349 thunk_QueryContextAttributesW;
350 if (inFnTableA->SetContextAttributesA)
351 fnTableW->SetContextAttributesW =
352 thunk_SetContextAttributesW;
353 /* this can't be thunked, there's no extra param to know which
354 * package to forward to */
355 fnTableW->EnumerateSecurityPackagesW = NULL;
356 /* functions with no thunks needed */
357 fnTableW->AcceptSecurityContext = inFnTableA->AcceptSecurityContext;
358 fnTableW->CompleteAuthToken = inFnTableA->CompleteAuthToken;
359 fnTableW->DeleteSecurityContext = inFnTableA->DeleteSecurityContext;
360 fnTableW->ImpersonateSecurityContext =
361 inFnTableA->ImpersonateSecurityContext;
362 fnTableW->RevertSecurityContext = inFnTableA->RevertSecurityContext;
363 fnTableW->MakeSignature = inFnTableA->MakeSignature;
364 fnTableW->VerifySignature = inFnTableA->VerifySignature;
365 fnTableW->FreeContextBuffer = inFnTableA->FreeContextBuffer;
366 fnTableW->QuerySecurityPackageInfoW =
367 QuerySecurityPackageInfoW;
368 fnTableW->ExportSecurityContext =
369 inFnTableA->ExportSecurityContext;
370 fnTableW->QuerySecurityContextToken =
371 inFnTableA->QuerySecurityContextToken;
372 fnTableW->EncryptMessage = inFnTableA->EncryptMessage;
373 fnTableW->DecryptMessage = inFnTableA->DecryptMessage;
374 }
375 }
376 }
377
378 static void _copyPackageInfo(PSecPkgInfoW info, const SecPkgInfoA *inInfoA,
379 const SecPkgInfoW *inInfoW)
380 {
381 if (info && (inInfoA || inInfoW))
382 {
383 /* odd, I know, but up until Name and Comment the structures are
384 * identical
385 */
386 memcpy(info, inInfoW ? inInfoW : (const SecPkgInfoW *)inInfoA, sizeof(*info));
387 if (inInfoW)
388 {
389 info->Name = SECUR32_strdupW(inInfoW->Name);
390 info->Comment = SECUR32_strdupW(inInfoW->Comment);
391 }
392 else
393 {
394 info->Name = SECUR32_AllocWideFromMultiByte(inInfoA->Name);
395 info->Comment = SECUR32_AllocWideFromMultiByte(inInfoA->Comment);
396 }
397 }
398 }
399
400 SecureProvider *SECUR32_addProvider(const SecurityFunctionTableA *fnTableA,
401 const SecurityFunctionTableW *fnTableW, PCWSTR moduleName)
402 {
403 SecureProvider *ret;
404
405 EnterCriticalSection(&cs);
406
407 if (!providerTable)
408 {
409 providerTable = heap_alloc(sizeof(SecureProviderTable));
410 if (!providerTable)
411 {
412 LeaveCriticalSection(&cs);
413 return NULL;
414 }
415
416 list_init(&providerTable->table);
417 }
418
419 ret = heap_alloc(sizeof(SecureProvider));
420 if (!ret)
421 {
422 LeaveCriticalSection(&cs);
423 return NULL;
424 }
425
426 list_add_tail(&providerTable->table, &ret->entry);
427 ret->lib = NULL;
428
429 if (fnTableA || fnTableW)
430 {
431 ret->moduleName = moduleName ? SECUR32_strdupW(moduleName) : NULL;
432 _makeFnTableA(&ret->fnTableA, fnTableA, fnTableW);
433 _makeFnTableW(&ret->fnTableW, fnTableA, fnTableW);
434 ret->loaded = !moduleName;
435 }
436 else
437 {
438 ret->moduleName = SECUR32_strdupW(moduleName);
439 ret->loaded = FALSE;
440 }
441
442 LeaveCriticalSection(&cs);
443 return ret;
444 }
445
446 void SECUR32_addPackages(SecureProvider *provider, ULONG toAdd,
447 const SecPkgInfoA *infoA, const SecPkgInfoW *infoW)
448 {
449 ULONG i;
450
451 assert(provider);
452 assert(infoA || infoW);
453
454 EnterCriticalSection(&cs);
455
456 if (!packageTable)
457 {
458 packageTable = heap_alloc(sizeof(SecurePackageTable));
459 if (!packageTable)
460 {
461 LeaveCriticalSection(&cs);
462 return;
463 }
464
465 packageTable->numPackages = 0;
466 list_init(&packageTable->table);
467 }
468
469 for (i = 0; i < toAdd; i++)
470 {
471 SecurePackage *package = heap_alloc(sizeof(SecurePackage));
472 if (!package)
473 continue;
474
475 list_add_tail(&packageTable->table, &package->entry);
476
477 package->provider = provider;
478 _copyPackageInfo(&package->infoW,
479 infoA ? &infoA[i] : NULL,
480 infoW ? &infoW[i] : NULL);
481 }
482 packageTable->numPackages += toAdd;
483
484 LeaveCriticalSection(&cs);
485 }
486
487 static void _tryLoadProvider(PWSTR moduleName)
488 {
489 HMODULE lib = LoadLibraryW(moduleName);
490
491 if (lib)
492 {
493 INIT_SECURITY_INTERFACE_W pInitSecurityInterfaceW =
494 (INIT_SECURITY_INTERFACE_W)GetProcAddress(lib,
495 SECURITY_ENTRYPOINT_ANSIW);
496 INIT_SECURITY_INTERFACE_A pInitSecurityInterfaceA =
497 (INIT_SECURITY_INTERFACE_A)GetProcAddress(lib,
498 SECURITY_ENTRYPOINT_ANSIA);
499
500 TRACE("loaded %s, InitSecurityInterfaceA is %p, InitSecurityInterfaceW is %p\n",
501 debugstr_w(moduleName), pInitSecurityInterfaceA,
502 pInitSecurityInterfaceW);
503 if (pInitSecurityInterfaceW || pInitSecurityInterfaceA)
504 {
505 PSecurityFunctionTableA fnTableA = NULL;
506 PSecurityFunctionTableW fnTableW = NULL;
507 ULONG toAdd = 0;
508 PSecPkgInfoA infoA = NULL;
509 PSecPkgInfoW infoW = NULL;
510 SECURITY_STATUS ret = SEC_E_OK;
511
512 if (pInitSecurityInterfaceA)
513 fnTableA = pInitSecurityInterfaceA();
514 if (pInitSecurityInterfaceW)
515 fnTableW = pInitSecurityInterfaceW();
516 if (fnTableW && fnTableW->EnumerateSecurityPackagesW)
517 {
518 if (fnTableW != &securityFunctionTableW)
519 ret = fnTableW->EnumerateSecurityPackagesW(&toAdd, &infoW);
520 else
521 TRACE("%s has built-in providers, skip adding\n", debugstr_w(moduleName));
522 }
523 else if (fnTableA && fnTableA->EnumerateSecurityPackagesA)
524 {
525 if (fnTableA != &securityFunctionTableA)
526 ret = fnTableA->EnumerateSecurityPackagesA(&toAdd, &infoA);
527 else
528 TRACE("%s has built-in providers, skip adding\n", debugstr_w(moduleName));
529 }
530 if (ret == SEC_E_OK && toAdd > 0 && (infoW || infoA))
531 {
532 SecureProvider *provider = SECUR32_addProvider(NULL, NULL,
533 moduleName);
534
535 if (provider)
536 SECUR32_addPackages(provider, toAdd, infoA, infoW);
537 if (infoW)
538 fnTableW->FreeContextBuffer(infoW);
539 else
540 fnTableA->FreeContextBuffer(infoA);
541 }
542 }
543 FreeLibrary(lib);
544 }
545 else
546 WARN("failed to load %s\n", debugstr_w(moduleName));
547 }
548
549 static const WCHAR securityProvidersKeyW[] = {
550 'S','Y','S','T','E','M','\\','C','u','r','r','e','n','t','C','o','n','t','r',
551 'o','l','S','e','t','\\','C','o','n','t','r','o','l','\\','S','e','c','u','r',
552 'i','t','y','P','r','o','v','i','d','e','r','s','\0'
553 };
554 static const WCHAR securityProvidersW[] = {
555 'S','e','c','u','r','i','t','y','P','r','o','v','i','d','e','r','s',0
556 };
557
558 static void SECUR32_initializeProviders(void)
559 {
560 HKEY key;
561 LSTATUS apiRet;
562
563 TRACE("\n");
564 /* First load built-in providers */
565 SECUR32_initSchannelSP();
566 SECUR32_initNTLMSP();
567 /* Load SSP/AP packages (Kerberos and others) */
568 load_auth_packages();
569 /* Load the Negotiate provider last so apps stumble over the working NTLM
570 * provider first. Attempting to fix bug #16905 while keeping the
571 * application reported on wine-users on 2006-09-12 working. */
572 SECUR32_initNegotiateSP();
573 /* Now load providers from registry */
574 apiRet = RegOpenKeyExW(HKEY_LOCAL_MACHINE, securityProvidersKeyW, 0,
575 KEY_READ, &key);
576 if (apiRet == ERROR_SUCCESS)
577 {
578 WCHAR securityPkgNames[MAX_PATH]; /* arbitrary len */
579 DWORD size = sizeof(securityPkgNames), type;
580
581 apiRet = RegQueryValueExW(key, securityProvidersW, NULL, &type,
582 (PBYTE)securityPkgNames, &size);
583 if (apiRet == ERROR_SUCCESS && type == REG_SZ)
584 {
585 WCHAR *ptr;
586
587 size = size / sizeof(WCHAR);
588 for (ptr = securityPkgNames;
589 ptr < securityPkgNames + size; )
590 {
591 WCHAR *comma;
592
593 for (comma = ptr; *comma && *comma != ','; comma++)
594 ;
595 if (*comma == ',')
596 *comma = '\0';
597 for (; *ptr && isspaceW(*ptr) && ptr < securityPkgNames + size;
598 ptr++)
599 ;
600 if (*ptr)
601 _tryLoadProvider(ptr);
602 ptr += lstrlenW(ptr) + 1;
603 }
604 }
605 RegCloseKey(key);
606 }
607 }
608
609 SecurePackage *SECUR32_findPackageW(PCWSTR packageName)
610 {
611 SecurePackage *ret = NULL;
612 BOOL matched = FALSE;
613
614 if (packageTable && packageName)
615 {
616 LIST_FOR_EACH_ENTRY(ret, &packageTable->table, SecurePackage, entry)
617 {
618 matched = !lstrcmpiW(ret->infoW.Name, packageName);
619 if (matched)
620 break;
621 }
622
623 if (!matched)
624 return NULL;
625
626 if (ret->provider && !ret->provider->loaded)
627 {
628 ret->provider->lib = LoadLibraryW(ret->provider->moduleName);
629 if (ret->provider->lib)
630 {
631 INIT_SECURITY_INTERFACE_W pInitSecurityInterfaceW =
632 (INIT_SECURITY_INTERFACE_W)GetProcAddress(ret->provider->lib,
633 SECURITY_ENTRYPOINT_ANSIW);
634 INIT_SECURITY_INTERFACE_A pInitSecurityInterfaceA =
635 (INIT_SECURITY_INTERFACE_A)GetProcAddress(ret->provider->lib,
636 SECURITY_ENTRYPOINT_ANSIA);
637 PSecurityFunctionTableA fnTableA = NULL;
638 PSecurityFunctionTableW fnTableW = NULL;
639
640 if (pInitSecurityInterfaceA)
641 fnTableA = pInitSecurityInterfaceA();
642 if (pInitSecurityInterfaceW)
643 fnTableW = pInitSecurityInterfaceW();
644 /* don't update built-in SecurityFunctionTable */
645 if (fnTableA != &securityFunctionTableA)
646 _makeFnTableA(&ret->provider->fnTableA, fnTableA, fnTableW);
647 if (fnTableW != &securityFunctionTableW)
648 _makeFnTableW(&ret->provider->fnTableW, fnTableA, fnTableW);
649 ret->provider->loaded = TRUE;
650 }
651 else
652 ret = NULL;
653 }
654 }
655 return ret;
656 }
657
658 SecurePackage *SECUR32_findPackageA(PCSTR packageName)
659 {
660 SecurePackage *ret;
661
662 if (packageTable && packageName)
663 {
664 UNICODE_STRING package;
665
666 RtlCreateUnicodeStringFromAsciiz(&package, packageName);
667 ret = SECUR32_findPackageW(package.Buffer);
668 RtlFreeUnicodeString(&package);
669 }
670 else
671 ret = NULL;
672 return ret;
673 }
674
675 static void SECUR32_freeProviders(void)
676 {
677 TRACE("\n");
678 EnterCriticalSection(&cs);
679
680 SECUR32_deinitSchannelSP();
681
682 if (packageTable)
683 {
684 SecurePackage *package, *package_next;
685 LIST_FOR_EACH_ENTRY_SAFE(package, package_next, &packageTable->table,
686 SecurePackage, entry)
687 {
688 heap_free(package->infoW.Name);
689 heap_free(package->infoW.Comment);
690 heap_free(package);
691 }
692
693 heap_free(packageTable);
694 packageTable = NULL;
695 }
696
697 if (providerTable)
698 {
699 SecureProvider *provider, *provider_next;
700 LIST_FOR_EACH_ENTRY_SAFE(provider, provider_next, &providerTable->table,
701 SecureProvider, entry)
702 {
703 heap_free(provider->moduleName);
704 if (provider->lib)
705 FreeLibrary(provider->lib);
706 heap_free(provider);
707 }
708
709 heap_free(providerTable);
710 providerTable = NULL;
711 }
712
713 LeaveCriticalSection(&cs);
714 DeleteCriticalSection(&cs);
715 }
716
717 /***********************************************************************
718 * FreeContextBuffer (SECUR32.@)
719 *
720 * Doh--if pv was allocated by a crypto package, this may not be correct.
721 * The sample ssp seems to use LocalAlloc/LocalFee, but there doesn't seem to
722 * be any guarantee, nor is there an alloc function in secur32.
723 */
724 SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
725 {
726 heap_free(pv);
727 return SEC_E_OK;
728 }
729
730 /***********************************************************************
731 * EnumerateSecurityPackagesW (SECUR32.@)
732 */
733 SECURITY_STATUS WINAPI EnumerateSecurityPackagesW(PULONG pcPackages,
734 PSecPkgInfoW *ppPackageInfo)
735 {
736 SECURITY_STATUS ret = SEC_E_OK;
737
738 TRACE("(%p, %p)\n", pcPackages, ppPackageInfo);
739
740 /* windows just crashes if pcPackages or ppPackageInfo is NULL, so will I */
741 *pcPackages = 0;
742 EnterCriticalSection(&cs);
743 if (packageTable)
744 {
745 SecurePackage *package;
746 size_t bytesNeeded;
747
748 bytesNeeded = packageTable->numPackages * sizeof(SecPkgInfoW);
749 LIST_FOR_EACH_ENTRY(package, &packageTable->table, SecurePackage, entry)
750 {
751 if (package->infoW.Name)
752 bytesNeeded += (lstrlenW(package->infoW.Name) + 1) * sizeof(WCHAR);
753 if (package->infoW.Comment)
754 bytesNeeded += (lstrlenW(package->infoW.Comment) + 1) * sizeof(WCHAR);
755 }
756 if (bytesNeeded)
757 {
758 *ppPackageInfo = heap_alloc(bytesNeeded);
759 if (*ppPackageInfo)
760 {
761 ULONG i = 0;
762 PWSTR nextString;
763
764 *pcPackages = packageTable->numPackages;
765 nextString = (PWSTR)((PBYTE)*ppPackageInfo +
766 packageTable->numPackages * sizeof(SecPkgInfoW));
767 LIST_FOR_EACH_ENTRY(package, &packageTable->table, SecurePackage, entry)
768 {
769 PSecPkgInfoW pkgInfo = *ppPackageInfo + i++;
770
771 *pkgInfo = package->infoW;
772 if (package->infoW.Name)
773 {
774 TRACE("Name[%d] = %s\n", i - 1, debugstr_w(package->infoW.Name));
775 pkgInfo->Name = nextString;
776 lstrcpyW(nextString, package->infoW.Name);
777 nextString += lstrlenW(nextString) + 1;
778 }
779 else
780 pkgInfo->Name = NULL;
781 if (package->infoW.Comment)
782 {
783 TRACE("Comment[%d] = %s\n", i - 1, debugstr_w(package->infoW.Comment));
784 pkgInfo->Comment = nextString;
785 lstrcpyW(nextString, package->infoW.Comment);
786 nextString += lstrlenW(nextString) + 1;
787 }
788 else
789 pkgInfo->Comment = NULL;
790 }
791 }
792 else
793 ret = SEC_E_INSUFFICIENT_MEMORY;
794 }
795 }
796 LeaveCriticalSection(&cs);
797 TRACE("<-- 0x%08x\n", ret);
798 return ret;
799 }
800
801 /* Converts info (which is assumed to be an array of cPackages SecPkgInfoW
802 * structures) into an array of SecPkgInfoA structures, which it returns.
803 */
804 static PSecPkgInfoA thunk_PSecPkgInfoWToA(ULONG cPackages,
805 const SecPkgInfoW *info)
806 {
807 PSecPkgInfoA ret;
808
809 if (info)
810 {
811 size_t bytesNeeded = cPackages * sizeof(SecPkgInfoA);
812 ULONG i;
813
814 for (i = 0; i < cPackages; i++)
815 {
816 if (info[i].Name)
817 bytesNeeded += WideCharToMultiByte(CP_ACP, 0, info[i].Name,
818 -1, NULL, 0, NULL, NULL);
819 if (info[i].Comment)
820 bytesNeeded += WideCharToMultiByte(CP_ACP, 0, info[i].Comment,
821 -1, NULL, 0, NULL, NULL);
822 }
823 ret = heap_alloc(bytesNeeded);
824 if (ret)
825 {
826 PSTR nextString;
827
828 nextString = (PSTR)((PBYTE)ret + cPackages * sizeof(SecPkgInfoA));
829 for (i = 0; i < cPackages; i++)
830 {
831 PSecPkgInfoA pkgInfo = ret + i;
832 int bytes;
833
834 memcpy(pkgInfo, &info[i], sizeof(SecPkgInfoA));
835 if (info[i].Name)
836 {
837 pkgInfo->Name = nextString;
838 /* just repeat back to WideCharToMultiByte how many bytes
839 * it requires, since we asked it earlier
840 */
841 bytes = WideCharToMultiByte(CP_ACP, 0, info[i].Name, -1,
842 NULL, 0, NULL, NULL);
843 WideCharToMultiByte(CP_ACP, 0, info[i].Name, -1,
844 pkgInfo->Name, bytes, NULL, NULL);
845 nextString += lstrlenA(nextString) + 1;
846 }
847 else
848 pkgInfo->Name = NULL;
849 if (info[i].Comment)
850 {
851 pkgInfo->Comment = nextString;
852 /* just repeat back to WideCharToMultiByte how many bytes
853 * it requires, since we asked it earlier
854 */
855 bytes = WideCharToMultiByte(CP_ACP, 0, info[i].Comment, -1,
856 NULL, 0, NULL, NULL);
857 WideCharToMultiByte(CP_ACP, 0, info[i].Comment, -1,
858 pkgInfo->Comment, bytes, NULL, NULL);
859 nextString += lstrlenA(nextString) + 1;
860 }
861 else
862 pkgInfo->Comment = NULL;
863 }
864 }
865 }
866 else
867 ret = NULL;
868 return ret;
869 }
870
871 /***********************************************************************
872 * EnumerateSecurityPackagesA (SECUR32.@)
873 */
874 SECURITY_STATUS WINAPI EnumerateSecurityPackagesA(PULONG pcPackages,
875 PSecPkgInfoA *ppPackageInfo)
876 {
877 SECURITY_STATUS ret;
878 PSecPkgInfoW info;
879
880 ret = EnumerateSecurityPackagesW(pcPackages, &info);
881 if (ret == SEC_E_OK && *pcPackages && info)
882 {
883 *ppPackageInfo = thunk_PSecPkgInfoWToA(*pcPackages, info);
884 if (*pcPackages && !*ppPackageInfo)
885 {
886 *pcPackages = 0;
887 ret = SEC_E_INSUFFICIENT_MEMORY;
888 }
889 FreeContextBuffer(info);
890 }
891 return ret;
892 }
893
894 /***********************************************************************
895 * GetComputerObjectNameA (SECUR32.@)
896 *
897 * Get the local computer's name using the format specified.
898 *
899 * PARAMS
900 * NameFormat [I] The format for the name.
901 * lpNameBuffer [O] Pointer to buffer to receive the name.
902 * nSize [I/O] Size in characters of buffer.
903 *
904 * RETURNS
905 * TRUE If the name was written to lpNameBuffer.
906 * FALSE If the name couldn't be written.
907 *
908 * NOTES
909 * If lpNameBuffer is NULL, then the size of the buffer needed to hold the
910 * name will be returned in *nSize.
911 *
912 * nSize returns the number of characters written when lpNameBuffer is not
913 * NULL or the size of the buffer needed to hold the name when the buffer
914 * is too short or lpNameBuffer is NULL.
915 *
916 * It the buffer is too short, ERROR_INSUFFICIENT_BUFFER error will be set.
917 */
918 BOOLEAN WINAPI GetComputerObjectNameA(
919 EXTENDED_NAME_FORMAT NameFormat, LPSTR lpNameBuffer, PULONG nSize)
920 {
921 BOOLEAN rc;
922 LPWSTR bufferW = NULL;
923 ULONG sizeW = *nSize;
924
925 TRACE("(%d %p %p)\n", NameFormat, lpNameBuffer, nSize);
926
927 if (lpNameBuffer) {
928 bufferW = heap_alloc(sizeW * sizeof(WCHAR));
929 if (bufferW == NULL) {
930 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
931 return FALSE;
932 }
933 }
934 rc = GetComputerObjectNameW(NameFormat, bufferW, &sizeW);
935 if (rc && bufferW) {
936 ULONG len = WideCharToMultiByte(CP_ACP, 0, bufferW, -1, NULL, 0, NULL, NULL);
937 WideCharToMultiByte(CP_ACP, 0, bufferW, -1, lpNameBuffer, *nSize, NULL, NULL);
938 *nSize = len;
939 }
940 else
941 *nSize = sizeW;
942 heap_free(bufferW);
943 return rc;
944 }
945
946 /***********************************************************************
947 * GetComputerObjectNameW (SECUR32.@)
948 */
949 BOOLEAN WINAPI GetComputerObjectNameW(
950 EXTENDED_NAME_FORMAT NameFormat, LPWSTR lpNameBuffer, PULONG nSize)
951 {
952 LSA_HANDLE policyHandle;
953 LSA_OBJECT_ATTRIBUTES objectAttributes;
954 PPOLICY_DNS_DOMAIN_INFO domainInfo;
955 NTSTATUS ntStatus;
956 BOOLEAN status;
957
958 TRACE("(%d %p %p)\n", NameFormat, lpNameBuffer, nSize);
959
960 if (NameFormat == NameUnknown)
961 {
962 SetLastError(ERROR_INVALID_PARAMETER);
963 return FALSE;
964 }
965
966 ZeroMemory(&objectAttributes, sizeof(objectAttributes));
967 objectAttributes.Length = sizeof(objectAttributes);
968
969 ntStatus = LsaOpenPolicy(NULL, &objectAttributes,
970 POLICY_VIEW_LOCAL_INFORMATION,
971 &policyHandle);
972 if (ntStatus != STATUS_SUCCESS)
973 {
974 SetLastError(LsaNtStatusToWinError(ntStatus));
975 WARN("LsaOpenPolicy failed with NT status %u\n", GetLastError());
976 return FALSE;
977 }
978
979 ntStatus = LsaQueryInformationPolicy(policyHandle,
980 PolicyDnsDomainInformation,
981 (PVOID *)&domainInfo);
982 if (ntStatus != STATUS_SUCCESS)
983 {
984 SetLastError(LsaNtStatusToWinError(ntStatus));
985 WARN("LsaQueryInformationPolicy failed with NT status %u\n",
986 GetLastError());
987 LsaClose(policyHandle);
988 return FALSE;
989 }
990
991 if (domainInfo->Sid)
992 {
993 switch (NameFormat)
994 {
995 case NameSamCompatible:
996 {
997 WCHAR name[MAX_COMPUTERNAME_LENGTH + 1];
998 DWORD size = sizeof(name)/sizeof(name[0]);
999 if (GetComputerNameW(name, &size))
1000 {
1001 DWORD len = domainInfo->Name.Length + size + 3;
1002 if (lpNameBuffer && *nSize >= len)
1003 {
1004 WCHAR bs[] = { '\\', 0 };
1005 WCHAR ds[] = { '$', 0 };
1006 if (domainInfo->Name.Buffer)
1007 {
1008 lstrcpyW(lpNameBuffer, domainInfo->Name.Buffer);
1009 lstrcatW(lpNameBuffer, bs);
1010 }
1011 else
1012 *lpNameBuffer = 0;
1013 lstrcatW(lpNameBuffer, name);
1014 lstrcatW(lpNameBuffer, ds);
1015 status = TRUE;
1016 }
1017 else /* just requesting length required */
1018 {
1019 *nSize = len;
1020 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1021 status = FALSE;
1022 }
1023 }
1024 else
1025 {
1026 SetLastError(ERROR_INTERNAL_ERROR);
1027 status = FALSE;
1028 }
1029 }
1030 break;
1031 case NameFullyQualifiedDN:
1032 {
1033 static const WCHAR cnW[] = { 'C','N','=',0 };
1034 static const WCHAR ComputersW[] = { 'C','N','=','C','o','m','p','u','t','e','r','s',0 };
1035 static const WCHAR dcW[] = { 'D','C','=',0 };
1036 static const WCHAR commaW[] = { ',',0 };
1037 WCHAR name[MAX_COMPUTERNAME_LENGTH + 1];
1038 DWORD len, size;
1039 WCHAR *suffix;
1040
1041 size = sizeof(name) / sizeof(name[0]);
1042 if (!GetComputerNameW(name, &size))
1043 {
1044 status = FALSE;
1045 break;
1046 }
1047
1048 len = strlenW(cnW) + size + 1 + strlenW(ComputersW) + 1 + strlenW(dcW);
1049 if (domainInfo->DnsDomainName.Buffer)
1050 {
1051 suffix = strrchrW(domainInfo->DnsDomainName.Buffer, '.');
1052 if (suffix)
1053 {
1054 *suffix++ = 0;
1055 len += 1 + strlenW(dcW) + strlenW(suffix);
1056 }
1057 len += strlenW(domainInfo->DnsDomainName.Buffer);
1058 }
1059 else
1060 suffix = NULL;
1061
1062 if (lpNameBuffer && *nSize > len)
1063 {
1064 lstrcpyW(lpNameBuffer, cnW);
1065 lstrcatW(lpNameBuffer, name);
1066 lstrcatW(lpNameBuffer, commaW);
1067 lstrcatW(lpNameBuffer, ComputersW);
1068 if (domainInfo->DnsDomainName.Buffer)
1069 {
1070 lstrcatW(lpNameBuffer, commaW);
1071 lstrcatW(lpNameBuffer, dcW);
1072 lstrcatW(lpNameBuffer, domainInfo->DnsDomainName.Buffer);
1073 if (suffix)
1074 {
1075 lstrcatW(lpNameBuffer, commaW);
1076 lstrcatW(lpNameBuffer, dcW);
1077 lstrcatW(lpNameBuffer, suffix);
1078 }
1079 }
1080 status = TRUE;
1081 }
1082 else /* just requesting length required */
1083 {
1084 SetLastError(ERROR_INSUFFICIENT_BUFFER);
1085 status = FALSE;
1086 }
1087 *nSize = len + 1;
1088 break;
1089 }
1090 case NameDisplay:
1091 case NameUniqueId:
1092 case NameCanonical:
1093 case NameUserPrincipal:
1094 case NameCanonicalEx:
1095 case NameServicePrincipal:
1096 case NameDnsDomain:
1097 FIXME("NameFormat %d not implemented\n", NameFormat);
1098 SetLastError(ERROR_CANT_ACCESS_DOMAIN_INFO);
1099 status = FALSE;
1100 break;
1101 default:
1102 SetLastError(ERROR_INVALID_PARAMETER);
1103 status = FALSE;
1104 }
1105 }
1106 else
1107 {
1108 SetLastError(ERROR_CANT_ACCESS_DOMAIN_INFO);
1109 status = FALSE;
1110 }
1111
1112 LsaFreeMemory(domainInfo);
1113 LsaClose(policyHandle);
1114
1115 return status;
1116 }
1117
1118 SECURITY_STATUS WINAPI AddSecurityPackageA(LPSTR name, SECURITY_PACKAGE_OPTIONS *options)
1119 {
1120 FIXME("(%s %p)\n", debugstr_a(name), options);
1121 return E_NOTIMPL;
1122 }
1123
1124 SECURITY_STATUS WINAPI AddSecurityPackageW(LPWSTR name, SECURITY_PACKAGE_OPTIONS *options)
1125 {
1126 FIXME("(%s %p)\n", debugstr_w(name), options);
1127 return E_NOTIMPL;
1128 }
1129
1130 /***********************************************************************
1131 * GetUserNameExA (SECUR32.@)
1132 */
1133 BOOLEAN WINAPI GetUserNameExA(
1134 EXTENDED_NAME_FORMAT NameFormat, LPSTR lpNameBuffer, PULONG nSize)
1135 {
1136 BOOLEAN rc;
1137 LPWSTR bufferW = NULL;
1138 ULONG sizeW = *nSize;
1139 TRACE("(%d %p %p)\n", NameFormat, lpNameBuffer, nSize);
1140 if (lpNameBuffer) {
1141 bufferW = heap_alloc(sizeW * sizeof(WCHAR));
1142 if (bufferW == NULL) {
1143 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
1144 return FALSE;
1145 }
1146 }
1147 rc = GetUserNameExW(NameFormat, bufferW, &sizeW);
1148 if (rc) {
1149 ULONG len = WideCharToMultiByte(CP_ACP, 0, bufferW, -1, NULL, 0, NULL, NULL);
1150 if (len <= *nSize)
1151 {
1152 WideCharToMultiByte(CP_ACP, 0, bufferW, -1, lpNameBuffer, *nSize, NULL, NULL);
1153 *nSize = len - 1;
1154 }
1155 else
1156 {
1157 *nSize = len;
1158 rc = FALSE;
1159 SetLastError(ERROR_MORE_DATA);
1160 }
1161 }
1162 else
1163 *nSize = sizeW;
1164 heap_free(bufferW);
1165 return rc;
1166 }
1167
1168 BOOLEAN WINAPI GetUserNameExW(
1169 EXTENDED_NAME_FORMAT NameFormat, LPWSTR lpNameBuffer, PULONG nSize)
1170 {
1171 TRACE("(%d %p %p)\n", NameFormat, lpNameBuffer, nSize);
1172
1173 switch (NameFormat)
1174 {
1175 case NameSamCompatible:
1176 {
1177 WCHAR samname[UNLEN + 1 + MAX_COMPUTERNAME_LENGTH + 1];
1178 LPWSTR out;
1179 DWORD len;
1180
1181 /* This assumes the current user is always a local account */
1182 len = MAX_COMPUTERNAME_LENGTH + 1;
1183 if (GetComputerNameW(samname, &len))
1184 {
1185 out = samname + lstrlenW(samname);
1186 *out++ = '\\';
1187 len = UNLEN + 1;
1188 if (GetUserNameW(out, &len))
1189 {
1190 if (lstrlenW(samname) < *nSize)
1191 {
1192 lstrcpyW(lpNameBuffer, samname);
1193 *nSize = lstrlenW(samname);
1194 return TRUE;
1195 }
1196
1197 SetLastError(ERROR_MORE_DATA);
1198 *nSize = lstrlenW(samname) + 1;
1199 }
1200 }
1201 return FALSE;
1202 }
1203
1204 case NameUnknown:
1205 case NameFullyQualifiedDN:
1206 case NameDisplay:
1207 case NameUniqueId:
1208 case NameCanonical:
1209 case NameUserPrincipal:
1210 case NameCanonicalEx:
1211 case NameServicePrincipal:
1212 case NameDnsDomain:
1213 SetLastError(ERROR_NONE_MAPPED);
1214 return FALSE;
1215
1216 default:
1217 SetLastError(ERROR_INVALID_PARAMETER);
1218 return FALSE;
1219 }
1220 }
1221
1222 BOOLEAN WINAPI TranslateNameA(
1223 LPCSTR lpAccountName, EXTENDED_NAME_FORMAT AccountNameFormat,
1224 EXTENDED_NAME_FORMAT DesiredNameFormat, LPSTR lpTranslatedName,
1225 PULONG nSize)
1226 {
1227 FIXME("%p %d %d %p %p\n", lpAccountName, AccountNameFormat,
1228 DesiredNameFormat, lpTranslatedName, nSize);
1229 return FALSE;
1230 }
1231
1232 BOOLEAN WINAPI TranslateNameW(
1233 LPCWSTR lpAccountName, EXTENDED_NAME_FORMAT AccountNameFormat,
1234 EXTENDED_NAME_FORMAT DesiredNameFormat, LPWSTR lpTranslatedName,
1235 PULONG nSize)
1236 {
1237 FIXME("%p %d %d %p %p\n", lpAccountName, AccountNameFormat,
1238 DesiredNameFormat, lpTranslatedName, nSize);
1239 return FALSE;
1240 }
1241
1242 /***********************************************************************
1243 * DllMain (SECUR32.0)
1244 */
1245 BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD reason, LPVOID reserved)
1246 {
1247 switch (reason)
1248 {
1249 case DLL_PROCESS_ATTACH:
1250 DisableThreadLibraryCalls(hinstDLL);
1251 SECUR32_initializeProviders();
1252 break;
1253 case DLL_PROCESS_DETACH:
1254 if (reserved) break;
1255 SECUR32_freeProviders();
1256 }
1257
1258 return TRUE;
1259 }
Windows API implementation