static extern int AcquireCredentialsHandle( string pszPrincipal, string pszPackage, int fCredentialUse, IntPtr PAuthenticationID, IntPtr pAuthData, int pGetKeyFn, IntPtr pvGetKeyArgument, ref SECURITY_HANDLE phCredential, ref SECURITY_INTEGER ptsExpiry);
static extern int InitializeSecurityContext( ref SECURITY_HANDLE phCredential, ref SECURITY_HANDLE phContext, string pszTargetName, int fContextReq, int Reserved1, int TargetDataRep, ref SecBufferDesc SecBufferDesc, int Reserved2, out SECURITY_HANDLE phNewContext, out SecBufferDesc pOutput, out uint pfContextAttr, out SECURITY_INTEGER ptsExpiry);
static extern int InitializeSecurityContext( ref SECURITY_HANDLE phCredential, IntPtr phContext, string pszTargetName, int fContextReq, int Reserved1, int TargetDataRep, IntPtr pInput, int Reserved2, out SECURITY_HANDLE phNewContext, out SecBufferDesc pOutput, out uint pfContextAttr, out SECURITY_INTEGER ptsExpiry);
public void AuthenticateClient() { bool continueProcessing = true; byte[] clientBlob = null; byte[] serverBlob = null; SECURITY_INTEGER lifetime = new SECURITY_INTEGER(0); int ss; ss = AcquireCredentialsHandle(null, "Negotiate", SECPKG_CRED_OUTBOUND, IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero, ref outboundCredentials, ref lifetime); if (ss != SEC_E_OK) { throw new MySqlException( "AcquireCredentialsHandle failed with errorcode" + ss); } try { while (continueProcessing) { InitializeClient(out clientBlob, serverBlob, out continueProcessing); if (clientBlob != null && clientBlob.Length > 0) { WriteData(clientBlob); if (continueProcessing) { serverBlob = ReadData(); } } } } finally { FreeCredentialsHandle(ref outboundCredentials); DeleteSecurityContext(ref clientContext); } }
void InitializeClient(out byte[] clientBlob, byte[] serverBlob, out bool continueProcessing) { clientBlob = null; continueProcessing = true; SecBufferDesc clientBufferDesc = new SecBufferDesc(MAX_TOKEN_SIZE); SECURITY_INTEGER lifetime = new SECURITY_INTEGER(0); int ss = -1; try { uint ContextAttributes = 0; if (serverBlob == null) { ss = InitializeSecurityContext( ref outboundCredentials, IntPtr.Zero, targetName, STANDARD_CONTEXT_ATTRIBUTES, 0, SECURITY_NETWORK_DREP, IntPtr.Zero, /* always zero first time around */ 0, out clientContext, out clientBufferDesc, out ContextAttributes, out lifetime); } else { String s = System.Text.Encoding.UTF8.GetString(serverBlob, 0, serverBlob.Length); SecBufferDesc serverBufferDesc = new SecBufferDesc(serverBlob); try { ss = InitializeSecurityContext(ref outboundCredentials, ref clientContext, targetName, STANDARD_CONTEXT_ATTRIBUTES, 0, SECURITY_NETWORK_DREP, ref serverBufferDesc, 0, out clientContext, out clientBufferDesc, out ContextAttributes, out lifetime); } finally { serverBufferDesc.Dispose(); } } if ((SEC_I_COMPLETE_NEEDED == ss) || (SEC_I_COMPLETE_AND_CONTINUE == ss)) { CompleteAuthToken(ref clientContext, ref clientBufferDesc); } if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED && ss != SEC_I_COMPLETE_NEEDED && ss != SEC_I_COMPLETE_AND_CONTINUE) { throw new MySqlException( "InitializeSecurityContext() failed with errorcode " + ss); } clientBlob = clientBufferDesc.GetSecBufferByteArray(); } finally { clientBufferDesc.Dispose(); } continueProcessing = (ss != SEC_E_OK && ss != SEC_I_COMPLETE_NEEDED); }
public void AuthenticateClient() { bool continueProcessing = true; byte[] clientBlob = null; byte[] serverBlob = null; SECURITY_INTEGER lifetime = new SECURITY_INTEGER(0); int ss; ss = AcquireCredentialsHandle(null, "Negotiate", SECPKG_CRED_OUTBOUND, IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero, ref outboundCredentials, ref lifetime); if (ss != SEC_E_OK) { throw new MySqlException( "AcquireCredentialsHandle failed with errorcode" + ss); } try { while (continueProcessing) { InitializeClient(out clientBlob, serverBlob, out continueProcessing); if (clientBlob != null && clientBlob.Length > 0) { WriteData(clientBlob); if (continueProcessing) serverBlob = ReadData(); if (version.isAtLeast(5, 5, 16)) { // Treat properly prefix byte as per // https://bug.oraclecorp.com/pls/bug/webbug_print.show?c_rptno=12944747 // - 0x00 to acknowledge auth // - 0xff to deny auth // - 0xfe to switch auth // - 0x01 to return more auth data byte prefix = serverBlob[0]; byte[] buf = new byte[serverBlob.Length - 1]; Array.Copy(serverBlob, 1, buf, 0, buf.Length); serverBlob = buf; } } } } finally { FreeCredentialsHandle(ref outboundCredentials); DeleteSecurityContext(ref clientContext); } }
public void AuthenticateClient() { bool continueProcessing = true; byte[] clientBlob = null; byte[] serverBlob = null; SECURITY_INTEGER lifetime = new SECURITY_INTEGER(0); int ss; ss = AcquireCredentialsHandle(null, "Negotiate", SECPKG_CRED_OUTBOUND, IntPtr.Zero, IntPtr.Zero, 0, IntPtr.Zero, ref outboundCredentials, ref lifetime); if(ss != SEC_E_OK) { throw new MySqlException( "AcquireCredentialsHandle failed with errorcode" + ss); } try { while (continueProcessing) { InitializeClient(out clientBlob, serverBlob, out continueProcessing); if (clientBlob != null && clientBlob.Length > 0) { WriteData(clientBlob); if (continueProcessing) serverBlob = ReadData(); } } } finally { FreeCredentialsHandle(ref outboundCredentials); DeleteSecurityContext(ref clientContext); } }