Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2811 - (hide annotations) (download) (as text)
Fri Apr 8 14:55:03 2005 UTC (19 years ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 30837 byte(s) 
"Duplicate session"においてSSH自動ログインを行うようにした。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #include "ttxssh.h"
30     #include "util.h"
31 yutakakn 2800 #include "ssh.h"
32 yutakakn 2728
33     #include <io.h>
34     #include <fcntl.h>
35     #include <stdlib.h>
36     #include <errno.h>
37    
38     #include "resource.h"
39     #include "keyfiles.h"
40    
41     #define AUTH_START_USER_AUTH_ON_ERROR_END 1
42    
43     #define MAX_AUTH_CONTROL IDC_SSHUSETIS
44    
45     static void destroy_malloced_string(char FAR * FAR * str)
46     {
47     if (*str != NULL) {
48     memset(*str, 0, strlen(*str));
49     free(*str);
50     *str = NULL;
51     }
52     }
53    
54     static int auth_types_to_control_IDs[] = {
55     -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
56     IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
57     };
58    
59     static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
60     WPARAM wParam, LPARAM lParam)
61     {
62     switch (msg) {
63     case WM_CHAR:
64     if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
65     char chars[] = { (char) wParam, 0 };
66    
67     SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
68     (LPARAM) (char FAR *) chars);
69     return 0;
70     }
71     }
72    
73     return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
74     control, msg, wParam, lParam);
75     }
76    
77     static void init_password_control(HWND dlg)
78     {
79     HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
80    
81     SetWindowLong(passwordControl, GWL_USERDATA,
82     SetWindowLong(passwordControl, GWL_WNDPROC,
83     (LONG) password_wnd_proc));
84    
85     SetFocus(passwordControl);
86     }
87    
88     static void set_auth_options_status(HWND dlg, int controlID)
89     {
90     BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
91     BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
92     BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
93     int i;
94    
95     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
96    
97     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
98     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
99    
100     for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
101     EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
102     }
103    
104     for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
105     EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
106     }
107     }
108    
109     static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
110     {
111     char buf[1024] = "Logging in to ";
112    
113     if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
114     strcat(buf, SSH_get_host_name(pvar));
115     }
116     SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
117     }
118    
119     static void update_server_supported_types(PTInstVar pvar, HWND dlg)
120     {
121     int supported_methods = pvar->auth_state.supported_types;
122     int cur_control = -1;
123     int control;
124     HWND focus = GetFocus();
125    
126     if (supported_methods == 0) {
127     return;
128     }
129    
130     for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
131     control++) {
132     BOOL enabled = FALSE;
133     int method;
134     HWND item = GetDlgItem(dlg, control);
135    
136     if (item != NULL) {
137     for (method = 0; method <= SSH_AUTH_MAX; method++) {
138     if (auth_types_to_control_IDs[method] == control
139     && (supported_methods & (1 << method)) != 0) {
140     enabled = TRUE;
141     }
142     }
143    
144     EnableWindow(item, enabled);
145    
146     if (IsDlgButtonChecked(dlg, control)) {
147     cur_control = control;
148     }
149     }
150     }
151    
152     if (cur_control >= 0) {
153     if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
154     do {
155     cur_control++;
156     if (cur_control > MAX_AUTH_CONTROL) {
157     cur_control = IDC_SSHUSEPASSWORD;
158     }
159     } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
160    
161     set_auth_options_status(dlg, cur_control);
162    
163     if (focus != NULL && !IsWindowEnabled(focus)) {
164     SetFocus(GetDlgItem(dlg, cur_control));
165     }
166     }
167     }
168     }
169    
170     static void init_auth_dlg(PTInstVar pvar, HWND dlg)
171     {
172     int default_method = pvar->session_settings.DefaultAuthMethod;
173    
174     init_auth_machine_banner(pvar, dlg);
175     init_password_control(dlg);
176    
177     if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
178     /* must be retrying a failed attempt */
179     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
180     "Authentication failed. Please retry.");
181     SetWindowText(dlg, "Retrying SSH Authentication");
182     default_method = pvar->auth_state.failed_method;
183     }
184    
185     set_auth_options_status(dlg,
186     auth_types_to_control_IDs[default_method]);
187    
188     if (default_method == SSH_AUTH_TIS) {
189     /* we disabled the password control, so fix the focus */
190     SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
191     }
192    
193     if (pvar->auth_state.user != NULL) {
194     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
195     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
196     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
197     } else if (pvar->session_settings.DefaultUserName[0] != 0) {
198     SetDlgItemText(dlg, IDC_SSHUSERNAME,
199     pvar->session_settings.DefaultUserName);
200     } else {
201     SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
202     }
203    
204     SetDlgItemText(dlg, IDC_RSAFILENAME,
205     pvar->session_settings.DefaultRSAPrivateKeyFile);
206     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
207     pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
208     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
209     pvar->session_settings.DefaultRhostsLocalUserName);
210    
211     update_server_supported_types(pvar, dlg);
212 yutakakn 2739
213 yutakakn 2784 // SSH2 autologin
214 yutakakn 2739 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
215 yutakakn 2784 //
216     // (2004.12.1 yutaka)
217     // (2005.1.26 yutaka) ���J���F���T�|�[�g
218 yutakakn 2739 if (pvar->ssh2_autologin == 1) {
219     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
220     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
221     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
222    
223     SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
224     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
225     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
226    
227 yutakakn 2784 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
228 yutakakn 2739 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
229 yutakakn 2784
230     } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
231     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
232    
233     SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
234     EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
235     EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
236    
237 yutakakn 2739 } else {
238     // TODO
239    
240     }
241     }
242    
243 yutakakn 2800 #if 1
244 yutakakn 2799 // �p�X���[�h�F���������O���Akeyboard-interactive���\�b�h�������������A���x������
245     // ���X�����B(2005.3.12 yutaka)
246     if (pvar->settings.ssh2_keyboard_interactive == 1) {
247     SetDlgItemText(dlg, IDC_SSHUSEPASSWORD, "Use p&lain password to log in (with keyboard-interactive)");
248     }
249    
250 yutakakn 2800 if (pvar->settings.ssh_protocol_version == 1) {
251     SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&TIS)");
252     } else {
253 yutakakn 2804 SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&keyboard-interactive)");
254 yutakakn 2800 }
255     #endif
256    
257 yutakakn 2728 }
258    
259     static char FAR *alloc_control_text(HWND ctl)
260     {
261     int len = GetWindowTextLength(ctl);
262     char FAR *result = malloc(len + 1);
263    
264     if (result != NULL) {
265     GetWindowText(ctl, result, len + 1);
266     result[len] = 0;
267     }
268    
269     return result;
270     }
271    
272     static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
273     {
274     #ifdef TERATERM32
275     OPENFILENAME params;
276     char fullname_buf[2048] = "identity";
277    
278 yutakakn 2762 ZeroMemory(&params, sizeof(params));
279 yutakakn 2728 params.lStructSize = sizeof(OPENFILENAME);
280     params.hwndOwner = parent;
281 yutakakn 2762 // �t�B���^������ (2004.12.19 yutaka)
282     params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
283 yutakakn 2728 params.lpstrCustomFilter = NULL;
284     params.nFilterIndex = 0;
285     buf[0] = 0;
286     params.lpstrFile = fullname_buf;
287     params.nMaxFile = sizeof(fullname_buf);
288     params.lpstrFileTitle = NULL;
289     params.lpstrInitialDir = NULL;
290     params.lpstrTitle = "Choose a file with the RSA private key";
291     params.Flags =
292     OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
293     params.lpstrDefExt = NULL;
294    
295     if (GetOpenFileName(&params) != 0) {
296     copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
297     return 1;
298     } else {
299     return 0;
300     }
301     #else
302     return 0;
303     #endif
304     }
305    
306     static void choose_RSA_key_file(HWND dlg)
307     {
308     char buf[1024];
309    
310     if (get_key_file_name(dlg, buf, sizeof(buf))) {
311     SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
312     }
313     }
314    
315     static void choose_host_RSA_key_file(HWND dlg)
316     {
317     char buf[1024];
318    
319     if (get_key_file_name(dlg, buf, sizeof(buf))) {
320     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
321     }
322     }
323    
324     static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
325     {
326     int method = SSH_AUTH_PASSWORD;
327     char FAR *password =
328     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
329     CRYPTKeyPair FAR *key_pair = NULL;
330    
331     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
332     method = SSH_AUTH_RSA;
333     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
334     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
335     method = SSH_AUTH_RHOSTS_RSA;
336     } else {
337     method = SSH_AUTH_RHOSTS;
338     }
339     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
340     method = SSH_AUTH_TIS;
341     }
342    
343     if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
344     char buf[2048];
345     int file_ctl_ID =
346     method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
347    
348     buf[0] = 0;
349     GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
350     if (buf[0] == 0) {
351     notify_nonfatal_error(pvar,
352 yutakakn 2762 "You must specify a file containing the RSA/DSA private key.");
353 yutakakn 2728 SetFocus(GetDlgItem(dlg, file_ctl_ID));
354     destroy_malloced_string(&password);
355     return FALSE;
356 yutakakn 2762 }
357    
358     if (SSHv1(pvar)) {
359 yutakakn 2728 BOOL invalid_passphrase = FALSE;
360    
361     key_pair = KEYFILES_read_private_key(pvar, buf, password,
362     &invalid_passphrase,
363     FALSE);
364    
365     if (key_pair == NULL) {
366     if (invalid_passphrase) {
367     HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
368    
369     SetFocus(passwordCtl);
370     SendMessage(passwordCtl, EM_SETSEL, 0, -1);
371     } else {
372     SetFocus(GetDlgItem(dlg, file_ctl_ID));
373     }
374     destroy_malloced_string(&password);
375     return FALSE;
376     }
377 yutakakn 2762
378     } else { // SSH2(yutaka)
379     BOOL invalid_passphrase = FALSE;
380 yutakakn 2769 char errmsg[256];
381 yutakakn 2762
382 yutakakn 2769 memset(errmsg, 0, sizeof(errmsg));
383 yutakakn 2784 //GetCurrentDirectory(sizeof(errmsg), errmsg);
384 yutakakn 2769
385 yutakakn 2762 key_pair = read_SSH2_private_key(pvar, buf, password,
386     &invalid_passphrase,
387 yutakakn 2769 FALSE,
388     errmsg,
389     sizeof(errmsg)
390     );
391 yutakakn 2762
392     if (key_pair == NULL) { // read error
393 yutakakn 2769 char buf[1024];
394     _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
395     notify_nonfatal_error(pvar, buf);
396 yutakakn 2762 destroy_malloced_string(&password);
397     return FALSE;
398     }
399    
400 yutakakn 2728 }
401 yutakakn 2762
402 yutakakn 2728 }
403    
404     /* from here on, we cannot fail, so just munge cur_cred in place */
405     pvar->auth_state.cur_cred.method = method;
406     pvar->auth_state.cur_cred.key_pair = key_pair;
407     /* we can't change the user name once it's set. It may already have
408     been sent to the server, and it can only be sent once. */
409     if (pvar->auth_state.user == NULL) {
410     pvar->auth_state.user =
411     alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
412     }
413 yutakakn 2811
414     // ���J���F���������A�Z�b�V�������������p�X���[�h���g�����������������������������������B
415     // (2005.4.8 yutaka)
416     if (method == SSH_AUTH_PASSWORD || method == SSH_AUTH_RSA) {
417 yutakakn 2728 pvar->auth_state.cur_cred.password = password;
418     } else {
419     destroy_malloced_string(&password);
420     }
421     if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
422     if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
423     notify_nonfatal_error(pvar,
424     "Rhosts authentication will probably fail because it was not "
425     "the default authentication method.\n"
426     "To use Rhosts authentication "
427     "in TTSSH, you need to set it to be the default by restarting\n"
428     "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
429     "before connecting.");
430     }
431    
432     pvar->auth_state.cur_cred.rhosts_client_user =
433     alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
434     }
435     pvar->auth_state.auth_dialog = NULL;
436    
437     GetDlgItemText(dlg, IDC_RSAFILENAME,
438     pvar->session_settings.DefaultRSAPrivateKeyFile,
439     sizeof(pvar->session_settings.
440     DefaultRSAPrivateKeyFile));
441     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
442     pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
443     sizeof(pvar->session_settings.
444     DefaultRhostsHostPrivateKeyFile));
445     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
446     pvar->session_settings.DefaultRhostsLocalUserName,
447     sizeof(pvar->session_settings.
448     DefaultRhostsLocalUserName));
449    
450     if (SSHv1(pvar)) {
451     SSH_notify_user_name(pvar);
452     SSH_notify_cred(pvar);
453     } else {
454     // for SSH2(yutaka)
455     do_SSH2_userauth(pvar);
456     }
457    
458     EndDialog(dlg, 1);
459     return TRUE;
460     }
461    
462     static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
463     LPARAM lParam)
464     {
465 yutakakn 2739 const int IDC_TIMER1 = 300;
466 yutakakn 2752 const int autologin_timeout = 10; // �~���b
467 yutakakn 2728 PTInstVar pvar;
468    
469     switch (msg) {
470     case WM_INITDIALOG:
471     pvar = (PTInstVar) lParam;
472     pvar->auth_state.auth_dialog = dlg;
473     SetWindowLong(dlg, DWL_USER, lParam);
474    
475     init_auth_dlg(pvar, dlg);
476 yutakakn 2739
477     // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
478     if (pvar->ssh2_autologin == 1) {
479     SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
480     }
481 yutakakn 2728 return FALSE; /* because we set the focus */
482    
483 yutakakn 2739 case WM_TIMER:
484 yutakakn 2752 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
485     // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
486     if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
487     KillTimer(dlg, IDC_TIMER1);
488     SendMessage(dlg, WM_COMMAND, IDOK, 0);
489     }
490 yutakakn 2739 return TRUE;
491    
492 yutakakn 2728 case WM_COMMAND:
493     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
494    
495     switch (LOWORD(wParam)) {
496     case IDOK:
497 yutakakn 2783 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
498     if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
499     return FALSE;
500     }
501 yutakakn 2728 return end_auth_dlg(pvar, dlg);
502    
503     case IDCANCEL: /* kill the connection */
504     pvar->auth_state.auth_dialog = NULL;
505     notify_closed_connection(pvar);
506     EndDialog(dlg, 0);
507     return TRUE;
508    
509     case IDC_SSHUSEPASSWORD:
510     case IDC_SSHUSERSA:
511     case IDC_SSHUSERHOSTS:
512     case IDC_SSHUSETIS:
513     set_auth_options_status(dlg, LOWORD(wParam));
514     return TRUE;
515    
516     case IDC_CHOOSERSAFILE:
517     choose_RSA_key_file(dlg);
518     return TRUE;
519    
520     case IDC_CHOOSEHOSTRSAFILE:
521     choose_host_RSA_key_file(dlg);
522     return TRUE;
523    
524     default:
525     return FALSE;
526     }
527    
528     default:
529     return FALSE;
530     }
531     }
532    
533     char FAR *AUTH_get_user_name(PTInstVar pvar)
534     {
535     return pvar->auth_state.user;
536     }
537    
538     int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
539     {
540     char buf[1024];
541    
542     _snprintf(buf, sizeof(buf),
543     "Server reports supported authentication method mask = %d",
544     types);
545     buf[sizeof(buf) - 1] = 0;
546     notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
547    
548     if (SSHv1(pvar)) {
549     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
550     | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
551     | (1 << SSH_AUTH_TIS);
552     } else {
553     // for SSH2(yutaka)
554 yutakakn 2762 // types &= (1 << SSH_AUTH_PASSWORD);
555     // ���J���F�����L�������� (2004.12.18 yutaka)
556 yutakakn 2800 // TIS�������BSSH2����keyboard-interactive�����������B(2005.3.12 yutaka)
557 yutakakn 2762 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
558 yutakakn 2800 | (1 << SSH_AUTH_DSA)
559     | (1 << SSH_AUTH_TIS);
560 yutakakn 2728 }
561     pvar->auth_state.supported_types = types;
562    
563     if (types == 0) {
564     notify_fatal_error(pvar,
565     "Server does not support any of the authentication options\n"
566     "provided by TTSSH. This connection will now close.");
567     return 0;
568     } else {
569     if (pvar->auth_state.auth_dialog != NULL) {
570     update_server_supported_types(pvar,
571     pvar->auth_state.auth_dialog);
572     }
573    
574     return 1;
575     }
576     }
577    
578     static void start_user_auth(PTInstVar pvar)
579     {
580 yutakakn 2739 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
581 yutakakn 2728 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
582     (LPARAM) NULL);
583     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
584     }
585    
586     static void try_default_auth(PTInstVar pvar)
587     {
588     if (pvar->session_settings.TryDefaultAuth) {
589     switch (pvar->session_settings.DefaultAuthMethod) {
590     case SSH_AUTH_RSA:{
591     BOOL invalid_passphrase;
592     char password[] = "";
593    
594     pvar->auth_state.cur_cred.key_pair
595     =
596     KEYFILES_read_private_key(pvar,
597     pvar->session_settings.
598     DefaultRSAPrivateKeyFile,
599     password,
600     &invalid_passphrase, TRUE);
601     if (pvar->auth_state.cur_cred.key_pair == NULL) {
602     return;
603     } else {
604     pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
605     }
606     break;
607     }
608    
609     case SSH_AUTH_RHOSTS:
610     if (pvar->session_settings.
611     DefaultRhostsHostPrivateKeyFile[0] != 0) {
612     BOOL invalid_passphrase;
613     char password[] = "";
614    
615     pvar->auth_state.cur_cred.key_pair
616     =
617     KEYFILES_read_private_key(pvar,
618     pvar->session_settings.
619     DefaultRhostsHostPrivateKeyFile,
620     password,
621     &invalid_passphrase, TRUE);
622     if (pvar->auth_state.cur_cred.key_pair == NULL) {
623     return;
624     } else {
625     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
626     }
627     } else {
628     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
629     }
630    
631     pvar->auth_state.cur_cred.rhosts_client_user =
632     _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
633     break;
634    
635     case SSH_AUTH_PASSWORD:
636     pvar->auth_state.cur_cred.password = _strdup("");
637     pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
638     break;
639    
640     case SSH_AUTH_TIS:
641     default:
642     return;
643     }
644    
645     pvar->auth_state.user =
646     _strdup(pvar->session_settings.DefaultUserName);
647     }
648     }
649    
650     void AUTH_notify_end_error(PTInstVar pvar)
651     {
652     if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
653     start_user_auth(pvar);
654     pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
655     }
656     }
657    
658     void AUTH_advance_to_next_cred(PTInstVar pvar)
659     {
660     pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
661    
662     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
663     try_default_auth(pvar);
664    
665     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
666     if (pvar->err_msg != NULL) {
667     pvar->auth_state.flags |=
668     AUTH_START_USER_AUTH_ON_ERROR_END;
669     } else {
670 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
671     // �R�}���h���C���w������������
672 yutakakn 2728 start_user_auth(pvar);
673     }
674     }
675     } else {
676 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
677     // �R�}���h���C���w������(/auth=xxxx)������
678 yutakakn 2728 start_user_auth(pvar);
679     }
680     }
681    
682     static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
683     {
684     init_auth_machine_banner(pvar, dlg);
685     init_password_control(dlg);
686    
687     if (pvar->auth_state.TIS_prompt != NULL) {
688     if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
689     pvar->auth_state.TIS_prompt[10000] = 0;
690     }
691     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
692     pvar->auth_state.TIS_prompt);
693     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
694     }
695     }
696    
697     static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
698     {
699     char FAR *password =
700     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
701    
702     pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
703     pvar->auth_state.cur_cred.password = password;
704     pvar->auth_state.auth_dialog = NULL;
705    
706 yutakakn 2800 // add
707     if (SSHv2(pvar)) {
708     pvar->keyboard_interactive_password_input = 1;
709     handle_SSH2_userauth_inforeq(pvar);
710     }
711    
712 yutakakn 2728 SSH_notify_cred(pvar);
713    
714     EndDialog(dlg, 1);
715     return TRUE;
716     }
717    
718     static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
719     LPARAM lParam)
720     {
721     PTInstVar pvar;
722    
723     switch (msg) {
724     case WM_INITDIALOG:
725     pvar = (PTInstVar) lParam;
726     pvar->auth_state.auth_dialog = dlg;
727     SetWindowLong(dlg, DWL_USER, lParam);
728    
729     init_TIS_dlg(pvar, dlg);
730     return FALSE; /* because we set the focus */
731    
732     case WM_COMMAND:
733     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
734    
735     switch (LOWORD(wParam)) {
736     case IDOK:
737     return end_TIS_dlg(pvar, dlg);
738    
739     case IDCANCEL: /* kill the connection */
740     pvar->auth_state.auth_dialog = NULL;
741     notify_closed_connection(pvar);
742     EndDialog(dlg, 0);
743     return TRUE;
744    
745     default:
746     return FALSE;
747     }
748    
749     default:
750     return FALSE;
751     }
752     }
753    
754     void AUTH_do_cred_dialog(PTInstVar pvar)
755     {
756     if (pvar->auth_state.auth_dialog == NULL) {
757     HWND cur_active = GetActiveWindow();
758     DLGPROC dlg_proc;
759     LPCTSTR dialog_template;
760    
761     switch (pvar->auth_state.mode) {
762     case TIS_AUTH_MODE:
763     dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
764     dlg_proc = TIS_dlg_proc;
765     break;
766     case GENERIC_AUTH_MODE:
767     default:
768     dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
769     dlg_proc = auth_dlg_proc;
770     }
771    
772     if (!DialogBoxParam(hInst, dialog_template,
773     cur_active !=
774     NULL ? cur_active : pvar->NotificationWindow,
775     dlg_proc, (LPARAM) pvar) == -1) {
776     notify_fatal_error(pvar,
777     "Unable to display authentication dialog box.\n"
778     "Connection terminated.");
779     }
780     }
781     }
782    
783     static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
784     {
785     switch (pvar->settings.DefaultAuthMethod) {
786     case SSH_AUTH_RSA:
787     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
788     IDC_SSHUSERSA);
789     break;
790     case SSH_AUTH_RHOSTS:
791     case SSH_AUTH_RHOSTS_RSA:
792     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
793     IDC_SSHUSERHOSTS);
794     break;
795     case SSH_AUTH_TIS:
796     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
797     IDC_SSHUSETIS);
798     break;
799     case SSH_AUTH_PASSWORD:
800     default:
801     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
802     IDC_SSHUSEPASSWORD);
803     }
804    
805     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
806     SetDlgItemText(dlg, IDC_RSAFILENAME,
807     pvar->settings.DefaultRSAPrivateKeyFile);
808     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
809     pvar->settings.DefaultRhostsHostPrivateKeyFile);
810     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
811     pvar->settings.DefaultRhostsLocalUserName);
812 yutakakn 2789
813     // SSH2 keyboard-interactive method (2005.2.22 yutaka)
814     if (pvar->settings.ssh2_keyboard_interactive) {
815     SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
816     }
817    
818 yutakakn 2728 }
819    
820     static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
821     {
822     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
823     pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
824     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
825     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
826     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
827     } else {
828     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
829     }
830     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
831     pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
832     } else {
833     pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
834     }
835    
836     GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
837     sizeof(pvar->settings.DefaultUserName));
838     GetDlgItemText(dlg, IDC_RSAFILENAME,
839     pvar->settings.DefaultRSAPrivateKeyFile,
840     sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
841     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
842     pvar->settings.DefaultRhostsHostPrivateKeyFile,
843     sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
844     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
845     pvar->settings.DefaultRhostsLocalUserName,
846     sizeof(pvar->settings.DefaultRhostsLocalUserName));
847    
848 yutakakn 2789 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
849     {
850     LRESULT ret;
851     ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
852     if (ret & BST_CHECKED) {
853     pvar->settings.ssh2_keyboard_interactive = 1;
854     } else {
855     pvar->settings.ssh2_keyboard_interactive = 0;
856     }
857     }
858    
859 yutakakn 2728 EndDialog(dlg, 1);
860     return TRUE;
861     }
862    
863     static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
864     WPARAM wParam, LPARAM lParam)
865     {
866     PTInstVar pvar;
867    
868     switch (msg) {
869     case WM_INITDIALOG:
870     pvar = (PTInstVar) lParam;
871     SetWindowLong(dlg, DWL_USER, lParam);
872    
873     init_default_auth_dlg(pvar, dlg);
874     return TRUE; /* because we do not set the focus */
875    
876     case WM_COMMAND:
877     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
878    
879     switch (LOWORD(wParam)) {
880     case IDOK:
881     return end_default_auth_dlg(pvar, dlg);
882    
883     case IDCANCEL:
884     EndDialog(dlg, 0);
885     return TRUE;
886    
887     case IDC_CHOOSERSAFILE:
888     choose_RSA_key_file(dlg);
889     return TRUE;
890    
891     case IDC_CHOOSEHOSTRSAFILE:
892     choose_host_RSA_key_file(dlg);
893     return TRUE;
894    
895     default:
896     return FALSE;
897     }
898    
899     default:
900     return FALSE;
901     }
902     }
903    
904     void AUTH_init(PTInstVar pvar)
905     {
906     pvar->auth_state.failed_method = SSH_AUTH_NONE;
907     pvar->auth_state.auth_dialog = NULL;
908     pvar->auth_state.user = NULL;
909     pvar->auth_state.flags = 0;
910     pvar->auth_state.TIS_prompt = NULL;
911     pvar->auth_state.supported_types = 0;
912     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
913     pvar->auth_state.cur_cred.password = NULL;
914     pvar->auth_state.cur_cred.rhosts_client_user = NULL;
915     pvar->auth_state.cur_cred.key_pair = NULL;
916     AUTH_set_generic_mode(pvar);
917     }
918    
919     void AUTH_set_generic_mode(PTInstVar pvar)
920     {
921     pvar->auth_state.mode = GENERIC_AUTH_MODE;
922     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
923     }
924    
925     void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
926     {
927     if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
928     pvar->auth_state.mode = TIS_AUTH_MODE;
929    
930     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
931     pvar->auth_state.TIS_prompt = malloc(len + 1);
932     memcpy(pvar->auth_state.TIS_prompt, prompt, len);
933     pvar->auth_state.TIS_prompt[len] = 0;
934     } else {
935     AUTH_set_generic_mode(pvar);
936     }
937     }
938    
939     void AUTH_do_default_cred_dialog(PTInstVar pvar)
940     {
941     HWND cur_active = GetActiveWindow();
942    
943     if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
944     cur_active !=
945     NULL ? cur_active : pvar->NotificationWindow,
946     default_auth_dlg_proc, (LPARAM) pvar) == -1) {
947     notify_nonfatal_error(pvar,
948     "Unable to display authentication setup dialog box.");
949     }
950     }
951    
952     void AUTH_destroy_cur_cred(PTInstVar pvar)
953     {
954     destroy_malloced_string(&pvar->auth_state.cur_cred.password);
955     destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
956     if (pvar->auth_state.cur_cred.key_pair != NULL) {
957     CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
958     pvar->auth_state.cur_cred.key_pair = NULL;
959     }
960     }
961    
962     static char FAR *get_auth_method_name(SSHAuthMethod auth)
963     {
964     switch (auth) {
965     case SSH_AUTH_PASSWORD:
966     return "password";
967     case SSH_AUTH_RSA:
968     return "RSA";
969     case SSH_AUTH_RHOSTS:
970     return "rhosts";
971     case SSH_AUTH_RHOSTS_RSA:
972     return "rhosts with RSA";
973     case SSH_AUTH_TIS:
974     return "challenge/response (TIS)";
975     default:
976     return "unknown method";
977     }
978     }
979    
980     void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
981     {
982 yutakakn 2782 char *method = "unknown";
983    
984 yutakakn 2728 if (pvar->auth_state.user == NULL) {
985     strncpy(dest, "None", len);
986     } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
987 yutakakn 2762 if (SSHv1(pvar)) {
988     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
989     get_auth_method_name(pvar->auth_state.cur_cred.method));
990    
991 yutakakn 2800 } else {
992     // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
993     // keyboard-interactive���\�b�h������ (2005.3.12 yutaka)
994     if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD ||
995     pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
996 yutakakn 2782 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
997 yutakakn 2800 if (pvar->keyboard_interactive_done == 1 ||
998     pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
999 yutakakn 2782 method = "keyboard-interactive";
1000     } else {
1001     method = get_auth_method_name(pvar->auth_state.cur_cred.method);
1002     }
1003     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1004    
1005 yutakakn 2762 } else {
1006     if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
1007     method = "RSA";
1008     } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
1009     method = "DSA";
1010     }
1011     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1012     }
1013    
1014     }
1015    
1016 yutakakn 2728 } else {
1017     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
1018     get_auth_method_name(pvar->auth_state.failed_method));
1019     }
1020    
1021     dest[len - 1] = 0;
1022     }
1023    
1024     void AUTH_notify_disconnecting(PTInstVar pvar)
1025     {
1026     if (pvar->auth_state.auth_dialog != NULL) {
1027     PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
1028     /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
1029     EnableWindow(pvar->NotificationWindow, TRUE);
1030     }
1031     }
1032    
1033     void AUTH_end(PTInstVar pvar)
1034     {
1035     destroy_malloced_string(&pvar->auth_state.user);
1036     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1037    
1038     AUTH_destroy_cur_cred(pvar);
1039     }
1040 yutakakn 2739
1041     /*
1042     * $Log: not supported by cvs2svn $
1043 yutakakn 2811 * Revision 1.12 2005/03/23 12:39:35 yutakakn
1044     * SSH2�F���_�C�A���O�� Use challenge/response to log in ���A�N�Z�����[�^�L�[�������������B
1045     *
1046 yutakakn 2804 * Revision 1.11 2005/03/12 15:07:33 yutakakn
1047     * SSH2 keyboard-interactive�F����TIS�_�C�A���O�����������B
1048     *
1049 yutakakn 2800 * Revision 1.10 2005/03/12 12:08:05 yutakakn
1050     * �p�X���[�h�F�����O���s��keyboard-interactive���\�b�h���A�f�t�H���g�����l������(0)�������B
1051     * �����A�F���_�C�A���O�����x�������������L�����������X���������������B
1052     *
1053 yutakakn 2799 * Revision 1.9 2005/02/22 08:48:11 yutakakn
1054     * TTSSH setup�_�C�A���O�� HeartBeat �����������B
1055     * TTSSH authentication setup�_�C�A���O�� keyboard-interactive �����������B
1056     *
1057 yutakakn 2789 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1058     * ���J���F���������O�C�����T�|�[�g�B
1059     * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1060     * �����A�����������������T�|�[�g�B
1061     *
1062 yutakakn 2784 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1063     * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1064     * �A�v���P�[�V�����G���[���������������������B
1065     *
1066 yutakakn 2783 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1067     * �Ekeyboard-interactive�F�����T�|�[�g�����B
1068     * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1069     * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1070     *
1071 yutakakn 2782 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1072     * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1073     *
1074 yutakakn 2769 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1075     * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1076     *
1077 yutakakn 2762 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1078     * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1079     *
1080 yutakakn 2752 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1081     * SSH2�������O�C���@�\�������B
1082     * �����A�p�X���[�h�F�������������B
1083     * �E�R�}���h���C��
1084     * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1085     *
1086 yutakakn 2739 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help