author | weijun |
Thu, 31 May 2018 11:50:33 +0800 | |
branch | JDK-8199569-branch |
changeset 56638 | 052b9d3f5366 |
parent 56632 | 463c63f3497f |
permissions | -rw-r--r-- |
56552 | 1 |
/* |
2 |
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. |
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. Oracle designates this |
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
|
10 |
* |
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
24 |
*/ |
|
25 |
||
26 |
#define UNICODE |
|
27 |
#define _UNICODE |
|
28 |
||
29 |
#include <windows.h> |
|
30 |
#include <stdlib.h> |
|
31 |
#include <stdio.h> |
|
32 |
#include <stdlib.h> |
|
33 |
#include <string.h> |
|
56638 | 34 |
#include <Strsafe.h> |
56552 | 35 |
|
36 |
#define GSS_DLL_FILE |
|
56638 | 37 |
#include <gssapi.h> |
56552 | 38 |
|
39 |
#define SECURITY_WIN32 |
|
56638 | 40 |
#include <sspi.h> |
56552 | 41 |
|
42 |
#pragma comment(lib, "secur32.lib") |
|
43 |
||
56574 | 44 |
#define DEBUG |
56552 | 45 |
|
46 |
#ifdef DEBUG |
|
47 |
TCHAR _bb[256]; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
48 |
#define SEC_SUCCESS(Status) \ |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
49 |
((Status) >= 0 ? TRUE: \ |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
50 |
(FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_IGNORE_INSERTS, \ |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
51 |
0, ss, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), _bb, 256, 0), \ |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
52 |
printf("SECURITY_STATUS: (%lx) %ls\n", ss, _bb), \ |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
53 |
FALSE)) |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
54 |
#define PP(fmt, ...) \ |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
55 |
fprintf(stdout, "SSPI (%ld): ", __LINE__); \ |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
56 |
fprintf(stdout, fmt, ##__VA_ARGS__); \ |
56562 | 57 |
fprintf(stdout, "\n"); \ |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
58 |
fflush(stdout) |
56552 | 59 |
#else |
60 |
#define SEC_SUCCESS(Status) ((Status) >= 0) |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
61 |
#define PP(dmt, ...) |
56552 | 62 |
#endif |
63 |
||
56624 | 64 |
gss_OID_desc KRB5_OID = {9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; |
65 |
gss_OID_desc SPNEGO_OID = {6, "\x2b\x06\x01\x05\x05\x02"}; |
|
66 |
gss_OID_desc USER_NAME_OID = {10, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}; |
|
67 |
gss_OID_desc HOST_SERVICE_NAME_OID = {10, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04"}; |
|
68 |
gss_OID_desc EXPORT_NAME_OID = {6, "\x2b\x06\x01\x05\x06\x04"}; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
69 |
|
56617 | 70 |
// gss_name_t is Name* |
56562 | 71 |
// gss_cred_id_t is Credentials*. One CredHandle for each mech. |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
72 |
// gss_ctx_id_t is Context* |
56552 | 73 |
|
74 |
typedef struct { |
|
75 |
TCHAR PackageName[20]; |
|
56617 | 76 |
SEC_WCHAR* name; |
77 |
} Name; |
|
78 |
||
79 |
typedef struct { |
|
80 |
TCHAR PackageName[20]; |
|
56552 | 81 |
CredHandle* phCred; |
56574 | 82 |
CtxtHandle hCtxt; |
56552 | 83 |
DWORD cbMaxMessage; |
84 |
SecPkgContext_Sizes SecPkgContextSizes; |
|
56562 | 85 |
SecPkgContext_NativeNames nnames; |
86 |
BOOLEAN established; |
|
56552 | 87 |
} Context; |
88 |
||
56562 | 89 |
typedef struct { |
90 |
TCHAR PackageName[20]; |
|
91 |
CredHandle* phCred; |
|
92 |
} OneCred; |
|
93 |
||
94 |
typedef struct { |
|
95 |
int count; |
|
96 |
OneCred* creds; |
|
56617 | 97 |
long time; |
56562 | 98 |
} Credential; |
99 |
||
56552 | 100 |
#ifdef __cplusplus |
101 |
extern "C" { |
|
102 |
#endif /* __cplusplus */ |
|
103 |
||
56555 | 104 |
/* This section holds supporting functions that are not exported */ |
56632 | 105 |
void showTime(TimeStamp* ts) |
106 |
{ |
|
107 |
SYSTEMTIME stLocal; |
|
108 |
FileTimeToSystemTime((FILETIME*)ts, &stLocal); |
|
109 |
||
110 |
// Build a string showing the date and time. |
|
111 |
PP("---------------"); |
|
112 |
PP("TS low high %ld %ld", ts->LowPart, ts->HighPart); |
|
113 |
PP("Local: %02d/%02d/%d %02d:%02d", |
|
114 |
stLocal.wMonth, stLocal.wDay, stLocal.wYear, |
|
115 |
stLocal.wHour, stLocal.wMinute); |
|
116 |
} |
|
56555 | 117 |
|
118 |
long |
|
56624 | 119 |
SecondsUntil(TimeStamp *time) |
56555 | 120 |
{ |
56632 | 121 |
// time is local time |
122 |
ULARGE_INTEGER uiLocal; |
|
123 |
FILETIME nowUTC, nowLocal; |
|
124 |
GetSystemTimeAsFileTime(&nowUTC); |
|
125 |
if (FileTimeToLocalFileTime(&nowUTC, &nowLocal) == 0) { |
|
126 |
return -1; |
|
127 |
} |
|
128 |
uiLocal.HighPart = nowLocal.dwHighDateTime; |
|
129 |
uiLocal.LowPart = nowLocal.dwLowDateTime; |
|
130 |
long diff = (long)((time->QuadPart - uiLocal.QuadPart) / 10000000); |
|
131 |
if (diff < 0 || diff > 8640000) { |
|
132 |
// AcquireCredentialsHandle returns a strange TimeStamp. |
|
133 |
PP("SecondsUntil is %ld. Change to 1 day", diff); |
|
134 |
diff = 86400; |
|
135 |
} |
|
136 |
return diff; |
|
56555 | 137 |
} |
138 |
||
139 |
Context* |
|
140 |
NewContext(TCHAR* PackageName) |
|
141 |
{ |
|
142 |
SECURITY_STATUS ss; |
|
143 |
PSecPkgInfo pkgInfo; |
|
144 |
||
56632 | 145 |
Context* out = new Context; |
146 |
if (out == NULL) { |
|
147 |
return NULL; |
|
148 |
} |
|
56555 | 149 |
ss = QuerySecurityPackageInfo(PackageName, &pkgInfo); |
150 |
if (!SEC_SUCCESS(ss)) { |
|
56632 | 151 |
delete out; |
56555 | 152 |
return NULL; |
153 |
} |
|
154 |
out->phCred = NULL; |
|
155 |
out->cbMaxMessage = pkgInfo->cbMaxToken; |
|
56638 | 156 |
wcscpy_s(out->PackageName, 20, PackageName); |
56555 | 157 |
FreeContextBuffer(pkgInfo); |
158 |
return out; |
|
159 |
} |
|
160 |
||
161 |
int |
|
162 |
flagSspi2Gss(int fin) |
|
163 |
{ |
|
56632 | 164 |
int fout = 0; |
165 |
if (fin & ISC_REQ_MUTUAL_AUTH) fout |= GSS_C_MUTUAL_FLAG; |
|
166 |
if (fin & ISC_REQ_CONFIDENTIALITY) fout |= GSS_C_CONF_FLAG; |
|
167 |
if (fin & ISC_REQ_DELEGATE) fout |= GSS_C_DELEG_FLAG; |
|
168 |
if (fin & ISC_REQ_INTEGRITY) fout |= GSS_C_INTEG_FLAG; |
|
169 |
if (fin & ISC_REQ_REPLAY_DETECT) fout |= GSS_C_REPLAY_FLAG; |
|
170 |
if (fin & ISC_REQ_SEQUENCE_DETECT) fout |= GSS_C_SEQUENCE_FLAG; |
|
171 |
return fout; |
|
56555 | 172 |
} |
173 |
||
174 |
int |
|
175 |
flagGss2Sspi(int fin) |
|
176 |
{ |
|
56632 | 177 |
int fout = 0; |
178 |
if (fin & GSS_C_MUTUAL_FLAG) fout |= ISC_RET_MUTUAL_AUTH; |
|
179 |
if (fin & GSS_C_CONF_FLAG) fout |= ISC_RET_CONFIDENTIALITY; |
|
180 |
if (fin & GSS_C_DELEG_FLAG) fout |= ISC_RET_DELEGATE; |
|
181 |
if (fin & GSS_C_INTEG_FLAG) fout |= ISC_RET_INTEGRITY; |
|
182 |
if (fin & GSS_C_REPLAY_FLAG) fout |= ISC_RET_REPLAY_DETECT; |
|
183 |
if (fin & GSS_C_SEQUENCE_FLAG) fout |= ISC_RET_SEQUENCE_DETECT; |
|
184 |
return fout; |
|
56555 | 185 |
} |
186 |
||
56562 | 187 |
BOOLEAN |
56632 | 188 |
isKerberosOID(gss_OID mech) |
189 |
{ |
|
56624 | 190 |
return mech->length == KRB5_OID.length |
191 |
&& !memcmp(mech->elements, KRB5_OID.elements, KRB5_OID.length); |
|
56562 | 192 |
} |
193 |
||
194 |
BOOLEAN |
|
56632 | 195 |
isNegotiateOID(gss_OID mech) |
196 |
{ |
|
56624 | 197 |
return mech->length == SPNEGO_OID.length |
198 |
&& !memcmp(mech->elements, SPNEGO_OID.elements, SPNEGO_OID.length); |
|
56562 | 199 |
} |
200 |
||
201 |
void |
|
202 |
displayOID(gss_OID mech) |
|
203 |
{ |
|
204 |
if (isKerberosOID(mech)) { |
|
205 |
PP("Kerberos OID"); |
|
206 |
} else if (isNegotiateOID(mech)) { |
|
207 |
PP("SPNEGO OID"); |
|
208 |
} else { |
|
209 |
PP("UNKNOWN %d", mech->length); |
|
210 |
} |
|
211 |
} |
|
212 |
||
213 |
void |
|
214 |
displayOidSet(gss_OID_set mechs) |
|
215 |
{ |
|
216 |
if (mechs == NULL) { |
|
217 |
PP("OID set is NULL"); |
|
218 |
return; |
|
219 |
} |
|
220 |
PP("set.count is %d", (int)mechs->count); |
|
221 |
for (int i = 0; i < mechs->count; i++) { |
|
222 |
displayOID(&mechs->elements[i]); |
|
223 |
} |
|
224 |
} |
|
225 |
||
56555 | 226 |
/* End support section */ |
227 |
||
228 |
/* This section holds exported functions that currently have no implementation */ |
|
229 |
||
230 |
__declspec(dllexport) OM_uint32 |
|
231 |
gss_release_name(OM_uint32 *minor_status, |
|
232 |
gss_name_t *name) |
|
233 |
{ |
|
56574 | 234 |
PP(">>>> Calling gss_release_name %p...", *name); |
56562 | 235 |
if (name != NULL && *name != GSS_C_NO_NAME) { |
56617 | 236 |
Name* name1 = (Name*)*name; |
237 |
if (name1->name != NULL) { |
|
238 |
delete[] name1->name; |
|
56574 | 239 |
} |
56617 | 240 |
delete name1; |
56574 | 241 |
*name = GSS_C_NO_NAME; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
242 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
243 |
return GSS_S_COMPLETE; |
56552 | 244 |
} |
245 |
||
56555 | 246 |
__declspec(dllexport) OM_uint32 |
247 |
gss_import_name(OM_uint32 *minor_status, |
|
248 |
gss_buffer_t input_name_buffer, |
|
249 |
gss_OID input_name_type, |
|
250 |
gss_name_t *output_name) |
|
251 |
{ |
|
56562 | 252 |
PP(">>>> Calling gss_import_name..."); |
56632 | 253 |
Name* name = new Name; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
254 |
if (input_name_buffer == NULL || input_name_buffer->value == NULL |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
255 |
|| input_name_buffer->length == 0) { |
56562 | 256 |
return GSS_S_CALL_INACCESSIBLE_READ; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
257 |
} |
56552 | 258 |
int len = (int)input_name_buffer->length; |
56620 | 259 |
LPSTR input = (LPSTR)input_name_buffer->value; |
260 |
BOOLEAN isNegotiate = true; |
|
261 |
if (input_name_type != NULL |
|
56624 | 262 |
&& input_name_type->length == EXPORT_NAME_OID.length |
263 |
&& !memcmp(input_name_type->elements, EXPORT_NAME_OID.elements, |
|
264 |
EXPORT_NAME_OID.length)) { |
|
56620 | 265 |
len -= (int)input[3] + 8; |
266 |
isNegotiate = (int)input[3] == 6; |
|
267 |
input = input + (int)input[3] + 8; |
|
268 |
} |
|
269 |
||
56632 | 270 |
SEC_WCHAR* value = new SEC_WCHAR[len + 1]; |
271 |
if (value == NULL) { |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
272 |
goto err; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
273 |
} |
56620 | 274 |
|
56632 | 275 |
if (MultiByteToWideChar(CP_ACP, 0, input, len, value, len) == 0) { |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
276 |
goto err; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
277 |
} |
56632 | 278 |
value[len] = 0; |
56620 | 279 |
if (input_name_type != NULL |
56624 | 280 |
&& input_name_type->length == HOST_SERVICE_NAME_OID.length |
281 |
&& !memcmp(input_name_type->elements, HOST_SERVICE_NAME_OID.elements, |
|
282 |
HOST_SERVICE_NAME_OID.length)) { |
|
56552 | 283 |
for (int i = 0; i < len; i++) { |
56632 | 284 |
if (value[i] == '@') { |
285 |
value[i] = '/'; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
286 |
break; |
56552 | 287 |
} |
288 |
} |
|
289 |
} |
|
56632 | 290 |
name->name = value; |
56638 | 291 |
wcscpy_s(name->PackageName, 20, isNegotiate ? L"Negotiate" : L"Kerberos"); // TODO |
56632 | 292 |
*output_name = (gss_name_t) name; |
56552 | 293 |
return GSS_S_COMPLETE; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
294 |
err: |
56632 | 295 |
if (value != NULL) { |
296 |
delete[] value; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
297 |
} |
56632 | 298 |
delete name; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
299 |
return GSS_S_FAILURE; |
56552 | 300 |
} |
301 |
||
56555 | 302 |
__declspec(dllexport) OM_uint32 |
303 |
gss_compare_name(OM_uint32 *minor_status, |
|
304 |
gss_name_t name1, |
|
305 |
gss_name_t name2, |
|
306 |
int *name_equal) |
|
307 |
{ |
|
56562 | 308 |
PP(">>>> Calling gss_compare_name..."); |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
309 |
if (name1 == NULL || name2 == NULL) { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
310 |
*name_equal = 0; |
56562 | 311 |
return GSS_S_CALL_INACCESSIBLE_READ; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
312 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
313 |
|
56617 | 314 |
SEC_WCHAR* names1 = ((Name*)name1)->name; |
315 |
SEC_WCHAR* names2 = ((Name*)name2)->name; |
|
56574 | 316 |
if (lstrcmp(names1, names2)) { |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
317 |
*name_equal = 0; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
318 |
} else { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
319 |
*name_equal = 1; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
320 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
321 |
return GSS_S_COMPLETE; |
56552 | 322 |
} |
323 |
||
56555 | 324 |
__declspec(dllexport) OM_uint32 |
325 |
gss_canonicalize_name(OM_uint32 *minor_status, |
|
326 |
gss_name_t input_name, |
|
327 |
gss_OID mech_type, |
|
328 |
gss_name_t *output_name) |
|
329 |
{ |
|
56562 | 330 |
PP(">>>> Calling gss_canonicalize_name..."); |
56617 | 331 |
Name* names1 = (Name*)input_name; |
332 |
Name* names2 = new Name; |
|
56632 | 333 |
if (names2 == NULL) { |
334 |
return GSS_S_FAILURE; |
|
335 |
} |
|
56574 | 336 |
PP("new name at %p", names2); |
56617 | 337 |
names2->name = new SEC_WCHAR[lstrlen(names1->name) + 1]; |
56632 | 338 |
if (names2->name == NULL) { |
339 |
delete names2; |
|
340 |
return GSS_S_FAILURE; |
|
341 |
} |
|
56638 | 342 |
wcscpy_s(names2->PackageName, 20, isNegotiateOID(mech_type) |
56617 | 343 |
? L"Negotiate" : L"Kerberos"); |
56638 | 344 |
StringCchCopy(names2->name, lstrlen(names1->name) + 1, names1->name); |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
345 |
*output_name = (gss_name_t)names2; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
346 |
return GSS_S_COMPLETE; |
56552 | 347 |
} |
348 |
||
56555 | 349 |
__declspec(dllexport) OM_uint32 |
350 |
gss_export_name(OM_uint32 *minor_status, |
|
351 |
gss_name_t input_name, |
|
352 |
gss_buffer_t exported_name) |
|
353 |
{ |
|
56562 | 354 |
PP(">>>> Calling gss_export_name..."); |
56617 | 355 |
Name* name1 = (Name*)input_name; |
356 |
SEC_WCHAR* names = name1->name; |
|
357 |
TCHAR mech = name1->PackageName[0]; |
|
358 |
PP("name is %ls %ls", name1->PackageName, name1->name); |
|
56574 | 359 |
int len = (int)wcslen(names); |
56617 | 360 |
if (len < 256) { |
361 |
// 04 01 00 ** 06 ** OID len:int32 name |
|
56624 | 362 |
int mechLen = mech == 'K' ? KRB5_OID.length : SPNEGO_OID.length; |
56617 | 363 |
char* buffer = new char[10 + mechLen + len]; |
56632 | 364 |
if (buffer == NULL) { |
365 |
return GSS_S_FAILURE; |
|
366 |
} |
|
56617 | 367 |
buffer[0] = 4; |
368 |
buffer[1] = 1; |
|
369 |
buffer[2] = 0; |
|
370 |
buffer[3] = 2 + mechLen; |
|
371 |
buffer[4] = 6; |
|
372 |
buffer[5] = mechLen; |
|
56638 | 373 |
memcpy_s(buffer + 6, mechLen, mech == 'K' ? KRB5_OID.elements : SPNEGO_OID.elements, mechLen); |
56617 | 374 |
buffer[6 + mechLen] = buffer[7 + mechLen] = buffer[8 + mechLen] = 0; |
375 |
buffer[9 + mechLen] = (char)len; |
|
56632 | 376 |
if (WideCharToMultiByte(CP_ACP, 0, names, len, |
377 |
buffer+10+mechLen, len, NULL, NULL) == 0) { |
|
378 |
delete buffer; |
|
379 |
return GSS_S_FAILURE; |
|
380 |
} |
|
56617 | 381 |
exported_name->length = 10 + mechLen + len; |
382 |
exported_name->value = buffer; |
|
383 |
return GSS_S_COMPLETE; |
|
384 |
} else { |
|
385 |
return GSS_S_FAILURE; |
|
386 |
} |
|
56552 | 387 |
} |
388 |
||
56555 | 389 |
__declspec(dllexport) OM_uint32 |
390 |
gss_display_name(OM_uint32 *minor_status, |
|
391 |
gss_name_t input_name, |
|
392 |
gss_buffer_t output_name_buffer, |
|
393 |
gss_OID *output_name_type) |
|
394 |
{ |
|
56562 | 395 |
PP(">>>> Calling gss_display_name..."); |
56617 | 396 |
SEC_WCHAR* names = ((Name*)input_name)->name; |
56574 | 397 |
int len = (int)wcslen(names); |
56552 | 398 |
char* buffer = new char[len+1]; |
56632 | 399 |
if (WideCharToMultiByte(CP_ACP, 0, names, len, buffer, len, NULL, NULL) == 0) { |
400 |
return GSS_S_FAILURE; |
|
401 |
} |
|
56552 | 402 |
buffer[len] = 0; |
56620 | 403 |
output_name_buffer->length = len; |
56552 | 404 |
output_name_buffer->value = buffer; |
56574 | 405 |
PP("Name found: %ls", names); |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
406 |
PP("%d [%s]", len, buffer); |
56552 | 407 |
if (output_name_type != NULL) { |
56624 | 408 |
*output_name_type = &USER_NAME_OID; |
56552 | 409 |
} |
410 |
return GSS_S_COMPLETE; |
|
411 |
} |
|
412 |
||
56555 | 413 |
__declspec(dllexport) OM_uint32 |
414 |
gss_acquire_cred(OM_uint32 *minor_status, |
|
415 |
gss_name_t desired_name, |
|
416 |
OM_uint32 time_req, |
|
417 |
gss_OID_set desired_mech, |
|
418 |
gss_cred_usage_t cred_usage, |
|
419 |
gss_cred_id_t *output_cred_handle, |
|
420 |
gss_OID_set *actual_mechs, |
|
421 |
OM_uint32 *time_rec) |
|
422 |
{ |
|
56562 | 423 |
PP(">>>> Calling gss_acquire_cred..."); |
56552 | 424 |
SECURITY_STATUS ss; |
425 |
TimeStamp ts; |
|
56632 | 426 |
ts.QuadPart = 0; |
427 |
cred_usage = 0; |
|
56562 | 428 |
PP("AcquireCredentialsHandle with %d %p", cred_usage, desired_mech); |
429 |
displayOidSet(desired_mech); |
|
430 |
Credential* cred = new Credential(); |
|
431 |
cred->count = (int)desired_mech->count; |
|
432 |
cred->creds = new OneCred[cred->count]; |
|
433 |
for (int i = 0; i < cred->count; i++) { |
|
434 |
TCHAR* name = isKerberosOID(&desired_mech->elements[i]) |
|
435 |
? L"Kerberos" : L"Negotiate"; |
|
56638 | 436 |
wcscpy_s(cred->creds[i].PackageName, 20, name); |
56562 | 437 |
cred->creds[i].phCred = new CredHandle(); |
56632 | 438 |
ts.QuadPart = 0; |
56562 | 439 |
ss = AcquireCredentialsHandle( |
440 |
NULL, |
|
441 |
name, |
|
442 |
cred_usage == 0 ? SECPKG_CRED_BOTH : |
|
443 |
(cred_usage == 1 ? SECPKG_CRED_OUTBOUND : SECPKG_CRED_INBOUND), |
|
444 |
NULL, |
|
445 |
NULL, |
|
446 |
NULL, |
|
447 |
NULL, |
|
448 |
cred->creds[i].phCred, |
|
449 |
&ts); |
|
450 |
} |
|
451 |
actual_mechs = &desired_mech; // dup? |
|
56552 | 452 |
*output_cred_handle = (void*)cred; |
56632 | 453 |
showTime(&ts); |
56624 | 454 |
cred->time = SecondsUntil(&ts); |
56552 | 455 |
if (time_rec != NULL) { |
56617 | 456 |
*time_rec = cred->time; |
56552 | 457 |
} |
458 |
||
56562 | 459 |
if (desired_name != NULL) { |
460 |
gss_name_t realname; |
|
461 |
gss_inquire_cred(minor_status, *output_cred_handle, &realname, |
|
462 |
NULL, NULL, NULL); |
|
56617 | 463 |
SEC_WCHAR* dnames = ((Name*)desired_name)->name; |
464 |
SEC_WCHAR* rnames = ((Name*)realname)->name; |
|
56574 | 465 |
PP("comp name %ls %ls", dnames, rnames); |
466 |
int cmp = lstrcmp(dnames, rnames); |
|
56562 | 467 |
gss_release_name(minor_status, &realname); |
468 |
return cmp ? GSS_S_FAILURE : GSS_S_COMPLETE; // Only support default cred |
|
469 |
} |
|
470 |
||
56552 | 471 |
return GSS_S_COMPLETE; |
472 |
} |
|
473 |
||
56555 | 474 |
__declspec(dllexport) OM_uint32 |
475 |
gss_release_cred(OM_uint32 *minor_status, |
|
476 |
gss_cred_id_t *cred_handle) |
|
477 |
{ |
|
56562 | 478 |
PP(">>>> Calling gss_release_cred..."); |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
479 |
if (cred_handle && *cred_handle) { |
56562 | 480 |
Credential* cred = (Credential*)*cred_handle; |
481 |
for (int i = 0; i < cred->count; i++) { |
|
482 |
FreeCredentialsHandle(cred->creds[i].phCred); |
|
483 |
delete cred->creds[i].phCred; |
|
484 |
} |
|
485 |
delete cred; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
486 |
*cred_handle = GSS_C_NO_CREDENTIAL; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
487 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
488 |
return GSS_S_COMPLETE; |
56552 | 489 |
} |
490 |
||
56555 | 491 |
__declspec(dllexport) OM_uint32 |
492 |
gss_inquire_cred(OM_uint32 *minor_status, |
|
493 |
gss_cred_id_t cred_handle, |
|
494 |
gss_name_t *name, |
|
495 |
OM_uint32 *lifetime, |
|
496 |
gss_cred_usage_t *cred_usage, |
|
497 |
gss_OID_set *mechanisms) |
|
498 |
{ |
|
56562 | 499 |
PP(">>>> Calling gss_inquire_cred..."); |
500 |
CredHandle* cred = ((Credential*)cred_handle)->creds[0].phCred; |
|
56552 | 501 |
SECURITY_STATUS ss; |
502 |
if (name) { |
|
56574 | 503 |
SecPkgCredentials_Names snames; |
504 |
ss = QueryCredentialsAttributes(cred, SECPKG_CRED_ATTR_NAMES, &snames); |
|
56632 | 505 |
if (!SEC_SUCCESS(ss)) { |
506 |
return GSS_S_FAILURE; |
|
507 |
} |
|
56574 | 508 |
SEC_WCHAR* names = new SEC_WCHAR[lstrlen(snames.sUserName) + 1]; |
56632 | 509 |
if (names == NULL) { |
510 |
return GSS_S_FAILURE; |
|
511 |
} |
|
56638 | 512 |
StringCchCopy(names, lstrlen(snames.sUserName) + 1, snames.sUserName); |
56574 | 513 |
FreeContextBuffer(&snames); |
514 |
PP("new name at %p", names); |
|
56617 | 515 |
Name* name1 = new Name; |
56632 | 516 |
if (name1 == NULL) { |
517 |
delete[] names; |
|
518 |
return GSS_S_FAILURE; |
|
519 |
} |
|
56617 | 520 |
name1->name = names; |
56638 | 521 |
wcscpy_s(name1->PackageName, 20, ((Credential*)cred_handle)->creds[0].PackageName); |
56617 | 522 |
*name = (gss_name_t) name1; |
523 |
} |
|
524 |
if (lifetime) { |
|
525 |
*lifetime = ((Credential*)cred_handle)->time; |
|
56552 | 526 |
} |
56632 | 527 |
if (cred_usage) { |
528 |
*cred_usage = 1; // We only support INITIATE_ONLY now |
|
529 |
} |
|
530 |
if (mechanisms) { |
|
531 |
// Useless for Java |
|
532 |
} |
|
56552 | 533 |
// Others inquiries not supported yet |
534 |
return GSS_S_COMPLETE; |
|
535 |
} |
|
536 |
||
56555 | 537 |
__declspec(dllexport) OM_uint32 |
538 |
gss_import_sec_context(OM_uint32 *minor_status, |
|
539 |
gss_buffer_t interprocess_token, |
|
540 |
gss_ctx_id_t *context_handle) |
|
541 |
{ |
|
56632 | 542 |
// Not transferable, return FAILURE |
56562 | 543 |
PP(">>>> Calling UNIMPLEMENTED gss_import_sec_context..."); |
56552 | 544 |
return GSS_S_FAILURE; |
545 |
} |
|
546 |
||
56555 | 547 |
__declspec(dllexport) OM_uint32 |
548 |
gss_init_sec_context(OM_uint32 *minor_status, |
|
549 |
gss_cred_id_t initiator_cred_handle, |
|
550 |
gss_ctx_id_t *context_handle, |
|
551 |
gss_name_t target_name, |
|
552 |
gss_OID mech_type, |
|
553 |
OM_uint32 req_flags, |
|
554 |
OM_uint32 time_req, |
|
555 |
gss_channel_bindings_t input_chan_bindings, |
|
556 |
gss_buffer_t input_token, |
|
557 |
gss_OID *actual_mech_type, |
|
558 |
gss_buffer_t output_token, |
|
559 |
OM_uint32 *ret_flags, |
|
560 |
OM_uint32 *time_rec) |
|
561 |
{ |
|
56562 | 562 |
PP(">>>> Calling gss_init_sec_context..."); |
56552 | 563 |
SECURITY_STATUS ss; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
564 |
TimeStamp Lifetime; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
565 |
SecBufferDesc InBuffDesc; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
566 |
SecBuffer InSecBuff; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
567 |
SecBufferDesc OutBuffDesc; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
568 |
SecBuffer OutSecBuff; |
56552 | 569 |
|
570 |
Context* pc; |
|
571 |
if (input_token->length == 0) { |
|
56562 | 572 |
TCHAR* name = isKerberosOID(mech_type) ? L"Kerberos" : L"Negotiate"; |
573 |
pc = NewContext(name); |
|
56632 | 574 |
if (pc == NULL) { |
575 |
return GSS_S_FAILURE; |
|
576 |
} |
|
56562 | 577 |
Credential* cred = (Credential*)initiator_cred_handle; |
578 |
if (cred != NULL) { |
|
579 |
for (int i = 0; i < cred->count; i++) { |
|
580 |
if (!lstrcmp(cred->creds[i].PackageName, name)) { |
|
581 |
pc->phCred = cred->creds[i].phCred; |
|
582 |
} |
|
583 |
} |
|
584 |
} |
|
56552 | 585 |
*context_handle = (gss_ctx_id_t) pc; |
586 |
} else { |
|
587 |
pc = (Context*)*context_handle; |
|
588 |
} |
|
589 |
||
590 |
output_token->length = pc->cbMaxMessage; |
|
591 |
output_token->value = new char[pc->cbMaxMessage]; |
|
592 |
||
56632 | 593 |
if (output_token->value == NULL) { |
594 |
return GSS_S_FAILURE; |
|
595 |
} |
|
596 |
||
56620 | 597 |
DWORD outFlag; |
56552 | 598 |
TCHAR outName[100]; |
599 |
||
600 |
OM_uint32 minor; |
|
601 |
gss_buffer_desc tn; |
|
602 |
gss_display_name(&minor, target_name, &tn, NULL); |
|
56632 | 603 |
if (MultiByteToWideChar(CP_ACP, 0, (LPCCH)tn.value, (int)tn.length, |
604 |
outName, (int)tn.length) == 0) { |
|
605 |
return GSS_S_FAILURE; |
|
606 |
} |
|
56552 | 607 |
outName[tn.length] = 0; |
608 |
||
609 |
BOOL pfDone; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
610 |
int flag = flagGss2Sspi(req_flags); |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
611 |
|
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
612 |
OutBuffDesc.ulVersion = SECBUFFER_VERSION; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
613 |
OutBuffDesc.cBuffers = 1; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
614 |
OutBuffDesc.pBuffers = &OutSecBuff; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
615 |
|
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
616 |
OutSecBuff.cbBuffer = (ULONG)output_token->length; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
617 |
OutSecBuff.BufferType = SECBUFFER_TOKEN; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
618 |
OutSecBuff.pvBuffer = output_token->value; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
619 |
|
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
620 |
if (input_token->value) { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
621 |
InBuffDesc.ulVersion = SECBUFFER_VERSION; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
622 |
InBuffDesc.cBuffers = 1; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
623 |
InBuffDesc.pBuffers = &InSecBuff; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
624 |
|
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
625 |
InSecBuff.BufferType = SECBUFFER_TOKEN; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
626 |
InSecBuff.cbBuffer = (ULONG)input_token->length; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
627 |
InSecBuff.pvBuffer = input_token->value; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
628 |
} else { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
629 |
if (!pc->phCred) { |
56562 | 630 |
PP("No credentials %p provided, acquire %ls automatically", |
631 |
pc->phCred, pc->PackageName); |
|
632 |
CredHandle* newCred = new CredHandle(); |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
633 |
ss = AcquireCredentialsHandle( |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
634 |
NULL, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
635 |
pc->PackageName, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
636 |
SECPKG_CRED_OUTBOUND, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
637 |
NULL, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
638 |
NULL, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
639 |
NULL, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
640 |
NULL, |
56562 | 641 |
newCred, |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
642 |
&Lifetime); |
56562 | 643 |
pc->phCred = newCred; |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
644 |
PP("end"); |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
645 |
if (!(SEC_SUCCESS(ss))) { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
646 |
PP("Failed"); |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
647 |
return GSS_S_FAILURE; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
648 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
649 |
} else { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
650 |
PP("Credentials OK"); |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
651 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
652 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
653 |
ss = InitializeSecurityContext( |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
654 |
pc->phCred, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
655 |
input_token->value ? &pc->hCtxt : NULL, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
656 |
outName, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
657 |
flag, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
658 |
0, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
659 |
SECURITY_NATIVE_DREP, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
660 |
input_token->value ? &InBuffDesc : NULL, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
661 |
0, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
662 |
&pc->hCtxt, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
663 |
&OutBuffDesc, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
664 |
&outFlag, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
665 |
&Lifetime); |
56552 | 666 |
|
56632 | 667 |
if (!SEC_SUCCESS(ss)) { |
668 |
return GSS_S_FAILURE; |
|
669 |
} |
|
56552 | 670 |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
671 |
if ((SEC_I_COMPLETE_NEEDED == ss) |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
672 |
|| (SEC_I_COMPLETE_AND_CONTINUE == ss)) { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
673 |
ss = CompleteAuthToken(&pc->hCtxt, &OutBuffDesc); |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
674 |
if (!SEC_SUCCESS(ss)) { |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
675 |
return GSS_S_FAILURE; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
676 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
677 |
} |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
678 |
|
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
679 |
output_token->length = OutSecBuff.cbBuffer; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
680 |
|
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
681 |
pfDone = !((SEC_I_CONTINUE_NEEDED == ss) || |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
682 |
(SEC_I_COMPLETE_AND_CONTINUE == ss)); |
56632 | 683 |
outFlag = flagSspi2Gss(outFlag); |
56638 | 684 |
PP("Done? %d outFlag: %d", pfDone, outFlag); |
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
685 |
|
56552 | 686 |
*ret_flags = (OM_uint32)outFlag; |
687 |
if (ss == SEC_I_CONTINUE_NEEDED) { |
|
688 |
return GSS_S_CONTINUE_NEEDED; |
|
689 |
} else { |
|
56632 | 690 |
ss = QueryContextAttributes( |
691 |
&pc->hCtxt, SECPKG_ATTR_SIZES, &pc->SecPkgContextSizes); |
|
692 |
if (!SEC_SUCCESS(ss)) { |
|
693 |
return GSS_S_FAILURE; |
|
694 |
} |
|
56562 | 695 |
pc->established = true; |
56632 | 696 |
ss = QueryContextAttributes(&pc->hCtxt, SECPKG_ATTR_NATIVE_NAMES, &pc->nnames); |
697 |
if (!SEC_SUCCESS(ss)) { |
|
698 |
return GSS_S_FAILURE; |
|
699 |
} |
|
56552 | 700 |
*ret_flags |= GSS_C_PROT_READY_FLAG; |
701 |
return GSS_S_COMPLETE; |
|
702 |
} |
|
703 |
} |
|
704 |
||
56555 | 705 |
__declspec(dllexport) OM_uint32 |
706 |
gss_accept_sec_context(OM_uint32 *minor_status, |
|
707 |
gss_ctx_id_t *context_handle, |
|
708 |
gss_cred_id_t acceptor_cred_handle, |
|
709 |
gss_buffer_t input_token, |
|
710 |
gss_channel_bindings_t input_chan_bindings, |
|
711 |
gss_name_t *src_name, |
|
712 |
gss_OID *mech_type, |
|
713 |
gss_buffer_t output_token, |
|
714 |
OM_uint32 *ret_flags, |
|
715 |
OM_uint32 *time_rec, |
|
716 |
gss_cred_id_t *delegated_cred_handle) |
|
717 |
{ |
|
56562 | 718 |
PP(">>>> Calling UNIMPLEMENTED gss_accept_sec_context..."); |
56552 | 719 |
return GSS_S_FAILURE; |
720 |
} |
|
721 |
||
56555 | 722 |
__declspec(dllexport) OM_uint32 |
723 |
gss_inquire_context(OM_uint32 *minor_status, |
|
724 |
gss_ctx_id_t context_handle, |
|
725 |
gss_name_t *src_name, |
|
726 |
gss_name_t *targ_name, |
|
727 |
OM_uint32 *lifetime_rec, |
|
728 |
gss_OID *mech_type, |
|
729 |
OM_uint32 *ctx_flags, |
|
730 |
int *locally_initiated, |
|
731 |
int *open) |
|
732 |
{ |
|
56562 | 733 |
PP(">>>> Calling UNIMPLEMENTED gss_inquire_context..."); |
56552 | 734 |
Context* pc = (Context*) context_handle; |
56632 | 735 |
Name* n1 = NULL; |
736 |
Name* n2 = NULL; |
|
56562 | 737 |
if (!pc->established) { |
738 |
return GSS_S_NO_CONTEXT; |
|
739 |
} |
|
740 |
if (src_name != NULL) { |
|
56632 | 741 |
n1 = new Name; |
742 |
if (n1 == NULL) { |
|
743 |
goto err; |
|
744 |
} |
|
56617 | 745 |
n1->name = new SEC_WCHAR[lstrlen(pc->nnames.sClientName) + 1]; |
56632 | 746 |
if (n1->name == NULL) { |
747 |
goto err; |
|
748 |
} |
|
56617 | 749 |
PP("new name at %p", n1->name); |
56638 | 750 |
StringCchCopy(n1->name, lstrlen(pc->nnames.sClientName) + 1, pc->nnames.sClientName); |
751 |
wcscpy_s(n1->PackageName, 20, pc->PackageName); |
|
56617 | 752 |
*src_name = (gss_name_t) n1; |
56562 | 753 |
} |
754 |
if (targ_name != NULL) { |
|
56632 | 755 |
n2 = new Name; |
756 |
if (n2 == NULL) { |
|
757 |
goto err; |
|
758 |
} |
|
759 |
n2->name = new SEC_WCHAR[lstrlen(pc->nnames.sServerName) + 1]; |
|
760 |
if (n2->name == NULL) { |
|
761 |
goto err; |
|
762 |
} |
|
763 |
PP("new name at %p", n2->name); |
|
56638 | 764 |
StringCchCopy(n2->name, lstrlen(pc->nnames.sServerName) + 1, pc->nnames.sServerName); |
765 |
wcscpy_s(n2->PackageName, 20, pc->PackageName); |
|
56632 | 766 |
*targ_name = (gss_name_t) n2; |
56562 | 767 |
} |
56624 | 768 |
if (lifetime_rec != NULL) { |
769 |
SecPkgContext_Lifespan ls; |
|
56632 | 770 |
SECURITY_STATUS ss; |
771 |
ss = QueryContextAttributes(&pc->hCtxt, SECPKG_ATTR_LIFESPAN, &ls); |
|
772 |
if (!SEC_SUCCESS(ss)) { |
|
773 |
goto err; |
|
774 |
} |
|
56624 | 775 |
*lifetime_rec = SecondsUntil(&ls.tsExpiry); |
776 |
} |
|
777 |
if (mech_type != NULL) { |
|
56632 | 778 |
// No need for Java |
56624 | 779 |
} |
56562 | 780 |
// TODO: other inquiries |
781 |
return GSS_S_COMPLETE; |
|
56632 | 782 |
err: |
783 |
if (n1 != NULL) { |
|
784 |
if (n1->name != NULL) { |
|
785 |
delete[] n1->name; |
|
786 |
} |
|
787 |
delete n1; |
|
788 |
n1 = NULL; |
|
789 |
} |
|
790 |
if (n2 != NULL) { |
|
791 |
if (n2->name != NULL) { |
|
792 |
delete[] n2->name; |
|
793 |
} |
|
794 |
delete n2; |
|
795 |
n2 = NULL; |
|
796 |
} |
|
797 |
return GSS_S_FAILURE; |
|
56552 | 798 |
} |
799 |
||
56555 | 800 |
__declspec(dllexport) OM_uint32 |
801 |
gss_delete_sec_context(OM_uint32 *minor_status, |
|
802 |
gss_ctx_id_t *context_handle, |
|
803 |
gss_buffer_t output_token) |
|
804 |
{ |
|
56574 | 805 |
PP(">>>> Calling gss_delete_sec_context..."); |
806 |
Context* pc = (Context*) *context_handle; |
|
807 |
DeleteSecurityContext(&pc->hCtxt); |
|
808 |
if (pc->phCred != NULL) { |
|
809 |
FreeCredentialsHandle(pc->phCred); |
|
810 |
pc->phCred = NULL; |
|
811 |
} |
|
812 |
FreeContextBuffer(&pc->nnames); |
|
56632 | 813 |
delete pc; |
56574 | 814 |
return GSS_S_COMPLETE; |
56552 | 815 |
} |
816 |
||
56555 | 817 |
__declspec(dllexport) OM_uint32 |
818 |
gss_context_time(OM_uint32 *minor_status, |
|
819 |
gss_ctx_id_t context_handle, |
|
820 |
OM_uint32 *time_rec) |
|
821 |
{ |
|
56624 | 822 |
PP(">>>> Calling IMPLEMENTED gss_context_time..."); |
56632 | 823 |
SECURITY_STATUS ss; |
56552 | 824 |
Context* pc = (Context*) context_handle; |
56624 | 825 |
SecPkgContext_Lifespan ls; |
56632 | 826 |
ss = QueryContextAttributes(&pc->hCtxt, SECPKG_ATTR_LIFESPAN, &ls); |
827 |
if (ss == SEC_E_OK) { |
|
828 |
*time_rec = SecondsUntil(&ls.tsExpiry); |
|
829 |
showTime(&ls.tsStart); |
|
830 |
showTime(&ls.tsExpiry); |
|
831 |
TimeStamp ts; |
|
832 |
GetSystemTimeAsFileTime((FILETIME*)&ts); |
|
833 |
showTime(&ts); |
|
834 |
return GSS_S_COMPLETE; |
|
835 |
} else { |
|
836 |
PP("QueryContextAttributes failed"); |
|
837 |
return GSS_S_FAILURE; |
|
838 |
} |
|
56552 | 839 |
} |
840 |
||
56555 | 841 |
__declspec(dllexport) OM_uint32 |
842 |
gss_wrap_size_limit(OM_uint32 *minor_status, |
|
843 |
gss_ctx_id_t context_handle, |
|
844 |
int conf_req_flag, |
|
845 |
gss_qop_t qop_req, |
|
846 |
OM_uint32 req_output_size, |
|
847 |
OM_uint32 *max_input_size) |
|
848 |
{ |
|
56562 | 849 |
PP(">>>> Calling gss_wrap_size_limit..."); |
56552 | 850 |
Context* pc = (Context*) context_handle; |
851 |
*max_input_size = pc->cbMaxMessage; |
|
852 |
return GSS_S_COMPLETE; |
|
853 |
} |
|
854 |
||
56555 | 855 |
__declspec(dllexport) OM_uint32 |
856 |
gss_export_sec_context(OM_uint32 *minor_status, |
|
857 |
gss_ctx_id_t *context_handle, |
|
858 |
gss_buffer_t interprocess_token) |
|
859 |
{ |
|
56562 | 860 |
PP(">>>> Calling UNIMPLEMENTED gss_export_sec_context..."); |
56552 | 861 |
return GSS_S_FAILURE; |
862 |
} |
|
863 |
||
56555 | 864 |
__declspec(dllexport) OM_uint32 |
865 |
gss_get_mic(OM_uint32 *minor_status, |
|
866 |
gss_ctx_id_t context_handle, |
|
867 |
gss_qop_t qop_req, |
|
868 |
gss_buffer_t message_buffer, |
|
869 |
gss_buffer_t msg_token) |
|
870 |
{ |
|
56562 | 871 |
PP(">>>> Calling gss_get_mic..."); |
56552 | 872 |
Context* pc = (Context*) context_handle; |
873 |
||
874 |
SECURITY_STATUS ss; |
|
875 |
SecBufferDesc BuffDesc; |
|
876 |
SecBuffer SecBuff[2]; |
|
877 |
||
878 |
BuffDesc.cBuffers = 2; |
|
879 |
BuffDesc.pBuffers = SecBuff; |
|
880 |
BuffDesc.ulVersion = SECBUFFER_VERSION; |
|
881 |
||
882 |
SecBuff[0].BufferType = SECBUFFER_DATA; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
883 |
SecBuff[0].cbBuffer = (ULONG)message_buffer->length; |
56552 | 884 |
SecBuff[0].pvBuffer = message_buffer->value; |
885 |
||
886 |
SecBuff[1].BufferType = SECBUFFER_TOKEN; |
|
887 |
SecBuff[1].cbBuffer = pc->SecPkgContextSizes.cbMaxSignature; |
|
888 |
SecBuff[1].pvBuffer = msg_token->value = malloc(SecBuff[1].cbBuffer); |
|
889 |
||
890 |
ss = MakeSignature(&pc->hCtxt, 0, &BuffDesc, 0); |
|
891 |
||
892 |
if (!SEC_SUCCESS(ss)) { |
|
893 |
free(SecBuff[1].pvBuffer); |
|
894 |
return GSS_S_FAILURE; |
|
895 |
} |
|
896 |
||
897 |
msg_token->length = SecBuff[1].cbBuffer; |
|
898 |
return GSS_S_COMPLETE; |
|
899 |
} |
|
900 |
||
56555 | 901 |
__declspec(dllexport) OM_uint32 |
902 |
gss_verify_mic(OM_uint32 *minor_status, |
|
903 |
gss_ctx_id_t context_handle, |
|
904 |
gss_buffer_t message_buffer, |
|
905 |
gss_buffer_t token_buffer, |
|
906 |
gss_qop_t *qop_state) |
|
907 |
{ |
|
56562 | 908 |
PP(">>>> Calling gss_verify_mic..."); |
56552 | 909 |
Context* pc = (Context*) context_handle; |
910 |
||
911 |
SECURITY_STATUS ss; |
|
912 |
SecBufferDesc BuffDesc; |
|
913 |
SecBuffer SecBuff[2]; |
|
914 |
ULONG qop; |
|
915 |
||
916 |
BuffDesc.ulVersion = 0; |
|
917 |
BuffDesc.cBuffers = 2; |
|
918 |
BuffDesc.pBuffers = SecBuff; |
|
919 |
||
920 |
SecBuff[0].BufferType = SECBUFFER_TOKEN; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
921 |
SecBuff[0].cbBuffer = (ULONG)token_buffer->length; |
56552 | 922 |
SecBuff[0].pvBuffer = token_buffer->value; |
923 |
||
924 |
SecBuff[1].BufferType = SECBUFFER_DATA; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
925 |
SecBuff[1].cbBuffer = (ULONG)message_buffer->length; |
56552 | 926 |
SecBuff[1].pvBuffer = message_buffer->value; |
927 |
||
928 |
ss = VerifySignature(&pc->hCtxt, &BuffDesc, 0, &qop); |
|
929 |
*qop_state = qop; |
|
930 |
||
931 |
if (ss == SEC_E_OK) { |
|
932 |
return GSS_S_COMPLETE; |
|
933 |
} else if (ss == SEC_E_OUT_OF_SEQUENCE) { |
|
934 |
return GSS_S_UNSEQ_TOKEN; |
|
935 |
} else { |
|
936 |
return GSS_S_BAD_SIG; |
|
937 |
} |
|
938 |
} |
|
939 |
||
56555 | 940 |
__declspec(dllexport) OM_uint32 |
941 |
gss_wrap(OM_uint32 *minor_status, |
|
942 |
gss_ctx_id_t context_handle, |
|
943 |
int conf_req_flag, |
|
944 |
gss_qop_t qop_req, |
|
945 |
gss_buffer_t input_message_buffer, |
|
946 |
int *conf_state, |
|
947 |
gss_buffer_t output_message_buffer) |
|
948 |
{ |
|
56562 | 949 |
PP(">>>> Calling gss_wrap..."); |
56552 | 950 |
Context* pc = (Context*) context_handle; |
951 |
||
952 |
SECURITY_STATUS ss; |
|
953 |
SecBufferDesc BuffDesc; |
|
954 |
SecBuffer SecBuff[3]; |
|
955 |
||
956 |
BuffDesc.ulVersion = SECBUFFER_VERSION; |
|
957 |
BuffDesc.cBuffers = 3; |
|
958 |
BuffDesc.pBuffers = SecBuff; |
|
959 |
||
960 |
SecBuff[0].BufferType = SECBUFFER_TOKEN; |
|
961 |
SecBuff[0].cbBuffer = pc->SecPkgContextSizes.cbSecurityTrailer; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
962 |
output_message_buffer->value = SecBuff[0].pvBuffer = malloc( |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
963 |
pc->SecPkgContextSizes.cbSecurityTrailer |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
964 |
+ input_message_buffer->length |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
965 |
+ pc->SecPkgContextSizes.cbBlockSize);; |
56552 | 966 |
|
967 |
SecBuff[1].BufferType = SECBUFFER_DATA; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
968 |
SecBuff[1].cbBuffer = (ULONG)input_message_buffer->length; |
56552 | 969 |
SecBuff[1].pvBuffer = malloc(SecBuff[1].cbBuffer); |
56638 | 970 |
memcpy_s(SecBuff[1].pvBuffer, SecBuff[1].cbBuffer, |
971 |
input_message_buffer->value, input_message_buffer->length); |
|
56552 | 972 |
|
973 |
SecBuff[2].BufferType = SECBUFFER_PADDING; |
|
974 |
SecBuff[2].cbBuffer = pc->SecPkgContextSizes.cbBlockSize; |
|
975 |
SecBuff[2].pvBuffer = malloc(SecBuff[2].cbBuffer); |
|
976 |
||
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
977 |
ss = EncryptMessage(&pc->hCtxt, conf_req_flag ? 0 : SECQOP_WRAP_NO_ENCRYPT, |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
978 |
&BuffDesc, 0); |
56552 | 979 |
*conf_state = conf_req_flag; |
980 |
||
981 |
if (!SEC_SUCCESS(ss)) { |
|
982 |
free(SecBuff[0].pvBuffer); |
|
983 |
free(SecBuff[1].pvBuffer); |
|
984 |
free(SecBuff[2].pvBuffer); |
|
985 |
return GSS_S_FAILURE; |
|
986 |
} |
|
987 |
||
56638 | 988 |
memcpy_s((PBYTE)SecBuff[0].pvBuffer + SecBuff[0].cbBuffer, |
989 |
input_message_buffer->length + pc->SecPkgContextSizes.cbBlockSize, |
|
990 |
SecBuff[1].pvBuffer, |
|
56552 | 991 |
SecBuff[1].cbBuffer); |
56638 | 992 |
memcpy_s((PBYTE)SecBuff[0].pvBuffer + SecBuff[0].cbBuffer + SecBuff[1].cbBuffer, |
993 |
pc->SecPkgContextSizes.cbBlockSize, |
|
994 |
SecBuff[2].pvBuffer, |
|
995 |
SecBuff[2].cbBuffer); |
|
56552 | 996 |
|
997 |
output_message_buffer->length = SecBuff[1].cbBuffer + SecBuff[0].cbBuffer |
|
998 |
+ SecBuff[2].cbBuffer; |
|
999 |
free(SecBuff[1].pvBuffer); |
|
1000 |
free(SecBuff[2].pvBuffer); |
|
1001 |
||
1002 |
return GSS_S_COMPLETE; |
|
1003 |
} |
|
1004 |
||
56555 | 1005 |
__declspec(dllexport) OM_uint32 |
1006 |
gss_unwrap(OM_uint32 *minor_status, |
|
1007 |
gss_ctx_id_t context_handle, |
|
1008 |
gss_buffer_t input_message_buffer, |
|
1009 |
gss_buffer_t output_message_buffer, |
|
1010 |
int *conf_state, |
|
1011 |
gss_qop_t *qop_state) |
|
1012 |
{ |
|
56562 | 1013 |
PP(">>>> Calling gss_unwrap..."); |
56552 | 1014 |
Context* pc = (Context*) context_handle; |
1015 |
||
1016 |
SECURITY_STATUS ss; |
|
1017 |
SecBufferDesc BuffDesc; |
|
1018 |
SecBuffer SecBuff[2]; |
|
1019 |
ULONG ulQop = 0; |
|
1020 |
||
1021 |
BuffDesc.cBuffers = 2; |
|
1022 |
BuffDesc.pBuffers = SecBuff; |
|
1023 |
BuffDesc.ulVersion = SECBUFFER_VERSION; |
|
1024 |
||
1025 |
SecBuff[0].BufferType = SECBUFFER_STREAM; |
|
56554
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
1026 |
SecBuff[0].cbBuffer = (ULONG)input_message_buffer->length; |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
1027 |
output_message_buffer->value = SecBuff[0].pvBuffer |
9b381f73498a
inline GenClientContext, macro redefition, new functions
weijun
parents:
56553
diff
changeset
|
1028 |
= malloc(input_message_buffer->length); |
56638 | 1029 |
memcpy_s(SecBuff[0].pvBuffer, input_message_buffer->length, |
1030 |
input_message_buffer->value, input_message_buffer->length); |
|
56552 | 1031 |
|
1032 |
SecBuff[1].BufferType = SECBUFFER_DATA; |
|
1033 |
SecBuff[1].cbBuffer = 0; |
|
1034 |
SecBuff[1].pvBuffer = NULL; |
|
1035 |
||
1036 |
ss = DecryptMessage(&pc->hCtxt, &BuffDesc, 0, &ulQop); |
|
1037 |
if (!SEC_SUCCESS(ss)) { |
|
1038 |
free(SecBuff[0].pvBuffer); |
|
1039 |
return GSS_S_FAILURE; |
|
1040 |
} |
|
1041 |
output_message_buffer->length = SecBuff[1].cbBuffer; |
|
1042 |
output_message_buffer->value = SecBuff[1].pvBuffer; |
|
1043 |
*conf_state = ulQop == SECQOP_WRAP_NO_ENCRYPT ? 0 : 1; |
|
1044 |
return GSS_S_COMPLETE; |
|
1045 |
} |
|
1046 |
||
56555 | 1047 |
__declspec(dllexport) OM_uint32 |
1048 |
gss_indicate_mechs(OM_uint32 *minor_status, |
|
1049 |
gss_OID_set *mech_set) |
|
1050 |
{ |
|
56562 | 1051 |
PP(">>>> Calling gss_indicate_mechs..."); |
56552 | 1052 |
OM_uint32 minor = 0; |
1053 |
OM_uint32 major = GSS_S_COMPLETE; |
|
1054 |
BOOLEAN hasSpnego = false, hasKerberos = false; |
|
1055 |
||
1056 |
ULONG ccPackages; |
|
1057 |
PSecPkgInfo packages; |
|
1058 |
EnumerateSecurityPackages(&ccPackages, &packages); |
|
56562 | 1059 |
PP("EnumerateSecurityPackages returns %ld", ccPackages); |
1060 |
||
56552 | 1061 |
PSecPkgInfo pkgInfo; |
1062 |
SECURITY_STATUS ss = QuerySecurityPackageInfo(L"Negotiate", &pkgInfo); |
|
1063 |
if (ss == SEC_E_OK) { |
|
56562 | 1064 |
hasSpnego = true; |
56552 | 1065 |
} |
1066 |
ss = QuerySecurityPackageInfo(L"Kerberos", &pkgInfo); |
|
1067 |
if (ss == SEC_E_OK) { |
|
1068 |
hasKerberos = true; |
|
1069 |
} |
|
1070 |
||
56620 | 1071 |
if (gss_create_empty_oid_set(minor_status, mech_set)) { |
56552 | 1072 |
major = GSS_S_FAILURE; |
1073 |
goto done; |
|
1074 |
} |
|
1075 |
||
1076 |
if (hasKerberos) { |
|
56624 | 1077 |
gss_add_oid_set_member(minor_status, &KRB5_OID, mech_set); |
56620 | 1078 |
} |
56552 | 1079 |
if (hasSpnego) { |
56624 | 1080 |
gss_add_oid_set_member(minor_status, &SPNEGO_OID, mech_set); |
56620 | 1081 |
} |
56552 | 1082 |
done: |
1083 |
if (major != GSS_S_COMPLETE) { |
|
1084 |
// (void) generic_gss_release_oid_set(&minor, ©); |
|
1085 |
} |
|
1086 |
||
1087 |
return (major); |
|
1088 |
} |
|
1089 |
||
56555 | 1090 |
__declspec(dllexport) OM_uint32 |
1091 |
gss_inquire_names_for_mech(OM_uint32 *minor_status, |
|
1092 |
const gss_OID mechanism, |
|
1093 |
gss_OID_set *name_types) |
|
1094 |
{ |
|
56620 | 1095 |
PP(">>>> Calling IMPLEMENTED gss_inquire_names_for_mech..."); |
1096 |
gss_create_empty_oid_set(minor_status, name_types); |
|
56624 | 1097 |
gss_add_oid_set_member(minor_status, &USER_NAME_OID, name_types); |
1098 |
gss_add_oid_set_member(minor_status, &HOST_SERVICE_NAME_OID, name_types); |
|
1099 |
gss_add_oid_set_member(minor_status, &EXPORT_NAME_OID, name_types); |
|
56620 | 1100 |
return GSS_S_COMPLETE; |
56552 | 1101 |
} |
1102 |
||
56555 | 1103 |
__declspec(dllexport) OM_uint32 |
1104 |
gss_add_oid_set_member(OM_uint32 *minor_status, |
|
1105 |
gss_OID member_oid, |
|
1106 |
gss_OID_set *oid_set) |
|
1107 |
{ |
|
56562 | 1108 |
PP(">>>> Calling gss_add_oid_set_member..."); |
1109 |
if (member_oid == NULL || member_oid->length == 0 |
|
1110 |
|| member_oid->elements == NULL) { |
|
1111 |
return GSS_S_CALL_INACCESSIBLE_READ; |
|
1112 |
} |
|
1113 |
||
1114 |
if (oid_set == NULL) { |
|
1115 |
return GSS_S_CALL_INACCESSIBLE_WRITE; |
|
1116 |
} |
|
1117 |
||
1118 |
int count = (int)(*oid_set)->count; |
|
1119 |
for (int i = 0; i < count; i++) { |
|
1120 |
if ((*oid_set)->elements[i].length == member_oid->length |
|
1121 |
&& !memcmp((*oid_set)->elements[i].elements, member_oid->elements, member_oid->length)) { |
|
1122 |
// already there |
|
1123 |
return GSS_S_COMPLETE; |
|
1124 |
} |
|
1125 |
} |
|
1126 |
gss_OID existing = (*oid_set)->elements; |
|
1127 |
gss_OID newcopy = new gss_OID_desc[count + 1]; |
|
1128 |
if (newcopy == NULL) { |
|
1129 |
return GSS_S_FAILURE; |
|
1130 |
} |
|
1131 |
if (existing) { |
|
56638 | 1132 |
memcpy_s(newcopy, (count + 1) * sizeof(gss_OID_desc), |
1133 |
existing, count * sizeof(gss_OID_desc)); |
|
56562 | 1134 |
} |
1135 |
newcopy[count].length = member_oid->length; |
|
1136 |
newcopy[count].elements = new char[member_oid->length]; |
|
1137 |
if (newcopy[count].elements == NULL) { |
|
1138 |
delete[] newcopy; |
|
1139 |
return GSS_S_FAILURE; |
|
1140 |
} |
|
56638 | 1141 |
memcpy_s(newcopy[count].elements, member_oid->length, |
1142 |
member_oid->elements, member_oid->length); |
|
56562 | 1143 |
(*oid_set)->elements = newcopy; |
1144 |
(*oid_set)->count++; |
|
1145 |
if (existing) { |
|
1146 |
delete[] existing; |
|
1147 |
} |
|
1148 |
||
1149 |
return GSS_S_COMPLETE; |
|
56552 | 1150 |
} |
1151 |
||
56555 | 1152 |
__declspec(dllexport) OM_uint32 |
1153 |
gss_display_status(OM_uint32 *minor_status, |
|
1154 |
OM_uint32 status_value, |
|
1155 |
int status_type, |
|
1156 |
gss_OID mech_type, |
|
1157 |
OM_uint32 *message_context, |
|
1158 |
gss_buffer_t status_string) |
|
1159 |
{ |
|
56562 | 1160 |
PP(">>>> Calling UNIMPLEMENTED gss_display_status..."); |
56632 | 1161 |
status_string->value = new char[7]; |
56638 | 1162 |
memcpy_s(status_string->value, 7, "Nothing", 7); |
56562 | 1163 |
status_string->length = 7; |
1164 |
return GSS_S_COMPLETE; |
|
56552 | 1165 |
} |
1166 |
||
56555 | 1167 |
__declspec(dllexport) OM_uint32 |
1168 |
gss_create_empty_oid_set(OM_uint32 *minor_status, |
|
1169 |
gss_OID_set *oid_set) |
|
1170 |
{ |
|
56562 | 1171 |
PP(">>>> Calling gss_create_empty_oid_set..."); |
1172 |
if (oid_set == NULL) { |
|
1173 |
return GSS_S_CALL_INACCESSIBLE_WRITE; |
|
1174 |
} |
|
1175 |
||
1176 |
if (*oid_set = new gss_OID_set_desc) { |
|
1177 |
memset(*oid_set, 0, sizeof(gss_OID_set_desc)); |
|
1178 |
return GSS_S_COMPLETE; |
|
1179 |
} |
|
56552 | 1180 |
return GSS_S_FAILURE; |
1181 |
} |
|
1182 |
||
56555 | 1183 |
__declspec(dllexport) OM_uint32 |
1184 |
gss_release_oid_set(OM_uint32 *minor_status, |
|
1185 |
gss_OID_set *set) |
|
1186 |
{ |
|
56562 | 1187 |
PP(">>>> Calling gss_release_oid_set..."); |
1188 |
if (set == NULL || *set == GSS_C_NO_OID_SET) { |
|
1189 |
return GSS_S_COMPLETE; |
|
1190 |
} |
|
1191 |
for (int i = 0; i < (*set)->count; i++) { |
|
1192 |
delete[] (*set)->elements[i].elements; |
|
1193 |
} |
|
1194 |
delete[] (*set)->elements; |
|
1195 |
delete *set; |
|
1196 |
*set = GSS_C_NO_OID_SET; |
|
1197 |
return GSS_S_COMPLETE; |
|
56552 | 1198 |
} |
1199 |
||
56555 | 1200 |
__declspec(dllexport) OM_uint32 |
1201 |
gss_release_buffer(OM_uint32 *minor_status, |
|
1202 |
gss_buffer_t buffer) |
|
1203 |
{ |
|
56562 | 1204 |
PP(">>>> Calling gss_release_buffer..."); |
1205 |
if (buffer == NULL) { |
|
1206 |
return GSS_S_COMPLETE; |
|
1207 |
} |
|
1208 |
if (buffer->value) { |
|
1209 |
delete[] buffer->value; |
|
1210 |
buffer->value = NULL; |
|
1211 |
buffer->length = 0; |
|
1212 |
} |
|
1213 |
return GSS_S_COMPLETE; |
|
56552 | 1214 |
} |
1215 |
||
56555 | 1216 |
/* End implemented section */ |
1217 |
||
56552 | 1218 |
#ifdef __cplusplus |
1219 |
} |
|
1220 |
#endif |