From dec395bbfe55f6db957bd115f6eda8bad9ad94fb Mon Sep 17 00:00:00 2001 From: Manoj Ampalam Date: Thu, 17 Mar 2016 19:36:09 -0700 Subject: [PATCH] disabled broken fdopen and routed usage in code to Win CRTs _fdopen, also logging in Network mode, to get elevated tokens for admin --- auth-passwd.c | 30 +----------------------------- auth.c | 15 +++++++++++---- contrib/win32/win32compat/fileio.c | 4 ++++ ssh-keygen.c | 4 ++++ 4 files changed, 20 insertions(+), 33 deletions(-) diff --git a/auth-passwd.c b/auth-passwd.c index 0626fb3..2293668 100644 --- a/auth-passwd.c +++ b/auth-passwd.c @@ -335,39 +335,11 @@ int sys_auth_passwd(Authctxt *authctxt, const char *password) return 0; } - - /* - * First, try logon in INTERACTIVE mode. - */ worked = LogonUserW(user_UTF16, domain_UTF16, password_UTF16, - LOGON32_LOGON_INTERACTIVE, + LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &hToken); - /* - * If no success, try NETWORK mode. - */ - - if (!worked) - { - HANDLE weakToken = INVALID_HANDLE_VALUE; - - debug3("Netork login attemp [%s][%ls]...", - username, domain_UTF16); - - worked = LogonUserW(user_UTF16, domain_UTF16, password_UTF16, - LOGON32_LOGON_NETWORK, - LOGON32_PROVIDER_DEFAULT, &weakToken); - - if (worked) - { - debug("Duplicating token..."); - - debug3(DuplicateTokenEx(weakToken, MAXIMUM_ALLOWED, - NULL, SecurityImpersonation, - TokenPrimary, &hToken) == 0); - } - } free(user_UTF16); free(password_UTF16); diff --git a/auth.c b/auth.c index 9da9e78..6bf57d9 100644 --- a/auth.c +++ b/auth.c @@ -647,8 +647,8 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes, int fd; FILE *f; -#if(0)def WIN32_FIXME - if ((fd = WSHELPwopen(file, O_RDONLY|O_NONBLOCK)) == -1) { +#ifdef WIN32_FIXME + if ((fd = _wopen(file, O_RDONLY|O_NONBLOCK)) == -1) { #else if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) { #endif @@ -658,6 +658,13 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes, return NULL; } +#ifdef WIN32_FIXME + if ((f = _fdopen(fd, "r")) == NULL) { + _close(fd); + return NULL; + } + +#else if (fstat(fd, &st) < 0) { close(fd); return NULL; @@ -668,13 +675,13 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes, close(fd); return NULL; } -#ifndef WIN32_FIXME unset_nonblock(fd); -#endif + if ((f = fdopen(fd, "r")) == NULL) { close(fd); return NULL; } +#endif if (strict_modes && secure_filename(f, file, pw, line, sizeof(line)) != 0) { fclose(f); diff --git a/contrib/win32/win32compat/fileio.c b/contrib/win32/win32compat/fileio.c index 193fba5..c1297f2 100644 --- a/contrib/win32/win32compat/fileio.c +++ b/contrib/win32/win32compat/fileio.c @@ -556,6 +556,10 @@ fileio_fdopen(struct w32_io* pio, const char *mode) { int fd_flags = 0; debug2("fdopen - io:%p", pio); + /* logic below doesn't work with overlapped file HANDLES */ + errno = ENOTSUP; + return NULL; + if (mode[1] == '\0') { switch (*mode) { case 'r': diff --git a/ssh-keygen.c b/ssh-keygen.c index 7d50f42..8eda6b1 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -58,6 +58,10 @@ #include "krl.h" #include "digest.h" +#ifdef WIN32_FIXME +#define open(a,b,...) _open((a), (b), __VA_ARGS__) +#define fdopen(a,b) _fdopen((a), (b)) +#endif #ifdef WITH_OPENSSL # define DEFAULT_KEY_TYPE_NAME "rsa"