1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 09:12:24 +00:00

Revamp SSH authentication code so that user interaction is more

abstracted out; replace loops structured around a single interaction
per loop with less tortuous code (fixes: `ki-multiprompt-crash',
`ssh1-bad-passphrase-crash'; makes `ssh2-password-expiry' and
`proxy-password-prompt' easier).

The new interaction abstraction has a lot of fields that are unused in
the current code (things like window captions); this is groundwork for
`gui-auth'. However, ssh.c still writes directly to stderr; that may
want to be fixed.

In the GUI apps, user interaction is moved to terminal.c. This should
make it easier to fix things like UTF-8 username entry, although I
haven't attempted to do so. Also, control character filtering can be
tailored to be appropriate for individual front-ends; so far I don't
promise anything other than not having made it any worse.

I've tried to test this fairly exhaustively (although Mac stuff is
untested, as usual). It all seems to basically work, but I bet there
are new bugs. (One I know about is that you can no longer make the
PuTTY window go away with a ^D at the password prompt; this should be
fixed.)

[originally from svn r6437]
[this svn revision also touched putty-wishlist]
This commit is contained in:
Jacob Nevins 2005-10-30 20:24:09 +00:00
parent d6c13bd154
commit 8719f92c14
18 changed files with 1354 additions and 828 deletions

View File

@ -25,9 +25,10 @@
* order to avoid depleting the test system's /dev/random * order to avoid depleting the test system's /dev/random
* unnecessarily. * unnecessarily.
* *
* - Calls to console_get_line() are replaced with the diagnostic * - Calls to console_get_userpass_input() are replaced with the
* function below, so that I can run tests in an automated * diagnostic function below, so that I can run tests in an
* manner and provide their interactive passphrase inputs. * automated manner and provide their interactive passphrase
* inputs.
* *
* - main() is renamed to cmdgen_main(); at the bottom of the file * - main() is renamed to cmdgen_main(); at the bottom of the file
* I define another main() which calls the former repeatedly to * I define another main() which calls the former repeatedly to
@ -40,19 +41,23 @@ char *get_random_data(int len)
memset(buf, 'x', len); memset(buf, 'x', len);
return buf; return buf;
} }
#define console_get_line console_get_line_diagnostic #define console_get_userpass_input console_get_userpass_input_diagnostic
int nprompts, promptsgot; int nprompts, promptsgot;
const char *prompts[3]; const char *prompts[3];
int console_get_line(const char *prompt, char *str, int maxlen, int is_pw) int console_get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{ {
if (promptsgot < nprompts) { size_t i;
assert(strlen(prompts[promptsgot]) < maxlen); int ret = 1;
strcpy(str, prompts[promptsgot++]); for (i = 0; i < p->n_prompts; i++) {
return TRUE; if (promptsgot < nprompts) {
} else { assert(strlen(prompts[promptsgot]) < p->prompts[i]->result_len);
promptsgot++; /* track number of requests anyway */ strcpy(p->prompts[i]->result, prompts[promptsgot++]);
return FALSE; } else {
promptsgot++; /* track number of requests anyway */
ret = 0;
}
} }
return ret;
} }
#define main cmdgen_main #define main cmdgen_main
#endif #endif
@ -670,11 +675,20 @@ int main(int argc, char **argv)
* If so, ask for a passphrase. * If so, ask for a passphrase.
*/ */
if (encrypted && load_encrypted) { if (encrypted && load_encrypted) {
passphrase = snewn(512, char); prompts_t *p = new_prompts(NULL);
if (!console_get_line("Enter passphrase to load key: ", int ret;
passphrase, 512, TRUE)) { p->to_server = FALSE;
p->name = dupstr("SSH key passphrase");
add_prompt(p, dupstr("Enter passphrase to load key: "), FALSE, 512);
ret = console_get_userpass_input(p, NULL, 0);
assert(ret >= 0);
if (!ret) {
free_prompts(p);
perror("puttygen: unable to read passphrase"); perror("puttygen: unable to read passphrase");
return 1; return 1;
} else {
passphrase = dupstr(p->prompts[0]->result);
free_prompts(p);
} }
} else { } else {
passphrase = NULL; passphrase = NULL;
@ -785,31 +799,35 @@ int main(int argc, char **argv)
* we have just generated a key. * we have just generated a key.
*/ */
if (change_passphrase || keytype != NOKEYGEN) { if (change_passphrase || keytype != NOKEYGEN) {
char *passphrase2; prompts_t *p = new_prompts(NULL);
int ret;
if (passphrase) { p->to_server = FALSE;
memset(passphrase, 0, strlen(passphrase)); p->name = dupstr("New SSH key passphrase");
sfree(passphrase); add_prompt(p, dupstr("Enter passphrase to save key: "), FALSE, 512);
} add_prompt(p, dupstr("Re-enter passphrase to verify: "), FALSE, 512);
ret = console_get_userpass_input(p, NULL, 0);
passphrase = snewn(512, char); assert(ret >= 0);
passphrase2 = snewn(512, char); if (!ret) {
if (!console_get_line("Enter passphrase to save key: ", free_prompts(p);
passphrase, 512, TRUE) ||
!console_get_line("Re-enter passphrase to verify: ",
passphrase2, 512, TRUE)) {
perror("puttygen: unable to read new passphrase"); perror("puttygen: unable to read new passphrase");
return 1; return 1;
} } else {
if (strcmp(passphrase, passphrase2)) { if (strcmp(p->prompts[0]->result, p->prompts[1]->result)) {
fprintf(stderr, "puttygen: passphrases do not match\n"); free_prompts(p);
return 1; fprintf(stderr, "puttygen: passphrases do not match\n");
} return 1;
memset(passphrase2, 0, strlen(passphrase2)); }
sfree(passphrase2); if (passphrase) {
if (!*passphrase) { memset(passphrase, 0, strlen(passphrase));
sfree(passphrase); sfree(passphrase);
passphrase = NULL; }
passphrase = dupstr(p->prompts[0]->result);
free_prompts(p);
if (!*passphrase) {
sfree(passphrase);
passphrase = NULL;
}
} }
} }

View File

@ -63,23 +63,40 @@ void cmdline_cleanup(void)
if (need_save) { cmdline_save_param(p, value, pri); return ret; } \ if (need_save) { cmdline_save_param(p, value, pri); return ret; } \
} while (0) } while (0)
char *cmdline_password = NULL; static char *cmdline_password = NULL;
/*
* Similar interface to get_userpass_input(), except that here a -1
* return means that we aren't capable of processing the prompt and
* someone else should do it.
*/
int cmdline_get_passwd_input(prompts_t *p, unsigned char *in, int inlen) {
static int cmdline_get_line(const char *prompt, char *str,
int maxlen, int is_pw)
{
static int tried_once = 0; static int tried_once = 0;
assert(is_pw && cmdline_password); /*
* We only handle prompts which don't echo (which we assume to be
if (tried_once) { * passwords), and (currently) we only cope with a password prompt
return 0; * that comes in a prompt-set on its own.
} else { */
strncpy(str, cmdline_password, maxlen); if (!cmdline_password || in || p->n_prompts != 1 || p->prompts[0]->echo) {
str[maxlen - 1] = '\0'; return -1;
tried_once = 1;
return 1;
} }
/*
* If we've tried once, return utter failure (no more passwords left
* to try).
*/
if (tried_once)
return 0;
strncpy(p->prompts[0]->result, cmdline_password,
p->prompts[0]->result_len);
p->prompts[0]->result[p->prompts[0]->result_len-1] = '\0';
memset(cmdline_password, 0, strlen(cmdline_password));
tried_once = 1;
return 1;
} }
/* /*
@ -272,8 +289,6 @@ int cmdline_process_param(char *p, char *value, int need_save, Config *cfg)
RETURN(2); RETURN(2);
UNAVAILABLE_IN(TOOLTYPE_NONNETWORK); UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
cmdline_password = value; cmdline_password = value;
ssh_get_line = cmdline_get_line;
ssh_getline_pw_only = TRUE;
} }
if (!strcmp(p, "-A")) { if (!strcmp(p, "-A")) {

View File

@ -1898,6 +1898,12 @@ int from_backend(void *frontend, int is_stderr, const char *data, int len)
return term_data(s->term, is_stderr, data, len); return term_data(s->term, is_stderr, data, len);
} }
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
Session *s = p->frontend;
return term_get_userpass_input(s->term, p, in, inlen);
}
/* /*
* Emacs magic: * Emacs magic:
* Local Variables: * Local Variables:

View File

@ -893,6 +893,13 @@ int from_backend(void *frontend, int is_stderr, const char *data, int len)
return [win fromBackend:data len:len isStderr:is_stderr]; return [win fromBackend:data len:len isStderr:is_stderr];
} }
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
SessionWindow *win = (SessionWindow *)p->frontend;
Terminal *term = [win term];
return term_get_userpass_input(term, p, in, inlen);
}
void frontend_keypress(void *handle) void frontend_keypress(void *handle)
{ {
/* FIXME */ /* FIXME */

40
misc.c
View File

@ -87,6 +87,46 @@ char ctrlparse(char *s, char **next)
return c; return c;
} }
prompts_t *new_prompts(void *frontend)
{
prompts_t *p = snew(prompts_t);
p->prompts = NULL;
p->n_prompts = 0;
p->frontend = frontend;
p->data = NULL;
p->to_server = TRUE; /* to be on the safe side */
p->name = p->instruction = NULL;
p->name_reqd = p->instr_reqd = FALSE;
return p;
}
void add_prompt(prompts_t *p, char *promptstr, int echo, size_t len)
{
prompt_t *pr = snew(prompt_t);
unsigned char *result = snewn(len, unsigned char);
pr->prompt = promptstr;
pr->echo = echo;
pr->result = result;
pr->result_len = len;
p->n_prompts++;
p->prompts = sresize(p->prompts, p->n_prompts, prompt_t *);
p->prompts[p->n_prompts-1] = pr;
}
void free_prompts(prompts_t *p)
{
size_t i;
for (i=0; i < p->n_prompts; i++) {
prompt_t *pr = p->prompts[i];
memset(pr->result, 0, pr->result_len); /* burn the evidence */
sfree(pr->result);
sfree(pr->prompt);
sfree(pr);
}
sfree(p->prompts);
sfree(p->name);
sfree(p->instruction);
sfree(p);
}
/* ---------------------------------------------------------------------- /* ----------------------------------------------------------------------
* String handling routines. * String handling routines.
*/ */

10
pscp.c
View File

@ -220,6 +220,15 @@ int from_backend(void *frontend, int is_stderr, const char *data, int datalen)
return 0; return 0;
} }
int from_backend_untrusted(void *frontend_handle, const char *data, int len)
{
/*
* No "untrusted" output should get here (the way the code is
* currently, it's all diverted by FLAG_STDERR).
*/
assert(!"Unexpected call to from_backend_untrusted()");
return 0; /* not reached */
}
static int ssh_scp_recv(unsigned char *buf, int len) static int ssh_scp_recv(unsigned char *buf, int len)
{ {
outptr = buf; outptr = buf;
@ -2204,7 +2213,6 @@ int psftp_main(int argc, char *argv[])
#endif #endif
; ;
cmdline_tooltype = TOOLTYPE_FILETRANSFER; cmdline_tooltype = TOOLTYPE_FILETRANSFER;
ssh_get_line = &console_get_line;
sk_init(); sk_init();
/* Load Default Settings before doing anything else. */ /* Load Default Settings before doing anything else. */

27
psftp.c
View File

@ -2523,6 +2523,15 @@ int from_backend(void *frontend, int is_stderr, const char *data, int datalen)
return 0; return 0;
} }
int from_backend_untrusted(void *frontend_handle, const char *data, int len)
{
/*
* No "untrusted" output should get here (the way the code is
* currently, it's all diverted by FLAG_STDERR).
*/
assert(!"Unexpected call to from_backend_untrusted()");
return 0; /* not reached */
}
int sftp_recvdata(char *buf, int len) int sftp_recvdata(char *buf, int len)
{ {
outptr = (unsigned char *) buf; outptr = (unsigned char *) buf;
@ -2714,14 +2723,21 @@ static int psftp_connect(char *userhost, char *user, int portnumber)
cfg.username[sizeof(cfg.username) - 1] = '\0'; cfg.username[sizeof(cfg.username) - 1] = '\0';
} }
if (!cfg.username[0]) { if (!cfg.username[0]) {
if (!console_get_line("login as: ", /* FIXME: leave this to ssh.c? */
cfg.username, sizeof(cfg.username), FALSE)) { int ret;
prompts_t *p = new_prompts(NULL);
p->to_server = TRUE;
p->name = dupstr("SSH login name");
add_prompt(p, dupstr("login as: "), TRUE, lenof(cfg.username));
ret = get_userpass_input(p, NULL, 0);
assert(ret >= 0);
if (!ret) {
free_prompts(p);
fprintf(stderr, "psftp: no username, aborting\n"); fprintf(stderr, "psftp: no username, aborting\n");
cleanup_exit(1); cleanup_exit(1);
} else { } else {
int len = strlen(cfg.username); memcpy(cfg.username, p->prompts[0]->result, lenof(cfg.username));
if (cfg.username[len - 1] == '\n') free_prompts(p);
cfg.username[len - 1] = '\0';
} }
} }
@ -2819,7 +2835,6 @@ int psftp_main(int argc, char *argv[])
#endif #endif
; ;
cmdline_tooltype = TOOLTYPE_FILETRANSFER; cmdline_tooltype = TOOLTYPE_FILETRANSFER;
ssh_get_line = &console_get_line;
sk_init(); sk_init();
userhost = user = NULL; userhost = user = NULL;

72
putty.h
View File

@ -611,6 +611,52 @@ GLOBAL int loaded_session;
struct RSAKey; /* be a little careful of scope */ struct RSAKey; /* be a little careful of scope */
/*
* Mechanism for getting text strings such as usernames and passwords
* from the front-end.
* The fields are mostly modelled after SSH's keyboard-interactive auth.
* FIXME We should probably mandate a character set/encoding (probably UTF-8).
*
* Since many of the pieces of text involved may be chosen by the server,
* the caller must take care to ensure that the server can't spoof locally-
* generated prompts such as key passphrase prompts. Some ground rules:
* - If the front-end needs to truncate a string, it should lop off the
* end.
* - The front-end should filter out any dangerous characters and
* generally not trust the strings. (But \n is required to behave
* vaguely sensibly, at least in `instruction', and ideally in
* `prompt[]' too.)
*/
typedef struct {
char *prompt;
int echo;
char *result; /* allocated/freed by caller */
size_t result_len;
} prompt_t;
typedef struct {
/*
* Indicates whether the information entered is to be used locally
* (for instance a key passphrase prompt), or is destined for the wire.
* This is a hint only; the front-end is at liberty not to use this
* information (so the caller should ensure that the supplied text is
* sufficient).
*/
int to_server;
char *name; /* Short description, perhaps for dialog box title */
int name_reqd; /* Display of `name' required or optional? */
char *instruction; /* Long description, maybe with embedded newlines */
int instr_reqd; /* Display of `instruction' required or optional? */
size_t n_prompts;
prompt_t **prompts;
void *frontend;
void *data; /* slot for housekeeping data, managed by
* get_userpass_input(); initially NULL */
} prompts_t;
prompts_t *new_prompts(void *frontend);
void add_prompt(prompts_t *p, char *promptstr, int echo, size_t len);
/* Burn the evidence. (Assumes _all_ strings want free()ing.) */
void free_prompts(prompts_t *p);
/* /*
* Exports from the front end. * Exports from the front end.
*/ */
@ -652,10 +698,17 @@ void ldisc_update(void *frontend, int echo, int edit);
* shutdown. */ * shutdown. */
void update_specials_menu(void *frontend); void update_specials_menu(void *frontend);
int from_backend(void *frontend, int is_stderr, const char *data, int len); int from_backend(void *frontend, int is_stderr, const char *data, int len);
int from_backend_untrusted(void *frontend, const char *data, int len);
void notify_remote_exit(void *frontend); void notify_remote_exit(void *frontend);
/* Get a sensible value for a tty mode. NULL return = don't set. /* Get a sensible value for a tty mode. NULL return = don't set.
* Otherwise, returned value should be freed by caller. */ * Otherwise, returned value should be freed by caller. */
char *get_ttymode(void *frontend, const char *mode); char *get_ttymode(void *frontend, const char *mode);
/*
* >0 = `got all results, carry on'
* 0 = `user cancelled' (FIXME distinguish "give up entirely" and "next auth"?)
* <0 = `please call back later with more in/inlen'
*/
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen);
#define OPTIMISE_IS_SCROLL 1 #define OPTIMISE_IS_SCROLL 1
void set_iconic(void *frontend, int iconic); void set_iconic(void *frontend, int iconic);
@ -745,12 +798,15 @@ void term_copyall(Terminal *);
void term_reconfig(Terminal *, Config *); void term_reconfig(Terminal *, Config *);
void term_seen_key_event(Terminal *); void term_seen_key_event(Terminal *);
int term_data(Terminal *, int is_stderr, const char *data, int len); int term_data(Terminal *, int is_stderr, const char *data, int len);
int term_data_untrusted(Terminal *, const char *data, int len);
void term_provide_resize_fn(Terminal *term, void term_provide_resize_fn(Terminal *term,
void (*resize_fn)(void *, int, int), void (*resize_fn)(void *, int, int),
void *resize_ctx); void *resize_ctx);
void term_provide_logctx(Terminal *term, void *logctx); void term_provide_logctx(Terminal *term, void *logctx);
void term_set_focus(Terminal *term, int has_focus); void term_set_focus(Terminal *term, int has_focus);
char *term_get_ttymode(Terminal *term, const char *mode); char *term_get_ttymode(Terminal *term, const char *mode);
int term_get_userpass_input(Terminal *term, prompts_t *p,
unsigned char *in, int inlen);
/* /*
* Exports from logging.c. * Exports from logging.c.
@ -800,14 +856,8 @@ extern Backend rlogin_backend;
extern Backend telnet_backend; extern Backend telnet_backend;
/* /*
* Exports from ssh.c. (NB the getline variables have to be GLOBAL * Exports from ssh.c.
* so that PuTTYtel will still compile - otherwise it would depend
* on ssh.c.)
*/ */
GLOBAL int (*ssh_get_line) (const char *prompt, char *str, int maxlen,
int is_pw);
GLOBAL int ssh_getline_pw_only;
extern Backend ssh_backend; extern Backend ssh_backend;
/* /*
@ -952,11 +1002,11 @@ int askappend(void *frontend, Filename filename,
void (*callback)(void *ctx, int result), void *ctx); void (*callback)(void *ctx, int result), void *ctx);
/* /*
* Exports from console.c (that aren't equivalents to things in * Exports from console frontends (wincons.c, uxcons.c)
* windlg.c). * that aren't equivalents to things in windlg.c et al.
*/ */
extern int console_batch_mode; extern int console_batch_mode;
int console_get_line(const char *prompt, char *str, int maxlen, int is_pw); int console_get_userpass_input(prompts_t *p, unsigned char *in, int inlen);
void console_provide_logctx(void *logctx); void console_provide_logctx(void *logctx);
int is_interactive(void); int is_interactive(void);
@ -980,7 +1030,7 @@ void printer_finish_job(printer_job *);
int cmdline_process_param(char *, char *, int, Config *); int cmdline_process_param(char *, char *, int, Config *);
void cmdline_run_saved(Config *); void cmdline_run_saved(Config *);
void cmdline_cleanup(void); void cmdline_cleanup(void);
extern char *cmdline_password; int cmdline_get_passwd_input(prompts_t *p, unsigned char *in, int inlen);
#define TOOLTYPE_FILETRANSFER 1 #define TOOLTYPE_FILETRANSFER 1
#define TOOLTYPE_NONNETWORK 2 #define TOOLTYPE_NONNETWORK 2
extern int cmdline_tooltype; extern int cmdline_tooltype;

1496
ssh.c

File diff suppressed because it is too large Load Diff

View File

@ -6257,6 +6257,24 @@ int term_data(Terminal *term, int is_stderr, const char *data, int len)
return 0; return 0;
} }
/*
* Write untrusted data to the terminal.
* The only control character that should be honoured is \n (which
* will behave as a CRLF).
*/
int term_data_untrusted(Terminal *term, const char *data, int len)
{
int i;
/* FIXME: more sophisticated checking? */
for (i = 0; i < len; i++) {
if (data[i] == '\n')
term_data(term, 1, "\r\n", 2);
else if (data[i] & 0x60)
term_data(term, 1, data + i, 1);
}
return 0; /* assumes that term_data() always returns 0 */
}
void term_provide_logctx(Terminal *term, void *logctx) void term_provide_logctx(Terminal *term, void *logctx)
{ {
term->logctx = logctx; term->logctx = logctx;
@ -6281,3 +6299,128 @@ char *term_get_ttymode(Terminal *term, const char *mode)
/* FIXME: perhaps we should set ONLCR based on cfg.lfhascr as well? */ /* FIXME: perhaps we should set ONLCR based on cfg.lfhascr as well? */
return dupstr(val); return dupstr(val);
} }
struct term_userpass_state {
size_t curr_prompt;
int done_prompt; /* printed out prompt yet? */
size_t pos; /* cursor position */
};
/*
* Process some terminal data in the course of username/password
* input.
*/
int term_get_userpass_input(Terminal *term, prompts_t *p,
unsigned char *in, int inlen)
{
struct term_userpass_state *s = (struct term_userpass_state *)p->data;
if (!s) {
/*
* First call. Set some stuff up.
*/
p->data = s = snew(struct term_userpass_state);
s->curr_prompt = 0;
s->done_prompt = 0;
/* We only print the `name' caption if we have to... */
if (p->name_reqd && p->name) {
size_t l = strlen(p->name);
term_data_untrusted(term, p->name, l);
if (p->name[l-1] != '\n')
term_data_untrusted(term, "\n", 1);
}
/* ...but we always print any `instruction'. */
if (p->instruction) {
size_t l = strlen(p->instruction);
term_data_untrusted(term, p->instruction, l);
if (p->instruction[l-1] != '\n')
term_data_untrusted(term, "\n", 1);
}
/*
* Zero all the results, in case we abort half-way through.
*/
{
int i;
for (i = 0; i < p->n_prompts; i++)
memset(p->prompts[i]->result, 0, p->prompts[i]->result_len);
}
}
while (s->curr_prompt < p->n_prompts) {
prompt_t *pr = p->prompts[s->curr_prompt];
int finished_prompt = 0;
if (!s->done_prompt) {
term_data_untrusted(term, pr->prompt, strlen(pr->prompt));
s->done_prompt = 1;
s->pos = 0;
}
/* Breaking out here ensures that the prompt is printed even
* if we're now waiting for user data. */
if (!in || !inlen) break;
/* FIXME: should we be using local-line-editing code instead? */
while (!finished_prompt && inlen) {
char c = *in++;
inlen--;
switch (c) {
case 10:
case 13:
term_data(term, 0, "\r\n", 2);
pr->result[s->pos] = '\0';
pr->result[pr->result_len - 1] = '\0';
/* go to next prompt, if any */
s->curr_prompt++;
s->done_prompt = 0;
finished_prompt = 1; /* break out */
break;
case 8:
case 127:
if (s->pos > 0) {
if (pr->echo)
term_data(term, 0, "\b \b", 3);
s->pos--;
}
break;
case 21:
case 27:
while (s->pos > 0) {
if (pr->echo)
term_data(term, 0, "\b \b", 3);
s->pos--;
}
break;
case 3:
case 4:
/* Immediate abort. */
term_data(term, 0, "\r\n", 2);
sfree(s);
return 0; /* user abort */
default:
/*
* This simplistic check for printability is disabled
* when we're doing password input, because some people
* have control characters in their passwords.
*/
if ((!pr->echo ||
(c >= ' ' && c <= '~') ||
((unsigned char) c >= 160))
&& s->pos < pr->result_len - 1) {
pr->result[s->pos++] = c;
if (pr->echo)
term_data(term, 0, &c, 1);
}
break;
}
}
}
if (s->curr_prompt < p->n_prompts) {
return -1; /* more data required */
} else {
sfree(s);
return +1; /* all done */
}
}

View File

@ -189,6 +189,22 @@ int from_backend(void *frontend, int is_stderr, const char *data, int len)
return term_data(inst->term, is_stderr, data, len); return term_data(inst->term, is_stderr, data, len);
} }
int from_backend_untrusted(void *frontend, const char *data, int len)
{
struct gui_data *inst = (struct gui_data *)frontend;
return term_data_untrusted(inst->term, data, len);
}
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
struct gui_data *inst = (struct gui_data *)p->frontend;
int ret;
ret = cmdline_get_passwd_input(p, in, inlen);
if (ret == -1)
ret = term_get_userpass_input(inst->term, p, in, inlen);
return ret;
}
void logevent(void *frontend, const char *string) void logevent(void *frontend, const char *string)
{ {
struct gui_data *inst = (struct gui_data *)frontend; struct gui_data *inst = (struct gui_data *)frontend;

View File

@ -280,41 +280,81 @@ void logevent(void *frontend, const char *string)
log_eventlog(console_logctx, string); log_eventlog(console_logctx, string);
} }
int console_get_line(const char *prompt, char *str, static void console_data_untrusted(const char *data, int len)
int maxlen, int is_pw)
{ {
struct termios oldmode, newmode;
int i; int i;
for (i = 0; i < len; i++)
if ((data[i] & 0x60) || (data[i] == '\n'))
fputc(data[i], stdout);
fflush(stdout);
}
if (console_batch_mode) { int console_get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
if (maxlen > 0) {
str[0] = '\0'; size_t curr_prompt;
/*
* Zero all the results, in case we abort half-way through.
*/
{
int i;
for (i = 0; i < p->n_prompts; i++)
memset(p->prompts[i]->result, 0, p->prompts[i]->result_len);
}
if (console_batch_mode)
return 0; return 0;
} else {
/*
* Preamble.
*/
/* We only print the `name' caption if we have to... */
if (p->name_reqd && p->name) {
size_t l = strlen(p->name);
console_data_untrusted(p->name, l);
if (p->name[l-1] != '\n')
console_data_untrusted("\n", 1);
}
/* ...but we always print any `instruction'. */
if (p->instruction) {
size_t l = strlen(p->instruction);
console_data_untrusted(p->instruction, l);
if (p->instruction[l-1] != '\n')
console_data_untrusted("\n", 1);
}
for (curr_prompt = 0; curr_prompt < p->n_prompts; curr_prompt++) {
struct termios oldmode, newmode;
int i;
prompt_t *pr = p->prompts[curr_prompt];
tcgetattr(0, &oldmode); tcgetattr(0, &oldmode);
newmode = oldmode; newmode = oldmode;
newmode.c_lflag |= ISIG | ICANON; newmode.c_lflag |= ISIG | ICANON;
if (is_pw) if (!pr->echo)
newmode.c_lflag &= ~ECHO; newmode.c_lflag &= ~ECHO;
else else
newmode.c_lflag |= ECHO; newmode.c_lflag |= ECHO;
tcsetattr(0, TCSANOW, &newmode); tcsetattr(0, TCSANOW, &newmode);
fputs(prompt, stdout); console_data_untrusted(pr->prompt, strlen(pr->prompt));
fflush(stdout);
i = read(0, str, maxlen - 1); i = read(0, pr->result, pr->result_len - 1);
tcsetattr(0, TCSANOW, &oldmode); tcsetattr(0, TCSANOW, &oldmode);
if (i > 0 && str[i-1] == '\n') if (i > 0 && pr->result[i-1] == '\n')
i--; i--;
str[i] = '\0'; pr->result[i] = '\0';
if (is_pw) if (!pr->echo)
fputs("\n", stdout); fputs("\n", stdout);
return 1;
} }
return 1; /* success */
} }
void frontend_keypress(void *handle) void frontend_keypress(void *handle)

View File

@ -394,6 +394,25 @@ int from_backend(void *frontend_handle, int is_stderr,
return osize + esize; return osize + esize;
} }
int from_backend_untrusted(void *frontend_handle, const char *data, int len)
{
/*
* No "untrusted" output should get here (the way the code is
* currently, it's all diverted by FLAG_STDERR).
*/
assert(!"Unexpected call to from_backend_untrusted()");
return 0; /* not reached */
}
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
int ret;
ret = cmdline_get_passwd_input(p, in, inlen);
if (ret == -1)
ret = console_get_userpass_input(p, in, inlen);
return ret;
}
/* /*
* Handle data from a local tty in PARMRK format. * Handle data from a local tty in PARMRK format.
*/ */
@ -534,8 +553,6 @@ int main(int argc, char **argv)
void *ldisc, *logctx; void *ldisc, *logctx;
long now; long now;
ssh_get_line = console_get_line;
fdlist = NULL; fdlist = NULL;
fdcount = fdsize = 0; fdcount = fdsize = 0;
/* /*

View File

@ -70,6 +70,15 @@ Filename platform_default_filename(const char *name)
char *get_ttymode(void *frontend, const char *mode) { return NULL; } char *get_ttymode(void *frontend, const char *mode) { return NULL; }
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
int ret;
ret = cmdline_get_passwd_input(p, in, inlen);
if (ret == -1)
ret = console_get_userpass_input(p, in, inlen);
return ret;
}
/* /*
* Stubs for the GUI feedback mechanism in Windows PSCP. * Stubs for the GUI feedback mechanism in Windows PSCP.
*/ */

View File

@ -298,48 +298,90 @@ void logevent(void *frontend, const char *string)
log_eventlog(console_logctx, string); log_eventlog(console_logctx, string);
} }
int console_get_line(const char *prompt, char *str, static void console_data_untrusted(HANDLE hout, const char *data, int len)
int maxlen, int is_pw) {
DWORD dummy;
/* FIXME: control-character filtering */
WriteFile(hout, data, len, &dummy, NULL);
}
int console_get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{ {
HANDLE hin, hout; HANDLE hin, hout;
DWORD savemode, newmode, i; size_t curr_prompt;
if (console_batch_mode) { /*
if (maxlen > 0) * Zero all the results, in case we abort half-way through.
str[0] = '\0'; */
{
int i;
for (i = 0; i < p->n_prompts; i++)
memset(p->prompts[i]->result, 0, p->prompts[i]->result_len);
}
if (console_batch_mode)
return 0; return 0;
} else {
hin = GetStdHandle(STD_INPUT_HANDLE); hin = GetStdHandle(STD_INPUT_HANDLE);
hout = GetStdHandle(STD_OUTPUT_HANDLE); hout = GetStdHandle(STD_OUTPUT_HANDLE);
if (hin == INVALID_HANDLE_VALUE || hout == INVALID_HANDLE_VALUE) { if (hin == INVALID_HANDLE_VALUE || hout == INVALID_HANDLE_VALUE) {
fprintf(stderr, "Cannot get standard input/output handles\n"); fprintf(stderr, "Cannot get standard input/output handles\n");
cleanup_exit(1); cleanup_exit(1);
} }
/*
* Preamble.
*/
/* We only print the `name' caption if we have to... */
if (p->name_reqd && p->name) {
size_t l = strlen(p->name);
console_data_untrusted(hout, p->name, l);
if (p->name[l-1] != '\n')
console_data_untrusted(hout, "\n", 1);
}
/* ...but we always print any `instruction'. */
if (p->instruction) {
size_t l = strlen(p->instruction);
console_data_untrusted(hout, p->instruction, l);
if (p->instruction[l-1] != '\n')
console_data_untrusted(hout, "\n", 1);
}
for (curr_prompt = 0; curr_prompt < p->n_prompts; curr_prompt++) {
DWORD savemode, newmode, i = 0;
prompt_t *pr = p->prompts[curr_prompt];
BOOL r;
GetConsoleMode(hin, &savemode); GetConsoleMode(hin, &savemode);
newmode = savemode | ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT; newmode = savemode | ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT;
if (is_pw) if (!pr->echo)
newmode &= ~ENABLE_ECHO_INPUT; newmode &= ~ENABLE_ECHO_INPUT;
else else
newmode |= ENABLE_ECHO_INPUT; newmode |= ENABLE_ECHO_INPUT;
SetConsoleMode(hin, newmode); SetConsoleMode(hin, newmode);
WriteFile(hout, prompt, strlen(prompt), &i, NULL); console_data_untrusted(hout, pr->prompt, strlen(pr->prompt));
ReadFile(hin, str, maxlen - 1, &i, NULL);
r = ReadFile(hin, pr->result, pr->result_len - 1, &i, NULL);
SetConsoleMode(hin, savemode); SetConsoleMode(hin, savemode);
if ((int) i > maxlen) if ((int) i > pr->result_len)
i = maxlen - 1; i = pr->result_len - 1;
else else
i = i - 2; i = i - 2;
str[i] = '\0'; pr->result[i] = '\0';
if (is_pw) if (!pr->echo) {
WriteFile(hout, "\r\n", 2, &i, NULL); DWORD dummy;
WriteFile(hout, "\r\n", 2, &dummy, NULL);
}
return 1;
} }
return 1; /* success */
} }
void frontend_keypress(void *handle) void frontend_keypress(void *handle)

View File

@ -5069,6 +5069,20 @@ int from_backend(void *frontend, int is_stderr, const char *data, int len)
return term_data(term, is_stderr, data, len); return term_data(term, is_stderr, data, len);
} }
int from_backend_untrusted(void *frontend, const char *data, int len)
{
return term_data_untrusted(term, data, len);
}
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
int ret;
ret = cmdline_get_passwd_input(p, in, inlen);
if (ret == -1)
ret = term_get_userpass_input(term, p, in, inlen);
return ret;
}
void agent_schedule_callback(void (*callback)(void *, void *, int), void agent_schedule_callback(void (*callback)(void *, void *, int),
void *callback_ctx, void *data, int len) void *callback_ctx, void *data, int len)
{ {

View File

@ -189,6 +189,25 @@ int from_backend(void *frontend_handle, int is_stderr,
return osize + esize; return osize + esize;
} }
int from_backend_untrusted(void *frontend_handle, const char *data, int len)
{
/*
* No "untrusted" output should get here (the way the code is
* currently, it's all diverted by FLAG_STDERR).
*/
assert(!"Unexpected call to from_backend_untrusted()");
return 0; /* not reached */
}
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
int ret;
ret = cmdline_get_passwd_input(p, in, inlen);
if (ret == -1)
ret = console_get_userpass_input(p, in, inlen);
return ret;
}
static DWORD main_thread_id; static DWORD main_thread_id;
void agent_schedule_callback(void (*callback)(void *, void *, int), void agent_schedule_callback(void (*callback)(void *, void *, int),
@ -285,8 +304,6 @@ int main(int argc, char **argv)
int use_subsystem = 0; int use_subsystem = 0;
long now, next; long now, next;
ssh_get_line = console_get_line;
sklist = NULL; sklist = NULL;
skcount = sksize = 0; skcount = sksize = 0;
/* /*

View File

@ -127,6 +127,15 @@ void gui_enable(char *arg)
char *get_ttymode(void *frontend, const char *mode) { return NULL; } char *get_ttymode(void *frontend, const char *mode) { return NULL; }
int get_userpass_input(prompts_t *p, unsigned char *in, int inlen)
{
int ret;
ret = cmdline_get_passwd_input(p, in, inlen);
if (ret == -1)
ret = console_get_userpass_input(p, in, inlen);
return ret;
}
/* ---------------------------------------------------------------------- /* ----------------------------------------------------------------------
* File access abstraction. * File access abstraction.
*/ */