mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-05-28 15:24:49 -05:00
The host-key-unknown prompt now offers the same three options as the
host-key-changed prompt: update-cache-and-connect, connect-without- updating-cache, and abandon-connection. (Previously the middle one was missing.) [originally from svn r1122]
This commit is contained in:
Simon Tatham
parent
fb473cc16c
commit
52a688abd1
17
plink.c
17
plink.c
@ -59,8 +59,11 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
"%s\n"
|
||||
"If you trust this host, enter \"y\" to add the key to\n"
|
||||
"PuTTY's cache and carry on connecting.\n"
|
||||
"If you do not trust this host, enter \"n\" to abandon the\n"
|
||||
"connection.\n" "Continue connecting? (y/n) ";
|
||||
"If you want to carry on connecting just once, without\n"
|
||||
"adding the key to the cache, enter \"n\".\n"
|
||||
"If you do not trust this host, press Return to abandon the\n"
|
||||
"connection.\n"
|
||||
"Store key in cache? (y/n) ";
|
||||
|
||||
static const char wrongmsg[] =
|
||||
"WARNING - POTENTIAL SECURITY BREACH!\n"
|
||||
@ -108,7 +111,6 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
|
||||
SetConsoleMode(hin, savemode);
|
||||
|
||||
if (ret == 2) { /* key was different */
|
||||
if (line[0] != '\0' && line[0] != '\r' && line[0] != '\n') {
|
||||
if (line[0] == 'y' || line[0] == 'Y')
|
||||
store_host_key(host, port, keytype, keystr);
|
||||
@ -117,15 +119,6 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
if (ret == 1) { /* key was absent */
|
||||
if (line[0] == 'y' || line[0] == 'Y')
|
||||
store_host_key(host, port, keytype, keystr);
|
||||
else {
|
||||
fprintf(stderr, abandoned);
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
HANDLE inhandle, outhandle, errhandle;
|
||||
DWORD orig_console_mode;
|
||||
|
||||
42
psftp.c
42
psftp.c
@ -644,6 +644,8 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
char *keystr, char *fingerprint)
|
||||
{
|
||||
int ret;
|
||||
HANDLE hin;
|
||||
DWORD savemode, i;
|
||||
|
||||
static const char absentmsg[] =
|
||||
"The server's host key is not cached in the registry. You\n"
|
||||
@ -653,8 +655,11 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
"%s\n"
|
||||
"If you trust this host, enter \"y\" to add the key to\n"
|
||||
"PuTTY's cache and carry on connecting.\n"
|
||||
"If you do not trust this host, enter \"n\" to abandon the\n"
|
||||
"connection.\n" "Continue connecting? (y/n) ";
|
||||
"If you want to carry on connecting just once, without\n"
|
||||
"adding the key to the cache, enter \"n\".\n"
|
||||
"If you do not trust this host, press Return to abandon the\n"
|
||||
"connection.\n"
|
||||
"Store key in cache? (y/n) ";
|
||||
|
||||
static const char wrongmsg[] =
|
||||
"WARNING - POTENTIAL SECURITY BREACH!\n"
|
||||
@ -666,9 +671,9 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
"The new key fingerprint is:\n"
|
||||
"%s\n"
|
||||
"If you were expecting this change and trust the new key,\n"
|
||||
"enter Yes to update PuTTY's cache and continue connecting.\n"
|
||||
"enter \"y\" to update PuTTY's cache and continue connecting.\n"
|
||||
"If you want to carry on connecting but without updating\n"
|
||||
"the cache, enter No.\n"
|
||||
"the cache, enter \"n\".\n"
|
||||
"If you want to abandon the connection completely, press\n"
|
||||
"Return to cancel. Pressing Return is the ONLY guaranteed\n"
|
||||
"safe choice.\n"
|
||||
@ -685,10 +690,24 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
|
||||
if (ret == 0) /* success - key matched OK */
|
||||
return;
|
||||
|
||||
if (ret == 2) { /* key was different */
|
||||
fprintf(stderr, wrongmsg, fingerprint);
|
||||
if (fgets(line, sizeof(line), stdin) &&
|
||||
line[0] != '\0' && line[0] != '\n') {
|
||||
fflush(stderr);
|
||||
}
|
||||
if (ret == 1) { /* key was absent */
|
||||
fprintf(stderr, absentmsg, fingerprint);
|
||||
fflush(stderr);
|
||||
}
|
||||
|
||||
hin = GetStdHandle(STD_INPUT_HANDLE);
|
||||
GetConsoleMode(hin, &savemode);
|
||||
SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT |
|
||||
ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT));
|
||||
ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
|
||||
SetConsoleMode(hin, savemode);
|
||||
|
||||
if (line[0] != '\0' && line[0] != '\r' && line[0] != '\n') {
|
||||
if (line[0] == 'y' || line[0] == 'Y')
|
||||
store_host_key(host, port, keytype, keystr);
|
||||
} else {
|
||||
@ -696,17 +715,6 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
if (ret == 1) { /* key was absent */
|
||||
fprintf(stderr, absentmsg, fingerprint);
|
||||
if (fgets(line, sizeof(line), stdin) &&
|
||||
(line[0] == 'y' || line[0] == 'Y'))
|
||||
store_host_key(host, port, keytype, keystr);
|
||||
else {
|
||||
fprintf(stderr, abandoned);
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Print an error message and perform a fatal exit.
|
||||
|
||||
42
scp.c
42
scp.c
@ -93,6 +93,8 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
char *keystr, char *fingerprint)
|
||||
{
|
||||
int ret;
|
||||
HANDLE hin;
|
||||
DWORD savemode, i;
|
||||
|
||||
static const char absentmsg[] =
|
||||
"The server's host key is not cached in the registry. You\n"
|
||||
@ -102,8 +104,11 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
"%s\n"
|
||||
"If you trust this host, enter \"y\" to add the key to\n"
|
||||
"PuTTY's cache and carry on connecting.\n"
|
||||
"If you do not trust this host, enter \"n\" to abandon the\n"
|
||||
"connection.\n" "Continue connecting? (y/n) ";
|
||||
"If you want to carry on connecting just once, without\n"
|
||||
"adding the key to the cache, enter \"n\".\n"
|
||||
"If you do not trust this host, press Return to abandon the\n"
|
||||
"connection.\n"
|
||||
"Store key in cache? (y/n) ";
|
||||
|
||||
static const char wrongmsg[] =
|
||||
"WARNING - POTENTIAL SECURITY BREACH!\n"
|
||||
@ -115,9 +120,9 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
"The new key fingerprint is:\n"
|
||||
"%s\n"
|
||||
"If you were expecting this change and trust the new key,\n"
|
||||
"enter Yes to update PuTTY's cache and continue connecting.\n"
|
||||
"enter \"y\" to update PuTTY's cache and continue connecting.\n"
|
||||
"If you want to carry on connecting but without updating\n"
|
||||
"the cache, enter No.\n"
|
||||
"the cache, enter \"n\".\n"
|
||||
"If you want to abandon the connection completely, press\n"
|
||||
"Return to cancel. Pressing Return is the ONLY guaranteed\n"
|
||||
"safe choice.\n"
|
||||
@ -134,30 +139,31 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
|
||||
if (ret == 0) /* success - key matched OK */
|
||||
return;
|
||||
|
||||
if (ret == 2) { /* key was different */
|
||||
fprintf(stderr, wrongmsg, fingerprint);
|
||||
fflush(stderr);
|
||||
if (fgets(line, sizeof(line), stdin) &&
|
||||
line[0] != '\0' && line[0] != '\n') {
|
||||
}
|
||||
if (ret == 1) { /* key was absent */
|
||||
fprintf(stderr, absentmsg, fingerprint);
|
||||
fflush(stderr);
|
||||
}
|
||||
|
||||
hin = GetStdHandle(STD_INPUT_HANDLE);
|
||||
GetConsoleMode(hin, &savemode);
|
||||
SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT |
|
||||
ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT));
|
||||
ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
|
||||
SetConsoleMode(hin, savemode);
|
||||
|
||||
if (line[0] != '\0' && line[0] != '\r' && line[0] != '\n') {
|
||||
if (line[0] == 'y' || line[0] == 'Y')
|
||||
store_host_key(host, port, keytype, keystr);
|
||||
} else {
|
||||
fprintf(stderr, abandoned);
|
||||
fflush(stderr);
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
if (ret == 1) { /* key was absent */
|
||||
fprintf(stderr, absentmsg, fingerprint);
|
||||
if (fgets(line, sizeof(line), stdin) &&
|
||||
(line[0] == 'y' || line[0] == 'Y'))
|
||||
store_host_key(host, port, keytype, keystr);
|
||||
else {
|
||||
fprintf(stderr, abandoned);
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* GUI Adaptation - Sept 2000 */
|
||||
static void send_msg(HWND h, UINT message, WPARAM wParam)
|
||||
|
||||
12
windlg.c
12
windlg.c
@ -2512,7 +2512,9 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
"%s\n"
|
||||
"If you trust this host, hit Yes to add the key to\n"
|
||||
"PuTTY's cache and carry on connecting.\n"
|
||||
"If you do not trust this host, hit No to abandon the\n"
|
||||
"If you want to carry on connecting just once, without\n"
|
||||
"adding the key to the cache, hit No.\n"
|
||||
"If you do not trust this host, hit Cancel to abandon the\n"
|
||||
"connection.\n";
|
||||
|
||||
static const char wrongmsg[] =
|
||||
@ -2534,7 +2536,6 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
|
||||
static const char mbtitle[] = "PuTTY Security Alert";
|
||||
|
||||
|
||||
char message[160 +
|
||||
/* sensible fingerprint max size */
|
||||
(sizeof(absentmsg) > sizeof(wrongmsg) ?
|
||||
@ -2561,10 +2562,11 @@ void verify_ssh_host_key(char *host, int port, char *keytype,
|
||||
int mbret;
|
||||
sprintf(message, absentmsg, fingerprint);
|
||||
mbret = MessageBox(NULL, message, mbtitle,
|
||||
MB_ICONWARNING | MB_YESNO);
|
||||
if (mbret == IDNO)
|
||||
exit(0);
|
||||
MB_ICONWARNING | MB_YESNOCANCEL);
|
||||
if (mbret == IDYES)
|
||||
store_host_key(host, port, keytype, keystr);
|
||||
if (mbret == IDCANCEL)
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user