[PATCH 05/10] kerberos: Pass input/output buffers directly for verify_signature() call.
Nikolay Sivov
wine at gitlab.winehq.org
Sat May 28 13:36:53 CDT 2022
From: Nikolay Sivov <nsivov at codeweavers.com>
Signed-off-by: Nikolay Sivov <nsivov at codeweavers.com>
---
dlls/kerberos/krb5_ap.c | 13 ++++++++++++-
dlls/kerberos/unixlib.c | 13 ++++---------
dlls/kerberos/unixlib.h | 5 ++++-
3 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c
index 50d58538836..cecbd66e3a6 100644
--- a/dlls/kerberos/krb5_ap.c
+++ b/dlls/kerberos/krb5_ap.c
@@ -668,7 +668,18 @@ static NTSTATUS NTAPI kerberos_SpVerifySignature( LSA_SEC_HANDLE context, SecBuf
if (context)
{
struct context_handle *context_handle = (void *)context;
- struct verify_signature_params params = { context_handle->handle, message, quality_of_protection };
+ struct verify_signature_params params;
+ int data_idx, token_idx;
+
+ if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
+ if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+
+ params.context = context_handle->handle;
+ params.data_length = message->pBuffers[data_idx].cbBuffer;
+ params.data = message->pBuffers[data_idx].pvBuffer;
+ params.token_length = message->pBuffers[token_idx].cbBuffer;
+ params.token = message->pBuffers[token_idx].pvBuffer;
+
return KRB5_CALL( verify_signature, ¶ms );
}
else return SEC_E_INVALID_HANDLE;
diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c
index 100a905b066..6404b6ab190 100644
--- a/dlls/kerberos/unixlib.c
+++ b/dlls/kerberos/unixlib.c
@@ -996,19 +996,14 @@ static NTSTATUS unseal_message( void *args )
static NTSTATUS verify_signature( void *args )
{
struct verify_signature_params *params = args;
- SecBufferDesc *msg = params->msg;
OM_uint32 ret, minor_status;
gss_buffer_desc data_buffer, token_buffer;
gss_ctx_id_t ctx_handle = ctxhandle_sspi_to_gss( params->context );
- int data_idx, token_idx;
- if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
- data_buffer.length = msg->pBuffers[data_idx].cbBuffer;
- data_buffer.value = msg->pBuffers[data_idx].pvBuffer;
-
- if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
- token_buffer.length = msg->pBuffers[token_idx].cbBuffer;
- token_buffer.value = msg->pBuffers[token_idx].pvBuffer;
+ data_buffer.length = params->data_length;
+ data_buffer.value = params->data;
+ token_buffer.length = params->token_length;
+ token_buffer.value = params->token;
ret = pgss_verify_mic( &minor_status, ctx_handle, &data_buffer, &token_buffer, NULL );
TRACE( "gss_verify_mic returned %#x minor status %#x\n", ret, minor_status );
diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h
index b5a058b855c..e7ce7e0b4f3 100644
--- a/dlls/kerberos/unixlib.h
+++ b/dlls/kerberos/unixlib.h
@@ -108,7 +108,10 @@ struct unseal_message_params
struct verify_signature_params
{
UINT64 context;
- SecBufferDesc *msg;
+ BYTE *data;
+ ULONG data_length;
+ BYTE *token;
+ ULONG token_length;
ULONG *qop;
};
--
GitLab
https://gitlab.winehq.org/wine/wine/-/merge_requests/146
More information about the wine-devel
mailing list