Module: wine Branch: master Commit: 88e9b3fad8bf9f1fe9a4fc276d400aa47255869b URL: http://source.winehq.org/git/wine.git/?a=commit;h=88e9b3fad8bf9f1fe9a4fc276d...
Author: Rob Shearman rob@codeweavers.com Date: Mon Mar 26 18:17:15 2007 +0100
rpcrt4: Call InitializeSecurityContext from only one function.
This reduces the amount of code and ensures that the parameters passed to it stay the same, apart from the previous context and the output buffer description.
---
dlls/rpcrt4/rpc_message.c | 74 +++++++++++++++--------------------------- dlls/rpcrt4/rpc_transport.c | 3 ++ 2 files changed, 30 insertions(+), 47 deletions(-)
diff --git a/dlls/rpcrt4/rpc_message.c b/dlls/rpcrt4/rpc_message.c index c1e0c86..b100431 100644 --- a/dlls/rpcrt4/rpc_message.c +++ b/dlls/rpcrt4/rpc_message.c @@ -459,13 +459,16 @@ write: }
/*********************************************************************** - * RPCRT4_AuthNegotiate (internal) + * RPCRT4_ClientAuthorize (internal) + * + * Authorize a client connection. A NULL in param signifies a new connection. */ -static void RPCRT4_AuthNegotiate(RpcConnection *conn, SecBuffer *out) +static RPC_STATUS RPCRT4_ClientAuthorize(RpcConnection *conn, SecBuffer *in, + SecBuffer *out) { SECURITY_STATUS r; SecBufferDesc out_desc; - unsigned char *buffer; + SecBufferDesc inp_desc; ULONG context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE | ISC_REQ_MUTUAL_AUTH | ISC_REQ_DELEGATE;
@@ -474,24 +477,33 @@ static void RPCRT4_AuthNegotiate(RpcConnection *conn, SecBuffer *out) else if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_PRIVACY) context_req |= ISC_REQ_CONFIDENTIALITY | ISC_REQ_INTEGRITY;
- buffer = HeapAlloc(GetProcessHeap(), 0, conn->AuthInfo->cbMaxToken); - out->BufferType = SECBUFFER_TOKEN; out->cbBuffer = conn->AuthInfo->cbMaxToken; - out->pvBuffer = buffer; + out->pvBuffer = HeapAlloc(GetProcessHeap(), 0, out->cbBuffer);
out_desc.ulVersion = 0; out_desc.cBuffers = 1; out_desc.pBuffers = out;
- conn->attr = 0; - SecInvalidateHandle(&conn->ctx); + inp_desc.cBuffers = 1; + inp_desc.pBuffers = in; + inp_desc.ulVersion = 0; + + r = InitializeSecurityContextA(&conn->AuthInfo->cred, in ? &conn->ctx : NULL, + NULL, context_req, 0, SECURITY_NETWORK_DREP, + in ? &inp_desc : NULL, 0, &conn->ctx, &out_desc, &conn->attr, + &conn->exp); + if (FAILED(r)) + { + HeapFree(GetProcessHeap(), 0, out->pvBuffer); + out->pvBuffer = NULL; + WARN("InitializeSecurityContext failed with error 0x%08x\n", r); + return ERROR_ACCESS_DENIED; /* FIXME: is this correct? */ + }
- r = InitializeSecurityContextA(&conn->AuthInfo->cred, NULL, NULL, - context_req, 0, SECURITY_NETWORK_DREP, - NULL, 0, &conn->ctx, &out_desc, &conn->attr, &conn->exp); + TRACE("r = 0x%08x, cbBuffer = %ld, attr = 0x%08x\n", r, out->cbBuffer, conn->attr);
- TRACE("r = %08x cbBuffer = %ld attr = %08x\n", r, out->cbBuffer, conn->attr); + return RPC_S_OK; }
/*********************************************************************** @@ -500,46 +512,18 @@ static void RPCRT4_AuthNegotiate(RpcConnection *conn, SecBuffer *out) static RPC_STATUS RPCRT_AuthorizeConnection(RpcConnection* conn, BYTE *challenge, ULONG count) { - SecBufferDesc inp_desc, out_desc; SecBuffer inp, out; - SECURITY_STATUS r; RpcPktHdr *resp_hdr; RPC_STATUS status; - ULONG context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE | - ISC_REQ_MUTUAL_AUTH | ISC_REQ_DELEGATE;
TRACE("challenge %s, %d bytes\n", challenge, count);
- if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_INTEGRITY) - context_req |= ISC_REQ_INTEGRITY; - else if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_PRIVACY) - context_req |= ISC_REQ_CONFIDENTIALITY | ISC_REQ_INTEGRITY; - - out.BufferType = SECBUFFER_TOKEN; - out.cbBuffer = conn->AuthInfo->cbMaxToken; - out.pvBuffer = HeapAlloc(GetProcessHeap(), 0, out.cbBuffer); - - out_desc.ulVersion = 0; - out_desc.cBuffers = 1; - out_desc.pBuffers = &out; - inp.BufferType = SECBUFFER_TOKEN; inp.pvBuffer = challenge; inp.cbBuffer = count;
- inp_desc.cBuffers = 1; - inp_desc.pBuffers = &inp; - inp_desc.ulVersion = 0; - - r = InitializeSecurityContextA(&conn->AuthInfo->cred, &conn->ctx, NULL, - context_req, 0, SECURITY_NETWORK_DREP, - &inp_desc, 0, &conn->ctx, &out_desc, &conn->attr, &conn->exp); - if (r) - { - HeapFree(GetProcessHeap(), 0, out.pvBuffer); - WARN("InitializeSecurityContext failed with error 0x%08x\n", r); - return ERROR_ACCESS_DENIED; - } + status = RPCRT4_ClientAuthorize(conn, &inp, &out); + if (status) return status;
resp_hdr = RPCRT4_BuildAuthHeader(NDR_LOCAL_DATA_REPRESENTATION); if (!resp_hdr) @@ -569,12 +553,8 @@ RPC_STATUS RPCRT4_Send(RpcConnection *Connection, RpcPktHdr *Header, return RPCRT4_SendAuth(Connection, Header, Buffer, BufferLength, NULL, 0); }
- out.BufferType = SECBUFFER_TOKEN; - out.cbBuffer = 0; - out.pvBuffer = NULL; - /* tack on a negotiate packet */ - RPCRT4_AuthNegotiate(Connection, &out); + RPCRT4_ClientAuthorize(Connection, NULL, &out); r = RPCRT4_SendAuth(Connection, Header, Buffer, BufferLength, out.pvBuffer, out.cbBuffer); HeapFree(GetProcessHeap(), 0, out.pvBuffer);
diff --git a/dlls/rpcrt4/rpc_transport.c b/dlls/rpcrt4/rpc_transport.c index e1d29bb..4996c12 100644 --- a/dlls/rpcrt4/rpc_transport.c +++ b/dlls/rpcrt4/rpc_transport.c @@ -1381,10 +1381,13 @@ RPC_STATUS RPCRT4_CreateConnection(RpcConnection** Connection, BOOL server, NewConnection->NextCallId = 1;
SecInvalidateHandle(&NewConnection->ctx); + memset(&NewConnection->exp, 0, sizeof(NewConnection->exp)); + NewConnection->attr = 0; if (AuthInfo) RpcAuthInfo_AddRef(AuthInfo); NewConnection->AuthInfo = AuthInfo; if (QOS) RpcQualityOfService_AddRef(QOS); NewConnection->QOS = QOS; + list_init(&NewConnection->conn_pool_entry);
TRACE("connection: %p\n", NewConnection);
-
Alexandre Julliard