Log when -restrict-acl is in use.

[PuTTY.git] / windows / winsftp.c

diff --git a/windows/winsftp.c b/windows/winsftp.c
index 25ac6c9482079b14e0b1218614f02aa77db2430b..437ef439d0c23651cb2f7bee8ad8be79350b1359 100644 (file)
--- a/windows/winsftp.c
+++ b/windows/winsftp.c
@@ -8,10 +8,11 @@
 #include "psftp.h"
 #include "ssh.h"
 #include "int64.h"
+#include "winsecur.h"
 
 char *get_ttymode(void *frontend, const char *mode) { return NULL; }
 
-int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
+int get_userpass_input(prompts_t *p, const unsigned char *in, int inlen)
 {
     int ret;
     ret = cmdline_get_passwd_input(p, in, inlen);
@@ -87,7 +88,7 @@ struct RFile {
     HANDLE h;
 };
 
-RFile *open_existing_file(char *name, uint64 *size,
+RFile *open_existing_file(const char *name, uint64 *size,
                          unsigned long *mtime, unsigned long *atime,
                           long *perms)
 {
@@ -102,8 +103,12 @@ RFile *open_existing_file(char *name, uint64 *size,
     ret = snew(RFile);
     ret->h = h;
 
-    if (size)
-        size->lo=GetFileSize(h, &(size->hi));
+    if (size) {
+        DWORD lo, hi;
+        lo = GetFileSize(h, &hi);
+        size->lo = lo;
+        size->hi = hi;
+    }
 
     if (mtime || atime) {
        FILETIME actime, wrtime;
@@ -141,7 +146,7 @@ struct WFile {
     HANDLE h;
 };
 
-WFile *open_new_file(char *name, long perms)
+WFile *open_new_file(const char *name, long perms)
 {
     HANDLE h;
     WFile *ret;
@@ -157,7 +162,7 @@ WFile *open_new_file(char *name, long perms)
     return ret;
 }
 
-WFile *open_existing_wfile(char *name, uint64 *size)
+WFile *open_existing_wfile(const char *name, uint64 *size)
 {
     HANDLE h;
     WFile *ret;
@@ -170,8 +175,12 @@ WFile *open_existing_wfile(char *name, uint64 *size)
     ret = snew(WFile);
     ret->h = h;
 
-    if (size)
-       size->lo=GetFileSize(h, &(size->hi));
+    if (size) {
+        DWORD lo, hi;
+        lo = GetFileSize(h, &hi);
+        size->lo = lo;
+        size->hi = hi;
+    }
 
     return ret;
 }
@@ -221,7 +230,10 @@ int seek_file(WFile *f, uint64 offset, int whence)
        return -1;
     }
 
-    SetFilePointer(f->h, offset.lo, &(offset.hi), movemethod);
+    {
+        LONG lo = offset.lo, hi = offset.hi;
+        SetFilePointer(f->h, lo, &hi, movemethod);
+    }
     
     if (GetLastError() != NO_ERROR)
        return -1;
@@ -232,14 +244,16 @@ int seek_file(WFile *f, uint64 offset, int whence)
 uint64 get_file_posn(WFile *f)
 {
     uint64 ret;
+    LONG lo, hi = 0;
 
-    ret.hi = 0L;
-    ret.lo = SetFilePointer(f->h, 0L, &(ret.hi), FILE_CURRENT);
+    lo = SetFilePointer(f->h, 0L, &hi, FILE_CURRENT);
+    ret.lo = lo;
+    ret.hi = hi;
 
     return ret;
 }
 
-int file_type(char *name)
+int file_type(const char *name)
 {
     DWORD attr;
     attr = GetFileAttributes(name);
@@ -257,7 +271,7 @@ struct DirHandle {
     char *name;
 };
 
-DirHandle *open_directory(char *name)
+DirHandle *open_directory(const char *name)
 {
     HANDLE h;
     WIN32_FIND_DATA fdat;
@@ -316,7 +330,7 @@ void close_directory(DirHandle *dir)
     sfree(dir);
 }
 
-int test_wildcard(char *name, int cmdline)
+int test_wildcard(const char *name, int cmdline)
 {
     HANDLE fh;
     WIN32_FIND_DATA fdat;
@@ -340,14 +354,14 @@ struct WildcardMatcher {
     char *srcpath;
 };
 
-/*
- * Return a pointer to the portion of str that comes after the last
- * slash (or backslash or colon, if `local' is TRUE).
- */
-static char *stripslashes(char *str, int local)
+char *stripslashes(const char *str, int local)
 {
     char *p;
 
+    /*
+     * On Windows, \ / : are all path component separators.
+     */
+
     if (local) {
         p = strchr(str, ':');
         if (p) str = p+1;
@@ -361,10 +375,10 @@ static char *stripslashes(char *str, int local)
        if (p) str = p+1;
     }
 
-    return str;
+    return (char *)str;
 }
 
-WildcardMatcher *begin_wildcard_matching(char *name)
+WildcardMatcher *begin_wildcard_matching(const char *name)
 {
     HANDLE h;
     WIN32_FIND_DATA fdat;
@@ -424,7 +438,7 @@ void finish_wildcard_matching(WildcardMatcher *dir)
     sfree(dir);
 }
 
-int vet_filename(char *name)
+int vet_filename(const char *name)
 {
     if (strchr(name, '/') || strchr(name, '\\') || strchr(name, ':'))
        return FALSE;
@@ -435,12 +449,12 @@ int vet_filename(char *name)
     return TRUE;
 }
 
-int create_directory(char *name)
+int create_directory(const char *name)
 {
     return CreateDirectory(name, NULL) != 0;
 }
 
-char *dir_file_cat(char *dir, char *file)
+char *dir_file_cat(const char *dir, const char *file)
 {
     return dupcat(dir, "\\", file, NULL);
 }
@@ -495,6 +509,7 @@ int do_eventsel_loop(HANDLE other_event)
 
     if (toplevel_callback_pending()) {
         ticks = 0;
+        next = now;
     } else if (run_timers(now, &next)) {
        then = now;
        now = GETTICKCOUNT();
@@ -504,6 +519,8 @@ int do_eventsel_loop(HANDLE other_event)
            ticks = next - now;
     } else {
        ticks = INFINITE;
+        /* no need to initialise next here because we can never get
+         * WAIT_TIMEOUT */
     }
 
     handles = handle_get_events(&nhandles);
@@ -688,11 +705,12 @@ static DWORD WINAPI command_read_thread(void *param)
     return 0;
 }
 
-char *ssh_sftp_get_cmdline(char *prompt, int no_fds_ok)
+char *ssh_sftp_get_cmdline(const char *prompt, int no_fds_ok)
 {
     int ret;
     struct command_read_ctx actx, *ctx = &actx;
     DWORD threadid;
+    HANDLE hThread;
 
     fputs(prompt, stdout);
     fflush(stdout);
@@ -709,8 +727,9 @@ char *ssh_sftp_get_cmdline(char *prompt, int no_fds_ok)
     ctx->event = CreateEvent(NULL, FALSE, FALSE, NULL);
     ctx->line = NULL;
 
-    if (!CreateThread(NULL, 0, command_read_thread,
-                     ctx, 0, &threadid)) {
+    hThread = CreateThread(NULL, 0, command_read_thread, ctx, 0, &threadid);
+    if (!hThread) {
+       CloseHandle(ctx->event);
        fprintf(stderr, "Unable to create command input thread\n");
        cleanup_exit(1);
     }
@@ -722,9 +741,19 @@ char *ssh_sftp_get_cmdline(char *prompt, int no_fds_ok)
        assert(ret >= 0);
     } while (ret == 0);
 
+    CloseHandle(hThread);
+    CloseHandle(ctx->event);
+
     return ctx->line;
 }
 
+void platform_psftp_pre_conn_setup(void)
+{
+    if (restricted_acl) {
+       logevent(NULL, "Running with restricted process ACL");
+    }
+}
+
 /* ----------------------------------------------------------------------
  * Main program. Parse arguments etc.
  */
@@ -732,6 +761,8 @@ int main(int argc, char *argv[])
 {
     int ret;
 
+    dll_hijacking_protection();
+
     ret = psftp_main(argc, argv);
 
     return ret;