internal static string GenerateKerberosAuthHeader(string host, int traceContext, ref AuthenticationContext authenticationContext, ref string kerberosChallenge) { byte[] inputBuffer = null; byte[] bytes = null; if (kerberosChallenge != null) { ExTraceGlobals.VerboseTracer.TraceDebug <int, string>((long)traceContext, "[KerberosUtilities::GenerateKerberosAuthHeader]: Context {0}; Reusing existing AuthenticationContext to respond to challenge {1}", traceContext, kerberosChallenge); inputBuffer = Encoding.ASCII.GetBytes(kerberosChallenge); } else { if (authenticationContext != null) { authenticationContext.Dispose(); authenticationContext = null; } authenticationContext = new AuthenticationContext(); string text = Constants.SpnPrefixForHttp + host; ExTraceGlobals.VerboseTracer.TraceDebug <int, string>((long)traceContext, "[KerberosUtilities::GenerateKerberosAuthHeader]: Context {0}; SPN {1}", traceContext, text); authenticationContext.InitializeForOutboundNegotiate(AuthenticationMechanism.Kerberos, text, null, null); } SecurityStatus securityStatus = authenticationContext.NegotiateSecurityContext(inputBuffer, out bytes); if (securityStatus != SecurityStatus.OK && securityStatus != SecurityStatus.ContinueNeeded) { ExTraceGlobals.VerboseTracer.TraceError <int, SecurityStatus>((long)traceContext, "[KerberosUtilities::GenerateKerberosAuthHeader]: Context {0}; NegotiateSecurityContext failed with {1}", traceContext, securityStatus); throw new HttpException(500, string.Format("NegotiateSecurityContext failed with for host '{0}' with status '{1}'", host, securityStatus)); } kerberosChallenge = null; string @string = Encoding.ASCII.GetString(bytes); return(Constants.PrefixForKerbAuthBlob + @string); }
private static string GenerateKerberosAuthHeader(string host) { AuthenticationContext authenticationContext = null; string result; try { authenticationContext = new AuthenticationContext(); byte[] inputBuffer = null; byte[] bytes = null; string spn = CommandInvocation.spnPrefixForHttp + host; authenticationContext.InitializeForOutboundNegotiate(AuthenticationMechanism.Kerberos, spn, null, null); SecurityStatus securityStatus = authenticationContext.NegotiateSecurityContext(inputBuffer, out bytes); if (securityStatus != SecurityStatus.OK && securityStatus != SecurityStatus.ContinueNeeded) { result = null; } else { string @string = Encoding.ASCII.GetString(bytes); result = CommandInvocation.prefixForKerbAuthBlob + @string; } } finally { if (authenticationContext != null) { authenticationContext.Dispose(); authenticationContext = null; } } return(result); }
// Token: 0x06000020 RID: 32 RVA: 0x00002DC0 File Offset: 0x00000FC0 internal Stream GetCommandParameterStream(string targetHost, string responseLine, out Exception failureException) { failureException = null; if (this.CommandType == ImapCommandType.Append) { return(this.CommandParameters[2] as Stream); } if (this.CommandType == ImapCommandType.Authenticate) { byte[] inputBuffer = null; MemoryStream result = null; ImapAuthenticationMechanism imapAuthenticationMechanism = (ImapAuthenticationMechanism)this.CommandParameters[0]; string text = (string)this.CommandParameters[1]; SecureString password = (SecureString)this.CommandParameters[2]; AuthenticationContext authenticationContext = (AuthenticationContext)this.CommandParameters[3]; string text2 = null; if (responseLine != null && responseLine.Length > 2) { inputBuffer = Encoding.ASCII.GetBytes(responseLine.Substring(2)); } byte[] buffer = null; ImapAuthenticationMechanism imapAuthenticationMechanism2 = imapAuthenticationMechanism; if (imapAuthenticationMechanism2 != ImapAuthenticationMechanism.Basic) { if (imapAuthenticationMechanism2 == ImapAuthenticationMechanism.Ntlm) { SecurityStatus securityStatus; if (authenticationContext == null) { authenticationContext = new AuthenticationContext(); this.CommandParameters[3] = authenticationContext; string spn = "IMAP/" + targetHost; securityStatus = authenticationContext.InitializeForOutboundNegotiate(AuthenticationMechanism.Ntlm, spn, text, password); if (securityStatus != SecurityStatus.OK) { failureException = new ImapAuthenticationException(targetHost, imapAuthenticationMechanism.ToString(), RetryPolicy.Backoff); return(null); } } securityStatus = authenticationContext.NegotiateSecurityContext(inputBuffer, out buffer); SecurityStatus securityStatus2 = securityStatus; if (securityStatus2 != SecurityStatus.OK && securityStatus2 != SecurityStatus.ContinueNeeded) { failureException = new ImapAuthenticationException(targetHost, imapAuthenticationMechanism.ToString(), RetryPolicy.Backoff); return(null); } result = new MemoryStream(buffer); } else { failureException = new ImapUnsupportedAuthenticationException(targetHost, imapAuthenticationMechanism.ToString(), RetryPolicy.Backoff); } } else { SecurityStatus securityStatus; if (authenticationContext == null) { authenticationContext = new AuthenticationContext(); this.CommandParameters[3] = authenticationContext; Match match = ImapCommand.UserNameWithAuthorizationId.Match(text); if (match != null && match.Success && match.Groups.Count == 3) { text2 = match.Groups[1].Value; text = match.Groups[2].Value; } securityStatus = authenticationContext.InitializeForOutboundNegotiate(AuthenticationMechanism.Plain, null, text, password); if (securityStatus != SecurityStatus.OK) { failureException = new ImapAuthenticationException(targetHost, imapAuthenticationMechanism.ToString(), RetryPolicy.Backoff); return(null); } if (text2 != null) { authenticationContext.AuthorizationIdentity = Encoding.ASCII.GetBytes(text2); } } securityStatus = authenticationContext.NegotiateSecurityContext(inputBuffer, out buffer); SecurityStatus securityStatus3 = securityStatus; if (securityStatus3 != SecurityStatus.OK) { failureException = new ImapAuthenticationException(targetHost, imapAuthenticationMechanism.ToString(), RetryPolicy.Backoff); return(null); } result = new MemoryStream(buffer); } return(result); } return(null); }