[PATCH v2 08/10] kerberos: Pass input/output buffers directly for initialize_context() call.

30 May 2022

From: Nikolay Sivov nsivov@codeweavers.com
Signed-off-by: Nikolay Sivov nsivov@codeweavers.com
---
 dlls/kerberos/krb5_ap.c | 16 +++++++++++++---
 dlls/kerberos/unixlib.c | 31 ++++++-------------------------
 dlls/kerberos/unixlib.h |  6 ++++--
 3 files changed, 23 insertions(+), 30 deletions(-)

diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c
index 93f9e97e8ef..b600ff06052 100644
--- a/dlls/kerberos/krb5_ap.c
+++ b/dlls/kerberos/krb5_ap.c
@@ -400,19 +400,29 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential,
     {
         struct cred_handle *cred_handle = (struct cred_handle *)credential;
         struct context_handle *context_handle = (struct context_handle *)context;
-        struct initialize_context_params params;
+        struct initialize_context_params params = { 0 };
         UINT64 new_context_handle = 0;
+        int idx;
params.credential = cred_handle ? cred_handle->handle : 0;
         params.context = context_handle ? context_handle->handle : 0;
         params.target_name = target;
         params.context_req = context_req;
-        params.input = input;
         params.new_context = &new_context_handle;
-        params.output = output;
         params.context_attr = context_attr;
         params.expiry = &exptime;
+        idx = get_buffer_index( input, SECBUFFER_TOKEN );
+        if (idx != -1)
+        {
+            params.input_token = input->pBuffers[idx].pvBuffer;
+            params.input_token_length = input->pBuffers[idx].cbBuffer;
+        }
+
+        if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+        params.output_token = output->pBuffers[idx].pvBuffer;
+        params.output_token_length = &output->pBuffers[idx].cbBuffer;
+
         status = KRB5_CALL( initialize_context, &params );
         if (!status)
         {
diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c
index 119d2d1dcf9..38b1cf50895 100644
--- a/dlls/kerberos/unixlib.c
+++ b/dlls/kerberos/unixlib.c
@@ -419,17 +419,6 @@ static BOOL is_dce_style_context( gss_ctx_id_t ctx )
     return (ret == GSS_S_COMPLETE && (flags & GSS_C_DCE_STYLE));
 }
-static int get_buffer_index( SecBufferDesc *desc, DWORD type )
-{
-    UINT i;
-    if (!desc) return -1;
-    for (i = 0; i < desc->cBuffers; i++)
-    {
-        if (desc->pBuffers[i].BufferType == type) return i;
-    }
-    return -1;
-}
-
 static NTSTATUS status_gss_to_sspi( OM_uint32 status )
 {
     switch (status)
@@ -707,16 +696,9 @@ static NTSTATUS initialize_context( void *args )
     gss_buffer_desc input_token, output_token;
     gss_name_t target = GSS_C_NO_NAME;
     NTSTATUS status;
-    int idx;
-    if ((idx = get_buffer_index( params->input, SECBUFFER_TOKEN )) == -1) input_token.length = 0;
-    else
-    {
-        input_token.length = params->input->pBuffers[idx].cbBuffer;
-        input_token.value  = params->input->pBuffers[idx].pvBuffer;
-    }
-
-    if ((idx = get_buffer_index( params->output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+    input_token.length = params->input_token_length;
+    input_token.value  = params->input_token;
     output_token.length = 0;
     output_token.value  = NULL;
@@ -729,16 +711,15 @@ static NTSTATUS initialize_context( void *args )
     if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status );
     if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED)
     {
-        if (output_token.length > params->output->pBuffers[idx].cbBuffer) /* FIXME: check if larger buffer exists */
+        if (output_token.length > *params->output_token_length) /* FIXME: check if larger buffer exists */
         {
-            TRACE( "buffer too small %lu > %u\n",
-                   (SIZE_T)output_token.length, (unsigned int)params->output->pBuffers[idx].cbBuffer );
+            TRACE( "buffer too small %lu > %u\n", (SIZE_T)output_token.length, (unsigned int)*params->output_token_length);
             pgss_release_buffer( &minor_status, &output_token );
             pgss_delete_sec_context( &minor_status, &ctx_handle, GSS_C_NO_BUFFER );
             return SEC_E_INCOMPLETE_MESSAGE;
         }
-        params->output->pBuffers[idx].cbBuffer = output_token.length;
-        memcpy( params->output->pBuffers[idx].pvBuffer, output_token.value, output_token.length );
+        *params->output_token_length = output_token.length;
+        memcpy( params->output_token, output_token.value, output_token.length );
         pgss_release_buffer( &minor_status, &output_token );
ctxhandle_gss_to_sspi( ctx_handle, params->new_context );
diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h
index 0bdb8a3ec74..f811f583bb2 100644
--- a/dlls/kerberos/unixlib.h
+++ b/dlls/kerberos/unixlib.h
@@ -62,9 +62,11 @@ struct initialize_context_params
     UINT64 context;
     const char *target_name;
     ULONG context_req;
-    SecBufferDesc *input;
+    BYTE *input_token;
+    ULONG input_token_length;
+    BYTE *output_token;
+    ULONG *output_token_length;
     UINT64 *new_context;
-    SecBufferDesc *output;
     ULONG *context_attr;
     ULONG *expiry;
 };
-- 
GitLab


https://gitlab.winehq.org/wine/wine/-/merge_requests/146


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[PATCH v2 08/10] kerberos: Pass input/output buffers directly for initialize_context() call.