From 219ed70957cc93640a79e1f8098987256efbe212 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
Date: Fri, 4 Sep 2020 19:57:19 +0200
Subject: QAuthenticator(Negotiate): Try provided credential

Windows only so far, need a similar patch for *nix, or an alternate
approach when there is no server set up.

Pick-to: 5.15
Task-number: QTBUG-85123
Change-Id: Iff7a6b1540a2f1984153a237eea07c7bb1970064
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
---
 src/network/kernel/qauthenticator.cpp | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'src/network/kernel')

diff --git a/src/network/kernel/qauthenticator.cpp b/src/network/kernel/qauthenticator.cpp
index 1ac98602a2..45c8217701 100644
--- a/src/network/kernel/qauthenticator.cpp
+++ b/src/network/kernel/qauthenticator.cpp
@@ -1532,12 +1532,25 @@ static QByteArray qSspiStartup(QAuthenticatorPrivate *ctx, QAuthenticatorPrivate
         ctx->sspiWindowsHandles.reset(new QSSPIWindowsHandles);
     memset(&ctx->sspiWindowsHandles->credHandle, 0, sizeof(CredHandle));
 
+    SEC_WINNT_AUTH_IDENTITY auth;
+    auth.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
+    bool useAuth = false;
+    if (method == QAuthenticatorPrivate::Negotiate && !ctx->user.isEmpty()) {
+        auth.Domain = const_cast<ushort *>(ctx->userDomain.utf16());
+        auth.DomainLength = ctx->userDomain.size();
+        auth.User = const_cast<ushort *>(ctx->user.utf16());
+        auth.UserLength = ctx->user.size();
+        auth.Password = const_cast<ushort *>(ctx->password.utf16());
+        auth.PasswordLength = ctx->password.size();
+        useAuth = true;
+    }
+
     // Acquire our credentials handle
     SECURITY_STATUS secStatus = pSecurityFunctionTable->AcquireCredentialsHandle(
-                nullptr,
-                (SEC_WCHAR*)(method == QAuthenticatorPrivate::Negotiate ? L"Negotiate" : L"NTLM"),
-                SECPKG_CRED_OUTBOUND, nullptr, nullptr, nullptr, nullptr,
-                &ctx->sspiWindowsHandles->credHandle, &expiry
+            nullptr,
+            (SEC_WCHAR *)(method == QAuthenticatorPrivate::Negotiate ? L"Negotiate" : L"NTLM"),
+            SECPKG_CRED_OUTBOUND, nullptr, useAuth ? &auth : nullptr, nullptr, nullptr,
+            &ctx->sspiWindowsHandles->credHandle, &expiry
     );
     if (secStatus != SEC_E_OK) {
         ctx->sspiWindowsHandles.reset(nullptr);
-- 
cgit v1.2.3