private bool Handshake(ServerAsyncEventArgs ie, Server <C> .Connection <C> connection)
{
int num = 0;
ServerAsyncEventArgs serverAsyncEventArgs = null;
SspiContext sspiContext = connection.SspiContext;
SecBufferDescEx secBufferDescEx = sspiContext.SecBufferDesc2[0];
SecBufferDescEx secBufferDescEx2 = sspiContext.SecBufferDesc2[1];
bool result;
try
{
if (sspiContext.Buffer.IsValid && ie != null && !sspiContext.Buffer.CopyTransferredFrom(ie, 0))
{
result = false;
}
else
{
while (true)
{
secBufferDescEx.Buffers[0].BufferType = BufferType.SECBUFFER_TOKEN;
if (sspiContext.Buffer.IsValid)
{
this.SetSecBuffer(ref secBufferDescEx.Buffers[0], sspiContext);
}
else
{
this.SetSecBuffer(ref secBufferDescEx.Buffers[0], ie);
}
secBufferDescEx.Buffers[1].SetBufferEmpty();
if (serverAsyncEventArgs == null)
{
serverAsyncEventArgs = EventArgsManager.Get();
}
serverAsyncEventArgs.AllocateBuffer();
secBufferDescEx2.Buffers[0].BufferType = BufferType.SECBUFFER_TOKEN;
secBufferDescEx2.Buffers[0].Size = serverAsyncEventArgs.Count;
secBufferDescEx2.Buffers[0].Buffer = serverAsyncEventArgs.Buffer;
secBufferDescEx2.Buffers[0].Offset = serverAsyncEventArgs.Offset;
secBufferDescEx2.Buffers[1].SetBufferEmpty();
int contextReq = 98332;
SafeCtxtHandle handle = sspiContext.Handle.IsInvalid ? new SafeCtxtHandle() : sspiContext.Handle;
long num2;
SecurityStatus securityStatus = Sspi.SafeAcceptSecurityContext(ref this.credential, ref sspiContext.Handle, ref secBufferDescEx, contextReq, TargetDataRep.SECURITY_NATIVE_DREP, ref handle, ref secBufferDescEx2, out num, out num2);
if (sspiContext.Handle.IsInvalid)
{
sspiContext.Handle = handle;
}
SecurityStatus securityStatus2 = securityStatus;
if (securityStatus2 == (SecurityStatus)2148074264u)
{
break;
}
if (securityStatus2 != (SecurityStatus)2148074273u)
{
if ((securityStatus == SecurityStatus.SEC_I_CONTINUE_NEEDED || securityStatus == SecurityStatus.SEC_E_OK || (Sspi.Failed(securityStatus) && (num & 32768) != 0)) && secBufferDescEx2.Buffers[0].Size > 0)
{
serverAsyncEventArgs.Count = secBufferDescEx2.Buffers[0].Size;
serverAsyncEventArgs.CopyAddressesFrom(ie);
serverAsyncEventArgs.LocalEndPoint = base.GetLocalEndpoint(ie.RemoteEndPoint.Address);
base.SendAsync(connection, serverAsyncEventArgs);
serverAsyncEventArgs = null;
}
int bufferIndex = secBufferDescEx.GetBufferIndex(BufferType.SECBUFFER_EXTRA, 0);
if (bufferIndex < 0)
{
sspiContext.Buffer.Free();
}
else if (sspiContext.Buffer.IsInvalid)
{
if (!sspiContext.Buffer.CopyTransferredFrom(ie, ie.BytesTransferred - secBufferDescEx.Buffers[bufferIndex].Size))
{
goto Block_21;
}
}
else
{
sspiContext.Buffer.MoveToBegin(sspiContext.Buffer.BytesTransferred - secBufferDescEx.Buffers[bufferIndex].Size, secBufferDescEx.Buffers[bufferIndex].Size);
}
SecurityStatus securityStatus3 = securityStatus;
if (securityStatus3 == SecurityStatus.SEC_E_OK)
{
goto IL_2FF;
}
if (securityStatus3 != SecurityStatus.SEC_I_CONTINUE_NEEDED)
{
goto Block_23;
}
if (bufferIndex < 0)
{
goto Block_25;
}
}
else
{
if (serverAsyncEventArgs.Count >= this.maxTokenSize)
{
goto IL_1DC;
}
serverAsyncEventArgs.Count = this.maxTokenSize;
serverAsyncEventArgs.ReAllocateBuffer(false);
}
}
if (sspiContext.Buffer.IsInvalid && !sspiContext.Buffer.CopyTransferredFrom(ie, 0))
{
result = false;
return(result);
}
result = true;
return(result);
IL_1DC:
result = false;
return(result);
Block_21:
result = false;
return(result);
Block_23:
result = false;
return(result);
IL_2FF:
if (Sspi.SafeQueryContextAttributes(ref sspiContext.Handle, out sspiContext.StreamSizes) != SecurityStatus.SEC_E_OK)
{
result = false;
return(result);
}
sspiContext.Connected = true;
this.OnNewConnection(connection);
result = true;
return(result);
Block_25:
result = true;
}
}
finally
{
if (serverAsyncEventArgs != null)
{
EventArgsManager.Put(ref serverAsyncEventArgs);
}
}
return(result);
}
public ErrorCodes Authentication(SafeCredHandle credHandle, byte[] inToken, out ArraySegment <byte> outToken)
{
idleTime = DateTime.UtcNow.AddMinutes(IdleMinutes);
InitializeThreadStaticVars();
secBufferDesc1.Buffers[0].SetBuffer(BufferType.SECBUFFER_TOKEN, inToken);
secBufferDesc1.Buffers[1].SetBufferEmpty();
secBufferDesc2.Buffers[0].SetBuffer(BufferType.SECBUFFER_TOKEN, bytes1);
secBufferDesc2.Buffers[1].SetBufferEmpty();
var newHandle = (contextHandle.IsInvalid) ? new SafeCtxtHandle() : contextHandle;
var result = Sspi.SafeAcceptSecurityContext(
ref credHandle,
ref contextHandle,
ref secBufferDesc1,
(int)(ContextReq.ASC_REQ_INTEGRITY | ContextReq.ASC_REQ_IDENTIFY |
((scheme == AuthSchemes.Ntlm) ? ContextReq.ASC_REQ_DATAGRAM : ContextReq.ASC_REQ_MUTUAL_AUTH)),
TargetDataRep.SECURITY_NETWORK_DREP,
ref newHandle,
ref secBufferDesc2);
Tracer.WriteInformation("Auth: " + result.ToString());
if (contextHandle.IsInvalid && newHandle.IsInvalid == false)
{
contextHandle = newHandle;
}
if (result == SecurityStatus.SEC_E_OK)
{
outToken = new ArraySegment <byte>();
isAuthenticationComplete = true;
SecPkgContext_Sizes sizes;
if (Sspi.Failed(Sspi.SafeQueryContextAttributes(ref contextHandle, out sizes)))
{
return(ErrorCodes.QueryContextAttributesForSizesFailed);
}
maxSignatureSize = sizes.cbMaxSignature;
if (Sspi.Failed(Sspi.SafeQueryContextAttributes(ref contextHandle, out userName)))
{
return(ErrorCodes.QueryContextAttributesForUsernameFailed);
}
int slash = userName.IndexOf('\\');
if (slash >= 0)
{
userName = userName.Substring(slash + 1);
}
Tracer.WriteInformation("Username: " + userName);
expireTime = DateTime.UtcNow.AddHours(ExpirationHours);
return(ErrorCodes.Ok);
}
else if (result == SecurityStatus.SEC_I_CONTINUE_NEEDED)
{
outToken = new ArraySegment <byte>(bytes1, 0, secBufferDesc2.Buffers[0].Size);
return(ErrorCodes.Continue);
}
else
{
outToken = new ArraySegment <byte>();
return(ErrorCodes.SecurityViolation);
}
}
private unsafe bool Handshake(ServerAsyncEventArgs ie, Connection <C> connection)
{
int contextAttr = 0;
ServerAsyncEventArgs oe = null;
var context = connection.SspiContext;
var input = context.SecBufferDesc2[0];
var output = context.SecBufferDesc2[1];
try
{
if (context.Buffer.IsValid && ie != null)
{
if (context.Buffer.CopyTransferredFrom(ie, 0) == false)
{
return(false);
}
}
for (; ;)
{
// prepare input buffer
//
input.Buffers[0].BufferType = BufferType.SECBUFFER_TOKEN;
if (context.Buffer.IsValid)
{
SetSecBuffer(ref input.Buffers[0], context);
}
else
{
SetSecBuffer(ref input.Buffers[0], ie);
}
input.Buffers[1].SetBufferEmpty();
// prepare output buffer
//
if (oe == null)
{
oe = EventArgsManager.Get();
}
oe.AllocateBuffer();
output.Buffers[0].BufferType = BufferType.SECBUFFER_TOKEN;
output.Buffers[0].Size = oe.Count;
output.Buffers[0].Buffer = oe.Buffer;
output.Buffers[0].Offset = oe.Offset;
output.Buffers[1].SetBufferEmpty();
// prepare some args and call SSPI
//
int contextReq = (int)(ContextReq.ASC_REQ_SEQUENCE_DETECT |
ContextReq.ASC_REQ_REPLAY_DETECT |
ContextReq.ASC_REQ_CONFIDENTIALITY |
ContextReq.ASC_REQ_EXTENDED_ERROR |
ContextReq.ASC_REQ_STREAM);
var newHandle = (context.Handle.IsInvalid) ? new SafeCtxtHandle() : context.Handle;
long timeStamp;
var result = Sspi.SafeAcceptSecurityContext(
ref credential,
ref context.Handle,
ref input,
contextReq,
TargetDataRep.SECURITY_NATIVE_DREP,
ref newHandle,
ref output,
out contextAttr,
out timeStamp);
if (context.Handle.IsInvalid)
{
context.Handle = newHandle;
}
// proccess non-critical errors
//
switch (result)
{
case SecurityStatus.SEC_E_INCOMPLETE_MESSAGE:
if (context.Buffer.IsInvalid)
{
if (context.Buffer.CopyTransferredFrom(ie, 0) == false)
{
return(false);
}
}
return(true);
case SecurityStatus.SEC_E_BUFFER_TOO_SMALL:
if (oe.Count < maxTokenSize)
{
oe.Count = maxTokenSize;
oe.ReAllocateBuffer(false);
continue;
}
return(false);
}
// send response to client
//
if (result == SecurityStatus.SEC_I_CONTINUE_NEEDED || result == SecurityStatus.SEC_E_OK ||
(Sspi.Failed(result) && (contextAttr & (int)ContextAttr.ASC_RET_EXTENDED_ERROR) != 0))
{
if (output.Buffers[0].Size > 0)
{
oe.Count = output.Buffers[0].Size;
oe.CopyAddressesFrom(ie);
oe.LocalEndPoint = GetLocalEndpoint(ie.RemoteEndPoint.Address);
base.SendAsync(connection, oe);
oe = null;
}
}
// move extra data to buffer
//
int extraIndex = input.GetBufferIndex(BufferType.SECBUFFER_EXTRA, 0);
if (extraIndex < 0)
{
context.Buffer.Free();
}
else
{
if (context.Buffer.IsInvalid)
{
if (context.Buffer.CopyTransferredFrom(ie,
ie.BytesTransferred - input.Buffers[extraIndex].Size) == false)
{
return(false);
}
}
else
{
context.Buffer.MoveToBegin(context.Buffer.BytesTransferred - input.Buffers[extraIndex].Size,
input.Buffers[extraIndex].Size);
}
}
// proccess error-codes
//
switch (result)
{
case SecurityStatus.SEC_E_OK:
if (Sspi.SafeQueryContextAttributes(ref context.Handle, out context.StreamSizes)
!= SecurityStatus.SEC_E_OK)
{
return(false);
}
context.Connected = true;
OnNewConnection(connection);
return(true);
case SecurityStatus.SEC_I_CONTINUE_NEEDED:
if (extraIndex >= 0)
{
continue;
}
return(true);
default:
return(false);
}
}
}
finally
{
if (oe != null)
{
EventArgsManager.Put(ref oe);
}
}
}
