5-14 C1

2025-07-22 21:45:09 +02:00 · 2016-05-14 14:27:26 -07:00 · 2016-05-14 14:27:26 -07:00 · 64b305b3b2
commit 64b305b3b2
parent bf41884f36
3 changed files with 713 additions and 715 deletions
--- a/contrib/win32/win32compat/lsa/LsaString.cpp
+++ b/contrib/win32/win32compat/lsa/LsaString.cpp
@ -54,36 +54,36 @@ extern "C" {

 NTSTATUS LsaAllocUnicodeString(PUNICODE_STRING *lsaStr, DWORD maxLen)
 {
-  NTSTATUS ntStat = STATUS_NO_MEMORY; 
-  
-  FAIL(lsaStr == NULL);
+	NTSTATUS ntStat = STATUS_NO_MEMORY;
+
+	FAIL(lsaStr == NULL);
+
+	*lsaStr = (PUNICODE_STRING)LsaApi.AllocateLsaHeap(sizeof(UNICODE_STRING));
+
+	FAIL((*lsaStr) == NULL);
+
+	(*lsaStr)->Buffer = (WCHAR *)LsaApi.AllocateLsaHeap(sizeof(maxLen));
+	(*lsaStr)->Length = 0;
+	(*lsaStr)->MaximumLength = maxLen;
+
+	FAIL((*lsaStr)->Buffer == NULL);
+
+	ntStat = 0;

-  *lsaStr = (PUNICODE_STRING) LsaApi.AllocateLsaHeap(sizeof(UNICODE_STRING));
-  
-  FAIL((*lsaStr) == NULL);
-  
-  (*lsaStr) -> Buffer = (WCHAR *) LsaApi.AllocateLsaHeap(sizeof(maxLen));
-  (*lsaStr) -> Length = 0;
-  (*lsaStr) -> MaximumLength = maxLen;
-  
-  FAIL((*lsaStr) -> Buffer == NULL);
-  
-  ntStat = 0;
-  
 fail:

-  if (ntStat)
-  {
-    if (lsaStr && (*lsaStr))
-    {
-      LsaApi.FreeLsaHeap((*lsaStr) -> Buffer);
-      
-      LsaApi.FreeLsaHeap((*lsaStr));
-    }
+	if (ntStat)
+	{
+		if (lsaStr && (*lsaStr))
+		{
+			LsaApi.FreeLsaHeap((*lsaStr)->Buffer);

-  }
-  
-  return ntStat;
+			LsaApi.FreeLsaHeap((*lsaStr));
+		}
+
+	}
+
+	return ntStat;
 }

 //
@ -94,15 +94,15 @@ fail:

 void LsaFreeUnicodeString(PUNICODE_STRING lsaStr)
 {
-  if (lsaStr)
-  {
-    if (lsaStr -> Buffer)
-    {
-      LsaApi.FreeLsaHeap(lsaStr -> Buffer);
-    }
+	if (lsaStr)
+	{
+		if (lsaStr->Buffer)
+		{
+			LsaApi.FreeLsaHeap(lsaStr->Buffer);
+		}

-    LsaApi.FreeLsaHeap(lsaStr);
-  }
+		LsaApi.FreeLsaHeap(lsaStr);
+	}
 }

 //
@ -116,46 +116,46 @@ void LsaFreeUnicodeString(PUNICODE_STRING lsaStr)

 NTSTATUS FillUnicodeString(UNICODE_STRING *lsaStr, const Char *str)
 {
-  NTSTATUS ntStat = STATUS_NO_MEMORY;
-  
-  DWORD cbSize = 0;
-  
-  //
-  // Is arguments ok?
-  //
-  
-  FAIL(lsaStr == NULL);
- 
-  FAIL(lsaStr -> Buffer == NULL);
+	NTSTATUS ntStat = STATUS_NO_MEMORY;
+
+	DWORD cbSize = 0;
+
+	//
+	// Is arguments ok?
+	//
+
+	FAIL(lsaStr == NULL);
+
+	FAIL(lsaStr->Buffer == NULL);
+
+	FAIL(str == NULL);
+
+	//
+	// Is string buffer too small?
+	//
+
+	cbSize = strlen(str);
+
+	FAIL(cbSize >= lsaStr->MaximumLength);
+
+	//
+	// Fill string buffer.
+	//

-  FAIL(str == NULL);
-   
-  //
-  // Is string buffer too small?
-  //
-  
-  cbSize = strlen(str);
-  
-  FAIL(cbSize >= lsaStr -> MaximumLength);
-  
-  //
-  // Fill string buffer.
-  //
-  
 #ifdef __VS_BUILD__
-  _swprintf(lsaStr -> Buffer, L"%hs", str);
+	_swprintf(lsaStr->Buffer, L"%hs", str);
 #else
-  swprintf(lsaStr->Buffer, L"%hs", str);
+	swprintf(lsaStr->Buffer, L"%hs", str);
 #endif
-  
-  lsaStr -> Length = cbSize * 2;
-  
-  lsaStr -> Buffer[cbSize * 2] = 0x0000;
-  
-  ntStat = STATUS_SUCCESS;
-  
+
+	lsaStr->Length = cbSize * 2;
+
+	lsaStr->Buffer[cbSize * 2] = 0x0000;
+
+	ntStat = STATUS_SUCCESS;
+
 fail:

-  
-  return ntStat;  
+
+	return ntStat;
 }
--- a/contrib/win32/win32compat/lsa/Ssh-lsa.cpp
+++ b/contrib/win32/win32compat/lsa/Ssh-lsa.cpp
--- a/contrib/win32/win32compat/ssh-agent/authagent-request.c
+++ b/contrib/win32/win32compat/ssh-agent/authagent-request.c
@ -56,18 +56,22 @@ generate_user_token(wchar_t* user) {
 	LSA_OPERATIONAL_MODE mode;
 	ULONG auth_package_id;
 	NTSTATUS ret, subStatus;
-	KERB_S4U_LOGON *s4u_logon = NULL;
+	void * logon_info = NULL;
 	size_t logon_info_size;
 	LSA_STRING logon_process_name, auth_package_name, originName;
 	TOKEN_SOURCE sourceContext;
 	PKERB_INTERACTIVE_PROFILE pProfile = NULL;
-	LUID            logonId;
-	QUOTA_LIMITS    quotas;
-	DWORD           cbProfile;
-	
+	LUID logonId;
+	QUOTA_LIMITS quotas;
+	DWORD cbProfile;
+	BOOL domain_user = (wcschr(user, L'@') != NULL)? TRUE : FALSE;
+
 	InitLsaString(&logon_process_name, "ssh-agent");
-	//InitLsaString(&auth_package_name, MICROSOFT_KERBEROS_NAME_A);
-	InitLsaString(&auth_package_name, "Negotiate");
+	if (domain_user)
+		InitLsaString(&auth_package_name, MICROSOFT_KERBEROS_NAME_A);
+	else 
+		InitLsaString(&auth_package_name, "SSH-LSA");
+
 	InitLsaString(&originName, "sshd");
 	if (ret = LsaRegisterLogonProcess(&logon_process_name, &lsa_handle, &mode) != STATUS_SUCCESS)
 		goto done;
@ -75,23 +79,33 @@ generate_user_token(wchar_t* user) {
 	if (ret = LsaLookupAuthenticationPackage(lsa_handle, &auth_package_name, &auth_package_id) != STATUS_SUCCESS)
 		goto done;

-	logon_info_size = sizeof(KERB_S4U_LOGON);
-	logon_info_size += (wcslen(user) * 2 + 2);
-	s4u_logon = malloc(logon_info_size);
-	if (s4u_logon == NULL)
-		goto done;
+	if (domain_user) {
+		KERB_S4U_LOGON *s4u_logon;
+		logon_info_size = sizeof(KERB_S4U_LOGON);
+		logon_info_size += (wcslen(user) * 2 + 2);
+		logon_info = malloc(logon_info_size);
+		if (logon_info == NULL)
+			goto done;
+		s4u_logon = (KERB_S4U_LOGON*)logon_info;
+		s4u_logon->MessageType = KerbS4ULogon;
+		s4u_logon->Flags = 0;
+		s4u_logon->ClientUpn.Length = wcslen(user) * 2;
+		s4u_logon->ClientUpn.MaximumLength = s4u_logon->ClientUpn.Length;
+		s4u_logon->ClientUpn.Buffer = (WCHAR*)(s4u_logon + 1);
+		memcpy(s4u_logon->ClientUpn.Buffer, user, s4u_logon->ClientUpn.Length + 2);
+		s4u_logon->ClientRealm.Length = 0;
+		s4u_logon->ClientRealm.MaximumLength = 0;
+		s4u_logon->ClientRealm.Buffer = 0;
+	}
+	else {
+		logon_info_size = (wcslen(user) + 1)*sizeof(wchar_t);
+		logon_info = malloc(logon_info_size);
+		if (logon_info == NULL)
+			goto done;
+		memcpy(logon_info, user, logon_info_size);
+	}

-	s4u_logon->MessageType = KerbS4ULogon;
-	s4u_logon->Flags = 0;
-	s4u_logon->ClientUpn.Length = wcslen(user) * 2;
-	s4u_logon->ClientUpn.MaximumLength = s4u_logon->ClientUpn.Length;
-	s4u_logon->ClientUpn.Buffer = (WCHAR*)(s4u_logon + 1);
-	memcpy(s4u_logon->ClientUpn.Buffer, user, s4u_logon->ClientUpn.Length + 2);
-	s4u_logon->ClientRealm.Length = 0;
-	s4u_logon->ClientRealm.MaximumLength = 0;
-	s4u_logon->ClientRealm.Buffer = 0;
-
-	memcpy(sourceContext.SourceName,".Jobs   ", sizeof(sourceContext.SourceName));
+	memcpy(sourceContext.SourceName,"sshagent", sizeof(sourceContext.SourceName));

 	if (AllocateLocallyUniqueId(&sourceContext.SourceIdentifier) != TRUE)
 		goto done;
@ -100,7 +114,7 @@ generate_user_token(wchar_t* user) {
 		&originName, 
 		Network, 
 		auth_package_id, 
-		s4u_logon, 
+		logon_info,
 		logon_info_size, 
 		NULL, 
 		&sourceContext,
@ -115,8 +129,8 @@ generate_user_token(wchar_t* user) {
 done:
 	if (lsa_handle)
 		LsaDeregisterLogonProcess(lsa_handle);
-	if (s4u_logon)
-		free(s4u_logon);
+	if (logon_info)
+		free(logon_info);
 	if (pProfile)
 		LsaFreeReturnBuffer(pProfile);