rpcrt4: Pass the SPN input to RpcBindingSetAuthInfoA/W into…

rpcrt4: Pass the SPN input to RpcBindingSetAuthInfoA/W into InitializeSecurityContextW instead of AcquireCredentialsHandleA/W.

rpcrt4: Pass the SPN input to RpcBindingSetAuthInfoA/W into…
2badb4fa · Rob Shearman · Alexandre Julliard · fef5ce52 · 2badb4fa · 2badb4fa
Commit 2badb4fa authored Jan 23, 2008 by Rob Shearman Committed by Alexandre Julliard Jan 23, 2008
Hide whitespace changes
Inline Side-by-side

Showing with 31 additions and 10 deletions

rpc_binding.c dlls/rpcrt4/rpc_binding.c +26 -6

rpc_binding.h dlls/rpcrt4/rpc_binding.h +1 -0

rpc_message.c dlls/rpcrt4/rpc_message.c +4 -4

No files found.
--- a/dlls/rpcrt4/rpc_binding.c
+++ b/dlls/rpcrt4/rpc_binding.c
@@ -937,6 +937,7 @@ static RPC_STATUS RpcAuthInfo_Create(ULONG AuthnLevel, ULONG AuthnSvc,
    AuthInfo->exp = exp;
    AuthInfo->cbMaxToken = cbMaxToken;
    AuthInfo->identity = identity;
+    AuthInfo->server_principal_name = NULL;

    /* duplicate the SEC_WINNT_AUTH_IDENTITY structure, if applicable, to
     * enable better matching in RpcAuthInfo_IsEqual */
@@ -1004,6 +1005,7 @@ ULONG RpcAuthInfo_Release(RpcAuthInfo *AuthInfo)
            HeapFree(GetProcessHeap(), 0, AuthInfo->nt_identity->Password);
            HeapFree(GetProcessHeap(), 0, AuthInfo->nt_identity);
        }
+        HeapFree(GetProcessHeap(), 0, AuthInfo->server_principal_name);
        HeapFree(GetProcessHeap(), 0, AuthInfo);
    }

@@ -1415,7 +1417,7 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName,
  }

  TRACE("found package %s for service %u\n", packages[i].Name, AuthnSvc);
-  r = AcquireCredentialsHandleA((SEC_CHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
+  r = AcquireCredentialsHandleA(NULL, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
                                AuthIdentity, NULL, NULL, &cred, &exp);
  cbMaxToken = packages[i].cbMaxToken;
  FreeContextBuffer(packages);
@@ -1426,8 +1428,17 @@ RpcBindingSetAuthInfoExA( RPC_BINDING_HANDLE Binding, RPC_CSTR ServerPrincName,
                           AuthIdentity, &new_auth_info);
    if (r == RPC_S_OK)
    {
-      if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
-      bind->AuthInfo = new_auth_info;
+      new_auth_info->server_principal_name = RPCRT4_strdupAtoW((char *)ServerPrincName);
+      if (new_auth_info->server_principal_name)
+      {
+        if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
+        bind->AuthInfo = new_auth_info;
+      }
+      else
+      {
+        RpcAuthInfo_Release(new_auth_info);
+        r = ERROR_OUTOFMEMORY;
+      }
    }
    else
      FreeCredentialsHandle(&cred);
@@ -1535,7 +1546,7 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName, 
  }

  TRACE("found package %s for service %u\n", debugstr_w(packages[i].Name), AuthnSvc);
-  r = AcquireCredentialsHandleW((SEC_WCHAR *)ServerPrincName, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
+  r = AcquireCredentialsHandleW(NULL, packages[i].Name, SECPKG_CRED_OUTBOUND, NULL,
                                AuthIdentity, NULL, NULL, &cred, &exp);
  cbMaxToken = packages[i].cbMaxToken;
  FreeContextBuffer(packages);
@@ -1546,8 +1557,17 @@ RpcBindingSetAuthInfoExW( RPC_BINDING_HANDLE Binding, RPC_WSTR ServerPrincName, 
                           AuthIdentity, &new_auth_info);
    if (r == RPC_S_OK)
    {
-      if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
-      bind->AuthInfo = new_auth_info;
+      new_auth_info->server_principal_name = RPCRT4_strdupW(ServerPrincName);
+      if (new_auth_info->server_principal_name)
+      {
+        if (bind->AuthInfo) RpcAuthInfo_Release(bind->AuthInfo);
+        bind->AuthInfo = new_auth_info;
+      }
+      else
+      {
+        RpcAuthInfo_Release(new_auth_info);
+        r = ERROR_OUTOFMEMORY;
+      }
    }
    else
      FreeCredentialsHandle(&cred);

--- a/dlls/rpcrt4/rpc_binding.h
+++ b/dlls/rpcrt4/rpc_binding.h
@@ -41,6 +41,7 @@ typedef struct _RpcAuthInfo
  /* our copy of NT auth identity structure, if the authentication service
   * takes an NT auth identity */
  SEC_WINNT_AUTH_IDENTITY_W *nt_identity;
+  LPWSTR server_principal_name;
 } RpcAuthInfo;

 typedef struct _RpcQualityOfService

--- a/dlls/rpcrt4/rpc_message.c
+++ b/dlls/rpcrt4/rpc_message.c
@@ -581,10 +581,10 @@ static RPC_STATUS RPCRT4_ClientAuthorize(RpcConnection *conn, SecBuffer *in,
  inp_desc.pBuffers = in;
  inp_desc.ulVersion = 0;

-  r = InitializeSecurityContextA(&conn->AuthInfo->cred, in ? &conn->ctx : NULL,
-        NULL, context_req, 0, SECURITY_NETWORK_DREP,
-        in ? &inp_desc : NULL, 0, &conn->ctx, &out_desc, &conn->attr,
-        &conn->exp);
+  r = InitializeSecurityContextW(&conn->AuthInfo->cred, in ? &conn->ctx : NULL,
+        in ? NULL : conn->AuthInfo->server_principal_name, context_req, 0,
+        SECURITY_NETWORK_DREP, in ? &inp_desc : NULL, 0, &conn->ctx,
+        &out_desc, &conn->attr, &conn->exp);
  if (FAILED(r))
  {
      WARN("InitializeSecurityContext failed with error 0x%08x\n", r);