/src/FreeRDP/winpr/libwinpr/sspicli/sspicli.c

Source (jump to first uncovered line)
/**
 * WinPR: Windows Portable Runtime
 * Security Support Provider Interface
 *
 * Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <winpr/config.h>

#include <winpr/assert.h>
#include <winpr/sspicli.h>

/**
 * sspicli.dll:
 *
 * EnumerateSecurityPackagesA
 * EnumerateSecurityPackagesW
 * GetUserNameExW
 * ImportSecurityContextA
 * LogonUser
 * LogonUserEx
 * LogonUserExExW
 * SspiCompareAuthIdentities
 * SspiCopyAuthIdentity
 * SspiDecryptAuthIdentity
 * SspiEncodeAuthIdentityAsStrings
 * SspiEncodeStringsAsAuthIdentity
 * SspiEncryptAuthIdentity
 * SspiExcludePackage
 * SspiFreeAuthIdentity
 * SspiGetTargetHostName
 * SspiIsAuthIdentityEncrypted
 * SspiLocalFree
 * SspiMarshalAuthIdentity
 * SspiPrepareForCredRead
 * SspiPrepareForCredWrite
 * SspiUnmarshalAuthIdentity
 * SspiValidateAuthIdentity
 * SspiZeroAuthIdentity
 */

#ifndef _WIN32

#include <winpr/crt.h>

#ifdef WINPR_HAVE_UNISTD_H
#include <unistd.h>
#endif

#if defined(WINPR_HAVE_GETPWUID_R)
#include <sys/types.h>
#endif

#include <pthread.h>

#include <pwd.h>
#include <grp.h>

#include "../handle/handle.h"

#include "../security/security.h"

static BOOL LogonUserCloseHandle(HANDLE handle);

static BOOL LogonUserIsHandled(HANDLE handle)
{
  return WINPR_HANDLE_IS_HANDLED(handle, HANDLE_TYPE_ACCESS_TOKEN, FALSE);
}

static int LogonUserGetFd(HANDLE handle)
{
  WINPR_ACCESS_TOKEN* pLogonUser = (WINPR_ACCESS_TOKEN*)handle;

  if (!LogonUserIsHandled(handle))
    return -1;

  /* TODO: File fd not supported */
  (void)pLogonUser;
  return -1;
}

BOOL LogonUserCloseHandle(HANDLE handle)
{
  WINPR_ACCESS_TOKEN* token = (WINPR_ACCESS_TOKEN*)handle;

  if (!handle || !LogonUserIsHandled(handle))
    return FALSE;

  free(token->Username);
  free(token->Domain);
  free(token);
  return TRUE;
}

static HANDLE_OPS ops = { LogonUserIsHandled,
                        LogonUserCloseHandle,
                        LogonUserGetFd,
                        NULL, /* CleanupHandle */
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL,
                        NULL };

BOOL LogonUserA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword, DWORD dwLogonType,
                DWORD dwLogonProvider, PHANDLE phToken)
{
  struct passwd* pw = NULL;
  WINPR_ACCESS_TOKEN* token = NULL;

  if (!lpszUsername)
    return FALSE;

  token = (WINPR_ACCESS_TOKEN*)calloc(1, sizeof(WINPR_ACCESS_TOKEN));

  if (!token)
    return FALSE;

  WINPR_HANDLE_SET_TYPE_AND_MODE(token, HANDLE_TYPE_ACCESS_TOKEN, WINPR_FD_READ);
  token->common.ops = &ops;
  token->Username = _strdup(lpszUsername);

  if (!token->Username)
  {
    free(token);
    return FALSE;
  }

  if (lpszDomain)
  {
    token->Domain = _strdup(lpszDomain);

    if (!token->Domain)
    {
      free(token->Username);
      free(token);
      return FALSE;
    }
  }

  pw = getpwnam(lpszUsername);

  if (pw)
  {
    token->UserId = (DWORD)pw->pw_uid;
    token->GroupId = (DWORD)pw->pw_gid;
  }

  *((ULONG_PTR*)phToken) = (ULONG_PTR)token;
  return TRUE;
}

BOOL LogonUserW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword, DWORD dwLogonType,
                DWORD dwLogonProvider, PHANDLE phToken)
{
  return TRUE;
}

BOOL LogonUserExA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword, DWORD dwLogonType,
                  DWORD dwLogonProvider, PHANDLE phToken, PSID* ppLogonSid, PVOID* ppProfileBuffer,
                  LPDWORD pdwProfileLength, PQUOTA_LIMITS pQuotaLimits)
{
  return TRUE;
}

BOOL LogonUserExW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword, DWORD dwLogonType,
                  DWORD dwLogonProvider, PHANDLE phToken, PSID* ppLogonSid, PVOID* ppProfileBuffer,
                  LPDWORD pdwProfileLength, PQUOTA_LIMITS pQuotaLimits)
{
  return TRUE;
}

BOOL GetUserNameExA(EXTENDED_NAME_FORMAT NameFormat, LPSTR lpNameBuffer, PULONG nSize)
{
  WINPR_ASSERT(lpNameBuffer);
  WINPR_ASSERT(nSize);

  switch (NameFormat)
  {
    case NameSamCompatible:
#if defined(WINPR_HAVE_GETPWUID_R)
    {
      int rc = 0;
      struct passwd pwd = { 0 };
      struct passwd* result = NULL;
      uid_t uid = getuid();

      rc = getpwuid_r(uid, &pwd, lpNameBuffer, *nSize, &result);
      if (rc != 0)
        return FALSE;
      if (result == NULL)
        return FALSE;
    }
#elif defined(WINPR_HAVE_GETLOGIN_R)
      if (getlogin_r(lpNameBuffer, *nSize) != 0)
        return FALSE;
#else
    {
      const char* name = getlogin();
      if (!name)
        return FALSE;
      strncpy(lpNameBuffer, name, strnlen(name, *nSize));
    }
#endif
      *nSize = strnlen(lpNameBuffer, *nSize);
      return TRUE;

    case NameFullyQualifiedDN:
    case NameDisplay:
    case NameUniqueId:
    case NameCanonical:
    case NameUserPrincipal:
    case NameCanonicalEx:
    case NameServicePrincipal:
    case NameDnsDomain:
      break;

    default:
      break;
  }

  return FALSE;
}

BOOL GetUserNameExW(EXTENDED_NAME_FORMAT NameFormat, LPWSTR lpNameBuffer, PULONG nSize)
{
  BOOL rc = FALSE;
  char* name = NULL;

  WINPR_ASSERT(nSize);
  WINPR_ASSERT(lpNameBuffer);

  name = calloc(1, *nSize + 1);
  if (!name)
    goto fail;

  if (!GetUserNameExA(NameFormat, name, nSize))
    goto fail;

  const SSIZE_T res = ConvertUtf8ToWChar(name, lpNameBuffer, *nSize);
  if (res < 0)
    goto fail;

  *nSize = res + 1;
  rc = TRUE;
fail:
  free(name);
  return rc;
}

#endif

Coverage Report

Created: 2024-05-20 06:11

Line	Count	Source (jump to first uncovered line)
1		/**
2		* WinPR: Windows Portable Runtime
3		* Security Support Provider Interface
4		*
5		* Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
6		*
7		* Licensed under the Apache License, Version 2.0 (the "License");
8		* you may not use this file except in compliance with the License.
9		* You may obtain a copy of the License at
10		*
11		* http://www.apache.org/licenses/LICENSE-2.0
12		*
13		* Unless required by applicable law or agreed to in writing, software
14		* distributed under the License is distributed on an "AS IS" BASIS,
15		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16		* See the License for the specific language governing permissions and
17		* limitations under the License.
18		*/
19
20		#include <winpr/config.h>
21
22		#include <winpr/assert.h>
23		#include <winpr/sspicli.h>
24
25		/**
26		* sspicli.dll:
27		*
28		* EnumerateSecurityPackagesA
29		* EnumerateSecurityPackagesW
30		* GetUserNameExW
31		* ImportSecurityContextA
32		* LogonUser
33		* LogonUserEx
34		* LogonUserExExW
35		* SspiCompareAuthIdentities
36		* SspiCopyAuthIdentity
37		* SspiDecryptAuthIdentity
38		* SspiEncodeAuthIdentityAsStrings
39		* SspiEncodeStringsAsAuthIdentity
40		* SspiEncryptAuthIdentity
41		* SspiExcludePackage
42		* SspiFreeAuthIdentity
43		* SspiGetTargetHostName
44		* SspiIsAuthIdentityEncrypted
45		* SspiLocalFree
46		* SspiMarshalAuthIdentity
47		* SspiPrepareForCredRead
48		* SspiPrepareForCredWrite
49		* SspiUnmarshalAuthIdentity
50		* SspiValidateAuthIdentity
51		* SspiZeroAuthIdentity
52		*/
53
54		#ifndef _WIN32
55
56		#include <winpr/crt.h>
57
58		#ifdef WINPR_HAVE_UNISTD_H
59		#include <unistd.h>
60		#endif
61
62		#if defined(WINPR_HAVE_GETPWUID_R)
63		#include <sys/types.h>
64		#endif
65
66		#include <pthread.h>
67
68		#include <pwd.h>
69		#include <grp.h>
70
71		#include "../handle/handle.h"
72
73		#include "../security/security.h"
74
75		static BOOL LogonUserCloseHandle(HANDLE handle);
76
77		static BOOL LogonUserIsHandled(HANDLE handle)
78	0	{
79	0	return WINPR_HANDLE_IS_HANDLED(handle, HANDLE_TYPE_ACCESS_TOKEN, FALSE);
80	0	}
81
82		static int LogonUserGetFd(HANDLE handle)
83	0	{
84	0	WINPR_ACCESS_TOKEN* pLogonUser = (WINPR_ACCESS_TOKEN*)handle;
85
86	0	if (!LogonUserIsHandled(handle))
87	0	return -1;
88
89		/* TODO: File fd not supported */
90	0	(void)pLogonUser;
91	0	return -1;
92	0	}
93
94		BOOL LogonUserCloseHandle(HANDLE handle)
95	0	{
96	0	WINPR_ACCESS_TOKEN* token = (WINPR_ACCESS_TOKEN*)handle;
97
98	0	if (!handle \|\| !LogonUserIsHandled(handle))
99	0	return FALSE;
100
101	0	free(token->Username);
102	0	free(token->Domain);
103	0	free(token);
104	0	return TRUE;
105	0	}
106
107		static HANDLE_OPS ops = { LogonUserIsHandled,
108		LogonUserCloseHandle,
109		LogonUserGetFd,
110		NULL, /* CleanupHandle */
111		NULL,
112		NULL,
113		NULL,
114		NULL,
115		NULL,
116		NULL,
117		NULL,
118		NULL,
119		NULL,
120		NULL,
121		NULL,
122		NULL,
123		NULL,
124		NULL,
125		NULL,
126		NULL,
127		NULL };
128
129		BOOL LogonUserA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword, DWORD dwLogonType,
130		DWORD dwLogonProvider, PHANDLE phToken)
131	0	{
132	0	struct passwd* pw = NULL;
133	0	WINPR_ACCESS_TOKEN* token = NULL;
134
135	0	if (!lpszUsername)
136	0	return FALSE;
137
138	0	token = (WINPR_ACCESS_TOKEN*)calloc(1, sizeof(WINPR_ACCESS_TOKEN));
139
140	0	if (!token)
141	0	return FALSE;
142
143	0	WINPR_HANDLE_SET_TYPE_AND_MODE(token, HANDLE_TYPE_ACCESS_TOKEN, WINPR_FD_READ);
144	0	token->common.ops = &ops;
145	0	token->Username = _strdup(lpszUsername);
146
147	0	if (!token->Username)
148	0	{
149	0	free(token);
150	0	return FALSE;
151	0	}
152
153	0	if (lpszDomain)
154	0	{
155	0	token->Domain = _strdup(lpszDomain);
156
157	0	if (!token->Domain)
158	0	{
159	0	free(token->Username);
160	0	free(token);
161	0	return FALSE;
162	0	}
163	0	}
164
165	0	pw = getpwnam(lpszUsername);
166
167	0	if (pw)
168	0	{
169	0	token->UserId = (DWORD)pw->pw_uid;
170	0	token->GroupId = (DWORD)pw->pw_gid;
171	0	}
172
173	0	((ULONG_PTR)phToken) = (ULONG_PTR)token;
174	0	return TRUE;
175	0	}
176
177		BOOL LogonUserW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword, DWORD dwLogonType,
178		DWORD dwLogonProvider, PHANDLE phToken)
179	0	{
180	0	return TRUE;
181	0	}
182
183		BOOL LogonUserExA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword, DWORD dwLogonType,
184		DWORD dwLogonProvider, PHANDLE phToken, PSID* ppLogonSid, PVOID* ppProfileBuffer,
185		LPDWORD pdwProfileLength, PQUOTA_LIMITS pQuotaLimits)
186	0	{
187	0	return TRUE;
188	0	}
189
190		BOOL LogonUserExW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword, DWORD dwLogonType,
191		DWORD dwLogonProvider, PHANDLE phToken, PSID* ppLogonSid, PVOID* ppProfileBuffer,
192		LPDWORD pdwProfileLength, PQUOTA_LIMITS pQuotaLimits)
193	0	{
194	0	return TRUE;
195	0	}
196
197		BOOL GetUserNameExA(EXTENDED_NAME_FORMAT NameFormat, LPSTR lpNameBuffer, PULONG nSize)
198	0	{
199	0	WINPR_ASSERT(lpNameBuffer);
200	0	WINPR_ASSERT(nSize);
201
202	0	switch (NameFormat)
203	0	{
204	0	case NameSamCompatible:
205	0	#if defined(WINPR_HAVE_GETPWUID_R)
206	0	{
207	0	int rc = 0;
208	0	struct passwd pwd = { 0 };
209	0	struct passwd* result = NULL;
210	0	uid_t uid = getuid();
211
212	0	rc = getpwuid_r(uid, &pwd, lpNameBuffer, *nSize, &result);
213	0	if (rc != 0)
214	0	return FALSE;
215	0	if (result == NULL)
216	0	return FALSE;
217	0	}
218		#elif defined(WINPR_HAVE_GETLOGIN_R)
219		if (getlogin_r(lpNameBuffer, *nSize) != 0)
220		return FALSE;
221		#else
222		{
223		const char* name = getlogin();
224		if (!name)
225		return FALSE;
226		strncpy(lpNameBuffer, name, strnlen(name, *nSize));
227		}
228		#endif
229	0	nSize = strnlen(lpNameBuffer, nSize);
230	0	return TRUE;
231
232	0	case NameFullyQualifiedDN:
233	0	case NameDisplay:
234	0	case NameUniqueId:
235	0	case NameCanonical:
236	0	case NameUserPrincipal:
237	0	case NameCanonicalEx:
238	0	case NameServicePrincipal:
239	0	case NameDnsDomain:
240	0	break;
241
242	0	default:
243	0	break;
244	0	}
245
246	0	return FALSE;
247	0	}
248
249		BOOL GetUserNameExW(EXTENDED_NAME_FORMAT NameFormat, LPWSTR lpNameBuffer, PULONG nSize)
250	0	{
251	0	BOOL rc = FALSE;
252	0	char* name = NULL;
253
254	0	WINPR_ASSERT(nSize);
255	0	WINPR_ASSERT(lpNameBuffer);
256
257	0	name = calloc(1, *nSize + 1);
258	0	if (!name)
259	0	goto fail;
260
261	0	if (!GetUserNameExA(NameFormat, name, nSize))
262	0	goto fail;
263
264	0	const SSIZE_T res = ConvertUtf8ToWChar(name, lpNameBuffer, *nSize);
265	0	if (res < 0)
266	0	goto fail;
267
268	0	*nSize = res + 1;
269	0	rc = TRUE;
270	0	fail:
271	0	free(name);
272	0	return rc;
273	0	}
274
275		#endif