internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule) { GlobalLog.Enter("EnumerateSecurityPackages"); if (SecModule.SecurityPackages==null) { lock (SecModule) { if (SecModule.SecurityPackages==null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = SecModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle); GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x"))); if (errorCode != 0) { throw new Win32Exception(errorCode); } SecurityPackageInfoClass[] securityPackages = new SecurityPackageInfoClass[moduleCount]; if (Logging.On) Logging.PrintInfo(Logging.Web, SR.GetString(SR.net_log_sspi_enumerating_security_packages)); int i; for (i = 0; i < moduleCount; i++) { securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (Logging.On) Logging.PrintInfo(Logging.Web, " " + securityPackages[i].Name); } SecModule.SecurityPackages = securityPackages; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Close(); } } } } } GlobalLog.Leave("EnumerateSecurityPackages"); return SecModule.SecurityPackages; }
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule) { if (NetEventSource.IsEnabled) { NetEventSource.Enter(null); } if (secModule.SecurityPackages == null) { lock (secModule) { if (secModule.SecurityPackages == null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle); if (NetEventSource.IsEnabled) { NetEventSource.Info(null, $"arrayBase: {arrayBaseHandle}"); } if (errorCode != 0) { throw new Win32Exception(errorCode); } var securityPackages = new SecurityPackageInfoClass[moduleCount]; int i; for (i = 0; i < moduleCount; i++) { securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (NetEventSource.IsEnabled) { NetEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name); } } secModule.SecurityPackages = securityPackages; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Dispose(); } } } } } if (NetEventSource.IsEnabled) { NetEventSource.Exit(null); } return(secModule.SecurityPackages); }
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule) { if (GlobalLog.IsEnabled) { GlobalLog.Enter(nameof(EnumerateSecurityPackages)); } if (secModule.SecurityPackages == null) { lock (secModule) { if (secModule.SecurityPackages == null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle); if (GlobalLog.IsEnabled) { GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x"))); } if (errorCode != 0) { throw new Win32Exception(errorCode); } var securityPackages = new SecurityPackageInfoClass[moduleCount]; int i; for (i = 0; i < moduleCount; i++) { securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (SecurityEventSource.Log.IsEnabled()) { SecurityEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name); } } secModule.SecurityPackages = securityPackages; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Dispose(); } } } } } if (GlobalLog.IsEnabled) { GlobalLog.Leave(nameof(EnumerateSecurityPackages)); } return(secModule.SecurityPackages); }
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule) { if (GlobalLog.IsEnabled) { GlobalLog.Enter("EnumerateSecurityPackages"); } if (secModule.SecurityPackages == null) { lock (secModule) { if (secModule.SecurityPackages == null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle); if (GlobalLog.IsEnabled) { GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x"))); } if (errorCode != 0) { throw new Win32Exception(errorCode); } var securityPackages = new SecurityPackageInfoClass[moduleCount]; int i; for (i = 0; i < moduleCount; i++) { securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (SecurityEventSource.Log.IsEnabled()) { SecurityEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name); } } secModule.SecurityPackages = securityPackages; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Dispose(); } } } } } if (GlobalLog.IsEnabled) { GlobalLog.Leave("EnumerateSecurityPackages"); } return secModule.SecurityPackages; }
private void EnumerateSecurityPackages() { GlobalLog.Enter("EnumerateSecurityPackages"); if (securityPackages == null) { lock (this) { if (securityPackages == null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = SafeFreeContextBuffer.EnumeratePackages(out moduleCount, out arrayBaseHandle); GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x"))); if (errorCode != 0) { throw new Win32Exception(errorCode); } SecurityPackageInfoClass[] securityPackagesList = new SecurityPackageInfoClass[moduleCount]; if (Logging.On) { Logging.PrintInfo(Logging.Web, SR.net_log_sspi_enumerating_security_packages); } for (int i = 0; i < moduleCount; i++) { securityPackagesList[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (Logging.On) { Logging.PrintInfo(Logging.Web, " " + securityPackagesList[i].Name); } } securityPackages = securityPackagesList; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Dispose(); } } } } } GlobalLog.Leave("EnumerateSecurityPackages"); }
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule) { if (NetEventSource.IsEnabled) NetEventSource.Enter(null); if (secModule.SecurityPackages == null) { lock (secModule) { if (secModule.SecurityPackages == null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle); if (NetEventSource.IsEnabled) NetEventSource.Info(null, $"arrayBase: {arrayBaseHandle}"); if (errorCode != 0) { throw new Win32Exception(errorCode); } var securityPackages = new SecurityPackageInfoClass[moduleCount]; int i; for (i = 0; i < moduleCount; i++) { securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (NetEventSource.IsEnabled) NetEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name); } secModule.SecurityPackages = securityPackages; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Dispose(); } } } } } if (NetEventSource.IsEnabled) NetEventSource.Exit(null); return secModule.SecurityPackages; }
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule) { GlobalLog.Enter("EnumerateSecurityPackages"); if (SecModule.SecurityPackages == null) { lock (SecModule) { if (SecModule.SecurityPackages == null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = SecModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle); GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x"))); if (errorCode != 0) { throw new Win32Exception(errorCode); } SecurityPackageInfoClass[] securityPackages = new SecurityPackageInfoClass[moduleCount]; if (Logging.On) { Logging.PrintInfo(Logging.Web, SR.GetString(SR.net_log_sspi_enumerating_security_packages)); } int i; for (i = 0; i < moduleCount; i++) { securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (Logging.On) { Logging.PrintInfo(Logging.Web, " " + securityPackages[i].Name); } } SecModule.SecurityPackages = securityPackages; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Close(); } } } } } GlobalLog.Leave("EnumerateSecurityPackages"); return(SecModule.SecurityPackages); }
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule) { if (SecModule.SecurityPackages == null) { lock (SecModule) { if (SecModule.SecurityPackages == null) { int pkgnum = 0; SafeFreeContextBuffer pkgArray = null; try { int error = SecModule.EnumerateSecurityPackages(out pkgnum, out pkgArray); if (error != 0) { throw new Win32Exception(error); } SecurityPackageInfoClass[] classArray = new SecurityPackageInfoClass[pkgnum]; if (Logging.On) { Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_enumerating_security_packages")); } for (int i = 0; i < pkgnum; i++) { classArray[i] = new SecurityPackageInfoClass(pkgArray, i); if (Logging.On) { Logging.PrintInfo(Logging.Web, " " + classArray[i].Name); } } SecModule.SecurityPackages = classArray; } finally { if (pkgArray != null) { pkgArray.Close(); } } } } } return(SecModule.SecurityPackages); }
// private static SecurityPackageInfoClass[] m_SecurityPackages; private static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule) { GlobalLog.Enter("EnumerateSecurityPackages"); int moduleCount = 0; IntPtr arrayBase = IntPtr.Zero; int errorCode = SecModule.EnumerateSecurityPackages( out moduleCount, out arrayBase); GlobalLog.Print("SSPIWrapper::arrayBase: " + ((long)arrayBase).ToString()); if (errorCode != 0) { throw new Win32Exception(errorCode); } SecurityPackageInfoClass[] securityPackages = new SecurityPackageInfoClass[moduleCount]; int i; IntPtr unmanagedPointer = arrayBase; for (i = 0; i < moduleCount; i++) { GlobalLog.Print("SSPIWrapper::unmanagedPointer: " + ((long)unmanagedPointer).ToString()); securityPackages[i] = new SecurityPackageInfoClass(SecModule, unmanagedPointer); unmanagedPointer = IntPtrHelper.Add(unmanagedPointer, SecurityPackageInfo.Size); } SecModule.FreeContextBuffer(arrayBase); GlobalLog.Leave("EnumerateSecurityPackages"); return(securityPackages); }
public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode) { if (NetEventSource.IsEnabled) NetEventSource.Enter(null, contextAttribute); int nativeBlockSize = IntPtr.Size; Type handleType = null; switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES: nativeBlockSize = SecPkgContext_Sizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES: nativeBlockSize = SecPkgContext_StreamSizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO: handleType = typeof(SafeFreeContextBuffer); nativeBlockSize = Marshal.SizeOf<SecPkgContext_NegotiationInfoW>(); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX: nativeBlockSize = Marshal.SizeOf<Interop.SspiCli.SecPkgContext_IssuerListInfoEx>(); handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO: nativeBlockSize = Marshal.SizeOf<SecPkgContext_ConnectionInfo>(); break; default: throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute)); } SafeHandle sspiHandle = null; object attribute = null; try { var nativeBuffer = new byte[nativeBlockSize]; errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle); if (errorCode != 0) { if (NetEventSource.IsEnabled) NetEventSource.Exit(null, $"ERROR = {ErrorDescription(errorCode)}"); return null; } switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES: attribute = new SecPkgContext_Sizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES: attribute = new SecPkgContext_StreamSizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO: attribute = new SecurityPackageInfoClass(sspiHandle, 0); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO: unsafe { fixed (void* ptr = nativeBuffer) { attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), SecPkgContext_NegotiationInfoW.NegotiationStateOffest)); } } break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT: // Fall-through to RemoteCertificate is intentional. case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT: attribute = sspiHandle; sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX: attribute = new Interop.SspiCli.SecPkgContext_IssuerListInfoEx(sspiHandle, nativeBuffer); sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO: attribute = new SecPkgContext_ConnectionInfo(nativeBuffer); break; default: // Will return null. break; } } finally { if (sspiHandle != null) { sspiHandle.Dispose(); } } if (NetEventSource.IsEnabled) NetEventSource.Exit(null, attribute); return attribute; }
public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode) { if (GlobalLog.IsEnabled) { GlobalLog.Enter(nameof(QueryContextAttributes), contextAttribute.ToString()); } int nativeBlockSize = IntPtr.Size; Type handleType = null; switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES: nativeBlockSize = SecPkgContext_Sizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES: nativeBlockSize = SecPkgContext_StreamSizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO: handleType = typeof(SafeFreeContextBuffer); nativeBlockSize = Marshal.SizeOf <SecPkgContext_NegotiationInfoW>(); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX: nativeBlockSize = Marshal.SizeOf <Interop.SspiCli.SecPkgContext_IssuerListInfoEx>(); handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO: nativeBlockSize = Marshal.SizeOf <SecPkgContext_ConnectionInfo>(); break; default: throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute)); } SafeHandle sspiHandle = null; object attribute = null; try { var nativeBuffer = new byte[nativeBlockSize]; errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle); if (errorCode != 0) { if (GlobalLog.IsEnabled) { GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode)); } return(null); } switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES: attribute = new SecPkgContext_Sizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES: attribute = new SecPkgContext_StreamSizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO: attribute = new SecurityPackageInfoClass(sspiHandle, 0); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO: unsafe { fixed(void *ptr = nativeBuffer) { attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), SecPkgContext_NegotiationInfoW.NegotiationStateOffest)); } } break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT: // Fall-through to RemoteCertificate is intentional. case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT: attribute = sspiHandle; sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX: attribute = new Interop.SspiCli.SecPkgContext_IssuerListInfoEx(sspiHandle, nativeBuffer); sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO: attribute = new SecPkgContext_ConnectionInfo(nativeBuffer); break; default: // Will return null. break; } } finally { if (sspiHandle != null) { sspiHandle.Dispose(); } } if (GlobalLog.IsEnabled) { GlobalLog.Leave(nameof(QueryContextAttributes), LoggingHash.ObjectToString(attribute)); } return(attribute); }
public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode) { if (GlobalLog.IsEnabled) { GlobalLog.Enter(nameof(QueryContextAttributes), contextAttribute.ToString()); } int nativeBlockSize = IntPtr.Size; Type handleType = null; switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.Sizes: nativeBlockSize = SecSizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.StreamSizes: nativeBlockSize = StreamSizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.Names: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.PackageInfo: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.NegotiationInfo: handleType = typeof(SafeFreeContextBuffer); nativeBlockSize = Marshal.SizeOf <NegotiationInfo>(); break; case Interop.SspiCli.ContextAttribute.ClientSpecifiedSpn: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.RemoteCertificate: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.LocalCertificate: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.IssuerListInfoEx: nativeBlockSize = Marshal.SizeOf <Interop.SspiCli.IssuerListInfoEx>(); handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.ConnectionInfo: nativeBlockSize = Marshal.SizeOf <SslConnectionInfo>(); break; default: throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute)); } SafeHandle sspiHandle = null; object attribute = null; try { var nativeBuffer = new byte[nativeBlockSize]; errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle); if (errorCode != 0) { if (GlobalLog.IsEnabled) { GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode)); } return(null); } switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.Sizes: attribute = new SecSizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.StreamSizes: attribute = new StreamSizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.Names: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.PackageInfo: attribute = new SecurityPackageInfoClass(sspiHandle, 0); break; case Interop.SspiCli.ContextAttribute.NegotiationInfo: unsafe { fixed(void *ptr = nativeBuffer) { attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), NegotiationInfo.NegotiationStateOffest)); } } break; case Interop.SspiCli.ContextAttribute.ClientSpecifiedSpn: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.LocalCertificate: // Fall-through to RemoteCertificate is intentional. case Interop.SspiCli.ContextAttribute.RemoteCertificate: attribute = sspiHandle; sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.IssuerListInfoEx: attribute = new Interop.SspiCli.IssuerListInfoEx(sspiHandle, nativeBuffer); sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.ConnectionInfo: attribute = new SslConnectionInfo(nativeBuffer); break; default: // Will return null. break; } } finally { if (sspiHandle != null) { sspiHandle.Dispose(); } } if (GlobalLog.IsEnabled) { GlobalLog.Leave(nameof(QueryContextAttributes), LoggingHash.ObjectToString(attribute)); } return(attribute); }
public static object QueryContextAttributes( SSPIInterface SecModule, SecurityContext securityContext, ContextAttribute contextAttribute) { GlobalLog.Enter("QueryContextAttributes#2"); int nativeBlockSize; switch (contextAttribute) { case ContextAttribute.StreamSizes: nativeBlockSize = 20; break; case ContextAttribute.Names: nativeBlockSize = IntPtr.Size; break; case ContextAttribute.PackageInfo: nativeBlockSize = IntPtr.Size; break; case ContextAttribute.RemoteCertificate: nativeBlockSize = IntPtr.Size; break; case ContextAttribute.LocalCertificate: nativeBlockSize = IntPtr.Size; break; case ContextAttribute.IssuerListInfoEx: nativeBlockSize = Marshal.SizeOf(typeof(IssuerListInfoEx)); break; default: nativeBlockSize = IntPtr.Size; GlobalLog.Assert(false, "contextAttribute unexpected value", ""); break; } IntPtr nativeBlock = Marshal.AllocHGlobal((IntPtr)nativeBlockSize); int errorCode = SecModule.QueryContextAttributes( ref securityContext.Handle, (int)contextAttribute, nativeBlock); object attribute = null; if (errorCode == 0) { switch (contextAttribute) { case ContextAttribute.StreamSizes: attribute = new StreamSizes(nativeBlock); break; case ContextAttribute.Names: IntPtr unmanagedString = Marshal.ReadIntPtr(nativeBlock); if (ComNetOS.IsWin9x) { attribute = Marshal.PtrToStringAnsi(unmanagedString); } else { attribute = Marshal.PtrToStringUni(unmanagedString); } //SecModule.FreeContextBuffer(unmanagedString); break; case ContextAttribute.PackageInfo: IntPtr unmanagedBlock = Marshal.ReadIntPtr(nativeBlock); attribute = new SecurityPackageInfoClass(SecModule, unmanagedBlock); //SecModule.FreeContextBuffer(unmanagedBlock); break; case ContextAttribute.LocalCertificate: goto case ContextAttribute.RemoteCertificate; case ContextAttribute.RemoteCertificate: IntPtr contextHandle = Marshal.ReadIntPtr(nativeBlock); if (contextHandle == ((IntPtr)0)) { Debug.Assert(false, "contextHandle == 0", "QueryContextAttributes: marshalled certificate context is null on success" ); } else { attribute = new CertificateContextHandle(contextHandle); } break; case ContextAttribute.IssuerListInfoEx: IssuerListInfoEx issuerList = new IssuerListInfoEx(); issuerList.issuerArray = Marshal.ReadIntPtr(nativeBlock, 0); issuerList.issuerCount = Marshal.ReadInt32(nativeBlock, 4); attribute = issuerList; break; default: // will return null break; } } else { //Win32Exception win32Exception = new Win32Exception(errorCode); //Console.WriteLine(win32Exception.Message); } Marshal.FreeHGlobal(nativeBlock); GlobalLog.Leave("QueryContextAttributes#2"); return(attribute); }
// // for Digest, the server will send us the blob immediately, so we need to make sure we // call InitializeSecurityContext() a first time with a null input buffer, otherwise // the next call will fail. do so here: // WDigest.dll requires us to pass in 3 security buffers here // 1) BufferType: SECBUFFER_TOKEN, Content: server's challenge (incoming) // 2) BufferType: SECBUFFER_PKG_PARAMS, Content: request's HTTP Method // 3) BufferType: SECBUFFER_PKG_PARAMS, Content: the HEntity (this would be the MD5 footprint of the request entity // body, we can pass in NULL as this is not required) // public string GetOutgoingDigestBlob(string incomingBlob, string requestMethod, out bool handshakeComplete) { GlobalLog.Enter("NTAuthentication::GetOutgoingDigestBlob", incomingBlob); // // first time call with null incoming buffer to initialize. // we should get back a 0x90312 and a null outgoingBlob. // byte[] decodedOutgoingBlob = GetOutgoingBlob(null, out handshakeComplete); GlobalLog.Assert(!handshakeComplete, "NTAuthentication::GetOutgoingDigestBlob() handshakeComplete==true", ""); GlobalLog.Assert(decodedOutgoingBlob == null, "NTAuthentication::GetOutgoingDigestBlob() decodedOutgoingBlob!=null", ""); // // second time call with 3 incoming buffers to select HTTP client. // we should get back a SecurityStatus.OK and a non null outgoingBlob. // byte[] decodedIncomingBlob = Encoding.Default.GetBytes(incomingBlob); byte[] decodedRequestMethod = Encoding.Default.GetBytes(requestMethod); int requestedFlags = (int)ContextFlags.Delegate | (int)ContextFlags.MutualAuth | (int)ContextFlags.ReplayDetect | (int)ContextFlags.SequenceDetect | // (int)ContextFlags.Confidentiality | // this would only work if the server provided a qop="auth-conf" directive // (int)ContextFlags.ClientIntegrity | // this would only work if the server provided a qop="auth-int" directive (int)ContextFlags.Connection; SecurityBufferClass[] inSecurityBuffers = new SecurityBufferClass[] { new SecurityBufferClass(decodedIncomingBlob, BufferType.Token), new SecurityBufferClass(decodedRequestMethod, BufferType.Parameters), new SecurityBufferClass(null, BufferType.Parameters), }; SecurityBufferClass[] outSecurityBuffers = new SecurityBufferClass[] { new SecurityBufferClass(m_TokenSize, BufferType.Token), }; SecurityContext newSecurityContext = new SecurityContext(GlobalSSPI.SSPIAuth); // // this call is still returning an error. fix together with Kevin Damour // int status = SSPIWrapper.InitializeSecurityContext( GlobalSSPI.SSPIAuth, m_CredentialsHandle.Handle, m_SecurityContext.Handle, m_RemotePeerId, // this must match the Uri in the HTTP status line for the current request requestedFlags, m_Endianness, inSecurityBuffers, ref newSecurityContext.Handle, outSecurityBuffers, ref m_ContextFlags, ref newSecurityContext.TimeStamp); GlobalLog.Print("NTAuthentication::GetOutgoingDigestBlob() SSPIWrapper.InitializeSecurityContext() returns 0x" + string.Format("{0:x}", status)); int errorCode = status & unchecked ((int)0x80000000); if (errorCode != 0) { throw new Win32Exception(status); } // // the return value from SSPI will tell us correctly if the // handshake is over or not: http://msdn.microsoft.com/library/psdk/secspi/sspiref_67p0.htm // we also have to consider the case in which SSPI formed a new context, in this case we're done as well. // IsCompleted = (status == (int)SecurityStatus.OK) || (m_SecurityContext.Handle != -1 && m_SecurityContext.Handle != newSecurityContext.Handle); if (IsCompleted) { // ... if we're done, clean the handle up or the call to UpdateHandle() might leak it. SSPIWrapper.DeleteSecurityContext(m_SecurityContext.m_SecModule, m_SecurityContext.Handle); } handshakeComplete = IsCompleted; m_Authenticated = m_SecurityContext.Handle != -1; m_SecurityContext.UpdateHandle(newSecurityContext); #if TRAVE if (handshakeComplete) { // // Kevin Damour says: // You should not query the securitycontext until you have actually formed one ( // with a success return form ISC). It is only a partially formed context and // no info is available to user applications (at least for digest). // SecurityPackageInfoClass securityPackageInfo = (SecurityPackageInfoClass)SSPIWrapper.QueryContextAttributes(GlobalSSPI.SSPIAuth, m_SecurityContext, ContextAttribute.PackageInfo); GlobalLog.Print("SecurityPackageInfoClass: using:[" + ((securityPackageInfo == null)?"null":securityPackageInfo.ToString()) + "]"); } #endif // #if TRAVE GlobalLog.Assert(outSecurityBuffers.Length == 1, "NTAuthentication::GetOutgoingDigestBlob() outSecurityBuffers.Length==" + outSecurityBuffers.Length.ToString(), ""); GlobalLog.Print("out token = " + m_TokenSize.ToString() + " size = " + outSecurityBuffers[0].size.ToString()); GlobalLog.Dump(outSecurityBuffers[0].token); GlobalLog.Print("NTAuthentication::GetOutgoingDigestBlob() handshakeComplete:" + handshakeComplete.ToString()); decodedOutgoingBlob = outSecurityBuffers[0].token; string outgoingBlob = null; if (decodedOutgoingBlob != null && decodedOutgoingBlob.Length > 0) { // CONSIDER V.NEXT // review Encoding.Default.GetString usage here because it might // end up creating non ANSI characters in the string outgoingBlob = Encoding.Default.GetString(decodedOutgoingBlob, 0, outSecurityBuffers[0].size); } GlobalLog.Leave("NTAuthentication::GetOutgoingDigestBlob", outgoingBlob); return(outgoingBlob); }
// // NTAuth::GetOutgoingBlob() // Created: 12-01-1999: L.M. // Description: // Accepts an incoming binary security blob and returns // an outgoing binary security blob // private byte[] GetOutgoingBlob(byte[] incomingBlob, out bool handshakeComplete) { GlobalLog.Enter("NTAuthentication::GetOutgoingBlob", ((incomingBlob == null) ? "0" : incomingBlob.Length.ToString()) + " bytes"); // default to true in case of failure handshakeComplete = true; if (m_SecurityContext.Handle != -1 && incomingBlob == null) { // we tried auth previously, now we got a null blob, we're done. this happens // with Kerberos & valid credentials on the domain but no ACLs on the resource // the handle for m_SecurityContext will be collected at GC time. GlobalLog.Print("NTAuthentication#" + ValidationHelper.HashString(this) + "::GetOutgoingBlob() null blob AND m_SecurityContext#" + ValidationHelper.HashString(m_SecurityContext) + "::Handle:[0x" + m_SecurityContext.Handle.ToString("x8") + "]"); m_SecurityContext.Close(); IsCompleted = true; return(null); } int requestedFlags = (int)ContextFlags.Delegate | (int)ContextFlags.MutualAuth | (int)ContextFlags.ReplayDetect | (int)ContextFlags.SequenceDetect | (int)ContextFlags.Confidentiality | (int)ContextFlags.Connection; SecurityBufferClass inSecurityBuffer = null; if (incomingBlob != null) { GlobalLog.Print("in blob = "); GlobalLog.Dump(incomingBlob); inSecurityBuffer = new SecurityBufferClass(incomingBlob, BufferType.Token); } SecurityBufferClass outSecurityBuffer = new SecurityBufferClass(m_TokenSize, BufferType.Token); int status; #if SERVER_SIDE_SSPI if (m_SecureSessionType == SecureSessionType.ClientSession) { #endif // // client session // requestedFlags |= (int)ContextFlags.ClientIntegrity; status = SSPIWrapper.InitializeSecurityContext( GlobalSSPI.SSPIAuth, m_CredentialsHandle.Handle, m_SecurityContext.Handle, m_RemotePeerId, requestedFlags, m_Endianness, inSecurityBuffer, ref m_SecurityContext.Handle, outSecurityBuffer, ref m_ContextFlags, ref m_SecurityContext.TimeStamp ); GlobalLog.Print("SSPIWrapper.InitializeSecurityContext() returns 0x" + string.Format("{0:x}", status)); #if SERVER_SIDE_SSPI } else { // // server session // requestedFlags |= (int)ContextFlags.ServerIntegrity; status = SSPIWrapper.AcceptSecurityContext( GlobalSSPI.SSPIAuth, m_CredentialsHandle.Handle, m_SecurityContext.Handle, requestedFlags, m_Endianness, inSecurityBuffer, ref m_SecurityContext.Handle, outSecurityBuffer, out m_ContextFlags, out m_SecurityContext.TimeStamp ); GlobalLog.Print("SSPIWrapper.AcceptSecurityContext() returns 0x" + string.Format("{0:x}", status)); } #endif // SERVER_SIDE_SSPI int errorCode = status & unchecked ((int)0x80000000); if (errorCode != 0) { throw new Win32Exception(status); } // // the return value from SSPI will tell us correctly if the // handshake is over or not: http://msdn.microsoft.com/library/psdk/secspi/sspiref_67p0.htm // we also have to consider the case in which SSPI formed a new context, in this case we're done as well. // if (status != (int)SecurityStatus.OK && m_SecurityContext.Handle != -1) { // we need to continue GlobalLog.Print("NTAuthentication#" + ValidationHelper.HashString(this) + "::GetOutgoingBlob() need continue status:[0x" + status.ToString("x8") + "] m_SecurityContext#" + ValidationHelper.HashString(m_SecurityContext) + "::Handle:[0x" + m_SecurityContext.Handle.ToString("x8") + "]"); handshakeComplete = false; } else { // we're done, cleanup GlobalLog.Assert(status == (int)SecurityStatus.OK, "NTAuthentication#" + ValidationHelper.HashString(this) + "::GetOutgoingBlob() status:[0x" + status.ToString("x8") + "] m_SecurityContext#" + ValidationHelper.HashString(m_SecurityContext) + "::Handle:[0x" + m_SecurityContext.Handle.ToString("x8") + "]", "[STATUS != OK]"); m_SecurityContext.Close(); IsCompleted = true; } #if TRAVE if (handshakeComplete) { // // Kevin Damour says: // You should not query the securitycontext until you have actually formed one ( // with a success return form ISC). It is only a partially formed context and // no info is available to user applications (at least for digest). // SecurityPackageInfoClass securityPackageInfo = (SecurityPackageInfoClass)SSPIWrapper.QueryContextAttributes(GlobalSSPI.SSPIAuth, m_SecurityContext, ContextAttribute.PackageInfo); GlobalLog.Print("SecurityPackageInfoClass: using:[" + ((securityPackageInfo == null)?"null":securityPackageInfo.ToString()) + "]"); } #endif // #if TRAVE GlobalLog.Print("out token = " + m_TokenSize.ToString()); GlobalLog.Dump(outSecurityBuffer.token); GlobalLog.Leave("NTAuthentication::GetOutgoingBlob", "handshakeComplete:" + handshakeComplete.ToString()); return(outSecurityBuffer.token); }
private object QueryContextAttributes(SafeDeleteContext securityContext, Interop.Secur32.ContextAttribute contextAttribute, out int errorCode) { GlobalLog.Enter("QueryContextAttributes", contextAttribute.ToString()); int nativeBlockSize = IntPtr.Size; Type handleType = null; switch (contextAttribute) { case Interop.Secur32.ContextAttribute.Sizes: nativeBlockSize = SecSizes.SizeOf; break; case Interop.Secur32.ContextAttribute.StreamSizes: nativeBlockSize = StreamSizes.SizeOf; break; case Interop.Secur32.ContextAttribute.Names: handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.PackageInfo: handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.NegotiationInfo: handleType = typeof(SafeFreeContextBuffer); nativeBlockSize = Marshal.SizeOf <NegotiationInfo>(); break; case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn: handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.RemoteCertificate: handleType = typeof(SafeFreeCertContext); break; case Interop.Secur32.ContextAttribute.LocalCertificate: handleType = typeof(SafeFreeCertContext); break; case Interop.Secur32.ContextAttribute.IssuerListInfoEx: nativeBlockSize = Marshal.SizeOf <Interop.Secur32.IssuerListInfoEx>(); handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.ConnectionInfo: nativeBlockSize = Marshal.SizeOf <SslConnectionInfo>(); break; default: throw new ArgumentException(SR.Format(SR.net_invalid_enum, "ContextAttribute"), "contextAttribute"); } SafeHandle SspiHandle = null; object attribute = null; try { byte[] nativeBuffer = new byte[nativeBlockSize]; errorCode = QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out SspiHandle); if (errorCode != 0) { GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode)); return(null); } switch (contextAttribute) { case Interop.Secur32.ContextAttribute.Sizes: attribute = new SecSizes(nativeBuffer); break; case Interop.Secur32.ContextAttribute.StreamSizes: attribute = new StreamSizes(nativeBuffer); break; case Interop.Secur32.ContextAttribute.Names: attribute = Marshal.PtrToStringUni(SspiHandle.DangerousGetHandle()); break; case Interop.Secur32.ContextAttribute.PackageInfo: attribute = new SecurityPackageInfoClass(SspiHandle, 0); break; case Interop.Secur32.ContextAttribute.NegotiationInfo: unsafe { fixed(void *ptr = nativeBuffer) { attribute = new NegotiationInfoClass(SspiHandle, Marshal.ReadInt32(new IntPtr(ptr), NegotiationInfo.NegotiationStateOffest)); } } break; case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn: attribute = Marshal.PtrToStringUni(SspiHandle.DangerousGetHandle()); break; case Interop.Secur32.ContextAttribute.LocalCertificate: goto case Interop.Secur32.ContextAttribute.RemoteCertificate; case Interop.Secur32.ContextAttribute.RemoteCertificate: attribute = SspiHandle; SspiHandle = null; break; case Interop.Secur32.ContextAttribute.IssuerListInfoEx: attribute = new Interop.Secur32.IssuerListInfoEx(SspiHandle, nativeBuffer); SspiHandle = null; break; case Interop.Secur32.ContextAttribute.ConnectionInfo: attribute = new SslConnectionInfo(nativeBuffer); break; default: // Will return null. break; } } finally { if (SspiHandle != null) { SspiHandle.Dispose(); } } GlobalLog.Leave("QueryContextAttributes", Logging.ObjectToString(attribute)); return(attribute); }
public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.Secur32.ContextAttribute contextAttribute, out int errorCode) { GlobalLog.Enter("QueryContextAttributes", contextAttribute.ToString()); int nativeBlockSize = IntPtr.Size; Type handleType = null; switch (contextAttribute) { case Interop.Secur32.ContextAttribute.Sizes: nativeBlockSize = SecSizes.SizeOf; break; case Interop.Secur32.ContextAttribute.StreamSizes: nativeBlockSize = StreamSizes.SizeOf; break; case Interop.Secur32.ContextAttribute.Names: handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.PackageInfo: handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.NegotiationInfo: handleType = typeof(SafeFreeContextBuffer); nativeBlockSize = Marshal.SizeOf<NegotiationInfo>(); break; case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn: handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.RemoteCertificate: handleType = typeof(SafeFreeCertContext); break; case Interop.Secur32.ContextAttribute.LocalCertificate: handleType = typeof(SafeFreeCertContext); break; case Interop.Secur32.ContextAttribute.IssuerListInfoEx: nativeBlockSize = Marshal.SizeOf<Interop.Secur32.IssuerListInfoEx>(); handleType = typeof(SafeFreeContextBuffer); break; case Interop.Secur32.ContextAttribute.ConnectionInfo: nativeBlockSize = Marshal.SizeOf<SslConnectionInfo>(); break; default: throw new ArgumentException(SR.Format(SR.net_invalid_enum, "ContextAttribute"), "contextAttribute"); } SafeHandle sspiHandle = null; object attribute = null; try { byte[] nativeBuffer = new byte[nativeBlockSize]; errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle); if (errorCode != 0) { GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode)); return null; } switch (contextAttribute) { case Interop.Secur32.ContextAttribute.Sizes: attribute = new SecSizes(nativeBuffer); break; case Interop.Secur32.ContextAttribute.StreamSizes: attribute = new StreamSizes(nativeBuffer); break; case Interop.Secur32.ContextAttribute.Names: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.Secur32.ContextAttribute.PackageInfo: attribute = new SecurityPackageInfoClass(sspiHandle, 0); break; case Interop.Secur32.ContextAttribute.NegotiationInfo: unsafe { fixed (void* ptr = nativeBuffer) { attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), NegotiationInfo.NegotiationStateOffest)); } } break; case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.Secur32.ContextAttribute.LocalCertificate: // Fall-through to RemoteCertificate is intentional. case Interop.Secur32.ContextAttribute.RemoteCertificate: attribute = sspiHandle; sspiHandle = null; break; case Interop.Secur32.ContextAttribute.IssuerListInfoEx: attribute = new Interop.Secur32.IssuerListInfoEx(sspiHandle, nativeBuffer); sspiHandle = null; break; case Interop.Secur32.ContextAttribute.ConnectionInfo: attribute = new SslConnectionInfo(nativeBuffer); break; default: // Will return null. break; } } finally { if (sspiHandle != null) { sspiHandle.Dispose(); } } GlobalLog.Leave("QueryContextAttributes", LoggingHash.ObjectToString(attribute)); return attribute; }
private void EnumerateSecurityPackages() { GlobalLog.Enter("EnumerateSecurityPackages"); if (s_securityPackages == null) { lock (this) { if (s_securityPackages == null) { int moduleCount = 0; SafeFreeContextBuffer arrayBaseHandle = null; try { int errorCode = SafeFreeContextBuffer.EnumeratePackages(out moduleCount, out arrayBaseHandle); GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x"))); if (errorCode != 0) { throw new Win32Exception(errorCode); } SecurityPackageInfoClass[] securityPackagesList = new SecurityPackageInfoClass[moduleCount]; if (Logging.On) { Logging.PrintInfo(Logging.Web, SR.net_log_sspi_enumerating_security_packages); } for (int i = 0; i < moduleCount; i++) { securityPackagesList[i] = new SecurityPackageInfoClass(arrayBaseHandle, i); if (Logging.On) { Logging.PrintInfo(Logging.Web, " " + securityPackagesList[i].Name); } } s_securityPackages = securityPackagesList; } finally { if (arrayBaseHandle != null) { arrayBaseHandle.Dispose(); } } } } } GlobalLog.Leave("EnumerateSecurityPackages"); }
public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode) { if (NetEventSource.IsEnabled) { NetEventSource.Enter(null, contextAttribute); } int nativeBlockSize = IntPtr.Size; Type handleType = null; switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES: nativeBlockSize = SecPkgContext_Sizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES: nativeBlockSize = SecPkgContext_StreamSizes.SizeOf; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO: handleType = typeof(SafeFreeContextBuffer); unsafe { nativeBlockSize = sizeof(SecPkgContext_NegotiationInfoW); } break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET: handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT: handleType = typeof(SafeFreeCertContext); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX: nativeBlockSize = Marshal.SizeOf <Interop.SspiCli.SecPkgContext_IssuerListInfoEx>(); handleType = typeof(SafeFreeContextBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO: nativeBlockSize = Marshal.SizeOf <SecPkgContext_ConnectionInfo>(); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_APPLICATION_PROTOCOL: nativeBlockSize = Marshal.SizeOf <Interop.SecPkgContext_ApplicationProtocol>(); break; default: throw new ArgumentException(System.StringsHelper.Format(Strings.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute)); } SafeHandle sspiHandle = null; object attribute = null; try { var nativeBuffer = new byte[nativeBlockSize]; errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle); if (errorCode != 0) { if (NetEventSource.IsEnabled) { NetEventSource.Exit(null, $"ERROR = {ErrorDescription(errorCode)}"); } return(null); } switch (contextAttribute) { case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES: attribute = new SecPkgContext_Sizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES: attribute = new SecPkgContext_StreamSizes(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO: attribute = new SecurityPackageInfoClass(sspiHandle, 0); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO: unsafe { fixed(void *ptr = &nativeBuffer[0]) { attribute = new NegotiationInfoClass(sspiHandle, (int)((SecPkgContext_NegotiationInfoW *)ptr)->NegotiationState); } } break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET: attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle()); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT: // Fall-through to RemoteCertificate is intentional. case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT: attribute = sspiHandle; sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX: attribute = new Interop.SspiCli.SecPkgContext_IssuerListInfoEx(sspiHandle, nativeBuffer); sspiHandle = null; break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO: attribute = new SecPkgContext_ConnectionInfo(nativeBuffer); break; case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_APPLICATION_PROTOCOL: unsafe { fixed(void *ptr = nativeBuffer) { attribute = Marshal.PtrToStructure <Interop.SecPkgContext_ApplicationProtocol>(new IntPtr(ptr)); } } break; default: // Will return null. break; } } finally { if (sspiHandle != null) { sspiHandle.Dispose(); } } if (NetEventSource.IsEnabled) { NetEventSource.Exit(null, attribute); } return(attribute); }
internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule) { if (SecModule.SecurityPackages == null) { lock (SecModule) { if (SecModule.SecurityPackages == null) { int pkgnum = 0; SafeFreeContextBuffer pkgArray = null; try { int error = SecModule.EnumerateSecurityPackages(out pkgnum, out pkgArray); if (error != 0) { throw new Win32Exception(error); } SecurityPackageInfoClass[] classArray = new SecurityPackageInfoClass[pkgnum]; if (Logging.On) { Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_enumerating_security_packages")); } for (int i = 0; i < pkgnum; i++) { classArray[i] = new SecurityPackageInfoClass(pkgArray, i); if (Logging.On) { Logging.PrintInfo(Logging.Web, " " + classArray[i].Name); } } SecModule.SecurityPackages = classArray; } finally { if (pkgArray != null) { pkgArray.Close(); } } } } } return SecModule.SecurityPackages; }