secur32: Set output buffer size to zero during handshake when no data needs to be sent.

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>

secur32: Set output buffer size to zero during handshake when no data needs to be sent.
4ece6abd · Michael Müller · Alexandre Julliard · 0dddf2a1 · 4ece6abd · 4ece6abd
Commit 4ece6abd authored May 14, 2018 by Michael Müller Committed by Alexandre Julliard May 15, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 9 deletions

schannel.c dlls/secur32/schannel.c +12 -7

schannel.c dlls/secur32/tests/schannel.c +8 -2

No files found.
--- a/dlls/secur32/schannel.c
+++ b/dlls/secur32/schannel.c
@@ -901,6 +901,18 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
    /* Perform the TLS handshake */
    ret = schan_imp_handshake(ctx->session);

+    out_buffers = &ctx->transport.out;
+    if (out_buffers->current_buffer_idx != -1)
+    {
+        SecBuffer *buffer = &out_buffers->desc->pBuffers[out_buffers->current_buffer_idx];
+        buffer->cbBuffer = out_buffers->offset;
+    }
+    else if (out_buffers->desc && out_buffers->desc->cBuffers > 0)
+    {
+        SecBuffer *buffer = &out_buffers->desc->pBuffers[0];
+        buffer->cbBuffer = 0;
+    }
+
    if(ctx->transport.in.offset && ctx->transport.in.offset != pInput->pBuffers[0].cbBuffer) {
        if(pInput->cBuffers<2 || pInput->pBuffers[1].BufferType!=SECBUFFER_EMPTY)
            return SEC_E_INVALID_TOKEN;
@@ -909,13 +921,6 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW(
        pInput->pBuffers[1].cbBuffer = pInput->pBuffers[0].cbBuffer-ctx->transport.in.offset;
    }

-    out_buffers = &ctx->transport.out;
-    if (out_buffers->current_buffer_idx != -1)
-    {
-        SecBuffer *buffer = &out_buffers->desc->pBuffers[out_buffers->current_buffer_idx];
-        buffer->cbBuffer = out_buffers->offset;
-    }
-
    *pfContextAttr = 0;
    if (ctx->req_ctx_attr & ISC_REQ_REPLAY_DETECT)
        *pfContextAttr |= ISC_RET_REPLAY_DETECT;

--- a/dlls/secur32/tests/schannel.c
+++ b/dlls/secur32/tests/schannel.c
@@ -772,7 +772,6 @@ todo_wine
            ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
            0, 0, &buffers[1], 0, NULL, &buffers[0], &attrs, NULL);
    ok(status == SEC_E_INVALID_TOKEN, "Expected SEC_E_INVALID_TOKEN, got %08x\n", status);
-todo_wine
    ok(buffers[0].pBuffers[0].cbBuffer == 0, "Output buffer size was not set to 0.\n");

    buffers[0].pBuffers[0].cbBuffer = 0;
@@ -782,9 +781,15 @@ todo_wine
 todo_wine
    ok(status == SEC_E_INSUFFICIENT_MEMORY || status == SEC_E_INVALID_TOKEN,
       "Expected SEC_E_INSUFFICIENT_MEMORY or SEC_E_INVALID_TOKEN, got %08x\n", status);
+    ok(buffers[0].pBuffers[0].cbBuffer == 0, "Output buffer size was not set to 0.\n");

-    buffers[0].pBuffers[0].cbBuffer = buf_size;
+    status = InitializeSecurityContextA(&cred_handle, NULL, (SEC_CHAR *)"localhost",
+            ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
+            0, 0, NULL, 0, &context, NULL, &attrs, NULL);
+todo_wine
+    ok(status == SEC_E_INVALID_TOKEN, "Expected SEC_E_INVALID_TOKEN, got %08x\n", status);

+    buffers[0].pBuffers[0].cbBuffer = buf_size;
    status = InitializeSecurityContextA(&cred_handle, NULL, (SEC_CHAR *)"localhost",
            ISC_REQ_CONFIDENTIALITY|ISC_REQ_STREAM,
            0, 0, NULL, 0, &context, &buffers[0], &attrs, NULL);
@@ -859,6 +864,7 @@ todo_wine
        buffers[1].pBuffers[0].cbBuffer = buf_size;
    }

+    ok(buffers[0].pBuffers[0].cbBuffer == 0, "Output buffer size was not set to 0.\n");
    ok(status == SEC_E_OK || broken(status == SEC_E_INVALID_TOKEN) /* WinNT */,
        "InitializeSecurityContext failed: %08x\n", status);
    if(status != SEC_E_OK) {