Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2799 - (hide annotations) (download) (as text)
Sat Mar 12 12:08:05 2005 UTC (19 years, 1 month ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 29560 byte(s) 
パスワード認証の前に行うkeyboard-interactiveメソッドで、デフォルト設定値を無効(0)にした。
また、認証ダイアログのラベル名を設定の有無により変更するようにした。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #include "ttxssh.h"
30     #include "util.h"
31    
32     #include <io.h>
33     #include <fcntl.h>
34     #include <stdlib.h>
35     #include <errno.h>
36    
37     #include "resource.h"
38     #include "keyfiles.h"
39    
40     #define AUTH_START_USER_AUTH_ON_ERROR_END 1
41    
42     #define MAX_AUTH_CONTROL IDC_SSHUSETIS
43    
44     static void destroy_malloced_string(char FAR * FAR * str)
45     {
46     if (*str != NULL) {
47     memset(*str, 0, strlen(*str));
48     free(*str);
49     *str = NULL;
50     }
51     }
52    
53     static int auth_types_to_control_IDs[] = {
54     -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
55     IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
56     };
57    
58     static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
59     WPARAM wParam, LPARAM lParam)
60     {
61     switch (msg) {
62     case WM_CHAR:
63     if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
64     char chars[] = { (char) wParam, 0 };
65    
66     SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
67     (LPARAM) (char FAR *) chars);
68     return 0;
69     }
70     }
71    
72     return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
73     control, msg, wParam, lParam);
74     }
75    
76     static void init_password_control(HWND dlg)
77     {
78     HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
79    
80     SetWindowLong(passwordControl, GWL_USERDATA,
81     SetWindowLong(passwordControl, GWL_WNDPROC,
82     (LONG) password_wnd_proc));
83    
84     SetFocus(passwordControl);
85     }
86    
87     static void set_auth_options_status(HWND dlg, int controlID)
88     {
89     BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
90     BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
91     BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
92     int i;
93    
94     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
95    
96     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
97     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
98    
99     for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
100     EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
101     }
102    
103     for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
104     EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
105     }
106     }
107    
108     static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
109     {
110     char buf[1024] = "Logging in to ";
111    
112     if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
113     strcat(buf, SSH_get_host_name(pvar));
114     }
115     SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
116     }
117    
118     static void update_server_supported_types(PTInstVar pvar, HWND dlg)
119     {
120     int supported_methods = pvar->auth_state.supported_types;
121     int cur_control = -1;
122     int control;
123     HWND focus = GetFocus();
124    
125     if (supported_methods == 0) {
126     return;
127     }
128    
129     for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
130     control++) {
131     BOOL enabled = FALSE;
132     int method;
133     HWND item = GetDlgItem(dlg, control);
134    
135     if (item != NULL) {
136     for (method = 0; method <= SSH_AUTH_MAX; method++) {
137     if (auth_types_to_control_IDs[method] == control
138     && (supported_methods & (1 << method)) != 0) {
139     enabled = TRUE;
140     }
141     }
142    
143     EnableWindow(item, enabled);
144    
145     if (IsDlgButtonChecked(dlg, control)) {
146     cur_control = control;
147     }
148     }
149     }
150    
151     if (cur_control >= 0) {
152     if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
153     do {
154     cur_control++;
155     if (cur_control > MAX_AUTH_CONTROL) {
156     cur_control = IDC_SSHUSEPASSWORD;
157     }
158     } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
159    
160     set_auth_options_status(dlg, cur_control);
161    
162     if (focus != NULL && !IsWindowEnabled(focus)) {
163     SetFocus(GetDlgItem(dlg, cur_control));
164     }
165     }
166     }
167     }
168    
169     static void init_auth_dlg(PTInstVar pvar, HWND dlg)
170     {
171     int default_method = pvar->session_settings.DefaultAuthMethod;
172    
173     init_auth_machine_banner(pvar, dlg);
174     init_password_control(dlg);
175    
176     if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
177     /* must be retrying a failed attempt */
178     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
179     "Authentication failed. Please retry.");
180     SetWindowText(dlg, "Retrying SSH Authentication");
181     default_method = pvar->auth_state.failed_method;
182     }
183    
184     set_auth_options_status(dlg,
185     auth_types_to_control_IDs[default_method]);
186    
187     if (default_method == SSH_AUTH_TIS) {
188     /* we disabled the password control, so fix the focus */
189     SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
190     }
191    
192     if (pvar->auth_state.user != NULL) {
193     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
194     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
195     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
196     } else if (pvar->session_settings.DefaultUserName[0] != 0) {
197     SetDlgItemText(dlg, IDC_SSHUSERNAME,
198     pvar->session_settings.DefaultUserName);
199     } else {
200     SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
201     }
202    
203     SetDlgItemText(dlg, IDC_RSAFILENAME,
204     pvar->session_settings.DefaultRSAPrivateKeyFile);
205     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
206     pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
207     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
208     pvar->session_settings.DefaultRhostsLocalUserName);
209    
210     update_server_supported_types(pvar, dlg);
211 yutakakn 2739
212 yutakakn 2784 // SSH2 autologin
213 yutakakn 2739 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
214 yutakakn 2784 //
215     // (2004.12.1 yutaka)
216     // (2005.1.26 yutaka) ���J���F���T�|�[�g
217 yutakakn 2739 if (pvar->ssh2_autologin == 1) {
218     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
219     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
220     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
221    
222     SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
223     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
224     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
225    
226 yutakakn 2784 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
227 yutakakn 2739 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
228 yutakakn 2784
229     } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
230     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
231    
232     SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
233     EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
234     EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
235    
236 yutakakn 2739 } else {
237     // TODO
238    
239     }
240     }
241    
242 yutakakn 2799 // �p�X���[�h�F���������O���Akeyboard-interactive���\�b�h�������������A���x������
243     // ���X�����B(2005.3.12 yutaka)
244     if (pvar->settings.ssh2_keyboard_interactive == 1) {
245     SetDlgItemText(dlg, IDC_SSHUSEPASSWORD, "Use p&lain password to log in (with keyboard-interactive)");
246     }
247    
248 yutakakn 2728 }
249    
250     static char FAR *alloc_control_text(HWND ctl)
251     {
252     int len = GetWindowTextLength(ctl);
253     char FAR *result = malloc(len + 1);
254    
255     if (result != NULL) {
256     GetWindowText(ctl, result, len + 1);
257     result[len] = 0;
258     }
259    
260     return result;
261     }
262    
263     static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
264     {
265     #ifdef TERATERM32
266     OPENFILENAME params;
267     char fullname_buf[2048] = "identity";
268    
269 yutakakn 2762 ZeroMemory(&params, sizeof(params));
270 yutakakn 2728 params.lStructSize = sizeof(OPENFILENAME);
271     params.hwndOwner = parent;
272 yutakakn 2762 // �t�B���^������ (2004.12.19 yutaka)
273     params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
274 yutakakn 2728 params.lpstrCustomFilter = NULL;
275     params.nFilterIndex = 0;
276     buf[0] = 0;
277     params.lpstrFile = fullname_buf;
278     params.nMaxFile = sizeof(fullname_buf);
279     params.lpstrFileTitle = NULL;
280     params.lpstrInitialDir = NULL;
281     params.lpstrTitle = "Choose a file with the RSA private key";
282     params.Flags =
283     OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
284     params.lpstrDefExt = NULL;
285    
286     if (GetOpenFileName(&params) != 0) {
287     copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
288     return 1;
289     } else {
290     return 0;
291     }
292     #else
293     return 0;
294     #endif
295     }
296    
297     static void choose_RSA_key_file(HWND dlg)
298     {
299     char buf[1024];
300    
301     if (get_key_file_name(dlg, buf, sizeof(buf))) {
302     SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
303     }
304     }
305    
306     static void choose_host_RSA_key_file(HWND dlg)
307     {
308     char buf[1024];
309    
310     if (get_key_file_name(dlg, buf, sizeof(buf))) {
311     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
312     }
313     }
314    
315     static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
316     {
317     int method = SSH_AUTH_PASSWORD;
318     char FAR *password =
319     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
320     CRYPTKeyPair FAR *key_pair = NULL;
321    
322     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
323     method = SSH_AUTH_RSA;
324     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
325     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
326     method = SSH_AUTH_RHOSTS_RSA;
327     } else {
328     method = SSH_AUTH_RHOSTS;
329     }
330     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
331     method = SSH_AUTH_TIS;
332     }
333    
334     if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
335     char buf[2048];
336     int file_ctl_ID =
337     method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
338    
339     buf[0] = 0;
340     GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
341     if (buf[0] == 0) {
342     notify_nonfatal_error(pvar,
343 yutakakn 2762 "You must specify a file containing the RSA/DSA private key.");
344 yutakakn 2728 SetFocus(GetDlgItem(dlg, file_ctl_ID));
345     destroy_malloced_string(&password);
346     return FALSE;
347 yutakakn 2762 }
348    
349     if (SSHv1(pvar)) {
350 yutakakn 2728 BOOL invalid_passphrase = FALSE;
351    
352     key_pair = KEYFILES_read_private_key(pvar, buf, password,
353     &invalid_passphrase,
354     FALSE);
355    
356     if (key_pair == NULL) {
357     if (invalid_passphrase) {
358     HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
359    
360     SetFocus(passwordCtl);
361     SendMessage(passwordCtl, EM_SETSEL, 0, -1);
362     } else {
363     SetFocus(GetDlgItem(dlg, file_ctl_ID));
364     }
365     destroy_malloced_string(&password);
366     return FALSE;
367     }
368 yutakakn 2762
369     } else { // SSH2(yutaka)
370     BOOL invalid_passphrase = FALSE;
371 yutakakn 2769 char errmsg[256];
372 yutakakn 2762
373 yutakakn 2769 memset(errmsg, 0, sizeof(errmsg));
374 yutakakn 2784 //GetCurrentDirectory(sizeof(errmsg), errmsg);
375 yutakakn 2769
376 yutakakn 2762 key_pair = read_SSH2_private_key(pvar, buf, password,
377     &invalid_passphrase,
378 yutakakn 2769 FALSE,
379     errmsg,
380     sizeof(errmsg)
381     );
382 yutakakn 2762
383     if (key_pair == NULL) { // read error
384 yutakakn 2769 char buf[1024];
385     _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
386     notify_nonfatal_error(pvar, buf);
387 yutakakn 2762 destroy_malloced_string(&password);
388     return FALSE;
389     }
390    
391 yutakakn 2728 }
392 yutakakn 2762
393 yutakakn 2728 }
394    
395     /* from here on, we cannot fail, so just munge cur_cred in place */
396     pvar->auth_state.cur_cred.method = method;
397     pvar->auth_state.cur_cred.key_pair = key_pair;
398     /* we can't change the user name once it's set. It may already have
399     been sent to the server, and it can only be sent once. */
400     if (pvar->auth_state.user == NULL) {
401     pvar->auth_state.user =
402     alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
403     }
404     if (method == SSH_AUTH_PASSWORD) {
405     pvar->auth_state.cur_cred.password = password;
406     } else {
407     destroy_malloced_string(&password);
408     }
409     if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
410     if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
411     notify_nonfatal_error(pvar,
412     "Rhosts authentication will probably fail because it was not "
413     "the default authentication method.\n"
414     "To use Rhosts authentication "
415     "in TTSSH, you need to set it to be the default by restarting\n"
416     "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
417     "before connecting.");
418     }
419    
420     pvar->auth_state.cur_cred.rhosts_client_user =
421     alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
422     }
423     pvar->auth_state.auth_dialog = NULL;
424    
425     GetDlgItemText(dlg, IDC_RSAFILENAME,
426     pvar->session_settings.DefaultRSAPrivateKeyFile,
427     sizeof(pvar->session_settings.
428     DefaultRSAPrivateKeyFile));
429     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
430     pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
431     sizeof(pvar->session_settings.
432     DefaultRhostsHostPrivateKeyFile));
433     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
434     pvar->session_settings.DefaultRhostsLocalUserName,
435     sizeof(pvar->session_settings.
436     DefaultRhostsLocalUserName));
437    
438     if (SSHv1(pvar)) {
439     SSH_notify_user_name(pvar);
440     SSH_notify_cred(pvar);
441     } else {
442     // for SSH2(yutaka)
443     do_SSH2_userauth(pvar);
444     }
445    
446     EndDialog(dlg, 1);
447     return TRUE;
448     }
449    
450     static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
451     LPARAM lParam)
452     {
453 yutakakn 2739 const int IDC_TIMER1 = 300;
454 yutakakn 2752 const int autologin_timeout = 10; // �~���b
455 yutakakn 2728 PTInstVar pvar;
456    
457     switch (msg) {
458     case WM_INITDIALOG:
459     pvar = (PTInstVar) lParam;
460     pvar->auth_state.auth_dialog = dlg;
461     SetWindowLong(dlg, DWL_USER, lParam);
462    
463     init_auth_dlg(pvar, dlg);
464 yutakakn 2739
465     // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
466     if (pvar->ssh2_autologin == 1) {
467     SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
468     }
469 yutakakn 2728 return FALSE; /* because we set the focus */
470    
471 yutakakn 2739 case WM_TIMER:
472 yutakakn 2752 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
473     // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
474     if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
475     KillTimer(dlg, IDC_TIMER1);
476     SendMessage(dlg, WM_COMMAND, IDOK, 0);
477     }
478 yutakakn 2739 return TRUE;
479    
480 yutakakn 2728 case WM_COMMAND:
481     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
482    
483     switch (LOWORD(wParam)) {
484     case IDOK:
485 yutakakn 2783 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
486     if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
487     return FALSE;
488     }
489 yutakakn 2728 return end_auth_dlg(pvar, dlg);
490    
491     case IDCANCEL: /* kill the connection */
492     pvar->auth_state.auth_dialog = NULL;
493     notify_closed_connection(pvar);
494     EndDialog(dlg, 0);
495     return TRUE;
496    
497     case IDC_SSHUSEPASSWORD:
498     case IDC_SSHUSERSA:
499     case IDC_SSHUSERHOSTS:
500     case IDC_SSHUSETIS:
501     set_auth_options_status(dlg, LOWORD(wParam));
502     return TRUE;
503    
504     case IDC_CHOOSERSAFILE:
505     choose_RSA_key_file(dlg);
506     return TRUE;
507    
508     case IDC_CHOOSEHOSTRSAFILE:
509     choose_host_RSA_key_file(dlg);
510     return TRUE;
511    
512     default:
513     return FALSE;
514     }
515    
516     default:
517     return FALSE;
518     }
519     }
520    
521     char FAR *AUTH_get_user_name(PTInstVar pvar)
522     {
523     return pvar->auth_state.user;
524     }
525    
526     int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
527     {
528     char buf[1024];
529    
530     _snprintf(buf, sizeof(buf),
531     "Server reports supported authentication method mask = %d",
532     types);
533     buf[sizeof(buf) - 1] = 0;
534     notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
535    
536     if (SSHv1(pvar)) {
537     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
538     | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
539     | (1 << SSH_AUTH_TIS);
540     } else {
541     // for SSH2(yutaka)
542 yutakakn 2762 // types &= (1 << SSH_AUTH_PASSWORD);
543     // ���J���F�����L�������� (2004.12.18 yutaka)
544     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
545     | (1 << SSH_AUTH_DSA);
546 yutakakn 2728 }
547     pvar->auth_state.supported_types = types;
548    
549     if (types == 0) {
550     notify_fatal_error(pvar,
551     "Server does not support any of the authentication options\n"
552     "provided by TTSSH. This connection will now close.");
553     return 0;
554     } else {
555     if (pvar->auth_state.auth_dialog != NULL) {
556     update_server_supported_types(pvar,
557     pvar->auth_state.auth_dialog);
558     }
559    
560     return 1;
561     }
562     }
563    
564     static void start_user_auth(PTInstVar pvar)
565     {
566 yutakakn 2739 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
567 yutakakn 2728 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
568     (LPARAM) NULL);
569     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
570     }
571    
572     static void try_default_auth(PTInstVar pvar)
573     {
574     if (pvar->session_settings.TryDefaultAuth) {
575     switch (pvar->session_settings.DefaultAuthMethod) {
576     case SSH_AUTH_RSA:{
577     BOOL invalid_passphrase;
578     char password[] = "";
579    
580     pvar->auth_state.cur_cred.key_pair
581     =
582     KEYFILES_read_private_key(pvar,
583     pvar->session_settings.
584     DefaultRSAPrivateKeyFile,
585     password,
586     &invalid_passphrase, TRUE);
587     if (pvar->auth_state.cur_cred.key_pair == NULL) {
588     return;
589     } else {
590     pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
591     }
592     break;
593     }
594    
595     case SSH_AUTH_RHOSTS:
596     if (pvar->session_settings.
597     DefaultRhostsHostPrivateKeyFile[0] != 0) {
598     BOOL invalid_passphrase;
599     char password[] = "";
600    
601     pvar->auth_state.cur_cred.key_pair
602     =
603     KEYFILES_read_private_key(pvar,
604     pvar->session_settings.
605     DefaultRhostsHostPrivateKeyFile,
606     password,
607     &invalid_passphrase, TRUE);
608     if (pvar->auth_state.cur_cred.key_pair == NULL) {
609     return;
610     } else {
611     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
612     }
613     } else {
614     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
615     }
616    
617     pvar->auth_state.cur_cred.rhosts_client_user =
618     _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
619     break;
620    
621     case SSH_AUTH_PASSWORD:
622     pvar->auth_state.cur_cred.password = _strdup("");
623     pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
624     break;
625    
626     case SSH_AUTH_TIS:
627     default:
628     return;
629     }
630    
631     pvar->auth_state.user =
632     _strdup(pvar->session_settings.DefaultUserName);
633     }
634     }
635    
636     void AUTH_notify_end_error(PTInstVar pvar)
637     {
638     if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
639     start_user_auth(pvar);
640     pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
641     }
642     }
643    
644     void AUTH_advance_to_next_cred(PTInstVar pvar)
645     {
646     pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
647    
648     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
649     try_default_auth(pvar);
650    
651     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
652     if (pvar->err_msg != NULL) {
653     pvar->auth_state.flags |=
654     AUTH_START_USER_AUTH_ON_ERROR_END;
655     } else {
656 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
657     // �R�}���h���C���w������������
658 yutakakn 2728 start_user_auth(pvar);
659     }
660     }
661     } else {
662 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
663     // �R�}���h���C���w������(/auth=xxxx)������
664 yutakakn 2728 start_user_auth(pvar);
665     }
666     }
667    
668     static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
669     {
670     init_auth_machine_banner(pvar, dlg);
671     init_password_control(dlg);
672    
673     if (pvar->auth_state.TIS_prompt != NULL) {
674     if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
675     pvar->auth_state.TIS_prompt[10000] = 0;
676     }
677     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
678     pvar->auth_state.TIS_prompt);
679     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
680     }
681     }
682    
683     static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
684     {
685     char FAR *password =
686     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
687    
688     pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
689     pvar->auth_state.cur_cred.password = password;
690     pvar->auth_state.auth_dialog = NULL;
691    
692     SSH_notify_cred(pvar);
693    
694     EndDialog(dlg, 1);
695     return TRUE;
696     }
697    
698     static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
699     LPARAM lParam)
700     {
701     PTInstVar pvar;
702    
703     switch (msg) {
704     case WM_INITDIALOG:
705     pvar = (PTInstVar) lParam;
706     pvar->auth_state.auth_dialog = dlg;
707     SetWindowLong(dlg, DWL_USER, lParam);
708    
709     init_TIS_dlg(pvar, dlg);
710     return FALSE; /* because we set the focus */
711    
712     case WM_COMMAND:
713     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
714    
715     switch (LOWORD(wParam)) {
716     case IDOK:
717     return end_TIS_dlg(pvar, dlg);
718    
719     case IDCANCEL: /* kill the connection */
720     pvar->auth_state.auth_dialog = NULL;
721     notify_closed_connection(pvar);
722     EndDialog(dlg, 0);
723     return TRUE;
724    
725     default:
726     return FALSE;
727     }
728    
729     default:
730     return FALSE;
731     }
732     }
733    
734     void AUTH_do_cred_dialog(PTInstVar pvar)
735     {
736     if (pvar->auth_state.auth_dialog == NULL) {
737     HWND cur_active = GetActiveWindow();
738     DLGPROC dlg_proc;
739     LPCTSTR dialog_template;
740    
741     switch (pvar->auth_state.mode) {
742     case TIS_AUTH_MODE:
743     dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
744     dlg_proc = TIS_dlg_proc;
745     break;
746     case GENERIC_AUTH_MODE:
747     default:
748     dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
749     dlg_proc = auth_dlg_proc;
750     }
751    
752     if (!DialogBoxParam(hInst, dialog_template,
753     cur_active !=
754     NULL ? cur_active : pvar->NotificationWindow,
755     dlg_proc, (LPARAM) pvar) == -1) {
756     notify_fatal_error(pvar,
757     "Unable to display authentication dialog box.\n"
758     "Connection terminated.");
759     }
760     }
761     }
762    
763     static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
764     {
765     switch (pvar->settings.DefaultAuthMethod) {
766     case SSH_AUTH_RSA:
767     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
768     IDC_SSHUSERSA);
769     break;
770     case SSH_AUTH_RHOSTS:
771     case SSH_AUTH_RHOSTS_RSA:
772     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
773     IDC_SSHUSERHOSTS);
774     break;
775     case SSH_AUTH_TIS:
776     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
777     IDC_SSHUSETIS);
778     break;
779     case SSH_AUTH_PASSWORD:
780     default:
781     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
782     IDC_SSHUSEPASSWORD);
783     }
784    
785     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
786     SetDlgItemText(dlg, IDC_RSAFILENAME,
787     pvar->settings.DefaultRSAPrivateKeyFile);
788     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
789     pvar->settings.DefaultRhostsHostPrivateKeyFile);
790     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
791     pvar->settings.DefaultRhostsLocalUserName);
792 yutakakn 2789
793     // SSH2 keyboard-interactive method (2005.2.22 yutaka)
794     if (pvar->settings.ssh2_keyboard_interactive) {
795     SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
796     }
797    
798 yutakakn 2728 }
799    
800     static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
801     {
802     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
803     pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
804     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
805     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
806     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
807     } else {
808     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
809     }
810     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
811     pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
812     } else {
813     pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
814     }
815    
816     GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
817     sizeof(pvar->settings.DefaultUserName));
818     GetDlgItemText(dlg, IDC_RSAFILENAME,
819     pvar->settings.DefaultRSAPrivateKeyFile,
820     sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
821     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
822     pvar->settings.DefaultRhostsHostPrivateKeyFile,
823     sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
824     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
825     pvar->settings.DefaultRhostsLocalUserName,
826     sizeof(pvar->settings.DefaultRhostsLocalUserName));
827    
828 yutakakn 2789 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
829     {
830     LRESULT ret;
831     ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
832     if (ret & BST_CHECKED) {
833     pvar->settings.ssh2_keyboard_interactive = 1;
834     } else {
835     pvar->settings.ssh2_keyboard_interactive = 0;
836     }
837     }
838    
839 yutakakn 2728 EndDialog(dlg, 1);
840     return TRUE;
841     }
842    
843     static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
844     WPARAM wParam, LPARAM lParam)
845     {
846     PTInstVar pvar;
847    
848     switch (msg) {
849     case WM_INITDIALOG:
850     pvar = (PTInstVar) lParam;
851     SetWindowLong(dlg, DWL_USER, lParam);
852    
853     init_default_auth_dlg(pvar, dlg);
854     return TRUE; /* because we do not set the focus */
855    
856     case WM_COMMAND:
857     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
858    
859     switch (LOWORD(wParam)) {
860     case IDOK:
861     return end_default_auth_dlg(pvar, dlg);
862    
863     case IDCANCEL:
864     EndDialog(dlg, 0);
865     return TRUE;
866    
867     case IDC_CHOOSERSAFILE:
868     choose_RSA_key_file(dlg);
869     return TRUE;
870    
871     case IDC_CHOOSEHOSTRSAFILE:
872     choose_host_RSA_key_file(dlg);
873     return TRUE;
874    
875     default:
876     return FALSE;
877     }
878    
879     default:
880     return FALSE;
881     }
882     }
883    
884     void AUTH_init(PTInstVar pvar)
885     {
886     pvar->auth_state.failed_method = SSH_AUTH_NONE;
887     pvar->auth_state.auth_dialog = NULL;
888     pvar->auth_state.user = NULL;
889     pvar->auth_state.flags = 0;
890     pvar->auth_state.TIS_prompt = NULL;
891     pvar->auth_state.supported_types = 0;
892     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
893     pvar->auth_state.cur_cred.password = NULL;
894     pvar->auth_state.cur_cred.rhosts_client_user = NULL;
895     pvar->auth_state.cur_cred.key_pair = NULL;
896     AUTH_set_generic_mode(pvar);
897     }
898    
899     void AUTH_set_generic_mode(PTInstVar pvar)
900     {
901     pvar->auth_state.mode = GENERIC_AUTH_MODE;
902     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
903     }
904    
905     void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
906     {
907     if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
908     pvar->auth_state.mode = TIS_AUTH_MODE;
909    
910     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
911     pvar->auth_state.TIS_prompt = malloc(len + 1);
912     memcpy(pvar->auth_state.TIS_prompt, prompt, len);
913     pvar->auth_state.TIS_prompt[len] = 0;
914     } else {
915     AUTH_set_generic_mode(pvar);
916     }
917     }
918    
919     void AUTH_do_default_cred_dialog(PTInstVar pvar)
920     {
921     HWND cur_active = GetActiveWindow();
922    
923     if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
924     cur_active !=
925     NULL ? cur_active : pvar->NotificationWindow,
926     default_auth_dlg_proc, (LPARAM) pvar) == -1) {
927     notify_nonfatal_error(pvar,
928     "Unable to display authentication setup dialog box.");
929     }
930     }
931    
932     void AUTH_destroy_cur_cred(PTInstVar pvar)
933     {
934     destroy_malloced_string(&pvar->auth_state.cur_cred.password);
935     destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
936     if (pvar->auth_state.cur_cred.key_pair != NULL) {
937     CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
938     pvar->auth_state.cur_cred.key_pair = NULL;
939     }
940     }
941    
942     static char FAR *get_auth_method_name(SSHAuthMethod auth)
943     {
944     switch (auth) {
945     case SSH_AUTH_PASSWORD:
946     return "password";
947     case SSH_AUTH_RSA:
948     return "RSA";
949     case SSH_AUTH_RHOSTS:
950     return "rhosts";
951     case SSH_AUTH_RHOSTS_RSA:
952     return "rhosts with RSA";
953     case SSH_AUTH_TIS:
954     return "challenge/response (TIS)";
955     default:
956     return "unknown method";
957     }
958     }
959    
960     void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
961     {
962 yutakakn 2782 char *method = "unknown";
963    
964 yutakakn 2728 if (pvar->auth_state.user == NULL) {
965     strncpy(dest, "None", len);
966     } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
967 yutakakn 2762 if (SSHv1(pvar)) {
968     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
969     get_auth_method_name(pvar->auth_state.cur_cred.method));
970    
971     } else { // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
972     if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
973 yutakakn 2782 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
974     if (pvar->keyboard_interactive_done == 1) {
975     method = "keyboard-interactive";
976     } else {
977     method = get_auth_method_name(pvar->auth_state.cur_cred.method);
978     }
979     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
980    
981 yutakakn 2762 } else {
982     if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
983     method = "RSA";
984     } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
985     method = "DSA";
986     }
987     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
988     }
989    
990     }
991    
992 yutakakn 2728 } else {
993     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
994     get_auth_method_name(pvar->auth_state.failed_method));
995     }
996    
997     dest[len - 1] = 0;
998     }
999    
1000     void AUTH_notify_disconnecting(PTInstVar pvar)
1001     {
1002     if (pvar->auth_state.auth_dialog != NULL) {
1003     PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
1004     /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
1005     EnableWindow(pvar->NotificationWindow, TRUE);
1006     }
1007     }
1008    
1009     void AUTH_end(PTInstVar pvar)
1010     {
1011     destroy_malloced_string(&pvar->auth_state.user);
1012     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1013    
1014     AUTH_destroy_cur_cred(pvar);
1015     }
1016 yutakakn 2739
1017     /*
1018     * $Log: not supported by cvs2svn $
1019 yutakakn 2799 * Revision 1.9 2005/02/22 08:48:11 yutakakn
1020     * TTSSH setup�_�C�A���O�� HeartBeat �����������B
1021     * TTSSH authentication setup�_�C�A���O�� keyboard-interactive �����������B
1022     *
1023 yutakakn 2789 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1024     * ���J���F���������O�C�����T�|�[�g�B
1025     * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1026     * �����A�����������������T�|�[�g�B
1027     *
1028 yutakakn 2784 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1029     * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1030     * �A�v���P�[�V�����G���[���������������������B
1031     *
1032 yutakakn 2783 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1033     * �Ekeyboard-interactive�F�����T�|�[�g�����B
1034     * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1035     * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1036     *
1037 yutakakn 2782 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1038     * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1039     *
1040 yutakakn 2769 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1041     * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1042     *
1043 yutakakn 2762 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1044     * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1045     *
1046 yutakakn 2752 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1047     * SSH2�������O�C���@�\�������B
1048     * �����A�p�X���[�h�F�������������B
1049     * �E�R�}���h���C��
1050     * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1051     *
1052 yutakakn 2739 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help