[PATCH 13/13] secur32: Add support for switching between Kerberos and NTLM in Negotiate provider. - wine-devel

18 Jan 2018

Based on generic wrapper.c implementation.
Signed-off-by: Dmitry Timoshkov dmitry@baikal.ru
---
 dlls/secur32/negotiate.c    | 330 ++++++++++++++++++++++++++++++++++++--------
 dlls/secur32/ntlm.c         |   4 +-
 dlls/secur32/secur32_priv.h |  19 +--
 dlls/secur32/wrapper.c      |   2 +-
 4 files changed, 277 insertions(+), 78 deletions(-)

diff --git a/dlls/secur32/negotiate.c b/dlls/secur32/negotiate.c
index bf16258fc2..c7ab97ef79 100644
--- a/dlls/secur32/negotiate.c
+++ b/dlls/secur32/negotiate.c
@@ -62,20 +62,41 @@ static SECURITY_STATUS SEC_ENTRY nego_AcquireCredentialsHandleW(
     PVOID pGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry )
 {
     static SEC_WCHAR ntlmW[] = {'N','T','L','M',0};
+    static SEC_WCHAR kerberosW[] = {'K','e','r','b','e','r','o','s',0};
     SECURITY_STATUS ret;
+    SecurePackage *package;
+    CredHandle myCred;
TRACE("%s, %s, 0x%08x, %p, %p, %p, %p, %p, %p\n",
           debugstr_w(pszPrincipal), debugstr_w(pszPackage), fCredentialUse,
           pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, phCredential, ptsExpiry);
-    FIXME("forwarding to NTLM\n");
-    ret = ntlm_AcquireCredentialsHandleW( pszPrincipal, ntlmW, fCredentialUse,
-                                          pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument,
-                                          phCredential, ptsExpiry );
+    if (!pszPackage)
+        return SEC_E_SECPKG_NOT_FOUND;
+
+    package = SECUR32_findPackageW(kerberosW);
+    if (!package || !package->provider)
+    {
+        package = SECUR32_findPackageW(ntlmW);
+        if (!package || !package->provider)
+            return SEC_E_SECPKG_NOT_FOUND;
+    }
+
+    if (!package->provider->fnTableW.AcquireCredentialsHandleW)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    ret = package->provider->fnTableW.AcquireCredentialsHandleW(
+                 pszPrincipal, package->infoW.Name, fCredentialUse, pLogonID,
+                 pAuthData, pGetKeyFn, pGetKeyArgument, &myCred,
+                 ptsExpiry);
     if (ret == SEC_E_OK)
     {
-        NtlmCredentials *cred = (NtlmCredentials *)phCredential->dwLower;
-        cred->no_cached_credentials = (pAuthData == NULL);
+        ret = SECUR32_makeSecHandle(phCredential, package, &myCred);
+        if (ret != SEC_E_OK)
+            package->provider->fnTableW.FreeCredentialsHandle(&myCred);
     }
     return ret;
 }
@@ -173,15 +194,56 @@ static SECURITY_STATUS SEC_ENTRY nego_InitializeSecurityContextW(
     PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext,
     PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry )
 {
+    SECURITY_STATUS ret;
+    SecurePackage *package = NULL;
+    PCredHandle cred = NULL;
+    PCredHandle ctxt = NULL;
+    CtxtHandle myCtxt;
+
     TRACE("%p, %p, %s, 0x%08x, %u, %u, %p, %u, %p, %p, %p, %p\n",
           phCredential, phContext, debugstr_w(pszTargetName), fContextReq,
           Reserved1, TargetDataRep, pInput, Reserved1, phNewContext, pOutput,
           pfContextAttr, ptsExpiry);
-    return ntlm_InitializeSecurityContextW( phCredential, phContext, pszTargetName,
-                                            fContextReq, Reserved1, TargetDataRep,
-                                            pInput, Reserved2, phNewContext,
-                                            pOutput, pfContextAttr, ptsExpiry );
+    if (phContext)
+    {
+        package = (SecurePackage *)phContext->dwUpper;
+        ctxt = (PCtxtHandle)phContext->dwLower;
+    }
+    if (phCredential)
+    {
+        package = (SecurePackage *)phCredential->dwUpper;
+        cred = (PCredHandle)phCredential->dwLower;
+    }
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.InitializeSecurityContextW)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    if (phContext)
+    {
+        PCtxtHandle realCtxt = (PCtxtHandle)phContext->dwLower;
+        myCtxt.dwUpper = realCtxt->dwUpper;
+        myCtxt.dwLower = realCtxt->dwLower;
+    }
+
+    ret = package->provider->fnTableW.InitializeSecurityContextW(
+                 cred, ctxt, pszTargetName, fContextReq,
+                 Reserved1, TargetDataRep, pInput, Reserved2, phNewContext ? &myCtxt : NULL,
+                 pOutput, pfContextAttr, ptsExpiry);
+    if ((ret == SEC_E_OK || ret == SEC_I_CONTINUE_NEEDED) &&
+        phNewContext && phNewContext != phContext)
+    {
+        if (SECUR32_makeSecHandle(phNewContext, package, &myCtxt) != SEC_E_OK)
+            package->provider->fnTableW.DeleteSecurityContext(&myCtxt);
+    }
+
+    return ret;
 }
/***********************************************************************
@@ -223,13 +285,49 @@ static SECURITY_STATUS SEC_ENTRY nego_AcceptSecurityContext(
     ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
     PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
 {
+    SecurePackage *package;
+    PCredHandle cred;
+    CtxtHandle myCtxt;
+    SECURITY_STATUS ret;
+
     TRACE("%p, %p, %p, 0x%08x, %u, %p, %p, %p, %p\n", phCredential, phContext,
           pInput, fContextReq, TargetDataRep, phNewContext, pOutput, pfContextAttr,
           ptsExpiry);
-    return ntlm_AcceptSecurityContext( phCredential, phContext, pInput,
-                                       fContextReq, TargetDataRep, phNewContext,
-                                       pOutput, pfContextAttr, ptsExpiry );
+    if (!phCredential)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phCredential->dwUpper;
+    cred = (PCredHandle)phCredential->dwLower;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.AcceptSecurityContext)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    if(phContext)
+    {
+        PCtxtHandle realCtxt = (PCtxtHandle)phContext->dwLower;
+        TRACE("realCtx: %p\n", realCtxt);
+        myCtxt.dwUpper = realCtxt->dwUpper;
+        myCtxt.dwLower = realCtxt->dwLower;
+    }
+
+    ret = package->provider->fnTableW.AcceptSecurityContext(
+                 cred, phContext ? &myCtxt : NULL, pInput, fContextReq,
+                 TargetDataRep, &myCtxt, pOutput, pfContextAttr, ptsExpiry);
+    if ((ret == SEC_E_OK || ret == SEC_I_CONTINUE_NEEDED) &&
+        phNewContext && phNewContext != phContext)
+    {
+        if (SECUR32_makeSecHandle(phNewContext, package, &myCtxt) != SEC_E_OK)
+            package->provider->fnTableW.DeleteSecurityContext(&myCtxt);
+    }
+
+    return ret;
 }
/***********************************************************************
@@ -257,9 +355,31 @@ static SECURITY_STATUS SEC_ENTRY nego_CompleteAuthToken(PCtxtHandle phContext,
  */
 static SECURITY_STATUS SEC_ENTRY nego_DeleteSecurityContext(PCtxtHandle phContext)
 {
+    SecurePackage *package;
+    PCtxtHandle ctxt;
+    SECURITY_STATUS ret;
+
     TRACE("%p\n", phContext);
+    if (!phContext)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phContext->dwUpper;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.DeleteSecurityContext)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    ctxt = (PCtxtHandle)phContext->dwLower;
-    return ntlm_DeleteSecurityContext( phContext );
+    ret = package->provider->fnTableW.DeleteSecurityContext(ctxt);
+    HeapFree(GetProcessHeap(), 0, ctxt);
+
+    return ret;
 }
/***********************************************************************
@@ -288,29 +408,28 @@ static SECURITY_STATUS SEC_ENTRY nego_ApplyControlToken(PCtxtHandle phContext,
 static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesW(
     PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
 {
+    SecurePackage *package;
+    PCtxtHandle ctxt;
+
     TRACE("%p, %u, %p\n", phContext, ulAttribute, pBuffer);
-    switch (ulAttribute)
-    {
-    case SECPKG_ATTR_SIZES:
-    {
-        SecPkgContext_Sizes *sizes = (SecPkgContext_Sizes *)pBuffer;
-        sizes->cbMaxToken        = 2888;
-        sizes->cbMaxSignature    = 16;
-        sizes->cbSecurityTrailer = 16;
-        sizes->cbBlockSize       = 0;
-        return SEC_E_OK;
-    }
-    case SECPKG_ATTR_NEGOTIATION_INFO:
+    if (!phContext)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phContext->dwUpper;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.QueryContextAttributesW)
     {
-        SecPkgContext_NegotiationInfoW *info = (SecPkgContext_NegotiationInfoW *)pBuffer;
-        info->PackageInfo      = ntlm_package_infoW;
-        info->NegotiationState = SECPKG_NEGOTIATION_COMPLETE;
-        return SEC_E_OK;
-    }
-    default:
-        return ntlm_QueryContextAttributesW( phContext, ulAttribute, pBuffer );
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
     }
+
+    ctxt = (PCtxtHandle)phContext->dwLower;
+
+    return package->provider->fnTableW.QueryContextAttributesW(ctxt, ulAttribute, pBuffer);
 }
/***********************************************************************
@@ -319,29 +438,28 @@ static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesW(
 static SECURITY_STATUS SEC_ENTRY nego_QueryContextAttributesA(PCtxtHandle phContext,
  ULONG ulAttribute, void *pBuffer)
 {
+    SecurePackage *package;
+    PCtxtHandle ctxt;
+
     TRACE("%p, %u, %p\n", phContext, ulAttribute, pBuffer);
-    switch (ulAttribute)
-    {
-    case SECPKG_ATTR_SIZES:
-    {
-        SecPkgContext_Sizes *sizes = (SecPkgContext_Sizes *)pBuffer;
-        sizes->cbMaxToken        = 2888;
-        sizes->cbMaxSignature    = 16;
-        sizes->cbSecurityTrailer = 16;
-        sizes->cbBlockSize       = 0;
-        return SEC_E_OK;
-    }
-    case SECPKG_ATTR_NEGOTIATION_INFO:
+    if (!phContext)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phContext->dwUpper;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableA.QueryContextAttributesA)
     {
-        SecPkgContext_NegotiationInfoA *info = (SecPkgContext_NegotiationInfoA *)pBuffer;
-        info->PackageInfo      = ntlm_package_infoA;
-        info->NegotiationState = SECPKG_NEGOTIATION_COMPLETE;
-        return SEC_E_OK;
-    }
-    default:
-        return ntlm_QueryContextAttributesA( phContext, ulAttribute, pBuffer );
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
     }
+
+    ctxt = (PCtxtHandle)phContext->dwLower;
+
+    return package->provider->fnTableA.QueryContextAttributesA(ctxt, ulAttribute, pBuffer);
 }
/***********************************************************************
@@ -388,9 +506,28 @@ static SECURITY_STATUS SEC_ENTRY nego_RevertSecurityContext(PCtxtHandle phContex
 static SECURITY_STATUS SEC_ENTRY nego_MakeSignature(PCtxtHandle phContext,
     ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
 {
+    SecurePackage *package;
+    PCtxtHandle ctxt;
+
     TRACE("%p, 0x%08x, %p, %u\n", phContext, fQOP, pMessage, MessageSeqNo);
-    return ntlm_MakeSignature( phContext, fQOP, pMessage, MessageSeqNo );
+    if (!phContext)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phContext->dwUpper;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.MakeSignature)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    ctxt = (PCtxtHandle)phContext->dwLower;
+
+    return package->provider->fnTableW.MakeSignature(ctxt, fQOP, pMessage, MessageSeqNo);
 }
/***********************************************************************
@@ -399,9 +536,28 @@ static SECURITY_STATUS SEC_ENTRY nego_MakeSignature(PCtxtHandle phContext,
 static SECURITY_STATUS SEC_ENTRY nego_VerifySignature(PCtxtHandle phContext,
     PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
 {
+    SecurePackage *package;
+    PCtxtHandle ctxt;
+
     TRACE("%p, %p, %u, %p\n", phContext, pMessage, MessageSeqNo, pfQOP);
-    return ntlm_VerifySignature( phContext, pMessage, MessageSeqNo, pfQOP );
+    if (!phContext)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phContext->dwUpper;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.VerifySignature)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    ctxt = (PCtxtHandle)phContext->dwLower;
+
+    return package->provider->fnTableW.VerifySignature(ctxt, pMessage, MessageSeqNo, pfQOP);
 }
/***********************************************************************
@@ -409,9 +565,31 @@ static SECURITY_STATUS SEC_ENTRY nego_VerifySignature(PCtxtHandle phContext,
  */
 static SECURITY_STATUS SEC_ENTRY nego_FreeCredentialsHandle(PCredHandle phCredential)
 {
+    SecurePackage *package;
+    PCredHandle cred;
+    SECURITY_STATUS ret;
+
     TRACE("%p\n", phCredential);
-    return ntlm_FreeCredentialsHandle( phCredential );
+    if (!phCredential)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phCredential->dwUpper;
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.FreeCredentialsHandle)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    cred = (PCredHandle)phCredential->dwLower;
+
+    ret = package->provider->fnTableW.FreeCredentialsHandle(cred);
+    HeapFree(GetProcessHeap(), 0, cred);
+
+    return ret;
 }
/***********************************************************************
@@ -420,9 +598,28 @@ static SECURITY_STATUS SEC_ENTRY nego_FreeCredentialsHandle(PCredHandle phCreden
 static SECURITY_STATUS SEC_ENTRY nego_EncryptMessage(PCtxtHandle phContext,
     ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
 {
+    SecurePackage *package;
+    PCtxtHandle ctxt;
+
     TRACE("%p, 0x%08x, %p, %u\n", phContext, fQOP, pMessage, MessageSeqNo);
-    return ntlm_EncryptMessage( phContext, fQOP, pMessage, MessageSeqNo );
+    if (!phContext)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phContext->dwUpper;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.EncryptMessage)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    ctxt = (PCtxtHandle)phContext->dwLower;
+
+    return package->provider->fnTableW.EncryptMessage(ctxt, fQOP, pMessage, MessageSeqNo);
 }
/***********************************************************************
@@ -431,9 +628,28 @@ static SECURITY_STATUS SEC_ENTRY nego_EncryptMessage(PCtxtHandle phContext,
 static SECURITY_STATUS SEC_ENTRY nego_DecryptMessage(PCtxtHandle phContext,
     PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
 {
+    SecurePackage *package;
+    PCtxtHandle ctxt;
+
     TRACE("%p, %p, %u, %p\n", phContext, pMessage, MessageSeqNo, pfQOP);
-    return ntlm_DecryptMessage( phContext, pMessage, MessageSeqNo, pfQOP );
+    if (!phContext)
+        return SEC_E_INVALID_HANDLE;
+
+    package = (SecurePackage *)phContext->dwUpper;
+
+    if (!package || !package->provider)
+        return SEC_E_INVALID_HANDLE;
+
+    if (!package->provider->fnTableW.DecryptMessage)
+    {
+        FIXME("Package doesn't support this API\n");
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    ctxt = (PCtxtHandle)phContext->dwLower;
+
+    return package->provider->fnTableW.DecryptMessage(ctxt, pMessage, MessageSeqNo, pfQOP);
 }
static const SecurityFunctionTableA negoTableA = {
diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index 94b94f48ce..2d0557b200 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -151,7 +151,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(
                 ntlm_cred->domain_arg = NULL;
                 ntlm_cred->password = NULL;
                 ntlm_cred->pwlen = 0;
-                ntlm_cred->no_cached_credentials = 0;
+                ntlm_cred->no_cached_credentials = (pAuthData == NULL);
phCredential->dwUpper = fCredentialUse;
                 phCredential->dwLower = (ULONG_PTR)ntlm_cred;
@@ -172,7 +172,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(
                 ntlm_cred->domain_arg = NULL;
                 ntlm_cred->password = NULL;
                 ntlm_cred->pwlen = 0;
-                ntlm_cred->no_cached_credentials = 0;
+                ntlm_cred->no_cached_credentials = (pAuthData == NULL);
if(pAuthData != NULL)
                 {
diff --git a/dlls/secur32/secur32_priv.h b/dlls/secur32/secur32_priv.h
index 973b75c699..e029ea12c4 100644
--- a/dlls/secur32/secur32_priv.h
+++ b/dlls/secur32/secur32_priv.h
@@ -189,24 +189,7 @@ void SECUR32_arc4Cleanup(arc4_info *a4i) DECLSPEC_HIDDEN;
 #define NTLMSSP_NEGOTIATE_KEY_EXCHANGE              0x40000000
 #define NTLMSSP_NEGOTIATE_56                        0x80000000
-SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleW(SEC_WCHAR *, SEC_WCHAR *,
-    ULONG, PLUID, PVOID, SEC_GET_KEY_FN, PVOID, PCredHandle, PTimeStamp) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(PCredHandle, PCtxtHandle,
-    SEC_WCHAR *, ULONG fContextReq, ULONG, ULONG, PSecBufferDesc, ULONG, PCtxtHandle,
-    PSecBufferDesc, ULONG *, PTimeStamp) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext(PCredHandle, PCtxtHandle, PSecBufferDesc,
-    ULONG, ULONG, PCtxtHandle, PSecBufferDesc, ULONG *, PTimeStamp) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesA(PCtxtHandle, ULONG, void *) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_QueryContextAttributesW(PCtxtHandle, ULONG, void *) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle, ULONG, PSecBufferDesc, ULONG) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle, PSecBufferDesc, ULONG, PULONG) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_FreeCredentialsHandle(PCredHandle) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_DeleteSecurityContext(PCtxtHandle) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle, ULONG, PSecBufferDesc, ULONG) DECLSPEC_HIDDEN;
-SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle, PSecBufferDesc, ULONG, PULONG) DECLSPEC_HIDDEN;
-
-SecPkgInfoW *ntlm_package_infoW DECLSPEC_HIDDEN;
-SecPkgInfoA *ntlm_package_infoA DECLSPEC_HIDDEN;
+SECURITY_STATUS SECUR32_makeSecHandle(PSecHandle phSec, SecurePackage *package, PSecHandle realHandle) DECLSPEC_HIDDEN;
/* schannel internal interface */
 typedef struct schan_imp_session_opaque *schan_imp_session;
diff --git a/dlls/secur32/wrapper.c b/dlls/secur32/wrapper.c
index dba675422d..85941d0361 100644
--- a/dlls/secur32/wrapper.c
+++ b/dlls/secur32/wrapper.c
@@ -32,7 +32,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(secur32);
  * and stored in phSec->dwLower).  SecHandle is equivalent to both a
  * CredHandle and a CtxtHandle.
  */
-static SECURITY_STATUS SECUR32_makeSecHandle(PSecHandle phSec,
+SECURITY_STATUS SECUR32_makeSecHandle(PSecHandle phSec,
  SecurePackage *package, PSecHandle realHandle)
 {
     SECURITY_STATUS ret;
-- 
2.15.1



    