Remove additional token references and calls to ModifyReghtsToDesktop from session

2025-07-26 07:25:25 +02:00 · 2016-03-24 15:08:52 -07:00 · 2016-03-24 15:08:52 -07:00 · df9a548ef3
commit df9a548ef3
parent 268bdeb662
3 changed files with 2 additions and 72 deletions
--- a/auth.h
+++ b/auth.h
@ -87,12 +87,6 @@ struct Authctxt {

 	struct sshkey	**prev_userkeys;
 	u_int		 nprev_userkeys;
-  #ifdef WIN32_FIXME
-
-    HANDLE hTokenLsa_;
-    HANDLE currentToken_;
-
-  #endif
 };
 /*
 * Every authentication method has to handle authentication requests for
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@ -209,7 +209,6 @@ userauth_pubkey(Authctxt *authctxt)

    #ifdef WIN32_FIXME

-    authctxt -> hTokenLsa_ = NULL;
    authctxt -> methoddata = NULL;
 
    /*
@ -232,7 +231,7 @@ userauth_pubkey(Authctxt *authctxt)
    }
    else
    {
-      loginStat = LsaLogon(&authctxt -> hTokenLsa_, HomeDirLsaW,
+      loginStat = LsaLogon(&authctxt->methoddata, HomeDirLsaW,
                               authctxt -> user, pkblob, blen, sig, slen,
                                 buffer_ptr(&b), buffer_len(&b), datafellows);

@ -246,7 +245,7 @@ userauth_pubkey(Authctxt *authctxt)
         * And user authorized OK.
         */
    
-        if (authctxt -> hTokenLsa_)
+        if (authctxt->methoddata)
        {
          doOpenSSHVerify = 0;
          
--- a/session.c
+++ b/session.c
@ -701,42 +701,9 @@ do_exec_no_pty(Session *s, const char *command)
   * token using CreateUserToken for non-password auth mechanisms.
   */
  
-  /*
-   * Try LSA token first.
-   */
-    
-  if (s -> authctxt -> hTokenLsa_)
-  {
-    debug("Using token from lsa...");
-      
-    hToken = s -> authctxt -> hTokenLsa_;
-      
-    ModifyRightsToDesktop(hToken, 1);
-  }
-    
-  /*
-   * Next try pass-auth token.
-   */
-  
-  else
-  {
-    debug("Using token from LogonUser()...");
  
    hToken = s -> authctxt -> methoddata;

-    /*
-     * Clear this value out because we're going to release
-     * the token in this function
-     */
-    
-    s -> authctxt -> methoddata = INVALID_HANDLE_VALUE;
-
-    ModifyRightsToDesktop(hToken, 1);
-  }
-
-  /*
-   * Set display if needed
-   */

  if (s -> display)
  {
@ -749,23 +716,7 @@ do_exec_no_pty(Session *s, const char *command)
  
  if (1) // (s -> pw -> pw_dir == NULL || s -> pw -> pw_dir[0] == '\0')
  {
-    /*
-     * If there is homedir from LSA use it.
-     */
-
-    //if (HomeDirLsaW[0] != '\0')
-    //{
-      //s -> pw -> pw_dir = HomeDirLsaW;
-    //}
-    
-    /*
-     * If not get homedir from token.
-     */
-    
-    //else
-    //{
      s -> pw -> pw_dir = GetHomeDirFromToken(s -> pw -> pw_name, hToken);
-    //}
  }

  /*
@ -895,10 +846,6 @@ do_exec_no_pty(Session *s, const char *command)
   * to clean up DACL of Winsta0.
   */
  
-  //CloseHandle(hToken);
-  
-  s -> authctxt -> currentToken_ = hToken; 
-
  /*
   * Log the process handle (fake it as the pid) for termination lookups 
   */
@ -2964,7 +2911,6 @@ session_pty_cleanup2(Session *s)
    
    CloseHandle(s -> pid);
    
-    ModifyRightsToDesktop(s -> authctxt -> currentToken_, 0);
  }
 
  #endif
@ -3391,15 +3337,6 @@ do_cleanup(Authctxt *authctxt)
 	static int called = 0;

 	debug("do_cleanup");
-  #ifdef WIN32_FIXME
-
-    if (authctxt)
-    {
-      ModifyRightsToDesktop(authctxt -> currentToken_, 0);
-    }  
-  
-  #endif
-

 	/* no cleanup if we're in the child for login shell */
 	if (is_child)