From: Nikolay Sivov nsivov@codeweavers.com
Signed-off-by: Nikolay Sivov nsivov@codeweavers.com --- dlls/kerberos/krb5_ap.c | 13 ++++++++++++- dlls/kerberos/unixlib.c | 13 ++++--------- dlls/kerberos/unixlib.h | 5 ++++- 3 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index 50d58538836..cecbd66e3a6 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -668,7 +668,18 @@ static NTSTATUS NTAPI kerberos_SpVerifySignature( LSA_SEC_HANDLE context, SecBuf if (context) { struct context_handle *context_handle = (void *)context; - struct verify_signature_params params = { context_handle->handle, message, quality_of_protection }; + struct verify_signature_params params; + int data_idx, token_idx; + + if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; + if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; + + params.context = context_handle->handle; + params.data_length = message->pBuffers[data_idx].cbBuffer; + params.data = message->pBuffers[data_idx].pvBuffer; + params.token_length = message->pBuffers[token_idx].cbBuffer; + params.token = message->pBuffers[token_idx].pvBuffer; + return KRB5_CALL( verify_signature, ¶ms ); } else return SEC_E_INVALID_HANDLE; diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 100a905b066..6404b6ab190 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -996,19 +996,14 @@ static NTSTATUS unseal_message( void *args ) static NTSTATUS verify_signature( void *args ) { struct verify_signature_params *params = args; - SecBufferDesc *msg = params->msg; OM_uint32 ret, minor_status; gss_buffer_desc data_buffer, token_buffer; gss_ctx_id_t ctx_handle = ctxhandle_sspi_to_gss( params->context ); - int data_idx, token_idx;
- if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN; - data_buffer.length = msg->pBuffers[data_idx].cbBuffer; - data_buffer.value = msg->pBuffers[data_idx].pvBuffer; - - if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN; - token_buffer.length = msg->pBuffers[token_idx].cbBuffer; - token_buffer.value = msg->pBuffers[token_idx].pvBuffer; + data_buffer.length = params->data_length; + data_buffer.value = params->data; + token_buffer.length = params->token_length; + token_buffer.value = params->token;
ret = pgss_verify_mic( &minor_status, ctx_handle, &data_buffer, &token_buffer, NULL ); TRACE( "gss_verify_mic returned %#x minor status %#x\n", ret, minor_status ); diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h index b5a058b855c..e7ce7e0b4f3 100644 --- a/dlls/kerberos/unixlib.h +++ b/dlls/kerberos/unixlib.h @@ -108,7 +108,10 @@ struct unseal_message_params struct verify_signature_params { UINT64 context; - SecBufferDesc *msg; + BYTE *data; + ULONG data_length; + BYTE *token; + ULONG token_length; ULONG *qop; };