Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2769 - (hide annotations) (download) (as text)
Mon Dec 27 14:35:41 2004 UTC (19 years, 3 months ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 27139 byte(s) 
SSH2秘密鍵読み込み失敗時のエラーメッセージを強化した。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #include "ttxssh.h"
30     #include "util.h"
31    
32     #include <io.h>
33     #include <fcntl.h>
34     #include <stdlib.h>
35     #include <errno.h>
36    
37     #include "resource.h"
38     #include "keyfiles.h"
39    
40     #define AUTH_START_USER_AUTH_ON_ERROR_END 1
41    
42     #define MAX_AUTH_CONTROL IDC_SSHUSETIS
43    
44     static void destroy_malloced_string(char FAR * FAR * str)
45     {
46     if (*str != NULL) {
47     memset(*str, 0, strlen(*str));
48     free(*str);
49     *str = NULL;
50     }
51     }
52    
53     static int auth_types_to_control_IDs[] = {
54     -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
55     IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
56     };
57    
58     static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
59     WPARAM wParam, LPARAM lParam)
60     {
61     switch (msg) {
62     case WM_CHAR:
63     if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
64     char chars[] = { (char) wParam, 0 };
65    
66     SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
67     (LPARAM) (char FAR *) chars);
68     return 0;
69     }
70     }
71    
72     return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
73     control, msg, wParam, lParam);
74     }
75    
76     static void init_password_control(HWND dlg)
77     {
78     HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
79    
80     SetWindowLong(passwordControl, GWL_USERDATA,
81     SetWindowLong(passwordControl, GWL_WNDPROC,
82     (LONG) password_wnd_proc));
83    
84     SetFocus(passwordControl);
85     }
86    
87     static void set_auth_options_status(HWND dlg, int controlID)
88     {
89     BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
90     BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
91     BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
92     int i;
93    
94     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
95    
96     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
97     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
98    
99     for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
100     EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
101     }
102    
103     for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
104     EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
105     }
106     }
107    
108     static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
109     {
110     char buf[1024] = "Logging in to ";
111    
112     if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
113     strcat(buf, SSH_get_host_name(pvar));
114     }
115     SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
116     }
117    
118     static void update_server_supported_types(PTInstVar pvar, HWND dlg)
119     {
120     int supported_methods = pvar->auth_state.supported_types;
121     int cur_control = -1;
122     int control;
123     HWND focus = GetFocus();
124    
125     if (supported_methods == 0) {
126     return;
127     }
128    
129     for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
130     control++) {
131     BOOL enabled = FALSE;
132     int method;
133     HWND item = GetDlgItem(dlg, control);
134    
135     if (item != NULL) {
136     for (method = 0; method <= SSH_AUTH_MAX; method++) {
137     if (auth_types_to_control_IDs[method] == control
138     && (supported_methods & (1 << method)) != 0) {
139     enabled = TRUE;
140     }
141     }
142    
143     EnableWindow(item, enabled);
144    
145     if (IsDlgButtonChecked(dlg, control)) {
146     cur_control = control;
147     }
148     }
149     }
150    
151     if (cur_control >= 0) {
152     if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
153     do {
154     cur_control++;
155     if (cur_control > MAX_AUTH_CONTROL) {
156     cur_control = IDC_SSHUSEPASSWORD;
157     }
158     } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
159    
160     set_auth_options_status(dlg, cur_control);
161    
162     if (focus != NULL && !IsWindowEnabled(focus)) {
163     SetFocus(GetDlgItem(dlg, cur_control));
164     }
165     }
166     }
167     }
168    
169     static void init_auth_dlg(PTInstVar pvar, HWND dlg)
170     {
171     int default_method = pvar->session_settings.DefaultAuthMethod;
172    
173     init_auth_machine_banner(pvar, dlg);
174     init_password_control(dlg);
175    
176     if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
177     /* must be retrying a failed attempt */
178     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
179     "Authentication failed. Please retry.");
180     SetWindowText(dlg, "Retrying SSH Authentication");
181     default_method = pvar->auth_state.failed_method;
182     }
183    
184     set_auth_options_status(dlg,
185     auth_types_to_control_IDs[default_method]);
186    
187     if (default_method == SSH_AUTH_TIS) {
188     /* we disabled the password control, so fix the focus */
189     SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
190     }
191    
192     if (pvar->auth_state.user != NULL) {
193     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
194     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
195     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
196     } else if (pvar->session_settings.DefaultUserName[0] != 0) {
197     SetDlgItemText(dlg, IDC_SSHUSERNAME,
198     pvar->session_settings.DefaultUserName);
199     } else {
200     SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
201     }
202    
203     SetDlgItemText(dlg, IDC_RSAFILENAME,
204     pvar->session_settings.DefaultRSAPrivateKeyFile);
205     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
206     pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
207     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
208     pvar->session_settings.DefaultRhostsLocalUserName);
209    
210     update_server_supported_types(pvar, dlg);
211 yutakakn 2739
212     // SSH2 autologin (2004.12.1 yutaka)
213     // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
214     if (pvar->ssh2_autologin == 1) {
215     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
216     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
217     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
218    
219     SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
220     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
221     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
222    
223     if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
224     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
225     } else {
226     // TODO
227    
228     }
229     }
230    
231 yutakakn 2728 }
232    
233     static char FAR *alloc_control_text(HWND ctl)
234     {
235     int len = GetWindowTextLength(ctl);
236     char FAR *result = malloc(len + 1);
237    
238     if (result != NULL) {
239     GetWindowText(ctl, result, len + 1);
240     result[len] = 0;
241     }
242    
243     return result;
244     }
245    
246     static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
247     {
248     #ifdef TERATERM32
249     OPENFILENAME params;
250     char fullname_buf[2048] = "identity";
251    
252 yutakakn 2762 ZeroMemory(&params, sizeof(params));
253 yutakakn 2728 params.lStructSize = sizeof(OPENFILENAME);
254     params.hwndOwner = parent;
255 yutakakn 2762 // �t�B���^������ (2004.12.19 yutaka)
256     params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
257 yutakakn 2728 params.lpstrCustomFilter = NULL;
258     params.nFilterIndex = 0;
259     buf[0] = 0;
260     params.lpstrFile = fullname_buf;
261     params.nMaxFile = sizeof(fullname_buf);
262     params.lpstrFileTitle = NULL;
263     params.lpstrInitialDir = NULL;
264     params.lpstrTitle = "Choose a file with the RSA private key";
265     params.Flags =
266     OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
267     params.lpstrDefExt = NULL;
268    
269     if (GetOpenFileName(&params) != 0) {
270     copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
271     return 1;
272     } else {
273     return 0;
274     }
275     #else
276     return 0;
277     #endif
278     }
279    
280     static void choose_RSA_key_file(HWND dlg)
281     {
282     char buf[1024];
283    
284     if (get_key_file_name(dlg, buf, sizeof(buf))) {
285     SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
286     }
287     }
288    
289     static void choose_host_RSA_key_file(HWND dlg)
290     {
291     char buf[1024];
292    
293     if (get_key_file_name(dlg, buf, sizeof(buf))) {
294     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
295     }
296     }
297    
298     static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
299     {
300     int method = SSH_AUTH_PASSWORD;
301     char FAR *password =
302     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
303     CRYPTKeyPair FAR *key_pair = NULL;
304    
305     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
306     method = SSH_AUTH_RSA;
307     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
308     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
309     method = SSH_AUTH_RHOSTS_RSA;
310     } else {
311     method = SSH_AUTH_RHOSTS;
312     }
313     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
314     method = SSH_AUTH_TIS;
315     }
316    
317     if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
318     char buf[2048];
319     int file_ctl_ID =
320     method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
321    
322     buf[0] = 0;
323     GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
324     if (buf[0] == 0) {
325     notify_nonfatal_error(pvar,
326 yutakakn 2762 "You must specify a file containing the RSA/DSA private key.");
327 yutakakn 2728 SetFocus(GetDlgItem(dlg, file_ctl_ID));
328     destroy_malloced_string(&password);
329     return FALSE;
330 yutakakn 2762 }
331    
332     if (SSHv1(pvar)) {
333 yutakakn 2728 BOOL invalid_passphrase = FALSE;
334    
335     key_pair = KEYFILES_read_private_key(pvar, buf, password,
336     &invalid_passphrase,
337     FALSE);
338    
339     if (key_pair == NULL) {
340     if (invalid_passphrase) {
341     HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
342    
343     SetFocus(passwordCtl);
344     SendMessage(passwordCtl, EM_SETSEL, 0, -1);
345     } else {
346     SetFocus(GetDlgItem(dlg, file_ctl_ID));
347     }
348     destroy_malloced_string(&password);
349     return FALSE;
350     }
351 yutakakn 2762
352     } else { // SSH2(yutaka)
353     BOOL invalid_passphrase = FALSE;
354 yutakakn 2769 char errmsg[256];
355 yutakakn 2762
356 yutakakn 2769 memset(errmsg, 0, sizeof(errmsg));
357    
358 yutakakn 2762 key_pair = read_SSH2_private_key(pvar, buf, password,
359     &invalid_passphrase,
360 yutakakn 2769 FALSE,
361     errmsg,
362     sizeof(errmsg)
363     );
364 yutakakn 2762
365     if (key_pair == NULL) { // read error
366 yutakakn 2769 char buf[1024];
367     _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
368     notify_nonfatal_error(pvar, buf);
369 yutakakn 2762 destroy_malloced_string(&password);
370     return FALSE;
371     }
372    
373 yutakakn 2728 }
374 yutakakn 2762
375 yutakakn 2728 }
376    
377     /* from here on, we cannot fail, so just munge cur_cred in place */
378     pvar->auth_state.cur_cred.method = method;
379     pvar->auth_state.cur_cred.key_pair = key_pair;
380     /* we can't change the user name once it's set. It may already have
381     been sent to the server, and it can only be sent once. */
382     if (pvar->auth_state.user == NULL) {
383     pvar->auth_state.user =
384     alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
385     }
386     if (method == SSH_AUTH_PASSWORD) {
387     pvar->auth_state.cur_cred.password = password;
388     } else {
389     destroy_malloced_string(&password);
390     }
391     if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
392     if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
393     notify_nonfatal_error(pvar,
394     "Rhosts authentication will probably fail because it was not "
395     "the default authentication method.\n"
396     "To use Rhosts authentication "
397     "in TTSSH, you need to set it to be the default by restarting\n"
398     "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
399     "before connecting.");
400     }
401    
402     pvar->auth_state.cur_cred.rhosts_client_user =
403     alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
404     }
405     pvar->auth_state.auth_dialog = NULL;
406    
407     GetDlgItemText(dlg, IDC_RSAFILENAME,
408     pvar->session_settings.DefaultRSAPrivateKeyFile,
409     sizeof(pvar->session_settings.
410     DefaultRSAPrivateKeyFile));
411     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
412     pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
413     sizeof(pvar->session_settings.
414     DefaultRhostsHostPrivateKeyFile));
415     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
416     pvar->session_settings.DefaultRhostsLocalUserName,
417     sizeof(pvar->session_settings.
418     DefaultRhostsLocalUserName));
419    
420     if (SSHv1(pvar)) {
421     SSH_notify_user_name(pvar);
422     SSH_notify_cred(pvar);
423     } else {
424     // for SSH2(yutaka)
425     do_SSH2_userauth(pvar);
426     }
427    
428     EndDialog(dlg, 1);
429     return TRUE;
430     }
431    
432     static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
433     LPARAM lParam)
434     {
435 yutakakn 2739 const int IDC_TIMER1 = 300;
436 yutakakn 2752 const int autologin_timeout = 10; // �~���b
437 yutakakn 2728 PTInstVar pvar;
438    
439     switch (msg) {
440     case WM_INITDIALOG:
441     pvar = (PTInstVar) lParam;
442     pvar->auth_state.auth_dialog = dlg;
443     SetWindowLong(dlg, DWL_USER, lParam);
444    
445     init_auth_dlg(pvar, dlg);
446 yutakakn 2739
447     // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
448     if (pvar->ssh2_autologin == 1) {
449     SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
450     }
451 yutakakn 2728 return FALSE; /* because we set the focus */
452    
453 yutakakn 2739 case WM_TIMER:
454 yutakakn 2752 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
455     // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
456     if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
457     KillTimer(dlg, IDC_TIMER1);
458     SendMessage(dlg, WM_COMMAND, IDOK, 0);
459     }
460 yutakakn 2739 return TRUE;
461    
462 yutakakn 2728 case WM_COMMAND:
463     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
464    
465     switch (LOWORD(wParam)) {
466     case IDOK:
467     return end_auth_dlg(pvar, dlg);
468    
469     case IDCANCEL: /* kill the connection */
470     pvar->auth_state.auth_dialog = NULL;
471     notify_closed_connection(pvar);
472     EndDialog(dlg, 0);
473     return TRUE;
474    
475     case IDC_SSHUSEPASSWORD:
476     case IDC_SSHUSERSA:
477     case IDC_SSHUSERHOSTS:
478     case IDC_SSHUSETIS:
479     set_auth_options_status(dlg, LOWORD(wParam));
480     return TRUE;
481    
482     case IDC_CHOOSERSAFILE:
483     choose_RSA_key_file(dlg);
484     return TRUE;
485    
486     case IDC_CHOOSEHOSTRSAFILE:
487     choose_host_RSA_key_file(dlg);
488     return TRUE;
489    
490     default:
491     return FALSE;
492     }
493    
494     default:
495     return FALSE;
496     }
497     }
498    
499     char FAR *AUTH_get_user_name(PTInstVar pvar)
500     {
501     return pvar->auth_state.user;
502     }
503    
504     int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
505     {
506     char buf[1024];
507    
508     _snprintf(buf, sizeof(buf),
509     "Server reports supported authentication method mask = %d",
510     types);
511     buf[sizeof(buf) - 1] = 0;
512     notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
513    
514     if (SSHv1(pvar)) {
515     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
516     | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
517     | (1 << SSH_AUTH_TIS);
518     } else {
519     // for SSH2(yutaka)
520 yutakakn 2762 // types &= (1 << SSH_AUTH_PASSWORD);
521     // ���J���F�����L�������� (2004.12.18 yutaka)
522     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
523     | (1 << SSH_AUTH_DSA);
524 yutakakn 2728 }
525     pvar->auth_state.supported_types = types;
526    
527     if (types == 0) {
528     notify_fatal_error(pvar,
529     "Server does not support any of the authentication options\n"
530     "provided by TTSSH. This connection will now close.");
531     return 0;
532     } else {
533     if (pvar->auth_state.auth_dialog != NULL) {
534     update_server_supported_types(pvar,
535     pvar->auth_state.auth_dialog);
536     }
537    
538     return 1;
539     }
540     }
541    
542     static void start_user_auth(PTInstVar pvar)
543     {
544 yutakakn 2739 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
545 yutakakn 2728 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
546     (LPARAM) NULL);
547     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
548     }
549    
550     static void try_default_auth(PTInstVar pvar)
551     {
552     if (pvar->session_settings.TryDefaultAuth) {
553     switch (pvar->session_settings.DefaultAuthMethod) {
554     case SSH_AUTH_RSA:{
555     BOOL invalid_passphrase;
556     char password[] = "";
557    
558     pvar->auth_state.cur_cred.key_pair
559     =
560     KEYFILES_read_private_key(pvar,
561     pvar->session_settings.
562     DefaultRSAPrivateKeyFile,
563     password,
564     &invalid_passphrase, TRUE);
565     if (pvar->auth_state.cur_cred.key_pair == NULL) {
566     return;
567     } else {
568     pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
569     }
570     break;
571     }
572    
573     case SSH_AUTH_RHOSTS:
574     if (pvar->session_settings.
575     DefaultRhostsHostPrivateKeyFile[0] != 0) {
576     BOOL invalid_passphrase;
577     char password[] = "";
578    
579     pvar->auth_state.cur_cred.key_pair
580     =
581     KEYFILES_read_private_key(pvar,
582     pvar->session_settings.
583     DefaultRhostsHostPrivateKeyFile,
584     password,
585     &invalid_passphrase, TRUE);
586     if (pvar->auth_state.cur_cred.key_pair == NULL) {
587     return;
588     } else {
589     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
590     }
591     } else {
592     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
593     }
594    
595     pvar->auth_state.cur_cred.rhosts_client_user =
596     _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
597     break;
598    
599     case SSH_AUTH_PASSWORD:
600     pvar->auth_state.cur_cred.password = _strdup("");
601     pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
602     break;
603    
604     case SSH_AUTH_TIS:
605     default:
606     return;
607     }
608    
609     pvar->auth_state.user =
610     _strdup(pvar->session_settings.DefaultUserName);
611     }
612     }
613    
614     void AUTH_notify_end_error(PTInstVar pvar)
615     {
616     if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
617     start_user_auth(pvar);
618     pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
619     }
620     }
621    
622     void AUTH_advance_to_next_cred(PTInstVar pvar)
623     {
624     pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
625    
626     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
627     try_default_auth(pvar);
628    
629     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
630     if (pvar->err_msg != NULL) {
631     pvar->auth_state.flags |=
632     AUTH_START_USER_AUTH_ON_ERROR_END;
633     } else {
634 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
635     // �R�}���h���C���w������������
636 yutakakn 2728 start_user_auth(pvar);
637     }
638     }
639     } else {
640 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
641     // �R�}���h���C���w������(/auth=xxxx)������
642 yutakakn 2728 start_user_auth(pvar);
643     }
644     }
645    
646     static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
647     {
648     init_auth_machine_banner(pvar, dlg);
649     init_password_control(dlg);
650    
651     if (pvar->auth_state.TIS_prompt != NULL) {
652     if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
653     pvar->auth_state.TIS_prompt[10000] = 0;
654     }
655     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
656     pvar->auth_state.TIS_prompt);
657     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
658     }
659     }
660    
661     static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
662     {
663     char FAR *password =
664     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
665    
666     pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
667     pvar->auth_state.cur_cred.password = password;
668     pvar->auth_state.auth_dialog = NULL;
669    
670     SSH_notify_cred(pvar);
671    
672     EndDialog(dlg, 1);
673     return TRUE;
674     }
675    
676     static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
677     LPARAM lParam)
678     {
679     PTInstVar pvar;
680    
681     switch (msg) {
682     case WM_INITDIALOG:
683     pvar = (PTInstVar) lParam;
684     pvar->auth_state.auth_dialog = dlg;
685     SetWindowLong(dlg, DWL_USER, lParam);
686    
687     init_TIS_dlg(pvar, dlg);
688     return FALSE; /* because we set the focus */
689    
690     case WM_COMMAND:
691     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
692    
693     switch (LOWORD(wParam)) {
694     case IDOK:
695     return end_TIS_dlg(pvar, dlg);
696    
697     case IDCANCEL: /* kill the connection */
698     pvar->auth_state.auth_dialog = NULL;
699     notify_closed_connection(pvar);
700     EndDialog(dlg, 0);
701     return TRUE;
702    
703     default:
704     return FALSE;
705     }
706    
707     default:
708     return FALSE;
709     }
710     }
711    
712     void AUTH_do_cred_dialog(PTInstVar pvar)
713     {
714     if (pvar->auth_state.auth_dialog == NULL) {
715     HWND cur_active = GetActiveWindow();
716     DLGPROC dlg_proc;
717     LPCTSTR dialog_template;
718    
719     switch (pvar->auth_state.mode) {
720     case TIS_AUTH_MODE:
721     dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
722     dlg_proc = TIS_dlg_proc;
723     break;
724     case GENERIC_AUTH_MODE:
725     default:
726     dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
727     dlg_proc = auth_dlg_proc;
728     }
729    
730     if (!DialogBoxParam(hInst, dialog_template,
731     cur_active !=
732     NULL ? cur_active : pvar->NotificationWindow,
733     dlg_proc, (LPARAM) pvar) == -1) {
734     notify_fatal_error(pvar,
735     "Unable to display authentication dialog box.\n"
736     "Connection terminated.");
737     }
738     }
739     }
740    
741     static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
742     {
743     switch (pvar->settings.DefaultAuthMethod) {
744     case SSH_AUTH_RSA:
745     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
746     IDC_SSHUSERSA);
747     break;
748     case SSH_AUTH_RHOSTS:
749     case SSH_AUTH_RHOSTS_RSA:
750     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
751     IDC_SSHUSERHOSTS);
752     break;
753     case SSH_AUTH_TIS:
754     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
755     IDC_SSHUSETIS);
756     break;
757     case SSH_AUTH_PASSWORD:
758     default:
759     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
760     IDC_SSHUSEPASSWORD);
761     }
762    
763     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
764     SetDlgItemText(dlg, IDC_RSAFILENAME,
765     pvar->settings.DefaultRSAPrivateKeyFile);
766     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
767     pvar->settings.DefaultRhostsHostPrivateKeyFile);
768     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
769     pvar->settings.DefaultRhostsLocalUserName);
770     }
771    
772     static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
773     {
774     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
775     pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
776     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
777     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
778     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
779     } else {
780     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
781     }
782     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
783     pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
784     } else {
785     pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
786     }
787    
788     GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
789     sizeof(pvar->settings.DefaultUserName));
790     GetDlgItemText(dlg, IDC_RSAFILENAME,
791     pvar->settings.DefaultRSAPrivateKeyFile,
792     sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
793     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
794     pvar->settings.DefaultRhostsHostPrivateKeyFile,
795     sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
796     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
797     pvar->settings.DefaultRhostsLocalUserName,
798     sizeof(pvar->settings.DefaultRhostsLocalUserName));
799    
800     EndDialog(dlg, 1);
801     return TRUE;
802     }
803    
804     static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
805     WPARAM wParam, LPARAM lParam)
806     {
807     PTInstVar pvar;
808    
809     switch (msg) {
810     case WM_INITDIALOG:
811     pvar = (PTInstVar) lParam;
812     SetWindowLong(dlg, DWL_USER, lParam);
813    
814     init_default_auth_dlg(pvar, dlg);
815     return TRUE; /* because we do not set the focus */
816    
817     case WM_COMMAND:
818     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
819    
820     switch (LOWORD(wParam)) {
821     case IDOK:
822     return end_default_auth_dlg(pvar, dlg);
823    
824     case IDCANCEL:
825     EndDialog(dlg, 0);
826     return TRUE;
827    
828     case IDC_CHOOSERSAFILE:
829     choose_RSA_key_file(dlg);
830     return TRUE;
831    
832     case IDC_CHOOSEHOSTRSAFILE:
833     choose_host_RSA_key_file(dlg);
834     return TRUE;
835    
836     default:
837     return FALSE;
838     }
839    
840     default:
841     return FALSE;
842     }
843     }
844    
845     void AUTH_init(PTInstVar pvar)
846     {
847     pvar->auth_state.failed_method = SSH_AUTH_NONE;
848     pvar->auth_state.auth_dialog = NULL;
849     pvar->auth_state.user = NULL;
850     pvar->auth_state.flags = 0;
851     pvar->auth_state.TIS_prompt = NULL;
852     pvar->auth_state.supported_types = 0;
853     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
854     pvar->auth_state.cur_cred.password = NULL;
855     pvar->auth_state.cur_cred.rhosts_client_user = NULL;
856     pvar->auth_state.cur_cred.key_pair = NULL;
857     AUTH_set_generic_mode(pvar);
858     }
859    
860     void AUTH_set_generic_mode(PTInstVar pvar)
861     {
862     pvar->auth_state.mode = GENERIC_AUTH_MODE;
863     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
864     }
865    
866     void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
867     {
868     if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
869     pvar->auth_state.mode = TIS_AUTH_MODE;
870    
871     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
872     pvar->auth_state.TIS_prompt = malloc(len + 1);
873     memcpy(pvar->auth_state.TIS_prompt, prompt, len);
874     pvar->auth_state.TIS_prompt[len] = 0;
875     } else {
876     AUTH_set_generic_mode(pvar);
877     }
878     }
879    
880     void AUTH_do_default_cred_dialog(PTInstVar pvar)
881     {
882     HWND cur_active = GetActiveWindow();
883    
884     if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
885     cur_active !=
886     NULL ? cur_active : pvar->NotificationWindow,
887     default_auth_dlg_proc, (LPARAM) pvar) == -1) {
888     notify_nonfatal_error(pvar,
889     "Unable to display authentication setup dialog box.");
890     }
891     }
892    
893     void AUTH_destroy_cur_cred(PTInstVar pvar)
894     {
895     destroy_malloced_string(&pvar->auth_state.cur_cred.password);
896     destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
897     if (pvar->auth_state.cur_cred.key_pair != NULL) {
898     CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
899     pvar->auth_state.cur_cred.key_pair = NULL;
900     }
901     }
902    
903     static char FAR *get_auth_method_name(SSHAuthMethod auth)
904     {
905     switch (auth) {
906     case SSH_AUTH_PASSWORD:
907     return "password";
908     case SSH_AUTH_RSA:
909     return "RSA";
910     case SSH_AUTH_RHOSTS:
911     return "rhosts";
912     case SSH_AUTH_RHOSTS_RSA:
913     return "rhosts with RSA";
914     case SSH_AUTH_TIS:
915     return "challenge/response (TIS)";
916     default:
917     return "unknown method";
918     }
919     }
920    
921     void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
922     {
923     if (pvar->auth_state.user == NULL) {
924     strncpy(dest, "None", len);
925     } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
926 yutakakn 2762 if (SSHv1(pvar)) {
927     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
928     get_auth_method_name(pvar->auth_state.cur_cred.method));
929    
930     } else { // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
931     if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
932     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
933     get_auth_method_name(pvar->auth_state.cur_cred.method));
934     } else {
935     char *method = "unknown";
936     if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
937     method = "RSA";
938     } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
939     method = "DSA";
940     }
941     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
942     }
943    
944     }
945    
946 yutakakn 2728 } else {
947     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
948     get_auth_method_name(pvar->auth_state.failed_method));
949     }
950    
951     dest[len - 1] = 0;
952     }
953    
954     void AUTH_notify_disconnecting(PTInstVar pvar)
955     {
956     if (pvar->auth_state.auth_dialog != NULL) {
957     PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
958     /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
959     EnableWindow(pvar->NotificationWindow, TRUE);
960     }
961     }
962    
963     void AUTH_end(PTInstVar pvar)
964     {
965     destroy_malloced_string(&pvar->auth_state.user);
966     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
967    
968     AUTH_destroy_cur_cred(pvar);
969     }
970 yutakakn 2739
971     /*
972     * $Log: not supported by cvs2svn $
973 yutakakn 2769 * Revision 1.4 2004/12/22 17:28:14 yutakakn
974     * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
975     *
976 yutakakn 2762 * Revision 1.3 2004/12/16 13:01:09 yutakakn
977     * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
978     *
979 yutakakn 2752 * Revision 1.2 2004/12/01 15:37:49 yutakakn
980     * SSH2�������O�C���@�\�������B
981     * �����A�p�X���[�h�F�������������B
982     * �E�R�}���h���C��
983     * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
984     *
985 yutakakn 2739 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help