21 #define NONAMELESSUNION 67 char *server_auth[] = { oid_server_auth };
78 if (
chain->TrustStatus.dwErrorStatus)
80 static const DWORD supportedErrors =
90 else if (
chain->TrustStatus.dwErrorStatus &
96 else if ((
chain->TrustStatus.dwErrorStatus &
98 (
chain->TrustStatus.dwErrorStatus &
103 else if (
chain->TrustStatus.dwErrorStatus &
109 else if (
chain->TrustStatus.dwErrorStatus & ~supportedErrors)
125 sslExtraPolicyPara.u.
cbSize =
sizeof(sslExtraPolicyPara);
128 sslExtraPolicyPara.
fdwChecks = security_flags;
129 policyPara.
cbSize =
sizeof(policyPara);
133 &chainCopy, &policyPara,
166 else ERR(
"WSAStartup failed: %d\n",
ret );
185 unsigned int addr_len;
190 conn = heap_alloc_zero(
sizeof(*conn));
191 if (!conn)
return NULL;
259 BOOL check_revocation)
264 SIZE_T read_buf_size = 2048;
280 &ctx, &out_desc, &attrs,
NULL);
292 ERR(
"send failed\n");
298 out_buf.pvBuffer =
NULL;
303 assert(in_bufs[1].cbBuffer < read_buf_size);
305 memmove(
read_buf, (
BYTE*)in_bufs[0].pvBuffer+in_bufs[0].cbBuffer-in_bufs[1].cbBuffer, in_bufs[1].cbBuffer);
306 in_bufs[0].cbBuffer = in_bufs[1].cbBuffer;
309 in_bufs[1].cbBuffer = 0;
310 in_bufs[1].pvBuffer =
NULL;
316 if(in_bufs[0].cbBuffer + 1024 > read_buf_size) {
325 in_bufs[0].pvBuffer =
read_buf = new_read_buf;
326 read_buf_size += 1024;
337 in_bufs[0].cbBuffer +=
size;
341 TRACE(
"InitializeSecurityContext ret %08x\n",
status);
345 FIXME(
"SECBUFFER_EXTRA not supported\n");
349 WARN(
"Could not get sizes\n");
358 WARN(
"cert verify failed: %u\n",
res);
362 WARN(
"Could not get cert\n");
377 WARN(
"Failed to initialize security context failed: %08x\n",
status);
386 TRACE(
"established SSL connection\n");
406 WARN(
"EncryptMessage failed\n");
411 WARN(
"send failed\n");
476 bufs[0].cbBuffer = buf_len;
484 TRACE(
"context expired\n");
488 assert(buf_len < ssl_buf_size);
557 if (!(
flags & MSG_WAITALL) || *recvd ==
len)
return TRUE;
564 WARN(
"read_ssl_chunk failed\n");
596 WARN(
"setsockopt failed (%u)\n",
err );
640 switch (
res->ai_family)
665 struct resolve_args *ra =
arg;
677 struct resolve_args ra;
767 if (!conn->
secure)
return 0;
770 WARN(
"QueryContextAttributesW failed: %08x\n",
res);
771 return res ==
SEC_E_OK ? conn_info.dwCipherStrength : 0;
#define ISC_REQ_SEQUENCE_DETECT
BOOL WINAPI CertGetCertificateChain(HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext)
namespace GUID const ADDRINFOEXW * hints
static DWORD netconn_verify_cert(PCCERT_CONTEXT cert, WCHAR *server, DWORD security_flags, BOOL check_revocation)
#define memmove(s1, s2, n)
#define SECURITY_FLAG_IGNORE_UNKNOWN_CA
static DWORD resolve_hostname(const WCHAR *name, INTERNET_PORT port, struct sockaddr_storage *sa)
static rfbScreenInfoPtr server
SOCKET WSAAPI socket(IN INT af, IN INT type, IN INT protocol)
#define CERT_TRUST_IS_NOT_TIME_VALID
#define SECBUFFER_STREAM_HEADER
#define CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT
GLenum GLuint GLenum GLsizei const GLchar * buf
SECURITY_STATUS WINAPI FreeContextBuffer(PVOID pv)
#define ERROR_WINHTTP_SECURE_CHANNEL_ERROR
#define ERROR_WINHTTP_TIMEOUT
#define SEC_I_CONTEXT_EXPIRED
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
#define INIT_ONCE_STATIC_INIT
#define SECPKG_ATTR_REMOTE_CERT_CONTEXT
INT WSAAPI WSACleanup(VOID)
BOOL netconn_secure_connect(struct netconn *conn, WCHAR *hostname, DWORD security_flags, CredHandle *cred_handle, BOOL check_revocation)
static SecHandle cred_handle
ULONG netconn_query_data_available(struct netconn *conn)
CERT_USAGE_MATCH RequestedUsage
SecPkgContext_StreamSizes ssl_sizes
BOOL WINAPI DECLSPEC_HOTPATCH SetEvent(IN HANDLE hEvent)
DWORD WINAPI GetLastError(VOID)
#define szOID_PKIX_KP_SERVER_AUTH
BOOL netconn_resolve(WCHAR *hostname, INTERNET_PORT port, struct sockaddr_storage *addr, int timeout)
INT WSAAPI connect(IN SOCKET s, IN CONST struct sockaddr *name, IN INT namelen)
VOID WINAPI CertFreeCertificateChain(PCCERT_CHAIN_CONTEXT pChainContext)
static void * heap_realloc(void *mem, size_t len)
#define CERT_E_CN_NO_MATCH
static void * heap_alloc(size_t len)
DWORD netconn_set_timeout(struct netconn *netconn, BOOL send, int value)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateEventW(IN LPSECURITY_ATTRIBUTES lpEventAttributes OPTIONAL, IN BOOL bManualReset, IN BOOL bInitialState, IN LPCWSTR lpName OPTIONAL)
unsigned read_buf(z_streamp strm, Bytef *buf, unsigned size)
BOOL WINAPI CertVerifyCertificateChainPolicy(LPCSTR szPolicyOID, PCCERT_CHAIN_CONTEXT pChainContext, PCERT_CHAIN_POLICY_PARA pPolicyPara, PCERT_CHAIN_POLICY_STATUS pPolicyStatus)
#define ERROR_WINHTTP_SECURE_INVALID_CERT
#define ISC_REQ_MANUAL_CRED_VALIDATION
#define CERT_TRUST_IS_REVOKED
BOOL WINAPI GetExitCodeThread(IN HANDLE hThread, OUT LPDWORD lpExitCode)
DWORD WINAPI WaitForSingleObject(IN HANDLE hHandle, IN DWORD dwMilliseconds)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
#define CERT_CHAIN_POLICY_SSL
INT WSAAPI GetAddrInfoW(IN PCWSTR pszNodeName, IN PCWSTR pszServiceName, IN const ADDRINFOW *ptHints, OUT PADDRINFOW *pptResult)
INT WSAAPI select(IN INT s, IN OUT LPFD_SET readfds, IN OUT LPFD_SET writefds, IN OUT LPFD_SET exceptfds, IN CONST struct timeval *timeout)
static void CALLBACK resolve_proc(TP_CALLBACK_INSTANCE *instance, void *ctx)
INT WSAAPI setsockopt(IN SOCKET s, IN INT level, IN INT optname, IN CONST CHAR FAR *optval, IN INT optlen)
static BOOL read_ssl_chunk(struct netconn *conn, void *buf, SIZE_T buf_size, SIZE_T *ret_size, BOOL *eof)
HANDLE WINAPI DECLSPEC_HOTPATCH CreateThread(IN LPSECURITY_ATTRIBUTES lpThreadAttributes, IN DWORD dwStackSize, IN LPTHREAD_START_ROUTINE lpStartAddress, IN LPVOID lpParameter, IN DWORD dwCreationFlags, OUT LPDWORD lpThreadId)
INT WINAPI WSAStartup(IN WORD wVersionRequested, OUT LPWSADATA lpWSAData)
void netconn_unload(void)
#define ERROR_WINHTTP_SECURE_CERT_CN_INVALID
#define CERT_TRUST_REVOCATION_STATUS_UNKNOWN
static BOOL winsock_loaded
#define SEC_I_CONTINUE_NEEDED
CERT_TRUST_STATUS TrustStatus
BOOL netconn_send(struct netconn *conn, const void *msg, size_t len, int *sent)
const void * netconn_get_certificate(struct netconn *conn)
#define ERROR_WINHTTP_SECURE_CERT_REVOKED
BOOL NTAPI InitOnceExecuteOnce(INIT_ONCE *once, PINIT_ONCE_FN func, void *param, void **context)
GLboolean GLboolean GLboolean b
INT WSAAPI WSAGetLastError(VOID)
SECURITY_STATUS WINAPI InitializeSecurityContextW(PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR *pszTargetName, ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry)
INT WSAAPI send(IN SOCKET s, IN CONST CHAR FAR *buf, IN INT len, IN INT flags)
static UINT set(struct ID3DXConstantTableImpl *table, IDirect3DDevice9 *device, struct ctab_constant *constant, const void **indata, D3DXPARAMETER_TYPE intype, UINT *size, UINT incol, D3DXPARAMETER_CLASS inclass, UINT index, BOOL is_pointer)
#define SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
BOOL netconn_recv(struct netconn *conn, void *buf, size_t len, int flags, int *recvd)
struct sockaddr_storage * addr
static BOOL send_ssl_chunk(struct netconn *conn, const void *msg, size_t size)
#define ISC_REQ_USE_SESSION_KEY
struct _TP_CALLBACK_INSTANCE TP_CALLBACK_INSTANCE
#define SECPKG_ATTR_STREAM_SIZES
#define SECBUFFER_STREAM_TRAILER
GLenum const GLvoid * addr
#define ISC_REQ_ALLOCATE_MEMORY
#define SECPKG_ATTR_CONNECTION_INFO
#define memcpy(s1, s2, n)
void release_host(struct hostdata *host)
void netconn_close(struct netconn *conn)
struct sockaddr_storage sockaddr
SECURITY_STATUS WINAPI QueryContextAttributesW(PCtxtHandle phContext, ULONG ulAttribute, void *pBuffer)
_Check_return_ _CRTIMP int __cdecl __cdecl eof(_In_ int _FileHandle)
#define SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
static void winsock_init(void)
#define CERT_TRUST_IS_NOT_VALID_FOR_USAGE
static int sock_send(int fd, const void *msg, size_t len, int flags)
#define SECBUFFER_VERSION
#define ERROR_WINHTTP_SECURE_CERT_WRONG_USAGE
static HINSTANCE instance
struct netconn * netconn_create(struct hostdata *host, const struct sockaddr_storage *sockaddr, int timeout)
SECURITY_STATUS WINAPI DecryptMessage(PCtxtHandle phContext, PSecBufferDesc pMessage, ULONG MessageSeqNo, PULONG pfQOP)
#define CERT_TRUST_IS_UNTRUSTED_ROOT
WINSOCK_API_LINKAGE VOID WSAAPI FreeAddrInfoW(_In_opt_ PADDRINFOW pAddrInfo)
WINE_DEFAULT_DEBUG_CHANNEL(winhttp)
LPSTR * rgpszUsageIdentifier
#define ERROR_WINHTTP_SECURE_INVALID_CA
static BOOL WINAPI winsock_startup(INIT_ONCE *once, void *param, void **ctx)
int netconn_get_cipher_strength(struct netconn *conn)
#define ERROR_WINHTTP_SECURE_CERT_REV_FAILED
#define ISC_REQ_CONFIDENTIALITY
#define CERT_TRUST_IS_OFFLINE_REVOCATION
#define ISC_REQ_REPLAY_DETECT
static int sock_recv(int fd, void *msg, size_t len, int flags)
static SERVICE_STATUS status
#define ERROR_WINHTTP_NAME_NOT_RESOLVED
INT WSAAPI recv(IN SOCKET s, OUT CHAR FAR *buf, IN INT len, IN INT flags)
BOOL netconn_is_alive(struct netconn *netconn)
static struct sockaddr_in sa
#define SEC_E_INCOMPLETE_MESSAGE
SECURITY_STATUS WINAPI EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo)
#define ERROR_WINHTTP_SECURE_CERT_DATE_INVALID
SECURITY_STATUS WINAPI DeleteSecurityContext(PCtxtHandle phContext)
static BOOL heap_free(void *mem)
static void set_blocking(struct netconn *conn, BOOL blocking)