wine-commits May 2022

wine-commits@winehq.org

2 participants
907 discussions

Roman Pišl : tapi32: Add lineGetCallInfoW stub.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: 5f3a0156d1e0ed014fca355cf1ec50120d6f8fce URL: https://source.winehq.org/git/wine.git/?a=commit;h=5f3a0156d1e0ed014fca355c… Author: Roman Pišl <rpisl(a)seznam.cz> Date: Sat May 28 13:18:01 2022 +0200 tapi32: Add lineGetCallInfoW stub. Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=53061 Signed-off-by: Roman Pišl <rpisl(a)seznam.cz> Signed-off-by: Alexandre Julliard <julliard(a)winehq.org> --- dlls/tapi32/line.c | 9 +++++++++ dlls/tapi32/tapi32.spec | 1 + 2 files changed, 10 insertions(+) diff --git a/dlls/tapi32/line.c b/dlls/tapi32/line.c index 75bfe837f3d..2dbca2aba3e 100644 --- a/dlls/tapi32/line.c +++ b/dlls/tapi32/line.c @@ -296,6 +296,15 @@ DWORD WINAPI lineGetCallInfoA(HCALL hCall, LPLINECALLINFO lpCallInfo) return 0; } +/*********************************************************************** + * lineGetCallInfoW (TAPI32.@) + */ +DWORD WINAPI lineGetCallInfoW(HCALL hCall, LPLINECALLINFO lpCallInfo) +{ + FIXME("(%p, %p): stub.\n", hCall, lpCallInfo); + return 0; +} + /*********************************************************************** * lineGetCallStatus (TAPI32.@) */ diff --git a/dlls/tapi32/tapi32.spec b/dlls/tapi32/tapi32.spec index 6c01a870479..757e387c8d2 100644 --- a/dlls/tapi32/tapi32.spec +++ b/dlls/tapi32/tapi32.spec @@ -39,6 +39,7 @@ @ stdcall lineGetAppPriorityA(str long ptr long ptr ptr) @ stdcall lineGetCallInfo(long ptr) lineGetCallInfoA @ stdcall lineGetCallInfoA(long ptr) +@ stdcall lineGetCallInfoW(long ptr) @ stdcall lineGetCallStatus(long ptr) @ stdcall lineGetConfRelatedCalls(long ptr) @ stdcall lineGetCountry(long long ptr) lineGetCountryA

1 0

Nikolay Sivov : kerberos: Add wow64 support to the unixlib.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: 5692c077d0dd415ee85e680c367f792b57ef2ef3 URL: https://source.winehq.org/git/wine.git/?a=commit;h=5692c077d0dd415ee85e680c… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 20:42:22 2022 +0300 kerberos: Add wow64 support to the unixlib. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/unixlib.c | 325 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 325 insertions(+) diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 95e832e81d3..a918959dbe5 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -1012,4 +1012,329 @@ unixlib_entry_t __wine_unix_call_funcs[] = verify_signature, }; +#ifdef _WIN64 + +typedef ULONG PTR32; + +static NTSTATUS wow64_accept_context( void *args ) +{ + struct + { + UINT64 credential; + UINT64 context; + PTR32 input_token; + ULONG input_token_length; + PTR32 new_context; + PTR32 output_token; + PTR32 output_token_length; + PTR32 context_attr; + PTR32 expiry; + } const *params32 = args; + struct accept_context_params params = + { + params32->credential, + params32->context, + ULongToPtr(params32->input_token), + params32->input_token_length, + ULongToPtr(params32->new_context), + ULongToPtr(params32->output_token), + ULongToPtr(params32->output_token_length), + ULongToPtr(params32->context_attr), + ULongToPtr(params32->expiry), + }; + return accept_context( &params ); +} + +static NTSTATUS wow64_acquire_credentials_handle( void *args ) +{ + struct + { + PTR32 principal; + ULONG credential_use; + PTR32 username; + PTR32 password; + PTR32 credential; + PTR32 expiry; + } const *params32 = args; + struct acquire_credentials_handle_params params = + { + ULongToPtr(params32->principal), + params32->credential_use, + ULongToPtr(params32->username), + ULongToPtr(params32->password), + ULongToPtr(params32->credential), + ULongToPtr(params32->expiry), + }; + return acquire_credentials_handle( &params ); +} + +static NTSTATUS wow64_delete_context( void *args ) +{ + struct + { + UINT64 context; + } const *params32 = args; + struct delete_context_params params = + { + params32->context, + }; + return delete_context( &params ); +} + +static NTSTATUS wow64_free_credentials_handle( void *args ) +{ + struct + { + UINT64 credential; + } const *params32 = args; + struct free_credentials_handle_params params = + { + params32->credential, + }; + return free_credentials_handle( &params ); +} + +static NTSTATUS wow64_initialize_context( void *args ) +{ + struct + { + UINT64 credential; + UINT64 context; + PTR32 target_name; + ULONG context_req; + PTR32 input_token; + ULONG input_token_length; + PTR32 output_token; + PTR32 output_token_length; + PTR32 new_context; + PTR32 context_attr; + PTR32 expiry; + } const *params32 = args; + struct initialize_context_params params = + { + params32->credential, + params32->context, + ULongToPtr(params32->target_name), + params32->context_req, + ULongToPtr(params32->input_token), + params32->input_token_length, + ULongToPtr(params32->output_token), + ULongToPtr(params32->output_token_length), + ULongToPtr(params32->new_context), + ULongToPtr(params32->context_attr), + ULongToPtr(params32->expiry), + }; + return initialize_context( &params ); +} + +static NTSTATUS wow64_make_signature( void *args ) +{ + struct + { + UINT64 context; + PTR32 data; + ULONG data_length; + PTR32 token; + PTR32 token_length; + } const *params32 = args; + struct make_signature_params params = + { + params32->context, + ULongToPtr(params32->data), + params32->data_length, + ULongToPtr(params32->token), + ULongToPtr(params32->token_length), + }; + return make_signature( &params ); +} + +static NTSTATUS wow64_query_context_attributes( void *args ) +{ + struct + { + UINT64 context; + ULONG attr; + PTR32 buf; + } const *params32 = args; + struct query_context_attributes_params params = + { + params32->context, + params32->attr, + ULongToPtr(params32->buf), + }; + return query_context_attributes( &params ); +} + +struct KERB_TICKET_CACHE_INFO32 +{ + UNICODE_STRING32 ServerName; + UNICODE_STRING32 RealmName; + LARGE_INTEGER StartTime; + LARGE_INTEGER EndTime; + LARGE_INTEGER RenewTime; + LONG EncryptionType; + ULONG TicketFlags; +}; + +struct KERB_QUERY_TKT_CACHE_RESPONSE32 +{ + KERB_PROTOCOL_MESSAGE_TYPE MessageType; + ULONG CountOfTickets; + struct KERB_TICKET_CACHE_INFO32 Tickets[ANYSIZE_ARRAY]; +}; + +static void copy_ticket_ustr_64to32( const UNICODE_STRING *str, UNICODE_STRING32 *str32, ULONG *client_str ) +{ + str32->Length = str->Length; + str32->MaximumLength = str->MaximumLength; + str32->Buffer = *client_str; + memcpy( ULongToPtr(str32->Buffer), str->Buffer, str->MaximumLength ); + *client_str += str->MaximumLength; +} + +static NTSTATUS copy_tickets_to_client32( struct ticket_list *list, struct KERB_QUERY_TKT_CACHE_RESPONSE32 *resp, + ULONG *out_size ) +{ + ULONG i, size, size_fixed; + ULONG client_str; + + size = size_fixed = offsetof( struct KERB_QUERY_TKT_CACHE_RESPONSE32, Tickets[list->count] ); + for (i = 0; i < list->count; i++) + { + size += list->tickets[i].RealmName.MaximumLength; + size += list->tickets[i].ServerName.MaximumLength; + } + if (!resp || size > *out_size) + { + *out_size = size; + return STATUS_BUFFER_TOO_SMALL; + } + *out_size = size; + + resp->MessageType = KerbQueryTicketCacheMessage; + resp->CountOfTickets = list->count; + client_str = PtrToUlong(resp) + size_fixed; + + for (i = 0; i < list->count; i++) + { + copy_ticket_ustr_64to32( &list->tickets[i].ServerName, &resp->Tickets[i].ServerName, &client_str ); + copy_ticket_ustr_64to32( &list->tickets[i].RealmName, &resp->Tickets[i].RealmName, &client_str ); + resp->Tickets[i].StartTime = list->tickets[i].StartTime; + resp->Tickets[i].EndTime = list->tickets[i].EndTime; + resp->Tickets[i].RenewTime = list->tickets[i].RenewTime; + resp->Tickets[i].EncryptionType = list->tickets[i].EncryptionType; + resp->Tickets[i].TicketFlags = list->tickets[i].TicketFlags; + } + return STATUS_SUCCESS; +} + +static NTSTATUS wow64_query_ticket_cache( void *args ) +{ + struct + { + PTR32 resp; + PTR32 out_size; + } const *params32 = args; + struct ticket_list list = { 0 }; + NTSTATUS status; + ULONG i; + + status = kerberos_fill_ticket_list( &list ); + if (status == STATUS_SUCCESS) + status = copy_tickets_to_client32( &list, ULongToPtr(params32->resp), ULongToPtr(params32->out_size) ); + + for (i = 0; i < list.count; i++) + { + free( list.tickets[i].RealmName.Buffer ); + free( list.tickets[i].ServerName.Buffer ); + } + return status; + +} + +static NTSTATUS wow64_seal_message( void *args ) +{ + struct + { + UINT64 context; + PTR32 data; + ULONG data_length; + PTR32 token; + PTR32 token_length; + } const *params32 = args; + struct seal_message_params params = + { + params32->context, + ULongToPtr(params32->data), + params32->data_length, + ULongToPtr(params32->token), + ULongToPtr(params32->token_length), + }; + return seal_message( &params ); +} + +static NTSTATUS wow64_unseal_message( void *args ) +{ + struct + { + UINT64 context; + PTR32 data; + ULONG data_length; + PTR32 token; + ULONG token_length; + PTR32 qop; + } const *params32 = args; + struct unseal_message_params params = + { + params32->context, + ULongToPtr(params32->data), + params32->data_length, + ULongToPtr(params32->token), + params32->token_length, + ULongToPtr(params32->qop), + }; + return unseal_message( &params ); +} + +static NTSTATUS wow64_verify_signature( void *args ) +{ + struct + { + UINT64 context; + PTR32 data; + ULONG data_length; + PTR32 token; + ULONG token_length; + PTR32 qop; + } const *params32 = args; + struct verify_signature_params params = + { + params32->context, + ULongToPtr(params32->data), + params32->data_length, + ULongToPtr(params32->token), + params32->token_length, + ULongToPtr(params32->qop), + }; + return verify_signature( &params ); +} + +unixlib_entry_t __wine_unix_call_wow64_funcs[] = +{ + process_attach, + wow64_accept_context, + wow64_acquire_credentials_handle, + wow64_delete_context, + wow64_free_credentials_handle, + wow64_initialize_context, + wow64_make_signature, + wow64_query_context_attributes, + wow64_query_ticket_cache, + wow64_seal_message, + wow64_unseal_message, + wow64_verify_signature, +}; + +#endif /* _WIN64 */ + #endif /* defined(SONAME_LIBKRB5) && defined(SONAME_LIBGSSAPI_KRB5) */

1 0

Nikolay Sivov : kerberos: Separate ticket query function from call handler.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: ce8aed90edabc00f52ffd70beafd2198f458edfb URL: https://source.winehq.org/git/wine.git/?a=commit;h=ce8aed90edabc00f52ffd70b… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 19:31:26 2022 +0300 kerberos: Separate ticket query function from call handler. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/unixlib.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 38b1cf50895..95e832e81d3 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -303,16 +303,13 @@ static NTSTATUS copy_tickets_to_client( struct ticket_list *list, KERB_QUERY_TKT return STATUS_SUCCESS; } -static NTSTATUS query_ticket_cache( void *args ) +static NTSTATUS kerberos_fill_ticket_list( struct ticket_list *list ) { - struct query_ticket_cache_params *params = args; NTSTATUS status; krb5_error_code err; krb5_context ctx; krb5_cccol_cursor cursor = NULL; krb5_ccache cache; - ULONG i; - struct ticket_list list = { 0 }; if ((err = p_krb5_init_context( &ctx ))) return krb5_error_to_status( err ); if ((err = p_krb5_cccol_cursor_new( ctx, &cursor ))) @@ -330,7 +327,7 @@ static NTSTATUS query_ticket_cache( void *args ) } if (!cache) break; - status = copy_tickets_from_cache( ctx, cache, &list ); + status = copy_tickets_from_cache( ctx, cache, list ); p_krb5_cc_close( ctx, cache ); if (status != STATUS_SUCCESS) goto done; } @@ -339,6 +336,18 @@ done: if (cursor) p_krb5_cccol_cursor_free( ctx, &cursor ); if (ctx) p_krb5_free_context( ctx ); + return status; +} + +static NTSTATUS query_ticket_cache( void *args ) +{ + struct query_ticket_cache_params *params = args; + struct ticket_list list = { 0 }; + NTSTATUS status; + ULONG i; + + status = kerberos_fill_ticket_list( &list ); + if (status == STATUS_SUCCESS) status = copy_tickets_to_client( &list, params->resp, params->out_size ); for (i = 0; i < list.count; i++)

1 0

Nikolay Sivov : kerberos: Pass input/output buffers directly for initialize_context() call.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: 6c1cea2aba958a35a7b2c929d8375ebe5edb8609 URL: https://source.winehq.org/git/wine.git/?a=commit;h=6c1cea2aba958a35a7b2c929… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 21:23:22 2022 +0300 kerberos: Pass input/output buffers directly for initialize_context() call. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/krb5_ap.c | 16 +++++++++++++--- dlls/kerberos/unixlib.c | 31 ++++++------------------------- dlls/kerberos/unixlib.h | 6 ++++-- 3 files changed, 23 insertions(+), 30 deletions(-) diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index 93f9e97e8ef..b600ff06052 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -400,19 +400,29 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential, { struct cred_handle *cred_handle = (struct cred_handle *)credential; struct context_handle *context_handle = (struct context_handle *)context; - struct initialize_context_params params; + struct initialize_context_params params = { 0 }; UINT64 new_context_handle = 0; + int idx; params.credential = cred_handle ? cred_handle->handle : 0; params.context = context_handle ? context_handle->handle : 0; params.target_name = target; params.context_req = context_req; - params.input = input; params.new_context = &new_context_handle; - params.output = output; params.context_attr = context_attr; params.expiry = &exptime; + idx = get_buffer_index( input, SECBUFFER_TOKEN ); + if (idx != -1) + { + params.input_token = input->pBuffers[idx].pvBuffer; + params.input_token_length = input->pBuffers[idx].cbBuffer; + } + + if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + params.output_token = output->pBuffers[idx].pvBuffer; + params.output_token_length = &output->pBuffers[idx].cbBuffer; + status = KRB5_CALL( initialize_context, &params ); if (!status) { diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 119d2d1dcf9..38b1cf50895 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -419,17 +419,6 @@ static BOOL is_dce_style_context( gss_ctx_id_t ctx ) return (ret == GSS_S_COMPLETE && (flags & GSS_C_DCE_STYLE)); } -static int get_buffer_index( SecBufferDesc *desc, DWORD type ) -{ - UINT i; - if (!desc) return -1; - for (i = 0; i < desc->cBuffers; i++) - { - if (desc->pBuffers[i].BufferType == type) return i; - } - return -1; -} - static NTSTATUS status_gss_to_sspi( OM_uint32 status ) { switch (status) @@ -707,16 +696,9 @@ static NTSTATUS initialize_context( void *args ) gss_buffer_desc input_token, output_token; gss_name_t target = GSS_C_NO_NAME; NTSTATUS status; - int idx; - if ((idx = get_buffer_index( params->input, SECBUFFER_TOKEN )) == -1) input_token.length = 0; - else - { - input_token.length = params->input->pBuffers[idx].cbBuffer; - input_token.value = params->input->pBuffers[idx].pvBuffer; - } - - if ((idx = get_buffer_index( params->output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + input_token.length = params->input_token_length; + input_token.value = params->input_token; output_token.length = 0; output_token.value = NULL; @@ -729,16 +711,15 @@ static NTSTATUS initialize_context( void *args ) if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { - if (output_token.length > params->output->pBuffers[idx].cbBuffer) /* FIXME: check if larger buffer exists */ + if (output_token.length > *params->output_token_length) /* FIXME: check if larger buffer exists */ { - TRACE( "buffer too small %lu > %u\n", - (SIZE_T)output_token.length, (unsigned int)params->output->pBuffers[idx].cbBuffer ); + TRACE( "buffer too small %lu > %u\n", (SIZE_T)output_token.length, (unsigned int)*params->output_token_length); pgss_release_buffer( &minor_status, &output_token ); pgss_delete_sec_context( &minor_status, &ctx_handle, GSS_C_NO_BUFFER ); return SEC_E_INCOMPLETE_MESSAGE; } - params->output->pBuffers[idx].cbBuffer = output_token.length; - memcpy( params->output->pBuffers[idx].pvBuffer, output_token.value, output_token.length ); + *params->output_token_length = output_token.length; + memcpy( params->output_token, output_token.value, output_token.length ); pgss_release_buffer( &minor_status, &output_token ); ctxhandle_gss_to_sspi( ctx_handle, params->new_context ); diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h index 0bdb8a3ec74..f811f583bb2 100644 --- a/dlls/kerberos/unixlib.h +++ b/dlls/kerberos/unixlib.h @@ -62,9 +62,11 @@ struct initialize_context_params UINT64 context; const char *target_name; ULONG context_req; - SecBufferDesc *input; + BYTE *input_token; + ULONG input_token_length; + BYTE *output_token; + ULONG *output_token_length; UINT64 *new_context; - SecBufferDesc *output; ULONG *context_attr; ULONG *expiry; };

1 0

Nikolay Sivov : kerberos: Pass input/output buffers directly for unseal_message() call.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: a9ba0b334f99d2d0286f40f47e708f1969f66ce1 URL: https://source.winehq.org/git/wine.git/?a=commit;h=a9ba0b334f99d2d0286f40f4… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 15:04:28 2022 +0300 kerberos: Pass input/output buffers directly for unseal_message() call. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/krb5_ap.c | 14 +++++++++++++- dlls/kerberos/unixlib.c | 42 ++++++++++++++++++------------------------ dlls/kerberos/unixlib.h | 5 ++++- 3 files changed, 35 insertions(+), 26 deletions(-) diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index 0d266a8ccf0..93f9e97e8ef 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -723,7 +723,19 @@ static NTSTATUS NTAPI kerberos_SpUnsealMessage( LSA_SEC_HANDLE context, SecBuffe if (context) { struct context_handle *context_handle = (void *)context; - struct unseal_message_params params = { context_handle->handle, message, quality_of_protection }; + struct unseal_message_params params; + int data_idx, token_idx; + + if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; + if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + + params.context = context_handle->handle; + params.data_length = message->pBuffers[data_idx].cbBuffer; + params.data = message->pBuffers[data_idx].pvBuffer; + params.token_length = message->pBuffers[token_idx].cbBuffer; + params.token = message->pBuffers[token_idx].pvBuffer; + params.qop = quality_of_protection; + return KRB5_CALL( unseal_message, &params ); } else return SEC_E_INVALID_HANDLE; diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 21a536f83fc..119d2d1dcf9 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -909,58 +909,52 @@ static NTSTATUS seal_message( void *args ) return seal_message_no_vector( ctx, params ); } -static NTSTATUS unseal_message_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, ULONG *qop ) +static NTSTATUS unseal_message_vector( gss_ctx_id_t ctx, const struct unseal_message_params *params ) { gss_iov_buffer_desc iov[4]; OM_uint32 ret, minor_status; - int token_idx, data_idx, conf_state; - - if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; - if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + int conf_state; iov[0].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; iov[0].buffer.length = 0; iov[0].buffer.value = NULL; iov[1].type = GSS_IOV_BUFFER_TYPE_DATA; - iov[1].buffer.length = msg->pBuffers[data_idx].cbBuffer; - iov[1].buffer.value = msg->pBuffers[data_idx].pvBuffer; + iov[1].buffer.length = params->data_length; + iov[1].buffer.value = params->data; iov[2].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY; iov[2].buffer.length = 0; iov[2].buffer.value = NULL; iov[3].type = GSS_IOV_BUFFER_TYPE_HEADER; - iov[3].buffer.length = msg->pBuffers[token_idx].cbBuffer; - iov[3].buffer.value = msg->pBuffers[token_idx].pvBuffer; + iov[3].buffer.length = params->token_length; + iov[3].buffer.value = params->token; ret = pgss_unwrap_iov( &minor_status, ctx, &conf_state, NULL, iov, 4 ); TRACE( "gss_unwrap_iov returned %#x minor status %#x\n", ret, minor_status ); if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); - if (ret == GSS_S_COMPLETE && qop) + if (ret == GSS_S_COMPLETE && params->qop) { - *qop = (conf_state ? 0 : SECQOP_WRAP_NO_ENCRYPT); + *params->qop = (conf_state ? 0 : SECQOP_WRAP_NO_ENCRYPT); } return status_gss_to_sspi( ret ); } -static NTSTATUS unseal_message_no_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, ULONG *qop ) +static NTSTATUS unseal_message_no_vector( gss_ctx_id_t ctx, const struct unseal_message_params *params ) { gss_buffer_desc input, output; OM_uint32 ret, minor_status; - int token_idx, data_idx, conf_state; DWORD len_data, len_token; + int conf_state; - if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; - if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; - - len_data = msg->pBuffers[data_idx].cbBuffer; - len_token = msg->pBuffers[token_idx].cbBuffer; + len_data = params->data_length; + len_token = params->token_length; input.length = len_data + len_token; if (!(input.value = malloc( input.length ))) return SEC_E_INSUFFICIENT_MEMORY; - memcpy( input.value, msg->pBuffers[data_idx].pvBuffer, len_data ); - memcpy( (char *)input.value + len_data, msg->pBuffers[token_idx].pvBuffer, len_token ); + memcpy( input.value, params->data, len_data ); + memcpy( (char *)input.value + len_data, params->token, len_token ); ret = pgss_unwrap( &minor_status, ctx, &input, &output, &conf_state, NULL ); free( input.value ); @@ -968,8 +962,8 @@ static NTSTATUS unseal_message_no_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); if (ret == GSS_S_COMPLETE) { - if (qop) *qop = (conf_state ? 0 : SECQOP_WRAP_NO_ENCRYPT); - memcpy( msg->pBuffers[data_idx].pvBuffer, output.value, len_data ); + if (params->qop) *params->qop = (conf_state ? 0 : SECQOP_WRAP_NO_ENCRYPT); + memcpy( params->data, output.value, len_data ); pgss_release_buffer( &minor_status, &output ); } @@ -981,8 +975,8 @@ static NTSTATUS unseal_message( void *args ) struct unseal_message_params *params = args; gss_ctx_id_t ctx = ctxhandle_sspi_to_gss( params->context ); - if (is_dce_style_context( ctx )) return unseal_message_vector( ctx, params->msg, params->qop ); - return unseal_message_no_vector( ctx, params->msg, params->qop ); + if (is_dce_style_context( ctx )) return unseal_message_vector( ctx, params ); + return unseal_message_no_vector( ctx, params ); } static NTSTATUS verify_signature( void *args ) diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h index 5753ae1a2da..0bdb8a3ec74 100644 --- a/dlls/kerberos/unixlib.h +++ b/dlls/kerberos/unixlib.h @@ -104,7 +104,10 @@ struct seal_message_params struct unseal_message_params { UINT64 context; - SecBufferDesc *msg; + BYTE *data; + ULONG data_length; + BYTE *token; + ULONG token_length; ULONG *qop; };

1 0

Nikolay Sivov : kerberos: Pass input/output buffers directly for seal_message() call.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: 05585c6c36531cf2a51b751528de7881be36dd67 URL: https://source.winehq.org/git/wine.git/?a=commit;h=05585c6c36531cf2a51b7515… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 14:54:22 2022 +0300 kerberos: Pass input/output buffers directly for seal_message() call. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/krb5_ap.c | 15 +++++++++++++- dlls/kerberos/unixlib.c | 52 +++++++++++++++++++++---------------------------- dlls/kerberos/unixlib.h | 5 ++++- 3 files changed, 40 insertions(+), 32 deletions(-) diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index f2bcfc3f7f4..0d266a8ccf0 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -695,7 +695,20 @@ static NTSTATUS NTAPI kerberos_SpSealMessage( LSA_SEC_HANDLE context, ULONG qual if (context) { struct context_handle *context_handle = (void *)context; - struct seal_message_params params = { context_handle->handle, message, quality_of_protection }; + struct seal_message_params params; + int data_idx, token_idx; + + /* FIXME: multiple data buffers, read-only buffers */ + if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; + if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + + params.context = context_handle->handle; + params.data_length = message->pBuffers[data_idx].cbBuffer; + params.data = message->pBuffers[data_idx].pvBuffer; + params.token_length = &message->pBuffers[token_idx].cbBuffer; + params.token = message->pBuffers[token_idx].pvBuffer; + params.qop = quality_of_protection; + return KRB5_CALL( seal_message, &params ); } else return SEC_E_INVALID_HANDLE; diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 6404b6ab190..21a536f83fc 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -815,33 +815,29 @@ static NTSTATUS query_context_attributes( void *args ) return SEC_E_UNSUPPORTED_FUNCTION; } -static NTSTATUS seal_message_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, unsigned qop ) +static NTSTATUS seal_message_vector( gss_ctx_id_t ctx, const struct seal_message_params *params ) { gss_iov_buffer_desc iov[4]; OM_uint32 ret, minor_status; - int token_idx, data_idx, conf_flag, conf_state; + int conf_flag, conf_state; - if (!qop) + if (!params->qop) conf_flag = 1; /* confidentiality + integrity */ - else if (qop == SECQOP_WRAP_NO_ENCRYPT) + else if (params->qop == SECQOP_WRAP_NO_ENCRYPT) conf_flag = 0; /* only integrity */ else { - FIXME( "QOP %#x not supported\n", qop ); + FIXME( "QOP %#x not supported\n", params->qop ); return SEC_E_UNSUPPORTED_FUNCTION; } - /* FIXME: multiple data buffers, read-only buffers */ - if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; - if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; - iov[0].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY | GSS_IOV_BUFFER_FLAG_ALLOCATE; iov[0].buffer.length = 0; iov[0].buffer.value = NULL; iov[1].type = GSS_IOV_BUFFER_TYPE_DATA; - iov[1].buffer.length = msg->pBuffers[data_idx].cbBuffer; - iov[1].buffer.value = msg->pBuffers[data_idx].pvBuffer; + iov[1].buffer.length = params->data_length; + iov[1].buffer.value = params->data; iov[2].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY | GSS_IOV_BUFFER_FLAG_ALLOCATE; iov[2].buffer.length = 0; @@ -856,52 +852,48 @@ static NTSTATUS seal_message_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, unsig if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); if (ret == GSS_S_COMPLETE) { - memcpy( msg->pBuffers[token_idx].pvBuffer, iov[3].buffer.value, iov[3].buffer.length ); - msg->pBuffers[token_idx].cbBuffer = iov[3].buffer.length; + memcpy( params->token, iov[3].buffer.value, iov[3].buffer.length ); + *params->token_length = iov[3].buffer.length; pgss_release_iov_buffer( &minor_status, iov, 4 ); } return status_gss_to_sspi( ret ); } -static NTSTATUS seal_message_no_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, unsigned qop ) +static NTSTATUS seal_message_no_vector( gss_ctx_id_t ctx, const struct seal_message_params *params ) { gss_buffer_desc input, output; OM_uint32 ret, minor_status; - int token_idx, data_idx, conf_flag, conf_state; + int conf_flag, conf_state; - if (!qop) + if (!params->qop) conf_flag = 1; /* confidentiality + integrity */ - else if (qop == SECQOP_WRAP_NO_ENCRYPT) + else if (params->qop == SECQOP_WRAP_NO_ENCRYPT) conf_flag = 0; /* only integrity */ else { - FIXME( "QOP %#x not supported\n", qop ); + FIXME( "QOP %#x not supported\n", params->qop ); return SEC_E_UNSUPPORTED_FUNCTION; } - /* FIXME: multiple data buffers, read-only buffers */ - if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; - if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; - - input.length = msg->pBuffers[data_idx].cbBuffer; - input.value = msg->pBuffers[data_idx].pvBuffer; + input.length = params->data_length; + input.value = params->data; ret = pgss_wrap( &minor_status, ctx, conf_flag, GSS_C_QOP_DEFAULT, &input, &conf_state, &output ); TRACE( "gss_wrap returned %#x minor status %#x\n", ret, minor_status ); if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); if (ret == GSS_S_COMPLETE) { - unsigned len_data = msg->pBuffers[data_idx].cbBuffer, len_token = msg->pBuffers[token_idx].cbBuffer; + unsigned len_data = params->data_length, len_token = *params->token_length; if (len_token < output.length - len_data) { TRACE( "buffer too small %lu > %u\n", (SIZE_T)output.length - len_data, len_token ); pgss_release_buffer( &minor_status, &output ); return SEC_E_BUFFER_TOO_SMALL; } - memcpy( msg->pBuffers[data_idx].pvBuffer, output.value, len_data ); - memcpy( msg->pBuffers[token_idx].pvBuffer, (char *)output.value + len_data, output.length - len_data ); - msg->pBuffers[token_idx].cbBuffer = output.length - len_data; + memcpy( params->data, output.value, len_data ); + memcpy( params->token, (char *)output.value + len_data, output.length - len_data ); + *params->token_length = output.length - len_data; pgss_release_buffer( &minor_status, &output ); } @@ -913,8 +905,8 @@ static NTSTATUS seal_message( void *args ) struct seal_message_params *params = args; gss_ctx_id_t ctx = ctxhandle_sspi_to_gss( params->context ); - if (is_dce_style_context( ctx )) return seal_message_vector( ctx, params->msg, params->qop ); - return seal_message_no_vector( ctx, params->msg, params->qop ); + if (is_dce_style_context( ctx )) return seal_message_vector( ctx, params ); + return seal_message_no_vector( ctx, params ); } static NTSTATUS unseal_message_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, ULONG *qop ) diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h index e7ce7e0b4f3..5753ae1a2da 100644 --- a/dlls/kerberos/unixlib.h +++ b/dlls/kerberos/unixlib.h @@ -94,7 +94,10 @@ struct query_ticket_cache_params struct seal_message_params { UINT64 context; - SecBufferDesc *msg; + BYTE *data; + ULONG data_length; + BYTE *token; + ULONG *token_length; unsigned qop; };

1 0

Nikolay Sivov : kerberos: Pass input/output buffers directly for verify_signature() call.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: 958e03b7064b09e664e4344398c8ac47b86eb9e1 URL: https://source.winehq.org/git/wine.git/?a=commit;h=958e03b7064b09e664e43443… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 14:17:46 2022 +0300 kerberos: Pass input/output buffers directly for verify_signature() call. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/krb5_ap.c | 14 +++++++++++++- dlls/kerberos/unixlib.c | 13 ++++--------- dlls/kerberos/unixlib.h | 5 ++++- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index 50d58538836..f2bcfc3f7f4 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -668,7 +668,19 @@ static NTSTATUS NTAPI kerberos_SpVerifySignature( LSA_SEC_HANDLE context, SecBuf if (context) { struct context_handle *context_handle = (void *)context; - struct verify_signature_params params = { context_handle->handle, message, quality_of_protection }; + struct verify_signature_params params; + int data_idx, token_idx; + + if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; + if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + + params.context = context_handle->handle; + params.data_length = message->pBuffers[data_idx].cbBuffer; + params.data = message->pBuffers[data_idx].pvBuffer; + params.token_length = message->pBuffers[token_idx].cbBuffer; + params.token = message->pBuffers[token_idx].pvBuffer; + params.qop = quality_of_protection; + return KRB5_CALL( verify_signature, &params ); } else return SEC_E_INVALID_HANDLE; diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 100a905b066..6404b6ab190 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -996,19 +996,14 @@ static NTSTATUS unseal_message( void *args ) static NTSTATUS verify_signature( void *args ) { struct verify_signature_params *params = args; - SecBufferDesc *msg = params->msg; OM_uint32 ret, minor_status; gss_buffer_desc data_buffer, token_buffer; gss_ctx_id_t ctx_handle = ctxhandle_sspi_to_gss( params->context ); - int data_idx, token_idx; - if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; - data_buffer.length = msg->pBuffers[data_idx].cbBuffer; - data_buffer.value = msg->pBuffers[data_idx].pvBuffer; - - if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; - token_buffer.length = msg->pBuffers[token_idx].cbBuffer; - token_buffer.value = msg->pBuffers[token_idx].pvBuffer; + data_buffer.length = params->data_length; + data_buffer.value = params->data; + token_buffer.length = params->token_length; + token_buffer.value = params->token; ret = pgss_verify_mic( &minor_status, ctx_handle, &data_buffer, &token_buffer, NULL ); TRACE( "gss_verify_mic returned %#x minor status %#x\n", ret, minor_status ); diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h index b5a058b855c..e7ce7e0b4f3 100644 --- a/dlls/kerberos/unixlib.h +++ b/dlls/kerberos/unixlib.h @@ -108,7 +108,10 @@ struct unseal_message_params struct verify_signature_params { UINT64 context; - SecBufferDesc *msg; + BYTE *data; + ULONG data_length; + BYTE *token; + ULONG token_length; ULONG *qop; };

1 0

Nikolay Sivov : kerberos: Pass input/output buffers directly for make_signature() call.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: d974d58466a0c0560d2b8470df23dfb5141376de URL: https://source.winehq.org/git/wine.git/?a=commit;h=d974d58466a0c0560d2b8470… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 13:39:55 2022 +0300 kerberos: Pass input/output buffers directly for make_signature() call. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/krb5_ap.c | 14 +++++++++++++- dlls/kerberos/unixlib.c | 14 ++++---------- dlls/kerberos/unixlib.h | 5 ++++- 3 files changed, 21 insertions(+), 12 deletions(-) diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index 5cc2623c4ad..50d58538836 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -641,7 +641,19 @@ static NTSTATUS SEC_ENTRY kerberos_SpMakeSignature( LSA_SEC_HANDLE context, ULON if (context) { struct context_handle *context_handle = (void *)context; - struct make_signature_params params = { context_handle->handle, message }; + struct make_signature_params params; + int data_idx, token_idx; + + /* FIXME: multiple data buffers, read-only buffers */ + if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; + if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + + params.context = context_handle->handle; + params.data_length = message->pBuffers[data_idx].cbBuffer; + params.data = message->pBuffers[data_idx].pvBuffer; + params.token_length = &message->pBuffers[token_idx].cbBuffer; + params.token = message->pBuffers[token_idx].pvBuffer; + return KRB5_CALL( make_signature, &params ); } else return SEC_E_INVALID_HANDLE; diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 45d8f0b02da..100a905b066 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -753,18 +753,12 @@ static NTSTATUS initialize_context( void *args ) static NTSTATUS make_signature( void *args ) { struct make_signature_params *params = args; - SecBufferDesc *msg = params->msg; OM_uint32 ret, minor_status; gss_buffer_desc data_buffer, token_buffer; gss_ctx_id_t ctx_handle = ctxhandle_sspi_to_gss( params->context ); - int data_idx, token_idx; - - /* FIXME: multiple data buffers, read-only buffers */ - if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; - data_buffer.length = msg->pBuffers[data_idx].cbBuffer; - data_buffer.value = msg->pBuffers[data_idx].pvBuffer; - if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + data_buffer.length = params->data_length; + data_buffer.value = params->data; token_buffer.length = 0; token_buffer.value = NULL; @@ -773,8 +767,8 @@ static NTSTATUS make_signature( void *args ) if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); if (ret == GSS_S_COMPLETE) { - memcpy( msg->pBuffers[token_idx].pvBuffer, token_buffer.value, token_buffer.length ); - msg->pBuffers[token_idx].cbBuffer = token_buffer.length; + memcpy( params->token, token_buffer.value, token_buffer.length ); + *params->token_length = token_buffer.length; pgss_release_buffer( &minor_status, &token_buffer ); } diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h index 4fada1e1618..b5a058b855c 100644 --- a/dlls/kerberos/unixlib.h +++ b/dlls/kerberos/unixlib.h @@ -72,7 +72,10 @@ struct initialize_context_params struct make_signature_params { UINT64 context; - SecBufferDesc *msg; + BYTE *data; + ULONG data_length; + BYTE *token; + ULONG *token_length; }; struct query_context_attributes_params

1 0

Nikolay Sivov : kerberos: Pass input/output tokens directly for accept_context() call.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: 17b283d823156636370d6c5cef7c5faf8a67c164 URL: https://source.winehq.org/git/wine.git/?a=commit;h=17b283d823156636370d6c5c… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 21:15:10 2022 +0300 kerberos: Pass input/output tokens directly for accept_context() call. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/krb5_ap.c | 27 ++++++++++++++++++++++++--- dlls/kerberos/unixlib.c | 20 ++++++-------------- dlls/kerberos/unixlib.h | 6 ++++-- 3 files changed, 34 insertions(+), 19 deletions(-) diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index cc6df975d25..5cc2623c4ad 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -100,6 +100,17 @@ static LSA_SEC_HANDLE create_context_handle( struct context_handle *ctx, UINT64 return (LSA_SEC_HANDLE)ctx; } +static int get_buffer_index( const SecBufferDesc *desc, DWORD type ) +{ + UINT i; + if (!desc) return -1; + for (i = 0; i < desc->cBuffers; i++) + { + if (desc->pBuffers[i].BufferType == type) return i; + } + return -1; +} + static const char *debugstr_us( const UNICODE_STRING *us ) { if (!us) return "<null>"; @@ -421,6 +432,7 @@ static NTSTATUS NTAPI kerberos_SpAcceptLsaModeContext( LSA_SEC_HANDLE credential { NTSTATUS status = SEC_E_INVALID_HANDLE; ULONG exptime; + int idx; TRACE( "%Ix, %Ix, %#lx, %lu, %p, %p, %p, %p, %p, %p, %p\n", credential, context, context_req, target_data_rep, input, new_context, output, context_attr, expiry, mapped_context, context_data ); @@ -430,17 +442,26 @@ static NTSTATUS NTAPI kerberos_SpAcceptLsaModeContext( LSA_SEC_HANDLE credential { struct cred_handle *cred_handle = (struct cred_handle *)credential; struct context_handle *context_handle = (struct context_handle *)context; - struct accept_context_params params; + struct accept_context_params params = { 0 }; UINT64 new_context_handle = 0; params.credential = cred_handle ? cred_handle->handle : 0; params.context = context_handle ? context_handle->handle : 0; - params.input = input; params.new_context = &new_context_handle; - params.output = output; params.context_attr = context_attr; params.expiry = &exptime; + if (input) + { + if ((idx = get_buffer_index( input, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + params.input_token = input->pBuffers[idx].pvBuffer; + params.input_token_length = input->pBuffers[idx].cbBuffer; + } + if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + params.output_token = output->pBuffers[idx].pvBuffer; + params.output_token_length = &output->pBuffers[idx].cbBuffer; + + /* FIXME: check if larger output buffer exists */ status = KRB5_CALL( accept_context, &params ); if (!status) { diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 4d74dd7eb1f..45d8f0b02da 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -528,17 +528,9 @@ static NTSTATUS accept_context( void *args ) gss_cred_id_t cred_handle = credhandle_sspi_to_gss( params->credential ); gss_ctx_id_t ctx_handle = ctxhandle_sspi_to_gss( params->context ); gss_buffer_desc input_token, output_token; - int idx; - - if (!params->input) input_token.length = 0; - else - { - if ((idx = get_buffer_index( params->input, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; - input_token.length = params->input->pBuffers[idx].cbBuffer; - input_token.value = params->input->pBuffers[idx].pvBuffer; - } - if ((idx = get_buffer_index( params->output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + input_token.length = params->input_token_length; + input_token.value = params->input_token; output_token.length = 0; output_token.value = NULL; @@ -548,16 +540,16 @@ static NTSTATUS accept_context( void *args ) if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED) { - if (output_token.length > params->output->pBuffers[idx].cbBuffer) /* FIXME: check if larger buffer exists */ + if (output_token.length > *params->output_token_length) /* FIXME: check if larger buffer exists */ { TRACE( "buffer too small %lu > %u\n", - (SIZE_T)output_token.length, (unsigned int)params->output->pBuffers[idx].cbBuffer ); + (SIZE_T)output_token.length, (unsigned int)*params->output_token_length ); pgss_release_buffer( &minor_status, &output_token ); pgss_delete_sec_context( &minor_status, &ctx_handle, GSS_C_NO_BUFFER ); return SEC_E_BUFFER_TOO_SMALL; } - params->output->pBuffers[idx].cbBuffer = output_token.length; - memcpy( params->output->pBuffers[idx].pvBuffer, output_token.value, output_token.length ); + *params->output_token_length = output_token.length; + memcpy( params->output_token, output_token.value, output_token.length ); pgss_release_buffer( &minor_status, &output_token ); ctxhandle_gss_to_sspi( ctx_handle, params->new_context ); diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h index 2634182ef51..4fada1e1618 100644 --- a/dlls/kerberos/unixlib.h +++ b/dlls/kerberos/unixlib.h @@ -27,9 +27,11 @@ struct accept_context_params { UINT64 credential; UINT64 context; - SecBufferDesc *input; + BYTE *input_token; + ULONG input_token_length; UINT64 *new_context; - SecBufferDesc *output; + BYTE *output_token; + ULONG *output_token_length; ULONG *context_attr; ULONG *expiry; };

1 0

Nikolay Sivov : kerberos: Use 64-bit integer for context handles.
by Alexandre Julliard 30 May '22

30 May '22

Module: wine Branch: master Commit: 0e6b727511e610019a8fc1d84948f2045bb10e18 URL: https://source.winehq.org/git/wine.git/?a=commit;h=0e6b727511e610019a8fc1d8… Author: Nikolay Sivov <nsivov(a)codeweavers.com> Date: Sat May 28 10:43:12 2022 +0300 kerberos: Use 64-bit integer for context handles. Signed-off-by: Nikolay Sivov <nsivov(a)codeweavers.com> --- dlls/kerberos/krb5_ap.c | 59 ++++++++++++++++++++++++++++++++++++++++--------- dlls/kerberos/unixlib.c | 11 ++++----- dlls/kerberos/unixlib.h | 23 +++++++++++-------- 3 files changed, 69 insertions(+), 24 deletions(-) Diff: https://source.winehq.org/git/wine.git/?a=commitdiff;h=0e6b727511e610019a8f…

1 0

← Newer
1
2
3
4
5
6
7
8
9
...
91
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

wine-commits May 2022