From 4a45679f1aa3af87a8cdd032c4f2b79248d398cc Mon Sep 17 00:00:00 2001 From: Hans Leidekker Date: Fri, 7 May 2021 11:54:39 +0200 Subject: [PATCH] secur32: Use a reserved flag for the cached credentials hack. Signed-off-by: Hans Leidekker Signed-off-by: Alexandre Julliard --- dlls/msv1_0/main.c | 5 +++-- dlls/secur32/negotiate.c | 22 +++++----------------- 2 files changed, 8 insertions(+), 19 deletions(-) diff --git a/dlls/msv1_0/main.c b/dlls/msv1_0/main.c index f61e3c90efe..df9d0dd0f1a 100644 --- a/dlls/msv1_0/main.c +++ b/dlls/msv1_0/main.c @@ -159,6 +159,7 @@ static char *get_domain_arg( const WCHAR *domain, int domain_len ) return ret; } +#define WINE_NO_CACHED_CREDENTIALS 0x10000000 static NTSTATUS NTAPI ntlm_SpAcquireCredentialsHandle( UNICODE_STRING *principal, ULONG cred_use, LUID *logon_id, void *auth_data, void *get_key_fn, void *get_key_arg, LSA_SEC_HANDLE *handle, TimeStamp *expiry ) @@ -171,7 +172,7 @@ static NTSTATUS NTAPI ntlm_SpAcquireCredentialsHandle( UNICODE_STRING *principal TRACE( "%s, 0x%08x, %p, %p, %p, %p, %p, %p\n", debugstr_us(principal), cred_use, logon_id, auth_data, get_key_fn, get_key_arg, cred, expiry ); - switch (cred_use) + switch (cred_use & ~SECPKG_CRED_RESERVED) { case SECPKG_CRED_INBOUND: if (!(cred = malloc( sizeof(*cred) ))) return SEC_E_INSUFFICIENT_MEMORY; @@ -194,7 +195,7 @@ static NTSTATUS NTAPI ntlm_SpAcquireCredentialsHandle( UNICODE_STRING *principal cred->domain_arg = NULL; cred->password = NULL; cred->password_len = 0; - cred->no_cached_credentials = 0; + cred->no_cached_credentials = (cred_use & WINE_NO_CACHED_CREDENTIALS); if ((id = auth_data)) { diff --git a/dlls/secur32/negotiate.c b/dlls/secur32/negotiate.c index 6767790d09f..aeddbccd4f4 100644 --- a/dlls/secur32/negotiate.c +++ b/dlls/secur32/negotiate.c @@ -58,16 +58,7 @@ struct sec_handle SecHandle handle_ntlm; }; -/* matches layout from msv1_0 */ -struct ntlm_cred -{ - int mode; - char *username_arg; - char *domain_arg; - char *password; - int password_len; - int no_cached_credentials; /* don't try to use cached Samba credentials */ -}; +#define WINE_NO_CACHED_CREDENTIALS 0x10000000 /*********************************************************************** * AcquireCredentialsHandleW @@ -99,14 +90,11 @@ static SECURITY_STATUS SEC_ENTRY nego_AcquireCredentialsHandleW( if ((package = SECUR32_findPackageW( ntlmW ))) { + ULONG cred_use = pAuthData ? fCredentialUse : fCredentialUse | WINE_NO_CACHED_CREDENTIALS; + ret = package->provider->fnTableW.AcquireCredentialsHandleW( pszPrincipal, ntlmW, - fCredentialUse, pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, &cred->handle_ntlm, ptsExpiry ); - if (ret == SEC_E_OK) - { - struct ntlm_cred *ntlm_cred = (struct ntlm_cred *)cred->handle_ntlm.dwLower; - ntlm_cred->no_cached_credentials = (pAuthData == NULL); - cred->ntlm = package->provider; - } + cred_use, pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, &cred->handle_ntlm, ptsExpiry ); + if (ret == SEC_E_OK) cred->ntlm = package->provider; } if (cred->krb || cred->ntlm)