mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
6c783f9ad0
It's had its day. It was there to support pre-WinNT platforms, on which the security APIs don't exist - but more specifically, it was there to support _build tools_ that only knew about pre-WinNT versions of Windows, so that you couldn't even compile a program that would _try_ to refer to the interprocess security APIs. But we don't support those build systems any more in any case: more recent changes like the assumption of (most of) C99 will have stopped this code from building with compilers that old. So there's no reason to clutter the code with backwards compatibility features that won't help. I left NO_SECURITY in place during the CMake migration, so that _just_ in case it needs resurrecting, some version of it will be available in the git history. But I don't expect it to be needed, and I'm deleting the whole thing now. The _runtime_ check for interprocess security libraries is still in place. So PuTTY tools built with a modern toolchain can still at least try to run on the Win95/98/ME series, and they should detect that those system DLLs don't exist and proceed sensibly in their absence. That may also be a thing to throw out sooner or later, but I haven't thrown it out as part of this commit.
50 lines
2.0 KiB
C
50 lines
2.0 KiB
C
/*
|
|
* winsecur.h: some miscellaneous security-related helper functions,
|
|
* defined in winsecur.c, that use the advapi32 library. Also
|
|
* centralises the machinery for dynamically loading that library.
|
|
*/
|
|
|
|
#include <aclapi.h>
|
|
|
|
/*
|
|
* Functions loaded from advapi32.dll.
|
|
*/
|
|
DECL_WINDOWS_FUNCTION(extern, BOOL, OpenProcessToken,
|
|
(HANDLE, DWORD, PHANDLE));
|
|
DECL_WINDOWS_FUNCTION(extern, BOOL, GetTokenInformation,
|
|
(HANDLE, TOKEN_INFORMATION_CLASS,
|
|
LPVOID, DWORD, PDWORD));
|
|
DECL_WINDOWS_FUNCTION(extern, BOOL, InitializeSecurityDescriptor,
|
|
(PSECURITY_DESCRIPTOR, DWORD));
|
|
DECL_WINDOWS_FUNCTION(extern, BOOL, SetSecurityDescriptorOwner,
|
|
(PSECURITY_DESCRIPTOR, PSID, BOOL));
|
|
DECL_WINDOWS_FUNCTION(extern, DWORD, GetSecurityInfo,
|
|
(HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION,
|
|
PSID *, PSID *, PACL *, PACL *,
|
|
PSECURITY_DESCRIPTOR *));
|
|
DECL_WINDOWS_FUNCTION(extern, DWORD, SetSecurityInfo,
|
|
(HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION,
|
|
PSID, PSID, PACL, PACL));
|
|
DECL_WINDOWS_FUNCTION(extern, DWORD, SetEntriesInAclA,
|
|
(ULONG, PEXPLICIT_ACCESS, PACL, PACL *));
|
|
bool got_advapi(void);
|
|
|
|
/*
|
|
* Find the SID describing the current user. The return value (if not
|
|
* NULL for some error-related reason) is smalloced.
|
|
*/
|
|
PSID get_user_sid(void);
|
|
|
|
/*
|
|
* Construct a PSECURITY_DESCRIPTOR of the type used for named pipe
|
|
* servers, i.e. allowing access only to the current user id and also
|
|
* only local (i.e. not over SMB) connections.
|
|
*
|
|
* If this function returns true, then 'psd' and 'acl' will have been
|
|
* filled in with memory allocated using LocalAlloc (and hence must be
|
|
* freed later using LocalFree). If it returns false, then instead
|
|
* 'error' has been filled with a dynamically allocated error message.
|
|
*/
|
|
bool make_private_security_descriptor(
|
|
DWORD permissions, PSECURITY_DESCRIPTOR *psd, PACL *acl, char **error);
|