You've already forked linux-packaging-mono
							
							
		
			
	
	
		
			1500 lines
		
	
	
		
			60 KiB
		
	
	
	
		
			C#
		
	
	
	
	
	
		
		
			
		
	
	
			1500 lines
		
	
	
		
			60 KiB
		
	
	
	
		
			C#
		
	
	
	
	
	
|   | //----------------------------------------------------------------------------- | ||
|  | // Copyright (c) Microsoft Corporation.  All rights reserved. | ||
|  | //----------------------------------------------------------------------------- | ||
|  | 
 | ||
|  | /*++ | ||
|  | Abstract: | ||
|  |         The file contains SafeHandles implementations for SSPI. | ||
|  |         These handle wrappers do guarantee that OS resources get cleaned up when the app domain dies. | ||
|  | 
 | ||
|  |         All PInvoke declarations that do freeing  the  OS resources  _must_ be in this file | ||
|  |         All PInvoke declarations that do allocation the OS resources _must_ be in this file | ||
|  | 
 | ||
|  | 
 | ||
|  | Details: | ||
|  | 
 | ||
|  |         The protection from leaking OF the OS resources is based on two technologies | ||
|  |         1) SafeHandle class | ||
|  |         2) Non interuptible regions using Constrained Execution Region (CER) technology | ||
|  | 
 | ||
|  |         For simple cases SafeHandle class does all the job. The Prerequisites are: | ||
|  |         - A resource is able to be represented by IntPtr type (32 bits on 32 bits platforms). | ||
|  |         - There is a PInvoke availble that does the creation of the resource. | ||
|  |           That PInvoke either returns the handle value or it writes the handle into out/ref parameter. | ||
|  |         - The above PInvoke as part of the call does NOT free any OS resource. | ||
|  | 
 | ||
|  |         For those "simple" cases we desinged SafeHandle-derived classes that provide | ||
|  |         static methods to allocate a handle object. | ||
|  |         Each such derived class provides a handle release method that is run as non-interrupted. | ||
|  | 
 | ||
|  |         For more complicated cases we employ the support for non-interruptible methods (CERs). | ||
|  |         Each CER is a tree of code rooted at a catch or finally clause for a specially marked exception | ||
|  |         handler (preceded by the RuntimeHelpers.PrepareConstrainedRegions() marker) or the Dispose or | ||
|  |         ReleaseHandle method of a SafeHandle derived class. The graph is automatically computed by the | ||
|  |         runtime (typically at the jit time of the root method), but cannot follow virtual or interface | ||
|  |         calls (these must be explicitly prepared via RuntimeHelpers.PrepareMethod once the definite target | ||
|  |         method is known). Also, methods in the graph that must be included in the CER must be marked with | ||
|  |         a reliability contract stating guarantees about the consistency of the system if an error occurs | ||
|  |         while they are executing. Look for ReliabilityContract for examples (a full explanation of the | ||
|  |         semantics of this contract is beyond the scope of this comment). | ||
|  | 
 | ||
|  |         An example of the top-level of a CER: | ||
|  | 
 | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try | ||
|  |             { | ||
|  |                 // Normal code | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 // Guaranteed to get here even in low memory scenarios. Thread abort will not interrupt | ||
|  |                 // this clause and we won't fail because of a jit allocation of any method called (modulo | ||
|  |                 // restrictions on interface/virtual calls listed above and further restrictions listed | ||
|  |                 // below). | ||
|  |             } | ||
|  | 
 | ||
|  |         Another common pattern is an empty-try (where you really just want a region of code the runtime | ||
|  |         won't interrupt you in): | ||
|  | 
 | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try {} finally | ||
|  |             { | ||
|  |                 // Non-interruptible code here | ||
|  |             } | ||
|  | 
 | ||
|  |         This ugly syntax will be supplanted with compiler support at some point. | ||
|  | 
 | ||
|  |         While within a CER region certain restrictions apply in order to avoid having the runtime inject | ||
|  |         a potential fault point into your code (and of course you're are responsible for ensuring your | ||
|  |         code doesn't inject any explicit fault points of its own unless you know how to tolerate them). | ||
|  | 
 | ||
|  |         A quick and dirty guide to the possible causes of fault points in CER regions: | ||
|  |         - Explicit allocations (though allocating a value type only implies allocation on the stack, | ||
|  |           which may not present an issue). | ||
|  |         - Boxing a value type (C# does this implicitly for you in many cases, so be careful). | ||
|  |         - Use of Monitor.Enter or the lock keyword. | ||
|  |         - Accessing a multi-dimensional array. | ||
|  |         - Calling any method outside your control that doesn't make a guarantee (e.g. via a | ||
|  |           ReliabilityAttribute) that it doesn't introduce failure points. | ||
|  |         - Making P/Invoke calls with non-blittable parameters types. Blittable types are: | ||
|  |             - SafeHandle when used as an [in] parameter | ||
|  |             - NON BOXED base types that fit onto a machine word | ||
|  |             - ref struct with blittable fields | ||
|  |             - class type with blittable fields | ||
|  |             - pinned Unicode strings using "fixed" statement
 | ||
|  |             - pointers of any kind | ||
|  |             - IntPtr type | ||
|  |         - P/Invokes should not have any CharSet attribute on it's declaration. | ||
|  |           Obvioulsy string types should not appear in the parameters. | ||
|  |         - String type MUST not appear in a field of a marshaled ref struct or class in a P?Invoke | ||
|  | 
 | ||
|  | 
 | ||
|  | (taken from the NCL classes) | ||
|  | --*/ | ||
|  | namespace System.IdentityModel | ||
|  | { | ||
|  |     using System.Security; | ||
|  |     using System.Runtime.InteropServices; | ||
|  |     using System.Runtime.CompilerServices; | ||
|  |     using System.Runtime.Versioning; | ||
|  |     using System.Threading; | ||
|  |     using System.Security.Permissions; | ||
|  |     using System.ComponentModel; | ||
|  |     using System.Text; | ||
|  |     using System.ServiceModel.Diagnostics; | ||
|  |     using Microsoft.Win32.SafeHandles; | ||
|  |     using System.Runtime.ConstrainedExecution; | ||
|  | 
 | ||
|  | 
 | ||
|  |     [StructLayout(LayoutKind.Sequential, Pack = 1)] | ||
|  |     struct SSPIHandle | ||
|  |     { | ||
|  |         IntPtr HandleHi; | ||
|  |         IntPtr HandleLo; | ||
|  | 
 | ||
|  |         public bool IsZero | ||
|  |         { | ||
|  |             get { return HandleHi == IntPtr.Zero && HandleLo == IntPtr.Zero; } | ||
|  |         } | ||
|  | 
 | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         internal void SetToInvalid() | ||
|  |         { | ||
|  |             HandleHi = IntPtr.Zero; | ||
|  |             HandleLo = IntPtr.Zero; | ||
|  |         } | ||
|  | 
 | ||
|  |         //public static string ToString(ref SSPIHandle obj)  | ||
|  |         //{ | ||
|  |         //    return obj.HandleHi.ToString("x") + ":" + obj.HandleLo.ToString("x"); | ||
|  |         //} | ||
|  |     } | ||
|  | 
 | ||
|  |     class SafeDeleteContext : SafeHandle | ||
|  |     { | ||
|  |         const string SECURITY = "security.Dll"; | ||
|  | 
 | ||
|  |         const string dummyStr = " "; | ||
|  |         static readonly byte[] dummyBytes = new byte[] { 0 }; | ||
|  | 
 | ||
|  |         internal SSPIHandle _handle; //should be always used as by ref in PINvokes parameters | ||
|  |         SafeFreeCredentials _EffectiveCredential; | ||
|  | 
 | ||
|  |         protected SafeDeleteContext() | ||
|  |             : base(IntPtr.Zero, true) | ||
|  |         { | ||
|  |             _handle = new SSPIHandle(); | ||
|  |         } | ||
|  | 
 | ||
|  |         public override bool IsInvalid | ||
|  |         { | ||
|  |             get | ||
|  |             { | ||
|  |                 return IsClosed || _handle.IsZero; | ||
|  |             } | ||
|  |         } | ||
|  | 
 | ||
|  |         //This method should never be called for this type | ||
|  |         //public new IntPtr DangerousGetHandle() | ||
|  |         //{ | ||
|  |         //    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException()); | ||
|  |         //} | ||
|  | 
 | ||
|  |         //public static string ToString(SafeDeleteContext obj)  | ||
|  |         //{ | ||
|  |         //    {   return obj == null ? "null" : SSPIHandle.ToString(ref obj._handle); } | ||
|  |         //} | ||
|  | 
 | ||
|  |         //------------------------------------------------------------------- | ||
|  |         internal static unsafe int InitializeSecurityContext( | ||
|  |             SafeFreeCredentials inCredentials, | ||
|  |             ref SafeDeleteContext refContext, | ||
|  |             string targetName, | ||
|  |             SspiContextFlags inFlags, | ||
|  |             Endianness endianness, | ||
|  |             SecurityBuffer inSecBuffer, | ||
|  |             SecurityBuffer[] inSecBuffers, | ||
|  |             SecurityBuffer outSecBuffer, | ||
|  |             ref SspiContextFlags outFlags) | ||
|  |         { | ||
|  |             if (inCredentials == null) | ||
|  |             { | ||
|  |                 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("inCredentials"); | ||
|  |             } | ||
|  | 
 | ||
|  |             SecurityBufferDescriptor inSecurityBufferDescriptor = null; | ||
|  |             if (inSecBuffer != null) | ||
|  |             { | ||
|  |                 inSecurityBufferDescriptor = new SecurityBufferDescriptor(1); | ||
|  |             } | ||
|  |             else if (inSecBuffers != null) | ||
|  |             { | ||
|  |                 inSecurityBufferDescriptor = new SecurityBufferDescriptor(inSecBuffers.Length); | ||
|  |             } | ||
|  |             SecurityBufferDescriptor outSecurityBufferDescriptor = new SecurityBufferDescriptor(1); | ||
|  | 
 | ||
|  |             // actually this is returned in outFlags | ||
|  |             bool isSspiAllocated = (inFlags & SspiContextFlags.AllocateMemory) != 0 ? true : false; | ||
|  | 
 | ||
|  |             int errorCode = -1; | ||
|  |             SSPIHandle contextHandle = new SSPIHandle(); | ||
|  |             if (refContext != null) | ||
|  |             { | ||
|  |                 contextHandle = refContext._handle; | ||
|  |             } | ||
|  | 
 | ||
|  |             // these are pinned user byte arrays passed along with SecurityBuffers | ||
|  |             GCHandle[] pinnedInBytes = null; | ||
|  |             GCHandle pinnedOutBytes = new GCHandle(); | ||
|  | 
 | ||
|  |             // optional output buffer that may need to be freed | ||
|  |             SafeFreeContextBuffer outFreeContextBuffer = null; | ||
|  | 
 | ||
|  |             try | ||
|  |             { | ||
|  |                 pinnedOutBytes = GCHandle.Alloc(outSecBuffer.token, GCHandleType.Pinned); | ||
|  | 
 | ||
|  |                 SecurityBufferStruct[] inUnmanagedBuffer = new SecurityBufferStruct[inSecurityBufferDescriptor == null ? 1 : inSecurityBufferDescriptor.Count]; | ||
|  |                 fixed (void* inUnmanagedBufferPtr = inUnmanagedBuffer) | ||
|  |                 { | ||
|  |                     if (inSecurityBufferDescriptor != null) | ||
|  |                     { | ||
|  |                         // Fix Descriptor pointer that points to unmanaged SecurityBuffers | ||
|  |                         inSecurityBufferDescriptor.UnmanagedPointer = inUnmanagedBufferPtr; | ||
|  |                         pinnedInBytes = new GCHandle[inSecurityBufferDescriptor.Count]; | ||
|  |                         SecurityBuffer securityBuffer; | ||
|  |                         for (int index = 0; index < inSecurityBufferDescriptor.Count; ++index) | ||
|  |                         { | ||
|  |                             securityBuffer = inSecBuffer != null ? inSecBuffer : inSecBuffers[index]; | ||
|  |                             if (securityBuffer != null) | ||
|  |                             { | ||
|  |                                 // Copy the SecurityBuffer content into unmanaged place holder | ||
|  |                                 inUnmanagedBuffer[index].count = securityBuffer.size; | ||
|  |                                 inUnmanagedBuffer[index].type = securityBuffer.type; | ||
|  |                                 // use the unmanaged token if it's not null; otherwise use the managed buffer | ||
|  |                                 if (securityBuffer.unmanagedToken != null) | ||
|  |                                 { | ||
|  |                                     inUnmanagedBuffer[index].token = securityBuffer.unmanagedToken.DangerousGetHandle(); | ||
|  |                                 } | ||
|  |                                 else if (securityBuffer.token == null || securityBuffer.token.Length == 0) | ||
|  |                                 { | ||
|  |                                     inUnmanagedBuffer[index].token = IntPtr.Zero; | ||
|  |                                 } | ||
|  |                                 else | ||
|  |                                 { | ||
|  |                                     pinnedInBytes[index] = GCHandle.Alloc(securityBuffer.token, GCHandleType.Pinned); | ||
|  |                                     inUnmanagedBuffer[index].token = Marshal.UnsafeAddrOfPinnedArrayElement(securityBuffer.token, securityBuffer.offset); | ||
|  |                                 } | ||
|  |                             } | ||
|  |                         } | ||
|  |                     } | ||
|  |                     SecurityBufferStruct[] outUnmanagedBuffer = new SecurityBufferStruct[1]; | ||
|  |                     fixed (void* outUnmanagedBufferPtr = outUnmanagedBuffer) | ||
|  |                     { | ||
|  |                         // Fix Descriptor pointer that points to unmanaged SecurityBuffers | ||
|  |                         outSecurityBufferDescriptor.UnmanagedPointer = outUnmanagedBufferPtr; | ||
|  |                         outUnmanagedBuffer[0].count = outSecBuffer.size; | ||
|  |                         outUnmanagedBuffer[0].type = outSecBuffer.type; | ||
|  |                         if (outSecBuffer.token == null || outSecBuffer.token.Length == 0) | ||
|  |                         { | ||
|  |                             outUnmanagedBuffer[0].token = IntPtr.Zero; | ||
|  |                         } | ||
|  |                         else | ||
|  |                         { | ||
|  |                             outUnmanagedBuffer[0].token = Marshal.UnsafeAddrOfPinnedArrayElement(outSecBuffer.token, outSecBuffer.offset); | ||
|  |                         } | ||
|  |                         if (isSspiAllocated) | ||
|  |                         { | ||
|  |                             outFreeContextBuffer = SafeFreeContextBuffer.CreateEmptyHandle(); | ||
|  |                         } | ||
|  |                         if (refContext == null || refContext.IsInvalid) | ||
|  |                         { | ||
|  |                             refContext = new SafeDeleteContext(); | ||
|  |                         } | ||
|  |                         if (targetName == null || targetName.Length == 0) | ||
|  |                         { | ||
|  |                             targetName = dummyStr; | ||
|  |                         } | ||
|  |                         fixed (char* namePtr = targetName) | ||
|  |                         { | ||
|  |                             errorCode = MustRunInitializeSecurityContext( | ||
|  |                                 inCredentials, | ||
|  |                                 contextHandle.IsZero ? null : &contextHandle, | ||
|  |                                 (byte*)(((object)targetName == (object)dummyStr) ? null : namePtr), | ||
|  |                                 inFlags, | ||
|  |                                 endianness, | ||
|  |                                 inSecurityBufferDescriptor, | ||
|  |                                 refContext, | ||
|  |                                 outSecurityBufferDescriptor, | ||
|  |                                 ref outFlags, | ||
|  |                                 outFreeContextBuffer | ||
|  |                                 ); | ||
|  |                         } | ||
|  | 
 | ||
|  |                         // Get unmanaged buffer with index 0 as the only one passed into PInvoke | ||
|  |                         outSecBuffer.size = outUnmanagedBuffer[0].count; | ||
|  |                         outSecBuffer.type = outUnmanagedBuffer[0].type; | ||
|  |                         if (outSecBuffer.size > 0) | ||
|  |                         { | ||
|  |                             outSecBuffer.token = DiagnosticUtility.Utility.AllocateByteArray(outSecBuffer.size); | ||
|  |                             Marshal.Copy(outUnmanagedBuffer[0].token, outSecBuffer.token, 0, outSecBuffer.size); | ||
|  |                         } | ||
|  |                         else | ||
|  |                         { | ||
|  |                             outSecBuffer.token = null; | ||
|  |                         } | ||
|  |                     } | ||
|  |                 } | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 if (pinnedInBytes != null) | ||
|  |                 { | ||
|  |                     for (int index = 0; index < pinnedInBytes.Length; index++) | ||
|  |                     { | ||
|  |                         if (pinnedInBytes[index].IsAllocated) | ||
|  |                         { | ||
|  |                             pinnedInBytes[index].Free(); | ||
|  |                         } | ||
|  |                     } | ||
|  |                 } | ||
|  |                 if (pinnedOutBytes.IsAllocated) | ||
|  |                 { | ||
|  |                     pinnedOutBytes.Free(); | ||
|  |                 } | ||
|  |                 if (outFreeContextBuffer != null) | ||
|  |                 { | ||
|  |                     outFreeContextBuffer.Close(); | ||
|  |                 } | ||
|  |             } | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         // | ||
|  |         // After PINvoke call the method will fix the handleTemplate.handle with the returned value. | ||
|  |         // The caller is responsible for creating a correct SafeFreeContextBuffer or null can be passed if no handle is returned. | ||
|  |         // | ||
|  |         // Since it has a CER, this method can't have any references to imports from DLLs that may not exist on the system. | ||
|  |         // | ||
|  |         static unsafe int MustRunInitializeSecurityContext( | ||
|  |             SafeFreeCredentials inCredentials, | ||
|  |             void* inContextPtr, | ||
|  |             byte* targetName, | ||
|  |             SspiContextFlags inFlags, | ||
|  |             Endianness endianness, | ||
|  |             SecurityBufferDescriptor inputBuffer, | ||
|  |             SafeDeleteContext outContext, | ||
|  |             SecurityBufferDescriptor outputBuffer, | ||
|  |             ref SspiContextFlags attributes, | ||
|  |             SafeFreeContextBuffer handleTemplate) | ||
|  |         { | ||
|  |             int errorCode = -1; | ||
|  |             bool b1 = false; | ||
|  |             bool b2 = false; | ||
|  | 
 | ||
|  |             // Run the body of this method as a non-interruptible block. | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try | ||
|  |             { | ||
|  |                 inCredentials.DangerousAddRef(ref b1); | ||
|  |                 outContext.DangerousAddRef(ref b2); | ||
|  |             } | ||
|  |             catch (Exception e) | ||
|  |             { | ||
|  |                 if (System.Runtime.Fx.IsFatal(e)) | ||
|  |                     throw; | ||
|  |                  | ||
|  |                 if (b1) | ||
|  |                 { | ||
|  |                     inCredentials.DangerousRelease(); | ||
|  |                     b1 = false; | ||
|  |                 } | ||
|  |                  | ||
|  |                 if (b2) | ||
|  |                 { | ||
|  |                     outContext.DangerousRelease(); | ||
|  |                     b2 = false; | ||
|  |                 } | ||
|  | 
 | ||
|  |                 if (!(e is ObjectDisposedException)) | ||
|  |                     throw; | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 long timeStamp; | ||
|  |                 if (!b1) | ||
|  |                 { | ||
|  |                     // caller should retry | ||
|  |                     inCredentials = null; | ||
|  |                 } | ||
|  |                 else if (b1 && b2) | ||
|  |                 { | ||
|  | 
 | ||
|  |                     SSPIHandle credentialHandle = inCredentials._handle; | ||
|  |                     // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // This API does not set Win32 Last Error. | ||
|  |                     errorCode = InitializeSecurityContextW( | ||
|  |                         ref credentialHandle, | ||
|  |                         inContextPtr, | ||
|  |                         targetName, | ||
|  |                         inFlags, | ||
|  |                         0, | ||
|  |                         endianness, | ||
|  |                         inputBuffer, | ||
|  |                         0, | ||
|  |                         ref outContext._handle, | ||
|  |                         outputBuffer, | ||
|  |                         ref attributes, | ||
|  |                         out timeStamp | ||
|  |                         ); | ||
|  |                     // | ||
|  |                     // When a credential handle is first associated with the context we keep credential | ||
|  |                     // ref count bumped up to ensure ordered finalization. | ||
|  |                     // If the credential handle has been changed we de-ref the old one and associate the | ||
|  |                     //  context with the new cred handle but only if the call was successful. | ||
|  |                     if (outContext._EffectiveCredential != inCredentials && (errorCode & 0x80000000) == 0) | ||
|  |                     { | ||
|  |                         // Disassociate the previous credential handle | ||
|  |                         if (outContext._EffectiveCredential != null) | ||
|  |                             outContext._EffectiveCredential.DangerousRelease(); | ||
|  |                         outContext._EffectiveCredential = inCredentials; | ||
|  |                     } | ||
|  |                     else | ||
|  |                     { | ||
|  |                         inCredentials.DangerousRelease(); | ||
|  |                     } | ||
|  | 
 | ||
|  |                     outContext.DangerousRelease(); | ||
|  | 
 | ||
|  |                     // The idea is that SSPI has allocated a block and filled up outUnmanagedBuffer+8 slot with the pointer. | ||
|  |                     if (handleTemplate != null) | ||
|  |                     { | ||
|  |                         handleTemplate.Set(((SecurityBufferStruct*)outputBuffer.UnmanagedPointer)->token); //ATTN: on 64 BIT that is still +8 cause of 2* c++ unsigned long == 8 bytes | ||
|  |                         if (handleTemplate.IsInvalid) | ||
|  |                         { | ||
|  |                             handleTemplate.SetHandleAsInvalid(); | ||
|  |                         } | ||
|  |                     } | ||
|  | 
 | ||
|  |                 } | ||
|  |                 if (inContextPtr == null && (errorCode & 0x80000000) != 0) | ||
|  |                 { | ||
|  |                     // an error on the first call, need to set the out handle to invalid value | ||
|  |                     outContext._handle.SetToInvalid(); | ||
|  |                 } | ||
|  |             } | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         //------------------------------------------------------------------- | ||
|  |         internal static unsafe int AcceptSecurityContext( | ||
|  |             SafeFreeCredentials inCredentials, | ||
|  |             ref SafeDeleteContext refContext, | ||
|  |             SspiContextFlags inFlags, | ||
|  |             Endianness endianness, | ||
|  |             SecurityBuffer inSecBuffer, | ||
|  |             SecurityBuffer[] inSecBuffers, | ||
|  |             SecurityBuffer outSecBuffer, | ||
|  |             ref SspiContextFlags outFlags) | ||
|  |         { | ||
|  | 
 | ||
|  |             if (inCredentials == null) | ||
|  |             { | ||
|  |                 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("inCredentials"); | ||
|  |             } | ||
|  | 
 | ||
|  |             SecurityBufferDescriptor inSecurityBufferDescriptor = null; | ||
|  |             if (inSecBuffer != null) | ||
|  |             { | ||
|  |                 inSecurityBufferDescriptor = new SecurityBufferDescriptor(1); | ||
|  |             } | ||
|  |             else if (inSecBuffers != null) | ||
|  |             { | ||
|  |                 inSecurityBufferDescriptor = new SecurityBufferDescriptor(inSecBuffers.Length); | ||
|  |             } | ||
|  |             SecurityBufferDescriptor outSecurityBufferDescriptor = new SecurityBufferDescriptor(1); | ||
|  | 
 | ||
|  |             // actually this is returned in outFlags | ||
|  |             bool isSspiAllocated = (inFlags & SspiContextFlags.AllocateMemory) != 0 ? true : false; | ||
|  | 
 | ||
|  |             int errorCode = -1; | ||
|  |             SSPIHandle contextHandle = new SSPIHandle(); | ||
|  |             if (refContext != null) | ||
|  |             { | ||
|  |                 contextHandle = refContext._handle; | ||
|  |             } | ||
|  | 
 | ||
|  |             // these are pinned user byte arrays passed along with SecurityBuffers | ||
|  |             GCHandle[] pinnedInBytes = null; | ||
|  |             GCHandle pinnedOutBytes = new GCHandle(); | ||
|  |             // optional output buffer that may need to be freed | ||
|  |             SafeFreeContextBuffer outFreeContextBuffer = null; | ||
|  | 
 | ||
|  |             try | ||
|  |             { | ||
|  |                 pinnedOutBytes = GCHandle.Alloc(outSecBuffer.token, GCHandleType.Pinned); | ||
|  | 
 | ||
|  |                 SecurityBufferStruct[] inUnmanagedBuffer = new SecurityBufferStruct[inSecurityBufferDescriptor == null ? 1 : inSecurityBufferDescriptor.Count]; | ||
|  |                 fixed (void* inUnmanagedBufferPtr = inUnmanagedBuffer) | ||
|  |                 { | ||
|  |                     if (inSecurityBufferDescriptor != null) | ||
|  |                     { | ||
|  |                         // Fix Descriptor pointer that points to unmanaged SecurityBuffers | ||
|  |                         inSecurityBufferDescriptor.UnmanagedPointer = inUnmanagedBufferPtr; | ||
|  |                         pinnedInBytes = new GCHandle[inSecurityBufferDescriptor.Count]; | ||
|  |                         SecurityBuffer securityBuffer; | ||
|  |                         for (int index = 0; index < inSecurityBufferDescriptor.Count; ++index) | ||
|  |                         { | ||
|  |                             securityBuffer = inSecBuffer != null ? inSecBuffer : inSecBuffers[index]; | ||
|  |                             if (securityBuffer != null) | ||
|  |                             { | ||
|  |                                 // Copy the SecurityBuffer content into unmanaged place holder | ||
|  |                                 inUnmanagedBuffer[index].count = securityBuffer.size; | ||
|  |                                 inUnmanagedBuffer[index].type = securityBuffer.type; | ||
|  |                                 // use the unmanaged token if it's not null; otherwise use the managed buffer | ||
|  |                                 if (securityBuffer.unmanagedToken != null) | ||
|  |                                 { | ||
|  |                                     inUnmanagedBuffer[index].token = securityBuffer.unmanagedToken.DangerousGetHandle(); | ||
|  |                                 } | ||
|  |                                 else if (securityBuffer.token == null || securityBuffer.token.Length == 0) | ||
|  |                                 { | ||
|  |                                     inUnmanagedBuffer[index].token = IntPtr.Zero; | ||
|  |                                 } | ||
|  |                                 else | ||
|  |                                 { | ||
|  |                                     pinnedInBytes[index] = GCHandle.Alloc(securityBuffer.token, GCHandleType.Pinned); | ||
|  |                                     inUnmanagedBuffer[index].token = Marshal.UnsafeAddrOfPinnedArrayElement(securityBuffer.token, securityBuffer.offset); | ||
|  |                                 } | ||
|  |                             } | ||
|  |                         } | ||
|  |                     } | ||
|  |                     SecurityBufferStruct[] outUnmanagedBuffer = new SecurityBufferStruct[1]; | ||
|  |                     fixed (void* outUnmanagedBufferPtr = outUnmanagedBuffer) | ||
|  |                     { | ||
|  |                         // Fix Descriptor pointer that points to unmanaged SecurityBuffers | ||
|  |                         outSecurityBufferDescriptor.UnmanagedPointer = outUnmanagedBufferPtr; | ||
|  |                         // Copy the SecurityBuffer content into unmanaged place holder | ||
|  |                         outUnmanagedBuffer[0].count = outSecBuffer.size; | ||
|  |                         outUnmanagedBuffer[0].type = outSecBuffer.type; | ||
|  |                         if (outSecBuffer.token == null || outSecBuffer.token.Length == 0) | ||
|  |                         { | ||
|  |                             outUnmanagedBuffer[0].token = IntPtr.Zero; | ||
|  |                         } | ||
|  |                         else | ||
|  |                         { | ||
|  |                             outUnmanagedBuffer[0].token = Marshal.UnsafeAddrOfPinnedArrayElement(outSecBuffer.token, outSecBuffer.offset); | ||
|  |                         } | ||
|  |                         if (isSspiAllocated) | ||
|  |                         { | ||
|  |                             outFreeContextBuffer = SafeFreeContextBuffer.CreateEmptyHandle(); | ||
|  |                         } | ||
|  | 
 | ||
|  |                         if (refContext == null || refContext.IsInvalid) | ||
|  |                         { | ||
|  |                             refContext = new SafeDeleteContext(); | ||
|  |                         } | ||
|  |                         errorCode = MustRunAcceptSecurityContext( | ||
|  |                             inCredentials, | ||
|  |                             contextHandle.IsZero ? null : &contextHandle, | ||
|  |                             inSecurityBufferDescriptor, | ||
|  |                             inFlags, | ||
|  |                             endianness, | ||
|  |                             refContext, | ||
|  |                             outSecurityBufferDescriptor, | ||
|  |                             ref outFlags, | ||
|  |                             outFreeContextBuffer | ||
|  |                             ); | ||
|  | 
 | ||
|  |                         // Get unmanaged buffer with index 0 as the only one passed into PInvoke | ||
|  |                         outSecBuffer.size = outUnmanagedBuffer[0].count; | ||
|  |                         outSecBuffer.type = outUnmanagedBuffer[0].type; | ||
|  |                         if (outSecBuffer.size > 0) | ||
|  |                         { | ||
|  |                             outSecBuffer.token = DiagnosticUtility.Utility.AllocateByteArray(outSecBuffer.size); | ||
|  |                             Marshal.Copy(outUnmanagedBuffer[0].token, outSecBuffer.token, 0, outSecBuffer.size); | ||
|  |                         } | ||
|  |                         else | ||
|  |                         { | ||
|  |                             outSecBuffer.token = null; | ||
|  |                         } | ||
|  |                     } | ||
|  |                 } | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 if (pinnedInBytes != null) | ||
|  |                 { | ||
|  |                     for (int index = 0; index < pinnedInBytes.Length; index++) | ||
|  |                     { | ||
|  |                         if (pinnedInBytes[index].IsAllocated) | ||
|  |                         { | ||
|  |                             pinnedInBytes[index].Free(); | ||
|  |                         } | ||
|  |                     } | ||
|  |                 } | ||
|  |                 if (pinnedOutBytes.IsAllocated) | ||
|  |                 { | ||
|  |                     pinnedOutBytes.Free(); | ||
|  |                 } | ||
|  |                 if (outFreeContextBuffer != null) | ||
|  |                 { | ||
|  |                     outFreeContextBuffer.Close(); | ||
|  |                 } | ||
|  |             } | ||
|  | 
 | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         // After PINvoke call the method will fix the handleTemplate.handle with the returned value. | ||
|  |         // The caller is responsible for creating a correct SafeFreeContextBuffer_XXX flavour or null can be passed if no handle is returned. | ||
|  |         // This method is run as non-interruptible. | ||
|  |         static unsafe int MustRunAcceptSecurityContext( | ||
|  |             SafeFreeCredentials inCredentials, | ||
|  |             void* inContextPtr, | ||
|  |             SecurityBufferDescriptor inputBuffer, | ||
|  |             SspiContextFlags inFlags, | ||
|  |             Endianness endianness, | ||
|  |             SafeDeleteContext outContext, | ||
|  |             SecurityBufferDescriptor outputBuffer, | ||
|  |             ref SspiContextFlags outFlags, | ||
|  |             SafeFreeContextBuffer handleTemplate) | ||
|  |         { | ||
|  |             int errorCode = -1; | ||
|  |             bool b1 = false; | ||
|  |             bool b2 = false; | ||
|  | 
 | ||
|  |             // Run the body of this method as a non-interruptible block. | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  | 
 | ||
|  |             try | ||
|  |             { | ||
|  |                 inCredentials.DangerousAddRef(ref b1); | ||
|  |                 outContext.DangerousAddRef(ref b2); | ||
|  |             } | ||
|  |             catch (Exception e) | ||
|  |             { | ||
|  |                 if (System.Runtime.Fx.IsFatal(e)) | ||
|  |                     throw; | ||
|  |                  | ||
|  |                 if (b1) | ||
|  |                 { | ||
|  |                     inCredentials.DangerousRelease(); | ||
|  |                     b1 = false; | ||
|  |                 } | ||
|  |                 if (b2) | ||
|  |                 { | ||
|  |                     outContext.DangerousRelease(); | ||
|  |                     b2 = false; | ||
|  |                 } | ||
|  |                 if (!(e is ObjectDisposedException)) | ||
|  |                     throw; | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 long timeStamp; | ||
|  |                 if (!b1) | ||
|  |                 { | ||
|  |                     // caller should retry | ||
|  |                     inCredentials = null; | ||
|  |                 } | ||
|  |                 else if (b1 && b2) | ||
|  |                 { | ||
|  | 
 | ||
|  |                     SSPIHandle credentialHandle = inCredentials._handle; | ||
|  |                     // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // This API does not set Win32 Last Error. | ||
|  |                     errorCode = AcceptSecurityContext( | ||
|  |                         ref credentialHandle, | ||
|  |                         inContextPtr, | ||
|  |                         inputBuffer, | ||
|  |                         inFlags, | ||
|  |                         endianness, | ||
|  |                         ref outContext._handle, | ||
|  |                         outputBuffer, | ||
|  |                         ref outFlags, | ||
|  |                         out timeStamp | ||
|  |                         ); | ||
|  | 
 | ||
|  |                     // | ||
|  |                     // When a credential handle is first associated with the context we keep credential | ||
|  |                     // ref count bumped up to ensure ordered finalization. | ||
|  |                     // If the credential handle has been changed we de-ref the old one and associate the | ||
|  |                     //  context with the new cred handle but only if the call was successful. | ||
|  |                     if (outContext._EffectiveCredential != inCredentials && (errorCode & 0x80000000) == 0) | ||
|  |                     { | ||
|  |                         // Disassociate the previous credential handle | ||
|  |                         if (outContext._EffectiveCredential != null) | ||
|  |                             outContext._EffectiveCredential.DangerousRelease(); | ||
|  |                         outContext._EffectiveCredential = inCredentials; | ||
|  |                     } | ||
|  |                     else | ||
|  |                     { | ||
|  |                         inCredentials.DangerousRelease(); | ||
|  |                     } | ||
|  | 
 | ||
|  |                     outContext.DangerousRelease(); | ||
|  | 
 | ||
|  |                     // The idea is that SSPI has allocated a block and filled up outUnmanagedBuffer+8 slot with the pointer. | ||
|  |                     if (handleTemplate != null) | ||
|  |                     { | ||
|  |                         handleTemplate.Set(((SecurityBufferStruct*)outputBuffer.UnmanagedPointer)->token); //ATTN: on 64 BIT that is still +8 cause of 2* c++ unsigned long == 8 bytes | ||
|  |                         if (handleTemplate.IsInvalid) | ||
|  |                         { | ||
|  |                             handleTemplate.SetHandleAsInvalid(); | ||
|  |                         } | ||
|  |                     } | ||
|  |                     if (inContextPtr == null && (errorCode & 0x80000000) != 0) | ||
|  |                     { | ||
|  |                         // an error on the first call, need to set the out handle to invalid value | ||
|  |                         outContext._handle.SetToInvalid(); | ||
|  |                     } | ||
|  |                 } | ||
|  |             } | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         public static int ImpersonateSecurityContext(SafeDeleteContext context) | ||
|  |         { | ||
|  |             int status = (int)SecurityStatus.InvalidHandle; | ||
|  |             bool b = false; | ||
|  | 
 | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try | ||
|  |             { | ||
|  |                 context.DangerousAddRef(ref b); | ||
|  |             } | ||
|  |             catch (Exception e) | ||
|  |             { | ||
|  |                 if (System.Runtime.Fx.IsFatal(e)) | ||
|  |                     throw; | ||
|  |                  | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     context.DangerousRelease(); | ||
|  |                     b = false; | ||
|  |                 } | ||
|  |                 if (!(e is ObjectDisposedException)) | ||
|  |                     throw; | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  | 
 | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |                     status = ImpersonateSecurityContext(ref context._handle); | ||
|  |                     context.DangerousRelease(); | ||
|  |                 } | ||
|  |             } | ||
|  |             return status; | ||
|  |         } | ||
|  | 
 | ||
|  |         public static int EncryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber) | ||
|  |         { | ||
|  |             int status = (int)SecurityStatus.InvalidHandle; | ||
|  |             bool b = false; | ||
|  | 
 | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try | ||
|  |             { | ||
|  |                 context.DangerousAddRef(ref b); | ||
|  |             } | ||
|  |             catch (Exception e) | ||
|  |             { | ||
|  |                 if (System.Runtime.Fx.IsFatal(e)) | ||
|  |                     throw; | ||
|  |                  | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     context.DangerousRelease(); | ||
|  |                     b = false; | ||
|  |                 } | ||
|  |                 if (!(e is ObjectDisposedException)) | ||
|  |                     throw; | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |                     status = EncryptMessage(ref context._handle, 0, inputOutput, sequenceNumber); | ||
|  |                     context.DangerousRelease(); | ||
|  |                 } | ||
|  |             } | ||
|  |             return status; | ||
|  |         } | ||
|  | 
 | ||
|  |         public unsafe static int DecryptMessage(SafeDeleteContext context, SecurityBufferDescriptor inputOutput, uint sequenceNumber) | ||
|  |         { | ||
|  |             int status = (int)SecurityStatus.InvalidHandle; | ||
|  |             bool b = false; | ||
|  |             uint qop = 0; | ||
|  | 
 | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try | ||
|  |             { | ||
|  |                 context.DangerousAddRef(ref b); | ||
|  |             } | ||
|  |             catch (Exception e) | ||
|  |             { | ||
|  |                 if (System.Runtime.Fx.IsFatal(e)) | ||
|  |                     throw; | ||
|  |                  | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     context.DangerousRelease(); | ||
|  |                     b = false; | ||
|  |                 } | ||
|  |                 if (!(e is ObjectDisposedException)) | ||
|  |                     throw; | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  | 
 | ||
|  |                 if (b) | ||
|  |                 { | ||
|  | #pragma warning suppress 56523 // we don't take any action on the win32 error message. | ||
|  |                     status = DecryptMessage(ref context._handle, inputOutput, sequenceNumber, &qop); | ||
|  |                     context.DangerousRelease(); | ||
|  |                 } | ||
|  |             } | ||
|  | 
 | ||
|  |             const uint SECQOP_WRAP_NO_ENCRYPT = 0x80000001; | ||
|  |             if (status == 0 && qop == SECQOP_WRAP_NO_ENCRYPT) | ||
|  |             { | ||
|  |                 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SspiPayloadNotEncrypted))); | ||
|  |             } | ||
|  | 
 | ||
|  |             return status; | ||
|  |         } | ||
|  | 
 | ||
|  |         internal int GetSecurityContextToken(out SafeCloseHandle safeHandle) | ||
|  |         { | ||
|  |             int status = (int)SecurityStatus.InvalidHandle; | ||
|  |             bool b = false; | ||
|  | 
 | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try | ||
|  |             { | ||
|  |                 DangerousAddRef(ref b); | ||
|  |             } | ||
|  |             catch (Exception e) | ||
|  |             { | ||
|  |                 if (System.Runtime.Fx.IsFatal(e)) | ||
|  |                     throw; | ||
|  |                  | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     DangerousRelease(); | ||
|  |                     b = false; | ||
|  |                 } | ||
|  |                 if (!(e is ObjectDisposedException)) | ||
|  |                     throw; | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. The API returns a error code. | ||
|  |                     status = QuerySecurityContextToken(ref _handle, out safeHandle); | ||
|  |                     DangerousRelease(); | ||
|  |                 } | ||
|  |                 else | ||
|  |                 { | ||
|  |                     safeHandle = new SafeCloseHandle(IntPtr.Zero, false); | ||
|  |                 } | ||
|  |             } | ||
|  |             return status; | ||
|  |         } | ||
|  | 
 | ||
|  |         protected override bool ReleaseHandle() | ||
|  |         { | ||
|  |             if (this._EffectiveCredential != null) | ||
|  |                 this._EffectiveCredential.DangerousRelease(); | ||
|  | 
 | ||
|  |             // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |             return DeleteSecurityContext(ref _handle) == 0; | ||
|  |         } | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         extern static int QuerySecurityContextToken(ref SSPIHandle phContext, [Out] out SafeCloseHandle handle); | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.MayFail)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal extern static unsafe int InitializeSecurityContextW( | ||
|  |             ref SSPIHandle credentialHandle, | ||
|  |             [In] void* inContextPtr, | ||
|  |             [In] byte* targetName, | ||
|  |             [In] SspiContextFlags inFlags, | ||
|  |             [In] int reservedI, | ||
|  |             [In] Endianness endianness, | ||
|  |             [In] SecurityBufferDescriptor inputBuffer, | ||
|  |             [In] int reservedII, | ||
|  |             ref SSPIHandle outContextPtr, | ||
|  |             [In, Out] SecurityBufferDescriptor outputBuffer, | ||
|  |             [In, Out] ref SspiContextFlags attributes, | ||
|  |             out long timestamp | ||
|  |             ); | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.MayFail)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal extern static unsafe int AcceptSecurityContext( | ||
|  |             ref SSPIHandle credentialHandle, | ||
|  |             [In] void* inContextPtr, | ||
|  |             [In] SecurityBufferDescriptor inputBuffer, | ||
|  |             [In] SspiContextFlags inFlags, | ||
|  |             [In] Endianness endianness, | ||
|  |             ref SSPIHandle outContextPtr, | ||
|  |             [In, Out] SecurityBufferDescriptor outputBuffer, | ||
|  |             [In, Out] ref SspiContextFlags attributes, | ||
|  |             out long timestamp | ||
|  |             ); | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [SuppressUnmanagedCodeSecurity] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         internal extern static int DeleteSecurityContext( | ||
|  |             ref SSPIHandle handlePtr | ||
|  |             ); | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal extern static int ImpersonateSecurityContext( | ||
|  |             ref SSPIHandle handlePtr | ||
|  |             ); | ||
|  | 
 | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.MayFail)] | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal extern static int EncryptMessage( | ||
|  |             ref SSPIHandle contextHandle, | ||
|  |             [In] uint qualityOfProtection, | ||
|  |             [In, Out] SecurityBufferDescriptor inputOutput, | ||
|  |             [In] uint sequenceNumber | ||
|  |             ); | ||
|  | 
 | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.MayFail)] | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal unsafe extern static int DecryptMessage( | ||
|  |             ref SSPIHandle contextHandle, | ||
|  |             [In, Out] SecurityBufferDescriptor inputOutput, | ||
|  |             [In] uint sequenceNumber, | ||
|  |             uint* qualityOfProtection | ||
|  |             ); | ||
|  |     } | ||
|  | 
 | ||
|  |     class SafeFreeCredentials : SafeHandle | ||
|  |     { | ||
|  |         const string SECURITY = "security.Dll"; | ||
|  |         internal SSPIHandle _handle; //should be always used as by ref in PINvokes parameters | ||
|  | 
 | ||
|  |         protected SafeFreeCredentials() | ||
|  |             : base(IntPtr.Zero, true) | ||
|  |         { | ||
|  |             _handle = new SSPIHandle(); | ||
|  |         } | ||
|  | 
 | ||
|  |         //internal static string ToString(SafeFreeCredentials obj) | ||
|  |         //{   return obj == null ? "null" : SSPIHandle.ToString(ref obj._handle); } | ||
|  | 
 | ||
|  |         public override bool IsInvalid | ||
|  |         { | ||
|  |             get { return IsClosed || _handle.IsZero; } | ||
|  |         } | ||
|  | 
 | ||
|  |         //This method should never be called for this type | ||
|  |         //public new IntPtr DangerousGetHandle() | ||
|  |         //{ | ||
|  |         //    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException()); | ||
|  |         //} | ||
|  | 
 | ||
|  |         public static unsafe int AcquireCredentialsHandle( | ||
|  |             string package, | ||
|  |             CredentialUse intent, | ||
|  |             ref AuthIdentityEx authdata, | ||
|  |             out SafeFreeCredentials outCredential) | ||
|  |         { | ||
|  |             int errorCode = -1; | ||
|  |             long timeStamp; | ||
|  | 
 | ||
|  |             outCredential = new SafeFreeCredentials(); | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try { } | ||
|  |             finally | ||
|  |             { | ||
|  |                 // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |                 errorCode = AcquireCredentialsHandleW( | ||
|  |                     null, | ||
|  |                     package, | ||
|  |                     (int)intent, | ||
|  |                     null, | ||
|  |                     ref authdata, | ||
|  |                     null, | ||
|  |                     null, | ||
|  |                     ref outCredential._handle, | ||
|  |                     out timeStamp | ||
|  |                     ); | ||
|  |                 if (errorCode != 0) | ||
|  |                 { | ||
|  |                     outCredential.SetHandleAsInvalid(); | ||
|  |                 } | ||
|  |             } | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         public static unsafe int AcquireDefaultCredential( | ||
|  |             string package, | ||
|  |             CredentialUse intent, | ||
|  |             ref AuthIdentityEx authIdentity, | ||
|  |             out SafeFreeCredentials outCredential) | ||
|  |         { | ||
|  |             int errorCode = -1; | ||
|  |             long timeStamp; | ||
|  | 
 | ||
|  |             outCredential = new SafeFreeCredentials(); | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try { } | ||
|  |             finally | ||
|  |             { | ||
|  |                 // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |                 errorCode = AcquireCredentialsHandleW( | ||
|  |                                 null, | ||
|  |                                 package, | ||
|  |                                 (int)intent, | ||
|  |                                 null, | ||
|  |                                 ref authIdentity, // IntPtr.Zero, | ||
|  |                                 null, | ||
|  |                                 null, | ||
|  |                                 ref outCredential._handle, | ||
|  |                                 out timeStamp | ||
|  |                                 ); | ||
|  | 
 | ||
|  |                 if (errorCode != 0) | ||
|  |                 { | ||
|  |                     outCredential.SetHandleAsInvalid(); | ||
|  |                 } | ||
|  |             } | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         public static unsafe int AcquireCredentialsHandle( | ||
|  |             string package, | ||
|  |             CredentialUse intent, | ||
|  |             ref SecureCredential authdata, | ||
|  |             out SafeFreeCredentials outCredential) | ||
|  |         { | ||
|  |             int errorCode = -1; | ||
|  |             long timeStamp; | ||
|  | 
 | ||
|  |             // If there is a certificate, wrap it into an array | ||
|  |             IntPtr copiedPtr = authdata.certContextArray; | ||
|  |             try | ||
|  |             { | ||
|  |                 IntPtr certArrayPtr = new IntPtr(&copiedPtr); | ||
|  |                 if (copiedPtr != IntPtr.Zero) | ||
|  |                 { | ||
|  |                     authdata.certContextArray = certArrayPtr; | ||
|  |                 } | ||
|  | 
 | ||
|  |                 outCredential = new SafeFreeCredentials(); | ||
|  |                 RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |                 try { } | ||
|  |                 finally | ||
|  |                 { | ||
|  |                     // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |                     errorCode = AcquireCredentialsHandleW( | ||
|  |                                     null, | ||
|  |                                     package, | ||
|  |                                     (int)intent, | ||
|  |                                     null, | ||
|  |                                     ref authdata, | ||
|  |                                     null, | ||
|  |                                     null, | ||
|  |                                     ref outCredential._handle, | ||
|  |                                     out timeStamp | ||
|  |                                     ); | ||
|  |                     if (errorCode != 0) | ||
|  |                     { | ||
|  |                         outCredential.SetHandleAsInvalid(); | ||
|  |                     } | ||
|  |                 } | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 authdata.certContextArray = copiedPtr; | ||
|  |             } | ||
|  | 
 | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         public static unsafe int AcquireCredentialsHandle( | ||
|  |          string package, | ||
|  |          CredentialUse intent, | ||
|  |          ref IntPtr ppAuthIdentity, | ||
|  |          out SafeFreeCredentials outCredential | ||
|  |          ) | ||
|  |         { | ||
|  |             int errorCode = -1; | ||
|  |             long timeStamp; | ||
|  |             outCredential = new SafeFreeCredentials(); | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try { } | ||
|  |             finally | ||
|  |             { | ||
|  |                 // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |                 errorCode = AcquireCredentialsHandleW( | ||
|  |                                     null, | ||
|  |                                     package, | ||
|  |                                     (int)intent, | ||
|  |                                     null, | ||
|  |                                     ppAuthIdentity, | ||
|  |                                     null, | ||
|  |                                     null, | ||
|  |                                     ref outCredential._handle, | ||
|  |                                     out timeStamp | ||
|  |                                     ); | ||
|  |                 if (errorCode != 0) | ||
|  |                 { | ||
|  |                     outCredential.SetHandleAsInvalid(); | ||
|  |                 } | ||
|  |             } | ||
|  | 
 | ||
|  |             return errorCode; | ||
|  |         } | ||
|  | 
 | ||
|  |         protected override bool ReleaseHandle() | ||
|  |         { | ||
|  |             // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. It returns a error code. | ||
|  |             return FreeCredentialsHandle(ref _handle) == 0; | ||
|  |         } | ||
|  | 
 | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, CharSet = CharSet.Unicode, SetLastError = true)] | ||
|  |         internal extern static unsafe int AcquireCredentialsHandleW( | ||
|  |             [In] string principal, | ||
|  |             [In] string moduleName, | ||
|  |             [In] int usage, | ||
|  |             [In] void* logonID, | ||
|  |             [In] ref AuthIdentityEx authdata, | ||
|  |             [In] void* keyCallback, | ||
|  |             [In] void* keyArgument, | ||
|  |             ref SSPIHandle handlePtr, | ||
|  |             [Out] out long timeStamp | ||
|  |             ); | ||
|  | 
 | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, CharSet = CharSet.Unicode, SetLastError = true)] | ||
|  |         internal extern static unsafe int AcquireCredentialsHandleW( | ||
|  |             [In] string principal, | ||
|  |             [In] string moduleName, | ||
|  |             [In] int usage, | ||
|  |             [In] void* logonID, | ||
|  |             [In] IntPtr zero, | ||
|  |             [In] void* keyCallback, | ||
|  |             [In] void* keyArgument, | ||
|  |             ref SSPIHandle handlePtr, | ||
|  |             [Out] out long timeStamp | ||
|  |             ); | ||
|  | 
 | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, CharSet = CharSet.Unicode, SetLastError = true)] | ||
|  |         internal extern static unsafe int AcquireCredentialsHandleW( | ||
|  |             [In] string principal, | ||
|  |             [In] string moduleName, | ||
|  |             [In] int usage, | ||
|  |             [In] void* logonID, | ||
|  |             [In] ref SecureCredential authData, | ||
|  |             [In] void* keyCallback, | ||
|  |             [In] void* keyArgument, | ||
|  |             ref SSPIHandle handlePtr, | ||
|  |             [Out] out long timeStamp | ||
|  |             ); | ||
|  | 
 | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [SuppressUnmanagedCodeSecurity] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal extern static int FreeCredentialsHandle( | ||
|  |             ref SSPIHandle handlePtr | ||
|  |             ); | ||
|  |     } | ||
|  | 
 | ||
|  |     sealed class SafeFreeCertContext : SafeHandleZeroOrMinusOneIsInvalid | ||
|  |     { | ||
|  |         const string CRYPT32 = "crypt32.dll"; | ||
|  |         const string ADVAPI32 = "advapi32.dll"; | ||
|  | 
 | ||
|  |         internal SafeFreeCertContext() : base(true) { } | ||
|  | 
 | ||
|  |         // This must be ONLY called from this file and form a MustRun method | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         internal unsafe void Set(IntPtr value) | ||
|  |         { | ||
|  |             this.handle = value; | ||
|  |         } | ||
|  | 
 | ||
|  |         const uint CRYPT_ACQUIRE_SILENT_FLAG = 0x00000040; | ||
|  | 
 | ||
|  |         [DllImport(CRYPT32, ExactSpelling = true, SetLastError = true)] | ||
|  |         [SuppressUnmanagedCodeSecurity] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         extern static bool CertFreeCertificateContext(// Suppressing returned status check, it's always==TRUE, | ||
|  |             [In] IntPtr certContext); | ||
|  | 
 | ||
|  |         protected override bool ReleaseHandle() | ||
|  |         { | ||
|  |             // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. | ||
|  |             return CertFreeCertificateContext(handle); | ||
|  |         } | ||
|  |     } | ||
|  | 
 | ||
|  |     sealed class SafeFreeContextBuffer : SafeHandleZeroOrMinusOneIsInvalid | ||
|  |     { | ||
|  |         const string SECURITY = "security.dll"; | ||
|  | 
 | ||
|  |         SafeFreeContextBuffer() : base(true) { } | ||
|  | 
 | ||
|  |         // This must be ONLY called from this file and form a MustRun method | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         internal unsafe void Set(IntPtr value) | ||
|  |         { | ||
|  |             this.handle = value; | ||
|  |         } | ||
|  | 
 | ||
|  |         internal static int EnumeratePackages(out int pkgnum, out SafeFreeContextBuffer pkgArray) | ||
|  |         { | ||
|  |             int res = -1; | ||
|  |             // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. The API returns a error code. | ||
|  |             res = SafeFreeContextBuffer.EnumerateSecurityPackagesW(out pkgnum, out pkgArray); | ||
|  | 
 | ||
|  |             if (res != 0) | ||
|  |             { | ||
|  |                 Utility.CloseInvalidOutSafeHandle(pkgArray); | ||
|  |                 pkgArray = null; | ||
|  |             } | ||
|  |             return res; | ||
|  |         } | ||
|  | 
 | ||
|  |         internal static SafeFreeContextBuffer CreateEmptyHandle() | ||
|  |         { | ||
|  |             return new SafeFreeContextBuffer(); | ||
|  |         } | ||
|  | 
 | ||
|  |         // | ||
|  |         // After PInvoke call the method will fix the refHandle.handle with the returned value. | ||
|  |         // The caller is responsible for creating a correct SafeHandle template or null can be passed if no handle is returned. | ||
|  |         // | ||
|  |         // This method is run as non-interruptible. | ||
|  |         // | ||
|  |         public static unsafe int QueryContextAttributes(SafeDeleteContext phContext, ContextAttribute contextAttribute, byte* buffer, SafeHandle refHandle) | ||
|  |         { | ||
|  |             int status = (int)SecurityStatus.InvalidHandle; | ||
|  |             bool b = false; | ||
|  | 
 | ||
|  |             // We don't want to be interrupted by thread abort exceptions or unexpected out-of-memory errors failing to jit | ||
|  |             // one of the following methods. So run within a CER non-interruptible block. | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  | 
 | ||
|  |             try | ||
|  |             { | ||
|  |                 phContext.DangerousAddRef(ref b); | ||
|  |             } | ||
|  |             catch (Exception e) | ||
|  |             { | ||
|  |                 if (System.Runtime.Fx.IsFatal(e)) | ||
|  |                     throw; | ||
|  |                  | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     phContext.DangerousRelease(); | ||
|  |                     b = false; | ||
|  |                 } | ||
|  |                 if (!(e is ObjectDisposedException)) | ||
|  |                     throw; | ||
|  |             } | ||
|  |             finally | ||
|  |             { | ||
|  |                 if (b) | ||
|  |                 { | ||
|  |                     // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. The API returns a error code. | ||
|  |                     status = SafeFreeContextBuffer.QueryContextAttributesW(ref phContext._handle, contextAttribute, buffer); | ||
|  |                     phContext.DangerousRelease(); | ||
|  |                 } | ||
|  |                 if (status == 0 && refHandle != null) | ||
|  |                 { | ||
|  |                     if (refHandle is SafeFreeContextBuffer) | ||
|  |                     { | ||
|  |                         if (contextAttribute == ContextAttribute.SessionKey) | ||
|  |                         { | ||
|  |                             IntPtr keyPtr = Marshal.ReadIntPtr(new IntPtr(buffer), SecPkgContext_SessionKey.SessionkeyOffset); | ||
|  |                             ((SafeFreeContextBuffer)refHandle).Set(keyPtr); | ||
|  |                         } | ||
|  |                         else | ||
|  |                         { | ||
|  |                             ((SafeFreeContextBuffer)refHandle).Set(*(IntPtr*)buffer); | ||
|  |                         } | ||
|  |                     } | ||
|  |                     else | ||
|  |                     { | ||
|  |                         ((SafeFreeCertContext)refHandle).Set(*(IntPtr*)buffer); | ||
|  |                     } | ||
|  |                 } | ||
|  | 
 | ||
|  |                 if (status != 0 && refHandle != null) | ||
|  |                 { | ||
|  |                     refHandle.SetHandleAsInvalid(); | ||
|  |                 } | ||
|  |             } | ||
|  |             return status; | ||
|  |         } | ||
|  | 
 | ||
|  |         protected override bool ReleaseHandle() | ||
|  |         { | ||
|  |             // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // The API does not set Win32 Last Error. The API returns a error code. | ||
|  |             return FreeContextBuffer(handle) == 0; | ||
|  |         } | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.MayFail)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal extern static unsafe int QueryContextAttributesW( | ||
|  |             ref SSPIHandle contextHandle, | ||
|  |             [In] ContextAttribute attribute, | ||
|  |             [In] void* buffer); | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         internal extern static int EnumerateSecurityPackagesW( | ||
|  |             [Out] out int pkgnum, | ||
|  |             [Out] out SafeFreeContextBuffer handle); | ||
|  | 
 | ||
|  |         [DllImport(SECURITY, ExactSpelling = true, SetLastError = true)] | ||
|  |         [SuppressUnmanagedCodeSecurity] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         extern static int FreeContextBuffer( | ||
|  |             [In] IntPtr contextBuffer); | ||
|  |     } | ||
|  | 
 | ||
|  |     sealed class SafeCloseHandle : SafeHandleZeroOrMinusOneIsInvalid | ||
|  |     { | ||
|  |         const string KERNEL32 = "kernel32.dll"; | ||
|  | 
 | ||
|  |         SafeCloseHandle() : base(true) { } | ||
|  |         internal SafeCloseHandle(IntPtr handle, bool ownsHandle) | ||
|  |             : base(ownsHandle) | ||
|  |         { | ||
|  |             DiagnosticUtility.DebugAssert(handle == IntPtr.Zero || !ownsHandle, "Unsafe to create a SafeHandle that owns a pre-existing handle before the SafeHandle was created."); | ||
|  |             SetHandle(handle); | ||
|  |         } | ||
|  | 
 | ||
|  |         protected override bool ReleaseHandle() | ||
|  |         { | ||
|  |             // PreSharp Bug: Call 'Marshal.GetLastWin32Error' or 'Marshal.GetHRForLastWin32Error' before any other interop call.  | ||
|  | #pragma warning suppress 56523 // We are not interested to throw an exception here. We can ignore the Last Error code. | ||
|  |             return CloseHandle(handle); | ||
|  |         } | ||
|  | 
 | ||
|  |         [DllImport(KERNEL32, ExactSpelling = true, SetLastError = true)] | ||
|  |         [SuppressUnmanagedCodeSecurity] | ||
|  |         [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)] | ||
|  |         [ResourceExposure(ResourceScope.None)] | ||
|  |         extern static bool CloseHandle(IntPtr handle); | ||
|  |     } | ||
|  | 
 | ||
|  | #pragma warning disable 618 // have not moved to the v4 security model yet | ||
|  |     [SecurityCritical(SecurityCriticalScope.Everything)] | ||
|  | #pragma warning restore 618 | ||
|  |     sealed class SafeHGlobalHandle : SafeHandleZeroOrMinusOneIsInvalid | ||
|  |     { | ||
|  |         SafeHGlobalHandle() : base(true) { } | ||
|  | 
 | ||
|  |         // 0 is an Invalid Handle | ||
|  |         SafeHGlobalHandle(IntPtr handle) | ||
|  |             : base(true) | ||
|  |         { | ||
|  |             DiagnosticUtility.DebugAssert(handle == IntPtr.Zero, "SafeHGlobalHandle constructor can only be called with IntPtr.Zero."); | ||
|  |             SetHandle(handle); | ||
|  |         } | ||
|  | 
 | ||
|  |         protected override bool ReleaseHandle() | ||
|  |         { | ||
|  |             Marshal.FreeHGlobal(handle); | ||
|  |             return true; | ||
|  |         } | ||
|  | 
 | ||
|  |         public static SafeHGlobalHandle InvalidHandle | ||
|  |         { | ||
|  |             get { return new SafeHGlobalHandle(IntPtr.Zero); } | ||
|  |         } | ||
|  | 
 | ||
|  |         public static SafeHGlobalHandle AllocHGlobal(string s) | ||
|  |         { | ||
|  |             byte[] bytes = DiagnosticUtility.Utility.AllocateByteArray(checked((s.Length + 1) * 2)); | ||
|  |             Encoding.Unicode.GetBytes(s, 0, s.Length, bytes, 0); | ||
|  |             return AllocHGlobal(bytes); | ||
|  |         } | ||
|  | 
 | ||
|  |         public static SafeHGlobalHandle AllocHGlobal(byte[] bytes) | ||
|  |         { | ||
|  |             SafeHGlobalHandle result = AllocHGlobal(bytes.Length); | ||
|  |             Marshal.Copy(bytes, 0, result.DangerousGetHandle(), bytes.Length); | ||
|  |             return result; | ||
|  |         } | ||
|  | 
 | ||
|  |         public static SafeHGlobalHandle AllocHGlobal(uint cb) | ||
|  |         { | ||
|  |             // The cast could overflow to minus. | ||
|  |             // Unfortunately, Marshal.AllocHGlobal only takes int. | ||
|  |             return AllocHGlobal((int)cb); | ||
|  |         } | ||
|  | 
 | ||
|  |         public static SafeHGlobalHandle AllocHGlobal(int cb) | ||
|  |         { | ||
|  |             if (cb < 0) | ||
|  |             { | ||
|  |                 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("cb", SR.GetString(SR.ValueMustBeNonNegative))); | ||
|  |             } | ||
|  | 
 | ||
|  |             SafeHGlobalHandle result = new SafeHGlobalHandle(); | ||
|  | 
 | ||
|  |             // CER  | ||
|  |             RuntimeHelpers.PrepareConstrainedRegions(); | ||
|  |             try { } | ||
|  |             finally | ||
|  |             { | ||
|  |                 IntPtr ptr = Marshal.AllocHGlobal(cb); | ||
|  |                 result.SetHandle(ptr); | ||
|  |             } | ||
|  |             return result; | ||
|  |         } | ||
|  |     } | ||
|  | 
 | ||
|  |     sealed class SafeLsaLogonProcessHandle : SafeHandleZeroOrMinusOneIsInvalid | ||
|  |     { | ||
|  |         SafeLsaLogonProcessHandle() : base(true) { } | ||
|  | 
 | ||
|  |         // 0 is an Invalid Handle | ||
|  |         internal SafeLsaLogonProcessHandle(IntPtr handle) | ||
|  |             : base(true) | ||
|  |         { | ||
|  |             SetHandle(handle); | ||
|  |         } | ||
|  | 
 | ||
|  |         internal static SafeLsaLogonProcessHandle InvalidHandle | ||
|  |         { | ||
|  |             get { return new SafeLsaLogonProcessHandle(IntPtr.Zero); } | ||
|  |         } | ||
|  | 
 | ||
|  |         override protected bool ReleaseHandle() | ||
|  |         { | ||
|  |             // LsaDeregisterLogonProcess returns an NTSTATUS | ||
|  |             return NativeMethods.LsaDeregisterLogonProcess(handle) >= 0; | ||
|  |         } | ||
|  |     } | ||
|  | 
 | ||
|  |     sealed class SafeLsaReturnBufferHandle : SafeHandleZeroOrMinusOneIsInvalid | ||
|  |     { | ||
|  |         SafeLsaReturnBufferHandle() : base(true) { } | ||
|  | 
 | ||
|  |         // 0 is an Invalid Handle | ||
|  |         internal SafeLsaReturnBufferHandle(IntPtr handle) | ||
|  |             : base(true) | ||
|  |         { | ||
|  |             SetHandle(handle); | ||
|  |         } | ||
|  | 
 | ||
|  |         internal static SafeLsaReturnBufferHandle InvalidHandle | ||
|  |         { | ||
|  |             get { return new SafeLsaReturnBufferHandle(IntPtr.Zero); } | ||
|  |         } | ||
|  | 
 | ||
|  |         override protected bool ReleaseHandle() | ||
|  |         { | ||
|  |             // LsaFreeReturnBuffer returns an NTSTATUS | ||
|  |             return NativeMethods.LsaFreeReturnBuffer(handle) >= 0; | ||
|  |         } | ||
|  |     } | ||
|  | } |