[07/10] secur32: Implement VerifySignature for Kerberos.
Hans Leidekker
hans at codeweavers.com
Mon Oct 23 04:09:22 CDT 2017
Signed-off-by: Hans Leidekker <hans at codeweavers.com>
---
dlls/secur32/kerberos.c | 34 ++++++++++++++++++++++++++++++++--
1 file changed, 32 insertions(+), 2 deletions(-)
diff --git a/dlls/secur32/kerberos.c b/dlls/secur32/kerberos.c
index d46ede6ee5..8f179eeb08 100644
--- a/dlls/secur32/kerberos.c
+++ b/dlls/secur32/kerberos.c
@@ -55,6 +55,7 @@ MAKE_FUNCPTR(gss_init_sec_context);
MAKE_FUNCPTR(gss_release_buffer);
MAKE_FUNCPTR(gss_release_cred);
MAKE_FUNCPTR(gss_release_name);
+MAKE_FUNCPTR(gss_verify_mic);
#undef MAKE_FUNCPTR
static BOOL load_gssapi_krb5(void)
@@ -81,6 +82,7 @@ static BOOL load_gssapi_krb5(void)
LOAD_FUNCPTR(gss_release_buffer)
LOAD_FUNCPTR(gss_release_cred)
LOAD_FUNCPTR(gss_release_name)
+ LOAD_FUNCPTR(gss_verify_mic)
#undef LOAD_FUNCPTR
return TRUE;
@@ -669,10 +671,38 @@ static SECURITY_STATUS SEC_ENTRY kerberos_MakeSignature( CtxtHandle *phContext,
/***********************************************************************
* VerifySignature
*/
-static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature(CtxtHandle *phContext, SecBufferDesc *pMessage, ULONG MessageSeqNo, PULONG pfQOP)
+static SECURITY_STATUS SEC_ENTRY kerberos_VerifySignature( CtxtHandle *phContext, SecBufferDesc *pMessage,
+ ULONG MessageSeqNo, PULONG pfQOP )
{
- FIXME("(%p %p %d %p)\n", phContext, pMessage, MessageSeqNo, pfQOP);
+#ifdef SONAME_LIBGSSAPI_KRB5
+ OM_uint32 ret, minor_status;
+ gss_buffer_desc data_buffer, token_buffer;
+ gss_ctx_id_t ctxt_handle;
+ int data_idx, token_idx;
+
+ TRACE( "(%p %p %u %p)\n", phContext, pMessage, MessageSeqNo, pfQOP );
+ if (MessageSeqNo) FIXME( "ignoring MessageSeqNo\n" );
+
+ if (!phContext) return SEC_E_INVALID_HANDLE;
+ ctxt_handle = ctxthandle_sspi_to_gss( phContext );
+
+ if ((data_idx = get_buffer_index( pMessage, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
+ data_buffer.length = pMessage->pBuffers[data_idx].cbBuffer;
+ data_buffer.value = pMessage->pBuffers[data_idx].pvBuffer;
+
+ if ((token_idx = get_buffer_index( pMessage, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+ token_buffer.length = pMessage->pBuffers[token_idx].cbBuffer;
+ token_buffer.value = pMessage->pBuffers[token_idx].pvBuffer;
+
+ ret = pgss_verify_mic( &minor_status, ctxt_handle, &data_buffer, &token_buffer, NULL );
+ TRACE( "gss_verify_mic returned %08x minor status %08x\n", ret, minor_status );
+ if (ret == GSS_S_COMPLETE && pfQOP) *pfQOP = 0;
+
+ return status_gss_to_sspi( ret );
+#else
+ FIXME( "(%p %p %u %p)\n", phContext, pMessage, MessageSeqNo, pfQOP );
return SEC_E_UNSUPPORTED_FUNCTION;
+#endif
}
/***********************************************************************
--
2.11.0
More information about the wine-patches
mailing list