private bool GenServerContext(AuthenticationToken token)
{
bool new_context = _new_context;
_new_context = false;
using (DisposableList list = new DisposableList())
{
SecBuffer out_sec_buffer = list.AddResource(new SecBuffer(SecBufferType.Token, 64 * 1024));
SecBufferDesc out_buffer_desc = list.AddResource(new SecBufferDesc(out_sec_buffer));
List <SecBuffer> buffers = new List <SecBuffer>();
buffers.Add(list.AddResource(new SecBuffer(SecBufferType.Token, token.ToArray())));
if (_channel_binding != null)
{
buffers.Add(list.AddResource(SecBuffer.CreateForChannelBinding(_channel_binding)));
}
SecBufferDesc in_buffer_desc = list.AddResource(new SecBufferDesc(buffers.ToArray()));
LargeInteger expiry = new LargeInteger();
SecStatusCode result = SecurityNativeMethods.AcceptSecurityContext(_creds.CredHandle, new_context ? null : _context,
in_buffer_desc, _req_flags, _data_rep, _context, out_buffer_desc, out AcceptContextRetFlags context_attr, expiry).CheckResult();
Flags = context_attr;
Expiry = expiry.QuadPart;
if (result == SecStatusCode.CompleteNeeded || result == SecStatusCode.CompleteAndContinue)
{
SecurityNativeMethods.CompleteAuthToken(_context, out_buffer_desc).CheckResult();
}
Token = AuthenticationToken.Parse(_creds.PackageName, _token_count++, false, out_buffer_desc.ToArray()[0].ToArray());
return(!(result == SecStatusCode.ContinueNeeded || result == SecStatusCode.CompleteAndContinue));
}
}
internal static SecStatusCode AcceptSecurityContext(
CredentialHandle credential,
SecHandle context,
AcceptContextReqFlags req_attributes,
SecDataRep data_rep,
IList <SecurityBuffer> input,
SecHandle new_context,
IList <SecurityBuffer> output,
out AcceptContextRetFlags ret_attributes,
LargeInteger expiry,
bool throw_on_error)
{
using (DisposableList list = new DisposableList())
{
var input_buffers = input?.ToBufferList(list);
var output_buffers = output?.ToBufferList(list);
var in_buffer_desc = input_buffers.ToDesc(list);
var out_buffer_desc = output_buffers.ToDesc(list);
SecStatusCode result = SecurityNativeMethods.AcceptSecurityContext(credential.CredHandle, context,
in_buffer_desc, req_attributes, data_rep, new_context, out_buffer_desc, out ret_attributes, expiry).CheckResult(throw_on_error);
if (!result.IsSuccess())
{
return(result);
}
try
{
if (result == SecStatusCode.SEC_I_COMPLETE_NEEDED || result == SecStatusCode.SEC_I_COMPLETE_AND_CONTINUE)
{
var comp_result = SecurityNativeMethods.CompleteAuthToken(context, out_buffer_desc).CheckResult(throw_on_error);
if (!comp_result.IsSuccess())
{
return(comp_result);
}
}
}
finally
{
if (result.IsSuccess())
{
output?.UpdateBuffers(out_buffer_desc);
}
}
return(result);
}
}
