aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2014-10-25 14:23:40 +0100
committerSteve Holme <steve_holme@hotmail.com>2014-10-25 14:16:06 +0100
commit28ff8babada4095f5b74818e0018a0fbda58686e (patch)
tree107e0d62088f0a617d94887a7988f5d81c91d308 /lib
parentf9f212fb9339dae67360d58224ef264edb1cec15 (diff)
ntlm: Changed handles to be dynamic like other SSPI handles
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
Diffstat (limited to 'lib')
-rw-r--r--lib/curl_ntlm_msgs.c49
-rw-r--r--lib/urldata.h5
2 files changed, 35 insertions, 19 deletions
diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c
index b38670fdf..99df82f87 100644
--- a/lib/curl_ntlm_msgs.c
+++ b/lib/curl_ntlm_msgs.c
@@ -343,10 +343,16 @@ void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm)
{
Curl_safefree(ntlm->input_token);
- if(ntlm->has_handles) {
- s_pSecFn->DeleteSecurityContext(&ntlm->context);
- s_pSecFn->FreeCredentialsHandle(&ntlm->credentials);
- ntlm->has_handles = 0;
+ if(ntlm->context) {
+ s_pSecFn->DeleteSecurityContext(ntlm->context);
+ free(ntlm->context);
+ ntlm->context = NULL;
+ }
+
+ if(ntlm->credentials) {
+ s_pSecFn->FreeCredentialsHandle(ntlm->credentials);
+ free(ntlm->credentials);
+ ntlm->credentials = NULL;
}
ntlm->max_token_length = 0;
@@ -452,15 +458,29 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
/* Use the current Windows user */
ntlm->p_identity = NULL;
- /* Acquire our credientials handle */
+ /* Allocate our credentials handle */
+ ntlm->credentials = malloc(sizeof(CredHandle));
+ if(!ntlm->credentials)
+ return CURLE_OUT_OF_MEMORY;
+
+ memset(ntlm->credentials, 0, sizeof(CredHandle));
+
+ /* Acquire our credentials handle */
status = s_pSecFn->AcquireCredentialsHandle(NULL,
(TCHAR *) TEXT("NTLM"),
SECPKG_CRED_OUTBOUND, NULL,
ntlm->p_identity, NULL, NULL,
- &ntlm->credentials, &tsDummy);
+ ntlm->credentials, &tsDummy);
if(status != SEC_E_OK)
return CURLE_OUT_OF_MEMORY;
+ /* Allocate our new context handle */
+ ntlm->context = malloc(sizeof(CtxtHandle));
+ if(!ntlm->context)
+ return CURLE_OUT_OF_MEMORY;
+
+ memset(ntlm->context, 0, sizeof(CtxtHandle));
+
/* Setup the type-1 "output" security buffer */
type_1_desc.ulVersion = SECBUFFER_VERSION;
type_1_desc.cBuffers = 1;
@@ -470,22 +490,19 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
type_1_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
/* Generate our type-1 message */
- status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials, NULL,
+ status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL,
(TCHAR *) TEXT(""),
0, 0, SECURITY_NETWORK_DREP,
NULL, 0,
- &ntlm->context, &type_1_desc,
+ ntlm->context, &type_1_desc,
&attrs, &tsDummy);
if(status == SEC_I_COMPLETE_AND_CONTINUE ||
status == SEC_I_CONTINUE_NEEDED)
- s_pSecFn->CompleteAuthToken(&ntlm->context, &type_1_desc);
- else if(status != SEC_E_OK) {
- s_pSecFn->FreeCredentialsHandle(&ntlm->credentials);
+ s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
+ else if(status != SEC_E_OK)
return CURLE_RECV_ERROR;
- }
- ntlm->has_handles = 1;
size = type_1_buf.cbBuffer;
#else
@@ -652,12 +669,12 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
type_3_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
/* Generate our type-3 message */
- status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials,
- &ntlm->context,
+ status = s_pSecFn->InitializeSecurityContext(ntlm->credentials,
+ ntlm->context,
(TCHAR *) TEXT(""),
0, 0, SECURITY_NETWORK_DREP,
&type_2_desc,
- 0, &ntlm->context,
+ 0, ntlm->context,
&type_3_desc,
&attrs, &tsDummy);
if(status != SEC_E_OK) {
diff --git a/lib/urldata.h b/lib/urldata.h
index 5d1366737..4146b8b72 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -435,13 +435,12 @@ struct kerberos5data {
struct ntlmdata {
curlntlm state;
#ifdef USE_WINDOWS_SSPI
- CredHandle credentials;
- CtxtHandle context;
+ CredHandle *credentials;
+ CtxtHandle *context;
SEC_WINNT_AUTH_IDENTITY identity;
SEC_WINNT_AUTH_IDENTITY *p_identity;
size_t max_token_length;
BYTE *output_token;
- int has_handles;
BYTE *input_token;
size_t input_token_len;
#else