Revamp SSH authentication code so that user interaction is more

abstracted out; replace loops structured around a single interaction per loop with less tortuous code (fixes: `ki-multiprompt-crash', `ssh1-bad-passphrase-crash'; makes `ssh2-password-expiry' and `proxy-password-prompt' easier). The new interaction abstraction has a lot of fields that are unused in the current code (things like window captions); this is groundwork for `gui-auth'. However, ssh.c still writes directly to stderr; that may want to be fixed. In the GUI apps, user interaction is moved to terminal.c. This should make it easier to fix things like UTF-8 username entry, although I haven't attempted to do so. Also, control character filtering can be tailored to be appropriate for individual front-ends; so far I don't promise anything other than not having made it any worse. I've tried to test this fairly exhaustively (although Mac stuff is untested, as usual). It all seems to basically work, but I bet there are new bugs. (One I know about is that you can no longer make the PuTTY window go away with a ^D at the password prompt; this should be fixed.) [originally from svn r6437] [this svn revision also touched putty-wishlist]
2025-07-02 03:52:49 -05:00 · 2005-10-30 20:24:09 +00:00
parent d6c13bd154
commit 8719f92c14
18 changed files with 1354 additions and 828 deletions
--- a/cmdline.c
+++ b/cmdline.c
@ -63,23 +63,40 @@ void cmdline_cleanup(void)
    if (need_save) { cmdline_save_param(p, value, pri); return ret; } \
 } while (0)

-char *cmdline_password = NULL;
+static char *cmdline_password = NULL;
+
+/*
+ * Similar interface to get_userpass_input(), except that here a -1
+ * return means that we aren't capable of processing the prompt and
+ * someone else should do it.
+ */
+int cmdline_get_passwd_input(prompts_t *p, unsigned char *in, int inlen) {

-static int cmdline_get_line(const char *prompt, char *str,
-                            int maxlen, int is_pw)
-{
    static int tried_once = 0;

-    assert(is_pw && cmdline_password);
-
-    if (tried_once) {
-	return 0;
-    } else {
-	strncpy(str, cmdline_password, maxlen);
-	str[maxlen - 1] = '\0';
-	tried_once = 1;
-	return 1;
+    /*
+     * We only handle prompts which don't echo (which we assume to be
+     * passwords), and (currently) we only cope with a password prompt
+     * that comes in a prompt-set on its own.
+     */
+    if (!cmdline_password || in || p->n_prompts != 1 || p->prompts[0]->echo) {
+	return -1;
    }
+
+    /*
+     * If we've tried once, return utter failure (no more passwords left
+     * to try).
+     */
+    if (tried_once)
+	return 0;
+
+    strncpy(p->prompts[0]->result, cmdline_password,
+	    p->prompts[0]->result_len);
+    p->prompts[0]->result[p->prompts[0]->result_len-1] = '\0';
+    memset(cmdline_password, 0, strlen(cmdline_password));
+    tried_once = 1;
+    return 1;
+
 }

 /*
@ -272,8 +289,6 @@ int cmdline_process_param(char *p, char *value, int need_save, Config *cfg)
 	RETURN(2);
 	UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
 	cmdline_password = value;
-	ssh_get_line = cmdline_get_line;
-	ssh_getline_pw_only = TRUE;
    }

    if (!strcmp(p, "-A")) {