Details
-
Bug
-
Resolution: Unresolved
-
P2: Important
-
None
-
6.5.0
-
None
-
Visual Studio Professional V17.6.1
Windows 10
-
Windows
Description
I am using QAuthenticator for Negotiate Authentication in a client application. To enable Kerberos authentication, I set the UPN (User Principle Name) before the handshake. But the conversation with the server is terminated by QAuthenticator before it is completed.
The issue lies in the way, QAuthenticator determines the end of the Server-Client-Handshake in the file "qauthenticator.cpp". When using the Windows-Function 'InitializeSecurityContext' in line 1670, the return status is processed, but incorrectly. Like the Documentation in...
https://learn.microsoft.com/en-us/windows/win32/api/sspi/nf-sspi-initializesecuritycontextw
...suggests, the handshake has completed successfully, when neither
'SEC_I_CONTINUE_NEEDED', nor 'SEC_I_COMPLETE_AND_CONTINUE' are true (See attached: Return_Values.png).
Then and only then should the code determine, the Conversation is done. However these return parameters are not correctly processed.
To fix this issue, an if-statement is added in line 1693 of 'qSspiContinue' method that checks, if the handshake is complete. In order to process the Boolean outside of the method, the 'qSspiContinue' method is now of type QPair as a makeshift solution. This results in several changes all over the file (See attached "code_changes.pdf").
A working solution is attached ("qauthenticator_mod.cpp").
Thank you for addressing this issue.
Sincerely,
Emil Wipplinger
