Nikolay Sivov : kerberos: Pass input/output buffers directly for initialize_context() call.
Alexandre Julliard
julliard at winehq.org
Mon May 30 15:34:58 CDT 2022
Module: wine
Branch: master
Commit: 6c1cea2aba958a35a7b2c929d8375ebe5edb8609
URL: https://source.winehq.org/git/wine.git/?a=commit;h=6c1cea2aba958a35a7b2c929d8375ebe5edb8609
Author: Nikolay Sivov <nsivov at codeweavers.com>
Date: Sat May 28 21:23:22 2022 +0300
kerberos: Pass input/output buffers directly for initialize_context() call.
Signed-off-by: Nikolay Sivov <nsivov at codeweavers.com>
---
dlls/kerberos/krb5_ap.c | 16 +++++++++++++---
dlls/kerberos/unixlib.c | 31 ++++++-------------------------
dlls/kerberos/unixlib.h | 6 ++++--
3 files changed, 23 insertions(+), 30 deletions(-)
diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c
index 93f9e97e8ef..b600ff06052 100644
--- a/dlls/kerberos/krb5_ap.c
+++ b/dlls/kerberos/krb5_ap.c
@@ -400,19 +400,29 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential,
{
struct cred_handle *cred_handle = (struct cred_handle *)credential;
struct context_handle *context_handle = (struct context_handle *)context;
- struct initialize_context_params params;
+ struct initialize_context_params params = { 0 };
UINT64 new_context_handle = 0;
+ int idx;
params.credential = cred_handle ? cred_handle->handle : 0;
params.context = context_handle ? context_handle->handle : 0;
params.target_name = target;
params.context_req = context_req;
- params.input = input;
params.new_context = &new_context_handle;
- params.output = output;
params.context_attr = context_attr;
params.expiry = &exptime;
+ idx = get_buffer_index( input, SECBUFFER_TOKEN );
+ if (idx != -1)
+ {
+ params.input_token = input->pBuffers[idx].pvBuffer;
+ params.input_token_length = input->pBuffers[idx].cbBuffer;
+ }
+
+ if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+ params.output_token = output->pBuffers[idx].pvBuffer;
+ params.output_token_length = &output->pBuffers[idx].cbBuffer;
+
status = KRB5_CALL( initialize_context, ¶ms );
if (!status)
{
diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c
index 119d2d1dcf9..38b1cf50895 100644
--- a/dlls/kerberos/unixlib.c
+++ b/dlls/kerberos/unixlib.c
@@ -419,17 +419,6 @@ static BOOL is_dce_style_context( gss_ctx_id_t ctx )
return (ret == GSS_S_COMPLETE && (flags & GSS_C_DCE_STYLE));
}
-static int get_buffer_index( SecBufferDesc *desc, DWORD type )
-{
- UINT i;
- if (!desc) return -1;
- for (i = 0; i < desc->cBuffers; i++)
- {
- if (desc->pBuffers[i].BufferType == type) return i;
- }
- return -1;
-}
-
static NTSTATUS status_gss_to_sspi( OM_uint32 status )
{
switch (status)
@@ -707,16 +696,9 @@ static NTSTATUS initialize_context( void *args )
gss_buffer_desc input_token, output_token;
gss_name_t target = GSS_C_NO_NAME;
NTSTATUS status;
- int idx;
- if ((idx = get_buffer_index( params->input, SECBUFFER_TOKEN )) == -1) input_token.length = 0;
- else
- {
- input_token.length = params->input->pBuffers[idx].cbBuffer;
- input_token.value = params->input->pBuffers[idx].pvBuffer;
- }
-
- if ((idx = get_buffer_index( params->output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+ input_token.length = params->input_token_length;
+ input_token.value = params->input_token;
output_token.length = 0;
output_token.value = NULL;
@@ -729,16 +711,15 @@ static NTSTATUS initialize_context( void *args )
if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status );
if (ret == GSS_S_COMPLETE || ret == GSS_S_CONTINUE_NEEDED)
{
- if (output_token.length > params->output->pBuffers[idx].cbBuffer) /* FIXME: check if larger buffer exists */
+ if (output_token.length > *params->output_token_length) /* FIXME: check if larger buffer exists */
{
- TRACE( "buffer too small %lu > %u\n",
- (SIZE_T)output_token.length, (unsigned int)params->output->pBuffers[idx].cbBuffer );
+ TRACE( "buffer too small %lu > %u\n", (SIZE_T)output_token.length, (unsigned int)*params->output_token_length);
pgss_release_buffer( &minor_status, &output_token );
pgss_delete_sec_context( &minor_status, &ctx_handle, GSS_C_NO_BUFFER );
return SEC_E_INCOMPLETE_MESSAGE;
}
- params->output->pBuffers[idx].cbBuffer = output_token.length;
- memcpy( params->output->pBuffers[idx].pvBuffer, output_token.value, output_token.length );
+ *params->output_token_length = output_token.length;
+ memcpy( params->output_token, output_token.value, output_token.length );
pgss_release_buffer( &minor_status, &output_token );
ctxhandle_gss_to_sspi( ctx_handle, params->new_context );
diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h
index 0bdb8a3ec74..f811f583bb2 100644
--- a/dlls/kerberos/unixlib.h
+++ b/dlls/kerberos/unixlib.h
@@ -62,9 +62,11 @@ struct initialize_context_params
UINT64 context;
const char *target_name;
ULONG context_req;
- SecBufferDesc *input;
+ BYTE *input_token;
+ ULONG input_token_length;
+ BYTE *output_token;
+ ULONG *output_token_length;
UINT64 *new_context;
- SecBufferDesc *output;
ULONG *context_attr;
ULONG *expiry;
};
More information about the wine-cvs
mailing list