From 9120045653eab18136f92a80b11ea994c0399e07 Mon Sep 17 00:00:00 2001
From: Hans Leidekker <hans@codeweavers.com>
Date: Wed, 21 Apr 2021 09:47:28 +0200
Subject: [PATCH] kerberos: Move support for SpSealMessage to the Unix library.

Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 dlls/kerberos/krb5_ap.c | 107 +---------------------------------------
 dlls/kerberos/unixlib.c | 102 ++++++++++++++++++++++++++++++++++++++
 dlls/kerberos/unixlib.h |   1 +
 3 files changed, 104 insertions(+), 106 deletions(-)

diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c
index 61833b4e040..d248c4e1951 100644
--- a/dlls/kerberos/krb5_ap.c
+++ b/dlls/kerberos/krb5_ap.c
@@ -1050,119 +1050,14 @@ static NTSTATUS NTAPI kerberos_SpVerifySignature( LSA_SEC_HANDLE context, SecBuf
     return krb5_funcs->verify_signature( context, message, quality_of_protection );
 }
 
-#ifdef SONAME_LIBGSSAPI_KRB5
-static NTSTATUS seal_message_iov( gss_ctx_id_t ctxt_handle, SecBufferDesc *message, ULONG quality_of_protection )
-{
-    gss_iov_buffer_desc iov[4];
-    OM_uint32 ret, minor_status;
-    int token_idx, data_idx, conf_flag, conf_state;
-
-    if (!quality_of_protection)
-        conf_flag = 1; /* confidentiality + integrity */
-    else if (quality_of_protection == SECQOP_WRAP_NO_ENCRYPT)
-        conf_flag = 0; /* only integrity */
-    else
-    {
-        FIXME( "QOP %08x not supported\n", quality_of_protection );
-        return SEC_E_UNSUPPORTED_FUNCTION;
-    }
-
-    /* FIXME: multiple data buffers, read-only buffers */
-    if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
-    if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
-
-    iov[0].type          = GSS_IOV_BUFFER_TYPE_SIGN_ONLY | GSS_IOV_BUFFER_FLAG_ALLOCATE;
-    iov[0].buffer.length = 0;
-    iov[0].buffer.value  = NULL;
-
-    iov[1].type          = GSS_IOV_BUFFER_TYPE_DATA;
-    iov[1].buffer.length = message->pBuffers[data_idx].cbBuffer;
-    iov[1].buffer.value  = message->pBuffers[data_idx].pvBuffer;
-
-    iov[2].type          = GSS_IOV_BUFFER_TYPE_SIGN_ONLY | GSS_IOV_BUFFER_FLAG_ALLOCATE;
-    iov[2].buffer.length = 0;
-    iov[2].buffer.value  = NULL;
-
-    iov[3].type          = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_FLAG_ALLOCATE;
-    iov[3].buffer.length = 0;
-    iov[3].buffer.value  = NULL;
-
-    ret = pgss_wrap_iov( &minor_status, ctxt_handle, conf_flag, GSS_C_QOP_DEFAULT, &conf_state, iov, 4 );
-    TRACE( "gss_wrap_iov returned %08x minor status %08x\n", ret, minor_status );
-    if (GSS_ERROR(ret)) trace_gss_status( ret, minor_status );
-    if (ret == GSS_S_COMPLETE)
-    {
-        memcpy( message->pBuffers[token_idx].pvBuffer, iov[3].buffer.value, iov[3].buffer.length );
-        message->pBuffers[token_idx].cbBuffer = iov[3].buffer.length;
-        pgss_release_iov_buffer( &minor_status, iov, 4 );
-    }
-
-    return status_gss_to_sspi( ret );
-}
-
-static NTSTATUS seal_message( gss_ctx_id_t ctxt_handle, SecBufferDesc *message, ULONG quality_of_protection )
-{
-    gss_buffer_desc input, output;
-    OM_uint32 ret, minor_status;
-    int token_idx, data_idx, conf_flag, conf_state;
-
-    if (!quality_of_protection)
-        conf_flag = 1; /* confidentiality + integrity */
-    else if (quality_of_protection == SECQOP_WRAP_NO_ENCRYPT)
-        conf_flag = 0; /* only integrity */
-    else
-    {
-        FIXME( "QOP %08x not supported\n", quality_of_protection );
-        return SEC_E_UNSUPPORTED_FUNCTION;
-    }
-
-    /* FIXME: multiple data buffers, read-only buffers */
-    if ((data_idx = get_buffer_index( message, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
-    if ((token_idx = get_buffer_index( message, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
-
-    input.length = message->pBuffers[data_idx].cbBuffer;
-    input.value  = message->pBuffers[data_idx].pvBuffer;
-
-    ret = pgss_wrap( &minor_status, ctxt_handle, conf_flag, GSS_C_QOP_DEFAULT, &input, &conf_state, &output );
-    TRACE( "gss_wrap returned %08x minor status %08x\n", ret, minor_status );
-    if (GSS_ERROR(ret)) trace_gss_status( ret, minor_status );
-    if (ret == GSS_S_COMPLETE)
-    {
-        DWORD len_data = message->pBuffers[data_idx].cbBuffer, len_token = message->pBuffers[token_idx].cbBuffer;
-        if (len_token < output.length - len_data)
-        {
-            TRACE( "buffer too small %lu > %u\n", (SIZE_T)output.length - len_data, len_token );
-            pgss_release_buffer( &minor_status, &output );
-            return SEC_E_BUFFER_TOO_SMALL;
-        }
-        memcpy( message->pBuffers[data_idx].pvBuffer, output.value, len_data );
-        memcpy( message->pBuffers[token_idx].pvBuffer, (char *)output.value + len_data, output.length - len_data );
-        message->pBuffers[token_idx].cbBuffer = output.length - len_data;
-        pgss_release_buffer( &minor_status, &output );
-    }
-
-    return status_gss_to_sspi( ret );
-}
-#endif
-
 static NTSTATUS NTAPI kerberos_SpSealMessage( LSA_SEC_HANDLE context, ULONG quality_of_protection,
     SecBufferDesc *message, ULONG message_seq_no )
 {
-#ifdef SONAME_LIBGSSAPI_KRB5
-    gss_ctx_id_t ctxt_handle;
-
     TRACE( "(%lx 0x%08x %p %u)\n", context, quality_of_protection, message, message_seq_no );
     if (message_seq_no) FIXME( "ignoring message_seq_no %u\n", message_seq_no );
 
     if (!context) return SEC_E_INVALID_HANDLE;
-    ctxt_handle = ctxthandle_sspi_to_gss( context );
-
-    if (is_dce_style_context( ctxt_handle )) return seal_message_iov( ctxt_handle, message, quality_of_protection );
-    return seal_message( ctxt_handle, message, quality_of_protection );
-#else
-    FIXME( "(%lx 0x%08x %p %u)\n", context, quality_of_protection, message, message_seq_no );
-    return SEC_E_UNSUPPORTED_FUNCTION;
-#endif
+    return krb5_funcs->seal_message( context, message, quality_of_protection );
 }
 
 #ifdef SONAME_LIBGSSAPI_KRB5
diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c
index 34da8460406..6ac9c294352 100644
--- a/dlls/kerberos/unixlib.c
+++ b/dlls/kerberos/unixlib.c
@@ -633,6 +633,107 @@ static NTSTATUS CDECL query_context_attributes( LSA_SEC_HANDLE context, ULONG at
     return SEC_E_UNSUPPORTED_FUNCTION;
 }
 
+static NTSTATUS seal_message_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, ULONG qop )
+{
+    gss_iov_buffer_desc iov[4];
+    OM_uint32 ret, minor_status;
+    int token_idx, data_idx, conf_flag, conf_state;
+
+    if (!qop)
+        conf_flag = 1; /* confidentiality + integrity */
+    else if (qop == SECQOP_WRAP_NO_ENCRYPT)
+        conf_flag = 0; /* only integrity */
+    else
+    {
+        FIXME( "QOP %08x not supported\n", qop );
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    /* FIXME: multiple data buffers, read-only buffers */
+    if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
+    if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+
+    iov[0].type          = GSS_IOV_BUFFER_TYPE_SIGN_ONLY | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    iov[0].buffer.length = 0;
+    iov[0].buffer.value  = NULL;
+
+    iov[1].type          = GSS_IOV_BUFFER_TYPE_DATA;
+    iov[1].buffer.length = msg->pBuffers[data_idx].cbBuffer;
+    iov[1].buffer.value  = msg->pBuffers[data_idx].pvBuffer;
+
+    iov[2].type          = GSS_IOV_BUFFER_TYPE_SIGN_ONLY | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    iov[2].buffer.length = 0;
+    iov[2].buffer.value  = NULL;
+
+    iov[3].type          = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_FLAG_ALLOCATE;
+    iov[3].buffer.length = 0;
+    iov[3].buffer.value  = NULL;
+
+    ret = pgss_wrap_iov( &minor_status, ctx, conf_flag, GSS_C_QOP_DEFAULT, &conf_state, iov, 4 );
+    TRACE( "gss_wrap_iov returned %08x minor status %08x\n", ret, minor_status );
+    if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status );
+    if (ret == GSS_S_COMPLETE)
+    {
+        memcpy( msg->pBuffers[token_idx].pvBuffer, iov[3].buffer.value, iov[3].buffer.length );
+        msg->pBuffers[token_idx].cbBuffer = iov[3].buffer.length;
+        pgss_release_iov_buffer( &minor_status, iov, 4 );
+    }
+
+    return status_gss_to_sspi( ret );
+}
+
+static NTSTATUS seal_message_no_vector( gss_ctx_id_t ctx, SecBufferDesc *msg, ULONG qop )
+{
+    gss_buffer_desc input, output;
+    OM_uint32 ret, minor_status;
+    int token_idx, data_idx, conf_flag, conf_state;
+
+    if (!qop)
+        conf_flag = 1; /* confidentiality + integrity */
+    else if (qop == SECQOP_WRAP_NO_ENCRYPT)
+        conf_flag = 0; /* only integrity */
+    else
+    {
+        FIXME( "QOP %08x not supported\n", qop );
+        return SEC_E_UNSUPPORTED_FUNCTION;
+    }
+
+    /* FIXME: multiple data buffers, read-only buffers */
+    if ((data_idx = get_buffer_index( msg, SECBUFFER_DATA )) == -1) return SEC_E_INVALID_TOKEN;
+    if ((token_idx = get_buffer_index( msg, SECBUFFER_TOKEN )) == -1) return SEC_E_INVALID_TOKEN;
+
+    input.length = msg->pBuffers[data_idx].cbBuffer;
+    input.value  = msg->pBuffers[data_idx].pvBuffer;
+
+    ret = pgss_wrap( &minor_status, ctx, conf_flag, GSS_C_QOP_DEFAULT, &input, &conf_state, &output );
+    TRACE( "gss_wrap returned %08x minor status %08x\n", ret, minor_status );
+    if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status );
+    if (ret == GSS_S_COMPLETE)
+    {
+        DWORD len_data = msg->pBuffers[data_idx].cbBuffer, len_token = msg->pBuffers[token_idx].cbBuffer;
+        if (len_token < output.length - len_data)
+        {
+            TRACE( "buffer too small %lu > %u\n", (SIZE_T)output.length - len_data, len_token );
+            pgss_release_buffer( &minor_status, &output );
+            return SEC_E_BUFFER_TOO_SMALL;
+        }
+        memcpy( msg->pBuffers[data_idx].pvBuffer, output.value, len_data );
+        memcpy( msg->pBuffers[token_idx].pvBuffer, (char *)output.value + len_data, output.length - len_data );
+        msg->pBuffers[token_idx].cbBuffer = output.length - len_data;
+        pgss_release_buffer( &minor_status, &output );
+    }
+
+    return status_gss_to_sspi( ret );
+}
+
+static NTSTATUS CDECL seal_message( LSA_SEC_HANDLE context, SecBufferDesc *msg, ULONG qop )
+{
+    gss_ctx_id_t ctx = ctxhandle_sspi_to_gss( context );
+
+    if (is_dce_style_context( ctx )) return seal_message_vector( ctx, msg, qop );
+    return seal_message_no_vector( ctx, msg, qop );
+}
+
 static NTSTATUS CDECL verify_signature( LSA_SEC_HANDLE context, SecBufferDesc *msg, ULONG *qop )
 {
     OM_uint32 ret, minor_status;
@@ -665,6 +766,7 @@ static const struct krb5_funcs funcs =
     initialize_context,
     make_signature,
     query_context_attributes,
+    seal_message,
     verify_signature,
 };
 
diff --git a/dlls/kerberos/unixlib.h b/dlls/kerberos/unixlib.h
index 8fd562a28d7..ec783d342e5 100644
--- a/dlls/kerberos/unixlib.h
+++ b/dlls/kerberos/unixlib.h
@@ -33,6 +33,7 @@ struct krb5_funcs
                                          LSA_SEC_HANDLE *, SecBufferDesc *, ULONG *, TimeStamp *);
     NTSTATUS (CDECL *make_signature)(LSA_SEC_HANDLE, SecBufferDesc *);
     NTSTATUS (CDECL *query_context_attributes)(LSA_SEC_HANDLE, ULONG, void *);
+    NTSTATUS (CDECL *seal_message)(LSA_SEC_HANDLE, SecBufferDesc *, ULONG);
     NTSTATUS (CDECL *verify_signature)(LSA_SEC_HANDLE, SecBufferDesc *, ULONG *);
 };