diff --git a/contrib/win32/openssh/ssh-agent.vcxproj b/contrib/win32/openssh/ssh-agent.vcxproj index efc9863..a007239 100644 --- a/contrib/win32/openssh/ssh-agent.vcxproj +++ b/contrib/win32/openssh/ssh-agent.vcxproj @@ -211,6 +211,8 @@ + + diff --git a/contrib/win32/win32compat/ssh-agent/agentconfig.c b/contrib/win32/win32compat/ssh-agent/agentconfig.c index fa80062..253a5d7 100644 --- a/contrib/win32/win32compat/ssh-agent/agentconfig.c +++ b/contrib/win32/win32compat/ssh-agent/agentconfig.c @@ -50,7 +50,6 @@ static int use_privsep = -1; Buffer cfg; ServerOptions options; struct passwd *privsep_pw = NULL; -char *forced_command = NULL; static char *config_file_name = _PATH_SERVER_CONFIG_FILE; int auth2_methods_valid(const char * c, int i) { @@ -107,4 +106,18 @@ int load_config() { int config_log_level() { return options.log_level; +} + +int pubkey_allowed(struct sshkey* pubkey, wchar_t* wuser, wchar_t* wuser_home) { + struct passwd pw; + char user[256], user_home[MAX_PATH]; + memset(&pw, 0, sizeof(pw)); + + if (WideCharToMultiByte(CP_UTF8, 0, wuser, -1, user, 256, NULL, NULL) == 0) + return 0; + /* BUG - pw structure is assumed to be filled with unicode strings by expand_authorized_keys()*/ + //WideCharToMultiByte(CP_UTF8, 0, wuser_home, -1, user_home, MAX_PATH, NULL, NULL); + pw.pw_dir = wuser_home; + pw.pw_name = user; + return user_key_allowed(&pw, pubkey, 1); } \ No newline at end of file diff --git a/contrib/win32/win32compat/ssh-agent/authagent-request.c b/contrib/win32/win32compat/ssh-agent/authagent-request.c index c2ed041..dead692 100644 --- a/contrib/win32/win32compat/ssh-agent/authagent-request.c +++ b/contrib/win32/win32compat/ssh-agent/authagent-request.c @@ -29,11 +29,11 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#define WIN32_NO_STATUS +#define UMDF_USING_NTSTATUS #include -#undef WIN32_NO_STATUS #include #include +#include #include "agent.h" #include "agent-request.h" #include "key.h" @@ -170,7 +170,9 @@ int process_authagent_request(struct sshbuf* request, struct sshbuf* response, s } if (key_verify(key, sig, sig_len, blob, blob_len) != 1 || - (token = generate_user_token(wuser)) == 0 || + (token = generate_user_token(wuser)) == 0 || + SHGetKnownFolderPath(&FOLDERID_Profile, 0, token, &wuser_home) != S_OK || + pubkey_allowed(key, wuser, wuser_home) != 1 || (FALSE == GetNamedPipeClientProcessId(con->connection, &client_pid)) || ( (client_proc = OpenProcess(PROCESS_DUP_HANDLE, FALSE, client_pid)) == NULL) || (FALSE == DuplicateHandle(GetCurrentProcess(), token, client_proc, &dup_token, TOKEN_QUERY | TOKEN_IMPERSONATE, FALSE, DUPLICATE_SAME_ACCESS)) ||