HANDLE NetlibInitSecurityProvider(const TCHAR* szProvider, const TCHAR* szPrincipal)
{
HANDLE hSecurity = NULL;
if (_tcsicmp(szProvider, _T("Basic")) == 0)
{
NtlmHandleType* hNtlm = (NtlmHandleType*)mir_calloc(sizeof(NtlmHandleType));
hNtlm->szProvider = mir_tstrdup(szProvider);
SecInvalidateHandle(&hNtlm->hClientContext);
SecInvalidateHandle(&hNtlm->hClientCredential);
ntlmCnt++;
return hNtlm;
}
WaitForSingleObject(hSecMutex, INFINITE);
if (secCnt == 0 )
{
LoadSecurityLibrary();
secCnt += g_hSecurity != NULL;
}
else secCnt++;
if (g_pSSPI != NULL)
{
PSecPkgInfo ntlmSecurityPackageInfo;
bool isGSSAPI = _tcsicmp(szProvider, _T("GSSAPI")) == 0;
const TCHAR *szProviderC = isGSSAPI ? _T("Kerberos") : szProvider;
SECURITY_STATUS sc = g_pSSPI->QuerySecurityPackageInfo((LPTSTR)szProviderC, &ntlmSecurityPackageInfo);
if (sc == SEC_E_OK)
{
NtlmHandleType* hNtlm;
hSecurity = hNtlm = (NtlmHandleType*)mir_calloc(sizeof(NtlmHandleType));
hNtlm->cbMaxToken = ntlmSecurityPackageInfo->cbMaxToken;
g_pSSPI->FreeContextBuffer(ntlmSecurityPackageInfo);
hNtlm->szProvider = mir_tstrdup(szProvider);
hNtlm->szPrincipal = mir_tstrdup(szPrincipal ? szPrincipal : _T(""));
SecInvalidateHandle(&hNtlm->hClientContext);
SecInvalidateHandle(&hNtlm->hClientCredential);
ntlmCnt++;
}
}
ReleaseMutex(hSecMutex);
return hSecurity;
}
/*
* Query specified package for it's maximum token size.
*/
static int getMaxTokenSize(char *package, ULONG * maxTokenSize)
{
SECURITY_STATUS status;
SecPkgInfo *packageSecurityInfo = NULL;
status = pSFT->QuerySecurityPackageInfo(package, &packageSecurityInfo);
if (status == SEC_E_OK) {
*maxTokenSize = packageSecurityInfo->cbMaxToken;
if (pSFT->FreeContextBuffer(packageSecurityInfo) != SEC_E_OK) {
NE_DEBUG(NE_DBG_HTTPAUTH,
"sspi: Unable to free security package info.");
}
} else {
NE_DEBUG(NE_DBG_HTTPAUTH,
"sspi: QuerySecurityPackageInfo [failed] [%x].", status);
return -1;
}
return 0;
}