Windows Pageant: turn 'has_security' into a global function.

Now it can be called from places other than Pageant's WinMain(). In particular, the attempt to make a security descriptor in lock_interprocess_mutex() is gated on it. In return, however, I've tightened up the semantics. In normal PuTTY builds that aren't trying to support pre-NT systems, the function *unconditionally* returns true, on the grounds that we don't expect to target any system that doesn't support the security APIs, and if someone manages to contrive one anyway - or, more likely, if we some day introduce a bug in our loading of the security API functions - then this safety catch should make Pageant less likely to accidentally fall back to 'never mind, just run in insecure mode'.
2025-07-04 13:02:47 -05:00 · 2022-03-12 15:02:12 +00:00
parent f500d24a95
commit a2b376af96
4 changed files with 49 additions and 40 deletions
--- a/windows/utils/interprocess_mutex.c
+++ b/windows/utils/interprocess_mutex.c
@ -13,8 +13,8 @@ HANDLE lock_interprocess_mutex(const char *mutexname, char **error)
    PACL acl = NULL;
    HANDLE mutex = NULL;

-    if (!make_private_security_descriptor(MUTEX_ALL_ACCESS,
-                                          &psd, &acl, error))
+    if (should_have_security() && !make_private_security_descriptor(
+            MUTEX_ALL_ACCESS, &psd, &acl, error))
        goto out;

    SECURITY_ATTRIBUTES sa;