Rob Shearman : secur32: Fix NTLM's InitializeSecurityContextA/
W to be flexible with the index of the token buffer in both the input
and output buffer descriptions .
Alexandre Julliard
julliard at wine.codeweavers.com
Fri May 25 14:43:41 CDT 2007
Module: wine
Branch: master
Commit: aa1be492cd16e646c8641d5c87777e48ea4bfb21
URL: http://source.winehq.org/git/wine.git/?a=commit;h=aa1be492cd16e646c8641d5c87777e48ea4bfb21
Author: Rob Shearman <rob at codeweavers.com>
Date: Thu May 24 20:04:47 2007 +0100
secur32: Fix NTLM's InitializeSecurityContextA/W to be flexible with the index of the token buffer in both the input and output buffer descriptions.
---
dlls/secur32/ntlm.c | 81 ++++++++++++++++++++++++---------------------
dlls/secur32/tests/ntlm.c | 10 +++++
2 files changed, 53 insertions(+), 38 deletions(-)
diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c
index 9a1fa3b..5a00c7a 100644
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@@ -370,6 +370,26 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcquireCredentialsHandleA(
return ret;
}
+/*************************************************************************
+ * ntlm_GetTokenBufferIndex
+ * Calculates the index of the secbuffer with BufferType == SECBUFFER_TOKEN
+ * Returns index if found or -1 if not found.
+ */
+static int ntlm_GetTokenBufferIndex(PSecBufferDesc pMessage)
+{
+ UINT i;
+
+ TRACE("%p\n", pMessage);
+
+ for( i = 0; i < pMessage->cBuffers; ++i )
+ {
+ if(pMessage->pBuffers[i].BufferType == SECBUFFER_TOKEN)
+ return i;
+ }
+
+ return -1;
+}
+
/***********************************************************************
* InitializeSecurityContextW
*/
@@ -385,6 +405,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
char* buffer, *want_flags = NULL;
PBYTE bin;
int buffer_len, bin_len, max_len = NTLM_MAX_BUF;
+ int token_idx;
TRACE("%p %p %s %d %d %d %p %d %p %p %p %p\n", phCredential, phContext,
debugstr_w(pszTargetName), fContextReq, Reserved1, TargetDataRep, pInput,
@@ -556,11 +577,13 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
}
else
{
+ int input_token_idx;
+
/* handle second call here */
/* encode server data to base64 */
- if (!pInput || !pInput->cBuffers)
+ if (!pInput || ((input_token_idx = ntlm_GetTokenBufferIndex(pInput)) == -1))
{
- ret = SEC_E_INCOMPLETE_MESSAGE;
+ ret = SEC_E_INVALID_TOKEN;
goto isc_end;
}
@@ -577,23 +600,23 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
return SEC_E_INVALID_HANDLE;
}
- if (!pInput->pBuffers[0].pvBuffer)
+ if (!pInput->pBuffers[input_token_idx].pvBuffer)
{
ret = SEC_E_INTERNAL_ERROR;
goto isc_end;
}
- if(pInput->pBuffers[0].cbBuffer > max_len)
+ if(pInput->pBuffers[input_token_idx].cbBuffer > max_len)
{
TRACE("pInput->pBuffers[0].cbBuffer is: %ld\n",
- pInput->pBuffers[0].cbBuffer);
+ pInput->pBuffers[input_token_idx].cbBuffer);
ret = SEC_E_INVALID_TOKEN;
goto isc_end;
}
else
- bin_len = pInput->pBuffers[0].cbBuffer;
+ bin_len = pInput->pBuffers[input_token_idx].cbBuffer;
- memcpy(bin, pInput->pBuffers[0].pvBuffer, bin_len);
+ memcpy(bin, pInput->pBuffers[input_token_idx].pvBuffer, bin_len);
lstrcpynA(buffer, "TT ", max_len-1);
@@ -632,32 +655,34 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
/* put the decoded client blob into the out buffer */
- if (fContextReq & ISC_REQ_ALLOCATE_MEMORY)
+ if (!pOutput || ((token_idx = ntlm_GetTokenBufferIndex(pOutput)) == -1))
{
- if (pOutput)
- {
- pOutput->cBuffers = 1;
- pOutput->pBuffers[0].pvBuffer = SECUR32_ALLOC(bin_len);
- pOutput->pBuffers[0].cbBuffer = bin_len;
- }
+ WARN("no SECBUFFER_TOKEN buffer could be found\n");
+ ret = SEC_E_BUFFER_TOO_SMALL;
+ goto isc_end;
}
- if (!pOutput || !pOutput->cBuffers || pOutput->pBuffers[0].cbBuffer < bin_len)
+ if (fContextReq & ISC_REQ_ALLOCATE_MEMORY)
+ {
+ pOutput->pBuffers[token_idx].pvBuffer = SECUR32_ALLOC(bin_len);
+ pOutput->pBuffers[token_idx].cbBuffer = bin_len;
+ }
+ else if (pOutput->pBuffers[token_idx].cbBuffer < bin_len)
{
TRACE("out buffer is NULL or has not enough space\n");
ret = SEC_E_BUFFER_TOO_SMALL;
goto isc_end;
}
- if (!pOutput->pBuffers[0].pvBuffer)
+ if (!pOutput->pBuffers[token_idx].pvBuffer)
{
TRACE("out buffer is NULL\n");
ret = SEC_E_INTERNAL_ERROR;
goto isc_end;
}
- pOutput->pBuffers[0].cbBuffer = bin_len;
- memcpy(pOutput->pBuffers[0].pvBuffer, bin, bin_len);
+ pOutput->pBuffers[token_idx].cbBuffer = bin_len;
+ memcpy(pOutput->pBuffers[token_idx].pvBuffer, bin, bin_len);
if(ret == SEC_E_OK)
{
@@ -1237,26 +1262,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_RevertSecurityContext(PCtxtHandle phContex
return ret;
}
-/*************************************************************************
- * ntlm_GetTokenBufferIndex
- * Calculates the index of the secbuffer with BufferType == SECBUFFER_TOKEN
- * Returns index if found or -1 if not found.
- */
-static int ntlm_GetTokenBufferIndex(PSecBufferDesc pMessage)
-{
- UINT i;
-
- TRACE("%p\n", pMessage);
-
- for( i = 0; i < pMessage->cBuffers; ++i )
- {
- if(pMessage->pBuffers[i].BufferType == SECBUFFER_TOKEN)
- return i;
- }
-
- return -1;
-}
-
/***********************************************************************
* ntlm_CreateSignature
* As both MakeSignature and VerifySignature need this, but different keys
diff --git a/dlls/secur32/tests/ntlm.c b/dlls/secur32/tests/ntlm.c
index e25749f..de6bd7f 100644
--- a/dlls/secur32/tests/ntlm.c
+++ b/dlls/secur32/tests/ntlm.c
@@ -448,6 +448,16 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep
ok(out_buf->pBuffers[0].cbBuffer == 0,
"InitializeSecurityContext set buffer size to %lu\n", out_buf->pBuffers[0].cbBuffer);
+
+ out_buf->pBuffers[0].cbBuffer = sspi_data->max_token;
+ out_buf->pBuffers[0].BufferType = SECBUFFER_DATA;
+
+ ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr,
+ 0, data_rep, NULL, 0, sspi_data->ctxt, out_buf,
+ &ctxt_attr, &ttl);
+
+ ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret));
+ out_buf->pBuffers[0].BufferType = SECBUFFER_TOKEN;
}
out_buf->pBuffers[0].cbBuffer = sspi_data->max_token;
More information about the wine-cvs
mailing list