[u/mdw/putty] / unix / uxcons.c

/*
 * uxcons.c: various interactive-prompt routines shared between the
 * Unix console PuTTY tools
 */

#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <assert.h>
#include <termios.h>
#include <unistd.h>

#include "putty.h"
#include "storage.h"
#include "ssh.h"

int console_batch_mode = FALSE;

static void *console_logctx = NULL;

/*
 * Clean up and exit.
 */
void cleanup_exit(int code)
{
    /*
     * Clean up.
     */
    sk_cleanup();
    random_save_seed();
    exit(code);
}

void update_specials_menu(void *frontend)
{
}

void notify_remote_exit(void *frontend)
{
}

void timer_change_notify(long next)
{
}

void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
			 char *keystr, char *fingerprint)
{
    int ret;

    static const char absentmsg_batch[] =
	"The server's host key is not cached. You have no guarantee\n"
	"that the server is the computer you think it is.\n"
	"The server's %s key fingerprint is:\n"
	"%s\n"
	"Connection abandoned.\n";
    static const char absentmsg[] =
	"The server's host key is not cached. You have no guarantee\n"
	"that the server is the computer you think it is.\n"
	"The server's %s key fingerprint is:\n"
	"%s\n"
	"If you trust this host, enter \"y\" to add the key to\n"
	"PuTTY's cache and carry on connecting.\n"
	"If you want to carry on connecting just once, without\n"
	"adding the key to the cache, enter \"n\".\n"
	"If you do not trust this host, press Return to abandon the\n"
	"connection.\n"
	"Store key in cache? (y/n) ";

    static const char wrongmsg_batch[] =
	"WARNING - POTENTIAL SECURITY BREACH!\n"
	"The server's host key does not match the one PuTTY has\n"
	"cached. This means that either the server administrator\n"
	"has changed the host key, or you have actually connected\n"
	"to another computer pretending to be the server.\n"
	"The new %s key fingerprint is:\n"
	"%s\n"
	"Connection abandoned.\n";
    static const char wrongmsg[] =
	"WARNING - POTENTIAL SECURITY BREACH!\n"
	"The server's host key does not match the one PuTTY has\n"
	"cached. This means that either the server administrator\n"
	"has changed the host key, or you have actually connected\n"
	"to another computer pretending to be the server.\n"
	"The new %s key fingerprint is:\n"
	"%s\n"
	"If you were expecting this change and trust the new key,\n"
	"enter \"y\" to update PuTTY's cache and continue connecting.\n"
	"If you want to carry on connecting but without updating\n"
	"the cache, enter \"n\".\n"
	"If you want to abandon the connection completely, press\n"
	"Return to cancel. Pressing Return is the ONLY guaranteed\n"
	"safe choice.\n"
	"Update cached key? (y/n, Return cancels connection) ";

    static const char abandoned[] = "Connection abandoned.\n";

    char line[32];

    /*
     * Verify the key.
     */
    ret = verify_host_key(host, port, keytype, keystr);

    if (ret == 0)		       /* success - key matched OK */
	return;

    if (ret == 2) {		       /* key was different */
	if (console_batch_mode) {
	    fprintf(stderr, wrongmsg_batch, keytype, fingerprint);
	    cleanup_exit(1);
	}
	fprintf(stderr, wrongmsg, keytype, fingerprint);
	fflush(stderr);
    }
    if (ret == 1) {		       /* key was absent */
	if (console_batch_mode) {
	    fprintf(stderr, absentmsg_batch, keytype, fingerprint);
	    cleanup_exit(1);
	}
	fprintf(stderr, absentmsg, keytype, fingerprint);
	fflush(stderr);
    }

    {
	struct termios oldmode, newmode;
	tcgetattr(0, &oldmode);
	newmode = oldmode;
	newmode.c_lflag |= ECHO | ISIG | ICANON;
	tcsetattr(0, TCSANOW, &newmode);
	line[0] = '\0';
	read(0, line, sizeof(line) - 1);
	tcsetattr(0, TCSANOW, &oldmode);
    }

    if (line[0] != '\0' && line[0] != '\r' && line[0] != '\n') {
	if (line[0] == 'y' || line[0] == 'Y')
	    store_host_key(host, port, keytype, keystr);
    } else {
	fprintf(stderr, abandoned);
	cleanup_exit(0);
    }
}

/*
 * Ask whether the selected cipher is acceptable (since it was
 * below the configured 'warn' threshold).
 * cs: 0 = both ways, 1 = client->server, 2 = server->client
 */
void askcipher(void *frontend, char *ciphername, int cs)
{
    static const char msg[] =
	"The first %scipher supported by the server is\n"
	"%s, which is below the configured warning threshold.\n"
	"Continue with connection? (y/n) ";
    static const char msg_batch[] =
	"The first %scipher supported by the server is\n"
	"%s, which is below the configured warning threshold.\n"
	"Connection abandoned.\n";
    static const char abandoned[] = "Connection abandoned.\n";

    char line[32];

    if (console_batch_mode) {
	fprintf(stderr, msg_batch,
		(cs == 0) ? "" :
		(cs == 1) ? "client-to-server " : "server-to-client ",
		ciphername);
	cleanup_exit(1);
    }

    fprintf(stderr, msg,
	    (cs == 0) ? "" :
	    (cs == 1) ? "client-to-server " : "server-to-client ",
	    ciphername);
    fflush(stderr);

    {
	struct termios oldmode, newmode;
	tcgetattr(0, &oldmode);
	newmode = oldmode;
	newmode.c_lflag |= ECHO | ISIG | ICANON;
	tcsetattr(0, TCSANOW, &newmode);
	line[0] = '\0';
	read(0, line, sizeof(line) - 1);
	tcsetattr(0, TCSANOW, &oldmode);
    }

    if (line[0] == 'y' || line[0] == 'Y') {
	return;
    } else {
	fprintf(stderr, abandoned);
	cleanup_exit(0);
    }
}

/*
 * Ask whether to wipe a session log file before writing to it.
 * Returns 2 for wipe, 1 for append, 0 for cancel (don't log).
 */
int askappend(void *frontend, Filename filename)
{
    static const char msgtemplate[] =
	"The session log file \"%.*s\" already exists.\n"
	"You can overwrite it with a new session log,\n"
	"append your session log to the end of it,\n"
	"or disable session logging for this session.\n"
	"Enter \"y\" to wipe the file, \"n\" to append to it,\n"
	"or just press Return to disable logging.\n"
	"Wipe the log file? (y/n, Return cancels logging) ";

    static const char msgtemplate_batch[] =
	"The session log file \"%.*s\" already exists.\n"
	"Logging will not be enabled.\n";

    char line[32];

    if (console_batch_mode) {
	fprintf(stderr, msgtemplate_batch, FILENAME_MAX, filename.path);
	fflush(stderr);
	return 0;
    }
    fprintf(stderr, msgtemplate, FILENAME_MAX, filename.path);
    fflush(stderr);

    {
	struct termios oldmode, newmode;
	tcgetattr(0, &oldmode);
	newmode = oldmode;
	newmode.c_lflag |= ECHO | ISIG | ICANON;
	tcsetattr(0, TCSANOW, &newmode);
	line[0] = '\0';
	read(0, line, sizeof(line) - 1);
	tcsetattr(0, TCSANOW, &oldmode);
    }

    if (line[0] == 'y' || line[0] == 'Y')
	return 2;
    else if (line[0] == 'n' || line[0] == 'N')
	return 1;
    else
	return 0;
}

/*
 * Warn about the obsolescent key file format.
 * 
 * Uniquely among these functions, this one does _not_ expect a
 * frontend handle. This means that if PuTTY is ported to a
 * platform which requires frontend handles, this function will be
 * an anomaly. Fortunately, the problem it addresses will not have
 * been present on that platform, so it can plausibly be
 * implemented as an empty function.
 */
void old_keyfile_warning(void)
{
    static const char message[] =
	"You are loading an SSH 2 private key which has an\n"
	"old version of the file format. This means your key\n"
	"file is not fully tamperproof. Future versions of\n"
	"PuTTY may stop supporting this private key format,\n"
	"so we recommend you convert your key to the new\n"
	"format.\n"
	"\n"
	"Once the key is loaded into PuTTYgen, you can perform\n"
	"this conversion simply by saving it again.\n";

    fputs(message, stderr);
}

void console_provide_logctx(void *logctx)
{
    console_logctx = logctx;
}

void logevent(void *frontend, const char *string)
{
    if (console_logctx)
	log_eventlog(console_logctx, string);
}

int console_get_line(const char *prompt, char *str,
		     int maxlen, int is_pw)
{
    struct termios oldmode, newmode;
    int i;

    if (console_batch_mode) {
	if (maxlen > 0)
	    str[0] = '\0';
	return 0;
    } else {
	tcgetattr(0, &oldmode);
	newmode = oldmode;
	newmode.c_lflag |= ISIG | ICANON;
	if (is_pw)
	    newmode.c_lflag &= ~ECHO;
	else
	    newmode.c_lflag |= ECHO;
	tcsetattr(0, TCSANOW, &newmode);

	fputs(prompt, stdout);
	fflush(stdout);
	i = read(0, str, maxlen - 1);

	tcsetattr(0, TCSANOW, &oldmode);

	if (i > 0 && str[i-1] == '\n')
	    i--;
	str[i] = '\0';

	if (is_pw)
	    fputs("\n", stdout);

	return 1;
    }
}

void frontend_keypress(void *handle)
{
    /*
     * This is nothing but a stub, in console code.
     */
    return;
}

int is_interactive(void)
{
    return isatty(0);
}

/*
 * X11-forwarding-related things suitable for console.
 */

const char platform_x11_best_transport[] = "unix";

char *platform_get_x_display(void) {
    return dupstr(getenv("DISPLAY"));
}
Commit	Line	Data
c5e438ec	1	/*
	2	* uxcons.c: various interactive-prompt routines shared between the
	3	* Unix console PuTTY tools
	4	*/
	5
	6	#include <stdio.h>
	7	#include <stdlib.h>
	8	#include <stdarg.h>
	9	#include <assert.h>
	10	#include <termios.h>
	11	#include <unistd.h>
	12
	13	#include "putty.h"
	14	#include "storage.h"
	15	#include "ssh.h"
	16
	17	int console_batch_mode = FALSE;
	18
b51259f6	19	static void *console_logctx = NULL;
b51259f6	20
c5e438ec	21	/*
	22	* Clean up and exit.
	23	*/
	24	void cleanup_exit(int code)
	25	{
	26	/*
	27	* Clean up.
	28	*/
	29	sk_cleanup();
e85da6a5	30	random_save_seed();
c5e438ec	31	exit(code);
	32	}
	33
125105d1	34	void update_specials_menu(void *frontend)
	35	{
	36	}
	37
39934deb	38	void notify_remote_exit(void *frontend)
	39	{
	40	}
	41
	42	void timer_change_notify(long next)
	43	{
	44	}
	45
c5e438ec	46	void verify_ssh_host_key(void frontend, char host, int port, char *keytype,
	47	char keystr, char fingerprint)
	48	{
	49	int ret;
	50
	51	static const char absentmsg_batch[] =
	52	"The server's host key is not cached. You have no guarantee\n"
	53	"that the server is the computer you think it is.\n"
65f66c88	54	"The server's %s key fingerprint is:\n"
c5e438ec	55	"%s\n"
	56	"Connection abandoned.\n";
	57	static const char absentmsg[] =
	58	"The server's host key is not cached. You have no guarantee\n"
	59	"that the server is the computer you think it is.\n"
65f66c88	60	"The server's %s key fingerprint is:\n"
c5e438ec	61	"%s\n"
	62	"If you trust this host, enter \"y\" to add the key to\n"
	63	"PuTTY's cache and carry on connecting.\n"
	64	"If you want to carry on connecting just once, without\n"
	65	"adding the key to the cache, enter \"n\".\n"
	66	"If you do not trust this host, press Return to abandon the\n"
	67	"connection.\n"
	68	"Store key in cache? (y/n) ";
	69
	70	static const char wrongmsg_batch[] =
	71	"WARNING - POTENTIAL SECURITY BREACH!\n"
	72	"The server's host key does not match the one PuTTY has\n"
	73	"cached. This means that either the server administrator\n"
	74	"has changed the host key, or you have actually connected\n"
	75	"to another computer pretending to be the server.\n"
65f66c88	76	"The new %s key fingerprint is:\n"
c5e438ec	77	"%s\n"
	78	"Connection abandoned.\n";
	79	static const char wrongmsg[] =
	80	"WARNING - POTENTIAL SECURITY BREACH!\n"
	81	"The server's host key does not match the one PuTTY has\n"
	82	"cached. This means that either the server administrator\n"
	83	"has changed the host key, or you have actually connected\n"
	84	"to another computer pretending to be the server.\n"
65f66c88	85	"The new %s key fingerprint is:\n"
c5e438ec	86	"%s\n"
	87	"If you were expecting this change and trust the new key,\n"
	88	"enter \"y\" to update PuTTY's cache and continue connecting.\n"
	89	"If you want to carry on connecting but without updating\n"
	90	"the cache, enter \"n\".\n"
	91	"If you want to abandon the connection completely, press\n"
	92	"Return to cancel. Pressing Return is the ONLY guaranteed\n"
	93	"safe choice.\n"
	94	"Update cached key? (y/n, Return cancels connection) ";
	95
	96	static const char abandoned[] = "Connection abandoned.\n";
	97
	98	char line[32];
	99
	100	/*
	101	* Verify the key.
	102	*/
	103	ret = verify_host_key(host, port, keytype, keystr);
	104
	105	if (ret == 0) /* success - key matched OK */
	106	return;
	107
	108	if (ret == 2) { /* key was different */
	109	if (console_batch_mode) {
65f66c88	110	fprintf(stderr, wrongmsg_batch, keytype, fingerprint);
c5e438ec	111	cleanup_exit(1);
c5e438ec	112	}
65f66c88	113	fprintf(stderr, wrongmsg, keytype, fingerprint);
c5e438ec	114	fflush(stderr);
	115	}
	116	if (ret == 1) { /* key was absent */
	117	if (console_batch_mode) {
65f66c88	118	fprintf(stderr, absentmsg_batch, keytype, fingerprint);
c5e438ec	119	cleanup_exit(1);
c5e438ec	120	}
65f66c88	121	fprintf(stderr, absentmsg, keytype, fingerprint);
c5e438ec	122	fflush(stderr);
	123	}
	124
	125	{
	126	struct termios oldmode, newmode;
	127	tcgetattr(0, &oldmode);
	128	newmode = oldmode;
	129	newmode.c_lflag \|= ECHO \| ISIG \| ICANON;
	130	tcsetattr(0, TCSANOW, &newmode);
	131	line[0] = '\0';
	132	read(0, line, sizeof(line) - 1);
	133	tcsetattr(0, TCSANOW, &oldmode);
	134	}
	135
	136	if (line[0] != '\0' && line[0] != '\r' && line[0] != '\n') {
	137	if (line[0] == 'y' \|\| line[0] == 'Y')
	138	store_host_key(host, port, keytype, keystr);
	139	} else {
	140	fprintf(stderr, abandoned);
	141	cleanup_exit(0);
	142	}
	143	}
	144
	145	/*
	146	* Ask whether the selected cipher is acceptable (since it was
	147	* below the configured 'warn' threshold).
	148	* cs: 0 = both ways, 1 = client->server, 2 = server->client
	149	*/
	150	void askcipher(void frontend, char ciphername, int cs)
	151	{
	152	static const char msg[] =
	153	"The first %scipher supported by the server is\n"
	154	"%s, which is below the configured warning threshold.\n"
	155	"Continue with connection? (y/n) ";
	156	static const char msg_batch[] =
	157	"The first %scipher supported by the server is\n"
	158	"%s, which is below the configured warning threshold.\n"
	159	"Connection abandoned.\n";
	160	static const char abandoned[] = "Connection abandoned.\n";
	161
	162	char line[32];
	163
	164	if (console_batch_mode) {
	165	fprintf(stderr, msg_batch,
	166	(cs == 0) ? "" :
	167	(cs == 1) ? "client-to-server " : "server-to-client ",
	168	ciphername);
	169	cleanup_exit(1);
	170	}
	171
	172	fprintf(stderr, msg,
	173	(cs == 0) ? "" :
	174	(cs == 1) ? "client-to-server " : "server-to-client ",
	175	ciphername);
	176	fflush(stderr);
	177
	178	{
	179	struct termios oldmode, newmode;
	180	tcgetattr(0, &oldmode);
	181	newmode = oldmode;
	182	newmode.c_lflag \|= ECHO \| ISIG \| ICANON;
	183	tcsetattr(0, TCSANOW, &newmode);
	184	line[0] = '\0';
	185	read(0, line, sizeof(line) - 1);
186	tcsetattr(0, TCSANOW, &oldmode);
187	}
188
189	if (line[0] == 'y' \|\| line[0] == 'Y') {
190	return;
191	} else {
192	fprintf(stderr, abandoned);
193	cleanup_exit(0);
194	}
195	}
196
197	/*
198	* Ask whether to wipe a session log file before writing to it.
199	* Returns 2 for wipe, 1 for append, 0 for cancel (don't log).
200	*/
9a30e26b	201	int askappend(void *frontend, Filename filename)
c5e438ec	202	{
	203	static const char msgtemplate[] =
	204	"The session log file \"%.*s\" already exists.\n"
	205	"You can overwrite it with a new session log,\n"
	206	"append your session log to the end of it,\n"
	207	"or disable session logging for this session.\n"
	208	"Enter \"y\" to wipe the file, \"n\" to append to it,\n"
	209	"or just press Return to disable logging.\n"
	210	"Wipe the log file? (y/n, Return cancels logging) ";
	211
	212	static const char msgtemplate_batch[] =
	213	"The session log file \"%.*s\" already exists.\n"
	214	"Logging will not be enabled.\n";
	215
	216	char line[32];
	217
c5e438ec	218	if (console_batch_mode) {
9a30e26b	219	fprintf(stderr, msgtemplate_batch, FILENAME_MAX, filename.path);
c5e438ec	220	fflush(stderr);
	221	return 0;
	222	}
9a30e26b	223	fprintf(stderr, msgtemplate, FILENAME_MAX, filename.path);
c5e438ec	224	fflush(stderr);
	225
	226	{
	227	struct termios oldmode, newmode;
	228	tcgetattr(0, &oldmode);
	229	newmode = oldmode;
	230	newmode.c_lflag \|= ECHO \| ISIG \| ICANON;
	231	tcsetattr(0, TCSANOW, &newmode);
	232	line[0] = '\0';
	233	read(0, line, sizeof(line) - 1);
	234	tcsetattr(0, TCSANOW, &oldmode);
	235	}
	236
	237	if (line[0] == 'y' \|\| line[0] == 'Y')
	238	return 2;
	239	else if (line[0] == 'n' \|\| line[0] == 'N')
	240	return 1;
	241	else
	242	return 0;
	243	}
	244
	245	/*
	246	* Warn about the obsolescent key file format.
	247	*
	248	* Uniquely among these functions, this one does _not_ expect a
	249	* frontend handle. This means that if PuTTY is ported to a
	250	* platform which requires frontend handles, this function will be
	251	* an anomaly. Fortunately, the problem it addresses will not have
	252	* been present on that platform, so it can plausibly be
	253	* implemented as an empty function.
	254	*/
	255	void old_keyfile_warning(void)
	256	{
	257	static const char message[] =
	258	"You are loading an SSH 2 private key which has an\n"
	259	"old version of the file format. This means your key\n"
	260	"file is not fully tamperproof. Future versions of\n"
	261	"PuTTY may stop supporting this private key format,\n"
	262	"so we recommend you convert your key to the new\n"
	263	"format.\n"
	264	"\n"
	265	"Once the key is loaded into PuTTYgen, you can perform\n"
	266	"this conversion simply by saving it again.\n";
	267
	268	fputs(message, stderr);
	269	}
	270
b51259f6	271	void console_provide_logctx(void *logctx)
	272	{
	273	console_logctx = logctx;
	274	}
	275
cbe2d68f	276	void logevent(void frontend, const char string)
c5e438ec	277	{
b51259f6	278	if (console_logctx)
b51259f6	279	log_eventlog(console_logctx, string);
c5e438ec	280	}
	281
	282	int console_get_line(const char prompt, char str,
	283	int maxlen, int is_pw)
	284	{
	285	struct termios oldmode, newmode;
	286	int i;
	287
	288	if (console_batch_mode) {
	289	if (maxlen > 0)
	290	str[0] = '\0';
a21a6a9a	291	return 0;
c5e438ec	292	} else {
	293	tcgetattr(0, &oldmode);
	294	newmode = oldmode;
	295	newmode.c_lflag \|= ISIG \| ICANON;
	296	if (is_pw)
	297	newmode.c_lflag &= ~ECHO;
	298	else
	299	newmode.c_lflag \|= ECHO;
	300	tcsetattr(0, TCSANOW, &newmode);
	301
	302	fputs(prompt, stdout);
	303	fflush(stdout);
	304	i = read(0, str, maxlen - 1);
	305
	306	tcsetattr(0, TCSANOW, &oldmode);
	307
	308	if (i > 0 && str[i-1] == '\n')
	309	i--;
	310	str[i] = '\0';
	311
	312	if (is_pw)
8d69b472	313	fputs("\n", stdout);
a21a6a9a	314
a21a6a9a	315	return 1;
c5e438ec	316	}
c5e438ec	317	}
	318
	319	void frontend_keypress(void *handle)
	320	{
	321	/*
	322	* This is nothing but a stub, in console code.
	323	*/
	324	return;
	325	}
47a6b94c	326
	327	int is_interactive(void)
	328	{
	329	return isatty(0);
	330	}
46ed7b64	331
	332	/*
	333	* X11-forwarding-related things suitable for console.
	334	*/
	335
	336	const char platform_x11_best_transport[] = "unix";
	337
	338	char *platform_get_x_display(void) {
	339	return dupstr(getenv("DISPLAY"));
	340	}