[PATCH] kerberos: Calling InitializeSecurityContext without a token buffer is not an error.
Dmitry Timoshkov
dmitry at baikal.ru
Sun Feb 4 22:49:16 CST 2018
This patch makes Kerberos Authentication Tester work with https and dotnet40.
Apparently that's a dotnet40 quirk that it passes not NULL input buffers
but doesn't mark any of buffers as a token, dotnet20 passes NULL input.
Note, that in order to make version 2.0 applications work (Kerberos
Authentication Tester is such an application) with dotnet40+ one
needs to add to the registry key
[Software\\Microsoft\\.NETFramework]
"OnlyUseLatestCLR"=dword:00000001
Signed-off-by: Dmitry Timoshkov <dmitry at baikal.ru>
---
dlls/kerberos/krb5_ap.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c
index 8b5b6128ac..1bba926a7e 100644
--- a/dlls/kerberos/krb5_ap.c
+++ b/dlls/kerberos/krb5_ap.c
@@ -913,9 +913,13 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential,
if (!input) input_token.length = 0;
else
{
- if ((idx = get_buffer_index( input, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
- input_token.length = input->pBuffers[idx].cbBuffer;
- input_token.value = input->pBuffers[idx].pvBuffer;
+ if ((idx = get_buffer_index( input, SECBUFFER_TOKEN )) == -1)
+ input_token.length = 0;
+ else
+ {
+ input_token.length = input->pBuffers[idx].cbBuffer;
+ input_token.value = input->pBuffers[idx].pvBuffer;
+ }
}
if ((idx = get_buffer_index( output, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
--
2.16.1
More information about the wine-devel
mailing list