1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00

Pass -restrict-acl, if given, through to sub-PuTTYs.

This change applies to every situation when GUI PuTTY knowingly spawns
another GUI PuTTY, to wit, the System menu options 'New Session',
'Duplicate Session' and the 'Saved Sessions' submenu.

(Literally speaking, what we actually pass through to the sub-PuTTY's
command line is not the "-restrict-acl" option itself, but a special
prefix "&R", which has the same meaning but which lives in the special
pre-argv-splitting command-line namespace like the magic options used
for Duplicate Session and the old '@sessionname' prefix which the
Saved Sessions submenu still uses. Otherwise, by the time we split up
argv and recognised -restrict-acl, it would be too late to parse those
other options.)

One case in which PuTTY spawns a subprocess and this change _doesn't_
apply is when the subprocess is a proxy command which happens to be a
Plink. Recognising Plink commands in that situation would be fragile
and unreliable, and in any case if the user wants a proxy Plink to be
ACL-restricted, they are in control of its exact command line so they
can add -restrict-acl themselves.
This commit is contained in:
Simon Tatham 2017-02-04 07:57:36 +00:00
parent 095072fa46
commit f049690465
3 changed files with 32 additions and 12 deletions

View File

@ -617,6 +617,7 @@ int cmdline_process_param(const char *p, char *value,
!strcmp(p, "-restrictacl")) {
RETURN(1);
restrict_process_acl();
restricted_acl = TRUE;
}
#endif

View File

@ -432,11 +432,20 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
* Process a couple of command-line options which are more
* easily dealt with before the line is broken up into words.
* These are the old-fashioned but convenient @sessionname and
* the internal-use-only &sharedmemoryhandle, neither of which
* are combined with anything else.
* the internal-use-only &sharedmemoryhandle, plus the &R
* prefix for -restrict-acl, all of which are used by PuTTYs
* auto-launching each other via System-menu options.
*/
while (*p && isspace(*p))
p++;
if (*p == '&' && p[1] == 'R' &&
(!p[2] || p[2] == '@' || p[2] == '&')) {
/* &R restrict-acl prefix */
restrict_process_acl();
restricted_acl = TRUE;
p += 2;
}
if (*p == '@') {
/*
* An initial @ means that the whole of the rest of the
@ -474,7 +483,11 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
cleanup_exit(0);
}
allow_launch = TRUE;
} else {
} else if (!*p) {
/* Do-nothing case for an empty command line - or rather,
* for a command line that's empty _after_ we strip off
* the &R prefix. */
} else {
/*
* Otherwise, break up the command line and deal with
* it sensibly.
@ -2148,13 +2161,18 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
case IDM_SAVEDSESS:
{
char b[2048];
char c[30], *cl;
int freecl = FALSE;
char *cl;
const char *argprefix;
BOOL inherit_handles;
STARTUPINFO si;
PROCESS_INFORMATION pi;
HANDLE filemap = NULL;
if (restricted_acl)
argprefix = "&R";
else
argprefix = "";
if (wParam == IDM_DUPSESS) {
/*
* Allocate a file-mapping memory chunk for the
@ -2181,20 +2199,21 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
}
}
inherit_handles = TRUE;
sprintf(c, "putty &%p:%u", filemap, (unsigned)size);
cl = c;
cl = dupprintf("putty %s&%p:%u", argprefix,
filemap, (unsigned)size);
} else if (wParam == IDM_SAVEDSESS) {
unsigned int sessno = ((lParam - IDM_SAVED_MIN)
/ MENU_SAVED_STEP) + 1;
if (sessno < (unsigned)sesslist.nsessions) {
const char *session = sesslist.sessions[sessno];
cl = dupprintf("putty @%s", session);
cl = dupprintf("putty %s@%s", argprefix, session);
inherit_handles = FALSE;
freecl = TRUE;
} else
break;
} else /* IDM_NEWSESS */ {
cl = NULL;
cl = dupprintf("putty%s%s",
*argprefix ? " " : "",
argprefix);
inherit_handles = FALSE;
}
@ -2213,8 +2232,7 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
if (filemap)
CloseHandle(filemap);
if (freecl)
sfree(cl);
sfree(cl);
}
break;
case IDM_RESTART:

View File

@ -485,6 +485,7 @@ BOOL init_winver(void);
HMODULE load_system32_dll(const char *libname);
const char *win_strerror(int error);
void restrict_process_acl(void);
GLOBAL int restricted_acl;
/*
* Exports from sizetip.c.