Rob Shearman : rpcrt4: Retrieve the maximum token length from the security provider rather than using a hardcoded and rather small limit .
Module: wine Branch: master Commit: 7abb647cd3b45c07a3b794bdae721eb5f56efa73 URL: http://source.winehq.org/git/wine.git/?a=commit;h=7abb647cd3b45c07a3b794bdae...
Author: Rob Shearman rob@codeweavers.com Date: Mon Mar 26 18:16:34 2007 +0100
rpcrt4: Retrieve the maximum token length from the security provider rather than using a hardcoded and rather small limit.
---
dlls/rpcrt4/rpc_binding.c | 15 ++++++++++++--- dlls/rpcrt4/rpc_binding.h | 5 +++-- dlls/rpcrt4/rpc_message.c | 11 ++++++----- 3 files changed, 21 insertions(+), 10 deletions(-)
diff --git a/dlls/rpcrt4/rpc_binding.c b/dlls/rpcrt4/rpc_binding.c index 807921b..ad96ac6 100644 --- a/dlls/rpcrt4/rpc_binding.c +++ b/dlls/rpcrt4/rpc_binding.c @@ -967,7 +967,9 @@ RPC_STATUS WINAPI RpcRevertToSelfEx(RPC_BINDING_HANDLE BindingHandle) return RPC_S_OK; }
-static RPC_STATUS RpcAuthInfo_Create(ULONG AuthnLevel, ULONG AuthnSvc, CredHandle cred, TimeStamp exp, RpcAuthInfo **ret) +static RPC_STATUS RpcAuthInfo_Create(ULONG AuthnLevel, ULONG AuthnSvc, + CredHandle cred, TimeStamp exp, + ULONG cbMaxToken, RpcAuthInfo **ret) { RpcAuthInfo *AuthInfo = HeapAlloc(GetProcessHeap(), 0, sizeof(*AuthInfo)); if (!AuthInfo) @@ -978,6 +980,7 @@ static RPC_STATUS RpcAuthInfo_Create(ULONG AuthnLevel, ULONG AuthnSvc, CredHandl AuthInfo->AuthnSvc = AuthnSvc; AuthInfo->cred = cred; AuthInfo->exp = exp; + AuthInfo->cbMaxToken = cbMaxToken; *ret = AuthInfo; return RPC_S_OK; } @@ -1225,6 +1228,7 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName, ULONG package_count; ULONG i; PSecPkgInfoA packages; + ULONG cbMaxToken;
TRACE("%p %s %u %u %p %u %p\n", Binding, debugstr_a((const char*)ServerPrincName), AuthnLevel, AuthnSvc, AuthIdentity, AuthzSvr, SecurityQos); @@ -1306,12 +1310,14 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName, TRACE("found package %s for service %u\n", packages[i].Name, AuthnSvc); r = AcquireCredentialsHandleA((SEC_CHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL, AuthIdentity, NULL, NULL, &cred, &exp); + cbMaxToken = packages[i].cbMaxToken; FreeContextBuffer(packages); if (r == ERROR_SUCCESS) { if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo); bind->AuthInfo = NULL; - r = RpcAuthInfo_Create(AuthnLevel, AuthnSvc, cred, exp, &bind->AuthInfo); + r = RpcAuthInfo_Create(AuthnLevel, AuthnSvc, cred, exp, cbMaxToken, + &bind->AuthInfo); if (r != RPC_S_OK) FreeCredentialsHandle(&cred); return RPC_S_OK; @@ -1338,6 +1344,7 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName, ULONG package_count; ULONG i; PSecPkgInfoW packages; + ULONG cbMaxToken;
TRACE("%p %s %u %u %p %u %p\n", Binding, debugstr_w((const WCHAR*)ServerPrincName), AuthnLevel, AuthnSvc, AuthIdentity, AuthzSvr, SecurityQos); @@ -1419,12 +1426,14 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName, TRACE("found package %s for service %u\n", debugstr_w(packages[i].Name), AuthnSvc); r = AcquireCredentialsHandleW((SEC_WCHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL, AuthIdentity, NULL, NULL, &cred, &exp); + cbMaxToken = packages[i].cbMaxToken; FreeContextBuffer(packages); if (r == ERROR_SUCCESS) { if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo); bind->AuthInfo = NULL; - r = RpcAuthInfo_Create(AuthnLevel, AuthnSvc, cred, exp, &bind->AuthInfo); + r = RpcAuthInfo_Create(AuthnLevel, AuthnSvc, cred, exp, cbMaxToken, + &bind->AuthInfo); if (r != RPC_S_OK) FreeCredentialsHandle(&cred); return RPC_S_OK; diff --git a/dlls/rpcrt4/rpc_binding.h b/dlls/rpcrt4/rpc_binding.h index 5328ac0..1650ad6 100644 --- a/dlls/rpcrt4/rpc_binding.h +++ b/dlls/rpcrt4/rpc_binding.h @@ -30,10 +30,11 @@ typedef struct _RpcAuthInfo { LONG refs;
- unsigned long AuthnLevel; - unsigned long AuthnSvc; + ULONG AuthnLevel; + ULONG AuthnSvc; CredHandle cred; TimeStamp exp; + ULONG cbMaxToken; } RpcAuthInfo;
typedef struct _RpcQualityOfService diff --git a/dlls/rpcrt4/rpc_message.c b/dlls/rpcrt4/rpc_message.c index 8a02463..c1e0c86 100644 --- a/dlls/rpcrt4/rpc_message.c +++ b/dlls/rpcrt4/rpc_message.c @@ -474,10 +474,10 @@ static void RPCRT4_AuthNegotiate(RpcConnection *conn, SecBuffer *out) else if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_PRIVACY) context_req |= ISC_REQ_CONFIDENTIALITY | ISC_REQ_INTEGRITY;
- buffer = HeapAlloc(GetProcessHeap(), 0, 0x100); + buffer = HeapAlloc(GetProcessHeap(), 0, conn->AuthInfo->cbMaxToken);
out->BufferType = SECBUFFER_TOKEN; - out->cbBuffer = 0x100; + out->cbBuffer = conn->AuthInfo->cbMaxToken; out->pvBuffer = buffer;
out_desc.ulVersion = 0; @@ -503,7 +503,6 @@ static RPC_STATUS RPCRT_AuthorizeConnection(RpcConnection* conn, SecBufferDesc inp_desc, out_desc; SecBuffer inp, out; SECURITY_STATUS r; - unsigned char buffer[0x100]; RpcPktHdr *resp_hdr; RPC_STATUS status; ULONG context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE | @@ -517,8 +516,8 @@ static RPC_STATUS RPCRT_AuthorizeConnection(RpcConnection* conn, context_req |= ISC_REQ_CONFIDENTIALITY | ISC_REQ_INTEGRITY;
out.BufferType = SECBUFFER_TOKEN; - out.cbBuffer = sizeof buffer; - out.pvBuffer = buffer; + out.cbBuffer = conn->AuthInfo->cbMaxToken; + out.pvBuffer = HeapAlloc(GetProcessHeap(), 0, out.cbBuffer);
out_desc.ulVersion = 0; out_desc.cBuffers = 1; @@ -537,6 +536,7 @@ static RPC_STATUS RPCRT_AuthorizeConnection(RpcConnection* conn, &inp_desc, 0, &conn->ctx, &out_desc, &conn->attr, &conn->exp); if (r) { + HeapFree(GetProcessHeap(), 0, out.pvBuffer); WARN("InitializeSecurityContext failed with error 0x%08x\n", r); return ERROR_ACCESS_DENIED; } @@ -547,6 +547,7 @@ static RPC_STATUS RPCRT_AuthorizeConnection(RpcConnection* conn,
status = RPCRT4_SendAuth(conn, resp_hdr, NULL, 0, out.pvBuffer, out.cbBuffer);
+ HeapFree(GetProcessHeap(), 0, out.pvBuffer); RPCRT4_FreeHeader(resp_hdr);
return status;
-
Alexandre Julliard