Commit 29dd7192 authored by Mark Salisbury's avatar Mark Salisbury Committed by Yang Tse
Browse files

schannel SSL: Added helper methods to simplify code 

Added helper methods InitSecBuffer() and InitSecBufferDesc() to make it
easier to set up SecBuffer & SecBufferDesc structs.
parent 705330c7

lib/curl_schannel.c

+41 −65
Original line number Diff line number Diff line
@@ -69,6 +69,7 @@ 
#include "select.h" /* for the socket readyness */

#include "inet_pton.h" /* for IP addr SNI check */

#include "curl_multibyte.h"

#include "warnless.h"



#define _MPRINTF_REPLACE /* use our functions only */

#include <curl/mprintf.h>
@@ -85,6 +86,22 @@ 
static Curl_recv schannel_recv;

static Curl_send schannel_send;



static void InitSecBuffer(SecBuffer *buffer, unsigned long BufType,

                          void *BufDataPtr, unsigned long BufByteSize)

{

  buffer->cbBuffer = BufByteSize;

  buffer->BufferType = BufType;

  buffer->pvBuffer = BufDataPtr;

}



static void InitSecBufferDesc(SecBufferDesc *desc, SecBuffer *BufArr,

                              unsigned long NumArrElem)

{

  desc->ulVersion = SECBUFFER_VERSION;

  desc->pBuffers = BufArr;

  desc->cBuffers = NumArrElem;

}



static CURLcode

schannel_connect_step1(struct connectdata *conn, int sockindex)

{
@@ -178,13 +195,8 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) 
  }



  /* setup output buffer */

  outbuf.pvBuffer = NULL;

  outbuf.cbBuffer = 0;

  outbuf.BufferType = SECBUFFER_EMPTY;



  outbuf_desc.pBuffers = &outbuf;

  outbuf_desc.cBuffers = 1;

  outbuf_desc.ulVersion = SECBUFFER_VERSION;

  InitSecBuffer(&outbuf, SECBUFFER_EMPTY, NULL, 0);

  InitSecBufferDesc(&outbuf_desc, &outbuf, 1);



  /* setup request flags */

  connssl->req_flags = ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT |
@@ -303,30 +315,15 @@ schannel_connect_step2(struct connectdata *conn, int sockindex) 
        connssl->encdata_offset, connssl->encdata_length);



  /* setup input buffers */

  inbuf[0].pvBuffer = malloc(connssl->encdata_offset);

  inbuf[0].cbBuffer = connssl->encdata_offset;

  inbuf[0].BufferType = SECBUFFER_TOKEN;



  inbuf[1].pvBuffer = NULL;

  inbuf[1].cbBuffer = 0;

  inbuf[1].BufferType = SECBUFFER_EMPTY;



  inbuf_desc.pBuffers = &inbuf[0];

  inbuf_desc.cBuffers = 2;

  inbuf_desc.ulVersion = SECBUFFER_VERSION;

  InitSecBuffer(&inbuf[0], SECBUFFER_TOKEN, malloc(connssl->encdata_offset),

                curlx_uztoul(connssl->encdata_offset));

  InitSecBuffer(&inbuf[1], SECBUFFER_EMPTY, NULL, 0);

  InitSecBufferDesc(&inbuf_desc, inbuf, 2);



  /* setup output buffers */

  outbuf[0].pvBuffer = NULL;

  outbuf[0].cbBuffer = 0;

  outbuf[0].BufferType = SECBUFFER_TOKEN;



  outbuf[1].pvBuffer = NULL;

  outbuf[1].cbBuffer = 0;

  outbuf[1].BufferType = SECBUFFER_ALERT;



  outbuf_desc.pBuffers = &outbuf[0];

  outbuf_desc.cBuffers = 2;

  outbuf_desc.ulVersion = SECBUFFER_VERSION;

  InitSecBuffer(&outbuf[0], SECBUFFER_TOKEN, NULL, 0);

  InitSecBuffer(&outbuf[1], SECBUFFER_ALERT, NULL, 0);

  InitSecBufferDesc(&outbuf_desc, outbuf, 2);



  if(inbuf[0].pvBuffer == NULL) {

    failf(data, "schannel: unable to allocate memory");
@@ -640,25 +637,15 @@ schannel_send(struct connectdata *conn, int sockindex, 
  }



  /* setup output buffers (header, data, trailer, empty) */

  outbuf[0].pvBuffer = data;

  outbuf[0].cbBuffer = connssl->stream_sizes.cbHeader;

  outbuf[0].BufferType = SECBUFFER_STREAM_HEADER;



  outbuf[1].pvBuffer = data + connssl->stream_sizes.cbHeader;

  outbuf[1].cbBuffer = len;

  outbuf[1].BufferType = SECBUFFER_DATA;



  outbuf[2].pvBuffer = data + connssl->stream_sizes.cbHeader + len;

  outbuf[2].cbBuffer = connssl->stream_sizes.cbTrailer;

  outbuf[2].BufferType = SECBUFFER_STREAM_TRAILER;



  outbuf[3].pvBuffer = NULL;

  outbuf[3].cbBuffer = 0;

  outbuf[3].BufferType = SECBUFFER_EMPTY;



  outbuf_desc.pBuffers = &outbuf[0];

  outbuf_desc.cBuffers = 4;

  outbuf_desc.ulVersion = SECBUFFER_VERSION;

  InitSecBuffer(&outbuf[0], SECBUFFER_STREAM_HEADER,

                data, connssl->stream_sizes.cbHeader);

  InitSecBuffer(&outbuf[1], SECBUFFER_DATA,

                data + connssl->stream_sizes.cbHeader, len);

  InitSecBuffer(&outbuf[2], SECBUFFER_STREAM_TRAILER,

                data + connssl->stream_sizes.cbHeader + len,

                connssl->stream_sizes.cbTrailer);

  InitSecBuffer(&outbuf[3], SECBUFFER_EMPTY, NULL, 0);

  InitSecBufferDesc(&outbuf_desc, outbuf, 4);



  /* copy data into output buffer */

  memcpy(outbuf[1].pvBuffer, buf, len);
@@ -756,26 +743,15 @@ schannel_recv(struct connectdata *conn, int sockindex, 
  /* check if we still have some data in our buffers */

  while(connssl->encdata_offset > 0 && sspi_status == SEC_E_OK) {

    /* prepare data buffer for DecryptMessage call */

    inbuf[0].pvBuffer = connssl->encdata_buffer;

    inbuf[0].cbBuffer = connssl->encdata_offset;

    inbuf[0].BufferType = SECBUFFER_DATA;

    InitSecBuffer(&inbuf[0], SECBUFFER_DATA, connssl->encdata_buffer,

                  curlx_uztoul(connssl->encdata_offset));



    /* we need 3 more empty input buffers for possible output */

    inbuf[1].pvBuffer = NULL;

    inbuf[1].cbBuffer = 0;

    inbuf[1].BufferType = SECBUFFER_EMPTY;



    inbuf[2].pvBuffer = NULL;

    inbuf[2].cbBuffer = 0;

    inbuf[2].BufferType = SECBUFFER_EMPTY;



    inbuf[3].pvBuffer = NULL;

    inbuf[3].cbBuffer = 0;

    inbuf[3].BufferType = SECBUFFER_EMPTY;

    InitSecBuffer(&inbuf[1], SECBUFFER_EMPTY, NULL, 0);

    InitSecBuffer(&inbuf[2], SECBUFFER_EMPTY, NULL, 0);

    InitSecBuffer(&inbuf[3], SECBUFFER_EMPTY, NULL, 0);



    inbuf_desc.pBuffers = &inbuf[0];

    inbuf_desc.cBuffers = 4;

    inbuf_desc.ulVersion = SECBUFFER_VERSION;

    InitSecBufferDesc(&inbuf_desc, inbuf, 4);



    /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375348.aspx */

    sspi_status = s_pSecFn->DecryptMessage(&connssl->ctxt->ctxt_handle,