nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00
Code Issues Projects Releases Wiki Activity
70f6ce5628
putty-source/windows/wincapi.h
Simon Tatham 6c783f9ad0 Remove the NO_SECURITY compile-time option. 
It's had its day. It was there to support pre-WinNT platforms, on
which the security APIs don't exist - but more specifically, it was
there to support _build tools_ that only knew about pre-WinNT versions
of Windows, so that you couldn't even compile a program that would
_try_ to refer to the interprocess security APIs.

But we don't support those build systems any more in any case: more
recent changes like the assumption of (most of) C99 will have stopped
this code from building with compilers that old. So there's no reason
to clutter the code with backwards compatibility features that won't
help.

I left NO_SECURITY in place during the CMake migration, so that _just_
in case it needs resurrecting, some version of it will be available in
the git history. But I don't expect it to be needed, and I'm deleting
the whole thing now.

The _runtime_ check for interprocess security libraries is still in
place. So PuTTY tools built with a modern toolchain can still at least
try to run on the Win95/98/ME series, and they should detect that
those system DLLs don't exist and proceed sensibly in their absence.
That may also be a thing to throw out sooner or later, but I haven't
thrown it out as part of this commit.
2021-04-17 13:53:02 +01:00

28 lines
1.1 KiB
C
Raw Blame History

/*
* wincapi.h: Windows Crypto API functions defined in wincapi.c that
* use the crypt32 library. Also centralises the machinery for
* dynamically loading that library, and our own functions using that
* in turn.
*/
DECL_WINDOWS_FUNCTION(extern, BOOL, CryptProtectMemory, (LPVOID,DWORD,DWORD));
bool got_crypt(void);
/*
* Function to obfuscate an input string into something usable as a
* pathname for a Windows named pipe. Uses CryptProtectMemory to make
* the obfuscation depend on a key Windows stores for the owning user,
* and then hashes the string as well to make it have a manageable
* length and be composed of filename-legal characters.
*
* Rationale: Windows's named pipes all live in the same namespace, so
* one user can see what pipes another user has open. This is an
* undesirable privacy leak: in particular, if we used unobfuscated
* names for the connection-sharing pipe names, it would permit one
* user to know what username@host another user is SSHing to.
*
* The returned string is dynamically allocated.
*/
char *capi_obfuscate_string(const char *realname);
Reference in New Issue View Git Blame Copy Permalink