예제 #1
0
        /// <summary>
        /// A continuation Windows Security Context.
        /// </summary>
        /// <param name="init">
        /// Initial context that contains a handle to the credentials returned by
        /// AcquireCredentialsHandle. This handle is used to build the security context.
        /// </param>
        /// <param name="continueToken">
        /// Token returned by the remote computer.
        /// </param>
        /// <param name="fContextReq">
        /// Bit flags that indicate requests for the context. Not all packages can support all requirements.
        /// Flags used for this parameter are prefixed with ISC_REQ_, for example, ISC_REQ_DELEGATE.
        /// </param>
        /// <param name="targetDataRep">
        /// </param>
        public WindowsSecurityContext(WindowsSecurityContext init, byte[] continueToken, int fContextReq, int targetDataRep)
        {
            _securityPackage = init._securityPackage;
            Secur32.SecBufferDesc continueTokenBuffer = new Secur32.SecBufferDesc(continueToken);
            _token = new Secur32.SecBufferDesc(Secur32.MAX_TOKEN_SIZE);

            int rc = Secur32.InitializeSecurityContext(
                ref init._credentials,
                ref init._context,
                init._username,
                fContextReq,
                0,
                targetDataRep,
                ref continueTokenBuffer,
                0,
                ref _context,
                ref _token,
                out _contextAttributes,
                out _contextLifetime);

            switch (rc)
            {
            case Secur32.SEC_E_OK:
                break;

            case Secur32.SEC_I_CONTINUE_NEEDED:
                _continue = true;
                break;

            default:
                throw new Win32Exception(rc);
            }
        }
예제 #2
0
        /// <summary>
        /// Acquire an existing Windows security context.
        /// </summary>
        /// <param name="username">Target username for this security context.</param>
        /// <param name="credentials">Credentials handle.</param>
        /// <param name="securityPackage">Security package.</param>
        /// <param name="fContextReq">Bit flags that indicate requests for the context.</param>
        /// <param name="targetDataRep">Target data representation.</param>
        public WindowsSecurityContext(string username, WindowsCredentialsHandle credentials, string securityPackage,
                                      int fContextReq, int targetDataRep)
        {
            _username        = username;
            _credentials     = credentials.Handle;
            _securityPackage = securityPackage;
            _token           = new Secur32.SecBufferDesc(Secur32.MAX_TOKEN_SIZE);
            int rc = Secur32.InitializeSecurityContext(
                ref credentials.Handle,
                IntPtr.Zero,
                username, // service principal name
                fContextReq,
                0,
                targetDataRep,
                IntPtr.Zero,
                0,
                ref _context,
                ref _token,
                out _contextAttributes,
                out _contextLifetime);

            switch (rc)
            {
            case Secur32.SEC_E_OK:
                break;

            case Secur32.SEC_I_CONTINUE_NEEDED:
                _continue = true;
                break;

            default:
                throw new Win32Exception(rc);
            }
        }
        private void Initialize(Secur32.SecHandle credentials, string targetName, int fContextReq, int targetDataRep, Secur32.SecHandle context, Secur32.SecBufferDesc continueTokenBuffer)
        {
            var tokenSize             = Secur32.MAX_TOKEN_SIZE;
            var rc                    = 0;
            var hasContextAndContinue = context != Secur32.SecHandle.Zero && continueTokenBuffer != Secur32.SecBufferDesc.Zero;

            do
            {
                _token.Dispose();
                _token = new Secur32.SecBufferDesc(tokenSize);

                if (hasContextAndContinue)
                {
                    rc = Secur32.InitializeSecurityContext(
                        ref credentials,
                        ref context,
                        targetName,
                        fContextReq,
                        0,
                        targetDataRep,
                        ref continueTokenBuffer,
                        0,
                        ref _context,
                        ref _token,
                        out _contextAttributes,
                        out _contextLifetime);
                }
                else
                {
                    rc = Secur32.InitializeSecurityContext(
                        ref credentials,
                        IntPtr.Zero,
                        targetName,
                        fContextReq,
                        0,
                        targetDataRep,
                        IntPtr.Zero,
                        0,
                        ref _context,
                        ref _token,
                        out _contextAttributes,
                        out _contextLifetime);
                }

                switch (rc)
                {
                case Secur32.SEC_E_INSUFFICIENT_MEMORY:
                    tokenSize += Secur32.MAX_TOKEN_SIZE;
                    break;

                case Secur32.SEC_E_OK:
                    break;

                case Secur32.SEC_I_CONTINUE_NEEDED:
                    _continue = true;
                    break;

                default:
                    throw new Win32Exception(rc);
                }
            } while (rc == Secur32.SEC_E_INSUFFICIENT_MEMORY);
        }