libwinpr-sspi: fix Schannel TLS handshake

2013-01-10 17:12:27 -05:00 · 2013-01-10 17:12:27 -05:00 · b868af322e
commit b868af322e
parent 03ef822d0c
3 changed files with 61 additions and 20 deletions
--- a/winpr/libwinpr/sspi/Schannel/schannel.c
+++ b/winpr/libwinpr/sspi/Schannel/schannel.c
@ -265,6 +265,7 @@ SECURITY_STATUS SEC_ENTRY schannel_AcceptSecurityContext(PCredHandle phCredentia
 	SCHANNEL_CONTEXT* context;
 	SCHANNEL_CREDENTIALS* credentials;

+	status = SEC_E_OK;
 	context = (SCHANNEL_CONTEXT*) sspi_SecureHandleGetLowerPointer(phContext);

 	if (!context)
@ -282,13 +283,11 @@ SECURITY_STATUS SEC_ENTRY schannel_AcceptSecurityContext(PCredHandle phCredentia
 		sspi_SecureHandleSetUpperPointer(phNewContext, (void*) SCHANNEL_PACKAGE_NAME);

 		schannel_openssl_server_init(context->openssl);
-
-		status = schannel_openssl_server_process_tokens(context->openssl, pInput, pOutput);
-
-		return status;
 	}

-	return SEC_E_OK;
+	status = schannel_openssl_server_process_tokens(context->openssl, pInput, pOutput);
+
+	return status;
 }

 SECURITY_STATUS SEC_ENTRY schannel_DeleteSecurityContext(PCtxtHandle phContext)
@ -340,12 +339,12 @@ SECURITY_STATUS SEC_ENTRY schannel_VerifySignature(PCtxtHandle phContext, PSecBu

 SECURITY_STATUS SEC_ENTRY schannel_EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
 {
-	return SEC_E_OK;
+	return SEC_E_UNSUPPORTED_FUNCTION;
 }

 SECURITY_STATUS SEC_ENTRY schannel_DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, ULONG* pfQOP)
 {
-	return SEC_E_OK;
+	return SEC_E_UNSUPPORTED_FUNCTION;
 }

 const SecurityFunctionTableA SCHANNEL_SecurityFunctionTableA =
--- a/winpr/libwinpr/sspi/Schannel/schannel_openssl.c
+++ b/winpr/libwinpr/sspi/Schannel/schannel_openssl.c
@ -275,13 +275,21 @@ SECURITY_STATUS schannel_openssl_client_process_tokens(SCHANNEL_OPENSSL* context
 		if (pBuffer->BufferType != SECBUFFER_TOKEN)
 			return SEC_E_INVALID_TOKEN;

-		if (pBuffer->cbBuffer < status)
-			return SEC_E_INSUFFICIENT_MEMORY;
+		if (status > 0)
+		{
+			if (pBuffer->cbBuffer < status)
+				return SEC_E_INSUFFICIENT_MEMORY;

-		CopyMemory(pBuffer->pvBuffer, context->ReadBuffer, status);
-		pBuffer->cbBuffer = status;
+			CopyMemory(pBuffer->pvBuffer, context->ReadBuffer, status);
+			pBuffer->cbBuffer = status;

-		return SEC_I_CONTINUE_NEEDED;
+			return SEC_I_CONTINUE_NEEDED;
+		}
+		else
+		{
+			pBuffer->cbBuffer = 0;
+			return SEC_E_OK;
+		}
 	}

 	return SEC_E_OK;
@ -323,13 +331,21 @@ SECURITY_STATUS schannel_openssl_server_process_tokens(SCHANNEL_OPENSSL* context
 		if (pBuffer->BufferType != SECBUFFER_TOKEN)
 			return SEC_E_INVALID_TOKEN;

-		if (pBuffer->cbBuffer < status)
-			return SEC_E_INSUFFICIENT_MEMORY;
+		if (status > 0)
+		{
+			if (pBuffer->cbBuffer < status)
+				return SEC_E_INSUFFICIENT_MEMORY;

-		CopyMemory(pBuffer->pvBuffer, context->ReadBuffer, status);
-		pBuffer->cbBuffer = status;
+			CopyMemory(pBuffer->pvBuffer, context->ReadBuffer, status);
+			pBuffer->cbBuffer = status;

-		return SEC_I_CONTINUE_NEEDED;
+			return SEC_I_CONTINUE_NEEDED;
+		}
+		else
+		{
+			pBuffer->cbBuffer = 0;
+			return SEC_E_OK;
+		}
 	}

 	return SEC_E_OK;
--- a/winpr/libwinpr/sspi/test/TestSchannel.c
+++ b/winpr/libwinpr/sspi/test/TestSchannel.c
@ -79,6 +79,9 @@ int schannel_send(PSecurityFunctionTable table, HANDLE hPipe, PCtxtHandle phCont
 		Message.pBuffers[2].cbBuffer, Message.pBuffers[2].BufferType,
 		Message.pBuffers[3].cbBuffer, Message.pBuffers[3].BufferType);

+	if (status != SEC_E_OK)
+		return -1;
+
 	printf("Client > Server (%d)\n", ioBufferLength);
 	winpr_HexDump(ioBuffer, ioBufferLength);

@ -91,7 +94,7 @@ int schannel_send(PSecurityFunctionTable table, HANDLE hPipe, PCtxtHandle phCont
 	return 0;
 }

-int schannel_recv(PSecurityFunctionTable table, HANDLE hPipe, PCtxtHandle phContext, BYTE* buffer, UINT32 length)
+int schannel_recv(PSecurityFunctionTable table, HANDLE hPipe, PCtxtHandle phContext)
 {
 	BYTE* ioBuffer;
 	UINT32 ioBufferLength;
@ -145,6 +148,9 @@ int schannel_recv(PSecurityFunctionTable table, HANDLE hPipe, PCtxtHandle phCont
 		Message.pBuffers[2].cbBuffer, Message.pBuffers[2].BufferType,
 		Message.pBuffers[3].cbBuffer, Message.pBuffers[3].BufferType);

+	if (status != SEC_E_OK)
+		return -1;
+
 	printf("Decrypted Message (%d)\n", Message.pBuffers[1].cbBuffer);
 	winpr_HexDump((BYTE*) Message.pBuffers[1].pvBuffer, Message.pBuffers[1].cbBuffer);

@ -354,7 +360,8 @@ static void* schannel_test_server_thread(void* arg)

 	do
 	{
-		schannel_recv(table, g_ServerReadPipe, &context, test_DummyMessage, sizeof(test_DummyMessage));
+		if (schannel_recv(table, g_ServerReadPipe, &context) < 0)
+			break;
 	}
 	while(1);

@ -599,7 +606,26 @@ int TestSchannel(int argc, char* argv[])

 	do
 	{
-		schannel_send(table, g_ServerWritePipe, &context, test_DummyMessage, sizeof(test_DummyMessage));
+		if (schannel_send(table, g_ServerWritePipe, &context, test_DummyMessage, sizeof(test_DummyMessage)) < 0)
+			break;
+
+		for (index = 0; index < sizeof(test_DummyMessage); index++)
+		{
+			BYTE b, ln, hn;
+
+			b = test_DummyMessage[index];
+
+			ln = (b & 0x0F);
+			hn = ((b & 0xF0) >> 4);
+
+			ln = (ln + 1) % 0xF;
+			hn = (ln + 1) % 0xF;
+
+			b = (ln | (hn << 4));
+
+			test_DummyMessage[index] = b;
+		}
+
 		Sleep(1000 * 10);
 	}
 	while(1);