nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-04-21 13:05:04 -05:00
Code Issues Projects Releases Wiki Activity

Pageant should now not fail for lack of security APIs on 95-type platforms

Browse Source 
[originally from svn r629]
This commit is contained in:
Simon Tatham 2000-09-26 09:22:40 +00:00
parent 1aa92869c0
commit 5b20c5b8ce
1 changed files with 75 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
pageant.c
View File

@ -44,6 +44,13 @@ HMENU systray_menu;
tree234 *rsakeys; tree234 *rsakeys;
int has_security;
typedef DWORD (WINAPI *gsi_fn_t)
(HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION,
PSID *, PSID *, PACL *, PACL *,
PSECURITY_DESCRIPTOR *);
gsi_fn_t getsecurityinfo;
/* /*
* We need this to link with the RSA code, because rsaencrypt() * We need this to link with the RSA code, because rsaencrypt()
* pads its data with random bytes. Since we only use rsadecrypt(), * pads its data with random bytes. Since we only use rsadecrypt(),
@ -487,43 +494,49 @@ static LRESULT CALLBACK WndProc (HWND hwnd, UINT message,
#endif #endif
if (filemap != NULL && filemap != INVALID_HANDLE_VALUE) { if (filemap != NULL && filemap != INVALID_HANDLE_VALUE) {
int rc; int rc;
if ((proc = OpenProcess(MAXIMUM_ALLOWED, FALSE, if (has_security) {
GetCurrentProcessId())) == NULL) { if ((proc = OpenProcess(MAXIMUM_ALLOWED, FALSE,
GetCurrentProcessId())) == NULL) {
#ifdef DEBUG_IPC #ifdef DEBUG_IPC
debug(("couldn't get handle for process\r\n")); debug(("couldn't get handle for process\r\n"));
#endif #endif
return 0; return 0;
} }
if (GetSecurityInfo(proc, SE_KERNEL_OBJECT, if (getsecurityinfo(proc, SE_KERNEL_OBJECT,
OWNER_SECURITY_INFORMATION, OWNER_SECURITY_INFORMATION,
&procowner, NULL, NULL, NULL, &procowner, NULL, NULL, NULL,
&psd2) != ERROR_SUCCESS) { &psd2) != ERROR_SUCCESS) {
#ifdef DEBUG_IPC #ifdef DEBUG_IPC
debug(("couldn't get owner info for process\r\n")); debug(("couldn't get owner info for process\r\n"));
#endif #endif
CloseHandle(proc);
return 0; /* unable to get security info */
}
CloseHandle(proc); CloseHandle(proc);
return 0; /* unable to get security info */ if ((rc = getsecurityinfo(filemap, SE_KERNEL_OBJECT,
OWNER_SECURITY_INFORMATION,
&mapowner, NULL, NULL, NULL,
&psd1) != ERROR_SUCCESS)) {
#ifdef DEBUG_IPC
debug(("couldn't get owner info for filemap: %d\r\n", rc));
#endif
return 0;
}
#ifdef DEBUG_IPC
debug(("got security stuff\r\n"));
#endif
if (!EqualSid(mapowner, procowner))
return 0; /* security ID mismatch! */
#ifdef DEBUG_IPC
debug(("security stuff matched\r\n"));
#endif
LocalFree(psd1);
LocalFree(psd2);
} else {
#ifdef DEBUG_IPC
debug(("security APIs not present\r\n"));
#endif
} }
CloseHandle(proc);
if ((rc = GetSecurityInfo(filemap, SE_KERNEL_OBJECT,
OWNER_SECURITY_INFORMATION,
&mapowner, NULL, NULL, NULL,
&psd1) != ERROR_SUCCESS)) {
#ifdef DEBUG_IPC
debug(("couldn't get owner info for filemap: %d\r\n", rc));
#endif
return 0;
}
#ifdef DEBUG_IPC
debug(("got security stuff\r\n"));
#endif
if (!EqualSid(mapowner, procowner))
return 0; /* security ID mismatch! */
#ifdef DEBUG_IPC
debug(("security stuff matched\r\n"));
#endif
LocalFree(psd1);
LocalFree(psd2);
p = MapViewOfFile(filemap, FILE_MAP_WRITE, 0, 0, 0); p = MapViewOfFile(filemap, FILE_MAP_WRITE, 0, 0, 0);
#ifdef DEBUG_IPC #ifdef DEBUG_IPC
debug(("p is %p\r\n", p)); debug(("p is %p\r\n", p));
@ -544,6 +557,35 @@ static LRESULT CALLBACK WndProc (HWND hwnd, UINT message,
int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show) { int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show) {
WNDCLASS wndclass; WNDCLASS wndclass;
MSG msg; MSG msg;
OSVERSIONINFO osi;
HMODULE advapi;
/*
* Determine whether we're an NT system (should have security
* APIs) or a non-NT system (don't do security).
*/
memset(&osi, 0, sizeof(OSVERSIONINFO));
osi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
if (GetVersionEx(&osi) && osi.dwPlatformId==VER_PLATFORM_WIN32_NT) {
has_security = TRUE;
} else
has_security = FALSE;
if (has_security) {
/*
* Attempt to ge the security API we need.
*/
advapi = LoadLibrary("ADVAPI32.DLL");
getsecurityinfo = (gsi_fn_t)GetProcAddress(advapi, "GetSecurityInfo");
if (!getsecurityinfo) {
MessageBox(NULL,
"Unable to access security APIs. Pageant will\n"
"not run, in case it causes a security breach.",
"Pageant Fatal Error", MB_ICONERROR | MB_OK);
return 1;
}
} else
advapi = NULL;
/* /*
* First bomb out totally if we are already running. * First bomb out totally if we are already running.
@ -551,6 +593,7 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show) {
if (FindWindow("Pageant", "Pageant")) { if (FindWindow("Pageant", "Pageant")) {
MessageBox(NULL, "Pageant is already running", "Pageant Error", MessageBox(NULL, "Pageant is already running", "Pageant Error",
MB_ICONERROR | MB_OK); MB_ICONERROR | MB_OK);
if (advapi) FreeLibrary(advapi);
return 0; return 0;
} }
@ -665,5 +708,6 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show) {
DestroyMenu(systray_menu); DestroyMenu(systray_menu);
} }
if (advapi) FreeLibrary(advapi);
exit(msg.wParam); exit(msg.wParam);
} }