X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=windows%2Fwinshare.c;h=89c1cc32591d57160c11e489ade7880a9433be06;hb=cc66c86e7311c97db09da989c340ba3108c9e14f;hp=ad1cea4d6e06f9aa55f8a7b397cded236e6f74c9;hpb=bb78583ad29084f16db994d66895917e1b20346e;p=PuTTY.git

diff --git a/windows/winshare.c b/windows/winshare.c
index ad1cea4d..89c1cc32 100644
--- a/windows/winshare.c
+++ b/windows/winshare.c
@@ -5,6 +5,8 @@
 #include <stdio.h>
 #include <assert.h>
 
+#if !defined NO_SECURITY
+
 #define DEFINE_PLUG_METHOD_MACROS
 #include "tree234.h"
 #include "putty.h"
@@ -12,8 +14,6 @@
 #include "proxy.h"
 #include "ssh.h"
 
-#if !defined NO_SECURITY
-
 #include "winsecur.h"
 
 #define CONNSHARE_PIPE_PREFIX "\\\\.\\pipe\\putty-connshare"
@@ -56,11 +56,17 @@ static char *obfuscate_name(const char *realname)
      * key every time since its API permits returning more data than
      * was input, so calling _that_ and hashing the output would not
      * be stable.)
+     *
+     * We don't worry too much if this doesn't work for some reason.
+     * Omitting this step still has _some_ privacy value (in that
+     * another user can test-hash things to confirm guesses as to
+     * where you might be connecting to, but cannot invert SHA-256 in
+     * the absence of any plausible guess). So we don't abort if we
+     * can't call CryptProtectMemory at all, or if it fails.
      */
-    if (!p_CryptProtectMemory(cryptdata, cryptlen,
-                              CRYPTPROTECTMEMORY_CROSS_PROCESS)) {
-        return NULL;
-    }
+    if (got_crypt())
+        p_CryptProtectMemory(cryptdata, cryptlen,
+                             CRYPTPROTECTMEMORY_CROSS_PROCESS);
 
     /*
      * We don't want to give away the length of the hostname either,
@@ -109,12 +115,6 @@ int platform_ssh_share(const char *pi_name, Conf *conf,
     Socket retsock;
     PSECURITY_DESCRIPTOR psd;
     PACL acl;
-    PSID networksid;
-
-    if (!got_crypt()) {
-        *logtext = dupprintf("Unable to load crypt32.dll");
-        return SHARE_NONE;
-    }
 
     /*
      * Transform the platform-independent version of the connection
@@ -139,8 +139,7 @@ int platform_ssh_share(const char *pi_name, Conf *conf,
 
         mutexname = make_name(CONNSHARE_MUTEX_PREFIX, name);
         if (!make_private_security_descriptor(MUTEX_ALL_ACCESS,
-                                              &psd, &networksid,
-                                              &acl, logtext)) {
+                                              &psd, &acl, logtext)) {
             sfree(mutexname);
             return SHARE_NONE;
         }
@@ -157,14 +156,12 @@ int platform_ssh_share(const char *pi_name, Conf *conf,
                                  mutexname, win_strerror(GetLastError()));
             sfree(mutexname);
             LocalFree(psd);
-            LocalFree(networksid);
             LocalFree(acl);
             return SHARE_NONE;
         }
 
         sfree(mutexname);
         LocalFree(psd);
-        LocalFree(networksid);
         LocalFree(acl);
 
         WaitForSingleObject(mutex, INFINITE);