Rob Shearman : rpcrt4: Pass the SPN input to RpcBindingSetAuthInfoA/ W into InitializeSecurityContextW instead of AcquireCredentialsHandleA/W.
Alexandre Julliard
julliard at winehq.org
Wed Jan 23 14:36:47 CST 2008
Module: wine
Branch: master
Commit: 2badb4faea2d1256f397ee03950161ec8d7a41e4
URL: http://source.winehq.org/git/wine.git/?a=commit;h=2badb4faea2d1256f397ee03950161ec8d7a41e4
Author: Rob Shearman <rob at codeweavers.com>
Date: Wed Jan 23 16:32:54 2008 +0000
rpcrt4: Pass the SPN input to RpcBindingSetAuthInfoA/W into InitializeSecurityContextW instead of AcquireCredentialsHandleA/W.
---
dlls/rpcrt4/rpc_binding.c | 32 ++++++++++++++++++++++++++------
dlls/rpcrt4/rpc_binding.h | 1 +
dlls/rpcrt4/rpc_message.c | 8 ++++----
3 files changed, 31 insertions(+), 10 deletions(-)
diff --git a/dlls/rpcrt4/rpc_binding.c b/dlls/rpcrt4/rpc_binding.c
index bcf89da..3a8afde 100644
--- a/dlls/rpcrt4/rpc_binding.c
+++ b/dlls/rpcrt4/rpc_binding.c
@@ -937,6 +937,7 @@ static RPC_STATUS RpcAuthInfo_Create(ULONG AuthnLevel, ULONG AuthnSvc,
AuthInfo->exp = exp;
AuthInfo->cbMaxToken = cbMaxToken;
AuthInfo->identity = identity;
+ AuthInfo->server_principal_name = NULL;
/* duplicate the SEC_WINNT_AUTH_IDENTITY structure, if applicable, to
* enable better matching in RpcAuthInfo_IsEqual */
@@ -1004,6 +1005,7 @@ ULONG RpcAuthInfo_Release(RpcAuthInfo *AuthInfo)
HeapFree(GetProcessHeap(), 0, AuthInfo->nt_identity->Password);
HeapFree(GetProcessHeap(), 0, AuthInfo->nt_identity);
}
+ HeapFree(GetProcessHeap(), 0, AuthInfo->server_principal_name);
HeapFree(GetProcessHeap(), 0, AuthInfo);
}
@@ -1415,7 +1417,7 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName,
}
TRACE("found package %s for service %u\n", packages[i].Name, AuthnSvc);
- r = AcquireCredentialsHandleA((SEC_CHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
+ r = AcquireCredentialsHandleA(NULL, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
AuthIdentity, NULL, NULL, &cred, &exp);
cbMaxToken = packages[i].cbMaxToken;
FreeContextBuffer(packages);
@@ -1426,8 +1428,17 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName,
AuthIdentity, &new_auth_info);
if (r == RPC_S_OK)
{
- if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
- bind->AuthInfo = new_auth_info;
+ new_auth_info->server_principal_name = RPCRT4_strdupAtoW((char *)ServerPrincName);
+ if (new_auth_info->server_principal_name)
+ {
+ if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
+ bind->AuthInfo = new_auth_info;
+ }
+ else
+ {
+ RpcAuthInfo_Release(new_auth_info);
+ r = ERROR_OUTOFMEMORY;
+ }
}
else
FreeCredentialsHandle(&cred);
@@ -1535,7 +1546,7 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName,
}
TRACE("found package %s for service %u\n", debugstr_w(packages[i].Name), AuthnSvc);
- r = AcquireCredentialsHandleW((SEC_WCHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
+ r = AcquireCredentialsHandleW(NULL, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
AuthIdentity, NULL, NULL, &cred, &exp);
cbMaxToken = packages[i].cbMaxToken;
FreeContextBuffer(packages);
@@ -1546,8 +1557,17 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName,
AuthIdentity, &new_auth_info);
if (r == RPC_S_OK)
{
- if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
- bind->AuthInfo = new_auth_info;
+ new_auth_info->server_principal_name = RPCRT4_strdupW(ServerPrincName);
+ if (new_auth_info->server_principal_name)
+ {
+ if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
+ bind->AuthInfo = new_auth_info;
+ }
+ else
+ {
+ RpcAuthInfo_Release(new_auth_info);
+ r = ERROR_OUTOFMEMORY;
+ }
}
else
FreeCredentialsHandle(&cred);
diff --git a/dlls/rpcrt4/rpc_binding.h b/dlls/rpcrt4/rpc_binding.h
index e3a3c95..e169a65 100644
--- a/dlls/rpcrt4/rpc_binding.h
+++ b/dlls/rpcrt4/rpc_binding.h
@@ -41,6 +41,7 @@ typedef struct _RpcAuthInfo
/* our copy of NT auth identity structure, if the authentication service
* takes an NT auth identity */
SEC_WINNT_AUTH_IDENTITY_W *nt_identity;
+ LPWSTR server_principal_name;
} RpcAuthInfo;
typedef struct _RpcQualityOfService
diff --git a/dlls/rpcrt4/rpc_message.c b/dlls/rpcrt4/rpc_message.c
index f56e3a4..a720199 100644
--- a/dlls/rpcrt4/rpc_message.c
+++ b/dlls/rpcrt4/rpc_message.c
@@ -581,10 +581,10 @@ static RPC_STATUS RPCRT4_ClientAuthorize(RpcConnection *conn, SecBuffer *in,
inp_desc.pBuffers = in;
inp_desc.ulVersion = 0;
- r = InitializeSecurityContextA(&conn->AuthInfo->cred, in ? &conn->ctx : NULL,
- NULL, context_req, 0, SECURITY_NETWORK_DREP,
- in ? &inp_desc : NULL, 0, &conn->ctx, &out_desc, &conn->attr,
- &conn->exp);
+ r = InitializeSecurityContextW(&conn->AuthInfo->cred, in ? &conn->ctx : NULL,
+ in ? NULL : conn->AuthInfo->server_principal_name, context_req, 0,
+ SECURITY_NETWORK_DREP, in ? &inp_desc : NULL, 0, &conn->ctx,
+ &out_desc, &conn->attr, &conn->exp);
if (FAILED(r))
{
WARN("InitializeSecurityContext failed with error 0x%08x\n", r);
More information about the wine-cvs
mailing list