Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Contents of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2782 - (show annotations) (download) (as text)
Mon Jan 24 14:07:07 2005 UTC (19 years, 2 months ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 27428 byte(s) 
・keyboard-interactive認証をサポートした。
 それに伴い、teraterm.iniに "KeyboardInteractive" エントリを追加した。
・バージョンダイアログに OpenSSLバージョン を追加
1 /*
2 Copyright (c) 1998-2001, Robert O'Callahan
3 All rights reserved.
4
5 Redistribution and use in source and binary forms, with or without modification,
6 are permitted provided that the following conditions are met:
7
8 Redistributions of source code must retain the above copyright notice, this list of
9 conditions and the following disclaimer.
10
11 Redistributions in binary form must reproduce the above copyright notice, this list
12 of conditions and the following disclaimer in the documentation and/or other materials
13 provided with the distribution.
14
15 The name of Robert O'Callahan may not be used to endorse or promote products derived from
16 this software without specific prior written permission.
17
18 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21 THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include "ttxssh.h"
30 #include "util.h"
31
32 #include <io.h>
33 #include <fcntl.h>
34 #include <stdlib.h>
35 #include <errno.h>
36
37 #include "resource.h"
38 #include "keyfiles.h"
39
40 #define AUTH_START_USER_AUTH_ON_ERROR_END 1
41
42 #define MAX_AUTH_CONTROL IDC_SSHUSETIS
43
44 static void destroy_malloced_string(char FAR * FAR * str)
45 {
46 if (*str != NULL) {
47 memset(*str, 0, strlen(*str));
48 free(*str);
49 *str = NULL;
50 }
51 }
52
53 static int auth_types_to_control_IDs[] = {
54 -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
55 IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
56 };
57
58 static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
59 WPARAM wParam, LPARAM lParam)
60 {
61 switch (msg) {
62 case WM_CHAR:
63 if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
64 char chars[] = { (char) wParam, 0 };
65
66 SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
67 (LPARAM) (char FAR *) chars);
68 return 0;
69 }
70 }
71
72 return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
73 control, msg, wParam, lParam);
74 }
75
76 static void init_password_control(HWND dlg)
77 {
78 HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
79
80 SetWindowLong(passwordControl, GWL_USERDATA,
81 SetWindowLong(passwordControl, GWL_WNDPROC,
82 (LONG) password_wnd_proc));
83
84 SetFocus(passwordControl);
85 }
86
87 static void set_auth_options_status(HWND dlg, int controlID)
88 {
89 BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
90 BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
91 BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
92 int i;
93
94 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
95
96 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
97 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
98
99 for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
100 EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
101 }
102
103 for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
104 EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
105 }
106 }
107
108 static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
109 {
110 char buf[1024] = "Logging in to ";
111
112 if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
113 strcat(buf, SSH_get_host_name(pvar));
114 }
115 SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
116 }
117
118 static void update_server_supported_types(PTInstVar pvar, HWND dlg)
119 {
120 int supported_methods = pvar->auth_state.supported_types;
121 int cur_control = -1;
122 int control;
123 HWND focus = GetFocus();
124
125 if (supported_methods == 0) {
126 return;
127 }
128
129 for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
130 control++) {
131 BOOL enabled = FALSE;
132 int method;
133 HWND item = GetDlgItem(dlg, control);
134
135 if (item != NULL) {
136 for (method = 0; method <= SSH_AUTH_MAX; method++) {
137 if (auth_types_to_control_IDs[method] == control
138 && (supported_methods & (1 << method)) != 0) {
139 enabled = TRUE;
140 }
141 }
142
143 EnableWindow(item, enabled);
144
145 if (IsDlgButtonChecked(dlg, control)) {
146 cur_control = control;
147 }
148 }
149 }
150
151 if (cur_control >= 0) {
152 if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
153 do {
154 cur_control++;
155 if (cur_control > MAX_AUTH_CONTROL) {
156 cur_control = IDC_SSHUSEPASSWORD;
157 }
158 } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
159
160 set_auth_options_status(dlg, cur_control);
161
162 if (focus != NULL && !IsWindowEnabled(focus)) {
163 SetFocus(GetDlgItem(dlg, cur_control));
164 }
165 }
166 }
167 }
168
169 static void init_auth_dlg(PTInstVar pvar, HWND dlg)
170 {
171 int default_method = pvar->session_settings.DefaultAuthMethod;
172
173 init_auth_machine_banner(pvar, dlg);
174 init_password_control(dlg);
175
176 if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
177 /* must be retrying a failed attempt */
178 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
179 "Authentication failed. Please retry.");
180 SetWindowText(dlg, "Retrying SSH Authentication");
181 default_method = pvar->auth_state.failed_method;
182 }
183
184 set_auth_options_status(dlg,
185 auth_types_to_control_IDs[default_method]);
186
187 if (default_method == SSH_AUTH_TIS) {
188 /* we disabled the password control, so fix the focus */
189 SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
190 }
191
192 if (pvar->auth_state.user != NULL) {
193 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
194 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
195 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
196 } else if (pvar->session_settings.DefaultUserName[0] != 0) {
197 SetDlgItemText(dlg, IDC_SSHUSERNAME,
198 pvar->session_settings.DefaultUserName);
199 } else {
200 SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
201 }
202
203 SetDlgItemText(dlg, IDC_RSAFILENAME,
204 pvar->session_settings.DefaultRSAPrivateKeyFile);
205 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
206 pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
207 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
208 pvar->session_settings.DefaultRhostsLocalUserName);
209
210 update_server_supported_types(pvar, dlg);
211
212 // SSH2 autologin (2004.12.1 yutaka)
213 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
214 if (pvar->ssh2_autologin == 1) {
215 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
216 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
217 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
218
219 SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
220 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
221 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
222
223 if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
224 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
225 } else {
226 // TODO
227
228 }
229 }
230
231 }
232
233 static char FAR *alloc_control_text(HWND ctl)
234 {
235 int len = GetWindowTextLength(ctl);
236 char FAR *result = malloc(len + 1);
237
238 if (result != NULL) {
239 GetWindowText(ctl, result, len + 1);
240 result[len] = 0;
241 }
242
243 return result;
244 }
245
246 static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
247 {
248 #ifdef TERATERM32
249 OPENFILENAME params;
250 char fullname_buf[2048] = "identity";
251
252 ZeroMemory(&params, sizeof(params));
253 params.lStructSize = sizeof(OPENFILENAME);
254 params.hwndOwner = parent;
255 // �t�B���^������ (2004.12.19 yutaka)
256 params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
257 params.lpstrCustomFilter = NULL;
258 params.nFilterIndex = 0;
259 buf[0] = 0;
260 params.lpstrFile = fullname_buf;
261 params.nMaxFile = sizeof(fullname_buf);
262 params.lpstrFileTitle = NULL;
263 params.lpstrInitialDir = NULL;
264 params.lpstrTitle = "Choose a file with the RSA private key";
265 params.Flags =
266 OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
267 params.lpstrDefExt = NULL;
268
269 if (GetOpenFileName(&params) != 0) {
270 copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
271 return 1;
272 } else {
273 return 0;
274 }
275 #else
276 return 0;
277 #endif
278 }
279
280 static void choose_RSA_key_file(HWND dlg)
281 {
282 char buf[1024];
283
284 if (get_key_file_name(dlg, buf, sizeof(buf))) {
285 SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
286 }
287 }
288
289 static void choose_host_RSA_key_file(HWND dlg)
290 {
291 char buf[1024];
292
293 if (get_key_file_name(dlg, buf, sizeof(buf))) {
294 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
295 }
296 }
297
298 static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
299 {
300 int method = SSH_AUTH_PASSWORD;
301 char FAR *password =
302 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
303 CRYPTKeyPair FAR *key_pair = NULL;
304
305 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
306 method = SSH_AUTH_RSA;
307 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
308 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
309 method = SSH_AUTH_RHOSTS_RSA;
310 } else {
311 method = SSH_AUTH_RHOSTS;
312 }
313 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
314 method = SSH_AUTH_TIS;
315 }
316
317 if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
318 char buf[2048];
319 int file_ctl_ID =
320 method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
321
322 buf[0] = 0;
323 GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
324 if (buf[0] == 0) {
325 notify_nonfatal_error(pvar,
326 "You must specify a file containing the RSA/DSA private key.");
327 SetFocus(GetDlgItem(dlg, file_ctl_ID));
328 destroy_malloced_string(&password);
329 return FALSE;
330 }
331
332 if (SSHv1(pvar)) {
333 BOOL invalid_passphrase = FALSE;
334
335 key_pair = KEYFILES_read_private_key(pvar, buf, password,
336 &invalid_passphrase,
337 FALSE);
338
339 if (key_pair == NULL) {
340 if (invalid_passphrase) {
341 HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
342
343 SetFocus(passwordCtl);
344 SendMessage(passwordCtl, EM_SETSEL, 0, -1);
345 } else {
346 SetFocus(GetDlgItem(dlg, file_ctl_ID));
347 }
348 destroy_malloced_string(&password);
349 return FALSE;
350 }
351
352 } else { // SSH2(yutaka)
353 BOOL invalid_passphrase = FALSE;
354 char errmsg[256];
355
356 memset(errmsg, 0, sizeof(errmsg));
357
358 key_pair = read_SSH2_private_key(pvar, buf, password,
359 &invalid_passphrase,
360 FALSE,
361 errmsg,
362 sizeof(errmsg)
363 );
364
365 if (key_pair == NULL) { // read error
366 char buf[1024];
367 _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
368 notify_nonfatal_error(pvar, buf);
369 destroy_malloced_string(&password);
370 return FALSE;
371 }
372
373 }
374
375 }
376
377 /* from here on, we cannot fail, so just munge cur_cred in place */
378 pvar->auth_state.cur_cred.method = method;
379 pvar->auth_state.cur_cred.key_pair = key_pair;
380 /* we can't change the user name once it's set. It may already have
381 been sent to the server, and it can only be sent once. */
382 if (pvar->auth_state.user == NULL) {
383 pvar->auth_state.user =
384 alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
385 }
386 if (method == SSH_AUTH_PASSWORD) {
387 pvar->auth_state.cur_cred.password = password;
388 } else {
389 destroy_malloced_string(&password);
390 }
391 if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
392 if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
393 notify_nonfatal_error(pvar,
394 "Rhosts authentication will probably fail because it was not "
395 "the default authentication method.\n"
396 "To use Rhosts authentication "
397 "in TTSSH, you need to set it to be the default by restarting\n"
398 "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
399 "before connecting.");
400 }
401
402 pvar->auth_state.cur_cred.rhosts_client_user =
403 alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
404 }
405 pvar->auth_state.auth_dialog = NULL;
406
407 GetDlgItemText(dlg, IDC_RSAFILENAME,
408 pvar->session_settings.DefaultRSAPrivateKeyFile,
409 sizeof(pvar->session_settings.
410 DefaultRSAPrivateKeyFile));
411 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
412 pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
413 sizeof(pvar->session_settings.
414 DefaultRhostsHostPrivateKeyFile));
415 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
416 pvar->session_settings.DefaultRhostsLocalUserName,
417 sizeof(pvar->session_settings.
418 DefaultRhostsLocalUserName));
419
420 if (SSHv1(pvar)) {
421 SSH_notify_user_name(pvar);
422 SSH_notify_cred(pvar);
423 } else {
424 // for SSH2(yutaka)
425 do_SSH2_userauth(pvar);
426 }
427
428 EndDialog(dlg, 1);
429 return TRUE;
430 }
431
432 static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
433 LPARAM lParam)
434 {
435 const int IDC_TIMER1 = 300;
436 const int autologin_timeout = 10; // �~���b
437 PTInstVar pvar;
438
439 switch (msg) {
440 case WM_INITDIALOG:
441 pvar = (PTInstVar) lParam;
442 pvar->auth_state.auth_dialog = dlg;
443 SetWindowLong(dlg, DWL_USER, lParam);
444
445 init_auth_dlg(pvar, dlg);
446
447 // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
448 if (pvar->ssh2_autologin == 1) {
449 SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
450 }
451 return FALSE; /* because we set the focus */
452
453 case WM_TIMER:
454 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
455 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
456 if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
457 KillTimer(dlg, IDC_TIMER1);
458 SendMessage(dlg, WM_COMMAND, IDOK, 0);
459 }
460 return TRUE;
461
462 case WM_COMMAND:
463 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
464
465 switch (LOWORD(wParam)) {
466 case IDOK:
467 return end_auth_dlg(pvar, dlg);
468
469 case IDCANCEL: /* kill the connection */
470 pvar->auth_state.auth_dialog = NULL;
471 notify_closed_connection(pvar);
472 EndDialog(dlg, 0);
473 return TRUE;
474
475 case IDC_SSHUSEPASSWORD:
476 case IDC_SSHUSERSA:
477 case IDC_SSHUSERHOSTS:
478 case IDC_SSHUSETIS:
479 set_auth_options_status(dlg, LOWORD(wParam));
480 return TRUE;
481
482 case IDC_CHOOSERSAFILE:
483 choose_RSA_key_file(dlg);
484 return TRUE;
485
486 case IDC_CHOOSEHOSTRSAFILE:
487 choose_host_RSA_key_file(dlg);
488 return TRUE;
489
490 default:
491 return FALSE;
492 }
493
494 default:
495 return FALSE;
496 }
497 }
498
499 char FAR *AUTH_get_user_name(PTInstVar pvar)
500 {
501 return pvar->auth_state.user;
502 }
503
504 int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
505 {
506 char buf[1024];
507
508 _snprintf(buf, sizeof(buf),
509 "Server reports supported authentication method mask = %d",
510 types);
511 buf[sizeof(buf) - 1] = 0;
512 notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
513
514 if (SSHv1(pvar)) {
515 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
516 | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
517 | (1 << SSH_AUTH_TIS);
518 } else {
519 // for SSH2(yutaka)
520 // types &= (1 << SSH_AUTH_PASSWORD);
521 // ���J���F�����L�������� (2004.12.18 yutaka)
522 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
523 | (1 << SSH_AUTH_DSA);
524 }
525 pvar->auth_state.supported_types = types;
526
527 if (types == 0) {
528 notify_fatal_error(pvar,
529 "Server does not support any of the authentication options\n"
530 "provided by TTSSH. This connection will now close.");
531 return 0;
532 } else {
533 if (pvar->auth_state.auth_dialog != NULL) {
534 update_server_supported_types(pvar,
535 pvar->auth_state.auth_dialog);
536 }
537
538 return 1;
539 }
540 }
541
542 static void start_user_auth(PTInstVar pvar)
543 {
544 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
545 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
546 (LPARAM) NULL);
547 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
548 }
549
550 static void try_default_auth(PTInstVar pvar)
551 {
552 if (pvar->session_settings.TryDefaultAuth) {
553 switch (pvar->session_settings.DefaultAuthMethod) {
554 case SSH_AUTH_RSA:{
555 BOOL invalid_passphrase;
556 char password[] = "";
557
558 pvar->auth_state.cur_cred.key_pair
559 =
560 KEYFILES_read_private_key(pvar,
561 pvar->session_settings.
562 DefaultRSAPrivateKeyFile,
563 password,
564 &invalid_passphrase, TRUE);
565 if (pvar->auth_state.cur_cred.key_pair == NULL) {
566 return;
567 } else {
568 pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
569 }
570 break;
571 }
572
573 case SSH_AUTH_RHOSTS:
574 if (pvar->session_settings.
575 DefaultRhostsHostPrivateKeyFile[0] != 0) {
576 BOOL invalid_passphrase;
577 char password[] = "";
578
579 pvar->auth_state.cur_cred.key_pair
580 =
581 KEYFILES_read_private_key(pvar,
582 pvar->session_settings.
583 DefaultRhostsHostPrivateKeyFile,
584 password,
585 &invalid_passphrase, TRUE);
586 if (pvar->auth_state.cur_cred.key_pair == NULL) {
587 return;
588 } else {
589 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
590 }
591 } else {
592 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
593 }
594
595 pvar->auth_state.cur_cred.rhosts_client_user =
596 _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
597 break;
598
599 case SSH_AUTH_PASSWORD:
600 pvar->auth_state.cur_cred.password = _strdup("");
601 pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
602 break;
603
604 case SSH_AUTH_TIS:
605 default:
606 return;
607 }
608
609 pvar->auth_state.user =
610 _strdup(pvar->session_settings.DefaultUserName);
611 }
612 }
613
614 void AUTH_notify_end_error(PTInstVar pvar)
615 {
616 if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
617 start_user_auth(pvar);
618 pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
619 }
620 }
621
622 void AUTH_advance_to_next_cred(PTInstVar pvar)
623 {
624 pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
625
626 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
627 try_default_auth(pvar);
628
629 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
630 if (pvar->err_msg != NULL) {
631 pvar->auth_state.flags |=
632 AUTH_START_USER_AUTH_ON_ERROR_END;
633 } else {
634 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
635 // �R�}���h���C���w������������
636 start_user_auth(pvar);
637 }
638 }
639 } else {
640 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
641 // �R�}���h���C���w������(/auth=xxxx)������
642 start_user_auth(pvar);
643 }
644 }
645
646 static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
647 {
648 init_auth_machine_banner(pvar, dlg);
649 init_password_control(dlg);
650
651 if (pvar->auth_state.TIS_prompt != NULL) {
652 if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
653 pvar->auth_state.TIS_prompt[10000] = 0;
654 }
655 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
656 pvar->auth_state.TIS_prompt);
657 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
658 }
659 }
660
661 static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
662 {
663 char FAR *password =
664 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
665
666 pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
667 pvar->auth_state.cur_cred.password = password;
668 pvar->auth_state.auth_dialog = NULL;
669
670 SSH_notify_cred(pvar);
671
672 EndDialog(dlg, 1);
673 return TRUE;
674 }
675
676 static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
677 LPARAM lParam)
678 {
679 PTInstVar pvar;
680
681 switch (msg) {
682 case WM_INITDIALOG:
683 pvar = (PTInstVar) lParam;
684 pvar->auth_state.auth_dialog = dlg;
685 SetWindowLong(dlg, DWL_USER, lParam);
686
687 init_TIS_dlg(pvar, dlg);
688 return FALSE; /* because we set the focus */
689
690 case WM_COMMAND:
691 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
692
693 switch (LOWORD(wParam)) {
694 case IDOK:
695 return end_TIS_dlg(pvar, dlg);
696
697 case IDCANCEL: /* kill the connection */
698 pvar->auth_state.auth_dialog = NULL;
699 notify_closed_connection(pvar);
700 EndDialog(dlg, 0);
701 return TRUE;
702
703 default:
704 return FALSE;
705 }
706
707 default:
708 return FALSE;
709 }
710 }
711
712 void AUTH_do_cred_dialog(PTInstVar pvar)
713 {
714 if (pvar->auth_state.auth_dialog == NULL) {
715 HWND cur_active = GetActiveWindow();
716 DLGPROC dlg_proc;
717 LPCTSTR dialog_template;
718
719 switch (pvar->auth_state.mode) {
720 case TIS_AUTH_MODE:
721 dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
722 dlg_proc = TIS_dlg_proc;
723 break;
724 case GENERIC_AUTH_MODE:
725 default:
726 dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
727 dlg_proc = auth_dlg_proc;
728 }
729
730 if (!DialogBoxParam(hInst, dialog_template,
731 cur_active !=
732 NULL ? cur_active : pvar->NotificationWindow,
733 dlg_proc, (LPARAM) pvar) == -1) {
734 notify_fatal_error(pvar,
735 "Unable to display authentication dialog box.\n"
736 "Connection terminated.");
737 }
738 }
739 }
740
741 static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
742 {
743 switch (pvar->settings.DefaultAuthMethod) {
744 case SSH_AUTH_RSA:
745 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
746 IDC_SSHUSERSA);
747 break;
748 case SSH_AUTH_RHOSTS:
749 case SSH_AUTH_RHOSTS_RSA:
750 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
751 IDC_SSHUSERHOSTS);
752 break;
753 case SSH_AUTH_TIS:
754 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
755 IDC_SSHUSETIS);
756 break;
757 case SSH_AUTH_PASSWORD:
758 default:
759 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
760 IDC_SSHUSEPASSWORD);
761 }
762
763 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
764 SetDlgItemText(dlg, IDC_RSAFILENAME,
765 pvar->settings.DefaultRSAPrivateKeyFile);
766 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
767 pvar->settings.DefaultRhostsHostPrivateKeyFile);
768 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
769 pvar->settings.DefaultRhostsLocalUserName);
770 }
771
772 static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
773 {
774 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
775 pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
776 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
777 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
778 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
779 } else {
780 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
781 }
782 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
783 pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
784 } else {
785 pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
786 }
787
788 GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
789 sizeof(pvar->settings.DefaultUserName));
790 GetDlgItemText(dlg, IDC_RSAFILENAME,
791 pvar->settings.DefaultRSAPrivateKeyFile,
792 sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
793 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
794 pvar->settings.DefaultRhostsHostPrivateKeyFile,
795 sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
796 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
797 pvar->settings.DefaultRhostsLocalUserName,
798 sizeof(pvar->settings.DefaultRhostsLocalUserName));
799
800 EndDialog(dlg, 1);
801 return TRUE;
802 }
803
804 static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
805 WPARAM wParam, LPARAM lParam)
806 {
807 PTInstVar pvar;
808
809 switch (msg) {
810 case WM_INITDIALOG:
811 pvar = (PTInstVar) lParam;
812 SetWindowLong(dlg, DWL_USER, lParam);
813
814 init_default_auth_dlg(pvar, dlg);
815 return TRUE; /* because we do not set the focus */
816
817 case WM_COMMAND:
818 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
819
820 switch (LOWORD(wParam)) {
821 case IDOK:
822 return end_default_auth_dlg(pvar, dlg);
823
824 case IDCANCEL:
825 EndDialog(dlg, 0);
826 return TRUE;
827
828 case IDC_CHOOSERSAFILE:
829 choose_RSA_key_file(dlg);
830 return TRUE;
831
832 case IDC_CHOOSEHOSTRSAFILE:
833 choose_host_RSA_key_file(dlg);
834 return TRUE;
835
836 default:
837 return FALSE;
838 }
839
840 default:
841 return FALSE;
842 }
843 }
844
845 void AUTH_init(PTInstVar pvar)
846 {
847 pvar->auth_state.failed_method = SSH_AUTH_NONE;
848 pvar->auth_state.auth_dialog = NULL;
849 pvar->auth_state.user = NULL;
850 pvar->auth_state.flags = 0;
851 pvar->auth_state.TIS_prompt = NULL;
852 pvar->auth_state.supported_types = 0;
853 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
854 pvar->auth_state.cur_cred.password = NULL;
855 pvar->auth_state.cur_cred.rhosts_client_user = NULL;
856 pvar->auth_state.cur_cred.key_pair = NULL;
857 AUTH_set_generic_mode(pvar);
858 }
859
860 void AUTH_set_generic_mode(PTInstVar pvar)
861 {
862 pvar->auth_state.mode = GENERIC_AUTH_MODE;
863 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
864 }
865
866 void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
867 {
868 if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
869 pvar->auth_state.mode = TIS_AUTH_MODE;
870
871 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
872 pvar->auth_state.TIS_prompt = malloc(len + 1);
873 memcpy(pvar->auth_state.TIS_prompt, prompt, len);
874 pvar->auth_state.TIS_prompt[len] = 0;
875 } else {
876 AUTH_set_generic_mode(pvar);
877 }
878 }
879
880 void AUTH_do_default_cred_dialog(PTInstVar pvar)
881 {
882 HWND cur_active = GetActiveWindow();
883
884 if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
885 cur_active !=
886 NULL ? cur_active : pvar->NotificationWindow,
887 default_auth_dlg_proc, (LPARAM) pvar) == -1) {
888 notify_nonfatal_error(pvar,
889 "Unable to display authentication setup dialog box.");
890 }
891 }
892
893 void AUTH_destroy_cur_cred(PTInstVar pvar)
894 {
895 destroy_malloced_string(&pvar->auth_state.cur_cred.password);
896 destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
897 if (pvar->auth_state.cur_cred.key_pair != NULL) {
898 CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
899 pvar->auth_state.cur_cred.key_pair = NULL;
900 }
901 }
902
903 static char FAR *get_auth_method_name(SSHAuthMethod auth)
904 {
905 switch (auth) {
906 case SSH_AUTH_PASSWORD:
907 return "password";
908 case SSH_AUTH_RSA:
909 return "RSA";
910 case SSH_AUTH_RHOSTS:
911 return "rhosts";
912 case SSH_AUTH_RHOSTS_RSA:
913 return "rhosts with RSA";
914 case SSH_AUTH_TIS:
915 return "challenge/response (TIS)";
916 default:
917 return "unknown method";
918 }
919 }
920
921 void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
922 {
923 char *method = "unknown";
924
925 if (pvar->auth_state.user == NULL) {
926 strncpy(dest, "None", len);
927 } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
928 if (SSHv1(pvar)) {
929 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
930 get_auth_method_name(pvar->auth_state.cur_cred.method));
931
932 } else { // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
933 if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
934 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
935 if (pvar->keyboard_interactive_done == 1) {
936 method = "keyboard-interactive";
937 } else {
938 method = get_auth_method_name(pvar->auth_state.cur_cred.method);
939 }
940 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
941
942 } else {
943 if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
944 method = "RSA";
945 } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
946 method = "DSA";
947 }
948 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
949 }
950
951 }
952
953 } else {
954 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
955 get_auth_method_name(pvar->auth_state.failed_method));
956 }
957
958 dest[len - 1] = 0;
959 }
960
961 void AUTH_notify_disconnecting(PTInstVar pvar)
962 {
963 if (pvar->auth_state.auth_dialog != NULL) {
964 PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
965 /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
966 EnableWindow(pvar->NotificationWindow, TRUE);
967 }
968 }
969
970 void AUTH_end(PTInstVar pvar)
971 {
972 destroy_malloced_string(&pvar->auth_state.user);
973 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
974
975 AUTH_destroy_cur_cred(pvar);
976 }
977
978 /*
979 * $Log: not supported by cvs2svn $
980 * Revision 1.5 2004/12/27 14:35:41 yutakakn
981 * SSH2�����������������s�����G���[���b�Z�[�W�����������B
982 *
983 * Revision 1.4 2004/12/22 17:28:14 yutakakn
984 * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
985 *
986 * Revision 1.3 2004/12/16 13:01:09 yutakakn
987 * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
988 *
989 * Revision 1.2 2004/12/01 15:37:49 yutakakn
990 * SSH2�������O�C���@�\�������B
991 * �����A�p�X���[�h�F�������������B
992 * �E�R�}���h���C��
993 * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
994 *
995 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help