1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

ntlm: Changed handles to be dynamic like other SSPI handles

Code cleanup to try and synchronise code between the different SSPI
based authentication mechanisms.
This commit is contained in:
Steve Holme 2014-10-25 14:23:40 +01:00
parent f9f212fb93
commit 28ff8babad
2 changed files with 35 additions and 19 deletions

View File

@ -343,10 +343,16 @@ void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm)
{ {
Curl_safefree(ntlm->input_token); Curl_safefree(ntlm->input_token);
if(ntlm->has_handles) { if(ntlm->context) {
s_pSecFn->DeleteSecurityContext(&ntlm->context); s_pSecFn->DeleteSecurityContext(ntlm->context);
s_pSecFn->FreeCredentialsHandle(&ntlm->credentials); free(ntlm->context);
ntlm->has_handles = 0; ntlm->context = NULL;
}
if(ntlm->credentials) {
s_pSecFn->FreeCredentialsHandle(ntlm->credentials);
free(ntlm->credentials);
ntlm->credentials = NULL;
} }
ntlm->max_token_length = 0; ntlm->max_token_length = 0;
@ -452,15 +458,29 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
/* Use the current Windows user */ /* Use the current Windows user */
ntlm->p_identity = NULL; ntlm->p_identity = NULL;
/* Acquire our credientials handle */ /* Allocate our credentials handle */
ntlm->credentials = malloc(sizeof(CredHandle));
if(!ntlm->credentials)
return CURLE_OUT_OF_MEMORY;
memset(ntlm->credentials, 0, sizeof(CredHandle));
/* Acquire our credentials handle */
status = s_pSecFn->AcquireCredentialsHandle(NULL, status = s_pSecFn->AcquireCredentialsHandle(NULL,
(TCHAR *) TEXT("NTLM"), (TCHAR *) TEXT("NTLM"),
SECPKG_CRED_OUTBOUND, NULL, SECPKG_CRED_OUTBOUND, NULL,
ntlm->p_identity, NULL, NULL, ntlm->p_identity, NULL, NULL,
&ntlm->credentials, &tsDummy); ntlm->credentials, &tsDummy);
if(status != SEC_E_OK) if(status != SEC_E_OK)
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;
/* Allocate our new context handle */
ntlm->context = malloc(sizeof(CtxtHandle));
if(!ntlm->context)
return CURLE_OUT_OF_MEMORY;
memset(ntlm->context, 0, sizeof(CtxtHandle));
/* Setup the type-1 "output" security buffer */ /* Setup the type-1 "output" security buffer */
type_1_desc.ulVersion = SECBUFFER_VERSION; type_1_desc.ulVersion = SECBUFFER_VERSION;
type_1_desc.cBuffers = 1; type_1_desc.cBuffers = 1;
@ -470,22 +490,19 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
type_1_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length); type_1_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
/* Generate our type-1 message */ /* Generate our type-1 message */
status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials, NULL, status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL,
(TCHAR *) TEXT(""), (TCHAR *) TEXT(""),
0, 0, SECURITY_NETWORK_DREP, 0, 0, SECURITY_NETWORK_DREP,
NULL, 0, NULL, 0,
&ntlm->context, &type_1_desc, ntlm->context, &type_1_desc,
&attrs, &tsDummy); &attrs, &tsDummy);
if(status == SEC_I_COMPLETE_AND_CONTINUE || if(status == SEC_I_COMPLETE_AND_CONTINUE ||
status == SEC_I_CONTINUE_NEEDED) status == SEC_I_CONTINUE_NEEDED)
s_pSecFn->CompleteAuthToken(&ntlm->context, &type_1_desc); s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
else if(status != SEC_E_OK) { else if(status != SEC_E_OK)
s_pSecFn->FreeCredentialsHandle(&ntlm->credentials);
return CURLE_RECV_ERROR; return CURLE_RECV_ERROR;
}
ntlm->has_handles = 1;
size = type_1_buf.cbBuffer; size = type_1_buf.cbBuffer;
#else #else
@ -652,12 +669,12 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
type_3_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length); type_3_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
/* Generate our type-3 message */ /* Generate our type-3 message */
status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials, status = s_pSecFn->InitializeSecurityContext(ntlm->credentials,
&ntlm->context, ntlm->context,
(TCHAR *) TEXT(""), (TCHAR *) TEXT(""),
0, 0, SECURITY_NETWORK_DREP, 0, 0, SECURITY_NETWORK_DREP,
&type_2_desc, &type_2_desc,
0, &ntlm->context, 0, ntlm->context,
&type_3_desc, &type_3_desc,
&attrs, &tsDummy); &attrs, &tsDummy);
if(status != SEC_E_OK) { if(status != SEC_E_OK) {

View File

@ -435,13 +435,12 @@ struct kerberos5data {
struct ntlmdata { struct ntlmdata {
curlntlm state; curlntlm state;
#ifdef USE_WINDOWS_SSPI #ifdef USE_WINDOWS_SSPI
CredHandle credentials; CredHandle *credentials;
CtxtHandle context; CtxtHandle *context;
SEC_WINNT_AUTH_IDENTITY identity; SEC_WINNT_AUTH_IDENTITY identity;
SEC_WINNT_AUTH_IDENTITY *p_identity; SEC_WINNT_AUTH_IDENTITY *p_identity;
size_t max_token_length; size_t max_token_length;
BYTE *output_token; BYTE *output_token;
int has_handles;
BYTE *input_token; BYTE *input_token;
size_t input_token_len; size_t input_token_len;
#else #else