Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Contents of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2799 - (show annotations) (download) (as text)
Sat Mar 12 12:08:05 2005 UTC (19 years, 1 month ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 29560 byte(s) 
パスワード認証の前に行うkeyboard-interactiveメソッドで、デフォルト設定値を無効(0)にした。
また、認証ダイアログのラベル名を設定の有無により変更するようにした。
1 /*
2 Copyright (c) 1998-2001, Robert O'Callahan
3 All rights reserved.
4
5 Redistribution and use in source and binary forms, with or without modification,
6 are permitted provided that the following conditions are met:
7
8 Redistributions of source code must retain the above copyright notice, this list of
9 conditions and the following disclaimer.
10
11 Redistributions in binary form must reproduce the above copyright notice, this list
12 of conditions and the following disclaimer in the documentation and/or other materials
13 provided with the distribution.
14
15 The name of Robert O'Callahan may not be used to endorse or promote products derived from
16 this software without specific prior written permission.
17
18 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21 THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include "ttxssh.h"
30 #include "util.h"
31
32 #include <io.h>
33 #include <fcntl.h>
34 #include <stdlib.h>
35 #include <errno.h>
36
37 #include "resource.h"
38 #include "keyfiles.h"
39
40 #define AUTH_START_USER_AUTH_ON_ERROR_END 1
41
42 #define MAX_AUTH_CONTROL IDC_SSHUSETIS
43
44 static void destroy_malloced_string(char FAR * FAR * str)
45 {
46 if (*str != NULL) {
47 memset(*str, 0, strlen(*str));
48 free(*str);
49 *str = NULL;
50 }
51 }
52
53 static int auth_types_to_control_IDs[] = {
54 -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
55 IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
56 };
57
58 static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
59 WPARAM wParam, LPARAM lParam)
60 {
61 switch (msg) {
62 case WM_CHAR:
63 if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
64 char chars[] = { (char) wParam, 0 };
65
66 SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
67 (LPARAM) (char FAR *) chars);
68 return 0;
69 }
70 }
71
72 return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
73 control, msg, wParam, lParam);
74 }
75
76 static void init_password_control(HWND dlg)
77 {
78 HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
79
80 SetWindowLong(passwordControl, GWL_USERDATA,
81 SetWindowLong(passwordControl, GWL_WNDPROC,
82 (LONG) password_wnd_proc));
83
84 SetFocus(passwordControl);
85 }
86
87 static void set_auth_options_status(HWND dlg, int controlID)
88 {
89 BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
90 BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
91 BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
92 int i;
93
94 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
95
96 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
97 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
98
99 for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
100 EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
101 }
102
103 for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
104 EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
105 }
106 }
107
108 static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
109 {
110 char buf[1024] = "Logging in to ";
111
112 if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
113 strcat(buf, SSH_get_host_name(pvar));
114 }
115 SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
116 }
117
118 static void update_server_supported_types(PTInstVar pvar, HWND dlg)
119 {
120 int supported_methods = pvar->auth_state.supported_types;
121 int cur_control = -1;
122 int control;
123 HWND focus = GetFocus();
124
125 if (supported_methods == 0) {
126 return;
127 }
128
129 for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
130 control++) {
131 BOOL enabled = FALSE;
132 int method;
133 HWND item = GetDlgItem(dlg, control);
134
135 if (item != NULL) {
136 for (method = 0; method <= SSH_AUTH_MAX; method++) {
137 if (auth_types_to_control_IDs[method] == control
138 && (supported_methods & (1 << method)) != 0) {
139 enabled = TRUE;
140 }
141 }
142
143 EnableWindow(item, enabled);
144
145 if (IsDlgButtonChecked(dlg, control)) {
146 cur_control = control;
147 }
148 }
149 }
150
151 if (cur_control >= 0) {
152 if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
153 do {
154 cur_control++;
155 if (cur_control > MAX_AUTH_CONTROL) {
156 cur_control = IDC_SSHUSEPASSWORD;
157 }
158 } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
159
160 set_auth_options_status(dlg, cur_control);
161
162 if (focus != NULL && !IsWindowEnabled(focus)) {
163 SetFocus(GetDlgItem(dlg, cur_control));
164 }
165 }
166 }
167 }
168
169 static void init_auth_dlg(PTInstVar pvar, HWND dlg)
170 {
171 int default_method = pvar->session_settings.DefaultAuthMethod;
172
173 init_auth_machine_banner(pvar, dlg);
174 init_password_control(dlg);
175
176 if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
177 /* must be retrying a failed attempt */
178 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
179 "Authentication failed. Please retry.");
180 SetWindowText(dlg, "Retrying SSH Authentication");
181 default_method = pvar->auth_state.failed_method;
182 }
183
184 set_auth_options_status(dlg,
185 auth_types_to_control_IDs[default_method]);
186
187 if (default_method == SSH_AUTH_TIS) {
188 /* we disabled the password control, so fix the focus */
189 SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
190 }
191
192 if (pvar->auth_state.user != NULL) {
193 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
194 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
195 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
196 } else if (pvar->session_settings.DefaultUserName[0] != 0) {
197 SetDlgItemText(dlg, IDC_SSHUSERNAME,
198 pvar->session_settings.DefaultUserName);
199 } else {
200 SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
201 }
202
203 SetDlgItemText(dlg, IDC_RSAFILENAME,
204 pvar->session_settings.DefaultRSAPrivateKeyFile);
205 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
206 pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
207 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
208 pvar->session_settings.DefaultRhostsLocalUserName);
209
210 update_server_supported_types(pvar, dlg);
211
212 // SSH2 autologin
213 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
214 //
215 // (2004.12.1 yutaka)
216 // (2005.1.26 yutaka) ���J���F���T�|�[�g
217 if (pvar->ssh2_autologin == 1) {
218 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
219 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
220 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
221
222 SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
223 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
224 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
225
226 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
227 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
228
229 } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
230 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
231
232 SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
233 EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
234 EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
235
236 } else {
237 // TODO
238
239 }
240 }
241
242 // �p�X���[�h�F���������O���Akeyboard-interactive���\�b�h�������������A���x������
243 // ���X�����B(2005.3.12 yutaka)
244 if (pvar->settings.ssh2_keyboard_interactive == 1) {
245 SetDlgItemText(dlg, IDC_SSHUSEPASSWORD, "Use p&lain password to log in (with keyboard-interactive)");
246 }
247
248 }
249
250 static char FAR *alloc_control_text(HWND ctl)
251 {
252 int len = GetWindowTextLength(ctl);
253 char FAR *result = malloc(len + 1);
254
255 if (result != NULL) {
256 GetWindowText(ctl, result, len + 1);
257 result[len] = 0;
258 }
259
260 return result;
261 }
262
263 static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
264 {
265 #ifdef TERATERM32
266 OPENFILENAME params;
267 char fullname_buf[2048] = "identity";
268
269 ZeroMemory(&params, sizeof(params));
270 params.lStructSize = sizeof(OPENFILENAME);
271 params.hwndOwner = parent;
272 // �t�B���^������ (2004.12.19 yutaka)
273 params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
274 params.lpstrCustomFilter = NULL;
275 params.nFilterIndex = 0;
276 buf[0] = 0;
277 params.lpstrFile = fullname_buf;
278 params.nMaxFile = sizeof(fullname_buf);
279 params.lpstrFileTitle = NULL;
280 params.lpstrInitialDir = NULL;
281 params.lpstrTitle = "Choose a file with the RSA private key";
282 params.Flags =
283 OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
284 params.lpstrDefExt = NULL;
285
286 if (GetOpenFileName(&params) != 0) {
287 copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
288 return 1;
289 } else {
290 return 0;
291 }
292 #else
293 return 0;
294 #endif
295 }
296
297 static void choose_RSA_key_file(HWND dlg)
298 {
299 char buf[1024];
300
301 if (get_key_file_name(dlg, buf, sizeof(buf))) {
302 SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
303 }
304 }
305
306 static void choose_host_RSA_key_file(HWND dlg)
307 {
308 char buf[1024];
309
310 if (get_key_file_name(dlg, buf, sizeof(buf))) {
311 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
312 }
313 }
314
315 static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
316 {
317 int method = SSH_AUTH_PASSWORD;
318 char FAR *password =
319 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
320 CRYPTKeyPair FAR *key_pair = NULL;
321
322 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
323 method = SSH_AUTH_RSA;
324 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
325 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
326 method = SSH_AUTH_RHOSTS_RSA;
327 } else {
328 method = SSH_AUTH_RHOSTS;
329 }
330 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
331 method = SSH_AUTH_TIS;
332 }
333
334 if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
335 char buf[2048];
336 int file_ctl_ID =
337 method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
338
339 buf[0] = 0;
340 GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
341 if (buf[0] == 0) {
342 notify_nonfatal_error(pvar,
343 "You must specify a file containing the RSA/DSA private key.");
344 SetFocus(GetDlgItem(dlg, file_ctl_ID));
345 destroy_malloced_string(&password);
346 return FALSE;
347 }
348
349 if (SSHv1(pvar)) {
350 BOOL invalid_passphrase = FALSE;
351
352 key_pair = KEYFILES_read_private_key(pvar, buf, password,
353 &invalid_passphrase,
354 FALSE);
355
356 if (key_pair == NULL) {
357 if (invalid_passphrase) {
358 HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
359
360 SetFocus(passwordCtl);
361 SendMessage(passwordCtl, EM_SETSEL, 0, -1);
362 } else {
363 SetFocus(GetDlgItem(dlg, file_ctl_ID));
364 }
365 destroy_malloced_string(&password);
366 return FALSE;
367 }
368
369 } else { // SSH2(yutaka)
370 BOOL invalid_passphrase = FALSE;
371 char errmsg[256];
372
373 memset(errmsg, 0, sizeof(errmsg));
374 //GetCurrentDirectory(sizeof(errmsg), errmsg);
375
376 key_pair = read_SSH2_private_key(pvar, buf, password,
377 &invalid_passphrase,
378 FALSE,
379 errmsg,
380 sizeof(errmsg)
381 );
382
383 if (key_pair == NULL) { // read error
384 char buf[1024];
385 _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
386 notify_nonfatal_error(pvar, buf);
387 destroy_malloced_string(&password);
388 return FALSE;
389 }
390
391 }
392
393 }
394
395 /* from here on, we cannot fail, so just munge cur_cred in place */
396 pvar->auth_state.cur_cred.method = method;
397 pvar->auth_state.cur_cred.key_pair = key_pair;
398 /* we can't change the user name once it's set. It may already have
399 been sent to the server, and it can only be sent once. */
400 if (pvar->auth_state.user == NULL) {
401 pvar->auth_state.user =
402 alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
403 }
404 if (method == SSH_AUTH_PASSWORD) {
405 pvar->auth_state.cur_cred.password = password;
406 } else {
407 destroy_malloced_string(&password);
408 }
409 if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
410 if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
411 notify_nonfatal_error(pvar,
412 "Rhosts authentication will probably fail because it was not "
413 "the default authentication method.\n"
414 "To use Rhosts authentication "
415 "in TTSSH, you need to set it to be the default by restarting\n"
416 "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
417 "before connecting.");
418 }
419
420 pvar->auth_state.cur_cred.rhosts_client_user =
421 alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
422 }
423 pvar->auth_state.auth_dialog = NULL;
424
425 GetDlgItemText(dlg, IDC_RSAFILENAME,
426 pvar->session_settings.DefaultRSAPrivateKeyFile,
427 sizeof(pvar->session_settings.
428 DefaultRSAPrivateKeyFile));
429 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
430 pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
431 sizeof(pvar->session_settings.
432 DefaultRhostsHostPrivateKeyFile));
433 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
434 pvar->session_settings.DefaultRhostsLocalUserName,
435 sizeof(pvar->session_settings.
436 DefaultRhostsLocalUserName));
437
438 if (SSHv1(pvar)) {
439 SSH_notify_user_name(pvar);
440 SSH_notify_cred(pvar);
441 } else {
442 // for SSH2(yutaka)
443 do_SSH2_userauth(pvar);
444 }
445
446 EndDialog(dlg, 1);
447 return TRUE;
448 }
449
450 static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
451 LPARAM lParam)
452 {
453 const int IDC_TIMER1 = 300;
454 const int autologin_timeout = 10; // �~���b
455 PTInstVar pvar;
456
457 switch (msg) {
458 case WM_INITDIALOG:
459 pvar = (PTInstVar) lParam;
460 pvar->auth_state.auth_dialog = dlg;
461 SetWindowLong(dlg, DWL_USER, lParam);
462
463 init_auth_dlg(pvar, dlg);
464
465 // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
466 if (pvar->ssh2_autologin == 1) {
467 SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
468 }
469 return FALSE; /* because we set the focus */
470
471 case WM_TIMER:
472 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
473 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
474 if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
475 KillTimer(dlg, IDC_TIMER1);
476 SendMessage(dlg, WM_COMMAND, IDOK, 0);
477 }
478 return TRUE;
479
480 case WM_COMMAND:
481 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
482
483 switch (LOWORD(wParam)) {
484 case IDOK:
485 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
486 if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
487 return FALSE;
488 }
489 return end_auth_dlg(pvar, dlg);
490
491 case IDCANCEL: /* kill the connection */
492 pvar->auth_state.auth_dialog = NULL;
493 notify_closed_connection(pvar);
494 EndDialog(dlg, 0);
495 return TRUE;
496
497 case IDC_SSHUSEPASSWORD:
498 case IDC_SSHUSERSA:
499 case IDC_SSHUSERHOSTS:
500 case IDC_SSHUSETIS:
501 set_auth_options_status(dlg, LOWORD(wParam));
502 return TRUE;
503
504 case IDC_CHOOSERSAFILE:
505 choose_RSA_key_file(dlg);
506 return TRUE;
507
508 case IDC_CHOOSEHOSTRSAFILE:
509 choose_host_RSA_key_file(dlg);
510 return TRUE;
511
512 default:
513 return FALSE;
514 }
515
516 default:
517 return FALSE;
518 }
519 }
520
521 char FAR *AUTH_get_user_name(PTInstVar pvar)
522 {
523 return pvar->auth_state.user;
524 }
525
526 int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
527 {
528 char buf[1024];
529
530 _snprintf(buf, sizeof(buf),
531 "Server reports supported authentication method mask = %d",
532 types);
533 buf[sizeof(buf) - 1] = 0;
534 notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
535
536 if (SSHv1(pvar)) {
537 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
538 | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
539 | (1 << SSH_AUTH_TIS);
540 } else {
541 // for SSH2(yutaka)
542 // types &= (1 << SSH_AUTH_PASSWORD);
543 // ���J���F�����L�������� (2004.12.18 yutaka)
544 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
545 | (1 << SSH_AUTH_DSA);
546 }
547 pvar->auth_state.supported_types = types;
548
549 if (types == 0) {
550 notify_fatal_error(pvar,
551 "Server does not support any of the authentication options\n"
552 "provided by TTSSH. This connection will now close.");
553 return 0;
554 } else {
555 if (pvar->auth_state.auth_dialog != NULL) {
556 update_server_supported_types(pvar,
557 pvar->auth_state.auth_dialog);
558 }
559
560 return 1;
561 }
562 }
563
564 static void start_user_auth(PTInstVar pvar)
565 {
566 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
567 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
568 (LPARAM) NULL);
569 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
570 }
571
572 static void try_default_auth(PTInstVar pvar)
573 {
574 if (pvar->session_settings.TryDefaultAuth) {
575 switch (pvar->session_settings.DefaultAuthMethod) {
576 case SSH_AUTH_RSA:{
577 BOOL invalid_passphrase;
578 char password[] = "";
579
580 pvar->auth_state.cur_cred.key_pair
581 =
582 KEYFILES_read_private_key(pvar,
583 pvar->session_settings.
584 DefaultRSAPrivateKeyFile,
585 password,
586 &invalid_passphrase, TRUE);
587 if (pvar->auth_state.cur_cred.key_pair == NULL) {
588 return;
589 } else {
590 pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
591 }
592 break;
593 }
594
595 case SSH_AUTH_RHOSTS:
596 if (pvar->session_settings.
597 DefaultRhostsHostPrivateKeyFile[0] != 0) {
598 BOOL invalid_passphrase;
599 char password[] = "";
600
601 pvar->auth_state.cur_cred.key_pair
602 =
603 KEYFILES_read_private_key(pvar,
604 pvar->session_settings.
605 DefaultRhostsHostPrivateKeyFile,
606 password,
607 &invalid_passphrase, TRUE);
608 if (pvar->auth_state.cur_cred.key_pair == NULL) {
609 return;
610 } else {
611 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
612 }
613 } else {
614 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
615 }
616
617 pvar->auth_state.cur_cred.rhosts_client_user =
618 _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
619 break;
620
621 case SSH_AUTH_PASSWORD:
622 pvar->auth_state.cur_cred.password = _strdup("");
623 pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
624 break;
625
626 case SSH_AUTH_TIS:
627 default:
628 return;
629 }
630
631 pvar->auth_state.user =
632 _strdup(pvar->session_settings.DefaultUserName);
633 }
634 }
635
636 void AUTH_notify_end_error(PTInstVar pvar)
637 {
638 if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
639 start_user_auth(pvar);
640 pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
641 }
642 }
643
644 void AUTH_advance_to_next_cred(PTInstVar pvar)
645 {
646 pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
647
648 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
649 try_default_auth(pvar);
650
651 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
652 if (pvar->err_msg != NULL) {
653 pvar->auth_state.flags |=
654 AUTH_START_USER_AUTH_ON_ERROR_END;
655 } else {
656 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
657 // �R�}���h���C���w������������
658 start_user_auth(pvar);
659 }
660 }
661 } else {
662 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
663 // �R�}���h���C���w������(/auth=xxxx)������
664 start_user_auth(pvar);
665 }
666 }
667
668 static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
669 {
670 init_auth_machine_banner(pvar, dlg);
671 init_password_control(dlg);
672
673 if (pvar->auth_state.TIS_prompt != NULL) {
674 if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
675 pvar->auth_state.TIS_prompt[10000] = 0;
676 }
677 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
678 pvar->auth_state.TIS_prompt);
679 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
680 }
681 }
682
683 static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
684 {
685 char FAR *password =
686 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
687
688 pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
689 pvar->auth_state.cur_cred.password = password;
690 pvar->auth_state.auth_dialog = NULL;
691
692 SSH_notify_cred(pvar);
693
694 EndDialog(dlg, 1);
695 return TRUE;
696 }
697
698 static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
699 LPARAM lParam)
700 {
701 PTInstVar pvar;
702
703 switch (msg) {
704 case WM_INITDIALOG:
705 pvar = (PTInstVar) lParam;
706 pvar->auth_state.auth_dialog = dlg;
707 SetWindowLong(dlg, DWL_USER, lParam);
708
709 init_TIS_dlg(pvar, dlg);
710 return FALSE; /* because we set the focus */
711
712 case WM_COMMAND:
713 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
714
715 switch (LOWORD(wParam)) {
716 case IDOK:
717 return end_TIS_dlg(pvar, dlg);
718
719 case IDCANCEL: /* kill the connection */
720 pvar->auth_state.auth_dialog = NULL;
721 notify_closed_connection(pvar);
722 EndDialog(dlg, 0);
723 return TRUE;
724
725 default:
726 return FALSE;
727 }
728
729 default:
730 return FALSE;
731 }
732 }
733
734 void AUTH_do_cred_dialog(PTInstVar pvar)
735 {
736 if (pvar->auth_state.auth_dialog == NULL) {
737 HWND cur_active = GetActiveWindow();
738 DLGPROC dlg_proc;
739 LPCTSTR dialog_template;
740
741 switch (pvar->auth_state.mode) {
742 case TIS_AUTH_MODE:
743 dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
744 dlg_proc = TIS_dlg_proc;
745 break;
746 case GENERIC_AUTH_MODE:
747 default:
748 dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
749 dlg_proc = auth_dlg_proc;
750 }
751
752 if (!DialogBoxParam(hInst, dialog_template,
753 cur_active !=
754 NULL ? cur_active : pvar->NotificationWindow,
755 dlg_proc, (LPARAM) pvar) == -1) {
756 notify_fatal_error(pvar,
757 "Unable to display authentication dialog box.\n"
758 "Connection terminated.");
759 }
760 }
761 }
762
763 static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
764 {
765 switch (pvar->settings.DefaultAuthMethod) {
766 case SSH_AUTH_RSA:
767 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
768 IDC_SSHUSERSA);
769 break;
770 case SSH_AUTH_RHOSTS:
771 case SSH_AUTH_RHOSTS_RSA:
772 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
773 IDC_SSHUSERHOSTS);
774 break;
775 case SSH_AUTH_TIS:
776 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
777 IDC_SSHUSETIS);
778 break;
779 case SSH_AUTH_PASSWORD:
780 default:
781 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
782 IDC_SSHUSEPASSWORD);
783 }
784
785 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
786 SetDlgItemText(dlg, IDC_RSAFILENAME,
787 pvar->settings.DefaultRSAPrivateKeyFile);
788 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
789 pvar->settings.DefaultRhostsHostPrivateKeyFile);
790 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
791 pvar->settings.DefaultRhostsLocalUserName);
792
793 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
794 if (pvar->settings.ssh2_keyboard_interactive) {
795 SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
796 }
797
798 }
799
800 static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
801 {
802 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
803 pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
804 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
805 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
806 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
807 } else {
808 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
809 }
810 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
811 pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
812 } else {
813 pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
814 }
815
816 GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
817 sizeof(pvar->settings.DefaultUserName));
818 GetDlgItemText(dlg, IDC_RSAFILENAME,
819 pvar->settings.DefaultRSAPrivateKeyFile,
820 sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
821 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
822 pvar->settings.DefaultRhostsHostPrivateKeyFile,
823 sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
824 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
825 pvar->settings.DefaultRhostsLocalUserName,
826 sizeof(pvar->settings.DefaultRhostsLocalUserName));
827
828 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
829 {
830 LRESULT ret;
831 ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
832 if (ret & BST_CHECKED) {
833 pvar->settings.ssh2_keyboard_interactive = 1;
834 } else {
835 pvar->settings.ssh2_keyboard_interactive = 0;
836 }
837 }
838
839 EndDialog(dlg, 1);
840 return TRUE;
841 }
842
843 static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
844 WPARAM wParam, LPARAM lParam)
845 {
846 PTInstVar pvar;
847
848 switch (msg) {
849 case WM_INITDIALOG:
850 pvar = (PTInstVar) lParam;
851 SetWindowLong(dlg, DWL_USER, lParam);
852
853 init_default_auth_dlg(pvar, dlg);
854 return TRUE; /* because we do not set the focus */
855
856 case WM_COMMAND:
857 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
858
859 switch (LOWORD(wParam)) {
860 case IDOK:
861 return end_default_auth_dlg(pvar, dlg);
862
863 case IDCANCEL:
864 EndDialog(dlg, 0);
865 return TRUE;
866
867 case IDC_CHOOSERSAFILE:
868 choose_RSA_key_file(dlg);
869 return TRUE;
870
871 case IDC_CHOOSEHOSTRSAFILE:
872 choose_host_RSA_key_file(dlg);
873 return TRUE;
874
875 default:
876 return FALSE;
877 }
878
879 default:
880 return FALSE;
881 }
882 }
883
884 void AUTH_init(PTInstVar pvar)
885 {
886 pvar->auth_state.failed_method = SSH_AUTH_NONE;
887 pvar->auth_state.auth_dialog = NULL;
888 pvar->auth_state.user = NULL;
889 pvar->auth_state.flags = 0;
890 pvar->auth_state.TIS_prompt = NULL;
891 pvar->auth_state.supported_types = 0;
892 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
893 pvar->auth_state.cur_cred.password = NULL;
894 pvar->auth_state.cur_cred.rhosts_client_user = NULL;
895 pvar->auth_state.cur_cred.key_pair = NULL;
896 AUTH_set_generic_mode(pvar);
897 }
898
899 void AUTH_set_generic_mode(PTInstVar pvar)
900 {
901 pvar->auth_state.mode = GENERIC_AUTH_MODE;
902 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
903 }
904
905 void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
906 {
907 if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
908 pvar->auth_state.mode = TIS_AUTH_MODE;
909
910 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
911 pvar->auth_state.TIS_prompt = malloc(len + 1);
912 memcpy(pvar->auth_state.TIS_prompt, prompt, len);
913 pvar->auth_state.TIS_prompt[len] = 0;
914 } else {
915 AUTH_set_generic_mode(pvar);
916 }
917 }
918
919 void AUTH_do_default_cred_dialog(PTInstVar pvar)
920 {
921 HWND cur_active = GetActiveWindow();
922
923 if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
924 cur_active !=
925 NULL ? cur_active : pvar->NotificationWindow,
926 default_auth_dlg_proc, (LPARAM) pvar) == -1) {
927 notify_nonfatal_error(pvar,
928 "Unable to display authentication setup dialog box.");
929 }
930 }
931
932 void AUTH_destroy_cur_cred(PTInstVar pvar)
933 {
934 destroy_malloced_string(&pvar->auth_state.cur_cred.password);
935 destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
936 if (pvar->auth_state.cur_cred.key_pair != NULL) {
937 CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
938 pvar->auth_state.cur_cred.key_pair = NULL;
939 }
940 }
941
942 static char FAR *get_auth_method_name(SSHAuthMethod auth)
943 {
944 switch (auth) {
945 case SSH_AUTH_PASSWORD:
946 return "password";
947 case SSH_AUTH_RSA:
948 return "RSA";
949 case SSH_AUTH_RHOSTS:
950 return "rhosts";
951 case SSH_AUTH_RHOSTS_RSA:
952 return "rhosts with RSA";
953 case SSH_AUTH_TIS:
954 return "challenge/response (TIS)";
955 default:
956 return "unknown method";
957 }
958 }
959
960 void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
961 {
962 char *method = "unknown";
963
964 if (pvar->auth_state.user == NULL) {
965 strncpy(dest, "None", len);
966 } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
967 if (SSHv1(pvar)) {
968 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
969 get_auth_method_name(pvar->auth_state.cur_cred.method));
970
971 } else { // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
972 if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) {
973 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
974 if (pvar->keyboard_interactive_done == 1) {
975 method = "keyboard-interactive";
976 } else {
977 method = get_auth_method_name(pvar->auth_state.cur_cred.method);
978 }
979 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
980
981 } else {
982 if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
983 method = "RSA";
984 } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
985 method = "DSA";
986 }
987 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
988 }
989
990 }
991
992 } else {
993 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
994 get_auth_method_name(pvar->auth_state.failed_method));
995 }
996
997 dest[len - 1] = 0;
998 }
999
1000 void AUTH_notify_disconnecting(PTInstVar pvar)
1001 {
1002 if (pvar->auth_state.auth_dialog != NULL) {
1003 PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
1004 /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
1005 EnableWindow(pvar->NotificationWindow, TRUE);
1006 }
1007 }
1008
1009 void AUTH_end(PTInstVar pvar)
1010 {
1011 destroy_malloced_string(&pvar->auth_state.user);
1012 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1013
1014 AUTH_destroy_cur_cred(pvar);
1015 }
1016
1017 /*
1018 * $Log: not supported by cvs2svn $
1019 * Revision 1.9 2005/02/22 08:48:11 yutakakn
1020 * TTSSH setup�_�C�A���O�� HeartBeat �����������B
1021 * TTSSH authentication setup�_�C�A���O�� keyboard-interactive �����������B
1022 *
1023 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1024 * ���J���F���������O�C�����T�|�[�g�B
1025 * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1026 * �����A�����������������T�|�[�g�B
1027 *
1028 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1029 * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1030 * �A�v���P�[�V�����G���[���������������������B
1031 *
1032 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1033 * �Ekeyboard-interactive�F�����T�|�[�g�����B
1034 * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1035 * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1036 *
1037 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1038 * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1039 *
1040 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1041 * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1042 *
1043 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1044 * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1045 *
1046 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1047 * SSH2�������O�C���@�\�������B
1048 * �����A�p�X���[�h�F�������������B
1049 * �E�R�}���h���C��
1050 * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1051 *
1052 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help