secur32: Return a cert context with context store in SECPKG_ATTR_REMOTE_CERT_CONTEXT GnuTLS implementation.

This commit is contained in:
Jacek Caban 2013-01-21 15:03:36 +01:00 committed by Alexandre Julliard
parent ef4981bd5b
commit 5c5d12c8bc
4 changed files with 33 additions and 16 deletions

View File

@ -60,6 +60,7 @@ struct schan_context
{ {
schan_imp_session session; schan_imp_session session;
ULONG req_ctx_attr; ULONG req_ctx_attr;
HCERTSTORE cert_store;
}; };
static struct schan_handle *schan_handle_table; static struct schan_handle *schan_handle_table;
@ -696,6 +697,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
ctx = HeapAlloc(GetProcessHeap(), 0, sizeof(*ctx)); ctx = HeapAlloc(GetProcessHeap(), 0, sizeof(*ctx));
if (!ctx) return SEC_E_INSUFFICIENT_MEMORY; if (!ctx) return SEC_E_INSUFFICIENT_MEMORY;
ctx->cert_store = NULL;
handle = schan_alloc_handle(ctx, SCHAN_HANDLE_CTX); handle = schan_alloc_handle(ctx, SCHAN_HANDLE_CTX);
if (handle == SCHAN_INVALID_HANDLE) if (handle == SCHAN_INVALID_HANDLE)
{ {
@ -859,7 +861,14 @@ static SECURITY_STATUS SEC_ENTRY schan_QueryContextAttributesW(
case SECPKG_ATTR_REMOTE_CERT_CONTEXT: case SECPKG_ATTR_REMOTE_CERT_CONTEXT:
{ {
PCCERT_CONTEXT *cert = buffer; PCCERT_CONTEXT *cert = buffer;
return schan_imp_get_session_peer_certificate(ctx->session, cert);
if (!ctx->cert_store) {
ctx->cert_store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, CERT_STORE_CREATE_NEW_FLAG, NULL);
if(!ctx->cert_store)
return GetLastError();
}
return schan_imp_get_session_peer_certificate(ctx->session, ctx->cert_store, cert);
} }
case SECPKG_ATTR_CONNECTION_INFO: case SECPKG_ATTR_CONNECTION_INFO:
{ {
@ -1167,6 +1176,8 @@ static SECURITY_STATUS SEC_ENTRY schan_DeleteSecurityContext(PCtxtHandle context
ctx = schan_free_handle(context_handle->dwLower, SCHAN_HANDLE_CTX); ctx = schan_free_handle(context_handle->dwLower, SCHAN_HANDLE_CTX);
if (!ctx) return SEC_E_INVALID_HANDLE; if (!ctx) return SEC_E_INVALID_HANDLE;
if (ctx->cert_store)
CertCloseStore(ctx->cert_store, 0);
schan_imp_dispose_session(ctx->session); schan_imp_dispose_session(ctx->session);
HeapFree(GetProcessHeap(), 0, ctx); HeapFree(GetProcessHeap(), 0, ctx);

View File

@ -318,25 +318,31 @@ SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session,
return SEC_E_OK; return SEC_E_OK;
} }
SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, HCERTSTORE store,
PCCERT_CONTEXT *cert) PCCERT_CONTEXT *ret)
{ {
gnutls_session_t s = (gnutls_session_t)session; gnutls_session_t s = (gnutls_session_t)session;
unsigned int list_size; PCCERT_CONTEXT cert = NULL;
const gnutls_datum_t *datum; const gnutls_datum_t *datum;
unsigned list_size, i;
BOOL res;
datum = pgnutls_certificate_get_peers(s, &list_size); datum = pgnutls_certificate_get_peers(s, &list_size);
if (datum) if(!datum)
{
*cert = CertCreateCertificateContext(X509_ASN_ENCODING, datum->data,
datum->size);
if (!*cert)
return GetLastError();
else
return SEC_E_OK;
}
else
return SEC_E_INTERNAL_ERROR; return SEC_E_INTERNAL_ERROR;
for(i = 0; i < list_size; i++) {
res = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, datum[i].data, datum[i].size,
CERT_STORE_ADD_REPLACE_EXISTING, i ? NULL : &cert);
if(!res) {
if(i)
CertFreeCertificateContext(cert);
return GetLastError();
}
}
*ret = cert;
return SEC_E_OK;
} }
SECURITY_STATUS schan_imp_send(schan_imp_session session, const void *buffer, SECURITY_STATUS schan_imp_send(schan_imp_session session, const void *buffer,

View File

@ -706,7 +706,7 @@ static void schan_imp_cf_release(const void *arg, void *ctx)
} }
#endif #endif
SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, HCERTSTORE cert_store,
PCCERT_CONTEXT *cert) PCCERT_CONTEXT *cert)
{ {
struct mac_session* s = (struct mac_session*)session; struct mac_session* s = (struct mac_session*)session;

View File

@ -247,7 +247,7 @@ extern unsigned int schan_imp_get_session_cipher_block_size(schan_imp_session se
extern unsigned int schan_imp_get_max_message_size(schan_imp_session session) DECLSPEC_HIDDEN; extern unsigned int schan_imp_get_max_message_size(schan_imp_session session) DECLSPEC_HIDDEN;
extern SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session, extern SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session,
SecPkgContext_ConnectionInfo *info) DECLSPEC_HIDDEN; SecPkgContext_ConnectionInfo *info) DECLSPEC_HIDDEN;
extern SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, extern SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session, HCERTSTORE,
PCCERT_CONTEXT *cert) DECLSPEC_HIDDEN; PCCERT_CONTEXT *cert) DECLSPEC_HIDDEN;
extern SECURITY_STATUS schan_imp_send(schan_imp_session session, const void *buffer, extern SECURITY_STATUS schan_imp_send(schan_imp_session session, const void *buffer,
SIZE_T *length) DECLSPEC_HIDDEN; SIZE_T *length) DECLSPEC_HIDDEN;