From a5634e0ccb7955bef810cfaadb5562d6da33f5b1 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sat, 28 Nov 2015 18:31:10 +0000 Subject: [PATCH] Put back in a missing dynamic-load wrapper on SetSecurityInfo. We had inadvertently raised the minimum supported Windows version in the course of restricting PuTTY's ACL. (cherry picked from commit bf3621f247937b51e983f364377bb408b4cb609b) --- windows/winsecur.c | 15 +++++---------- windows/winsecur.h | 3 +++ 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/windows/winsecur.c b/windows/winsecur.c index 9cdac26c..8d0b223a 100644 --- a/windows/winsecur.c +++ b/windows/winsecur.c @@ -27,6 +27,7 @@ int got_advapi(void) advapi = load_system32_dll("advapi32.dll"); successful = advapi && GET_WINDOWS_FUNCTION(advapi, GetSecurityInfo) && + GET_WINDOWS_FUNCTION(advapi, SetSecurityInfo) && GET_WINDOWS_FUNCTION(advapi, OpenProcessToken) && GET_WINDOWS_FUNCTION(advapi, GetTokenInformation) && GET_WINDOWS_FUNCTION(advapi, InitializeSecurityDescriptor) && @@ -265,16 +266,10 @@ int setprocessacl(char *error) goto cleanup; } - if (ERROR_SUCCESS != - SetSecurityInfo( - GetCurrentProcess(), - SE_KERNEL_OBJECT, - OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION, - usersid, - NULL, - acl, - NULL - )) { + if (ERROR_SUCCESS != p_SetSecurityInfo + (GetCurrentProcess(), SE_KERNEL_OBJECT, + OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION, + usersid, NULL, acl, NULL)) { error=dupprintf("Unable to set process ACL: %s", win_strerror(GetLastError())); goto cleanup; diff --git a/windows/winsecur.h b/windows/winsecur.h index 03e8314d..ed3151c5 100644 --- a/windows/winsecur.h +++ b/windows/winsecur.h @@ -28,6 +28,9 @@ DECL_WINDOWS_FUNCTION(WINSECUR_GLOBAL, DWORD, GetSecurityInfo, (HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION, PSID *, PSID *, PACL *, PACL *, PSECURITY_DESCRIPTOR *)); +DECL_WINDOWS_FUNCTION(WINSECUR_GLOBAL, DWORD, SetSecurityInfo, + (HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION, + PSID, PSID, PACL, PACL)); DECL_WINDOWS_FUNCTION(WINSECUR_GLOBAL, DWORD, SetEntriesInAclA, (ULONG, PEXPLICIT_ACCESS, PACL, PACL *)); int got_advapi(void);