Make Pageant use the same SID-selection logic as the Pageant client

code (as introduced in r9043), so that it uses the user SID rather than the default SID. This does change the access-control model, in that a Pageant running with administrator privilege will now serve keys to an unprivileged PuTTY running as the same user who started Pageant. Owen and I think this isn't a problem (in particular, it will still not serve keys to a _different_ user). More importantly, making the Pageant client and server code work the same way means that PuTTY and Pageant can still talk to each other when UAC is turned off, which we've had several reports of r9043 having broken. [originally from svn r9178] [r9043 == 05f22632eb]
2025-07-17 19:11:00 -05:00 · 2011-06-08 20:47:07 +00:00
parent 6e40a0db57
commit af78191a9c
3 changed files with 96 additions and 54 deletions
--- a/windows/winstuff.h
+++ b/windows/winstuff.h
@ -497,7 +497,7 @@ int handle_backlog(struct handle *h);
 void *handle_get_privdata(struct handle *h);

 /*
- * pageantc.c needs to schedule callbacks for asynchronous agent
+ * winpgntc.c needs to schedule callbacks for asynchronous agent
 * requests. This has to be done differently in GUI and console, so
 * there's an exported function used for the purpose.
 * 
@ -508,6 +508,14 @@ void agent_schedule_callback(void (*callback)(void *, void *, int),
 			     void *callback_ctx, void *data, int len);
 #define FLAG_SYNCAGENT 0x1000

+/*
+ * winpgntc.c also exports these two functions which are used by the
+ * server side of Pageant as well, to get the user SID for comparing
+ * with clients'.
+ */
+int init_advapi(void);  /* initialises everything needed by get_user_sid */
+PSID get_user_sid(void);
+
 /*
 * Exports from winser.c.
 */