Kai Blin : secur32: Pretend the NTLM provider also does Negotiate.
Alexandre Julliard
julliard at winehq.org
Wed Dec 30 10:18:13 CST 2009
Module: wine
Branch: master
Commit: 9a81b032c41c694e6e902afcb51d0f7c8a8b1096
URL: http://source.winehq.org/git/wine.git/?a=commit;h=9a81b032c41c694e6e902afcb51d0f7c8a8b1096
Author: Kai Blin <kai.blin at gmail.com>
Date: Tue Dec 29 16:36:18 2009 +0100
secur32: Pretend the NTLM provider also does Negotiate.
We had to enable the Negotiate provider a while back so programs that expected
that provider to be present would be happy. This broke programs that expect a
Negotiate provider to actually do something if it is present. This fix works
around that new issue by thunking all calls to Negotiate to NTLM.
---
dlls/secur32/negotiate.c | 15 ++++++++++++-
dlls/secur32/ntlm.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 62 insertions(+), 2 deletions(-)
diff --git a/dlls/secur32/negotiate.c b/dlls/secur32/negotiate.c
index 8c36bc1..2b3ce0c 100644
--- a/dlls/secur32/negotiate.c
+++ b/dlls/secur32/negotiate.c
@@ -28,8 +28,11 @@
WINE_DEFAULT_DEBUG_CHANNEL(secur32);
+/* Disable for now, see longer comment for SECUR32_initNegotiateSP below */
+#if 0
static char nego_name_A[] = "Negotiate";
static WCHAR nego_name_W[] = {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0};
+#endif
static SECURITY_STATUS nego_QueryCredentialsAttributes(PCredHandle phCredential,
ULONG ulAttribute, PVOID pBuffer)
@@ -429,16 +432,23 @@ static const SecurityFunctionTableW negoTableW = {
NULL, /* SetContextAttributesW */
};
+/* Disable for now, see comment below.*/
+#if 0
static WCHAR negotiate_comment_W[] = { 'M', 'i', 'c', 'r', 'o', 's', 'o',
'f', 't', ' ', 'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', 'N', 'e', 'g', 'o',
't', 'i', 'a', 't', 'o', 'r', 0};
static CHAR negotiate_comment_A[] = "Microsoft Package Negotiator";
-
+#endif
void SECUR32_initNegotiateSP(void)
{
+/* Disable until we really implement a Negotiate provider.
+ * For now, the NTLM provider will pretend to be the Negotiate provider as well.
+ * Windows seems to be able to deal with it, and it makes several programs
+ * happy. */
+#if 0
SecureProvider *provider = SECUR32_addProvider(&negoTableA, &negoTableW,
NULL);
/* According to Windows, Negotiate has the following capabilities.
@@ -462,5 +472,6 @@ void SECUR32_initNegotiateSP(void)
const SecPkgInfoA infoA = { caps, version, rpcid, max_token, nego_name_A,
negotiate_comment_A};
- SECUR32_addPackages(provider, 1L, &infoA, &infoW);
+ SECUR32_addPackages(provider, 1L, &infoA, &infoW);
+#endif
}
diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index 74fb2db..3313fe4 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -1967,6 +1967,51 @@ static const SecPkgInfoA infoA = {
ntlm_comment_A
};
+#define NEGO_COMMENT { 'M', 'i', 'c', 'r', 'o', 's', 'o', 'f', 't', ' ', \
+ 'P', 'a', 'c', 'k', 'a', 'g', 'e', ' ', \
+ 'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'o', 'r', 0};
+
+static CHAR nego_comment_A[] = NEGO_COMMENT;
+static WCHAR nego_comment_W[] = NEGO_COMMENT;
+
+#define NEGO_NAME {'N', 'e', 'g', 'o', 't', 'i', 'a', 't', 'e', 0}
+
+static CHAR nego_name_A[] = NEGO_NAME;
+static WCHAR nego_name_W[] = NEGO_NAME;
+
+#define NEGO_CAPS (\
+ SECPKG_FLAG_INTEGRITY | \
+ SECPKG_FLAG_PRIVACY | \
+ SECPKG_FLAG_CONNECTION | \
+ SECPKG_FLAG_MULTI_REQUIRED | \
+ SECPKG_FLAG_EXTENDED_ERROR | \
+ SECPKG_FLAG_IMPERSONATION | \
+ SECPKG_FLAG_ACCEPT_WIN32_NAME | \
+ SECPKG_FLAG_READONLY_WITH_CHECKSUM )
+
+/* Not used for now, just kept here for completeness sake. We need to use the
+ * NTLM_MAX_BUF value. If the hack works, we might want to refactor the code a
+ * bit. */
+#define NEGO_MAX_TOKEN 12000
+
+static const SecPkgInfoW nego_infoW = {
+ NEGO_CAPS,
+ 1,
+ RPC_C_AUTHN_GSS_NEGOTIATE,
+ NTLM_MAX_BUF,
+ nego_name_W,
+ nego_comment_W
+};
+
+static const SecPkgInfoA nego_infoA = {
+ NEGO_CAPS,
+ 1,
+ RPC_C_AUTHN_GSS_NEGOTIATE,
+ NTLM_MAX_BUF,
+ nego_name_A,
+ nego_comment_A
+};
+
void SECUR32_initNTLMSP(void)
{
PNegoHelper helper;
@@ -1995,7 +2040,11 @@ void SECUR32_initNTLMSP(void)
helper->micro >= MIN_NTLM_AUTH_MICRO_VERSION) )
{
SecureProvider *provider = SECUR32_addProvider(&ntlmTableA, &ntlmTableW, NULL);
+ SecureProvider *nego_provider = SECUR32_addProvider(&ntlmTableA, &ntlmTableW, NULL);
+
SECUR32_addPackages(provider, 1L, &infoA, &infoW);
+ /* HACK: Also pretend this is the Negotiate provider */
+ SECUR32_addPackages(nego_provider, 1L, &nego_infoA, &nego_infoW);
}
else
{
More information about the wine-cvs
mailing list