Removed code relying on USE_NTCREATETOKEN
This commit is contained in:
Manoj Ampalam
parent
a3cc5c797d
commit
268bdeb662
|
|
@ -104,12 +104,8 @@ userauth_pubkey(Authctxt *authctxt)
|
|||
|
||||
int targetIsCurrent = 0;
|
||||
|
||||
# ifdef USE_NTCREATETOKEN
|
||||
int doOpenSSHVerify = 1;
|
||||
# else
|
||||
int doOpenSSHVerify = 0;
|
||||
# endif
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
Buffer b;
|
||||
|
|
|
|||
|
|
@ -1581,7 +1581,6 @@
|
|||
#define _CRT_SECURE_NO_DEPRECATE 1
|
||||
#define _CRT_NONSTDC_NO_DEPRECATE 1
|
||||
#define WIN32_FIXME 1
|
||||
#undef USE_NTCREATETOKEN
|
||||
|
||||
/* Define if you must implement a startup_needs function for your platform */
|
||||
#define HAVE_STARTUP_NEEDS 1
|
||||
|
|
|
|||
|
|
@ -120,86 +120,9 @@ wchar_t *gethomedir_w(char *pUserName, char *pDomainName)
|
|||
* and get homedir using this token.
|
||||
*/
|
||||
|
||||
#ifdef USE_NTCREATETOKEN
|
||||
|
||||
token = CreateUserTokenW(pUserName_w, pDomainName_w, L"sshd");
|
||||
|
||||
if (token == NULL)
|
||||
{
|
||||
debug("gethomedir: create token failed");
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
debug2("setting up profile info...");
|
||||
|
||||
/*
|
||||
* Become the user
|
||||
*/
|
||||
|
||||
memset(&profileInfo, 0, sizeof(profileInfo));
|
||||
|
||||
profileInfo.dwSize = sizeof(profileInfo);
|
||||
profileInfo.lpUserName = pUserName_w;
|
||||
profileInfo.lpServerName = pDomainName_w;
|
||||
|
||||
debug2("LoadUserProfile()...");
|
||||
|
||||
if (!LoadUserProfile(token, &profileInfo))
|
||||
{
|
||||
DWORD dwLast = GetLastError();
|
||||
|
||||
debug("gethomedir: load profile failed [%d]", dwLast);
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
* Get user's home directory
|
||||
*/
|
||||
|
||||
//if (!SUCCEEDED(SHGetFolderPath(NULL, CSIDL_APPDATA, token, 0, szPath)))
|
||||
|
||||
debug2("SGGetFolderPath()...");
|
||||
|
||||
if (!SUCCEEDED(SHGetFolderPathW(NULL, CSIDL_PROFILE, token, 0, szPathW)))
|
||||
{
|
||||
debug("gethomedir: get folder failed");
|
||||
|
||||
/*
|
||||
* Become self again.
|
||||
*/
|
||||
|
||||
UnloadUserProfile(token, profileInfo.hProfile);
|
||||
|
||||
RevertToSelf();
|
||||
|
||||
CloseHandle(token);
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
debug3("gethomedir: szPathW [%ls]", szPathW);
|
||||
|
||||
/*
|
||||
* Become self again.
|
||||
*/
|
||||
|
||||
UnloadUserProfile(token, profileInfo.hProfile);
|
||||
|
||||
RevertToSelf();
|
||||
|
||||
CloseHandle(token);
|
||||
|
||||
debug2("<- gethomedir()...");
|
||||
|
||||
return _wcsdup(szPathW);
|
||||
|
||||
#else
|
||||
|
||||
return NULL;
|
||||
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -444,21 +444,6 @@ user_from_uid(uid_t uid, int nouser)
|
|||
return (cp->name);
|
||||
}
|
||||
|
||||
#ifdef USE_NTCREATETOKEN
|
||||
|
||||
/*
|
||||
* Simple helper to avoid having to include win32auth.h.
|
||||
*/
|
||||
|
||||
PWD_USER_TOKEN PwdCreateUserToken(const char *pUserName,
|
||||
const char *pDomainName,
|
||||
const char *pSourceName)
|
||||
{
|
||||
return (PWD_USER_TOKEN) CreateUserToken(pUserName, pDomainName, pSourceName);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/* TODO - this is moved from realpath.c in openbsdcompat. Review and finalize its position*/
|
||||
|
||||
#include <Shlwapi.h>
|
||||
|
|
|
|||
|
|
@ -500,296 +500,4 @@ fail:
|
|||
return exitCode;
|
||||
}
|
||||
|
||||
#ifdef USE_NTCREATETOKEN
|
||||
|
||||
/*
|
||||
* Creates new user's access token using NtCreateToken() function.
|
||||
*
|
||||
* userName - user name string (IN)
|
||||
* domainName - domain name (IN) (UNUSED)
|
||||
* sourceName - ?? (IN)
|
||||
*
|
||||
* RETURNS: Handle to created token or INVALID_HANDLE_VALUE if fails.
|
||||
*/
|
||||
|
||||
HANDLE CreateUserToken(const char *userName,
|
||||
const char *domainName, const char *sourceName)
|
||||
{
|
||||
debug2("-> CreateUserToken()...");
|
||||
|
||||
HMODULE hNtDll = NULL;
|
||||
|
||||
NtCreateTokenPtr NtCreateToken = NULL;
|
||||
|
||||
HANDLE token = INVALID_HANDLE_VALUE;
|
||||
|
||||
/*
|
||||
* These are compounds of user's access token structure.
|
||||
* The goal is setup these strutures and combine them
|
||||
* into one access token using NtCreateToken() WINAPI function.
|
||||
*/
|
||||
|
||||
LUID authId = SYSTEM_LUID;
|
||||
|
||||
TOKEN_USER userToken;
|
||||
|
||||
PTOKEN_GROUPS groupsToken = NULL;
|
||||
|
||||
PTOKEN_PRIVILEGES pPrivToken = NULL;
|
||||
|
||||
TOKEN_OWNER ownerToken;
|
||||
|
||||
TOKEN_PRIMARY_GROUP primaryGroupToken;
|
||||
|
||||
TOKEN_SOURCE sourceToken;
|
||||
|
||||
PTOKEN_DEFAULT_DACL pDaclToken = NULL;
|
||||
|
||||
LARGE_INTEGER expirationTime = {0xFFFFFFFF, 0x7FFFFFFF};
|
||||
|
||||
OBJECT_ATTRIBUTES oa;
|
||||
|
||||
/*
|
||||
* Temporary variables
|
||||
*/
|
||||
|
||||
SECURITY_QUALITY_OF_SERVICE sqos =
|
||||
{
|
||||
sizeof(sqos),
|
||||
SecurityAnonymous,
|
||||
SECURITY_STATIC_TRACKING,
|
||||
FALSE
|
||||
};
|
||||
|
||||
int i;
|
||||
|
||||
size_t size = 0;
|
||||
|
||||
wchar_t *userNameW = NULL;
|
||||
|
||||
DWORD cbSize;
|
||||
|
||||
HANDLE hProcToken = NULL;
|
||||
|
||||
/*
|
||||
* Variables to handle error codes.
|
||||
*/
|
||||
|
||||
int exitCode = 1;
|
||||
int ntStat = 0;
|
||||
|
||||
/*
|
||||
* Make wide char version of user's name.
|
||||
*/
|
||||
|
||||
size = (strlen(userName) + 1) * sizeof(wchar_t);
|
||||
|
||||
userNameW = (wchar_t *) LocalAlloc(LPTR, size);;
|
||||
|
||||
swprintf(userNameW, L"%hs", userName);
|
||||
|
||||
/*
|
||||
* Give needed privilege to current running process
|
||||
*/
|
||||
|
||||
debug("Enabling privilege to current running process...");
|
||||
|
||||
EnablePrivilege("SeTcbPrivilege", 1);
|
||||
EnablePrivilege("SeChangeNotifyPrivilege", 1);
|
||||
EnablePrivilege("SeIncreaseQuotaPrivilege", 1);
|
||||
EnablePrivilege("SeAssignPrimaryTokenPrivilege", 1);
|
||||
EnablePrivilege("SeCreateTokenPrivilege", 1);
|
||||
|
||||
/*
|
||||
* Create TOKEN_USER part
|
||||
*/
|
||||
|
||||
debug("Setting up TOKEN_USER...");
|
||||
|
||||
FAIL(GetSidW(&userToken.User.Sid, userNameW));
|
||||
|
||||
userToken.User.Attributes = 0;
|
||||
|
||||
/*
|
||||
* Create TOKEN_OWNER part. We assume Owner = User.
|
||||
*/
|
||||
|
||||
debug("Setting up TOKEN_OWNER...");
|
||||
|
||||
FAIL(GetSidW(&ownerToken.Owner, userNameW));
|
||||
|
||||
/*
|
||||
* Create TOKEN_SOURCE part
|
||||
*/
|
||||
|
||||
debug("Setting up TOKEN_SOURCE...");
|
||||
|
||||
FAIL(AllocateLocallyUniqueId(&sourceToken.SourceIdentifier) == FALSE);
|
||||
|
||||
size = min(strlen(sourceName), 8);
|
||||
|
||||
memcpy(sourceToken.SourceName, "********", 8);
|
||||
memcpy(sourceToken.SourceName, sourceName, size);
|
||||
|
||||
/*
|
||||
* Create TOKEN_GROUPS part
|
||||
*/
|
||||
|
||||
debug("Setting up TOKEN_GROUPS...");
|
||||
|
||||
FAIL(SetupTokenGroups(&groupsToken, userNameW));
|
||||
|
||||
/*
|
||||
* Create TOKEN_PRIVILEGES part
|
||||
*/
|
||||
|
||||
debug("Setting up TOKEN_PRIVILEGES...");
|
||||
|
||||
FAIL(SetupTokenPrivileges(&pPrivToken, userToken.User.Sid));
|
||||
|
||||
/*
|
||||
* Create TOKEN_PRIMARY_GROUP part
|
||||
*/
|
||||
|
||||
debug("Setting up TOKEN_PRIMARY GROUP...");
|
||||
|
||||
primaryGroupToken.PrimaryGroup = EveryoneSID();
|
||||
|
||||
/*
|
||||
* Setup object attributes
|
||||
*/
|
||||
|
||||
memset(&oa, 0, sizeof(oa));
|
||||
|
||||
oa.Length = sizeof(oa);
|
||||
|
||||
oa.SecurityQualityOfService = &sqos;
|
||||
|
||||
/*
|
||||
* Setup TOKEN_DEFAULT_DACL part.
|
||||
*/
|
||||
|
||||
debug("Setting up TOKEN_DEFAULT_DACL...");
|
||||
|
||||
debug("Opening current process's token...");
|
||||
|
||||
FAIL(OpenProcessToken(GetCurrentProcess(),
|
||||
TOKEN_QUERY | TOKEN_QUERY_SOURCE,
|
||||
&hProcToken) == FALSE);
|
||||
|
||||
debug("Retrieving TOKEN_DEFAULT_DACL...");
|
||||
|
||||
GetTokenInformation(hProcToken, TokenDefaultDacl, NULL, 0, &cbSize);
|
||||
|
||||
pDaclToken = LocalAlloc(LPTR, cbSize);
|
||||
|
||||
FAIL(GetTokenInformation(hProcToken, TokenDefaultDacl,
|
||||
pDaclToken, cbSize, &cbSize) == FALSE);
|
||||
|
||||
/*
|
||||
* Print debug info about parts
|
||||
*/
|
||||
|
||||
//PrintPartsInfo(&token, TOKEN_ALL_ACCESS, &oa,
|
||||
// TokenPrimary, &authId, &expirationTime,
|
||||
// &userToken, groupsToken, pPrivToken,
|
||||
// &ownerToken, &primaryGroupToken,
|
||||
// pDaclToken, &sourceToken);
|
||||
|
||||
/*
|
||||
* Retrieve address of NtCreateToken() function.
|
||||
*/
|
||||
|
||||
debug("Retrieving NtCreateToken() address...");
|
||||
|
||||
hNtDll = GetModuleHandle("ntdll.dll");
|
||||
|
||||
FAIL(hNtDll == NULL);
|
||||
|
||||
NtCreateToken = (NtCreateTokenPtr) GetProcAddress(hNtDll, "NtCreateToken");
|
||||
|
||||
FAIL(NtCreateToken == NULL);
|
||||
|
||||
/*
|
||||
* Create new user acces token from parts setted up above.
|
||||
*/
|
||||
|
||||
debug("Creating token from parts...");
|
||||
|
||||
ntStat = NtCreateToken(&token, TOKEN_ALL_ACCESS, &oa,
|
||||
TokenPrimary, &authId, &expirationTime,
|
||||
&userToken, groupsToken, pPrivToken,
|
||||
&ownerToken, &primaryGroupToken,
|
||||
pDaclToken, &sourceToken);
|
||||
FAIL(ntStat);
|
||||
|
||||
/*
|
||||
* Add rights to use 'default' desktop and WinStation0.
|
||||
*/
|
||||
|
||||
if (AddRightsToDesktopBySid(userToken.User.Sid))
|
||||
{
|
||||
debug("WARNING. Cannot add rights to 'winsta0\\default'!");
|
||||
}
|
||||
|
||||
exitCode = 0;
|
||||
|
||||
fail:
|
||||
|
||||
/*
|
||||
* Free allocated memory
|
||||
*/
|
||||
|
||||
debug2("Freeing groupsToken...");
|
||||
|
||||
if (groupsToken)
|
||||
{
|
||||
/*
|
||||
* We don't need to test were SIDs allocated correctly,
|
||||
* becouse FreeSid() do it.
|
||||
*/
|
||||
|
||||
for (i = 0; i < groupsToken -> GroupCount; i++)
|
||||
{
|
||||
FreeSid(groupsToken -> Groups[i].Sid);
|
||||
}
|
||||
|
||||
LocalFree(groupsToken);
|
||||
}
|
||||
|
||||
debug2("Freeing local buffers...");
|
||||
|
||||
LocalFree(userNameW);
|
||||
LocalFree(pDaclToken);
|
||||
LocalFree(pPrivToken);
|
||||
|
||||
debug2("Freeing SIDs...");
|
||||
|
||||
FreeSid(userToken.User.Sid);
|
||||
FreeSid(ownerToken.Owner);
|
||||
FreeSid(primaryGroupToken.PrimaryGroup);
|
||||
|
||||
debug2("Closing hProcToken...");
|
||||
|
||||
CloseHandle(hProcToken);
|
||||
|
||||
debug2("Closing hNtDll...");
|
||||
|
||||
CloseHandle(hNtDll);
|
||||
|
||||
/*
|
||||
* Something was wrong.
|
||||
*/
|
||||
|
||||
if (exitCode)
|
||||
{
|
||||
debug("ERROR. Cannot create user's acces token. (err = %u, ntStat = %x)",
|
||||
GetLastError(), ntStat);
|
||||
}
|
||||
|
||||
debug2("<- CreateUserToken()...");
|
||||
|
||||
return token;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -76,21 +76,6 @@ typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
|
|||
#define NTSYSAPI DECLSPEC_IMPORT
|
||||
#endif
|
||||
|
||||
//
|
||||
// Prototype for undocumented NtCreateToken() function from 'ntdll.dll'
|
||||
//
|
||||
#ifdef USE_NTCREATETOKEN
|
||||
typedef NTSYSAPI NTSTATUS
|
||||
(NTAPI *NtCreateTokenPtr) (PHANDLE, ACCESS_MASK,
|
||||
POBJECT_ATTRIBUTES,
|
||||
TOKEN_TYPE, PLUID, PLARGE_INTEGER,
|
||||
PTOKEN_USER, PTOKEN_GROUPS,
|
||||
PTOKEN_PRIVILEGES, PTOKEN_OWNER,
|
||||
PTOKEN_PRIMARY_GROUP,
|
||||
PTOKEN_DEFAULT_DACL,
|
||||
PTOKEN_SOURCE);
|
||||
#endif /* USE_NTCREATETOKEN */
|
||||
|
||||
HANDLE CreateUserToken(const char *pUserName,
|
||||
const char *pDomainName, const char *pSourceName);
|
||||
|
||||
|
|
|
|||
15
session.c
15
session.c
|
|
@ -714,21 +714,6 @@ do_exec_no_pty(Session *s, const char *command)
|
|||
ModifyRightsToDesktop(hToken, 1);
|
||||
}
|
||||
|
||||
#ifdef USE_NTCREATETOKEN
|
||||
|
||||
/*
|
||||
* Next try to get an NtCreateToken token if enabled.
|
||||
*/
|
||||
|
||||
else
|
||||
{
|
||||
debug("Using token from NtCreateToken()...");
|
||||
|
||||
hToken = (HANDLE) PwdCreateUserToken(s -> authctxt -> user, NULL, "sshd");
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Next try pass-auth token.
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in New Issue