Signed-off-by: Nikolay Sivov nsivov@codeweavers.com --- dlls/secur32/schannel_gnutls.c | 42 +++++++++++++++++++--------------- dlls/secur32/secur32_priv.h | 2 +- 2 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/dlls/secur32/schannel_gnutls.c b/dlls/secur32/schannel_gnutls.c index 7c6a0bc0cfc..cfc7907bef4 100644 --- a/dlls/secur32/schannel_gnutls.c +++ b/dlls/secur32/schannel_gnutls.c @@ -136,6 +136,11 @@ MAKE_FUNCPTR(gnutls_x509_privkey_deinit); #define GNUTLS_ALPN_SERVER_PRECEDENCE (1<<1) #endif

+static inline gnutls_session_t session_from_handle(UINT64 handle) +{ + return (gnutls_session_t)(ULONG_PTR)handle; +} + static int compat_cipher_get_block_size(gnutls_cipher_algorithm_t cipher) { switch(cipher) { @@ -369,7 +374,7 @@ static char *get_buffer(const struct schan_transport *t, struct schan_buffers *s static ssize_t pull_adapter(gnutls_transport_ptr_t transport, void *buff, size_t buff_len) { struct schan_transport *t = (struct schan_transport*)transport; - gnutls_session_t s = (gnutls_session_t)t->session; + gnutls_session_t s = session_from_handle(t->session); SIZE_T len = buff_len; char *b;

@@ -390,7 +395,7 @@ static ssize_t pull_adapter(gnutls_transport_ptr_t transport, void *buff, size_t static ssize_t push_adapter(gnutls_transport_ptr_t transport, const void *buff, size_t buff_len) { struct schan_transport *t = (struct schan_transport*)transport; - gnutls_session_t s = (gnutls_session_t)t->session; + gnutls_session_t s = session_from_handle(t->session); SIZE_T len = buff_len; char *b;

@@ -547,7 +552,7 @@ static NTSTATUS schan_create_session( void *args ) static NTSTATUS schan_dispose_session( void *args ) { const struct session_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); pgnutls_deinit(s); return STATUS_SUCCESS; } @@ -555,7 +560,7 @@ static NTSTATUS schan_dispose_session( void *args ) static NTSTATUS schan_set_session_target( void *args ) { const struct set_session_target_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); pgnutls_server_name_set( s, GNUTLS_NAME_DNS, params->target, strlen(params->target) ); return STATUS_SUCCESS; } @@ -563,7 +568,7 @@ static NTSTATUS schan_set_session_target( void *args ) static NTSTATUS schan_handshake( void *args ) { const struct handshake_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); struct schan_transport *t = (struct schan_transport *)pgnutls_transport_get_ptr(s); int err;

@@ -709,20 +714,21 @@ static ALG_ID get_kx_algid(int kx) static NTSTATUS schan_get_session_cipher_block_size( void *args ) { const struct session_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); return pgnutls_cipher_get_block_size(pgnutls_cipher_get(s)); }

static NTSTATUS schan_get_max_message_size( void *args ) { const struct session_params *params = args; - return pgnutls_record_get_max_size((gnutls_session_t)params->session); + gnutls_session_t s = session_from_handle(params->session); + return pgnutls_record_get_max_size(s); }

static NTSTATUS schan_get_connection_info( void *args ) { const struct get_connection_info_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); SecPkgContext_ConnectionInfo *info = params->info; gnutls_protocol_t proto = pgnutls_protocol_get_version(s); gnutls_cipher_algorithm_t alg = pgnutls_cipher_get(s); @@ -743,10 +749,10 @@ static NTSTATUS schan_get_connection_info( void *args ) static NTSTATUS schan_get_unique_channel_binding( void *args ) { const struct get_unique_channel_binding_params *params = args; + gnutls_session_t s = session_from_handle(params->session); gnutls_datum_t datum; int rc; SECURITY_STATUS ret; - gnutls_session_t s = (gnutls_session_t)params->session;

rc = pgnutls_session_channel_binding(s, GNUTLS_CB_TLS_UNIQUE, &datum); if (rc) @@ -769,10 +775,10 @@ static NTSTATUS schan_get_unique_channel_binding( void *args ) static NTSTATUS schan_get_key_signature_algorithm( void *args ) { const struct session_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); gnutls_kx_algorithm_t kx = pgnutls_kx_get(s);

- TRACE("(%p)\n", params->session); + TRACE("(%p)\n", s);

switch (kx) { @@ -791,7 +797,7 @@ static NTSTATUS schan_get_key_signature_algorithm( void *args ) static NTSTATUS schan_get_session_peer_certificate( void *args ) { const struct get_session_peer_certificate_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); const gnutls_datum_t *datum; unsigned int i, size; BYTE *ptr; @@ -825,7 +831,7 @@ static NTSTATUS schan_get_session_peer_certificate( void *args ) static NTSTATUS schan_send( void *args ) { const struct send_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); struct schan_transport *t = (struct schan_transport *)pgnutls_transport_get_ptr(s); SSIZE_T ret, total = 0;

@@ -864,7 +870,7 @@ static NTSTATUS schan_send( void *args ) static NTSTATUS schan_recv( void *args ) { const struct recv_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); struct schan_transport *t = (struct schan_transport *)pgnutls_transport_get_ptr(s); size_t data_size = *params->length; size_t received = 0; @@ -928,7 +934,7 @@ static unsigned int parse_alpn_protocol_list(unsigned char *buffer, unsigned int static NTSTATUS schan_set_application_protocols( void *args ) { const struct set_application_protocols_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); unsigned int extension_len, extension, count = 0, offset = 0; unsigned short list_len; gnutls_datum_t *protocols; @@ -968,7 +974,7 @@ static NTSTATUS schan_set_application_protocols( void *args ) static NTSTATUS schan_get_application_protocol( void *args ) { const struct get_application_protocol_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session); SecPkgContext_ApplicationProtocol *protocol = params->protocol; gnutls_datum_t selected;

@@ -989,7 +995,7 @@ static NTSTATUS schan_get_application_protocol( void *args ) static NTSTATUS schan_set_dtls_mtu( void *args ) { const struct set_dtls_mtu_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session);

pgnutls_dtls_set_mtu(s, params->mtu); TRACE("MTU set to %u\n", params->mtu); @@ -999,7 +1005,7 @@ static NTSTATUS schan_set_dtls_mtu( void *args ) static NTSTATUS schan_set_dtls_timeouts( void *args ) { const struct set_dtls_timeouts_params *params = args; - gnutls_session_t s = (gnutls_session_t)params->session; + gnutls_session_t s = session_from_handle(params->session);

pgnutls_dtls_set_timeouts(s, params->retrans_timeout, params->total_timeout); return SEC_E_OK; diff --git a/dlls/secur32/secur32_priv.h b/dlls/secur32/secur32_priv.h index 5c35e4244c8..814d9faf82a 100644 --- a/dlls/secur32/secur32_priv.h +++ b/dlls/secur32/secur32_priv.h @@ -79,7 +79,7 @@ void load_auth_packages(void) DECLSPEC_HIDDEN; void SECUR32_deinitSchannelSP(void) DECLSPEC_HIDDEN;

/* schannel internal interface */ -typedef struct schan_session_opaque *schan_session; +typedef UINT64 schan_session;

typedef struct schan_credentials {

Signed-off-by: Nikolay Sivov nsivov@codeweavers.com --- dlls/secur32/schannel.c | 1 + dlls/secur32/schannel_gnutls.c | 23 +++++++++++++---------- dlls/secur32/secur32_priv.h | 1 + 3 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 5d6e8763095..0973b3c2399 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -821,6 +821,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(

create_params.transport = &ctx->transport; create_params.cred = cred; + create_params.session = &ctx->transport.session; if (GNUTLS_CALL( create_session, &create_params )) { schan_free_handle(handle, SCHAN_HANDLE_CTX); diff --git a/dlls/secur32/schannel_gnutls.c b/dlls/secur32/schannel_gnutls.c index 131b40a45d3..2e462b409d8 100644 --- a/dlls/secur32/schannel_gnutls.c +++ b/dlls/secur32/schannel_gnutls.c @@ -480,18 +480,20 @@ static NTSTATUS schan_create_session( void *args ) { const struct create_session_params *params = args; schan_credentials *cred = params->cred; - gnutls_session_t *s = (gnutls_session_t*)&params->transport->session; char priority[128] = "NORMAL:%LATEST_RECORD_VERSION", *p; BOOL using_vers_all = FALSE, disabled; unsigned int i, flags = (cred->credential_use == SECPKG_CRED_INBOUND) ? GNUTLS_SERVER : GNUTLS_CLIENT; + gnutls_session_t s; int err;

+ *params->session = 0; + if (cred->enabled_protocols & (SP_PROT_DTLS1_0_CLIENT | SP_PROT_DTLS1_2_CLIENT)) { flags |= GNUTLS_DATAGRAM | GNUTLS_NONBLOCK; }

- err = pgnutls_init(s, flags); + err = pgnutls_init(&s, flags); if (err != GNUTLS_E_SUCCESS) { pgnutls_perror(err); @@ -524,27 +526,28 @@ static NTSTATUS schan_create_session( void *args ) }

TRACE("Using %s priority\n", debugstr_a(priority)); - err = pgnutls_priority_set_direct(*s, priority, NULL); + err = pgnutls_priority_set_direct(s, priority, NULL); if (err != GNUTLS_E_SUCCESS) { pgnutls_perror(err); - pgnutls_deinit(*s); + pgnutls_deinit(s); return STATUS_INTERNAL_ERROR; }

- err = pgnutls_credentials_set(*s, GNUTLS_CRD_CERTIFICATE, + err = pgnutls_credentials_set(s, GNUTLS_CRD_CERTIFICATE, (gnutls_certificate_credentials_t)cred->credentials); if (err != GNUTLS_E_SUCCESS) { pgnutls_perror(err); - pgnutls_deinit(*s); + pgnutls_deinit(s); return STATUS_INTERNAL_ERROR; }

- pgnutls_transport_set_pull_function(*s, pull_adapter); - if (flags & GNUTLS_DATAGRAM) pgnutls_transport_set_pull_timeout_function(*s, pull_timeout); - pgnutls_transport_set_push_function(*s, push_adapter); - pgnutls_transport_set_ptr(*s, (gnutls_transport_ptr_t)params->transport); + pgnutls_transport_set_pull_function(s, pull_adapter); + if (flags & GNUTLS_DATAGRAM) pgnutls_transport_set_pull_timeout_function(s, pull_timeout); + pgnutls_transport_set_push_function(s, push_adapter); + pgnutls_transport_set_ptr(s, (gnutls_transport_ptr_t)params->transport); + *params->session = (ULONG_PTR)s;

return STATUS_SUCCESS; } diff --git a/dlls/secur32/secur32_priv.h b/dlls/secur32/secur32_priv.h index e4fa0381433..e58303a4e1b 100644 --- a/dlls/secur32/secur32_priv.h +++ b/dlls/secur32/secur32_priv.h @@ -126,6 +126,7 @@ struct create_session_params { struct schan_transport *transport; schan_credentials *cred; + schan_session *session; };

struct free_certificate_credentials_params

Signed-off-by: Nikolay Sivov nsivov@codeweavers.com --- dlls/secur32/schannel.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 618982d889e..30c86c724b4 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -806,9 +806,8 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( return SEC_E_INVALID_HANDLE; }

- if (!(ctx = malloc(sizeof(*ctx)))) return SEC_E_INSUFFICIENT_MEMORY; + if (!(ctx = calloc(1, sizeof(*ctx)))) return SEC_E_INSUFFICIENT_MEMORY;

- ctx->cert = NULL; handle = schan_alloc_handle(ctx, SCHAN_HANDLE_CTX); if (handle == SCHAN_INVALID_HANDLE) {