[PATCH v2 4/5] kerberos: Move support for SpMakeSignature to the Unix library.
Hans Leidekker
hans at codeweavers.com
Tue Apr 20 08:56:51 CDT 2021
Signed-off-by: Hans Leidekker <hans at codeweavers.com>
---
dlls/kerberos/krb5_ap.c | 35 +----------------------------------
dlls/kerberos/unixlib.c | 30 ++++++++++++++++++++++++++++++
dlls/kerberos/unixlib.h | 1 +
3 files changed, 32 insertions(+), 34 deletions(-)
diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c
index 176546d9e1d..998a1cd7636 100644
--- a/dlls/kerberos/krb5_ap.c
+++ b/dlls/kerberos/krb5_ap.c
@@ -1052,57 +1052,24 @@ NTSTATUS NTAPI SpLsaModeInitialize(ULONG lsa_version, PULONG package_version,
*package_version = SECPKG_INTERFACE_VERSION;
*table = &kerberos_table;
*table_count = 1;
-
return STATUS_SUCCESS;
}
static NTSTATUS NTAPI kerberos_SpInstanceInit(ULONG version, SECPKG_DLL_FUNCTIONS *dll_function_table, void **user_functions)
{
TRACE("%#x,%p,%p\n", version, dll_function_table, user_functions);
-
return STATUS_SUCCESS;
}
static NTSTATUS SEC_ENTRY kerberos_SpMakeSignature( LSA_SEC_HANDLE context, ULONG quality_of_protection,
SecBufferDesc *message, ULONG message_seq_no )
{
-#ifdef SONAME_LIBGSSAPI_KRB5
- OM_uint32 ret, minor_status;
- gss_buffer_desc data_buffer, token_buffer;
- gss_ctx_id_t ctxt_handle;
- int data_idx, token_idx;
-
TRACE( "(%lx 0x%08x %p %u)\n", context, quality_of_protection, message, message_seq_no );
if (quality_of_protection) FIXME( "ignoring quality_of_protection 0x%08x\n", quality_of_protection );
if (message_seq_no) FIXME( "ignoring message_seq_no %u\n", message_seq_no );
if (!context) return SEC_E_INVALID_HANDLE;
- ctxt_handle = ctxthandle_sspi_to_gss( context );
-
- /* FIXME: multiple data buffers, read-only buffers */
- if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
- data_buffer.length = message->pBuffers[data_idx].cbBuffer;
- data_buffer.value = message->pBuffers[data_idx].pvBuffer;
-
- if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
- token_buffer.length = 0;
- token_buffer.value = NULL;
-
- ret = pgss_get_mic( &minor_status, ctxt_handle, GSS_C_QOP_DEFAULT, &data_buffer, &token_buffer );
- TRACE( "gss_get_mic returned %08x minor status %08x\n", ret, minor_status );
- if (GSS_ERROR(ret)) trace_gss_status( ret, minor_status );
- if (ret == GSS_S_COMPLETE)
- {
- memcpy( message->pBuffers[token_idx].pvBuffer, token_buffer.value, token_buffer.length );
- message->pBuffers[token_idx].cbBuffer = token_buffer.length;
- pgss_release_buffer( &minor_status, &token_buffer );
- }
-
- return status_gss_to_sspi( ret );
-#else
- FIXME( "(%lx 0x%08x %p %u)\n", context, quality_of_protection, message, message_seq_no );
- return SEC_E_UNSUPPORTED_FUNCTION;
-#endif
+ return krb5_funcs->make_signature( context, message );
}
static NTSTATUS NTAPI kerberos_SpVerifySignature( LSA_SEC_HANDLE context, SecBufferDesc *message,
diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c
index 04bff0b032e..f67f22ad8d8 100644
--- a/dlls/kerberos/unixlib.c
+++ b/dlls/kerberos/unixlib.c
@@ -558,6 +558,35 @@ static NTSTATUS CDECL initialize_context( LSA_SEC_HANDLE credential, LSA_SEC_HAN
return status_gss_to_sspi( ret );
}
+static NTSTATUS CDECL make_signature( LSA_SEC_HANDLE context, SecBufferDesc *msg )
+{
+ OM_uint32 ret, minor_status;
+ gss_buffer_desc data_buffer, token_buffer;
+ gss_ctx_id_t ctx_handle = ctxhandle_sspi_to_gss( context );
+ int data_idx, token_idx;
+
+ /* FIXME: multiple data buffers, read-only buffers */
+ if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
+ data_buffer.length = msg->pBuffers[data_idx].cbBuffer;
+ data_buffer.value = msg->pBuffers[data_idx].pvBuffer;
+
+ if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+ token_buffer.length = 0;
+ token_buffer.value = NULL;
+
+ ret = pgss_get_mic( &minor_status, ctx_handle, GSS_C_QOP_DEFAULT, &data_buffer, &token_buffer );
+ TRACE( "gss_get_mic returned %08x minor status %08x\n", ret, minor_status );
+ if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status );
+ if (ret == GSS_S_COMPLETE)
+ {
+ memcpy( msg->pBuffers[token_idx].pvBuffer, token_buffer.value, token_buffer.length );
+ msg->pBuffers[token_idx].cbBuffer = token_buffer.length;
+ pgss_release_buffer( &minor_status, &token_buffer );
+ }
+
+ return status_gss_to_sspi( ret );
+}
+
static const struct krb5_funcs funcs =
{
accept_context,
@@ -565,6 +594,7 @@ static const struct krb5_funcs funcs =
delete_context,
free_credentials_handle,
initialize_context,
+ make_signature,
};
NTSTATUS CDECL __wine_init_unix_lib( HMODULE module, DWORD reason, const void *ptr_in, void *ptr_out )
diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h
index 88d13ce8aab..da487bb781e 100644
--- a/dlls/kerberos/unixlib.h
+++ b/dlls/kerberos/unixlib.h
@@ -29,6 +29,7 @@ struct krb5_funcs
NTSTATUS (CDECL *free_credentials_handle)(LSA_SEC_HANDLE);
NTSTATUS (CDECL *initialize_context)(LSA_SEC_HANDLE, LSA_SEC_HANDLE, const char *, ULONG, SecBufferDesc *,
LSA_SEC_HANDLE *, SecBufferDesc *, ULONG *, TimeStamp *);
+ NTSTATUS (CDECL *make_signature)(LSA_SEC_HANDLE, SecBufferDesc *);
};
extern const struct krb5_funcs *krb5_funcs;
--
2.30.2
More information about the wine-devel
mailing list