2009-01-29 15:32:27 -05:00
|
|
|
/***************************************************************************
|
|
|
|
* _ _ ____ _
|
|
|
|
* Project ___| | | | _ \| |
|
|
|
|
* / __| | | | |_) | |
|
|
|
|
* | (__| |_| | _ <| |___
|
|
|
|
* \___|\___/|_| \_\_____|
|
|
|
|
*
|
2012-06-10 07:07:45 -04:00
|
|
|
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
2009-01-29 15:32:27 -05:00
|
|
|
*
|
|
|
|
* This software is licensed as described in the file COPYING, which
|
|
|
|
* you should have received as part of this distribution. The terms
|
|
|
|
* are also available at http://curl.haxx.se/docs/copyright.html.
|
|
|
|
*
|
|
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
|
|
*
|
|
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
|
|
* KIND, either express or implied.
|
|
|
|
*
|
|
|
|
***************************************************************************/
|
|
|
|
|
|
|
|
#include "setup.h"
|
|
|
|
|
|
|
|
#ifdef USE_WINDOWS_SSPI
|
|
|
|
|
|
|
|
#include <curl/curl.h>
|
|
|
|
|
|
|
|
#include "curl_sspi.h"
|
|
|
|
|
|
|
|
#define _MPRINTF_REPLACE /* use our functions only */
|
|
|
|
#include <curl/mprintf.h>
|
|
|
|
|
2009-04-21 07:46:16 -04:00
|
|
|
#include "curl_memory.h"
|
2009-01-29 15:32:27 -05:00
|
|
|
/* The last #include file should be: */
|
|
|
|
#include "memdebug.h"
|
|
|
|
|
2010-09-01 18:38:16 -04:00
|
|
|
/* We use our own typedef here since some headers might lack these */
|
|
|
|
typedef PSecurityFunctionTableA (APIENTRY *INITSECURITYINTERFACE_FN_A)(VOID);
|
|
|
|
|
2009-01-29 15:32:27 -05:00
|
|
|
/* Handle of security.dll or secur32.dll, depending on Windows version */
|
|
|
|
HMODULE s_hSecDll = NULL;
|
|
|
|
|
|
|
|
/* Pointer to SSPI dispatch table */
|
|
|
|
PSecurityFunctionTableA s_pSecFn = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Curl_sspi_global_init()
|
|
|
|
*
|
|
|
|
* This is used to load the Security Service Provider Interface (SSPI)
|
|
|
|
* dynamic link library portably across all Windows versions, without
|
|
|
|
* the need to directly link libcurl, nor the application using it, at
|
|
|
|
* build time.
|
|
|
|
*
|
2009-01-29 20:54:22 -05:00
|
|
|
* Once this function has been executed, Windows SSPI functions can be
|
2009-01-29 15:32:27 -05:00
|
|
|
* called through the Security Service Provider Interface dispatch table.
|
|
|
|
*/
|
2012-06-10 07:30:02 -04:00
|
|
|
CURLcode Curl_sspi_global_init(void)
|
2009-01-29 15:32:27 -05:00
|
|
|
{
|
|
|
|
OSVERSIONINFO osver;
|
2010-09-01 18:38:16 -04:00
|
|
|
INITSECURITYINTERFACE_FN_A pInitSecurityInterface;
|
2009-01-29 15:32:27 -05:00
|
|
|
|
|
|
|
/* If security interface is not yet initialized try to do this */
|
2012-06-10 07:30:02 -04:00
|
|
|
if(!s_hSecDll) {
|
2012-04-23 10:27:47 -04:00
|
|
|
|
2009-01-29 15:32:27 -05:00
|
|
|
/* Find out Windows version */
|
|
|
|
memset(&osver, 0, sizeof(osver));
|
|
|
|
osver.dwOSVersionInfoSize = sizeof(osver);
|
2012-06-10 07:30:02 -04:00
|
|
|
if(!GetVersionEx(&osver))
|
2009-01-29 15:32:27 -05:00
|
|
|
return CURLE_FAILED_INIT;
|
|
|
|
|
|
|
|
/* Security Service Provider Interface (SSPI) functions are located in
|
|
|
|
* security.dll on WinNT 4.0 and in secur32.dll on Win9x. Win2K and XP
|
|
|
|
* have both these DLLs (security.dll forwards calls to secur32.dll) */
|
|
|
|
|
|
|
|
/* Load SSPI dll into the address space of the calling process */
|
|
|
|
if(osver.dwPlatformId == VER_PLATFORM_WIN32_NT
|
|
|
|
&& osver.dwMajorVersion == 4)
|
|
|
|
s_hSecDll = LoadLibrary("security.dll");
|
|
|
|
else
|
|
|
|
s_hSecDll = LoadLibrary("secur32.dll");
|
2012-06-10 07:30:02 -04:00
|
|
|
if(!s_hSecDll)
|
2009-01-29 15:32:27 -05:00
|
|
|
return CURLE_FAILED_INIT;
|
|
|
|
|
|
|
|
/* Get address of the InitSecurityInterfaceA function from the SSPI dll */
|
2010-09-01 18:38:16 -04:00
|
|
|
pInitSecurityInterface = (INITSECURITYINTERFACE_FN_A)
|
2009-01-29 15:32:27 -05:00
|
|
|
GetProcAddress(s_hSecDll, "InitSecurityInterfaceA");
|
2012-06-10 07:30:02 -04:00
|
|
|
if(!pInitSecurityInterface)
|
2009-01-29 15:32:27 -05:00
|
|
|
return CURLE_FAILED_INIT;
|
|
|
|
|
|
|
|
/* Get pointer to Security Service Provider Interface dispatch table */
|
|
|
|
s_pSecFn = pInitSecurityInterface();
|
2012-06-10 07:30:02 -04:00
|
|
|
if(!s_pSecFn)
|
2009-01-29 15:32:27 -05:00
|
|
|
return CURLE_FAILED_INIT;
|
2012-04-23 10:27:47 -04:00
|
|
|
}
|
2012-06-10 07:30:02 -04:00
|
|
|
|
2009-01-29 15:32:27 -05:00
|
|
|
return CURLE_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Curl_sspi_global_cleanup()
|
|
|
|
*
|
|
|
|
* This deinitializes the Security Service Provider Interface from libcurl.
|
|
|
|
*/
|
|
|
|
|
2012-06-10 07:30:02 -04:00
|
|
|
void Curl_sspi_global_cleanup(void)
|
2009-01-29 15:32:27 -05:00
|
|
|
{
|
|
|
|
if(s_hSecDll) {
|
|
|
|
FreeLibrary(s_hSecDll);
|
|
|
|
s_hSecDll = NULL;
|
|
|
|
s_pSecFn = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-04-14 09:00:33 -04:00
|
|
|
/*
|
|
|
|
* Curl_sspi_version()
|
|
|
|
*
|
2012-06-10 07:07:45 -04:00
|
|
|
* This function returns the SSPI library version information.
|
2012-04-14 09:00:33 -04:00
|
|
|
*/
|
2012-06-10 07:07:45 -04:00
|
|
|
CURLcode Curl_sspi_version(int *major, int *minor, int *build, int *special)
|
2012-04-14 09:00:33 -04:00
|
|
|
{
|
2012-06-10 07:07:45 -04:00
|
|
|
CURLcode result = CURLE_OK;
|
2012-04-14 09:00:33 -04:00
|
|
|
VS_FIXEDFILEINFO *version_info = NULL;
|
|
|
|
LPTSTR path = NULL;
|
|
|
|
LPVOID data = NULL;
|
|
|
|
DWORD size, handle;
|
|
|
|
|
2012-06-10 07:07:45 -04:00
|
|
|
if(!s_hSecDll)
|
|
|
|
return CURLE_FAILED_INIT;
|
|
|
|
|
|
|
|
path = (char *) malloc(MAX_PATH);
|
|
|
|
if(!path)
|
|
|
|
return CURLE_OUT_OF_MEMORY;
|
|
|
|
|
|
|
|
if(GetModuleFileName(s_hSecDll, path, MAX_PATH)) {
|
|
|
|
size = GetFileVersionInfoSize(path, &handle);
|
|
|
|
if(size) {
|
|
|
|
data = malloc(size);
|
|
|
|
if(data) {
|
|
|
|
if(GetFileVersionInfo(path, handle, size, data)) {
|
|
|
|
if(!VerQueryValue(data, "\\", &version_info, &handle))
|
|
|
|
result = CURLE_OUT_OF_MEMORY;
|
2012-04-14 09:00:33 -04:00
|
|
|
}
|
2012-06-10 07:07:45 -04:00
|
|
|
else
|
|
|
|
result = CURLE_OUT_OF_MEMORY;
|
2012-04-14 09:00:33 -04:00
|
|
|
}
|
2012-06-10 07:07:45 -04:00
|
|
|
else
|
|
|
|
result = CURLE_OUT_OF_MEMORY;
|
2012-04-14 09:00:33 -04:00
|
|
|
}
|
2012-06-10 07:07:45 -04:00
|
|
|
else
|
|
|
|
result = CURLE_OUT_OF_MEMORY;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
result = CURLE_OUT_OF_MEMORY;
|
|
|
|
|
|
|
|
/* Set the out parameters */
|
|
|
|
if(!result) {
|
|
|
|
if(major)
|
|
|
|
*major = (version_info->dwProductVersionMS >> 16) & 0xffff;
|
|
|
|
|
|
|
|
if(minor)
|
|
|
|
*minor = (version_info->dwProductVersionMS >> 0) & 0xffff;
|
|
|
|
|
|
|
|
if(build)
|
|
|
|
*build = (version_info->dwProductVersionLS >> 16) & 0xffff;
|
|
|
|
|
|
|
|
if(special)
|
|
|
|
*special = (version_info->dwProductVersionLS >> 0) & 0xffff;
|
2012-04-14 09:00:33 -04:00
|
|
|
}
|
|
|
|
|
2012-06-10 07:07:45 -04:00
|
|
|
Curl_safefree(data);
|
|
|
|
Curl_safefree(path);
|
2012-04-14 09:00:33 -04:00
|
|
|
|
2012-06-10 07:07:45 -04:00
|
|
|
return result;
|
2012-04-14 09:00:33 -04:00
|
|
|
}
|
|
|
|
|
2012-04-11 11:25:26 -04:00
|
|
|
/*
|
|
|
|
* Curl_sspi_status(SECURIY_STATUS status)
|
|
|
|
*
|
|
|
|
* This function returns a string representing an SSPI status.
|
|
|
|
* It will in any case return a usable string pointer which needs to be freed.
|
|
|
|
*/
|
2012-06-10 07:30:02 -04:00
|
|
|
char* Curl_sspi_status(SECURITY_STATUS status)
|
2012-04-11 11:25:26 -04:00
|
|
|
{
|
|
|
|
const char* status_const;
|
|
|
|
|
|
|
|
switch(status) {
|
|
|
|
case SEC_I_COMPLETE_AND_CONTINUE:
|
|
|
|
status_const = "SEC_I_COMPLETE_AND_CONTINUE";
|
|
|
|
break;
|
|
|
|
case SEC_I_COMPLETE_NEEDED:
|
|
|
|
status_const = "SEC_I_COMPLETE_NEEDED";
|
|
|
|
break;
|
|
|
|
case SEC_I_CONTINUE_NEEDED:
|
|
|
|
status_const = "SEC_I_CONTINUE_NEEDED";
|
|
|
|
break;
|
|
|
|
case SEC_I_CONTEXT_EXPIRED:
|
|
|
|
status_const = "SEC_I_CONTEXT_EXPIRED";
|
|
|
|
break;
|
|
|
|
case SEC_I_INCOMPLETE_CREDENTIALS:
|
|
|
|
status_const = "SEC_I_INCOMPLETE_CREDENTIALS";
|
|
|
|
break;
|
|
|
|
case SEC_I_RENEGOTIATE:
|
|
|
|
status_const = "SEC_I_RENEGOTIATE";
|
|
|
|
break;
|
|
|
|
case SEC_E_BUFFER_TOO_SMALL:
|
|
|
|
status_const = "SEC_E_BUFFER_TOO_SMALL";
|
|
|
|
break;
|
|
|
|
case SEC_E_CONTEXT_EXPIRED:
|
|
|
|
status_const = "SEC_E_CONTEXT_EXPIRED";
|
|
|
|
break;
|
|
|
|
case SEC_E_CRYPTO_SYSTEM_INVALID:
|
|
|
|
status_const = "SEC_E_CRYPTO_SYSTEM_INVALID";
|
|
|
|
break;
|
|
|
|
case SEC_E_INCOMPLETE_MESSAGE:
|
|
|
|
status_const = "SEC_E_INCOMPLETE_MESSAGE";
|
|
|
|
break;
|
|
|
|
case SEC_E_INSUFFICIENT_MEMORY:
|
|
|
|
status_const = "SEC_E_INSUFFICIENT_MEMORY";
|
|
|
|
break;
|
|
|
|
case SEC_E_INTERNAL_ERROR:
|
|
|
|
status_const = "SEC_E_INTERNAL_ERROR";
|
|
|
|
break;
|
|
|
|
case SEC_E_INVALID_HANDLE:
|
|
|
|
status_const = "SEC_E_INVALID_HANDLE";
|
|
|
|
break;
|
|
|
|
case SEC_E_INVALID_TOKEN:
|
|
|
|
status_const = "SEC_E_INVALID_TOKEN";
|
|
|
|
break;
|
|
|
|
case SEC_E_LOGON_DENIED:
|
|
|
|
status_const = "SEC_E_LOGON_DENIED";
|
|
|
|
break;
|
|
|
|
case SEC_E_MESSAGE_ALTERED:
|
|
|
|
status_const = "SEC_E_MESSAGE_ALTERED";
|
|
|
|
break;
|
|
|
|
case SEC_E_NO_AUTHENTICATING_AUTHORITY:
|
|
|
|
status_const = "SEC_E_NO_AUTHENTICATING_AUTHORITY";
|
|
|
|
break;
|
|
|
|
case SEC_E_NO_CREDENTIALS:
|
|
|
|
status_const = "SEC_E_NO_CREDENTIALS";
|
|
|
|
break;
|
|
|
|
case SEC_E_NOT_OWNER:
|
|
|
|
status_const = "SEC_E_NOT_OWNER";
|
|
|
|
break;
|
|
|
|
case SEC_E_OK:
|
|
|
|
status_const = "SEC_E_OK";
|
|
|
|
break;
|
|
|
|
case SEC_E_OUT_OF_SEQUENCE:
|
|
|
|
status_const = "SEC_E_OUT_OF_SEQUENCE";
|
|
|
|
break;
|
|
|
|
case SEC_E_QOP_NOT_SUPPORTED:
|
|
|
|
status_const = "SEC_E_QOP_NOT_SUPPORTED";
|
|
|
|
break;
|
|
|
|
case SEC_E_SECPKG_NOT_FOUND:
|
|
|
|
status_const = "SEC_E_SECPKG_NOT_FOUND";
|
|
|
|
break;
|
|
|
|
case SEC_E_TARGET_UNKNOWN:
|
|
|
|
status_const = "SEC_E_TARGET_UNKNOWN";
|
|
|
|
break;
|
|
|
|
case SEC_E_UNKNOWN_CREDENTIALS:
|
|
|
|
status_const = "SEC_E_UNKNOWN_CREDENTIALS";
|
|
|
|
break;
|
|
|
|
case SEC_E_UNSUPPORTED_FUNCTION:
|
|
|
|
status_const = "SEC_E_UNSUPPORTED_FUNCTION";
|
|
|
|
break;
|
|
|
|
case SEC_E_WRONG_PRINCIPAL:
|
|
|
|
status_const = "SEC_E_WRONG_PRINCIPAL";
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
status_const = "Unknown error";
|
|
|
|
}
|
|
|
|
|
2012-06-10 07:30:02 -04:00
|
|
|
return aprintf("%s (0x%04X%04X)", status_const, (status >> 16) & 0xffff,
|
|
|
|
status & 0xffff);
|
2012-04-11 11:25:26 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Curl_sspi_status_msg(SECURITY_STATUS status)
|
|
|
|
*
|
|
|
|
* This function returns a message representing an SSPI status.
|
|
|
|
* It will in any case return a usable string pointer which needs to be freed.
|
|
|
|
*/
|
2012-06-10 07:30:02 -04:00
|
|
|
char* Curl_sspi_status_msg(SECURITY_STATUS status)
|
2012-04-11 11:25:26 -04:00
|
|
|
{
|
|
|
|
LPSTR format_msg = NULL;
|
|
|
|
char *status_msg = NULL, *status_const = NULL;
|
|
|
|
int status_len = 0;
|
|
|
|
|
|
|
|
status_len = FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER |
|
|
|
|
FORMAT_MESSAGE_FROM_SYSTEM |
|
|
|
|
FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
|
|
NULL, status, 0, (LPTSTR)&format_msg, 0, NULL);
|
|
|
|
|
|
|
|
if(status_len > 0 && format_msg) {
|
|
|
|
status_msg = strdup(format_msg);
|
|
|
|
LocalFree(format_msg);
|
|
|
|
|
2012-06-10 07:30:02 -04:00
|
|
|
/* Remove trailing CR+LF */
|
2012-04-11 11:25:26 -04:00
|
|
|
if(status_len > 0) {
|
|
|
|
if(status_msg[status_len-1] == '\n') {
|
|
|
|
status_msg[status_len-1] = '\0';
|
|
|
|
if(status_len > 1) {
|
|
|
|
if(status_msg[status_len-2] == '\r') {
|
|
|
|
status_msg[status_len-2] = '\0';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
status_const = Curl_sspi_status(status);
|
|
|
|
if(status_msg) {
|
2012-06-10 07:30:02 -04:00
|
|
|
status_msg = aprintf("%s [%s]", status_msg, status_const);
|
2012-04-11 11:25:26 -04:00
|
|
|
free(status_const);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
status_msg = status_const;
|
|
|
|
}
|
|
|
|
|
|
|
|
return status_msg;
|
|
|
|
}
|
|
|
|
|
2009-01-29 15:32:27 -05:00
|
|
|
#endif /* USE_WINDOWS_SSPI */
|