Develop and Download Open Source Software

Tera Term

Browse Subversion Repository

/[ttssh2]/branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Contents of /branches/ssh_chacha20poly1305/ttssh2/ttxssh/auth.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2804 - (show annotations) (download) (as text)
Wed Mar 23 12:39:35 2005 UTC (19 years ago) by yutakakn
Original Path: ttssh2/trunk/ttxssh/auth.c
File MIME type: text/x-csrc
File size: 30554 byte(s) 
SSH2認証ダイアログの Use challenge/response to log in にアクセラレータキーを割り当てた。
1 /*
2 Copyright (c) 1998-2001, Robert O'Callahan
3 All rights reserved.
4
5 Redistribution and use in source and binary forms, with or without modification,
6 are permitted provided that the following conditions are met:
7
8 Redistributions of source code must retain the above copyright notice, this list of
9 conditions and the following disclaimer.
10
11 Redistributions in binary form must reproduce the above copyright notice, this list
12 of conditions and the following disclaimer in the documentation and/or other materials
13 provided with the distribution.
14
15 The name of Robert O'Callahan may not be used to endorse or promote products derived from
16 this software without specific prior written permission.
17
18 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND
19 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
21 THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
22 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
25 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include "ttxssh.h"
30 #include "util.h"
31 #include "ssh.h"
32
33 #include <io.h>
34 #include <fcntl.h>
35 #include <stdlib.h>
36 #include <errno.h>
37
38 #include "resource.h"
39 #include "keyfiles.h"
40
41 #define AUTH_START_USER_AUTH_ON_ERROR_END 1
42
43 #define MAX_AUTH_CONTROL IDC_SSHUSETIS
44
45 static void destroy_malloced_string(char FAR * FAR * str)
46 {
47 if (*str != NULL) {
48 memset(*str, 0, strlen(*str));
49 free(*str);
50 *str = NULL;
51 }
52 }
53
54 static int auth_types_to_control_IDs[] = {
55 -1, IDC_SSHUSERHOSTS, IDC_SSHUSERSA, IDC_SSHUSEPASSWORD,
56 IDC_SSHUSERHOSTS, IDC_SSHUSETIS, -1
57 };
58
59 static LRESULT CALLBACK password_wnd_proc(HWND control, UINT msg,
60 WPARAM wParam, LPARAM lParam)
61 {
62 switch (msg) {
63 case WM_CHAR:
64 if ((GetKeyState(VK_CONTROL) & 0x8000) != 0) {
65 char chars[] = { (char) wParam, 0 };
66
67 SendMessage(control, EM_REPLACESEL, (WPARAM) TRUE,
68 (LPARAM) (char FAR *) chars);
69 return 0;
70 }
71 }
72
73 return CallWindowProc((WNDPROC) GetWindowLong(control, GWL_USERDATA),
74 control, msg, wParam, lParam);
75 }
76
77 static void init_password_control(HWND dlg)
78 {
79 HWND passwordControl = GetDlgItem(dlg, IDC_SSHPASSWORD);
80
81 SetWindowLong(passwordControl, GWL_USERDATA,
82 SetWindowLong(passwordControl, GWL_WNDPROC,
83 (LONG) password_wnd_proc));
84
85 SetFocus(passwordControl);
86 }
87
88 static void set_auth_options_status(HWND dlg, int controlID)
89 {
90 BOOL RSA_enabled = controlID == IDC_SSHUSERSA;
91 BOOL rhosts_enabled = controlID == IDC_SSHUSERHOSTS;
92 BOOL TIS_enabled = controlID == IDC_SSHUSETIS;
93 int i;
94
95 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, controlID);
96
97 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), !TIS_enabled);
98 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), !TIS_enabled);
99
100 for (i = IDC_CHOOSERSAFILE; i <= IDC_RSAFILENAME; i++) {
101 EnableWindow(GetDlgItem(dlg, i), RSA_enabled);
102 }
103
104 for (i = IDC_LOCALUSERNAMELABEL; i <= IDC_HOSTRSAFILENAME; i++) {
105 EnableWindow(GetDlgItem(dlg, i), rhosts_enabled);
106 }
107 }
108
109 static void init_auth_machine_banner(PTInstVar pvar, HWND dlg)
110 {
111 char buf[1024] = "Logging in to ";
112
113 if (strlen(buf) + strlen(SSH_get_host_name(pvar)) < sizeof(buf) - 2) {
114 strcat(buf, SSH_get_host_name(pvar));
115 }
116 SetDlgItemText(dlg, IDC_SSHAUTHBANNER, buf);
117 }
118
119 static void update_server_supported_types(PTInstVar pvar, HWND dlg)
120 {
121 int supported_methods = pvar->auth_state.supported_types;
122 int cur_control = -1;
123 int control;
124 HWND focus = GetFocus();
125
126 if (supported_methods == 0) {
127 return;
128 }
129
130 for (control = IDC_SSHUSEPASSWORD; control <= MAX_AUTH_CONTROL;
131 control++) {
132 BOOL enabled = FALSE;
133 int method;
134 HWND item = GetDlgItem(dlg, control);
135
136 if (item != NULL) {
137 for (method = 0; method <= SSH_AUTH_MAX; method++) {
138 if (auth_types_to_control_IDs[method] == control
139 && (supported_methods & (1 << method)) != 0) {
140 enabled = TRUE;
141 }
142 }
143
144 EnableWindow(item, enabled);
145
146 if (IsDlgButtonChecked(dlg, control)) {
147 cur_control = control;
148 }
149 }
150 }
151
152 if (cur_control >= 0) {
153 if (!IsWindowEnabled(GetDlgItem(dlg, cur_control))) {
154 do {
155 cur_control++;
156 if (cur_control > MAX_AUTH_CONTROL) {
157 cur_control = IDC_SSHUSEPASSWORD;
158 }
159 } while (!IsWindowEnabled(GetDlgItem(dlg, cur_control)));
160
161 set_auth_options_status(dlg, cur_control);
162
163 if (focus != NULL && !IsWindowEnabled(focus)) {
164 SetFocus(GetDlgItem(dlg, cur_control));
165 }
166 }
167 }
168 }
169
170 static void init_auth_dlg(PTInstVar pvar, HWND dlg)
171 {
172 int default_method = pvar->session_settings.DefaultAuthMethod;
173
174 init_auth_machine_banner(pvar, dlg);
175 init_password_control(dlg);
176
177 if (pvar->auth_state.failed_method != SSH_AUTH_NONE) {
178 /* must be retrying a failed attempt */
179 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
180 "Authentication failed. Please retry.");
181 SetWindowText(dlg, "Retrying SSH Authentication");
182 default_method = pvar->auth_state.failed_method;
183 }
184
185 set_auth_options_status(dlg,
186 auth_types_to_control_IDs[default_method]);
187
188 if (default_method == SSH_AUTH_TIS) {
189 /* we disabled the password control, so fix the focus */
190 SetFocus(GetDlgItem(dlg, IDC_SSHUSETIS));
191 }
192
193 if (pvar->auth_state.user != NULL) {
194 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->auth_state.user);
195 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
196 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
197 } else if (pvar->session_settings.DefaultUserName[0] != 0) {
198 SetDlgItemText(dlg, IDC_SSHUSERNAME,
199 pvar->session_settings.DefaultUserName);
200 } else {
201 SetFocus(GetDlgItem(dlg, IDC_SSHUSERNAME));
202 }
203
204 SetDlgItemText(dlg, IDC_RSAFILENAME,
205 pvar->session_settings.DefaultRSAPrivateKeyFile);
206 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
207 pvar->session_settings.DefaultRhostsHostPrivateKeyFile);
208 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
209 pvar->session_settings.DefaultRhostsLocalUserName);
210
211 update_server_supported_types(pvar, dlg);
212
213 // SSH2 autologin
214 // ���[�U�A�p�X���[�h�A�F�����\�b�h���������������A������������OK�{�^�������������B
215 //
216 // (2004.12.1 yutaka)
217 // (2005.1.26 yutaka) ���J���F���T�|�[�g
218 if (pvar->ssh2_autologin == 1) {
219 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->ssh2_username);
220 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAME), FALSE);
221 EnableWindow(GetDlgItem(dlg, IDC_SSHUSERNAMELABEL), FALSE);
222
223 SetDlgItemText(dlg, IDC_SSHPASSWORD, pvar->ssh2_password);
224 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORD), FALSE);
225 EnableWindow(GetDlgItem(dlg, IDC_SSHPASSWORDCAPTION), FALSE);
226
227 if (pvar->ssh2_authmethod == SSH_AUTH_PASSWORD) {
228 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSEPASSWORD);
229
230 } else if (pvar->ssh2_authmethod == SSH_AUTH_RSA) {
231 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL, IDC_SSHUSERSA);
232
233 SetDlgItemText(dlg, IDC_RSAFILENAME, pvar->ssh2_keyfile);
234 EnableWindow(GetDlgItem(dlg, IDC_CHOOSERSAFILE), FALSE);
235 EnableWindow(GetDlgItem(dlg, IDC_RSAFILENAME), FALSE);
236
237 } else {
238 // TODO
239
240 }
241 }
242
243 #if 1
244 // �p�X���[�h�F���������O���Akeyboard-interactive���\�b�h�������������A���x������
245 // ���X�����B(2005.3.12 yutaka)
246 if (pvar->settings.ssh2_keyboard_interactive == 1) {
247 SetDlgItemText(dlg, IDC_SSHUSEPASSWORD, "Use p&lain password to log in (with keyboard-interactive)");
248 }
249
250 if (pvar->settings.ssh_protocol_version == 1) {
251 SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&TIS)");
252 } else {
253 SetDlgItemText(dlg, IDC_SSHUSETIS, "Use challenge/response to log in(&keyboard-interactive)");
254 }
255 #endif
256
257 }
258
259 static char FAR *alloc_control_text(HWND ctl)
260 {
261 int len = GetWindowTextLength(ctl);
262 char FAR *result = malloc(len + 1);
263
264 if (result != NULL) {
265 GetWindowText(ctl, result, len + 1);
266 result[len] = 0;
267 }
268
269 return result;
270 }
271
272 static int get_key_file_name(HWND parent, char FAR * buf, int bufsize)
273 {
274 #ifdef TERATERM32
275 OPENFILENAME params;
276 char fullname_buf[2048] = "identity";
277
278 ZeroMemory(&params, sizeof(params));
279 params.lStructSize = sizeof(OPENFILENAME);
280 params.hwndOwner = parent;
281 // �t�B���^������ (2004.12.19 yutaka)
282 params.lpstrFilter = "identity(RSA1)\0identity\0id_rsa(SSH2)\0id_rsa\0id_dsa(SSH2)\0id_dsa\0all(*.*)\0*.*\0\0";
283 params.lpstrCustomFilter = NULL;
284 params.nFilterIndex = 0;
285 buf[0] = 0;
286 params.lpstrFile = fullname_buf;
287 params.nMaxFile = sizeof(fullname_buf);
288 params.lpstrFileTitle = NULL;
289 params.lpstrInitialDir = NULL;
290 params.lpstrTitle = "Choose a file with the RSA private key";
291 params.Flags =
292 OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY;
293 params.lpstrDefExt = NULL;
294
295 if (GetOpenFileName(&params) != 0) {
296 copy_teraterm_dir_relative_path(buf, bufsize, fullname_buf);
297 return 1;
298 } else {
299 return 0;
300 }
301 #else
302 return 0;
303 #endif
304 }
305
306 static void choose_RSA_key_file(HWND dlg)
307 {
308 char buf[1024];
309
310 if (get_key_file_name(dlg, buf, sizeof(buf))) {
311 SetDlgItemText(dlg, IDC_RSAFILENAME, buf);
312 }
313 }
314
315 static void choose_host_RSA_key_file(HWND dlg)
316 {
317 char buf[1024];
318
319 if (get_key_file_name(dlg, buf, sizeof(buf))) {
320 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME, buf);
321 }
322 }
323
324 static BOOL end_auth_dlg(PTInstVar pvar, HWND dlg)
325 {
326 int method = SSH_AUTH_PASSWORD;
327 char FAR *password =
328 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
329 CRYPTKeyPair FAR *key_pair = NULL;
330
331 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
332 method = SSH_AUTH_RSA;
333 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
334 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
335 method = SSH_AUTH_RHOSTS_RSA;
336 } else {
337 method = SSH_AUTH_RHOSTS;
338 }
339 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
340 method = SSH_AUTH_TIS;
341 }
342
343 if (method == SSH_AUTH_RSA || method == SSH_AUTH_RHOSTS_RSA) {
344 char buf[2048];
345 int file_ctl_ID =
346 method == SSH_AUTH_RSA ? IDC_RSAFILENAME : IDC_HOSTRSAFILENAME;
347
348 buf[0] = 0;
349 GetDlgItemText(dlg, file_ctl_ID, buf, sizeof(buf));
350 if (buf[0] == 0) {
351 notify_nonfatal_error(pvar,
352 "You must specify a file containing the RSA/DSA private key.");
353 SetFocus(GetDlgItem(dlg, file_ctl_ID));
354 destroy_malloced_string(&password);
355 return FALSE;
356 }
357
358 if (SSHv1(pvar)) {
359 BOOL invalid_passphrase = FALSE;
360
361 key_pair = KEYFILES_read_private_key(pvar, buf, password,
362 &invalid_passphrase,
363 FALSE);
364
365 if (key_pair == NULL) {
366 if (invalid_passphrase) {
367 HWND passwordCtl = GetDlgItem(dlg, IDC_SSHPASSWORD);
368
369 SetFocus(passwordCtl);
370 SendMessage(passwordCtl, EM_SETSEL, 0, -1);
371 } else {
372 SetFocus(GetDlgItem(dlg, file_ctl_ID));
373 }
374 destroy_malloced_string(&password);
375 return FALSE;
376 }
377
378 } else { // SSH2(yutaka)
379 BOOL invalid_passphrase = FALSE;
380 char errmsg[256];
381
382 memset(errmsg, 0, sizeof(errmsg));
383 //GetCurrentDirectory(sizeof(errmsg), errmsg);
384
385 key_pair = read_SSH2_private_key(pvar, buf, password,
386 &invalid_passphrase,
387 FALSE,
388 errmsg,
389 sizeof(errmsg)
390 );
391
392 if (key_pair == NULL) { // read error
393 char buf[1024];
394 _snprintf(buf, sizeof(buf), "read error SSH2 private key file\r\n%s", errmsg);
395 notify_nonfatal_error(pvar, buf);
396 destroy_malloced_string(&password);
397 return FALSE;
398 }
399
400 }
401
402 }
403
404 /* from here on, we cannot fail, so just munge cur_cred in place */
405 pvar->auth_state.cur_cred.method = method;
406 pvar->auth_state.cur_cred.key_pair = key_pair;
407 /* we can't change the user name once it's set. It may already have
408 been sent to the server, and it can only be sent once. */
409 if (pvar->auth_state.user == NULL) {
410 pvar->auth_state.user =
411 alloc_control_text(GetDlgItem(dlg, IDC_SSHUSERNAME));
412 }
413 if (method == SSH_AUTH_PASSWORD) {
414 pvar->auth_state.cur_cred.password = password;
415 } else {
416 destroy_malloced_string(&password);
417 }
418 if (method == SSH_AUTH_RHOSTS || method == SSH_AUTH_RHOSTS_RSA) {
419 if (pvar->session_settings.DefaultAuthMethod != SSH_AUTH_RHOSTS) {
420 notify_nonfatal_error(pvar,
421 "Rhosts authentication will probably fail because it was not "
422 "the default authentication method.\n"
423 "To use Rhosts authentication "
424 "in TTSSH, you need to set it to be the default by restarting\n"
425 "TTSSH and selecting \"SSH Authentication...\" from the Setup menu"
426 "before connecting.");
427 }
428
429 pvar->auth_state.cur_cred.rhosts_client_user =
430 alloc_control_text(GetDlgItem(dlg, IDC_LOCALUSERNAME));
431 }
432 pvar->auth_state.auth_dialog = NULL;
433
434 GetDlgItemText(dlg, IDC_RSAFILENAME,
435 pvar->session_settings.DefaultRSAPrivateKeyFile,
436 sizeof(pvar->session_settings.
437 DefaultRSAPrivateKeyFile));
438 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
439 pvar->session_settings.DefaultRhostsHostPrivateKeyFile,
440 sizeof(pvar->session_settings.
441 DefaultRhostsHostPrivateKeyFile));
442 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
443 pvar->session_settings.DefaultRhostsLocalUserName,
444 sizeof(pvar->session_settings.
445 DefaultRhostsLocalUserName));
446
447 if (SSHv1(pvar)) {
448 SSH_notify_user_name(pvar);
449 SSH_notify_cred(pvar);
450 } else {
451 // for SSH2(yutaka)
452 do_SSH2_userauth(pvar);
453 }
454
455 EndDialog(dlg, 1);
456 return TRUE;
457 }
458
459 static BOOL CALLBACK auth_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
460 LPARAM lParam)
461 {
462 const int IDC_TIMER1 = 300;
463 const int autologin_timeout = 10; // �~���b
464 PTInstVar pvar;
465
466 switch (msg) {
467 case WM_INITDIALOG:
468 pvar = (PTInstVar) lParam;
469 pvar->auth_state.auth_dialog = dlg;
470 SetWindowLong(dlg, DWL_USER, lParam);
471
472 init_auth_dlg(pvar, dlg);
473
474 // SSH2 autologin���L�����������A�^�C�}���d�|�����B (2004.12.1 yutaka)
475 if (pvar->ssh2_autologin == 1) {
476 SetTimer(dlg, IDC_TIMER1, autologin_timeout, 0);
477 }
478 return FALSE; /* because we set the focus */
479
480 case WM_TIMER:
481 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
482 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2004.12.16 yutaka)
483 if (!(pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
484 KillTimer(dlg, IDC_TIMER1);
485 SendMessage(dlg, WM_COMMAND, IDOK, 0);
486 }
487 return TRUE;
488
489 case WM_COMMAND:
490 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
491
492 switch (LOWORD(wParam)) {
493 case IDOK:
494 // �F�������������������A�F���f�[�^�����M�����B�����������A�������B(2001.1.25 yutaka)
495 if ((pvar->ssh_state.status_flags & STATUS_DONT_SEND_USER_NAME)) {
496 return FALSE;
497 }
498 return end_auth_dlg(pvar, dlg);
499
500 case IDCANCEL: /* kill the connection */
501 pvar->auth_state.auth_dialog = NULL;
502 notify_closed_connection(pvar);
503 EndDialog(dlg, 0);
504 return TRUE;
505
506 case IDC_SSHUSEPASSWORD:
507 case IDC_SSHUSERSA:
508 case IDC_SSHUSERHOSTS:
509 case IDC_SSHUSETIS:
510 set_auth_options_status(dlg, LOWORD(wParam));
511 return TRUE;
512
513 case IDC_CHOOSERSAFILE:
514 choose_RSA_key_file(dlg);
515 return TRUE;
516
517 case IDC_CHOOSEHOSTRSAFILE:
518 choose_host_RSA_key_file(dlg);
519 return TRUE;
520
521 default:
522 return FALSE;
523 }
524
525 default:
526 return FALSE;
527 }
528 }
529
530 char FAR *AUTH_get_user_name(PTInstVar pvar)
531 {
532 return pvar->auth_state.user;
533 }
534
535 int AUTH_set_supported_auth_types(PTInstVar pvar, int types)
536 {
537 char buf[1024];
538
539 _snprintf(buf, sizeof(buf),
540 "Server reports supported authentication method mask = %d",
541 types);
542 buf[sizeof(buf) - 1] = 0;
543 notify_verbose_message(pvar, buf, LOG_LEVEL_VERBOSE);
544
545 if (SSHv1(pvar)) {
546 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
547 | (1 << SSH_AUTH_RHOSTS_RSA) | (1 << SSH_AUTH_RHOSTS)
548 | (1 << SSH_AUTH_TIS);
549 } else {
550 // for SSH2(yutaka)
551 // types &= (1 << SSH_AUTH_PASSWORD);
552 // ���J���F�����L�������� (2004.12.18 yutaka)
553 // TIS�������BSSH2����keyboard-interactive�����������B(2005.3.12 yutaka)
554 types &= (1 << SSH_AUTH_PASSWORD) | (1 << SSH_AUTH_RSA)
555 | (1 << SSH_AUTH_DSA)
556 | (1 << SSH_AUTH_TIS);
557 }
558 pvar->auth_state.supported_types = types;
559
560 if (types == 0) {
561 notify_fatal_error(pvar,
562 "Server does not support any of the authentication options\n"
563 "provided by TTSSH. This connection will now close.");
564 return 0;
565 } else {
566 if (pvar->auth_state.auth_dialog != NULL) {
567 update_server_supported_types(pvar,
568 pvar->auth_state.auth_dialog);
569 }
570
571 return 1;
572 }
573 }
574
575 static void start_user_auth(PTInstVar pvar)
576 {
577 // �F���_�C�A���O���\�������� (2004.12.1 yutaka)
578 PostMessage(pvar->NotificationWindow, WM_COMMAND, (WPARAM) ID_SSHAUTH,
579 (LPARAM) NULL);
580 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
581 }
582
583 static void try_default_auth(PTInstVar pvar)
584 {
585 if (pvar->session_settings.TryDefaultAuth) {
586 switch (pvar->session_settings.DefaultAuthMethod) {
587 case SSH_AUTH_RSA:{
588 BOOL invalid_passphrase;
589 char password[] = "";
590
591 pvar->auth_state.cur_cred.key_pair
592 =
593 KEYFILES_read_private_key(pvar,
594 pvar->session_settings.
595 DefaultRSAPrivateKeyFile,
596 password,
597 &invalid_passphrase, TRUE);
598 if (pvar->auth_state.cur_cred.key_pair == NULL) {
599 return;
600 } else {
601 pvar->auth_state.cur_cred.method = SSH_AUTH_RSA;
602 }
603 break;
604 }
605
606 case SSH_AUTH_RHOSTS:
607 if (pvar->session_settings.
608 DefaultRhostsHostPrivateKeyFile[0] != 0) {
609 BOOL invalid_passphrase;
610 char password[] = "";
611
612 pvar->auth_state.cur_cred.key_pair
613 =
614 KEYFILES_read_private_key(pvar,
615 pvar->session_settings.
616 DefaultRhostsHostPrivateKeyFile,
617 password,
618 &invalid_passphrase, TRUE);
619 if (pvar->auth_state.cur_cred.key_pair == NULL) {
620 return;
621 } else {
622 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS_RSA;
623 }
624 } else {
625 pvar->auth_state.cur_cred.method = SSH_AUTH_RHOSTS;
626 }
627
628 pvar->auth_state.cur_cred.rhosts_client_user =
629 _strdup(pvar->session_settings.DefaultRhostsLocalUserName);
630 break;
631
632 case SSH_AUTH_PASSWORD:
633 pvar->auth_state.cur_cred.password = _strdup("");
634 pvar->auth_state.cur_cred.method = SSH_AUTH_PASSWORD;
635 break;
636
637 case SSH_AUTH_TIS:
638 default:
639 return;
640 }
641
642 pvar->auth_state.user =
643 _strdup(pvar->session_settings.DefaultUserName);
644 }
645 }
646
647 void AUTH_notify_end_error(PTInstVar pvar)
648 {
649 if ((pvar->auth_state.flags & AUTH_START_USER_AUTH_ON_ERROR_END) != 0) {
650 start_user_auth(pvar);
651 pvar->auth_state.flags &= ~AUTH_START_USER_AUTH_ON_ERROR_END;
652 }
653 }
654
655 void AUTH_advance_to_next_cred(PTInstVar pvar)
656 {
657 pvar->auth_state.failed_method = pvar->auth_state.cur_cred.method;
658
659 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
660 try_default_auth(pvar);
661
662 if (pvar->auth_state.cur_cred.method == SSH_AUTH_NONE) {
663 if (pvar->err_msg != NULL) {
664 pvar->auth_state.flags |=
665 AUTH_START_USER_AUTH_ON_ERROR_END;
666 } else {
667 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
668 // �R�}���h���C���w������������
669 start_user_auth(pvar);
670 }
671 }
672 } else {
673 // �������F���_�C�A���O���o�������� (2004.12.1 yutaka)
674 // �R�}���h���C���w������(/auth=xxxx)������
675 start_user_auth(pvar);
676 }
677 }
678
679 static void init_TIS_dlg(PTInstVar pvar, HWND dlg)
680 {
681 init_auth_machine_banner(pvar, dlg);
682 init_password_control(dlg);
683
684 if (pvar->auth_state.TIS_prompt != NULL) {
685 if (strlen(pvar->auth_state.TIS_prompt) > 10000) {
686 pvar->auth_state.TIS_prompt[10000] = 0;
687 }
688 SetDlgItemText(dlg, IDC_SSHAUTHBANNER2,
689 pvar->auth_state.TIS_prompt);
690 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
691 }
692 }
693
694 static BOOL end_TIS_dlg(PTInstVar pvar, HWND dlg)
695 {
696 char FAR *password =
697 alloc_control_text(GetDlgItem(dlg, IDC_SSHPASSWORD));
698
699 pvar->auth_state.cur_cred.method = SSH_AUTH_TIS;
700 pvar->auth_state.cur_cred.password = password;
701 pvar->auth_state.auth_dialog = NULL;
702
703 // add
704 if (SSHv2(pvar)) {
705 pvar->keyboard_interactive_password_input = 1;
706 handle_SSH2_userauth_inforeq(pvar);
707 }
708
709 SSH_notify_cred(pvar);
710
711 EndDialog(dlg, 1);
712 return TRUE;
713 }
714
715 static BOOL CALLBACK TIS_dlg_proc(HWND dlg, UINT msg, WPARAM wParam,
716 LPARAM lParam)
717 {
718 PTInstVar pvar;
719
720 switch (msg) {
721 case WM_INITDIALOG:
722 pvar = (PTInstVar) lParam;
723 pvar->auth_state.auth_dialog = dlg;
724 SetWindowLong(dlg, DWL_USER, lParam);
725
726 init_TIS_dlg(pvar, dlg);
727 return FALSE; /* because we set the focus */
728
729 case WM_COMMAND:
730 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
731
732 switch (LOWORD(wParam)) {
733 case IDOK:
734 return end_TIS_dlg(pvar, dlg);
735
736 case IDCANCEL: /* kill the connection */
737 pvar->auth_state.auth_dialog = NULL;
738 notify_closed_connection(pvar);
739 EndDialog(dlg, 0);
740 return TRUE;
741
742 default:
743 return FALSE;
744 }
745
746 default:
747 return FALSE;
748 }
749 }
750
751 void AUTH_do_cred_dialog(PTInstVar pvar)
752 {
753 if (pvar->auth_state.auth_dialog == NULL) {
754 HWND cur_active = GetActiveWindow();
755 DLGPROC dlg_proc;
756 LPCTSTR dialog_template;
757
758 switch (pvar->auth_state.mode) {
759 case TIS_AUTH_MODE:
760 dialog_template = MAKEINTRESOURCE(IDD_SSHTISAUTH);
761 dlg_proc = TIS_dlg_proc;
762 break;
763 case GENERIC_AUTH_MODE:
764 default:
765 dialog_template = MAKEINTRESOURCE(IDD_SSHAUTH);
766 dlg_proc = auth_dlg_proc;
767 }
768
769 if (!DialogBoxParam(hInst, dialog_template,
770 cur_active !=
771 NULL ? cur_active : pvar->NotificationWindow,
772 dlg_proc, (LPARAM) pvar) == -1) {
773 notify_fatal_error(pvar,
774 "Unable to display authentication dialog box.\n"
775 "Connection terminated.");
776 }
777 }
778 }
779
780 static void init_default_auth_dlg(PTInstVar pvar, HWND dlg)
781 {
782 switch (pvar->settings.DefaultAuthMethod) {
783 case SSH_AUTH_RSA:
784 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
785 IDC_SSHUSERSA);
786 break;
787 case SSH_AUTH_RHOSTS:
788 case SSH_AUTH_RHOSTS_RSA:
789 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
790 IDC_SSHUSERHOSTS);
791 break;
792 case SSH_AUTH_TIS:
793 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
794 IDC_SSHUSETIS);
795 break;
796 case SSH_AUTH_PASSWORD:
797 default:
798 CheckRadioButton(dlg, IDC_SSHUSEPASSWORD, MAX_AUTH_CONTROL,
799 IDC_SSHUSEPASSWORD);
800 }
801
802 SetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName);
803 SetDlgItemText(dlg, IDC_RSAFILENAME,
804 pvar->settings.DefaultRSAPrivateKeyFile);
805 SetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
806 pvar->settings.DefaultRhostsHostPrivateKeyFile);
807 SetDlgItemText(dlg, IDC_LOCALUSERNAME,
808 pvar->settings.DefaultRhostsLocalUserName);
809
810 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
811 if (pvar->settings.ssh2_keyboard_interactive) {
812 SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_SETCHECK, BST_CHECKED, 0);
813 }
814
815 }
816
817 static BOOL end_default_auth_dlg(PTInstVar pvar, HWND dlg)
818 {
819 if (IsDlgButtonChecked(dlg, IDC_SSHUSERSA)) {
820 pvar->settings.DefaultAuthMethod = SSH_AUTH_RSA;
821 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSERHOSTS)) {
822 if (GetWindowTextLength(GetDlgItem(dlg, IDC_HOSTRSAFILENAME)) > 0) {
823 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS_RSA;
824 } else {
825 pvar->settings.DefaultAuthMethod = SSH_AUTH_RHOSTS;
826 }
827 } else if (IsDlgButtonChecked(dlg, IDC_SSHUSETIS)) {
828 pvar->settings.DefaultAuthMethod = SSH_AUTH_TIS;
829 } else {
830 pvar->settings.DefaultAuthMethod = SSH_AUTH_PASSWORD;
831 }
832
833 GetDlgItemText(dlg, IDC_SSHUSERNAME, pvar->settings.DefaultUserName,
834 sizeof(pvar->settings.DefaultUserName));
835 GetDlgItemText(dlg, IDC_RSAFILENAME,
836 pvar->settings.DefaultRSAPrivateKeyFile,
837 sizeof(pvar->settings.DefaultRSAPrivateKeyFile));
838 GetDlgItemText(dlg, IDC_HOSTRSAFILENAME,
839 pvar->settings.DefaultRhostsHostPrivateKeyFile,
840 sizeof(pvar->settings.DefaultRhostsHostPrivateKeyFile));
841 GetDlgItemText(dlg, IDC_LOCALUSERNAME,
842 pvar->settings.DefaultRhostsLocalUserName,
843 sizeof(pvar->settings.DefaultRhostsLocalUserName));
844
845 // SSH2 keyboard-interactive method (2005.2.22 yutaka)
846 {
847 LRESULT ret;
848 ret = SendMessage(GetDlgItem(dlg, IDC_KEYBOARD_INTERACTIVE_CHECK), BM_GETCHECK, 0, 0);
849 if (ret & BST_CHECKED) {
850 pvar->settings.ssh2_keyboard_interactive = 1;
851 } else {
852 pvar->settings.ssh2_keyboard_interactive = 0;
853 }
854 }
855
856 EndDialog(dlg, 1);
857 return TRUE;
858 }
859
860 static BOOL CALLBACK default_auth_dlg_proc(HWND dlg, UINT msg,
861 WPARAM wParam, LPARAM lParam)
862 {
863 PTInstVar pvar;
864
865 switch (msg) {
866 case WM_INITDIALOG:
867 pvar = (PTInstVar) lParam;
868 SetWindowLong(dlg, DWL_USER, lParam);
869
870 init_default_auth_dlg(pvar, dlg);
871 return TRUE; /* because we do not set the focus */
872
873 case WM_COMMAND:
874 pvar = (PTInstVar) GetWindowLong(dlg, DWL_USER);
875
876 switch (LOWORD(wParam)) {
877 case IDOK:
878 return end_default_auth_dlg(pvar, dlg);
879
880 case IDCANCEL:
881 EndDialog(dlg, 0);
882 return TRUE;
883
884 case IDC_CHOOSERSAFILE:
885 choose_RSA_key_file(dlg);
886 return TRUE;
887
888 case IDC_CHOOSEHOSTRSAFILE:
889 choose_host_RSA_key_file(dlg);
890 return TRUE;
891
892 default:
893 return FALSE;
894 }
895
896 default:
897 return FALSE;
898 }
899 }
900
901 void AUTH_init(PTInstVar pvar)
902 {
903 pvar->auth_state.failed_method = SSH_AUTH_NONE;
904 pvar->auth_state.auth_dialog = NULL;
905 pvar->auth_state.user = NULL;
906 pvar->auth_state.flags = 0;
907 pvar->auth_state.TIS_prompt = NULL;
908 pvar->auth_state.supported_types = 0;
909 pvar->auth_state.cur_cred.method = SSH_AUTH_NONE;
910 pvar->auth_state.cur_cred.password = NULL;
911 pvar->auth_state.cur_cred.rhosts_client_user = NULL;
912 pvar->auth_state.cur_cred.key_pair = NULL;
913 AUTH_set_generic_mode(pvar);
914 }
915
916 void AUTH_set_generic_mode(PTInstVar pvar)
917 {
918 pvar->auth_state.mode = GENERIC_AUTH_MODE;
919 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
920 }
921
922 void AUTH_set_TIS_mode(PTInstVar pvar, char FAR * prompt, int len)
923 {
924 if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
925 pvar->auth_state.mode = TIS_AUTH_MODE;
926
927 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
928 pvar->auth_state.TIS_prompt = malloc(len + 1);
929 memcpy(pvar->auth_state.TIS_prompt, prompt, len);
930 pvar->auth_state.TIS_prompt[len] = 0;
931 } else {
932 AUTH_set_generic_mode(pvar);
933 }
934 }
935
936 void AUTH_do_default_cred_dialog(PTInstVar pvar)
937 {
938 HWND cur_active = GetActiveWindow();
939
940 if (DialogBoxParam(hInst, MAKEINTRESOURCE(IDD_SSHAUTHSETUP),
941 cur_active !=
942 NULL ? cur_active : pvar->NotificationWindow,
943 default_auth_dlg_proc, (LPARAM) pvar) == -1) {
944 notify_nonfatal_error(pvar,
945 "Unable to display authentication setup dialog box.");
946 }
947 }
948
949 void AUTH_destroy_cur_cred(PTInstVar pvar)
950 {
951 destroy_malloced_string(&pvar->auth_state.cur_cred.password);
952 destroy_malloced_string(&pvar->auth_state.cur_cred.rhosts_client_user);
953 if (pvar->auth_state.cur_cred.key_pair != NULL) {
954 CRYPT_free_key_pair(pvar->auth_state.cur_cred.key_pair);
955 pvar->auth_state.cur_cred.key_pair = NULL;
956 }
957 }
958
959 static char FAR *get_auth_method_name(SSHAuthMethod auth)
960 {
961 switch (auth) {
962 case SSH_AUTH_PASSWORD:
963 return "password";
964 case SSH_AUTH_RSA:
965 return "RSA";
966 case SSH_AUTH_RHOSTS:
967 return "rhosts";
968 case SSH_AUTH_RHOSTS_RSA:
969 return "rhosts with RSA";
970 case SSH_AUTH_TIS:
971 return "challenge/response (TIS)";
972 default:
973 return "unknown method";
974 }
975 }
976
977 void AUTH_get_auth_info(PTInstVar pvar, char FAR * dest, int len)
978 {
979 char *method = "unknown";
980
981 if (pvar->auth_state.user == NULL) {
982 strncpy(dest, "None", len);
983 } else if (pvar->auth_state.cur_cred.method != SSH_AUTH_NONE) {
984 if (SSHv1(pvar)) {
985 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
986 get_auth_method_name(pvar->auth_state.cur_cred.method));
987
988 } else {
989 // SSH2:�F�����\�b�h������ (2004.12.23 yutaka)
990 // keyboard-interactive���\�b�h������ (2005.3.12 yutaka)
991 if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD ||
992 pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
993 // keyboard-interactive���\�b�h������ (2005.1.24 yutaka)
994 if (pvar->keyboard_interactive_done == 1 ||
995 pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) {
996 method = "keyboard-interactive";
997 } else {
998 method = get_auth_method_name(pvar->auth_state.cur_cred.method);
999 }
1000 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1001
1002 } else {
1003 if (pvar->auth_state.cur_cred.key_pair->RSA_key != NULL) {
1004 method = "RSA";
1005 } else if (pvar->auth_state.cur_cred.key_pair->DSA_key != NULL) {
1006 method = "DSA";
1007 }
1008 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user, method);
1009 }
1010
1011 }
1012
1013 } else {
1014 _snprintf(dest, len, "User '%s', using %s", pvar->auth_state.user,
1015 get_auth_method_name(pvar->auth_state.failed_method));
1016 }
1017
1018 dest[len - 1] = 0;
1019 }
1020
1021 void AUTH_notify_disconnecting(PTInstVar pvar)
1022 {
1023 if (pvar->auth_state.auth_dialog != NULL) {
1024 PostMessage(pvar->auth_state.auth_dialog, WM_COMMAND, IDCANCEL, 0);
1025 /* the main window might not go away if it's not enabled. (see vtwin.cpp) */
1026 EnableWindow(pvar->NotificationWindow, TRUE);
1027 }
1028 }
1029
1030 void AUTH_end(PTInstVar pvar)
1031 {
1032 destroy_malloced_string(&pvar->auth_state.user);
1033 destroy_malloced_string(&pvar->auth_state.TIS_prompt);
1034
1035 AUTH_destroy_cur_cred(pvar);
1036 }
1037
1038 /*
1039 * $Log: not supported by cvs2svn $
1040 * Revision 1.11 2005/03/12 15:07:33 yutakakn
1041 * SSH2 keyboard-interactive�F����TIS�_�C�A���O�����������B
1042 *
1043 * Revision 1.10 2005/03/12 12:08:05 yutakakn
1044 * �p�X���[�h�F�����O���s��keyboard-interactive���\�b�h���A�f�t�H���g�����l������(0)�������B
1045 * �����A�F���_�C�A���O�����x�������������L�����������X���������������B
1046 *
1047 * Revision 1.9 2005/02/22 08:48:11 yutakakn
1048 * TTSSH setup�_�C�A���O�� HeartBeat �����������B
1049 * TTSSH authentication setup�_�C�A���O�� keyboard-interactive �����������B
1050 *
1051 * Revision 1.8 2005/01/27 13:30:33 yutakakn
1052 * ���J���F���������O�C�����T�|�[�g�B
1053 * /auth=publickey, /keyfile �I�v�V�������V�K���������B
1054 * �����A�����������������T�|�[�g�B
1055 *
1056 * Revision 1.7 2005/01/25 13:38:22 yutakakn
1057 * SSH�F���_�C�A���O���ARhosts/TIS���O���[�������O���AEnter�L�[�������������A
1058 * �A�v���P�[�V�����G���[���������������������B
1059 *
1060 * Revision 1.6 2005/01/24 14:07:07 yutakakn
1061 * �Ekeyboard-interactive�F�����T�|�[�g�����B
1062 * �@�����������Ateraterm.ini�� "KeyboardInteractive" �G���g�������������B
1063 * �E�o�[�W�����_�C�A���O�� OpenSSL�o�[�W���� ������
1064 *
1065 * Revision 1.5 2004/12/27 14:35:41 yutakakn
1066 * SSH2�����������������s�����G���[���b�Z�[�W�����������B
1067 *
1068 * Revision 1.4 2004/12/22 17:28:14 yutakakn
1069 * SSH2���J���F��(RSA/DSA)���T�|�[�g�����B
1070 *
1071 * Revision 1.3 2004/12/16 13:01:09 yutakakn
1072 * SSH�������O�C�����A�v���P�[�V�����G���[�������������C�������B
1073 *
1074 * Revision 1.2 2004/12/01 15:37:49 yutakakn
1075 * SSH2�������O�C���@�\�������B
1076 * �����A�p�X���[�h�F�������������B
1077 * �E�R�}���h���C��
1078 * /ssh /auth=�F�����\�b�h /user=���[�U�� /passwd=�p�X���[�h
1079 *
1080 */
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
About OSDN
Find Software
Develop Software
Help