X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=windows%2Fwinpgntc.c;h=06649abc13f3db2d84ca75df2d509a9a493df175;hb=1de7240eb88fa24a8532ded116b4ec72dd213008;hp=4074a1653df48578c7f207476f32f79886123dc7;hpb=da052d88f8122c7299595ca51ffd03ce42bc9411;p=PuTTY.git diff --git a/windows/winpgntc.c b/windows/winpgntc.c index 4074a165..06649abc 100644 --- a/windows/winpgntc.c +++ b/windows/winpgntc.c @@ -8,7 +8,7 @@ #include "putty.h" #ifndef NO_SECURITY -#include +#include "winsecur.h" #endif #define AGENT_COPYDATA_ID 0x804e50ba /* random goop */ @@ -70,88 +70,6 @@ DWORD WINAPI agent_query_thread(LPVOID param) #endif -/* - * Dynamically load advapi32.dll for SID manipulation. In its absence, - * we degrade gracefully. - */ -#ifndef NO_SECURITY -int advapi_initialised = FALSE; -static HMODULE advapi; -DECL_WINDOWS_FUNCTION(static, BOOL, OpenProcessToken, - (HANDLE, DWORD, PHANDLE)); -DECL_WINDOWS_FUNCTION(static, BOOL, GetTokenInformation, - (HANDLE, TOKEN_INFORMATION_CLASS, - LPVOID, DWORD, PDWORD)); -DECL_WINDOWS_FUNCTION(static, BOOL, InitializeSecurityDescriptor, - (PSECURITY_DESCRIPTOR, DWORD)); -DECL_WINDOWS_FUNCTION(static, BOOL, SetSecurityDescriptorOwner, - (PSECURITY_DESCRIPTOR, PSID, BOOL)); -DECL_WINDOWS_FUNCTION(, DWORD, GetSecurityInfo, - (HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION, - PSID *, PSID *, PACL *, PACL *, - PSECURITY_DESCRIPTOR *)); -int init_advapi(void) -{ - advapi = load_system32_dll("advapi32.dll"); - return advapi && - GET_WINDOWS_FUNCTION(advapi, GetSecurityInfo) && - GET_WINDOWS_FUNCTION(advapi, OpenProcessToken) && - GET_WINDOWS_FUNCTION(advapi, GetTokenInformation) && - GET_WINDOWS_FUNCTION(advapi, InitializeSecurityDescriptor) && - GET_WINDOWS_FUNCTION(advapi, SetSecurityDescriptorOwner); -} - -PSID get_user_sid(void) -{ - HANDLE proc = NULL, tok = NULL; - TOKEN_USER *user = NULL; - DWORD toklen, sidlen; - PSID sid = NULL, ret = NULL; - - if ((proc = OpenProcess(MAXIMUM_ALLOWED, FALSE, - GetCurrentProcessId())) == NULL) - goto cleanup; - - if (!p_OpenProcessToken(proc, TOKEN_QUERY, &tok)) - goto cleanup; - - if (!p_GetTokenInformation(tok, TokenUser, NULL, 0, &toklen) && - GetLastError() != ERROR_INSUFFICIENT_BUFFER) - goto cleanup; - - if ((user = (TOKEN_USER *)LocalAlloc(LPTR, toklen)) == NULL) - goto cleanup; - - if (!p_GetTokenInformation(tok, TokenUser, user, toklen, &toklen)) - goto cleanup; - - sidlen = GetLengthSid(user->User.Sid); - - sid = (PSID)smalloc(sidlen); - - if (!CopySid(sidlen, sid, user->User.Sid)) - goto cleanup; - - /* Success. Move sid into the return value slot, and null it out - * to stop the cleanup code freeing it. */ - ret = sid; - sid = NULL; - - cleanup: - if (proc != NULL) - CloseHandle(proc); - if (tok != NULL) - CloseHandle(tok); - if (user != NULL) - LocalFree(user); - if (sid != NULL) - sfree(sid); - - return ret; -} - -#endif - int agent_query(void *in, int inlen, void **out, int *outlen, void (*callback)(void *, void *, int), void *callback_ctx) { @@ -175,7 +93,7 @@ int agent_query(void *in, int inlen, void **out, int *outlen, psa = NULL; #ifndef NO_SECURITY - if (advapi_initialised || init_advapi()) { + if (got_advapi()) { /* * Make the file mapping we create for communication with * Pageant owned by the user SID rather than the default. This @@ -209,8 +127,10 @@ int agent_query(void *in, int inlen, void **out, int *outlen, filemap = CreateFileMapping(INVALID_HANDLE_VALUE, psa, PAGE_READWRITE, 0, AGENT_MAX_MSGLEN, mapname); - if (filemap == NULL || filemap == INVALID_HANDLE_VALUE) + if (filemap == NULL || filemap == INVALID_HANDLE_VALUE) { + sfree(mapname); return 1; /* *out == NULL, so failure */ + } p = MapViewOfFile(filemap, FILE_MAP_WRITE, 0, 0, 0); memcpy(p, in, inlen); cds.dwData = AGENT_COPYDATA_ID; @@ -237,6 +157,7 @@ int agent_query(void *in, int inlen, void **out, int *outlen, data->hwnd = hwnd; if (CreateThread(NULL, 0, agent_query_thread, data, 0, &threadid)) return 0; + sfree(mapname); sfree(data); } #endif @@ -258,8 +179,8 @@ int agent_query(void *in, int inlen, void **out, int *outlen, } UnmapViewOfFile(p); CloseHandle(filemap); + sfree(mapname); if (psd) LocalFree(psd); - sfree(usersid); return 1; }