secur32: Handle extra data in schan_InitializeSecurityContextW.

cdf8d455 · Piotr Caban · Alexandre Julliard · 98ed9bcd · cdf8d455 · cdf8d455
Commit cdf8d455 authored Sep 17, 2010 by Piotr Caban Committed by Alexandre Julliard Sep 18, 2010
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 1 deletion

schannel.c dlls/secur32/schannel.c +8 -0

schannel.c dlls/secur32/tests/schannel.c +18 -1

No files found.
--- a/dlls/secur32/schannel.c
+++ b/dlls/secur32/schannel.c
@@ -775,6 +775,14 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
    /* Perform the TLS handshake */
    err = pgnutls_handshake(ctx->session);

+    if(transport.in.offset && transport.in.offset != pInput->pBuffers[0].cbBuffer) {
+        if(pInput->cBuffers<2 || pInput->pBuffers[1].BufferType!=SECBUFFER_EMPTY)
+            return SEC_E_INVALID_TOKEN;
+
+        pInput->pBuffers[1].BufferType = SECBUFFER_EXTRA;
+        pInput->pBuffers[1].cbBuffer = pInput->pBuffers[0].cbBuffer-transport.in.offset;
+    }
+
    out_buffers = &transport.out;
    if (out_buffers->current_buffer_idx != -1)
    {

--- a/dlls/secur32/tests/schannel.c
+++ b/dlls/secur32/tests/schannel.c
@@ -586,7 +586,7 @@ static void test_communication(void)
        return;
    }

-    /* Create a socket and connect to mail.google.com */
+    /* Create a socket and connect to www.codeweavers.com */
    ret = WSAStartup(0x0202, &wsa_data);
    if (ret)
    {
@@ -636,6 +636,23 @@ static void test_communication(void)
        0, 0, NULL, 0, &context, &buffers[0], &attrs, NULL);
    ok(status == SEC_I_CONTINUE_NEEDED, "Expected SEC_I_CONTINUE_NEEDED, got %08x\n", status);

+    buffers[1].cBuffers = 1;
+    buffers[1].pBuffers[0].BufferType = SECBUFFER_TOKEN;
+    data_size = buffers[0].pBuffers[0].cbBuffer;
+    status = pInitializeSecurityContextA(&cred_handle, &context, (SEC_CHAR *)"localhost",
+            ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
+            0, 0, &buffers[1], 0, NULL, &buffers[0], &attrs, NULL);
+    ok(status == SEC_E_INVALID_TOKEN, "Expected SEC_E_INVALID_TOKEN, got %08x\n", status);
+
+    buffers[0].pBuffers[0].cbBuffer = buf_size;
+    buffers[1].cBuffers = 4;
+    buffers[1].pBuffers[0].cbBuffer = buf_size;
+
+    status = pInitializeSecurityContextA(&cred_handle, NULL, (SEC_CHAR *)"localhost",
+            ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
+            0, 0, NULL, 0, &context, &buffers[0], &attrs, NULL);
+    ok(status == SEC_I_CONTINUE_NEEDED, "Expected SEC_I_CONTINUE_NEEDED, got %08x\n", status);
+
    while (status == SEC_I_CONTINUE_NEEDED)
    {
        buf = &buffers[0].pBuffers[0];