SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW( LPWSTR pszPrincipal, // Name of principal LPWSTR pszPackageName, // Name of package unsigned long fCredentialUse, // Flags indicating use void SEC_FAR * pvLogonId, // Pointer to logon ID void SEC_FAR * pAuthData, // Package specific data SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func void SEC_FAR * pvGetKeyArgument, // Value to pass to GetKey() PCredHandle phCredential, // (out) Cred Handle PTimeStamp ptsExpiry // (out) Lifetime (optional) ) { PCREDENTIAL NewCredential = NULL; if ((fCredentialUse & (SECPKG_CRED_BOTH)) == 0) { return(SEC_E_UNKNOWN_CREDENTIALS); } NewCredential = (PCREDENTIAL) LocalAlloc(0,sizeof(CREDENTIAL)); if (NewCredential == NULL) { return(SEC_E_INSUFFICIENT_MEMORY); } NewCredential->CredentialId = GetNewId(); NewCredential->Use = fCredentialUse; NewCredential->AuthData = (ULONG *)pAuthData; phCredential->dwUpper = NewCredential->CredentialId; *ptsExpiry = Forever; AddCredential(NewCredential); return(SEC_E_OK); }
SECURITY_STATUS SEC_ENTRY AcceptSecurityContext( PCredHandle phCredential, // Cred to base context PCtxtHandle phContext, // Existing context (OPT) PSecBufferDesc pInput, // Input buffer unsigned long fContextReq, // Context Requirements unsigned long TargetDataRep, // Target Data Rep PCtxtHandle phNewContext, // (out) New context handle PSecBufferDesc pOutput, // (inout) Output buffers unsigned long SEC_FAR * pfContextAttr, // (out) Context attributes PTimeStamp ptsExpiry // (out) Life span (OPT) ) { PCREDENTIAL Credential = NULL; PSEC_CONTEXT Context = NULL; PMESSAGE Message = NULL; PSecBuffer OutputBuffer; PSecBuffer InputBuffer; MESSAGE SampleMessage; if (fContextReq & ISC_REQ_ALLOCATE_MEMORY) { return(SEC_E_INSUFFICIENT_MEMORY); } InputBuffer = LocateSecBuffer(pInput); if (InputBuffer == NULL) { return(SEC_E_INVALID_TOKEN); } if (phContext == NULL) { Credential = LocateCredential(phCredential->dwUpper); if (Credential == NULL) { return(SEC_E_UNKNOWN_CREDENTIALS); } if ((Credential->Use & SECPKG_CRED_INBOUND) == 0) { return(SEC_E_UNKNOWN_CREDENTIALS); } } // // If the context is NULL, create a new one. // if (phContext == NULL) { // // Make sure the output buffer exists. // OutputBuffer = LocateSecBuffer(pOutput); if (OutputBuffer == NULL) { return(SEC_E_INVALID_TOKEN); } // // Check that the input message is what we expected. // Message = (PMESSAGE) InputBuffer->pvBuffer; SampleMessage.MessageType = Negotiate; memset(SampleMessage.Buffer, 'x', MESSAGE_SIZE); if (memcmp(&SampleMessage,Message,MESSAGE_SIZE) != 0) { return(SEC_E_INVALID_TOKEN); } // // Build a new context. // Context = (PSEC_CONTEXT) LocalAlloc(0,sizeof(SEC_CONTEXT)); if (Context == NULL) { return(SEC_E_INSUFFICIENT_MEMORY); } Context->ContextId = GetNewId(); phNewContext->dwUpper = Context->ContextId; Context->CredentialId = phCredential->dwUpper; Context->State = FirstAccept; Context->Nonce = 0; Context->ContextFlags = fContextReq; *pfContextAttr = fContextReq; *ptsExpiry = Forever; // // Build an output token. // Message = (PMESSAGE) OutputBuffer->pvBuffer; Message->MessageType = Challenge; memset(Message->Buffer,'y',MESSAGE_SIZE); OutputBuffer->cbBuffer = sizeof(MESSAGE); AddContext(Context); return(SEC_I_CONTINUE_NEEDED); } else { // // This is the second call. Lookup the old context. // Context = LocateContext(phContext->dwUpper); if (Context == NULL) { return(SEC_E_INVALID_HANDLE); } if ((Context->State != FirstAccept) && (Context->State != SecondAccept)) { return(SEC_E_INVALID_HANDLE); } Message = (PMESSAGE) InputBuffer->pvBuffer; // // Check that the input message is what we expected. // if (Context->State == FirstAccept) { SampleMessage.MessageType = ChallengeResponse; memset(SampleMessage.Buffer, 'z', MESSAGE_SIZE); } else { SampleMessage.MessageType = ReAuthenticate; memset(SampleMessage.Buffer, 'q', MESSAGE_SIZE); } if (memcmp(&SampleMessage,Message,MESSAGE_SIZE) != 0) { return(SEC_E_INVALID_TOKEN); } Context->State = SecondAccept; return(SEC_E_OK); } }
static int write_request(request_rec* r, char* req_id) { char buff[HUGE_STRING_LEN]; long length; /* length of request body */ int len_read; /* size of reading data */ int rsize; /* actual size which need to copy */ int rpos = 0; /* current position */ apr_file_t* fd; apr_status_t rv = 0; char req_fn[256]; int rc = 0; /***** For Http Header ******/ rc = GetNewId(req_id); if (rc == EXIT_FAILURE) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : GetNewId(req_id)"); return EXIT_FAILURE; } WriteLog(8,req_id); #ifdef DEBUG ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL, "*** mod *** : GetNewId req_id = %s", req_id); #endif rc = AddHttpHeader(req_id, "Content-type", apr_table_get(r->headers_in, "Content-type")); if (rc == EXIT_FAILURE) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : AddHttpHeader"); return EXIT_FAILURE; } #ifdef DEBUG ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL, "*** mod *** : AddHttpHeader = %s", apr_table_get(r->headers_in, "Content-type")); #endif AddHttpHeader(req_id, "SOAPAction", apr_table_get(r->headers_in, "SOAPAction")); if (rc == EXIT_FAILURE) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : AddHttpHeader"); return EXIT_FAILURE; } #ifdef DEBUG ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL, "*** mod *** : AddHttpHeader = %s", apr_table_get(r->headers_in, "SOAPAction")); #endif /***** For Http Body ******/ /* check the receive data format, and initialize */ if(ap_setup_client_block(r, REQUEST_CHUNKED_ERROR)) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : ap_setup_client_block"); return HTTP_INTERNAL_SERVER_ERROR; } /* check the existance of data to receive */ if(!ap_should_client_block(r)) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : ap_should_client_block"); return HTTP_INTERNAL_SERVER_ERROR; } length = r->remaining; #ifdef DEBUG ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL, "*** mod *** : content-len = %ld", length); #endif rc = CheckLimitSizeMessage(length, req_id); if (rc == EXIT_FAILURE) { // is error, soap fault was created using req_id while((len_read = ap_get_client_block(r, buff, sizeof(buff))) > 0) ; ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : limit over message"); return DSO_TOO_BIG; } rc = GetFileName(req_id, req_fn); if (rc == EXIT_FAILURE) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : GetFileName"); return EXIT_FAILURE; } #ifdef DEBUG ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL, "*** mod *** : GetFilenName req_fn = %s", req_fn); #endif rv = apr_file_open(&fd, req_fn, APR_WRITE | APR_CREATE | APR_TRUNCATE | APR_BINARY, APR_OS_DEFAULT, r->pool); if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : apr_file_open"); return HTTP_INTERNAL_SERVER_ERROR; } /* copy request body to buffer, and return the size */ while((len_read = ap_get_client_block(r, buff, sizeof(buff))) > 0) { if((rpos + len_read) > length) rsize = length - rpos; else rsize = len_read; if(apr_file_write(fd, buff, &rsize) != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : apr_file_write"); return HTTP_INTERNAL_SERVER_ERROR; } rpos += rsize; } rv = apr_file_close(fd); if (rv != APR_SUCCESS) { ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL, "*** mod_err *** : apr_file_close"); return HTTP_INTERNAL_SERVER_ERROR; } return EXIT_SUCCESS; }