diff --git a/NSspi/Credentials/ClientCredential.cs b/NSspi/Credentials/ClientCredential.cs index 8c738e4..3a52e5e 100644 --- a/NSspi/Credentials/ClientCredential.cs +++ b/NSspi/Credentials/ClientCredential.cs @@ -1,6 +1,7 @@ using System; using System.Collections.Generic; using System.Linq; +using System.Runtime.CompilerServices; using System.Text; using System.Threading.Tasks; @@ -8,6 +9,73 @@ namespace NSspi.Credentials { public class ClientCredential : Credential { - public ClientCredential( SecurityPackage package ) : base( package, CredentialType.Client ) { } + public ClientCredential( SecurityPackage package ) + : base( package ) + { + Init(); + } + + private void Init( ) + { + string packageName; + CredentialUse use; + TimeStamp rawExpiry = new TimeStamp(); + + // -- Package -- + if( this.SecurityPackage == SecurityPackage.Kerberos ) + { + packageName = PackageNames.Kerberos; + } + else if( this.SecurityPackage == SecurityPackage.Negotiate ) + { + packageName = PackageNames.Negotiate; + } + else if( this.SecurityPackage == SecurityPackage.NTLM ) + { + packageName = PackageNames.Ntlm; + } + else + { + throw new ArgumentException( "Invalid value provided for the 'package' parameter." ); + } + + // -- Credential -- + // Client uses outbound credentials. + use = CredentialUse.Outbound; + + // -- Invoke -- + + SecurityStatus status = SecurityStatus.InternalError; + + this.Handle = new SafeCredentialHandle(); + + // The finally clause is the actual constrained region. The VM pre-allocates any stack space, + // performs any allocations it needs to prepare methods for execution, and postpones any + // instances of the 'uncatchable' exceptions (ThreadAbort, StackOverflow, OutOfMemory). + RuntimeHelpers.PrepareConstrainedRegions(); + try { } + finally + { + status = CredentialNativeMethods.AcquireCredentialsHandle( + null, + packageName, + use, + IntPtr.Zero, + IntPtr.Zero, + IntPtr.Zero, + IntPtr.Zero, + ref this.Handle.rawHandle, + ref rawExpiry + ); + } + + if( status != SecurityStatus.OK ) + { + throw new SSPIException( "Failed to call AcquireCredentialHandle", status ); + } + + this.Expiry = rawExpiry.ToDateTime(); + } + } } diff --git a/NSspi/Credentials/Credential.cs b/NSspi/Credentials/Credential.cs index 403c06d..dee13da 100644 --- a/NSspi/Credentials/Credential.cs +++ b/NSspi/Credentials/Credential.cs @@ -22,88 +22,14 @@ namespace NSspi.Credentials private DateTime expiry; - public Credential(SecurityPackage package, CredentialType credentialType) + public Credential( SecurityPackage package ) { this.disposed = false; this.securityPackage = package; this.expiry = DateTime.MinValue; - - Init( package, credentialType ); } - - private void Init( SecurityPackage package, CredentialType credentialType ) - { - string packageName; - CredentialUse use; - TimeStamp rawExpiry = new TimeStamp(); - - // -- Package -- - if ( package == SecurityPackage.Kerberos ) - { - packageName = PackageNames.Kerberos; - } - else if ( package == SecurityPackage.Negotiate ) - { - packageName = PackageNames.Negotiate; - } - else if ( package == SecurityPackage.NTLM ) - { - packageName = PackageNames.Ntlm; - } - else - { - throw new ArgumentException( "Invalid value provided for the 'package' parameter." ); - } - - // -- Credential -- - if ( credentialType == CredentialType.Client ) - { - use = CredentialUse.Outbound; - } - else if ( credentialType == CredentialType.Server ) - { - use = CredentialUse.Inbound; - } - else - { - throw new ArgumentException( "Invalid value provided for the 'credentialType' parameter." ); - } - - // -- Invoke -- - - SecurityStatus status = SecurityStatus.InternalError; - - this.safeCredHandle = new SafeCredentialHandle(); - - // The finally clause is the actual constrained region. The VM pre-allocates any stack space, - // performs any allocations it needs to prepare methods for execution, and postpones any - // instances of the 'uncatchable' exceptions (ThreadAbort, StackOverflow, OutOfMemory). - RuntimeHelpers.PrepareConstrainedRegions(); - try { } - finally - { - status = CredentialNativeMethods.AcquireCredentialsHandle( - null, - packageName, - use, - IntPtr.Zero, - IntPtr.Zero, - IntPtr.Zero, - IntPtr.Zero, - ref this.safeCredHandle.rawHandle, - ref rawExpiry - ); - } - - if ( status != SecurityStatus.OK ) - { - throw new SSPIException( "Failed to call AcquireCredentialHandle", status ); - } - - this.expiry = rawExpiry.ToDateTime(); - } - + ~Credential() { Dispose( false ); @@ -199,6 +125,7 @@ namespace NSspi.Credentials return this.expiry; } + protected set { if( this.disposed ) diff --git a/NSspi/Credentials/ServerCredential.cs b/NSspi/Credentials/ServerCredential.cs index e909b73..b4d88b0 100644 --- a/NSspi/Credentials/ServerCredential.cs +++ b/NSspi/Credentials/ServerCredential.cs @@ -1,6 +1,7 @@ using System; using System.Collections.Generic; using System.Linq; +using System.Runtime.CompilerServices; using System.Text; using System.Threading.Tasks; @@ -8,6 +9,73 @@ namespace NSspi.Credentials { public class ServerCredential : Credential { - public ServerCredential( SecurityPackage package ) : base( package, CredentialType.Server ) { } + public ServerCredential( SecurityPackage package ) + : base( package ) + { + Init(); + } + + private void Init() + { + string packageName; + CredentialUse use; + TimeStamp rawExpiry = new TimeStamp(); + + // -- Package -- + if( this.SecurityPackage == SecurityPackage.Kerberos ) + { + packageName = PackageNames.Kerberos; + } + else if( this.SecurityPackage == SecurityPackage.Negotiate ) + { + packageName = PackageNames.Negotiate; + } + else if( this.SecurityPackage == SecurityPackage.NTLM ) + { + packageName = PackageNames.Ntlm; + } + else + { + throw new ArgumentException( "Invalid value provided for the 'package' parameter." ); + } + + // -- Credential -- + // Server uses Inbound credentials. + use = CredentialUse.Inbound; + + // -- Invoke -- + + SecurityStatus status = SecurityStatus.InternalError; + + this.Handle = new SafeCredentialHandle(); + + // The finally clause is the actual constrained region. The VM pre-allocates any stack space, + // performs any allocations it needs to prepare methods for execution, and postpones any + // instances of the 'uncatchable' exceptions (ThreadAbort, StackOverflow, OutOfMemory). + RuntimeHelpers.PrepareConstrainedRegions(); + try { } + finally + { + status = CredentialNativeMethods.AcquireCredentialsHandle( + null, + packageName, + use, + IntPtr.Zero, + IntPtr.Zero, + IntPtr.Zero, + IntPtr.Zero, + ref this.Handle.rawHandle, + ref rawExpiry + ); + } + + if( status != SecurityStatus.OK ) + { + throw new SSPIException( "Failed to call AcquireCredentialHandle", status ); + } + + this.Expiry = rawExpiry.ToDateTime(); + } + } }