Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2789 - (hide annotations) (download) (as text)
Tue Feb 22 08:48:11 2005 UTC (19 years, 1 month ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 29106 byte(s) 
TTSSH setupダイアログに HeartBeat 設定を追加。
TTSSH authentication setupダイアログに keyboard-interactive 設定を追加。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #include "ttxssh.h"
30     #include "util.h"
31    
32     #include <io.h>
33     #include <fcntl.h>
34     #include <stdlib.h>
35     #include <errno.h>
36    
37     #include "resource.h"
38     #include "keyfiles.h"
39    
40     #define AUTH_START_USER_AUTH_ON_ERROR_END 1
41    
42     #define MAX_AUTH_CONTROL IDC_SSHUSETIS
43    
44     static void destroy_malloced_string(char FAR * FAR * str)
45     {
46     if (*str != NULL) {
47     memset(*str, 0, strlen(*str));
48     free(*str);
49     *str = NULL;
50     }
51     }
52    
53     static int auth_types_to_control_IDs[] = {
54     -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
55     IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
56     };
57    
58     static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
59     WPARAM wParam, LPARAM lParam)
60     {
61     switch (msg) {
62     case WM_CHAR:
63     if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
64     char chars[] = { (char) wParam, 0 };
65    
66     SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
67     (LPARAM) (char FAR *) chars);
68     return 0;
69     }
70     }
71    
72     return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
73     control, msg, wParam, lParam);
74     }
75    
76     static void init_password_control(HWND dlg)
77     {
78     HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
79    
80     SetWindowLong(passwordControl, GWL_USERDATA,
81     SetWindowLong(passwordControl, GWL_WNDPROC,
82     (LONG) password_wnd_proc));
83    
84     SetFocus(passwordControl);
85     }
86    
87     static void set_auth_options_status(HWND dlg, int controlID)
88     {
89     BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
90     BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
91     BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
92     int i;
93    
94     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
95    
96     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
97     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
98    
99     for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
100     EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
101     }
102    
103     for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
104     EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
105     }
106     }
107    
108     static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
109     {
110     char buf[1024] = "Logging in to ";
111    
112     if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
113     strcat(buf, SSH_get_host_name(pvar));
114     }
115     SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
116     }
117    
118     static void update_server_supported_types(PTInstVar pvar, HWND dlg)
119     {
120     int supported_methods = pvar->auth_state.supported_types;
121     int cur_control = -1;
122     int control;
123     HWND focus = GetFocus();
124    
125     if (supported_methods == 0) {
126     return;
127     }
128    
129     for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
130     control++) {
131     BOOL enabled = FALSE;
132     int method;
133     HWND item = GetDlgItem(dlg, control);
134    
135     if (item != NULL) {
136     for (method = 0; method <= SSH_AUTH_MAX; method++) {
137     if (auth_types_to_control_IDs[method] == control
138     && (supported_methods & (1 << method)) != 0) {
139     enabled = TRUE;
140     }
141     }
142    
143     EnableWindow(item, enabled);
144    
145     if (IsDlgButtonChecked(dlg, control)) {
146     cur_control = control;
147     }
148     }
149     }
150    
151     if (cur_control >= 0) {
152     if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
153     do {
154     cur_control++;
155     if (cur_control > MAX_AUTH_CONTROL) {
156     cur_control = IDC_SSHUSEPASSWORD;
157     }
158     } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
159    
160     set_auth_options_status(dlg, cur_control);
161    
162     if (focus != NULL && !IsWindowEnabled(focus)) {
163     SetFocus(GetDlgItem(dlg, cur_control));
164     }
165     }
166     }
167     }
168    
169     static void init_auth_dlg(PTInstVar pvar, HWND dlg)
170     {
171     int default_method = pvar->session_settings.DefaultAuthMethod;
172    
173     init_auth_machine_banner(pvar, dlg);
174     init_password_control(dlg);
175    
176     if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
177     /* must be retrying a failed attempt */
178     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
179     "Authentication failed. Please retry.");
180     SetWindowText(dlg, "Retrying SSH Authentication");
181     default_method = pvar->auth_state.failed_method;
182     }
183    
184     set_auth_options_status(dlg,
185     auth_types_to_control_IDs[default_method]);
186    
187     if (default_method == SSH_AUTH_TIS) {
188     /* we disabled the password control, so fix the focus */
189     SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
190     }
191    
192     if (pvar->auth_state.user != NULL) {
193     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
194     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
195     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
196     } else if (pvar->session_settings.DefaultUserName[0] != 0) {
197     SetDlgItemText(dlg, IDC_SSHUSERNAME,
198     pvar->session_settings.DefaultUserName);
199     } else {
200     SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
201     }
202    
203     SetDlgItemText(dlg, IDC_RSAFILENAME,
204     pvar->session_settings.DefaultRSAPrivateKeyFile);
205     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
206     pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
207     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
208     pvar->session_settings.DefaultRhostsLocalUserName);
209    
210     update_server_supported_types(pvar, dlg);
211 yutakakn 2739
212 yutakakn 2784 // SSH2 autologin
213 yutakakn 2739 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
214 yutakakn 2784 //
215     // (2004.12.1 yutaka)
216     // (2005.1.26 yutaka) ���J���F���T�|�[�g
217 yutakakn 2739 if (pvar->ssh2_autologin == 1) {
218     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
219     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
220     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
221    
222     SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
223     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
224     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
225    
226 yutakakn 2784 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
227 yutakakn 2739 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
228 yutakakn 2784
229     } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
230     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
231    
232     SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
233     EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
234     EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
235    
236 yutakakn 2739 } else {
237     // TODO
238    
239     }
240     }
241    
242 yutakakn 2728 }
243    
244     static char FAR *alloc_control_text(HWND ctl)
245     {
246     int len = GetWindowTextLength(ctl);
247     char FAR *result = malloc(len + 1);
248    
249     if (result != NULL) {
250     GetWindowText(ctl, result, len + 1);
251     result[len] = 0;
252     }
253    
254     return result;
255     }
256    
257     static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
258     {
259     #ifdef TERATERM32
260     OPENFILENAME params;
261     char fullname_buf[2048] = "identity";
262    
263 yutakakn 2762 ZeroMemory(&params, sizeof(params));
264 yutakakn 2728 params.lStructSize = sizeof(OPENFILENAME);
265     params.hwndOwner = parent;
266 yutakakn 2762 // �t�B���^������ (2004.12.19 yutaka)
267     params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
268 yutakakn 2728 params.lpstrCustomFilter = NULL;
269     params.nFilterIndex = 0;
270     buf[0] = 0;
271     params.lpstrFile = fullname_buf;
272     params.nMaxFile = sizeof(fullname_buf);
273     params.lpstrFileTitle = NULL;
274     params.lpstrInitialDir = NULL;
275     params.lpstrTitle = "Choose a file with the RSA private key";
276     params.Flags =
277     OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
278     params.lpstrDefExt = NULL;
279    
280     if (GetOpenFileName(&params) != 0) {
281     copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
282     return 1;
283     } else {
284     return 0;
285     }
286     #else
287     return 0;
288     #endif
289     }
290    
291     static void choose_RSA_key_file(HWND dlg)
292     {
293     char buf[1024];
294    
295     if (get_key_file_name(dlg, buf, sizeof(buf))) {
296     SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
297     }
298     }
299    
300     static void choose_host_RSA_key_file(HWND dlg)
301     {
302     char buf[1024];
303    
304     if (get_key_file_name(dlg, buf, sizeof(buf))) {
305     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
306     }
307     }
308    
309     static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
310     {
311     int method = SSH_AUTH_PASSWORD;
312     char FAR *password =
313     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
314     CRYPTKeyPair FAR *key_pair = NULL;
315    
316     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
317     method = SSH_AUTH_RSA;
318     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
319     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
320     method = SSH_AUTH_RHOSTS_RSA;
321     } else {
322     method = SSH_AUTH_RHOSTS;
323     }
324     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
325     method = SSH_AUTH_TIS;
326     }
327    
328     if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
329     char buf[2048];
330     int file_ctl_ID =
331     method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
332    
333     buf[0] = 0;
334     GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
335     if (buf[0] == 0) {
336     notify_nonfatal_error(pvar,
337 yutakakn 2762 "You must specify a file containing the RSA/DSA private key.");
338 yutakakn 2728 SetFocus(GetDlgItem(dlg, file_ctl_ID));
339     destroy_malloced_string(&password);
340     return FALSE;
341 yutakakn 2762 }
342    
343     if (SSHv1(pvar)) {
344 yutakakn 2728 BOOL invalid_passphrase = FALSE;
345    
346     key_pair = KEYFILES_read_private_key(pvar, buf, password,
347     &invalid_passphrase,
348     FALSE);
349    
350     if (key_pair == NULL) {
351     if (invalid_passphrase) {
352     HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
353    
354     SetFocus(passwordCtl);
355     SendMessage(passwordCtl, EM_SETSEL, 0, -1);
356     } else {
357     SetFocus(GetDlgItem(dlg, file_ctl_ID));
358     }
359     destroy_malloced_string(&password);
360     return FALSE;
361     }
362 yutakakn 2762
363     } else { // SSH2(yutaka)
364     BOOL invalid_passphrase = FALSE;
365 yutakakn 2769 char errmsg[256];
366 yutakakn 2762
367 yutakakn 2769 memset(errmsg, 0, sizeof(errmsg));
368 yutakakn 2784 //GetCurrentDirectory(sizeof(errmsg), errmsg);
369 yutakakn 2769
370 yutakakn 2762 key_pair = read_SSH2_private_key(pvar, buf, password,
371     &invalid_passphrase,
372 yutakakn 2769 FALSE,
373     errmsg,
374     sizeof(errmsg)
375     );
376 yutakakn 2762
377     if (key_pair == NULL) { // read error
378 yutakakn 2769 char buf[1024];
379     _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
380     notify_nonfatal_error(pvar, buf);
381 yutakakn 2762 destroy_malloced_string(&password);
382     return FALSE;
383     }
384    
385 yutakakn 2728 }
386 yutakakn 2762
387 yutakakn 2728 }
388    
389     /* from here on, we cannot fail, so just munge cur_cred in place */
390     pvar->auth_state.cur_cred.method = method;
391     pvar->auth_state.cur_cred.key_pair = key_pair;
392     /* we can't change the user name once it's set. It may already have
393     been sent to the server, and it can only be sent once. */
394     if (pvar->auth_state.user == NULL) {
395     pvar->auth_state.user =
396     alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
397     }
398     if (method == SSH_AUTH_PASSWORD) {
399     pvar->auth_state.cur_cred.password = password;
400     } else {
401     destroy_malloced_string(&password);
402     }
403     if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
404     if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
405     notify_nonfatal_error(pvar,
406     "Rhosts authentication will probably fail because it was not "
407     "the default authentication method.\n"
408     "To use Rhosts authentication "
409     "in TTSSH, you need to set it to be the default by restarting\n"
410     "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
411     "before connecting.");
412     }
413    
414     pvar->auth_state.cur_cred.rhosts_client_user =
415     alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
416     }
417     pvar->auth_state.auth_dialog = NULL;
418    
419     GetDlgItemText(dlg, IDC_RSAFILENAME,
420     pvar->session_settings.DefaultRSAPrivateKeyFile,
421     sizeof(pvar->session_settings.
422     DefaultRSAPrivateKeyFile));
423     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
424     pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
425     sizeof(pvar->session_settings.
426     DefaultRhostsHostPrivateKeyFile));
427     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
428     pvar->session_settings.DefaultRhostsLocalUserName,
429     sizeof(pvar->session_settings.
430     DefaultRhostsLocalUserName));
431    
432     if (SSHv1(pvar)) {
433     SSH_notify_user_name(pvar);
434     SSH_notify_cred(pvar);
435     } else {
436     // for SSH2(yutaka)
437     do_SSH2_userauth(pvar);
438     }
439    
440     EndDialog(dlg, 1);
441     return TRUE;
442     }
443    
444     static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
445     LPARAM lParam)
446     {
447 yutakakn 2739 const int IDC_TIMER1 = 300;
448 yutakakn 2752 const int autologin_timeout = 10; // �~���b
449 yutakakn 2728 PTInstVar pvar;
450    
451     switch (msg) {
452     case WM_INITDIALOG:
453     pvar = (PTInstVar) lParam;
454     pvar->auth_state.auth_dialog = dlg;
455     SetWindowLong(dlg, DWL_USER, lParam);
456    
457     init_auth_dlg(pvar, dlg);
458 yutakakn 2739
459     // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
460     if (pvar->ssh2_autologin == 1) {
461     SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
462     }
463 yutakakn 2728 return FALSE; /* because we set the focus */
464    
465 yutakakn 2739 case WM_TIMER:
466 yutakakn 2752 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
467     // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
468     if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
469     KillTimer(dlg, IDC_TIMER1);
470     SendMessage(dlg, WM_COMMAND, IDOK, 0);
471     }
472 yutakakn 2739 return TRUE;
473    
474 yutakakn 2728 case WM_COMMAND:
475     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
476    
477     switch (LOWORD(wParam)) {
478     case IDOK:
479 yutakakn 2783 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
480     if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
481     return FALSE;
482     }
483 yutakakn 2728 return end_auth_dlg(pvar, dlg);
484    
485     case IDCANCEL: /* kill the connection */
486     pvar->auth_state.auth_dialog = NULL;
487     notify_closed_connection(pvar);
488     EndDialog(dlg, 0);
489     return TRUE;
490    
491     case IDC_SSHUSEPASSWORD:
492     case IDC_SSHUSERSA:
493     case IDC_SSHUSERHOSTS:
494     case IDC_SSHUSETIS:
495     set_auth_options_status(dlg, LOWORD(wParam));
496     return TRUE;
497    
498     case IDC_CHOOSERSAFILE:
499     choose_RSA_key_file(dlg);
500     return TRUE;
501    
502     case IDC_CHOOSEHOSTRSAFILE:
503     choose_host_RSA_key_file(dlg);
504     return TRUE;
505    
506     default:
507     return FALSE;
508     }
509    
510     default:
511     return FALSE;
512     }
513     }
514    
515     char FAR *AUTH_get_user_name(PTInstVar pvar)
516     {
517     return pvar->auth_state.user;
518     }
519    
520     int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
521     {
522     char buf[1024];
523    
524     _snprintf(buf, sizeof(buf),
525     "Server reports supported authentication method mask = %d",
526     types);
527     buf[sizeof(buf) - 1] = 0;
528     notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
529    
530     if (SSHv1(pvar)) {
531     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
532     | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
533     | (1 << SSH_AUTH_TIS);
534     } else {
535     // for SSH2(yutaka)
536 yutakakn 2762 // types &= (1 << SSH_AUTH_PASSWORD);
537     // ���J���F�����L�������� (2004.12.18 yutaka)
538     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
539     | (1 << SSH_AUTH_DSA);
540 yutakakn 2728 }
541     pvar->auth_state.supported_types = types;
542    
543     if (types == 0) {
544     notify_fatal_error(pvar,
545     "Server does not support any of the authentication options\n"
546     "provided by TTSSH. This connection will now close.");
547     return 0;
548     } else {
549     if (pvar->auth_state.auth_dialog != NULL) {
550     update_server_supported_types(pvar,
551     pvar->auth_state.auth_dialog);
552     }
553    
554     return 1;
555     }
556     }
557    
558     static void start_user_auth(PTInstVar pvar)
559     {
560 yutakakn 2739 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
561 yutakakn 2728 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
562     (LPARAM) NULL);
563     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
564     }
565    
566     static void try_default_auth(PTInstVar pvar)
567     {
568     if (pvar->session_settings.TryDefaultAuth) {
569     switch (pvar->session_settings.DefaultAuthMethod) {
570     case SSH_AUTH_RSA:{
571     BOOL invalid_passphrase;
572     char password[] = "";
573    
574     pvar->auth_state.cur_cred.key_pair
575     =
576     KEYFILES_read_private_key(pvar,
577     pvar->session_settings.
578     DefaultRSAPrivateKeyFile,
579     password,
580     &invalid_passphrase, TRUE);
581     if (pvar->auth_state.cur_cred.key_pair == NULL) {
582     return;
583     } else {
584     pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
585     }
586     break;
587     }
588    
589     case SSH_AUTH_RHOSTS:
590     if (pvar->session_settings.
591     DefaultRhostsHostPrivateKeyFile[0] != 0) {
592     BOOL invalid_passphrase;
593     char password[] = "";
594    
595     pvar->auth_state.cur_cred.key_pair
596     =
597     KEYFILES_read_private_key(pvar,
598     pvar->session_settings.
599     DefaultRhostsHostPrivateKeyFile,
600     password,
601     &invalid_passphrase, TRUE);
602     if (pvar->auth_state.cur_cred.key_pair == NULL) {
603     return;
604     } else {
605     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
606     }
607     } else {
608     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
609     }
610    
611     pvar->auth_state.cur_cred.rhosts_client_user =
612     _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
613     break;
614    
615     case SSH_AUTH_PASSWORD:
616     pvar->auth_state.cur_cred.password = _strdup("");
617     pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
618     break;
619    
620     case SSH_AUTH_TIS:
621     default:
622     return;
623     }
624    
625     pvar->auth_state.user =
626     _strdup(pvar->session_settings.DefaultUserName);
627     }
628     }
629    
630     void AUTH_notify_end_error(PTInstVar pvar)
631     {
632     if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
633     start_user_auth(pvar);
634     pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
635     }
636     }
637    
638     void AUTH_advance_to_next_cred(PTInstVar pvar)
639     {
640     pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
641    
642     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
643     try_default_auth(pvar);
644    
645     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
646     if (pvar->err_msg != NULL) {
647     pvar->auth_state.flags |=
648     AUTH_START_USER_AUTH_ON_ERROR_END;
649     } else {
650 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
651     // �R�}���h���C���w������������
652 yutakakn 2728 start_user_auth(pvar);
653     }
654     }
655     } else {
656 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
657     // �R�}���h���C���w������(/auth=xxxx)������
658 yutakakn 2728 start_user_auth(pvar);
659     }
660     }
661    
662     static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
663     {
664     init_auth_machine_banner(pvar, dlg);
665     init_password_control(dlg);
666    
667     if (pvar->auth_state.TIS_prompt != NULL) {
668     if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
669     pvar->auth_state.TIS_prompt[10000] = 0;
670     }
671     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
672     pvar->auth_state.TIS_prompt);
673     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
674     }
675     }
676    
677     static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
678     {
679     char FAR *password =
680     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
681    
682     pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
683     pvar->auth_state.cur_cred.password = password;
684     pvar->auth_state.auth_dialog = NULL;
685    
686     SSH_notify_cred(pvar);
687    
688     EndDialog(dlg, 1);
689     return TRUE;
690     }
691    
692     static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
693     LPARAM lParam)
694     {
695     PTInstVar pvar;
696    
697     switch (msg) {
698     case WM_INITDIALOG:
699     pvar = (PTInstVar) lParam;
700     pvar->auth_state.auth_dialog = dlg;
701     SetWindowLong(dlg, DWL_USER, lParam);
702    
703     init_TIS_dlg(pvar, dlg);
704     return FALSE; /* because we set the focus */
705    
706     case WM_COMMAND:
707     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
708    
709     switch (LOWORD(wParam)) {
710     case IDOK:
711     return end_TIS_dlg(pvar, dlg);
712    
713     case IDCANCEL: /* kill the connection */
714     pvar->auth_state.auth_dialog = NULL;
715     notify_closed_connection(pvar);
716     EndDialog(dlg, 0);
717     return TRUE;
718    
719     default:
720     return FALSE;
721     }
722    
723     default:
724     return FALSE;
725     }
726     }
727    
728     void AUTH_do_cred_dialog(PTInstVar pvar)
729     {
730     if (pvar->auth_state.auth_dialog == NULL) {
731     HWND cur_active = GetActiveWindow();
732     DLGPROC dlg_proc;
733     LPCTSTR dialog_template;
734    
735     switch (pvar->auth_state.mode) {
736     case TIS_AUTH_MODE:
737     dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
738     dlg_proc = TIS_dlg_proc;
739     break;
740     case GENERIC_AUTH_MODE:
741     default:
742     dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
743     dlg_proc = auth_dlg_proc;
744     }
745    
746     if (!DialogBoxParam(hInst, dialog_template,
747     cur_active !=
748     NULL ? cur_active : pvar->NotificationWindow,
749     dlg_proc, (LPARAM) pvar) == -1) {
750     notify_fatal_error(pvar,
751     "Unable to display authentication dialog box.\n"
752     "Connection terminated.");
753     }
754     }
755     }
756    
757     static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
758     {
759     switch (pvar->settings.DefaultAuthMethod) {
760     case SSH_AUTH_RSA:
761     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
762     IDC_SSHUSERSA);
763     break;
764     case SSH_AUTH_RHOSTS:
765     case SSH_AUTH_RHOSTS_RSA:
766     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
767     IDC_SSHUSERHOSTS);
768     break;
769     case SSH_AUTH_TIS:
770     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
771     IDC_SSHUSETIS);
772     break;
773     case SSH_AUTH_PASSWORD:
774     default:
775     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
776     IDC_SSHUSEPASSWORD);
777     }
778    
779     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
780     SetDlgItemText(dlg, IDC_RSAFILENAME,
781     pvar->settings.DefaultRSAPrivateKeyFile);
782     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
783     pvar->settings.DefaultRhostsHostPrivateKeyFile);
784     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
785     pvar->settings.DefaultRhostsLocalUserName);
786 yutakakn 2789
787     // SSH2 keyboard-interactive method (2005.2.22 yutaka)
788     if (pvar->settings.ssh2_keyboard_interactive) {
789     SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
790     }
791    
792 yutakakn 2728 }
793    
794     static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
795     {
796     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
797     pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
798     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
799     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
800     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
801     } else {
802     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
803     }
804     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
805     pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
806     } else {
807     pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
808     }
809    
810     GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
811     sizeof(pvar->settings.DefaultUserName));
812     GetDlgItemText(dlg, IDC_RSAFILENAME,
813     pvar->settings.DefaultRSAPrivateKeyFile,
814     sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
815     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
816     pvar->settings.DefaultRhostsHostPrivateKeyFile,
817     sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
818     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
819     pvar->settings.DefaultRhostsLocalUserName,
820     sizeof(pvar->settings.DefaultRhostsLocalUserName));
821    
822 yutakakn 2789 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
823     {
824     LRESULT ret;
825     ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
826     if (ret & BST_CHECKED) {
827     pvar->settings.ssh2_keyboard_interactive = 1;
828     } else {
829     pvar->settings.ssh2_keyboard_interactive = 0;
830     }
831     }
832    
833 yutakakn 2728 EndDialog(dlg, 1);
834     return TRUE;
835     }
836    
837     static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
838     WPARAM wParam, LPARAM lParam)
839     {
840     PTInstVar pvar;
841    
842     switch (msg) {
843     case WM_INITDIALOG:
844     pvar = (PTInstVar) lParam;
845     SetWindowLong(dlg, DWL_USER, lParam);
846    
847     init_default_auth_dlg(pvar, dlg);
848     return TRUE; /* because we do not set the focus */
849    
850     case WM_COMMAND:
851     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
852    
853     switch (LOWORD(wParam)) {
854     case IDOK:
855     return end_default_auth_dlg(pvar, dlg);
856    
857     case IDCANCEL:
858     EndDialog(dlg, 0);
859     return TRUE;
860    
861     case IDC_CHOOSERSAFILE:
862     choose_RSA_key_file(dlg);
863     return TRUE;
864    
865     case IDC_CHOOSEHOSTRSAFILE:
866     choose_host_RSA_key_file(dlg);
867     return TRUE;
868    
869     default:
870     return FALSE;
871     }
872    
873     default:
874     return FALSE;
875     }
876     }
877    
878     void AUTH_init(PTInstVar pvar)
879     {
880     pvar->auth_state.failed_method = SSH_AUTH_NONE;
881     pvar->auth_state.auth_dialog = NULL;
882     pvar->auth_state.user = NULL;
883     pvar->auth_state.flags = 0;
884     pvar->auth_state.TIS_prompt = NULL;
885     pvar->auth_state.supported_types = 0;
886     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
887     pvar->auth_state.cur_cred.password = NULL;
888     pvar->auth_state.cur_cred.rhosts_client_user = NULL;
889     pvar->auth_state.cur_cred.key_pair = NULL;
890     AUTH_set_generic_mode(pvar);
891     }
892    
893     void AUTH_set_generic_mode(PTInstVar pvar)
894     {
895     pvar->auth_state.mode = GENERIC_AUTH_MODE;
896     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
897     }
898    
899     void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
900     {
901     if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
902     pvar->auth_state.mode = TIS_AUTH_MODE;
903    
904     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
905     pvar->auth_state.TIS_prompt = malloc(len + 1);
906     memcpy(pvar->auth_state.TIS_prompt, prompt, len);
907     pvar->auth_state.TIS_prompt[len] = 0;
908     } else {
909     AUTH_set_generic_mode(pvar);
910     }
911     }
912    
913     void AUTH_do_default_cred_dialog(PTInstVar pvar)
914     {
915     HWND cur_active = GetActiveWindow();
916    
917     if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
918     cur_active !=
919     NULL ? cur_active : pvar->NotificationWindow,
920     default_auth_dlg_proc, (LPARAM) pvar) == -1) {
921     notify_nonfatal_error(pvar,
922     "Unable to display authentication setup dialog box.");
923     }
924     }
925    
926     void AUTH_destroy_cur_cred(PTInstVar pvar)
927     {
928     destroy_malloced_string(&pvar->auth_state.cur_cred.password);
929     destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
930     if (pvar->auth_state.cur_cred.key_pair != NULL) {
931     CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
932     pvar->auth_state.cur_cred.key_pair = NULL;
933     }
934     }
935    
936     static char FAR *get_auth_method_name(SSHAuthMethod auth)
937     {
938     switch (auth) {
939     case SSH_AUTH_PASSWORD:
940     return "password";
941     case SSH_AUTH_RSA:
942     return "RSA";
943     case SSH_AUTH_RHOSTS:
944     return "rhosts";
945     case SSH_AUTH_RHOSTS_RSA:
946     return "rhosts with RSA";
947     case SSH_AUTH_TIS:
948     return "challenge/response (TIS)";
949     default:
950     return "unknown method";
951     }
952     }
953    
954     void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
955     {
956 yutakakn 2782 char *method = "unknown";
957    
958 yutakakn 2728 if (pvar->auth_state.user == NULL) {
959     strncpy(dest, "None", len);
960     } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
961 yutakakn 2762 if (SSHv1(pvar)) {
962     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
963     get_auth_method_name(pvar->auth_state.cur_cred.method));
964    
965     } else { // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
966     if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
967 yutakakn 2782 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
968     if (pvar->keyboard_interactive_done == 1) {
969     method = "keyboard-interactive";
970     } else {
971     method = get_auth_method_name(pvar->auth_state.cur_cred.method);
972     }
973     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
974    
975 yutakakn 2762 } else {
976     if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
977     method = "RSA";
978     } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
979     method = "DSA";
980     }
981     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
982     }
983    
984     }
985    
986 yutakakn 2728 } else {
987     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
988     get_auth_method_name(pvar->auth_state.failed_method));
989     }
990    
991     dest[len - 1] = 0;
992     }
993    
994     void AUTH_notify_disconnecting(PTInstVar pvar)
995     {
996     if (pvar->auth_state.auth_dialog != NULL) {
997     PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
998     /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
999     EnableWindow(pvar->NotificationWindow, TRUE);
1000     }
1001     }
1002    
1003     void AUTH_end(PTInstVar pvar)
1004     {
1005     destroy_malloced_string(&pvar->auth_state.user);
1006     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1007    
1008     AUTH_destroy_cur_cred(pvar);
1009     }
1010 yutakakn 2739
1011     /*
1012     * $Log: not supported by cvs2svn $
1013 yutakakn 2789 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1014     * ���J���F���������O�C�����T�|�[�g�B
1015     * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1016     * �����A�����������������T�|�[�g�B
1017     *
1018 yutakakn 2784 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1019     * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1020     * �A�v���P�[�V�����G���[���������������������B
1021     *
1022 yutakakn 2783 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1023     * �Ekeyboard-interactive�F�����T�|�[�g�����B
1024     * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1025     * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1026     *
1027 yutakakn 2782 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1028     * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1029     *
1030 yutakakn 2769 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1031     * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1032     *
1033 yutakakn 2762 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1034     * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1035     *
1036 yutakakn 2752 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1037     * SSH2�������O�C���@�\�������B
1038     * �����A�p�X���[�h�F�������������B
1039     * �E�R�}���h���C��
1040     * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1041     *
1042 yutakakn 2739 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help