Make Pageant use the same SID-selection logic as the Pageant client

[u/mdw/putty] / windows / winpgnt.c

diff --git a/windows/winpgnt.c b/windows/winpgnt.c
index 3451fec..2e7154a 100644 (file)
--- a/windows/winpgnt.c
+++ b/windows/winpgnt.c
@@ -19,6 +19,10 @@
 
 #ifndef NO_SECURITY
 #include <aclapi.h>
+#ifdef DEBUG_IPC
+#define _WIN32_WINNT 0x0500            /* for ConvertSidToStringSid */
+#include <sddl.h>
+#endif
 #endif
 
 #define IDI_MAINICON 200
@@ -113,7 +117,7 @@ static tree234 *rsakeys, *ssh2keys;
 
 static int has_security;
 #ifndef NO_SECURITY
-DECL_WINDOWS_FUNCTION(static, DWORD, GetSecurityInfo,
+DECL_WINDOWS_FUNCTION(extern, DWORD, GetSecurityInfo,
                      (HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION,
                       PSID *, PSID *, PACL *, PACL *,
                       PSECURITY_DESCRIPTOR *));
@@ -1817,8 +1821,7 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
            void *p;
            HANDLE filemap;
 #ifndef NO_SECURITY
-           HANDLE proc;
-           PSID mapowner, procowner;
+           PSID mapowner, ourself;
            PSECURITY_DESCRIPTOR psd1 = NULL, psd2 = NULL;
 #endif
            int ret = 0;
@@ -1840,40 +1843,35 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
 #ifndef NO_SECURITY
                int rc;
                if (has_security) {
-                   if ((proc = OpenProcess(MAXIMUM_ALLOWED, FALSE,
-                                           GetCurrentProcessId())) ==
-                       NULL) {
+                    if ((ourself = get_user_sid()) == NULL) {
 #ifdef DEBUG_IPC
-                       debug(("couldn't get handle for process\n"));
+                       debug(("couldn't get user SID\n"));
 #endif
                        return 0;
-                   }
-                   if (p_GetSecurityInfo(proc, SE_KERNEL_OBJECT,
-                                         OWNER_SECURITY_INFORMATION,
-                                         &procowner, NULL, NULL, NULL,
-                                         &psd2) != ERROR_SUCCESS) {
-#ifdef DEBUG_IPC
-                       debug(("couldn't get owner info for process\n"));
-#endif
-                       CloseHandle(proc);
-                       return 0;      /* unable to get security info */
-                   }
-                   CloseHandle(proc);
+                    }
+
                    if ((rc = p_GetSecurityInfo(filemap, SE_KERNEL_OBJECT,
                                                OWNER_SECURITY_INFORMATION,
                                                &mapowner, NULL, NULL, NULL,
                                                &psd1) != ERROR_SUCCESS)) {
 #ifdef DEBUG_IPC
-                       debug(
-                             ("couldn't get owner info for filemap: %d\n",
-                              rc));
+                       debug(("couldn't get owner info for filemap: %d\n",
+                               rc));
 #endif
                        return 0;
                    }
 #ifdef DEBUG_IPC
-                   debug(("got security stuff\n"));
+                    {
+                        LPTSTR ours, theirs;
+                        ConvertSidToStringSid(mapowner, &theirs);
+                        ConvertSidToStringSid(ourself, &ours);
+                        debug(("got both sids: ours=%s theirs=%s\n",
+                               ours, theirs));
+                        LocalFree(ours);
+                        LocalFree(theirs);
+                    }
 #endif
-                   if (!EqualSid(mapowner, procowner))
+                   if (!EqualSid(mapowner, ourself))
                        return 0;      /* security ID mismatch! */
 #ifdef DEBUG_IPC
                    debug(("security stuff matched\n"));
@@ -1892,9 +1890,9 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
                {
                    int i;
                    for (i = 0; i < 5; i++)
-                       debug(
-                             ("p[%d]=%02x\n", i,
-                              ((unsigned char *) p)[i]));}
+                       debug(("p[%d]=%02x\n", i,
+                              ((unsigned char *) p)[i]));
+                }
 #endif
                answer_msg(p);
                ret = 1;
@@ -1972,9 +1970,7 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
        /*
         * Attempt to get the security API we need.
         */
-       advapi = load_system32_dll("advapi32.dll");
-       GET_WINDOWS_FUNCTION(advapi, GetSecurityInfo);
-       if (!p_GetSecurityInfo) {
+        if (!init_advapi()) {
            MessageBox(NULL,
                       "Unable to access security APIs. Pageant will\n"
                       "not run, in case it causes a security breach.",