secur32: Use a reserved flag for the cached credentials hack.

Signed-off-by: Hans Leidekker <hans@codeweavers.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>

secur32: Use a reserved flag for the cached credentials hack.
4a45679f · Hans Leidekker · Alexandre Julliard · 24aba090 · 4a45679f · 4a45679f
Commit 4a45679f authored May 07, 2021 by Hans Leidekker Committed by Alexandre Julliard May 07, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 19 deletions

main.c dlls/msv1_0/main.c +3 -2

negotiate.c dlls/secur32/negotiate.c +5 -17

No files found.
--- a/dlls/msv1_0/main.c
+++ b/dlls/msv1_0/main.c
@@ -159,6 +159,7 @@ static char *get_domain_arg( const WCHAR *domain, int domain_len )
    return ret;
 }

+#define WINE_NO_CACHED_CREDENTIALS 0x10000000
 static NTSTATUS NTAPI ntlm_SpAcquireCredentialsHandle( UNICODE_STRING *principal, ULONG cred_use, LUID *logon_id,
                                                       void *auth_data, void *get_key_fn, void *get_key_arg,
                                                       LSA_SEC_HANDLE *handle, TimeStamp *expiry )
@@ -171,7 +172,7 @@ static NTSTATUS NTAPI ntlm_SpAcquireCredentialsHandle( UNICODE_STRING *principal
    TRACE( "%s, 0x%08x, %p, %p, %p, %p, %p, %p\n", debugstr_us(principal), cred_use, logon_id, auth_data,
           get_key_fn, get_key_arg, cred, expiry );

-    switch (cred_use)
+    switch (cred_use & ~SECPKG_CRED_RESERVED)
    {
    case SECPKG_CRED_INBOUND:
        if (!(cred = malloc( sizeof(*cred) ))) return SEC_E_INSUFFICIENT_MEMORY;
@@ -194,7 +195,7 @@ static NTSTATUS NTAPI ntlm_SpAcquireCredentialsHandle( UNICODE_STRING *principal
        cred->domain_arg   = NULL;
        cred->password     = NULL;
        cred->password_len = 0;
-        cred->no_cached_credentials = 0;
+        cred->no_cached_credentials = (cred_use & WINE_NO_CACHED_CREDENTIALS);

        if ((id = auth_data))
        {

--- a/dlls/secur32/negotiate.c
+++ b/dlls/secur32/negotiate.c
@@ -58,16 +58,7 @@ struct sec_handle
    SecHandle       handle_ntlm;
 };

-/* matches layout from msv1_0 */
-struct ntlm_cred
-{
-    int   mode;
-    char *username_arg;
-    char *domain_arg;
-    char *password;
-    int   password_len;
-    int   no_cached_credentials; /* don't try to use cached Samba credentials */
-};
+#define WINE_NO_CACHED_CREDENTIALS 0x10000000

 /***********************************************************************
 *              AcquireCredentialsHandleW
@@ -99,14 +90,11 @@ static SECURITY_STATUS SEC_ENTRY nego_AcquireCredentialsHandleW(

    if ((package = SECUR32_findPackageW( ntlmW )))
    {
+        ULONG cred_use = pAuthData ? fCredentialUse : fCredentialUse | WINE_NO_CACHED_CREDENTIALS;
+
        ret = package->provider->fnTableW.AcquireCredentialsHandleW( pszPrincipal, ntlmW,
-                fCredentialUse, pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, &cred->handle_ntlm, ptsExpiry );
-        if (ret == SEC_E_OK)
-        {
-            struct ntlm_cred *ntlm_cred = (struct ntlm_cred *)cred->handle_ntlm.dwLower;
-            ntlm_cred->no_cached_credentials = (pAuthData == NULL);
-            cred->ntlm = package->provider;
-        }
+                cred_use, pLogonID, pAuthData, pGetKeyFn, pGetKeyArgument, &cred->handle_ntlm, ptsExpiry );
+        if (ret == SEC_E_OK) cred->ntlm = package->provider;
    }

    if (cred->krb || cred->ntlm)