Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Annotation of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2818 - (hide annotations) (download) (as text)
Tue Apr 26 13:57:57 2005 UTC (18 years, 11 months ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 31043 byte(s) 
private keyファイルダイアログに3ファイルフィルタを追加した。
1 yutakakn 2728 /*
2     Copyright (c) 1998-2001, Robert O'Callahan
3     All rights reserved.
4    
5     Redistribution and use in source and binary forms, with or without modification,
6     are permitted provided that the following conditions are met:
7    
8     Redistributions of source code must retain the above copyright notice, this list of
9     conditions and the following disclaimer.
10    
11     Redistributions in binary form must reproduce the above copyright notice, this list
12     of conditions and the following disclaimer in the documentation and/or other materials
13     provided with the distribution.
14    
15     The name of Robert O'Callahan may not be used to endorse or promote products derived from
16     this software without specific prior written permission.
17    
18     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19     ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20     OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21     THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23     SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25     OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27     */
28    
29     #include "ttxssh.h"
30     #include "util.h"
31 yutakakn 2800 #include "ssh.h"
32 yutakakn 2728
33     #include <io.h>
34     #include <fcntl.h>
35     #include <stdlib.h>
36     #include <errno.h>
37    
38     #include "resource.h"
39     #include "keyfiles.h"
40    
41     #define AUTH_START_USER_AUTH_ON_ERROR_END 1
42    
43     #define MAX_AUTH_CONTROL IDC_SSHUSETIS
44    
45     static void destroy_malloced_string(char FAR * FAR * str)
46     {
47     if (*str != NULL) {
48     memset(*str, 0, strlen(*str));
49     free(*str);
50     *str = NULL;
51     }
52     }
53    
54     static int auth_types_to_control_IDs[] = {
55     -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
56     IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
57     };
58    
59     static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
60     WPARAM wParam, LPARAM lParam)
61     {
62     switch (msg) {
63     case WM_CHAR:
64     if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
65     char chars[] = { (char) wParam, 0 };
66    
67     SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
68     (LPARAM) (char FAR *) chars);
69     return 0;
70     }
71     }
72    
73     return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
74     control, msg, wParam, lParam);
75     }
76    
77     static void init_password_control(HWND dlg)
78     {
79     HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
80    
81     SetWindowLong(passwordControl, GWL_USERDATA,
82     SetWindowLong(passwordControl, GWL_WNDPROC,
83     (LONG) password_wnd_proc));
84    
85     SetFocus(passwordControl);
86     }
87    
88     static void set_auth_options_status(HWND dlg, int controlID)
89     {
90     BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
91     BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
92     BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
93     int i;
94    
95     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
96    
97     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
98     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
99    
100     for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
101     EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
102     }
103    
104     for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
105     EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
106     }
107     }
108    
109     static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
110     {
111     char buf[1024] = "Logging in to ";
112    
113     if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
114     strcat(buf, SSH_get_host_name(pvar));
115     }
116     SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
117     }
118    
119     static void update_server_supported_types(PTInstVar pvar, HWND dlg)
120     {
121     int supported_methods = pvar->auth_state.supported_types;
122     int cur_control = -1;
123     int control;
124     HWND focus = GetFocus();
125    
126     if (supported_methods == 0) {
127     return;
128     }
129    
130     for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
131     control++) {
132     BOOL enabled = FALSE;
133     int method;
134     HWND item = GetDlgItem(dlg, control);
135    
136     if (item != NULL) {
137     for (method = 0; method <= SSH_AUTH_MAX; method++) {
138     if (auth_types_to_control_IDs[method] == control
139     && (supported_methods & (1 << method)) != 0) {
140     enabled = TRUE;
141     }
142     }
143    
144     EnableWindow(item, enabled);
145    
146     if (IsDlgButtonChecked(dlg, control)) {
147     cur_control = control;
148     }
149     }
150     }
151    
152     if (cur_control >= 0) {
153     if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
154     do {
155     cur_control++;
156     if (cur_control > MAX_AUTH_CONTROL) {
157     cur_control = IDC_SSHUSEPASSWORD;
158     }
159     } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
160    
161     set_auth_options_status(dlg, cur_control);
162    
163     if (focus != NULL && !IsWindowEnabled(focus)) {
164     SetFocus(GetDlgItem(dlg, cur_control));
165     }
166     }
167     }
168     }
169    
170     static void init_auth_dlg(PTInstVar pvar, HWND dlg)
171     {
172     int default_method = pvar->session_settings.DefaultAuthMethod;
173    
174     init_auth_machine_banner(pvar, dlg);
175     init_password_control(dlg);
176    
177     if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
178     /* must be retrying a failed attempt */
179     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
180     "Authentication failed. Please retry.");
181     SetWindowText(dlg, "Retrying SSH Authentication");
182     default_method = pvar->auth_state.failed_method;
183     }
184    
185     set_auth_options_status(dlg,
186     auth_types_to_control_IDs[default_method]);
187    
188     if (default_method == SSH_AUTH_TIS) {
189     /* we disabled the password control, so fix the focus */
190     SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
191     }
192    
193     if (pvar->auth_state.user != NULL) {
194     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
195     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
196     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
197     } else if (pvar->session_settings.DefaultUserName[0] != 0) {
198     SetDlgItemText(dlg, IDC_SSHUSERNAME,
199     pvar->session_settings.DefaultUserName);
200     } else {
201     SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
202     }
203    
204     SetDlgItemText(dlg, IDC_RSAFILENAME,
205     pvar->session_settings.DefaultRSAPrivateKeyFile);
206     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
207     pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
208     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
209     pvar->session_settings.DefaultRhostsLocalUserName);
210    
211     update_server_supported_types(pvar, dlg);
212 yutakakn 2739
213 yutakakn 2784 // SSH2 autologin
214 yutakakn 2739 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
215 yutakakn 2784 //
216     // (2004.12.1 yutaka)
217     // (2005.1.26 yutaka) ���J���F���T�|�[�g
218 yutakakn 2739 if (pvar->ssh2_autologin == 1) {
219     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
220     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
221     EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
222    
223     SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
224     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
225     EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
226    
227 yutakakn 2784 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
228 yutakakn 2739 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
229 yutakakn 2784
230     } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
231     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
232    
233     SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
234     EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
235     EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
236    
237 yutakakn 2739 } else {
238     // TODO
239    
240     }
241     }
242    
243 yutakakn 2800 #if 1
244 yutakakn 2799 // �p�X���[�h�F���������O���Akeyboard-interactive���\�b�h�������������A���x������
245     // ���X�����B(2005.3.12 yutaka)
246     if (pvar->settings.ssh2_keyboard_interactive == 1) {
247     SetDlgItemText(dlg, IDC_SSHUSEPASSWORD, "Use p&lain password to log in (with keyboard-interactive)");
248     }
249    
250 yutakakn 2800 if (pvar->settings.ssh_protocol_version == 1) {
251     SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&TIS)");
252     } else {
253 yutakakn 2804 SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&keyboard-interactive)");
254 yutakakn 2800 }
255     #endif
256    
257 yutakakn 2728 }
258    
259     static char FAR *alloc_control_text(HWND ctl)
260     {
261     int len = GetWindowTextLength(ctl);
262     char FAR *result = malloc(len + 1);
263    
264     if (result != NULL) {
265     GetWindowText(ctl, result, len + 1);
266     result[len] = 0;
267     }
268    
269     return result;
270     }
271    
272     static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
273     {
274     #ifdef TERATERM32
275     OPENFILENAME params;
276     char fullname_buf[2048] = "identity";
277    
278 yutakakn 2762 ZeroMemory(&params, sizeof(params));
279 yutakakn 2728 params.lStructSize = sizeof(OPENFILENAME);
280     params.hwndOwner = parent;
281 yutakakn 2762 // �t�B���^������ (2004.12.19 yutaka)
282 yutakakn 2818 // 3�t�@�C���t�B���^������ (2005.4.26 yutaka)
283     params.lpstrFilter = "identity files\0identity;id_rsa;id_dsa\0identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
284 yutakakn 2728 params.lpstrCustomFilter = NULL;
285     params.nFilterIndex = 0;
286     buf[0] = 0;
287     params.lpstrFile = fullname_buf;
288     params.nMaxFile = sizeof(fullname_buf);
289     params.lpstrFileTitle = NULL;
290     params.lpstrInitialDir = NULL;
291 yutakakn 2818 params.lpstrTitle = "Choose a file with the RSA/DSA private key";
292 yutakakn 2728 params.Flags =
293     OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
294     params.lpstrDefExt = NULL;
295    
296     if (GetOpenFileName(&params) != 0) {
297     copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
298     return 1;
299     } else {
300     return 0;
301     }
302     #else
303     return 0;
304     #endif
305     }
306    
307     static void choose_RSA_key_file(HWND dlg)
308     {
309     char buf[1024];
310    
311     if (get_key_file_name(dlg, buf, sizeof(buf))) {
312     SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
313     }
314     }
315    
316     static void choose_host_RSA_key_file(HWND dlg)
317     {
318     char buf[1024];
319    
320     if (get_key_file_name(dlg, buf, sizeof(buf))) {
321     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
322     }
323     }
324    
325     static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
326     {
327     int method = SSH_AUTH_PASSWORD;
328     char FAR *password =
329     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
330     CRYPTKeyPair FAR *key_pair = NULL;
331    
332     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
333     method = SSH_AUTH_RSA;
334     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
335     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
336     method = SSH_AUTH_RHOSTS_RSA;
337     } else {
338     method = SSH_AUTH_RHOSTS;
339     }
340     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
341     method = SSH_AUTH_TIS;
342     }
343    
344     if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
345     char buf[2048];
346     int file_ctl_ID =
347     method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
348    
349     buf[0] = 0;
350     GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
351     if (buf[0] == 0) {
352     notify_nonfatal_error(pvar,
353 yutakakn 2762 "You must specify a file containing the RSA/DSA private key.");
354 yutakakn 2728 SetFocus(GetDlgItem(dlg, file_ctl_ID));
355     destroy_malloced_string(&password);
356     return FALSE;
357 yutakakn 2762 }
358    
359     if (SSHv1(pvar)) {
360 yutakakn 2728 BOOL invalid_passphrase = FALSE;
361    
362     key_pair = KEYFILES_read_private_key(pvar, buf, password,
363     &invalid_passphrase,
364     FALSE);
365    
366     if (key_pair == NULL) {
367     if (invalid_passphrase) {
368     HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
369    
370     SetFocus(passwordCtl);
371     SendMessage(passwordCtl, EM_SETSEL, 0, -1);
372     } else {
373     SetFocus(GetDlgItem(dlg, file_ctl_ID));
374     }
375     destroy_malloced_string(&password);
376     return FALSE;
377     }
378 yutakakn 2762
379     } else { // SSH2(yutaka)
380     BOOL invalid_passphrase = FALSE;
381 yutakakn 2769 char errmsg[256];
382 yutakakn 2762
383 yutakakn 2769 memset(errmsg, 0, sizeof(errmsg));
384 yutakakn 2784 //GetCurrentDirectory(sizeof(errmsg), errmsg);
385 yutakakn 2769
386 yutakakn 2762 key_pair = read_SSH2_private_key(pvar, buf, password,
387     &invalid_passphrase,
388 yutakakn 2769 FALSE,
389     errmsg,
390     sizeof(errmsg)
391     );
392 yutakakn 2762
393     if (key_pair == NULL) { // read error
394 yutakakn 2769 char buf[1024];
395     _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
396     notify_nonfatal_error(pvar, buf);
397 yutakakn 2762 destroy_malloced_string(&password);
398     return FALSE;
399     }
400    
401 yutakakn 2728 }
402 yutakakn 2762
403 yutakakn 2728 }
404    
405     /* from here on, we cannot fail, so just munge cur_cred in place */
406     pvar->auth_state.cur_cred.method = method;
407     pvar->auth_state.cur_cred.key_pair = key_pair;
408     /* we can't change the user name once it's set. It may already have
409     been sent to the server, and it can only be sent once. */
410     if (pvar->auth_state.user == NULL) {
411     pvar->auth_state.user =
412     alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
413     }
414 yutakakn 2811
415     // ���J���F���������A�Z�b�V�������������p�X���[�h���g�����������������������������������B
416     // (2005.4.8 yutaka)
417     if (method == SSH_AUTH_PASSWORD || method == SSH_AUTH_RSA) {
418 yutakakn 2728 pvar->auth_state.cur_cred.password = password;
419     } else {
420     destroy_malloced_string(&password);
421     }
422     if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
423     if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
424     notify_nonfatal_error(pvar,
425     "Rhosts authentication will probably fail because it was not "
426     "the default authentication method.\n"
427     "To use Rhosts authentication "
428     "in TTSSH, you need to set it to be the default by restarting\n"
429     "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
430     "before connecting.");
431     }
432    
433     pvar->auth_state.cur_cred.rhosts_client_user =
434     alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
435     }
436     pvar->auth_state.auth_dialog = NULL;
437    
438     GetDlgItemText(dlg, IDC_RSAFILENAME,
439     pvar->session_settings.DefaultRSAPrivateKeyFile,
440     sizeof(pvar->session_settings.
441     DefaultRSAPrivateKeyFile));
442     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
443     pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
444     sizeof(pvar->session_settings.
445     DefaultRhostsHostPrivateKeyFile));
446     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
447     pvar->session_settings.DefaultRhostsLocalUserName,
448     sizeof(pvar->session_settings.
449     DefaultRhostsLocalUserName));
450    
451     if (SSHv1(pvar)) {
452     SSH_notify_user_name(pvar);
453     SSH_notify_cred(pvar);
454     } else {
455     // for SSH2(yutaka)
456     do_SSH2_userauth(pvar);
457     }
458    
459     EndDialog(dlg, 1);
460     return TRUE;
461     }
462    
463     static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
464     LPARAM lParam)
465     {
466 yutakakn 2739 const int IDC_TIMER1 = 300;
467 yutakakn 2752 const int autologin_timeout = 10; // �~���b
468 yutakakn 2728 PTInstVar pvar;
469    
470     switch (msg) {
471     case WM_INITDIALOG:
472     pvar = (PTInstVar) lParam;
473     pvar->auth_state.auth_dialog = dlg;
474     SetWindowLong(dlg, DWL_USER, lParam);
475    
476     init_auth_dlg(pvar, dlg);
477 yutakakn 2739
478     // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
479     if (pvar->ssh2_autologin == 1) {
480     SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
481     }
482 yutakakn 2728 return FALSE; /* because we set the focus */
483    
484 yutakakn 2739 case WM_TIMER:
485 yutakakn 2752 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
486     // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
487     if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
488     KillTimer(dlg, IDC_TIMER1);
489     SendMessage(dlg, WM_COMMAND, IDOK, 0);
490     }
491 yutakakn 2739 return TRUE;
492    
493 yutakakn 2728 case WM_COMMAND:
494     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
495    
496     switch (LOWORD(wParam)) {
497     case IDOK:
498 yutakakn 2783 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
499     if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
500     return FALSE;
501     }
502 yutakakn 2728 return end_auth_dlg(pvar, dlg);
503    
504     case IDCANCEL: /* kill the connection */
505     pvar->auth_state.auth_dialog = NULL;
506     notify_closed_connection(pvar);
507     EndDialog(dlg, 0);
508     return TRUE;
509    
510     case IDC_SSHUSEPASSWORD:
511     case IDC_SSHUSERSA:
512     case IDC_SSHUSERHOSTS:
513     case IDC_SSHUSETIS:
514     set_auth_options_status(dlg, LOWORD(wParam));
515     return TRUE;
516    
517     case IDC_CHOOSERSAFILE:
518     choose_RSA_key_file(dlg);
519     return TRUE;
520    
521     case IDC_CHOOSEHOSTRSAFILE:
522     choose_host_RSA_key_file(dlg);
523     return TRUE;
524    
525     default:
526     return FALSE;
527     }
528    
529     default:
530     return FALSE;
531     }
532     }
533    
534     char FAR *AUTH_get_user_name(PTInstVar pvar)
535     {
536     return pvar->auth_state.user;
537     }
538    
539     int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
540     {
541     char buf[1024];
542    
543     _snprintf(buf, sizeof(buf),
544     "Server reports supported authentication method mask = %d",
545     types);
546     buf[sizeof(buf) - 1] = 0;
547     notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
548    
549     if (SSHv1(pvar)) {
550     types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
551     | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
552     | (1 << SSH_AUTH_TIS);
553     } else {
554     // for SSH2(yutaka)
555 yutakakn 2762 // types &= (1 << SSH_AUTH_PASSWORD);
556     // ���J���F�����L�������� (2004.12.18 yutaka)
557 yutakakn 2800 // TIS�������BSSH2����keyboard-interactive�����������B(2005.3.12 yutaka)
558 yutakakn 2762 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
559 yutakakn 2800 | (1 << SSH_AUTH_DSA)
560     | (1 << SSH_AUTH_TIS);
561 yutakakn 2728 }
562     pvar->auth_state.supported_types = types;
563    
564     if (types == 0) {
565     notify_fatal_error(pvar,
566     "Server does not support any of the authentication options\n"
567     "provided by TTSSH. This connection will now close.");
568     return 0;
569     } else {
570     if (pvar->auth_state.auth_dialog != NULL) {
571     update_server_supported_types(pvar,
572     pvar->auth_state.auth_dialog);
573     }
574    
575     return 1;
576     }
577     }
578    
579     static void start_user_auth(PTInstVar pvar)
580     {
581 yutakakn 2739 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
582 yutakakn 2728 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
583     (LPARAM) NULL);
584     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
585     }
586    
587     static void try_default_auth(PTInstVar pvar)
588     {
589     if (pvar->session_settings.TryDefaultAuth) {
590     switch (pvar->session_settings.DefaultAuthMethod) {
591     case SSH_AUTH_RSA:{
592     BOOL invalid_passphrase;
593     char password[] = "";
594    
595     pvar->auth_state.cur_cred.key_pair
596     =
597     KEYFILES_read_private_key(pvar,
598     pvar->session_settings.
599     DefaultRSAPrivateKeyFile,
600     password,
601     &invalid_passphrase, TRUE);
602     if (pvar->auth_state.cur_cred.key_pair == NULL) {
603     return;
604     } else {
605     pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
606     }
607     break;
608     }
609    
610     case SSH_AUTH_RHOSTS:
611     if (pvar->session_settings.
612     DefaultRhostsHostPrivateKeyFile[0] != 0) {
613     BOOL invalid_passphrase;
614     char password[] = "";
615    
616     pvar->auth_state.cur_cred.key_pair
617     =
618     KEYFILES_read_private_key(pvar,
619     pvar->session_settings.
620     DefaultRhostsHostPrivateKeyFile,
621     password,
622     &invalid_passphrase, TRUE);
623     if (pvar->auth_state.cur_cred.key_pair == NULL) {
624     return;
625     } else {
626     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
627     }
628     } else {
629     pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
630     }
631    
632     pvar->auth_state.cur_cred.rhosts_client_user =
633     _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
634     break;
635    
636     case SSH_AUTH_PASSWORD:
637     pvar->auth_state.cur_cred.password = _strdup("");
638     pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
639     break;
640    
641     case SSH_AUTH_TIS:
642     default:
643     return;
644     }
645    
646     pvar->auth_state.user =
647     _strdup(pvar->session_settings.DefaultUserName);
648     }
649     }
650    
651     void AUTH_notify_end_error(PTInstVar pvar)
652     {
653     if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
654     start_user_auth(pvar);
655     pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
656     }
657     }
658    
659     void AUTH_advance_to_next_cred(PTInstVar pvar)
660     {
661     pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
662    
663     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
664     try_default_auth(pvar);
665    
666     if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
667     if (pvar->err_msg != NULL) {
668     pvar->auth_state.flags |=
669     AUTH_START_USER_AUTH_ON_ERROR_END;
670     } else {
671 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
672     // �R�}���h���C���w������������
673 yutakakn 2728 start_user_auth(pvar);
674     }
675     }
676     } else {
677 yutakakn 2739 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
678     // �R�}���h���C���w������(/auth=xxxx)������
679 yutakakn 2728 start_user_auth(pvar);
680     }
681     }
682    
683     static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
684     {
685     init_auth_machine_banner(pvar, dlg);
686     init_password_control(dlg);
687    
688     if (pvar->auth_state.TIS_prompt != NULL) {
689     if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
690     pvar->auth_state.TIS_prompt[10000] = 0;
691     }
692     SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
693     pvar->auth_state.TIS_prompt);
694     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
695     }
696     }
697    
698     static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
699     {
700     char FAR *password =
701     alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
702    
703     pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
704     pvar->auth_state.cur_cred.password = password;
705     pvar->auth_state.auth_dialog = NULL;
706    
707 yutakakn 2800 // add
708     if (SSHv2(pvar)) {
709     pvar->keyboard_interactive_password_input = 1;
710     handle_SSH2_userauth_inforeq(pvar);
711     }
712    
713 yutakakn 2728 SSH_notify_cred(pvar);
714    
715     EndDialog(dlg, 1);
716     return TRUE;
717     }
718    
719     static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
720     LPARAM lParam)
721     {
722     PTInstVar pvar;
723    
724     switch (msg) {
725     case WM_INITDIALOG:
726     pvar = (PTInstVar) lParam;
727     pvar->auth_state.auth_dialog = dlg;
728     SetWindowLong(dlg, DWL_USER, lParam);
729    
730     init_TIS_dlg(pvar, dlg);
731     return FALSE; /* because we set the focus */
732    
733     case WM_COMMAND:
734     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
735    
736     switch (LOWORD(wParam)) {
737     case IDOK:
738     return end_TIS_dlg(pvar, dlg);
739    
740     case IDCANCEL: /* kill the connection */
741     pvar->auth_state.auth_dialog = NULL;
742     notify_closed_connection(pvar);
743     EndDialog(dlg, 0);
744     return TRUE;
745    
746     default:
747     return FALSE;
748     }
749    
750     default:
751     return FALSE;
752     }
753     }
754    
755     void AUTH_do_cred_dialog(PTInstVar pvar)
756     {
757     if (pvar->auth_state.auth_dialog == NULL) {
758     HWND cur_active = GetActiveWindow();
759     DLGPROC dlg_proc;
760     LPCTSTR dialog_template;
761    
762     switch (pvar->auth_state.mode) {
763     case TIS_AUTH_MODE:
764     dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
765     dlg_proc = TIS_dlg_proc;
766     break;
767     case GENERIC_AUTH_MODE:
768     default:
769     dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
770     dlg_proc = auth_dlg_proc;
771     }
772    
773     if (!DialogBoxParam(hInst, dialog_template,
774     cur_active !=
775     NULL ? cur_active : pvar->NotificationWindow,
776     dlg_proc, (LPARAM) pvar) == -1) {
777     notify_fatal_error(pvar,
778     "Unable to display authentication dialog box.\n"
779     "Connection terminated.");
780     }
781     }
782     }
783    
784     static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
785     {
786     switch (pvar->settings.DefaultAuthMethod) {
787     case SSH_AUTH_RSA:
788     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
789     IDC_SSHUSERSA);
790     break;
791     case SSH_AUTH_RHOSTS:
792     case SSH_AUTH_RHOSTS_RSA:
793     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
794     IDC_SSHUSERHOSTS);
795     break;
796     case SSH_AUTH_TIS:
797     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
798     IDC_SSHUSETIS);
799     break;
800     case SSH_AUTH_PASSWORD:
801     default:
802     CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
803     IDC_SSHUSEPASSWORD);
804     }
805    
806     SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
807     SetDlgItemText(dlg, IDC_RSAFILENAME,
808     pvar->settings.DefaultRSAPrivateKeyFile);
809     SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
810     pvar->settings.DefaultRhostsHostPrivateKeyFile);
811     SetDlgItemText(dlg, IDC_LOCALUSERNAME,
812     pvar->settings.DefaultRhostsLocalUserName);
813 yutakakn 2789
814     // SSH2 keyboard-interactive method (2005.2.22 yutaka)
815     if (pvar->settings.ssh2_keyboard_interactive) {
816     SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
817     }
818    
819 yutakakn 2728 }
820    
821     static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
822     {
823     if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
824     pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
825     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
826     if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
827     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
828     } else {
829     pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
830     }
831     } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
832     pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
833     } else {
834     pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
835     }
836    
837     GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
838     sizeof(pvar->settings.DefaultUserName));
839     GetDlgItemText(dlg, IDC_RSAFILENAME,
840     pvar->settings.DefaultRSAPrivateKeyFile,
841     sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
842     GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
843     pvar->settings.DefaultRhostsHostPrivateKeyFile,
844     sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
845     GetDlgItemText(dlg, IDC_LOCALUSERNAME,
846     pvar->settings.DefaultRhostsLocalUserName,
847     sizeof(pvar->settings.DefaultRhostsLocalUserName));
848    
849 yutakakn 2789 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
850     {
851     LRESULT ret;
852     ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
853     if (ret & BST_CHECKED) {
854     pvar->settings.ssh2_keyboard_interactive = 1;
855     } else {
856     pvar->settings.ssh2_keyboard_interactive = 0;
857     }
858     }
859    
860 yutakakn 2728 EndDialog(dlg, 1);
861     return TRUE;
862     }
863    
864     static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
865     WPARAM wParam, LPARAM lParam)
866     {
867     PTInstVar pvar;
868    
869     switch (msg) {
870     case WM_INITDIALOG:
871     pvar = (PTInstVar) lParam;
872     SetWindowLong(dlg, DWL_USER, lParam);
873    
874     init_default_auth_dlg(pvar, dlg);
875     return TRUE; /* because we do not set the focus */
876    
877     case WM_COMMAND:
878     pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
879    
880     switch (LOWORD(wParam)) {
881     case IDOK:
882     return end_default_auth_dlg(pvar, dlg);
883    
884     case IDCANCEL:
885     EndDialog(dlg, 0);
886     return TRUE;
887    
888     case IDC_CHOOSERSAFILE:
889     choose_RSA_key_file(dlg);
890     return TRUE;
891    
892     case IDC_CHOOSEHOSTRSAFILE:
893     choose_host_RSA_key_file(dlg);
894     return TRUE;
895    
896     default:
897     return FALSE;
898     }
899    
900     default:
901     return FALSE;
902     }
903     }
904    
905     void AUTH_init(PTInstVar pvar)
906     {
907     pvar->auth_state.failed_method = SSH_AUTH_NONE;
908     pvar->auth_state.auth_dialog = NULL;
909     pvar->auth_state.user = NULL;
910     pvar->auth_state.flags = 0;
911     pvar->auth_state.TIS_prompt = NULL;
912     pvar->auth_state.supported_types = 0;
913     pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
914     pvar->auth_state.cur_cred.password = NULL;
915     pvar->auth_state.cur_cred.rhosts_client_user = NULL;
916     pvar->auth_state.cur_cred.key_pair = NULL;
917     AUTH_set_generic_mode(pvar);
918     }
919    
920     void AUTH_set_generic_mode(PTInstVar pvar)
921     {
922     pvar->auth_state.mode = GENERIC_AUTH_MODE;
923     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
924     }
925    
926     void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
927     {
928     if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
929     pvar->auth_state.mode = TIS_AUTH_MODE;
930    
931     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
932     pvar->auth_state.TIS_prompt = malloc(len + 1);
933     memcpy(pvar->auth_state.TIS_prompt, prompt, len);
934     pvar->auth_state.TIS_prompt[len] = 0;
935     } else {
936     AUTH_set_generic_mode(pvar);
937     }
938     }
939    
940     void AUTH_do_default_cred_dialog(PTInstVar pvar)
941     {
942     HWND cur_active = GetActiveWindow();
943    
944     if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
945     cur_active !=
946     NULL ? cur_active : pvar->NotificationWindow,
947     default_auth_dlg_proc, (LPARAM) pvar) == -1) {
948     notify_nonfatal_error(pvar,
949     "Unable to display authentication setup dialog box.");
950     }
951     }
952    
953     void AUTH_destroy_cur_cred(PTInstVar pvar)
954     {
955     destroy_malloced_string(&pvar->auth_state.cur_cred.password);
956     destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
957     if (pvar->auth_state.cur_cred.key_pair != NULL) {
958     CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
959     pvar->auth_state.cur_cred.key_pair = NULL;
960     }
961     }
962    
963     static char FAR *get_auth_method_name(SSHAuthMethod auth)
964     {
965     switch (auth) {
966     case SSH_AUTH_PASSWORD:
967     return "password";
968     case SSH_AUTH_RSA:
969     return "RSA";
970     case SSH_AUTH_RHOSTS:
971     return "rhosts";
972     case SSH_AUTH_RHOSTS_RSA:
973     return "rhosts with RSA";
974     case SSH_AUTH_TIS:
975     return "challenge/response (TIS)";
976     default:
977     return "unknown method";
978     }
979     }
980    
981     void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
982     {
983 yutakakn 2782 char *method = "unknown";
984    
985 yutakakn 2728 if (pvar->auth_state.user == NULL) {
986     strncpy(dest, "None", len);
987     } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
988 yutakakn 2762 if (SSHv1(pvar)) {
989     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
990     get_auth_method_name(pvar->auth_state.cur_cred.method));
991    
992 yutakakn 2800 } else {
993     // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
994     // keyboard-interactive���\�b�h������ (2005.3.12 yutaka)
995     if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD ||
996     pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
997 yutakakn 2782 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
998 yutakakn 2800 if (pvar->keyboard_interactive_done == 1 ||
999     pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
1000 yutakakn 2782 method = "keyboard-interactive";
1001     } else {
1002     method = get_auth_method_name(pvar->auth_state.cur_cred.method);
1003     }
1004     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1005    
1006 yutakakn 2762 } else {
1007     if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
1008     method = "RSA";
1009     } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
1010     method = "DSA";
1011     }
1012     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1013     }
1014    
1015     }
1016    
1017 yutakakn 2728 } else {
1018     _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
1019     get_auth_method_name(pvar->auth_state.failed_method));
1020     }
1021    
1022     dest[len - 1] = 0;
1023     }
1024    
1025     void AUTH_notify_disconnecting(PTInstVar pvar)
1026     {
1027     if (pvar->auth_state.auth_dialog != NULL) {
1028     PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
1029     /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
1030     EnableWindow(pvar->NotificationWindow, TRUE);
1031     }
1032     }
1033    
1034     void AUTH_end(PTInstVar pvar)
1035     {
1036     destroy_malloced_string(&pvar->auth_state.user);
1037     destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1038    
1039     AUTH_destroy_cur_cred(pvar);
1040     }
1041 yutakakn 2739
1042     /*
1043     * $Log: not supported by cvs2svn $
1044 yutakakn 2818 * Revision 1.13 2005/04/08 14:55:03 yutakakn
1045     * "Duplicate session"��������SSH�������O�C�����s�������������B
1046     *
1047 yutakakn 2811 * Revision 1.12 2005/03/23 12:39:35 yutakakn
1048     * SSH2�F���_�C�A���O�� Use challenge/response to log in ���A�N�Z�����[�^�L�[�������������B
1049     *
1050 yutakakn 2804 * Revision 1.11 2005/03/12 15:07:33 yutakakn
1051     * SSH2 keyboard-interactive�F����TIS�_�C�A���O�����������B
1052     *
1053 yutakakn 2800 * Revision 1.10 2005/03/12 12:08:05 yutakakn
1054     * �p�X���[�h�F�����O���s��keyboard-interactive���\�b�h���A�f�t�H���g�����l������(0)�������B
1055     * �����A�F���_�C�A���O�����x�������������L�����������X���������������B
1056     *
1057 yutakakn 2799 * Revision 1.9 2005/02/22 08:48:11 yutakakn
1058     * TTSSH setup�_�C�A���O�� HeartBeat �����������B
1059     * TTSSH authentication setup�_�C�A���O�� keyboard-interactive �����������B
1060     *
1061 yutakakn 2789 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1062     * ���J���F���������O�C�����T�|�[�g�B
1063     * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1064     * �����A�����������������T�|�[�g�B
1065     *
1066 yutakakn 2784 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1067     * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1068     * �A�v���P�[�V�����G���[���������������������B
1069     *
1070 yutakakn 2783 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1071     * �Ekeyboard-interactive�F�����T�|�[�g�����B
1072     * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1073     * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1074     *
1075 yutakakn 2782 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1076     * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1077     *
1078 yutakakn 2769 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1079     * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1080     *
1081 yutakakn 2762 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1082     * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1083     *
1084 yutakakn 2752 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1085     * SSH2�������O�C���@�\�������B
1086     * �����A�p�X���[�h�F�������������B
1087     * �E�R�}���h���C��
1088     * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1089     *
1090 yutakakn 2739 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help