mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libwinpr-sspi: fix Schannel TLS handshake

Browse Source
This commit is contained in:
Marc-André Moreau 2013-01-10 12:19:07 -05:00
parent 0fbf846671
commit 59084a09ba
3 changed files with 15 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
winpr/libwinpr/sspi/Schannel/schannel.c
View File

@ -228,13 +228,11 @@ SECURITY_STATUS SEC_ENTRY schannel_InitializeSecurityContextW(PCredHandle phCred
sspi_SecureHandleSetUpperPointer(phNewContext, (void*) SCHANNEL_PACKAGE_NAME);
schannel_openssl_client_init(context->openssl);
status = schannel_openssl_client_process_tokens(context->openssl, pInput, pOutput);
return status;
}
return SEC_E_OK;
status = schannel_openssl_client_process_tokens(context->openssl, pInput, pOutput);
return status;
}
SECURITY_STATUS SEC_ENTRY schannel_InitializeSecurityContextA(PCredHandle phCredential, PCtxtHandle phContext,

26
winpr/libwinpr/sspi/Schannel/schannel_openssl.c
View File

@ -138,7 +138,8 @@ int schannel_openssl_server_init(SCHANNEL_OPENSSL* context)
int status;
long options = 0;
context->ctx = SSL_CTX_new(SSLv23_server_method());
//context->ctx = SSL_CTX_new(SSLv23_server_method());
context->ctx = SSL_CTX_new(TLSv1_server_method());
if (!context->ctx)
{
@ -185,6 +186,12 @@ int schannel_openssl_server_init(SCHANNEL_OPENSSL* context)
SSL_CTX_set_options(context->ctx, options);
if (SSL_CTX_use_RSAPrivateKey_file(context->ctx, "/tmp/localhost.key", SSL_FILETYPE_PEM) <= 0)
{
printf("SSL_CTX_use_RSAPrivateKey_file failed\n");
return -1;
}
context->ssl = SSL_new(context->ctx);
if (!context->ssl)
@ -193,12 +200,6 @@ int schannel_openssl_server_init(SCHANNEL_OPENSSL* context)
return -1;
}
if (SSL_CTX_use_RSAPrivateKey_file(context->ctx, "/tmp/localhost.key", SSL_FILETYPE_PEM) <= 0)
{
printf("SSL_CTX_use_RSAPrivateKey_file failed\n");
return -1;
}
if (SSL_use_certificate_file(context->ssl, "/tmp/localhost.crt", SSL_FILETYPE_PEM) <= 0)
{
printf("SSL_use_certificate_file failed\n");
@ -266,11 +267,6 @@ SECURITY_STATUS schannel_openssl_client_process_tokens(SCHANNEL_OPENSSL* context
status = BIO_read(context->bioWrite, context->ReadBuffer, SCHANNEL_CB_MAX_TOKEN);
if (status >= 0)
{
winpr_HexDump(context->ReadBuffer, status);
}
if (pOutput->cBuffers < 1)
return SEC_E_INVALID_TOKEN;
@ -307,7 +303,6 @@ SECURITY_STATUS schannel_openssl_server_process_tokens(SCHANNEL_OPENSSL* context
if (pBuffer->BufferType != SECBUFFER_TOKEN)
return SEC_E_INVALID_TOKEN;
printf("Server input: %d\n", pBuffer->cbBuffer);
status = BIO_write(context->bioRead, pBuffer->pvBuffer, pBuffer->cbBuffer);
status = SSL_accept(context->ssl);
@ -320,11 +315,6 @@ SECURITY_STATUS schannel_openssl_server_process_tokens(SCHANNEL_OPENSSL* context
status = BIO_read(context->bioWrite, context->ReadBuffer, SCHANNEL_CB_MAX_TOKEN);
if (status >= 0)
{
winpr_HexDump(context->ReadBuffer, status);
}
if (pOutput->cBuffers < 1)
return SEC_E_INVALID_TOKEN;

7
winpr/libwinpr/sspi/test/TestSchannel.c
View File

@ -139,9 +139,6 @@ static void* schannel_test_server_thread(void* arg)
}
extraData = FALSE;
printf("Server Received %d bytes:\n", NumberOfBytesRead);
winpr_HexDump(lpTokenIn, NumberOfBytesRead);
SecBuffer_in[0].BufferType = SECBUFFER_TOKEN;
SecBuffer_in[0].pvBuffer = lpTokenIn;
SecBuffer_in[0].cbBuffer = NumberOfBytesRead;
@ -201,6 +198,8 @@ static void* schannel_test_server_thread(void* arg)
if (status != SEC_E_INCOMPLETE_MESSAGE)
{
pSecBuffer = &SecBufferDesc_out.pBuffers[0];
printf("Server > Client (%d)\n", pSecBuffer->cbBuffer);
winpr_HexDump((BYTE*) pSecBuffer->pvBuffer, pSecBuffer->cbBuffer);
g_ClientWait = TRUE;
@ -443,6 +442,8 @@ int TestSchannel(int argc, char* argv[])
if (status != SEC_E_INCOMPLETE_MESSAGE)
{
pSecBuffer = &SecBufferDesc_out.pBuffers[0];
printf("Client > Server (%d)\n", pSecBuffer->cbBuffer);
winpr_HexDump((BYTE*) pSecBuffer->pvBuffer, pSecBuffer->cbBuffer);
g_ServerWait = TRUE;