Core ReactOS
  1. Core ReactOS
  2. CORE-12601

Our secur32.dll misses some authentication providers (e.g. NTLM ...)

    Details

    • Type: Task Task
    • Status: Open Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None

      Description

      Our secur32.dll misses some authentication providers (e.g. NTLM ...). This blocks, in particular, a step in the Word 2010 installation to succeed.
      Cc hater and Eric Kohl.

      <---- In WINE (similar in ROS) ---->
       
      0074:Call KERNEL32.LoadLibraryA(7ec34ee9 "secur32.dll") ret=7ec0d79e
      0074:Ret  KERNEL32.LoadLibraryA() retval=7ed30000 ret=7ec0d79e
      0074:Call KERNEL32.GetProcAddress(7ed30000,7ec3509f "EnumerateSecurityPackagesW") ret=7ec0d771
      0074:Ret  KERNEL32.GetProcAddress() retval=7ed3a2cc ret=7ec0d771
      0074:Call secur32.EnumerateSecurityPackagesW(04e9db40,04e9db44) ret=7ebf92e4
      0074:Call ntdll.RtlAllocateHeap(00110000,00000000,000001ce) ret=7ed45e93
      0074:Ret  ntdll.RtlAllocateHeap() retval=01aaccf8 ret=7ed45e93
      0074:Ret  secur32.EnumerateSecurityPackagesW() retval=00000000 ret=7ebf92e4
       
       
      >---The details in ROS ---<
      Breakpoint 7 hit
      Secur32!EnumerateSecurityPackagesW+0x69:
      001b:7ae32cf9 8b5508          mov     edx,dword ptr [ebp+8]
      kd> p
      Secur32!EnumerateSecurityPackagesW+0x1bb:
      001b:7ae32e4b 8b0db0a1e37a    mov     ecx,dword ptr [Secur32!__wine_dbch___default (7ae3a1b0)]
      kd> ?? package->infoW.Name
      unsigned short * 0x02a684f8
       "Microsoft Unified Security Protocol Provider"
      kd> p
      Secur32!EnumerateSecurityPackagesW+0x25b:
      001b:7ae32eeb 8b15b0a1e37a    mov     edx,dword ptr [Secur32!__wine_dbch___default (7ae3a1b0)]
      kd> ?? package->infoW.Comment
      unsigned short * 0x029f37a8
       "Microsoft Unified Security Protocol Provider"
      kd> p
      Secur32!EnumerateSecurityPackagesW+0x1ae:
      001b:7ae32e3e 8b45f4          mov     eax,dword ptr [ebp-0Ch]
      kd> ?? package->infoW.Name
      unsigned short * 0x02a68588
       "Schannel"
      kd> p
      Secur32!EnumerateSecurityPackagesW+0x25b:
      001b:7ae32eeb 8b15b0a1e37a    mov     edx,dword ptr [Secur32!__wine_dbch___default (7ae3a1b0)]
      kd> ?? package->infoW.Comment
      unsigned short * 0x029f3810
       "Schannel Security Package"
      kd> p
       
      (Note that in the enumeration, NTLM is absent).
       
       
      But then we get in ROS:
       
      kd> g
      Failed to set breakpoint at address 0x7AE356BF, adding deferred breakpoint.
      fixme:(H:\trunk\reactos_clean\dll\win32\rpcrt4\rpc_binding.c:1865) unsupported AuthnSvc 10     <--- RPC_C_AUTHN_WINNT
       
      And installation failure!
       
      While in Wine, execution continues with:
       
      0074:Call KERNEL32.GetProcAddress(7ed30000,7ec35024 "AcquireCredentialsHandleW") ret=7ec0d771
      0074:Ret  KERNEL32.GetProcAddress() retval=7ed3a1f4 ret=7ec0d771
      0074:Call secur32.AcquireCredentialsHandleW(00000000,01aace42 L"NTLM",00000002,00000000,00000000,00000000,00000000,04e9db4c,04e9db54) ret=7ebf94ed
      0074:Call KERNEL32.lstrcmpiW(00127780 L"Microsoft Unified Security Protocol Provider",01aace42 L"NTLM") ret=7ed471c2
      0074:Ret  KERNEL32.lstrcmpiW() retval=ffffffff ret=7ed471c2
      0074:Call KERNEL32.lstrcmpiW(00127878 L"Schannel",01aace42 L"NTLM") ret=7ed471c2
      0074:Ret  KERNEL32.lstrcmpiW() retval=00000001 ret=7ed471c2
      0074:Call KERNEL32.lstrcmpiW(00127a60 L"NTLM",01aace42 L"NTLM") ret=7ed471c2
      0074:Ret  KERNEL32.lstrcmpiW() retval=00000000 ret=7ed471c2
      0074:Call ntdll.RtlAllocateHeap(00110000,00000000,00000018) ret=7ed3dc88
      0074:Ret  ntdll.RtlAllocateHeap() retval=01a2be80 ret=7ed3dc88
      0074:Call ntdll.RtlAllocateHeap(00110000,00000000,00000008) ret=7ed4979b
      0074:Ret  ntdll.RtlAllocateHeap() retval=01a2bea0 ret=7ed4979b
      0074:Ret  secur32.AcquireCredentialsHandleW() retval=00000000 ret=7ebf94ed
      0074:Call KERNEL32.GetProcAddress(7ed30000,7ec350ba "FreeContextBuffer") ret=7ec0d771
      0074:Ret  KERNEL32.GetProcAddress() retval=7ed3a2fc ret=7ec0d771
      0074:Call secur32.FreeContextBuffer(01aaccf8) ret=7ebf94fd
      

        Issue Links

          Activity

          Hide
          Aleksey Bragin
          added a comment -

          Does WINE have an implementation of that?

          Show
          Aleksey Bragin
          added a comment - Does WINE have an implementation of that?
          Hide
          amber
          added a comment - - edited

          can be linked with CORE-12598 ?

          Show
          amber
          added a comment - - edited can be linked with CORE-12598 ?
          Hide
          HBelusca
          added a comment - - edited

          amber: the problems do not seem to be related. There is no trace in the debug log that a NTLM connection is needed (nor in the error messages) so far.
          Aleksey Bragin: Yes WINE somewhat implements it, by wrapping around Samba's "ntlm_auth" helper utility. hater discussed that in his comment in CORE-11520.

          Show
          HBelusca
          added a comment - - edited amber : the problems do not seem to be related. There is no trace in the debug log that a NTLM connection is needed (nor in the error messages) so far. Aleksey Bragin : Yes WINE somewhat implements it, by wrapping around Samba's "ntlm_auth" helper utility. hater discussed that in his comment in CORE-11520 .
          Hide
          Samuel Serapion
          added a comment -

          If you need an ntlm provider I implemented a semi working one in the sspi bringup branch a few years ago

          Show
          Samuel Serapion
          added a comment - If you need an ntlm provider I implemented a semi working one in the sspi bringup branch a few years ago
          Hide
          HBelusca
          added a comment -

          Hi Samuel Serapion! It would be nice to see what's still good in this branch and merge it asap?

          Show
          HBelusca
          added a comment - Hi Samuel Serapion ! It would be nice to see what's still good in this branch and merge it asap?
          Hide
          HBelusca
          added a comment -

          Wine's NTLM layer committed in r73868 as an interim step towards a proper implementation.

          Show
          HBelusca
          added a comment - Wine's NTLM layer committed in r73868 as an interim step towards a proper implementation.
          Hide
          HBelusca
          added a comment -

          Wine's NTLM layer committed in r73868 as an interim step towards a proper implementation.

          Show
          HBelusca
          added a comment - Wine's NTLM layer committed in r73868 as an interim step towards a proper implementation.
          Hide
          jedi-to-be
          added a comment -

          May be it is better to temporarily add Samba itself to ReactOS? It is not that simple to install it for average user.

          I suggest add it at least as downloadable module, the same way we do with gecko

          Show
          jedi-to-be
          added a comment - May be it is better to temporarily add Samba itself to ReactOS? It is not that simple to install it for average user. I suggest add it at least as downloadable module, the same way we do with gecko
          Hide
          jedi-to-be
          added a comment -

          Try my version of installer based on Winrar SFX. After extraction it starts smbsetup.cmd

          https://1drv.ms/u/s!AlGdrvXnEIJfg0sFrjSqFR-eTiwG

          Show
          jedi-to-be
          added a comment - Try my version of installer based on Winrar SFX. After extraction it starts smbsetup.cmd https://1drv.ms/u/s!AlGdrvXnEIJfg0sFrjSqFR-eTiwG
          Hide
          HBelusca
          added a comment -

          Hi jedi-to-be! The installer looks perfect, but there are two points needed:

          • In the welcome screen, you need to add that the Samba files come from http://smithii.com/samba and that this is a Samba 3.0.23c build. For example you can modify the first sentence to:

            This is a special version of Samba 3.0.23c that can be obtained from http://smithii.com/samba .

            and I suggest not mentioning ReactOS at all (since this version of samba can work on Windows as well).

          • The installer must also add these two paths to the system PATH environment variable:
            C:\Program Files\samba\bin;C:\Program Files\samba\sbin
            (note the separating semicolon; also there should be a semicolon that separate these paths with those already existing in the PATH environment variable).
          Show
          HBelusca
          added a comment - Hi jedi-to-be ! The installer looks perfect, but there are two points needed: In the welcome screen, you need to add that the Samba files come from http://smithii.com/samba and that this is a Samba 3.0.23c build. For example you can modify the first sentence to: This is a special version of Samba 3.0.23c that can be obtained from http://smithii.com/samba . and I suggest not mentioning ReactOS at all (since this version of samba can work on Windows as well). The installer must also add these two paths to the system PATH environment variable: C:\Program Files\samba\bin;C:\Program Files\samba\sbin (note the separating semicolon; also there should be a semicolon that separate these paths with those already existing in the PATH environment variable).
          Hide
          amber
          added a comment -

          jedi-to-be:
          replace the files in my files (they set the Path variable):
          https://cloud.mail.ru/public/5Ex7/5eBZbYCZb

          HBelusca:
          we can use a "silent" installation mode. This should start ReactOS-samba.exe with the /S switch. In this mode, the window is not displayed to the user.

          Show
          amber
          added a comment - jedi-to-be : replace the files in my files (they set the Path variable): https://cloud.mail.ru/public/5Ex7/5eBZbYCZb HBelusca : we can use a "silent" installation mode. This should start ReactOS-samba.exe with the /S switch. In this mode, the window is not displayed to the user.
          Hide
          jedi-to-be
          added a comment - - edited

          Updated version with suggestions from HBelusca and files from amber
          Now it should set needed variables

          https://1drv.ms/u/s!AlGdrvXnEIJfg0yB33PiqlerBY2U

          Show
          jedi-to-be
          added a comment - - edited Updated version with suggestions from HBelusca and files from amber Now it should set needed variables https://1drv.ms/u/s!AlGdrvXnEIJfg0yB33PiqlerBY2U
          Hide
          HBelusca
          added a comment -

          It works great jedi-to-be!

          Show
          HBelusca
          added a comment - It works great jedi-to-be !
          Hide
          jedi-to-be
          added a comment - - edited

          nice
          so we need it in RAPPS

          Show
          jedi-to-be
          added a comment - - edited nice so we need it in RAPPS
          Hide
          HBelusca
          added a comment -

          Cc Daniel Reimer for RAPPS

          Show
          HBelusca
          added a comment - Cc Daniel Reimer for RAPPS
          Hide
          Daniel Reimer
          added a comment -

          Added to RAPPS as asked for.

          Show
          Daniel Reimer
          added a comment - Added to RAPPS as asked for.

            People

            • Assignee:
              Bug Zilla
              Reporter:
              HBelusca
            • Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated: