nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Jacob's patch for a drag-list to select SSH ciphers. Heavily hacked

Browse Source 
by me to make the drag list behaviour slightly more intuitive.
WARNING: DO NOT LOOK AT pl_itemfrompt() IF YOU ARE SQUEAMISH.

[originally from svn r1199]
This commit is contained in:
Simon Tatham 2001-08-25 19:33:33 +00:00
parent c87fa98d09
commit 44c4ee79e6
9 changed files with 772 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
plink.c
View File

@ -122,6 +122,46 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
}
}
/*
* Ask whether the selected cipher is acceptable (since it was
* below the configured 'warn' threshold).
* cs: 0 = both ways, 1 = client->server, 2 = server->client
*/
void askcipher(char *ciphername, int cs)
{
HANDLE hin;
DWORD savemode, i;
static const char msg[] =
"The first %scipher supported by the server is\n"
"%s, which is below the configured warning threshold.\n"
"Continue with connection? (y/n) ";
static const char abandoned[] = "Connection abandoned.\n";
char line[32];
fprintf(stderr, msg,
(cs == 0) ? "" :
(cs == 1) ? "client-to-server " :
"server-to-client ",
ciphername);
fflush(stderr);
hin = GetStdHandle(STD_INPUT_HANDLE);
GetConsoleMode(hin, &savemode);
SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT |
ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT));
ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
SetConsoleMode(hin, savemode);
if (line[0] == 'y' || line[0] == 'Y') {
return;
} else {
fprintf(stderr, abandoned);
exit(0);
}
}
HANDLE inhandle, outhandle, errhandle;
DWORD orig_console_mode;

40
psftp.c
View File

@ -847,6 +847,46 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
}
}
/*
* Ask whether the selected cipher is acceptable (since it was
* below the configured 'warn' threshold).
* cs: 0 = both ways, 1 = client->server, 2 = server->client
*/
void askcipher(char *ciphername, int cs)
{
HANDLE hin;
DWORD savemode, i;
static const char msg[] =
"The first %scipher supported by the server is\n"
"%s, which is below the configured warning threshold.\n"
"Continue with connection? (y/n) ";
static const char abandoned[] = "Connection abandoned.\n";
char line[32];
fprintf(stderr, msg,
(cs == 0) ? "" :
(cs == 1) ? "client-to-server " :
"server-to-client ",
ciphername);
fflush(stderr);
hin = GetStdHandle(STD_INPUT_HANDLE);
GetConsoleMode(hin, &savemode);
SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT |
ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT));
ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
SetConsoleMode(hin, savemode);
if (line[0] == 'y' || line[0] == 'Y') {
return;
} else {
fprintf(stderr, abandoned);
exit(0);
}
}
/*
* Print an error message and perform a fatal exit.
*/

17
putty.h
View File

@ -1,6 +1,8 @@
#ifndef PUTTY_PUTTY_H
#define PUTTY_PUTTY_H
#include <stdio.h> /* for FILENAME_MAX */
#include "network.h"
#define PUTTY_REG_POS "Software\\SimonTatham\\PuTTY"
@ -172,6 +174,18 @@ typedef enum {
VT_XWINDOWS, VT_OEMANSI, VT_OEMONLY, VT_POORMAN, VT_UNICODE
} VT_Mode;
enum {
/*
* SSH ciphers (both SSH1 and SSH2)
*/
CIPHER_WARN, /* pseudo 'cipher' */
CIPHER_3DES,
CIPHER_BLOWFISH,
CIPHER_AES, /* (SSH 2 only) */
CIPHER_DES, /* (SSH 1 only) */
CIPHER_MAX /* no. ciphers (inc warn) */
};
enum {
/*
* Line discipline option states: off, on, up to the backend.
@ -238,7 +252,7 @@ typedef struct {
int nopty;
int compression;
int agentfwd;
enum { CIPHER_3DES, CIPHER_BLOWFISH, CIPHER_DES, CIPHER_AES } cipher;
int ssh_cipherlist[CIPHER_MAX];
char keyfile[FILENAME_MAX];
int sshprot; /* use v1 or v2 when both available */
int buggymac; /* MAC bug commmercial <=v2.3.x SSH2 */
@ -410,6 +424,7 @@ void showeventlog(HWND);
void showabout(HWND);
void verify_ssh_host_key(char *host, int port, char *keytype,
char *keystr, char *fingerprint);
void askcipher(char *ciphername, int cs);
int askappend(char *filename);
void registry_cleanup(void);
void force_normal(HWND hwnd);

40
scp.c
View File

@ -172,6 +172,46 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
}
}
/*
* Ask whether the selected cipher is acceptable (since it was
* below the configured 'warn' threshold).
* cs: 0 = both ways, 1 = client->server, 2 = server->client
*/
void askcipher(char *ciphername, int cs)
{
HANDLE hin;
DWORD savemode, i;
static const char msg[] =
"The first %scipher supported by the server is\n"
"%s, which is below the configured warning threshold.\n"
"Continue with connection? (y/n) ";
static const char abandoned[] = "Connection abandoned.\n";
char line[32];
fprintf(stderr, msg,
(cs == 0) ? "" :
(cs == 1) ? "client-to-server " :
"server-to-client ",
ciphername);
fflush(stderr);
hin = GetStdHandle(STD_INPUT_HANDLE);
GetConsoleMode(hin, &savemode);
SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT |
ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT));
ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
SetConsoleMode(hin, savemode);
if (line[0] == 'y' || line[0] == 'Y') {
return;
} else {
fprintf(stderr, abandoned);
exit(0);
}
}
/* GUI Adaptation - Sept 2000 */
static void send_msg(HWND h, UINT message, WPARAM wParam)
{

122
settings.c
View File

@ -8,6 +8,19 @@
#include "putty.h"
#include "storage.h"
/*
* Tables of string <-> enum value mappings
*/
struct keyval { char *s; int v; };
static const struct keyval ciphernames[] = {
{ "WARN", CIPHER_WARN },
{ "3des", CIPHER_3DES },
{ "blowfish", CIPHER_BLOWFISH },
{ "aes", CIPHER_AES },
{ "des", CIPHER_DES }
};
static void gpps(void *handle, char *name, char *def, char *val, int len)
{
if (!read_setting_s(handle, name, val, len)) {
@ -21,6 +34,88 @@ static void gppi(void *handle, char *name, int def, int *i)
*i = read_setting_i(handle, name, def);
}
static int key2val(const struct keyval *mapping, int nmaps, char *key)
{
int i;
for (i = 0; i < nmaps; i++)
if (!strcmp(mapping[i].s, key)) return mapping[i].v;
return -1;
}
static const char *val2key(const struct keyval *mapping, int nmaps, int val)
{
int i;
for (i = 0; i < nmaps; i++)
if (mapping[i].v == val) return mapping[i].s;
return NULL;
}
/*
* Helper function to parse a comma-separated list of strings into
* a preference list array of values. Any missing values are added
* to the end and duplicates are weeded.
* XXX: assumes vals in 'mapping' are small +ve integers
*/
static void gprefs(void *sesskey, char *name, char *def,
const struct keyval *mapping, int nvals,
int *array)
{
char commalist[80];
int n;
unsigned long seen = 0; /* bitmap for weeding dups etc */
gpps(sesskey, name, def, commalist, sizeof(commalist));
/* Grotty parsing of commalist. */
n = 0;
do {
int v;
char *key;
key = strtok(n==0 ? commalist : NULL, ","); /* sorry */
if (!key) break;
if (((v = key2val(mapping, nvals, key)) != -1) &&
!(seen & 1<<v)) {
array[n] = v;
n++;
seen |= 1<<v;
}
} while (n < nvals);
/* Add any missing values (backward compatibility ect). */
{
int i, j;
for (i = 0; i < nvals; i++) {
if (!(seen & 1<<mapping[i].v)) {
array[n] = mapping[i].v;
n++;
}
}
}
}
/*
* Write out a preference list.
*/
static void wprefs(void *sesskey, char *name,
const struct keyval *mapping, int nvals,
int *array)
{
char buf[80] = ""; /* XXX assumed big enough */
int l = sizeof(buf)-1, i;
buf[l] = '\0';
for (i = 0; l > 0 && i < nvals; i++) {
const char *s = val2key(mapping, nvals, array[i]);
if (s) {
int sl = strlen(s);
if (i > 0) {
strncat(buf, ",", l);
l--;
}
strncat(buf, s, l);
l -= sl;
}
}
write_setting_s(sesskey, name, buf);
}
void save_settings(char *section, int do_host, Config * cfg)
{
int i;
@ -76,10 +171,8 @@ void save_settings(char *section, int do_host, Config * cfg)
write_setting_i(sesskey, "NoPTY", cfg->nopty);
write_setting_i(sesskey, "Compression", cfg->compression);
write_setting_i(sesskey, "AgentFwd", cfg->agentfwd);
write_setting_s(sesskey, "Cipher",
cfg->cipher == CIPHER_BLOWFISH ? "blowfish" :
cfg->cipher == CIPHER_DES ? "des" :
cfg->cipher == CIPHER_AES ? "aes" : "3des");
wprefs(sesskey, "SSHCipherList", ciphernames, CIPHER_MAX,
cfg->ssh_cipherlist);
write_setting_i(sesskey, "AuthTIS", cfg->try_tis_auth);
write_setting_i(sesskey, "SshProt", cfg->sshprot);
write_setting_i(sesskey, "BuggyMAC", cfg->buggymac);
@ -250,16 +343,17 @@ void load_settings(char *section, int do_host, Config * cfg)
gppi(sesskey, "Compression", 0, &cfg->compression);
gppi(sesskey, "AgentFwd", 0, &cfg->agentfwd);
{
char cipher[10];
gpps(sesskey, "Cipher", "3des", cipher, 10);
if (!strcmp(cipher, "blowfish"))
cfg->cipher = CIPHER_BLOWFISH;
else if (!strcmp(cipher, "des"))
cfg->cipher = CIPHER_DES;
else if (!strcmp(cipher, "aes"))
cfg->cipher = CIPHER_AES;
else
cfg->cipher = CIPHER_3DES;
/* Backwards compatibility: recreate old cipher policy. */
char defcipherlist[80];
gpps(sesskey, "Cipher", "3des", defcipherlist, 80);
if (strcmp(defcipherlist, "3des") != 0) {
int l = strlen(defcipherlist);
strncpy(defcipherlist + l, ",3des", 80 - l);
defcipherlist[79] = '\0';
}
/* Use it as default if no new-style policy. */
gprefs(sesskey, "SSHCipherList", defcipherlist,
ciphernames, CIPHER_MAX, cfg->ssh_cipherlist);
}
gppi(sesskey, "SshProt", 1, &cfg->sshprot);
gppi(sesskey, "BuggyMAC", 0, &cfg->buggymac);

170
ssh.c
View File

@ -1862,31 +1862,45 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt)
logevent("Encrypted session key");
switch (cfg.cipher) {
case CIPHER_BLOWFISH:
cipher_type = SSH_CIPHER_BLOWFISH;
break;
case CIPHER_DES:
cipher_type = SSH_CIPHER_DES;
break;
case CIPHER_3DES:
cipher_type = SSH_CIPHER_3DES;
break;
case CIPHER_AES:
c_write_str("AES not supported in SSH1, falling back to 3DES\r\n");
cipher_type = SSH_CIPHER_3DES;
break;
}
if ((supported_ciphers_mask & (1 << cipher_type)) == 0) {
c_write_str
("Selected cipher not supported, falling back to 3DES\r\n");
cipher_type = SSH_CIPHER_3DES;
if ((supported_ciphers_mask & (1 << cipher_type)) == 0) {
bombout(("Server violates SSH 1 protocol by "
"not supporting 3DES encryption"));
{
int cipher_chosen = 0, warn = 0;
char *cipher_string = NULL;
for (i = 0; !cipher_chosen && i < CIPHER_MAX; i++) {
int next_cipher = cfg.ssh_cipherlist[i];
if (next_cipher == CIPHER_WARN) {
/* If/when we choose a cipher, warn about it */
warn = 1;
} else if (next_cipher == CIPHER_AES) {
/* XXX Probably don't need to mention this. */
logevent("AES not supported in SSH1, skipping");
} else {
switch (next_cipher) {
case CIPHER_3DES: cipher_type = SSH_CIPHER_3DES;
cipher_string = "3DES"; break;
case CIPHER_BLOWFISH: cipher_type = SSH_CIPHER_BLOWFISH;
cipher_string = "Blowfish"; break;
case CIPHER_DES: cipher_type = SSH_CIPHER_DES;
cipher_string = "single-DES"; break;
}
if (supported_ciphers_mask & (1 << cipher_type))
cipher_chosen = 1;
}
}
if (!cipher_chosen) {
if ((supported_ciphers_mask & (1 << SSH_CIPHER_3DES)) == 0)
bombout(("Server violates SSH 1 protocol by not "
"supporting 3DES encryption"));
else
/* shouldn't happen */
bombout(("No supported ciphers found"));
crReturn(0);
}
/* Warn about chosen cipher if necessary. */
if (warn)
askcipher(cipher_string, 0);
}
switch (cipher_type) {
case SSH_CIPHER_3DES:
logevent("Using 3DES encryption");
@ -2992,7 +3006,7 @@ static void ssh2_mkkey(Bignum K, char *H, char *sessid, char chr,
*/
static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
{
static int i, j, len, nbits, pbits;
static int i, j, len, nbits, pbits, warn;
static char *str;
static Bignum p, g, e, f, K;
static int kex_init_value, kex_reply_value;
@ -3009,7 +3023,8 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
static void *hkey; /* actual host key */
static unsigned char exchange_hash[20];
static unsigned char keyspace[40];
static const struct ssh2_ciphers *preferred_cipher;
static int n_preferred_ciphers;
static const struct ssh2_ciphers *preferred_ciphers[CIPHER_MAX];
static const struct ssh_compress *preferred_comp;
static int first_kex;
@ -3018,21 +3033,40 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
first_kex = 1;
/*
* Set up the preferred cipher and compression.
* Set up the preferred ciphers. (NULL => warn below here)
*/
if (cfg.cipher == CIPHER_BLOWFISH) {
preferred_cipher = &ssh2_blowfish;
} else if (cfg.cipher == CIPHER_DES) {
logevent("Single DES not supported in SSH2; using 3DES");
preferred_cipher = &ssh2_3des;
} else if (cfg.cipher == CIPHER_3DES) {
preferred_cipher = &ssh2_3des;
} else if (cfg.cipher == CIPHER_AES) {
preferred_cipher = &ssh2_aes;
} else {
/* Shouldn't happen, but we do want to initialise to _something_. */
preferred_cipher = &ssh2_3des;
n_preferred_ciphers = 0;
for (i = 0; i < CIPHER_MAX; i++) {
switch (cfg.ssh_cipherlist[i]) {
case CIPHER_BLOWFISH:
preferred_ciphers[n_preferred_ciphers] = &ssh2_blowfish;
n_preferred_ciphers++;
break;
case CIPHER_DES:
/* Not supported in SSH2; silently drop */
break;
case CIPHER_3DES:
preferred_ciphers[n_preferred_ciphers] = &ssh2_3des;
n_preferred_ciphers++;
break;
case CIPHER_AES:
preferred_ciphers[n_preferred_ciphers] = &ssh2_aes;
n_preferred_ciphers++;
break;
case CIPHER_WARN:
/* Flag for later. Don't bother if it's the last in
* the list. */
if (i < CIPHER_MAX - 1) {
preferred_ciphers[n_preferred_ciphers] = NULL;
n_preferred_ciphers++;
}
break;
}
}
/*
* Set up preferred compression.
*/
if (cfg.compression)
preferred_comp = &ssh_zlib;
else
@ -3069,23 +3103,23 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
}
/* List client->server encryption algorithms. */
ssh2_pkt_addstring_start();
for (i = 0; i < lenof(ciphers) + 1; i++) {
const struct ssh2_ciphers *c =
i == 0 ? preferred_cipher : ciphers[i - 1];
for (i = 0; i < n_preferred_ciphers; i++) {
const struct ssh2_ciphers *c = preferred_ciphers[i];
if (!c) continue; /* warning flag */
for (j = 0; j < c->nciphers; j++) {
ssh2_pkt_addstring_str(c->list[j]->name);
if (i < lenof(ciphers) || j < c->nciphers - 1)
if (i < n_preferred_ciphers || j < c->nciphers - 1)
ssh2_pkt_addstring_str(",");
}
}
/* List server->client encryption algorithms. */
ssh2_pkt_addstring_start();
for (i = 0; i < lenof(ciphers) + 1; i++) {
const struct ssh2_ciphers *c =
i == 0 ? preferred_cipher : ciphers[i - 1];
for (i = 0; i < n_preferred_ciphers; i++) {
const struct ssh2_ciphers *c = preferred_ciphers[i];
if (!c) continue; /* warning flag */
for (j = 0; j < c->nciphers; j++) {
ssh2_pkt_addstring_str(c->list[j]->name);
if (i < lenof(ciphers) || j < c->nciphers - 1)
if (i < n_preferred_ciphers || j < c->nciphers - 1)
ssh2_pkt_addstring_str(",");
}
}
@ -3171,30 +3205,44 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
}
}
ssh2_pkt_getstring(&str, &len); /* client->server cipher */
for (i = 0; i < lenof(ciphers) + 1; i++) {
const struct ssh2_ciphers *c =
i == 0 ? preferred_cipher : ciphers[i - 1];
for (j = 0; j < c->nciphers; j++) {
if (in_commasep_string(c->list[j]->name, str, len)) {
cscipher_tobe = c->list[j];
break;
warn = 0;
for (i = 0; i < n_preferred_ciphers; i++) {
const struct ssh2_ciphers *c = preferred_ciphers[i];
if (!c) {
warn = 1;
} else {
for (j = 0; j < c->nciphers; j++) {
if (in_commasep_string(c->list[j]->name, str, len)) {
cscipher_tobe = c->list[j];
break;
}
}
}
if (cscipher_tobe)
if (cscipher_tobe) {
if (warn)
askcipher(cscipher_tobe->name, 1);
break;
}
}
ssh2_pkt_getstring(&str, &len); /* server->client cipher */
for (i = 0; i < lenof(ciphers) + 1; i++) {
const struct ssh2_ciphers *c =
i == 0 ? preferred_cipher : ciphers[i - 1];
for (j = 0; j < c->nciphers; j++) {
if (in_commasep_string(c->list[j]->name, str, len)) {
sccipher_tobe = c->list[j];
break;
warn = 0;
for (i = 0; i < n_preferred_ciphers; i++) {
const struct ssh2_ciphers *c = preferred_ciphers[i];
if (!c) {
warn = 1;
} else {
for (j = 0; j < c->nciphers; j++) {
if (in_commasep_string(c->list[j]->name, str, len)) {
sccipher_tobe = c->list[j];
break;
}
}
}
if (sccipher_tobe)
if (sccipher_tobe) {
if (warn)
askcipher(sccipher_tobe->name, 2);
break;
}
}
ssh2_pkt_getstring(&str, &len); /* client->server mac */
for (i = 0; i < nmacs; i++) {

257
winctrls.c
View File

@ -7,6 +7,9 @@
#include <commctrl.h>
#include "winstuff.h"
#include "puttymem.h"
#include "putty.h"
#define GAPBETWEEN 3
#define GAPWITHIN 1
@ -39,7 +42,7 @@ void ctlposinit(struct ctlpos *cp, HWND hwnd,
cp->width -= leftborder + rightborder;
}
void doctl(struct ctlpos *cp, RECT r,
HWND doctl(struct ctlpos *cp, RECT r,
char *wclass, int wstyle, int exstyle, char *wtext, int wid)
{
HWND ctl;
@ -56,6 +59,7 @@ void doctl(struct ctlpos *cp, RECT r,
r.left, r.top, r.right, r.bottom,
cp->hwnd, (HMENU) wid, hinst, NULL);
SendMessage(ctl, WM_SETFONT, cp->font, MAKELPARAM(TRUE, 0));
return ctl;
}
/*
@ -786,6 +790,257 @@ void colouredit(struct ctlpos *cp, char *stext, int sid, int listid,
cp->ypos += LISTHEIGHT + GAPBETWEEN;
}
/*
* A special control for manipulating an ordered preference list
* (eg. for cipher selection).
* XXX: this is a rough hack and could be improved.
*/
void prefslist(struct prefslist *hdl, struct ctlpos *cp, char *stext,
int sid, int listid, int upbid, int dnbid)
{
const static int percents[] = { 5, 75, 20 };
RECT r;
int xpos, percent = 0, i;
const int DEFLISTHEIGHT = 52; /* XXX configurable? */
const int BTNSHEIGHT = 2*PUSHBTNHEIGHT + GAPBETWEEN;
int totalheight;
/* Squirrel away IDs. */
hdl->listid = listid;
hdl->upbid = upbid;
hdl->dnbid = dnbid;
/* The static label. */
r.left = GAPBETWEEN;
r.top = cp->ypos;
r.right = cp->width;
r.bottom = STATICHEIGHT;
cp->ypos += r.bottom + GAPWITHIN;
doctl(cp, r, "STATIC", WS_CHILD | WS_VISIBLE, 0, stext, sid);
/* XXX it'd be nice to centre the buttons wrt the listbox
* but we'd have to find out how high the latter actually is. */
if (DEFLISTHEIGHT > BTNSHEIGHT) {
totalheight = DEFLISTHEIGHT;
} else {
totalheight = BTNSHEIGHT;
}
for (i=0; i<3; i++) {
int left, wid;
xpos = (cp->width + GAPBETWEEN) * percent / 100;
left = xpos + GAPBETWEEN;
percent += percents[i];
xpos = (cp->width + GAPBETWEEN) * percent / 100;
wid = xpos - left;
switch (i) {
case 1:
/* The drag list box. */
r.left = left; r.right = wid;
r.top = cp->ypos; r.bottom = totalheight;
{
HWND ctl;
ctl = doctl(cp, r, "LISTBOX",
WS_CHILD | WS_VISIBLE | WS_TABSTOP |
WS_VSCROLL | LBS_HASSTRINGS,
WS_EX_CLIENTEDGE,
"", listid);
MakeDragList(ctl);
}
break;
case 2:
/* The "Up" and "Down" buttons. */
/* XXX worry about accelerators if we have more than one
* prefslist on a panel */
r.left = left; r.right = wid;
r.top = cp->ypos; r.bottom = PUSHBTNHEIGHT;
doctl(cp, r, "BUTTON",
WS_CHILD | WS_VISIBLE | WS_TABSTOP | BS_PUSHBUTTON,
0, "&Up", upbid);
r.left = left; r.right = wid;
r.top = cp->ypos + PUSHBTNHEIGHT + GAPBETWEEN;
r.bottom = PUSHBTNHEIGHT;
doctl(cp, r, "BUTTON",
WS_CHILD | WS_VISIBLE | WS_TABSTOP | BS_PUSHBUTTON,
0, "&Down", dnbid);
break;
}
}
cp->ypos += totalheight + GAPBETWEEN;
}
/*
* Helper function for prefslist: move item in list box.
*/
static void pl_moveitem(HWND hwnd, int listid, int src, int dst)
{
int tlen, val;
char *txt;
/* Get the item's data. */
tlen = SendDlgItemMessage (hwnd, listid, LB_GETTEXTLEN, src, 0);
txt = smalloc(tlen+1);
SendDlgItemMessage (hwnd, listid, LB_GETTEXT, src, (LPARAM) txt);
val = SendDlgItemMessage (hwnd, listid, LB_GETITEMDATA, src, 0);
/* Deselect old location. */
SendDlgItemMessage (hwnd, listid, LB_SETSEL, FALSE, src);
/* Delete it at the old location. */
SendDlgItemMessage (hwnd, listid, LB_DELETESTRING, src, 0);
/* Insert it at new location. */
SendDlgItemMessage (hwnd, listid, LB_INSERTSTRING, dst,
(LPARAM) txt);
SendDlgItemMessage (hwnd, listid, LB_SETITEMDATA, dst,
(LPARAM) val);
/* Set selection. */
SendDlgItemMessage (hwnd, listid, LB_SETCURSEL, dst, 0);
sfree (txt);
}
int pl_itemfrompt(HWND hwnd, POINT cursor, BOOL scroll)
{
int ret;
POINT uppoint, downpoint;
int updist, downdist, upitem, downitem, i;
/*
* Ghastly hackery to try to figure out not which
* _item_, but which _gap between items_, the user
* is pointing at. We do this by first working out
* which list item is under the cursor, and then
* working out how far the cursor would have to
* move up or down before the answer was different.
* Then we put the insertion point _above_ the
* current item if the upper edge is closer than
* the lower edge, or _below_ it if vice versa.
*/
ret = LBItemFromPt(hwnd, cursor, scroll);
debug(("pl_itemfrompt: initial is %d\n", ret));
if (ret == -1)
return ret;
ret = LBItemFromPt(hwnd, cursor, FALSE);
debug(("pl_itemfrompt: secondary is %d\n", ret));
updist = downdist = 0;
for (i = 1; i < 4096 && (!updist || !downdist); i++) {
uppoint = downpoint = cursor;
uppoint.y -= i;
downpoint.y += i;
upitem = LBItemFromPt(hwnd, uppoint, FALSE);
downitem = LBItemFromPt(hwnd, downpoint, FALSE);
if (!updist && upitem != ret)
updist = i;
if (!downdist && downitem != ret)
downdist = i;
}
if (downdist < updist)
ret++;
return ret;
}
/*
* Handler for prefslist above.
*/
int handle_prefslist(struct prefslist *hdl,
int *array, int maxmemb,
int is_dlmsg, HWND hwnd,
WPARAM wParam, LPARAM lParam)
{
int i;
int ret;
if (is_dlmsg) {
if (wParam == hdl->listid) {
DRAGLISTINFO *dlm = (DRAGLISTINFO *)lParam;
int dest;
switch (dlm->uNotification) {
case DL_BEGINDRAG:
hdl->dummyitem =
SendDlgItemMessage(hwnd, hdl->listid,
LB_ADDSTRING, 0, (LPARAM) "");
hdl->srcitem = LBItemFromPt(dlm->hWnd, dlm->ptCursor, TRUE);
hdl->dragging = 0;
/* XXX hack Q183115 */
SetWindowLong(hwnd, DWL_MSGRESULT, TRUE);
ret = 1; break;
case DL_CANCELDRAG:
DrawInsert(hwnd, dlm->hWnd, -1); /* Clear arrow */
SendDlgItemMessage(hwnd, hdl->listid,
LB_DELETESTRING, hdl->dummyitem, 0);
hdl->dragging = 0;
ret = 1; break;
case DL_DRAGGING:
hdl->dragging = 1;
dest = pl_itemfrompt(dlm->hWnd, dlm->ptCursor, TRUE);
if (dest > hdl->dummyitem) dest = hdl->dummyitem;
DrawInsert (hwnd, dlm->hWnd, dest);
if (dest >= 0)
SetWindowLong(hwnd, DWL_MSGRESULT, DL_MOVECURSOR);
else
SetWindowLong(hwnd, DWL_MSGRESULT, DL_STOPCURSOR);
ret = 1; break;
case DL_DROPPED:
ret = 1;
if (!hdl->dragging) break;
dest = pl_itemfrompt(dlm->hWnd, dlm->ptCursor, TRUE);
if (dest > hdl->dummyitem) dest = hdl->dummyitem;
DrawInsert (hwnd, dlm->hWnd, -1);
SendDlgItemMessage(hwnd, hdl->listid,
LB_DELETESTRING, hdl->dummyitem, 0);
hdl->dragging = 0;
if (dest >= 0) {
/* Correct for "missing" item. This means you can't drag
* an item to the end, but that seems to be the way this
* control is used. */
if (dest > hdl->srcitem) dest--;
pl_moveitem(hwnd, hdl->listid, hdl->srcitem, dest);
}
ret = 1; break;
}
}
} else {
ret = 0;
if (((LOWORD(wParam) == hdl->upbid) ||
(LOWORD(wParam) == hdl->dnbid)) &&
((HIWORD(wParam) == BN_CLICKED) ||
(HIWORD(wParam) == BN_DOUBLECLICKED))) {
/* Move an item up or down the list. */
/* Get the current selection, if any. */
int selection = SendDlgItemMessage (hwnd, hdl->listid, LB_GETCURSEL, 0, 0);
if (selection == LB_ERR) {
MessageBeep(0);
} else {
int nitems;
/* Get the total number of items. */
nitems = SendDlgItemMessage (hwnd, hdl->listid, LB_GETCOUNT, 0, 0);
/* Should we do anything? */
if (LOWORD(wParam) == hdl->upbid && (selection > 0))
pl_moveitem(hwnd, hdl->listid, selection, selection - 1);
else if (LOWORD(wParam) == hdl->dnbid && (selection < nitems - 1))
pl_moveitem(hwnd, hdl->listid, selection, selection + 1);
}
}
}
/* Update array to match the list box. */
for (i=0; i < maxmemb; i++)
array[i] = SendDlgItemMessage (hwnd, hdl->listid, LB_GETITEMDATA,
i, 0);
return ret;
}
/*
* A progress bar (from Common Controls). We like our progress bars
* to be smooth and unbroken, without those ugly divisions; some

189
windlg.c
View File

@ -18,6 +18,8 @@ static int nevents = 0, negsize = 0;
static int readytogo;
static int sesslist_has_focus;
static struct prefslist cipherlist;
void force_normal(HWND hwnd)
{
static int recurse = 0;
@ -435,25 +437,31 @@ enum { IDCX_ABOUT =
IDC_BOX_SSH2,
IDC_BOX_SSH3,
IDC_NOPTY,
IDC_CIPHERSTATIC,
IDC_CIPHER3DES,
IDC_CIPHERBLOWF,
IDC_CIPHERDES,
IDC_CIPHERAES,
IDC_BOX_SSHCIPHER,
IDC_CIPHERSTATIC2,
IDC_CIPHERLIST,
IDC_CIPHERUP,
IDC_CIPHERDN,
IDC_BUGGYMAC,
IDC_AUTHTIS,
IDC_PKSTATIC,
IDC_PKEDIT,
IDC_PKBUTTON,
IDC_SSHPROTSTATIC,
IDC_SSHPROT1,
IDC_SSHPROT2,
IDC_AGENTFWD,
IDC_CMDSTATIC,
IDC_CMDEDIT,
IDC_COMPRESS,
sshpanelend,
sshauthpanelstart,
IDC_TITLE_SSHAUTH,
IDC_BOX_SSHAUTH1,
IDC_BOX_SSHAUTH2,
IDC_PKSTATIC,
IDC_PKEDIT,
IDC_PKBUTTON,
IDC_AGENTFWD,
IDC_AUTHTIS,
sshauthpanelend,
selectionpanelstart,
IDC_TITLE_SELECTION,
IDC_BOX_SELECTION1,
@ -701,17 +709,48 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess)
CheckDlgButton(hwnd, IDC_COMPRESS, cfg.compression);
CheckDlgButton(hwnd, IDC_BUGGYMAC, cfg.buggymac);
CheckDlgButton(hwnd, IDC_AGENTFWD, cfg.agentfwd);
CheckRadioButton(hwnd, IDC_CIPHER3DES, IDC_CIPHERAES,
cfg.cipher == CIPHER_BLOWFISH ? IDC_CIPHERBLOWF :
cfg.cipher == CIPHER_DES ? IDC_CIPHERDES :
cfg.cipher == CIPHER_AES ? IDC_CIPHERAES :
IDC_CIPHER3DES);
CheckRadioButton(hwnd, IDC_SSHPROT1, IDC_SSHPROT2,
cfg.sshprot == 1 ? IDC_SSHPROT1 : IDC_SSHPROT2);
CheckDlgButton(hwnd, IDC_AUTHTIS, cfg.try_tis_auth);
SetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile);
SetDlgItemText(hwnd, IDC_CMDEDIT, cfg.remote_cmd);
{
int i;
static const struct { char *s; int c; } ciphers[] = {
{ "3DES", CIPHER_3DES },
{ "Blowfish", CIPHER_BLOWFISH },
{ "DES (SSH 1 only)", CIPHER_DES },
{ "AES (SSH 2 only)", CIPHER_AES },
{ "-- warn below here --", CIPHER_WARN }
};
/* Set up the "selected ciphers" box. */
/* (cipherlist assumed to contain all ciphers) */
SendDlgItemMessage(hwnd, IDC_CIPHERLIST, LB_RESETCONTENT, 0, 0);
for (i = 0; i < CIPHER_MAX; i++) {
int c = cfg.ssh_cipherlist[i];
int j, pos;
char *cstr = NULL;
for (j = 0; j < (sizeof ciphers) / (sizeof ciphers[0]); j++) {
if (ciphers[j].c == c) {
cstr = ciphers[j].s;
break;
}
}
pos = SendDlgItemMessage(hwnd, IDC_CIPHERLIST, LB_ADDSTRING,
0, (LPARAM) cstr);
SendDlgItemMessage(hwnd, IDC_CIPHERLIST, LB_SETITEMDATA,
pos, (LPARAM) c);
}
SendDlgItemMessage(hwnd, IDC_CIPHERLIST, LB_ADDSTRING,
0, (LPARAM) "FIXME1");
SendDlgItemMessage(hwnd, IDC_CIPHERLIST, LB_ADDSTRING,
0, (LPARAM) "FIXME2");
}
CheckRadioButton(hwnd, IDC_MBWINDOWS, IDC_MBXTERM,
cfg.mouse_is_xterm ? IDC_MBXTERM : IDC_MBWINDOWS);
CheckDlgButton(hwnd, IDC_RAWCNP, cfg.rawcnp);
@ -1197,7 +1236,7 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
}
if (panel == sshpanelstart) {
/* The SSH panel. Accelerators used: [acgo] rmfkw pe123bds i */
/* The SSH panel. Accelerators used: [acgo] r pe12i sud */
struct ctlpos cp;
ctlposinit(&cp, hwnd, 80, 3, 13);
if (dlgtype == 0) {
@ -1208,27 +1247,42 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
"&Remote command:", IDC_CMDSTATIC, IDC_CMDEDIT, 100,
NULL);
endbox(&cp);
beginbox(&cp, "Authentication options", IDC_BOX_SSH2);
checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication",
IDC_AUTHTIS);
checkbox(&cp, "Allow agent &forwarding", IDC_AGENTFWD);
editbutton(&cp, "Private &key file for authentication:",
IDC_PKSTATIC, IDC_PKEDIT, "Bro&wse...",
IDC_PKBUTTON);
endbox(&cp);
beginbox(&cp, "Protocol options", IDC_BOX_SSH3);
beginbox(&cp, "Protocol options", IDC_BOX_SSH2);
checkbox(&cp, "Don't allocate a &pseudo-terminal", IDC_NOPTY);
checkbox(&cp, "Enable compr&ession", IDC_COMPRESS);
radioline(&cp, "Preferred SSH protocol version:",
IDC_SSHPROTSTATIC, 2,
"&1", IDC_SSHPROT1, "&2", IDC_SSHPROT2, NULL);
radioline(&cp, "Preferred encryption algorithm:",
IDC_CIPHERSTATIC, 4, "&3DES", IDC_CIPHER3DES,
"&Blowfish", IDC_CIPHERBLOWF, "&DES", IDC_CIPHERDES,
"AE&S", IDC_CIPHERAES, NULL);
checkbox(&cp, "&Imitate SSH 2 MAC bug in commercial <= v2.3.x",
IDC_BUGGYMAC);
endbox(&cp);
beginbox(&cp, "Encryption options", IDC_BOX_SSH3);
prefslist(&cipherlist, &cp, "Encryption cipher &selection policy:",
IDC_CIPHERSTATIC2, IDC_CIPHERLIST, IDC_CIPHERUP,
IDC_CIPHERDN);
endbox(&cp);
}
}
if (panel == sshauthpanelstart) {
/* The SSH authentication panel. Accelerators used: [acgo] m fkw */
struct ctlpos cp;
ctlposinit(&cp, hwnd, 80, 3, 13);
if (dlgtype == 0) {
bartitle(&cp, "Options controlling SSH authentication",
IDC_TITLE_SSHAUTH);
beginbox(&cp, "Authentication methods",
IDC_BOX_SSHAUTH1);
checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication",
IDC_AUTHTIS);
endbox(&cp);
beginbox(&cp, "Authentication parameters",
IDC_BOX_SSHAUTH2);
checkbox(&cp, "Allow agent &forwarding", IDC_AGENTFWD);
editbutton(&cp, "Private &key file for authentication:",
IDC_PKSTATIC, IDC_PKEDIT, "Bro&wse...",
IDC_PKBUTTON);
endbox(&cp);
}
}
@ -1305,6 +1359,7 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
char portname[32];
struct servent *service;
int i;
static UINT draglistmsg = WM_NULL;
switch (msg) {
case WM_INITDIALOG:
@ -1387,6 +1442,9 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
treeview_insert(&tvfaff, 1, "Rlogin");
if (backends[3].backend != NULL) {
treeview_insert(&tvfaff, 1, "SSH");
/* XXX long name is ugly */
/* XXX make it closed by default? */
treeview_insert(&tvfaff, 2, "Auth");
treeview_insert(&tvfaff, 2, "Tunnels");
}
}
@ -1462,6 +1520,8 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
create_controls(hwnd, dlgtype, rloginpanelstart);
if (!strcmp(buffer, "SSH"))
create_controls(hwnd, dlgtype, sshpanelstart);
if (!strcmp(buffer, "Auth"))
create_controls(hwnd, dlgtype, sshauthpanelstart);
if (!strcmp(buffer, "Selection"))
create_controls(hwnd, dlgtype, selectionpanelstart);
if (!strcmp(buffer, "Colours"))
@ -2223,21 +2283,12 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
cfg.agentfwd =
IsDlgButtonChecked(hwnd, IDC_AGENTFWD);
break;
case IDC_CIPHER3DES:
case IDC_CIPHERBLOWF:
case IDC_CIPHERDES:
case IDC_CIPHERAES:
if (HIWORD(wParam) == BN_CLICKED ||
HIWORD(wParam) == BN_DOUBLECLICKED) {
if (IsDlgButtonChecked(hwnd, IDC_CIPHER3DES))
cfg.cipher = CIPHER_3DES;
else if (IsDlgButtonChecked(hwnd, IDC_CIPHERBLOWF))
cfg.cipher = CIPHER_BLOWFISH;
else if (IsDlgButtonChecked(hwnd, IDC_CIPHERDES))
cfg.cipher = CIPHER_DES;
else if (IsDlgButtonChecked(hwnd, IDC_CIPHERAES))
cfg.cipher = CIPHER_AES;
}
case IDC_CIPHERLIST:
case IDC_CIPHERUP:
case IDC_CIPHERDN:
handle_prefslist(&cipherlist,
cfg.ssh_cipherlist, CIPHER_MAX,
0, hwnd, wParam, lParam);
break;
case IDC_SSHPROT1:
case IDC_SSHPROT2:
@ -2540,6 +2591,26 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
if (wParam == SIZE_MAXIMIZED)
force_normal(hwnd);
return 0;
default:
/*
* Handle application-defined messages eg. DragListBox
*/
/* First find out what the number is (once). */
if (draglistmsg == WM_NULL)
draglistmsg = RegisterWindowMessage (DRAGLISTMSGSTRING);
if (msg == draglistmsg) {
/* Only process once dialog is fully formed. */
if (GetWindowLong(hwnd, GWL_USERDATA) == 1) switch (LOWORD(wParam)) {
case IDC_CIPHERLIST:
return handle_prefslist(&cipherlist,
cfg.ssh_cipherlist, CIPHER_MAX,
1, hwnd, wParam, lParam);
}
}
return 0;
}
return 0;
}
@ -2721,6 +2792,36 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
}
}
/*
* Ask whether the selected cipher is acceptable (since it was
* below the configured 'warn' threshold).
* cs: 0 = both ways, 1 = client->server, 2 = server->client
*/
void askcipher(char *ciphername, int cs)
{
static const char mbtitle[] = "PuTTY Security Alert";
static const char msg[] =
"The first %.35scipher supported by the server\n"
"is %.64s, which is below the configured\n"
"warning threshold.\n"
"Do you want to continue with this connection?\n";
/* guessed cipher name + type max length */
char message[100 + sizeof(msg)];
int mbret;
sprintf(message, msg,
(cs == 0) ? "" :
(cs == 1) ? "client-to-server " :
"server-to-client ",
ciphername);
mbret = MessageBox(NULL, message, mbtitle,
MB_ICONWARNING | MB_YESNO);
if (mbret == IDYES)
return;
else
exit(0);
}
/*
* Ask whether to wipe a session log file before writing to it.
* Returns 2 for wipe, 1 for append, 0 for cancel (don't log).

19
winstuff.h
View File

@ -29,9 +29,20 @@ struct ctlpos {
char *boxtext;
};
/*
* Private structure for prefslist state. Only in the header file
* so that we can delegate allocation to callers.
*/
struct prefslist {
int listid, upbid, dnbid;
int srcitem;
int dummyitem;
int dragging;
};
void ctlposinit(struct ctlpos *cp, HWND hwnd,
int leftborder, int rightborder, int topborder);
void doctl(struct ctlpos *cp, RECT r,
HWND doctl(struct ctlpos *cp, RECT r,
char *wclass, int wstyle, int exstyle, char *wtext, int wid);
void bartitle(struct ctlpos *cp, char *name, int id);
void beginbox(struct ctlpos *cp, char *name, int idbox);
@ -64,6 +75,12 @@ void charclass(struct ctlpos *cp, char *stext, int sid, int listid,
char *btext, int bid, int eid, char *s2text, int s2id);
void colouredit(struct ctlpos *cp, char *stext, int sid, int listid,
char *btext, int bid, ...);
void prefslist(struct prefslist *hdl, struct ctlpos *cp, char *stext,
int sid, int listid, int upbid, int dnbid);
int handle_prefslist(struct prefslist *hdl,
int *array, int maxmemb,
int is_dlmsg, HWND hwnd,
WPARAM wParam, LPARAM lParam);
void progressbar(struct ctlpos *cp, int id);
void fwdsetter(struct ctlpos *cp, int listid, char *stext, int sid,
char *e1stext, int e1sid, int e1id,