1 |
/* |
2 |
Copyright (c) 1998-2001, Robert O'Callahan |
3 |
All rights reserved. |
4 |
|
5 |
Redistribution and use in source and binary forms, with or without modification, |
6 |
are permitted provided that the following conditions are met: |
7 |
|
8 |
Redistributions of source code must retain the above copyright notice, this list of |
9 |
conditions and the following disclaimer. |
10 |
|
11 |
Redistributions in binary form must reproduce the above copyright notice, this list |
12 |
of conditions and the following disclaimer in the documentation and/or other materials |
13 |
provided with the distribution. |
14 |
|
15 |
The name of Robert O'Callahan may not be used to endorse or promote products derived from |
16 |
this software without specific prior written permission. |
17 |
|
18 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND |
19 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 |
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL |
21 |
THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, |
22 |
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
23 |
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
24 |
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
25 |
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
26 |
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
27 |
*/ |
28 |
|
29 |
#include "ttxssh.h" |
30 |
#include "util.h" |
31 |
|
32 |
#include <io.h> |
33 |
#include <fcntl.h> |
34 |
#include <stdlib.h> |
35 |
#include <errno.h> |
36 |
|
37 |
#include "resource.h" |
38 |
#include "keyfiles.h" |
39 |
|
40 |
#define AUTH_START_USER_AUTH_ON_ERROR_END 1 |
41 |
|
42 |
#define MAX_AUTH_CONTROL IDC_SSHUSETIS |
43 |
|
44 |
static void destroy_malloced_string(char FAR * FAR * str) |
45 |
{ |
46 |
if (*str != NULL) { |
47 |
memset(*str, 0, strlen(*str)); |
48 |
free(*str); |
49 |
*str = NULL; |
50 |
} |
51 |
} |
52 |
|
53 |
static int auth_types_to_control_IDs[] = { |
54 |
-1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD, |
55 |
IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1 |
56 |
}; |
57 |
|
58 |
static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg, |
59 |
WPARAM wParam, LPARAM lParam) |
60 |
{ |
61 |
switch (msg) { |
62 |
case WM_CHAR: |
63 |
if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) { |
64 |
char chars[] = { (char) wParam, 0 }; |
65 |
|
66 |
SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE, |
67 |
(LPARAM) (char FAR *) chars); |
68 |
return 0; |
69 |
} |
70 |
} |
71 |
|
72 |
return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA), |
73 |
control, msg, wParam, lParam); |
74 |
} |
75 |
|
76 |
static void init_password_control(HWND dlg) |
77 |
{ |
78 |
HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD); |
79 |
|
80 |
SetWindowLong(passwordControl, GWL_USERDATA, |
81 |
SetWindowLong(passwordControl, GWL_WNDPROC, |
82 |
(LONG) password_wnd_proc)); |
83 |
|
84 |
SetFocus(passwordControl); |
85 |
} |
86 |
|
87 |
static void set_auth_options_status(HWND dlg, int controlID) |
88 |
{ |
89 |
BOOL RSA_enabled = controlID == IDC_SSHUSERSA; |
90 |
BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS; |
91 |
BOOL TIS_enabled = controlID == IDC_SSHUSETIS; |
92 |
int i; |
93 |
|
94 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID); |
95 |
|
96 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled); |
97 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled); |
98 |
|
99 |
for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) { |
100 |
EnableWindow(GetDlgItem(dlg, i), RSA_enabled); |
101 |
} |
102 |
|
103 |
for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) { |
104 |
EnableWindow(GetDlgItem(dlg, i), rhosts_enabled); |
105 |
} |
106 |
} |
107 |
|
108 |
static void init_auth_machine_banner(PTInstVar pvar, HWND dlg) |
109 |
{ |
110 |
char buf[1024] = "Logging in to "; |
111 |
|
112 |
if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) { |
113 |
strcat(buf, SSH_get_host_name(pvar)); |
114 |
} |
115 |
SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf); |
116 |
} |
117 |
|
118 |
static void update_server_supported_types(PTInstVar pvar, HWND dlg) |
119 |
{ |
120 |
int supported_methods = pvar->auth_state.supported_types; |
121 |
int cur_control = -1; |
122 |
int control; |
123 |
HWND focus = GetFocus(); |
124 |
|
125 |
if (supported_methods == 0) { |
126 |
return; |
127 |
} |
128 |
|
129 |
for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL; |
130 |
control++) { |
131 |
BOOL enabled = FALSE; |
132 |
int method; |
133 |
HWND item = GetDlgItem(dlg, control); |
134 |
|
135 |
if (item != NULL) { |
136 |
for (method = 0; method <= SSH_AUTH_MAX; method++) { |
137 |
if (auth_types_to_control_IDs[method] == control |
138 |
&& (supported_methods & (1 << method)) != 0) { |
139 |
enabled = TRUE; |
140 |
} |
141 |
} |
142 |
|
143 |
EnableWindow(item, enabled); |
144 |
|
145 |
if (IsDlgButtonChecked(dlg, control)) { |
146 |
cur_control = control; |
147 |
} |
148 |
} |
149 |
} |
150 |
|
151 |
if (cur_control >= 0) { |
152 |
if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) { |
153 |
do { |
154 |
cur_control++; |
155 |
if (cur_control > MAX_AUTH_CONTROL) { |
156 |
cur_control = IDC_SSHUSEPASSWORD; |
157 |
} |
158 |
} while (!IsWindowEnabled(GetDlgItem(dlg, cur_control))); |
159 |
|
160 |
set_auth_options_status(dlg, cur_control); |
161 |
|
162 |
if (focus != NULL && !IsWindowEnabled(focus)) { |
163 |
SetFocus(GetDlgItem(dlg, cur_control)); |
164 |
} |
165 |
} |
166 |
} |
167 |
} |
168 |
|
169 |
static void init_auth_dlg(PTInstVar pvar, HWND dlg) |
170 |
{ |
171 |
int default_method = pvar->session_settings.DefaultAuthMethod; |
172 |
|
173 |
init_auth_machine_banner(pvar, dlg); |
174 |
init_password_control(dlg); |
175 |
|
176 |
if (pvar->auth_state.failed_method != SSH_AUTH_NONE) { |
177 |
/* must be retrying a failed attempt */ |
178 |
SetDlgItemText(dlg, IDC_SSHAUTHBANNER2, |
179 |
"Authentication failed. Please retry."); |
180 |
SetWindowText(dlg, "Retrying SSH Authentication"); |
181 |
default_method = pvar->auth_state.failed_method; |
182 |
} |
183 |
|
184 |
set_auth_options_status(dlg, |
185 |
auth_types_to_control_IDs[default_method]); |
186 |
|
187 |
if (default_method == SSH_AUTH_TIS) { |
188 |
/* we disabled the password control, so fix the focus */ |
189 |
SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS)); |
190 |
} |
191 |
|
192 |
if (pvar->auth_state.user != NULL) { |
193 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user); |
194 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE); |
195 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE); |
196 |
} else if (pvar->session_settings.DefaultUserName[0] != 0) { |
197 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, |
198 |
pvar->session_settings.DefaultUserName); |
199 |
} else { |
200 |
SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME)); |
201 |
} |
202 |
|
203 |
SetDlgItemText(dlg, IDC_RSAFILENAME, |
204 |
pvar->session_settings.DefaultRSAPrivateKeyFile); |
205 |
SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
206 |
pvar->session_settings.DefaultRhostsHostPrivateKeyFile); |
207 |
SetDlgItemText(dlg, IDC_LOCALUSERNAME, |
208 |
pvar->session_settings.DefaultRhostsLocalUserName); |
209 |
|
210 |
update_server_supported_types(pvar, dlg); |
211 |
|
212 |
// SSH2 autologin (2004.12.1 yutaka) |
213 |
// ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B |
214 |
if (pvar->ssh2_autologin == 1) { |
215 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username); |
216 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE); |
217 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE); |
218 |
|
219 |
SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password); |
220 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE); |
221 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE); |
222 |
|
223 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) { |
224 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD); |
225 |
} else { |
226 |
// TODO |
227 |
|
228 |
} |
229 |
} |
230 |
|
231 |
} |
232 |
|
233 |
static char FAR *alloc_control_text(HWND ctl) |
234 |
{ |
235 |
int len = GetWindowTextLength(ctl); |
236 |
char FAR *result = malloc(len + 1); |
237 |
|
238 |
if (result != NULL) { |
239 |
GetWindowText(ctl, result, len + 1); |
240 |
result[len] = 0; |
241 |
} |
242 |
|
243 |
return result; |
244 |
} |
245 |
|
246 |
static int get_key_file_name(HWND parent, char FAR * buf, int bufsize) |
247 |
{ |
248 |
#ifdef TERATERM32 |
249 |
OPENFILENAME params; |
250 |
char fullname_buf[2048] = "identity"; |
251 |
|
252 |
params.lStructSize = sizeof(OPENFILENAME); |
253 |
params.hwndOwner = parent; |
254 |
params.lpstrFilter = NULL; |
255 |
params.lpstrCustomFilter = NULL; |
256 |
params.nFilterIndex = 0; |
257 |
buf[0] = 0; |
258 |
params.lpstrFile = fullname_buf; |
259 |
params.nMaxFile = sizeof(fullname_buf); |
260 |
params.lpstrFileTitle = NULL; |
261 |
params.lpstrInitialDir = NULL; |
262 |
params.lpstrTitle = "Choose a file with the RSA private key"; |
263 |
params.Flags = |
264 |
OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY; |
265 |
params.lpstrDefExt = NULL; |
266 |
|
267 |
if (GetOpenFileName(¶ms) != 0) { |
268 |
copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf); |
269 |
return 1; |
270 |
} else { |
271 |
return 0; |
272 |
} |
273 |
#else |
274 |
return 0; |
275 |
#endif |
276 |
} |
277 |
|
278 |
static void choose_RSA_key_file(HWND dlg) |
279 |
{ |
280 |
char buf[1024]; |
281 |
|
282 |
if (get_key_file_name(dlg, buf, sizeof(buf))) { |
283 |
SetDlgItemText(dlg, IDC_RSAFILENAME, buf); |
284 |
} |
285 |
} |
286 |
|
287 |
static void choose_host_RSA_key_file(HWND dlg) |
288 |
{ |
289 |
char buf[1024]; |
290 |
|
291 |
if (get_key_file_name(dlg, buf, sizeof(buf))) { |
292 |
SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf); |
293 |
} |
294 |
} |
295 |
|
296 |
static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg) |
297 |
{ |
298 |
int method = SSH_AUTH_PASSWORD; |
299 |
char FAR *password = |
300 |
alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD)); |
301 |
CRYPTKeyPair FAR *key_pair = NULL; |
302 |
|
303 |
if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) { |
304 |
method = SSH_AUTH_RSA; |
305 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) { |
306 |
if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) { |
307 |
method = SSH_AUTH_RHOSTS_RSA; |
308 |
} else { |
309 |
method = SSH_AUTH_RHOSTS; |
310 |
} |
311 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) { |
312 |
method = SSH_AUTH_TIS; |
313 |
} |
314 |
|
315 |
if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) { |
316 |
char buf[2048]; |
317 |
int file_ctl_ID = |
318 |
method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME; |
319 |
|
320 |
buf[0] = 0; |
321 |
GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf)); |
322 |
if (buf[0] == 0) { |
323 |
notify_nonfatal_error(pvar, |
324 |
"You must specify a file containing the RSA private key."); |
325 |
SetFocus(GetDlgItem(dlg, file_ctl_ID)); |
326 |
destroy_malloced_string(&password); |
327 |
return FALSE; |
328 |
} else { |
329 |
BOOL invalid_passphrase = FALSE; |
330 |
|
331 |
key_pair = KEYFILES_read_private_key(pvar, buf, password, |
332 |
&invalid_passphrase, |
333 |
FALSE); |
334 |
|
335 |
if (key_pair == NULL) { |
336 |
if (invalid_passphrase) { |
337 |
HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD); |
338 |
|
339 |
SetFocus(passwordCtl); |
340 |
SendMessage(passwordCtl, EM_SETSEL, 0, -1); |
341 |
} else { |
342 |
SetFocus(GetDlgItem(dlg, file_ctl_ID)); |
343 |
} |
344 |
destroy_malloced_string(&password); |
345 |
return FALSE; |
346 |
} |
347 |
} |
348 |
} |
349 |
|
350 |
/* from here on, we cannot fail, so just munge cur_cred in place */ |
351 |
pvar->auth_state.cur_cred.method = method; |
352 |
pvar->auth_state.cur_cred.key_pair = key_pair; |
353 |
/* we can't change the user name once it's set. It may already have |
354 |
been sent to the server, and it can only be sent once. */ |
355 |
if (pvar->auth_state.user == NULL) { |
356 |
pvar->auth_state.user = |
357 |
alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME)); |
358 |
} |
359 |
if (method == SSH_AUTH_PASSWORD) { |
360 |
pvar->auth_state.cur_cred.password = password; |
361 |
} else { |
362 |
destroy_malloced_string(&password); |
363 |
} |
364 |
if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) { |
365 |
if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) { |
366 |
notify_nonfatal_error(pvar, |
367 |
"Rhosts authentication will probably fail because it was not " |
368 |
"the default authentication method.\n" |
369 |
"To use Rhosts authentication " |
370 |
"in TTSSH, you need to set it to be the default by restarting\n" |
371 |
"TTSSH and selecting \"SSH Authentication...\" from the Setup menu" |
372 |
"before connecting."); |
373 |
} |
374 |
|
375 |
pvar->auth_state.cur_cred.rhosts_client_user = |
376 |
alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME)); |
377 |
} |
378 |
pvar->auth_state.auth_dialog = NULL; |
379 |
|
380 |
GetDlgItemText(dlg, IDC_RSAFILENAME, |
381 |
pvar->session_settings.DefaultRSAPrivateKeyFile, |
382 |
sizeof(pvar->session_settings. |
383 |
DefaultRSAPrivateKeyFile)); |
384 |
GetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
385 |
pvar->session_settings.DefaultRhostsHostPrivateKeyFile, |
386 |
sizeof(pvar->session_settings. |
387 |
DefaultRhostsHostPrivateKeyFile)); |
388 |
GetDlgItemText(dlg, IDC_LOCALUSERNAME, |
389 |
pvar->session_settings.DefaultRhostsLocalUserName, |
390 |
sizeof(pvar->session_settings. |
391 |
DefaultRhostsLocalUserName)); |
392 |
|
393 |
if (SSHv1(pvar)) { |
394 |
SSH_notify_user_name(pvar); |
395 |
SSH_notify_cred(pvar); |
396 |
} else { |
397 |
// for SSH2(yutaka) |
398 |
do_SSH2_userauth(pvar); |
399 |
} |
400 |
|
401 |
EndDialog(dlg, 1); |
402 |
return TRUE; |
403 |
} |
404 |
|
405 |
static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam, |
406 |
LPARAM lParam) |
407 |
{ |
408 |
const int IDC_TIMER1 = 300; |
409 |
const int autologin_timeout = 10; // �~���b |
410 |
PTInstVar pvar; |
411 |
|
412 |
switch (msg) { |
413 |
case WM_INITDIALOG: |
414 |
pvar = (PTInstVar) lParam; |
415 |
pvar->auth_state.auth_dialog = dlg; |
416 |
SetWindowLong(dlg, DWL_USER, lParam); |
417 |
|
418 |
init_auth_dlg(pvar, dlg); |
419 |
|
420 |
// SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka) |
421 |
if (pvar->ssh2_autologin == 1) { |
422 |
SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0); |
423 |
} |
424 |
return FALSE; /* because we set the focus */ |
425 |
|
426 |
case WM_TIMER: |
427 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
428 |
// �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka) |
429 |
if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) { |
430 |
KillTimer(dlg, IDC_TIMER1); |
431 |
SendMessage(dlg, WM_COMMAND, IDOK, 0); |
432 |
} |
433 |
return TRUE; |
434 |
|
435 |
case WM_COMMAND: |
436 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
437 |
|
438 |
switch (LOWORD(wParam)) { |
439 |
case IDOK: |
440 |
return end_auth_dlg(pvar, dlg); |
441 |
|
442 |
case IDCANCEL: /* kill the connection */ |
443 |
pvar->auth_state.auth_dialog = NULL; |
444 |
notify_closed_connection(pvar); |
445 |
EndDialog(dlg, 0); |
446 |
return TRUE; |
447 |
|
448 |
case IDC_SSHUSEPASSWORD: |
449 |
case IDC_SSHUSERSA: |
450 |
case IDC_SSHUSERHOSTS: |
451 |
case IDC_SSHUSETIS: |
452 |
set_auth_options_status(dlg, LOWORD(wParam)); |
453 |
return TRUE; |
454 |
|
455 |
case IDC_CHOOSERSAFILE: |
456 |
choose_RSA_key_file(dlg); |
457 |
return TRUE; |
458 |
|
459 |
case IDC_CHOOSEHOSTRSAFILE: |
460 |
choose_host_RSA_key_file(dlg); |
461 |
return TRUE; |
462 |
|
463 |
default: |
464 |
return FALSE; |
465 |
} |
466 |
|
467 |
default: |
468 |
return FALSE; |
469 |
} |
470 |
} |
471 |
|
472 |
char FAR *AUTH_get_user_name(PTInstVar pvar) |
473 |
{ |
474 |
return pvar->auth_state.user; |
475 |
} |
476 |
|
477 |
int AUTH_set_supported_auth_types(PTInstVar pvar, int types) |
478 |
{ |
479 |
char buf[1024]; |
480 |
|
481 |
_snprintf(buf, sizeof(buf), |
482 |
"Server reports supported authentication method mask = %d", |
483 |
types); |
484 |
buf[sizeof(buf) - 1] = 0; |
485 |
notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE); |
486 |
|
487 |
if (SSHv1(pvar)) { |
488 |
types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA) |
489 |
| (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS) |
490 |
| (1 << SSH_AUTH_TIS); |
491 |
} else { |
492 |
// for SSH2(yutaka) |
493 |
types &= (1 << SSH_AUTH_PASSWORD); |
494 |
// types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA) |
495 |
// | (1 << SSH_AUTH_DSA); |
496 |
} |
497 |
pvar->auth_state.supported_types = types; |
498 |
|
499 |
if (types == 0) { |
500 |
notify_fatal_error(pvar, |
501 |
"Server does not support any of the authentication options\n" |
502 |
"provided by TTSSH. This connection will now close."); |
503 |
return 0; |
504 |
} else { |
505 |
if (pvar->auth_state.auth_dialog != NULL) { |
506 |
update_server_supported_types(pvar, |
507 |
pvar->auth_state.auth_dialog); |
508 |
} |
509 |
|
510 |
return 1; |
511 |
} |
512 |
} |
513 |
|
514 |
static void start_user_auth(PTInstVar pvar) |
515 |
{ |
516 |
// �F���_�C�A���O���\�������� (2004.12.1 yutaka) |
517 |
PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH, |
518 |
(LPARAM) NULL); |
519 |
pvar->auth_state.cur_cred.method = SSH_AUTH_NONE; |
520 |
} |
521 |
|
522 |
static void try_default_auth(PTInstVar pvar) |
523 |
{ |
524 |
if (pvar->session_settings.TryDefaultAuth) { |
525 |
switch (pvar->session_settings.DefaultAuthMethod) { |
526 |
case SSH_AUTH_RSA:{ |
527 |
BOOL invalid_passphrase; |
528 |
char password[] = ""; |
529 |
|
530 |
pvar->auth_state.cur_cred.key_pair |
531 |
= |
532 |
KEYFILES_read_private_key(pvar, |
533 |
pvar->session_settings. |
534 |
DefaultRSAPrivateKeyFile, |
535 |
password, |
536 |
&invalid_passphrase, TRUE); |
537 |
if (pvar->auth_state.cur_cred.key_pair == NULL) { |
538 |
return; |
539 |
} else { |
540 |
pvar->auth_state.cur_cred.method = SSH_AUTH_RSA; |
541 |
} |
542 |
break; |
543 |
} |
544 |
|
545 |
case SSH_AUTH_RHOSTS: |
546 |
if (pvar->session_settings. |
547 |
DefaultRhostsHostPrivateKeyFile[0] != 0) { |
548 |
BOOL invalid_passphrase; |
549 |
char password[] = ""; |
550 |
|
551 |
pvar->auth_state.cur_cred.key_pair |
552 |
= |
553 |
KEYFILES_read_private_key(pvar, |
554 |
pvar->session_settings. |
555 |
DefaultRhostsHostPrivateKeyFile, |
556 |
password, |
557 |
&invalid_passphrase, TRUE); |
558 |
if (pvar->auth_state.cur_cred.key_pair == NULL) { |
559 |
return; |
560 |
} else { |
561 |
pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA; |
562 |
} |
563 |
} else { |
564 |
pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS; |
565 |
} |
566 |
|
567 |
pvar->auth_state.cur_cred.rhosts_client_user = |
568 |
_strdup(pvar->session_settings.DefaultRhostsLocalUserName); |
569 |
break; |
570 |
|
571 |
case SSH_AUTH_PASSWORD: |
572 |
pvar->auth_state.cur_cred.password = _strdup(""); |
573 |
pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD; |
574 |
break; |
575 |
|
576 |
case SSH_AUTH_TIS: |
577 |
default: |
578 |
return; |
579 |
} |
580 |
|
581 |
pvar->auth_state.user = |
582 |
_strdup(pvar->session_settings.DefaultUserName); |
583 |
} |
584 |
} |
585 |
|
586 |
void AUTH_notify_end_error(PTInstVar pvar) |
587 |
{ |
588 |
if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) { |
589 |
start_user_auth(pvar); |
590 |
pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END; |
591 |
} |
592 |
} |
593 |
|
594 |
void AUTH_advance_to_next_cred(PTInstVar pvar) |
595 |
{ |
596 |
pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method; |
597 |
|
598 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) { |
599 |
try_default_auth(pvar); |
600 |
|
601 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) { |
602 |
if (pvar->err_msg != NULL) { |
603 |
pvar->auth_state.flags |= |
604 |
AUTH_START_USER_AUTH_ON_ERROR_END; |
605 |
} else { |
606 |
// �������F���_�C�A���O���o�������� (2004.12.1 yutaka) |
607 |
// �R�}���h���C���w������������ |
608 |
start_user_auth(pvar); |
609 |
} |
610 |
} |
611 |
} else { |
612 |
// �������F���_�C�A���O���o�������� (2004.12.1 yutaka) |
613 |
// �R�}���h���C���w������(/auth=xxxx)������ |
614 |
start_user_auth(pvar); |
615 |
} |
616 |
} |
617 |
|
618 |
static void init_TIS_dlg(PTInstVar pvar, HWND dlg) |
619 |
{ |
620 |
init_auth_machine_banner(pvar, dlg); |
621 |
init_password_control(dlg); |
622 |
|
623 |
if (pvar->auth_state.TIS_prompt != NULL) { |
624 |
if (strlen(pvar->auth_state.TIS_prompt) > 10000) { |
625 |
pvar->auth_state.TIS_prompt[10000] = 0; |
626 |
} |
627 |
SetDlgItemText(dlg, IDC_SSHAUTHBANNER2, |
628 |
pvar->auth_state.TIS_prompt); |
629 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
630 |
} |
631 |
} |
632 |
|
633 |
static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg) |
634 |
{ |
635 |
char FAR *password = |
636 |
alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD)); |
637 |
|
638 |
pvar->auth_state.cur_cred.method = SSH_AUTH_TIS; |
639 |
pvar->auth_state.cur_cred.password = password; |
640 |
pvar->auth_state.auth_dialog = NULL; |
641 |
|
642 |
SSH_notify_cred(pvar); |
643 |
|
644 |
EndDialog(dlg, 1); |
645 |
return TRUE; |
646 |
} |
647 |
|
648 |
static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam, |
649 |
LPARAM lParam) |
650 |
{ |
651 |
PTInstVar pvar; |
652 |
|
653 |
switch (msg) { |
654 |
case WM_INITDIALOG: |
655 |
pvar = (PTInstVar) lParam; |
656 |
pvar->auth_state.auth_dialog = dlg; |
657 |
SetWindowLong(dlg, DWL_USER, lParam); |
658 |
|
659 |
init_TIS_dlg(pvar, dlg); |
660 |
return FALSE; /* because we set the focus */ |
661 |
|
662 |
case WM_COMMAND: |
663 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
664 |
|
665 |
switch (LOWORD(wParam)) { |
666 |
case IDOK: |
667 |
return end_TIS_dlg(pvar, dlg); |
668 |
|
669 |
case IDCANCEL: /* kill the connection */ |
670 |
pvar->auth_state.auth_dialog = NULL; |
671 |
notify_closed_connection(pvar); |
672 |
EndDialog(dlg, 0); |
673 |
return TRUE; |
674 |
|
675 |
default: |
676 |
return FALSE; |
677 |
} |
678 |
|
679 |
default: |
680 |
return FALSE; |
681 |
} |
682 |
} |
683 |
|
684 |
void AUTH_do_cred_dialog(PTInstVar pvar) |
685 |
{ |
686 |
if (pvar->auth_state.auth_dialog == NULL) { |
687 |
HWND cur_active = GetActiveWindow(); |
688 |
DLGPROC dlg_proc; |
689 |
LPCTSTR dialog_template; |
690 |
|
691 |
switch (pvar->auth_state.mode) { |
692 |
case TIS_AUTH_MODE: |
693 |
dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH); |
694 |
dlg_proc = TIS_dlg_proc; |
695 |
break; |
696 |
case GENERIC_AUTH_MODE: |
697 |
default: |
698 |
dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH); |
699 |
dlg_proc = auth_dlg_proc; |
700 |
} |
701 |
|
702 |
if (!DialogBoxParam(hInst, dialog_template, |
703 |
cur_active != |
704 |
NULL ? cur_active : pvar->NotificationWindow, |
705 |
dlg_proc, (LPARAM) pvar) == -1) { |
706 |
notify_fatal_error(pvar, |
707 |
"Unable to display authentication dialog box.\n" |
708 |
"Connection terminated."); |
709 |
} |
710 |
} |
711 |
} |
712 |
|
713 |
static void init_default_auth_dlg(PTInstVar pvar, HWND dlg) |
714 |
{ |
715 |
switch (pvar->settings.DefaultAuthMethod) { |
716 |
case SSH_AUTH_RSA: |
717 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
718 |
IDC_SSHUSERSA); |
719 |
break; |
720 |
case SSH_AUTH_RHOSTS: |
721 |
case SSH_AUTH_RHOSTS_RSA: |
722 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
723 |
IDC_SSHUSERHOSTS); |
724 |
break; |
725 |
case SSH_AUTH_TIS: |
726 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
727 |
IDC_SSHUSETIS); |
728 |
break; |
729 |
case SSH_AUTH_PASSWORD: |
730 |
default: |
731 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
732 |
IDC_SSHUSEPASSWORD); |
733 |
} |
734 |
|
735 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName); |
736 |
SetDlgItemText(dlg, IDC_RSAFILENAME, |
737 |
pvar->settings.DefaultRSAPrivateKeyFile); |
738 |
SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
739 |
pvar->settings.DefaultRhostsHostPrivateKeyFile); |
740 |
SetDlgItemText(dlg, IDC_LOCALUSERNAME, |
741 |
pvar->settings.DefaultRhostsLocalUserName); |
742 |
} |
743 |
|
744 |
static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg) |
745 |
{ |
746 |
if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) { |
747 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA; |
748 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) { |
749 |
if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) { |
750 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA; |
751 |
} else { |
752 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS; |
753 |
} |
754 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) { |
755 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS; |
756 |
} else { |
757 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD; |
758 |
} |
759 |
|
760 |
GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName, |
761 |
sizeof(pvar->settings.DefaultUserName)); |
762 |
GetDlgItemText(dlg, IDC_RSAFILENAME, |
763 |
pvar->settings.DefaultRSAPrivateKeyFile, |
764 |
sizeof(pvar->settings.DefaultRSAPrivateKeyFile)); |
765 |
GetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
766 |
pvar->settings.DefaultRhostsHostPrivateKeyFile, |
767 |
sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile)); |
768 |
GetDlgItemText(dlg, IDC_LOCALUSERNAME, |
769 |
pvar->settings.DefaultRhostsLocalUserName, |
770 |
sizeof(pvar->settings.DefaultRhostsLocalUserName)); |
771 |
|
772 |
EndDialog(dlg, 1); |
773 |
return TRUE; |
774 |
} |
775 |
|
776 |
static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg, |
777 |
WPARAM wParam, LPARAM lParam) |
778 |
{ |
779 |
PTInstVar pvar; |
780 |
|
781 |
switch (msg) { |
782 |
case WM_INITDIALOG: |
783 |
pvar = (PTInstVar) lParam; |
784 |
SetWindowLong(dlg, DWL_USER, lParam); |
785 |
|
786 |
init_default_auth_dlg(pvar, dlg); |
787 |
return TRUE; /* because we do not set the focus */ |
788 |
|
789 |
case WM_COMMAND: |
790 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
791 |
|
792 |
switch (LOWORD(wParam)) { |
793 |
case IDOK: |
794 |
return end_default_auth_dlg(pvar, dlg); |
795 |
|
796 |
case IDCANCEL: |
797 |
EndDialog(dlg, 0); |
798 |
return TRUE; |
799 |
|
800 |
case IDC_CHOOSERSAFILE: |
801 |
choose_RSA_key_file(dlg); |
802 |
return TRUE; |
803 |
|
804 |
case IDC_CHOOSEHOSTRSAFILE: |
805 |
choose_host_RSA_key_file(dlg); |
806 |
return TRUE; |
807 |
|
808 |
default: |
809 |
return FALSE; |
810 |
} |
811 |
|
812 |
default: |
813 |
return FALSE; |
814 |
} |
815 |
} |
816 |
|
817 |
void AUTH_init(PTInstVar pvar) |
818 |
{ |
819 |
pvar->auth_state.failed_method = SSH_AUTH_NONE; |
820 |
pvar->auth_state.auth_dialog = NULL; |
821 |
pvar->auth_state.user = NULL; |
822 |
pvar->auth_state.flags = 0; |
823 |
pvar->auth_state.TIS_prompt = NULL; |
824 |
pvar->auth_state.supported_types = 0; |
825 |
pvar->auth_state.cur_cred.method = SSH_AUTH_NONE; |
826 |
pvar->auth_state.cur_cred.password = NULL; |
827 |
pvar->auth_state.cur_cred.rhosts_client_user = NULL; |
828 |
pvar->auth_state.cur_cred.key_pair = NULL; |
829 |
AUTH_set_generic_mode(pvar); |
830 |
} |
831 |
|
832 |
void AUTH_set_generic_mode(PTInstVar pvar) |
833 |
{ |
834 |
pvar->auth_state.mode = GENERIC_AUTH_MODE; |
835 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
836 |
} |
837 |
|
838 |
void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len) |
839 |
{ |
840 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) { |
841 |
pvar->auth_state.mode = TIS_AUTH_MODE; |
842 |
|
843 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
844 |
pvar->auth_state.TIS_prompt = malloc(len + 1); |
845 |
memcpy(pvar->auth_state.TIS_prompt, prompt, len); |
846 |
pvar->auth_state.TIS_prompt[len] = 0; |
847 |
} else { |
848 |
AUTH_set_generic_mode(pvar); |
849 |
} |
850 |
} |
851 |
|
852 |
void AUTH_do_default_cred_dialog(PTInstVar pvar) |
853 |
{ |
854 |
HWND cur_active = GetActiveWindow(); |
855 |
|
856 |
if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP), |
857 |
cur_active != |
858 |
NULL ? cur_active : pvar->NotificationWindow, |
859 |
default_auth_dlg_proc, (LPARAM) pvar) == -1) { |
860 |
notify_nonfatal_error(pvar, |
861 |
"Unable to display authentication setup dialog box."); |
862 |
} |
863 |
} |
864 |
|
865 |
void AUTH_destroy_cur_cred(PTInstVar pvar) |
866 |
{ |
867 |
destroy_malloced_string(&pvar->auth_state.cur_cred.password); |
868 |
destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user); |
869 |
if (pvar->auth_state.cur_cred.key_pair != NULL) { |
870 |
CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair); |
871 |
pvar->auth_state.cur_cred.key_pair = NULL; |
872 |
} |
873 |
} |
874 |
|
875 |
static char FAR *get_auth_method_name(SSHAuthMethod auth) |
876 |
{ |
877 |
switch (auth) { |
878 |
case SSH_AUTH_PASSWORD: |
879 |
return "password"; |
880 |
case SSH_AUTH_RSA: |
881 |
return "RSA"; |
882 |
case SSH_AUTH_RHOSTS: |
883 |
return "rhosts"; |
884 |
case SSH_AUTH_RHOSTS_RSA: |
885 |
return "rhosts with RSA"; |
886 |
case SSH_AUTH_TIS: |
887 |
return "challenge/response (TIS)"; |
888 |
default: |
889 |
return "unknown method"; |
890 |
} |
891 |
} |
892 |
|
893 |
void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len) |
894 |
{ |
895 |
if (pvar->auth_state.user == NULL) { |
896 |
strncpy(dest, "None", len); |
897 |
} else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) { |
898 |
_snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, |
899 |
get_auth_method_name(pvar->auth_state.cur_cred.method)); |
900 |
} else { |
901 |
_snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, |
902 |
get_auth_method_name(pvar->auth_state.failed_method)); |
903 |
} |
904 |
|
905 |
dest[len - 1] = 0; |
906 |
} |
907 |
|
908 |
void AUTH_notify_disconnecting(PTInstVar pvar) |
909 |
{ |
910 |
if (pvar->auth_state.auth_dialog != NULL) { |
911 |
PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0); |
912 |
/* the main window might not go away if it's not enabled. (see vtwin.cpp) */ |
913 |
EnableWindow(pvar->NotificationWindow, TRUE); |
914 |
} |
915 |
} |
916 |
|
917 |
void AUTH_end(PTInstVar pvar) |
918 |
{ |
919 |
destroy_malloced_string(&pvar->auth_state.user); |
920 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
921 |
|
922 |
AUTH_destroy_cur_cred(pvar); |
923 |
} |
924 |
|
925 |
/* |
926 |
* $Log: not supported by cvs2svn $ |
927 |
* Revision 1.2 2004/12/01 15:37:49 yutakakn |
928 |
* SSH2�������O�C���@�\�������B |
929 |
* �����A�p�X���[�h�F�������������B |
930 |
* �E�R�}���h���C�� |
931 |
* /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h |
932 |
* |
933 |
*/ |