mirror of
https://github.com/PowerShell/Win32-OpenSSH.git
synced 2025-07-23 22:15:37 +02:00
5-14 C1
This commit is contained in:
manojampalam
parent
bf41884f36
commit
64b305b3b2
@ -46,22 +46,6 @@ RtlInitUnicodeStringPtr RtlInitUnicodeString = NULL;
|
|||||||
|
|
||||||
HMODULE NtDll = NULL;
|
HMODULE NtDll = NULL;
|
||||||
|
|
||||||
#ifdef DYNAMIC_OPENSSL
|
|
||||||
//
|
|
||||||
// Handle to 'libcrypto.dll' and 'libssl.dll' modules.
|
|
||||||
//
|
|
||||||
|
|
||||||
HMODULE LibCrypto = NULL;
|
|
||||||
HMODULE LibSSL = NULL;
|
|
||||||
|
|
||||||
//
|
|
||||||
// This is global struct with dynamic loaded libssl and libcrypto
|
|
||||||
// functions.
|
|
||||||
//
|
|
||||||
|
|
||||||
SSLFuncList DynSSL;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
//
|
//
|
||||||
// This is table with addresses of LSA API functions.
|
// This is table with addresses of LSA API functions.
|
||||||
// We retrieve this table from system at package initialization
|
// We retrieve this table from system at package initialization
|
||||||
@ -400,7 +384,7 @@ NTSTATUS NTAPI
|
|||||||
//
|
//
|
||||||
|
|
||||||
|
|
||||||
inUserName = (wchar_t *) (((char*)authData)+4);
|
inUserName = (wchar_t *)authData;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -56,7 +56,7 @@ generate_user_token(wchar_t* user) {
|
|||||||
LSA_OPERATIONAL_MODE mode;
|
LSA_OPERATIONAL_MODE mode;
|
||||||
ULONG auth_package_id;
|
ULONG auth_package_id;
|
||||||
NTSTATUS ret, subStatus;
|
NTSTATUS ret, subStatus;
|
||||||
KERB_S4U_LOGON *s4u_logon = NULL;
|
void * logon_info = NULL;
|
||||||
size_t logon_info_size;
|
size_t logon_info_size;
|
||||||
LSA_STRING logon_process_name, auth_package_name, originName;
|
LSA_STRING logon_process_name, auth_package_name, originName;
|
||||||
TOKEN_SOURCE sourceContext;
|
TOKEN_SOURCE sourceContext;
|
||||||
@ -64,10 +64,14 @@ generate_user_token(wchar_t* user) {
|
|||||||
LUID logonId;
|
LUID logonId;
|
||||||
QUOTA_LIMITS quotas;
|
QUOTA_LIMITS quotas;
|
||||||
DWORD cbProfile;
|
DWORD cbProfile;
|
||||||
|
BOOL domain_user = (wcschr(user, L'@') != NULL)? TRUE : FALSE;
|
||||||
|
|
||||||
InitLsaString(&logon_process_name, "ssh-agent");
|
InitLsaString(&logon_process_name, "ssh-agent");
|
||||||
//InitLsaString(&auth_package_name, MICROSOFT_KERBEROS_NAME_A);
|
if (domain_user)
|
||||||
InitLsaString(&auth_package_name, "Negotiate");
|
InitLsaString(&auth_package_name, MICROSOFT_KERBEROS_NAME_A);
|
||||||
|
else
|
||||||
|
InitLsaString(&auth_package_name, "SSH-LSA");
|
||||||
|
|
||||||
InitLsaString(&originName, "sshd");
|
InitLsaString(&originName, "sshd");
|
||||||
if (ret = LsaRegisterLogonProcess(&logon_process_name, &lsa_handle, &mode) != STATUS_SUCCESS)
|
if (ret = LsaRegisterLogonProcess(&logon_process_name, &lsa_handle, &mode) != STATUS_SUCCESS)
|
||||||
goto done;
|
goto done;
|
||||||
@ -75,12 +79,14 @@ generate_user_token(wchar_t* user) {
|
|||||||
if (ret = LsaLookupAuthenticationPackage(lsa_handle, &auth_package_name, &auth_package_id) != STATUS_SUCCESS)
|
if (ret = LsaLookupAuthenticationPackage(lsa_handle, &auth_package_name, &auth_package_id) != STATUS_SUCCESS)
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
|
if (domain_user) {
|
||||||
|
KERB_S4U_LOGON *s4u_logon;
|
||||||
logon_info_size = sizeof(KERB_S4U_LOGON);
|
logon_info_size = sizeof(KERB_S4U_LOGON);
|
||||||
logon_info_size += (wcslen(user) * 2 + 2);
|
logon_info_size += (wcslen(user) * 2 + 2);
|
||||||
s4u_logon = malloc(logon_info_size);
|
logon_info = malloc(logon_info_size);
|
||||||
if (s4u_logon == NULL)
|
if (logon_info == NULL)
|
||||||
goto done;
|
goto done;
|
||||||
|
s4u_logon = (KERB_S4U_LOGON*)logon_info;
|
||||||
s4u_logon->MessageType = KerbS4ULogon;
|
s4u_logon->MessageType = KerbS4ULogon;
|
||||||
s4u_logon->Flags = 0;
|
s4u_logon->Flags = 0;
|
||||||
s4u_logon->ClientUpn.Length = wcslen(user) * 2;
|
s4u_logon->ClientUpn.Length = wcslen(user) * 2;
|
||||||
@ -90,8 +96,16 @@ generate_user_token(wchar_t* user) {
|
|||||||
s4u_logon->ClientRealm.Length = 0;
|
s4u_logon->ClientRealm.Length = 0;
|
||||||
s4u_logon->ClientRealm.MaximumLength = 0;
|
s4u_logon->ClientRealm.MaximumLength = 0;
|
||||||
s4u_logon->ClientRealm.Buffer = 0;
|
s4u_logon->ClientRealm.Buffer = 0;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
logon_info_size = (wcslen(user) + 1)*sizeof(wchar_t);
|
||||||
|
logon_info = malloc(logon_info_size);
|
||||||
|
if (logon_info == NULL)
|
||||||
|
goto done;
|
||||||
|
memcpy(logon_info, user, logon_info_size);
|
||||||
|
}
|
||||||
|
|
||||||
memcpy(sourceContext.SourceName,".Jobs ", sizeof(sourceContext.SourceName));
|
memcpy(sourceContext.SourceName,"sshagent", sizeof(sourceContext.SourceName));
|
||||||
|
|
||||||
if (AllocateLocallyUniqueId(&sourceContext.SourceIdentifier) != TRUE)
|
if (AllocateLocallyUniqueId(&sourceContext.SourceIdentifier) != TRUE)
|
||||||
goto done;
|
goto done;
|
||||||
@ -100,7 +114,7 @@ generate_user_token(wchar_t* user) {
|
|||||||
&originName,
|
&originName,
|
||||||
Network,
|
Network,
|
||||||
auth_package_id,
|
auth_package_id,
|
||||||
s4u_logon,
|
logon_info,
|
||||||
logon_info_size,
|
logon_info_size,
|
||||||
NULL,
|
NULL,
|
||||||
&sourceContext,
|
&sourceContext,
|
||||||
@ -115,8 +129,8 @@ generate_user_token(wchar_t* user) {
|
|||||||
done:
|
done:
|
||||||
if (lsa_handle)
|
if (lsa_handle)
|
||||||
LsaDeregisterLogonProcess(lsa_handle);
|
LsaDeregisterLogonProcess(lsa_handle);
|
||||||
if (s4u_logon)
|
if (logon_info)
|
||||||
free(s4u_logon);
|
free(logon_info);
|
||||||
if (pProfile)
|
if (pProfile)
|
||||||
LsaFreeReturnBuffer(pProfile);
|
LsaFreeReturnBuffer(pProfile);
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user