This commit is contained in:
manojampalam 2016-05-08 22:18:16 -07:00
parent 2c7e659e37
commit 9347e07039
9 changed files with 88 additions and 17 deletions

View File

@ -81,6 +81,7 @@ EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssh-agent", "ssh-agent.vcxproj", "{F6644EC5-D6B6-42A1-828C-75E2977470E0}"
ProjectSection(ProjectDependencies) = postProject
{05E1115F-8529-46D0-AAAF-52A404CE79A7} = {05E1115F-8529-46D0-AAAF-52A404CE79A7}
{8F9D3B74-8D33-448E-9762-26E8DCC6B2F4} = {8F9D3B74-8D33-448E-9762-26E8DCC6B2F4}
{DD483F7D-C553-4740-BC1A-903805AD0174} = {DD483F7D-C553-4740-BC1A-903805AD0174}
{0D02F0F0-013B-4EE3-906D-86517F3822C0} = {0D02F0F0-013B-4EE3-906D-86517F3822C0}
{8660C2FE-9874-432D-B047-E042BB41DBE0} = {8660C2FE-9874-432D-B047-E042BB41DBE0}

View File

@ -198,7 +198,6 @@
<ClInclude Include="..\ssh-pubkey\ssh-pubkeydefs.h" />
<ClInclude Include="..\win32compat\ssh-agent\agent-request.h" />
<ClInclude Include="..\win32compat\ssh-agent\agent.h" />
<ClInclude Include="..\win32compat\ssh-agent\config.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\..\auth.c" />
@ -208,7 +207,7 @@
<ClCompile Include="..\win32compat\ssh-agent\agent-main.c" />
<ClCompile Include="..\win32compat\ssh-agent\agent.c" />
<ClCompile Include="..\win32compat\ssh-agent\authagent-request.c" />
<ClCompile Include="..\win32compat\ssh-agent\config.c" />
<ClCompile Include="..\win32compat\ssh-agent\agentconfig.c" />
<ClCompile Include="..\win32compat\ssh-agent\connection.c" />
<ClCompile Include="..\win32compat\ssh-agent\keyagent-request.c" />
<ClCompile Include="..\win32compat\ssh-agent\pubkeyagent-request.c" />

View File

@ -28,14 +28,15 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "agent.h"
#include "config.h"
int scm_start_servie(DWORD, LPWSTR*);
SERVICE_TABLE_ENTRY diapatch_table[] =
SERVICE_TABLE_ENTRYW dispatch_table[] =
{
{ L"ssh-agent", (LPSERVICE_MAIN_FUNCTION)scm_start_servie },
{ L"ssh-agent", (LPSERVICE_MAIN_FUNCTIONW)scm_start_servie },
{ NULL, NULL }
};
static SERVICE_STATUS_HANDLE service_status_handle;
@ -93,7 +94,7 @@ int main(int argc, char **argv) {
w32posix_initialize();
load_config();
if (!StartServiceCtrlDispatcher(diapatch_table)) {
if (!StartServiceCtrlDispatcherW(dispatch_table)) {
if (GetLastError() == ERROR_FAILED_SERVICE_CONTROLLER_CONNECT) {
if (argc == 1) {
/* console app - start in debug mode*/
@ -102,8 +103,10 @@ int main(int argc, char **argv) {
return agent_start(TRUE, FALSE, 0, 0);
}
else {
char* h = 0;
h += atoi(*(argv + 1));
log_init("ssh-agent", config_log_level(), 1, 0);
return agent_start(FALSE, TRUE, (HANDLE)atoi(*(argv+1)), atoi(*(argv+2)));
return agent_start(FALSE, TRUE, h, atoi(*(argv+2)));
}
}
else
@ -113,7 +116,7 @@ int main(int argc, char **argv) {
}
int scm_start_servie(DWORD num, LPWSTR* args) {
service_status_handle = RegisterServiceCtrlHandler(L"ssh-agent", service_handler);
service_status_handle = RegisterServiceCtrlHandlerW(L"ssh-agent", service_handler);
ZeroMemory(&service_status, sizeof(service_status));
service_status.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
ReportSvcStatus(SERVICE_START_PENDING, NO_ERROR, 300);

View File

@ -1,4 +1,3 @@
#include <Windows.h>
typedef unsigned char u_int8_t;
typedef unsigned short u_int16_t;
typedef unsigned int u_int32_t;

View File

@ -28,7 +28,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "agent.h"s
#include "agent.h"
#define BUFSIZE 5 * 1024
static HANDLE ioc_port = NULL;
@ -118,7 +118,7 @@ process_connection(HANDLE pipe, int type) {
con->type = type;
CreateIoCompletionPort(pipe, ioc_port, (ULONG_PTR)con, 0);
agent_connection_on_io(con, 0, &con->ol);
iocp_work(NULL);
return iocp_work(NULL);
}
static void
@ -186,10 +186,10 @@ agent_listen_loop() {
/* todo - spawn a child to take care of this*/
wchar_t path[MAX_PATH], module_path[MAX_PATH];
PROCESS_INFORMATION pi;
STARTUPINFO si;
STARTUPINFOW si;
si.cb = sizeof(STARTUPINFO);
memset(&si, 0, sizeof(STARTUPINFO));
si.cb = sizeof(STARTUPINFOW);
memset(&si, 0, sizeof(STARTUPINFOW));
GetModuleFileNameW(NULL, module_path, MAX_PATH);
swprintf_s(path, MAX_PATH, L"%s %d %d", module_path, con, listeners[r - 1].type);
if (CreateProcessW(NULL, path, NULL, NULL, TRUE,

View File

@ -39,4 +39,7 @@ void agent_connection_disconnect(struct agent_connection*);
int agent_start(BOOL, BOOL, HANDLE, enum agent_type);
void agent_shutdown();
void agent_cleanup_connection(struct agent_connection*);
void agent_cleanup_connection(struct agent_connection*);
int load_config();
int config_log_level();

View File

@ -44,6 +44,7 @@
#include "auth.h"
#include "myproposal.h"
#include "digest.h"
#include "agent.h"
static int use_privsep = -1;
Buffer cfg;

View File

@ -29,9 +29,74 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <Windows.h>
#include <Ntsecapi.h>
//#include <ntstatus.h>
#include "agent.h"
#include "agent-request.h"
int process_authagent_request(struct sshbuf* request, struct sshbuf* response, struct agent_connection* con) {
while (1)
{
HANDLE lsa_handle;
PLSA_OPERATIONAL_MODE mode;
ULONG auth_package_id;
NTSTATUS ret;
KERB_S4U_LOGON *s4u_logon;
size_t logon_info_size;
LSA_STRING logon_process_name, auth_package_name, originName;
InitLsaString(&logon_process_name, "ssh-agent");
//InitLsaString(&auth_package_name, MICROSOFT_KERBEROS_NAME_A);
InitLsaString(&auth_package_name, "Negotiate");
InitLsaString(&originName, "sshd");
if (ret = LsaRegisterLogonProcess(&logon_process_name, &lsa_handle, &mode) != STATUS_SUCCESS)
break;
if (ret = LsaLookupAuthenticationPackage(lsa_handle, &auth_package_name, &auth_package_id) != STATUS_SUCCESS)
break;
#define USER_NAME L"user@domain"
logon_info_size = sizeof(KERB_S4U_LOGON);
logon_info_size += (wcslen(USER_NAME) * 2 + 2);
s4u_logon = malloc(logon_info_size);
s4u_logon->MessageType = KerbS4ULogon;
s4u_logon->Flags = 0;
s4u_logon->ClientUpn.Length = wcslen(USER_NAME) * 2;
s4u_logon->ClientUpn.MaximumLength = s4u_logon->ClientUpn.Length;
s4u_logon->ClientUpn.Buffer = (WCHAR*)(s4u_logon + 1);
memcpy(s4u_logon->ClientUpn.Buffer, USER_NAME, s4u_logon->ClientUpn.Length + 2);
s4u_logon->ClientRealm.Length = 0;
s4u_logon->ClientRealm.MaximumLength = 0;
s4u_logon->ClientRealm.Buffer = 0;
TOKEN_SOURCE sourceContext;
RtlCopyMemory(
sourceContext.SourceName,
".Jobs ",
sizeof(sourceContext.SourceName)
);
if (AllocateLocallyUniqueId(&sourceContext.SourceIdentifier) != TRUE)
break;
PKERB_INTERACTIVE_PROFILE pProfile = NULL;
LUID logonId;
QUOTA_LIMITS quotas;
NTSTATUS subStatus;
DWORD cbProfile;
HANDLE hToken = INVALID_HANDLE_VALUE;
if (ret = LsaLogonUser(lsa_handle, &originName, Network, auth_package_id, s4u_logon, logon_info_size, NULL, &sourceContext,
(PVOID*)&pProfile,
&cbProfile,
&logonId,
&hToken,
&quotas,
&subStatus) != STATUS_SUCCESS)
break;
CloseHandle(hToken);
LsaDeregisterLogonProcess(lsa_handle);
break;
}
return -1;
}

View File

@ -49,14 +49,14 @@ get_user_root(struct agent_connection* con, HKEY *root){
}
static int
convert_blob(struct agent_connection* con, char *blob, DWORD blen, char **eblob, DWORD *eblen, int encrypt) {
convert_blob(struct agent_connection* con, const char *blob, DWORD blen, char **eblob, DWORD *eblen, int encrypt) {
int r = 0;
DATA_BLOB in, out;
if (ImpersonateNamedPipeClient(con->connection) == FALSE)
return ERROR_INTERNAL_ERROR;
in.cbData = blen;
in.pbData = blob;
in.pbData = (char*)blob;
out.cbData = 0;
out.pbData = NULL;