Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2800 - (hide annotations) (download) (as text)
Sat Mar 12 15:07:34 2005 UTC (19 years, 1 month ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 30442 byte(s) 
SSH2 keyboard-interactive認証をTISダイアログに実装した。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #include "ttxssh.h"
30     #include "util.h"
31 yutakakn 2800 #include "ssh.h"
32 yutakakn 2728
33     #include <io.h>
34     #include <fcntl.h>
35     #include <stdlib.h>
36     #include <errno.h>
37    
38     #include "resource.h"
39     #include "keyfiles.h"
40    
41     #define AUTH_START_USER_AUTH_ON_ERROR_END 1
42    
43     #define MAX_AUTH_CONTROL IDC_SSHUSETIS
44    
45     static void destroy_malloced_string(char FAR * FAR * str)
46     {
47     if (*str != NULL) {
48     memset(*str, 0, strlen(*str));
49     free(*str);
50     *str = NULL;
51     }
52     }
53    
54     static int auth_types_to_control_IDs[] = {
55     -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
56     IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
57     };
58    
59     static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
60     WPARAM wParam, LPARAM lParam)
61     {
62     switch (msg) {
63     case WM_CHAR:
64     if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
65     char chars[] = { (char) wParam, 0 };
66    
67     SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
68     (LPARAM) (char FAR *) chars);
69     return 0;
70     }
71     }
72    
73     return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
74     control, msg, wParam, lParam);
75     }
76    
77     static void init_password_control(HWND dlg)
78     {
79     HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
80    
81     SetWindowLong(passwordControl, GWL_USERDATA,
82     SetWindowLong(passwordControl, GWL_WNDPROC,
83     (LONG) password_wnd_proc));
84    
85     SetFocus(passwordControl);
86     }
87    
88     static void set_auth_options_status(HWND dlg, int controlID)
89     {
90     BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
91     BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
92     BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
93     int i;
94    
95     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
96    
97     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
98     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
99    
100     for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
101     EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
102     }
103    
104     for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
105     EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
106     }
107     }
108    
109     static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
110     {
111     char buf[1024] = "Logging in to ";
112    
113     if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
114     strcat(buf, SSH_get_host_name(pvar));
115     }
116     SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
117     }
118    
119     static void update_server_supported_types(PTInstVar pvar, HWND dlg)
120     {
121     int supported_methods = pvar->auth_state.supported_types;
122     int cur_control = -1;
123     int control;
124     HWND focus = GetFocus();
125    
126     if (supported_methods == 0) {
127     return;
128     }
129    
130     for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
131     control++) {
132     BOOL enabled = FALSE;
133     int method;
134     HWND item = GetDlgItem(dlg, control);
135    
136     if (item != NULL) {
137     for (method = 0; method <= SSH_AUTH_MAX; method++) {
138     if (auth_types_to_control_IDs[method] == control
139     && (supported_methods & (1 << method)) != 0) {
140     enabled = TRUE;
141     }
142     }
143    
144     EnableWindow(item, enabled);
145    
146     if (IsDlgButtonChecked(dlg, control)) {
147     cur_control = control;
148     }
149     }
150     }
151    
152     if (cur_control >= 0) {
153     if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
154     do {
155     cur_control++;
156     if (cur_control > MAX_AUTH_CONTROL) {
157     cur_control = IDC_SSHUSEPASSWORD;
158     }
159     } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
160    
161     set_auth_options_status(dlg, cur_control);
162    
163     if (focus != NULL && !IsWindowEnabled(focus)) {
164     SetFocus(GetDlgItem(dlg, cur_control));
165     }
166     }
167     }
168     }
169    
170     static void init_auth_dlg(PTInstVar pvar, HWND dlg)
171     {
172     int default_method = pvar->session_settings.DefaultAuthMethod;
173    
174     init_auth_machine_banner(pvar, dlg);
175     init_password_control(dlg);
176    
177     if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
178     /* must be retrying a failed attempt */
179     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
180     "Authentication failed. Please retry.");
181     SetWindowText(dlg, "Retrying SSH Authentication");
182     default_method = pvar->auth_state.failed_method;
183     }
184    
185     set_auth_options_status(dlg,
186     auth_types_to_control_IDs[default_method]);
187    
188     if (default_method == SSH_AUTH_TIS) {
189     /* we disabled the password control, so fix the focus */
190     SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
191     }
192    
193     if (pvar->auth_state.user != NULL) {
194     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
195     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
196     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
197     } else if (pvar->session_settings.DefaultUserName[0] != 0) {
198     SetDlgItemText(dlg, IDC_SSHUSERNAME,
199     pvar->session_settings.DefaultUserName);
200     } else {
201     SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
202     }
203    
204     SetDlgItemText(dlg, IDC_RSAFILENAME,
205     pvar->session_settings.DefaultRSAPrivateKeyFile);
206     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
207     pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
208     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
209     pvar->session_settings.DefaultRhostsLocalUserName);
210    
211     update_server_supported_types(pvar, dlg);
212 yutakakn 2739
213 yutakakn 2784 // SSH2 autologin
214 yutakakn 2739 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
215 yutakakn 2784 //
216     // (2004.12.1 yutaka)
217     // (2005.1.26 yutaka) ���J���F���T�|�[�g
218 yutakakn 2739 if (pvar->ssh2_autologin == 1) {
219     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
220     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
221     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
222    
223     SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
224     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
225     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
226    
227 yutakakn 2784 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
228 yutakakn 2739 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
229 yutakakn 2784
230     } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
231     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
232    
233     SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
234     EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
235     EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
236    
237 yutakakn 2739 } else {
238     // TODO
239    
240     }
241     }
242    
243 yutakakn 2800 #if 1
244 yutakakn 2799 // �p�X���[�h�F���������O���Akeyboard-interactive���\�b�h�������������A���x������
245     // ���X�����B(2005.3.12 yutaka)
246     if (pvar->settings.ssh2_keyboard_interactive == 1) {
247     SetDlgItemText(dlg, IDC_SSHUSEPASSWORD, "Use p&lain password to log in (with keyboard-interactive)");
248     }
249    
250 yutakakn 2800 if (pvar->settings.ssh_protocol_version == 1) {
251     SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&TIS)");
252     } else {
253     SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(keyboard-interactive)");
254     }
255     #endif
256    
257 yutakakn 2728 }
258    
259     static char FAR *alloc_control_text(HWND ctl)
260     {
261     int len = GetWindowTextLength(ctl);
262     char FAR *result = malloc(len + 1);
263    
264     if (result != NULL) {
265     GetWindowText(ctl, result, len + 1);
266     result[len] = 0;
267     }
268    
269     return result;
270     }
271    
272     static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
273     {
274     #ifdef TERATERM32
275     OPENFILENAME params;
276     char fullname_buf[2048] = "identity";
277    
278 yutakakn 2762 ZeroMemory(&params, sizeof(params));
279 yutakakn 2728 params.lStructSize = sizeof(OPENFILENAME);
280     params.hwndOwner = parent;
281 yutakakn 2762 // �t�B���^������ (2004.12.19 yutaka)
282     params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
283 yutakakn 2728 params.lpstrCustomFilter = NULL;
284     params.nFilterIndex = 0;
285     buf[0] = 0;
286     params.lpstrFile = fullname_buf;
287     params.nMaxFile = sizeof(fullname_buf);
288     params.lpstrFileTitle = NULL;
289     params.lpstrInitialDir = NULL;
290     params.lpstrTitle = "Choose a file with the RSA private key";
291     params.Flags =
292     OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
293     params.lpstrDefExt = NULL;
294    
295     if (GetOpenFileName(&params) != 0) {
296     copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
297     return 1;
298     } else {
299     return 0;
300     }
301     #else
302     return 0;
303     #endif
304     }
305    
306     static void choose_RSA_key_file(HWND dlg)
307     {
308     char buf[1024];
309    
310     if (get_key_file_name(dlg, buf, sizeof(buf))) {
311     SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
312     }
313     }
314    
315     static void choose_host_RSA_key_file(HWND dlg)
316     {
317     char buf[1024];
318    
319     if (get_key_file_name(dlg, buf, sizeof(buf))) {
320     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
321     }
322     }
323    
324     static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
325     {
326     int method = SSH_AUTH_PASSWORD;
327     char FAR *password =
328     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
329     CRYPTKeyPair FAR *key_pair = NULL;
330    
331     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
332     method = SSH_AUTH_RSA;
333     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
334     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
335     method = SSH_AUTH_RHOSTS_RSA;
336     } else {
337     method = SSH_AUTH_RHOSTS;
338     }
339     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
340     method = SSH_AUTH_TIS;
341     }
342    
343     if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
344     char buf[2048];
345     int file_ctl_ID =
346     method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
347    
348     buf[0] = 0;
349     GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
350     if (buf[0] == 0) {
351     notify_nonfatal_error(pvar,
352 yutakakn 2762 "You must specify a file containing the RSA/DSA private key.");
353 yutakakn 2728 SetFocus(GetDlgItem(dlg, file_ctl_ID));
354     destroy_malloced_string(&password);
355     return FALSE;
356 yutakakn 2762 }
357    
358     if (SSHv1(pvar)) {
359 yutakakn 2728 BOOL invalid_passphrase = FALSE;
360    
361     key_pair = KEYFILES_read_private_key(pvar, buf, password,
362     &invalid_passphrase,
363     FALSE);
364    
365     if (key_pair == NULL) {
366     if (invalid_passphrase) {
367     HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
368    
369     SetFocus(passwordCtl);
370     SendMessage(passwordCtl, EM_SETSEL, 0, -1);
371     } else {
372     SetFocus(GetDlgItem(dlg, file_ctl_ID));
373     }
374     destroy_malloced_string(&password);
375     return FALSE;
376     }
377 yutakakn 2762
378     } else { // SSH2(yutaka)
379     BOOL invalid_passphrase = FALSE;
380 yutakakn 2769 char errmsg[256];
381 yutakakn 2762
382 yutakakn 2769 memset(errmsg, 0, sizeof(errmsg));
383 yutakakn 2784 //GetCurrentDirectory(sizeof(errmsg), errmsg);
384 yutakakn 2769
385 yutakakn 2762 key_pair = read_SSH2_private_key(pvar, buf, password,
386     &invalid_passphrase,
387 yutakakn 2769 FALSE,
388     errmsg,
389     sizeof(errmsg)
390     );
391 yutakakn 2762
392     if (key_pair == NULL) { // read error
393 yutakakn 2769 char buf[1024];
394     _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
395     notify_nonfatal_error(pvar, buf);
396 yutakakn 2762 destroy_malloced_string(&password);
397     return FALSE;
398     }
399    
400 yutakakn 2728 }
401 yutakakn 2762
402 yutakakn 2728 }
403    
404     /* from here on, we cannot fail, so just munge cur_cred in place */
405     pvar->auth_state.cur_cred.method = method;
406     pvar->auth_state.cur_cred.key_pair = key_pair;
407     /* we can't change the user name once it's set. It may already have
408     been sent to the server, and it can only be sent once. */
409     if (pvar->auth_state.user == NULL) {
410     pvar->auth_state.user =
411     alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
412     }
413     if (method == SSH_AUTH_PASSWORD) {
414     pvar->auth_state.cur_cred.password = password;
415     } else {
416     destroy_malloced_string(&password);
417     }
418     if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
419     if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
420     notify_nonfatal_error(pvar,
421     "Rhosts authentication will probably fail because it was not "
422     "the default authentication method.\n"
423     "To use Rhosts authentication "
424     "in TTSSH, you need to set it to be the default by restarting\n"
425     "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
426     "before connecting.");
427     }
428    
429     pvar->auth_state.cur_cred.rhosts_client_user =
430     alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
431     }
432     pvar->auth_state.auth_dialog = NULL;
433    
434     GetDlgItemText(dlg, IDC_RSAFILENAME,
435     pvar->session_settings.DefaultRSAPrivateKeyFile,
436     sizeof(pvar->session_settings.
437     DefaultRSAPrivateKeyFile));
438     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
439     pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
440     sizeof(pvar->session_settings.
441     DefaultRhostsHostPrivateKeyFile));
442     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
443     pvar->session_settings.DefaultRhostsLocalUserName,
444     sizeof(pvar->session_settings.
445     DefaultRhostsLocalUserName));
446    
447     if (SSHv1(pvar)) {
448     SSH_notify_user_name(pvar);
449     SSH_notify_cred(pvar);
450     } else {
451     // for SSH2(yutaka)
452     do_SSH2_userauth(pvar);
453     }
454    
455     EndDialog(dlg, 1);
456     return TRUE;
457     }
458    
459     static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
460     LPARAM lParam)
461     {
462 yutakakn 2739 const int IDC_TIMER1 = 300;
463 yutakakn 2752 const int autologin_timeout = 10; // �~���b
464 yutakakn 2728 PTInstVar pvar;
465    
466     switch (msg) {
467     case WM_INITDIALOG:
468     pvar = (PTInstVar) lParam;
469     pvar->auth_state.auth_dialog = dlg;
470     SetWindowLong(dlg, DWL_USER, lParam);
471    
472     init_auth_dlg(pvar, dlg);
473 yutakakn 2739
474     // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
475     if (pvar->ssh2_autologin == 1) {
476     SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
477     }
478 yutakakn 2728 return FALSE; /* because we set the focus */
479    
480 yutakakn 2739 case WM_TIMER:
481 yutakakn 2752 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
482     // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
483     if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
484     KillTimer(dlg, IDC_TIMER1);
485     SendMessage(dlg, WM_COMMAND, IDOK, 0);
486     }
487 yutakakn 2739 return TRUE;
488    
489 yutakakn 2728 case WM_COMMAND:
490     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
491    
492     switch (LOWORD(wParam)) {
493     case IDOK:
494 yutakakn 2783 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
495     if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
496     return FALSE;
497     }
498 yutakakn 2728 return end_auth_dlg(pvar, dlg);
499    
500     case IDCANCEL: /* kill the connection */
501     pvar->auth_state.auth_dialog = NULL;
502     notify_closed_connection(pvar);
503     EndDialog(dlg, 0);
504     return TRUE;
505    
506     case IDC_SSHUSEPASSWORD:
507     case IDC_SSHUSERSA:
508     case IDC_SSHUSERHOSTS:
509     case IDC_SSHUSETIS:
510     set_auth_options_status(dlg, LOWORD(wParam));
511     return TRUE;
512    
513     case IDC_CHOOSERSAFILE:
514     choose_RSA_key_file(dlg);
515     return TRUE;
516    
517     case IDC_CHOOSEHOSTRSAFILE:
518     choose_host_RSA_key_file(dlg);
519     return TRUE;
520    
521     default:
522     return FALSE;
523     }
524    
525     default:
526     return FALSE;
527     }
528     }
529    
530     char FAR *AUTH_get_user_name(PTInstVar pvar)
531     {
532     return pvar->auth_state.user;
533     }
534    
535     int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
536     {
537     char buf[1024];
538    
539     _snprintf(buf, sizeof(buf),
540     "Server reports supported authentication method mask = %d",
541     types);
542     buf[sizeof(buf) - 1] = 0;
543     notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
544    
545     if (SSHv1(pvar)) {
546     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
547     | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
548     | (1 << SSH_AUTH_TIS);
549     } else {
550     // for SSH2(yutaka)
551 yutakakn 2762 // types &= (1 << SSH_AUTH_PASSWORD);
552     // ���J���F�����L�������� (2004.12.18 yutaka)
553 yutakakn 2800 // TIS�������BSSH2����keyboard-interactive�����������B(2005.3.12 yutaka)
554 yutakakn 2762 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
555 yutakakn 2800 | (1 << SSH_AUTH_DSA)
556     | (1 << SSH_AUTH_TIS);
557 yutakakn 2728 }
558     pvar->auth_state.supported_types = types;
559    
560     if (types == 0) {
561     notify_fatal_error(pvar,
562     "Server does not support any of the authentication options\n"
563     "provided by TTSSH. This connection will now close.");
564     return 0;
565     } else {
566     if (pvar->auth_state.auth_dialog != NULL) {
567     update_server_supported_types(pvar,
568     pvar->auth_state.auth_dialog);
569     }
570    
571     return 1;
572     }
573     }
574    
575     static void start_user_auth(PTInstVar pvar)
576     {
577 yutakakn 2739 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
578 yutakakn 2728 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
579     (LPARAM) NULL);
580     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
581     }
582    
583     static void try_default_auth(PTInstVar pvar)
584     {
585     if (pvar->session_settings.TryDefaultAuth) {
586     switch (pvar->session_settings.DefaultAuthMethod) {
587     case SSH_AUTH_RSA:{
588     BOOL invalid_passphrase;
589     char password[] = "";
590    
591     pvar->auth_state.cur_cred.key_pair
592     =
593     KEYFILES_read_private_key(pvar,
594     pvar->session_settings.
595     DefaultRSAPrivateKeyFile,
596     password,
597     &invalid_passphrase, TRUE);
598     if (pvar->auth_state.cur_cred.key_pair == NULL) {
599     return;
600     } else {
601     pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
602     }
603     break;
604     }
605    
606     case SSH_AUTH_RHOSTS:
607     if (pvar->session_settings.
608     DefaultRhostsHostPrivateKeyFile[0] != 0) {
609     BOOL invalid_passphrase;
610     char password[] = "";
611    
612     pvar->auth_state.cur_cred.key_pair
613     =
614     KEYFILES_read_private_key(pvar,
615     pvar->session_settings.
616     DefaultRhostsHostPrivateKeyFile,
617     password,
618     &invalid_passphrase, TRUE);
619     if (pvar->auth_state.cur_cred.key_pair == NULL) {
620     return;
621     } else {
622     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
623     }
624     } else {
625     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
626     }
627    
628     pvar->auth_state.cur_cred.rhosts_client_user =
629     _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
630     break;
631    
632     case SSH_AUTH_PASSWORD:
633     pvar->auth_state.cur_cred.password = _strdup("");
634     pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
635     break;
636    
637     case SSH_AUTH_TIS:
638     default:
639     return;
640     }
641    
642     pvar->auth_state.user =
643     _strdup(pvar->session_settings.DefaultUserName);
644     }
645     }
646    
647     void AUTH_notify_end_error(PTInstVar pvar)
648     {
649     if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
650     start_user_auth(pvar);
651     pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
652     }
653     }
654    
655     void AUTH_advance_to_next_cred(PTInstVar pvar)
656     {
657     pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
658    
659     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
660     try_default_auth(pvar);
661    
662     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
663     if (pvar->err_msg != NULL) {
664     pvar->auth_state.flags |=
665     AUTH_START_USER_AUTH_ON_ERROR_END;
666     } else {
667 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
668     // �R�}���h���C���w������������
669 yutakakn 2728 start_user_auth(pvar);
670     }
671     }
672     } else {
673 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
674     // �R�}���h���C���w������(/auth=xxxx)������
675 yutakakn 2728 start_user_auth(pvar);
676     }
677     }
678    
679     static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
680     {
681     init_auth_machine_banner(pvar, dlg);
682     init_password_control(dlg);
683    
684     if (pvar->auth_state.TIS_prompt != NULL) {
685     if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
686     pvar->auth_state.TIS_prompt[10000] = 0;
687     }
688     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
689     pvar->auth_state.TIS_prompt);
690     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
691     }
692     }
693    
694     static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
695     {
696     char FAR *password =
697     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
698    
699     pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
700     pvar->auth_state.cur_cred.password = password;
701     pvar->auth_state.auth_dialog = NULL;
702    
703 yutakakn 2800 // add
704     if (SSHv2(pvar)) {
705     pvar->keyboard_interactive_password_input = 1;
706     handle_SSH2_userauth_inforeq(pvar);
707     }
708    
709 yutakakn 2728 SSH_notify_cred(pvar);
710    
711     EndDialog(dlg, 1);
712     return TRUE;
713     }
714    
715     static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
716     LPARAM lParam)
717     {
718     PTInstVar pvar;
719    
720     switch (msg) {
721     case WM_INITDIALOG:
722     pvar = (PTInstVar) lParam;
723     pvar->auth_state.auth_dialog = dlg;
724     SetWindowLong(dlg, DWL_USER, lParam);
725    
726     init_TIS_dlg(pvar, dlg);
727     return FALSE; /* because we set the focus */
728    
729     case WM_COMMAND:
730     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
731    
732     switch (LOWORD(wParam)) {
733     case IDOK:
734     return end_TIS_dlg(pvar, dlg);
735    
736     case IDCANCEL: /* kill the connection */
737     pvar->auth_state.auth_dialog = NULL;
738     notify_closed_connection(pvar);
739     EndDialog(dlg, 0);
740     return TRUE;
741    
742     default:
743     return FALSE;
744     }
745    
746     default:
747     return FALSE;
748     }
749     }
750    
751     void AUTH_do_cred_dialog(PTInstVar pvar)
752     {
753     if (pvar->auth_state.auth_dialog == NULL) {
754     HWND cur_active = GetActiveWindow();
755     DLGPROC dlg_proc;
756     LPCTSTR dialog_template;
757    
758     switch (pvar->auth_state.mode) {
759     case TIS_AUTH_MODE:
760     dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
761     dlg_proc = TIS_dlg_proc;
762     break;
763     case GENERIC_AUTH_MODE:
764     default:
765     dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
766     dlg_proc = auth_dlg_proc;
767     }
768    
769     if (!DialogBoxParam(hInst, dialog_template,
770     cur_active !=
771     NULL ? cur_active : pvar->NotificationWindow,
772     dlg_proc, (LPARAM) pvar) == -1) {
773     notify_fatal_error(pvar,
774     "Unable to display authentication dialog box.\n"
775     "Connection terminated.");
776     }
777     }
778     }
779    
780     static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
781     {
782     switch (pvar->settings.DefaultAuthMethod) {
783     case SSH_AUTH_RSA:
784     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
785     IDC_SSHUSERSA);
786     break;
787     case SSH_AUTH_RHOSTS:
788     case SSH_AUTH_RHOSTS_RSA:
789     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
790     IDC_SSHUSERHOSTS);
791     break;
792     case SSH_AUTH_TIS:
793     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
794     IDC_SSHUSETIS);
795     break;
796     case SSH_AUTH_PASSWORD:
797     default:
798     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
799     IDC_SSHUSEPASSWORD);
800     }
801    
802     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
803     SetDlgItemText(dlg, IDC_RSAFILENAME,
804     pvar->settings.DefaultRSAPrivateKeyFile);
805     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
806     pvar->settings.DefaultRhostsHostPrivateKeyFile);
807     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
808     pvar->settings.DefaultRhostsLocalUserName);
809 yutakakn 2789
810     // SSH2 keyboard-interactive method (2005.2.22 yutaka)
811     if (pvar->settings.ssh2_keyboard_interactive) {
812     SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
813     }
814    
815 yutakakn 2728 }
816    
817     static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
818     {
819     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
820     pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
821     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
822     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
823     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
824     } else {
825     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
826     }
827     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
828     pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
829     } else {
830     pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
831     }
832    
833     GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
834     sizeof(pvar->settings.DefaultUserName));
835     GetDlgItemText(dlg, IDC_RSAFILENAME,
836     pvar->settings.DefaultRSAPrivateKeyFile,
837     sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
838     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
839     pvar->settings.DefaultRhostsHostPrivateKeyFile,
840     sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
841     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
842     pvar->settings.DefaultRhostsLocalUserName,
843     sizeof(pvar->settings.DefaultRhostsLocalUserName));
844    
845 yutakakn 2789 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
846     {
847     LRESULT ret;
848     ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
849     if (ret & BST_CHECKED) {
850     pvar->settings.ssh2_keyboard_interactive = 1;
851     } else {
852     pvar->settings.ssh2_keyboard_interactive = 0;
853     }
854     }
855    
856 yutakakn 2728 EndDialog(dlg, 1);
857     return TRUE;
858     }
859    
860     static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
861     WPARAM wParam, LPARAM lParam)
862     {
863     PTInstVar pvar;
864    
865     switch (msg) {
866     case WM_INITDIALOG:
867     pvar = (PTInstVar) lParam;
868     SetWindowLong(dlg, DWL_USER, lParam);
869    
870     init_default_auth_dlg(pvar, dlg);
871     return TRUE; /* because we do not set the focus */
872    
873     case WM_COMMAND:
874     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
875    
876     switch (LOWORD(wParam)) {
877     case IDOK:
878     return end_default_auth_dlg(pvar, dlg);
879    
880     case IDCANCEL:
881     EndDialog(dlg, 0);
882     return TRUE;
883    
884     case IDC_CHOOSERSAFILE:
885     choose_RSA_key_file(dlg);
886     return TRUE;
887    
888     case IDC_CHOOSEHOSTRSAFILE:
889     choose_host_RSA_key_file(dlg);
890     return TRUE;
891    
892     default:
893     return FALSE;
894     }
895    
896     default:
897     return FALSE;
898     }
899     }
900    
901     void AUTH_init(PTInstVar pvar)
902     {
903     pvar->auth_state.failed_method = SSH_AUTH_NONE;
904     pvar->auth_state.auth_dialog = NULL;
905     pvar->auth_state.user = NULL;
906     pvar->auth_state.flags = 0;
907     pvar->auth_state.TIS_prompt = NULL;
908     pvar->auth_state.supported_types = 0;
909     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
910     pvar->auth_state.cur_cred.password = NULL;
911     pvar->auth_state.cur_cred.rhosts_client_user = NULL;
912     pvar->auth_state.cur_cred.key_pair = NULL;
913     AUTH_set_generic_mode(pvar);
914     }
915    
916     void AUTH_set_generic_mode(PTInstVar pvar)
917     {
918     pvar->auth_state.mode = GENERIC_AUTH_MODE;
919     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
920     }
921    
922     void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
923     {
924     if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
925     pvar->auth_state.mode = TIS_AUTH_MODE;
926    
927     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
928     pvar->auth_state.TIS_prompt = malloc(len + 1);
929     memcpy(pvar->auth_state.TIS_prompt, prompt, len);
930     pvar->auth_state.TIS_prompt[len] = 0;
931     } else {
932     AUTH_set_generic_mode(pvar);
933     }
934     }
935    
936     void AUTH_do_default_cred_dialog(PTInstVar pvar)
937     {
938     HWND cur_active = GetActiveWindow();
939    
940     if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
941     cur_active !=
942     NULL ? cur_active : pvar->NotificationWindow,
943     default_auth_dlg_proc, (LPARAM) pvar) == -1) {
944     notify_nonfatal_error(pvar,
945     "Unable to display authentication setup dialog box.");
946     }
947     }
948    
949     void AUTH_destroy_cur_cred(PTInstVar pvar)
950     {
951     destroy_malloced_string(&pvar->auth_state.cur_cred.password);
952     destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
953     if (pvar->auth_state.cur_cred.key_pair != NULL) {
954     CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
955     pvar->auth_state.cur_cred.key_pair = NULL;
956     }
957     }
958    
959     static char FAR *get_auth_method_name(SSHAuthMethod auth)
960     {
961     switch (auth) {
962     case SSH_AUTH_PASSWORD:
963     return "password";
964     case SSH_AUTH_RSA:
965     return "RSA";
966     case SSH_AUTH_RHOSTS:
967     return "rhosts";
968     case SSH_AUTH_RHOSTS_RSA:
969     return "rhosts with RSA";
970     case SSH_AUTH_TIS:
971     return "challenge/response (TIS)";
972     default:
973     return "unknown method";
974     }
975     }
976    
977     void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
978     {
979 yutakakn 2782 char *method = "unknown";
980    
981 yutakakn 2728 if (pvar->auth_state.user == NULL) {
982     strncpy(dest, "None", len);
983     } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
984 yutakakn 2762 if (SSHv1(pvar)) {
985     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
986     get_auth_method_name(pvar->auth_state.cur_cred.method));
987    
988 yutakakn 2800 } else {
989     // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
990     // keyboard-interactive���\�b�h������ (2005.3.12 yutaka)
991     if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD ||
992     pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
993 yutakakn 2782 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
994 yutakakn 2800 if (pvar->keyboard_interactive_done == 1 ||
995     pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
996 yutakakn 2782 method = "keyboard-interactive";
997     } else {
998     method = get_auth_method_name(pvar->auth_state.cur_cred.method);
999     }
1000     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1001    
1002 yutakakn 2762 } else {
1003     if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
1004     method = "RSA";
1005     } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
1006     method = "DSA";
1007     }
1008     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1009     }
1010    
1011     }
1012    
1013 yutakakn 2728 } else {
1014     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
1015     get_auth_method_name(pvar->auth_state.failed_method));
1016     }
1017    
1018     dest[len - 1] = 0;
1019     }
1020    
1021     void AUTH_notify_disconnecting(PTInstVar pvar)
1022     {
1023     if (pvar->auth_state.auth_dialog != NULL) {
1024     PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
1025     /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
1026     EnableWindow(pvar->NotificationWindow, TRUE);
1027     }
1028     }
1029    
1030     void AUTH_end(PTInstVar pvar)
1031     {
1032     destroy_malloced_string(&pvar->auth_state.user);
1033     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1034    
1035     AUTH_destroy_cur_cred(pvar);
1036     }
1037 yutakakn 2739
1038     /*
1039     * $Log: not supported by cvs2svn $
1040 yutakakn 2800 * Revision 1.10 2005/03/12 12:08:05 yutakakn
1041     * �p�X���[�h�F�����O���s��keyboard-interactive���\�b�h���A�f�t�H���g�����l������(0)�������B
1042     * �����A�F���_�C�A���O�����x�������������L�����������X���������������B
1043     *
1044 yutakakn 2799 * Revision 1.9 2005/02/22 08:48:11 yutakakn
1045     * TTSSH setup�_�C�A���O�� HeartBeat �����������B
1046     * TTSSH authentication setup�_�C�A���O�� keyboard-interactive �����������B
1047     *
1048 yutakakn 2789 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1049     * ���J���F���������O�C�����T�|�[�g�B
1050     * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1051     * �����A�����������������T�|�[�g�B
1052     *
1053 yutakakn 2784 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1054     * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1055     * �A�v���P�[�V�����G���[���������������������B
1056     *
1057 yutakakn 2783 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1058     * �Ekeyboard-interactive�F�����T�|�[�g�����B
1059     * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1060     * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1061     *
1062 yutakakn 2782 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1063     * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1064     *
1065 yutakakn 2769 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1066     * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1067     *
1068 yutakakn 2762 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1069     * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1070     *
1071 yutakakn 2752 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1072     * SSH2�������O�C���@�\�������B
1073     * �����A�p�X���[�h�F�������������B
1074     * �E�R�}���h���C��
1075     * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1076     *
1077 yutakakn 2739 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help