mirror of
https://github.com/PowerShell/Win32-OpenSSH.git
synced 2025-07-23 05:55:41 +02:00
5-14 C3
This commit is contained in:
parent
5ed50c217d
commit
03c8d962d7
@ -211,6 +211,8 @@
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)\contrib\win32\win32compat\ssh-agent\connection.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)\contrib\win32\win32compat\ssh-agent\keyagent-request.c" />
|
||||
<ClCompile Include="$(OpenSSH-Src-Path)\contrib\win32\win32compat\ssh-agent\pubkeyagent-request.c" />
|
||||
<ClCompile Include="..\..\..\auth-options.c" />
|
||||
<ClCompile Include="..\..\..\auth2-pubkey.c" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
|
@ -50,7 +50,6 @@ static int use_privsep = -1;
|
||||
Buffer cfg;
|
||||
ServerOptions options;
|
||||
struct passwd *privsep_pw = NULL;
|
||||
char *forced_command = NULL;
|
||||
static char *config_file_name = _PATH_SERVER_CONFIG_FILE;
|
||||
|
||||
int auth2_methods_valid(const char * c, int i) {
|
||||
@ -107,4 +106,18 @@ int load_config() {
|
||||
|
||||
int config_log_level() {
|
||||
return options.log_level;
|
||||
}
|
||||
|
||||
int pubkey_allowed(struct sshkey* pubkey, wchar_t* wuser, wchar_t* wuser_home) {
|
||||
struct passwd pw;
|
||||
char user[256], user_home[MAX_PATH];
|
||||
memset(&pw, 0, sizeof(pw));
|
||||
|
||||
if (WideCharToMultiByte(CP_UTF8, 0, wuser, -1, user, 256, NULL, NULL) == 0)
|
||||
return 0;
|
||||
/* BUG - pw structure is assumed to be filled with unicode strings by expand_authorized_keys()*/
|
||||
//WideCharToMultiByte(CP_UTF8, 0, wuser_home, -1, user_home, MAX_PATH, NULL, NULL);
|
||||
pw.pw_dir = wuser_home;
|
||||
pw.pw_name = user;
|
||||
return user_key_allowed(&pw, pubkey, 1);
|
||||
}
|
@ -29,11 +29,11 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#define WIN32_NO_STATUS
|
||||
#define UMDF_USING_NTSTATUS
|
||||
#include <Windows.h>
|
||||
#undef WIN32_NO_STATUS
|
||||
#include <Ntsecapi.h>
|
||||
#include <ntstatus.h>
|
||||
#include <Shlobj.h>
|
||||
#include "agent.h"
|
||||
#include "agent-request.h"
|
||||
#include "key.h"
|
||||
@ -170,7 +170,9 @@ int process_authagent_request(struct sshbuf* request, struct sshbuf* response, s
|
||||
}
|
||||
|
||||
if (key_verify(key, sig, sig_len, blob, blob_len) != 1 ||
|
||||
(token = generate_user_token(wuser)) == 0 ||
|
||||
(token = generate_user_token(wuser)) == 0 ||
|
||||
SHGetKnownFolderPath(&FOLDERID_Profile, 0, token, &wuser_home) != S_OK ||
|
||||
pubkey_allowed(key, wuser, wuser_home) != 1 ||
|
||||
(FALSE == GetNamedPipeClientProcessId(con->connection, &client_pid)) ||
|
||||
( (client_proc = OpenProcess(PROCESS_DUP_HANDLE, FALSE, client_pid)) == NULL) ||
|
||||
(FALSE == DuplicateHandle(GetCurrentProcess(), token, client_proc, &dup_token, TOKEN_QUERY | TOKEN_IMPERSONATE, FALSE, DUPLICATE_SAME_ACCESS)) ||
|
||||
|
Loading…
x
Reference in New Issue
Block a user