2 #define NONAMELESSUNION 28 #define NONAMELESSUNION 56 char *server_auth[] = { oid_server_auth };
59 static const DWORD supportedErrors =
75 errors =
chain->TrustStatus.dwErrorStatus;
80 WARN(
"ERROR_INTERNET_SEC_CERT_REV_FAILED\n");
88 if (
chain->TrustStatus.dwErrorStatus & ~supportedErrors) {
89 WARN(
"error status %x\n",
chain->TrustStatus.dwErrorStatus & ~supportedErrors);
91 errors &= supportedErrors;
94 WARN(
"unknown error flags\n");
98 WARN(
"CERT_TRUST_IS_NOT_TIME_VALID\n");
109 WARN(
"CERT_TRUST_IS_UNTRUSTED_ROOT\n");
120 WARN(
"CERT_TRUST_IS_PARTIAL_CHAIN\n");
131 WARN(
"CERT_TRUST_IS_NOT_SIGNATURE_VALID\n");
142 WARN(
"CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
147 WARN(
"CERT_TRUST_IS_NOT_VALID_FOR_USAGE, unknown error flags\n");
170 sslExtraPolicyPara.u.
cbSize =
sizeof(sslExtraPolicyPara);
174 policyPara.
cbSize =
sizeof(policyPara);
178 &chainCopy, &policyPara, &policyStatus);
184 WARN(
"CERT_E_CN_NO_MATCH\n");
188 }
else if(policyStatus.
dwError) {
189 WARN(
"policyStatus.dwError %x\n", policyStatus.
dwError);
191 WARN(
"unknown error flags for policy status %x\n", policyStatus.
dwError);
227 0, 0, { (
DWORD_PTR)(__FILE__
": init_sechandle_cs") }
277 ERR(
"WSAStartup failed: %u\n",
res);
342 WARN(
"setsockopt(TCP_NODELAY) failed\n");
357 netconn->security_flags = security_flags |
server->security_flags;
358 netconn->mask_errors = mask_errors;
446 SIZE_T read_buf_size = 2048;
472 &
ctx, &out_desc, &attrs,
NULL);
486 ERR(
"send failed\n");
492 out_buf.pvBuffer =
NULL;
497 assert(in_bufs[1].cbBuffer < read_buf_size);
499 memmove(
read_buf, (
BYTE*)in_bufs[0].pvBuffer+in_bufs[0].cbBuffer-in_bufs[1].cbBuffer, in_bufs[1].cbBuffer);
500 in_bufs[0].cbBuffer = in_bufs[1].cbBuffer;
503 in_bufs[1].cbBuffer = 0;
504 in_bufs[1].pvBuffer =
NULL;
510 if(in_bufs[0].cbBuffer + 1024 > read_buf_size) {
519 in_bufs[0].pvBuffer =
read_buf = new_read_buf;
520 read_buf_size += 1024;
525 WARN(
"recv error\n");
532 in_bufs[0].cbBuffer +=
size;
536 TRACE(
"InitializeSecurityContext ret %08x\n",
status);
544 FIXME(
"SECBUFFER_EXTRA not supported\n");
548 WARN(
"Could not get sizes\n");
557 WARN(
"cert verify failed: %u\n",
res);
561 WARN(
"Could not get cert\n");
577 WARN(
"Failed to establish SSL connection: %08x (%u)\n",
status,
res);
583 TRACE(
"established SSL connection\n");
610 ERR(
"already connected\n");
652 WARN(
"EncryptMessage failed\n");
657 WARN(
"send failed\n");
725 TRACE(
"would block\n");
728 WARN(
"recv failed\n");
747 bufs[0].cbBuffer = buf_len;
755 TRACE(
"context expired\n");
759 assert(buf_len < ssl_buf_size);
765 TRACE(
"would block\n");
864 WARN(
"read_ssl_chunk failed\n");
906 WARN(
"QueryContextAttributesW failed: %08x\n",
res);
907 return res ==
SEC_E_OK ? conn_info.dwCipherStrength : 0;
919 WARN(
"setsockopt failed\n");
#define ISC_REQ_SEQUENCE_DETECT
BOOL WINAPI CertGetCertificateChain(HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext)
#define ERROR_INTERNET_SEC_CERT_CN_INVALID
#define SECPKG_ATTR_SUPPORTED_PROTOCOLS
#define ERROR_INTERNET_CONNECTION_ABORTED
#define SECURITY_FLAG_STRENGTH_MEDIUM
#define memmove(s1, s2, n)
static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTORE store)
#define SECURITY_FLAG_IGNORE_UNKNOWN_CA
#define SECURITY_FLAG_STRENGTH_STRONG
#define SECPKG_CRED_OUTBOUND
void close_netconn(netconn_t *netconn)
static rfbScreenInfoPtr server
SOCKET WSAAPI socket(IN INT af, IN INT type, IN INT protocol)
#define CERT_TRUST_IS_NOT_TIME_VALID
static BOOL read_ssl_chunk(netconn_t *conn, void *buf, SIZE_T buf_size, BOOL blocking, SIZE_T *ret_size, BOOL *eof)
LPCVOID NETCON_GetCert(netconn_t *connection)
#define SECBUFFER_STREAM_HEADER
SECURITY_STATUS WINAPI AcquireCredentialsHandleW(SEC_WCHAR *pszPrincipal, SEC_WCHAR *pszPackage, ULONG fCredentialsUse, PLUID pvLogonID, PVOID pAuthData, SEC_GET_KEY_FN pGetKeyFn, PVOID pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry)
static BOOL WINAPI winsock_startup(INIT_ONCE *once, void *param, void **context)
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
#define ERROR_INTERNET_SEC_CERT_REV_FAILED
#define SEC_I_CONTEXT_EXPIRED
#define SecIsValidHandle(x)
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
int sock_recv(int fd, void *msg, size_t len, int flags)
#define INIT_ONCE_STATIC_INIT
#define SECPKG_ATTR_REMOTE_CERT_CONTEXT
INT WSAAPI WSACleanup(VOID)
DWORD NETCON_send(netconn_t *connection, const void *msg, size_t len, int flags, int *sent)
const CERT_CHAIN_CONTEXT * cert_chain
static SecHandle cred_handle
CERT_USAGE_MATCH RequestedUsage
#define ERROR_NOT_ENOUGH_MEMORY
DWORD WINAPI GetLastError(VOID)
SECURITY_STATUS WINAPI FreeCredentialsHandle(PCredHandle phCredential)
#define szOID_PKIX_KP_SERVER_AUTH
void WINAPI EnterCriticalSection(LPCRITICAL_SECTION)
static BOOL winsock_loaded
void server_release(server_t *server)
INT WSAAPI connect(IN SOCKET s, IN CONST struct sockaddr *name, IN INT namelen)
GLenum GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * bits
VOID WINAPI CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT pChainContext)
static void * heap_realloc(void *mem, size_t len)
#define CERT_E_CN_NO_MATCH
static void * heap_alloc(size_t len)
unsigned read_buf(z_streamp strm, Bytef *buf, unsigned size)
#define ERROR_INTERNET_CANNOT_CONNECT
BOOL WINAPI CertVerifyCertificateChainPolicy(LPCSTR szPolicyOID, PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara, PCERT_CHAIN_POLICY_STATUS pPolicyStatus)
#define ISC_REQ_MANUAL_CRED_VALIDATION
#define SECURITY_FLAG_IGNORE_REVOCATION
#define SecInvalidateHandle(x)
GLenum GLuint GLenum GLsizei const GLchar * buf
static BOOL cred_handle_initialized
#define CERT_CHAIN_POLICY_SSL
SECURITY_STATUS WINAPI QueryCredentialsAttributesA(PCredHandle phCredential, ULONG ulAttribute, void *pBuffer)
INT WSAAPI select(IN INT s, IN OUT LPFD_SET readfds, IN OUT LPFD_SET writefds, IN OUT LPFD_SET exceptfds, IN CONST struct timeval *timeout)
INT WSAAPI setsockopt(IN SOCKET s, IN INT level, IN INT optname, IN CONST CHAR FAR *optval, IN INT optlen)
#define SCHANNEL_CRED_VERSION
DWORD NETCON_secure_connect(netconn_t *connection, server_t *server)
INT WINAPI WSAStartup(IN WORD wVersionRequested, OUT LPWSADATA lpWSAData)
BOOL is_valid_netconn(netconn_t *netconn)
#define ERROR_INTERNET_SEC_CERT_ERRORS
DWORD grbitEnabledProtocols
int sock_send(int fd, const void *msg, size_t len, int flags)
#define SEC_I_CONTINUE_NEEDED
static CRITICAL_SECTION init_sechandle_cs
static UINT set(struct ID3DXConstantTableImpl *table, IDirect3DDevice9 *device, struct ctab_constant *constant, const void **indata, D3DXPARAMETER_TYPE intype, UINT *size, UINT incol, D3DXPARAMETER_CLASS inclass, UINT index, BOOL is_pointer)
CERT_TRUST_STATUS TrustStatus
#define _SECURITY_ERROR_FLAGS_MASK
static DWORD netcon_secure_connect_setup(netconn_t *connection, BOOL compat_mode)
static SecHandle compat_cred_handle
BOOL NTAPI InitOnceExecuteOnce(INIT_ONCE *once, PINIT_ONCE_FN func, void *param, void **context)
GLboolean GLboolean GLboolean b
INT WSAAPI WSAGetLastError(VOID)
SECURITY_STATUS WINAPI InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
static BOOL ensure_cred_handle(void)
void WINAPI DeleteCriticalSection(PCRITICAL_SECTION)
DWORD NETCON_recv(netconn_t *connection, void *buf, size_t len, BOOL blocking, int *recvd)
INT WSAAPI send(IN SOCKET s, IN CONST CHAR FAR *buf, IN INT len, IN INT flags)
#define _SECURITY_FLAG_CERT_INVALID_CN
#define CERT_TRUST_IS_NOT_SIGNATURE_VALID
#define ISC_REQ_USE_SESSION_KEY
#define SECPKG_ATTR_STREAM_SIZES
#define SECBUFFER_STREAM_TRAILER
#define ISC_REQ_ALLOCATE_MEMORY
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean flag
static CRITICAL_SECTION_DEBUG init_sechandle_cs_debug
#define SECPKG_ATTR_CONNECTION_INFO
#define memcpy(s1, s2, n)
void server_addref(server_t *server)
WINE_DEFAULT_DEBUG_CHANNEL(wininet)
LIST_ENTRY ProcessLocksList
SECURITY_STATUS WINAPI QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
static BOOL send_ssl_chunk(netconn_t *conn, const void *msg, size_t size)
_Check_return_ _CRTIMP int __cdecl __cdecl eof(_In_ int _FileHandle)
INT WSAAPI getsockopt(IN SOCKET s, IN INT level, IN INT optname, OUT CHAR FAR *optval, IN OUT INT FAR *optlen)
#define SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
#define ERROR_INTERNET_SEC_CERT_DATE_INVALID
#define ERROR_INTERNET_INVALID_CA
#define CERT_TRUST_IS_NOT_VALID_FOR_USAGE
#define SP_PROT_TLS1_1PLUS_CLIENT
#define ERROR_INTERNET_SEC_INVALID_CERT
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
#define SECBUFFER_VERSION
#define ERROR_INTERNET_SECURITY_CHANNEL_ERROR
#define SECURITY_FLAG_IGNORE_WRONG_USAGE
#define _SECURITY_FLAG_CERT_INVALID_DATE
SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
DWORD NETCON_set_timeout(netconn_t *connection, BOOL send, DWORD value)
int NETCON_GetCipherStrength(netconn_t *connection)
static void set_socket_blocking(netconn_t *conn, BOOL is_blocking)
#define CERT_TRUST_IS_UNTRUSTED_ROOT
LPSTR * rgpszUsageIdentifier
__WINE_SERVER_LIST_INLINE void list_init(struct list *list)
#define _SECURITY_FLAG_CERT_INVALID_CA
#define ISC_REQ_CONFIDENTIALITY
#define SECURITY_FLAG_SECURE
#define ISC_REQ_REPLAY_DETECT
static DWORD create_netconn_socket(server_t *server, netconn_t *netconn, DWORD timeout)
void WINAPI LeaveCriticalSection(LPCRITICAL_SECTION)
BOOL NETCON_is_alive(netconn_t *netconn)
static SERVICE_STATUS status
INT WSAAPI recv(IN SOCKET s, OUT CHAR FAR *buf, IN INT len, IN INT flags)
DWORD create_netconn(server_t *server, DWORD security_flags, BOOL mask_errors, DWORD timeout, netconn_t **ret)
void free_netconn(netconn_t *netconn)
SecPkgContext_StreamSizes ssl_sizes
#define SEC_E_INCOMPLETE_MESSAGE
#define SECURITY_FLAG_STRENGTH_WEAK
SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
#define CERT_TRUST_IS_PARTIAL_CHAIN
static BOOL have_compat_cred_handle
static BOOL heap_free(void *mem)
#define _SECURITY_FLAG_CERT_REV_FAILED