Piotr Caban : secur32: Handle extra data in schan_InitializeSecurityContextW. - wine-commits

18 Sep 2010

Module: wine
Branch: master
Commit: cdf8d455c2ca3ecb85f5616bcc42638bfe23437f
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=cdf8d455c2ca3ecb85f5616bcc...
Author: Piotr Caban piotr@codeweavers.com
Date:   Fri Sep 17 10:18:41 2010 +0200
secur32: Handle extra data in schan_InitializeSecurityContextW.
---
dlls/secur32/schannel.c       |    8 ++++++++
 dlls/secur32/tests/schannel.c |   19 ++++++++++++++++++-
 2 files changed, 26 insertions(+), 1 deletions(-)

diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c
index 199c7ce..2d244d1 100644
--- a/dlls/secur32/schannel.c
+++ b/dlls/secur32/schannel.c
@@ -775,6 +775,14 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
     /* Perform the TLS handshake */
     err = pgnutls_handshake(ctx->session);
+    if(transport.in.offset && transport.in.offset != pInput->pBuffers[0].cbBuffer) {
+        if(pInput->cBuffers<2 || pInput->pBuffers[1].BufferType!=SECBUFFER_EMPTY)
+            return SEC_E_INVALID_TOKEN;
+
+        pInput->pBuffers[1].BufferType = SECBUFFER_EXTRA;
+        pInput->pBuffers[1].cbBuffer = pInput->pBuffers[0].cbBuffer-transport.in.offset;
+    }
+
     out_buffers = &transport.out;
     if (out_buffers->current_buffer_idx != -1)
     {
diff --git a/dlls/secur32/tests/schannel.c b/dlls/secur32/tests/schannel.c
index 71520eb..1bb28e3 100644
--- a/dlls/secur32/tests/schannel.c
+++ b/dlls/secur32/tests/schannel.c
@@ -586,7 +586,7 @@ static void test_communication(void)
         return;
     }
-    /* Create a socket and connect to mail.google.com */
+    /* Create a socket and connect to www.codeweavers.com */
     ret = WSAStartup(0x0202, &wsa_data);
     if (ret)
     {
@@ -636,6 +636,23 @@ static void test_communication(void)
         0, 0, NULL, 0, &context, &buffers[0], &attrs, NULL);
     ok(status == SEC_I_CONTINUE_NEEDED, "Expected SEC_I_CONTINUE_NEEDED, got %08x\n", status);
+    buffers[1].cBuffers = 1;
+    buffers[1].pBuffers[0].BufferType = SECBUFFER_TOKEN;
+    data_size = buffers[0].pBuffers[0].cbBuffer;
+    status = pInitializeSecurityContextA(&cred_handle, &context, (SEC_CHAR *)"localhost",
+            ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
+            0, 0, &buffers[1], 0, NULL, &buffers[0], &attrs, NULL);
+    ok(status == SEC_E_INVALID_TOKEN, "Expected SEC_E_INVALID_TOKEN, got %08x\n", status);
+
+    buffers[0].pBuffers[0].cbBuffer = buf_size;
+    buffers[1].cBuffers = 4;
+    buffers[1].pBuffers[0].cbBuffer = buf_size;
+
+    status = pInitializeSecurityContextA(&cred_handle, NULL, (SEC_CHAR *)"localhost",
+            ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
+            0, 0, NULL, 0, &context, &buffers[0], &attrs, NULL);
+    ok(status == SEC_I_CONTINUE_NEEDED, "Expected SEC_I_CONTINUE_NEEDED, got %08x\n", status);
+
     while (status == SEC_I_CONTINUE_NEEDED)
     {
         buf = &buffers[0].pBuffers[0];

    