disabled broken fdopen and routed usage in code to Win CRTs _fdopen, also logging in Network mode, to get elevated tokens for admin

Author: manojampalam

auth-passwd.c

@@ -335,39 +335,11 @@ int sys_auth_passwd(Authctxt *authctxt, const char *password)
 
     return 0;
   }
-
-  /*
-   * First, try logon in INTERACTIVE mode.
-   */
 
   worked = LogonUserW(user_UTF16, domain_UTF16, password_UTF16,
-                         LOGON32_LOGON_INTERACTIVE, 
+	  LOGON32_LOGON_NETWORK,
                              LOGON32_PROVIDER_DEFAULT, &hToken);
 
-  /*
-   * If no success, try NETWORK mode.
-   */
-   
-  if (!worked)
-  {
-    HANDLE weakToken = INVALID_HANDLE_VALUE;
-    
-    debug3("Netork login attemp [%s][%ls]...", 
-               username, domain_UTF16);
-    
-    worked = LogonUserW(user_UTF16, domain_UTF16, password_UTF16,
-                           LOGON32_LOGON_NETWORK,
-                               LOGON32_PROVIDER_DEFAULT, &weakToken);
-
-    if (worked)
-    {
-      debug("Duplicating token...");
-  
-      debug3(DuplicateTokenEx(weakToken, MAXIMUM_ALLOWED,
-                                  NULL, SecurityImpersonation,
-                                      TokenPrimary, &hToken) == 0);
-    }                                  
-  }
 
   free(user_UTF16);
   free(password_UTF16);

auth.c

@@ -647,8 +647,8 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes,
 	int fd;
 	FILE *f;
 
-#if(0)def WIN32_FIXME
-    if ((fd = WSHELPwopen(file, O_RDONLY|O_NONBLOCK)) == -1) {
+#ifdef WIN32_FIXME
+    if ((fd = _wopen(file, O_RDONLY|O_NONBLOCK)) == -1) {
 #else
 	if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {
 #endif
@@ -658,6 +658,13 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes,
 		return NULL;
 	}
 
+#ifdef WIN32_FIXME
+	if ((f = _fdopen(fd, "r")) == NULL) {
+		_close(fd);
+		return NULL;
+	}
+
+#else
 	if (fstat(fd, &st) < 0) {
 		close(fd);
 		return NULL;
@@ -668,13 +675,13 @@ auth_openfile(const char *file, struct passwd *pw, int strict_modes,
 		close(fd);
 		return NULL;
 	}
-#ifndef WIN32_FIXME
 	unset_nonblock(fd);
-#endif
+
 	if ((f = fdopen(fd, "r")) == NULL) {
 		close(fd);
 		return NULL;
 	}
+#endif
 	if (strict_modes &&
 	    secure_filename(f, file, pw, line, sizeof(line)) != 0) {
 		fclose(f);

contrib/win32/win32compat/fileio.c

@@ -556,6 +556,10 @@ fileio_fdopen(struct w32_io* pio, const char *mode) {
 	int fd_flags = 0;
 	debug2("fdopen - io:%p", pio);
 
+	/* logic below doesn't work with overlapped file HANDLES */
+	errno = ENOTSUP;
+	return NULL;
+
 	if (mode[1] == '\0') {
 		switch (*mode) {
 		case 'r':

ssh-keygen.c

@@ -58,6 +58,10 @@
 #include "krl.h"
 #include "digest.h"
 
+#ifdef	WIN32_FIXME
+#define open(a,b,...) _open((a), (b), __VA_ARGS__)
+#define fdopen(a,b) _fdopen((a), (b))
+#endif
 
 #ifdef WITH_OPENSSL
 # define DEFAULT_KEY_TYPE_NAME "rsa"