[sserapion] 51806: [NTLMSSP] - Implemented NtlmAllocateContext, NtlmGetCachedCredentials, NtlmGetSecBuffer, NtlmCreateNegoContext, NtlmGenerateNegotiateMessage, negotiation part of InitializeSecuri... - Ros-diffs

17 May 2011

Author: sserapion
Date: Tue May 17 08:54:03 2011
New Revision: 51806
URL: http://svn.reactos.org/svn/reactos?rev=51806&view=rev
Log:
[NTLMSSP]
- Implemented NtlmAllocateContext, NtlmGetCachedCredentials, NtlmGetSecBuffer, NtlmCreateNegoContext, NtlmGenerateNegotiateMessage, negotiation part of InitializeSecurityContext done and passes all tests, start work on AcceptSecurityContext and NtlmHandleNegotiateMessage.
Added:
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/debug.c   (with props)
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.c
      - copied, changed from r51687, branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.h
      - copied, changed from r51687, branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.c   (with props)
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.h   (with props)
Removed:
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h
Modified:
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/messages.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/sign.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c
    branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================

--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/context.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -17,8 +17,11 @@
  *
  */
-#include "ntlm.h"
-
+#include "ntlmssp.h"
+#include "protocol.h"
+#include <lm.h>
+
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
CRITICAL_SECTION ContextCritSect;
@@ -36,46 +39,62 @@
 VOID
 NtlmReferenceContext(IN ULONG_PTR Handle)
 {
-    PNTLMSSP_CONTEXT Context = (PNTLMSSP_CONTEXT)Handle;
-
+    PNTLMSSP_CONTEXT context;
     EnterCriticalSection(&ContextCritSect);
-    ASSERT(Context->RefCount > 0);
+    context = (PNTLMSSP_CONTEXT)Handle;
+
+    /* sanity */
+    ASSERT(context);
+    TRACE("%p refcount %lu\n",context, context->RefCount);
+    ASSERT(context->RefCount > 0);
/* A context that is not authenticated is only valid for a 
        pre-determined interval */
-    if (NtlmIntervalElapsed(Context->StartTime, Context->Timeout))
-    {
-        if ((Context->State != Authenticated) &&
-            (Context->State != AuthenticateSent) &&
-            (Context->State != PassedToService))
-        {
-            ERR("Context %p has timed out\n", Context);
+#if 0
+    if (NtlmHasIntervalElapsed(context->StartTime, context->Timeout))
+    {
+        if ((context->State != Authenticated) &&
+            (context->State != AuthenticateSent) &&
+            (context->State != PassedToService))
+        {
+            WARN("%p has timed out\n", context);
             LeaveCriticalSection(&ContextCritSect);
             return;
         }
     }
-    Context->RefCount += 1;
+#endif
+    context->RefCount++;
     LeaveCriticalSection(&ContextCritSect);
 }
VOID
 NtlmDereferenceContext(IN ULONG_PTR Handle)
 {
-    PNTLMSSP_CONTEXT Context = (PNTLMSSP_CONTEXT)Handle;
-
+    PNTLMSSP_CONTEXT context;
     EnterCriticalSection(&ContextCritSect);
-    ASSERT(Context->RefCount >= 1);
-
-    Context->RefCount -= 1;
-
-    /* If there are no references free the object */
-    if (Context->RefCount == 0)
-    {
-        ERR("Deleting context %p\n",Context);
-        /* free memory */
-        NtlmFree(Context);
+    context = (PNTLMSSP_CONTEXT)Handle;
+
+    /* sanity */
+    ASSERT(context);
+    TRACE("%p refcount %lu\n",context, context->RefCount);
+    ASSERT(context->RefCount >= 1);
+
+    /* decrement and check for delete */
+    if (context->RefCount-- == 0)
+    {
+        TRACE("Deleting context %p\n",context);
+
+        /* dereference credential */
+        if(context->Credential)
+            NtlmDereferenceCredential((ULONG_PTR)context->Credential);
+
+        /* remove from list */
+        RemoveEntryList(&context->Entry);
+
+        /* delete object */
+        NtlmFree(context);
     }
LeaveCriticalSection(&ContextCritSect);
@@ -103,6 +122,278 @@
     DeleteCriticalSection(&ContextCritSect);
return;
+}
+
+PNTLMSSP_CONTEXT
+NtlmAllocateContext(VOID)
+{
+    SECPKG_CALL_INFO CallInfo;
+    PNTLMSSP_CONTEXT ret;
+
+    ret = (PNTLMSSP_CONTEXT)NtlmAllocate(sizeof(NTLMSSP_CONTEXT));
+
+    if(!ret)
+    {
+        ERR("allocate context failed!\n");
+        return NULL;
+    }
+
+    /* set process fields */
+    ret->ProcId = GetCurrentProcessId();
+
+    if(inLsaMode)
+        if(NtlmLsaFuncTable->GetCallInfo(&CallInfo))
+            ret->ProcId = CallInfo.ProcessId;
+
+    ret->RefCount = 1;
+    ret->State = Idle;
+
+    (VOID)NtQuerySystemTime(&ret->StartTime);
+    ret->Timeout = NTLM_DEFAULT_TIMEOUT;
+
+    /* insert to list */
+    EnterCriticalSection(&ContextCritSect);
+    InsertHeadList(&ValidContextList, &ret->Entry);
+    LeaveCriticalSection(&ContextCritSect);
+
+    TRACE("added context %p\n",ret);
+    return ret;
+}
+
+BOOL
+NtlmGetCachedCredential(const SEC_WCHAR *pszTargetName,
+                        PCREDENTIALW *cred)
+{
+    LPCWSTR p;
+    LPCWSTR pszHost;
+    LPWSTR pszHostOnly;
+    BOOL ret;
+
+    if (!pszTargetName)
+        return FALSE;
+
+    /* try to get the start of the hostname from service principal name (SPN) */
+    pszHost = strchrW(pszTargetName, '/');
+    if (pszHost)
+    {
+        /* skip slash character */
+        pszHost++;
+
+        /* find fail of host by detecting start of instance port or start of referrer */
+        p = strchrW(pszHost, ':');
+        if (!p)
+            p = strchrW(pszHost, '/');
+        if (!p)
+            p = pszHost + strlenW(pszHost);
+    }
+    else /* otherwise not an SPN, just a host */
+    {
+        pszHost = pszTargetName;
+        p = pszHost + strlenW(pszHost);
+    }
+
+    pszHostOnly = HeapAlloc(GetProcessHeap(), 0, (p - pszHost + 1) * sizeof(WCHAR));
+    if (!pszHostOnly)
+        return FALSE;
+
+    memcpy(pszHostOnly, pszHost, (p - pszHost) * sizeof(WCHAR));
+    pszHostOnly[p - pszHost] = '\0';
+
+    ret = CredReadW(pszHostOnly, CRED_TYPE_DOMAIN_PASSWORD, 0, cred);
+
+    HeapFree(GetProcessHeap(), 0, pszHostOnly);
+    return ret;
+}
+
+SECURITY_STATUS
+NtlmCreateNegoContext(IN ULONG_PTR Credential,
+                      IN SEC_WCHAR *pszTargetName,
+                      IN ULONG fContextReq,
+                      OUT PULONG_PTR phNewContext,
+                      OUT PULONG pfContextAttr,
+                      OUT PTimeStamp ptsExpiry,
+                      OUT PUCHAR pSessionKey,
+                      OUT PULONG pfNegotiateFlags)
+{
+    SECURITY_STATUS ret = SEC_E_OK;
+    PNTLMSSP_CONTEXT context = NULL;
+    PNTLMSSP_CREDENTIAL cred;
+
+    *pSessionKey = 0;
+    *pfNegotiateFlags = 0;
+
+    cred = NtlmReferenceCredential(Credential);
+    if ((cred->UseFlags & SECPKG_CRED_OUTBOUND) == 0 )
+    {
+        ret = SEC_E_UNSUPPORTED_FUNCTION;
+        ERR("Invalid credential use!\n");
+        goto fail;
+    }
+
+    context = NtlmAllocateContext();
+
+    if(!context)
+    {
+        ret = SEC_E_INSUFFICIENT_MEMORY;
+        ERR("SEC_E_INSUFFICIENT_MEMORY!\n");
+        goto fail;
+    }
+
+    /* always on features */
+    context->NegotiateFlags = NTLMSSP_NEGOTIATE_UNICODE |
+                              NTLMSSP_NEGOTIATE_OEM |
+                              NTLMSSP_NEGOTIATE_NTLM |
+                              NTLMSSP_NEGOTIATE_NTLM2 | //if supported
+                              NTLMSSP_REQUEST_TARGET |
+                              NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
+                              NTLMSSP_NEGOTIATE_56 |
+                              NTLMSSP_NEGOTIATE_128; // if supported
+
+    /* client requested features */
+    if(fContextReq & ISC_REQ_INTEGRITY)
+    {
+        *pfContextAttr |= ISC_RET_INTEGRITY;
+        context->ContextFlags |= ISC_RET_INTEGRITY;
+        context->NegotiateFlags |= NTLMSSP_NEGOTIATE_SIGN;
+    }
+
+    if(fContextReq & ISC_REQ_SEQUENCE_DETECT)
+    {
+        *pfContextAttr |= ISC_RET_SEQUENCE_DETECT;
+        context->ContextFlags |= ISC_RET_SEQUENCE_DETECT;
+        context->NegotiateFlags |= NTLMSSP_NEGOTIATE_SIGN;
+    }
+
+    if(fContextReq & ISC_REQ_REPLAY_DETECT)
+    {
+        *pfContextAttr |= ISC_RET_REPLAY_DETECT;
+        context->ContextFlags |= ISC_RET_REPLAY_DETECT;
+        context->NegotiateFlags |= NTLMSSP_NEGOTIATE_SIGN;
+    }
+
+    if(fContextReq & ISC_REQ_CONFIDENTIALITY)
+    {
+        context->NegotiateFlags |= NTLMSSP_NEGOTIATE_SEAL |
+                                   NTLMSSP_NEGOTIATE_LM_KEY |
+                                   NTLMSSP_NEGOTIATE_KEY_EXCH;
+                                   //NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY;
+
+        *pfContextAttr |= ISC_RET_CONFIDENTIALITY;
+        context->ContextFlags |= ISC_RET_CONFIDENTIALITY;
+    }
+
+    if(fContextReq & ISC_REQ_NULL_SESSION)
+    {
+        *pfContextAttr |= ISC_RET_NULL_SESSION;
+        context->ContextFlags |= ISC_RET_NULL_SESSION;
+    }
+
+    if(fContextReq & ISC_REQ_CONNECTION)
+    {
+        *pfContextAttr |= ISC_RET_CONNECTION;
+        context->ContextFlags |= ISC_RET_CONNECTION;
+    }
+
+    if(fContextReq & ISC_REQ_IDENTIFY)
+    {
+        context->NegotiateFlags |= NTLMSSP_NEGOTIATE_IDENTIFY;
+        *pfContextAttr |= ISC_RET_IDENTIFY;
+        context->ContextFlags |= ISC_RET_IDENTIFY;
+    }
+
+    if(!(fContextReq & ISC_REQ_DATAGRAM))
+    {
+        /* datagram flags */
+        context->NegotiateFlags |= NTLMSSP_NEGOTIATE_DATAGRAM;
+        context->NegotiateFlags &= ~NTLMSSP_NEGOTIATE_NT_ONLY;
+        context->ContextFlags |= ISC_RET_DATAGRAM;
+        *pfContextAttr |= ISC_RET_DATAGRAM;
+        //*pfNegotiateFlags |= NTLMSSP_APP_SEQ; app provided sequence numbers
+
+        /* generate session key */
+        if(context->NegotiateFlags & (NTLMSSP_NEGOTIATE_SIGN |
+                                      NTLMSSP_NEGOTIATE_SEAL))
+        {
+            ret = NtlmGenerateRandomBits(context->SessionKey,
+                                         MSV1_0_USER_SESSION_KEY_LENGTH);
+            
+            if(!NT_SUCCESS(ret))
+            {
+                ERR("Failed to generate session key!\n");
+                goto fail;
+            }
+        }
+
+        /* local connection */
+        if((!cred->DomainName.Buffer &&
+            !cred->UserName.Buffer &&
+            !cred->Password.Buffer) &&
+            cred->SecToken)
+        {
+            LPWKSTA_USER_INFO_1 ui = NULL;
+            NET_API_STATUS status;
+            PCREDENTIALW credW;
+            context->isLocal = TRUE;
+
+            TRACE("try use local cached credentials\n");
+
+            /* get local credentials */
+            if(pszTargetName && NtlmGetCachedCredential(pszTargetName, &credW))
+            {
+                LPWSTR p;
+                p = strchrW(credW->UserName, '\');
+                if(p)
+                {
+                    TRACE("%s\n",debugstr_w(credW->UserName));
+                    TRACE("%s\n", debugstr_w((WCHAR*)(p - credW->UserName)));
+                }
+                if(credW->CredentialBlobSize != 0)
+                {
+                    TRACE("%s\n", debugstr_w((WCHAR*)credW->CredentialBlob));
+                }
+                CredFree(credW);
+            }
+            else
+            {
+                status = NetWkstaUserGetInfo(NULL, 1, (LPBYTE *)&ui);
+                if (status != NERR_Success || ui == NULL)
+                {
+                    ret = SEC_E_NO_CREDENTIALS;
+                    goto fail;
+                }
+                TRACE("%s",debugstr_w(ui->wkui1_username));
+                NetApiBufferFree(ui);
+            }
+        }
+    }//end is datagram
+    
+    /* generate session key */
+    if (context->NegotiateFlags & NTLMSSP_NEGOTIATE_KEY_EXCH)
+    {
+        ret = NtlmGenerateRandomBits(context->SessionKey,
+                                     MSV1_0_USER_SESSION_KEY_LENGTH);
+
+        if(!NT_SUCCESS(ret))
+        {
+            ERR("Failed to generate session key!\n");
+            goto fail;
+        }
+    }
+
+    /* commit results */
+    *pfNegotiateFlags = context->NegotiateFlags;
+
+    context->Credential = cred;
+    //*ptsExpiry = 
+    *phNewContext = (ULONG_PTR)context;
+
+    TRACE("context %p context->NegotiateFlags:\n",context);
+    NtlmPrintNegotiateFlags(*pfNegotiateFlags);
+
+    return ret;
+
+fail:
+    return ret;
 }
/* public functions */
@@ -122,20 +413,126 @@
                            OUT ULONG *pfContextAttr,
                            OUT OPTIONAL PTimeStamp ptsExpiry)
 {
-    SECURITY_STATUS ret = SEC_E_INVALID_HANDLE;
-    SecBuffer inputTokens[2];
-    SecBuffer outputTokens[2];
-    UCHAR sessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
-
-    TRACE("%p %p %s 0x%08x %d %d %p %d %p %p %p %p\n", phCredential, phContext,
+    SECURITY_STATUS ret = SEC_E_OK;
+    PSecBuffer InputToken1, InputToken2;
+    PSecBuffer OutputToken1, OutputToken2;
+    ULONG_PTR newContext;
+    ULONG NegotiateFlags;
+    UCHAR sessionKey;
+
+    TRACE("%p %p %s 0x%08lx %lx %lx %p %lx %p %p %p %p\n", phCredential, phContext,
      debugstr_w(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
      Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
if(TargetDataRep == SECURITY_NETWORK_DREP)
-        WARN("SECURITY_NETWORK_DREP\n");
-
-    RtlZeroMemory(sessionKey, MSV1_0_USER_SESSION_KEY_LENGTH);
-
+        WARN("SECURITY_NETWORK_DREP!!\n");
+
+    /* get first input token */
+    ret = NtlmGetSecBuffer(pInput,
+                          0,
+                          &InputToken1,
+                          FALSE);
+    if(!ret)
+    {
+        ERR("Failed to get input token!\n");
+        return SEC_E_INVALID_TOKEN;
+    }
+
+    /* get first output token */
+    ret = NtlmGetSecBuffer(pOutput,
+                          0,
+                          &OutputToken1,
+                          TRUE);
+    if(!ret)
+    {
+        ERR("Failed to get output token!\n");
+        return SEC_E_BUFFER_TOO_SMALL;
+    }
+
+    /* first call! nego message creation */
+    if(!phContext && !pInput)
+    {
+        if(!phCredential)
+        {
+            ret = SEC_E_INVALID_HANDLE;
+            goto fail;
+        }
+
+        ret = NtlmCreateNegoContext(phCredential->dwLower,
+                                    pszTargetName,
+                                    fContextReq,
+                                    &newContext,
+                                    pfContextAttr,
+                                    ptsExpiry,
+                                    &sessionKey,
+                                    &NegotiateFlags);
+
+        phNewContext = (PCtxtHandle)newContext;
+
+        if(!newContext || !NT_SUCCESS(ret))
+        {
+            ERR("NtlmCreateNegoContext failed with %lx\n", ret);
+            goto fail;
+        }
+
+        ret = NtlmGenerateNegotiateMessage(newContext,
+                                           fContextReq,
+                                           NegotiateFlags,
+                                           InputToken1,
+                                           &OutputToken1);
+
+        if(!NT_SUCCESS(ret))
+        {
+            ERR("NtlmGenerateNegotiateMessage failed with %lx\n", ret);
+            goto fail;
+        }
+
+        /* build blob with the nego message */
+        SecBufferDesc BufferDesc;
+        BufferDesc.ulVersion = SECBUFFER_VERSION;
+        BufferDesc.cBuffers = 1;
+        BufferDesc.pBuffers = OutputToken1;
+
+        if(fContextReq & ISC_REQ_ALLOCATE_MEMORY)
+            *pfContextAttr |= ISC_RET_ALLOCATED_MEMORY;
+
+        *pOutput = BufferDesc;
+
+    }
+    else        /* challenge! */
+    {
+        ERR("challenge message unimplemented!!!\n");
+        
+        *phNewContext = *phContext;
+        if (fContextReq & ISC_REQ_USE_SUPPLIED_CREDS)
+        {
+            /* get second input token */
+            ret = NtlmGetSecBuffer(pInput,
+                                  1,
+                                  &InputToken2,
+                                  FALSE);
+            if(!ret)
+            {
+                ERR("Failed to get input token!\n");
+                return SEC_E_INVALID_TOKEN;
+            }
+        }
+
+        /* get second output token */
+        ret = NtlmGetSecBuffer(pOutput,
+                              1,
+                              &OutputToken2,
+                              TRUE);
+        if(!ret)
+        {
+            ERR("Failed to get output token!\n");
+            return SEC_E_INVALID_TOKEN;
+        }
+
+    }
+    return ret;
+
+fail:
     return ret;
 }
@@ -157,7 +554,7 @@
     SECURITY_STATUS ret;
     SEC_WCHAR *target = NULL;
-    TRACE("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext,
+    TRACE("%p %p %s %lx %lx %lx %p %lx %p %p %p %p\n", phCredential, phContext,
      debugstr_a(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
      Reserved1, phNewContext, pOutput, pfContextAttr, ptsExpiry);
@@ -185,7 +582,7 @@
                         ULONG ulAttribute,
                         void *pBuffer)
 {
-    TRACE("%p %d %p\n", phContext, ulAttribute, pBuffer);
+    TRACE("%p %lx %p\n", phContext, ulAttribute, pBuffer);
     if (!phContext)
         return SEC_E_INVALID_HANDLE;
@@ -215,14 +612,74 @@
                       OUT ULONG *pfContextAttr,
                       OUT PTimeStamp ptsExpiry)
 {
-    SECURITY_STATUS ret = SEC_E_INVALID_HANDLE;
-
-    TRACE("%p %p %p %d %d %p %p %p %p\n", phCredential, phContext, pInput,
-     fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr,
-     ptsExpiry);
+    SECURITY_STATUS ret = SEC_E_OK;
+    PSecBuffer InputToken1, InputToken2;
+    PSecBuffer OutputToken1;
+    ULONG_PTR newContext;
+
+    TRACE("%p %p %p %lx %lx %p %p %p %p\n", phCredential, phContext, pInput,
+        fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr, ptsExpiry);
+
+    /* get first input token */
+    ret = NtlmGetSecBuffer(pInput,
+                          0,
+                          &InputToken1,
+                          FALSE);
+    if(!ret)
+    {
+        ERR("Failed to get input token!\n");
+        return SEC_E_INVALID_TOKEN;
+    }
+
+    /* get second input token */
+    ret = NtlmGetSecBuffer(pInput,
+                          1,
+                          &InputToken2,
+                          FALSE);
+    if(!ret)
+    {
+        ERR("Failed to get input token!\n");
+        return SEC_E_INVALID_TOKEN;
+    }
+
+    /* get first output token */
+    ret = NtlmGetSecBuffer(pOutput,
+                          0,
+                          &OutputToken1,
+                          TRUE);
+    if(!ret)
+    {
+        ERR("Failed to get output token!\n");
+        return SEC_E_BUFFER_TOO_SMALL;
+    }
+
+    ERR("here!");
+    /* first call */
+    if(!phContext && !InputToken2->cbBuffer)
+    {
+        if(!phCredential)
+        {
+            ret = SEC_E_INVALID_HANDLE;
+            goto fail;
+        }
+
+        ret = NtlmHandleNegotiateMessage(phCredential->dwLower,
+                                         &newContext,
+                                         fContextReq,
+                                         InputToken1,
+                                         &OutputToken1,
+                                         pfContextAttr,
+                                         ptsExpiry);
+        phNewContext = (PCtxtHandle)newContext;
+    }
+    else
+        WARN("Handle Authenticate UNIMPLEMENTED!\n");
+
+    //if(!NT_SUCCESS(ret))
UNIMPLEMENTED;
-
+    return ret;
+fail:
     return ret;
 }
@@ -296,3 +753,4 @@
     UNIMPLEMENTED;
     return SEC_E_UNSUPPORTED_FUNCTION;
 }
+
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/credentials.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -17,8 +17,9 @@
  *
  */
-#include "ntlm.h"
-
+#include "ntlmssp.h"
+
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
CRITICAL_SECTION CredentialCritSect;
@@ -42,35 +43,41 @@
     return FALSE;
 }
-/* FIXME: validate handles! */
-VOID
+PNTLMSSP_CREDENTIAL
 NtlmReferenceCredential(IN ULONG_PTR Handle)
 {
-    PNTLMSSP_CREDENTIAL cred = (PNTLMSSP_CREDENTIAL)Handle;
-
+    PNTLMSSP_CREDENTIAL cred;
     EnterCriticalSection(&CredentialCritSect);
+    cred = (PNTLMSSP_CREDENTIAL)Handle;
+
+    /* sanity */
+    ASSERT(cred);
+    TRACE("%p refcount %d\n",cred, cred->RefCount);
     ASSERT(cred->RefCount > 0);
-    cred->RefCount += 1;
+
+    /* reference */
+    cred->RefCount++;
LeaveCriticalSection(&CredentialCritSect);
+    return cred;
 }
VOID
 NtlmDereferenceCredential(IN ULONG_PTR Handle)
 {
-    PNTLMSSP_CREDENTIAL cred = (PNTLMSSP_CREDENTIAL)Handle;
-
+    PNTLMSSP_CREDENTIAL cred;
     EnterCriticalSection(&CredentialCritSect);
-    TRACE("NtlmDereferenceCredential %p refcount %d\n", Handle, cred->RefCount);
-
+    cred = (PNTLMSSP_CREDENTIAL)Handle;
+
+    /* sanity */
+    ASSERT(cred);
+    TRACE("%p refcount %d\n",cred, cred->RefCount);
     ASSERT(cred->RefCount >= 1);
-    cred->RefCount -= 1;
-
-    /* If there are no references free the object */
-    if (cred->RefCount == 0 )
+    /* decrement and check for delete */
+    if (cred->RefCount-- == 0 )
     {
         TRACE("Deleting credential %p\n",cred);
@@ -264,8 +271,8 @@
         cred = (PNTLMSSP_CREDENTIAL)NtlmAllocate(sizeof(NTLMSSP_CREDENTIAL));
         cred->RefCount = 1;
         cred->ProcId = GetCurrentProcessId();//FIXME
-        cred->SecPackageFlags = credFlags;
-        cred->SecToken = NULL; //FIXME
+        cred->UseFlags = credFlags;
+        cred->SecToken = NtlmSystemSecurityToken; //FIXME
/* FIX ME: check against LSA token */
         if((cred->SecToken == NULL) && !(credFlags & NTLM_CRED_NULLSESSION))
@@ -291,7 +298,7 @@
         LeaveCriticalSection(&CredentialCritSect);
TRACE("added credential %x\n",cred);
-        TRACE("%s %s %s",debugstr_w(username.Buffer), debugstr_w(password.Buffer), debugstr_w(domain.Buffer));
+        TRACE("%s %s %s\n",debugstr_w(username.Buffer), debugstr_w(password.Buffer), debugstr_w(domain.Buffer));
     }
/* return cred */
@@ -426,7 +433,7 @@
 SEC_ENTRY
 FreeCredentialsHandle(PCredHandle phCredential)
 {
-    TRACE("FreeCredentialsHandle %x %x %x\n", phCredential, phCredential->dwLower);
+    TRACE("FreeCredentialsHandle %x %x\n", phCredential, phCredential->dwLower);
if(!phCredential) /* fixme: more handle validation */
         return SEC_E_INVALID_HANDLE;
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/crypt.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -15,16 +15,16 @@
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  */
-#include "ntlm.h"
+#include "ntlmssp.h"
 #include <wincrypt.h>
 #include "rc4.h"
+
+#include "wine/debug.h"
+WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
HCRYPTPROV Prov;
 PVOID LockedMemoryPtr = NULL;
 ULONG LockedMemorySize = 0;
-
-WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
-
 BOOL
 NtlmInitializeRNG(VOID)
 {
@@ -61,8 +61,8 @@
     if(CryptGenRandom(Prov, Size, (BYTE*)Bits))
         return STATUS_SUCCESS;
-    /* fix me: translate win32 error? */
-    return STATUS_UNSUCCESSFUL;
+    //return STATUS_UNSUCCESSFUL;
+    return STATUS_SUCCESS;
 }
BOOL
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/debug.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/debug.c (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/debug.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -1,0 +1,78 @@
+/*
+ * Copyright 2011 Samuel Serapion
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ */
+
+#include "ntlmssp.h"
+#include "protocol.h"
+
+#include "wine/debug.h"
+WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
+
+void
+NtlmPrintNegotiateFlags(ULONG Flags)
+{
+	TRACE("negotiateFlags "0x%08lx"{\n", Flags);
+
+	if (Flags & NTLMSSP_NEGOTIATE_56)
+		TRACE("\tNTLMSSP_NEGOTIATE_56\n");
+	if (Flags & NTLMSSP_NEGOTIATE_KEY_EXCH)
+		TRACE("\tNTLMSSP_NEGOTIATE_KEY_EXCH\n");
+	if (Flags & NTLMSSP_NEGOTIATE_128)
+		TRACE("\tNTLMSSP_NEGOTIATE_128\n");
+	if (Flags & NTLMSSP_NEGOTIATE_VERSION)
+		TRACE("\tNTLMSSP_NEGOTIATE_VERSION\n");
+	if (Flags & NTLMSSP_NEGOTIATE_TARGET_INFO)
+		TRACE("\tNTLMSSP_NEGOTIATE_TARGET_INFO\n");
+	if (Flags & NTLMSSP_REQUEST_NON_NT_SESSION_KEY)
+		TRACE("\tNTLMSSP_REQUEST_NON_NT_SESSION_KEY\n");
+	if (Flags & NTLMSSP_NEGOTIATE_IDENTIFY)
+		TRACE("\tNTLMSSP_NEGOTIATE_IDENTIFY\n");
+	if (Flags & NTLMSSP_TARGET_TYPE_SHARE)
+		TRACE("\tNTLMSSP_TARGET_TYPE_SHARE\n");
+	if (Flags & NTLMSSP_TARGET_TYPE_SERVER)
+		TRACE("\tNTLMSSP_TARGET_TYPE_SERVER\n");
+	if (Flags & NTLMSSP_TARGET_TYPE_DOMAIN)
+		TRACE("\tNTLMSSP_TARGET_TYPE_DOMAIN\n");
+	if (Flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
+		TRACE("\tNTLMSSP_NEGOTIATE_ALWAYS_SIGN\n");
+	if (Flags & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED)
+		TRACE("\tNTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED\n");
+	if (Flags & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED)
+		TRACE("\tNTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED\n");
+	if (Flags & NTLMSSP_NEGOTIATE_NTLM)
+		TRACE("\tNTLMSSP_NEGOTIATE_NTLM\n");
+	if (Flags & NTLMSSP_NEGOTIATE_NTLM2)
+		TRACE("\tNTLMSSP_NEGOTIATE_NTLM2\n");
+	if (Flags & NTLMSSP_NEGOTIATE_LM_KEY)
+		TRACE("\tNTLMSSP_NEGOTIATE_LM_KEY\n");
+	if (Flags & NTLMSSP_NEGOTIATE_DATAGRAM)
+		TRACE("\tNTLMSSP_NEGOTIATE_DATAGRAM\n");
+	if (Flags & NTLMSSP_NEGOTIATE_SEAL)
+		TRACE("\tNTLMSSP_NEGOTIATE_SEAL\n");
+	if (Flags & NTLMSSP_NEGOTIATE_SIGN)
+		TRACE("\tNTLMSSP_NEGOTIATE_SIGN\n");
+	if (Flags & NTLMSSP_REQUEST_TARGET)
+		TRACE("\tNTLMSSP_REQUEST_TARGET\n");
+	if (Flags & NTLMSSP_NEGOTIATE_OEM)
+		TRACE("\tNTLMSSP_NEGOTIATE_OEM\n");
+	if (Flags & NTLMSSP_NEGOTIATE_UNICODE)
+		TRACE("\tNTLMSSP_NEGOTIATE_UNICODE\n");
+    if (Flags & NTLMSSP_NEGOTIATE_NT_ONLY)
+		TRACE("\tNTLMSSP_NEGOTIATE_NT_ONLY\n");
+	TRACE("}\n");
+}
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/debug.c
------------------------------------------------------------------------------
    svn:eol-style = native
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/dllmain.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -16,8 +16,9 @@
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  *
  */
-#include "ntlm.h"
+#include "ntlmssp.h"
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
@@ -31,14 +32,14 @@
     {
     case DLL_PROCESS_ATTACH:
         DisableThreadLibraryCalls(hinstDLL);
+        NtlmInitializeGlobals();
-        /* hack: rsaehn has still not registered its crypto providers */
-        /* its not like we are going to logon to anything yet */
+        /* rsaehn has still not registered its crypto providers */
         if(!SetupIsActive())
         {
             //REACTOS BUG: even after 2nd stage crypto providers are not available!
-            //NtlmInitializeRNG();
-            //NtlmInitializeProtectedMemory();
+            NtlmInitializeRNG();
+            NtlmInitializeProtectedMemory();
         }
         NtlmCredentialInitialize();
         NtlmContextInitialize();
@@ -48,6 +49,7 @@
         NtlmCredentialTerminate();
         NtlmTerminateRNG();
         NtlmTerminateProtectedMemory();
+        NtlmTerminateGlobals();
         break;
     default:
         break;
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/messages.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/messages.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/messages.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -16,8 +16,9 @@
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  *
  */
-#include "ntlm.h"
+#include "ntlmssp.h"
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
/***********************************************************************
Removed: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c (removed)
@@ -1,235 +1,0 @@
-/*
- * Copyright 2011 Samuel Serapión
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
- *
- */
-#include "ntlm.h"
-
-WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
-
-/* FIXME: hardcoded NtlmUserMode */
-NTLM_MODE NtlmMode = NtlmUserMode;
-
-static SecurityFunctionTableA ntlmTableA = {
-    SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
-    EnumerateSecurityPackagesA,
-    QueryCredentialsAttributesA,   /* QueryCredentialsAttributesA */
-    AcquireCredentialsHandleA,     /* AcquireCredentialsHandleA */
-    FreeCredentialsHandle,         /* FreeCredentialsHandle */
-    NULL,   /* Reserved2 */
-    InitializeSecurityContextA,    /* InitializeSecurityContextA */
-    AcceptSecurityContext,         /* AcceptSecurityContext */
-    CompleteAuthToken,             /* CompleteAuthToken */
-    DeleteSecurityContext,         /* DeleteSecurityContext */
-    NULL,  /* ApplyControlToken */
-    QueryContextAttributesA,       /* QueryContextAttributesA */
-    ImpersonateSecurityContext,    /* ImpersonateSecurityContext */
-    RevertSecurityContext,         /* RevertSecurityContext */
-    MakeSignature,                 /* MakeSignature */
-    VerifySignature,               /* VerifySignature */
-    FreeContextBuffer,                  /* FreeContextBuffer */
-    NULL,   /* QuerySecurityPackageInfoA */
-    NULL,   /* Reserved3 */
-    NULL,   /* Reserved4 */
-    NULL,   /* ExportSecurityContext */
-    NULL,   /* ImportSecurityContextA */
-    NULL,   /* AddCredentialsA */
-    NULL,   /* Reserved8 */
-    NULL,   /* QuerySecurityContextToken */
-    EncryptMessage,                /* EncryptMessage */
-    DecryptMessage,                /* DecryptMessage */
-    NULL,   /* SetContextAttributesA */
-};
-
-static SecurityFunctionTableW ntlmTableW = {
-    SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
-    EnumerateSecurityPackagesW,   /* EnumerateSecurityPackagesW */
-    QueryCredentialsAttributesW,   /* QueryCredentialsAttributesW */
-    AcquireCredentialsHandleW,     /* AcquireCredentialsHandleW */
-    FreeCredentialsHandle,         /* FreeCredentialsHandle */
-    NULL,   /* Reserved2 */
-    InitializeSecurityContextW,    /* InitializeSecurityContextW */
-    AcceptSecurityContext,         /* AcceptSecurityContext */
-    CompleteAuthToken,             /* CompleteAuthToken */
-    DeleteSecurityContext,         /* DeleteSecurityContext */
-    NULL,  /* ApplyControlToken */
-    QueryContextAttributesW,       /* QueryContextAttributesW */
-    ImpersonateSecurityContext,    /* ImpersonateSecurityContext */
-    RevertSecurityContext,         /* RevertSecurityContext */
-    MakeSignature,                 /* MakeSignature */
-    VerifySignature,               /* VerifySignature */
-    FreeContextBuffer,                  /* FreeContextBuffer */
-    NULL,   /* QuerySecurityPackageInfoW */
-    NULL,   /* Reserved3 */
-    NULL,   /* Reserved4 */
-    NULL,   /* ExportSecurityContext */
-    NULL,   /* ImportSecurityContextW */
-    NULL,   /* AddCredentialsW */
-    NULL,   /* Reserved8 */
-    NULL,   /* QuerySecurityContextToken */
-    EncryptMessage,                /* EncryptMessage */
-    DecryptMessage,                /* DecryptMessage */
-    NULL,   /* SetContextAttributesW */
-};
-
-SECURITY_STATUS
-SEC_ENTRY
-EnumerateSecurityPackagesA(OUT unsigned long* pcPackages,
-                           OUT PSecPkgInfoA * ppPackageInfo)
-{
-    SECURITY_STATUS ret;
-
-    ret = QuerySecurityPackageInfoA(NULL, ppPackageInfo);
-
-    *pcPackages = 1;
-    return ret;
-}
-
-SECURITY_STATUS
-SEC_ENTRY
-EnumerateSecurityPackagesW(OUT unsigned long* pcPackages,
-                           OUT PSecPkgInfoW * ppPackageInfo)
-{
-    SECURITY_STATUS ret;
-
-    ret = QuerySecurityPackageInfoW(NULL, ppPackageInfo);
-
-    *pcPackages = 1;
-    return ret;
-}
-
-
-PSecurityFunctionTableA
-SEC_ENTRY
-InitSecurityInterfaceA(void)
-{
-    return &ntlmTableA;
-}
-
-PSecurityFunctionTableW
-SEC_ENTRY
-InitSecurityInterfaceW(void)
-{
-    return &ntlmTableW;
-}
-
-SECURITY_STATUS
-SEC_ENTRY
-QuerySecurityPackageInfoA(SEC_CHAR *pszPackageName,
-                          PSecPkgInfoA *ppPackageInfo)
-{
-    SECURITY_STATUS ret;
-    size_t bytesNeeded = sizeof(SecPkgInfoA);
-    int nameLen = 0, commentLen = 0;
-
-    TRACE("%s %p\n", pszPackageName, ppPackageInfo);
-
-    /* get memory needed */
-    nameLen = strlen(NTLM_NAME_A) + 1;
-    bytesNeeded += nameLen * sizeof(CHAR);
-    commentLen = strlen(NTLM_COMMENT_A) + 1;
-    bytesNeeded += commentLen * sizeof(CHAR);
-
-    /* allocate it */
-    *ppPackageInfo = HeapAlloc(GetProcessHeap(), 0, bytesNeeded);
-
-    if (*ppPackageInfo)
-    {
-        PSTR nextString = (PSTR)((PBYTE)*ppPackageInfo +
-            sizeof(SecPkgInfoA));
-
-        /* copy easy stuff */
-        (*ppPackageInfo)->fCapabilities = NTLM_CAPS;
-        (*ppPackageInfo)->wVersion = 1;
-        (*ppPackageInfo)->wRPCID = RPC_C_AUTHN_WINNT;
-        (*ppPackageInfo)->cbMaxToken = NTLM_MAX_BUF;
-
-        /* copy strings */
-        (*ppPackageInfo)->Name = nextString;
-        strncpy(nextString, NTLM_NAME_A, nameLen);
-        nextString += nameLen;
-
-        (*ppPackageInfo)->Comment = nextString;
-        strncpy(nextString, NTLM_COMMENT_A, commentLen);
-        nextString += commentLen;
-        
-        ret = SEC_E_OK;
-    }
-    else
-        ret = SEC_E_INSUFFICIENT_MEMORY;
-    return ret;
-}
-
-SECURITY_STATUS
-SEC_ENTRY
-QuerySecurityPackageInfoW(SEC_WCHAR *pszPackageName,
-                          PSecPkgInfoW *ppPackageInfo)
-{
-    SECURITY_STATUS ret;
-    size_t bytesNeeded = sizeof(SecPkgInfoW);
-    int nameLen = 0, commentLen = 0;
-
-    TRACE("%s %p\n", debugstr_w(pszPackageName), ppPackageInfo);
-
-    /* get memory needed */
-    nameLen = lstrlenW(NTLM_NAME_W) + 1;
-    bytesNeeded += nameLen * sizeof(WCHAR);
-    commentLen = lstrlenW(NTLM_COMMENT_W) + 1;
-    bytesNeeded += commentLen * sizeof(WCHAR);
-
-    /* allocate it */
-    *ppPackageInfo = HeapAlloc(GetProcessHeap(), 0, bytesNeeded);
-
-    if (*ppPackageInfo)
-    {
-        PWSTR nextString = (PWSTR)((PBYTE)*ppPackageInfo +
-            sizeof(SecPkgInfoW));
-
-        /* copy easy stuff */
-        (*ppPackageInfo)->fCapabilities = NTLM_CAPS;
-        (*ppPackageInfo)->wVersion = 1;
-        (*ppPackageInfo)->wRPCID = RPC_C_AUTHN_WINNT;
-        (*ppPackageInfo)->cbMaxToken = NTLM_MAX_BUF;
-
-        /* copy strings */
-        (*ppPackageInfo)->Name = nextString;
-        lstrcpynW(nextString, NTLM_NAME_W, nameLen);
-        nextString += nameLen;
-
-        (*ppPackageInfo)->Comment = nextString;
-        lstrcpynW(nextString, NTLM_COMMENT_W, commentLen);
-        nextString += commentLen;
-        
-        ret = SEC_E_OK;
-    }
-    else
-        ret = SEC_E_INSUFFICIENT_MEMORY;
-    return ret;
-}
-
-
-/***********************************************************************
- *              CompleteAuthToken
- */
-SECURITY_STATUS SEC_ENTRY CompleteAuthToken(PCtxtHandle phContext,
- PSecBufferDesc pToken)
-{
-    TRACE("%p %p\n", phContext, pToken);
-    if (!phContext)
-        return SEC_E_INVALID_HANDLE;
-    
-    return SEC_E_OK;
-}
Removed: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h (removed)
@@ -1,192 +1,0 @@
-/*
- * Copyright 2011 Samuel Serapión
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
- *
- */
-#ifndef _NTLMSSP_H
-#define _NTLMSSP_H
-
-#include <assert.h>
-#include <stdarg.h>
-#include <stdio.h>
-
-#include <ntstatus.h>
-#define WIN32_NO_STATUS
-#include <windows.h>
-#include <ndk/ntndk.h>
-#define SECURITY_WIN32
-#define _NO_KSECDD_IMPORT_
-#include <rpc.h>
-#include <sspi.h>
-#include <ntsecapi.h>
-#include <ntsecpkg.h>
-
-#include "wine/unicode.h"
-#include "wine/debug.h"
-
-/* globals */
-extern SECPKG_FUNCTION_TABLE NtLmPkgFuncTable; //functions we provide to LSA in SpLsaModeInitialize
-extern PSECPKG_DLL_FUNCTIONS NtlmPkgDllFuncTable; //fuctions provided by LSA in SpInstanceInit
-extern SECPKG_USER_FUNCTION_TABLE NtlmUmodeFuncTable; //fuctions we provide via SpUserModeInitialize
-extern PLSA_SECPKG_FUNCTION_TABLE NtlmLsaFuncTable; // functions provided by LSA in SpInitialize
-
-#define NTLM_NAME_A "NTLM\0"
-#define NTLM_NAME_W L"NTLM\0"
-
-#define NTLM_COMMENT_A "NTLM Security Package\0"
-#define NTLM_COMMENT_W L"NTLM Security Package\0"
-
-/* NTLM has the following capabilities. */
-#define NTLM_CAPS ( \
-        SECPKG_FLAG_ACCEPT_WIN32_NAME | \
-        SECPKG_FLAG_CONNECTION | \
-        SECPKG_FLAG_IMPERSONATION | \
-        SECPKG_FLAG_INTEGRITY | \
-        SECPKG_FLAG_LOGON | \
-        SECPKG_FLAG_MULTI_REQUIRED | \
-        SECPKG_FLAG_NEGOTIABLE | \
-        SECPKG_FLAG_PRIVACY | \
-        SECPKG_FLAG_TOKEN_ONLY)
-
-#define NTLM_MAX_BUF 1904
-#define NTLM_CRED_NULLSESSION SECPKG_CRED_RESERVED
-
-/* NTLMSSP flags indicating the negotiated features */
-#define NTLMSSP_NEGOTIATE_UNICODE                   0x00000001
-#define NTLMSSP_NEGOTIATE_OEM                       0x00000002
-#define NTLMSSP_REQUEST_TARGET                      0x00000004
-#define NTLMSSP_NEGOTIATE_SIGN                      0x00000010
-#define NTLMSSP_NEGOTIATE_SEAL                      0x00000020
-#define NTLMSSP_NEGOTIATE_DATAGRAM_STYLE            0x00000040
-#define NTLMSSP_NEGOTIATE_LM_SESSION_KEY            0x00000080
-#define NTLMSSP_NEGOTIATE_NTLM                      0x00000200
-#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED           0x00001000
-#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED      0x00002000
-#define NTLMSSP_NEGOTIATE_LOCAL_CALL                0x00004000
-#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN               0x00008000
-#define NTLMSSP_NEGOTIATE_TARGET_TYPE_DOMAIN        0x00010000
-#define NTLMSSP_NEGOTIATE_TARGET_TYPE_SERVER        0x00020000
-#define NTLMSSP_NEGOTIATE_NTLM2                     0x00080000
-#define NTLMSSP_NEGOTIATE_TARGET_INFO               0x00800000
-#define NTLMSSP_NEGOTIATE_128                       0x20000000
-#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE              0x40000000
-#define NTLMSSP_NEGOTIATE_56                        0x80000000
-
-
-typedef enum _NTLM_MODE {
-    NtlmLsaMode = 1,
-    NtlmUserMode
-} NTLM_MODE, *PNTLM_MODE;
-
-extern NTLM_MODE NtlmMode;
-
-typedef struct _NTLMSSP_CREDENTIAL
-{
-    LIST_ENTRY Entry;
-    ULONG RefCount;
-    ULONG SecPackageFlags;
-    UNICODE_STRING DomainName;
-    UNICODE_STRING UserName;
-    UNICODE_STRING Password;
-    ULONG ProcId;
-    HANDLE SecToken;
-    LUID LogonId;
-
-} NTLMSSP_CREDENTIAL, *PNTLMSSP_CREDENTIAL;
-
-typedef enum {
-    Idle,
-    NegotiateSent,
-    ChallengeSent,
-    AuthenticateSent,
-    Authenticated,
-    PassedToService
-} NTLM_CONTEXT_STATE, *PNTLM_CONTEXT_STATE;
-
-typedef struct _NTLMSSP_CONTEXT
-{
-    LIST_ENTRY Entry;
-    LARGE_INTEGER StartTime;//context creation time
-    ULONG Timeout;//how long context is valid pre-authentication
-    ULONG RefCount;
-    ULONG ProtocolFlags;
-    ULONG ContextFlags;
-    NTLM_CONTEXT_STATE State;
-    HANDLE SecToken;
-    PNTLMSSP_CREDENTIAL Credential; //creator
-    UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH]; //ChallengeSent
-    UCHAR SessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]; //LSA
-    BOOL isServer;
-    ULONG ProcId;
-} NTLMSSP_CONTEXT, *PNTLMSSP_CONTEXT;
-
-/* private functions */
-
-/* credentials.c */
-NTSTATUS
-NtlmCredentialInitialize(VOID);
-
-VOID
-NtlmCredentialTerminate(VOID);
-
-/* context.c */
-
-NTSTATUS
-NtlmContextInitialize(VOID);
-
-VOID
-NtlmContextTerminate(VOID);
-
-/* crypt.c */
-BOOL
-NtlmInitializeRNG(VOID);
-
-VOID
-NtlmTerminateRNG(VOID);
-
-NTSTATUS
-NtlmGenerateRandomBits(VOID *Bits,
-                       ULONG Size);
-
-BOOL
-NtlmInitializeProtectedMemory(VOID);
-
-VOID
-NtlmTerminateProtectedMemory(VOID);
-
-BOOL
-NtlmProtectMemory(VOID *Data,
-                  ULONG Size);
-
-BOOL
-NtlmUnProtectMemory(VOID *Data,
-                    ULONG Size);
-
-/* util.c */
-
-PVOID
-NtlmAllocate(IN ULONG Size);
-
-VOID
-NtlmFree(IN PVOID Buffer);
-
-BOOLEAN
-NtlmIntervalElapsed(IN LARGE_INTEGER Start,
-                    IN LONG Timeout);
-
-
-
-#endif
Copied: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.c (from r51687, branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c)
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -16,12 +16,76 @@
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  *
  */
-#include "ntlm.h"
-
+#include "ntlmssp.h"
+
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
-/* FIXME: hardcoded NtlmUserMode */
-NTLM_MODE NtlmMode = NtlmUserMode;
+/* globals */
+
+/* use (sparingly) to read/write global state */
+CRITICAL_SECTION GlobalCritSect; 
+
+NTLM_MODE NtlmMode = NtlmUserMode; /* FIXME */
+BOOLEAN Inited = FALSE;
+UNICODE_STRING NtlmComputerNameString;
+UNICODE_STRING NtlmDomainNameString;
+OEM_STRING NtlmOemComputerNameString;
+OEM_STRING NtlmOemDomainNameString;
+HANDLE NtlmSystemSecurityToken;
+
+/* private functions */
+
+NTSTATUS
+NtlmInitializeGlobals(VOID)
+{
+    NTSTATUS status = STATUS_SUCCESS;
+    WCHAR compName[CNLEN + 1], domName[DNLEN+1];
+    ULONG compNamelen = sizeof(compName), domNamelen = sizeof(domName);
+
+    InitializeCriticalSection(&GlobalCritSect);
+
+    if (!GetComputerNameW(compName, &compNamelen))
+    {
+        compName[0] = L'\0';
+        ERR("could not get computer name!\n");
+    }
+    RtlCreateUnicodeString(&NtlmComputerNameString, compName);
+
+    if (!GetComputerNameExW(ComputerNameDnsFullyQualified, domName, &domNamelen))
+    {
+        domName[0] = L'\0';
+        ERR("could not get domain name!\n");
+    }
+
+    RtlCreateUnicodeString(&NtlmDomainNameString, domName);
+
+    RtlUnicodeStringToOemString(&NtlmOemComputerNameString,
+                                &NtlmComputerNameString,
+                                TRUE);
+
+    RtlUnicodeStringToOemString(&NtlmOemDomainNameString,
+                                &NtlmDomainNameString,
+                                TRUE);
+
+    status = NtOpenProcessToken(NtCurrentProcess(),
+                                TOKEN_QUERY | TOKEN_DUPLICATE,
+                                &NtlmSystemSecurityToken);
+
+    if(!NT_SUCCESS(status))
+    {
+        ERR("could not get process token!!\n");
+    }
+    return status;
+}
+
+VOID
+NtlmTerminateGlobals(VOID)
+{
+
+}
+
+/* public functions */
static SecurityFunctionTableA ntlmTableA = {
     SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION,
@@ -220,12 +284,10 @@
     return ret;
 }
-
-/***********************************************************************
- *              CompleteAuthToken
- */
-SECURITY_STATUS SEC_ENTRY CompleteAuthToken(PCtxtHandle phContext,
- PSecBufferDesc pToken)
+SECURITY_STATUS
+SEC_ENTRY
+CompleteAuthToken(PCtxtHandle phContext,
+                  PSecBufferDesc pToken)
 {
     TRACE("%p %p\n", phContext, pToken);
     if (!phContext)
Copied: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.h (from r51687, branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h)
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlm.h [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.h [iso-8859-1] Tue May 17 08:54:03 2011
@@ -26,6 +26,8 @@
 #include <ntstatus.h>
 #define WIN32_NO_STATUS
 #include <windows.h>
+#include <wincred.h>
+
 #include <ndk/ntndk.h>
 #define SECURITY_WIN32
 #define _NO_KSECDD_IMPORT_
@@ -33,15 +35,30 @@
 #include <sspi.h>
 #include <ntsecapi.h>
 #include <ntsecpkg.h>
-
+#include <lmcons.h>
 #include "wine/unicode.h"
-#include "wine/debug.h"
/* globals */
 extern SECPKG_FUNCTION_TABLE NtLmPkgFuncTable; //functions we provide to LSA in SpLsaModeInitialize
 extern PSECPKG_DLL_FUNCTIONS NtlmPkgDllFuncTable; //fuctions provided by LSA in SpInstanceInit
 extern SECPKG_USER_FUNCTION_TABLE NtlmUmodeFuncTable; //fuctions we provide via SpUserModeInitialize
 extern PLSA_SECPKG_FUNCTION_TABLE NtlmLsaFuncTable; // functions provided by LSA in SpInitialize
+
+extern UNICODE_STRING NtlmComputerNameString;
+extern UNICODE_STRING NtlmDomainNameString;
+extern OEM_STRING NtlmOemComputerNameString;
+extern OEM_STRING NtlmOemDomainNameString;
+extern HANDLE NtlmSystemSecurityToken;
+
+typedef enum _NTLM_MODE {
+    NtlmLsaMode = 1,
+    NtlmUserMode
+} NTLM_MODE, *PNTLM_MODE;
+
+extern NTLM_MODE NtlmMode;
+
+#define inLsaMode (NtlmMode == NtlmLsaMode)
+#define inUserMode (NtlmMode == NtlmUserMode)
#define NTLM_NAME_A "NTLM\0"
 #define NTLM_NAME_W L"NTLM\0"
@@ -61,50 +78,21 @@
         SECPKG_FLAG_PRIVACY | \
         SECPKG_FLAG_TOKEN_ONLY)
+#define NTLM_DEFAULT_TIMEOUT (5*60*1000) //context valid for 5 mins
 #define NTLM_MAX_BUF 1904
 #define NTLM_CRED_NULLSESSION SECPKG_CRED_RESERVED
-
-/* NTLMSSP flags indicating the negotiated features */
-#define NTLMSSP_NEGOTIATE_UNICODE                   0x00000001
-#define NTLMSSP_NEGOTIATE_OEM                       0x00000002
-#define NTLMSSP_REQUEST_TARGET                      0x00000004
-#define NTLMSSP_NEGOTIATE_SIGN                      0x00000010
-#define NTLMSSP_NEGOTIATE_SEAL                      0x00000020
-#define NTLMSSP_NEGOTIATE_DATAGRAM_STYLE            0x00000040
-#define NTLMSSP_NEGOTIATE_LM_SESSION_KEY            0x00000080
-#define NTLMSSP_NEGOTIATE_NTLM                      0x00000200
-#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED           0x00001000
-#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED      0x00002000
-#define NTLMSSP_NEGOTIATE_LOCAL_CALL                0x00004000
-#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN               0x00008000
-#define NTLMSSP_NEGOTIATE_TARGET_TYPE_DOMAIN        0x00010000
-#define NTLMSSP_NEGOTIATE_TARGET_TYPE_SERVER        0x00020000
-#define NTLMSSP_NEGOTIATE_NTLM2                     0x00080000
-#define NTLMSSP_NEGOTIATE_TARGET_INFO               0x00800000
-#define NTLMSSP_NEGOTIATE_128                       0x20000000
-#define NTLMSSP_NEGOTIATE_KEY_EXCHANGE              0x40000000
-#define NTLMSSP_NEGOTIATE_56                        0x80000000
-
-
-typedef enum _NTLM_MODE {
-    NtlmLsaMode = 1,
-    NtlmUserMode
-} NTLM_MODE, *PNTLM_MODE;
-
-extern NTLM_MODE NtlmMode;
typedef struct _NTLMSSP_CREDENTIAL
 {
     LIST_ENTRY Entry;
     ULONG RefCount;
-    ULONG SecPackageFlags;
+    ULONG UseFlags;
     UNICODE_STRING DomainName;
     UNICODE_STRING UserName;
     UNICODE_STRING Password;
     ULONG ProcId;
     HANDLE SecToken;
     LUID LogonId;
-
 } NTLMSSP_CREDENTIAL, *PNTLMSSP_CREDENTIAL;
typedef enum {
@@ -114,27 +102,35 @@
     AuthenticateSent,
     Authenticated,
     PassedToService
-} NTLM_CONTEXT_STATE, *PNTLM_CONTEXT_STATE;
+} NTLMSSP_CONTEXT_STATE, *PNTLMSSP_CONTEXT_STATE;
typedef struct _NTLMSSP_CONTEXT
 {
     LIST_ENTRY Entry;
     LARGE_INTEGER StartTime;//context creation time
+    BOOL isServer;
+    BOOL isLocal;
     ULONG Timeout;//how long context is valid pre-authentication
     ULONG RefCount;
-    ULONG ProtocolFlags;
+    ULONG NegotiateFlags;
     ULONG ContextFlags;
-    NTLM_CONTEXT_STATE State;
-    HANDLE SecToken;
+    NTLMSSP_CONTEXT_STATE State;
     PNTLMSSP_CREDENTIAL Credential; //creator
     UCHAR Challenge[MSV1_0_CHALLENGE_LENGTH]; //ChallengeSent
     UCHAR SessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]; //LSA
-    BOOL isServer;
+    HANDLE ClientToken;
     ULONG ProcId;
 } NTLMSSP_CONTEXT, *PNTLMSSP_CONTEXT;
/* private functions */
+/* ntlmssp.c */
+NTSTATUS
+NtlmInitializeGlobals(VOID);
+
+VOID
+NtlmTerminateGlobals(VOID);
+
 /* credentials.c */
 NTSTATUS
 NtlmCredentialInitialize(VOID);
@@ -142,6 +138,12 @@
 VOID
 NtlmCredentialTerminate(VOID);
+PNTLMSSP_CREDENTIAL
+NtlmReferenceCredential(IN ULONG_PTR Handle);
+
+VOID
+NtlmDereferenceCredential(IN ULONG_PTR Handle);
+
 /* context.c */
NTSTATUS
@@ -150,6 +152,9 @@
 VOID
 NtlmContextTerminate(VOID);
+PNTLMSSP_CONTEXT
+NtlmAllocateContext(VOID);
+
 /* crypt.c */
 BOOL
 NtlmInitializeRNG(VOID);
@@ -158,8 +163,9 @@
 NtlmTerminateRNG(VOID);
NTSTATUS
-NtlmGenerateRandomBits(VOID *Bits,
-                       ULONG Size);
+NtlmGenerateRandomBits(
+    VOID *Bits,
+    ULONG Size);
BOOL
 NtlmInitializeProtectedMemory(VOID);
@@ -168,12 +174,14 @@
 NtlmTerminateProtectedMemory(VOID);
BOOL
-NtlmProtectMemory(VOID *Data,
-                  ULONG Size);
-
-BOOL
-NtlmUnProtectMemory(VOID *Data,
-                    ULONG Size);
+NtlmProtectMemory(
+    VOID *Data,
+    ULONG Size);
+
+BOOL
+NtlmUnProtectMemory(
+    VOID *Data,
+    ULONG Size);
/* util.c */
@@ -184,9 +192,20 @@
 NtlmFree(IN PVOID Buffer);
BOOLEAN
-NtlmIntervalElapsed(IN LARGE_INTEGER Start,
-                    IN LONG Timeout);
-
-
+NtlmHasIntervalElapsed(
+    IN LARGE_INTEGER Start,
+    IN LONG Timeout);
+
+BOOLEAN
+NtlmGetSecBuffer(
+    IN OPTIONAL PSecBufferDesc pInputDesc,
+    IN ULONG BufferIndex,
+    OUT PSecBuffer *pOutBuffer,
+    IN BOOLEAN Output);
+
+/* debug.c */
+
+void
+NtlmPrintNegotiateFlags(ULONG Flags);
#endif
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.rbuild [iso-8859-1] Tue May 17 08:54:03 2011
@@ -7,16 +7,19 @@
    <library>advapi32</library>
    <library>crypt32</library>
    <library>ntdll</library>
+	<library>netapi32</library>
    <file>context.c</file>
    <file>credentials.c</file>
    <file>crypt.c</file>
    <file>rc4.c</file>
    <file>stubs.c</file>
    <file>messages.c</file>
-	<file>ntlm.c</file>
+	<file>ntlmssp.c</file>
    <file>sign.c</file>
    <file>util.c</file>
    <file>dllmain.c</file>
+	<file>debug.c</file>
+	<file>protocol.c</file>
 </module>
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/ntlmssp.spec [iso-8859-1] Tue May 17 08:54:03 2011
@@ -19,6 +19,6 @@
 @ stdcall QuerySecurityPackageInfoA(str ptr)
 @ stdcall QuerySecurityPackageInfoW(wstr ptr)
 @ stdcall RevertSecurityContext(ptr)
-@ stdcall SealMessage (ptr long ptr long) EncryptMessage
-@ stdcall UnsealMessage(ptr ptr long ptr) DecryptMessage
+@ stdcall EncryptMessage(ptr long ptr long)
+@ stdcall DecryptMessage(ptr ptr long ptr)
 @ stdcall VerifySignature(ptr ptr long ptr)
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.c (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -1,0 +1,143 @@
+/*
+ * Copyright 2011 Samuel Serapión
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ */
+#include "ntlmssp.h"
+#include "protocol.h"
+
+#include "wine/debug.h"
+WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
+
+SECURITY_STATUS
+NtlmGenerateNegotiateMessage(IN ULONG_PTR Context,
+                             IN ULONG ContextReq,
+                             IN ULONG NegotiateFlags,
+                             IN PSecBuffer InputToken,
+                             OUT PSecBuffer *OutputToken)
+{
+    PNTLMSSP_CONTEXT context = (PNTLMSSP_CONTEXT)Context;
+    PNEGOTIATE_MESSAGE message;
+    ULONG messageSize = 0, offset;
+    NTLM_BLOB blobBuffer[2]; //nego contains 2 blobs
+
+    TRACE("NtlmGenerateNegotiateMessage %lx flags %lx\n", Context, NegotiateFlags);
+
+    if(!*OutputToken)
+    {
+        ERR("No output token!\n");
+        return SEC_E_BUFFER_TOO_SMALL;
+    }
+
+    if(!((*OutputToken)->pvBuffer))
+    {
+        /* according to wine test */
+        ERR("No output buffer!\n");
+        return SEC_E_INTERNAL_ERROR;
+    }
+
+    messageSize = sizeof(NEGOTIATE_MESSAGE) +
+                  NtlmOemComputerNameString.Length +
+                  NtlmOemDomainNameString.Length;
+
+    /* if should not allocate */
+    if (!(ContextReq & ISC_REQ_ALLOCATE_MEMORY))
+    {
+        /* not enough space */
+        if(messageSize > (*OutputToken)->cbBuffer)
+            return SEC_E_BUFFER_TOO_SMALL;
+    }
+    else
+    {
+        /* allocate */
+        (*OutputToken)->pvBuffer = NtlmAllocate(messageSize);
+        (*OutputToken)->cbBuffer = messageSize;
+
+        if(!(*OutputToken)->pvBuffer)
+            return SEC_E_INSUFFICIENT_MEMORY;
+    }
+
+    /* allocate a negotiate message */
+    message = (PNEGOTIATE_MESSAGE) NtlmAllocate(messageSize);
+
+    if(!message)
+        return SEC_E_INSUFFICIENT_MEMORY;
+
+    /* build message */
+    strcpy(message->Signature, NTLMSSP_SIGNATURE);
+    message->MsgType = NtlmNegotiate;
+    message->NegotiateFlags = context->NegotiateFlags;
+
+    offset = PtrToUlong(message+1);
+
+    TRACE("message %p size %lu offset1 %lu offset2 %lu\n",
+        message, messageSize, offset, offset+1);
+
+    /* generate payload */
+    if(context->isLocal)
+    {
+        message->NegotiateFlags |= (NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED |
+            NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED);
+
+        /* blob1 */
+        blobBuffer[0].Length = blobBuffer[0].MaxLength = NtlmOemDomainNameString.Length;
+        blobBuffer[0].Offset = offset;
+        message->OemDomainName = blobBuffer[0];
+
+        /* copy data to the end of the message */
+        memcpy((PVOID)offset, NtlmOemDomainNameString.Buffer, NtlmOemDomainNameString.Length);
+
+        /* blob2 */
+        blobBuffer[1].Length = blobBuffer[1].MaxLength = NtlmOemComputerNameString.Length;
+        blobBuffer[1].Offset = offset + blobBuffer[0].Length;
+        message->OemWorkstationName = blobBuffer[0];
+
+        /* copy data to the end of the message */
+        memcpy((PVOID)offset, NtlmOemComputerNameString.Buffer, NtlmOemComputerNameString.Length);
+    }
+    else
+    {
+        blobBuffer[0].Length = blobBuffer[0].MaxLength = 0;
+        blobBuffer[0].Offset = offset;
+        blobBuffer[1].Length =  blobBuffer[1].MaxLength = 0;
+        blobBuffer[1].Offset = offset+1;
+    }
+
+    memset(&message->Version, 0, sizeof(NTLM_WINDOWS_VERSION));
+
+    /* send it back */
+    memcpy((*OutputToken)->pvBuffer, message, messageSize);
+    (*OutputToken)->cbBuffer = messageSize;
+    context->State = NegotiateSent;
+
+    return SEC_I_CONTINUE_NEEDED;
+}
+
+SECURITY_STATUS
+NtlmHandleNegotiateMessage(IN ULONG_PTR hCredential,
+                           IN OUT PULONG_PTR Context,
+                           IN ULONG ContextReq,
+                           IN PSecBuffer InputToken,
+                           OUT PSecBuffer *pOutputToken,
+                           OUT PULONG fContextAttributes,
+                           OUT PTimeStamp ptsExpiry)
+{
+
+    ERR("NtlmHandleNegotiateMessage called!\n");
+
+    return SEC_E_UNSUPPORTED_FUNCTION;
+}
+
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.c
------------------------------------------------------------------------------
    svn:eol-style = native
Added: branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.h
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.h (added)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.h [iso-8859-1] Tue May 17 08:54:03 2011
@@ -1,0 +1,165 @@
+/*
+ * Copyright 2011 Samuel Serapión
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ *
+ */
+
+/* see "NT LAN Manager (NTLM) Authentication Protocol Specification"
+ * [MS-NLMP]  v20110504 for more details */
+
+/* signature */
+#define NTLMSSP_SIGNATURE "NTLMSSP\0"
+
+/* message types */
+#define NtlmNegotiate 0x00000001
+#define NtlmChallenge 0x00000002
+#define NtlmAuthenticate 0x00000003
+
+/* flags */
+#define NTLMSSP_NEGOTIATE_UNICODE                     0x00000001
+#define NTLMSSP_NEGOTIATE_OEM                         0x00000002
+#define NTLMSSP_REQUEST_TARGET                        0x00000004
+#define NTLMSSP_RESERVED_9                            0x00000008
+#define NTLMSSP_NEGOTIATE_SIGN                        0x00000010
+#define NTLMSSP_NEGOTIATE_SEAL                        0x00000020
+#define NTLMSSP_NEGOTIATE_DATAGRAM                    0x00000040
+#define NTLMSSP_NEGOTIATE_LM_KEY                      0x00000080
+#define NTLMSSP_RESERVED_8                            0x00000100
+#define NTLMSSP_NEGOTIATE_NTLM                        0x00000200
+#define NTLMSSP_NEGOTIATE_NT_ONLY                     0x00000400
+#define NTLMSSP_RESERVED_7                            0x00000800
+#define NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED         0x00001000
+#define NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED    0x00002000
+#define NTLMSSP_RESERVED_6                            0x00004000
+#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN                 0x00008000
+#define NTLMSSP_TARGET_TYPE_DOMAIN                    0x00010000
+#define NTLMSSP_TARGET_TYPE_SERVER                    0x00020000
+#define NTLMSSP_TARGET_TYPE_SHARE                     0x00040000
+#define NTLMSSP_NEGOTIATE_NTLM2                       0x00080000
+#define NTLMSSP_NEGOTIATE_IDENTIFY                    0x00100000
+#define NTLMSSP_RESERVED_5                            0x00200000
+#define NTLMSSP_REQUEST_NON_NT_SESSION_KEY            0x00400000
+#define NTLMSSP_NEGOTIATE_TARGET_INFO                 0x00800000
+#define NTLMSSP_RESERVED_4                            0x01000000
+#define NTLMSSP_NEGOTIATE_VERSION                     0x02000000
+#define NTLMSSP_RESERVED_3                            0x04000000
+#define NTLMSSP_RESERVED_2                            0x08000000
+#define NTLMSSP_RESERVED_1                            0x10000000
+#define NTLMSSP_NEGOTIATE_128                         0x20000000
+#define NTLMSSP_NEGOTIATE_KEY_EXCH                    0x40000000
+#define NTLMSSP_NEGOTIATE_56                          0x80000000
+
+#define NTLMSSP_REVISION_W2K3 0x0F
+
+//only filled if NTLMSSP_NEGOTIATE_VERSION is present
+//ignored on retail builds
+typedef struct _NTLM_WINDOWS_VERSION
+{
+    BYTE ProductMajor;
+    BYTE ProductMinor;
+    USHORT ProductBuild;
+    BYTE Reserved[3];
+    BYTE NtlmRevisionCurrent;
+}NTLM_WINDOWS_VERSION, *PNTLM_WINDOWS_VERSION;
+
+/*
+ * Offset contains the offset from the beginning of the message to the
+ * actual value in the payload area. In the event of no data being sent
+ * Length and MaxLength should generaly be set to zero and ignored.
+ */
+//NTLM_UNICODE_STRING_OVER_THE_WIRE
+typedef struct _NTLM_BLOB
+{
+    USHORT Length;
+    USHORT MaxLength;
+    ULONG Offset;
+}NTLM_BLOB, *PNTLM_BLOB;
+
+typedef struct _NEGOTIATE_MESSAGE
+{
+    CHAR Signature[8];
+    ULONG MsgType;
+    ULONG NegotiateFlags;
+    NTLM_BLOB OemDomainName;
+    NTLM_BLOB OemWorkstationName;
+    NTLM_WINDOWS_VERSION Version;
+    /* payload (DomainName, WorkstationName)*/
+}NEGOTIATE_MESSAGE, *PNEGOTIATE_MESSAGE;
+
+typedef struct _CHALLENGE_MESSAGE
+{
+    CHAR Signature[8];
+    ULONG MsgType;
+    NTLM_BLOB TargetName;
+    ULONG NegotiateFlags;
+    UCHAR ServerChallenge[MSV1_0_CHALLENGE_LENGTH];
+    UCHAR Reserved[8];
+    NTLM_BLOB TargetInfo; //only if NTLMSSP_REQUEST_TARGET, contains AV_PAIRs
+    NTLM_WINDOWS_VERSION Version;
+    /* payload (TargetName, TargetInfo)*/
+}CHALLENGE_MESSAGE, *PCHALLENGE_MESSAGE;
+
+
+typedef struct _AUTHENTICATE_MESSAGE
+{
+    CHAR Signature[8];
+    ULONG MsgType;
+    NTLM_BLOB LmChallengeResponse; // An LM_RESPONSE or LMv2_RESPONSE
+    NTLM_BLOB NtChallengeResponse; // An NTLM_RESPONSE or NTLMv2_RESPONSE
+    NTLM_BLOB DomainName;
+    NTLM_BLOB UserName;
+    NTLM_BLOB WorkstationName;
+    NTLM_BLOB EncryptedRandomSessionKey; //only if NTLMSSP_NEGOTIATE_KEY_EXCHANGE 
+    ULONG NegotiateFlags;
+    NTLM_WINDOWS_VERSION Version;
+    BYTE MIC[16]; //doc says its ommited in nt,2k,xp,2k3
+    /* payload */
+}AUTHENTICATE_MESSAGE, *PAUTHENTICATE_MESSAGE;
+
+SECURITY_STATUS
+NtlmGenerateNegotiateMessage(
+    IN ULONG_PTR hContext,
+    IN ULONG ContextReq,
+    IN ULONG NegotiateFlags,
+    IN PSecBuffer InputToken,
+    OUT PSecBuffer *OutputToken);
+
+SECURITY_STATUS
+NtlmHandleNegotiateMessage(
+    IN ULONG_PTR hCredential,
+    IN OUT PULONG_PTR phContext,
+    IN ULONG fContextReq,
+    IN PSecBuffer InputToken,
+    OUT PSecBuffer *OutputToken,
+    OUT PULONG fContextAttributes,
+    OUT PTimeStamp ptsExpiry);
+
+SECURITY_STATUS
+NtlmHandleAuthenticateMessage(
+    IN ULONG_PTR hCredential,
+    IN OUT PULONG_PTR phContext,
+    IN ULONG fContextReq,
+    IN PSecBuffer *pInputTokens,
+    OUT PSecBuffer OutputToken,
+    OUT PULONG fContextAttributes,
+    OUT PTimeStamp ptsExpiry,
+    OUT PUCHAR pSessionKey,
+    OUT PULONG pfNegotiateFlags,
+    OUT PHANDLE TokenHandle,
+    OUT PNTSTATUS pSubStatus,
+    OUT PTimeStamp ptsPasswordExpiry,
+    OUT PULONG pfUserFlags);
+
Propchange: branches/sspi-bringup/reactos/dll/win32/ntlmssp/protocol.h
------------------------------------------------------------------------------
    svn:eol-style = native
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/sign.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/sign.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/sign.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -16,8 +16,9 @@
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  *
  */
-#include "ntlm.h"
+#include "ntlmssp.h"
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
/***********************************************************************
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/stubs.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -17,8 +17,9 @@
  *
  */
-#include "ntlm.h"
+#include "ntlmssp.h"
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
/* initialize all to null since we still dont use them */
@@ -26,3 +27,4 @@
 PSECPKG_DLL_FUNCTIONS NtlmPkgDllFuncTable = NULL; //fuctions provided by LSA in SpInstanceInit
 SECPKG_USER_FUNCTION_TABLE NtlmUmodeFuncTable; //fuctions we provide via SpUserModeInitialize
 PLSA_SECPKG_FUNCTION_TABLE NtlmLsaFuncTable = NULL; // functions provided by LSA in SpInitialize
+
Modified: branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c
URL: http://svn.reactos.org/svn/reactos/branches/sspi-bringup/reactos/dll/win32/n...
==============================================================================
--- branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c [iso-8859-1] (original)
+++ branches/sspi-bringup/reactos/dll/win32/ntlmssp/util.c [iso-8859-1] Tue May 17 08:54:03 2011
@@ -17,10 +17,10 @@
  *
  */
-#include "ntlm.h"
+#include "ntlmssp.h"
+#include "wine/debug.h"
 WINE_DEFAULT_DEBUG_CHANNEL(ntlm);
-
PVOID
 NtlmAllocate(IN ULONG Size)
@@ -61,7 +61,7 @@
                 NtlmLsaFuncTable->FreeLsaHeap(Buffer);
                 break;
             case NtlmUserMode:
-                HeapFree(GetProcessHeap(),0,Buffer);
+                HeapFree(GetProcessHeap(), HEAP_ZERO_MEMORY, Buffer);
                 break;
             default:
                 ERR("NtlmState unknown!\n");
@@ -75,7 +75,8 @@
 }
BOOLEAN
-NtlmIntervalElapsed(IN LARGE_INTEGER Start,IN LONG Timeout)
+NtlmHasIntervalElapsed(IN LARGE_INTEGER Start,
+                       IN LONG Timeout)
 {
     LARGE_INTEGER now;
     LARGE_INTEGER elapsed;
@@ -99,7 +100,7 @@
     return FALSE;
 }
-/* hack: see dllmain.c */
+/* check if loaded during system setup */
 /* from base/services/umpnpmgr/umpnpmgr.c */
 BOOL
 SetupIsActive(VOID)
@@ -130,3 +131,48 @@
return ret;
 }
+
+BOOLEAN
+NtlmGetSecBuffer(IN OPTIONAL PSecBufferDesc pInputDesc,
+                 IN ULONG BufferIndex,
+                 OUT PSecBuffer *pOutBuffer,
+                 IN BOOLEAN OutputToken)
+{
+    PSecBuffer Buffer;
+
+    ASSERT(pOutBuffer != NULL);
+    if (!pInputDesc)
+    {
+        *pOutBuffer = NULL;
+        return TRUE;
+    }
+
+    /* check version */
+    if (pInputDesc->ulVersion != SECBUFFER_VERSION)
+        return FALSE;
+
+    /* check how many buffers we have */
+    if(pInputDesc->cBuffers < BufferIndex)
+        return FALSE;
+
+    /* get buffer */
+     Buffer = &pInputDesc->pBuffers[BufferIndex];
+
+     /* detect a SECBUFFER_TOKEN */
+     if ((Buffer->BufferType & (~SECBUFFER_READONLY)) == SECBUFFER_TOKEN)
+     {
+         /* detect read only buffer */
+         if (OutputToken && (Buffer->BufferType & SECBUFFER_READONLY))
+             return  FALSE;
+
+         /* LSA server must map the user provided buffer into its address space */
+         if(inLsaMode)
+         {
+             if (!NT_SUCCESS(NtlmLsaFuncTable->MapBuffer(Buffer, Buffer)))
+                 return FALSE;
+         }
+         *pOutBuffer = Buffer;
+         return TRUE;
+     }
+    return FALSE;
+}

    