Exemplo n.º 1
0
 internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule) {
     GlobalLog.Enter("EnumerateSecurityPackages");
     if (SecModule.SecurityPackages==null) {
         lock (SecModule) {
             if (SecModule.SecurityPackages==null) {
                 int moduleCount = 0;
                 SafeFreeContextBuffer arrayBaseHandle = null;
                 try {
                     int errorCode = SecModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
                     GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));
                     if (errorCode != 0) {
                         throw new Win32Exception(errorCode);
                     }
                     SecurityPackageInfoClass[] securityPackages = new SecurityPackageInfoClass[moduleCount];
                     if (Logging.On) Logging.PrintInfo(Logging.Web, SR.GetString(SR.net_log_sspi_enumerating_security_packages));
                     int i;
                     for (i = 0; i < moduleCount; i++) {
                         securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
                         if (Logging.On) Logging.PrintInfo(Logging.Web, "    " + securityPackages[i].Name);
                     }
                     SecModule.SecurityPackages = securityPackages;
                 }
                 finally {
                     if (arrayBaseHandle != null) {
                         arrayBaseHandle.Close();
                     }
                 }
             }
         }
     }
     GlobalLog.Leave("EnumerateSecurityPackages");
     return SecModule.SecurityPackages;
 }
Exemplo n.º 2
0
        internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule)
        {
            if (NetEventSource.IsEnabled)
            {
                NetEventSource.Enter(null);
            }

            if (secModule.SecurityPackages == null)
            {
                lock (secModule)
                {
                    if (secModule.SecurityPackages == null)
                    {
                        int moduleCount = 0;
                        SafeFreeContextBuffer arrayBaseHandle = null;
                        try
                        {
                            int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
                            if (NetEventSource.IsEnabled)
                            {
                                NetEventSource.Info(null, $"arrayBase: {arrayBaseHandle}");
                            }
                            if (errorCode != 0)
                            {
                                throw new Win32Exception(errorCode);
                            }

                            var securityPackages = new SecurityPackageInfoClass[moduleCount];

                            int i;
                            for (i = 0; i < moduleCount; i++)
                            {
                                securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
                                if (NetEventSource.IsEnabled)
                                {
                                    NetEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name);
                                }
                            }

                            secModule.SecurityPackages = securityPackages;
                        }
                        finally
                        {
                            if (arrayBaseHandle != null)
                            {
                                arrayBaseHandle.Dispose();
                            }
                        }
                    }
                }
            }

            if (NetEventSource.IsEnabled)
            {
                NetEventSource.Exit(null);
            }
            return(secModule.SecurityPackages);
        }
Exemplo n.º 3
0
        internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule)
        {
            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Enter(nameof(EnumerateSecurityPackages));
            }

            if (secModule.SecurityPackages == null)
            {
                lock (secModule)
                {
                    if (secModule.SecurityPackages == null)
                    {
                        int moduleCount = 0;
                        SafeFreeContextBuffer arrayBaseHandle = null;
                        try
                        {
                            int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
                            if (GlobalLog.IsEnabled)
                            {
                                GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));
                            }
                            if (errorCode != 0)
                            {
                                throw new Win32Exception(errorCode);
                            }

                            var securityPackages = new SecurityPackageInfoClass[moduleCount];

                            int i;
                            for (i = 0; i < moduleCount; i++)
                            {
                                securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
                                if (SecurityEventSource.Log.IsEnabled())
                                {
                                    SecurityEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name);
                                }
                            }

                            secModule.SecurityPackages = securityPackages;
                        }
                        finally
                        {
                            if (arrayBaseHandle != null)
                            {
                                arrayBaseHandle.Dispose();
                            }
                        }
                    }
                }
            }

            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Leave(nameof(EnumerateSecurityPackages));
            }
            return(secModule.SecurityPackages);
        }
Exemplo n.º 4
0
        internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule)
        {
            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Enter("EnumerateSecurityPackages");
            }

            if (secModule.SecurityPackages == null)
            {
                lock (secModule)
                {
                    if (secModule.SecurityPackages == null)
                    {
                        int moduleCount = 0;
                        SafeFreeContextBuffer arrayBaseHandle = null;
                        try
                        {
                            int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
                            if (GlobalLog.IsEnabled)
                            {
                                GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));
                            }
                            if (errorCode != 0)
                            {
                                throw new Win32Exception(errorCode);
                            }

                            var securityPackages = new SecurityPackageInfoClass[moduleCount];

                            int i;
                            for (i = 0; i < moduleCount; i++)
                            {
                                securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
                                if (SecurityEventSource.Log.IsEnabled())
                                {
                                    SecurityEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name);
                                }
                            }

                            secModule.SecurityPackages = securityPackages;
                        }
                        finally
                        {
                            if (arrayBaseHandle != null)
                            {
                                arrayBaseHandle.Dispose();
                            }
                        }
                    }
                }
            }

            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Leave("EnumerateSecurityPackages");
            }
            return secModule.SecurityPackages;
        }
Exemplo n.º 5
0
        private void EnumerateSecurityPackages()
        {
            GlobalLog.Enter("EnumerateSecurityPackages");
            if (securityPackages == null)
            {
                lock (this)
                {
                    if (securityPackages == null)
                    {
                        int moduleCount = 0;
                        SafeFreeContextBuffer arrayBaseHandle = null;
                        try
                        {
                            int errorCode = SafeFreeContextBuffer.EnumeratePackages(out moduleCount, out arrayBaseHandle);

                            GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));

                            if (errorCode != 0)
                            {
                                throw new Win32Exception(errorCode);
                            }

                            SecurityPackageInfoClass[] securityPackagesList = new SecurityPackageInfoClass[moduleCount];

                            if (Logging.On)
                            {
                                Logging.PrintInfo(Logging.Web, SR.net_log_sspi_enumerating_security_packages);
                            }

                            for (int i = 0; i < moduleCount; i++)
                            {
                                securityPackagesList[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);

                                if (Logging.On)
                                {
                                    Logging.PrintInfo(Logging.Web, "    " + securityPackagesList[i].Name);
                                }
                            }

                            securityPackages = securityPackagesList;
                        }
                        finally
                        {
                            if (arrayBaseHandle != null)
                            {
                                arrayBaseHandle.Dispose();
                            }
                        }
                    }
                }
            }

            GlobalLog.Leave("EnumerateSecurityPackages");
        }
Exemplo n.º 6
0
        internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface secModule)
        {
            if (NetEventSource.IsEnabled) NetEventSource.Enter(null);

            if (secModule.SecurityPackages == null)
            {
                lock (secModule)
                {
                    if (secModule.SecurityPackages == null)
                    {
                        int moduleCount = 0;
                        SafeFreeContextBuffer arrayBaseHandle = null;
                        try
                        {
                            int errorCode = secModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
                            if (NetEventSource.IsEnabled) NetEventSource.Info(null, $"arrayBase: {arrayBaseHandle}");
                            if (errorCode != 0)
                            {
                                throw new Win32Exception(errorCode);
                            }

                            var securityPackages = new SecurityPackageInfoClass[moduleCount];

                            int i;
                            for (i = 0; i < moduleCount; i++)
                            {
                                securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
                                if (NetEventSource.IsEnabled) NetEventSource.Log.EnumerateSecurityPackages(securityPackages[i].Name);
                            }

                            secModule.SecurityPackages = securityPackages;
                        }
                        finally
                        {
                            if (arrayBaseHandle != null)
                            {
                                arrayBaseHandle.Dispose();
                            }
                        }
                    }
                }
            }

            if (NetEventSource.IsEnabled) NetEventSource.Exit(null);
            return secModule.SecurityPackages;
        }
 internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule)
 {
     GlobalLog.Enter("EnumerateSecurityPackages");
     if (SecModule.SecurityPackages == null)
     {
         lock (SecModule) {
             if (SecModule.SecurityPackages == null)
             {
                 int moduleCount = 0;
                 SafeFreeContextBuffer arrayBaseHandle = null;
                 try {
                     int errorCode = SecModule.EnumerateSecurityPackages(out moduleCount, out arrayBaseHandle);
                     GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));
                     if (errorCode != 0)
                     {
                         throw new Win32Exception(errorCode);
                     }
                     SecurityPackageInfoClass[] securityPackages = new SecurityPackageInfoClass[moduleCount];
                     if (Logging.On)
                     {
                         Logging.PrintInfo(Logging.Web, SR.GetString(SR.net_log_sspi_enumerating_security_packages));
                     }
                     int i;
                     for (i = 0; i < moduleCount; i++)
                     {
                         securityPackages[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);
                         if (Logging.On)
                         {
                             Logging.PrintInfo(Logging.Web, "    " + securityPackages[i].Name);
                         }
                     }
                     SecModule.SecurityPackages = securityPackages;
                 }
                 finally {
                     if (arrayBaseHandle != null)
                     {
                         arrayBaseHandle.Close();
                     }
                 }
             }
         }
     }
     GlobalLog.Leave("EnumerateSecurityPackages");
     return(SecModule.SecurityPackages);
 }
 internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule)
 {
     if (SecModule.SecurityPackages == null)
     {
         lock (SecModule)
         {
             if (SecModule.SecurityPackages == null)
             {
                 int pkgnum = 0;
                 SafeFreeContextBuffer pkgArray = null;
                 try
                 {
                     int error = SecModule.EnumerateSecurityPackages(out pkgnum, out pkgArray);
                     if (error != 0)
                     {
                         throw new Win32Exception(error);
                     }
                     SecurityPackageInfoClass[] classArray = new SecurityPackageInfoClass[pkgnum];
                     if (Logging.On)
                     {
                         Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_enumerating_security_packages"));
                     }
                     for (int i = 0; i < pkgnum; i++)
                     {
                         classArray[i] = new SecurityPackageInfoClass(pkgArray, i);
                         if (Logging.On)
                         {
                             Logging.PrintInfo(Logging.Web, "    " + classArray[i].Name);
                         }
                     }
                     SecModule.SecurityPackages = classArray;
                 }
                 finally
                 {
                     if (pkgArray != null)
                     {
                         pkgArray.Close();
                     }
                 }
             }
         }
     }
     return(SecModule.SecurityPackages);
 }
Exemplo n.º 9
0
        // private static SecurityPackageInfoClass[] m_SecurityPackages;

        private static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule)
        {
            GlobalLog.Enter("EnumerateSecurityPackages");

            int    moduleCount = 0;
            IntPtr arrayBase   = IntPtr.Zero;

            int errorCode =
                SecModule.EnumerateSecurityPackages(
                    out moduleCount,
                    out arrayBase);

            GlobalLog.Print("SSPIWrapper::arrayBase: " + ((long)arrayBase).ToString());

            if (errorCode != 0)
            {
                throw new Win32Exception(errorCode);
            }

            SecurityPackageInfoClass[] securityPackages = new SecurityPackageInfoClass[moduleCount];

            int    i;
            IntPtr unmanagedPointer = arrayBase;

            for (i = 0; i < moduleCount; i++)
            {
                GlobalLog.Print("SSPIWrapper::unmanagedPointer: " + ((long)unmanagedPointer).ToString());
                securityPackages[i] = new SecurityPackageInfoClass(SecModule, unmanagedPointer);
                unmanagedPointer    = IntPtrHelper.Add(unmanagedPointer, SecurityPackageInfo.Size);
            }

            SecModule.FreeContextBuffer(arrayBase);

            GlobalLog.Leave("EnumerateSecurityPackages");
            return(securityPackages);
        }
Exemplo n.º 10
0
        public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode)
        {
            if (NetEventSource.IsEnabled) NetEventSource.Enter(null, contextAttribute);

            int nativeBlockSize = IntPtr.Size;
            Type handleType = null;

            switch (contextAttribute)
            {
                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES:
                    nativeBlockSize = SecPkgContext_Sizes.SizeOf;
                    break;
                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES:
                    nativeBlockSize = SecPkgContext_StreamSizes.SizeOf;
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES:
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO:
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO:
                    handleType = typeof(SafeFreeContextBuffer);
                    nativeBlockSize = Marshal.SizeOf<SecPkgContext_NegotiationInfoW>();
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET:
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT:
                    handleType = typeof(SafeFreeCertContext);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT:
                    handleType = typeof(SafeFreeCertContext);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX:
                    nativeBlockSize = Marshal.SizeOf<Interop.SspiCli.SecPkgContext_IssuerListInfoEx>();
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO:
                    nativeBlockSize = Marshal.SizeOf<SecPkgContext_ConnectionInfo>();
                    break;

                default:
                    throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute));
            }

            SafeHandle sspiHandle = null;
            object attribute = null;

            try
            {
                var nativeBuffer = new byte[nativeBlockSize];
                errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle);
                if (errorCode != 0)
                {
                    if (NetEventSource.IsEnabled) NetEventSource.Exit(null, $"ERROR = {ErrorDescription(errorCode)}");
                    return null;
                }

                switch (contextAttribute)
                {
                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES:
                        attribute = new SecPkgContext_Sizes(nativeBuffer);
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES:
                        attribute = new SecPkgContext_StreamSizes(nativeBuffer);
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES:
                        attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO:
                        attribute = new SecurityPackageInfoClass(sspiHandle, 0);
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO:
                        unsafe
                        {
                            fixed (void* ptr = nativeBuffer)
                            {
                                attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), SecPkgContext_NegotiationInfoW.NegotiationStateOffest));
                            }
                        }
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET:
                        attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT:
                    // Fall-through to RemoteCertificate is intentional.
                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT:
                        attribute = sspiHandle;
                        sspiHandle = null;
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX:
                        attribute = new Interop.SspiCli.SecPkgContext_IssuerListInfoEx(sspiHandle, nativeBuffer);
                        sspiHandle = null;
                        break;

                    case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO:
                        attribute = new SecPkgContext_ConnectionInfo(nativeBuffer);
                        break;
                    default:
                        // Will return null.
                        break;
                }
            }
            finally
            {
                if (sspiHandle != null)
                {
                    sspiHandle.Dispose();
                }
            }

            if (NetEventSource.IsEnabled) NetEventSource.Exit(null, attribute);
            return attribute;
        }
Exemplo n.º 11
0
        public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode)
        {
            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Enter(nameof(QueryContextAttributes), contextAttribute.ToString());
            }

            int  nativeBlockSize = IntPtr.Size;
            Type handleType      = null;

            switch (contextAttribute)
            {
            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES:
                nativeBlockSize = SecPkgContext_Sizes.SizeOf;
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES:
                nativeBlockSize = SecPkgContext_StreamSizes.SizeOf;
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO:
                handleType      = typeof(SafeFreeContextBuffer);
                nativeBlockSize = Marshal.SizeOf <SecPkgContext_NegotiationInfoW>();
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX:
                nativeBlockSize = Marshal.SizeOf <Interop.SspiCli.SecPkgContext_IssuerListInfoEx>();
                handleType      = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO:
                nativeBlockSize = Marshal.SizeOf <SecPkgContext_ConnectionInfo>();
                break;

            default:
                throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute));
            }

            SafeHandle sspiHandle = null;
            object     attribute  = null;

            try
            {
                var nativeBuffer = new byte[nativeBlockSize];
                errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle);
                if (errorCode != 0)
                {
                    if (GlobalLog.IsEnabled)
                    {
                        GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode));
                    }
                    return(null);
                }

                switch (contextAttribute)
                {
                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES:
                    attribute = new SecPkgContext_Sizes(nativeBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES:
                    attribute = new SecPkgContext_StreamSizes(nativeBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES:
                    attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO:
                    attribute = new SecurityPackageInfoClass(sspiHandle, 0);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO:
                    unsafe
                    {
                        fixed(void *ptr = nativeBuffer)
                        {
                            attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), SecPkgContext_NegotiationInfoW.NegotiationStateOffest));
                        }
                    }
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET:
                    attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT:
                // Fall-through to RemoteCertificate is intentional.
                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT:
                    attribute  = sspiHandle;
                    sspiHandle = null;
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX:
                    attribute  = new Interop.SspiCli.SecPkgContext_IssuerListInfoEx(sspiHandle, nativeBuffer);
                    sspiHandle = null;
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO:
                    attribute = new SecPkgContext_ConnectionInfo(nativeBuffer);
                    break;

                default:
                    // Will return null.
                    break;
                }
            }
            finally
            {
                if (sspiHandle != null)
                {
                    sspiHandle.Dispose();
                }
            }

            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Leave(nameof(QueryContextAttributes), LoggingHash.ObjectToString(attribute));
            }

            return(attribute);
        }
Exemplo n.º 12
0
        public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode)
        {
            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Enter(nameof(QueryContextAttributes), contextAttribute.ToString());
            }

            int  nativeBlockSize = IntPtr.Size;
            Type handleType      = null;

            switch (contextAttribute)
            {
            case Interop.SspiCli.ContextAttribute.Sizes:
                nativeBlockSize = SecSizes.SizeOf;
                break;

            case Interop.SspiCli.ContextAttribute.StreamSizes:
                nativeBlockSize = StreamSizes.SizeOf;
                break;

            case Interop.SspiCli.ContextAttribute.Names:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.PackageInfo:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.NegotiationInfo:
                handleType      = typeof(SafeFreeContextBuffer);
                nativeBlockSize = Marshal.SizeOf <NegotiationInfo>();
                break;

            case Interop.SspiCli.ContextAttribute.ClientSpecifiedSpn:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.RemoteCertificate:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.SspiCli.ContextAttribute.LocalCertificate:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.SspiCli.ContextAttribute.IssuerListInfoEx:
                nativeBlockSize = Marshal.SizeOf <Interop.SspiCli.IssuerListInfoEx>();
                handleType      = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.ConnectionInfo:
                nativeBlockSize = Marshal.SizeOf <SslConnectionInfo>();
                break;

            default:
                throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute));
            }

            SafeHandle sspiHandle = null;
            object     attribute  = null;

            try
            {
                var nativeBuffer = new byte[nativeBlockSize];
                errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle);
                if (errorCode != 0)
                {
                    if (GlobalLog.IsEnabled)
                    {
                        GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode));
                    }
                    return(null);
                }

                switch (contextAttribute)
                {
                case Interop.SspiCli.ContextAttribute.Sizes:
                    attribute = new SecSizes(nativeBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.StreamSizes:
                    attribute = new StreamSizes(nativeBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.Names:
                    attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                    break;

                case Interop.SspiCli.ContextAttribute.PackageInfo:
                    attribute = new SecurityPackageInfoClass(sspiHandle, 0);
                    break;

                case Interop.SspiCli.ContextAttribute.NegotiationInfo:
                    unsafe
                    {
                        fixed(void *ptr = nativeBuffer)
                        {
                            attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), NegotiationInfo.NegotiationStateOffest));
                        }
                    }
                    break;

                case Interop.SspiCli.ContextAttribute.ClientSpecifiedSpn:
                    attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                    break;

                case Interop.SspiCli.ContextAttribute.LocalCertificate:
                // Fall-through to RemoteCertificate is intentional.
                case Interop.SspiCli.ContextAttribute.RemoteCertificate:
                    attribute  = sspiHandle;
                    sspiHandle = null;
                    break;

                case Interop.SspiCli.ContextAttribute.IssuerListInfoEx:
                    attribute  = new Interop.SspiCli.IssuerListInfoEx(sspiHandle, nativeBuffer);
                    sspiHandle = null;
                    break;

                case Interop.SspiCli.ContextAttribute.ConnectionInfo:
                    attribute = new SslConnectionInfo(nativeBuffer);
                    break;

                default:
                    // Will return null.
                    break;
                }
            }
            finally
            {
                if (sspiHandle != null)
                {
                    sspiHandle.Dispose();
                }
            }

            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Leave(nameof(QueryContextAttributes), LoggingHash.ObjectToString(attribute));
            }

            return(attribute);
        }
Exemplo n.º 13
0
        public static object QueryContextAttributes(
            SSPIInterface SecModule,
            SecurityContext securityContext,
            ContextAttribute contextAttribute)
        {
            GlobalLog.Enter("QueryContextAttributes#2");

            int nativeBlockSize;

            switch (contextAttribute)
            {
            case ContextAttribute.StreamSizes:
                nativeBlockSize = 20;
                break;

            case ContextAttribute.Names:
                nativeBlockSize = IntPtr.Size;
                break;

            case ContextAttribute.PackageInfo:
                nativeBlockSize = IntPtr.Size;
                break;

            case ContextAttribute.RemoteCertificate:
                nativeBlockSize = IntPtr.Size;
                break;

            case ContextAttribute.LocalCertificate:
                nativeBlockSize = IntPtr.Size;
                break;

            case ContextAttribute.IssuerListInfoEx:
                nativeBlockSize = Marshal.SizeOf(typeof(IssuerListInfoEx));
                break;

            default:
                nativeBlockSize = IntPtr.Size;
                GlobalLog.Assert(false,
                                 "contextAttribute unexpected value", "");
                break;
            }

            IntPtr nativeBlock = Marshal.AllocHGlobal((IntPtr)nativeBlockSize);

            int errorCode =
                SecModule.QueryContextAttributes(
                    ref securityContext.Handle,
                    (int)contextAttribute,
                    nativeBlock);

            object attribute = null;

            if (errorCode == 0)
            {
                switch (contextAttribute)
                {
                case ContextAttribute.StreamSizes:
                    attribute = new StreamSizes(nativeBlock);
                    break;

                case ContextAttribute.Names:

                    IntPtr unmanagedString = Marshal.ReadIntPtr(nativeBlock);

                    if (ComNetOS.IsWin9x)
                    {
                        attribute = Marshal.PtrToStringAnsi(unmanagedString);
                    }
                    else
                    {
                        attribute = Marshal.PtrToStringUni(unmanagedString);
                    }
                    //SecModule.FreeContextBuffer(unmanagedString);
                    break;

                case ContextAttribute.PackageInfo:

                    IntPtr unmanagedBlock = Marshal.ReadIntPtr(nativeBlock);

                    attribute = new SecurityPackageInfoClass(SecModule, unmanagedBlock);
                    //SecModule.FreeContextBuffer(unmanagedBlock);

                    break;

                case ContextAttribute.LocalCertificate:
                    goto case ContextAttribute.RemoteCertificate;

                case ContextAttribute.RemoteCertificate:
                    IntPtr contextHandle = Marshal.ReadIntPtr(nativeBlock);
                    if (contextHandle == ((IntPtr)0))
                    {
                        Debug.Assert(false,
                                     "contextHandle == 0",
                                     "QueryContextAttributes: marshalled certificate context is null on success"
                                     );
                    }
                    else
                    {
                        attribute = new CertificateContextHandle(contextHandle);
                    }
                    break;

                case ContextAttribute.IssuerListInfoEx:
                    IssuerListInfoEx issuerList = new IssuerListInfoEx();

                    issuerList.issuerArray = Marshal.ReadIntPtr(nativeBlock, 0);
                    issuerList.issuerCount = Marshal.ReadInt32(nativeBlock, 4);

                    attribute = issuerList;
                    break;

                default:
                    // will return null
                    break;
                }
            }
            else
            {
                //Win32Exception win32Exception = new Win32Exception(errorCode);
                //Console.WriteLine(win32Exception.Message);
            }

            Marshal.FreeHGlobal(nativeBlock);

            GlobalLog.Leave("QueryContextAttributes#2");
            return(attribute);
        }
Exemplo n.º 14
0
        //
        // for Digest, the server will send us the blob immediately, so we need to make sure we
        // call InitializeSecurityContext() a first time with a null input buffer, otherwise
        // the next call will fail. do so here:
        // WDigest.dll requires us to pass in 3 security buffers here
        // 1) BufferType: SECBUFFER_TOKEN, Content: server's challenge (incoming)
        // 2) BufferType: SECBUFFER_PKG_PARAMS, Content: request's HTTP Method
        // 3) BufferType: SECBUFFER_PKG_PARAMS, Content: the HEntity (this would be the MD5 footprint of the request entity
        //                                                             body, we can pass in NULL as this is not required)
        //
        public string GetOutgoingDigestBlob(string incomingBlob, string requestMethod, out bool handshakeComplete)
        {
            GlobalLog.Enter("NTAuthentication::GetOutgoingDigestBlob", incomingBlob);
            //
            // first time call with null incoming buffer to initialize.
            // we should get back a 0x90312 and a null outgoingBlob.
            //
            byte[] decodedOutgoingBlob = GetOutgoingBlob(null, out handshakeComplete);
            GlobalLog.Assert(!handshakeComplete, "NTAuthentication::GetOutgoingDigestBlob() handshakeComplete==true", "");
            GlobalLog.Assert(decodedOutgoingBlob == null, "NTAuthentication::GetOutgoingDigestBlob() decodedOutgoingBlob!=null", "");
            //
            // second time call with 3 incoming buffers to select HTTP client.
            // we should get back a SecurityStatus.OK and a non null outgoingBlob.
            //
            byte[] decodedIncomingBlob  = Encoding.Default.GetBytes(incomingBlob);
            byte[] decodedRequestMethod = Encoding.Default.GetBytes(requestMethod);

            int requestedFlags =
                (int)ContextFlags.Delegate |
                (int)ContextFlags.MutualAuth |
                (int)ContextFlags.ReplayDetect |
                (int)ContextFlags.SequenceDetect |
                // (int)ContextFlags.Confidentiality | // this would only work if the server provided a qop="auth-conf" directive
                // (int)ContextFlags.ClientIntegrity | // this would only work if the server provided a qop="auth-int" directive
                (int)ContextFlags.Connection;

            SecurityBufferClass[] inSecurityBuffers = new SecurityBufferClass[] {
                new SecurityBufferClass(decodedIncomingBlob, BufferType.Token),
                new SecurityBufferClass(decodedRequestMethod, BufferType.Parameters),
                new SecurityBufferClass(null, BufferType.Parameters),
            };

            SecurityBufferClass[] outSecurityBuffers = new SecurityBufferClass[] {
                new SecurityBufferClass(m_TokenSize, BufferType.Token),
            };

            SecurityContext newSecurityContext = new SecurityContext(GlobalSSPI.SSPIAuth);

            //
            // this call is still returning an error. fix together with Kevin Damour
            //
            int status =
                SSPIWrapper.InitializeSecurityContext(
                    GlobalSSPI.SSPIAuth,
                    m_CredentialsHandle.Handle,
                    m_SecurityContext.Handle,
                    m_RemotePeerId, // this must match the Uri in the HTTP status line for the current request
                    requestedFlags,
                    m_Endianness,
                    inSecurityBuffers,
                    ref newSecurityContext.Handle,
                    outSecurityBuffers,
                    ref m_ContextFlags,
                    ref newSecurityContext.TimeStamp);

            GlobalLog.Print("NTAuthentication::GetOutgoingDigestBlob() SSPIWrapper.InitializeSecurityContext() returns 0x" + string.Format("{0:x}", status));

            int errorCode = status & unchecked ((int)0x80000000);

            if (errorCode != 0)
            {
                throw new Win32Exception(status);
            }

            //
            // the return value from SSPI will tell us correctly if the
            // handshake is over or not: http://msdn.microsoft.com/library/psdk/secspi/sspiref_67p0.htm
            // we also have to consider the case in which SSPI formed a new context, in this case we're done as well.
            //
            IsCompleted = (status == (int)SecurityStatus.OK) || (m_SecurityContext.Handle != -1 && m_SecurityContext.Handle != newSecurityContext.Handle);
            if (IsCompleted)
            {
                // ... if we're done, clean the handle up or the call to UpdateHandle() might leak it.
                SSPIWrapper.DeleteSecurityContext(m_SecurityContext.m_SecModule, m_SecurityContext.Handle);
            }
            handshakeComplete = IsCompleted;
            m_Authenticated   = m_SecurityContext.Handle != -1;
            m_SecurityContext.UpdateHandle(newSecurityContext);

#if TRAVE
            if (handshakeComplete)
            {
                //
                // Kevin Damour says:
                // You should not query the securitycontext until you have actually formed one (
                // with a success return form ISC).  It is only a partially formed context and
                // no info is available to user applications (at least for digest).
                //
                SecurityPackageInfoClass securityPackageInfo = (SecurityPackageInfoClass)SSPIWrapper.QueryContextAttributes(GlobalSSPI.SSPIAuth, m_SecurityContext, ContextAttribute.PackageInfo);
                GlobalLog.Print("SecurityPackageInfoClass: using:[" + ((securityPackageInfo == null)?"null":securityPackageInfo.ToString()) + "]");
            }
#endif // #if TRAVE

            GlobalLog.Assert(outSecurityBuffers.Length == 1, "NTAuthentication::GetOutgoingDigestBlob() outSecurityBuffers.Length==" + outSecurityBuffers.Length.ToString(), "");

            GlobalLog.Print("out token = " + m_TokenSize.ToString() + " size = " + outSecurityBuffers[0].size.ToString());
            GlobalLog.Dump(outSecurityBuffers[0].token);

            GlobalLog.Print("NTAuthentication::GetOutgoingDigestBlob() handshakeComplete:" + handshakeComplete.ToString());

            decodedOutgoingBlob = outSecurityBuffers[0].token;

            string outgoingBlob = null;
            if (decodedOutgoingBlob != null && decodedOutgoingBlob.Length > 0)
            {
                // CONSIDER V.NEXT
                // review Encoding.Default.GetString usage here because it might
                // end up creating non ANSI characters in the string
                outgoingBlob = Encoding.Default.GetString(decodedOutgoingBlob, 0, outSecurityBuffers[0].size);
            }

            GlobalLog.Leave("NTAuthentication::GetOutgoingDigestBlob", outgoingBlob);

            return(outgoingBlob);
        }
Exemplo n.º 15
0
        //
        // NTAuth::GetOutgoingBlob()
        // Created:   12-01-1999: L.M.
        // Description:
        // Accepts an incoming binary security blob  and returns
        // an outgoing binary security blob
        //
        private byte[] GetOutgoingBlob(byte[] incomingBlob, out bool handshakeComplete)
        {
            GlobalLog.Enter("NTAuthentication::GetOutgoingBlob", ((incomingBlob == null) ? "0" : incomingBlob.Length.ToString()) + " bytes");

            // default to true in case of failure
            handshakeComplete = true;

            if (m_SecurityContext.Handle != -1 && incomingBlob == null)
            {
                // we tried auth previously, now we got a null blob, we're done. this happens
                // with Kerberos & valid credentials on the domain but no ACLs on the resource
                // the handle for m_SecurityContext will be collected at GC time.
                GlobalLog.Print("NTAuthentication#" + ValidationHelper.HashString(this) + "::GetOutgoingBlob() null blob AND m_SecurityContext#" + ValidationHelper.HashString(m_SecurityContext) + "::Handle:[0x" + m_SecurityContext.Handle.ToString("x8") + "]");
                m_SecurityContext.Close();
                IsCompleted = true;
                return(null);
            }

            int requestedFlags =
                (int)ContextFlags.Delegate |
                (int)ContextFlags.MutualAuth |
                (int)ContextFlags.ReplayDetect |
                (int)ContextFlags.SequenceDetect |
                (int)ContextFlags.Confidentiality |
                (int)ContextFlags.Connection;

            SecurityBufferClass inSecurityBuffer = null;

            if (incomingBlob != null)
            {
                GlobalLog.Print("in blob = ");
                GlobalLog.Dump(incomingBlob);
                inSecurityBuffer = new SecurityBufferClass(incomingBlob, BufferType.Token);
            }

            SecurityBufferClass outSecurityBuffer = new SecurityBufferClass(m_TokenSize, BufferType.Token);

            int status;

#if SERVER_SIDE_SSPI
            if (m_SecureSessionType == SecureSessionType.ClientSession)
            {
#endif
            //
            // client session
            //
            requestedFlags |= (int)ContextFlags.ClientIntegrity;

            status = SSPIWrapper.InitializeSecurityContext(
                GlobalSSPI.SSPIAuth,
                m_CredentialsHandle.Handle,
                m_SecurityContext.Handle,
                m_RemotePeerId,
                requestedFlags,
                m_Endianness,
                inSecurityBuffer,
                ref m_SecurityContext.Handle,
                outSecurityBuffer,
                ref m_ContextFlags,
                ref m_SecurityContext.TimeStamp
                );

            GlobalLog.Print("SSPIWrapper.InitializeSecurityContext() returns 0x" + string.Format("{0:x}", status));
#if SERVER_SIDE_SSPI
        }

        else
        {
            //
            // server session
            //
            requestedFlags |= (int)ContextFlags.ServerIntegrity;

            status = SSPIWrapper.AcceptSecurityContext(
                GlobalSSPI.SSPIAuth,
                m_CredentialsHandle.Handle,
                m_SecurityContext.Handle,
                requestedFlags,
                m_Endianness,
                inSecurityBuffer,
                ref m_SecurityContext.Handle,
                outSecurityBuffer,
                out m_ContextFlags,
                out m_SecurityContext.TimeStamp
                );

            GlobalLog.Print("SSPIWrapper.AcceptSecurityContext() returns 0x" + string.Format("{0:x}", status));
        }
#endif // SERVER_SIDE_SSPI

            int errorCode = status & unchecked ((int)0x80000000);
            if (errorCode != 0)
            {
                throw new Win32Exception(status);
            }

            //
            // the return value from SSPI will tell us correctly if the
            // handshake is over or not: http://msdn.microsoft.com/library/psdk/secspi/sspiref_67p0.htm
            // we also have to consider the case in which SSPI formed a new context, in this case we're done as well.
            //
            if (status != (int)SecurityStatus.OK && m_SecurityContext.Handle != -1)
            {
                // we need to continue
                GlobalLog.Print("NTAuthentication#" + ValidationHelper.HashString(this) + "::GetOutgoingBlob() need continue status:[0x" + status.ToString("x8") + "] m_SecurityContext#" + ValidationHelper.HashString(m_SecurityContext) + "::Handle:[0x" + m_SecurityContext.Handle.ToString("x8") + "]");
                handshakeComplete = false;
            }
            else
            {
                // we're done, cleanup
                GlobalLog.Assert(status == (int)SecurityStatus.OK, "NTAuthentication#" + ValidationHelper.HashString(this) + "::GetOutgoingBlob() status:[0x" + status.ToString("x8") + "] m_SecurityContext#" + ValidationHelper.HashString(m_SecurityContext) + "::Handle:[0x" + m_SecurityContext.Handle.ToString("x8") + "]", "[STATUS != OK]");
                m_SecurityContext.Close();
                IsCompleted = true;
            }

#if TRAVE
            if (handshakeComplete)
            {
                //
                // Kevin Damour says:
                // You should not query the securitycontext until you have actually formed one (
                // with a success return form ISC).  It is only a partially formed context and
                // no info is available to user applications (at least for digest).
                //
                SecurityPackageInfoClass securityPackageInfo = (SecurityPackageInfoClass)SSPIWrapper.QueryContextAttributes(GlobalSSPI.SSPIAuth, m_SecurityContext, ContextAttribute.PackageInfo);
                GlobalLog.Print("SecurityPackageInfoClass: using:[" + ((securityPackageInfo == null)?"null":securityPackageInfo.ToString()) + "]");
            }
#endif // #if TRAVE

            GlobalLog.Print("out token = " + m_TokenSize.ToString());
            GlobalLog.Dump(outSecurityBuffer.token);

            GlobalLog.Leave("NTAuthentication::GetOutgoingBlob", "handshakeComplete:" + handshakeComplete.ToString());

            return(outSecurityBuffer.token);
        }
Exemplo n.º 16
0
        private object QueryContextAttributes(SafeDeleteContext securityContext, Interop.Secur32.ContextAttribute contextAttribute, out int errorCode)
        {
            GlobalLog.Enter("QueryContextAttributes", contextAttribute.ToString());

            int  nativeBlockSize = IntPtr.Size;
            Type handleType      = null;

            switch (contextAttribute)
            {
            case Interop.Secur32.ContextAttribute.Sizes:
                nativeBlockSize = SecSizes.SizeOf;
                break;

            case Interop.Secur32.ContextAttribute.StreamSizes:
                nativeBlockSize = StreamSizes.SizeOf;
                break;

            case Interop.Secur32.ContextAttribute.Names:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.Secur32.ContextAttribute.PackageInfo:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.Secur32.ContextAttribute.NegotiationInfo:
                handleType      = typeof(SafeFreeContextBuffer);
                nativeBlockSize = Marshal.SizeOf <NegotiationInfo>();
                break;

            case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.Secur32.ContextAttribute.RemoteCertificate:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.Secur32.ContextAttribute.LocalCertificate:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.Secur32.ContextAttribute.IssuerListInfoEx:
                nativeBlockSize = Marshal.SizeOf <Interop.Secur32.IssuerListInfoEx>();
                handleType      = typeof(SafeFreeContextBuffer);
                break;

            case Interop.Secur32.ContextAttribute.ConnectionInfo:
                nativeBlockSize = Marshal.SizeOf <SslConnectionInfo>();
                break;

            default:
                throw new ArgumentException(SR.Format(SR.net_invalid_enum, "ContextAttribute"), "contextAttribute");
            }

            SafeHandle SspiHandle = null;
            object     attribute  = null;

            try
            {
                byte[] nativeBuffer = new byte[nativeBlockSize];
                errorCode = QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out SspiHandle);
                if (errorCode != 0)
                {
                    GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode));
                    return(null);
                }

                switch (contextAttribute)
                {
                case Interop.Secur32.ContextAttribute.Sizes:
                    attribute = new SecSizes(nativeBuffer);
                    break;

                case Interop.Secur32.ContextAttribute.StreamSizes:
                    attribute = new StreamSizes(nativeBuffer);
                    break;

                case Interop.Secur32.ContextAttribute.Names:
                    attribute = Marshal.PtrToStringUni(SspiHandle.DangerousGetHandle());
                    break;

                case Interop.Secur32.ContextAttribute.PackageInfo:
                    attribute = new SecurityPackageInfoClass(SspiHandle, 0);
                    break;

                case Interop.Secur32.ContextAttribute.NegotiationInfo:
                    unsafe
                    {
                        fixed(void *ptr = nativeBuffer)
                        {
                            attribute = new NegotiationInfoClass(SspiHandle, Marshal.ReadInt32(new IntPtr(ptr), NegotiationInfo.NegotiationStateOffest));
                        }
                    }
                    break;

                case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn:
                    attribute = Marshal.PtrToStringUni(SspiHandle.DangerousGetHandle());
                    break;

                case Interop.Secur32.ContextAttribute.LocalCertificate:
                    goto case Interop.Secur32.ContextAttribute.RemoteCertificate;

                case Interop.Secur32.ContextAttribute.RemoteCertificate:
                    attribute  = SspiHandle;
                    SspiHandle = null;
                    break;

                case Interop.Secur32.ContextAttribute.IssuerListInfoEx:
                    attribute  = new Interop.Secur32.IssuerListInfoEx(SspiHandle, nativeBuffer);
                    SspiHandle = null;
                    break;

                case Interop.Secur32.ContextAttribute.ConnectionInfo:
                    attribute = new SslConnectionInfo(nativeBuffer);
                    break;

                default:
                    // Will return null.
                    break;
                }
            }
            finally
            {
                if (SspiHandle != null)
                {
                    SspiHandle.Dispose();
                }
            }
            GlobalLog.Leave("QueryContextAttributes", Logging.ObjectToString(attribute));
            return(attribute);
        }
Exemplo n.º 17
0
        public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.Secur32.ContextAttribute contextAttribute, out int errorCode)
        {
            GlobalLog.Enter("QueryContextAttributes", contextAttribute.ToString());

            int nativeBlockSize = IntPtr.Size;
            Type handleType = null;

            switch (contextAttribute)
            {
                case Interop.Secur32.ContextAttribute.Sizes:
                    nativeBlockSize = SecSizes.SizeOf;
                    break;
                case Interop.Secur32.ContextAttribute.StreamSizes:
                    nativeBlockSize = StreamSizes.SizeOf;
                    break;

                case Interop.Secur32.ContextAttribute.Names:
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.Secur32.ContextAttribute.PackageInfo:
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.Secur32.ContextAttribute.NegotiationInfo:
                    handleType = typeof(SafeFreeContextBuffer);
                    nativeBlockSize = Marshal.SizeOf<NegotiationInfo>();
                    break;

                case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn:
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.Secur32.ContextAttribute.RemoteCertificate:
                    handleType = typeof(SafeFreeCertContext);
                    break;

                case Interop.Secur32.ContextAttribute.LocalCertificate:
                    handleType = typeof(SafeFreeCertContext);
                    break;

                case Interop.Secur32.ContextAttribute.IssuerListInfoEx:
                    nativeBlockSize = Marshal.SizeOf<Interop.Secur32.IssuerListInfoEx>();
                    handleType = typeof(SafeFreeContextBuffer);
                    break;

                case Interop.Secur32.ContextAttribute.ConnectionInfo:
                    nativeBlockSize = Marshal.SizeOf<SslConnectionInfo>();
                    break;

                default:
                    throw new ArgumentException(SR.Format(SR.net_invalid_enum, "ContextAttribute"), "contextAttribute");
            }

            SafeHandle sspiHandle = null;
            object attribute = null;

            try
            {
                byte[] nativeBuffer = new byte[nativeBlockSize];
                errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle);
                if (errorCode != 0)
                {
                    GlobalLog.Leave("Win32:QueryContextAttributes", "ERROR = " + ErrorDescription(errorCode));
                    return null;
                }

                switch (contextAttribute)
                {
                    case Interop.Secur32.ContextAttribute.Sizes:
                        attribute = new SecSizes(nativeBuffer);
                        break;

                    case Interop.Secur32.ContextAttribute.StreamSizes:
                        attribute = new StreamSizes(nativeBuffer);
                        break;

                    case Interop.Secur32.ContextAttribute.Names:
                        attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                        break;

                    case Interop.Secur32.ContextAttribute.PackageInfo:
                        attribute = new SecurityPackageInfoClass(sspiHandle, 0);
                        break;

                    case Interop.Secur32.ContextAttribute.NegotiationInfo:
                        unsafe
                        {
                            fixed (void* ptr = nativeBuffer)
                            {
                                attribute = new NegotiationInfoClass(sspiHandle, Marshal.ReadInt32(new IntPtr(ptr), NegotiationInfo.NegotiationStateOffest));
                            }
                        }
                        break;

                    case Interop.Secur32.ContextAttribute.ClientSpecifiedSpn:
                        attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                        break;

                    case Interop.Secur32.ContextAttribute.LocalCertificate:
                        // Fall-through to RemoteCertificate is intentional.
                    case Interop.Secur32.ContextAttribute.RemoteCertificate:
                        attribute = sspiHandle;
                        sspiHandle = null;
                        break;

                    case Interop.Secur32.ContextAttribute.IssuerListInfoEx:
                        attribute = new Interop.Secur32.IssuerListInfoEx(sspiHandle, nativeBuffer);
                        sspiHandle = null;
                        break;

                    case Interop.Secur32.ContextAttribute.ConnectionInfo:
                        attribute = new SslConnectionInfo(nativeBuffer);
                        break;
                    default:
                        // Will return null.
                        break;
                }
            }
            finally
            {
                if (sspiHandle != null)
                {
                    sspiHandle.Dispose();
                }
            }
            GlobalLog.Leave("QueryContextAttributes", LoggingHash.ObjectToString(attribute));
            return attribute;
        }
Exemplo n.º 18
0
        private void EnumerateSecurityPackages()
        {
            GlobalLog.Enter("EnumerateSecurityPackages");
            if (s_securityPackages == null)
            {
                lock (this)
                {
                    if (s_securityPackages == null)
                    {
                        int moduleCount = 0;
                        SafeFreeContextBuffer arrayBaseHandle = null;
                        try
                        {
                            int errorCode = SafeFreeContextBuffer.EnumeratePackages(out moduleCount, out arrayBaseHandle);

                            GlobalLog.Print("SSPIWrapper::arrayBase: " + (arrayBaseHandle.DangerousGetHandle().ToString("x")));

                            if (errorCode != 0)
                            {
                                throw new Win32Exception(errorCode);
                            }

                            SecurityPackageInfoClass[] securityPackagesList = new SecurityPackageInfoClass[moduleCount];

                            if (Logging.On)
                            {
                                Logging.PrintInfo(Logging.Web, SR.net_log_sspi_enumerating_security_packages);
                            }

                            for (int i = 0; i < moduleCount; i++)
                            {
                                securityPackagesList[i] = new SecurityPackageInfoClass(arrayBaseHandle, i);

                                if (Logging.On)
                                {
                                    Logging.PrintInfo(Logging.Web, "    " + securityPackagesList[i].Name);
                                }
                            }

                            s_securityPackages = securityPackagesList;
                        }
                        finally
                        {
                            if (arrayBaseHandle != null)
                            {
                                arrayBaseHandle.Dispose();
                            }
                        }
                    }
                }
            }

            GlobalLog.Leave("EnumerateSecurityPackages");
        }
Exemplo n.º 19
0
        public static object QueryContextAttributes(SSPIInterface secModule, SafeDeleteContext securityContext, Interop.SspiCli.ContextAttribute contextAttribute, out int errorCode)
        {
            if (NetEventSource.IsEnabled)
            {
                NetEventSource.Enter(null, contextAttribute);
            }

            int  nativeBlockSize = IntPtr.Size;
            Type handleType      = null;

            switch (contextAttribute)
            {
            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES:
                nativeBlockSize = SecPkgContext_Sizes.SizeOf;
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES:
                nativeBlockSize = SecPkgContext_StreamSizes.SizeOf;
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO:
                handleType = typeof(SafeFreeContextBuffer);
                unsafe
                {
                    nativeBlockSize = sizeof(SecPkgContext_NegotiationInfoW);
                }
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET:
                handleType = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT:
                handleType = typeof(SafeFreeCertContext);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX:
                nativeBlockSize = Marshal.SizeOf <Interop.SspiCli.SecPkgContext_IssuerListInfoEx>();
                handleType      = typeof(SafeFreeContextBuffer);
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO:
                nativeBlockSize = Marshal.SizeOf <SecPkgContext_ConnectionInfo>();
                break;

            case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_APPLICATION_PROTOCOL:
                nativeBlockSize = Marshal.SizeOf <Interop.SecPkgContext_ApplicationProtocol>();
                break;

            default:
                throw new ArgumentException(System.StringsHelper.Format(Strings.net_invalid_enum, nameof(contextAttribute)), nameof(contextAttribute));
            }

            SafeHandle sspiHandle = null;
            object     attribute  = null;

            try
            {
                var nativeBuffer = new byte[nativeBlockSize];
                errorCode = secModule.QueryContextAttributes(securityContext, contextAttribute, nativeBuffer, handleType, out sspiHandle);
                if (errorCode != 0)
                {
                    if (NetEventSource.IsEnabled)
                    {
                        NetEventSource.Exit(null, $"ERROR = {ErrorDescription(errorCode)}");
                    }
                    return(null);
                }

                switch (contextAttribute)
                {
                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SIZES:
                    attribute = new SecPkgContext_Sizes(nativeBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_STREAM_SIZES:
                    attribute = new SecPkgContext_StreamSizes(nativeBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NAMES:
                    attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_PACKAGE_INFO:
                    attribute = new SecurityPackageInfoClass(sspiHandle, 0);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_NEGOTIATION_INFO:
                    unsafe
                    {
                        fixed(void *ptr = &nativeBuffer[0])
                        {
                            attribute = new NegotiationInfoClass(sspiHandle, (int)((SecPkgContext_NegotiationInfoW *)ptr)->NegotiationState);
                        }
                    }
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CLIENT_SPECIFIED_TARGET:
                    attribute = Marshal.PtrToStringUni(sspiHandle.DangerousGetHandle());
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_LOCAL_CERT_CONTEXT:
                // Fall-through to RemoteCertificate is intentional.
                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_REMOTE_CERT_CONTEXT:
                    attribute  = sspiHandle;
                    sspiHandle = null;
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_ISSUER_LIST_EX:
                    attribute  = new Interop.SspiCli.SecPkgContext_IssuerListInfoEx(sspiHandle, nativeBuffer);
                    sspiHandle = null;
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_CONNECTION_INFO:
                    attribute = new SecPkgContext_ConnectionInfo(nativeBuffer);
                    break;

                case Interop.SspiCli.ContextAttribute.SECPKG_ATTR_APPLICATION_PROTOCOL:
                    unsafe
                    {
                        fixed(void *ptr = nativeBuffer)
                        {
                            attribute = Marshal.PtrToStructure <Interop.SecPkgContext_ApplicationProtocol>(new IntPtr(ptr));
                        }
                    }
                    break;

                default:
                    // Will return null.
                    break;
                }
            }
            finally
            {
                if (sspiHandle != null)
                {
                    sspiHandle.Dispose();
                }
            }

            if (NetEventSource.IsEnabled)
            {
                NetEventSource.Exit(null, attribute);
            }
            return(attribute);
        }
 internal static SecurityPackageInfoClass[] EnumerateSecurityPackages(SSPIInterface SecModule)
 {
     if (SecModule.SecurityPackages == null)
     {
         lock (SecModule)
         {
             if (SecModule.SecurityPackages == null)
             {
                 int pkgnum = 0;
                 SafeFreeContextBuffer pkgArray = null;
                 try
                 {
                     int error = SecModule.EnumerateSecurityPackages(out pkgnum, out pkgArray);
                     if (error != 0)
                     {
                         throw new Win32Exception(error);
                     }
                     SecurityPackageInfoClass[] classArray = new SecurityPackageInfoClass[pkgnum];
                     if (Logging.On)
                     {
                         Logging.PrintInfo(Logging.Web, SR.GetString("net_log_sspi_enumerating_security_packages"));
                     }
                     for (int i = 0; i < pkgnum; i++)
                     {
                         classArray[i] = new SecurityPackageInfoClass(pkgArray, i);
                         if (Logging.On)
                         {
                             Logging.PrintInfo(Logging.Web, "    " + classArray[i].Name);
                         }
                     }
                     SecModule.SecurityPackages = classArray;
                 }
                 finally
                 {
                     if (pkgArray != null)
                     {
                         pkgArray.Close();
                     }
                 }
             }
         }
     }
     return SecModule.SecurityPackages;
 }