From e6d2a1d82d71f93ed0377ebf030419afae91f9e4 Mon Sep 17 00:00:00 2001 From: George Hazan Date: Fri, 13 Jan 2017 23:17:27 +0300 Subject: woah, now really no netlib services anymore --- src/mir_app/src/mir_app.def | 3 ++ src/mir_app/src/mir_app64.def | 3 ++ src/mir_app/src/netlib.cpp | 1 - src/mir_app/src/netlib.h | 4 -- src/mir_app/src/netlibhttp.cpp | 4 +- src/mir_app/src/netlibsecurity.cpp | 102 ++++++++----------------------------- 6 files changed, 28 insertions(+), 89 deletions(-) (limited to 'src/mir_app') diff --git a/src/mir_app/src/mir_app.def b/src/mir_app/src/mir_app.def index 6a1827cab6..cf2ce8a022 100644 --- a/src/mir_app/src/mir_app.def +++ b/src/mir_app/src/mir_app.def @@ -377,3 +377,6 @@ Netlib_StartSsl @377 Netlib_GetConnectionInfo @378 Netlib_GetMyIp @379 Netlib_SetHttpProxyInfo @380 +Netlib_DestroySecurityProvider @381 +Netlib_InitSecurityProvider @382 +Netlib_NtlmCreateResponse @383 diff --git a/src/mir_app/src/mir_app64.def b/src/mir_app/src/mir_app64.def index 5d65d1173e..ba931ff6bc 100644 --- a/src/mir_app/src/mir_app64.def +++ b/src/mir_app/src/mir_app64.def @@ -377,3 +377,6 @@ Netlib_StartSsl @377 Netlib_GetConnectionInfo @378 Netlib_GetMyIp @379 Netlib_SetHttpProxyInfo @380 +Netlib_DestroySecurityProvider @381 +Netlib_InitSecurityProvider @382 +Netlib_NtlmCreateResponse @383 diff --git a/src/mir_app/src/netlib.cpp b/src/mir_app/src/netlib.cpp index fcde4a4056..a0051c2dc5 100644 --- a/src/mir_app/src/netlib.cpp +++ b/src/mir_app/src/netlib.cpp @@ -465,7 +465,6 @@ int LoadNetlibModule(void) hSendEvent = CreateHookableEvent(ME_NETLIB_FASTSEND); NetlibUPnPInit(); - NetlibSecurityInit(); NetlibLoadIeProxy(); return 0; } diff --git a/src/mir_app/src/netlib.h b/src/mir_app/src/netlib.h index 7bb9d08c38..087b7d8cb5 100644 --- a/src/mir_app/src/netlib.h +++ b/src/mir_app/src/netlib.h @@ -255,9 +255,5 @@ void NetlibUPnPInit(void); void NetlibUPnPDestroy(void); // netlibsecurity.c -void NetlibSecurityInit(void); -void NetlibDestroySecurityProvider(HANDLE hSecurity); -HANDLE NetlibInitSecurityProvider(const wchar_t* szProvider, const wchar_t* szPrincipal); -HANDLE NetlibInitSecurityProvider(const char* szProvider, const char* szPrincipal); char* NtlmCreateResponseFromChallenge(HANDLE hSecurity, const char *szChallenge, const wchar_t* login, const wchar_t* psw, bool http, unsigned& complete); diff --git a/src/mir_app/src/netlibhttp.cpp b/src/mir_app/src/netlibhttp.cpp index d9f33aa3c0..5209ca6468 100644 --- a/src/mir_app/src/netlibhttp.cpp +++ b/src/mir_app/src/netlibhttp.cpp @@ -215,7 +215,7 @@ struct HttpSecurityContext { if (!m_hNtlmSecurity) return; - NetlibDestroySecurityProvider(m_hNtlmSecurity); + Netlib_DestroySecurityProvider(m_hNtlmSecurity); m_hNtlmSecurity = NULL; mir_free(m_szHost); m_szHost = NULL; mir_free(m_szProvider); m_szProvider = NULL; @@ -248,7 +248,7 @@ struct HttpSecurityContext _strlwr(szSpnStr.GetBuffer() + 5); Netlib_Logf(nlu, "Host SPN: %s", szSpnStr); } - m_hNtlmSecurity = NetlibInitSecurityProvider(szProvider, szSpnStr.IsEmpty() ? NULL : szSpnStr.c_str()); + m_hNtlmSecurity = Netlib_InitSecurityProvider(_A2T(szProvider), szSpnStr.IsEmpty() ? NULL : _A2T(szSpnStr.c_str())); if (m_hNtlmSecurity) { m_szProvider = mir_strdup(szProvider); m_szHost = mir_strdup(szHost); diff --git a/src/mir_app/src/netlibsecurity.cpp b/src/mir_app/src/netlibsecurity.cpp index 2cc0ba9f73..ab882bfb90 100644 --- a/src/mir_app/src/netlibsecurity.cpp +++ b/src/mir_app/src/netlibsecurity.cpp @@ -73,7 +73,9 @@ static void ReportSecError(SECURITY_STATUS scRet, int line) Netlib_Logf(NULL, "Security error 0x%x on line %u (%s)", scRet, line, szMsgBuf); } -HANDLE NetlibInitSecurityProvider(const wchar_t* szProvider, const wchar_t* szPrincipal) +///////////////////////////////////////////////////////////////////////////////////////// + +MIR_APP_DLL(HANDLE) Netlib_InitSecurityProvider(const wchar_t *szProvider, const wchar_t *szPrincipal) { HANDLE hSecurity = NULL; @@ -109,12 +111,9 @@ HANDLE NetlibInitSecurityProvider(const wchar_t* szProvider, const wchar_t* szPr return hSecurity; } -HANDLE NetlibInitSecurityProvider(const char* szProvider, const char* szPrincipal) -{ - return NetlibInitSecurityProvider(_A2T(szProvider), _A2T(szPrincipal)); -} +///////////////////////////////////////////////////////////////////////////////////////// -void NetlibDestroySecurityProvider(HANDLE hSecurity) +MIR_APP_DLL(void) Netlib_DestroySecurityProvider(HANDLE hSecurity) { if (hSecurity == NULL) return; @@ -137,6 +136,8 @@ void NetlibDestroySecurityProvider(HANDLE hSecurity) } } +///////////////////////////////////////////////////////////////////////////////////////// + char* CompleteGssapi(HANDLE hSecurity, unsigned char *szChallenge, unsigned chlsz) { if (!szChallenge || !szChallenge[0]) return NULL; @@ -201,7 +202,9 @@ char* CompleteGssapi(HANDLE hSecurity, unsigned char *szChallenge, unsigned chls return mir_base64_encode(response, ressz); } -char* NtlmCreateResponseFromChallenge(HANDLE hSecurity, const char *szChallenge, const wchar_t* login, const wchar_t* psw, bool http, unsigned& complete) +///////////////////////////////////////////////////////////////////////////////////////// + +char* NtlmCreateResponseFromChallenge(HANDLE hSecurity, const char *szChallenge, const wchar_t *login, const wchar_t *psw, bool http, unsigned &complete) { if (hSecurity == NULL || ntlmCnt == 0) return NULL; @@ -212,7 +215,7 @@ char* NtlmCreateResponseFromChallenge(HANDLE hSecurity, const char *szChallenge, ULONG contextAttributes; char *szOutputToken; - NtlmHandleType* hNtlm = (NtlmHandleType*)hSecurity; + NtlmHandleType *hNtlm = (NtlmHandleType*)hSecurity; if (mir_wstrcmpi(hNtlm->szProvider, L"Basic")) { bool isGSSAPI = mir_wstrcmpi(hNtlm->szProvider, L"GSSAPI") == 0; wchar_t *szProvider = isGSSAPI ? (wchar_t*)L"Kerberos" : hNtlm->szProvider; @@ -304,9 +307,7 @@ char* NtlmCreateResponseFromChallenge(HANDLE hSecurity, const char *szChallenge, hNtlm->hasDomain = domainLen != 0; } - SECURITY_STATUS sc = AcquireCredentialsHandle(NULL, szProvider, - SECPKG_CRED_OUTBOUND, NULL, hNtlm->hasDomain ? &auth : NULL, NULL, NULL, - &hNtlm->hClientCredential, &tokenExpiration); + SECURITY_STATUS sc = AcquireCredentialsHandle(NULL, szProvider, SECPKG_CRED_OUTBOUND, NULL, hNtlm->hasDomain ? &auth : NULL, NULL, NULL, &hNtlm->hClientCredential, &tokenExpiration); if (sc != SEC_E_OK) { ReportSecError(sc, __LINE__); return NULL; @@ -339,20 +340,12 @@ char* NtlmCreateResponseFromChallenge(HANDLE hSecurity, const char *szChallenge, szOutputToken = mir_base64_encode((PBYTE)outputSecurityToken.pvBuffer, outputSecurityToken.cbBuffer); } else { - if (!login || !psw) return NULL; - - char *szLogin = mir_u2a(login); - char *szPassw = mir_u2a(psw); - - size_t authLen = mir_strlen(szLogin) + mir_strlen(szPassw) + 5; - char *szAuth = (char*)alloca(authLen); + if (!login || !psw) + return NULL; - int len = mir_snprintf(szAuth, authLen, "%s:%s", szLogin, szPassw); - szOutputToken = mir_base64_encode((BYTE*)szAuth, len); + CMStringA szAuth(FORMAT, "%S:%S", login, psw); + szOutputToken = mir_base64_encode((BYTE*)szAuth.c_str(), szAuth.GetLength()); complete = true; - - mir_free(szPassw); - mir_free(szLogin); } if (szOutputToken == NULL) @@ -361,67 +354,12 @@ char* NtlmCreateResponseFromChallenge(HANDLE hSecurity, const char *szChallenge, if (!http) return szOutputToken; - ptrA szProvider(mir_u2a(hNtlm->szProvider)); - size_t resLen = mir_strlen(szOutputToken) + mir_strlen(szProvider) + 10; - char *result = (char*)mir_alloc(resLen); - mir_snprintf(result, resLen, "%s %s", szProvider, szOutputToken); + CMStringA szResult(FORMAT, "%S %s", hNtlm->szProvider, szOutputToken); mir_free(szOutputToken); - return result; -} - -/////////////////////////////////////////////////////////////////////////////// - -static INT_PTR InitSecurityProviderService(WPARAM, LPARAM lParam) -{ - HANDLE hSecurity = NetlibInitSecurityProvider((char*)lParam, NULL); - return (INT_PTR)hSecurity; -} - -static INT_PTR InitSecurityProviderService2(WPARAM, LPARAM lParam) -{ - NETLIBNTLMINIT2 *req = (NETLIBNTLMINIT2*)lParam; - if (req == NULL || req->cbSize < sizeof(*req)) - return 0; - - if (req->flags & NNR_UNICODE) - return (INT_PTR)NetlibInitSecurityProvider(req->szProviderName, req->szPrincipal); - return (INT_PTR)NetlibInitSecurityProvider((char*)req->szProviderName, (char*)req->szPrincipal); -} - -static INT_PTR DestroySecurityProviderService(WPARAM, LPARAM lParam) -{ - NetlibDestroySecurityProvider((HANDLE)lParam); - return 0; -} - -static INT_PTR NtlmCreateResponseService(WPARAM wParam, LPARAM lParam) -{ - NETLIBNTLMREQUEST *req = (NETLIBNTLMREQUEST*)lParam; - if (req == NULL) - return 0; - - unsigned complete = 0; - char *response = NtlmCreateResponseFromChallenge((HANDLE)wParam, req->szChallenge, _A2T(req->userName), _A2T(req->password), false, complete); - return (INT_PTR)response; -} - -static INT_PTR NtlmCreateResponseService2(WPARAM wParam, LPARAM lParam) -{ - NETLIBNTLMREQUEST2 *req = (NETLIBNTLMREQUEST2*)lParam; - if (req == NULL || req->cbSize < sizeof(*req)) - return 0; - - if (req->flags & NNR_UNICODE) - return (INT_PTR)NtlmCreateResponseFromChallenge((HANDLE)wParam, req->szChallenge, req->szUserName, req->szPassword, false, req->complete); - - return (INT_PTR)NtlmCreateResponseFromChallenge((HANDLE)wParam, req->szChallenge, _A2T((char*)req->szUserName), _A2T((char*)req->szPassword), false, req->complete); + return szResult.Detach(); } -void NetlibSecurityInit(void) +MIR_APP_DLL(char*) Netlib_NtlmCreateResponse(HANDLE hProvider, char *szChallenge, wchar_t *pwszLogin, wchar_t *pwszPassword, unsigned &complete) { - CreateServiceFunction(MS_NETLIB_INITSECURITYPROVIDER, InitSecurityProviderService); - CreateServiceFunction(MS_NETLIB_INITSECURITYPROVIDER2, InitSecurityProviderService2); - CreateServiceFunction(MS_NETLIB_DESTROYSECURITYPROVIDER, DestroySecurityProviderService); - CreateServiceFunction(MS_NETLIB_NTLMCREATERESPONSE, NtlmCreateResponseService); - CreateServiceFunction(MS_NETLIB_NTLMCREATERESPONSE2, NtlmCreateResponseService2); + return NtlmCreateResponseFromChallenge(hProvider, szChallenge, pwszLogin, pwszPassword, false, complete); } -- cgit v1.2.3