Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
b1c58098
Commit
b1c58098
authored
Nov 04, 2021
by
Alexandre Julliard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
kerberos: Move timestamp conversion to the PE side.
Restore expiry time dropped in
6e9a9d67
, spotted by Dmitry Timoshkov. Signed-off-by:
Alexandre Julliard
<
julliard@winehq.org
>
parent
de53f568
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
38 additions
and
24 deletions
+38
-24
krb5_ap.c
dlls/kerberos/krb5_ap.c
+29
-5
unixlib.c
dlls/kerberos/unixlib.c
+6
-16
unixlib.h
dlls/kerberos/unixlib.h
+3
-3
No files found.
dlls/kerberos/krb5_ap.c
View file @
b1c58098
...
...
@@ -83,6 +83,17 @@ static const char *debugstr_us( const UNICODE_STRING *us )
return
debugstr_wn
(
us
->
Buffer
,
us
->
Length
/
sizeof
(
WCHAR
)
);
}
static
void
expiry_to_timestamp
(
ULONG
expiry
,
TimeStamp
*
timestamp
)
{
LARGE_INTEGER
time
;
NtQuerySystemTime
(
&
time
);
RtlSystemTimeToLocalTime
(
&
time
,
&
time
);
time
.
QuadPart
+=
expiry
*
(
ULONGLONG
)
10000000
;
timestamp
->
LowPart
=
time
.
QuadPart
;
timestamp
->
HighPart
=
time
.
QuadPart
>>
32
;
}
static
NTSTATUS
NTAPI
kerberos_LsaApInitializePackage
(
ULONG
package_id
,
PLSA_DISPATCH_TABLE
dispatch
,
PLSA_STRING
database
,
PLSA_STRING
confidentiality
,
PLSA_STRING
*
package_name
)
{
...
...
@@ -267,6 +278,7 @@ static NTSTATUS NTAPI kerberos_SpAcquireCredentialsHandle(
char
*
principal
=
NULL
,
*
username
=
NULL
,
*
password
=
NULL
;
SEC_WINNT_AUTH_IDENTITY_W
*
id
=
auth_data
;
NTSTATUS
status
=
SEC_E_INSUFFICIENT_MEMORY
;
ULONG
exptime
;
TRACE
(
"(%s 0x%08x %p %p %p %p %p %p)
\n
"
,
debugstr_us
(
principal_us
),
credential_use
,
logon_id
,
auth_data
,
get_key_fn
,
get_key_arg
,
credential
,
expiry
);
...
...
@@ -285,7 +297,9 @@ static NTSTATUS NTAPI kerberos_SpAcquireCredentialsHandle(
}
status
=
krb5_funcs
->
acquire_credentials_handle
(
principal
,
credential_use
,
username
,
password
,
credential
,
expiry
);
&
exptime
);
expiry_to_timestamp
(
exptime
,
expiry
);
done:
free
(
principal
);
free
(
username
);
...
...
@@ -310,6 +324,7 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential,
ISC_REQ_IDENTIFY
|
ISC_REQ_CONNECTION
;
char
*
target
=
NULL
;
NTSTATUS
status
;
ULONG
exptime
;
TRACE
(
"(%lx %lx %s 0x%08x %u %p %p %p %p %p %p %p)
\n
"
,
credential
,
context
,
debugstr_us
(
target_name
),
context_req
,
target_data_rep
,
input
,
new_context
,
output
,
context_attr
,
expiry
,
...
...
@@ -320,8 +335,12 @@ static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential,
if
(
target_name
&&
!
(
target
=
get_str_unixcp
(
target_name
)))
return
SEC_E_INSUFFICIENT_MEMORY
;
status
=
krb5_funcs
->
initialize_context
(
credential
,
context
,
target
,
context_req
,
input
,
new_context
,
output
,
context_attr
,
expiry
);
if
(
!
status
)
*
mapped_context
=
TRUE
;
context_attr
,
&
exptime
);
if
(
!
status
)
{
*
mapped_context
=
TRUE
;
expiry_to_timestamp
(
exptime
,
expiry
);
}
/* FIXME: initialize context_data */
free
(
target
);
return
status
;
...
...
@@ -332,6 +351,7 @@ static NTSTATUS NTAPI kerberos_SpAcceptLsaModeContext( LSA_SEC_HANDLE credential
SecBufferDesc
*
output
,
ULONG
*
context_attr
,
TimeStamp
*
expiry
,
BOOLEAN
*
mapped_context
,
SecBuffer
*
context_data
)
{
NTSTATUS
status
;
ULONG
exptime
;
TRACE
(
"(%lx %lx 0x%08x %u %p %p %p %p %p %p %p)
\n
"
,
credential
,
context
,
context_req
,
target_data_rep
,
input
,
new_context
,
output
,
context_attr
,
expiry
,
mapped_context
,
context_data
);
...
...
@@ -339,8 +359,12 @@ static NTSTATUS NTAPI kerberos_SpAcceptLsaModeContext( LSA_SEC_HANDLE credential
if
(
!
context
&&
!
input
&&
!
credential
)
return
SEC_E_INVALID_HANDLE
;
status
=
krb5_funcs
->
accept_context
(
credential
,
context
,
input
,
new_context
,
output
,
context_attr
,
expiry
);
if
(
!
status
)
*
mapped_context
=
TRUE
;
status
=
krb5_funcs
->
accept_context
(
credential
,
context
,
input
,
new_context
,
output
,
context_attr
,
&
exptime
);
if
(
!
status
)
{
*
mapped_context
=
TRUE
;
expiry_to_timestamp
(
exptime
,
expiry
);
}
/* FIXME: initialize context_data */
return
status
;
}
...
...
dlls/kerberos/unixlib.c
View file @
b1c58098
...
...
@@ -505,16 +505,6 @@ static inline void credhandle_gss_to_sspi( gss_cred_id_t handle, LSA_SEC_HANDLE
*
cred
=
(
LSA_SEC_HANDLE
)
handle
;
}
static
void
expirytime_gss_to_sspi
(
OM_uint32
expirytime
,
TimeStamp
*
timestamp
)
{
LARGE_INTEGER
time
;
NtQuerySystemTime
(
&
time
);
RtlSystemTimeToLocalTime
(
&
time
,
&
time
);
timestamp
->
LowPart
=
time
.
QuadPart
;
timestamp
->
HighPart
=
time
.
QuadPart
>>
32
;
}
static
ULONG
flags_gss_to_asc_ret
(
ULONG
flags
)
{
ULONG
ret
=
0
;
...
...
@@ -532,7 +522,7 @@ static ULONG flags_gss_to_asc_ret( ULONG flags )
static
NTSTATUS
CDECL
accept_context
(
LSA_SEC_HANDLE
credential
,
LSA_SEC_HANDLE
context
,
SecBufferDesc
*
input
,
LSA_SEC_HANDLE
*
new_context
,
SecBufferDesc
*
output
,
ULONG
*
context_attr
,
TimeStamp
*
expiry
)
ULONG
*
expiry
)
{
OM_uint32
ret
,
minor_status
,
ret_flags
=
0
,
expiry_time
;
gss_cred_id_t
cred_handle
=
credhandle_sspi_to_gss
(
credential
);
...
...
@@ -571,7 +561,7 @@ static NTSTATUS CDECL accept_context( LSA_SEC_HANDLE credential, LSA_SEC_HANDLE
ctxhandle_gss_to_sspi
(
ctx_handle
,
new_context
);
if
(
context_attr
)
*
context_attr
=
flags_gss_to_asc_ret
(
ret_flags
);
expirytime_gss_to_sspi
(
expiry_time
,
expiry
)
;
*
expiry
=
expiry_time
;
}
return
status_gss_to_sspi
(
ret
);
...
...
@@ -621,7 +611,7 @@ static NTSTATUS import_name( const char *src, gss_name_t *dst )
}
static
NTSTATUS
CDECL
acquire_credentials_handle
(
const
char
*
principal
,
ULONG
credential_use
,
const
char
*
username
,
const
char
*
password
,
LSA_SEC_HANDLE
*
credential
,
TimeStamp
*
expiry
)
const
char
*
password
,
LSA_SEC_HANDLE
*
credential
,
ULONG
*
expiry
)
{
OM_uint32
ret
,
minor_status
,
expiry_time
;
gss_name_t
name
=
GSS_C_NO_NAME
;
...
...
@@ -654,7 +644,7 @@ static NTSTATUS CDECL acquire_credentials_handle( const char *principal, ULONG c
if
(
ret
==
GSS_S_COMPLETE
)
{
credhandle_gss_to_sspi
(
cred_handle
,
credential
);
expirytime_gss_to_sspi
(
expiry_time
,
expiry
)
;
*
expiry
=
expiry_time
;
}
if
(
name
!=
GSS_C_NO_NAME
)
pgss_release_name
(
&
minor_status
,
&
name
);
...
...
@@ -715,7 +705,7 @@ static ULONG flags_gss_to_isc_ret( ULONG flags )
static
NTSTATUS
CDECL
initialize_context
(
LSA_SEC_HANDLE
credential
,
LSA_SEC_HANDLE
context
,
const
char
*
target_name
,
ULONG
context_req
,
SecBufferDesc
*
input
,
LSA_SEC_HANDLE
*
new_context
,
SecBufferDesc
*
output
,
ULONG
*
context_attr
,
TimeStamp
*
expiry
)
SecBufferDesc
*
output
,
ULONG
*
context_attr
,
ULONG
*
expiry
)
{
OM_uint32
ret
,
minor_status
,
ret_flags
=
0
,
expiry_time
,
req_flags
=
flags_isc_req_to_gss
(
context_req
);
gss_cred_id_t
cred_handle
=
credhandle_sspi_to_gss
(
credential
);
...
...
@@ -758,7 +748,7 @@ static NTSTATUS CDECL initialize_context( LSA_SEC_HANDLE credential, LSA_SEC_HAN
ctxhandle_gss_to_sspi
(
ctx_handle
,
new_context
);
if
(
context_attr
)
*
context_attr
=
flags_gss_to_isc_ret
(
ret_flags
);
expirytime_gss_to_sspi
(
expiry_time
,
expiry
)
;
*
expiry
=
expiry_time
;
}
if
(
target
!=
GSS_C_NO_NAME
)
pgss_release_name
(
&
minor_status
,
&
target
);
...
...
dlls/kerberos/unixlib.h
View file @
b1c58098
...
...
@@ -24,13 +24,13 @@
struct
krb5_funcs
{
NTSTATUS
(
CDECL
*
accept_context
)(
LSA_SEC_HANDLE
,
LSA_SEC_HANDLE
,
SecBufferDesc
*
,
LSA_SEC_HANDLE
*
,
SecBufferDesc
*
,
ULONG
*
,
TimeStamp
*
);
SecBufferDesc
*
,
ULONG
*
,
ULONG
*
);
NTSTATUS
(
CDECL
*
acquire_credentials_handle
)(
const
char
*
,
ULONG
,
const
char
*
,
const
char
*
,
LSA_SEC_HANDLE
*
,
TimeStamp
*
);
ULONG
*
);
NTSTATUS
(
CDECL
*
delete_context
)(
LSA_SEC_HANDLE
);
NTSTATUS
(
CDECL
*
free_credentials_handle
)(
LSA_SEC_HANDLE
);
NTSTATUS
(
CDECL
*
initialize_context
)(
LSA_SEC_HANDLE
,
LSA_SEC_HANDLE
,
const
char
*
,
ULONG
,
SecBufferDesc
*
,
LSA_SEC_HANDLE
*
,
SecBufferDesc
*
,
ULONG
*
,
TimeStamp
*
);
LSA_SEC_HANDLE
*
,
SecBufferDesc
*
,
ULONG
*
,
ULONG
*
);
NTSTATUS
(
CDECL
*
make_signature
)(
LSA_SEC_HANDLE
,
SecBufferDesc
*
);
NTSTATUS
(
CDECL
*
query_context_attributes
)(
LSA_SEC_HANDLE
,
ULONG
,
void
*
);
NTSTATUS
(
CDECL
*
query_ticket_cache
)(
KERB_QUERY_TKT_CACHE_RESPONSE
*
resp
,
ULONG
*
out_size
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment