diff options
| author | Tom Yu <tlyu@mit.edu> | 2011-10-17 19:34:08 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2011-10-17 19:34:08 +0000 |
| commit | eb06a8e77810afeb718f7f42ece5759d4330d940 (patch) | |
| tree | ecb81988b9e9c3e06762e29294120dd7324943a4 /src/windows/identity/plugins/common | |
| parent | 449598819d0e51355473c90682dd397dc305e5d0 (diff) | |
Delete Network Identity Manager
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25363 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/windows/identity/plugins/common')
| -rw-r--r-- | src/windows/identity/plugins/common/Makefile | 44 | ||||
| -rw-r--r-- | src/windows/identity/plugins/common/dynimport.c | 485 | ||||
| -rw-r--r-- | src/windows/identity/plugins/common/dynimport.h | 368 | ||||
| -rw-r--r-- | src/windows/identity/plugins/common/krb5common.c | 451 | ||||
| -rw-r--r-- | src/windows/identity/plugins/common/krb5common.h | 56 |
5 files changed, 0 insertions, 1404 deletions
diff --git a/src/windows/identity/plugins/common/Makefile b/src/windows/identity/plugins/common/Makefile deleted file mode 100644 index 6b827dc3e..000000000 --- a/src/windows/identity/plugins/common/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -# -# Copyright (c) 2004 Massachusetts Institute of Technology -# Copyright (c) 2007 Secure Endpoints Inc. -# -# Permission is hereby granted, free of charge, to any person -# obtaining a copy of this software and associated documentation files -# (the "Software"), to deal in the Software without restriction, -# including without limitation the rights to use, copy, modify, merge, -# publish, distribute, sublicense, and/or sell copies of the Software, -# and to permit persons to whom the Software is furnished to do so, -# subject to the following conditions: -# -# The above copyright notice and this permission notice shall be -# included in all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS -# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -# SOFTWARE. - - -MODULE=plugins\common -!include <../../config/Makefile.w32> - -INCFILES= \ - $(INCDIR)\krb5common.h \ - $(INCDIR)\dynimport.h - -OBJFILES= \ - $(LIBDIR)\krb5common.obj \ - $(LIBDIR)\dynimport.obj - -all: mkdirs $(INCFILES) $(OBJFILES) - -clean:: - if exist "$(INCDIR)" $(RM) $(INCFILES) - if exist "$(LIBDIR)" $(RM) $(OBJFILES) - -{}.c{$(LIBDIR)}.obj: - $(C2OBJ) diff --git a/src/windows/identity/plugins/common/dynimport.c b/src/windows/identity/plugins/common/dynimport.c deleted file mode 100644 index bb1bb0412..000000000 --- a/src/windows/identity/plugins/common/dynimport.c +++ /dev/null @@ -1,485 +0,0 @@ -/* -* Copyright (c) 2005 Massachusetts Institute of Technology -* Copyright (c) 2007 Secure Endpoints Inc. -* -* Permission is hereby granted, free of charge, to any person -* obtaining a copy of this software and associated documentation -* files (the "Software"), to deal in the Software without -* restriction, including without limitation the rights to use, copy, -* modify, merge, publish, distribute, sublicense, and/or sell copies -* of the Software, and to permit persons to whom the Software is -* furnished to do so, subject to the following conditions: -* -* The above copyright notice and this permission notice shall be -* included in all copies or substantial portions of the Software. -* -* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS -* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN -* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -* SOFTWARE. -*/ - -/* $Id$ */ - -#include<windows.h> -#include<netidmgr.h> -#include<dynimport.h> - -HINSTANCE hKrb4 = 0; -HINSTANCE hKrb5 = 0; -HINSTANCE hKrb524 = 0; -HINSTANCE hSecur32 = 0; -HINSTANCE hComErr = 0; -HINSTANCE hService = 0; -HINSTANCE hProfile = 0; -HINSTANCE hPsapi = 0; -HINSTANCE hToolHelp32 = 0; -HINSTANCE hCCAPI = 0; - -DWORD AfsAvailable = 0; - -// CCAPI -DECL_FUNC_PTR(cc_initialize); -DECL_FUNC_PTR(cc_shutdown); -DECL_FUNC_PTR(cc_get_NC_info); -DECL_FUNC_PTR(cc_free_NC_info); - -// krb4 functions -DECL_FUNC_PTR(get_krb_err_txt_entry); -DECL_FUNC_PTR(k_isinst); -DECL_FUNC_PTR(k_isname); -DECL_FUNC_PTR(k_isrealm); -DECL_FUNC_PTR(kadm_change_your_password); -DECL_FUNC_PTR(kname_parse); -DECL_FUNC_PTR(krb_get_cred); -DECL_FUNC_PTR(krb_get_krbhst); -DECL_FUNC_PTR(krb_get_lrealm); -DECL_FUNC_PTR(krb_get_pw_in_tkt); -DECL_FUNC_PTR(krb_get_tf_realm); -DECL_FUNC_PTR(krb_mk_req); -DECL_FUNC_PTR(krb_realmofhost); -DECL_FUNC_PTR(tf_init); -DECL_FUNC_PTR(tf_close); -DECL_FUNC_PTR(tf_get_cred); -DECL_FUNC_PTR(tf_get_pname); -DECL_FUNC_PTR(tf_get_pinst); -DECL_FUNC_PTR(LocalHostAddr); -DECL_FUNC_PTR(tkt_string); -DECL_FUNC_PTR(krb_set_tkt_string); -DECL_FUNC_PTR(initialize_krb_error_func); -DECL_FUNC_PTR(initialize_kadm_error_table); -DECL_FUNC_PTR(dest_tkt); -DECL_FUNC_PTR(krb_in_tkt); -DECL_FUNC_PTR(krb_save_credentials); -DECL_FUNC_PTR(krb_get_krbconf2); -DECL_FUNC_PTR(krb_get_krbrealm2); -DECL_FUNC_PTR(krb_life_to_time); - -// krb5 functions -DECL_FUNC_PTR(krb5_change_password); -DECL_FUNC_PTR(krb5_get_init_creds_opt_init); -DECL_FUNC_PTR(krb5_get_init_creds_opt_set_tkt_life); -DECL_FUNC_PTR(krb5_get_init_creds_opt_set_renew_life); -DECL_FUNC_PTR(krb5_get_init_creds_opt_set_forwardable); -DECL_FUNC_PTR(krb5_get_init_creds_opt_set_proxiable); -DECL_FUNC_PTR(krb5_get_init_creds_opt_set_address_list); -DECL_FUNC_PTR(krb5_get_init_creds_opt_set_change_password_prompt); -DECL_FUNC_PTR(krb5_get_init_creds_password); -DECL_FUNC_PTR(krb5_get_prompt_types); -DECL_FUNC_PTR(krb5_build_principal_ext); -DECL_FUNC_PTR(krb5_cc_get_name); -DECL_FUNC_PTR(krb5_cc_get_type); -DECL_FUNC_PTR(krb5_cc_resolve); -DECL_FUNC_PTR(krb5_cc_default); -DECL_FUNC_PTR(krb5_cc_default_name); -DECL_FUNC_PTR(krb5_cc_set_default_name); -DECL_FUNC_PTR(krb5_cc_initialize); -DECL_FUNC_PTR(krb5_cc_destroy); -DECL_FUNC_PTR(krb5_cc_close); -DECL_FUNC_PTR(krb5_cc_store_cred); -DECL_FUNC_PTR(krb5_cc_copy_creds); -DECL_FUNC_PTR(krb5_cc_retrieve_cred); -DECL_FUNC_PTR(krb5_cc_get_principal); -DECL_FUNC_PTR(krb5_cc_start_seq_get); -DECL_FUNC_PTR(krb5_cc_next_cred); -DECL_FUNC_PTR(krb5_cc_end_seq_get); -DECL_FUNC_PTR(krb5_cc_remove_cred); -DECL_FUNC_PTR(krb5_cc_set_flags); -// DECL_FUNC_PTR(krb5_cc_get_type); -DECL_FUNC_PTR(krb5_free_context); -DECL_FUNC_PTR(krb5_free_cred_contents); -DECL_FUNC_PTR(krb5_free_principal); -DECL_FUNC_PTR(krb5_get_in_tkt_with_password); -DECL_FUNC_PTR(krb5_init_context); -DECL_FUNC_PTR(krb5_parse_name); -DECL_FUNC_PTR(krb5_timeofday); -DECL_FUNC_PTR(krb5_timestamp_to_sfstring); -DECL_FUNC_PTR(krb5_unparse_name); -DECL_FUNC_PTR(krb5_get_credentials); -DECL_FUNC_PTR(krb5_mk_req); -DECL_FUNC_PTR(krb5_sname_to_principal); -DECL_FUNC_PTR(krb5_get_credentials_renew); -DECL_FUNC_PTR(krb5_free_data); -DECL_FUNC_PTR(krb5_free_data_contents); -// DECL_FUNC_PTR(krb5_get_realm_domain); -DECL_FUNC_PTR(krb5_free_unparsed_name); -DECL_FUNC_PTR(krb5_os_localaddr); -DECL_FUNC_PTR(krb5_copy_keyblock_contents); -DECL_FUNC_PTR(krb5_copy_data); -DECL_FUNC_PTR(krb5_free_creds); -DECL_FUNC_PTR(krb5_build_principal); -DECL_FUNC_PTR(krb5_get_renewed_creds); -DECL_FUNC_PTR(krb5_get_default_config_files); -DECL_FUNC_PTR(krb5_free_config_files); -DECL_FUNC_PTR(krb5_get_default_realm); -DECL_FUNC_PTR(krb5_set_default_realm); -DECL_FUNC_PTR(krb5_free_ticket); -DECL_FUNC_PTR(krb5_decode_ticket); -DECL_FUNC_PTR(krb5_get_host_realm); -DECL_FUNC_PTR(krb5_free_host_realm); -DECL_FUNC_PTR(krb5_c_random_make_octets); -DECL_FUNC_PTR(krb5_free_addresses); -DECL_FUNC_PTR(krb5_free_default_realm); -DECL_FUNC_PTR(krb5_string_to_deltat); -DECL_FUNC_PTR(krb5_get_error_message); -DECL_FUNC_PTR(krb5_free_error_message); -DECL_FUNC_PTR(krb5_clear_error_message); - -// Krb524 functions -DECL_FUNC_PTR(krb524_init_ets); -DECL_FUNC_PTR(krb524_convert_creds_kdc); - -// ComErr functions -DECL_FUNC_PTR(com_err); -DECL_FUNC_PTR(error_message); - -// Profile functions -DECL_FUNC_PTR(profile_init); -DECL_FUNC_PTR(profile_flush); -DECL_FUNC_PTR(profile_release); -DECL_FUNC_PTR(profile_get_subsection_names); -DECL_FUNC_PTR(profile_free_list); -DECL_FUNC_PTR(profile_get_string); -DECL_FUNC_PTR(profile_get_integer); -DECL_FUNC_PTR(profile_get_values); -DECL_FUNC_PTR(profile_get_relation_names); -DECL_FUNC_PTR(profile_clear_relation); -DECL_FUNC_PTR(profile_add_relation); -DECL_FUNC_PTR(profile_update_relation); -DECL_FUNC_PTR(profile_release_string); -DECL_FUNC_PTR(profile_rename_section); - -// Service functions -DECL_FUNC_PTR(OpenSCManagerA); -DECL_FUNC_PTR(OpenServiceA); -DECL_FUNC_PTR(QueryServiceStatus); -DECL_FUNC_PTR(CloseServiceHandle); -DECL_FUNC_PTR(LsaNtStatusToWinError); - -// LSA Functions -DECL_FUNC_PTR(LsaConnectUntrusted); -DECL_FUNC_PTR(LsaLookupAuthenticationPackage); -DECL_FUNC_PTR(LsaCallAuthenticationPackage); -DECL_FUNC_PTR(LsaFreeReturnBuffer); -DECL_FUNC_PTR(LsaGetLogonSessionData); - -// CCAPI -FUNC_INFO ccapi_fi[] = { - MAKE_FUNC_INFO(cc_initialize), - MAKE_FUNC_INFO(cc_shutdown), - MAKE_FUNC_INFO(cc_get_NC_info), - MAKE_FUNC_INFO(cc_free_NC_info), - END_FUNC_INFO -}; - -FUNC_INFO k4_fi[] = { - MAKE_FUNC_INFO(get_krb_err_txt_entry), - MAKE_FUNC_INFO(k_isinst), - MAKE_FUNC_INFO(k_isname), - MAKE_FUNC_INFO(k_isrealm), - MAKE_FUNC_INFO(kadm_change_your_password), - MAKE_FUNC_INFO(kname_parse), - MAKE_FUNC_INFO(krb_get_cred), - MAKE_FUNC_INFO(krb_get_krbhst), - MAKE_FUNC_INFO(krb_get_lrealm), - MAKE_FUNC_INFO(krb_get_pw_in_tkt), - MAKE_FUNC_INFO(krb_get_tf_realm), - MAKE_FUNC_INFO(krb_mk_req), - MAKE_FUNC_INFO(krb_realmofhost), - MAKE_FUNC_INFO(tf_init), - MAKE_FUNC_INFO(tf_close), - MAKE_FUNC_INFO(tf_get_cred), - MAKE_FUNC_INFO(tf_get_pname), - MAKE_FUNC_INFO(tf_get_pinst), - MAKE_FUNC_INFO(LocalHostAddr), - MAKE_FUNC_INFO(tkt_string), - MAKE_FUNC_INFO(krb_set_tkt_string), - MAKE_FUNC_INFO(initialize_krb_error_func), - MAKE_FUNC_INFO(initialize_kadm_error_table), - MAKE_FUNC_INFO(dest_tkt), - /* MAKE_FUNC_INFO(lsh_LoadKrb4LeashErrorTables), */// XXX - MAKE_FUNC_INFO(krb_in_tkt), - MAKE_FUNC_INFO(krb_save_credentials), - MAKE_FUNC_INFO(krb_get_krbconf2), - MAKE_FUNC_INFO(krb_get_krbrealm2), - MAKE_FUNC_INFO(krb_life_to_time), - END_FUNC_INFO -}; - -FUNC_INFO k5_fi[] = { - MAKE_FUNC_INFO(krb5_change_password), - MAKE_FUNC_INFO(krb5_get_init_creds_opt_init), - MAKE_FUNC_INFO(krb5_get_init_creds_opt_set_tkt_life), - MAKE_FUNC_INFO(krb5_get_init_creds_opt_set_renew_life), - MAKE_FUNC_INFO(krb5_get_init_creds_opt_set_forwardable), - MAKE_FUNC_INFO(krb5_get_init_creds_opt_set_proxiable), - MAKE_FUNC_INFO(krb5_get_init_creds_opt_set_address_list), - MAKE_FUNC_INFO(krb5_get_init_creds_opt_set_change_password_prompt), - MAKE_FUNC_INFO(krb5_get_init_creds_password), - MAKE_FUNC_INFO(krb5_get_prompt_types), - MAKE_FUNC_INFO(krb5_build_principal_ext), - MAKE_FUNC_INFO(krb5_cc_get_name), - MAKE_FUNC_INFO(krb5_cc_get_type), - MAKE_FUNC_INFO(krb5_cc_resolve), - MAKE_FUNC_INFO(krb5_cc_default), - MAKE_FUNC_INFO(krb5_cc_default_name), - MAKE_FUNC_INFO(krb5_cc_set_default_name), - MAKE_FUNC_INFO(krb5_cc_initialize), - MAKE_FUNC_INFO(krb5_cc_destroy), - MAKE_FUNC_INFO(krb5_cc_close), - MAKE_FUNC_INFO(krb5_cc_copy_creds), - MAKE_FUNC_INFO(krb5_cc_store_cred), - MAKE_FUNC_INFO(krb5_cc_retrieve_cred), - MAKE_FUNC_INFO(krb5_cc_get_principal), - MAKE_FUNC_INFO(krb5_cc_start_seq_get), - MAKE_FUNC_INFO(krb5_cc_next_cred), - MAKE_FUNC_INFO(krb5_cc_end_seq_get), - MAKE_FUNC_INFO(krb5_cc_remove_cred), - MAKE_FUNC_INFO(krb5_cc_set_flags), - // MAKE_FUNC_INFO(krb5_cc_get_type), - MAKE_FUNC_INFO(krb5_free_context), - MAKE_FUNC_INFO(krb5_free_cred_contents), - MAKE_FUNC_INFO(krb5_free_principal), - MAKE_FUNC_INFO(krb5_get_in_tkt_with_password), - MAKE_FUNC_INFO(krb5_init_context), - MAKE_FUNC_INFO(krb5_parse_name), - MAKE_FUNC_INFO(krb5_timeofday), - MAKE_FUNC_INFO(krb5_timestamp_to_sfstring), - MAKE_FUNC_INFO(krb5_unparse_name), - MAKE_FUNC_INFO(krb5_get_credentials), - MAKE_FUNC_INFO(krb5_mk_req), - MAKE_FUNC_INFO(krb5_sname_to_principal), - MAKE_FUNC_INFO(krb5_get_credentials_renew), - MAKE_FUNC_INFO(krb5_free_data), - MAKE_FUNC_INFO(krb5_free_data_contents), - // MAKE_FUNC_INFO(krb5_get_realm_domain), - MAKE_FUNC_INFO(krb5_free_unparsed_name), - MAKE_FUNC_INFO(krb5_os_localaddr), - MAKE_FUNC_INFO(krb5_copy_keyblock_contents), - MAKE_FUNC_INFO(krb5_copy_data), - MAKE_FUNC_INFO(krb5_free_creds), - MAKE_FUNC_INFO(krb5_build_principal), - MAKE_FUNC_INFO(krb5_get_renewed_creds), - MAKE_FUNC_INFO(krb5_free_addresses), - MAKE_FUNC_INFO(krb5_get_default_config_files), - MAKE_FUNC_INFO(krb5_free_config_files), - MAKE_FUNC_INFO(krb5_get_default_realm), - MAKE_FUNC_INFO(krb5_set_default_realm), - MAKE_FUNC_INFO(krb5_free_ticket), - MAKE_FUNC_INFO(krb5_decode_ticket), - MAKE_FUNC_INFO(krb5_get_host_realm), - MAKE_FUNC_INFO(krb5_free_host_realm), - MAKE_FUNC_INFO(krb5_c_random_make_octets), - MAKE_FUNC_INFO(krb5_free_default_realm), - MAKE_FUNC_INFO(krb5_string_to_deltat), - MAKE_FUNC_INFO(krb5_get_error_message), - MAKE_FUNC_INFO(krb5_free_error_message), - MAKE_FUNC_INFO(krb5_clear_error_message), - END_FUNC_INFO -}; - -FUNC_INFO k524_fi[] = { - MAKE_FUNC_INFO(krb524_init_ets), - MAKE_FUNC_INFO(krb524_convert_creds_kdc), - END_FUNC_INFO -}; - -FUNC_INFO profile_fi[] = { - MAKE_FUNC_INFO(profile_init), - MAKE_FUNC_INFO(profile_flush), - MAKE_FUNC_INFO(profile_release), - MAKE_FUNC_INFO(profile_get_subsection_names), - MAKE_FUNC_INFO(profile_free_list), - MAKE_FUNC_INFO(profile_get_string), - MAKE_FUNC_INFO(profile_get_integer), - MAKE_FUNC_INFO(profile_get_values), - MAKE_FUNC_INFO(profile_get_relation_names), - MAKE_FUNC_INFO(profile_clear_relation), - MAKE_FUNC_INFO(profile_add_relation), - MAKE_FUNC_INFO(profile_update_relation), - MAKE_FUNC_INFO(profile_release_string), - MAKE_FUNC_INFO(profile_rename_section), - END_FUNC_INFO -}; - -FUNC_INFO ce_fi[] = { - MAKE_FUNC_INFO(com_err), - MAKE_FUNC_INFO(error_message), - END_FUNC_INFO -}; - -FUNC_INFO service_fi[] = { - MAKE_FUNC_INFO(OpenSCManagerA), - MAKE_FUNC_INFO(OpenServiceA), - MAKE_FUNC_INFO(QueryServiceStatus), - MAKE_FUNC_INFO(CloseServiceHandle), - MAKE_FUNC_INFO(LsaNtStatusToWinError), - END_FUNC_INFO -}; - -FUNC_INFO lsa_fi[] = { - MAKE_FUNC_INFO(LsaConnectUntrusted), - MAKE_FUNC_INFO(LsaLookupAuthenticationPackage), - MAKE_FUNC_INFO(LsaCallAuthenticationPackage), - MAKE_FUNC_INFO(LsaFreeReturnBuffer), - MAKE_FUNC_INFO(LsaGetLogonSessionData), - END_FUNC_INFO -}; - -// psapi functions -DECL_FUNC_PTR(GetModuleFileNameExA); -DECL_FUNC_PTR(EnumProcessModules); - -FUNC_INFO psapi_fi[] = { - MAKE_FUNC_INFO(GetModuleFileNameExA), - MAKE_FUNC_INFO(EnumProcessModules), - END_FUNC_INFO -}; - -// toolhelp functions -DECL_FUNC_PTR(CreateToolhelp32Snapshot); -DECL_FUNC_PTR(Module32First); -DECL_FUNC_PTR(Module32Next); - -FUNC_INFO toolhelp_fi[] = { - MAKE_FUNC_INFO(CreateToolhelp32Snapshot), - MAKE_FUNC_INFO(Module32First), - MAKE_FUNC_INFO(Module32Next), - END_FUNC_INFO -}; - -khm_int32 init_imports(void) { - OSVERSIONINFO osvi; - int imp_rv = 1; - -#define CKRV(m) \ - do { \ - if(!imp_rv) { \ - _reportf(L"Can't locate all required exports from module [%S]", (m)); \ - goto _err_ret; \ - } \ - } while (FALSE) - -#ifndef _WIN64 - imp_rv = LoadFuncs(KRB4_DLL, k4_fi, &hKrb4, 0, 1, 0, 0); - CKRV(KRB4_DLL); -#endif - - imp_rv = LoadFuncs(KRB5_DLL, k5_fi, &hKrb5, 0, 1, 0, 0); - CKRV(KRB5_DLL); - - imp_rv = LoadFuncs(COMERR_DLL, ce_fi, &hComErr, 0, 0, 1, 0); - CKRV(COMERR_DLL); - - imp_rv = LoadFuncs(SERVICE_DLL, service_fi, &hService, 0, 1, 0, 0); - CKRV(SERVICE_DLL); - - imp_rv = LoadFuncs(SECUR32_DLL, lsa_fi, &hSecur32, 0, 1, 1, 1); - CKRV(SECUR32_DLL); - -#ifndef _WIN64 - imp_rv = LoadFuncs(KRB524_DLL, k524_fi, &hKrb524, 0, 1, 1, 1); - CKRV(KRB524_DLL); -#endif - - imp_rv = LoadFuncs(PROFILE_DLL, profile_fi, &hProfile, 0, 1, 0, 0); - CKRV(PROFILE_DLL); - - imp_rv = LoadFuncs(CCAPI_DLL, ccapi_fi, &hCCAPI, 0, 1, 0, 0); - /* CCAPI_DLL is optional. No error check. */ - - memset(&osvi, 0, sizeof(OSVERSIONINFO)); - osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); - GetVersionEx(&osvi); - - // XXX: We should really use feature testing, first - // checking for CreateToolhelp32Snapshot. If that's - // not around, we try the psapi stuff. - // - // Only load LSA functions if on NT/2000/XP - if(osvi.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS) - { - // Windows 9x - imp_rv = LoadFuncs(TOOLHELPDLL, toolhelp_fi, &hToolHelp32, 0, 1, 0, 0); - CKRV(TOOLHELPDLL); - - hPsapi = 0; - } - else if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT) - { - // Windows NT - imp_rv = LoadFuncs(PSAPIDLL, psapi_fi, &hPsapi, 0, 1, 0, 0); - CKRV(PSAPIDLL); - - hToolHelp32 = 0; - } - - AfsAvailable = TRUE; //afscompat_init(); - - return KHM_ERROR_SUCCESS; - - _err_ret: - return KHM_ERROR_NOT_FOUND; -} - -khm_int32 exit_imports(void) { - //afscompat_close(); - - if (hKrb4) - FreeLibrary(hKrb4); - if (hKrb5) - FreeLibrary(hKrb5); - if (hProfile) - FreeLibrary(hProfile); - if (hComErr) - FreeLibrary(hComErr); - if (hService) - FreeLibrary(hService); - if (hSecur32) - FreeLibrary(hSecur32); - if (hKrb524) - FreeLibrary(hKrb524); - if (hPsapi) - FreeLibrary(hPsapi); - if (hToolHelp32) - FreeLibrary(hToolHelp32); - - return KHM_ERROR_SUCCESS; -} - -int (*Lcom_err)(LPSTR,long,LPSTR,...); -LPSTR (*Lerror_message)(long); -LPSTR (*Lerror_table_name)(long); - -void Leash_load_com_err_callback(FARPROC ce, - FARPROC em, - FARPROC etn) -{ - Lcom_err = (int (*)(LPSTR,long,LPSTR,...)) ce; - Lerror_message = (LPSTR (*)(long)) em; - Lerror_table_name = (LPSTR (*)(long)) etn; -} diff --git a/src/windows/identity/plugins/common/dynimport.h b/src/windows/identity/plugins/common/dynimport.h deleted file mode 100644 index 8660d6c0d..000000000 --- a/src/windows/identity/plugins/common/dynimport.h +++ /dev/null @@ -1,368 +0,0 @@ -/* - * Copyright (c) 2005 Massachusetts Institute of Technology - * - * Permission is hereby granted, free of charge, to any person - * obtaining a copy of this software and associated documentation - * files (the "Software"), to deal in the Software without - * restriction, including without limitation the rights to use, copy, - * modify, merge, publish, distribute, sublicense, and/or sell copies - * of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be - * included in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS - * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN - * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - */ - -/* $Id$ */ - -#ifndef __KHIMAIRA_DYNIMPORT_H -#define __KHIMAIRA_DYNIMPORT_H - -/* Dynamic imports */ -#include<khdefs.h> -#include<tlhelp32.h> - -#if _WIN32_WINNT < 0x0501 -#define KHM_SAVE_WIN32_WINNT _WIN32_WINNT -#undef _WIN32_WINNT -#define _WIN32_WINNT 0x0501 -#endif -#include<ntsecapi.h> -#ifdef KHM_SAVE_WIN32_WINNT -#undef _WIN32_WINNT -#define _WIN32_WINNT KHM_SAVE_WIN32_WINNT -#undef KHM_SAVE_WIN32_WINNT -#endif - -extern HINSTANCE hKrb4; -extern HINSTANCE hKrb5; -extern HINSTANCE hProfile; - -/////////////////////////////////////////////////////////////////////////////// - -#ifdef _WIN64 -#define CCAPI_DLL "krbcc64.dll" -#define KRBCC32_DLL "krbcc64.dll" -#else -#define CCAPI_DLL "krbcc32.dll" -#define KRBCC32_DLL "krbcc32.dll" -#endif -#define SERVICE_DLL "advapi32.dll" -#define SECUR32_DLL "secur32.dll" - -////////////////////////////////////////////////////////////////////////////// - -#include <loadfuncs-com_err.h> -#include <loadfuncs-krb5.h> -#include <loadfuncs-profile.h> -#include <loadfuncs-krb.h> -#include <loadfuncs-krb524.h> -#include <loadfuncs-lsa.h> - -//// CCAPI -/* In order to avoid including the private CCAPI headers */ -typedef int cc_int32; - -#define CC_API_VER_1 1 -#define CC_API_VER_2 2 - -#define CCACHE_API cc_int32 - -/* -** The Official Error Codes -*/ -#define CC_NOERROR 0 -#define CC_BADNAME 1 -#define CC_NOTFOUND 2 -#define CC_END 3 -#define CC_IO 4 -#define CC_WRITE 5 -#define CC_NOMEM 6 -#define CC_FORMAT 7 -#define CC_LOCKED 8 -#define CC_BAD_API_VERSION 9 -#define CC_NO_EXIST 10 -#define CC_NOT_SUPP 11 -#define CC_BAD_PARM 12 -#define CC_ERR_CACHE_ATTACH 13 -#define CC_ERR_CACHE_RELEASE 14 -#define CC_ERR_CACHE_FULL 15 -#define CC_ERR_CRED_VERSION 16 - -enum { - CC_CRED_VUNKNOWN = 0, // For validation - CC_CRED_V4 = 1, - CC_CRED_V5 = 2, - CC_CRED_VMAX = 3 // For validation -}; - -typedef struct opaque_dll_control_block_type* apiCB; -typedef struct _infoNC { - char* name; - char* principal; - cc_int32 vers; -} infoNC; - -TYPEDEF_FUNC( -CCACHE_API, -CALLCONV_C, -cc_initialize, - ( - apiCB** cc_ctx, // < DLL's primary control structure. - // returned here, passed everywhere else - cc_int32 api_version, // > ver supported by caller (use CC_API_VER_1) - cc_int32* api_supported, // < if ~NULL, max ver supported by DLL - const char** vendor // < if ~NULL, vendor name in read only C string - ) -); - -TYPEDEF_FUNC( -CCACHE_API, -CALLCONV_C, -cc_shutdown, - ( - apiCB** cc_ctx // <> DLL's primary control structure. NULL after - ) -); - -TYPEDEF_FUNC( -CCACHE_API, -CALLCONV_C, -cc_get_NC_info, - ( - apiCB* cc_ctx, // > DLL's primary control structure - struct _infoNC*** ppNCi // < (NULL before call) null terminated, - // list of a structs (free via cc_free_infoNC()) - ) -); - -TYPEDEF_FUNC( -CCACHE_API, -CALLCONV_C, -cc_free_NC_info, - ( - apiCB* cc_ctx, - struct _infoNC*** ppNCi // < free list of structs returned by - // cc_get_cache_names(). set to NULL on return - ) -); -//// \CCAPI - -extern DWORD AfsAvailable; - -// service definitions -typedef SC_HANDLE (WINAPI *FP_OpenSCManagerA)(char *, char *, DWORD); -typedef SC_HANDLE (WINAPI *FP_OpenServiceA)(SC_HANDLE, char *, DWORD); -typedef BOOL (WINAPI *FP_QueryServiceStatus)(SC_HANDLE, LPSERVICE_STATUS); -typedef BOOL (WINAPI *FP_CloseServiceHandle)(SC_HANDLE); - -////////////////////////////////////////////////////////////////////////////// - -// CCAPI -extern DECL_FUNC_PTR(cc_initialize); -extern DECL_FUNC_PTR(cc_shutdown); -extern DECL_FUNC_PTR(cc_get_NC_info); -extern DECL_FUNC_PTR(cc_free_NC_info); - -// krb4 functions -extern DECL_FUNC_PTR(get_krb_err_txt_entry); -extern DECL_FUNC_PTR(k_isinst); -extern DECL_FUNC_PTR(k_isname); -extern DECL_FUNC_PTR(k_isrealm); -extern DECL_FUNC_PTR(kadm_change_your_password); -extern DECL_FUNC_PTR(kname_parse); -extern DECL_FUNC_PTR(krb_get_cred); -extern DECL_FUNC_PTR(krb_get_krbhst); -extern DECL_FUNC_PTR(krb_get_lrealm); -extern DECL_FUNC_PTR(krb_get_pw_in_tkt); -extern DECL_FUNC_PTR(krb_get_tf_realm); -extern DECL_FUNC_PTR(krb_mk_req); -extern DECL_FUNC_PTR(krb_realmofhost); -extern DECL_FUNC_PTR(tf_init); -extern DECL_FUNC_PTR(tf_close); -extern DECL_FUNC_PTR(tf_get_cred); -extern DECL_FUNC_PTR(tf_get_pname); -extern DECL_FUNC_PTR(tf_get_pinst); -extern DECL_FUNC_PTR(LocalHostAddr); -extern DECL_FUNC_PTR(tkt_string); -extern DECL_FUNC_PTR(krb_set_tkt_string); -extern DECL_FUNC_PTR(initialize_krb_error_func); -extern DECL_FUNC_PTR(initialize_kadm_error_table); -extern DECL_FUNC_PTR(dest_tkt); -extern DECL_FUNC_PTR(lsh_LoadKrb4LeashErrorTables); // XXX -extern DECL_FUNC_PTR(krb_in_tkt); -extern DECL_FUNC_PTR(krb_save_credentials); -extern DECL_FUNC_PTR(krb_get_krbconf2); -extern DECL_FUNC_PTR(krb_get_krbrealm2); -extern DECL_FUNC_PTR(krb_life_to_time); - -// krb5 functions -extern DECL_FUNC_PTR(krb5_change_password); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_init); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_set_tkt_life); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_set_renew_life); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_set_forwardable); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_set_proxiable); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_set_renew_life); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_set_address_list); -extern DECL_FUNC_PTR(krb5_get_init_creds_opt_set_change_password_prompt); -extern DECL_FUNC_PTR(krb5_get_init_creds_password); -extern DECL_FUNC_PTR(krb5_get_prompt_types); -extern DECL_FUNC_PTR(krb5_build_principal_ext); -extern DECL_FUNC_PTR(krb5_cc_get_name); -extern DECL_FUNC_PTR(krb5_cc_get_type); -extern DECL_FUNC_PTR(krb5_cc_resolve); -extern DECL_FUNC_PTR(krb5_cc_default); -extern DECL_FUNC_PTR(krb5_cc_default_name); -extern DECL_FUNC_PTR(krb5_cc_set_default_name); -extern DECL_FUNC_PTR(krb5_cc_initialize); -extern DECL_FUNC_PTR(krb5_cc_destroy); -extern DECL_FUNC_PTR(krb5_cc_close); -extern DECL_FUNC_PTR(krb5_cc_copy_creds); -extern DECL_FUNC_PTR(krb5_cc_store_cred); -extern DECL_FUNC_PTR(krb5_cc_retrieve_cred); -extern DECL_FUNC_PTR(krb5_cc_get_principal); -extern DECL_FUNC_PTR(krb5_cc_start_seq_get); -extern DECL_FUNC_PTR(krb5_cc_next_cred); -extern DECL_FUNC_PTR(krb5_cc_end_seq_get); -extern DECL_FUNC_PTR(krb5_cc_remove_cred); -extern DECL_FUNC_PTR(krb5_cc_set_flags); -// extern DECL_FUNC_PTR(krb5_cc_get_type); -extern DECL_FUNC_PTR(krb5_free_context); -extern DECL_FUNC_PTR(krb5_free_cred_contents); -extern DECL_FUNC_PTR(krb5_free_principal); -extern DECL_FUNC_PTR(krb5_get_in_tkt_with_password); -extern DECL_FUNC_PTR(krb5_init_context); -extern DECL_FUNC_PTR(krb5_parse_name); -extern DECL_FUNC_PTR(krb5_timeofday); -extern DECL_FUNC_PTR(krb5_timestamp_to_sfstring); -extern DECL_FUNC_PTR(krb5_unparse_name); -extern DECL_FUNC_PTR(krb5_get_credentials); -extern DECL_FUNC_PTR(krb5_mk_req); -extern DECL_FUNC_PTR(krb5_sname_to_principal); -extern DECL_FUNC_PTR(krb5_get_credentials_renew); -extern DECL_FUNC_PTR(krb5_free_data); -extern DECL_FUNC_PTR(krb5_free_data_contents); -// extern DECL_FUNC_PTR(krb5_get_realm_domain); -extern DECL_FUNC_PTR(krb5_free_unparsed_name); -extern DECL_FUNC_PTR(krb5_os_localaddr); -extern DECL_FUNC_PTR(krb5_copy_keyblock_contents); -extern DECL_FUNC_PTR(krb5_copy_data); -extern DECL_FUNC_PTR(krb5_free_creds); -extern DECL_FUNC_PTR(krb5_build_principal); -extern DECL_FUNC_PTR(krb5_get_renewed_creds); -extern DECL_FUNC_PTR(krb5_free_addresses); -extern DECL_FUNC_PTR(krb5_get_default_config_files); -extern DECL_FUNC_PTR(krb5_free_config_files); -extern DECL_FUNC_PTR(krb5_get_default_realm); -extern DECL_FUNC_PTR(krb5_set_default_realm); -extern DECL_FUNC_PTR(krb5_free_ticket); -extern DECL_FUNC_PTR(krb5_decode_ticket); -extern DECL_FUNC_PTR(krb5_get_host_realm); -extern DECL_FUNC_PTR(krb5_free_host_realm); -extern DECL_FUNC_PTR(krb5_c_random_make_octets); -extern DECL_FUNC_PTR(krb5_free_default_realm); -extern DECL_FUNC_PTR(krb5_string_to_deltat); -extern DECL_FUNC_PTR(krb5_get_error_message); -extern DECL_FUNC_PTR(krb5_free_error_message); -extern DECL_FUNC_PTR(krb5_clear_error_message); - -// Krb524 functions -extern DECL_FUNC_PTR(krb524_init_ets); -extern DECL_FUNC_PTR(krb524_convert_creds_kdc); - -// ComErr functions -extern DECL_FUNC_PTR(com_err); -extern DECL_FUNC_PTR(error_message); - -// Profile functions -extern DECL_FUNC_PTR(profile_init); -extern DECL_FUNC_PTR(profile_flush); -extern DECL_FUNC_PTR(profile_release); -extern DECL_FUNC_PTR(profile_get_subsection_names); -extern DECL_FUNC_PTR(profile_free_list); -extern DECL_FUNC_PTR(profile_get_string); -extern DECL_FUNC_PTR(profile_get_integer); -extern DECL_FUNC_PTR(profile_get_values); -extern DECL_FUNC_PTR(profile_get_relation_names); -extern DECL_FUNC_PTR(profile_clear_relation); -extern DECL_FUNC_PTR(profile_add_relation); -extern DECL_FUNC_PTR(profile_update_relation); -extern DECL_FUNC_PTR(profile_release_string); -extern DECL_FUNC_PTR(profile_rename_section); - -// Service functions -extern DECL_FUNC_PTR(OpenSCManagerA); -extern DECL_FUNC_PTR(OpenServiceA); -extern DECL_FUNC_PTR(QueryServiceStatus); -extern DECL_FUNC_PTR(CloseServiceHandle); -extern DECL_FUNC_PTR(LsaNtStatusToWinError); - -// LSA Functions -extern DECL_FUNC_PTR(LsaConnectUntrusted); -extern DECL_FUNC_PTR(LsaLookupAuthenticationPackage); -extern DECL_FUNC_PTR(LsaCallAuthenticationPackage); -extern DECL_FUNC_PTR(LsaFreeReturnBuffer); -extern DECL_FUNC_PTR(LsaGetLogonSessionData); - -// toolhelp functions -TYPEDEF_FUNC( - HANDLE, - WINAPI, - CreateToolhelp32Snapshot, - (DWORD, DWORD) - ); -TYPEDEF_FUNC( - BOOL, - WINAPI, - Module32First, - (HANDLE, LPMODULEENTRY32) - ); -TYPEDEF_FUNC( - BOOL, - WINAPI, - Module32Next, - (HANDLE, LPMODULEENTRY32) - ); - -// psapi functions -TYPEDEF_FUNC( - DWORD, - WINAPI, - GetModuleFileNameExA, - (HANDLE, HMODULE, LPSTR, DWORD) - ); - -TYPEDEF_FUNC( - BOOL, - WINAPI, - EnumProcessModules, - (HANDLE, HMODULE*, DWORD, LPDWORD) - ); - -#define pGetModuleFileNameEx pGetModuleFileNameExA -#define TOOLHELPDLL "kernel32.dll" -#define PSAPIDLL "psapi.dll" - -// psapi functions -extern DECL_FUNC_PTR(GetModuleFileNameExA); -extern DECL_FUNC_PTR(EnumProcessModules); - -// toolhelp functions -extern DECL_FUNC_PTR(CreateToolhelp32Snapshot); -extern DECL_FUNC_PTR(Module32First); -extern DECL_FUNC_PTR(Module32Next); - -khm_int32 init_imports(void); -khm_int32 exit_imports(void); - -#endif diff --git a/src/windows/identity/plugins/common/krb5common.c b/src/windows/identity/plugins/common/krb5common.c deleted file mode 100644 index f3a5e988e..000000000 --- a/src/windows/identity/plugins/common/krb5common.c +++ /dev/null @@ -1,451 +0,0 @@ -/* - * Copyright (c) 2005 Massachusetts Institute of Technology - * - * Permission is hereby granted, free of charge, to any person - * obtaining a copy of this software and associated documentation - * files (the "Software"), to deal in the Software without - * restriction, including without limitation the rights to use, copy, - * modify, merge, publish, distribute, sublicense, and/or sell copies - * of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be - * included in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS - * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN - * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - */ - -/* $Id$ */ - -#include<windows.h> -#include<netidmgr.h> -#include<dynimport.h> -#include<krb5common.h> -#ifdef DEBUG -#include<assert.h> -#endif -#include<strsafe.h> - -/**************************************/ -/* khm_krb5_error(): */ -/**************************************/ -int -khm_krb5_error(krb5_error_code rc, LPCSTR FailedFunctionName, - int FreeContextFlag, krb5_context * ctx, - krb5_ccache * cache) -{ -#ifdef NO_KRB5 - return -1; -#else - -#ifdef SHOW_MESSAGE_IN_AN_ANNOYING_WAY - char message[256]; - const char *errText; - int krb5Error = ((int)(rc & 255)); - - errText = perror_message(rc); - _snprintf(message, sizeof(message), - "%s\n(Kerberos error %ld)\n\n%s failed", - errText, - krb5Error, - FailedFunctionName); - - MessageBoxA(NULL, message, "Kerberos Five", MB_OK | MB_ICONERROR | - MB_TASKMODAL | - MB_SETFOREGROUND); -#endif - - if (FreeContextFlag == 1) - { - if (*ctx != NULL) - { - if (*cache != NULL) { - pkrb5_cc_close(*ctx, *cache); - *cache = NULL; - } - - pkrb5_free_context(*ctx); - *ctx = NULL; - } - } - - return rc; - -#endif //!NO_KRB5 -} - -int -khm_krb5_initialize(khm_handle ident, - krb5_context *ctx, - krb5_ccache *cache) -{ -#ifdef NO_KRB5 - return(-1); -#else - - LPCSTR functionName = NULL; - int freeContextFlag = 0; - krb5_error_code rc = -1; - krb5_flags flags = 0; - - if (pkrb5_init_context == NULL) - return 1; - - if (*ctx == 0 && (rc = (*pkrb5_init_context)(ctx))) { - functionName = "krb5_init_context()"; - freeContextFlag = 0; - goto on_error; - } - - if(*cache == 0) { - wchar_t wccname[MAX_PATH]; - khm_size cbwccname; - - if(ident != NULL) { - cbwccname = sizeof(wccname); - do { - char ccname[256]; - - if(KHM_FAILED(kcdb_identity_get_attrib(ident, L"Krb5CCName", - NULL, wccname, - &cbwccname))) { - cbwccname = sizeof(wccname); - if (KHM_FAILED - (khm_krb5_find_ccache_for_identity(ident, - ctx, - wccname, - &cbwccname))) { -#ifdef DEBUG_LIKE_A_MADMAN - assert(FALSE); -#endif - break; - } - } - - if(UnicodeStrToAnsi(ccname, sizeof(ccname), wccname) == 0) - break; - - if(rc = (*pkrb5_cc_resolve)(*ctx, ccname, cache)) { - functionName = "krb5_cc_resolve()"; - freeContextFlag = 1; - goto on_error; - } - } while(FALSE); - } - -#ifndef FAILOVER_TO_DEFAULT_CCACHE - rc = 1; -#endif - if (*cache == 0 -#ifdef FAILOVER_TO_DEFAULT_CCACHE - && (rc = (*pkrb5_cc_default)(*ctx, cache)) -#endif - ) { - functionName = "krb5_cc_default()"; - freeContextFlag = 1; - goto on_error; - } - } - -#ifdef KRB5_TC_NOTICKET - flags = KRB5_TC_NOTICKET; -#endif - - if ((rc = (*pkrb5_cc_set_flags)(*ctx, *cache, flags))) - { - if (rc != KRB5_FCC_NOFILE && rc != KRB5_CC_NOTFOUND) - khm_krb5_error(rc, "krb5_cc_set_flags()", 0, ctx, - cache); - else if ((rc == KRB5_FCC_NOFILE || rc == KRB5_CC_NOTFOUND) && *ctx != NULL) { - if (*cache != NULL) { - (*pkrb5_cc_close)(*ctx, *cache); - *cache = NULL; - } - } - return rc; - } - return 0; - -on_error: - return khm_krb5_error(rc, functionName, freeContextFlag, ctx, cache); -#endif //!NO_KRB5 -} - -#define TIMET_TOLERANCE (60*5) - -khm_int32 KHMAPI -khm_get_identity_expiration_time(krb5_context ctx, krb5_ccache cc, - khm_handle ident, - krb5_timestamp * pexpiration) -{ - krb5_principal principal = 0; - char * princ_name = NULL; - krb5_creds creds; - krb5_error_code code; - krb5_error_code cc_code; - krb5_cc_cursor cur; - krb5_timestamp now, expiration = 0; - - wchar_t w_ident_name[KCDB_IDENT_MAXCCH_NAME]; - char ident_name[KCDB_IDENT_MAXCCH_NAME]; - khm_size cb; - - khm_int32 rv = KHM_ERROR_NOT_FOUND; - - if (!ctx || !cc || !ident || !pexpiration) - return KHM_ERROR_GENERAL; - - code = pkrb5_cc_get_principal(ctx, cc, &principal); - - if ( code ) - return KHM_ERROR_INVALID_PARAM; - - cb = sizeof(w_ident_name); - kcdb_identity_get_name(ident, w_ident_name, &cb); - UnicodeStrToAnsi(ident_name, sizeof(ident_name), w_ident_name); - - code = pkrb5_unparse_name(ctx, principal, &princ_name); - - /* compare principal to ident. */ - - if ( code || !princ_name || - strcmp(princ_name, ident_name) ) { - if (princ_name) - pkrb5_free_unparsed_name(ctx, princ_name); - pkrb5_free_principal(ctx, principal); - return KHM_ERROR_UNKNOWN; - } - - pkrb5_free_unparsed_name(ctx, princ_name); - pkrb5_free_principal(ctx, principal); - - code = pkrb5_timeofday(ctx, &now); - - if (code) - return KHM_ERROR_UNKNOWN; - - cc_code = pkrb5_cc_start_seq_get(ctx, cc, &cur); - - while (!(cc_code = pkrb5_cc_next_cred(ctx, cc, &cur, &creds))) { - krb5_data * c0 = krb5_princ_name(ctx, creds.server); - krb5_data * c1 = krb5_princ_component(ctx, creds.server, 1); - krb5_data * r = krb5_princ_realm(ctx, creds.server); - - if ( c0 && c1 && r && c1->length == r->length && - !strncmp(c1->data,r->data,r->length) && - !strncmp("krbtgt",c0->data,c0->length) ) { - - /* we have a TGT, check for the expiration time. - * if it is valid and renewable, use the renew time - */ - - if (!(creds.ticket_flags & TKT_FLG_INVALID) && - creds.times.starttime < (now + TIMET_TOLERANCE) && - (creds.times.endtime + TIMET_TOLERANCE) > now) { - expiration = creds.times.endtime; - - if ((creds.ticket_flags & TKT_FLG_RENEWABLE) && - (creds.times.renew_till > creds.times.endtime)) { - expiration = creds.times.renew_till; - } - } - } - } - - if (cc_code == KRB5_CC_END) { - cc_code = pkrb5_cc_end_seq_get(ctx, cc, &cur); - rv = KHM_ERROR_SUCCESS; - *pexpiration = expiration; - } - - return rv; -} - -khm_int32 KHMAPI -khm_krb5_find_ccache_for_identity(khm_handle ident, krb5_context *pctx, - void * buffer, khm_size * pcbbuf) -{ - krb5_context ctx = 0; - krb5_ccache cache = 0; - krb5_error_code code; - apiCB * cc_ctx = 0; - struct _infoNC ** pNCi = NULL; - int i; - khm_int32 t; - wchar_t * ms = NULL; - khm_size cb; - krb5_timestamp expiration = 0; - krb5_timestamp best_match_expiration = 0; - char best_match_ccname[256] = ""; - khm_handle csp_params = NULL; - khm_handle csp_plugins = NULL; - - if (!buffer || !pcbbuf) - return KHM_ERROR_GENERAL; - - ctx = *pctx; - - if (!pcc_initialize || - !pcc_get_NC_info || - !pcc_free_NC_info || - !pcc_shutdown) - goto _skip_cc_iter; - - code = pcc_initialize(&cc_ctx, CC_API_VER_2, NULL, NULL); - if (code) - goto _exit; - - code = pcc_get_NC_info(cc_ctx, &pNCi); - - if (code) - goto _exit; - - for(i=0; pNCi[i]; i++) { - if (pNCi[i]->vers != CC_CRED_V5) - continue; - - code = (*pkrb5_cc_resolve)(ctx, pNCi[i]->name, &cache); - if (code) - continue; - - /* need a function to check the cache for the identity - * and determine if it has valid tickets. If it has - * the right identity and valid tickets, store the - * expiration time and the cache name. If it has the - * right identity but no valid tickets, store the ccache - * name and an expiration time of zero. if it does not - * have the right identity don't save the name. - * - * Keep searching to find the best cache available. - */ - - if (KHM_SUCCEEDED(khm_get_identity_expiration_time(ctx, cache, - ident, - &expiration))) { - if ( expiration > best_match_expiration ) { - best_match_expiration = expiration; - StringCbCopyA(best_match_ccname, - sizeof(best_match_ccname), - "API:"); - StringCbCatA(best_match_ccname, - sizeof(best_match_ccname), - pNCi[i]->name); - expiration = 0; - } - } - - if(ctx != NULL && cache != NULL) - (*pkrb5_cc_close)(ctx, cache); - cache = 0; - } - - _skip_cc_iter: - - if (KHM_SUCCEEDED(kmm_get_plugins_config(0, &csp_plugins))) { - khc_open_space(csp_plugins, L"Krb5Cred\\Parameters", 0, &csp_params); - khc_close_space(csp_plugins); - csp_plugins = NULL; - } - -#ifdef DEBUG - if (csp_params == NULL) { - assert(FALSE); - } -#endif - - if (csp_params && - KHM_SUCCEEDED(khc_read_int32(csp_params, L"MsLsaList", &t)) && t) { - code = (*pkrb5_cc_resolve)(ctx, "MSLSA:", &cache); - if (code == 0 && cache) { - if (KHM_SUCCEEDED(khm_get_identity_expiration_time(ctx, cache, - ident, - &expiration))) { - if ( expiration > best_match_expiration ) { - best_match_expiration = expiration; - StringCbCopyA(best_match_ccname, sizeof(best_match_ccname), - "MSLSA:"); - expiration = 0; - } - } - } - - if (ctx != NULL && cache != NULL) - (*pkrb5_cc_close)(ctx, cache); - - cache = 0; - } - - if (csp_params && - khc_read_multi_string(csp_params, L"FileCCList", NULL, &cb) - == KHM_ERROR_TOO_LONG && - cb > sizeof(wchar_t) * 2) { - - wchar_t * t; - char ccname[MAX_PATH + 6]; - - ms = PMALLOC(cb); - -#ifdef DEBUG - assert(ms); -#endif - - khc_read_multi_string(csp_params, L"FileCCList", ms, &cb); - for(t = ms; t && *t; t = multi_string_next(t)) { - StringCchPrintfA(ccname, ARRAYLENGTH(ccname), - "FILE:%S", t); - - code = (*pkrb5_cc_resolve)(ctx, ccname, &cache); - if (code) - continue; - - if (KHM_SUCCEEDED(khm_get_identity_expiration_time(ctx, cache, - ident, - &expiration))) { - if ( expiration > best_match_expiration ) { - best_match_expiration = expiration; - StringCbCopyA(best_match_ccname, - sizeof(best_match_ccname), - ccname); - expiration = 0; - } - } - - if (ctx != NULL && cache != NULL) - (*pkrb5_cc_close)(ctx, cache); - cache = 0; - } - - PFREE(ms); - } - _exit: - if (csp_params) - khc_close_space(csp_params); - - if (pNCi) - (*pcc_free_NC_info)(cc_ctx, &pNCi); - - if (cc_ctx) - (*pcc_shutdown)(&cc_ctx); - - if (best_match_ccname[0]) { - - if (*pcbbuf = AnsiStrToUnicode((wchar_t *)buffer, - *pcbbuf, - best_match_ccname)) { - - *pcbbuf = (*pcbbuf + 1) * sizeof(wchar_t); - - return KHM_ERROR_SUCCESS; - } - - } - - return KHM_ERROR_GENERAL; -} diff --git a/src/windows/identity/plugins/common/krb5common.h b/src/windows/identity/plugins/common/krb5common.h deleted file mode 100644 index b01e0d5ce..000000000 --- a/src/windows/identity/plugins/common/krb5common.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 2005 Massachusetts Institute of Technology - * - * Permission is hereby granted, free of charge, to any person - * obtaining a copy of this software and associated documentation - * files (the "Software"), to deal in the Software without - * restriction, including without limitation the rights to use, copy, - * modify, merge, publish, distribute, sublicense, and/or sell copies - * of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be - * included in all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS - * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN - * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - */ - -/* $Id$ */ - -/* Adapted from multiple Leash header files */ - -#ifndef __KHIMAIRA_KRB5COMMON_H -#define __KHIMAIRA_KRB5COMMON_H - -#include<krb5.h> - -#ifndef NO_KRB5 -int khm_krb5_error(krb5_error_code rc, LPCSTR FailedFunctionName, - int FreeContextFlag, krb5_context *ctx, - krb5_ccache *cache); - -int -khm_krb5_get_error_string(krb5_error_code rc, - wchar_t * buffer, - khm_size cb_buffer); - -int khm_krb5_initialize(khm_handle ident, krb5_context *, krb5_ccache *); - -khm_int32 KHMAPI -khm_krb5_find_ccache_for_identity(khm_handle ident, krb5_context *pctx, - void * buffer, khm_size * pcbbuf); - -khm_int32 KHMAPI -khm_get_identity_expiration_time(krb5_context ctx, krb5_ccache cc, - khm_handle ident, - krb5_timestamp * pexpiration); -#endif /* NO_KRB5 */ - -#endif |