1 |
/* |
2 |
Copyright (c) 1998-2001, Robert O'Callahan |
3 |
All rights reserved. |
4 |
|
5 |
Redistribution and use in source and binary forms, with or without modification, |
6 |
are permitted provided that the following conditions are met: |
7 |
|
8 |
Redistributions of source code must retain the above copyright notice, this list of |
9 |
conditions and the following disclaimer. |
10 |
|
11 |
Redistributions in binary form must reproduce the above copyright notice, this list |
12 |
of conditions and the following disclaimer in the documentation and/or other materials |
13 |
provided with the distribution. |
14 |
|
15 |
The name of Robert O'Callahan may not be used to endorse or promote products derived from |
16 |
this software without specific prior written permission. |
17 |
|
18 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND |
19 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 |
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL |
21 |
THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, |
22 |
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
23 |
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
24 |
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
25 |
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
26 |
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
27 |
*/ |
28 |
|
29 |
#include "ttxssh.h" |
30 |
#include "util.h" |
31 |
|
32 |
#include <io.h> |
33 |
#include <fcntl.h> |
34 |
#include <stdlib.h> |
35 |
#include <errno.h> |
36 |
|
37 |
#include "resource.h" |
38 |
#include "keyfiles.h" |
39 |
|
40 |
#define AUTH_START_USER_AUTH_ON_ERROR_END 1 |
41 |
|
42 |
#define MAX_AUTH_CONTROL IDC_SSHUSETIS |
43 |
|
44 |
static void destroy_malloced_string(char FAR * FAR * str) |
45 |
{ |
46 |
if (*str != NULL) { |
47 |
memset(*str, 0, strlen(*str)); |
48 |
free(*str); |
49 |
*str = NULL; |
50 |
} |
51 |
} |
52 |
|
53 |
static int auth_types_to_control_IDs[] = { |
54 |
-1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD, |
55 |
IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1 |
56 |
}; |
57 |
|
58 |
static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg, |
59 |
WPARAM wParam, LPARAM lParam) |
60 |
{ |
61 |
switch (msg) { |
62 |
case WM_CHAR: |
63 |
if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) { |
64 |
char chars[] = { (char) wParam, 0 }; |
65 |
|
66 |
SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE, |
67 |
(LPARAM) (char FAR *) chars); |
68 |
return 0; |
69 |
} |
70 |
} |
71 |
|
72 |
return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA), |
73 |
control, msg, wParam, lParam); |
74 |
} |
75 |
|
76 |
static void init_password_control(HWND dlg) |
77 |
{ |
78 |
HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD); |
79 |
|
80 |
SetWindowLong(passwordControl, GWL_USERDATA, |
81 |
SetWindowLong(passwordControl, GWL_WNDPROC, |
82 |
(LONG) password_wnd_proc)); |
83 |
|
84 |
SetFocus(passwordControl); |
85 |
} |
86 |
|
87 |
static void set_auth_options_status(HWND dlg, int controlID) |
88 |
{ |
89 |
BOOL RSA_enabled = controlID == IDC_SSHUSERSA; |
90 |
BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS; |
91 |
BOOL TIS_enabled = controlID == IDC_SSHUSETIS; |
92 |
int i; |
93 |
|
94 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID); |
95 |
|
96 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled); |
97 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled); |
98 |
|
99 |
for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) { |
100 |
EnableWindow(GetDlgItem(dlg, i), RSA_enabled); |
101 |
} |
102 |
|
103 |
for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) { |
104 |
EnableWindow(GetDlgItem(dlg, i), rhosts_enabled); |
105 |
} |
106 |
} |
107 |
|
108 |
static void init_auth_machine_banner(PTInstVar pvar, HWND dlg) |
109 |
{ |
110 |
char buf[1024] = "Logging in to "; |
111 |
|
112 |
if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) { |
113 |
strcat(buf, SSH_get_host_name(pvar)); |
114 |
} |
115 |
SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf); |
116 |
} |
117 |
|
118 |
static void update_server_supported_types(PTInstVar pvar, HWND dlg) |
119 |
{ |
120 |
int supported_methods = pvar->auth_state.supported_types; |
121 |
int cur_control = -1; |
122 |
int control; |
123 |
HWND focus = GetFocus(); |
124 |
|
125 |
if (supported_methods == 0) { |
126 |
return; |
127 |
} |
128 |
|
129 |
for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL; |
130 |
control++) { |
131 |
BOOL enabled = FALSE; |
132 |
int method; |
133 |
HWND item = GetDlgItem(dlg, control); |
134 |
|
135 |
if (item != NULL) { |
136 |
for (method = 0; method <= SSH_AUTH_MAX; method++) { |
137 |
if (auth_types_to_control_IDs[method] == control |
138 |
&& (supported_methods & (1 << method)) != 0) { |
139 |
enabled = TRUE; |
140 |
} |
141 |
} |
142 |
|
143 |
EnableWindow(item, enabled); |
144 |
|
145 |
if (IsDlgButtonChecked(dlg, control)) { |
146 |
cur_control = control; |
147 |
} |
148 |
} |
149 |
} |
150 |
|
151 |
if (cur_control >= 0) { |
152 |
if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) { |
153 |
do { |
154 |
cur_control++; |
155 |
if (cur_control > MAX_AUTH_CONTROL) { |
156 |
cur_control = IDC_SSHUSEPASSWORD; |
157 |
} |
158 |
} while (!IsWindowEnabled(GetDlgItem(dlg, cur_control))); |
159 |
|
160 |
set_auth_options_status(dlg, cur_control); |
161 |
|
162 |
if (focus != NULL && !IsWindowEnabled(focus)) { |
163 |
SetFocus(GetDlgItem(dlg, cur_control)); |
164 |
} |
165 |
} |
166 |
} |
167 |
} |
168 |
|
169 |
static void init_auth_dlg(PTInstVar pvar, HWND dlg) |
170 |
{ |
171 |
int default_method = pvar->session_settings.DefaultAuthMethod; |
172 |
|
173 |
init_auth_machine_banner(pvar, dlg); |
174 |
init_password_control(dlg); |
175 |
|
176 |
if (pvar->auth_state.failed_method != SSH_AUTH_NONE) { |
177 |
/* must be retrying a failed attempt */ |
178 |
SetDlgItemText(dlg, IDC_SSHAUTHBANNER2, |
179 |
"Authentication failed. Please retry."); |
180 |
SetWindowText(dlg, "Retrying SSH Authentication"); |
181 |
default_method = pvar->auth_state.failed_method; |
182 |
} |
183 |
|
184 |
set_auth_options_status(dlg, |
185 |
auth_types_to_control_IDs[default_method]); |
186 |
|
187 |
if (default_method == SSH_AUTH_TIS) { |
188 |
/* we disabled the password control, so fix the focus */ |
189 |
SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS)); |
190 |
} |
191 |
|
192 |
if (pvar->auth_state.user != NULL) { |
193 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user); |
194 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE); |
195 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE); |
196 |
} else if (pvar->session_settings.DefaultUserName[0] != 0) { |
197 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, |
198 |
pvar->session_settings.DefaultUserName); |
199 |
} else { |
200 |
SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME)); |
201 |
} |
202 |
|
203 |
SetDlgItemText(dlg, IDC_RSAFILENAME, |
204 |
pvar->session_settings.DefaultRSAPrivateKeyFile); |
205 |
SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
206 |
pvar->session_settings.DefaultRhostsHostPrivateKeyFile); |
207 |
SetDlgItemText(dlg, IDC_LOCALUSERNAME, |
208 |
pvar->session_settings.DefaultRhostsLocalUserName); |
209 |
|
210 |
update_server_supported_types(pvar, dlg); |
211 |
|
212 |
// SSH2 autologin (2004.12.1 yutaka) |
213 |
// ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B |
214 |
if (pvar->ssh2_autologin == 1) { |
215 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username); |
216 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE); |
217 |
EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE); |
218 |
|
219 |
SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password); |
220 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE); |
221 |
EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE); |
222 |
|
223 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) { |
224 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD); |
225 |
} else { |
226 |
// TODO |
227 |
|
228 |
} |
229 |
} |
230 |
|
231 |
} |
232 |
|
233 |
static char FAR *alloc_control_text(HWND ctl) |
234 |
{ |
235 |
int len = GetWindowTextLength(ctl); |
236 |
char FAR *result = malloc(len + 1); |
237 |
|
238 |
if (result != NULL) { |
239 |
GetWindowText(ctl, result, len + 1); |
240 |
result[len] = 0; |
241 |
} |
242 |
|
243 |
return result; |
244 |
} |
245 |
|
246 |
static int get_key_file_name(HWND parent, char FAR * buf, int bufsize) |
247 |
{ |
248 |
#ifdef TERATERM32 |
249 |
OPENFILENAME params; |
250 |
char fullname_buf[2048] = "identity"; |
251 |
|
252 |
ZeroMemory(¶ms, sizeof(params)); |
253 |
params.lStructSize = sizeof(OPENFILENAME); |
254 |
params.hwndOwner = parent; |
255 |
// �t�B���^������ (2004.12.19 yutaka) |
256 |
params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0"; |
257 |
params.lpstrCustomFilter = NULL; |
258 |
params.nFilterIndex = 0; |
259 |
buf[0] = 0; |
260 |
params.lpstrFile = fullname_buf; |
261 |
params.nMaxFile = sizeof(fullname_buf); |
262 |
params.lpstrFileTitle = NULL; |
263 |
params.lpstrInitialDir = NULL; |
264 |
params.lpstrTitle = "Choose a file with the RSA private key"; |
265 |
params.Flags = |
266 |
OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY; |
267 |
params.lpstrDefExt = NULL; |
268 |
|
269 |
if (GetOpenFileName(¶ms) != 0) { |
270 |
copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf); |
271 |
return 1; |
272 |
} else { |
273 |
return 0; |
274 |
} |
275 |
#else |
276 |
return 0; |
277 |
#endif |
278 |
} |
279 |
|
280 |
static void choose_RSA_key_file(HWND dlg) |
281 |
{ |
282 |
char buf[1024]; |
283 |
|
284 |
if (get_key_file_name(dlg, buf, sizeof(buf))) { |
285 |
SetDlgItemText(dlg, IDC_RSAFILENAME, buf); |
286 |
} |
287 |
} |
288 |
|
289 |
static void choose_host_RSA_key_file(HWND dlg) |
290 |
{ |
291 |
char buf[1024]; |
292 |
|
293 |
if (get_key_file_name(dlg, buf, sizeof(buf))) { |
294 |
SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf); |
295 |
} |
296 |
} |
297 |
|
298 |
static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg) |
299 |
{ |
300 |
int method = SSH_AUTH_PASSWORD; |
301 |
char FAR *password = |
302 |
alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD)); |
303 |
CRYPTKeyPair FAR *key_pair = NULL; |
304 |
|
305 |
if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) { |
306 |
method = SSH_AUTH_RSA; |
307 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) { |
308 |
if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) { |
309 |
method = SSH_AUTH_RHOSTS_RSA; |
310 |
} else { |
311 |
method = SSH_AUTH_RHOSTS; |
312 |
} |
313 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) { |
314 |
method = SSH_AUTH_TIS; |
315 |
} |
316 |
|
317 |
if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) { |
318 |
char buf[2048]; |
319 |
int file_ctl_ID = |
320 |
method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME; |
321 |
|
322 |
buf[0] = 0; |
323 |
GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf)); |
324 |
if (buf[0] == 0) { |
325 |
notify_nonfatal_error(pvar, |
326 |
"You must specify a file containing the RSA/DSA private key."); |
327 |
SetFocus(GetDlgItem(dlg, file_ctl_ID)); |
328 |
destroy_malloced_string(&password); |
329 |
return FALSE; |
330 |
} |
331 |
|
332 |
if (SSHv1(pvar)) { |
333 |
BOOL invalid_passphrase = FALSE; |
334 |
|
335 |
key_pair = KEYFILES_read_private_key(pvar, buf, password, |
336 |
&invalid_passphrase, |
337 |
FALSE); |
338 |
|
339 |
if (key_pair == NULL) { |
340 |
if (invalid_passphrase) { |
341 |
HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD); |
342 |
|
343 |
SetFocus(passwordCtl); |
344 |
SendMessage(passwordCtl, EM_SETSEL, 0, -1); |
345 |
} else { |
346 |
SetFocus(GetDlgItem(dlg, file_ctl_ID)); |
347 |
} |
348 |
destroy_malloced_string(&password); |
349 |
return FALSE; |
350 |
} |
351 |
|
352 |
} else { // SSH2(yutaka) |
353 |
BOOL invalid_passphrase = FALSE; |
354 |
|
355 |
key_pair = read_SSH2_private_key(pvar, buf, password, |
356 |
&invalid_passphrase, |
357 |
FALSE); |
358 |
|
359 |
if (key_pair == NULL) { // read error |
360 |
notify_nonfatal_error(pvar, "read error SSH2 private key file"); |
361 |
destroy_malloced_string(&password); |
362 |
return FALSE; |
363 |
} |
364 |
|
365 |
} |
366 |
|
367 |
} |
368 |
|
369 |
/* from here on, we cannot fail, so just munge cur_cred in place */ |
370 |
pvar->auth_state.cur_cred.method = method; |
371 |
pvar->auth_state.cur_cred.key_pair = key_pair; |
372 |
/* we can't change the user name once it's set. It may already have |
373 |
been sent to the server, and it can only be sent once. */ |
374 |
if (pvar->auth_state.user == NULL) { |
375 |
pvar->auth_state.user = |
376 |
alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME)); |
377 |
} |
378 |
if (method == SSH_AUTH_PASSWORD) { |
379 |
pvar->auth_state.cur_cred.password = password; |
380 |
} else { |
381 |
destroy_malloced_string(&password); |
382 |
} |
383 |
if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) { |
384 |
if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) { |
385 |
notify_nonfatal_error(pvar, |
386 |
"Rhosts authentication will probably fail because it was not " |
387 |
"the default authentication method.\n" |
388 |
"To use Rhosts authentication " |
389 |
"in TTSSH, you need to set it to be the default by restarting\n" |
390 |
"TTSSH and selecting \"SSH Authentication...\" from the Setup menu" |
391 |
"before connecting."); |
392 |
} |
393 |
|
394 |
pvar->auth_state.cur_cred.rhosts_client_user = |
395 |
alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME)); |
396 |
} |
397 |
pvar->auth_state.auth_dialog = NULL; |
398 |
|
399 |
GetDlgItemText(dlg, IDC_RSAFILENAME, |
400 |
pvar->session_settings.DefaultRSAPrivateKeyFile, |
401 |
sizeof(pvar->session_settings. |
402 |
DefaultRSAPrivateKeyFile)); |
403 |
GetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
404 |
pvar->session_settings.DefaultRhostsHostPrivateKeyFile, |
405 |
sizeof(pvar->session_settings. |
406 |
DefaultRhostsHostPrivateKeyFile)); |
407 |
GetDlgItemText(dlg, IDC_LOCALUSERNAME, |
408 |
pvar->session_settings.DefaultRhostsLocalUserName, |
409 |
sizeof(pvar->session_settings. |
410 |
DefaultRhostsLocalUserName)); |
411 |
|
412 |
if (SSHv1(pvar)) { |
413 |
SSH_notify_user_name(pvar); |
414 |
SSH_notify_cred(pvar); |
415 |
} else { |
416 |
// for SSH2(yutaka) |
417 |
do_SSH2_userauth(pvar); |
418 |
} |
419 |
|
420 |
EndDialog(dlg, 1); |
421 |
return TRUE; |
422 |
} |
423 |
|
424 |
static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam, |
425 |
LPARAM lParam) |
426 |
{ |
427 |
const int IDC_TIMER1 = 300; |
428 |
const int autologin_timeout = 10; // �~���b |
429 |
PTInstVar pvar; |
430 |
|
431 |
switch (msg) { |
432 |
case WM_INITDIALOG: |
433 |
pvar = (PTInstVar) lParam; |
434 |
pvar->auth_state.auth_dialog = dlg; |
435 |
SetWindowLong(dlg, DWL_USER, lParam); |
436 |
|
437 |
init_auth_dlg(pvar, dlg); |
438 |
|
439 |
// SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka) |
440 |
if (pvar->ssh2_autologin == 1) { |
441 |
SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0); |
442 |
} |
443 |
return FALSE; /* because we set the focus */ |
444 |
|
445 |
case WM_TIMER: |
446 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
447 |
// �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka) |
448 |
if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) { |
449 |
KillTimer(dlg, IDC_TIMER1); |
450 |
SendMessage(dlg, WM_COMMAND, IDOK, 0); |
451 |
} |
452 |
return TRUE; |
453 |
|
454 |
case WM_COMMAND: |
455 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
456 |
|
457 |
switch (LOWORD(wParam)) { |
458 |
case IDOK: |
459 |
return end_auth_dlg(pvar, dlg); |
460 |
|
461 |
case IDCANCEL: /* kill the connection */ |
462 |
pvar->auth_state.auth_dialog = NULL; |
463 |
notify_closed_connection(pvar); |
464 |
EndDialog(dlg, 0); |
465 |
return TRUE; |
466 |
|
467 |
case IDC_SSHUSEPASSWORD: |
468 |
case IDC_SSHUSERSA: |
469 |
case IDC_SSHUSERHOSTS: |
470 |
case IDC_SSHUSETIS: |
471 |
set_auth_options_status(dlg, LOWORD(wParam)); |
472 |
return TRUE; |
473 |
|
474 |
case IDC_CHOOSERSAFILE: |
475 |
choose_RSA_key_file(dlg); |
476 |
return TRUE; |
477 |
|
478 |
case IDC_CHOOSEHOSTRSAFILE: |
479 |
choose_host_RSA_key_file(dlg); |
480 |
return TRUE; |
481 |
|
482 |
default: |
483 |
return FALSE; |
484 |
} |
485 |
|
486 |
default: |
487 |
return FALSE; |
488 |
} |
489 |
} |
490 |
|
491 |
char FAR *AUTH_get_user_name(PTInstVar pvar) |
492 |
{ |
493 |
return pvar->auth_state.user; |
494 |
} |
495 |
|
496 |
int AUTH_set_supported_auth_types(PTInstVar pvar, int types) |
497 |
{ |
498 |
char buf[1024]; |
499 |
|
500 |
_snprintf(buf, sizeof(buf), |
501 |
"Server reports supported authentication method mask = %d", |
502 |
types); |
503 |
buf[sizeof(buf) - 1] = 0; |
504 |
notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE); |
505 |
|
506 |
if (SSHv1(pvar)) { |
507 |
types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA) |
508 |
| (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS) |
509 |
| (1 << SSH_AUTH_TIS); |
510 |
} else { |
511 |
// for SSH2(yutaka) |
512 |
// types &= (1 << SSH_AUTH_PASSWORD); |
513 |
// ���J���F�����L�������� (2004.12.18 yutaka) |
514 |
types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA) |
515 |
| (1 << SSH_AUTH_DSA); |
516 |
} |
517 |
pvar->auth_state.supported_types = types; |
518 |
|
519 |
if (types == 0) { |
520 |
notify_fatal_error(pvar, |
521 |
"Server does not support any of the authentication options\n" |
522 |
"provided by TTSSH. This connection will now close."); |
523 |
return 0; |
524 |
} else { |
525 |
if (pvar->auth_state.auth_dialog != NULL) { |
526 |
update_server_supported_types(pvar, |
527 |
pvar->auth_state.auth_dialog); |
528 |
} |
529 |
|
530 |
return 1; |
531 |
} |
532 |
} |
533 |
|
534 |
static void start_user_auth(PTInstVar pvar) |
535 |
{ |
536 |
// �F���_�C�A���O���\�������� (2004.12.1 yutaka) |
537 |
PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH, |
538 |
(LPARAM) NULL); |
539 |
pvar->auth_state.cur_cred.method = SSH_AUTH_NONE; |
540 |
} |
541 |
|
542 |
static void try_default_auth(PTInstVar pvar) |
543 |
{ |
544 |
if (pvar->session_settings.TryDefaultAuth) { |
545 |
switch (pvar->session_settings.DefaultAuthMethod) { |
546 |
case SSH_AUTH_RSA:{ |
547 |
BOOL invalid_passphrase; |
548 |
char password[] = ""; |
549 |
|
550 |
pvar->auth_state.cur_cred.key_pair |
551 |
= |
552 |
KEYFILES_read_private_key(pvar, |
553 |
pvar->session_settings. |
554 |
DefaultRSAPrivateKeyFile, |
555 |
password, |
556 |
&invalid_passphrase, TRUE); |
557 |
if (pvar->auth_state.cur_cred.key_pair == NULL) { |
558 |
return; |
559 |
} else { |
560 |
pvar->auth_state.cur_cred.method = SSH_AUTH_RSA; |
561 |
} |
562 |
break; |
563 |
} |
564 |
|
565 |
case SSH_AUTH_RHOSTS: |
566 |
if (pvar->session_settings. |
567 |
DefaultRhostsHostPrivateKeyFile[0] != 0) { |
568 |
BOOL invalid_passphrase; |
569 |
char password[] = ""; |
570 |
|
571 |
pvar->auth_state.cur_cred.key_pair |
572 |
= |
573 |
KEYFILES_read_private_key(pvar, |
574 |
pvar->session_settings. |
575 |
DefaultRhostsHostPrivateKeyFile, |
576 |
password, |
577 |
&invalid_passphrase, TRUE); |
578 |
if (pvar->auth_state.cur_cred.key_pair == NULL) { |
579 |
return; |
580 |
} else { |
581 |
pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA; |
582 |
} |
583 |
} else { |
584 |
pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS; |
585 |
} |
586 |
|
587 |
pvar->auth_state.cur_cred.rhosts_client_user = |
588 |
_strdup(pvar->session_settings.DefaultRhostsLocalUserName); |
589 |
break; |
590 |
|
591 |
case SSH_AUTH_PASSWORD: |
592 |
pvar->auth_state.cur_cred.password = _strdup(""); |
593 |
pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD; |
594 |
break; |
595 |
|
596 |
case SSH_AUTH_TIS: |
597 |
default: |
598 |
return; |
599 |
} |
600 |
|
601 |
pvar->auth_state.user = |
602 |
_strdup(pvar->session_settings.DefaultUserName); |
603 |
} |
604 |
} |
605 |
|
606 |
void AUTH_notify_end_error(PTInstVar pvar) |
607 |
{ |
608 |
if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) { |
609 |
start_user_auth(pvar); |
610 |
pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END; |
611 |
} |
612 |
} |
613 |
|
614 |
void AUTH_advance_to_next_cred(PTInstVar pvar) |
615 |
{ |
616 |
pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method; |
617 |
|
618 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) { |
619 |
try_default_auth(pvar); |
620 |
|
621 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) { |
622 |
if (pvar->err_msg != NULL) { |
623 |
pvar->auth_state.flags |= |
624 |
AUTH_START_USER_AUTH_ON_ERROR_END; |
625 |
} else { |
626 |
// �������F���_�C�A���O���o�������� (2004.12.1 yutaka) |
627 |
// �R�}���h���C���w������������ |
628 |
start_user_auth(pvar); |
629 |
} |
630 |
} |
631 |
} else { |
632 |
// �������F���_�C�A���O���o�������� (2004.12.1 yutaka) |
633 |
// �R�}���h���C���w������(/auth=xxxx)������ |
634 |
start_user_auth(pvar); |
635 |
} |
636 |
} |
637 |
|
638 |
static void init_TIS_dlg(PTInstVar pvar, HWND dlg) |
639 |
{ |
640 |
init_auth_machine_banner(pvar, dlg); |
641 |
init_password_control(dlg); |
642 |
|
643 |
if (pvar->auth_state.TIS_prompt != NULL) { |
644 |
if (strlen(pvar->auth_state.TIS_prompt) > 10000) { |
645 |
pvar->auth_state.TIS_prompt[10000] = 0; |
646 |
} |
647 |
SetDlgItemText(dlg, IDC_SSHAUTHBANNER2, |
648 |
pvar->auth_state.TIS_prompt); |
649 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
650 |
} |
651 |
} |
652 |
|
653 |
static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg) |
654 |
{ |
655 |
char FAR *password = |
656 |
alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD)); |
657 |
|
658 |
pvar->auth_state.cur_cred.method = SSH_AUTH_TIS; |
659 |
pvar->auth_state.cur_cred.password = password; |
660 |
pvar->auth_state.auth_dialog = NULL; |
661 |
|
662 |
SSH_notify_cred(pvar); |
663 |
|
664 |
EndDialog(dlg, 1); |
665 |
return TRUE; |
666 |
} |
667 |
|
668 |
static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam, |
669 |
LPARAM lParam) |
670 |
{ |
671 |
PTInstVar pvar; |
672 |
|
673 |
switch (msg) { |
674 |
case WM_INITDIALOG: |
675 |
pvar = (PTInstVar) lParam; |
676 |
pvar->auth_state.auth_dialog = dlg; |
677 |
SetWindowLong(dlg, DWL_USER, lParam); |
678 |
|
679 |
init_TIS_dlg(pvar, dlg); |
680 |
return FALSE; /* because we set the focus */ |
681 |
|
682 |
case WM_COMMAND: |
683 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
684 |
|
685 |
switch (LOWORD(wParam)) { |
686 |
case IDOK: |
687 |
return end_TIS_dlg(pvar, dlg); |
688 |
|
689 |
case IDCANCEL: /* kill the connection */ |
690 |
pvar->auth_state.auth_dialog = NULL; |
691 |
notify_closed_connection(pvar); |
692 |
EndDialog(dlg, 0); |
693 |
return TRUE; |
694 |
|
695 |
default: |
696 |
return FALSE; |
697 |
} |
698 |
|
699 |
default: |
700 |
return FALSE; |
701 |
} |
702 |
} |
703 |
|
704 |
void AUTH_do_cred_dialog(PTInstVar pvar) |
705 |
{ |
706 |
if (pvar->auth_state.auth_dialog == NULL) { |
707 |
HWND cur_active = GetActiveWindow(); |
708 |
DLGPROC dlg_proc; |
709 |
LPCTSTR dialog_template; |
710 |
|
711 |
switch (pvar->auth_state.mode) { |
712 |
case TIS_AUTH_MODE: |
713 |
dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH); |
714 |
dlg_proc = TIS_dlg_proc; |
715 |
break; |
716 |
case GENERIC_AUTH_MODE: |
717 |
default: |
718 |
dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH); |
719 |
dlg_proc = auth_dlg_proc; |
720 |
} |
721 |
|
722 |
if (!DialogBoxParam(hInst, dialog_template, |
723 |
cur_active != |
724 |
NULL ? cur_active : pvar->NotificationWindow, |
725 |
dlg_proc, (LPARAM) pvar) == -1) { |
726 |
notify_fatal_error(pvar, |
727 |
"Unable to display authentication dialog box.\n" |
728 |
"Connection terminated."); |
729 |
} |
730 |
} |
731 |
} |
732 |
|
733 |
static void init_default_auth_dlg(PTInstVar pvar, HWND dlg) |
734 |
{ |
735 |
switch (pvar->settings.DefaultAuthMethod) { |
736 |
case SSH_AUTH_RSA: |
737 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
738 |
IDC_SSHUSERSA); |
739 |
break; |
740 |
case SSH_AUTH_RHOSTS: |
741 |
case SSH_AUTH_RHOSTS_RSA: |
742 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
743 |
IDC_SSHUSERHOSTS); |
744 |
break; |
745 |
case SSH_AUTH_TIS: |
746 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
747 |
IDC_SSHUSETIS); |
748 |
break; |
749 |
case SSH_AUTH_PASSWORD: |
750 |
default: |
751 |
CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, |
752 |
IDC_SSHUSEPASSWORD); |
753 |
} |
754 |
|
755 |
SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName); |
756 |
SetDlgItemText(dlg, IDC_RSAFILENAME, |
757 |
pvar->settings.DefaultRSAPrivateKeyFile); |
758 |
SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
759 |
pvar->settings.DefaultRhostsHostPrivateKeyFile); |
760 |
SetDlgItemText(dlg, IDC_LOCALUSERNAME, |
761 |
pvar->settings.DefaultRhostsLocalUserName); |
762 |
} |
763 |
|
764 |
static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg) |
765 |
{ |
766 |
if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) { |
767 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA; |
768 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) { |
769 |
if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) { |
770 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA; |
771 |
} else { |
772 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS; |
773 |
} |
774 |
} else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) { |
775 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS; |
776 |
} else { |
777 |
pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD; |
778 |
} |
779 |
|
780 |
GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName, |
781 |
sizeof(pvar->settings.DefaultUserName)); |
782 |
GetDlgItemText(dlg, IDC_RSAFILENAME, |
783 |
pvar->settings.DefaultRSAPrivateKeyFile, |
784 |
sizeof(pvar->settings.DefaultRSAPrivateKeyFile)); |
785 |
GetDlgItemText(dlg, IDC_HOSTRSAFILENAME, |
786 |
pvar->settings.DefaultRhostsHostPrivateKeyFile, |
787 |
sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile)); |
788 |
GetDlgItemText(dlg, IDC_LOCALUSERNAME, |
789 |
pvar->settings.DefaultRhostsLocalUserName, |
790 |
sizeof(pvar->settings.DefaultRhostsLocalUserName)); |
791 |
|
792 |
EndDialog(dlg, 1); |
793 |
return TRUE; |
794 |
} |
795 |
|
796 |
static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg, |
797 |
WPARAM wParam, LPARAM lParam) |
798 |
{ |
799 |
PTInstVar pvar; |
800 |
|
801 |
switch (msg) { |
802 |
case WM_INITDIALOG: |
803 |
pvar = (PTInstVar) lParam; |
804 |
SetWindowLong(dlg, DWL_USER, lParam); |
805 |
|
806 |
init_default_auth_dlg(pvar, dlg); |
807 |
return TRUE; /* because we do not set the focus */ |
808 |
|
809 |
case WM_COMMAND: |
810 |
pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER); |
811 |
|
812 |
switch (LOWORD(wParam)) { |
813 |
case IDOK: |
814 |
return end_default_auth_dlg(pvar, dlg); |
815 |
|
816 |
case IDCANCEL: |
817 |
EndDialog(dlg, 0); |
818 |
return TRUE; |
819 |
|
820 |
case IDC_CHOOSERSAFILE: |
821 |
choose_RSA_key_file(dlg); |
822 |
return TRUE; |
823 |
|
824 |
case IDC_CHOOSEHOSTRSAFILE: |
825 |
choose_host_RSA_key_file(dlg); |
826 |
return TRUE; |
827 |
|
828 |
default: |
829 |
return FALSE; |
830 |
} |
831 |
|
832 |
default: |
833 |
return FALSE; |
834 |
} |
835 |
} |
836 |
|
837 |
void AUTH_init(PTInstVar pvar) |
838 |
{ |
839 |
pvar->auth_state.failed_method = SSH_AUTH_NONE; |
840 |
pvar->auth_state.auth_dialog = NULL; |
841 |
pvar->auth_state.user = NULL; |
842 |
pvar->auth_state.flags = 0; |
843 |
pvar->auth_state.TIS_prompt = NULL; |
844 |
pvar->auth_state.supported_types = 0; |
845 |
pvar->auth_state.cur_cred.method = SSH_AUTH_NONE; |
846 |
pvar->auth_state.cur_cred.password = NULL; |
847 |
pvar->auth_state.cur_cred.rhosts_client_user = NULL; |
848 |
pvar->auth_state.cur_cred.key_pair = NULL; |
849 |
AUTH_set_generic_mode(pvar); |
850 |
} |
851 |
|
852 |
void AUTH_set_generic_mode(PTInstVar pvar) |
853 |
{ |
854 |
pvar->auth_state.mode = GENERIC_AUTH_MODE; |
855 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
856 |
} |
857 |
|
858 |
void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len) |
859 |
{ |
860 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) { |
861 |
pvar->auth_state.mode = TIS_AUTH_MODE; |
862 |
|
863 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
864 |
pvar->auth_state.TIS_prompt = malloc(len + 1); |
865 |
memcpy(pvar->auth_state.TIS_prompt, prompt, len); |
866 |
pvar->auth_state.TIS_prompt[len] = 0; |
867 |
} else { |
868 |
AUTH_set_generic_mode(pvar); |
869 |
} |
870 |
} |
871 |
|
872 |
void AUTH_do_default_cred_dialog(PTInstVar pvar) |
873 |
{ |
874 |
HWND cur_active = GetActiveWindow(); |
875 |
|
876 |
if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP), |
877 |
cur_active != |
878 |
NULL ? cur_active : pvar->NotificationWindow, |
879 |
default_auth_dlg_proc, (LPARAM) pvar) == -1) { |
880 |
notify_nonfatal_error(pvar, |
881 |
"Unable to display authentication setup dialog box."); |
882 |
} |
883 |
} |
884 |
|
885 |
void AUTH_destroy_cur_cred(PTInstVar pvar) |
886 |
{ |
887 |
destroy_malloced_string(&pvar->auth_state.cur_cred.password); |
888 |
destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user); |
889 |
if (pvar->auth_state.cur_cred.key_pair != NULL) { |
890 |
CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair); |
891 |
pvar->auth_state.cur_cred.key_pair = NULL; |
892 |
} |
893 |
} |
894 |
|
895 |
static char FAR *get_auth_method_name(SSHAuthMethod auth) |
896 |
{ |
897 |
switch (auth) { |
898 |
case SSH_AUTH_PASSWORD: |
899 |
return "password"; |
900 |
case SSH_AUTH_RSA: |
901 |
return "RSA"; |
902 |
case SSH_AUTH_RHOSTS: |
903 |
return "rhosts"; |
904 |
case SSH_AUTH_RHOSTS_RSA: |
905 |
return "rhosts with RSA"; |
906 |
case SSH_AUTH_TIS: |
907 |
return "challenge/response (TIS)"; |
908 |
default: |
909 |
return "unknown method"; |
910 |
} |
911 |
} |
912 |
|
913 |
void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len) |
914 |
{ |
915 |
if (pvar->auth_state.user == NULL) { |
916 |
strncpy(dest, "None", len); |
917 |
} else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) { |
918 |
if (SSHv1(pvar)) { |
919 |
_snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, |
920 |
get_auth_method_name(pvar->auth_state.cur_cred.method)); |
921 |
|
922 |
} else { // SSH2:�F�����\�b�h������ (2004.12.23 yutaka) |
923 |
if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) { |
924 |
_snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, |
925 |
get_auth_method_name(pvar->auth_state.cur_cred.method)); |
926 |
} else { |
927 |
char *method = "unknown"; |
928 |
if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) { |
929 |
method = "RSA"; |
930 |
} else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) { |
931 |
method = "DSA"; |
932 |
} |
933 |
_snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method); |
934 |
} |
935 |
|
936 |
} |
937 |
|
938 |
} else { |
939 |
_snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, |
940 |
get_auth_method_name(pvar->auth_state.failed_method)); |
941 |
} |
942 |
|
943 |
dest[len - 1] = 0; |
944 |
} |
945 |
|
946 |
void AUTH_notify_disconnecting(PTInstVar pvar) |
947 |
{ |
948 |
if (pvar->auth_state.auth_dialog != NULL) { |
949 |
PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0); |
950 |
/* the main window might not go away if it's not enabled. (see vtwin.cpp) */ |
951 |
EnableWindow(pvar->NotificationWindow, TRUE); |
952 |
} |
953 |
} |
954 |
|
955 |
void AUTH_end(PTInstVar pvar) |
956 |
{ |
957 |
destroy_malloced_string(&pvar->auth_state.user); |
958 |
destroy_malloced_string(&pvar->auth_state.TIS_prompt); |
959 |
|
960 |
AUTH_destroy_cur_cred(pvar); |
961 |
} |
962 |
|
963 |
/* |
964 |
* $Log: not supported by cvs2svn $ |
965 |
* Revision 1.3 2004/12/16 13:01:09 yutakakn |
966 |
* SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B |
967 |
* |
968 |
* Revision 1.2 2004/12/01 15:37:49 yutakakn |
969 |
* SSH2�������O�C���@�\�������B |
970 |
* �����A�p�X���[�h�F�������������B |
971 |
* �E�R�}���h���C�� |
972 |
* /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h |
973 |
* |
974 |
*/ |