Make asynchronous agent_query() requests cancellable.

[PuTTY.git] / windows / winsecur.c

diff --git a/windows/winsecur.c b/windows/winsecur.c
index 9cdac26c3ba36bf11a09c5d40d6ecf6257714e88..8b3c7f161893d8b0cc5fb904cd12b4e7b71b3c28 100644 (file)
--- a/windows/winsecur.c
+++ b/windows/winsecur.c
@@ -27,6 +27,7 @@ int got_advapi(void)
         advapi = load_system32_dll("advapi32.dll");
         successful = advapi &&
             GET_WINDOWS_FUNCTION(advapi, GetSecurityInfo) &&
+            GET_WINDOWS_FUNCTION(advapi, SetSecurityInfo) &&
             GET_WINDOWS_FUNCTION(advapi, OpenProcessToken) &&
             GET_WINDOWS_FUNCTION(advapi, GetTokenInformation) &&
             GET_WINDOWS_FUNCTION(advapi, InitializeSecurityDescriptor) &&
@@ -43,6 +44,9 @@ PSID get_user_sid(void)
     DWORD toklen, sidlen;
     PSID sid = NULL, ret = NULL;
 
+    if (usersid)
+        return usersid;
+
     if (!got_advapi())
         goto cleanup;
 
@@ -72,7 +76,7 @@ PSID get_user_sid(void)
 
     /* Success. Move sid into the return value slot, and null it out
      * to stop the cleanup code freeing it. */
-    ret = sid;
+    ret = usersid = sid;
     sid = NULL;
 
   cleanup:
@@ -139,8 +143,6 @@ int make_private_security_descriptor(DWORD permissions,
                                      PACL *acl,
                                      char **error)
 {
-    SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
-    SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
     EXPLICIT_ACCESS ea[3];
     int acl_err;
     int ret = FALSE;
@@ -224,16 +226,14 @@ int make_private_security_descriptor(DWORD permissions,
 
 int setprocessacl(char *error)
 {
-    SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
-    SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
     EXPLICIT_ACCESS ea[2];
     int acl_err;
     int ret=FALSE;
     PACL acl = NULL;
 
-    static const nastyace=WRITE_DAC | WRITE_OWNER |
+    static const DWORD nastyace=WRITE_DAC | WRITE_OWNER |
        PROCESS_CREATE_PROCESS | PROCESS_CREATE_THREAD |
-       PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION |
+       PROCESS_DUP_HANDLE |
        PROCESS_SET_QUOTA | PROCESS_SET_INFORMATION |
        PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE |
        PROCESS_SUSPEND_RESUME;
@@ -265,16 +265,10 @@ int setprocessacl(char *error)
         goto cleanup;
     }
 
-    if (ERROR_SUCCESS !=
-       SetSecurityInfo(
-                       GetCurrentProcess(),
-                       SE_KERNEL_OBJECT,
-                       OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
-                       usersid,
-                       NULL,
-                       acl,
-                       NULL
-                       )) {
+    if (ERROR_SUCCESS != p_SetSecurityInfo
+        (GetCurrentProcess(), SE_KERNEL_OBJECT,
+         OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION,
+         usersid, NULL, acl, NULL)) {
        error=dupprintf("Unable to set process ACL: %s",
                        win_strerror(GetLastError()));
        goto cleanup;