mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
ntlm: Changed handles to be dynamic like other SSPI handles
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
This commit is contained in:
parent
f9f212fb93
commit
28ff8babad
@ -343,10 +343,16 @@ void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm)
|
|||||||
{
|
{
|
||||||
Curl_safefree(ntlm->input_token);
|
Curl_safefree(ntlm->input_token);
|
||||||
|
|
||||||
if(ntlm->has_handles) {
|
if(ntlm->context) {
|
||||||
s_pSecFn->DeleteSecurityContext(&ntlm->context);
|
s_pSecFn->DeleteSecurityContext(ntlm->context);
|
||||||
s_pSecFn->FreeCredentialsHandle(&ntlm->credentials);
|
free(ntlm->context);
|
||||||
ntlm->has_handles = 0;
|
ntlm->context = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(ntlm->credentials) {
|
||||||
|
s_pSecFn->FreeCredentialsHandle(ntlm->credentials);
|
||||||
|
free(ntlm->credentials);
|
||||||
|
ntlm->credentials = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ntlm->max_token_length = 0;
|
ntlm->max_token_length = 0;
|
||||||
@ -452,15 +458,29 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
|
|||||||
/* Use the current Windows user */
|
/* Use the current Windows user */
|
||||||
ntlm->p_identity = NULL;
|
ntlm->p_identity = NULL;
|
||||||
|
|
||||||
/* Acquire our credientials handle */
|
/* Allocate our credentials handle */
|
||||||
|
ntlm->credentials = malloc(sizeof(CredHandle));
|
||||||
|
if(!ntlm->credentials)
|
||||||
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
|
||||||
|
memset(ntlm->credentials, 0, sizeof(CredHandle));
|
||||||
|
|
||||||
|
/* Acquire our credentials handle */
|
||||||
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||||
(TCHAR *) TEXT("NTLM"),
|
(TCHAR *) TEXT("NTLM"),
|
||||||
SECPKG_CRED_OUTBOUND, NULL,
|
SECPKG_CRED_OUTBOUND, NULL,
|
||||||
ntlm->p_identity, NULL, NULL,
|
ntlm->p_identity, NULL, NULL,
|
||||||
&ntlm->credentials, &tsDummy);
|
ntlm->credentials, &tsDummy);
|
||||||
if(status != SEC_E_OK)
|
if(status != SEC_E_OK)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
|
||||||
|
/* Allocate our new context handle */
|
||||||
|
ntlm->context = malloc(sizeof(CtxtHandle));
|
||||||
|
if(!ntlm->context)
|
||||||
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
|
||||||
|
memset(ntlm->context, 0, sizeof(CtxtHandle));
|
||||||
|
|
||||||
/* Setup the type-1 "output" security buffer */
|
/* Setup the type-1 "output" security buffer */
|
||||||
type_1_desc.ulVersion = SECBUFFER_VERSION;
|
type_1_desc.ulVersion = SECBUFFER_VERSION;
|
||||||
type_1_desc.cBuffers = 1;
|
type_1_desc.cBuffers = 1;
|
||||||
@ -470,22 +490,19 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
|
|||||||
type_1_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
|
type_1_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
|
||||||
|
|
||||||
/* Generate our type-1 message */
|
/* Generate our type-1 message */
|
||||||
status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials, NULL,
|
status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL,
|
||||||
(TCHAR *) TEXT(""),
|
(TCHAR *) TEXT(""),
|
||||||
0, 0, SECURITY_NETWORK_DREP,
|
0, 0, SECURITY_NETWORK_DREP,
|
||||||
NULL, 0,
|
NULL, 0,
|
||||||
&ntlm->context, &type_1_desc,
|
ntlm->context, &type_1_desc,
|
||||||
&attrs, &tsDummy);
|
&attrs, &tsDummy);
|
||||||
|
|
||||||
if(status == SEC_I_COMPLETE_AND_CONTINUE ||
|
if(status == SEC_I_COMPLETE_AND_CONTINUE ||
|
||||||
status == SEC_I_CONTINUE_NEEDED)
|
status == SEC_I_CONTINUE_NEEDED)
|
||||||
s_pSecFn->CompleteAuthToken(&ntlm->context, &type_1_desc);
|
s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
|
||||||
else if(status != SEC_E_OK) {
|
else if(status != SEC_E_OK)
|
||||||
s_pSecFn->FreeCredentialsHandle(&ntlm->credentials);
|
|
||||||
return CURLE_RECV_ERROR;
|
return CURLE_RECV_ERROR;
|
||||||
}
|
|
||||||
|
|
||||||
ntlm->has_handles = 1;
|
|
||||||
size = type_1_buf.cbBuffer;
|
size = type_1_buf.cbBuffer;
|
||||||
|
|
||||||
#else
|
#else
|
||||||
@ -652,12 +669,12 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
|
|||||||
type_3_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
|
type_3_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
|
||||||
|
|
||||||
/* Generate our type-3 message */
|
/* Generate our type-3 message */
|
||||||
status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials,
|
status = s_pSecFn->InitializeSecurityContext(ntlm->credentials,
|
||||||
&ntlm->context,
|
ntlm->context,
|
||||||
(TCHAR *) TEXT(""),
|
(TCHAR *) TEXT(""),
|
||||||
0, 0, SECURITY_NETWORK_DREP,
|
0, 0, SECURITY_NETWORK_DREP,
|
||||||
&type_2_desc,
|
&type_2_desc,
|
||||||
0, &ntlm->context,
|
0, ntlm->context,
|
||||||
&type_3_desc,
|
&type_3_desc,
|
||||||
&attrs, &tsDummy);
|
&attrs, &tsDummy);
|
||||||
if(status != SEC_E_OK) {
|
if(status != SEC_E_OK) {
|
||||||
|
@ -435,13 +435,12 @@ struct kerberos5data {
|
|||||||
struct ntlmdata {
|
struct ntlmdata {
|
||||||
curlntlm state;
|
curlntlm state;
|
||||||
#ifdef USE_WINDOWS_SSPI
|
#ifdef USE_WINDOWS_SSPI
|
||||||
CredHandle credentials;
|
CredHandle *credentials;
|
||||||
CtxtHandle context;
|
CtxtHandle *context;
|
||||||
SEC_WINNT_AUTH_IDENTITY identity;
|
SEC_WINNT_AUTH_IDENTITY identity;
|
||||||
SEC_WINNT_AUTH_IDENTITY *p_identity;
|
SEC_WINNT_AUTH_IDENTITY *p_identity;
|
||||||
size_t max_token_length;
|
size_t max_token_length;
|
||||||
BYTE *output_token;
|
BYTE *output_token;
|
||||||
int has_handles;
|
|
||||||
BYTE *input_token;
|
BYTE *input_token;
|
||||||
size_t input_token_len;
|
size_t input_token_len;
|
||||||
#else
|
#else
|
||||||
|
Loading…
Reference in New Issue
Block a user