[PATCH] secur32: implement the SECPKG_ATTR_UNIQUE_BINDINGS context attribute - Wine-devel - list.winehq.org

newer
[PATCH 1/6] widl: Remove...

[PATCH] secur32: implement the SECPKG_ATTR_UNIQUE_BINDINGS context attribute

older
[PATCH 1/6] winegstreamer: Avoid...

Damjan Jovanovic

26 Jan 2021 26 Jan '21

9:14 a.m.

.NET's System.Data.SqlClient needs this to connect to MSSQL Server. A MacOSX implementation doesn't appear to be possible. Signed-off-by: Damjan Jovanovic <damjan.jov(a)gmail.com> --- dlls/secur32/schannel.c | 7 ++++++ dlls/secur32/schannel_gnutls.c | 41 ++++++++++++++++++++++++++++++++++ dlls/secur32/schannel_macosx.c | 6 +++++ dlls/secur32/secur32_priv.h | 2 ++ dlls/secur32/tests/schannel.c | 26 +++++++++++++++++++++ 5 files changed, 82 insertions(+)

Attachments:

0001-secur32-implement-the-SECPKG_ATTR_UNIQUE_BINDINGS-cont.txt (text/plain — 8.3 KB)

Reply

Sign in to reply online Use email software

Show replies by date

Dmitry Timoshkov

26 Jan 26 Jan

9:26 a.m.

Damjan Jovanovic <damjan.jov(a)gmail.com> wrote:

+SECURITY_STATUS schan_imp_get_unique_channel_binding(schan_imp_session session, + SecPkgContext_Bindings *bindings) +{ + static const char prefix[] = "tls-unique:"; + gnutls_datum_t datum; + int rc; + SECURITY_STATUS ret; + char *p; + gnutls_session_t s = (gnutls_session_t)session; + + rc = pgnutls_session_channel_binding(s, GNUTLS_CB_TLS_UNIQUE, &datum); + if (rc) + { + pgnutls_perror(rc); + ret = SEC_E_INTERNAL_ERROR; + } + else + { + bindings->BindingsLength = sizeof(SEC_CHANNEL_BINDINGS) + sizeof(prefix)-1 + datum.size; + bindings->Bindings = heap_alloc_zero(bindings->BindingsLength); + if (!bindings->Bindings) + ret = SEC_E_INSUFFICIENT_MEMORY; + else + { + bindings->Bindings->cbApplicationDataLength = sizeof(prefix)-1 + datum.size; + bindings->Bindings->dwApplicationDataOffset = sizeof(SEC_CHANNEL_BINDINGS); + p = (char*)(bindings->Bindings+1); + memcpy(p, prefix, sizeof(prefix)-1); + p += sizeof(prefix)-1; + memcpy(p, datum.data, datum.size); + ret = SEC_E_OK; + } + } + (*pgnutls_free)(datum.data); + return ret; +}

Does it make sense to call gnutls_free() if gnutls_session_channel_binding() fails? If not, then the indentation could be simplified to return right after the initial failure. -- Dmitry.

Reply

Sign in to reply online Use email software

Damjan Jovanovic

10:21 a.m.

On Tue, Jan 26, 2021 at 11:26 AM Dmitry Timoshkov <dmitry(a)baikal.ru> wrote:

Does it make sense to call gnutls_free() if gnutls_session_channel_binding() fails? If not, then the indentation could be simplified to return right after the initial failure.

-- Dmitry.

Thank you, resent. Damjan

Reply

Sign in to reply online Use email software

1871

Age (days ago)

1871

Last active (days ago)

Download

2 comments

2 participants

tags

participants (2)

Damjan Jovanovic
Dmitry Timoshkov