X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/03dcf5251e11d4e71183238bedf6325501b8de48..a832773496d46caa5e328d36a15b4918f24a804e:/windlg.c diff --git a/windlg.c b/windlg.c index bdc98521..5040a241 100644 --- a/windlg.c +++ b/windlg.c @@ -140,7 +140,7 @@ static int CALLBACK LogProc(HWND hwnd, UINT msg, memcpy(p, sel_nl, sizeof(sel_nl)); p += sizeof(sel_nl); } - write_aclip(clipdata, size, TRUE); + write_aclip(NULL, clipdata, size, TRUE); sfree(clipdata); } sfree(selitems); @@ -509,9 +509,9 @@ enum { IDCX_ABOUT = IDC_CIPHERLIST, IDC_CIPHERUP, IDC_CIPHERDN, - IDC_BUGGYMAC, IDC_SSH2DES, IDC_SSHPROTSTATIC, + IDC_SSHPROT1ONLY, IDC_SSHPROT1, IDC_SSHPROT2, IDC_SSHPROT2ONLY, @@ -533,6 +533,25 @@ enum { IDCX_ABOUT = IDC_AUTHKI, sshauthpanelend, + sshbugspanelstart, + IDC_TITLE_SSHBUGS, + IDC_BOX_SSHBUGS1, + IDC_BUGS_IGNORE1, + IDC_BUGD_IGNORE1, + IDC_BUGS_PLAINPW1, + IDC_BUGD_PLAINPW1, + IDC_BUGS_RSA1, + IDC_BUGD_RSA1, + IDC_BUGS_HMAC2, + IDC_BUGD_HMAC2, + IDC_BUGS_DERIVEKEY2, + IDC_BUGD_DERIVEKEY2, + IDC_BUGS_RSAPAD2, + IDC_BUGD_RSAPAD2, + IDC_BUGS_DHGEX2, + IDC_BUGD_DHGEX2, + sshbugspanelend, + selectionpanelstart, IDC_TITLE_SELECTION, IDC_BOX_SELECTION1, @@ -848,6 +867,33 @@ char *help_context_cmd(int id) case IDC_NODELAY: return "JI(`',`connection.nodelay')"; + case IDC_PROXYTYPESTATIC: + case IDC_PROXYTYPENONE: + case IDC_PROXYTYPEHTTP: + case IDC_PROXYTYPESOCKS: + case IDC_PROXYTYPETELNET: + return "JI(`',`proxy.type')"; + case IDC_PROXYHOSTSTATIC: + case IDC_PROXYHOSTEDIT: + case IDC_PROXYPORTSTATIC: + case IDC_PROXYPORTEDIT: + return "JI(`',`proxy.main')"; + case IDC_PROXYEXCLUDESTATIC: + case IDC_PROXYEXCLUDEEDIT: + return "JI(`',`proxy.exclude')"; + case IDC_PROXYUSERSTATIC: + case IDC_PROXYUSEREDIT: + case IDC_PROXYPASSSTATIC: + case IDC_PROXYPASSEDIT: + return "JI(`',`proxy.auth')"; + case IDC_PROXYTELNETCMDSTATIC: + case IDC_PROXYTELNETCMDEDIT: + return "JI(`',`proxy.command')"; + case IDC_PROXYSOCKSVERSTATIC: + case IDC_PROXYSOCKSVER5: + case IDC_PROXYSOCKSVER4: + return "JI(`',`proxy.socksver')"; + case IDC_TSSTATIC: case IDC_TSEDIT: return "JI(`',`telnet.termspeed')"; @@ -888,9 +934,8 @@ char *help_context_cmd(int id) case IDC_CIPHERDN: case IDC_SSH2DES: return "JI(`',`ssh.ciphers')"; - case IDC_BUGGYMAC: - return "JI(`',`ssh.buggymac')"; case IDC_SSHPROTSTATIC: + case IDC_SSHPROT1ONLY: case IDC_SSHPROT1: case IDC_SSHPROT2: case IDC_SSHPROT2ONLY: @@ -983,6 +1028,28 @@ char *help_context_cmd(int id) case IDC_RPORT_ALL: return "JI(`',`ssh.tunnels.portfwd.localhost')"; + case IDC_BUGS_IGNORE1: + case IDC_BUGD_IGNORE1: + return "JI(`',`ssh.bugs.ignore1')"; + case IDC_BUGS_PLAINPW1: + case IDC_BUGD_PLAINPW1: + return "JI(`',`ssh.bugs.plainpw1')"; + case IDC_BUGS_RSA1: + case IDC_BUGD_RSA1: + return "JI(`',`ssh.bugs.rsa1')"; + case IDC_BUGS_HMAC2: + case IDC_BUGD_HMAC2: + return "JI(`',`ssh.bugs.hmac2')"; + case IDC_BUGS_DERIVEKEY2: + case IDC_BUGD_DERIVEKEY2: + return "JI(`',`ssh.bugs.derivekey2')"; + case IDC_BUGS_RSAPAD2: + case IDC_BUGD_RSAPAD2: + return "JI(`',`ssh.bugs.rsapad2')"; + case IDC_BUGS_DHGEX2: + case IDC_BUGD_DHGEX2: + return "JI(`',`ssh.bugs.dhgex2')"; + default: return NULL; } @@ -1147,13 +1214,13 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess) SetDlgItemText(hwnd, IDC_LOGEDIT, cfg.username); CheckDlgButton(hwnd, IDC_NOPTY, cfg.nopty); CheckDlgButton(hwnd, IDC_COMPRESS, cfg.compression); - CheckDlgButton(hwnd, IDC_BUGGYMAC, cfg.buggymac); CheckDlgButton(hwnd, IDC_SSH2DES, cfg.ssh2_des_cbc); CheckDlgButton(hwnd, IDC_AGENTFWD, cfg.agentfwd); CheckDlgButton(hwnd, IDC_CHANGEUSER, cfg.change_username); - CheckRadioButton(hwnd, IDC_SSHPROT1, IDC_SSHPROT2ONLY, + CheckRadioButton(hwnd, IDC_SSHPROT1ONLY, IDC_SSHPROT2ONLY, cfg.sshprot == 1 ? IDC_SSHPROT1 : - cfg.sshprot == 2 ? IDC_SSHPROT2 : IDC_SSHPROT2ONLY); + cfg.sshprot == 2 ? IDC_SSHPROT2 : + cfg.sshprot == 3 ? IDC_SSHPROT2ONLY : IDC_SSHPROT1ONLY); CheckDlgButton(hwnd, IDC_AUTHTIS, cfg.try_tis_auth); CheckDlgButton(hwnd, IDC_AUTHKI, cfg.try_ki_auth); SetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile); @@ -1285,6 +1352,57 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess) SetDlgItemText(hwnd, IDC_PROXYPASSEDIT, cfg.proxy_password); CheckRadioButton(hwnd, IDC_PROXYSOCKSVER5, IDC_PROXYSOCKSVER4, cfg.proxy_socks_version == 4 ? IDC_PROXYSOCKSVER4 : IDC_PROXYSOCKSVER5); + + /* SSH bugs config */ + SendDlgItemMessage(hwnd, IDC_BUGD_IGNORE1, CB_RESETCONTENT, 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_IGNORE1, CB_ADDSTRING, 0, (LPARAM)"Auto"); + SendDlgItemMessage(hwnd, IDC_BUGD_IGNORE1, CB_ADDSTRING, 0, (LPARAM)"Off"); + SendDlgItemMessage(hwnd, IDC_BUGD_IGNORE1, CB_ADDSTRING, 0, (LPARAM)"On"); + SendDlgItemMessage(hwnd, IDC_BUGD_IGNORE1, CB_SETCURSEL, + cfg.sshbug_ignore1 == BUG_ON ? 2 : + cfg.sshbug_ignore1 == BUG_OFF ? 1 : 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_PLAINPW1, CB_RESETCONTENT, 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_PLAINPW1, CB_ADDSTRING, 0, (LPARAM)"Auto"); + SendDlgItemMessage(hwnd, IDC_BUGD_PLAINPW1, CB_ADDSTRING, 0, (LPARAM)"Off"); + SendDlgItemMessage(hwnd, IDC_BUGD_PLAINPW1, CB_ADDSTRING, 0, (LPARAM)"On"); + SendDlgItemMessage(hwnd, IDC_BUGD_PLAINPW1, CB_SETCURSEL, + cfg.sshbug_plainpw1 == BUG_ON ? 2 : + cfg.sshbug_plainpw1 == BUG_OFF ? 1 : 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_RSA1, CB_RESETCONTENT, 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_RSA1, CB_ADDSTRING, 0, (LPARAM)"Auto"); + SendDlgItemMessage(hwnd, IDC_BUGD_RSA1, CB_ADDSTRING, 0, (LPARAM)"Off"); + SendDlgItemMessage(hwnd, IDC_BUGD_RSA1, CB_ADDSTRING, 0, (LPARAM)"On"); + SendDlgItemMessage(hwnd, IDC_BUGD_RSA1, CB_SETCURSEL, + cfg.sshbug_rsa1 == BUG_ON ? 2 : + cfg.sshbug_rsa1 == BUG_OFF ? 1 : 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_HMAC2, CB_RESETCONTENT, 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_HMAC2, CB_ADDSTRING, 0, (LPARAM)"Auto"); + SendDlgItemMessage(hwnd, IDC_BUGD_HMAC2, CB_ADDSTRING, 0, (LPARAM)"Off"); + SendDlgItemMessage(hwnd, IDC_BUGD_HMAC2, CB_ADDSTRING, 0, (LPARAM)"On"); + SendDlgItemMessage(hwnd, IDC_BUGD_HMAC2, CB_SETCURSEL, + cfg.sshbug_hmac2 == BUG_ON ? 2 : + cfg.sshbug_hmac2 == BUG_OFF ? 1 : 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_DERIVEKEY2, CB_RESETCONTENT, 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_DERIVEKEY2, CB_ADDSTRING, 0, (LPARAM)"Auto"); + SendDlgItemMessage(hwnd, IDC_BUGD_DERIVEKEY2, CB_ADDSTRING, 0, (LPARAM)"Off"); + SendDlgItemMessage(hwnd, IDC_BUGD_DERIVEKEY2, CB_ADDSTRING, 0, (LPARAM)"On"); + SendDlgItemMessage(hwnd, IDC_BUGD_DERIVEKEY2, CB_SETCURSEL, + cfg.sshbug_derivekey2 == BUG_ON ? 2 : + cfg.sshbug_derivekey2 == BUG_OFF ? 1 : 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, CB_RESETCONTENT, 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, CB_ADDSTRING, 0, (LPARAM)"Auto"); + SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, CB_ADDSTRING, 0, (LPARAM)"Off"); + SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, CB_ADDSTRING, 0, (LPARAM)"On"); + SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, CB_SETCURSEL, + cfg.sshbug_rsapad2 == BUG_ON ? 2 : + cfg.sshbug_rsapad2 == BUG_OFF ? 1 : 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_RESETCONTENT, 0, 0); + SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"Auto"); + SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"Off"); + SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"On"); + SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_SETCURSEL, + cfg.sshbug_dhgex2 == BUG_ON ? 2 : + cfg.sshbug_dhgex2 == BUG_OFF ? 1 : 0, 0); } struct treeview_faff { @@ -1750,8 +1868,8 @@ static void create_controls(HWND hwnd, int dlgtype, int panel) IDC_PROXYEXCLUDEEDIT, 100, NULL); staticedit(&cp, "&Username", IDC_PROXYUSERSTATIC, IDC_PROXYUSEREDIT, 60); - staticedit(&cp, "Pass&word", IDC_PROXYPASSSTATIC, - IDC_PROXYPASSEDIT, 60); + staticpassedit(&cp, "Pass&word", IDC_PROXYPASSSTATIC, + IDC_PROXYPASSEDIT, 60); endbox(&cp); beginbox(&cp, "Misc. proxy settings", IDC_BOX_PROXY2); multiedit(&cp, @@ -1826,11 +1944,10 @@ static void create_controls(HWND hwnd, int dlgtype, int panel) checkbox(&cp, "Don't allocate a &pseudo-terminal", IDC_NOPTY); checkbox(&cp, "Enable compr&ession", IDC_COMPRESS); radioline(&cp, "Preferred SSH protocol version:", - IDC_SSHPROTSTATIC, 3, + IDC_SSHPROTSTATIC, 4, + "1 on&ly", IDC_SSHPROT1ONLY, "&1", IDC_SSHPROT1, "&2", IDC_SSHPROT2, "2 o&nly", IDC_SSHPROT2ONLY, NULL); - checkbox(&cp, "&Imitate SSH 2 MAC bug in commercial <= v2.3.x", - IDC_BUGGYMAC); endbox(&cp); beginbox(&cp, "Encryption options", IDC_BOX_SSH3); prefslist(&cipherlist, &cp, "Encryption cipher &selection policy:", @@ -1868,6 +1985,33 @@ static void create_controls(HWND hwnd, int dlgtype, int panel) } } + if (panel == sshbugspanelstart) { + /* The SSH bugs panel. Accelerators used: [acgoh] isrmep */ + struct ctlpos cp; + ctlposinit(&cp, hwnd, 80, 3, 13); + if (dlgtype == 0) { + bartitle(&cp, "Workarounds for SSH server bugs", + IDC_TITLE_SSHBUGS); + beginbox(&cp, "Detection of known bugs in SSH servers", + IDC_BOX_SSHBUGS1); + staticddl(&cp, "Chokes on SSH1 &ignore messages", + IDC_BUGS_IGNORE1, IDC_BUGD_IGNORE1, 20); + staticddl(&cp, "Refuses all SSH1 pa&ssword camouflage", + IDC_BUGS_PLAINPW1, IDC_BUGD_PLAINPW1, 20); + staticddl(&cp, "Chokes on SSH1 &RSA authentication", + IDC_BUGS_RSA1, IDC_BUGD_RSA1, 20); + staticddl(&cp, "Miscomputes SSH2 H&MAC keys", + IDC_BUGS_HMAC2, IDC_BUGD_HMAC2, 20); + staticddl(&cp, "Miscomputes SSH2 &encryption keys", + IDC_BUGS_DERIVEKEY2, IDC_BUGD_DERIVEKEY2, 20); + staticddl(&cp, "Requires &padding on SSH2 RSA signatures", + IDC_BUGS_RSAPAD2, IDC_BUGD_RSAPAD2, 20); + staticddl(&cp, "Chokes on &Diffie-Hellman group exchange", + IDC_BUGS_DHGEX2, IDC_BUGD_DHGEX2, 20); + endbox(&cp); + } + } + if (panel == tunnelspanelstart) { /* The Tunnels panel. Accelerators used: [acgoh] deilmrstxp */ struct ctlpos cp; @@ -2044,6 +2188,7 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg, /* XXX make it closed by default? */ treeview_insert(&tvfaff, 2, "Auth"); treeview_insert(&tvfaff, 2, "Tunnels"); + treeview_insert(&tvfaff, 2, "Bugs"); } } @@ -2129,6 +2274,8 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg, create_controls(hwnd, dlgtype, sshpanelstart); if (!strcmp(buffer, "Auth")) create_controls(hwnd, dlgtype, sshauthpanelstart); + if (!strcmp(buffer, "Bugs")) + create_controls(hwnd, dlgtype, sshbugspanelstart); if (!strcmp(buffer, "Selection")) create_controls(hwnd, dlgtype, selectionpanelstart); if (!strcmp(buffer, "Colours")) @@ -3059,12 +3206,6 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg, cfg.compression = IsDlgButtonChecked(hwnd, IDC_COMPRESS); break; - case IDC_BUGGYMAC: - if (HIWORD(wParam) == BN_CLICKED || - HIWORD(wParam) == BN_DOUBLECLICKED) - cfg.buggymac = - IsDlgButtonChecked(hwnd, IDC_BUGGYMAC); - break; case IDC_SSH2DES: if (HIWORD(wParam) == BN_CLICKED || HIWORD(wParam) == BN_DOUBLECLICKED) @@ -3090,11 +3231,14 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg, cfg.ssh_cipherlist, CIPHER_MAX, 0, hwnd, wParam, lParam); break; + case IDC_SSHPROT1ONLY: case IDC_SSHPROT1: case IDC_SSHPROT2: case IDC_SSHPROT2ONLY: if (HIWORD(wParam) == BN_CLICKED || HIWORD(wParam) == BN_DOUBLECLICKED) { + if (IsDlgButtonChecked(hwnd, IDC_SSHPROT1ONLY)) + cfg.sshprot = 0; if (IsDlgButtonChecked(hwnd, IDC_SSHPROT1)) cfg.sshprot = 1; else if (IsDlgButtonChecked(hwnd, IDC_SSHPROT2)) @@ -3133,7 +3277,8 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg, of.lStructSize = sizeof(of); #endif of.hwndOwner = hwnd; - of.lpstrFilter = "All Files\0*\0\0\0"; + of.lpstrFilter = "PuTTY Private Key Files\0*.PPK\0" + "AllFiles\0*\0\0\0"; of.lpstrCustomFilter = NULL; of.nFilterIndex = 1; of.lpstrFile = filename; @@ -3433,6 +3578,62 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg, disaster2:; } break; + case IDC_BUGD_IGNORE1: + if (HIWORD(wParam) == CBN_SELCHANGE) { + int index = SendDlgItemMessage(hwnd, IDC_BUGD_IGNORE1, + CB_GETCURSEL, 0, 0); + cfg.sshbug_ignore1 = (index == 0 ? BUG_AUTO : + index == 1 ? BUG_OFF : BUG_ON); + } + break; + case IDC_BUGD_PLAINPW1: + if (HIWORD(wParam) == CBN_SELCHANGE) { + int index = SendDlgItemMessage(hwnd, IDC_BUGD_PLAINPW1, + CB_GETCURSEL, 0, 0); + cfg.sshbug_plainpw1 = (index == 0 ? BUG_AUTO : + index == 1 ? BUG_OFF : BUG_ON); + } + break; + case IDC_BUGD_RSA1: + if (HIWORD(wParam) == CBN_SELCHANGE) { + int index = SendDlgItemMessage(hwnd, IDC_BUGD_RSA1, + CB_GETCURSEL, 0, 0); + cfg.sshbug_rsa1 = (index == 0 ? BUG_AUTO : + index == 1 ? BUG_OFF : BUG_ON); + } + break; + case IDC_BUGD_HMAC2: + if (HIWORD(wParam) == CBN_SELCHANGE) { + int index = SendDlgItemMessage(hwnd, IDC_BUGD_HMAC2, + CB_GETCURSEL, 0, 0); + cfg.sshbug_hmac2 = (index == 0 ? BUG_AUTO : + index == 1 ? BUG_OFF : BUG_ON); + } + break; + case IDC_BUGD_DERIVEKEY2: + if (HIWORD(wParam) == CBN_SELCHANGE) { + int index = SendDlgItemMessage(hwnd, IDC_BUGD_DERIVEKEY2, + CB_GETCURSEL, 0, 0); + cfg.sshbug_derivekey2 = (index == 0 ? BUG_AUTO : + index == 1 ? BUG_OFF : BUG_ON); + } + break; + case IDC_BUGD_RSAPAD2: + if (HIWORD(wParam) == CBN_SELCHANGE) { + int index = SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, + CB_GETCURSEL, 0, 0); + cfg.sshbug_rsapad2 = (index == 0 ? BUG_AUTO : + index == 1 ? BUG_OFF : BUG_ON); + } + break; + case IDC_BUGD_DHGEX2: + if (HIWORD(wParam) == CBN_SELCHANGE) { + int index = SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, + CB_GETCURSEL, 0, 0); + cfg.sshbug_dhgex2 = (index == 0 ? BUG_AUTO : + index == 1 ? BUG_OFF : BUG_ON); + } + break; } return 0; case WM_HELP: @@ -3548,11 +3749,13 @@ int do_reconfig(HWND hwnd) return ret; } -void logevent(char *string) +void logevent(void *frontend, char *string) { char timebuf[40]; time_t t; + log_eventlog(logctx, string); + if (nevents >= negsize) { negsize += 64; events = srealloc(events, negsize * sizeof(*events)); @@ -3590,7 +3793,7 @@ void showabout(HWND hwnd) DialogBox(hinst, MAKEINTRESOURCE(IDD_ABOUTBOX), hwnd, AboutProc); } -void verify_ssh_host_key(char *host, int port, char *keytype, +void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, char *keystr, char *fingerprint) { int ret; @@ -3666,7 +3869,7 @@ void verify_ssh_host_key(char *host, int port, char *keytype, * below the configured 'warn' threshold). * cs: 0 = both ways, 1 = client->server, 2 = server->client */ -void askcipher(char *ciphername, int cs) +void askcipher(void *frontend, char *ciphername, int cs) { static const char mbtitle[] = "PuTTY Security Alert"; static const char msg[] = @@ -3695,7 +3898,7 @@ void askcipher(char *ciphername, int cs) * Ask whether to wipe a session log file before writing to it. * Returns 2 for wipe, 1 for append, 0 for cancel (don't log). */ -int askappend(char *filename) +int askappend(void *frontend, char *filename) { static const char mbtitle[] = "PuTTY Log to File"; static const char msgtemplate[] = @@ -3724,6 +3927,13 @@ int askappend(char *filename) /* * Warn about the obsolescent key file format. + * + * Uniquely among these functions, this one does _not_ expect a + * frontend handle. This means that if PuTTY is ported to a + * platform which requires frontend handles, this function will be + * an anomaly. Fortunately, the problem it addresses will not have + * been present on that platform, so it can plausibly be + * implemented as an empty function. */ void old_keyfile_warning(void) {