wine-commits March 2011

wine-commits@winehq.org

2 participants
849 discussions

Ken Thomases : secur32: Extract GnuTLS-isms from schan_pull to schan_pull_adapter.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: 194aaef7cd78ff9f5980abc385c508cdb410d039 URL: http://source.winehq.org/git/wine.git/?a=commit;h=194aaef7cd78ff9f5980abc38… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:58:00 2011 -0500 secur32: Extract GnuTLS-isms from schan_pull to schan_pull_adapter. --- dlls/secur32/schannel.c | 82 +++++++++++++++++++++++++++++++++++----------- 1 files changed, 62 insertions(+), 20 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index d97d2f6..9a6864f 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -75,6 +75,27 @@ MAKE_FUNCPTR(gnutls_transport_set_push_function); struct schan_transport; +static int schan_pull(struct schan_transport *t, void *buff, size_t *buff_len); + +static gnutls_session_t schan_session_for_transport(struct schan_transport* t); + + +static ssize_t schan_pull_adapter(gnutls_transport_ptr_t transport, + void *buff, size_t buff_len) +{ + struct schan_transport *t = (struct schan_transport*)transport; + gnutls_session_t s = schan_session_for_transport(t); + + int ret = schan_pull(transport, buff, &buff_len); + if (ret) + { + pgnutls_transport_set_errno(s, ret); + return -1; + } + + return buff_len; +} + static BOOL schan_imp_create_session(gnutls_session_t *s, BOOL is_server) { int err = pgnutls_init(s, is_server ? GNUTLS_SERVER : GNUTLS_CLIENT); @@ -827,36 +848,52 @@ static char *schan_get_buffer(const struct schan_transport *t, struct schan_buff return (char *)buffer->pvBuffer + s->offset; } -static ssize_t schan_pull(gnutls_transport_ptr_t transport, void *buff, size_t buff_len) +/* schan_pull + * Read data from the transport input buffer. + * + * t - The session transport object. + * buff - The buffer into which to store the read data. Must be at least + * *buff_len bytes in length. + * buff_len - On input, *buff_len is the desired length to read. On successful + * return, *buff_len is the number of bytes actually read. + * + * Returns: + * 0 on success, in which case: + * *buff_len == 0 indicates end of file. + * *buff_len > 0 indicates that some data was read. May be less than + * what was requested, in which case the caller should call again if/ + * when they want more. + * EAGAIN when no data could be read without blocking + * another errno-style error value on failure + * + */ +static int schan_pull(struct schan_transport *t, void *buff, size_t *buff_len) { - struct schan_transport *t = transport; char *b; + size_t local_len = *buff_len; + + TRACE("Pull %zu bytes\n", local_len); - TRACE("Pull %zu bytes\n", buff_len); + *buff_len = 0; - b = schan_get_buffer(t, &t->in, &buff_len); + b = schan_get_buffer(t, &t->in, &local_len); if (!b) - { - pgnutls_transport_set_errno(t->ctx->session, EAGAIN); - return -1; - } + return EAGAIN; - if (t->in.limit != 0 && t->in.offset + buff_len >= t->in.limit) + if (t->in.limit != 0 && t->in.offset + local_len >= t->in.limit) { - buff_len = t->in.limit - t->in.offset; - if (buff_len == 0) - { - pgnutls_transport_set_errno(t->ctx->session, EAGAIN); - return -1; - } + local_len = t->in.limit - t->in.offset; + if (local_len == 0) + return EAGAIN; } - memcpy(buff, b, buff_len); - t->in.offset += buff_len; + memcpy(buff, b, local_len); + t->in.offset += local_len; - TRACE("Read %zu bytes\n", buff_len); + TRACE("Read %zu bytes\n", local_len); - return buff_len; + *buff_len = local_len; + return 0; } static ssize_t schan_push(gnutls_transport_ptr_t transport, const void *buff, size_t buff_len) @@ -881,6 +918,11 @@ static ssize_t schan_push(gnutls_transport_ptr_t transport, const void *buff, si return buff_len; } +static gnutls_session_t schan_session_for_transport(struct schan_transport* t) +{ + return t->ctx->session; +} + static int schan_init_sec_ctx_get_next_buffer(const struct schan_transport *t, struct schan_buffers *s) { if (s->current_buffer_idx == -1) @@ -982,7 +1024,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( HeapFree(GetProcessHeap(), 0, ctx); } - pgnutls_transport_set_pull_function(ctx->session, schan_pull); + pgnutls_transport_set_pull_function(ctx->session, schan_pull_adapter); pgnutls_transport_set_push_function(ctx->session, schan_push); phNewContext->dwLower = handle;

1 0

Ken Thomases : secur32: Extract schan_imp_create/dispose_session functions.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: aeefb8188d3283b49329689c5c9083f7fb8a4c47 URL: http://source.winehq.org/git/wine.git/?a=commit;h=aeefb8188d3283b49329689c5… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:57 2011 -0500 secur32: Extract schan_imp_create/dispose_session functions. --- dlls/secur32/schannel.c | 48 ++++++++++++++++++++++++++++++---------------- 1 files changed, 31 insertions(+), 17 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 794f36b..d97d2f6 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -75,6 +75,33 @@ MAKE_FUNCPTR(gnutls_transport_set_push_function); struct schan_transport; +static BOOL schan_imp_create_session(gnutls_session_t *s, BOOL is_server) +{ + int err = pgnutls_init(s, is_server ? GNUTLS_SERVER : GNUTLS_CLIENT); + if (err != GNUTLS_E_SUCCESS) + { + pgnutls_perror(err); + return FALSE; + } + + /* FIXME: We should be using the information from the credentials here. */ + FIXME("Using hardcoded \"NORMAL\" priority\n"); + err = pgnutls_set_default_priority(*s); + if (err != GNUTLS_E_SUCCESS) + { + pgnutls_perror(err); + pgnutls_deinit(*s); + return FALSE; + } + + return TRUE; +} + +static void schan_imp_dispose_session(gnutls_session_t s) +{ + pgnutls_deinit(s); +} + static void schan_imp_set_session_transport(gnutls_session_t s, struct schan_transport *t) { @@ -939,31 +966,18 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( return SEC_E_INTERNAL_ERROR; } - err = pgnutls_init(&ctx->session, GNUTLS_CLIENT); - if (err != GNUTLS_E_SUCCESS) + if (!schan_imp_create_session(&ctx->session, FALSE)) { - pgnutls_perror(err); schan_free_handle(handle, SCHAN_HANDLE_CTX); HeapFree(GetProcessHeap(), 0, ctx); return SEC_E_INTERNAL_ERROR; } - /* FIXME: We should be using the information from the credentials here. */ - FIXME("Using hardcoded \"NORMAL\" priority\n"); - err = pgnutls_set_default_priority(ctx->session); - if (err != GNUTLS_E_SUCCESS) - { - pgnutls_perror(err); - pgnutls_deinit(ctx->session); - schan_free_handle(handle, SCHAN_HANDLE_CTX); - HeapFree(GetProcessHeap(), 0, ctx); - } - err = pgnutls_credentials_set(ctx->session, GNUTLS_CRD_CERTIFICATE, cred->credentials); if (err != GNUTLS_E_SUCCESS) { pgnutls_perror(err); - pgnutls_deinit(ctx->session); + schan_imp_dispose_session(ctx->session); schan_free_handle(handle, SCHAN_HANDLE_CTX); HeapFree(GetProcessHeap(), 0, ctx); } @@ -1401,7 +1415,7 @@ static SECURITY_STATUS SEC_ENTRY schan_DeleteSecurityContext(PCtxtHandle context ctx = schan_free_handle(context_handle->dwLower, SCHAN_HANDLE_CTX); if (!ctx) return SEC_E_INVALID_HANDLE; - pgnutls_deinit(ctx->session); + schan_imp_dispose_session(ctx->session); HeapFree(GetProcessHeap(), 0, ctx); return SEC_E_OK; @@ -1601,7 +1615,7 @@ void SECUR32_deinitSchannelSP(void) if (schan_handle_table[i].type == SCHAN_HANDLE_CTX) { struct schan_context *ctx = schan_free_handle(i, SCHAN_HANDLE_CTX); - pgnutls_deinit(ctx->session); + schan_imp_dispose_session(ctx->session); HeapFree(GetProcessHeap(), 0, ctx); } }

1 0

Ken Thomases : secur32: Extract schan_imp_set_session_transport function.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: d7fe60c5b6f1f0291c26a6fbb66a46ddff4bde43 URL: http://source.winehq.org/git/wine.git/?a=commit;h=d7fe60c5b6f1f0291c26a6fbb… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:52 2011 -0500 secur32: Extract schan_imp_set_session_transport function. --- dlls/secur32/schannel.c | 17 ++++++++++++----- 1 files changed, 12 insertions(+), 5 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 4e360fa..794f36b 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -72,6 +72,15 @@ MAKE_FUNCPTR(gnutls_transport_set_push_function); #undef MAKE_FUNCPTR +struct schan_transport; + + +static void schan_imp_set_session_transport(gnutls_session_t s, + struct schan_transport *t) +{ + pgnutls_transport_set_ptr(s, (gnutls_transport_ptr_t)t); +} + static SECURITY_STATUS schan_imp_handshake(gnutls_session_t s) { int err = pgnutls_handshake(s); @@ -306,8 +315,6 @@ struct schan_context ULONG req_ctx_attr; }; -struct schan_transport; - struct schan_buffers { SIZE_T offset; @@ -977,7 +984,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( transport.ctx = ctx; init_schan_buffers(&transport.in, pInput, schan_init_sec_ctx_get_next_buffer); init_schan_buffers(&transport.out, pOutput, schan_init_sec_ctx_get_next_buffer); - pgnutls_transport_set_ptr(ctx->session, &transport); + schan_imp_set_session_transport(ctx->session, &transport); /* Perform the TLS handshake */ ret = schan_imp_handshake(ctx->session); @@ -1192,7 +1199,7 @@ static SECURITY_STATUS SEC_ENTRY schan_EncryptMessage(PCtxtHandle context_handle init_schan_buffers(&transport.out, message, schan_encrypt_message_get_next_buffer); else init_schan_buffers(&transport.out, message, schan_encrypt_message_get_next_buffer_token); - pgnutls_transport_set_ptr(ctx->session, &transport); + schan_imp_set_session_transport(ctx->session, &transport); while (sent < data_size) { @@ -1334,7 +1341,7 @@ static SECURITY_STATUS SEC_ENTRY schan_DecryptMessage(PCtxtHandle context_handle init_schan_buffers(&transport.in, message, schan_decrypt_message_get_next_buffer); transport.in.limit = expected_size; init_schan_buffers(&transport.out, NULL, NULL); - pgnutls_transport_set_ptr(ctx->session, (gnutls_transport_ptr_t)&transport); + schan_imp_set_session_transport(ctx->session, &transport); while (received < data_size) {

1 0

Ken Thomases : secur32: Extract schan_imp_handshake function.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: 3608fe03a99a33507a73a19325168943578472f1 URL: http://source.winehq.org/git/wine.git/?a=commit;h=3608fe03a99a33507a73a1932… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:33 2011 -0500 secur32: Extract schan_imp_handshake function. --- dlls/secur32/schannel.c | 58 +++++++++++++++++++++++++++------------------- 1 files changed, 34 insertions(+), 24 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index ae12b8e..4e360fa 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -72,6 +72,37 @@ MAKE_FUNCPTR(gnutls_transport_set_push_function); #undef MAKE_FUNCPTR +static SECURITY_STATUS schan_imp_handshake(gnutls_session_t s) +{ + int err = pgnutls_handshake(s); + switch(err) + { + case GNUTLS_E_SUCCESS: + TRACE("Handshake completed\n"); + return SEC_E_OK; + + case GNUTLS_E_AGAIN: + TRACE("Continue...\n"); + return SEC_I_CONTINUE_NEEDED; + + case GNUTLS_E_WARNING_ALERT_RECEIVED: + case GNUTLS_E_FATAL_ALERT_RECEIVED: + { + gnutls_alert_description_t alert = pgnutls_alert_get(s); + const char *alert_name = pgnutls_alert_get_name(alert); + WARN("ALERT: %d %s\n", alert, alert_name); + return SEC_E_INTERNAL_ERROR; + } + + default: + pgnutls_perror(err); + return SEC_E_INTERNAL_ERROR; + } + + /* Never reached */ + return SEC_E_OK; +} + static unsigned int schannel_get_cipher_block_size(gnutls_cipher_algorithm_t cipher) { const struct @@ -867,6 +898,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( struct schan_credentials *cred; struct schan_transport transport; int err; + SECURITY_STATUS ret; TRACE("%p %p %s 0x%08x %d %d %p %d %p %p %p %p\n", phCredential, phContext, debugstr_w(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput, @@ -948,7 +980,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( pgnutls_transport_set_ptr(ctx->session, &transport); /* Perform the TLS handshake */ - err = pgnutls_handshake(ctx->session); + ret = schan_imp_handshake(ctx->session); if(transport.in.offset && transport.in.offset != pInput->pBuffers[0].cbBuffer) { if(pInput->cBuffers<2 || pInput->pBuffers[1].BufferType!=SECBUFFER_EMPTY) @@ -969,29 +1001,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( if (ctx->req_ctx_attr & ISC_REQ_ALLOCATE_MEMORY) *pfContextAttr |= ISC_RET_ALLOCATED_MEMORY; - switch(err) - { - case GNUTLS_E_SUCCESS: - TRACE("Handshake completed\n"); - return SEC_E_OK; - - case GNUTLS_E_AGAIN: - TRACE("Continue...\n"); - return SEC_I_CONTINUE_NEEDED; - - case GNUTLS_E_WARNING_ALERT_RECEIVED: - case GNUTLS_E_FATAL_ALERT_RECEIVED: - { - gnutls_alert_description_t alert = pgnutls_alert_get(ctx->session); - const char *alert_name = pgnutls_alert_get_name(alert); - WARN("ALERT: %d %s\n", alert, alert_name); - return SEC_E_INTERNAL_ERROR; - } - - default: - pgnutls_perror(err); - return SEC_E_INTERNAL_ERROR; - } + return ret; } /***********************************************************************

1 0

Ken Thomases : secur32: Use schan_imp_get_connection_info to get MAC size.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: 842e0a5316225accc75cf472a51de9c20efe4857 URL: http://source.winehq.org/git/wine.git/?a=commit;h=842e0a5316225accc75cf472a… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:29 2011 -0500 secur32: Use schan_imp_get_connection_info to get MAC size. --- dlls/secur32/schannel.c | 33 +++++++++++++++++++-------------- 1 files changed, 19 insertions(+), 14 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 7b00c1d..ae12b8e 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -1041,20 +1041,25 @@ static SECURITY_STATUS SEC_ENTRY schan_QueryContextAttributesW( { case SECPKG_ATTR_STREAM_SIZES: { - SecPkgContext_StreamSizes *stream_sizes = buffer; - gnutls_mac_algorithm_t mac = pgnutls_mac_get(ctx->session); - size_t mac_size = pgnutls_mac_get_key_size(mac); - unsigned int block_size = schan_imp_get_session_cipher_block_size(ctx->session); - - TRACE("Using %zu mac bytes, block size %u\n", mac_size, block_size); - - /* These are defined by the TLS RFC */ - stream_sizes->cbHeader = 5; - stream_sizes->cbTrailer = mac_size + 256; /* Max 255 bytes padding + 1 for padding size */ - stream_sizes->cbMaximumMessage = 1 << 14; - stream_sizes->cbBuffers = 4; - stream_sizes->cbBlockSize = block_size; - return SEC_E_OK; + SecPkgContext_ConnectionInfo info; + SECURITY_STATUS status = schan_imp_get_connection_info(ctx->session, &info); + if (status == SEC_E_OK) + { + SecPkgContext_StreamSizes *stream_sizes = buffer; + size_t mac_size = info.dwHashStrength; + unsigned int block_size = schan_imp_get_session_cipher_block_size(ctx->session); + + TRACE("Using %zu mac bytes, block size %u\n", mac_size, block_size); + + /* These are defined by the TLS RFC */ + stream_sizes->cbHeader = 5; + stream_sizes->cbTrailer = mac_size + 256; /* Max 255 bytes padding + 1 for padding size */ + stream_sizes->cbMaximumMessage = 1 << 14; + stream_sizes->cbBuffers = 4; + stream_sizes->cbBlockSize = block_size; + } + + return status; } case SECPKG_ATTR_REMOTE_CERT_CONTEXT: {

1 0

Ken Thomases : secur32: Extract schan_imp_get_connection_info function.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: f7e598cfc866da7457f9160065987422ccd01ede URL: http://source.winehq.org/git/wine.git/?a=commit;h=f7e598cfc866da7457f916006… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:25 2011 -0500 secur32: Extract schan_imp_get_connection_info function. --- dlls/secur32/schannel.c | 34 ++++++++++++++++++++-------------- 1 files changed, 20 insertions(+), 14 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index dd1858d..7b00c1d 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -174,6 +174,25 @@ static unsigned int schan_imp_get_session_cipher_block_size(gnutls_session_t s) return schannel_get_cipher_block_size(cipher); } +static SECURITY_STATUS schan_imp_get_connection_info(gnutls_session_t s, + SecPkgContext_ConnectionInfo *info) +{ + gnutls_protocol_t proto = pgnutls_protocol_get_version(s); + gnutls_cipher_algorithm_t alg = pgnutls_cipher_get(s); + gnutls_mac_algorithm_t mac = pgnutls_mac_get(s); + gnutls_kx_algorithm_t kx = pgnutls_kx_get(s); + + info->dwProtocol = schannel_get_protocol(proto); + info->aiCipher = schannel_get_cipher_algid(alg); + info->dwCipherStrength = pgnutls_cipher_get_key_size(alg); + info->aiHash = schannel_get_mac_algid(mac); + info->dwHashStrength = pgnutls_mac_get_key_size(mac); + info->aiExch = schannel_get_kx_algid(kx); + /* FIXME: info->dwExchStrength? */ + info->dwExchStrength = 0; + return SEC_E_OK; +} + static SECURITY_STATUS schan_imp_get_session_peer_certificate(gnutls_session_t s, PCCERT_CONTEXT *cert) { @@ -1045,20 +1064,7 @@ static SECURITY_STATUS SEC_ENTRY schan_QueryContextAttributesW( case SECPKG_ATTR_CONNECTION_INFO: { SecPkgContext_ConnectionInfo *info = buffer; - gnutls_protocol_t proto = pgnutls_protocol_get_version(ctx->session); - gnutls_cipher_algorithm_t alg = pgnutls_cipher_get(ctx->session); - gnutls_mac_algorithm_t mac = pgnutls_mac_get(ctx->session); - gnutls_kx_algorithm_t kx = pgnutls_kx_get(ctx->session); - - info->dwProtocol = schannel_get_protocol(proto); - info->aiCipher = schannel_get_cipher_algid(alg); - info->dwCipherStrength = pgnutls_cipher_get_key_size(alg); - info->aiHash = schannel_get_mac_algid(mac); - info->dwHashStrength = pgnutls_mac_get_key_size(mac); - info->aiExch = schannel_get_kx_algid(kx); - /* FIXME: info->dwExchStrength? */ - info->dwExchStrength = 0; - return SEC_E_OK; + return schan_imp_get_connection_info(ctx->session, info); } default:

1 0

Ken Thomases : secur32: Extract schan_imp_get_session_cipher_block_size function.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: ccae072a3c303e1ff53416e6f4a8799de0489cd2 URL: http://source.winehq.org/git/wine.git/?a=commit;h=ccae072a3c303e1ff53416e6f… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:22 2011 -0500 secur32: Extract schan_imp_get_session_cipher_block_size function. --- dlls/secur32/schannel.c | 9 +++++++-- 1 files changed, 7 insertions(+), 2 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 8739187..dd1858d 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -168,6 +168,12 @@ static ALG_ID schannel_get_kx_algid(gnutls_kx_algorithm_t kx) } } +static unsigned int schan_imp_get_session_cipher_block_size(gnutls_session_t s) +{ + gnutls_cipher_algorithm_t cipher = pgnutls_cipher_get(s); + return schannel_get_cipher_block_size(cipher); +} + static SECURITY_STATUS schan_imp_get_session_peer_certificate(gnutls_session_t s, PCCERT_CONTEXT *cert) { @@ -1019,8 +1025,7 @@ static SECURITY_STATUS SEC_ENTRY schan_QueryContextAttributesW( SecPkgContext_StreamSizes *stream_sizes = buffer; gnutls_mac_algorithm_t mac = pgnutls_mac_get(ctx->session); size_t mac_size = pgnutls_mac_get_key_size(mac); - gnutls_cipher_algorithm_t cipher = pgnutls_cipher_get(ctx->session); - unsigned int block_size = schannel_get_cipher_block_size(cipher); + unsigned int block_size = schan_imp_get_session_cipher_block_size(ctx->session); TRACE("Using %zu mac bytes, block size %u\n", mac_size, block_size);

1 0

Ken Thomases : secur32: Move some GnuTLS-specific helper functions.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: 1b225a012ee1bb060d391d88acab2a8fc220b908 URL: http://source.winehq.org/git/wine.git/?a=commit;h=1b225a012ee1bb060d391d88a… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:19 2011 -0500 secur32: Move some GnuTLS-specific helper functions. --- dlls/secur32/schannel.c | 192 +++++++++++++++++++++++----------------------- 1 files changed, 96 insertions(+), 96 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index ac3fa7f..8739187 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -72,6 +72,102 @@ MAKE_FUNCPTR(gnutls_transport_set_push_function); #undef MAKE_FUNCPTR +static unsigned int schannel_get_cipher_block_size(gnutls_cipher_algorithm_t cipher) +{ + const struct + { + gnutls_cipher_algorithm_t cipher; + unsigned int block_size; + } + algorithms[] = + { + {GNUTLS_CIPHER_3DES_CBC, 8}, + {GNUTLS_CIPHER_AES_128_CBC, 16}, + {GNUTLS_CIPHER_AES_256_CBC, 16}, + {GNUTLS_CIPHER_ARCFOUR_128, 1}, + {GNUTLS_CIPHER_ARCFOUR_40, 1}, + {GNUTLS_CIPHER_DES_CBC, 8}, + {GNUTLS_CIPHER_NULL, 1}, + {GNUTLS_CIPHER_RC2_40_CBC, 8}, + }; + unsigned int i; + + for (i = 0; i < sizeof(algorithms) / sizeof(*algorithms); ++i) + { + if (algorithms[i].cipher == cipher) + return algorithms[i].block_size; + } + + FIXME("Unknown cipher %#x, returning 1\n", cipher); + + return 1; +} + +static DWORD schannel_get_protocol(gnutls_protocol_t proto) +{ + /* FIXME: currently schannel only implements client connections, but + * there's no reason it couldn't be used for servers as well. The + * context doesn't tell us which it is, so assume client for now. + */ + switch (proto) + { + case GNUTLS_SSL3: return SP_PROT_SSL3_CLIENT; + case GNUTLS_TLS1_0: return SP_PROT_TLS1_CLIENT; + default: + FIXME("unknown protocol %d\n", proto); + return 0; + } +} + +static ALG_ID schannel_get_cipher_algid(gnutls_cipher_algorithm_t cipher) +{ + switch (cipher) + { + case GNUTLS_CIPHER_UNKNOWN: + case GNUTLS_CIPHER_NULL: return 0; + case GNUTLS_CIPHER_ARCFOUR_40: + case GNUTLS_CIPHER_ARCFOUR_128: return CALG_RC4; + case GNUTLS_CIPHER_DES_CBC: + case GNUTLS_CIPHER_3DES_CBC: return CALG_DES; + case GNUTLS_CIPHER_AES_128_CBC: + case GNUTLS_CIPHER_AES_256_CBC: return CALG_AES; + case GNUTLS_CIPHER_RC2_40_CBC: return CALG_RC2; + default: + FIXME("unknown algorithm %d\n", cipher); + return 0; + } +} + +static ALG_ID schannel_get_mac_algid(gnutls_mac_algorithm_t mac) +{ + switch (mac) + { + case GNUTLS_MAC_UNKNOWN: + case GNUTLS_MAC_NULL: return 0; + case GNUTLS_MAC_MD5: return CALG_MD5; + case GNUTLS_MAC_SHA1: + case GNUTLS_MAC_SHA256: + case GNUTLS_MAC_SHA384: + case GNUTLS_MAC_SHA512: return CALG_SHA; + default: + FIXME("unknown algorithm %d\n", mac); + return 0; + } +} + +static ALG_ID schannel_get_kx_algid(gnutls_kx_algorithm_t kx) +{ + switch (kx) + { + case GNUTLS_KX_RSA: return CALG_RSA_KEYX; + case GNUTLS_KX_DHE_DSS: + case GNUTLS_KX_DHE_RSA: return CALG_DH_EPHEM; + default: + FIXME("unknown algorithm %d\n", kx); + return 0; + } +} + static SECURITY_STATUS schan_imp_get_session_peer_certificate(gnutls_session_t s, PCCERT_CONTEXT *cert) { @@ -905,102 +1001,6 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextA( return ret; } -static unsigned int schannel_get_cipher_block_size(gnutls_cipher_algorithm_t cipher) -{ - const struct - { - gnutls_cipher_algorithm_t cipher; - unsigned int block_size; - } - algorithms[] = - { - {GNUTLS_CIPHER_3DES_CBC, 8}, - {GNUTLS_CIPHER_AES_128_CBC, 16}, - {GNUTLS_CIPHER_AES_256_CBC, 16}, - {GNUTLS_CIPHER_ARCFOUR_128, 1}, - {GNUTLS_CIPHER_ARCFOUR_40, 1}, - {GNUTLS_CIPHER_DES_CBC, 8}, - {GNUTLS_CIPHER_NULL, 1}, - {GNUTLS_CIPHER_RC2_40_CBC, 8}, - }; - unsigned int i; - - for (i = 0; i < sizeof(algorithms) / sizeof(*algorithms); ++i) - { - if (algorithms[i].cipher == cipher) - return algorithms[i].block_size; - } - - FIXME("Unknown cipher %#x, returning 1\n", cipher); - - return 1; -} - -static DWORD schannel_get_protocol(gnutls_protocol_t proto) -{ - /* FIXME: currently schannel only implements client connections, but - * there's no reason it couldn't be used for servers as well. The - * context doesn't tell us which it is, so assume client for now. - */ - switch (proto) - { - case GNUTLS_SSL3: return SP_PROT_SSL3_CLIENT; - case GNUTLS_TLS1_0: return SP_PROT_TLS1_CLIENT; - default: - FIXME("unknown protocol %d\n", proto); - return 0; - } -} - -static ALG_ID schannel_get_cipher_algid(gnutls_cipher_algorithm_t cipher) -{ - switch (cipher) - { - case GNUTLS_CIPHER_UNKNOWN: - case GNUTLS_CIPHER_NULL: return 0; - case GNUTLS_CIPHER_ARCFOUR_40: - case GNUTLS_CIPHER_ARCFOUR_128: return CALG_RC4; - case GNUTLS_CIPHER_DES_CBC: - case GNUTLS_CIPHER_3DES_CBC: return CALG_DES; - case GNUTLS_CIPHER_AES_128_CBC: - case GNUTLS_CIPHER_AES_256_CBC: return CALG_AES; - case GNUTLS_CIPHER_RC2_40_CBC: return CALG_RC2; - default: - FIXME("unknown algorithm %d\n", cipher); - return 0; - } -} - -static ALG_ID schannel_get_mac_algid(gnutls_mac_algorithm_t mac) -{ - switch (mac) - { - case GNUTLS_MAC_UNKNOWN: - case GNUTLS_MAC_NULL: return 0; - case GNUTLS_MAC_MD5: return CALG_MD5; - case GNUTLS_MAC_SHA1: - case GNUTLS_MAC_SHA256: - case GNUTLS_MAC_SHA384: - case GNUTLS_MAC_SHA512: return CALG_SHA; - default: - FIXME("unknown algorithm %d\n", mac); - return 0; - } -} - -static ALG_ID schannel_get_kx_algid(gnutls_kx_algorithm_t kx) -{ - switch (kx) - { - case GNUTLS_KX_RSA: return CALG_RSA_KEYX; - case GNUTLS_KX_DHE_DSS: - case GNUTLS_KX_DHE_RSA: return CALG_DH_EPHEM; - default: - FIXME("unknown algorithm %d\n", kx); - return 0; - } -} - static SECURITY_STATUS SEC_ENTRY schan_QueryContextAttributesW( PCtxtHandle context_handle, ULONG attribute, PVOID buffer) {

1 0

Ken Thomases : secur32: Extract schan_imp_get_session_peer_certificate function.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: 12195b32dffcb5f0b1ce672f5088923e4049fd75 URL: http://source.winehq.org/git/wine.git/?a=commit;h=12195b32dffcb5f0b1ce672f5… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:15 2011 -0500 secur32: Extract schan_imp_get_session_peer_certificate function. --- dlls/secur32/schannel.c | 39 ++++++++++++++++++++++----------------- 1 files changed, 22 insertions(+), 17 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index b8aaaad..ac3fa7f 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -72,6 +72,26 @@ MAKE_FUNCPTR(gnutls_transport_set_push_function); #undef MAKE_FUNCPTR +static SECURITY_STATUS schan_imp_get_session_peer_certificate(gnutls_session_t s, + PCCERT_CONTEXT *cert) +{ + unsigned int list_size; + const gnutls_datum_t *datum; + + datum = pgnutls_certificate_get_peers(s, &list_size); + if (datum) + { + *cert = CertCreateCertificateContext(X509_ASN_ENCODING, datum->data, + datum->size); + if (!*cert) + return GetLastError(); + else + return SEC_E_OK; + } + else + return SEC_E_INTERNAL_ERROR; +} + static SECURITY_STATUS schan_imp_send(gnutls_session_t s, const void *buffer, size_t *length) { @@ -1014,23 +1034,8 @@ static SECURITY_STATUS SEC_ENTRY schan_QueryContextAttributesW( } case SECPKG_ATTR_REMOTE_CERT_CONTEXT: { - unsigned int list_size; - const gnutls_datum_t *datum; - - datum = pgnutls_certificate_get_peers(ctx->session, &list_size); - if (datum) - { - PCCERT_CONTEXT *cert = buffer; - - *cert = CertCreateCertificateContext(X509_ASN_ENCODING, - datum->data, datum->size); - if (!*cert) - return GetLastError(); - else - return SEC_E_OK; - } - else - return SEC_E_INTERNAL_ERROR; + PCCERT_CONTEXT *cert = buffer; + return schan_imp_get_session_peer_certificate(ctx->session, cert); } case SECPKG_ATTR_CONNECTION_INFO: {

1 0

Ken Thomases : secur32: Extract schan_imp_recv function.
by Alexandre Julliard 14 Mar '11

14 Mar '11

Module: wine Branch: master Commit: 9b85662fec901e19ee90cfdf601e50c1aaba5938 URL: http://source.winehq.org/git/wine.git/?a=commit;h=9b85662fec901e19ee90cfdf6… Author: Ken Thomases <ken(a)codeweavers.com> Date: Sun Mar 13 18:57:08 2011 -0500 secur32: Extract schan_imp_recv function. --- dlls/secur32/schannel.c | 52 ++++++++++++++++++++++++++++------------------ 1 files changed, 32 insertions(+), 20 deletions(-) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 3a7113e..b8aaaad 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -89,6 +89,23 @@ static SECURITY_STATUS schan_imp_send(gnutls_session_t s, const void *buffer, return SEC_E_OK; } +static SECURITY_STATUS schan_imp_recv(gnutls_session_t s, void *buffer, + size_t *length) +{ + ssize_t ret = pgnutls_record_recv(s, buffer, *length); + if (ret >= 0) + *length = ret; + else if (ret == GNUTLS_E_AGAIN) + return SEC_I_CONTINUE_NEEDED; + else + { + pgnutls_perror(ret); + return SEC_E_INTERNAL_ERROR; + } + + return SEC_E_OK; +} + #define SCHAN_INVALID_HANDLE ~0UL @@ -1245,7 +1262,6 @@ static SECURITY_STATUS SEC_ENTRY schan_DecryptMessage(PCtxtHandle context_handle char *data; unsigned expected_size; ssize_t received = 0; - ssize_t ret; int idx; unsigned char *buf_ptr; @@ -1291,32 +1307,28 @@ static SECURITY_STATUS SEC_ENTRY schan_DecryptMessage(PCtxtHandle context_handle while (received < data_size) { - ret = pgnutls_record_recv(ctx->session, data + received, data_size - received); - if (ret < 0) + size_t length = data_size - received; + SECURITY_STATUS status = schan_imp_recv(ctx->session, data + received, &length); + if (status == SEC_I_CONTINUE_NEEDED) { - if (ret == GNUTLS_E_AGAIN) + if (!received) { - if (!received) - { - pgnutls_perror(ret); - HeapFree(GetProcessHeap(), 0, data); - TRACE("Returning SEC_E_INCOMPLETE_MESSAGE\n"); - return SEC_E_INCOMPLETE_MESSAGE; - } - break; - } - else - { - pgnutls_perror(ret); HeapFree(GetProcessHeap(), 0, data); - ERR("Returning SEC_E_INTERNAL_ERROR\n"); - return SEC_E_INTERNAL_ERROR; + TRACE("Returning SEC_E_INCOMPLETE_MESSAGE\n"); + return SEC_E_INCOMPLETE_MESSAGE; } + break; + } + else if (status != SEC_E_OK) + { + HeapFree(GetProcessHeap(), 0, data); + ERR("Returning %d\n", status); + return status; } - else if (!ret) + else if (!length) break; - received += ret; + received += length; } TRACE("Received %zd bytes\n", received);

1 0

← Newer
1
...
43
44
45
46
47
48
49
...
85
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

wine-commits March 2011