Rob Shearman : rpcrt4: Pass the SPN input to RpcBindingSetAuthInfoA/ W into InitializeSecurityContextW instead of AcquireCredentialsHandleA/W. - wine-commits

23 Jan 2008

Module: wine
Branch: master
Commit: 2badb4faea2d1256f397ee03950161ec8d7a41e4
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=2badb4faea2d1256f397ee0395...
Author: Rob Shearman rob@codeweavers.com
Date:   Wed Jan 23 16:32:54 2008 +0000
rpcrt4: Pass the SPN input to RpcBindingSetAuthInfoA/W into InitializeSecurityContextW instead of AcquireCredentialsHandleA/W.
---
dlls/rpcrt4/rpc_binding.c |   32 ++++++++++++++++++++++++++------
 dlls/rpcrt4/rpc_binding.h |    1 +
 dlls/rpcrt4/rpc_message.c |    8 ++++----
 3 files changed, 31 insertions(+), 10 deletions(-)

diff --git a/dlls/rpcrt4/rpc_binding.c b/dlls/rpcrt4/rpc_binding.c
index bcf89da..3a8afde 100644
--- a/dlls/rpcrt4/rpc_binding.c
+++ b/dlls/rpcrt4/rpc_binding.c
@@ -937,6 +937,7 @@ static RPC_STATUS RpcAuthInfo_Create(ULONG AuthnLevel, ULONG AuthnSvc,
     AuthInfo->exp = exp;
     AuthInfo->cbMaxToken = cbMaxToken;
     AuthInfo->identity = identity;
+    AuthInfo->server_principal_name = NULL;
/* duplicate the SEC_WINNT_AUTH_IDENTITY structure, if applicable, to
      * enable better matching in RpcAuthInfo_IsEqual */
@@ -1004,6 +1005,7 @@ ULONG RpcAuthInfo_Release(RpcAuthInfo *AuthInfo)
             HeapFree(GetProcessHeap(), 0, AuthInfo->nt_identity->Password);
             HeapFree(GetProcessHeap(), 0, AuthInfo->nt_identity);
         }
+        HeapFree(GetProcessHeap(), 0, AuthInfo->server_principal_name);
         HeapFree(GetProcessHeap(), 0, AuthInfo);
     }
@@ -1415,7 +1417,7 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName,
   }
TRACE("found package %s for service %u\n", packages[i].Name, AuthnSvc);
-  r = AcquireCredentialsHandleA((SEC_CHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
+  r = AcquireCredentialsHandleA(NULL, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
                                 AuthIdentity, NULL, NULL, &cred, &exp);
   cbMaxToken = packages[i].cbMaxToken;
   FreeContextBuffer(packages);
@@ -1426,8 +1428,17 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName,
                            AuthIdentity, &new_auth_info);
     if (r == RPC_S_OK)
     {
-      if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
-      bind->AuthInfo = new_auth_info;
+      new_auth_info->server_principal_name = RPCRT4_strdupAtoW((char *)ServerPrincName);
+      if (new_auth_info->server_principal_name)
+      {
+        if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
+        bind->AuthInfo = new_auth_info;
+      }
+      else
+      {
+        RpcAuthInfo_Release(new_auth_info);
+        r = ERROR_OUTOFMEMORY;
+      }
     }
     else
       FreeCredentialsHandle(&cred);
@@ -1535,7 +1546,7 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName,
   }
TRACE("found package %s for service %u\n", debugstr_w(packages[i].Name), AuthnSvc);
-  r = AcquireCredentialsHandleW((SEC_WCHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
+  r = AcquireCredentialsHandleW(NULL, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
                                 AuthIdentity, NULL, NULL, &cred, &exp);
   cbMaxToken = packages[i].cbMaxToken;
   FreeContextBuffer(packages);
@@ -1546,8 +1557,17 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName,
                            AuthIdentity, &new_auth_info);
     if (r == RPC_S_OK)
     {
-      if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
-      bind->AuthInfo = new_auth_info;
+      new_auth_info->server_principal_name = RPCRT4_strdupW(ServerPrincName);
+      if (new_auth_info->server_principal_name)
+      {
+        if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
+        bind->AuthInfo = new_auth_info;
+      }
+      else
+      {
+        RpcAuthInfo_Release(new_auth_info);
+        r = ERROR_OUTOFMEMORY;
+      }
     }
     else
       FreeCredentialsHandle(&cred);
diff --git a/dlls/rpcrt4/rpc_binding.h b/dlls/rpcrt4/rpc_binding.h
index e3a3c95..e169a65 100644
--- a/dlls/rpcrt4/rpc_binding.h
+++ b/dlls/rpcrt4/rpc_binding.h
@@ -41,6 +41,7 @@ typedef struct _RpcAuthInfo
   /* our copy of NT auth identity structure, if the authentication service
    * takes an NT auth identity */
   SEC_WINNT_AUTH_IDENTITY_W *nt_identity;
+  LPWSTR server_principal_name;
 } RpcAuthInfo;
typedef struct _RpcQualityOfService
diff --git a/dlls/rpcrt4/rpc_message.c b/dlls/rpcrt4/rpc_message.c
index f56e3a4..a720199 100644
--- a/dlls/rpcrt4/rpc_message.c
+++ b/dlls/rpcrt4/rpc_message.c
@@ -581,10 +581,10 @@ static RPC_STATUS RPCRT4_ClientAuthorize(RpcConnection *conn, SecBuffer *in,
   inp_desc.pBuffers = in;
   inp_desc.ulVersion = 0;
-  r = InitializeSecurityContextA(&conn->AuthInfo->cred, in ? &conn->ctx : NULL,
-        NULL, context_req, 0, SECURITY_NETWORK_DREP,
-        in ? &inp_desc : NULL, 0, &conn->ctx, &out_desc, &conn->attr,
-        &conn->exp);
+  r = InitializeSecurityContextW(&conn->AuthInfo->cred, in ? &conn->ctx : NULL,
+        in ? NULL : conn->AuthInfo->server_principal_name, context_req, 0,
+        SECURITY_NETWORK_DREP, in ? &inp_desc : NULL, 0, &conn->ctx,
+        &out_desc, &conn->attr, &conn->exp);
   if (FAILED(r))
   {
       WARN("InitializeSecurityContext failed with error 0x%08x\n", r);

    