tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-23 14:04:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove additional token references and calls to ModifyReghtsToDesktop from session

Browse Source
This commit is contained in:
Manoj Ampalam 2016-03-24 15:08:52 -07:00
parent 268bdeb662
commit df9a548ef3
3 changed files with 2 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
auth.h
View File

@ -87,12 +87,6 @@ struct Authctxt {
struct sshkey **prev_userkeys; struct sshkey **prev_userkeys;
u_int nprev_userkeys; u_int nprev_userkeys;
#ifdef WIN32_FIXME
HANDLE hTokenLsa_;
HANDLE currentToken_;
#endif
}; };
/* /*
* Every authentication method has to handle authentication requests for * Every authentication method has to handle authentication requests for

5
auth2-pubkey.c
View File

@ -209,7 +209,6 @@ userauth_pubkey(Authctxt *authctxt)
#ifdef WIN32_FIXME #ifdef WIN32_FIXME
authctxt -> hTokenLsa_ = NULL;
authctxt -> methoddata = NULL; authctxt -> methoddata = NULL;
/* /*
@ -232,7 +231,7 @@ userauth_pubkey(Authctxt *authctxt)
} }
else else
{ {
loginStat = LsaLogon(&authctxt -> hTokenLsa_, HomeDirLsaW, loginStat = LsaLogon(&authctxt->methoddata, HomeDirLsaW,
authctxt -> user, pkblob, blen, sig, slen, authctxt -> user, pkblob, blen, sig, slen,
buffer_ptr(&b), buffer_len(&b), datafellows); buffer_ptr(&b), buffer_len(&b), datafellows);
@ -246,7 +245,7 @@ userauth_pubkey(Authctxt *authctxt)
* And user authorized OK. * And user authorized OK.
*/ */
if (authctxt -> hTokenLsa_) if (authctxt->methoddata)
{ {
doOpenSSHVerify = 0; doOpenSSHVerify = 0;

63
session.c
View File

@ -701,42 +701,9 @@ do_exec_no_pty(Session *s, const char *command)
* token using CreateUserToken for non-password auth mechanisms. * token using CreateUserToken for non-password auth mechanisms.
*/ */
/*
* Try LSA token first.
*/
if (s -> authctxt -> hTokenLsa_)
{
debug("Using token from lsa...");
hToken = s -> authctxt -> hTokenLsa_;
ModifyRightsToDesktop(hToken, 1);
}
/*
* Next try pass-auth token.
*/
else
{
debug("Using token from LogonUser()...");
hToken = s -> authctxt -> methoddata; hToken = s -> authctxt -> methoddata;
/*
* Clear this value out because we're going to release
* the token in this function
*/
s -> authctxt -> methoddata = INVALID_HANDLE_VALUE;
ModifyRightsToDesktop(hToken, 1);
}
/*
* Set display if needed
*/
if (s -> display) if (s -> display)
{ {
@ -749,23 +716,7 @@ do_exec_no_pty(Session *s, const char *command)
if (1) // (s -> pw -> pw_dir == NULL || s -> pw -> pw_dir[0] == '\0') if (1) // (s -> pw -> pw_dir == NULL || s -> pw -> pw_dir[0] == '\0')
{ {
/*
* If there is homedir from LSA use it.
*/
//if (HomeDirLsaW[0] != '\0')
//{
//s -> pw -> pw_dir = HomeDirLsaW;
//}
/*
* If not get homedir from token.
*/
//else
//{
s -> pw -> pw_dir = GetHomeDirFromToken(s -> pw -> pw_name, hToken); s -> pw -> pw_dir = GetHomeDirFromToken(s -> pw -> pw_name, hToken);
//}
} }
/* /*
@ -895,10 +846,6 @@ do_exec_no_pty(Session *s, const char *command)
* to clean up DACL of Winsta0. * to clean up DACL of Winsta0.
*/ */
//CloseHandle(hToken);
s -> authctxt -> currentToken_ = hToken;
/* /*
* Log the process handle (fake it as the pid) for termination lookups * Log the process handle (fake it as the pid) for termination lookups
*/ */
@ -2964,7 +2911,6 @@ session_pty_cleanup2(Session *s)
CloseHandle(s -> pid); CloseHandle(s -> pid);
ModifyRightsToDesktop(s -> authctxt -> currentToken_, 0);
} }
#endif #endif
@ -3391,15 +3337,6 @@ do_cleanup(Authctxt *authctxt)
static int called = 0; static int called = 0;
debug("do_cleanup"); debug("do_cleanup");
#ifdef WIN32_FIXME
if (authctxt)
{
ModifyRightsToDesktop(authctxt -> currentToken_, 0);
}
#endif
/* no cleanup if we're in the child for login shell */ /* no cleanup if we're in the child for login shell */
if (is_child) if (is_child)