Nikolay Sivov : secur32: Simplify parameters structure of credentials allocation call.
Alexandre Julliard
julliard at winehq.org
Fri May 27 16:35:30 CDT 2022
Module: wine
Branch: master
Commit: 3ac7df1ac4f57514d778b86bf094bf564663acc6
URL: https://source.winehq.org/git/wine.git/?a=commit;h=3ac7df1ac4f57514d778b86bf094bf564663acc6
Author: Nikolay Sivov <nsivov at codeweavers.com>
Date: Fri May 27 10:35:44 2022 +0300
secur32: Simplify parameters structure of credentials allocation call.
Signed-off-by: Nikolay Sivov <nsivov at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/secur32/schannel.c | 21 ++++++++++++++-------
dlls/secur32/schannel_gnutls.c | 23 +++++++++++------------
dlls/secur32/secur32_priv.h | 7 +++++--
3 files changed, 30 insertions(+), 21 deletions(-)
diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c
index 2e663872f71..5d6e8763095 100644
--- a/dlls/secur32/schannel.c
+++ b/dlls/secur32/schannel.c
@@ -545,8 +545,9 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
ULONG_PTR handle;
SECURITY_STATUS status = SEC_E_OK;
const CERT_CONTEXT *cert = NULL;
- DATA_BLOB key_blob = {0};
- struct allocate_certificate_credentials_params params;
+ struct allocate_certificate_credentials_params params = { 0 };
+ BYTE *key_blob = NULL;
+ ULONG key_size = 0;
TRACE("schanCred %p, phCredential %p, ptsExpiry %p\n", schanCred, phCredential, ptsExpiry);
@@ -581,12 +582,18 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
creds->credential_use = SECPKG_CRED_OUTBOUND;
creds->enabled_protocols = enabled_protocols;
- if (cert && !(key_blob.pbData = get_key_blob(cert, &key_blob.cbData))) goto fail;
+ if (cert && !(key_blob = get_key_blob(cert, &key_size))) goto fail;
params.c = creds;
- params.ctx = cert;
- params.key_blob = &key_blob;
+ if (cert)
+ {
+ params.cert_encoding = cert->dwCertEncodingType;
+ params.cert_size = cert->cbCertEncoded;
+ params.cert_blob = cert->pbCertEncoded;
+ }
+ params.key_size = key_size;
+ params.key_blob = key_blob;
if (GNUTLS_CALL( allocate_certificate_credentials, ¶ms )) goto fail;
- RtlFreeHeap(GetProcessHeap(), 0, key_blob.pbData);
+ RtlFreeHeap(GetProcessHeap(), 0, key_blob);
handle = schan_alloc_handle(creds, SCHAN_HANDLE_CRED);
if (handle == SCHAN_INVALID_HANDLE) goto fail;
@@ -605,7 +612,7 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const void *schanCred,
fail:
free(creds);
- RtlFreeHeap(GetProcessHeap(), 0, key_blob.pbData);
+ RtlFreeHeap(GetProcessHeap(), 0, key_blob);
return SEC_E_INTERNAL_ERROR;
}
diff --git a/dlls/secur32/schannel_gnutls.c b/dlls/secur32/schannel_gnutls.c
index cfc7907bef4..131b40a45d3 100644
--- a/dlls/secur32/schannel_gnutls.c
+++ b/dlls/secur32/schannel_gnutls.c
@@ -1038,19 +1038,19 @@ static ULONG set_component(gnutls_datum_t *comp, BYTE *data, ULONG len, ULONG *b
return comp->size;
}
-static gnutls_x509_privkey_t get_x509_key(const DATA_BLOB *key_blob)
+static gnutls_x509_privkey_t get_x509_key(ULONG key_size, const BYTE *key_blob)
{
gnutls_privkey_t key = NULL;
gnutls_x509_privkey_t x509key = NULL;
gnutls_datum_t m, e, d, p, q, u, e1, e2;
BYTE *ptr;
RSAPUBKEY *rsakey;
- DWORD size = key_blob->cbData;
+ DWORD size = key_size;
int ret;
if (size < sizeof(BLOBHEADER)) return NULL;
- rsakey = (RSAPUBKEY *)(key_blob->pbData + sizeof(BLOBHEADER));
+ rsakey = (RSAPUBKEY *)(key_blob + sizeof(BLOBHEADER));
TRACE("RSA key bitlen %u pubexp %u\n", (unsigned)rsakey->bitlen, (unsigned)rsakey->pubexp);
size -= sizeof(BLOBHEADER) + FIELD_OFFSET(RSAPUBKEY, pubexp);
@@ -1082,16 +1082,15 @@ static gnutls_x509_privkey_t get_x509_key(const DATA_BLOB *key_blob)
return x509key;
}
-static gnutls_x509_crt_t get_x509_crt(const CERT_CONTEXT *ctx)
+static gnutls_x509_crt_t get_x509_crt(const struct allocate_certificate_credentials_params *params)
{
gnutls_datum_t data;
gnutls_x509_crt_t crt;
int ret;
- if (!ctx) return FALSE;
- if (ctx->dwCertEncodingType != X509_ASN_ENCODING)
+ if (params->cert_encoding != X509_ASN_ENCODING)
{
- FIXME("encoding type %u not supported\n", (unsigned)ctx->dwCertEncodingType);
+ FIXME("encoding type %u not supported\n", (unsigned)params->cert_encoding);
return NULL;
}
@@ -1101,8 +1100,8 @@ static gnutls_x509_crt_t get_x509_crt(const CERT_CONTEXT *ctx)
return NULL;
}
- data.data = ctx->pbCertEncoded;
- data.size = ctx->cbCertEncoded;
+ data.data = params->cert_blob;
+ data.size = params->cert_size;
if ((ret = pgnutls_x509_crt_import(crt, &data, GNUTLS_X509_FMT_DER)) < 0)
{
pgnutls_perror(ret);
@@ -1128,19 +1127,19 @@ static NTSTATUS schan_allocate_certificate_credentials( void *args )
return STATUS_INTERNAL_ERROR;
}
- if (!params->ctx)
+ if (!params->cert_blob)
{
params->c->credentials = creds;
return STATUS_SUCCESS;
}
- if (!(crt = get_x509_crt(params->ctx)))
+ if (!(crt = get_x509_crt(params)))
{
pgnutls_certificate_free_credentials(creds);
return STATUS_INTERNAL_ERROR;
}
- if (!(key = get_x509_key(params->key_blob)))
+ if (!(key = get_x509_key(params->key_size, params->key_blob)))
{
pgnutls_x509_crt_deinit(crt);
pgnutls_certificate_free_credentials(creds);
diff --git a/dlls/secur32/secur32_priv.h b/dlls/secur32/secur32_priv.h
index 814d9faf82a..e4fa0381433 100644
--- a/dlls/secur32/secur32_priv.h
+++ b/dlls/secur32/secur32_priv.h
@@ -115,8 +115,11 @@ struct session_params
struct allocate_certificate_credentials_params
{
schan_credentials *c;
- const CERT_CONTEXT *ctx;
- const DATA_BLOB *key_blob;
+ ULONG cert_encoding;
+ ULONG cert_size;
+ BYTE *cert_blob;
+ ULONG key_size;
+ BYTE *key_blob;
};
struct create_session_params
More information about the wine-cvs
mailing list