ntlm: Changed handles to be dynamic like other SSPI handles

author Steve Holme <steve_holme@hotmail.com>

Sat, 25 Oct 2014 13:23:40 +0000 (14:23 +0100)

committer Steve Holme <steve_holme@hotmail.com>

Sat, 25 Oct 2014 13:16:06 +0000 (14:16 +0100)
author Steve Holme <steve_holme@hotmail.com>
Sat, 25 Oct 2014 13:23:40 +0000 (14:23 +0100)
committer Steve Holme <steve_holme@hotmail.com>
Sat, 25 Oct 2014 13:16:06 +0000 (14:16 +0100)
diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c

index b38670fdf68256d139d4c138e3d72492c352c0e4..99df82f87a01aead79104038247f1293e3477123 100644 (file)
--- a/lib/curl_ntlm_msgs.c
+++ b/lib/curl_ntlm_msgs.c
@@ -343,10 +343,16 @@ void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm)
  {
    Curl_safefree(ntlm->input_token);
  
-  if(ntlm->has_handles) {
-    s_pSecFn->DeleteSecurityContext(&ntlm->context);
-    s_pSecFn->FreeCredentialsHandle(&ntlm->credentials);
-    ntlm->has_handles = 0;
+  if(ntlm->context) {
+    s_pSecFn->DeleteSecurityContext(ntlm->context);
+    free(ntlm->context);
+    ntlm->context = NULL;
+  }
+
+  if(ntlm->credentials) {
+    s_pSecFn->FreeCredentialsHandle(ntlm->credentials);
+    free(ntlm->credentials);
+    ntlm->credentials = NULL;
    }
  
    ntlm->max_token_length = 0;
@@ -452,15 +458,29 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
      /* Use the current Windows user */
      ntlm->p_identity = NULL;
  
-  /* Acquire our credientials handle */
+  /* Allocate our credentials handle */
+  ntlm->credentials = malloc(sizeof(CredHandle));
+  if(!ntlm->credentials)
+    return CURLE_OUT_OF_MEMORY;
+
+  memset(ntlm->credentials, 0, sizeof(CredHandle));
+
+  /* Acquire our credentials handle */
    status = s_pSecFn->AcquireCredentialsHandle(NULL,
                                                (TCHAR *) TEXT("NTLM"),
                                                SECPKG_CRED_OUTBOUND, NULL,
                                                ntlm->p_identity, NULL, NULL,
-                                              &ntlm->credentials, &tsDummy);
+                                              ntlm->credentials, &tsDummy);
    if(status != SEC_E_OK)
      return CURLE_OUT_OF_MEMORY;
  
+  /* Allocate our new context handle */
+  ntlm->context = malloc(sizeof(CtxtHandle));
+  if(!ntlm->context)
+    return CURLE_OUT_OF_MEMORY;
+
+  memset(ntlm->context, 0, sizeof(CtxtHandle));
+
    /* Setup the type-1 "output" security buffer */
    type_1_desc.ulVersion = SECBUFFER_VERSION;
    type_1_desc.cBuffers  = 1;
@@ -470,22 +490,19 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
    type_1_buf.cbBuffer   = curlx_uztoul(ntlm->max_token_length);
  
    /* Generate our type-1 message */
-  status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials, NULL,
+  status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL,
                                                 (TCHAR *) TEXT(""),
                                                 0, 0, SECURITY_NETWORK_DREP,
                                                 NULL, 0,
-                                               &ntlm->context, &type_1_desc,
+                                               ntlm->context, &type_1_desc,
                                                 &attrs, &tsDummy);
  
    if(status == SEC_I_COMPLETE_AND_CONTINUE ||
       status == SEC_I_CONTINUE_NEEDED)
-    s_pSecFn->CompleteAuthToken(&ntlm->context, &type_1_desc);
-  else if(status != SEC_E_OK) {
-    s_pSecFn->FreeCredentialsHandle(&ntlm->credentials);
+    s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
+  else if(status != SEC_E_OK)
      return CURLE_RECV_ERROR;
-  }
  
-  ntlm->has_handles = 1;
    size = type_1_buf.cbBuffer;
  
  #else
@@ -652,12 +669,12 @@ CURLcode Curl_ntlm_create_type3_message(struct SessionHandle *data,
    type_3_buf.cbBuffer   = curlx_uztoul(ntlm->max_token_length);
  
    /* Generate our type-3 message */
-  status = s_pSecFn->InitializeSecurityContext(&ntlm->credentials,
-                                               &ntlm->context,
+  status = s_pSecFn->InitializeSecurityContext(ntlm->credentials,
+                                               ntlm->context,
                                                 (TCHAR *) TEXT(""),
                                                 0, 0, SECURITY_NETWORK_DREP,
                                                 &type_2_desc,
-                                               0, &ntlm->context,
+                                               0, ntlm->context,
                                                 &type_3_desc,
                                                 &attrs, &tsDummy);
    if(status != SEC_E_OK) {
diff --git a/lib/urldata.h b/lib/urldata.h

index 5d1366737f250227d72307c5412bb838127885b3..4146b8b722810cb15305f22312d056dc41490e2f 100644 (file)
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -435,13 +435,12 @@ struct kerberos5data {
  struct ntlmdata {
    curlntlm state;
  #ifdef USE_WINDOWS_SSPI
-  CredHandle credentials;
-  CtxtHandle context;
+  CredHandle *credentials;
+  CtxtHandle *context;
    SEC_WINNT_AUTH_IDENTITY identity;
    SEC_WINNT_AUTH_IDENTITY *p_identity;
    size_t max_token_length;
    BYTE *output_token;
-  int has_handles;
    BYTE *input_token;
    size_t input_token_len;
  #else
author	Steve Holme <steve_holme@hotmail.com>
	Sat, 25 Oct 2014 13:23:40 +0000 (14:23 +0100)
committer	Steve Holme <steve_holme@hotmail.com>
	Sat, 25 Oct 2014 13:16:06 +0000 (14:16 +0100)
lib/curl_ntlm_msgs.c		patch \| blob \| history
lib/urldata.h		patch \| blob \| history