Add some host key dialogue boxes. These still look a little rough around

the edges and need to have all their controls properly aligned and spaced according to the HI guidelines. Also, fix store_host_key() so that it replaces a host key correctly when the host key has changed and the user opts to update the cached one. [originally from svn r5280]
2025-07-16 02:27:32 -05:00 · 2005-02-09 21:18:44 +00:00
parent 2f7de95a2e
commit 3311f89129
4 changed files with 197 additions and 22 deletions
--- a/mac/mac.c
+++ b/mac/mac.c
@ -694,9 +694,15 @@ int agent_query(void *in, int inlen, void **out, int *outlen,
 void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
 			 char *keystr, char *fingerprint)
 {
-    Str255 stuff;
+    Str255 pappname;
+    Str255 pfingerprint;
+    Str255 pkeytype;
    Session *s = frontend;
-    int ret;
+    int ret, alertret;
+    
+    c2pstrcpy(pappname, appname);
+    c2pstrcpy(pkeytype, keytype);
+    c2pstrcpy(pfingerprint, fingerprint);

    /*
     * This function is horribly wrong.  For one thing, the alert
@ -716,29 +722,42 @@ void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
    if (ret == 0)		       /* success - key matched OK */
 	return;
    if (ret == 2) {		       /* key was different */
-	stuff[0] = sprintf((char *)(&stuff[1]),
-			   "WARNING - POTENTIAL SECURITY BREACH\n",
-			   "The key fingerprint is: %s\n"
-			   "Continue connecting?", fingerprint);
-	ParamText(stuff, NULL, NULL, NULL);
+	ParamText(pappname, pkeytype, pfingerprint, NULL);
+	alertret=CautionAlert(wWrong, NULL);
+	if (alertret == 9) {
+	    /* Cancel */
+	    goto cancel;
+	} else if (alertret == 8) {
+	    /* Connect Just Once */
+	} else {
+	    /* Update Key */
+	    store_host_key(host, port, keytype, keystr);
+	}
    }
    if (ret == 1) {                     /* key was absent */
-	stuff[0] = sprintf((char *)(&stuff[1]),
-			   "The server's key fingerprint is: %s\n"
-			   "Continue connecting?", fingerprint);
-	ParamText(stuff, NULL, NULL, NULL);
+	ParamText(pkeytype, pfingerprint, pappname, NULL);
+	alertret=CautionAlert(wAbsent, NULL);
+	if (alertret == 8) {
+	    /* Cancel */
+	    goto cancel;
+	} else if (alertret == 7) {
+	    /* Connect Just Once */
+	} else {
+	    /* Update Key */
+	    store_host_key(host, port, keytype, keystr);
+	}
    }

-    if (CautionAlert(wQuestion, NULL) == 2) {
-	/*
-	 * User chose "Cancel".  Unfortunately, if I tear the
-	 * connection down here, Bad Things happen when I return.  I
-	 * think this function should actually return something
-	 * telling the SSH code to abandon the connection.
-	 */	
-    } else {
-	store_host_key(host, port, keytype, keystr);
-    }
+    return;
+
+  cancel:
+    /*
+     * User chose "Cancel".  Unfortunately, if I tear the
+     * connection down here, Bad Things happen when I return.  I
+     * think this function should actually return something
+     * telling the SSH code to abandon the connection.
+     */	
+    return;
 }

 void askalg(void *frontend, const char *algtype, const char *algname)