Open-Source-Software-Entwicklung und Downloads

Tera Term

Browse Subversion Repository

/[ttssh2]/trunk/ttssh2/ttxssh/auth.c

Contents of /trunk/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2908 - (show annotations) (download) (as text)
Mon Sep 18 05:08:04 2006 UTC (17 years, 8 months ago) by maya
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 32967 byte(s) 
コマンドラインパラメータ '/ask4passwd' を追加した。
1 /*
2 Copyright (c) 1998-2001, Robert O'Callahan
3 All rights reserved.
4
5 Redistribution and use in source and binary forms, with or without modification,
6 are permitted provided that the following conditions are met:
7
8 Redistributions of source code must retain the above copyright notice, this list of
9 conditions and the following disclaimer.
10
11 Redistributions in binary form must reproduce the above copyright notice, this list
12 of conditions and the following disclaimer in the documentation and/or other materials
13 provided with the distribution.
14
15 The name of Robert O'Callahan may not be used to endorse or promote products derived from
16 this software without specific prior written permission.
17
18 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21 THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include "ttxssh.h"
30 #include "util.h"
31 #include "ssh.h"
32
33 #include <io.h>
34 #include <fcntl.h>
35 #include <stdlib.h>
36 #include <errno.h>
37
38 #include "resource.h"
39 #include "keyfiles.h"
40
41 #define AUTH_START_USER_AUTH_ON_ERROR_END 1
42
43 #define MAX_AUTH_CONTROL IDC_SSHUSETIS
44
45 void destroy_malloced_string(char FAR * FAR * str)
46 {
47 if (*str != NULL) {
48 memset(*str, 0, strlen(*str));
49 free(*str);
50 *str = NULL;
51 }
52 }
53
54 static int auth_types_to_control_IDs[] = {
55 -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
56 IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
57 };
58
59 static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
60 WPARAM wParam, LPARAM lParam)
61 {
62 switch (msg) {
63 case WM_CHAR:
64 if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
65 char chars[] = { (char) wParam, 0 };
66
67 SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
68 (LPARAM) (char FAR *) chars);
69 return 0;
70 }
71 }
72
73 return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
74 control, msg, wParam, lParam);
75 }
76
77 static void init_password_control(HWND dlg)
78 {
79 HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
80
81 SetWindowLong(passwordControl, GWL_USERDATA,
82 SetWindowLong(passwordControl, GWL_WNDPROC,
83 (LONG) password_wnd_proc));
84
85 SetFocus(passwordControl);
86 }
87
88 static void set_auth_options_status(HWND dlg, int controlID)
89 {
90 BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
91 BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
92 BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
93 int i;
94
95 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
96
97 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
98 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
99
100 for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
101 EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
102 }
103
104 for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
105 EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
106 }
107 }
108
109 static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
110 {
111 char buf[1024] = "Logging in to ";
112
113 if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
114 strcat(buf, SSH_get_host_name(pvar));
115 }
116 SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
117 }
118
119 static void update_server_supported_types(PTInstVar pvar, HWND dlg)
120 {
121 int supported_methods = pvar->auth_state.supported_types;
122 int cur_control = -1;
123 int control;
124 HWND focus = GetFocus();
125
126 if (supported_methods == 0) {
127 return;
128 }
129
130 for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
131 control++) {
132 BOOL enabled = FALSE;
133 int method;
134 HWND item = GetDlgItem(dlg, control);
135
136 if (item != NULL) {
137 for (method = 0; method <= SSH_AUTH_MAX; method++) {
138 if (auth_types_to_control_IDs[method] == control
139 && (supported_methods & (1 << method)) != 0) {
140 enabled = TRUE;
141 }
142 }
143
144 EnableWindow(item, enabled);
145
146 if (IsDlgButtonChecked(dlg, control)) {
147 cur_control = control;
148 }
149 }
150 }
151
152 if (cur_control >= 0) {
153 if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
154 do {
155 cur_control++;
156 if (cur_control > MAX_AUTH_CONTROL) {
157 cur_control = IDC_SSHUSEPASSWORD;
158 }
159 } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
160
161 set_auth_options_status(dlg, cur_control);
162
163 if (focus != NULL && !IsWindowEnabled(focus)) {
164 SetFocus(GetDlgItem(dlg, cur_control));
165 }
166 }
167 }
168 }
169
170 static void init_auth_dlg(PTInstVar pvar, HWND dlg)
171 {
172 int default_method = pvar->session_settings.DefaultAuthMethod;
173
174 init_auth_machine_banner(pvar, dlg);
175 init_password_control(dlg);
176
177 if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
178 /* must be retrying a failed attempt */
179 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
180 "Authentication failed. Please retry.");
181 SetWindowText(dlg, "Retrying SSH Authentication");
182 default_method = pvar->auth_state.failed_method;
183 }
184
185 set_auth_options_status(dlg,
186 auth_types_to_control_IDs[default_method]);
187
188 if (default_method == SSH_AUTH_TIS) {
189 /* we disabled the password control, so fix the focus */
190 SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
191 }
192
193 if (pvar->auth_state.user != NULL) {
194 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
195 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
196 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
197 } else if (pvar->session_settings.DefaultUserName[0] != 0) {
198 SetDlgItemText(dlg, IDC_SSHUSERNAME,
199 pvar->session_settings.DefaultUserName);
200 } else {
201 SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
202 }
203
204 SetDlgItemText(dlg, IDC_RSAFILENAME,
205 pvar->session_settings.DefaultRSAPrivateKeyFile);
206 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
207 pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
208 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
209 pvar->session_settings.DefaultRhostsLocalUserName);
210
211 update_server_supported_types(pvar, dlg);
212
213 // SSH2 autologin
214 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
215 //
216 // (2004.12.1 yutaka)
217 // (2005.1.26 yutaka) ���J���F���T�|�[�g
218 // �������O�C���������������A�������������������X���\ (2006.9.18 maya)
219 #if 0
220 if (pvar->ssh2_autologin == 1) {
221 #endif
222 if (strlen(pvar->ssh2_username) > 0) {
223 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
224 }
225 if (pvar->ssh2_autologin == 1) {
226 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
227 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
228 }
229
230 SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
231 if (pvar->ssh2_autologin == 1) {
232 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
233 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
234 }
235
236 // '/I' �w�������������������������� (2005.9.5 yutaka)
237 if (pvar->ts->Minimize) {
238 //20050822���� start T.Takahashi
239 ShowWindow(dlg,SW_MINIMIZE);
240 //20050822���� end T.Takahashi
241 }
242
243 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
244 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
245
246 } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
247 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
248
249 SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
250 if (pvar->ssh2_autologin == 1) {
251 EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
252 EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
253 }
254
255 } else {
256 // TODO
257
258 }
259 #if 0
260 }
261 #endif
262
263 #if 1
264 // �p�X���[�h�F���������O���Akeyboard-interactive���\�b�h�������������A���x������
265 // ���X�����B(2005.3.12 yutaka)
266 if (pvar->settings.ssh2_keyboard_interactive == 1) {
267 SetDlgItemText(dlg, IDC_SSHUSEPASSWORD, "Use p&lain password to log in (with keyboard-interactive)");
268 }
269
270 if (pvar->settings.ssh_protocol_version == 1) {
271 SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&TIS)");
272 } else {
273 SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&keyboard-interactive)");
274 }
275 #endif
276
277 // �p�X���[�h���o���������`�F�b�N�{�b�N�X�����f�t�H���g���L�������� (2006.8.3 yutaka)
278 if (pvar->ts_SSH->remember_password) {
279 SendMessage(GetDlgItem(dlg, IDC_REMEMBER_PASSWORD), BM_SETCHECK, BST_CHECKED, 0);
280 } else {
281 SendMessage(GetDlgItem(dlg, IDC_REMEMBER_PASSWORD), BM_SETCHECK, BST_UNCHECKED, 0);
282 }
283
284 }
285
286 static char FAR *alloc_control_text(HWND ctl)
287 {
288 int len = GetWindowTextLength(ctl);
289 char FAR *result = malloc(len + 1);
290
291 if (result != NULL) {
292 GetWindowText(ctl, result, len + 1);
293 result[len] = 0;
294 }
295
296 return result;
297 }
298
299 static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
300 {
301 #ifdef TERATERM32
302 OPENFILENAME params;
303 char fullname_buf[2048] = "identity";
304
305 ZeroMemory(&params, sizeof(params));
306 params.lStructSize = sizeof(OPENFILENAME);
307 params.hwndOwner = parent;
308 // �t�B���^������ (2004.12.19 yutaka)
309 // 3�t�@�C���t�B���^������ (2005.4.26 yutaka)
310 params.lpstrFilter = "identity files\0identity;id_rsa;id_dsa\0identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
311 params.lpstrCustomFilter = NULL;
312 params.nFilterIndex = 0;
313 buf[0] = 0;
314 params.lpstrFile = fullname_buf;
315 params.nMaxFile = sizeof(fullname_buf);
316 params.lpstrFileTitle = NULL;
317 params.lpstrInitialDir = NULL;
318 params.lpstrTitle = "Choose a file with the RSA/DSA private key";
319 params.Flags =
320 OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
321 params.lpstrDefExt = NULL;
322
323 if (GetOpenFileName(&params) != 0) {
324 copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
325 return 1;
326 } else {
327 return 0;
328 }
329 #else
330 return 0;
331 #endif
332 }
333
334 static void choose_RSA_key_file(HWND dlg)
335 {
336 char buf[1024];
337
338 if (get_key_file_name(dlg, buf, sizeof(buf))) {
339 SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
340 }
341 }
342
343 static void choose_host_RSA_key_file(HWND dlg)
344 {
345 char buf[1024];
346
347 if (get_key_file_name(dlg, buf, sizeof(buf))) {
348 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
349 }
350 }
351
352 static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
353 {
354 int method = SSH_AUTH_PASSWORD;
355 char FAR *password =
356 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
357 CRYPTKeyPair FAR *key_pair = NULL;
358
359 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
360 method = SSH_AUTH_RSA;
361 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
362 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
363 method = SSH_AUTH_RHOSTS_RSA;
364 } else {
365 method = SSH_AUTH_RHOSTS;
366 }
367 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
368 method = SSH_AUTH_TIS;
369 }
370
371 if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
372 char buf[2048];
373 int file_ctl_ID =
374 method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
375
376 buf[0] = 0;
377 GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
378 if (buf[0] == 0) {
379 notify_nonfatal_error(pvar,
380 "You must specify a file containing the RSA/DSA private key.");
381 SetFocus(GetDlgItem(dlg, file_ctl_ID));
382 destroy_malloced_string(&password);
383 return FALSE;
384 }
385
386 if (SSHv1(pvar)) {
387 BOOL invalid_passphrase = FALSE;
388
389 key_pair = KEYFILES_read_private_key(pvar, buf, password,
390 &invalid_passphrase,
391 FALSE);
392
393 if (key_pair == NULL) {
394 if (invalid_passphrase) {
395 HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
396
397 SetFocus(passwordCtl);
398 SendMessage(passwordCtl, EM_SETSEL, 0, -1);
399 } else {
400 SetFocus(GetDlgItem(dlg, file_ctl_ID));
401 }
402 destroy_malloced_string(&password);
403 return FALSE;
404 }
405
406 } else { // SSH2(yutaka)
407 BOOL invalid_passphrase = FALSE;
408 char errmsg[256];
409
410 memset(errmsg, 0, sizeof(errmsg));
411 //GetCurrentDirectory(sizeof(errmsg), errmsg);
412
413 key_pair = read_SSH2_private_key(pvar, buf, password,
414 &invalid_passphrase,
415 FALSE,
416 errmsg,
417 sizeof(errmsg)
418 );
419
420 if (key_pair == NULL) { // read error
421 char buf[1024];
422 _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
423 notify_nonfatal_error(pvar, buf);
424 destroy_malloced_string(&password);
425 return FALSE;
426 }
427
428 }
429
430 }
431
432 /* from here on, we cannot fail, so just munge cur_cred in place */
433 pvar->auth_state.cur_cred.method = method;
434 pvar->auth_state.cur_cred.key_pair = key_pair;
435 /* we can't change the user name once it's set. It may already have
436 been sent to the server, and it can only be sent once. */
437 if (pvar->auth_state.user == NULL) {
438 pvar->auth_state.user =
439 alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
440 }
441
442 // �p�X���[�h���������������������������� (2006.8.3 yutaka)
443 if (SendMessage(GetDlgItem(dlg, IDC_REMEMBER_PASSWORD), BM_GETCHECK, 0,0) == BST_CHECKED) {
444 pvar->settings.remember_password = 1; // �o��������
445 pvar->ts_SSH->remember_password = 1;
446 } else {
447 pvar->settings.remember_password = 0; // ���������������Y����
448 pvar->ts_SSH->remember_password = 0;
449 }
450
451 // ���J���F���������A�Z�b�V�������������p�X���[�h���g�����������������������������������B
452 // (2005.4.8 yutaka)
453 if (method == SSH_AUTH_PASSWORD || method == SSH_AUTH_RSA) {
454 pvar->auth_state.cur_cred.password = password;
455 } else {
456 destroy_malloced_string(&password);
457 }
458 if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
459 if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
460 notify_nonfatal_error(pvar,
461 "Rhosts authentication will probably fail because it was not "
462 "the default authentication method.\n"
463 "To use Rhosts authentication "
464 "in TTSSH, you need to set it to be the default by restarting\n"
465 "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
466 "before connecting.");
467 }
468
469 pvar->auth_state.cur_cred.rhosts_client_user =
470 alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
471 }
472 pvar->auth_state.auth_dialog = NULL;
473
474 GetDlgItemText(dlg, IDC_RSAFILENAME,
475 pvar->session_settings.DefaultRSAPrivateKeyFile,
476 sizeof(pvar->session_settings.
477 DefaultRSAPrivateKeyFile));
478 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
479 pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
480 sizeof(pvar->session_settings.
481 DefaultRhostsHostPrivateKeyFile));
482 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
483 pvar->session_settings.DefaultRhostsLocalUserName,
484 sizeof(pvar->session_settings.
485 DefaultRhostsLocalUserName));
486
487 if (SSHv1(pvar)) {
488 SSH_notify_user_name(pvar);
489 SSH_notify_cred(pvar);
490 } else {
491 // for SSH2(yutaka)
492 do_SSH2_userauth(pvar);
493 }
494
495 EndDialog(dlg, 1);
496 return TRUE;
497 }
498
499 static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
500 LPARAM lParam)
501 {
502 const int IDC_TIMER1 = 300;
503 const int autologin_timeout = 10; // �~���b
504 PTInstVar pvar;
505
506 switch (msg) {
507 case WM_INITDIALOG:
508 pvar = (PTInstVar) lParam;
509 pvar->auth_state.auth_dialog = dlg;
510 SetWindowLong(dlg, DWL_USER, lParam);
511
512 init_auth_dlg(pvar, dlg);
513
514 // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
515 if (pvar->ssh2_autologin == 1) {
516 SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
517 }
518 return FALSE; /* because we set the focus */
519
520 case WM_TIMER:
521 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
522 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
523 if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
524 KillTimer(dlg, IDC_TIMER1);
525 SendMessage(dlg, WM_COMMAND, IDOK, 0);
526 }
527 return TRUE;
528
529 case WM_COMMAND:
530 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
531
532 switch (LOWORD(wParam)) {
533 case IDOK:
534 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
535 if (pvar->userauth_retry_count == 0 && (pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
536 return FALSE;
537 }
538 return end_auth_dlg(pvar, dlg);
539
540 case IDCANCEL: /* kill the connection */
541 pvar->auth_state.auth_dialog = NULL;
542 notify_closed_connection(pvar);
543 EndDialog(dlg, 0);
544 return TRUE;
545
546 case IDC_SSHUSEPASSWORD:
547 case IDC_SSHUSERSA:
548 case IDC_SSHUSERHOSTS:
549 case IDC_SSHUSETIS:
550 set_auth_options_status(dlg, LOWORD(wParam));
551 return TRUE;
552
553 case IDC_CHOOSERSAFILE:
554 choose_RSA_key_file(dlg);
555 return TRUE;
556
557 case IDC_CHOOSEHOSTRSAFILE:
558 choose_host_RSA_key_file(dlg);
559 return TRUE;
560
561 default:
562 return FALSE;
563 }
564
565 default:
566 return FALSE;
567 }
568 }
569
570 char FAR *AUTH_get_user_name(PTInstVar pvar)
571 {
572 return pvar->auth_state.user;
573 }
574
575 int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
576 {
577 char buf[1024];
578
579 _snprintf(buf, sizeof(buf),
580 "Server reports supported authentication method mask = %d",
581 types);
582 buf[sizeof(buf) - 1] = 0;
583 notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
584
585 if (SSHv1(pvar)) {
586 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
587 | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
588 | (1 << SSH_AUTH_TIS);
589 } else {
590 // for SSH2(yutaka)
591 // types &= (1 << SSH_AUTH_PASSWORD);
592 // ���J���F�����L�������� (2004.12.18 yutaka)
593 // TIS�������BSSH2����keyboard-interactive�����������B(2005.3.12 yutaka)
594 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
595 | (1 << SSH_AUTH_DSA)
596 | (1 << SSH_AUTH_TIS);
597 }
598 pvar->auth_state.supported_types = types;
599
600 if (types == 0) {
601 notify_fatal_error(pvar,
602 "Server does not support any of the authentication options\n"
603 "provided by TTSSH. This connection will now close.");
604 return 0;
605 } else {
606 if (pvar->auth_state.auth_dialog != NULL) {
607 update_server_supported_types(pvar,
608 pvar->auth_state.auth_dialog);
609 }
610
611 return 1;
612 }
613 }
614
615 static void start_user_auth(PTInstVar pvar)
616 {
617 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
618 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
619 (LPARAM) NULL);
620 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
621 }
622
623 static void try_default_auth(PTInstVar pvar)
624 {
625 if (pvar->session_settings.TryDefaultAuth) {
626 switch (pvar->session_settings.DefaultAuthMethod) {
627 case SSH_AUTH_RSA:{
628 BOOL invalid_passphrase;
629 char password[] = "";
630
631 pvar->auth_state.cur_cred.key_pair
632 =
633 KEYFILES_read_private_key(pvar,
634 pvar->session_settings.
635 DefaultRSAPrivateKeyFile,
636 password,
637 &invalid_passphrase, TRUE);
638 if (pvar->auth_state.cur_cred.key_pair == NULL) {
639 return;
640 } else {
641 pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
642 }
643 break;
644 }
645
646 case SSH_AUTH_RHOSTS:
647 if (pvar->session_settings.
648 DefaultRhostsHostPrivateKeyFile[0] != 0) {
649 BOOL invalid_passphrase;
650 char password[] = "";
651
652 pvar->auth_state.cur_cred.key_pair
653 =
654 KEYFILES_read_private_key(pvar,
655 pvar->session_settings.
656 DefaultRhostsHostPrivateKeyFile,
657 password,
658 &invalid_passphrase, TRUE);
659 if (pvar->auth_state.cur_cred.key_pair == NULL) {
660 return;
661 } else {
662 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
663 }
664 } else {
665 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
666 }
667
668 pvar->auth_state.cur_cred.rhosts_client_user =
669 _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
670 break;
671
672 case SSH_AUTH_PASSWORD:
673 pvar->auth_state.cur_cred.password = _strdup("");
674 pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
675 break;
676
677 case SSH_AUTH_TIS:
678 default:
679 return;
680 }
681
682 pvar->auth_state.user =
683 _strdup(pvar->session_settings.DefaultUserName);
684 }
685 }
686
687 void AUTH_notify_end_error(PTInstVar pvar)
688 {
689 if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
690 start_user_auth(pvar);
691 pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
692 }
693 }
694
695 void AUTH_advance_to_next_cred(PTInstVar pvar)
696 {
697 pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
698
699 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
700 try_default_auth(pvar);
701
702 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
703 if (pvar->err_msg != NULL) {
704 pvar->auth_state.flags |=
705 AUTH_START_USER_AUTH_ON_ERROR_END;
706 } else {
707 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
708 // �R�}���h���C���w������������
709 start_user_auth(pvar);
710 }
711 }
712 } else {
713 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
714 // �R�}���h���C���w������(/auth=xxxx)������
715 start_user_auth(pvar);
716 }
717 }
718
719 static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
720 {
721 init_auth_machine_banner(pvar, dlg);
722 init_password_control(dlg);
723
724 if (pvar->auth_state.TIS_prompt != NULL) {
725 if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
726 pvar->auth_state.TIS_prompt[10000] = 0;
727 }
728 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
729 pvar->auth_state.TIS_prompt);
730 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
731 }
732 }
733
734 static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
735 {
736 char FAR *password =
737 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
738
739 pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
740 pvar->auth_state.cur_cred.password = password;
741 pvar->auth_state.auth_dialog = NULL;
742
743 // add
744 if (SSHv2(pvar)) {
745 pvar->keyboard_interactive_password_input = 1;
746 handle_SSH2_userauth_inforeq(pvar);
747 }
748
749 SSH_notify_cred(pvar);
750
751 EndDialog(dlg, 1);
752 return TRUE;
753 }
754
755 static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
756 LPARAM lParam)
757 {
758 PTInstVar pvar;
759
760 switch (msg) {
761 case WM_INITDIALOG:
762 pvar = (PTInstVar) lParam;
763 pvar->auth_state.auth_dialog = dlg;
764 SetWindowLong(dlg, DWL_USER, lParam);
765
766 init_TIS_dlg(pvar, dlg);
767 return FALSE; /* because we set the focus */
768
769 case WM_COMMAND:
770 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
771
772 switch (LOWORD(wParam)) {
773 case IDOK:
774 return end_TIS_dlg(pvar, dlg);
775
776 case IDCANCEL: /* kill the connection */
777 pvar->auth_state.auth_dialog = NULL;
778 notify_closed_connection(pvar);
779 EndDialog(dlg, 0);
780 return TRUE;
781
782 default:
783 return FALSE;
784 }
785
786 default:
787 return FALSE;
788 }
789 }
790
791 void AUTH_do_cred_dialog(PTInstVar pvar)
792 {
793 if (pvar->auth_state.auth_dialog == NULL) {
794 HWND cur_active = GetActiveWindow();
795 DLGPROC dlg_proc;
796 LPCTSTR dialog_template;
797
798 switch (pvar->auth_state.mode) {
799 case TIS_AUTH_MODE:
800 dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
801 dlg_proc = TIS_dlg_proc;
802 break;
803 case GENERIC_AUTH_MODE:
804 default:
805 dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
806 dlg_proc = auth_dlg_proc;
807 }
808
809 if (!DialogBoxParam(hInst, dialog_template,
810 cur_active !=
811 NULL ? cur_active : pvar->NotificationWindow,
812 dlg_proc, (LPARAM) pvar) == -1) {
813 notify_fatal_error(pvar,
814 "Unable to display authentication dialog box.\n"
815 "Connection terminated.");
816 }
817 }
818 }
819
820 static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
821 {
822 switch (pvar->settings.DefaultAuthMethod) {
823 case SSH_AUTH_RSA:
824 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
825 IDC_SSHUSERSA);
826 break;
827 case SSH_AUTH_RHOSTS:
828 case SSH_AUTH_RHOSTS_RSA:
829 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
830 IDC_SSHUSERHOSTS);
831 break;
832 case SSH_AUTH_TIS:
833 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
834 IDC_SSHUSETIS);
835 break;
836 case SSH_AUTH_PASSWORD:
837 default:
838 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
839 IDC_SSHUSEPASSWORD);
840 }
841
842 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
843 SetDlgItemText(dlg, IDC_RSAFILENAME,
844 pvar->settings.DefaultRSAPrivateKeyFile);
845 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
846 pvar->settings.DefaultRhostsHostPrivateKeyFile);
847 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
848 pvar->settings.DefaultRhostsLocalUserName);
849
850 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
851 if (pvar->settings.ssh2_keyboard_interactive) {
852 SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
853 }
854
855 }
856
857 static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
858 {
859 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
860 pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
861 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
862 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
863 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
864 } else {
865 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
866 }
867 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
868 pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
869 } else {
870 pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
871 }
872
873 GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
874 sizeof(pvar->settings.DefaultUserName));
875 GetDlgItemText(dlg, IDC_RSAFILENAME,
876 pvar->settings.DefaultRSAPrivateKeyFile,
877 sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
878 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
879 pvar->settings.DefaultRhostsHostPrivateKeyFile,
880 sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
881 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
882 pvar->settings.DefaultRhostsLocalUserName,
883 sizeof(pvar->settings.DefaultRhostsLocalUserName));
884
885 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
886 {
887 LRESULT ret;
888 ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
889 if (ret & BST_CHECKED) {
890 pvar->settings.ssh2_keyboard_interactive = 1;
891 } else {
892 pvar->settings.ssh2_keyboard_interactive = 0;
893 }
894 }
895
896 EndDialog(dlg, 1);
897 return TRUE;
898 }
899
900 static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
901 WPARAM wParam, LPARAM lParam)
902 {
903 PTInstVar pvar;
904
905 switch (msg) {
906 case WM_INITDIALOG:
907 pvar = (PTInstVar) lParam;
908 SetWindowLong(dlg, DWL_USER, lParam);
909
910 init_default_auth_dlg(pvar, dlg);
911 return TRUE; /* because we do not set the focus */
912
913 case WM_COMMAND:
914 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
915
916 switch (LOWORD(wParam)) {
917 case IDOK:
918 return end_default_auth_dlg(pvar, dlg);
919
920 case IDCANCEL:
921 EndDialog(dlg, 0);
922 return TRUE;
923
924 case IDC_CHOOSERSAFILE:
925 choose_RSA_key_file(dlg);
926 return TRUE;
927
928 case IDC_CHOOSEHOSTRSAFILE:
929 choose_host_RSA_key_file(dlg);
930 return TRUE;
931
932 default:
933 return FALSE;
934 }
935
936 default:
937 return FALSE;
938 }
939 }
940
941 void AUTH_init(PTInstVar pvar)
942 {
943 pvar->auth_state.failed_method = SSH_AUTH_NONE;
944 pvar->auth_state.auth_dialog = NULL;
945 pvar->auth_state.user = NULL;
946 pvar->auth_state.flags = 0;
947 pvar->auth_state.TIS_prompt = NULL;
948 pvar->auth_state.supported_types = 0;
949 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
950 pvar->auth_state.cur_cred.password = NULL;
951 pvar->auth_state.cur_cred.rhosts_client_user = NULL;
952 pvar->auth_state.cur_cred.key_pair = NULL;
953 AUTH_set_generic_mode(pvar);
954 }
955
956 void AUTH_set_generic_mode(PTInstVar pvar)
957 {
958 pvar->auth_state.mode = GENERIC_AUTH_MODE;
959 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
960 }
961
962 void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
963 {
964 if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
965 pvar->auth_state.mode = TIS_AUTH_MODE;
966
967 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
968 pvar->auth_state.TIS_prompt = malloc(len + 1);
969 memcpy(pvar->auth_state.TIS_prompt, prompt, len);
970 pvar->auth_state.TIS_prompt[len] = 0;
971 } else {
972 AUTH_set_generic_mode(pvar);
973 }
974 }
975
976 void AUTH_do_default_cred_dialog(PTInstVar pvar)
977 {
978 HWND cur_active = GetActiveWindow();
979
980 if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
981 cur_active !=
982 NULL ? cur_active : pvar->NotificationWindow,
983 default_auth_dlg_proc, (LPARAM) pvar) == -1) {
984 notify_nonfatal_error(pvar,
985 "Unable to display authentication setup dialog box.");
986 }
987 }
988
989 void AUTH_destroy_cur_cred(PTInstVar pvar)
990 {
991 destroy_malloced_string(&pvar->auth_state.cur_cred.password);
992 destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
993 if (pvar->auth_state.cur_cred.key_pair != NULL) {
994 CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
995 pvar->auth_state.cur_cred.key_pair = NULL;
996 }
997 }
998
999 static char FAR *get_auth_method_name(SSHAuthMethod auth)
1000 {
1001 switch (auth) {
1002 case SSH_AUTH_PASSWORD:
1003 return "password";
1004 case SSH_AUTH_RSA:
1005 return "RSA";
1006 case SSH_AUTH_RHOSTS:
1007 return "rhosts";
1008 case SSH_AUTH_RHOSTS_RSA:
1009 return "rhosts with RSA";
1010 case SSH_AUTH_TIS:
1011 return "challenge/response (TIS)";
1012 default:
1013 return "unknown method";
1014 }
1015 }
1016
1017 void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
1018 {
1019 char *method = "unknown";
1020
1021 if (pvar->auth_state.user == NULL) {
1022 strncpy(dest, "None", len);
1023 } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
1024 if (SSHv1(pvar)) {
1025 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
1026 get_auth_method_name(pvar->auth_state.cur_cred.method));
1027
1028 } else {
1029 // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
1030 // keyboard-interactive���\�b�h������ (2005.3.12 yutaka)
1031 if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD ||
1032 pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
1033 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
1034 if (pvar->keyboard_interactive_done == 1 ||
1035 pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
1036 method = "keyboard-interactive";
1037 } else {
1038 method = get_auth_method_name(pvar->auth_state.cur_cred.method);
1039 }
1040 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1041
1042 } else {
1043 if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
1044 method = "RSA";
1045 } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
1046 method = "DSA";
1047 }
1048 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1049 }
1050
1051 }
1052
1053 } else {
1054 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
1055 get_auth_method_name(pvar->auth_state.failed_method));
1056 }
1057
1058 dest[len - 1] = 0;
1059 }
1060
1061 void AUTH_notify_disconnecting(PTInstVar pvar)
1062 {
1063 if (pvar->auth_state.auth_dialog != NULL) {
1064 PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
1065 /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
1066 EnableWindow(pvar->NotificationWindow, TRUE);
1067 }
1068 }
1069
1070 void AUTH_end(PTInstVar pvar)
1071 {
1072 destroy_malloced_string(&pvar->auth_state.user);
1073 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1074
1075 AUTH_destroy_cur_cred(pvar);
1076 }
1077
1078 /*
1079 * $Log: not supported by cvs2svn $
1080 * Revision 1.19 2006/08/05 03:47:49 yutakakn
1081 * �p�X���[�h�������������o������������������������ teraterm.ini �����f�����������������B
1082 *
1083 * Revision 1.18 2006/08/03 15:04:37 yutakakn
1084 * �p�X���[�h�������������������������������������`�F�b�N�{�b�N�X���F���_�C�A���O�����������B
1085 *
1086 * Revision 1.17 2005/09/05 10:46:22 yutakakn
1087 * '/I' �w�����������������F���_�C�A���O�����������������������B
1088 *
1089 * Revision 1.16 2005/08/26 16:26:02 yutakakn
1090 * �������O�C������SSH�F���_�C�A���O�����������������������B
1091 *
1092 * Revision 1.15 2005/07/15 14:58:04 yutakakn
1093 * SSH1���������x���[�U�F�������s�������A�������F�����������������o�O���C���B
1094 *
1095 * Revision 1.14 2005/04/26 13:57:57 yutakakn
1096 * private key�t�@�C���_�C�A���O��3�t�@�C���t�B���^�����������B
1097 *
1098 * Revision 1.13 2005/04/08 14:55:03 yutakakn
1099 * "Duplicate session"��������SSH�������O�C�����s�������������B
1100 *
1101 * Revision 1.12 2005/03/23 12:39:35 yutakakn
1102 * SSH2�F���_�C�A���O�� Use challenge/response to log in ���A�N�Z�����[�^�L�[�������������B
1103 *
1104 * Revision 1.11 2005/03/12 15:07:33 yutakakn
1105 * SSH2 keyboard-interactive�F����TIS�_�C�A���O�����������B
1106 *
1107 * Revision 1.10 2005/03/12 12:08:05 yutakakn
1108 * �p�X���[�h�F�����O���s��keyboard-interactive���\�b�h���A�f�t�H���g�����l������(0)�������B
1109 * �����A�F���_�C�A���O�����x�������������L�����������X���������������B
1110 *
1111 * Revision 1.9 2005/02/22 08:48:11 yutakakn
1112 * TTSSH setup�_�C�A���O�� HeartBeat �����������B
1113 * TTSSH authentication setup�_�C�A���O�� keyboard-interactive �����������B
1114 *
1115 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1116 * ���J���F���������O�C�����T�|�[�g�B
1117 * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1118 * �����A�����������������T�|�[�g�B
1119 *
1120 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1121 * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1122 * �A�v���P�[�V�����G���[���������������������B
1123 *
1124 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1125 * �Ekeyboard-interactive�F�����T�|�[�g�����B
1126 * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1127 * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1128 *
1129 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1130 * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1131 *
1132 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1133 * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1134 *
1135 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1136 * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1137 *
1138 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1139 * SSH2�������O�C���@�\�������B
1140 * �����A�p�X���[�h�F�������������B
1141 * �E�R�}���h���C��
1142 * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1143 *
1144 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
Über OSDN
Software suchen
Entwickeln Software
Hilfeseiten