From 3ff3be38822d9735f065bc0fb41fecc72721e78c Mon Sep 17 00:00:00 2001
From: Christopher Odenbach <odenbach@uni-paderborn.de>
Date: Tue, 11 Apr 2017 14:04:00 +0200
Subject: [PATCH] Fix loading of SSPICLI.DLL by SECUR32.DLL.

If MIT Kerberos is installed, then using GetProcAddress to extract
GetUserNameExA() from secur32.dll causes Windows to implicitly load
sspicli.dll in turn - and it does it in a search-path-unclean way.

If we load it in our own way before that happens, then Windows doesn't
need to load it again and won't do so wrongly.

[SGT: tidied up commit message from original patch]
---
 windows/winmisc.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/winmisc.c b/windows/winmisc.c
index 384dc5ee..308f0ea5 100644
--- a/windows/winmisc.c
+++ b/windows/winmisc.c
@@ -101,6 +101,11 @@ char *get_username(void)
 	if (!tried_usernameex) {
 	    /* Not available on Win9x, so load dynamically */
 	    HMODULE secur32 = load_system32_dll("secur32.dll");
+	    /* If MIT Kerberos is installed, the following call to
+	       GET_WINDOWS_FUNCTION makes Windows implicitly load
+	       sspicli.dll WITHOUT proper path sanitizing, so better
+	       load it properly before */
+	    HMODULE sspicli = load_system32_dll("sspicli.dll");
 	    GET_WINDOWS_FUNCTION(secur32, GetUserNameExA);
 	    tried_usernameex = TRUE;
 	}