secur32: Don't change input buffer in InitializeSecurityContext.

Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Jacek Caban 2017-01-13 19:57:48 +01:00 committed by Alexandre Julliard
parent 81861dddcc
commit c1f055d8df
2 changed files with 41 additions and 3 deletions

View File

@ -732,7 +732,14 @@ schan_imp_session schan_session_for_transport(struct schan_transport* t)
return t->ctx->session; return t->ctx->session;
} }
static int schan_init_sec_ctx_get_next_buffer(const struct schan_transport *t, struct schan_buffers *s) static int schan_init_sec_ctx_get_next_input_buffer(const struct schan_transport *t, struct schan_buffers *s)
{
if (s->current_buffer_idx != -1)
return -1;
return schan_find_sec_buffer_idx(s->desc, 0, SECBUFFER_TOKEN);
}
static int schan_init_sec_ctx_get_next_output_buffer(const struct schan_transport *t, struct schan_buffers *s)
{ {
if (s->current_buffer_idx == -1) if (s->current_buffer_idx == -1)
{ {
@ -884,9 +891,9 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
ctx->req_ctx_attr = fContextReq; ctx->req_ctx_attr = fContextReq;
transport.ctx = ctx; transport.ctx = ctx;
init_schan_buffers(&transport.in, pInput, schan_init_sec_ctx_get_next_buffer); init_schan_buffers(&transport.in, pInput, schan_init_sec_ctx_get_next_input_buffer);
transport.in.limit = expected_size; transport.in.limit = expected_size;
init_schan_buffers(&transport.out, pOutput, schan_init_sec_ctx_get_next_buffer); init_schan_buffers(&transport.out, pOutput, schan_init_sec_ctx_get_next_output_buffer);
schan_imp_set_session_transport(ctx->session, &transport); schan_imp_set_session_transport(ctx->session, &transport);
/* Perform the TLS handshake */ /* Perform the TLS handshake */

View File

@ -636,6 +636,36 @@ static int receive_data(SOCKET sock, SecBuffer *buf)
return received; return received;
} }
static void test_InitializeSecurityContext(void)
{
SCHANNEL_CRED cred;
CredHandle cred_handle;
CtxtHandle context;
SECURITY_STATUS status;
SecBuffer out_buffer = {1000, SECBUFFER_TOKEN, NULL};
SecBuffer in_buffer = {0, SECBUFFER_EMPTY, NULL};
SecBufferDesc out_buffers = {SECBUFFER_VERSION, 1, &out_buffer};
SecBufferDesc in_buffers = {SECBUFFER_VERSION, 1, &in_buffer};
ULONG attrs;
init_cred(&cred);
cred.grbitEnabledProtocols = SP_PROT_TLS1_CLIENT;
cred.dwFlags = SCH_CRED_NO_DEFAULT_CREDS|SCH_CRED_MANUAL_CRED_VALIDATION;
status = AcquireCredentialsHandleA(NULL, (SEC_CHAR *)UNISP_NAME_A, SECPKG_CRED_OUTBOUND, NULL,
&cred, NULL, NULL, &cred_handle, NULL);
ok(status == SEC_E_OK, "AcquireCredentialsHandleA failed: %08x\n", status);
if (status != SEC_E_OK) return;
status = InitializeSecurityContextA(&cred_handle, NULL, (SEC_CHAR *)"localhost",
ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM|ISC_REQ_ALLOCATE_MEMORY,
0, 0, &in_buffers, 0, &context, &out_buffers, &attrs, NULL);
ok(status == SEC_I_CONTINUE_NEEDED, "Expected SEC_I_CONTINUE_NEEDED, got %08x\n", status);
FreeContextBuffer(out_buffer.pvBuffer);
DeleteSecurityContext(&context);
FreeCredentialsHandle(&cred_handle);
}
static void test_communication(void) static void test_communication(void)
{ {
int ret; int ret;
@ -940,5 +970,6 @@ START_TEST(schannel)
test_cread_attrs(); test_cread_attrs();
testAcquireSecurityContext(); testAcquireSecurityContext();
test_InitializeSecurityContext();
test_communication(); test_communication();
} }