Kai Blin : secur32: Pretend the NTLM provider also does Negotiate.

Wed Dec 30 10:18:13 CST 2009

Module: wine
Branch: master
Commit: 9a81b032c41c694e6e902afcb51d0f7c8a8b1096
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=9a81b032c41c694e6e902afcb51d0f7c8a8b1096

Author: Kai Blin <kai.blin at gmail.com>
Date:   Tue Dec 29 16:36:18 2009 +0100

secur32: Pretend the NTLM provider also does Negotiate.

We had to enable the Negotiate provider a while back so programs that expected 
that provider to be present would be happy. This broke programs that expect a 
Negotiate provider to actually do something if it is present. This fix works 
around that new issue by thunking all calls to Negotiate to NTLM.

---

 dlls/secur32/negotiate.c |   15 ++++++++++++-
 dlls/secur32/ntlm.c      |   49 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+), 2 deletions(-)

diff --git a/dlls/secur32/negotiate.c b/dlls/secur32/negotiate.c
index 8c36bc1..2b3ce0c 100644
--- a/dlls/secur32/negotiate.c
+++ b/dlls/secur32/negotiate.c
@@ -28,8 +28,11 @@
 
 WINE_DEFAULT_DEBUG_CHANNEL(secur32);
 
+/* Disable for now, see longer comment for SECUR32_initNegotiateSP below */
+#if 0
 static char nego_name_A[] = "Negotiate";
 static WCHAR nego_name_W[] = {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0};
+#endif
 
 static SECURITY_STATUS nego_QueryCredentialsAttributes(PCredHandle phCredential,
         ULONG ulAttribute, PVOID pBuffer)
@@ -429,16 +432,23 @@ static const SecurityFunctionTableW negoTableW = {
     NULL,   /* SetContextAttributesW */
 };
 
+/* Disable for now, see comment below.*/
+#if 0
 static WCHAR negotiate_comment_W[] = { 'M', 'i', 'c', 'r', 'o', 's', 'o',
     'f', 't', ' ', 'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', 'N', 'e', 'g', 'o',
     't', 'i', 'a', 't', 'o', 'r', 0};
 
 static CHAR negotiate_comment_A[] = "Microsoft Package Negotiator";
-
+#endif
 
 
 void SECUR32_initNegotiateSP(void)
 {
+/* Disable until we really implement a Negotiate provider.
+ * For now, the NTLM provider will pretend to be the Negotiate provider as well.
+ * Windows seems to be able to deal with it, and it makes several programs
+ * happy. */
+#if 0
     SecureProvider *provider = SECUR32_addProvider(&negoTableA, &negoTableW,
             NULL);
     /* According to Windows, Negotiate has the following capabilities. 
@@ -462,5 +472,6 @@ void SECUR32_initNegotiateSP(void)
     const SecPkgInfoA infoA = { caps, version, rpcid, max_token, nego_name_A,
         negotiate_comment_A};
 
-    SECUR32_addPackages(provider, 1L, &infoA, &infoW);        
+    SECUR32_addPackages(provider, 1L, &infoA, &infoW);
+#endif
 }
diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index 74fb2db..3313fe4 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -1967,6 +1967,51 @@ static const SecPkgInfoA infoA = {
     ntlm_comment_A
 };
 
+#define NEGO_COMMENT { 'M', 'i', 'c', 'r', 'o', 's', 'o', 'f', 't', ' ', \
+    'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', \
+    'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'o', 'r', 0};
+
+static CHAR nego_comment_A[] = NEGO_COMMENT;
+static WCHAR nego_comment_W[] = NEGO_COMMENT;
+
+#define NEGO_NAME {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0}
+
+static CHAR nego_name_A[] = NEGO_NAME;
+static WCHAR nego_name_W[] = NEGO_NAME;
+
+#define NEGO_CAPS (\
+    SECPKG_FLAG_INTEGRITY | \
+    SECPKG_FLAG_PRIVACY | \
+    SECPKG_FLAG_CONNECTION | \
+    SECPKG_FLAG_MULTI_REQUIRED | \
+    SECPKG_FLAG_EXTENDED_ERROR | \
+    SECPKG_FLAG_IMPERSONATION | \
+    SECPKG_FLAG_ACCEPT_WIN32_NAME | \
+    SECPKG_FLAG_READONLY_WITH_CHECKSUM )
+
+/* Not used for now, just kept here for completeness sake. We need to use the
+ * NTLM_MAX_BUF value. If the hack works, we might want to refactor the code a
+ * bit. */
+#define NEGO_MAX_TOKEN 12000
+
+static const SecPkgInfoW nego_infoW = {
+    NEGO_CAPS,
+    1,
+    RPC_C_AUTHN_GSS_NEGOTIATE,
+    NTLM_MAX_BUF,
+    nego_name_W,
+    nego_comment_W
+};
+
+static const SecPkgInfoA nego_infoA = {
+    NEGO_CAPS,
+    1,
+    RPC_C_AUTHN_GSS_NEGOTIATE,
+    NTLM_MAX_BUF,
+    nego_name_A,
+    nego_comment_A
+};
+
 void SECUR32_initNTLMSP(void)
 {
     PNegoHelper helper;
@@ -1995,7 +2040,11 @@ void SECUR32_initNTLMSP(void)
          helper->micro >= MIN_NTLM_AUTH_MICRO_VERSION) )
     {
         SecureProvider *provider = SECUR32_addProvider(&ntlmTableA, &ntlmTableW, NULL);
+        SecureProvider *nego_provider = SECUR32_addProvider(&ntlmTableA, &ntlmTableW, NULL);
+
         SECUR32_addPackages(provider, 1L, &infoA, &infoW);
+        /* HACK: Also pretend this is the Negotiate provider */
+        SECUR32_addPackages(nego_provider, 1L, &nego_infoA, &nego_infoW);
     }
     else
     {


