X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/13f302dcc1b697cc6f8ea360c4a20eeb1fcb9159..6f3370a03ed6393c049a13b78d2188135624beea:/windows/winpgnt.c

diff --git a/windows/winpgnt.c b/windows/winpgnt.c
index eee99f50..291593e4 100644
--- a/windows/winpgnt.c
+++ b/windows/winpgnt.c
@@ -159,10 +159,8 @@ struct blob {
 };
 static int cmpkeys_ssh2_asymm(void *av, void *bv);
 
-#define PASSPHRASE_MAXLEN 512
-
 struct PassphraseProcStruct {
-    char *passphrase;
+    char **passphrase;
     char *comment;
 };
 
@@ -247,7 +245,7 @@ static HWND passphrase_box;
 static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
 				   WPARAM wParam, LPARAM lParam)
 {
-    static char *passphrase = NULL;
+    static char **passphrase = NULL;
     struct PassphraseProcStruct *p;
 
     switch (msg) {
@@ -275,8 +273,9 @@ static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
 	passphrase = p->passphrase;
 	if (p->comment)
 	    SetDlgItemText(hwnd, 101, p->comment);
-	*passphrase = 0;
-	SetDlgItemText(hwnd, 102, passphrase);
+        burnstr(*passphrase);
+        *passphrase = dupstr("");
+	SetDlgItemText(hwnd, 102, *passphrase);
 	return 0;
       case WM_COMMAND:
 	switch (LOWORD(wParam)) {
@@ -291,9 +290,8 @@ static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
 	    return 0;
 	  case 102:		       /* edit box */
 	    if ((HIWORD(wParam) == EN_CHANGE) && passphrase) {
-		GetDlgItemText(hwnd, 102, passphrase,
-			       PASSPHRASE_MAXLEN - 1);
-		passphrase[PASSPHRASE_MAXLEN - 1] = '\0';
+                burnstr(*passphrase);
+                *passphrase = GetDlgItemText_alloc(hwnd, 102);
 	    }
 	    return 0;
 	}
@@ -385,9 +383,9 @@ static void keylist_update(void)
 /*
  * This function loads a key from a file and adds it.
  */
-static void add_keyfile(Filename filename)
+static void add_keyfile(Filename *filename)
 {
-    char passphrase[PASSPHRASE_MAXLEN];
+    char *passphrase;
     struct RSAKey *rkey = NULL;
     struct ssh2_userkey *skey = NULL;
     int needs_pass;
@@ -395,11 +393,10 @@ static void add_keyfile(Filename filename)
     int attempts;
     char *comment;
     const char *error = NULL;
-    struct PassphraseProcStruct pps;
     int type;
     int original_pass;
 	
-    type = key_type(&filename);
+    type = key_type(filename);
     if (type != SSH_KEYTYPE_SSH1 && type != SSH_KEYTYPE_SSH2) {
 	char *msg = dupprintf("Couldn't load this key (%s)",
 			      key_type_to_str(type));
@@ -419,7 +416,7 @@ static void add_keyfile(Filename filename)
 	int i, nkeys, bloblen, keylistlen;
 
 	if (type == SSH_KEYTYPE_SSH1) {
-	    if (!rsakey_pubblob(&filename, &blob, &bloblen, NULL, &error)) {
+	    if (!rsakey_pubblob(filename, &blob, &bloblen, NULL, &error)) {
 		char *msg = dupprintf("Couldn't load private key (%s)", error);
 		message_box(msg, APPNAME, MB_OK | MB_ICONERROR,
 			    HELPCTXID(errors_cantloadkey));
@@ -429,7 +426,7 @@ static void add_keyfile(Filename filename)
 	    keylist = get_keylist1(&keylistlen);
 	} else {
 	    unsigned char *blob2;
-	    blob = ssh2_userkey_loadpub(&filename, NULL, &bloblen,
+	    blob = ssh2_userkey_loadpub(filename, NULL, &bloblen,
 					NULL, &error);
 	    if (!blob) {
 		char *msg = dupprintf("Couldn't load private key (%s)", error);
@@ -517,23 +514,30 @@ static void add_keyfile(Filename filename)
 
     error = NULL;
     if (type == SSH_KEYTYPE_SSH1)
-	needs_pass = rsakey_encrypted(&filename, &comment);
+	needs_pass = rsakey_encrypted(filename, &comment);
     else
-	needs_pass = ssh2_userkey_encrypted(&filename, &comment);
+	needs_pass = ssh2_userkey_encrypted(filename, &comment);
     attempts = 0;
     if (type == SSH_KEYTYPE_SSH1)
 	rkey = snew(struct RSAKey);
-    pps.passphrase = passphrase;
-    pps.comment = comment;
+    passphrase = NULL;
     original_pass = 0;
     do {
+        burnstr(passphrase);
+        passphrase = NULL;
+
 	if (needs_pass) {
 	    /* try all the remembered passphrases first */
 	    char *pp = index234(passphrases, attempts);
 	    if(pp) {
-		strcpy(passphrase, pp);
+		passphrase = dupstr(pp);
 	    } else {
 		int dlgret;
+                struct PassphraseProcStruct pps;
+
+                pps.passphrase = &passphrase;
+                pps.comment = comment;
+
 		original_pass = 1;
 		dlgret = DialogBoxParam(hinst, MAKEINTRESOURCE(210),
 					NULL, PassphraseProc, (LPARAM) &pps);
@@ -545,13 +549,16 @@ static void add_keyfile(Filename filename)
 			sfree(rkey);
 		    return;		       /* operation cancelled */
 		}
+
+                assert(passphrase != NULL);
 	    }
 	} else
-	    *passphrase = '\0';
+	    passphrase = dupstr("");
+
 	if (type == SSH_KEYTYPE_SSH1)
-	    ret = loadrsakey(&filename, rkey, passphrase, &error);
+	    ret = loadrsakey(filename, rkey, passphrase, &error);
 	else {
-	    skey = ssh2_load_userkey(&filename, passphrase, &error);
+	    skey = ssh2_load_userkey(filename, passphrase, &error);
 	    if (skey == SSH2_WRONG_PASSPHRASE)
 		ret = -1;
 	    else if (!skey)
@@ -562,11 +569,14 @@ static void add_keyfile(Filename filename)
 	attempts++;
     } while (ret == -1);
 
-    /* if they typed in an ok passphrase, remember it */
     if(original_pass && ret) {
-	char *pp = dupstr(passphrase);
-	addpos234(passphrases, pp, 0);
+        /* If they typed in an ok passphrase, remember it */
+	addpos234(passphrases, passphrase, 0);
+    } else {
+        /* Otherwise, destroy it */
+        burnstr(passphrase);
     }
+    passphrase = NULL;
 
     if (comment)
 	sfree(comment);
@@ -1928,8 +1938,10 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
                     }
 #endif
 		    if (!EqualSid(mapowner, ourself) &&
-                        !EqualSid(mapowner, ourself2))
+                        !EqualSid(mapowner, ourself2)) {
+                        CloseHandle(filemap);
 			return 0;      /* security ID mismatch! */
+                    }
 #ifdef DEBUG_IPC
 		    debug(("security stuff matched\n"));
 #endif