svnno****@sourc*****
svnno****@sourc*****
2017年 3月 23日 (木) 21:55:00 JST
Revision: 6657 http://sourceforge.jp/projects/ttssh2/scm/svn/commits/6657 Author: doda Date: 2017-03-23 21:55:00 +0900 (Thu, 23 Mar 2017) Log Message: ----------- SSH2 メッセージ 60 番の処理を変更 SSH2_MSG_USERAUTH_INFO_REQUEST と SSH2_MSG_USERAUTH_PK_OK の処理をする 関数を分離し、60 番のメッセージを処理する関数で振り分けるようにした。 Modified Paths: -------------- trunk/ttssh2/ttxssh/ssh.c trunk/ttssh2/ttxssh/ssh.h -------------- next part -------------- Modified: trunk/ttssh2/ttxssh/ssh.c =================================================================== --- trunk/ttssh2/ttxssh/ssh.c 2017-03-23 12:54:58 UTC (rev 6656) +++ trunk/ttssh2/ttxssh/ssh.c 2017-03-23 12:55:00 UTC (rev 6657) @@ -1704,8 +1704,7 @@ enque_handler(pvar, SSH2_MSG_USERAUTH_SUCCESS, handle_SSH2_userauth_success); enque_handler(pvar, SSH2_MSG_USERAUTH_FAILURE, handle_SSH2_userauth_failure); enque_handler(pvar, SSH2_MSG_USERAUTH_BANNER, handle_SSH2_userauth_banner); - enque_handler(pvar, SSH2_MSG_USERAUTH_INFO_REQUEST, handle_SSH2_userauth_inforeq); - enque_handler(pvar, SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ, handle_SSH2_userauth_passwd_changereq); + enque_handler(pvar, SSH2_MSG_USERAUTH_INFO_REQUEST, handle_SSH2_userauth_msg60); enque_handler(pvar, SSH2_MSG_UNIMPLEMENTED, handle_unimplemented); @@ -6989,125 +6988,139 @@ } -// SSH2 keyboard-interactive method\x82\xCC SSH2_MSG_USERAUTH_INFO_REQUEST \x8F\x88\x97\x9D\x8A\x94 +// SSH2 \x83\x81\x83b\x83Z\x81[\x83W 60 \x94Ԃ̏\x88\x97\x9D\x8A\x94 +// +// SSH2 \x82ł͈ȉ\xBA\x82̃\x81\x83b\x83Z\x81[\x83W\x82\xAA 60 \x94Ԃ֏d\x95\xA1\x82\xB5\x82Ċ\x84\x82蓖\x82Ă\xE7\x82\xEA\x82Ă\xA2\x82\xE9\x81B // +// * SSH2_MSG_USERAUTH_INFO_REQUEST (keyboard-interactive) +// * SSH2_MSG_USERAUTH_PK_OK (publickey / Tera Term \x82ł\xCD Pageant \x94F\x8F̂\xDD) +// * SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ (password) +// // \x8C\xBB\x8F\xF3\x82̎\xC0\x91\x95\x82ł͓\xAF\x82\xB6\x83\x81\x83b\x83Z\x81[\x83W\x94ԍ\x86\x82\xAA\x91\xB6\x8D݂ł\xAB\x82Ȃ\xA2\x82̂ŁA -// SSH2 publickey \x82\xC5 Pageant \x82\xF0\x8Eg\x82\xC1\x82Ă\xA2\x82\xE9\x82Ƃ\xAB\x82\xCC -// SSH2_MSG_USERAUTH_PK_OK \x82\xE0\x82\xB1\x82̊\x94\x82ŏ\x88\x97\x9D\x82\xB7\x82\xE9\x81B(2007.2.12 maya) +// 60 \x94Ԃ͂\xB1\x82̊\x94\x82ŎAmethod \x82ɂ\xE6\x82\xC1\x82đΉ\x9E\x82\xB7\x82\xE9\x83n\x83\x93\x83h\x83\x89\x8A\x94\x82ɐU\x82蕪\x82\xAF\x82\xE9\x81B // -// -// \x81\xA6\x83\x81\x83\x82\x81FOpenSSH\x82\xC5PAM\x82\xF0\x97L\x8C\xF8\x82ɂ\xB7\x82\xE9\x95\xFB\x96@ -//\x81E\x83r\x83\x8B\x83h -//# ./configure --with-pam -//# make -// -//\x81E/etc/ssh/sshd_config \x82ɉ\xBA\x8BL\x82̂悤\x82ɏ\x91\x82\xAD\x81B -//PasswordAuthentication no -//PermitEmptyPasswords no -//ChallengeResponseAuthentication yes -//UsePAM yes -// -// (2005.1.23 yutaka) -BOOL handle_SSH2_userauth_inforeq(PTInstVar pvar) +BOOL handle_SSH2_userauth_msg60(PTInstVar pvar) { if (pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) { - // SSH2_MSG_USERAUTH_INFO_REQUEST - int len; - char *data; - int slen = 0, num, echo; - char *s, *prompt = NULL; - buffer_t *msg; - unsigned char *outmsg; - int i; - char *name, *inst, *lang; - char lprompt[512]; + return handle_SSH2_userauth_inforeq(pvar); + } + else if (pvar->auth_state.cur_cred.method == SSH_AUTH_PAGEANT) { + return handle_SSH2_userauth_pkok(pvar); + } + else if (pvar->auth_state.cur_cred.method == SSH_AUTH_PASSWORD) { + // TODO + // return handle_SSH2_userauth_passwd_changereq(pvar) { + return FALSE; + } + else { + return FALSE; + } - notify_verbose_message(pvar, "SSH2_MSG_USERAUTH_INFO_REQUEST was received.", LOG_LEVEL_VERBOSE); + return TRUE; // not reached +} - // 6byte\x81i\x83T\x83C\x83Y\x81{\x83p\x83f\x83B\x83\x93\x83O\x81{\x83^\x83C\x83v\x81j\x82\xF0\x8E\xE6\x82菜\x82\xA2\x82\xBD\x88ȍ~\x82̃y\x83C\x83\x8D\x81[\x83h - data = pvar->ssh_state.payload; - // \x83p\x83P\x83b\x83g\x83T\x83C\x83Y - (\x83p\x83f\x83B\x83\x93\x83O\x83T\x83C\x83Y+1)\x81G\x90^\x82̃p\x83P\x83b\x83g\x83T\x83C\x83Y - len = pvar->ssh_state.payloadlen; +BOOL handle_SSH2_userauth_inforeq(PTInstVar pvar) +{ + // SSH2_MSG_USERAUTH_INFO_REQUEST + int len; + char *data; + int slen = 0, num, echo; + char *s, *prompt = NULL; + buffer_t *msg; + unsigned char *outmsg; + int i; + char *name, *inst, *lang; + char lprompt[512]; - //debug_print(10, data, len); + notify_verbose_message(pvar, "SSH2_MSG_USERAUTH_INFO_REQUEST was received.", LOG_LEVEL_VERBOSE); - ///////// step1 - // get string - name = buffer_get_string(&data, NULL); - inst = buffer_get_string(&data, NULL); - lang = buffer_get_string(&data, NULL); - lprompt[0] = 0; - if (strlen(inst) > 0) { - strncat_s(lprompt, sizeof(lprompt), inst, _TRUNCATE); - strncat_s(lprompt, sizeof(lprompt), "\r\n", _TRUNCATE); - } - if (strlen(lang) > 0) { - strncat_s(lprompt, sizeof(lprompt), lang, _TRUNCATE); - strncat_s(lprompt, sizeof(lprompt), "\r\n", _TRUNCATE); - } - free(name); - free(inst); - free(lang); + // 6byte\x81i\x83T\x83C\x83Y\x81{\x83p\x83f\x83B\x83\x93\x83O\x81{\x83^\x83C\x83v\x81j\x82\xF0\x8E\xE6\x82菜\x82\xA2\x82\xBD\x88ȍ~\x82̃y\x83C\x83\x8D\x81[\x83h + data = pvar->ssh_state.payload; + // \x83p\x83P\x83b\x83g\x83T\x83C\x83Y - (\x83p\x83f\x83B\x83\x93\x83O\x83T\x83C\x83Y+1)\x81G\x90^\x82̃p\x83P\x83b\x83g\x83T\x83C\x83Y + len = pvar->ssh_state.payloadlen; - // num-prompts - num = get_uint32_MSBfirst(data); - data += 4; + //debug_print(10, data, len); - ///////// step2 - // \x83T\x81[\x83o\x82փp\x83X\x83t\x83\x8C\x81[\x83Y\x82𑗂\xE9 - msg = buffer_init(); - if (msg == NULL) { - // TODO: error check - return FALSE; - } - buffer_put_int(msg, num); + ///////// step1 + // get string + name = buffer_get_string(&data, NULL); + inst = buffer_get_string(&data, NULL); + lang = buffer_get_string(&data, NULL); + lprompt[0] = 0; + if (strlen(inst) > 0) { + strncat_s(lprompt, sizeof(lprompt), inst, _TRUNCATE); + strncat_s(lprompt, sizeof(lprompt), "\r\n", _TRUNCATE); + } + if (strlen(lang) > 0) { + strncat_s(lprompt, sizeof(lprompt), lang, _TRUNCATE); + strncat_s(lprompt, sizeof(lprompt), "\r\n", _TRUNCATE); + } + free(name); + free(inst); + free(lang); - // \x83p\x83X\x83\x8F\x81[\x83h\x95ύX\x82̏ꍇ\x81A\x83\x81\x83b\x83Z\x81[\x83W\x82\xAA\x82\xA0\x82\xEA\x82A\x95\\x8E\xA6\x82\xB7\x82\xE9\x81B(2010.11.11 yutaka) - if (num == 0) { - if (strlen(lprompt) > 0) - MessageBox(pvar->cv->HWin, lprompt, "USERAUTH INFO_REQUEST", MB_OK | MB_ICONINFORMATION); - } + // num-prompts + num = get_uint32_MSBfirst(data); + data += 4; - // \x83v\x83\x8D\x83\x93\x83v\x83g\x82̐\x94\x82\xBE\x82\xAF prompt & echo \x82\xAA\x8CJ\x82\xE8\x95Ԃ\xB3\x82\xEA\x82\xE9\x81B - for (i = 0 ; i < num ; i++) { - // get string - slen = get_uint32_MSBfirst(data); - data += 4; - prompt = data; // prompt - data += slen; + ///////// step2 + // \x83T\x81[\x83o\x82փp\x83X\x83t\x83\x8C\x81[\x83Y\x82𑗂\xE9 + msg = buffer_init(); + if (msg == NULL) { + // TODO: error check + return FALSE; + } + buffer_put_int(msg, num); - // get boolean - echo = data[0]; - data += 1; + // \x83p\x83X\x83\x8F\x81[\x83h\x95ύX\x82̏ꍇ\x81A\x83\x81\x83b\x83Z\x81[\x83W\x82\xAA\x82\xA0\x82\xEA\x82A\x95\\x8E\xA6\x82\xB7\x82\xE9\x81B(2010.11.11 yutaka) + if (num == 0) { + if (strlen(lprompt) > 0) + MessageBox(pvar->cv->HWin, lprompt, "USERAUTH INFO_REQUEST", MB_OK | MB_ICONINFORMATION); + } - // keyboard-interactive method (2005.3.12 yutaka) - if (pvar->keyboard_interactive_password_input == 0 && - pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) { - AUTH_set_TIS_mode(pvar, prompt, slen); - AUTH_advance_to_next_cred(pvar); - pvar->ssh_state.status_flags &= ~STATUS_DONT_SEND_CREDENTIALS; - //try_send_credentials(pvar); - buffer_free(msg); - return TRUE; - } + // \x83v\x83\x8D\x83\x93\x83v\x83g\x82̐\x94\x82\xBE\x82\xAF prompt & echo \x82\xAA\x8CJ\x82\xE8\x95Ԃ\xB3\x82\xEA\x82\xE9\x81B + for (i = 0 ; i < num ; i++) { + // get string + slen = get_uint32_MSBfirst(data); + data += 4; + prompt = data; // prompt + data += slen; - // TODO: \x82\xB1\x82\xB1\x82Ńv\x83\x8D\x83\x93\x83v\x83g\x82\xF0\x95\\x8E\xA6\x82\xB5\x82ă\x86\x81[\x83U\x82\xA9\x82\xE7\x93\xFC\x97͂\xB3\x82\xB9\x82\xE9\x82̂\xAA\x90\xB3\x89\xF0\x81B - s = pvar->auth_state.cur_cred.password; - buffer_put_string(msg, s, strlen(s)); + // get boolean + echo = data[0]; + data += 1; - // \x83\x8A\x83g\x83\x89\x83C\x82ɑΉ\x9E\x82ł\xAB\x82\xE9\x82悤\x81A\x83t\x83\x89\x83O\x82\xF0\x83N\x83\x8A\x83A\x82\xB7\x82\xE9\x81B(2010.11.11 yutaka) - pvar->keyboard_interactive_password_input = 0; + // keyboard-interactive method (2005.3.12 yutaka) + if (pvar->keyboard_interactive_password_input == 0 && + pvar->auth_state.cur_cred.method == SSH_AUTH_TIS) { + AUTH_set_TIS_mode(pvar, prompt, slen); + AUTH_advance_to_next_cred(pvar); + pvar->ssh_state.status_flags &= ~STATUS_DONT_SEND_CREDENTIALS; + //try_send_credentials(pvar); + buffer_free(msg); + return TRUE; } - len = buffer_len(msg); - outmsg = begin_send_packet(pvar, SSH2_MSG_USERAUTH_INFO_RESPONSE, len); - memcpy(outmsg, buffer_ptr(msg), len); - finish_send_packet(pvar); - buffer_free(msg); + // TODO: \x82\xB1\x82\xB1\x82Ńv\x83\x8D\x83\x93\x83v\x83g\x82\xF0\x95\\x8E\xA6\x82\xB5\x82ă\x86\x81[\x83U\x82\xA9\x82\xE7\x93\xFC\x97͂\xB3\x82\xB9\x82\xE9\x82̂\xAA\x90\xB3\x89\xF0\x81B + s = pvar->auth_state.cur_cred.password; + buffer_put_string(msg, s, strlen(s)); - notify_verbose_message(pvar, "SSH2_MSG_USERAUTH_INFO_RESPONSE was sent at handle_SSH2_userauth_inforeq().", LOG_LEVEL_VERBOSE); + // \x83\x8A\x83g\x83\x89\x83C\x82ɑΉ\x9E\x82ł\xAB\x82\xE9\x82悤\x81A\x83t\x83\x89\x83O\x82\xF0\x83N\x83\x8A\x83A\x82\xB7\x82\xE9\x81B(2010.11.11 yutaka) + pvar->keyboard_interactive_password_input = 0; } - else { // SSH_AUTH_PAGEANT + + len = buffer_len(msg); + outmsg = begin_send_packet(pvar, SSH2_MSG_USERAUTH_INFO_RESPONSE, len); + memcpy(outmsg, buffer_ptr(msg), len); + finish_send_packet(pvar); + buffer_free(msg); + + notify_verbose_message(pvar, "SSH2_MSG_USERAUTH_INFO_RESPONSE was sent at handle_SSH2_userauth_inforeq().", LOG_LEVEL_VERBOSE); + return TRUE; +} + +BOOL handle_SSH2_userauth_pkok(PTInstVar pvar) +{ // SSH2_MSG_USERAUTH_PK_OK buffer_t *msg = NULL; char *s, *username; @@ -7208,11 +7221,10 @@ notify_verbose_message(pvar, "SSH2_MSG_USERAUTH_REQUEST was sent at handle_SSH2_userauth_inforeq().", LOG_LEVEL_VERBOSE); pvar->pageant_keyfinal = TRUE; + + return TRUE; } - return TRUE; -} - #define PASSWD_MAXLEN 150 struct change_password { Modified: trunk/ttssh2/ttxssh/ssh.h =================================================================== --- trunk/ttssh2/ttxssh/ssh.h 2017-03-23 12:54:58 UTC (rev 6656) +++ trunk/ttssh2/ttxssh/ssh.h 2017-03-23 12:55:00 UTC (rev 6657) @@ -731,7 +731,9 @@ void ssh_heartbeat_unlock(void); void halt_ssh_heartbeat_thread(PTInstVar pvar); void ssh2_channel_free(void); +BOOL handle_SSH2_userauth_msg60(PTInstVar pvar); BOOL handle_SSH2_userauth_inforeq(PTInstVar pvar); +BOOL handle_SSH2_userauth_pkok(PTInstVar pvar); BOOL handle_SSH2_userauth_passwd_changereq(PTInstVar pvar); void SSH2_update_compression_myproposal(PTInstVar pvar); void SSH2_update_cipher_myproposal(PTInstVar pvar);