| /*************************************************************************** |
| * _ _ ____ _ |
| * Project ___| | | | _ \| | |
| * / __| | | | |_) | | |
| * | (__| |_| | _ <| |___ |
| * \___|\___/|_| \_\_____| |
| * |
| * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. |
| * |
| * This software is licensed as described in the file COPYING, which |
| * you should have received as part of this distribution. The terms |
| * are also available at https://curl.haxx.se/docs/copyright.html. |
| * |
| * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
| * copies of the Software, and permit persons to whom the Software is |
| * furnished to do so, under the terms of the COPYING file. |
| * |
| * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
| * KIND, either express or implied. |
| * |
| ***************************************************************************/ |
| |
| #include "curl_setup.h" |
| |
| #ifdef USE_WINDOWS_SSPI |
| |
| #include <curl/curl.h> |
| #include "curl_sspi.h" |
| #include "curl_multibyte.h" |
| #include "system_win32.h" |
| #include "warnless.h" |
| |
| /* The last #include files should be: */ |
| #include "curl_memory.h" |
| #include "memdebug.h" |
| |
| /* We use our own typedef here since some headers might lack these */ |
| typedef PSecurityFunctionTable (APIENTRY *INITSECURITYINTERFACE_FN)(VOID); |
| |
| /* See definition of SECURITY_ENTRYPOINT in sspi.h */ |
| #ifdef UNICODE |
| # ifdef _WIN32_WCE |
| # define SECURITYENTRYPOINT L"InitSecurityInterfaceW" |
| # else |
| # define SECURITYENTRYPOINT "InitSecurityInterfaceW" |
| # endif |
| #else |
| # define SECURITYENTRYPOINT "InitSecurityInterfaceA" |
| #endif |
| |
| /* Handle of security.dll or secur32.dll, depending on Windows version */ |
| HMODULE s_hSecDll = NULL; |
| |
| /* Pointer to SSPI dispatch table */ |
| PSecurityFunctionTable s_pSecFn = NULL; |
| |
| /* |
| * Curl_sspi_global_init() |
| * |
| * This is used to load the Security Service Provider Interface (SSPI) |
| * dynamic link library portably across all Windows versions, without |
| * the need to directly link libcurl, nor the application using it, at |
| * build time. |
| * |
| * Once this function has been executed, Windows SSPI functions can be |
| * called through the Security Service Provider Interface dispatch table. |
| * |
| * Parameters: |
| * |
| * None. |
| * |
| * Returns CURLE_OK on success. |
| */ |
| CURLcode Curl_sspi_global_init(void) |
| { |
| INITSECURITYINTERFACE_FN pInitSecurityInterface; |
| |
| /* If security interface is not yet initialized try to do this */ |
| if(!s_hSecDll) { |
| /* Security Service Provider Interface (SSPI) functions are located in |
| * security.dll on WinNT 4.0 and in secur32.dll on Win9x. Win2K and XP |
| * have both these DLLs (security.dll forwards calls to secur32.dll) */ |
| |
| /* Load SSPI dll into the address space of the calling process */ |
| if(Curl_verify_windows_version(4, 0, PLATFORM_WINNT, VERSION_EQUAL)) |
| s_hSecDll = Curl_load_library(TEXT("security.dll")); |
| else |
| s_hSecDll = Curl_load_library(TEXT("secur32.dll")); |
| if(!s_hSecDll) |
| return CURLE_FAILED_INIT; |
| |
| /* Get address of the InitSecurityInterfaceA function from the SSPI dll */ |
| pInitSecurityInterface = |
| CURLX_FUNCTION_CAST(INITSECURITYINTERFACE_FN, |
| (GetProcAddress(s_hSecDll, SECURITYENTRYPOINT))); |
| if(!pInitSecurityInterface) |
| return CURLE_FAILED_INIT; |
| |
| /* Get pointer to Security Service Provider Interface dispatch table */ |
| s_pSecFn = pInitSecurityInterface(); |
| if(!s_pSecFn) |
| return CURLE_FAILED_INIT; |
| } |
| |
| return CURLE_OK; |
| } |
| |
| /* |
| * Curl_sspi_global_cleanup() |
| * |
| * This deinitializes the Security Service Provider Interface from libcurl. |
| * |
| * Parameters: |
| * |
| * None. |
| */ |
| void Curl_sspi_global_cleanup(void) |
| { |
| if(s_hSecDll) { |
| FreeLibrary(s_hSecDll); |
| s_hSecDll = NULL; |
| s_pSecFn = NULL; |
| } |
| } |
| |
| /* |
| * Curl_create_sspi_identity() |
| * |
| * This is used to populate a SSPI identity structure based on the supplied |
| * username and password. |
| * |
| * Parameters: |
| * |
| * userp [in] - The user name in the format User or Domain\User. |
| * passwdp [in] - The user's password. |
| * identity [in/out] - The identity structure. |
| * |
| * Returns CURLE_OK on success. |
| */ |
| CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp, |
| SEC_WINNT_AUTH_IDENTITY *identity) |
| { |
| xcharp_u useranddomain; |
| xcharp_u user, dup_user; |
| xcharp_u domain, dup_domain; |
| xcharp_u passwd, dup_passwd; |
| size_t domlen = 0; |
| |
| domain.const_tchar_ptr = TEXT(""); |
| |
| /* Initialize the identity */ |
| memset(identity, 0, sizeof(*identity)); |
| |
| useranddomain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)userp); |
| if(!useranddomain.tchar_ptr) |
| return CURLE_OUT_OF_MEMORY; |
| |
| user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('\\')); |
| if(!user.const_tchar_ptr) |
| user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('/')); |
| |
| if(user.tchar_ptr) { |
| domain.tchar_ptr = useranddomain.tchar_ptr; |
| domlen = user.tchar_ptr - useranddomain.tchar_ptr; |
| user.tchar_ptr++; |
| } |
| else { |
| user.tchar_ptr = useranddomain.tchar_ptr; |
| domain.const_tchar_ptr = TEXT(""); |
| domlen = 0; |
| } |
| |
| /* Setup the identity's user and length */ |
| dup_user.tchar_ptr = _tcsdup(user.tchar_ptr); |
| if(!dup_user.tchar_ptr) { |
| Curl_unicodefree(useranddomain.tchar_ptr); |
| return CURLE_OUT_OF_MEMORY; |
| } |
| identity->User = dup_user.tbyte_ptr; |
| identity->UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr)); |
| dup_user.tchar_ptr = NULL; |
| |
| /* Setup the identity's domain and length */ |
| dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1)); |
| if(!dup_domain.tchar_ptr) { |
| Curl_unicodefree(useranddomain.tchar_ptr); |
| return CURLE_OUT_OF_MEMORY; |
| } |
| _tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen); |
| *(dup_domain.tchar_ptr + domlen) = TEXT('\0'); |
| identity->Domain = dup_domain.tbyte_ptr; |
| identity->DomainLength = curlx_uztoul(domlen); |
| dup_domain.tchar_ptr = NULL; |
| |
| Curl_unicodefree(useranddomain.tchar_ptr); |
| |
| /* Setup the identity's password and length */ |
| passwd.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)passwdp); |
| if(!passwd.tchar_ptr) |
| return CURLE_OUT_OF_MEMORY; |
| dup_passwd.tchar_ptr = _tcsdup(passwd.tchar_ptr); |
| if(!dup_passwd.tchar_ptr) { |
| Curl_unicodefree(passwd.tchar_ptr); |
| return CURLE_OUT_OF_MEMORY; |
| } |
| identity->Password = dup_passwd.tbyte_ptr; |
| identity->PasswordLength = curlx_uztoul(_tcslen(dup_passwd.tchar_ptr)); |
| dup_passwd.tchar_ptr = NULL; |
| |
| Curl_unicodefree(passwd.tchar_ptr); |
| |
| /* Setup the identity's flags */ |
| identity->Flags = SECFLAG_WINNT_AUTH_IDENTITY; |
| |
| return CURLE_OK; |
| } |
| |
| /* |
| * Curl_sspi_free_identity() |
| * |
| * This is used to free the contents of a SSPI identifier structure. |
| * |
| * Parameters: |
| * |
| * identity [in/out] - The identity structure. |
| */ |
| void Curl_sspi_free_identity(SEC_WINNT_AUTH_IDENTITY *identity) |
| { |
| if(identity) { |
| Curl_safefree(identity->User); |
| Curl_safefree(identity->Password); |
| Curl_safefree(identity->Domain); |
| } |
| } |
| |
| #endif /* USE_WINDOWS_SSPI */ |