本文整理汇总了C++中PSecurityFunctionTable类的典型用法代码示例。如果您正苦于以下问题:C++ PSecurityFunctionTable类的具体用法?C++ PSecurityFunctionTable怎么用?C++ PSecurityFunctionTable使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了PSecurityFunctionTable类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: chs_hello
// Initiate a ClientHello message and generate a token.
SECURITY_STATUS chs_hello (void)
{
DWORD dwFlagsIn, dwFlagsOut;
SecBuffer sb[1];
SecBufferDesc hs;
dwFlagsIn = ISC_REQ_SEQUENCE_DETECT |
ISC_REQ_REPLAY_DETECT |
ISC_REQ_CONFIDENTIALITY |
ISC_RET_EXTENDED_ERROR |
ISC_REQ_ALLOCATE_MEMORY |
ISC_REQ_STREAM;
sb[0].pvBuffer = NULL;
sb[0].BufferType = SECBUFFER_TOKEN;
sb[0].cbBuffer = 0;
hs.cBuffers = 1;
hs.pBuffers = sb;
hs.ulVersion = SECBUFFER_VERSION;
ss = sspi->InitializeSecurityContextA (&hClientCreds, NULL, pszServer, dwFlagsIn,
0, SECURITY_NATIVE_DREP, NULL, 0, &hContext, &hs, &dwFlagsOut, &ts);
// should indicate continuing
if (ss==SEC_I_CONTINUE_NEEDED) {
// send data
if (sb[0].cbBuffer != 0) {
send (s, sb[0].pvBuffer, sb[0].cbBuffer, 0);
ss = sspi->FreeContextBuffer (sb[0].pvBuffer);
}
}
return ss;
}示例2: resetContext
/*
* Resets the context
*/
static void resetContext(SSPIContext * sspiContext)
{
pSFT->DeleteSecurityContext(&(sspiContext->context));
#if defined(_MSC_VER) && _MSC_VER <= 1200
pSFT->FreeCredentialHandle(&(sspiContext->credentials));
#else
pSFT->FreeCredentialsHandle(&(sspiContext->credentials));
#endif
sspiContext->continueNeeded = 0;
}示例3: ClientConnect
static bool ClientConnect(SslHandle *ssl, const char *host)
{
if (SecIsValidHandle(&ssl->hContext)) {
g_pSSPI->DeleteSecurityContext(&ssl->hContext);
SecInvalidateHandle(&ssl->hContext);
}
if (MySslEmptyCache) MySslEmptyCache();
DWORD dwSSPIFlags = ISC_REQ_SEQUENCE_DETECT |
ISC_REQ_REPLAY_DETECT |
ISC_REQ_CONFIDENTIALITY |
ISC_REQ_EXTENDED_ERROR |
ISC_REQ_ALLOCATE_MEMORY |
ISC_REQ_STREAM;
// Initiate a ClientHello message and generate a token.
SecBuffer OutBuffers[1];
OutBuffers[0].pvBuffer = NULL;
OutBuffers[0].BufferType = SECBUFFER_TOKEN;
OutBuffers[0].cbBuffer = 0;
SecBufferDesc OutBuffer;
OutBuffer.cBuffers = _countof(OutBuffers);
OutBuffer.pBuffers = OutBuffers;
OutBuffer.ulVersion = SECBUFFER_VERSION;
TimeStamp tsExpiry;
DWORD dwSSPIOutFlags;
SECURITY_STATUS scRet = g_pSSPI->InitializeSecurityContext(&hCreds, NULL, _A2T(host), dwSSPIFlags, 0, 0, NULL, 0,
&ssl->hContext, &OutBuffer, &dwSSPIOutFlags, &tsExpiry);
if (scRet != SEC_I_CONTINUE_NEEDED) {
ReportSslError(scRet, __LINE__);
return 0;
}
// Send response to server if there is one.
if (OutBuffers[0].cbBuffer != 0 && OutBuffers[0].pvBuffer != NULL) {
DWORD cbData = send(ssl->s, (char*)OutBuffers[0].pvBuffer, OutBuffers[0].cbBuffer, 0);
if (cbData == SOCKET_ERROR || cbData == 0) {
Netlib_Logf(NULL, "SSL failure sending connection data (%d %d)", ssl->s, WSAGetLastError());
g_pSSPI->FreeContextBuffer(OutBuffers[0].pvBuffer);
return 0;
}
// Free output buffer.
g_pSSPI->FreeContextBuffer(OutBuffers[0].pvBuffer);
OutBuffers[0].pvBuffer = NULL;
}
return ClientHandshakeLoop(ssl, TRUE) == SEC_E_OK;
}示例4: NetlibSslShutdown
void NetlibSslShutdown(SslHandle *ssl)
{
if (ssl == NULL || !SecIsValidHandle(&ssl->hContext))
return;
DWORD dwType = SCHANNEL_SHUTDOWN;
SecBuffer OutBuffers[1];
OutBuffers[0].pvBuffer = &dwType;
OutBuffers[0].BufferType = SECBUFFER_TOKEN;
OutBuffers[0].cbBuffer = sizeof(dwType);
SecBufferDesc OutBuffer;
OutBuffer.cBuffers = _countof(OutBuffers);
OutBuffer.pBuffers = OutBuffers;
OutBuffer.ulVersion = SECBUFFER_VERSION;
SECURITY_STATUS scRet = g_pSSPI->ApplyControlToken(&ssl->hContext, &OutBuffer);
if (FAILED(scRet))
return;
// Build an SSL close notify message.
DWORD dwSSPIFlags = ISC_REQ_SEQUENCE_DETECT |
ISC_REQ_REPLAY_DETECT |
ISC_REQ_CONFIDENTIALITY |
ISC_RET_EXTENDED_ERROR |
ISC_REQ_ALLOCATE_MEMORY |
ISC_REQ_STREAM;
OutBuffers[0].pvBuffer = NULL;
OutBuffers[0].BufferType = SECBUFFER_TOKEN;
OutBuffers[0].cbBuffer = 0;
OutBuffer.cBuffers = 1;
OutBuffer.pBuffers = OutBuffers;
OutBuffer.ulVersion = SECBUFFER_VERSION;
TimeStamp tsExpiry;
DWORD dwSSPIOutFlags;
scRet = g_pSSPI->InitializeSecurityContext(&hCreds, &ssl->hContext, NULL, dwSSPIFlags, 0, 0, NULL, 0,
&ssl->hContext, &OutBuffer, &dwSSPIOutFlags, &tsExpiry);
if (FAILED(scRet))
return;
// Send the close notify message to the server.
if (OutBuffers[0].pvBuffer != NULL && OutBuffers[0].cbBuffer != 0) {
send(ssl->s, (char*)OutBuffers[0].pvBuffer, OutBuffers[0].cbBuffer, 0);
g_pSSPI->FreeContextBuffer(OutBuffers[0].pvBuffer);
}
}示例5: NetlibInitSecurityProvider
HANDLE NetlibInitSecurityProvider(const TCHAR* szProvider, const TCHAR* szPrincipal)
{
HANDLE hSecurity = NULL;
if (_tcsicmp(szProvider, _T("Basic")) == 0)
{
NtlmHandleType* hNtlm = (NtlmHandleType*)mir_calloc(sizeof(NtlmHandleType));
hNtlm->szProvider = mir_tstrdup(szProvider);
SecInvalidateHandle(&hNtlm->hClientContext);
SecInvalidateHandle(&hNtlm->hClientCredential);
ntlmCnt++;
return hNtlm;
}
WaitForSingleObject(hSecMutex, INFINITE);
if (secCnt == 0 )
{
LoadSecurityLibrary();
secCnt += g_hSecurity != NULL;
}
else secCnt++;
if (g_pSSPI != NULL)
{
PSecPkgInfo ntlmSecurityPackageInfo;
bool isGSSAPI = _tcsicmp(szProvider, _T("GSSAPI")) == 0;
const TCHAR *szProviderC = isGSSAPI ? _T("Kerberos") : szProvider;
SECURITY_STATUS sc = g_pSSPI->QuerySecurityPackageInfo((LPTSTR)szProviderC, &ntlmSecurityPackageInfo);
if (sc == SEC_E_OK)
{
NtlmHandleType* hNtlm;
hSecurity = hNtlm = (NtlmHandleType*)mir_calloc(sizeof(NtlmHandleType));
hNtlm->cbMaxToken = ntlmSecurityPackageInfo->cbMaxToken;
g_pSSPI->FreeContextBuffer(ntlmSecurityPackageInfo);
hNtlm->szProvider = mir_tstrdup(szProvider);
hNtlm->szPrincipal = mir_tstrdup(szPrincipal ? szPrincipal : _T(""));
SecInvalidateHandle(&hNtlm->hClientContext);
SecInvalidateHandle(&hNtlm->hClientCredential);
ntlmCnt++;
}
}
ReleaseMutex(hSecMutex);
return hSecurity;
}示例6: AcquireCredentials
static bool AcquireCredentials(void)
{
SCHANNEL_CRED SchannelCred;
TimeStamp tsExpiry;
SECURITY_STATUS scRet;
memset(&SchannelCred, 0, sizeof(SchannelCred));
SchannelCred.dwVersion = SCHANNEL_CRED_VERSION;
SchannelCred.grbitEnabledProtocols = SP_PROT_SSL3TLS1_CLIENTS;
SchannelCred.dwFlags |= SCH_CRED_NO_DEFAULT_CREDS | SCH_CRED_MANUAL_CRED_VALIDATION;
// Create an SSPI credential.
scRet = g_pSSPI->AcquireCredentialsHandle(
NULL, // Name of principal
UNISP_NAME, // Name of package
SECPKG_CRED_OUTBOUND, // Flags indicating use
NULL, // Pointer to logon ID
&SchannelCred, // Package specific data
NULL, // Pointer to GetKey() func
NULL, // Value to pass to GetKey()
&hCreds, // (out) Cred Handle
&tsExpiry); // (out) Lifetime (optional)
ReportSslError(scRet, __LINE__);
return scRet == SEC_E_OK;
}示例7: if
/*
* Wrapper arround initializeSecurityContext. Supplies several
* default parameters as well as logging in case of errors.
*/
static SECURITY_STATUS
initializeSecurityContext(CredHandle * credentials, CtxtHandle * context,
char *spn, ULONG contextReq,
SecBufferDesc * inBuffer, CtxtHandle * newContext,
SecBufferDesc * outBuffer)
{
ULONG contextAttributes;
SECURITY_STATUS status;
status =
pSFT->InitializeSecurityContext(credentials, context, spn, contextReq,
0, SECURITY_NETWORK_DREP, inBuffer, 0,
newContext, outBuffer,
&contextAttributes, NULL);
if (!SEC_SUCCESS(status)) {
if (status == SEC_E_INVALID_TOKEN) {
NE_DEBUG(NE_DBG_HTTPAUTH,
"InitializeSecurityContext [fail] SEC_E_INVALID_TOKEN.\n");
} else if (status == SEC_E_UNSUPPORTED_FUNCTION) {
NE_DEBUG(NE_DBG_HTTPAUTH,
"InitializeSecurityContext [fail] SEC_E_UNSUPPORTED_FUNCTION.\n");
} else {
NE_DEBUG(NE_DBG_HTTPAUTH,
"InitializeSecurityContext [fail] [%x].\n", status);
}
}
return status;
}示例8: create_creds
// create credentials
SECURITY_STATUS create_creds (void)
{
DWORD cSupportedAlgs = 0;
ALG_ID rgbSupportedAlgs[16];
ZeroMemory (&SchannelCred, sizeof (SchannelCred));
SchannelCred.dwVersion = SCHANNEL_CRED_VERSION;
SchannelCred.grbitEnabledProtocols = SP_PROT_SSL3 | SP_PROT_TLS1;
if (aiKeyExch) {
rgbSupportedAlgs[cSupportedAlgs++] = aiKeyExch;
}
if (cSupportedAlgs) {
SchannelCred.cSupportedAlgs = cSupportedAlgs;
SchannelCred.palgSupportedAlgs = rgbSupportedAlgs;
}
SchannelCred.dwFlags |= SCH_CRED_NO_DEFAULT_CREDS;
// We need manual validation
SchannelCred.dwFlags |= SCH_CRED_MANUAL_CRED_VALIDATION;
ss = sspi->AcquireCredentialsHandleA (NULL, UNISP_NAME_A,
SECPKG_CRED_OUTBOUND, NULL, &SchannelCred, NULL,
NULL, &hClientCreds, &ts);
return ss;
}示例9: UnloadSslModule
void UnloadSslModule(void)
{
if (g_pSSPI && SecIsValidHandle(&hCreds))
g_pSSPI->FreeCredentialsHandle(&hCreds);
CloseHandle(g_hSslMutex);
if (g_hSchannel)
FreeLibrary(g_hSchannel);
}示例10: NetlibSslFree
void NetlibSslFree(SslHandle *ssl)
{
if (ssl == NULL) return;
g_pSSPI->DeleteSecurityContext(&ssl->hContext);
mir_free(ssl->pbRecDataBuf);
mir_free(ssl->pbIoBuffer);
memset(ssl, 0, sizeof(SslHandle));
mir_free(ssl);
}示例11: getMaxTokenSize
/*
* Query specified package for it's maximum token size.
*/
static int getMaxTokenSize(char *package, ULONG * maxTokenSize)
{
SECURITY_STATUS status;
SecPkgInfo *packageSecurityInfo = NULL;
status = pSFT->QuerySecurityPackageInfo(package, &packageSecurityInfo);
if (status == SEC_E_OK) {
*maxTokenSize = packageSecurityInfo->cbMaxToken;
if (pSFT->FreeContextBuffer(packageSecurityInfo) != SEC_E_OK) {
NE_DEBUG(NE_DBG_HTTPAUTH,
"sspi: Unable to free security package info.");
}
} else {
NE_DEBUG(NE_DBG_HTTPAUTH,
"sspi: QuerySecurityPackageInfo [failed] [%x].", status);
return -1;
}
return 0;
}示例12: secure_info
void secure_info (void)
{
SecPkgContext_ConnectionInfo ci;
ss = sspi->QueryContextAttributes (&hContext, SECPKG_ATTR_CONNECTION_INFO, (PVOID)&ci);
if(ss != SEC_E_OK) { printf("Error 0x%x querying connection info\n", ss); return; }
printf (" [ Protocol : %s\n", alg2s(ci.dwProtocol));
printf (" [ Cipher : %s-%i\n", alg2s(ci.aiCipher), ci.dwCipherStrength);
printf (" [ Hash : %s-%i\n", alg2s(ci.aiHash), ci.dwHashStrength );
printf (" [ Exchange : %s-%i\n\n", alg2s(ci.aiExch), ci.dwExchStrength );
}示例13: ssl_recv
SECURITY_STATUS ssl_recv (void)
{
SecBufferDesc msg;
SecBuffer sb[4];
DWORD cbIoBuffer=0;
SecBuffer *pData=NULL, *pExtra=NULL;
int len, i;
ss=SEC_E_INCOMPLETE_MESSAGE;
do
{
if (cbIoBuffer==0 || ss==SEC_E_INCOMPLETE_MESSAGE)
{
len = recv (s, pbDataIn + cbIoBuffer, cbBufferLen - cbIoBuffer, 0);
if (len<=0) break;
cbIoBuffer += len;
sb[0].pvBuffer = pbDataIn;
sb[0].cbBuffer = cbIoBuffer;
sb[0].BufferType = SECBUFFER_DATA;
sb[1].BufferType = SECBUFFER_EMPTY;
sb[2].BufferType = SECBUFFER_EMPTY;
sb[3].BufferType = SECBUFFER_EMPTY;
msg.ulVersion = SECBUFFER_VERSION;
msg.cBuffers = 4;
msg.pBuffers = sb;
ss = sspi->DecryptMessage (&hContext, &msg, 0, NULL);
if (ss == SEC_I_CONTEXT_EXPIRED) break;
for (i=0; i<4; i++) {
if (pData==NULL && sb[i].BufferType==SECBUFFER_DATA) pData=&sb[i];
if (pExtra==NULL && sb[i].BufferType==SECBUFFER_EXTRA) pExtra=&sb[i];
}
if (pData!=NULL)
{
cbDataIn=pData->cbBuffer;
if (cbDataIn!=0)
{
memcpy (pbDataIn, pData->pvBuffer, cbDataIn);
break;
}
}
}
} while (1);
return SEC_E_OK;
}示例14: NetlibDestroySecurityProvider
void NetlibDestroySecurityProvider(HANDLE hSecurity)
{
if (hSecurity == NULL) return;
WaitForSingleObject(hSecMutex, INFINITE);
if (ntlmCnt != 0)
{
NtlmHandleType* hNtlm = (NtlmHandleType*)hSecurity;
if (SecIsValidHandle(&hNtlm->hClientContext)) g_pSSPI->DeleteSecurityContext(&hNtlm->hClientContext);
if (SecIsValidHandle(&hNtlm->hClientCredential)) g_pSSPI->FreeCredentialsHandle(&hNtlm->hClientCredential);
mir_free(hNtlm->szProvider);
mir_free(hNtlm->szPrincipal);
--ntlmCnt;
mir_free(hNtlm);
}
if (secCnt && --secCnt == 0)
FreeSecurityLibrary();
ReleaseMutex(hSecMutex);
}示例15: acquireCredentialsHandle
/*
* Simplification wrapper arround AcquireCredentialsHandle as most of
* the parameters do not change.
*/
static int acquireCredentialsHandle(CredHandle * credentials, char *package)
{
SECURITY_STATUS status;
TimeStamp timestamp;
status =
pSFT->AcquireCredentialsHandle(NULL, package, SECPKG_CRED_OUTBOUND,
NULL, NULL, NULL, NULL, credentials,
×tamp);
if (status != SEC_E_OK) {
NE_DEBUG(NE_DBG_HTTPAUTH,
"sspi: AcquireCredentialsHandle [fail] [%x].\n", status);
return -1;
}
return 0;
}