rpcrt4: Acquire new credential handle for each connection.

Signed-off-by: Jacek Caban <jacek@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-11-30 12:09:12 +01:00 · 2016-11-30 12:09:12 +01:00 · c32cd1119c
parent da05dfd151
commit c32cd1119c
2 changed files with 11 additions and 20 deletions
--- a/dlls/rpcrt4/rpc_message.c
+++ b/dlls/rpcrt4/rpc_message.c
@ -1063,7 +1063,10 @@ RPC_STATUS RPCRT4_ServerConnectionAuth(RpcConnection* conn,
                                        auth_data_in->auth_type, cred, exp,
                                        max_token, NULL, &conn->AuthInfo);
            if (status != RPC_S_OK)
+            {
+                FreeCredentialsHandle(&cred);
                return status;
+            }

            /* FIXME: should auth_data_in->auth_context_id be checked in the !start case? */
            conn->auth_context_id = auth_data_in->auth_context_id;
--- a/dlls/rpcrt4/rpc_server.c
+++ b/dlls/rpcrt4/rpc_server.c
@ -1309,9 +1309,6 @@ RPC_STATUS WINAPI RpcObjectSetType( UUID* ObjUuid, UUID* TypeUuid )
 struct rpc_server_registered_auth_info
 {
    struct list entry;
-    TimeStamp exp;
-    BOOL cred_acquired;
-    CredHandle cred;
    USHORT auth_type;
    WCHAR *package_name;
    WCHAR *principal;
@ -1354,30 +1351,22 @@ RPC_STATUS RPCRT4_ServerGetRegisteredAuthInfo(
 {
    RPC_STATUS status = RPC_S_UNKNOWN_AUTHN_SERVICE;
    struct rpc_server_registered_auth_info *auth_info;
+    SECURITY_STATUS sec_status;

    EnterCriticalSection(&server_auth_info_cs);
    LIST_FOR_EACH_ENTRY(auth_info, &server_registered_auth_info, struct rpc_server_registered_auth_info, entry)
    {
        if (auth_info->auth_type == auth_type)
        {
-            if (!auth_info->cred_acquired)
+            sec_status = AcquireCredentialsHandleW((SEC_WCHAR *)auth_info->principal, auth_info->package_name,
+                                                   SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL,
+                                                   cred, exp);
+            if (sec_status != SEC_E_OK)
            {
-                SECURITY_STATUS sec_status;
-
-                sec_status = AcquireCredentialsHandleW((SEC_WCHAR *)auth_info->principal, auth_info->package_name,
-                                                       SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL,
-                                                       &auth_info->cred, &auth_info->exp);
-                if (sec_status != SEC_E_OK)
-                {
-                    status = RPC_S_SEC_PKG_ERROR;
-                    break;
-                }
-
-                auth_info->cred_acquired = TRUE;
+                status = RPC_S_SEC_PKG_ERROR;
+                break;
            }

-            *cred = auth_info->cred;
-            *exp = auth_info->exp;
            *max_token = auth_info->max_token;
            status = RPC_S_OK;
            break;
@ -1395,8 +1384,7 @@ void RPCRT4_ServerFreeAllRegisteredAuthInfo(void)
    EnterCriticalSection(&server_auth_info_cs);
    LIST_FOR_EACH_ENTRY_SAFE(auth_info, cursor2, &server_registered_auth_info, struct rpc_server_registered_auth_info, entry)
    {
-        if (auth_info->cred_acquired)
-            FreeCredentialsHandle(&auth_info->cred);
+        HeapFree(GetProcessHeap(), 0, auth_info->package_name);
        HeapFree(GetProcessHeap(), 0, auth_info->principal);
        HeapFree(GetProcessHeap(), 0, auth_info);
    }