secur32: Pass whole schan_credentials struct to schannel backend implementations.
This commit is contained in:
parent
737bb1bb18
commit
b7a75b468a
|
@ -50,12 +50,6 @@ struct schan_handle
|
||||||
enum schan_handle_type type;
|
enum schan_handle_type type;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct schan_credentials
|
|
||||||
{
|
|
||||||
ULONG credential_use;
|
|
||||||
schan_imp_certificate_credentials credentials;
|
|
||||||
};
|
|
||||||
|
|
||||||
struct schan_context
|
struct schan_context
|
||||||
{
|
{
|
||||||
schan_imp_session session;
|
schan_imp_session session;
|
||||||
|
@ -316,7 +310,7 @@ static SECURITY_STATUS schan_AcquireClientCredentials(const SCHANNEL_CRED *schan
|
||||||
if (handle == SCHAN_INVALID_HANDLE) goto fail;
|
if (handle == SCHAN_INVALID_HANDLE) goto fail;
|
||||||
|
|
||||||
creds->credential_use = SECPKG_CRED_OUTBOUND;
|
creds->credential_use = SECPKG_CRED_OUTBOUND;
|
||||||
if (!schan_imp_allocate_certificate_credentials(&creds->credentials))
|
if (!schan_imp_allocate_certificate_credentials(creds))
|
||||||
{
|
{
|
||||||
schan_free_handle(handle, SCHAN_HANDLE_CRED);
|
schan_free_handle(handle, SCHAN_HANDLE_CRED);
|
||||||
goto fail;
|
goto fail;
|
||||||
|
@ -424,7 +418,7 @@ static SECURITY_STATUS SEC_ENTRY schan_FreeCredentialsHandle(
|
||||||
if (!creds) return SEC_E_INVALID_HANDLE;
|
if (!creds) return SEC_E_INVALID_HANDLE;
|
||||||
|
|
||||||
if (creds->credential_use == SECPKG_CRED_OUTBOUND)
|
if (creds->credential_use == SECPKG_CRED_OUTBOUND)
|
||||||
schan_imp_free_certificate_credentials(creds->credentials);
|
schan_imp_free_certificate_credentials(creds);
|
||||||
HeapFree(GetProcessHeap(), 0, creds);
|
HeapFree(GetProcessHeap(), 0, creds);
|
||||||
|
|
||||||
return SEC_E_OK;
|
return SEC_E_OK;
|
||||||
|
@ -705,7 +699,7 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
|
||||||
return SEC_E_INTERNAL_ERROR;
|
return SEC_E_INTERNAL_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!schan_imp_create_session(&ctx->session, FALSE, cred->credentials))
|
if (!schan_imp_create_session(&ctx->session, cred))
|
||||||
{
|
{
|
||||||
schan_free_handle(handle, SCHAN_HANDLE_CTX);
|
schan_free_handle(handle, SCHAN_HANDLE_CTX);
|
||||||
HeapFree(GetProcessHeap(), 0, ctx);
|
HeapFree(GetProcessHeap(), 0, ctx);
|
||||||
|
@ -1329,7 +1323,7 @@ void SECUR32_deinitSchannelSP(void)
|
||||||
{
|
{
|
||||||
struct schan_credentials *cred;
|
struct schan_credentials *cred;
|
||||||
cred = schan_free_handle(i, SCHAN_HANDLE_CRED);
|
cred = schan_free_handle(i, SCHAN_HANDLE_CRED);
|
||||||
schan_imp_free_certificate_credentials(cred->credentials);
|
schan_imp_free_certificate_credentials(cred);
|
||||||
HeapFree(GetProcessHeap(), 0, cred);
|
HeapFree(GetProcessHeap(), 0, cred);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -106,12 +106,11 @@ static ssize_t schan_push_adapter(gnutls_transport_ptr_t transport,
|
||||||
return buff_len;
|
return buff_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
BOOL schan_imp_create_session(schan_imp_session *session, BOOL is_server,
|
BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
|
||||||
schan_imp_certificate_credentials cred)
|
|
||||||
{
|
{
|
||||||
gnutls_session_t *s = (gnutls_session_t*)session;
|
gnutls_session_t *s = (gnutls_session_t*)session;
|
||||||
|
|
||||||
int err = pgnutls_init(s, is_server ? GNUTLS_SERVER : GNUTLS_CLIENT);
|
int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT);
|
||||||
if (err != GNUTLS_E_SUCCESS)
|
if (err != GNUTLS_E_SUCCESS)
|
||||||
{
|
{
|
||||||
pgnutls_perror(err);
|
pgnutls_perror(err);
|
||||||
|
@ -129,7 +128,7 @@ BOOL schan_imp_create_session(schan_imp_session *session, BOOL is_server,
|
||||||
}
|
}
|
||||||
|
|
||||||
err = pgnutls_credentials_set(*s, GNUTLS_CRD_CERTIFICATE,
|
err = pgnutls_credentials_set(*s, GNUTLS_CRD_CERTIFICATE,
|
||||||
(gnutls_certificate_credentials_t)cred);
|
(gnutls_certificate_credentials_t)cred->credentials);
|
||||||
if (err != GNUTLS_E_SUCCESS)
|
if (err != GNUTLS_E_SUCCESS)
|
||||||
{
|
{
|
||||||
pgnutls_perror(err);
|
pgnutls_perror(err);
|
||||||
|
@ -405,17 +404,17 @@ again:
|
||||||
return SEC_E_OK;
|
return SEC_E_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
BOOL schan_imp_allocate_certificate_credentials(schan_imp_certificate_credentials *c)
|
BOOL schan_imp_allocate_certificate_credentials(schan_credentials *c)
|
||||||
{
|
{
|
||||||
int ret = pgnutls_certificate_allocate_credentials((gnutls_certificate_credentials*)c);
|
int ret = pgnutls_certificate_allocate_credentials((gnutls_certificate_credentials*)&c->credentials);
|
||||||
if (ret != GNUTLS_E_SUCCESS)
|
if (ret != GNUTLS_E_SUCCESS)
|
||||||
pgnutls_perror(ret);
|
pgnutls_perror(ret);
|
||||||
return (ret == GNUTLS_E_SUCCESS);
|
return (ret == GNUTLS_E_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
void schan_imp_free_certificate_credentials(schan_imp_certificate_credentials c)
|
void schan_imp_free_certificate_credentials(schan_credentials *c)
|
||||||
{
|
{
|
||||||
pgnutls_certificate_free_credentials((gnutls_certificate_credentials_t)c);
|
pgnutls_certificate_free_credentials(c->credentials);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void schan_gnutls_log(int level, const char *msg)
|
static void schan_gnutls_log(int level, const char *msg)
|
||||||
|
|
|
@ -631,19 +631,18 @@ static OSStatus schan_push_adapter(SSLConnectionRef transport, const void *buff,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
BOOL schan_imp_create_session(schan_imp_session *session, BOOL is_server,
|
BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
|
||||||
schan_imp_certificate_credentials cred)
|
|
||||||
{
|
{
|
||||||
struct mac_session *s;
|
struct mac_session *s;
|
||||||
OSStatus status;
|
OSStatus status;
|
||||||
|
|
||||||
TRACE("(%p, %d)\n", session, is_server);
|
TRACE("(%p)\n", session);
|
||||||
|
|
||||||
s = HeapAlloc(GetProcessHeap(), 0, sizeof(*s));
|
s = HeapAlloc(GetProcessHeap(), 0, sizeof(*s));
|
||||||
if (!s)
|
if (!s)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
status = SSLNewContext(is_server, &s->context);
|
status = SSLNewContext(cred->credential_use == SECPKG_CRED_INBOUND, &s->context);
|
||||||
if (status != noErr)
|
if (status != noErr)
|
||||||
{
|
{
|
||||||
ERR("Failed to create session context: %ld\n", (long)status);
|
ERR("Failed to create session context: %ld\n", (long)status);
|
||||||
|
@ -966,14 +965,14 @@ SECURITY_STATUS schan_imp_recv(schan_imp_session session, void *buffer,
|
||||||
return SEC_E_OK;
|
return SEC_E_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
BOOL schan_imp_allocate_certificate_credentials(schan_imp_certificate_credentials *c)
|
BOOL schan_imp_allocate_certificate_credentials(schan_credentials *c)
|
||||||
{
|
{
|
||||||
/* The certificate is never really used for anything. */
|
/* The certificate is never really used for anything. */
|
||||||
*c = NULL;
|
c->credentials = NULL;
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
void schan_imp_free_certificate_credentials(schan_imp_certificate_credentials c)
|
void schan_imp_free_certificate_credentials(schan_credentials *c)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -209,7 +209,12 @@ SecPkgInfoA *ntlm_package_infoA;
|
||||||
|
|
||||||
/* schannel internal interface */
|
/* schannel internal interface */
|
||||||
typedef struct schan_imp_session_opaque *schan_imp_session;
|
typedef struct schan_imp_session_opaque *schan_imp_session;
|
||||||
typedef struct schan_imp_certificate_credentials_opaque *schan_imp_certificate_credentials;
|
|
||||||
|
typedef struct schan_credentials
|
||||||
|
{
|
||||||
|
ULONG credential_use;
|
||||||
|
void *credentials;
|
||||||
|
} schan_credentials;
|
||||||
|
|
||||||
struct schan_transport;
|
struct schan_transport;
|
||||||
|
|
||||||
|
@ -237,8 +242,7 @@ extern int schan_push(struct schan_transport *t, const void *buff, size_t *buff_
|
||||||
extern schan_imp_session schan_session_for_transport(struct schan_transport* t) DECLSPEC_HIDDEN;
|
extern schan_imp_session schan_session_for_transport(struct schan_transport* t) DECLSPEC_HIDDEN;
|
||||||
|
|
||||||
/* schannel implementation interface */
|
/* schannel implementation interface */
|
||||||
extern BOOL schan_imp_create_session(schan_imp_session *session, BOOL is_server,
|
extern BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred) DECLSPEC_HIDDEN;
|
||||||
schan_imp_certificate_credentials cred) DECLSPEC_HIDDEN;
|
|
||||||
extern void schan_imp_dispose_session(schan_imp_session session) DECLSPEC_HIDDEN;
|
extern void schan_imp_dispose_session(schan_imp_session session) DECLSPEC_HIDDEN;
|
||||||
extern void schan_imp_set_session_transport(schan_imp_session session,
|
extern void schan_imp_set_session_transport(schan_imp_session session,
|
||||||
struct schan_transport *t) DECLSPEC_HIDDEN;
|
struct schan_transport *t) DECLSPEC_HIDDEN;
|
||||||
|
@ -253,8 +257,8 @@ extern SECURITY_STATUS schan_imp_send(schan_imp_session session, const void *buf
|
||||||
SIZE_T *length) DECLSPEC_HIDDEN;
|
SIZE_T *length) DECLSPEC_HIDDEN;
|
||||||
extern SECURITY_STATUS schan_imp_recv(schan_imp_session session, void *buffer,
|
extern SECURITY_STATUS schan_imp_recv(schan_imp_session session, void *buffer,
|
||||||
SIZE_T *length) DECLSPEC_HIDDEN;
|
SIZE_T *length) DECLSPEC_HIDDEN;
|
||||||
extern BOOL schan_imp_allocate_certificate_credentials(schan_imp_certificate_credentials *c) DECLSPEC_HIDDEN;
|
extern BOOL schan_imp_allocate_certificate_credentials(schan_credentials*) DECLSPEC_HIDDEN;
|
||||||
extern void schan_imp_free_certificate_credentials(schan_imp_certificate_credentials c) DECLSPEC_HIDDEN;
|
extern void schan_imp_free_certificate_credentials(schan_credentials*) DECLSPEC_HIDDEN;
|
||||||
extern BOOL schan_imp_init(void) DECLSPEC_HIDDEN;
|
extern BOOL schan_imp_init(void) DECLSPEC_HIDDEN;
|
||||||
extern void schan_imp_deinit(void) DECLSPEC_HIDDEN;
|
extern void schan_imp_deinit(void) DECLSPEC_HIDDEN;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue