From e43b6203ecaf90aec709c984991d0d65c47472d1 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Mon, 18 Nov 2013 19:07:58 +0000 Subject: [PATCH] Gracefully degrade in the absence of CryptProtectMemory. XP doesn't have it, and I think having connection sharing work without its privacy enhancement is better than having it not work at all. [originally from svn r10087] --- windows/winshare.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/windows/winshare.c b/windows/winshare.c index ad1cea4d..1ad20ba1 100644 --- a/windows/winshare.c +++ b/windows/winshare.c @@ -56,11 +56,17 @@ static char *obfuscate_name(const char *realname) * key every time since its API permits returning more data than * was input, so calling _that_ and hashing the output would not * be stable.) + * + * We don't worry too much if this doesn't work for some reason. + * Omitting this step still has _some_ privacy value (in that + * another user can test-hash things to confirm guesses as to + * where you might be connecting to, but cannot invert SHA-256 in + * the absence of any plausible guess). So we don't abort if we + * can't call CryptProtectMemory at all, or if it fails. */ - if (!p_CryptProtectMemory(cryptdata, cryptlen, - CRYPTPROTECTMEMORY_CROSS_PROCESS)) { - return NULL; - } + if (got_crypt()) + p_CryptProtectMemory(cryptdata, cryptlen, + CRYPTPROTECTMEMORY_CROSS_PROCESS); /* * We don't want to give away the length of the hostname either, @@ -111,11 +117,6 @@ int platform_ssh_share(const char *pi_name, Conf *conf, PACL acl; PSID networksid; - if (!got_crypt()) { - *logtext = dupprintf("Unable to load crypt32.dll"); - return SHARE_NONE; - } - /* * Transform the platform-independent version of the connection * identifier into the obfuscated version we'll use for our