示例#1
0
        private static bool GssInitSecurityContext(
            ref SafeGssContextHandle?context,
            SafeGssCredHandle credential,
            bool isNtlm,
            ChannelBinding?channelBinding,
            SafeGssNameHandle?targetName,
            Interop.NetSecurityNative.GssFlags inFlags,
            byte[]?buffer,
            out byte[]?outputBuffer,
            out uint outFlags,
            out bool isNtlmUsed)
        {
            outputBuffer = null;
            outFlags     = 0;

            // EstablishSecurityContext is called multiple times in a session.
            // In each call, we need to pass the context handle from the previous call.
            // For the first call, the context handle will be null.
            bool newContext = false;

            if (context == null)
            {
                newContext = true;
                context    = new SafeGssContextHandle();
            }

            Interop.NetSecurityNative.GssBuffer token = default(Interop.NetSecurityNative.GssBuffer);
            Interop.NetSecurityNative.Status    status;

            try
            {
                Interop.NetSecurityNative.Status minorStatus;

                if (channelBinding != null)
                {
                    // If a TLS channel binding token (cbt) is available then get the pointer
                    // to the application specific data.
                    int appDataOffset = Marshal.SizeOf <SecChannelBindings>();
                    Debug.Assert(appDataOffset < channelBinding.Size);
                    IntPtr cbtAppData     = channelBinding.DangerousGetHandle() + appDataOffset;
                    int    cbtAppDataSize = channelBinding.Size - appDataOffset;
                    status = Interop.NetSecurityNative.InitSecContext(out minorStatus,
                                                                      credential,
                                                                      ref context,
                                                                      isNtlm,
                                                                      cbtAppData,
                                                                      cbtAppDataSize,
                                                                      targetName,
                                                                      (uint)inFlags,
                                                                      buffer,
                                                                      (buffer == null) ? 0 : buffer.Length,
                                                                      ref token,
                                                                      out outFlags,
                                                                      out isNtlmUsed);
                }
                else
                {
                    status = Interop.NetSecurityNative.InitSecContext(out minorStatus,
                                                                      credential,
                                                                      ref context,
                                                                      isNtlm,
                                                                      targetName,
                                                                      (uint)inFlags,
                                                                      buffer,
                                                                      (buffer == null) ? 0 : buffer.Length,
                                                                      ref token,
                                                                      out outFlags,
                                                                      out isNtlmUsed);
                }

                if ((status != Interop.NetSecurityNative.Status.GSS_S_COMPLETE) &&
                    (status != Interop.NetSecurityNative.Status.GSS_S_CONTINUE_NEEDED))
                {
                    if (newContext)
                    {
                        context.Dispose();
                        context = null;
                    }
                    throw new Interop.NetSecurityNative.GssApiException(status, minorStatus);
                }

                outputBuffer = token.ToByteArray();
            }
            finally
            {
                token.Dispose();
            }

            return(status == Interop.NetSecurityNative.Status.GSS_S_COMPLETE);
        }
示例#2
0
 internal static extern Status InitiateCredSpNego(
     out Status minorStatus,
     SafeGssNameHandle desiredName,
     out SafeGssCredHandle outputCredHandle);
 internal static extern Status AcquireAcceptorCred(
     out Status minorStatus,
     out SafeGssCredHandle outputCredHandle);
示例#4
0
 protected override bool ReleaseHandle()
 {
     _credential.DangerousRelease();
     _credential = null !;
     return(true);
 }
示例#5
0
 public static void GetDefaultKerberosCredentials(string username, string password)
 {
     // Fetch a Kerberos TGT which gets saved in the default cache
     SafeGssCredHandle.Create(username, password, string.Empty).Dispose();
 }
 internal static extern Status InitiateCredWithPassword(
     out Status minorStatus,
     SafeGssNameHandle desiredName,
     string password,
     int passwordLen,
     out SafeGssCredHandle outputCredHandle);
 internal static Status InitiateCredSpNego(
     out Status minorStatus,
     SafeGssNameHandle desiredName,
     out SafeGssCredHandle outputCredHandle) => throw new PlatformNotSupportedException();