internal SecurityContext(
			SecurityCredentials credentials,
			Int64 contextHandle,
			Int64 contextExpiry,
			SecurityContextType contextType,
			SecurityContextState contextState)
		{
			// parameters validation
			if (credentials == null)
				throw new ArgumentNullException("credentials");
			if (contextHandle == 0)
				throw new ArgumentNullException("contextHandle");

			_credentials = credentials;

			_contextHandle = contextHandle;
			_contextExpiry = contextExpiry;
			_contextType = contextType;
			_contextState = contextState;
		}
        internal SecurityContext(
            SecurityCredentials credentials,
            Int64 contextHandle,
            Int64 contextExpiry,
            SecurityContextType contextType,
            SecurityContextState contextState)
        {
            // parameters validation
            if (credentials == null)
            {
                throw new ArgumentNullException("credentials");
            }
            if (contextHandle == 0)
            {
                throw new ArgumentNullException("contextHandle");
            }

            _credentials = credentials;

            _contextHandle = contextHandle;
            _contextExpiry = contextExpiry;
            _contextType   = contextType;
            _contextState  = contextState;
        }
示例#3
0
        /// <summary>
        /// Creates security context, proceeds client token and generates server token
        /// </summary>
        public SecurityContext AcceptSecurityContext(
            SecurityCredentials credentials,
            SecurityContextAttributes contextAttributes,
            byte[] inputToken,
            out byte[] outputToken)
        {
            // parameters validation
            if (credentials == null)
            {
                throw new ArgumentNullException("credentials");
            }
            if (inputToken == null)
            {
                throw new ArgumentNullException("inputToken");
            }

            // prepare requirements for context
            uint contextReq = GetContextRequirements(true, contextAttributes);

            // prepare buffers
            SecurityBuffers inputBuffers = new SecurityBuffers(1);

            inputBuffers.SetBuffer(0, (int)SSPINative.SECBUFFER_TOKEN, inputToken);

            SecurityBuffers outputBuffers = new SecurityBuffers(1);

            outputBuffers.SetBuffer(0, (int)SSPINative.SECBUFFER_TOKEN, _secPackage.MaxToken);

            // create context
            Int64 credHandle = credentials.Handle;
            Int64 newContextHandle;
            Int64 contextExpiry;
            uint  contextAttribs;

            int error = SSPINative.AcceptSecurityContext(
                ref credHandle,
                IntPtr.Zero,
                inputBuffers,
                contextReq,
                SSPINative.SECURITY_NETWORK_DREP,
                out newContextHandle,
                outputBuffers,
                out contextAttribs,
                out contextExpiry);

            inputBuffers.Dispose();

            // check context state
            bool continueNeeded = false;
            bool completeNeeded = false;

            switch (error)
            {
            case Win32.ERROR_SUCCESS:
                break;

            case SSPINative.SEC_I_CONTINUE_NEEDED:
                continueNeeded = true;
                break;

            case SSPINative.SEC_I_COMPLETE_NEEDED:
                completeNeeded = true;
                break;

            case SSPINative.SEC_I_COMPLETE_AND_CONTINUE:
                continueNeeded = true;
                completeNeeded = true;
                break;

            default:
                throw new SSPIException(error, "Could not accept security context");
            }

            if (completeNeeded)
            {
                // complete context
                error = SSPINative.CompleteAuthToken(ref newContextHandle, outputBuffers);
                if (error < 0)
                {
                    throw new SSPIException(error, "Could not complete security context");
                }
            }

            // get output token
            outputToken = outputBuffers.GetBuffer(0);
            outputBuffers.Dispose();

            // create context object
            SecurityContextState contextState = (continueNeeded ? SecurityContextState.ContinueNeeded : SecurityContextState.Completed);

            return(new SecurityContext(credentials, newContextHandle, contextExpiry, SecurityContextType.Server, contextState));
        }
示例#4
0
        private string SendSspiAuthentication () {
            try {
                // initialize network transport
                TransportClient client = 
                    new TransportClient(this.Repository.CvsRoot.ToString(), 
                    typeof(CvsTransport));

                this.SetInputStream(new CvsStream(client.GetStream()));
                this.SetOutputStream(this.InputStream);

                this.OutputStream.SendString("BEGIN SSPI\n");
                string[] names = System.Enum.GetNames(typeof(EncryptionType));
                string protocols = string.Empty;
                for (int i = 0; i < names.Length; i++) {
                    protocols += names[i];
                    if (i + 1 < names.Length) {
                        protocols += ",";
                    }
                }
                this.OutputStream.SendString(string.Format("{0}\n", protocols));

                string authTypeResponse = this.InputStream.ReadLine();
                CurrentEncryptionType = (EncryptionType)
                    System.Enum.Parse(typeof(EncryptionType), authTypeResponse);

                // initialize authorization module
                authModule = 
                    new NTAuthModule(new SecurityPackage(CurrentEncryptionType.ToString()));

                // acquire client credentials
                clientCredentials = 
                    authModule.AcquireSecurityCredentials(SecurityCredentialsType.OutBound, null);

                byte[] clientToken;
                byte[] serverToken;

                // create client context
                SecurityContext clientContext = 
                    authModule.CreateSecurityContext(clientCredentials, 
                    SecurityContextAttributes.Identify, null, out clientToken);

                while (true) {
                    if (clientToken != null) {
                        // send client token to server
                        string clientTokenString = 
                            Encoding.ASCII.GetString(clientToken, 54, 57);
                        this.OutputStream.SendString(
                            clientTokenString);
                    }

                    if (clientContext.State == SecurityContextState.Completed) {
                        // authentication completed
                        break;
                    }

                    // receive server token
                    serverToken = 
                        Encoding.ASCII.GetBytes(this.InputStream.ReadToFirstWS());

                    // update security context
                    authModule.UpdateSecurityContext(clientContext, 
                        SecurityContextAttributes.Identify, serverToken, out clientToken);
                }

//                AuthenticateClient(client);

                return InputStream.ReadLine();
            } catch (IOException e) {
                String msg = "Failed to read line from server.  " +
                    "It is possible that the remote server was down.";
                LOGGER.Error (msg, e);
                throw new AuthenticationException (msg);
            }
        }
示例#5
0
		/// <summary>
		/// Creates security context and generates client token
		/// </summary>
		public SecurityContext CreateSecurityContext(
			SecurityCredentials credentials,
			SecurityContextAttributes contextAttributes,
			string targetName,
			out byte[] outputToken)
		{
			// parameters validation
			if (credentials == null)
				throw new ArgumentNullException("credentials");

			// prepare requirements for context
			uint contextReq = GetContextRequirements(false, contextAttributes);

			// prepare buffers
			SecurityBuffers outputBuffers = new SecurityBuffers(1);
			outputBuffers.SetBuffer(0, (int)SSPINative.SECBUFFER_TOKEN, _secPackage.MaxToken);

			// create context
			Int64 credHandle = credentials.Handle;
			Int64 newContextHandle;
			Int64 contextExpiry;
			uint contextAttribs;

			int error = SSPINative.InitializeSecurityContext(
				ref credHandle,
				IntPtr.Zero,
				targetName,
				contextReq,
				0,
				SSPINative.SECURITY_NETWORK_DREP,
				null,
				0,
				out newContextHandle,
				outputBuffers,
				out contextAttribs,
				out contextExpiry);

			// check context state
			bool continueNeeded = false;
			bool completeNeeded = false;

			switch (error)
			{
				case Win32.ERROR_SUCCESS:
					break;
				case SSPINative.SEC_I_CONTINUE_NEEDED:
					continueNeeded = true;
					break;
				case SSPINative.SEC_I_COMPLETE_NEEDED:
					completeNeeded = true;
					break;
				case SSPINative.SEC_I_COMPLETE_AND_CONTINUE:
					continueNeeded = true;
					completeNeeded = true;
					break;
				default:
					throw new SSPIException(error, "Could not create security context");
			}

			if (completeNeeded)
			{
				// complete context
				error = SSPINative.CompleteAuthToken(ref newContextHandle, outputBuffers);
				if (error < 0)
					throw new SSPIException(error, "Could not complete security context");
			}

			// get output token
			outputToken = outputBuffers.GetBuffer(0);
			outputBuffers.Dispose();

			// create context object
			SecurityContextState contextState = (continueNeeded ? SecurityContextState.ContinueNeeded : SecurityContextState.Completed);
			return new SecurityContext(credentials, newContextHandle, contextExpiry, SecurityContextType.Client, contextState);
		}