From 6dfaa54b63d66d0e599e0a3d891db99c57676553 Mon Sep 17 00:00:00 2001
From: antiduh <antiduh@e114e3f1-24f7-e311-a78f-001bfcf5e160>
Date: Wed, 25 Jun 2014 20:14:12 +0000
Subject: [PATCH] Added basic functionality to query package information.

---
 NSspi.csproj      |  4 ++-
 NativeMethods.cs  |  4 +++
 PackageSupport.cs | 42 ++++++++++++++++++++++++++
 Program.cs        | 18 ++++++++++--
 SecPkgInfo.cs     | 75 +++++++++++++++++++++++++++++++++++++++++++++++
 5 files changed, 139 insertions(+), 4 deletions(-)
 create mode 100644 PackageSupport.cs
 create mode 100644 SecPkgInfo.cs

diff --git a/NSspi.csproj b/NSspi.csproj
index 10cd6c5..b8c65d8 100644
--- a/NSspi.csproj
+++ b/NSspi.csproj
@@ -15,7 +15,7 @@
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
     <DebugType>full</DebugType>
-    <Optimize>true</Optimize>
+    <Optimize>false</Optimize>
     <OutputPath>bin\Debug\</OutputPath>
     <DefineConstants>DEBUG;TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
@@ -55,6 +55,7 @@
     <Compile Include="Contexts\ContextQueryAttrib.cs" />
     <Compile Include="Contexts\ImpersonationHandle.cs" />
     <Compile Include="Contexts\SafeContextHandle.cs" />
+    <Compile Include="SecPkgInfo.cs" />
     <Compile Include="Contexts\ServerContext.cs" />
     <Compile Include="Credentials\ClientCredential.cs" />
     <Compile Include="Credentials\Credential.cs" />
@@ -67,6 +68,7 @@
     <Compile Include="Credentials\SafeCredentialHandle.cs" />
     <Compile Include="Credentials\ServerCredential.cs" />
     <Compile Include="NativeMethods.cs" />
+    <Compile Include="PackageSupport.cs" />
     <Compile Include="PackageNames.cs" />
     <Compile Include="Program.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
diff --git a/NativeMethods.cs b/NativeMethods.cs
index 33d607b..ff582e1 100644
--- a/NativeMethods.cs
+++ b/NativeMethods.cs
@@ -29,5 +29,9 @@ namespace NSspi
         [DllImport( "Secur32.dll", EntryPoint = "FreeContextBuffer", CharSet = CharSet.Unicode )]
         public static extern SecurityStatus FreeContextBuffer( IntPtr buffer );
 
+
+        [ReliabilityContract( Consistency.WillNotCorruptState, Cer.Success )]
+        [DllImport( "Secur32.dll", EntryPoint = "QuerySecurityPackageInfo", CharSet = CharSet.Unicode )]
+        internal static extern SecurityStatus QuerySecurityPackageInfo( string packageName, ref IntPtr pkgInof );
     }
 }
diff --git a/PackageSupport.cs b/PackageSupport.cs
new file mode 100644
index 0000000..bd307c2
--- /dev/null
+++ b/PackageSupport.cs
@@ -0,0 +1,42 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace NSspi
+{
+    public static class PackageSupport
+    {
+        public static SecPkgInfo GetPackageCapabilities( string packageName )
+        {
+            SecPkgInfo info;
+            SecurityStatus status;
+            SecurityStatus freeStatus;
+
+            IntPtr rawInfoPtr;
+            
+            rawInfoPtr = new IntPtr();
+            info = new SecPkgInfo();
+
+            RuntimeHelpers.PrepareConstrainedRegions();
+            try
+            { }
+            finally
+            {
+                status = NativeMethods.QuerySecurityPackageInfo( packageName, ref rawInfoPtr );
+
+                if( status == SecurityStatus.OK && rawInfoPtr != IntPtr.Zero )
+                {
+                    Marshal.PtrToStructure( rawInfoPtr, info );
+                    freeStatus = NativeMethods.FreeContextBuffer( rawInfoPtr );
+                }
+            }
+
+            return info;
+        }
+
+    }
+}
diff --git a/Program.cs b/Program.cs
index e13734c..a966572 100644
--- a/Program.cs
+++ b/Program.cs
@@ -16,7 +16,9 @@ namespace NSspi
     {
         public static void Main( string[] args )
         {
-            CredTest();
+            SecPkgInfo pkgInfo = PackageSupport.GetPackageCapabilities( "Negotiate" );
+
+            //CredTest();
         }
 
         private static void IdentTest()
@@ -63,7 +65,9 @@ namespace NSspi
                     ContextAttrib.InitIdentify |
                     ContextAttrib.Confidentiality |
                     ContextAttrib.ReplayDetect |
-                    ContextAttrib.SequenceDetect
+                    ContextAttrib.SequenceDetect | 
+                    ContextAttrib.Connection |
+                    ContextAttrib.Delegate
                 );
 
                 serverCred = new ServerCredential( SecurityPackage.Negotiate );
@@ -74,7 +78,9 @@ namespace NSspi
                     ContextAttrib.AcceptIdentify |
                     ContextAttrib.Confidentiality |
                     ContextAttrib.ReplayDetect |
-                    ContextAttrib.SequenceDetect
+                    ContextAttrib.SequenceDetect |
+                    ContextAttrib.Connection |
+                    ContextAttrib.Delegate
                 );
 
                 clientToken = null;
@@ -135,6 +141,12 @@ namespace NSspi
                     throw new Exception();
                 }
 
+
+                using( server.ImpersonateClient() )
+                {
+
+                }
+
                 Console.Out.Flush();
             }
             finally
diff --git a/SecPkgInfo.cs b/SecPkgInfo.cs
new file mode 100644
index 0000000..9b85a42
--- /dev/null
+++ b/SecPkgInfo.cs
@@ -0,0 +1,75 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace NSspi
+{
+    [StructLayout( LayoutKind.Sequential )]
+    public class SecPkgInfo
+    {
+        public SecPkgCapability Capabilities;
+
+        public short Version;
+
+        public short RpcId;
+
+        public int MaxTokenLength;
+
+        [MarshalAs( UnmanagedType.LPWStr )]
+        public string Name;
+
+        [MarshalAs( UnmanagedType.LPWStr )]
+        public string Comment;
+    }
+
+    [Flags]
+    public enum SecPkgCapability : uint 
+    {
+        Integrity       = 0x1,
+
+        Privacy         = 0x2,
+
+        TokenOnly       = 0x4,
+
+        Datagram        = 0x8,
+
+        Connection      = 0x10,
+
+        MultiLeg        = 0x20,
+
+        ClientOnly      = 0x40,
+
+        ExtendedError   = 0x80,
+
+        Impersonation   = 0x100,
+
+        AcceptWin32Name = 0x200,
+
+        Stream          = 0x400,
+
+        Negotiable      = 0x800,
+
+        GssCompatible   = 0x1000,
+
+        Logon           = 0x2000,
+
+        AsciiBuffers    = 0x4000,
+
+        Fragment        = 0x8000,
+
+        MutualAuth      = 0x10000,
+
+        Delegation      = 0x20000,
+
+        ReadOnlyChecksum = 0x40000,
+
+        RestrictedTokens = 0x80000,
+
+        ExtendsNego     = 0x00100000,
+
+        Negotiable2     = 0x00200000,
+    }
+}