Commit 693433a3 authored by Rob Shearman's avatar Rob Shearman Committed by Alexandre Julliard

secur32: Simplify memory management by not allocating memory for the CredHandle…

secur32: Simplify memory management by not allocating memory for the CredHandle and CtxtHandle pointers. Instead store the handles directly in the SspiData structure and pass the addresses of these into SSPI functions.
parent 5f01280e
...@@ -63,8 +63,8 @@ static SECURITY_STATUS (SEC_ENTRY * pDecryptMessage)(PCtxtHandle, PSecBufferDesc ...@@ -63,8 +63,8 @@ static SECURITY_STATUS (SEC_ENTRY * pDecryptMessage)(PCtxtHandle, PSecBufferDesc
static BOOLEAN (WINAPI * pGetUserNameExA)(EXTENDED_NAME_FORMAT, LPSTR, PULONG); static BOOLEAN (WINAPI * pGetUserNameExA)(EXTENDED_NAME_FORMAT, LPSTR, PULONG);
typedef struct _SspiData { typedef struct _SspiData {
PCredHandle cred; CredHandle cred;
PCtxtHandle ctxt; CtxtHandle ctxt;
PSecBufferDesc in_buf; PSecBufferDesc in_buf;
PSecBufferDesc out_buf; PSecBufferDesc out_buf;
PSEC_WINNT_AUTH_IDENTITY id; PSEC_WINNT_AUTH_IDENTITY id;
...@@ -313,9 +313,6 @@ static SECURITY_STATUS setupClient(SspiData *sspi_data, SEC_CHAR *provider) ...@@ -313,9 +313,6 @@ static SECURITY_STATUS setupClient(SspiData *sspi_data, SEC_CHAR *provider)
trace("Running setupClient\n"); trace("Running setupClient\n");
sspi_data->cred = HeapAlloc(GetProcessHeap(), 0, sizeof(CredHandle));
sspi_data->ctxt = HeapAlloc(GetProcessHeap(), 0, sizeof(CtxtHandle));
ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info); ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info);
ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret)); ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret));
...@@ -324,7 +321,7 @@ static SECURITY_STATUS setupClient(SspiData *sspi_data, SEC_CHAR *provider) ...@@ -324,7 +321,7 @@ static SECURITY_STATUS setupClient(SspiData *sspi_data, SEC_CHAR *provider)
pFreeContextBuffer(sec_pkg_info); pFreeContextBuffer(sec_pkg_info);
if((ret = pAcquireCredentialsHandleA(NULL, provider, SECPKG_CRED_OUTBOUND, if((ret = pAcquireCredentialsHandleA(NULL, provider, SECPKG_CRED_OUTBOUND,
NULL, sspi_data->id, NULL, NULL, sspi_data->cred, &ttl)) NULL, sspi_data->id, NULL, NULL, &sspi_data->cred, &ttl))
!= SEC_E_OK) != SEC_E_OK)
{ {
trace("AcquireCredentialsHandle() returned %s\n", getSecError(ret)); trace("AcquireCredentialsHandle() returned %s\n", getSecError(ret));
...@@ -345,9 +342,6 @@ static SECURITY_STATUS setupServer(SspiData *sspi_data, SEC_CHAR *provider) ...@@ -345,9 +342,6 @@ static SECURITY_STATUS setupServer(SspiData *sspi_data, SEC_CHAR *provider)
trace("Running setupServer\n"); trace("Running setupServer\n");
sspi_data->cred = HeapAlloc(GetProcessHeap(), 0, sizeof(CredHandle));
sspi_data->ctxt = HeapAlloc(GetProcessHeap(), 0, sizeof(CtxtHandle));
ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info); ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info);
ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret)); ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret));
...@@ -356,7 +350,7 @@ static SECURITY_STATUS setupServer(SspiData *sspi_data, SEC_CHAR *provider) ...@@ -356,7 +350,7 @@ static SECURITY_STATUS setupServer(SspiData *sspi_data, SEC_CHAR *provider)
pFreeContextBuffer(sec_pkg_info); pFreeContextBuffer(sec_pkg_info);
if((ret = pAcquireCredentialsHandleA(NULL, provider, SECPKG_CRED_INBOUND, if((ret = pAcquireCredentialsHandleA(NULL, provider, SECPKG_CRED_INBOUND,
NULL, NULL, NULL, NULL, sspi_data->cred, &ttl)) != SEC_E_OK) NULL, NULL, NULL, NULL, &sspi_data->cred, &ttl)) != SEC_E_OK)
{ {
trace("AcquireCredentialsHandle() returned %s\n", getSecError(ret)); trace("AcquireCredentialsHandle() returned %s\n", getSecError(ret));
} }
...@@ -376,9 +370,6 @@ static SECURITY_STATUS setupFakeServer(SspiData *sspi_data, SEC_CHAR *provider) ...@@ -376,9 +370,6 @@ static SECURITY_STATUS setupFakeServer(SspiData *sspi_data, SEC_CHAR *provider)
trace("Running setupFakeServer\n"); trace("Running setupFakeServer\n");
sspi_data->cred = HeapAlloc(GetProcessHeap(), 0, sizeof(CredHandle));
sspi_data->ctxt = HeapAlloc(GetProcessHeap(), 0, sizeof(CtxtHandle));
ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info); ret = pQuerySecurityPackageInfoA(provider, &sec_pkg_info);
ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret)); ok(ret == SEC_E_OK, "QuerySecurityPackageInfo returned %s\n", getSecError(ret));
...@@ -425,8 +416,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep ...@@ -425,8 +416,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep
void *old_buf; void *old_buf;
/* pass NULL as an output buffer */ /* pass NULL as an output buffer */
ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr, ret = pInitializeSecurityContextA(&sspi_data->cred, NULL, NULL, req_attr,
0, data_rep, NULL, 0, sspi_data->ctxt, NULL, 0, data_rep, NULL, 0, &sspi_data->ctxt, NULL,
&ctxt_attr, &ttl); &ctxt_attr, &ttl);
ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret)); ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret));
...@@ -435,8 +426,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep ...@@ -435,8 +426,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep
old_buf = out_buf->pBuffers[0].pvBuffer; old_buf = out_buf->pBuffers[0].pvBuffer;
out_buf->pBuffers[0].pvBuffer = NULL; out_buf->pBuffers[0].pvBuffer = NULL;
ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr, ret = pInitializeSecurityContextA(&sspi_data->cred, NULL, NULL, req_attr,
0, data_rep, NULL, 0, sspi_data->ctxt, out_buf, 0, data_rep, NULL, 0, &sspi_data->ctxt, out_buf,
&ctxt_attr, &ttl); &ctxt_attr, &ttl);
ok(ret == SEC_E_INTERNAL_ERROR || ret == SEC_I_CONTINUE_NEEDED, ok(ret == SEC_E_INTERNAL_ERROR || ret == SEC_I_CONTINUE_NEEDED,
...@@ -447,8 +438,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep ...@@ -447,8 +438,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep
/* pass an output buffer of 0 size */ /* pass an output buffer of 0 size */
out_buf->pBuffers[0].cbBuffer = 0; out_buf->pBuffers[0].cbBuffer = 0;
ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr, ret = pInitializeSecurityContextA(&sspi_data->cred, NULL, NULL, req_attr,
0, data_rep, NULL, 0, sspi_data->ctxt, out_buf, 0, data_rep, NULL, 0, &sspi_data->ctxt, out_buf,
&ctxt_attr, &ttl); &ctxt_attr, &ttl);
ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret)); ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret));
...@@ -459,8 +450,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep ...@@ -459,8 +450,8 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep
out_buf->pBuffers[0].cbBuffer = sspi_data->max_token; out_buf->pBuffers[0].cbBuffer = sspi_data->max_token;
out_buf->pBuffers[0].BufferType = SECBUFFER_DATA; out_buf->pBuffers[0].BufferType = SECBUFFER_DATA;
ret = pInitializeSecurityContextA(sspi_data->cred, NULL, NULL, req_attr, ret = pInitializeSecurityContextA(&sspi_data->cred, NULL, NULL, req_attr,
0, data_rep, NULL, 0, sspi_data->ctxt, out_buf, 0, data_rep, NULL, 0, &sspi_data->ctxt, out_buf,
&ctxt_attr, &ttl); &ctxt_attr, &ttl);
ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret)); ok(ret == SEC_E_BUFFER_TOO_SMALL, "expected SEC_E_BUFFER_TOO_SMALL, got %s\n", getSecError(ret));
...@@ -469,13 +460,13 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep ...@@ -469,13 +460,13 @@ static SECURITY_STATUS runClient(SspiData *sspi_data, BOOL first, ULONG data_rep
out_buf->pBuffers[0].cbBuffer = sspi_data->max_token; out_buf->pBuffers[0].cbBuffer = sspi_data->max_token;
ret = pInitializeSecurityContextA(first?sspi_data->cred:NULL, first?NULL:sspi_data->ctxt, NULL, req_attr, ret = pInitializeSecurityContextA(first?&sspi_data->cred:NULL, first?NULL:&sspi_data->ctxt, NULL, req_attr,
0, data_rep, first?NULL:in_buf, 0, sspi_data->ctxt, out_buf, 0, data_rep, first?NULL:in_buf, 0, &sspi_data->ctxt, out_buf,
&ctxt_attr, &ttl); &ctxt_attr, &ttl);
if(ret == SEC_I_COMPLETE_AND_CONTINUE || ret == SEC_I_COMPLETE_NEEDED) if(ret == SEC_I_COMPLETE_AND_CONTINUE || ret == SEC_I_COMPLETE_NEEDED)
{ {
pCompleteAuthToken(sspi_data->ctxt, out_buf); pCompleteAuthToken(&sspi_data->ctxt, out_buf);
if(ret == SEC_I_COMPLETE_AND_CONTINUE) if(ret == SEC_I_COMPLETE_AND_CONTINUE)
ret = SEC_I_CONTINUE_NEEDED; ret = SEC_I_CONTINUE_NEEDED;
else if(ret == SEC_I_COMPLETE_NEEDED) else if(ret == SEC_I_COMPLETE_NEEDED)
...@@ -500,13 +491,13 @@ static SECURITY_STATUS runServer(SspiData *sspi_data, BOOL first, ULONG data_rep ...@@ -500,13 +491,13 @@ static SECURITY_STATUS runServer(SspiData *sspi_data, BOOL first, ULONG data_rep
trace("Running the server the %s time\n", first?"first":"second"); trace("Running the server the %s time\n", first?"first":"second");
ret = pAcceptSecurityContext(sspi_data->cred, first?NULL:sspi_data->ctxt, ret = pAcceptSecurityContext(&sspi_data->cred, first?NULL:&sspi_data->ctxt,
sspi_data->in_buf, 0, data_rep, sspi_data->ctxt, sspi_data->in_buf, 0, data_rep, &sspi_data->ctxt,
sspi_data->out_buf, &ctxt_attr, &ttl); sspi_data->out_buf, &ctxt_attr, &ttl);
if(ret == SEC_I_COMPLETE_AND_CONTINUE || ret == SEC_I_COMPLETE_NEEDED) if(ret == SEC_I_COMPLETE_AND_CONTINUE || ret == SEC_I_COMPLETE_NEEDED)
{ {
pCompleteAuthToken(sspi_data->ctxt, sspi_data->out_buf); pCompleteAuthToken(&sspi_data->ctxt, sspi_data->out_buf);
if(ret == SEC_I_COMPLETE_AND_CONTINUE) if(ret == SEC_I_COMPLETE_AND_CONTINUE)
ret = SEC_I_CONTINUE_NEEDED; ret = SEC_I_CONTINUE_NEEDED;
else if(ret == SEC_I_COMPLETE_NEEDED) else if(ret == SEC_I_COMPLETE_NEEDED)
...@@ -618,8 +609,8 @@ static void testInitializeSecurityContextFlags(void) ...@@ -618,8 +609,8 @@ static void testInitializeSecurityContextFlags(void)
/* Without any flags, the lowest byte should not have bits 0x20 or 0x10 set*/ /* Without any flags, the lowest byte should not have bits 0x20 or 0x10 set*/
req_attr = 0; req_attr = 0;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -630,13 +621,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -630,13 +621,13 @@ static void testInitializeSecurityContextFlags(void)
ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0), ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
"With req_attr == 0, flags are 0x%02x%02x%02x%02x.\n", "With req_attr == 0, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_CONNECTION, the lowest byte should not have bits 0x20 or 0x10 set*/ /* With ISC_REQ_CONNECTION, the lowest byte should not have bits 0x20 or 0x10 set*/
req_attr = ISC_REQ_CONNECTION; req_attr = ISC_REQ_CONNECTION;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -647,13 +638,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -647,13 +638,13 @@ static void testInitializeSecurityContextFlags(void)
ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0), ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
"For ISC_REQ_CONNECTION, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_CONNECTION, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_EXTENDED_ERROR, the lowest byte should not have bits 0x20 or 0x10 set*/ /* With ISC_REQ_EXTENDED_ERROR, the lowest byte should not have bits 0x20 or 0x10 set*/
req_attr = ISC_REQ_EXTENDED_ERROR; req_attr = ISC_REQ_EXTENDED_ERROR;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -664,13 +655,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -664,13 +655,13 @@ static void testInitializeSecurityContextFlags(void)
ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0), ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
"For ISC_REQ_EXTENDED_ERROR, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_EXTENDED_ERROR, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_MUTUAL_AUTH, the lowest byte should not have bits 0x20 or 0x10 set*/ /* With ISC_REQ_MUTUAL_AUTH, the lowest byte should not have bits 0x20 or 0x10 set*/
req_attr = ISC_REQ_MUTUAL_AUTH; req_attr = ISC_REQ_MUTUAL_AUTH;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -681,13 +672,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -681,13 +672,13 @@ static void testInitializeSecurityContextFlags(void)
ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0), ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
"For ISC_REQ_MUTUAL_AUTH, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_MUTUAL_AUTH, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_USE_DCE_STYLE, the lowest byte should not have bits 0x20 or 0x10 set*/ /* With ISC_REQ_USE_DCE_STYLE, the lowest byte should not have bits 0x20 or 0x10 set*/
req_attr = ISC_REQ_USE_DCE_STYLE; req_attr = ISC_REQ_USE_DCE_STYLE;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -698,13 +689,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -698,13 +689,13 @@ static void testInitializeSecurityContextFlags(void)
ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0), ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
"For ISC_REQ_USE_DCE_STYLE, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_USE_DCE_STYLE, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_DELEGATE, the lowest byte should not have bits 0x20 or 0x10 set*/ /* With ISC_REQ_DELEGATE, the lowest byte should not have bits 0x20 or 0x10 set*/
req_attr = ISC_REQ_DELEGATE; req_attr = ISC_REQ_DELEGATE;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -715,13 +706,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -715,13 +706,13 @@ static void testInitializeSecurityContextFlags(void)
ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0), ok(((packet[12] & 0x10) == 0) && ((packet[12] & 0x20) == 0),
"For ISC_REQ_DELEGATE, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_DELEGATE, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_INTEGRITY, the lowest byte should have bit 0x10 set */ /* With ISC_REQ_INTEGRITY, the lowest byte should have bit 0x10 set */
req_attr = ISC_REQ_INTEGRITY; req_attr = ISC_REQ_INTEGRITY;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -732,13 +723,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -732,13 +723,13 @@ static void testInitializeSecurityContextFlags(void)
ok((packet[12] & 0x10) != 0, ok((packet[12] & 0x10) != 0,
"For ISC_REQ_INTEGRITY, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_INTEGRITY, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_REPLAY_DETECT, the lowest byte should have bit 0x10 set */ /* With ISC_REQ_REPLAY_DETECT, the lowest byte should have bit 0x10 set */
req_attr = ISC_REQ_REPLAY_DETECT; req_attr = ISC_REQ_REPLAY_DETECT;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -749,13 +740,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -749,13 +740,13 @@ static void testInitializeSecurityContextFlags(void)
ok((packet[12] & 0x10) != 0, ok((packet[12] & 0x10) != 0,
"For ISC_REQ_REPLAY_DETECT, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_REPLAY_DETECT, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_SEQUENCE_DETECT, the lowest byte should have bit 0x10 set */ /* With ISC_REQ_SEQUENCE_DETECT, the lowest byte should have bit 0x10 set */
req_attr = ISC_REQ_SEQUENCE_DETECT; req_attr = ISC_REQ_SEQUENCE_DETECT;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -766,13 +757,13 @@ static void testInitializeSecurityContextFlags(void) ...@@ -766,13 +757,13 @@ static void testInitializeSecurityContextFlags(void)
ok((packet[12] & 0x10) != 0, ok((packet[12] & 0x10) != 0,
"For ISC_REQ_SEQUENCE_DETECT, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_SEQUENCE_DETECT, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
/* With ISC_REQ_CONFIDENTIALITY, the lowest byte should have bit 0x20 set */ /* With ISC_REQ_CONFIDENTIALITY, the lowest byte should have bit 0x20 set */
req_attr = ISC_REQ_CONFIDENTIALITY; req_attr = ISC_REQ_CONFIDENTIALITY;
if((sec_status = pInitializeSecurityContextA(client.cred, NULL, NULL, req_attr, if((sec_status = pInitializeSecurityContextA(&client.cred, NULL, NULL, req_attr,
0, SECURITY_NETWORK_DREP, NULL, 0, client.ctxt, client.out_buf, 0, SECURITY_NETWORK_DREP, NULL, 0, &client.ctxt, client.out_buf,
&ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED) &ctxt_attr, &ttl)) != SEC_I_CONTINUE_NEEDED)
{ {
trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n", trace("InitializeSecurityContext returned %s not SEC_I_CONTINUE_NEEDED, aborting.\n",
...@@ -783,14 +774,11 @@ static void testInitializeSecurityContextFlags(void) ...@@ -783,14 +774,11 @@ static void testInitializeSecurityContextFlags(void)
ok((packet[12] & 0x20) != 0, ok((packet[12] & 0x20) != 0,
"For ISC_REQ_CONFIDENTIALITY, flags are 0x%02x%02x%02x%02x.\n", "For ISC_REQ_CONFIDENTIALITY, flags are 0x%02x%02x%02x%02x.\n",
packet[15], packet[14], packet[13], packet[12]); packet[15], packet[14], packet[13], packet[12]);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
tISCFend: tISCFend:
cleanupBuffers(&client); cleanupBuffers(&client);
pFreeCredentialsHandle(client.cred); pFreeCredentialsHandle(&client.cred);
HeapFree(GetProcessHeap(), 0, client.cred);
HeapFree(GetProcessHeap(), 0, client.ctxt);
} }
/**********************************************************************/ /**********************************************************************/
...@@ -833,7 +821,7 @@ static void testAuth(ULONG data_rep, BOOL fake) ...@@ -833,7 +821,7 @@ static void testAuth(ULONG data_rep, BOOL fake)
{ {
skip("Error: Setting up the client returned %s, exiting test!\n", skip("Error: Setting up the client returned %s, exiting test!\n",
getSecError(sec_status)); getSecError(sec_status));
pFreeCredentialsHandle(client.cred); pFreeCredentialsHandle(&client.cred);
return; return;
} }
...@@ -846,8 +834,8 @@ static void testAuth(ULONG data_rep, BOOL fake) ...@@ -846,8 +834,8 @@ static void testAuth(ULONG data_rep, BOOL fake)
{ {
skip("Error: Setting up the server returned %s, exiting test!\n", skip("Error: Setting up the server returned %s, exiting test!\n",
getSecError(sec_status)); getSecError(sec_status));
pFreeCredentialsHandle(server.cred); pFreeCredentialsHandle(&server.cred);
pFreeCredentialsHandle(client.cred); pFreeCredentialsHandle(&client.cred);
return; return;
} }
...@@ -882,7 +870,7 @@ static void testAuth(ULONG data_rep, BOOL fake) ...@@ -882,7 +870,7 @@ static void testAuth(ULONG data_rep, BOOL fake)
goto tAuthend; goto tAuthend;
} }
sec_status = pQueryContextAttributesA(client.ctxt, sec_status = pQueryContextAttributesA(&client.ctxt,
SECPKG_ATTR_SIZES, &ctxt_sizes); SECPKG_ATTR_SIZES, &ctxt_sizes);
ok(sec_status == SEC_E_OK, ok(sec_status == SEC_E_OK,
...@@ -907,30 +895,25 @@ tAuthend: ...@@ -907,30 +895,25 @@ tAuthend:
if(!fake) if(!fake)
{ {
sec_status = pDeleteSecurityContext(server.ctxt); sec_status = pDeleteSecurityContext(&server.ctxt);
ok(sec_status == SEC_E_OK, "DeleteSecurityContext(server) returned %s\n", ok(sec_status == SEC_E_OK, "DeleteSecurityContext(server) returned %s\n",
getSecError(sec_status)); getSecError(sec_status));
} }
sec_status = pDeleteSecurityContext(client.ctxt); sec_status = pDeleteSecurityContext(&client.ctxt);
ok(sec_status == SEC_E_OK, "DeleteSecurityContext(client) returned %s\n", ok(sec_status == SEC_E_OK, "DeleteSecurityContext(client) returned %s\n",
getSecError(sec_status)); getSecError(sec_status));
if(!fake) if(!fake)
{ {
sec_status = pFreeCredentialsHandle(server.cred); sec_status = pFreeCredentialsHandle(&server.cred);
ok(sec_status == SEC_E_OK, "FreeCredentialsHandle(server) returned %s\n", ok(sec_status == SEC_E_OK, "FreeCredentialsHandle(server) returned %s\n",
getSecError(sec_status)); getSecError(sec_status));
} }
sec_status = pFreeCredentialsHandle(client.cred); sec_status = pFreeCredentialsHandle(&client.cred);
ok(sec_status == SEC_E_OK, "FreeCredentialsHandle(client) returned %s\n", ok(sec_status == SEC_E_OK, "FreeCredentialsHandle(client) returned %s\n",
getSecError(sec_status)); getSecError(sec_status));
HeapFree(GetProcessHeap(), 0, client.cred);
HeapFree(GetProcessHeap(), 0, client.ctxt);
HeapFree(GetProcessHeap(), 0, server.cred);
HeapFree(GetProcessHeap(), 0, server.ctxt);
} }
static void testSignSeal(void) static void testSignSeal(void)
...@@ -980,7 +963,7 @@ static void testSignSeal(void) ...@@ -980,7 +963,7 @@ static void testSignSeal(void)
{ {
skip("Error: Setting up the client returned %s, exiting test!\n", skip("Error: Setting up the client returned %s, exiting test!\n",
getSecError(sec_status)); getSecError(sec_status));
pFreeCredentialsHandle(client.cred); pFreeCredentialsHandle(&client.cred);
return; return;
} }
...@@ -1003,7 +986,7 @@ static void testSignSeal(void) ...@@ -1003,7 +986,7 @@ static void testSignSeal(void)
* Now start with the actual testing * * Now start with the actual testing *
********************************************/ ********************************************/
if(pQueryContextAttributesA(client.ctxt, SECPKG_ATTR_SIZES, if(pQueryContextAttributesA(&client.ctxt, SECPKG_ATTR_SIZES,
&ctxt_sizes) != SEC_E_OK) &ctxt_sizes) != SEC_E_OK)
{ {
skip("Failed to get context sizes, aborting test.\n"); skip("Failed to get context sizes, aborting test.\n");
...@@ -1023,7 +1006,7 @@ static void testSignSeal(void) ...@@ -1023,7 +1006,7 @@ static void testSignSeal(void)
fake_data[1].cbBuffer = lstrlen(message); fake_data[1].cbBuffer = lstrlen(message);
fake_data[1].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[1].cbBuffer); fake_data[1].pvBuffer = HeapAlloc(GetProcessHeap(), 0, fake_data[1].cbBuffer);
sec_status = pMakeSignature(client.ctxt, 0, &crypt, 0); sec_status = pMakeSignature(&client.ctxt, 0, &crypt, 0);
ok(sec_status == SEC_E_INVALID_TOKEN, ok(sec_status == SEC_E_INVALID_TOKEN,
"MakeSignature returned %s, not SEC_E_INVALID_TOKEN.\n", "MakeSignature returned %s, not SEC_E_INVALID_TOKEN.\n",
getSecError(sec_status)); getSecError(sec_status));
...@@ -1043,7 +1026,7 @@ static void testSignSeal(void) ...@@ -1043,7 +1026,7 @@ static void testSignSeal(void)
* we should get the same signature for our data, no matter if * we should get the same signature for our data, no matter if
* it is sent by the client or the server * it is sent by the client or the server
*/ */
sec_status = pMakeSignature(client.ctxt, 0, &crypt, 0); sec_status = pMakeSignature(&client.ctxt, 0, &crypt, 0);
ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
ok(!memcmp(crypt.pBuffers[0].pvBuffer, message_signature, ok(!memcmp(crypt.pBuffers[0].pvBuffer, message_signature,
...@@ -1053,18 +1036,18 @@ static void testSignSeal(void) ...@@ -1053,18 +1036,18 @@ static void testSignSeal(void)
memcpy(data[0].pvBuffer, crypt_trailer_client, data[0].cbBuffer); memcpy(data[0].pvBuffer, crypt_trailer_client, data[0].cbBuffer);
sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop); sec_status = pVerifySignature(&client.ctxt, &crypt, 0, &qop);
ok(sec_status == SEC_E_MESSAGE_ALTERED, ok(sec_status == SEC_E_MESSAGE_ALTERED,
"VerifySignature returned %s, not SEC_E_MESSAGE_ALTERED.\n", "VerifySignature returned %s, not SEC_E_MESSAGE_ALTERED.\n",
getSecError(sec_status)); getSecError(sec_status));
memcpy(data[0].pvBuffer, message_signature, data[0].cbBuffer); memcpy(data[0].pvBuffer, message_signature, data[0].cbBuffer);
sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop); sec_status = pVerifySignature(&client.ctxt, &crypt, 0, &qop);
ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
sec_status = pEncryptMessage(client.ctxt, 0, &crypt, 0); sec_status = pEncryptMessage(&client.ctxt, 0, &crypt, 0);
if (sec_status == SEC_E_UNSUPPORTED_FUNCTION) if (sec_status == SEC_E_UNSUPPORTED_FUNCTION)
{ {
skip("Encrypt message returned SEC_E_UNSUPPORTED_FUNCTION. " skip("Encrypt message returned SEC_E_UNSUPPORTED_FUNCTION. "
...@@ -1108,7 +1091,7 @@ static void testSignSeal(void) ...@@ -1108,7 +1091,7 @@ static void testSignSeal(void)
memcpy(data[0].pvBuffer, crypt_trailer_server, data[0].cbBuffer); memcpy(data[0].pvBuffer, crypt_trailer_server, data[0].cbBuffer);
memcpy(data[1].pvBuffer, crypt_message_server, data[1].cbBuffer); memcpy(data[1].pvBuffer, crypt_message_server, data[1].cbBuffer);
sec_status = pDecryptMessage(client.ctxt, &crypt, 0, &qop); sec_status = pDecryptMessage(&client.ctxt, &crypt, 0, &qop);
ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
...@@ -1139,7 +1122,7 @@ static void testSignSeal(void) ...@@ -1139,7 +1122,7 @@ static void testSignSeal(void)
complex_data[3].pvBuffer = HeapAlloc(GetProcessHeap(), 0, complex_data[3].cbBuffer); complex_data[3].pvBuffer = HeapAlloc(GetProcessHeap(), 0, complex_data[3].cbBuffer);
/* We should get a dummy signature again. */ /* We should get a dummy signature again. */
sec_status = pMakeSignature(client.ctxt, 0, &crypt, 0); sec_status = pMakeSignature(&client.ctxt, 0, &crypt, 0);
ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "MakeSignature returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
ok(!memcmp(crypt.pBuffers[3].pvBuffer, message_signature, ok(!memcmp(crypt.pBuffers[3].pvBuffer, message_signature,
...@@ -1147,11 +1130,11 @@ static void testSignSeal(void) ...@@ -1147,11 +1130,11 @@ static void testSignSeal(void)
/* Being a dummy signature, it will verify right away, as if the server /* Being a dummy signature, it will verify right away, as if the server
* sent it */ * sent it */
sec_status = pVerifySignature(client.ctxt, &crypt, 0, &qop); sec_status = pVerifySignature(&client.ctxt, &crypt, 0, &qop);
ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK\n", ok(sec_status == SEC_E_OK, "VerifySignature returned %s, not SEC_E_OK\n",
getSecError(sec_status)); getSecError(sec_status));
sec_status = pEncryptMessage(client.ctxt, 0, &crypt, 0); sec_status = pEncryptMessage(&client.ctxt, 0, &crypt, 0);
ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "EncryptMessage returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
...@@ -1188,7 +1171,7 @@ static void testSignSeal(void) ...@@ -1188,7 +1171,7 @@ static void testSignSeal(void)
memcpy(complex_data[1].pvBuffer, crypt_message_server2, complex_data[1].cbBuffer); memcpy(complex_data[1].pvBuffer, crypt_message_server2, complex_data[1].cbBuffer);
memcpy(complex_data[3].pvBuffer, crypt_trailer_server2, complex_data[3].cbBuffer); memcpy(complex_data[3].pvBuffer, crypt_trailer_server2, complex_data[3].cbBuffer);
sec_status = pDecryptMessage(client.ctxt, &crypt, 0, &qop); sec_status = pDecryptMessage(&client.ctxt, &crypt, 0, &qop);
ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n", ok(sec_status == SEC_E_OK, "DecryptMessage returned %s, not SEC_E_OK.\n",
getSecError(sec_status)); getSecError(sec_status));
...@@ -1197,8 +1180,8 @@ end: ...@@ -1197,8 +1180,8 @@ end:
cleanupBuffers(&client); cleanupBuffers(&client);
cleanupBuffers(&server); cleanupBuffers(&server);
pDeleteSecurityContext(client.ctxt); pDeleteSecurityContext(&client.ctxt);
pFreeCredentialsHandle(client.cred); pFreeCredentialsHandle(&client.cred);
HeapFree(GetProcessHeap(), 0, fake_data[0].pvBuffer); HeapFree(GetProcessHeap(), 0, fake_data[0].pvBuffer);
HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer); HeapFree(GetProcessHeap(), 0, fake_data[1].pvBuffer);
...@@ -1206,8 +1189,6 @@ end: ...@@ -1206,8 +1189,6 @@ end:
HeapFree(GetProcessHeap(), 0, data[1].pvBuffer); HeapFree(GetProcessHeap(), 0, data[1].pvBuffer);
HeapFree(GetProcessHeap(), 0, complex_data[1].pvBuffer); HeapFree(GetProcessHeap(), 0, complex_data[1].pvBuffer);
HeapFree(GetProcessHeap(), 0, complex_data[3].pvBuffer); HeapFree(GetProcessHeap(), 0, complex_data[3].pvBuffer);
HeapFree(GetProcessHeap(), 0, server.cred);
HeapFree(GetProcessHeap(), 0, server.ctxt);
} }
static void testAcquireCredentialsHandle(void) static void testAcquireCredentialsHandle(void)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment