mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
6c783f9ad0
It's had its day. It was there to support pre-WinNT platforms, on which the security APIs don't exist - but more specifically, it was there to support _build tools_ that only knew about pre-WinNT versions of Windows, so that you couldn't even compile a program that would _try_ to refer to the interprocess security APIs. But we don't support those build systems any more in any case: more recent changes like the assumption of (most of) C99 will have stopped this code from building with compilers that old. So there's no reason to clutter the code with backwards compatibility features that won't help. I left NO_SECURITY in place during the CMake migration, so that _just_ in case it needs resurrecting, some version of it will be available in the git history. But I don't expect it to be needed, and I'm deleting the whole thing now. The _runtime_ check for interprocess security libraries is still in place. So PuTTY tools built with a modern toolchain can still at least try to run on the Win95/98/ME series, and they should detect that those system DLLs don't exist and proceed sensibly in their absence. That may also be a thing to throw out sooner or later, but I haven't thrown it out as part of this commit.
95 lines
2.8 KiB
C
95 lines
2.8 KiB
C
/*
|
|
* Windows support module which deals with being a named-pipe client.
|
|
*/
|
|
|
|
#include <stdio.h>
|
|
#include <assert.h>
|
|
|
|
#include "tree234.h"
|
|
#include "putty.h"
|
|
#include "network.h"
|
|
#include "proxy.h"
|
|
#include "ssh.h"
|
|
|
|
#include "winsecur.h"
|
|
|
|
HANDLE connect_to_named_pipe(const char *pipename, char **err)
|
|
{
|
|
HANDLE pipehandle;
|
|
PSID usersid, pipeowner;
|
|
PSECURITY_DESCRIPTOR psd;
|
|
|
|
assert(strncmp(pipename, "\\\\.\\pipe\\", 9) == 0);
|
|
assert(strchr(pipename + 9, '\\') == NULL);
|
|
|
|
while (1) {
|
|
pipehandle = CreateFile(pipename, GENERIC_READ | GENERIC_WRITE,
|
|
0, NULL, OPEN_EXISTING,
|
|
FILE_FLAG_OVERLAPPED, NULL);
|
|
|
|
if (pipehandle != INVALID_HANDLE_VALUE)
|
|
break;
|
|
|
|
if (GetLastError() != ERROR_PIPE_BUSY) {
|
|
*err = dupprintf(
|
|
"Unable to open named pipe '%s': %s",
|
|
pipename, win_strerror(GetLastError()));
|
|
return INVALID_HANDLE_VALUE;
|
|
}
|
|
|
|
/*
|
|
* If we got ERROR_PIPE_BUSY, wait for the server to
|
|
* create a new pipe instance. (Since the server is
|
|
* expected to be winnps.c, which will do that immediately
|
|
* after a previous connection is accepted, that shouldn't
|
|
* take excessively long.)
|
|
*/
|
|
if (!WaitNamedPipe(pipename, NMPWAIT_USE_DEFAULT_WAIT)) {
|
|
*err = dupprintf(
|
|
"Error waiting for named pipe '%s': %s",
|
|
pipename, win_strerror(GetLastError()));
|
|
return INVALID_HANDLE_VALUE;
|
|
}
|
|
}
|
|
|
|
if ((usersid = get_user_sid()) == NULL) {
|
|
CloseHandle(pipehandle);
|
|
*err = dupprintf(
|
|
"Unable to get user SID: %s", win_strerror(GetLastError()));
|
|
return INVALID_HANDLE_VALUE;
|
|
}
|
|
|
|
if (p_GetSecurityInfo(pipehandle, SE_KERNEL_OBJECT,
|
|
OWNER_SECURITY_INFORMATION,
|
|
&pipeowner, NULL, NULL, NULL,
|
|
&psd) != ERROR_SUCCESS) {
|
|
CloseHandle(pipehandle);
|
|
*err = dupprintf(
|
|
"Unable to get named pipe security information: %s",
|
|
win_strerror(GetLastError()));
|
|
return INVALID_HANDLE_VALUE;
|
|
}
|
|
|
|
if (!EqualSid(pipeowner, usersid)) {
|
|
CloseHandle(pipehandle);
|
|
LocalFree(psd);
|
|
*err = dupprintf(
|
|
"Owner of named pipe '%s' is not us", pipename);
|
|
return INVALID_HANDLE_VALUE;
|
|
}
|
|
|
|
LocalFree(psd);
|
|
|
|
return pipehandle;
|
|
}
|
|
|
|
Socket *new_named_pipe_client(const char *pipename, Plug *plug)
|
|
{
|
|
char *err = NULL;
|
|
HANDLE pipehandle = connect_to_named_pipe(pipename, &err);
|
|
if (pipehandle == INVALID_HANDLE_VALUE)
|
|
return new_error_socket_consume_string(plug, err);
|
|
else
|
|
return make_handle_socket(pipehandle, pipehandle, NULL, plug, true);
|
|
}
|