SECURITY_STATUS SEC_ENTRY
AcquireCredentialsHandleW(
LPWSTR pszPrincipal, // Name of principal
LPWSTR pszPackageName, // Name of package
unsigned long fCredentialUse, // Flags indicating use
void SEC_FAR * pvLogonId, // Pointer to logon ID
void SEC_FAR * pAuthData, // Package specific data
SEC_GET_KEY_FN pGetKeyFn, // Pointer to GetKey() func
void SEC_FAR * pvGetKeyArgument, // Value to pass to GetKey()
PCredHandle phCredential, // (out) Cred Handle
PTimeStamp ptsExpiry // (out) Lifetime (optional)
)
{
PCREDENTIAL NewCredential = NULL;
if ((fCredentialUse & (SECPKG_CRED_BOTH)) == 0)
{
return(SEC_E_UNKNOWN_CREDENTIALS);
}
NewCredential = (PCREDENTIAL) LocalAlloc(0,sizeof(CREDENTIAL));
if (NewCredential == NULL)
{
return(SEC_E_INSUFFICIENT_MEMORY);
}
NewCredential->CredentialId = GetNewId();
NewCredential->Use = fCredentialUse;
NewCredential->AuthData = (ULONG *)pAuthData;
phCredential->dwUpper = NewCredential->CredentialId;
*ptsExpiry = Forever;
AddCredential(NewCredential);
return(SEC_E_OK);
}
SECURITY_STATUS SEC_ENTRY
AcceptSecurityContext(
PCredHandle phCredential, // Cred to base context
PCtxtHandle phContext, // Existing context (OPT)
PSecBufferDesc pInput, // Input buffer
unsigned long fContextReq, // Context Requirements
unsigned long TargetDataRep, // Target Data Rep
PCtxtHandle phNewContext, // (out) New context handle
PSecBufferDesc pOutput, // (inout) Output buffers
unsigned long SEC_FAR * pfContextAttr, // (out) Context attributes
PTimeStamp ptsExpiry // (out) Life span (OPT)
)
{
PCREDENTIAL Credential = NULL;
PSEC_CONTEXT Context = NULL;
PMESSAGE Message = NULL;
PSecBuffer OutputBuffer;
PSecBuffer InputBuffer;
MESSAGE SampleMessage;
if (fContextReq & ISC_REQ_ALLOCATE_MEMORY)
{
return(SEC_E_INSUFFICIENT_MEMORY);
}
InputBuffer = LocateSecBuffer(pInput);
if (InputBuffer == NULL)
{
return(SEC_E_INVALID_TOKEN);
}
if (phContext == NULL)
{
Credential = LocateCredential(phCredential->dwUpper);
if (Credential == NULL)
{
return(SEC_E_UNKNOWN_CREDENTIALS);
}
if ((Credential->Use & SECPKG_CRED_INBOUND) == 0)
{
return(SEC_E_UNKNOWN_CREDENTIALS);
}
}
//
// If the context is NULL, create a new one.
//
if (phContext == NULL)
{
//
// Make sure the output buffer exists.
//
OutputBuffer = LocateSecBuffer(pOutput);
if (OutputBuffer == NULL)
{
return(SEC_E_INVALID_TOKEN);
}
//
// Check that the input message is what we expected.
//
Message = (PMESSAGE) InputBuffer->pvBuffer;
SampleMessage.MessageType = Negotiate;
memset(SampleMessage.Buffer, 'x', MESSAGE_SIZE);
if (memcmp(&SampleMessage,Message,MESSAGE_SIZE) != 0)
{
return(SEC_E_INVALID_TOKEN);
}
//
// Build a new context.
//
Context = (PSEC_CONTEXT) LocalAlloc(0,sizeof(SEC_CONTEXT));
if (Context == NULL)
{
return(SEC_E_INSUFFICIENT_MEMORY);
}
Context->ContextId = GetNewId();
phNewContext->dwUpper = Context->ContextId;
Context->CredentialId = phCredential->dwUpper;
Context->State = FirstAccept;
Context->Nonce = 0;
Context->ContextFlags = fContextReq;
*pfContextAttr = fContextReq;
*ptsExpiry = Forever;
//
// Build an output token.
//
Message = (PMESSAGE) OutputBuffer->pvBuffer;
Message->MessageType = Challenge;
memset(Message->Buffer,'y',MESSAGE_SIZE);
OutputBuffer->cbBuffer = sizeof(MESSAGE);
AddContext(Context);
return(SEC_I_CONTINUE_NEEDED);
} else {
//
// This is the second call. Lookup the old context.
//
Context = LocateContext(phContext->dwUpper);
if (Context == NULL)
{
return(SEC_E_INVALID_HANDLE);
}
if ((Context->State != FirstAccept) &&
(Context->State != SecondAccept))
{
return(SEC_E_INVALID_HANDLE);
}
Message = (PMESSAGE) InputBuffer->pvBuffer;
//
// Check that the input message is what we expected.
//
if (Context->State == FirstAccept)
{
SampleMessage.MessageType = ChallengeResponse;
memset(SampleMessage.Buffer, 'z', MESSAGE_SIZE);
}
else
{
SampleMessage.MessageType = ReAuthenticate;
memset(SampleMessage.Buffer, 'q', MESSAGE_SIZE);
}
if (memcmp(&SampleMessage,Message,MESSAGE_SIZE) != 0)
{
return(SEC_E_INVALID_TOKEN);
}
Context->State = SecondAccept;
return(SEC_E_OK);
}
}
static int write_request(request_rec* r, char* req_id)
{
char buff[HUGE_STRING_LEN];
long length; /* length of request body */
int len_read; /* size of reading data */
int rsize; /* actual size which need to copy */
int rpos = 0; /* current position */
apr_file_t* fd;
apr_status_t rv = 0;
char req_fn[256];
int rc = 0;
/***** For Http Header ******/
rc = GetNewId(req_id);
if (rc == EXIT_FAILURE) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : GetNewId(req_id)");
return EXIT_FAILURE;
}
WriteLog(8,req_id);
#ifdef DEBUG
ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL,
"*** mod *** : GetNewId req_id = %s", req_id);
#endif
rc = AddHttpHeader(req_id, "Content-type",
apr_table_get(r->headers_in, "Content-type"));
if (rc == EXIT_FAILURE) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : AddHttpHeader");
return EXIT_FAILURE;
}
#ifdef DEBUG
ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL,
"*** mod *** : AddHttpHeader = %s", apr_table_get(r->headers_in, "Content-type"));
#endif
AddHttpHeader(req_id, "SOAPAction", apr_table_get(r->headers_in, "SOAPAction"));
if (rc == EXIT_FAILURE) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : AddHttpHeader");
return EXIT_FAILURE;
}
#ifdef DEBUG
ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL,
"*** mod *** : AddHttpHeader = %s", apr_table_get(r->headers_in, "SOAPAction"));
#endif
/***** For Http Body ******/
/* check the receive data format, and initialize */
if(ap_setup_client_block(r, REQUEST_CHUNKED_ERROR)) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : ap_setup_client_block");
return HTTP_INTERNAL_SERVER_ERROR;
}
/* check the existance of data to receive */
if(!ap_should_client_block(r)) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : ap_should_client_block");
return HTTP_INTERNAL_SERVER_ERROR;
}
length = r->remaining;
#ifdef DEBUG
ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL,
"*** mod *** : content-len = %ld", length);
#endif
rc = CheckLimitSizeMessage(length, req_id);
if (rc == EXIT_FAILURE) { // is error, soap fault was created using req_id
while((len_read = ap_get_client_block(r, buff, sizeof(buff))) > 0) ;
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : limit over message");
return DSO_TOO_BIG;
}
rc = GetFileName(req_id, req_fn);
if (rc == EXIT_FAILURE) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : GetFileName");
return EXIT_FAILURE;
}
#ifdef DEBUG
ap_log_error(APLOG_MARK, APLOG_NOTICE, rv, NULL,
"*** mod *** : GetFilenName req_fn = %s", req_fn);
#endif
rv = apr_file_open(&fd, req_fn,
APR_WRITE | APR_CREATE | APR_TRUNCATE | APR_BINARY, APR_OS_DEFAULT, r->pool);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : apr_file_open");
return HTTP_INTERNAL_SERVER_ERROR;
}
/* copy request body to buffer, and return the size */
while((len_read = ap_get_client_block(r, buff, sizeof(buff))) > 0) {
if((rpos + len_read) > length)
rsize = length - rpos;
else
rsize = len_read;
if(apr_file_write(fd, buff, &rsize) != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : apr_file_write");
return HTTP_INTERNAL_SERVER_ERROR;
}
rpos += rsize;
}
rv = apr_file_close(fd);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, NULL,
"*** mod_err *** : apr_file_close");
return HTTP_INTERNAL_SERVER_ERROR;
}
return EXIT_SUCCESS;
}
