#include <stdio.h>
#include <stdlib.h>
#include "putty.h"
+#ifndef SECURITY_WIN32
+#define SECURITY_WIN32
+#endif
+#include <security.h>
OSVERSIONINFO osVersion;
-void platform_get_x11_auth(char *display, int *proto,
- unsigned char *data, int *datalen)
-{
- /* We don't support this at all under Windows. */
-}
-
-const char platform_x11_best_transport[] = "localhost";
-
char *platform_get_x_display(void) {
/* We may as well check for DISPLAY in case it's useful. */
return dupstr(getenv("DISPLAY"));
}
-Filename filename_from_str(const char *str)
+Filename *filename_from_str(const char *str)
{
- Filename ret;
- strncpy(ret.path, str, sizeof(ret.path));
- ret.path[sizeof(ret.path)-1] = '\0';
+ Filename *ret = snew(Filename);
+ ret->path = dupstr(str);
return ret;
}
+Filename *filename_copy(const Filename *fn)
+{
+ return filename_from_str(fn->path);
+}
+
const char *filename_to_str(const Filename *fn)
{
return fn->path;
}
-int filename_equal(Filename f1, Filename f2)
+int filename_equal(const Filename *f1, const Filename *f2)
+{
+ return !strcmp(f1->path, f2->path);
+}
+
+int filename_is_null(const Filename *fn)
+{
+ return !*fn->path;
+}
+
+void filename_free(Filename *fn)
+{
+ sfree(fn->path);
+ sfree(fn);
+}
+
+int filename_serialise(const Filename *f, void *vdata)
+{
+ char *data = (char *)vdata;
+ int len = strlen(f->path) + 1; /* include trailing NUL */
+ if (data) {
+ strcpy(data, f->path);
+ }
+ return len;
+}
+Filename *filename_deserialise(void *vdata, int maxsize, int *used)
{
- return !strcmp(f1.path, f2.path);
+ char *data = (char *)vdata;
+ char *end;
+ end = memchr(data, '\0', maxsize);
+ if (!end)
+ return NULL;
+ end++;
+ *used = end - data;
+ return filename_from_str(data);
}
-int filename_is_null(Filename fn)
+char filename_char_sanitise(char c)
{
- return !*fn.path;
+ if (strchr("<>:\"/\\|?*", c))
+ return '.';
+ return c;
+}
+
+#ifndef NO_SECUREZEROMEMORY
+/*
+ * Windows implementation of smemclr (see misc.c) using SecureZeroMemory.
+ */
+void smemclr(void *b, size_t n) {
+ if (b && n > 0)
+ SecureZeroMemory(b, n);
}
+#endif
char *get_username(void)
{
DWORD namelen;
char *user;
+ int got_username = FALSE;
+ DECL_WINDOWS_FUNCTION(static, BOOLEAN, GetUserNameExA,
+ (EXTENDED_NAME_FORMAT, LPSTR, PULONG));
+
+ {
+ static int tried_usernameex = FALSE;
+ if (!tried_usernameex) {
+ /* Not available on Win9x, so load dynamically */
+ HMODULE secur32 = load_system32_dll("secur32.dll");
+ GET_WINDOWS_FUNCTION(secur32, GetUserNameExA);
+ tried_usernameex = TRUE;
+ }
+ }
- namelen = 0;
- if (GetUserName(NULL, &namelen) == FALSE) {
+ if (p_GetUserNameExA) {
/*
- * Apparently this doesn't work at least on Windows XP SP2.
- * Thus assume a maximum of 256. It will fail again if it
- * doesn't fit.
+ * If available, use the principal -- this avoids the problem
+ * that the local username is case-insensitive but Kerberos
+ * usernames are case-sensitive.
*/
- namelen = 256;
+
+ /* Get the length */
+ namelen = 0;
+ (void) p_GetUserNameExA(NameUserPrincipal, NULL, &namelen);
+
+ user = snewn(namelen, char);
+ got_username = p_GetUserNameExA(NameUserPrincipal, user, &namelen);
+ if (got_username) {
+ char *p = strchr(user, '@');
+ if (p) *p = 0;
+ } else {
+ sfree(user);
+ }
}
- user = snewn(namelen, char);
- GetUserName(user, &namelen);
+ if (!got_username) {
+ /* Fall back to local user name */
+ namelen = 0;
+ if (GetUserName(NULL, &namelen) == FALSE) {
+ /*
+ * Apparently this doesn't work at least on Windows XP SP2.
+ * Thus assume a maximum of 256. It will fail again if it
+ * doesn't fit.
+ */
+ namelen = 256;
+ }
- return user;
+ user = snewn(namelen, char);
+ got_username = GetUserName(user, &namelen);
+ if (!got_username) {
+ sfree(user);
+ }
+ }
+
+ return got_username ? user : NULL;
}
-int SaneDialogBox(HINSTANCE hinst,
- LPCTSTR tmpl,
- HWND hwndparent,
- DLGPROC lpDialogFunc)
+void dll_hijacking_protection(void)
{
- WNDCLASS wc;
- HWND hwnd;
- MSG msg;
- int flags;
- int ret;
- int gm;
-
- wc.style = CS_DBLCLKS | CS_SAVEBITS | CS_BYTEALIGNWINDOW;
- wc.lpfnWndProc = DefDlgProc;
- wc.cbClsExtra = 0;
- wc.cbWndExtra = DLGWINDOWEXTRA + 8;
- wc.hInstance = hinst;
- wc.hIcon = NULL;
- wc.hCursor = LoadCursor(NULL, IDC_ARROW);
- wc.hbrBackground = (HBRUSH) (COLOR_BACKGROUND +1);
- wc.lpszMenuName = NULL;
- wc.lpszClassName = "PuTTYConfigBox";
- RegisterClass(&wc);
-
- hwnd = CreateDialog(hinst, tmpl, hwndparent, lpDialogFunc);
-
- SetWindowLong(hwnd, BOXFLAGS, 0); /* flags */
- SetWindowLong(hwnd, BOXRESULT, 0); /* result from SaneEndDialog */
-
- while ((gm=GetMessage(&msg, NULL, 0, 0)) > 0) {
- flags=GetWindowLong(hwnd, BOXFLAGS);
- if (!(flags & DF_END) && !IsDialogMessage(hwnd, &msg))
- DispatchMessage(&msg);
- if (flags & DF_END)
- break;
+ /*
+ * If the OS provides it, call SetDefaultDllDirectories() to
+ * prevent DLLs from being loaded from the directory containing
+ * our own binary, and instead only load from system32.
+ *
+ * This is a protection against hijacking attacks, if someone runs
+ * PuTTY directly from their web browser's download directory
+ * having previously been enticed into clicking on an unwise link
+ * that downloaded a malicious DLL to the same directory under one
+ * of various magic names that seem to be things that standard
+ * Windows DLLs delegate to.
+ *
+ * It shouldn't break deliberate loading of user-provided DLLs
+ * such as GSSAPI providers, because those are specified by their
+ * full pathname by the user-provided configuration.
+ */
+ static HMODULE kernel32_module;
+ DECL_WINDOWS_FUNCTION(static, BOOL, SetDefaultDllDirectories, (DWORD));
+
+ if (!kernel32_module) {
+ kernel32_module = load_system32_dll("kernel32.dll");
+ GET_WINDOWS_FUNCTION(kernel32_module, SetDefaultDllDirectories);
+ }
+
+ if (p_SetDefaultDllDirectories) {
+ /* LOAD_LIBRARY_SEARCH_SYSTEM32 only */
+ p_SetDefaultDllDirectories(0x800);
}
+}
- if (gm == 0)
- PostQuitMessage(msg.wParam); /* We got a WM_QUIT, pass it on */
+BOOL init_winver(void)
+{
+ ZeroMemory(&osVersion, sizeof(osVersion));
+ osVersion.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
+ return GetVersionEx ( (OSVERSIONINFO *) &osVersion);
+}
- ret=GetWindowLong(hwnd, BOXRESULT);
- DestroyWindow(hwnd);
+HMODULE load_system32_dll(const char *libname)
+{
+ /*
+ * Wrapper function to load a DLL out of c:\windows\system32
+ * without going through the full DLL search path. (Hence no
+ * attack is possible by placing a substitute DLL earlier on that
+ * path.)
+ */
+ static char *sysdir = NULL;
+ char *fullpath;
+ HMODULE ret;
+
+ if (!sysdir) {
+ int size = 0, len;
+ do {
+ size = 3*size/2 + 512;
+ sysdir = sresize(sysdir, size, char);
+ len = GetSystemDirectory(sysdir, size);
+ } while (len >= size);
+ }
+
+ fullpath = dupcat(sysdir, "\\", libname, NULL);
+ ret = LoadLibrary(fullpath);
+ sfree(fullpath);
return ret;
}
-void SaneEndDialog(HWND hwnd, int ret)
+/*
+ * A tree234 containing mappings from system error codes to strings.
+ */
+
+struct errstring {
+ int error;
+ char *text;
+};
+
+static int errstring_find(void *av, void *bv)
+{
+ int *a = (int *)av;
+ struct errstring *b = (struct errstring *)bv;
+ if (*a < b->error)
+ return -1;
+ if (*a > b->error)
+ return +1;
+ return 0;
+}
+static int errstring_compare(void *av, void *bv)
{
- SetWindowLong(hwnd, BOXRESULT, ret);
- SetWindowLong(hwnd, BOXFLAGS, DF_END);
+ struct errstring *a = (struct errstring *)av;
+ return errstring_find(&a->error, bv);
}
-BOOL init_winver(void)
+static tree234 *errstrings = NULL;
+
+const char *win_strerror(int error)
{
- ZeroMemory(&osVersion, sizeof(osVersion));
- osVersion.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
- return GetVersionEx ( (OSVERSIONINFO *) &osVersion);
+ struct errstring *es;
+
+ if (!errstrings)
+ errstrings = newtree234(errstring_compare);
+
+ es = find234(errstrings, &error, errstring_find);
+
+ if (!es) {
+ char msgtext[65536]; /* maximum size for FormatMessage is 64K */
+
+ es = snew(struct errstring);
+ es->error = error;
+ if (!FormatMessage((FORMAT_MESSAGE_FROM_SYSTEM |
+ FORMAT_MESSAGE_IGNORE_INSERTS), NULL, error,
+ MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
+ msgtext, lenof(msgtext)-1, NULL)) {
+ sprintf(msgtext,
+ "(unable to format: FormatMessage returned %u)",
+ (unsigned int)GetLastError());
+ } else {
+ int len = strlen(msgtext);
+ if (len > 0 && msgtext[len-1] == '\n')
+ msgtext[len-1] = '\0';
+ }
+ es->text = dupprintf("Error %d: %s", error, msgtext);
+ add234(errstrings, es);
+ }
+
+ return es->text;
}
#ifdef DEBUG
static HANDLE debug_hdl = INVALID_HANDLE_VALUE;
static int debug_got_console = 0;
-void dputs(char *buf)
+void dputs(const char *buf)
{
DWORD dw;
}
#endif /* MINEFIELD */
+
+FontSpec *fontspec_new(const char *name,
+ int bold, int height, int charset)
+{
+ FontSpec *f = snew(FontSpec);
+ f->name = dupstr(name);
+ f->isbold = bold;
+ f->height = height;
+ f->charset = charset;
+ return f;
+}
+FontSpec *fontspec_copy(const FontSpec *f)
+{
+ return fontspec_new(f->name, f->isbold, f->height, f->charset);
+}
+void fontspec_free(FontSpec *f)
+{
+ sfree(f->name);
+ sfree(f);
+}
+int fontspec_serialise(FontSpec *f, void *vdata)
+{
+ char *data = (char *)vdata;
+ int len = strlen(f->name) + 1; /* include trailing NUL */
+ if (data) {
+ strcpy(data, f->name);
+ PUT_32BIT_MSB_FIRST(data + len, f->isbold);
+ PUT_32BIT_MSB_FIRST(data + len + 4, f->height);
+ PUT_32BIT_MSB_FIRST(data + len + 8, f->charset);
+ }
+ return len + 12; /* also include three 4-byte ints */
+}
+FontSpec *fontspec_deserialise(void *vdata, int maxsize, int *used)
+{
+ char *data = (char *)vdata;
+ char *end;
+ if (maxsize < 13)
+ return NULL;
+ end = memchr(data, '\0', maxsize-12);
+ if (!end)
+ return NULL;
+ end++;
+ *used = end - data + 12;
+ return fontspec_new(data,
+ GET_32BIT_MSB_FIRST(end),
+ GET_32BIT_MSB_FIRST(end + 4),
+ GET_32BIT_MSB_FIRST(end + 8));
+}