Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Contents of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2789 - (show annotations) (download) (as text)
Tue Feb 22 08:48:11 2005 UTC (19 years, 1 month ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 29106 byte(s) 
TTSSH setupダイアログに HeartBeat 設定を追加。
TTSSH authentication setupダイアログに keyboard-interactive 設定を追加。
1 /*
2 Copyright (c) 1998-2001, Robert O'Callahan
3 All rights reserved.
4
5 Redistribution and use in source and binary forms, with or without modification,
6 are permitted provided that the following conditions are met:
7
8 Redistributions of source code must retain the above copyright notice, this list of
9 conditions and the following disclaimer.
10
11 Redistributions in binary form must reproduce the above copyright notice, this list
12 of conditions and the following disclaimer in the documentation and/or other materials
13 provided with the distribution.
14
15 The name of Robert O'Callahan may not be used to endorse or promote products derived from
16 this software without specific prior written permission.
17
18 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21 THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include "ttxssh.h"
30 #include "util.h"
31
32 #include <io.h>
33 #include <fcntl.h>
34 #include <stdlib.h>
35 #include <errno.h>
36
37 #include "resource.h"
38 #include "keyfiles.h"
39
40 #define AUTH_START_USER_AUTH_ON_ERROR_END 1
41
42 #define MAX_AUTH_CONTROL IDC_SSHUSETIS
43
44 static void destroy_malloced_string(char FAR * FAR * str)
45 {
46 if (*str != NULL) {
47 memset(*str, 0, strlen(*str));
48 free(*str);
49 *str = NULL;
50 }
51 }
52
53 static int auth_types_to_control_IDs[] = {
54 -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
55 IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
56 };
57
58 static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
59 WPARAM wParam, LPARAM lParam)
60 {
61 switch (msg) {
62 case WM_CHAR:
63 if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
64 char chars[] = { (char) wParam, 0 };
65
66 SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
67 (LPARAM) (char FAR *) chars);
68 return 0;
69 }
70 }
71
72 return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
73 control, msg, wParam, lParam);
74 }
75
76 static void init_password_control(HWND dlg)
77 {
78 HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
79
80 SetWindowLong(passwordControl, GWL_USERDATA,
81 SetWindowLong(passwordControl, GWL_WNDPROC,
82 (LONG) password_wnd_proc));
83
84 SetFocus(passwordControl);
85 }
86
87 static void set_auth_options_status(HWND dlg, int controlID)
88 {
89 BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
90 BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
91 BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
92 int i;
93
94 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
95
96 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
97 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
98
99 for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
100 EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
101 }
102
103 for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
104 EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
105 }
106 }
107
108 static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
109 {
110 char buf[1024] = "Logging in to ";
111
112 if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
113 strcat(buf, SSH_get_host_name(pvar));
114 }
115 SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
116 }
117
118 static void update_server_supported_types(PTInstVar pvar, HWND dlg)
119 {
120 int supported_methods = pvar->auth_state.supported_types;
121 int cur_control = -1;
122 int control;
123 HWND focus = GetFocus();
124
125 if (supported_methods == 0) {
126 return;
127 }
128
129 for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
130 control++) {
131 BOOL enabled = FALSE;
132 int method;
133 HWND item = GetDlgItem(dlg, control);
134
135 if (item != NULL) {
136 for (method = 0; method <= SSH_AUTH_MAX; method++) {
137 if (auth_types_to_control_IDs[method] == control
138 && (supported_methods & (1 << method)) != 0) {
139 enabled = TRUE;
140 }
141 }
142
143 EnableWindow(item, enabled);
144
145 if (IsDlgButtonChecked(dlg, control)) {
146 cur_control = control;
147 }
148 }
149 }
150
151 if (cur_control >= 0) {
152 if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
153 do {
154 cur_control++;
155 if (cur_control > MAX_AUTH_CONTROL) {
156 cur_control = IDC_SSHUSEPASSWORD;
157 }
158 } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
159
160 set_auth_options_status(dlg, cur_control);
161
162 if (focus != NULL && !IsWindowEnabled(focus)) {
163 SetFocus(GetDlgItem(dlg, cur_control));
164 }
165 }
166 }
167 }
168
169 static void init_auth_dlg(PTInstVar pvar, HWND dlg)
170 {
171 int default_method = pvar->session_settings.DefaultAuthMethod;
172
173 init_auth_machine_banner(pvar, dlg);
174 init_password_control(dlg);
175
176 if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
177 /* must be retrying a failed attempt */
178 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
179 "Authentication failed. Please retry.");
180 SetWindowText(dlg, "Retrying SSH Authentication");
181 default_method = pvar->auth_state.failed_method;
182 }
183
184 set_auth_options_status(dlg,
185 auth_types_to_control_IDs[default_method]);
186
187 if (default_method == SSH_AUTH_TIS) {
188 /* we disabled the password control, so fix the focus */
189 SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
190 }
191
192 if (pvar->auth_state.user != NULL) {
193 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
194 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
195 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
196 } else if (pvar->session_settings.DefaultUserName[0] != 0) {
197 SetDlgItemText(dlg, IDC_SSHUSERNAME,
198 pvar->session_settings.DefaultUserName);
199 } else {
200 SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
201 }
202
203 SetDlgItemText(dlg, IDC_RSAFILENAME,
204 pvar->session_settings.DefaultRSAPrivateKeyFile);
205 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
206 pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
207 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
208 pvar->session_settings.DefaultRhostsLocalUserName);
209
210 update_server_supported_types(pvar, dlg);
211
212 // SSH2 autologin
213 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
214 //
215 // (2004.12.1 yutaka)
216 // (2005.1.26 yutaka) ���J���F���T�|�[�g
217 if (pvar->ssh2_autologin == 1) {
218 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
219 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
220 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
221
222 SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
223 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
224 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
225
226 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
227 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
228
229 } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
230 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
231
232 SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
233 EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
234 EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
235
236 } else {
237 // TODO
238
239 }
240 }
241
242 }
243
244 static char FAR *alloc_control_text(HWND ctl)
245 {
246 int len = GetWindowTextLength(ctl);
247 char FAR *result = malloc(len + 1);
248
249 if (result != NULL) {
250 GetWindowText(ctl, result, len + 1);
251 result[len] = 0;
252 }
253
254 return result;
255 }
256
257 static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
258 {
259 #ifdef TERATERM32
260 OPENFILENAME params;
261 char fullname_buf[2048] = "identity";
262
263 ZeroMemory(&params, sizeof(params));
264 params.lStructSize = sizeof(OPENFILENAME);
265 params.hwndOwner = parent;
266 // �t�B���^������ (2004.12.19 yutaka)
267 params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
268 params.lpstrCustomFilter = NULL;
269 params.nFilterIndex = 0;
270 buf[0] = 0;
271 params.lpstrFile = fullname_buf;
272 params.nMaxFile = sizeof(fullname_buf);
273 params.lpstrFileTitle = NULL;
274 params.lpstrInitialDir = NULL;
275 params.lpstrTitle = "Choose a file with the RSA private key";
276 params.Flags =
277 OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
278 params.lpstrDefExt = NULL;
279
280 if (GetOpenFileName(&params) != 0) {
281 copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
282 return 1;
283 } else {
284 return 0;
285 }
286 #else
287 return 0;
288 #endif
289 }
290
291 static void choose_RSA_key_file(HWND dlg)
292 {
293 char buf[1024];
294
295 if (get_key_file_name(dlg, buf, sizeof(buf))) {
296 SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
297 }
298 }
299
300 static void choose_host_RSA_key_file(HWND dlg)
301 {
302 char buf[1024];
303
304 if (get_key_file_name(dlg, buf, sizeof(buf))) {
305 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
306 }
307 }
308
309 static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
310 {
311 int method = SSH_AUTH_PASSWORD;
312 char FAR *password =
313 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
314 CRYPTKeyPair FAR *key_pair = NULL;
315
316 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
317 method = SSH_AUTH_RSA;
318 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
319 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
320 method = SSH_AUTH_RHOSTS_RSA;
321 } else {
322 method = SSH_AUTH_RHOSTS;
323 }
324 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
325 method = SSH_AUTH_TIS;
326 }
327
328 if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
329 char buf[2048];
330 int file_ctl_ID =
331 method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
332
333 buf[0] = 0;
334 GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
335 if (buf[0] == 0) {
336 notify_nonfatal_error(pvar,
337 "You must specify a file containing the RSA/DSA private key.");
338 SetFocus(GetDlgItem(dlg, file_ctl_ID));
339 destroy_malloced_string(&password);
340 return FALSE;
341 }
342
343 if (SSHv1(pvar)) {
344 BOOL invalid_passphrase = FALSE;
345
346 key_pair = KEYFILES_read_private_key(pvar, buf, password,
347 &invalid_passphrase,
348 FALSE);
349
350 if (key_pair == NULL) {
351 if (invalid_passphrase) {
352 HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
353
354 SetFocus(passwordCtl);
355 SendMessage(passwordCtl, EM_SETSEL, 0, -1);
356 } else {
357 SetFocus(GetDlgItem(dlg, file_ctl_ID));
358 }
359 destroy_malloced_string(&password);
360 return FALSE;
361 }
362
363 } else { // SSH2(yutaka)
364 BOOL invalid_passphrase = FALSE;
365 char errmsg[256];
366
367 memset(errmsg, 0, sizeof(errmsg));
368 //GetCurrentDirectory(sizeof(errmsg), errmsg);
369
370 key_pair = read_SSH2_private_key(pvar, buf, password,
371 &invalid_passphrase,
372 FALSE,
373 errmsg,
374 sizeof(errmsg)
375 );
376
377 if (key_pair == NULL) { // read error
378 char buf[1024];
379 _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
380 notify_nonfatal_error(pvar, buf);
381 destroy_malloced_string(&password);
382 return FALSE;
383 }
384
385 }
386
387 }
388
389 /* from here on, we cannot fail, so just munge cur_cred in place */
390 pvar->auth_state.cur_cred.method = method;
391 pvar->auth_state.cur_cred.key_pair = key_pair;
392 /* we can't change the user name once it's set. It may already have
393 been sent to the server, and it can only be sent once. */
394 if (pvar->auth_state.user == NULL) {
395 pvar->auth_state.user =
396 alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
397 }
398 if (method == SSH_AUTH_PASSWORD) {
399 pvar->auth_state.cur_cred.password = password;
400 } else {
401 destroy_malloced_string(&password);
402 }
403 if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
404 if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
405 notify_nonfatal_error(pvar,
406 "Rhosts authentication will probably fail because it was not "
407 "the default authentication method.\n"
408 "To use Rhosts authentication "
409 "in TTSSH, you need to set it to be the default by restarting\n"
410 "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
411 "before connecting.");
412 }
413
414 pvar->auth_state.cur_cred.rhosts_client_user =
415 alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
416 }
417 pvar->auth_state.auth_dialog = NULL;
418
419 GetDlgItemText(dlg, IDC_RSAFILENAME,
420 pvar->session_settings.DefaultRSAPrivateKeyFile,
421 sizeof(pvar->session_settings.
422 DefaultRSAPrivateKeyFile));
423 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
424 pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
425 sizeof(pvar->session_settings.
426 DefaultRhostsHostPrivateKeyFile));
427 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
428 pvar->session_settings.DefaultRhostsLocalUserName,
429 sizeof(pvar->session_settings.
430 DefaultRhostsLocalUserName));
431
432 if (SSHv1(pvar)) {
433 SSH_notify_user_name(pvar);
434 SSH_notify_cred(pvar);
435 } else {
436 // for SSH2(yutaka)
437 do_SSH2_userauth(pvar);
438 }
439
440 EndDialog(dlg, 1);
441 return TRUE;
442 }
443
444 static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
445 LPARAM lParam)
446 {
447 const int IDC_TIMER1 = 300;
448 const int autologin_timeout = 10; // �~���b
449 PTInstVar pvar;
450
451 switch (msg) {
452 case WM_INITDIALOG:
453 pvar = (PTInstVar) lParam;
454 pvar->auth_state.auth_dialog = dlg;
455 SetWindowLong(dlg, DWL_USER, lParam);
456
457 init_auth_dlg(pvar, dlg);
458
459 // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
460 if (pvar->ssh2_autologin == 1) {
461 SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
462 }
463 return FALSE; /* because we set the focus */
464
465 case WM_TIMER:
466 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
467 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
468 if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
469 KillTimer(dlg, IDC_TIMER1);
470 SendMessage(dlg, WM_COMMAND, IDOK, 0);
471 }
472 return TRUE;
473
474 case WM_COMMAND:
475 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
476
477 switch (LOWORD(wParam)) {
478 case IDOK:
479 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
480 if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
481 return FALSE;
482 }
483 return end_auth_dlg(pvar, dlg);
484
485 case IDCANCEL: /* kill the connection */
486 pvar->auth_state.auth_dialog = NULL;
487 notify_closed_connection(pvar);
488 EndDialog(dlg, 0);
489 return TRUE;
490
491 case IDC_SSHUSEPASSWORD:
492 case IDC_SSHUSERSA:
493 case IDC_SSHUSERHOSTS:
494 case IDC_SSHUSETIS:
495 set_auth_options_status(dlg, LOWORD(wParam));
496 return TRUE;
497
498 case IDC_CHOOSERSAFILE:
499 choose_RSA_key_file(dlg);
500 return TRUE;
501
502 case IDC_CHOOSEHOSTRSAFILE:
503 choose_host_RSA_key_file(dlg);
504 return TRUE;
505
506 default:
507 return FALSE;
508 }
509
510 default:
511 return FALSE;
512 }
513 }
514
515 char FAR *AUTH_get_user_name(PTInstVar pvar)
516 {
517 return pvar->auth_state.user;
518 }
519
520 int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
521 {
522 char buf[1024];
523
524 _snprintf(buf, sizeof(buf),
525 "Server reports supported authentication method mask = %d",
526 types);
527 buf[sizeof(buf) - 1] = 0;
528 notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
529
530 if (SSHv1(pvar)) {
531 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
532 | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
533 | (1 << SSH_AUTH_TIS);
534 } else {
535 // for SSH2(yutaka)
536 // types &= (1 << SSH_AUTH_PASSWORD);
537 // ���J���F�����L�������� (2004.12.18 yutaka)
538 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
539 | (1 << SSH_AUTH_DSA);
540 }
541 pvar->auth_state.supported_types = types;
542
543 if (types == 0) {
544 notify_fatal_error(pvar,
545 "Server does not support any of the authentication options\n"
546 "provided by TTSSH. This connection will now close.");
547 return 0;
548 } else {
549 if (pvar->auth_state.auth_dialog != NULL) {
550 update_server_supported_types(pvar,
551 pvar->auth_state.auth_dialog);
552 }
553
554 return 1;
555 }
556 }
557
558 static void start_user_auth(PTInstVar pvar)
559 {
560 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
561 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
562 (LPARAM) NULL);
563 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
564 }
565
566 static void try_default_auth(PTInstVar pvar)
567 {
568 if (pvar->session_settings.TryDefaultAuth) {
569 switch (pvar->session_settings.DefaultAuthMethod) {
570 case SSH_AUTH_RSA:{
571 BOOL invalid_passphrase;
572 char password[] = "";
573
574 pvar->auth_state.cur_cred.key_pair
575 =
576 KEYFILES_read_private_key(pvar,
577 pvar->session_settings.
578 DefaultRSAPrivateKeyFile,
579 password,
580 &invalid_passphrase, TRUE);
581 if (pvar->auth_state.cur_cred.key_pair == NULL) {
582 return;
583 } else {
584 pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
585 }
586 break;
587 }
588
589 case SSH_AUTH_RHOSTS:
590 if (pvar->session_settings.
591 DefaultRhostsHostPrivateKeyFile[0] != 0) {
592 BOOL invalid_passphrase;
593 char password[] = "";
594
595 pvar->auth_state.cur_cred.key_pair
596 =
597 KEYFILES_read_private_key(pvar,
598 pvar->session_settings.
599 DefaultRhostsHostPrivateKeyFile,
600 password,
601 &invalid_passphrase, TRUE);
602 if (pvar->auth_state.cur_cred.key_pair == NULL) {
603 return;
604 } else {
605 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
606 }
607 } else {
608 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
609 }
610
611 pvar->auth_state.cur_cred.rhosts_client_user =
612 _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
613 break;
614
615 case SSH_AUTH_PASSWORD:
616 pvar->auth_state.cur_cred.password = _strdup("");
617 pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
618 break;
619
620 case SSH_AUTH_TIS:
621 default:
622 return;
623 }
624
625 pvar->auth_state.user =
626 _strdup(pvar->session_settings.DefaultUserName);
627 }
628 }
629
630 void AUTH_notify_end_error(PTInstVar pvar)
631 {
632 if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
633 start_user_auth(pvar);
634 pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
635 }
636 }
637
638 void AUTH_advance_to_next_cred(PTInstVar pvar)
639 {
640 pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
641
642 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
643 try_default_auth(pvar);
644
645 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
646 if (pvar->err_msg != NULL) {
647 pvar->auth_state.flags |=
648 AUTH_START_USER_AUTH_ON_ERROR_END;
649 } else {
650 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
651 // �R�}���h���C���w������������
652 start_user_auth(pvar);
653 }
654 }
655 } else {
656 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
657 // �R�}���h���C���w������(/auth=xxxx)������
658 start_user_auth(pvar);
659 }
660 }
661
662 static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
663 {
664 init_auth_machine_banner(pvar, dlg);
665 init_password_control(dlg);
666
667 if (pvar->auth_state.TIS_prompt != NULL) {
668 if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
669 pvar->auth_state.TIS_prompt[10000] = 0;
670 }
671 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
672 pvar->auth_state.TIS_prompt);
673 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
674 }
675 }
676
677 static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
678 {
679 char FAR *password =
680 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
681
682 pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
683 pvar->auth_state.cur_cred.password = password;
684 pvar->auth_state.auth_dialog = NULL;
685
686 SSH_notify_cred(pvar);
687
688 EndDialog(dlg, 1);
689 return TRUE;
690 }
691
692 static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
693 LPARAM lParam)
694 {
695 PTInstVar pvar;
696
697 switch (msg) {
698 case WM_INITDIALOG:
699 pvar = (PTInstVar) lParam;
700 pvar->auth_state.auth_dialog = dlg;
701 SetWindowLong(dlg, DWL_USER, lParam);
702
703 init_TIS_dlg(pvar, dlg);
704 return FALSE; /* because we set the focus */
705
706 case WM_COMMAND:
707 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
708
709 switch (LOWORD(wParam)) {
710 case IDOK:
711 return end_TIS_dlg(pvar, dlg);
712
713 case IDCANCEL: /* kill the connection */
714 pvar->auth_state.auth_dialog = NULL;
715 notify_closed_connection(pvar);
716 EndDialog(dlg, 0);
717 return TRUE;
718
719 default:
720 return FALSE;
721 }
722
723 default:
724 return FALSE;
725 }
726 }
727
728 void AUTH_do_cred_dialog(PTInstVar pvar)
729 {
730 if (pvar->auth_state.auth_dialog == NULL) {
731 HWND cur_active = GetActiveWindow();
732 DLGPROC dlg_proc;
733 LPCTSTR dialog_template;
734
735 switch (pvar->auth_state.mode) {
736 case TIS_AUTH_MODE:
737 dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
738 dlg_proc = TIS_dlg_proc;
739 break;
740 case GENERIC_AUTH_MODE:
741 default:
742 dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
743 dlg_proc = auth_dlg_proc;
744 }
745
746 if (!DialogBoxParam(hInst, dialog_template,
747 cur_active !=
748 NULL ? cur_active : pvar->NotificationWindow,
749 dlg_proc, (LPARAM) pvar) == -1) {
750 notify_fatal_error(pvar,
751 "Unable to display authentication dialog box.\n"
752 "Connection terminated.");
753 }
754 }
755 }
756
757 static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
758 {
759 switch (pvar->settings.DefaultAuthMethod) {
760 case SSH_AUTH_RSA:
761 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
762 IDC_SSHUSERSA);
763 break;
764 case SSH_AUTH_RHOSTS:
765 case SSH_AUTH_RHOSTS_RSA:
766 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
767 IDC_SSHUSERHOSTS);
768 break;
769 case SSH_AUTH_TIS:
770 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
771 IDC_SSHUSETIS);
772 break;
773 case SSH_AUTH_PASSWORD:
774 default:
775 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
776 IDC_SSHUSEPASSWORD);
777 }
778
779 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
780 SetDlgItemText(dlg, IDC_RSAFILENAME,
781 pvar->settings.DefaultRSAPrivateKeyFile);
782 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
783 pvar->settings.DefaultRhostsHostPrivateKeyFile);
784 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
785 pvar->settings.DefaultRhostsLocalUserName);
786
787 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
788 if (pvar->settings.ssh2_keyboard_interactive) {
789 SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
790 }
791
792 }
793
794 static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
795 {
796 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
797 pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
798 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
799 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
800 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
801 } else {
802 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
803 }
804 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
805 pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
806 } else {
807 pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
808 }
809
810 GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
811 sizeof(pvar->settings.DefaultUserName));
812 GetDlgItemText(dlg, IDC_RSAFILENAME,
813 pvar->settings.DefaultRSAPrivateKeyFile,
814 sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
815 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
816 pvar->settings.DefaultRhostsHostPrivateKeyFile,
817 sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
818 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
819 pvar->settings.DefaultRhostsLocalUserName,
820 sizeof(pvar->settings.DefaultRhostsLocalUserName));
821
822 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
823 {
824 LRESULT ret;
825 ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
826 if (ret & BST_CHECKED) {
827 pvar->settings.ssh2_keyboard_interactive = 1;
828 } else {
829 pvar->settings.ssh2_keyboard_interactive = 0;
830 }
831 }
832
833 EndDialog(dlg, 1);
834 return TRUE;
835 }
836
837 static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
838 WPARAM wParam, LPARAM lParam)
839 {
840 PTInstVar pvar;
841
842 switch (msg) {
843 case WM_INITDIALOG:
844 pvar = (PTInstVar) lParam;
845 SetWindowLong(dlg, DWL_USER, lParam);
846
847 init_default_auth_dlg(pvar, dlg);
848 return TRUE; /* because we do not set the focus */
849
850 case WM_COMMAND:
851 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
852
853 switch (LOWORD(wParam)) {
854 case IDOK:
855 return end_default_auth_dlg(pvar, dlg);
856
857 case IDCANCEL:
858 EndDialog(dlg, 0);
859 return TRUE;
860
861 case IDC_CHOOSERSAFILE:
862 choose_RSA_key_file(dlg);
863 return TRUE;
864
865 case IDC_CHOOSEHOSTRSAFILE:
866 choose_host_RSA_key_file(dlg);
867 return TRUE;
868
869 default:
870 return FALSE;
871 }
872
873 default:
874 return FALSE;
875 }
876 }
877
878 void AUTH_init(PTInstVar pvar)
879 {
880 pvar->auth_state.failed_method = SSH_AUTH_NONE;
881 pvar->auth_state.auth_dialog = NULL;
882 pvar->auth_state.user = NULL;
883 pvar->auth_state.flags = 0;
884 pvar->auth_state.TIS_prompt = NULL;
885 pvar->auth_state.supported_types = 0;
886 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
887 pvar->auth_state.cur_cred.password = NULL;
888 pvar->auth_state.cur_cred.rhosts_client_user = NULL;
889 pvar->auth_state.cur_cred.key_pair = NULL;
890 AUTH_set_generic_mode(pvar);
891 }
892
893 void AUTH_set_generic_mode(PTInstVar pvar)
894 {
895 pvar->auth_state.mode = GENERIC_AUTH_MODE;
896 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
897 }
898
899 void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
900 {
901 if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
902 pvar->auth_state.mode = TIS_AUTH_MODE;
903
904 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
905 pvar->auth_state.TIS_prompt = malloc(len + 1);
906 memcpy(pvar->auth_state.TIS_prompt, prompt, len);
907 pvar->auth_state.TIS_prompt[len] = 0;
908 } else {
909 AUTH_set_generic_mode(pvar);
910 }
911 }
912
913 void AUTH_do_default_cred_dialog(PTInstVar pvar)
914 {
915 HWND cur_active = GetActiveWindow();
916
917 if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
918 cur_active !=
919 NULL ? cur_active : pvar->NotificationWindow,
920 default_auth_dlg_proc, (LPARAM) pvar) == -1) {
921 notify_nonfatal_error(pvar,
922 "Unable to display authentication setup dialog box.");
923 }
924 }
925
926 void AUTH_destroy_cur_cred(PTInstVar pvar)
927 {
928 destroy_malloced_string(&pvar->auth_state.cur_cred.password);
929 destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
930 if (pvar->auth_state.cur_cred.key_pair != NULL) {
931 CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
932 pvar->auth_state.cur_cred.key_pair = NULL;
933 }
934 }
935
936 static char FAR *get_auth_method_name(SSHAuthMethod auth)
937 {
938 switch (auth) {
939 case SSH_AUTH_PASSWORD:
940 return "password";
941 case SSH_AUTH_RSA:
942 return "RSA";
943 case SSH_AUTH_RHOSTS:
944 return "rhosts";
945 case SSH_AUTH_RHOSTS_RSA:
946 return "rhosts with RSA";
947 case SSH_AUTH_TIS:
948 return "challenge/response (TIS)";
949 default:
950 return "unknown method";
951 }
952 }
953
954 void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
955 {
956 char *method = "unknown";
957
958 if (pvar->auth_state.user == NULL) {
959 strncpy(dest, "None", len);
960 } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
961 if (SSHv1(pvar)) {
962 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
963 get_auth_method_name(pvar->auth_state.cur_cred.method));
964
965 } else { // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
966 if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
967 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
968 if (pvar->keyboard_interactive_done == 1) {
969 method = "keyboard-interactive";
970 } else {
971 method = get_auth_method_name(pvar->auth_state.cur_cred.method);
972 }
973 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
974
975 } else {
976 if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
977 method = "RSA";
978 } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
979 method = "DSA";
980 }
981 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
982 }
983
984 }
985
986 } else {
987 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
988 get_auth_method_name(pvar->auth_state.failed_method));
989 }
990
991 dest[len - 1] = 0;
992 }
993
994 void AUTH_notify_disconnecting(PTInstVar pvar)
995 {
996 if (pvar->auth_state.auth_dialog != NULL) {
997 PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
998 /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
999 EnableWindow(pvar->NotificationWindow, TRUE);
1000 }
1001 }
1002
1003 void AUTH_end(PTInstVar pvar)
1004 {
1005 destroy_malloced_string(&pvar->auth_state.user);
1006 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1007
1008 AUTH_destroy_cur_cred(pvar);
1009 }
1010
1011 /*
1012 * $Log: not supported by cvs2svn $
1013 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1014 * ���J���F���������O�C�����T�|�[�g�B
1015 * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1016 * �����A�����������������T�|�[�g�B
1017 *
1018 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1019 * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1020 * �A�v���P�[�V�����G���[���������������������B
1021 *
1022 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1023 * �Ekeyboard-interactive�F�����T�|�[�g�����B
1024 * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1025 * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1026 *
1027 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1028 * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1029 *
1030 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1031 * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1032 *
1033 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1034 * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1035 *
1036 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1037 * SSH2�������O�C���@�\�������B
1038 * �����A�p�X���[�h�F�������������B
1039 * �E�R�}���h���C��
1040 * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1041 *
1042 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help