http://bugs.winehq.org/show_bug.cgi?id=59689 Bug ID: 59689 Summary: SEC_WINNT_AUTH_IDENTITY_EX support in AcquireCredentialsHandle Product: Wine Version: 11.7 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: secur32 Assignee: wine-bugs@list.winehq.org Reporter: winandfx@gmail.com Distribution: --- Created attachment 80794 --> http://bugs.winehq.org/attachment.cgi?id=80794 python crash log # Context I have a Python application which uses Windows DLLs so I was unable to run it on Linux. Then I've created a minimal Docker image with Wine 11.7 preinstalled https://github.com/Winand/wine-container I've used Kron4ek wine-11.7-staging-tkg-amd64 build but I think particularly for my issue it doesn't matter. My application works surprisingly well in Wine but I send notification emails via a corporate SMTP server and for authentication I use pyspnego library like it is described here https://stackoverflow.com/a/70788458. In Windows 10 there're no issues but in Wine the whole Python interpreter crashes on line:
auth = spnego.client(username, password, service="SMTP", protocol="ntlm")
I've started to investigate the problem (with the help of Gemini as it is more experienced than me) and noticed that `options=spnego.NegotiateOptions.use_ntlm` fixes the issue (because it doesn't use SSPI). # Problem I've found out that on the Python side the problem is within sspilib, specifically here: https://github.com/jborean93/pyspnego/blob/main/src/spnego/_sspi.py#L76 ``` def _get_sspi_credential( ... auth_data = sspilib.raw.WinNTAuthIdentity( ... return sspilib.raw.acquire_credentials_handle(**credential_kwargs, auth_data=auth_data).credential ``` sspilib.raw.WinNTAuthIdentity returns SEC_WINNT_AUTH_IDENTITY_EXW structure as described here https://learn.microsoft.com/en-us/windows/win32/secauthn/acquirecredentialsh... https://github.com/jborean93/sspilib/blob/main/src/sspilib/raw/_credential.p... But msv1_0.dll ntlm_SpAcquireCredentialsHandle expects SEC_WINNT_AUTH_IDENTITY_W structure https://gitlab.winehq.org/wine/wine/-/blob/master/dlls/msv1_0/main.c?ref_typ... https://gitlab.winehq.org/wine/wine/-/blob/master/dlls/secur32/lsa.c?ref_typ... In the crash log there's a line:
Unhandled exception: page fault on read access to 0x0000004800000200 in 64-bit code (0x006ffffff6746c). Gemini says that these are fields Version=0x02, Length=0x48(72 bytes) from SEC_WINNT_AUTH_IDENTITY_EXW. I'm not experienced enough to confirm this statement.
So I think the problem is that ntlm_SpAcquireCredentialsHandle doesn't support SEC_WINNT_AUTH_IDENTITY_EXW. The crash can be easily reproduced using just one line of code in my wine-container described at the beginning: $ WINEDEBUG=+secur32,+ntlm,+msv1_0 wine python3.12 -c 'from spnego._sspi import SSPIProxy; sspi = SSPIProxy("test@corp.com", "1234", "unspecified", "host")' -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.