X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/cf6ddb95b1f75d3cefc23ddc18a29293d912bf22..162514b14ee6be0be792c0e66afd5f39b8b194c8:/config.c diff --git a/config.c b/config.c index bc48e271..8b14c073 100644 --- a/config.c +++ b/config.c @@ -236,6 +236,33 @@ static void cipherlist_handler(union control *ctrl, void *dlg, } } +#ifndef NO_GSSAPI +static void gsslist_handler(union control *ctrl, void *dlg, + void *data, int event) +{ + Config *cfg = (Config *)data; + if (event == EVENT_REFRESH) { + int i; + + dlg_update_start(ctrl, dlg); + dlg_listbox_clear(ctrl, dlg); + for (i = 0; i < ngsslibs; i++) { + int id = cfg->ssh_gsslist[i]; + assert(id >= 0 && id < ngsslibs); + dlg_listbox_addwithid(ctrl, dlg, gsslibnames[id], id); + } + dlg_update_done(ctrl, dlg); + + } else if (event == EVENT_VALCHANGE) { + int i; + + /* Update array to match the list box. */ + for (i=0; i < ngsslibs; i++) + cfg->ssh_gsslist[i] = dlg_listbox_getid(ctrl, dlg, i); + } +} +#endif + static void kexlist_handler(union control *ctrl, void *dlg, void *data, int event) { @@ -2077,32 +2104,74 @@ void setup_config_box(struct controlbox *b, int midsession, dlg_stdcheckbox_handler, I(offsetof(Config,try_ki_auth))); -#ifndef NO_GSSAPI - ctrl_checkbox(s, "Attempt GSSAPI auth (SSH-2)", - NO_SHORTCUT, HELPCTX(no_help), - dlg_stdcheckbox_handler, - I(offsetof(Config,try_gssapi_auth))); -#endif - s = ctrl_getset(b, "Connection/SSH/Auth", "params", "Authentication parameters"); ctrl_checkbox(s, "Allow agent forwarding", 'f', HELPCTX(ssh_auth_agentfwd), dlg_stdcheckbox_handler, I(offsetof(Config,agentfwd))); - ctrl_checkbox(s, "Allow attempted changes of username in SSH-2", 'u', + ctrl_checkbox(s, "Allow attempted changes of username in SSH-2", NO_SHORTCUT, HELPCTX(ssh_auth_changeuser), dlg_stdcheckbox_handler, I(offsetof(Config,change_username))); -#ifndef NO_GSSAPI - ctrl_checkbox(s, "Allow GSSAPI credential delegation in SSH-2", NO_SHORTCUT, - HELPCTX(no_help), - dlg_stdcheckbox_handler, - I(offsetof(Config,gssapifwd))); -#endif ctrl_filesel(s, "Private key file for authentication:", 'k', FILTER_KEY_FILES, FALSE, "Select private key file", HELPCTX(ssh_auth_privkey), dlg_stdfilesel_handler, I(offsetof(Config, keyfile))); + +#ifndef NO_GSSAPI + /* + * Connection/SSH/Auth/GSSAPI, which sadly won't fit on + * the main Auth panel. + */ + ctrl_settitle(b, "Connection/SSH/Auth/GSSAPI", + "Options controlling GSSAPI authentication"); + s = ctrl_getset(b, "Connection/SSH/Auth/GSSAPI", "gssapi", NULL); + + ctrl_checkbox(s, "Attempt GSSAPI authentication (SSH-2 only)", + 't', HELPCTX(ssh_gssapi), + dlg_stdcheckbox_handler, + I(offsetof(Config,try_gssapi_auth))); + + ctrl_checkbox(s, "Allow GSSAPI credential delegation", 'l', + HELPCTX(ssh_gssapi_delegation), + dlg_stdcheckbox_handler, + I(offsetof(Config,gssapifwd))); + + /* + * GSSAPI library selection. + */ + if (ngsslibs > 1) { + c = ctrl_draglist(s, "Preference order for GSSAPI libraries:", + 'p', HELPCTX(ssh_gssapi_libraries), + gsslist_handler, P(NULL)); + c->listbox.height = ngsslibs; + + /* + * I currently assume that if more than one GSS + * library option is available, then one of them is + * 'user-supplied' and so we should present the + * following file selector. This is at least half- + * reasonable, because if we're using statically + * linked GSSAPI then there will only be one option + * and no way to load from a user-supplied library, + * whereas if we're using dynamic libraries then + * there will almost certainly be some default + * option in addition to a user-supplied path. If + * anyone ever ports PuTTY to a system on which + * dynamic-library GSSAPI is available but there is + * absolutely no consensus on where to keep the + * libraries, there'll need to be a flag alongside + * ngsslibs to control whether the file selector is + * displayed. + */ + + ctrl_filesel(s, "User-supplied GSSAPI library path:", 's', + FILTER_DYNLIB_FILES, FALSE, "Select library file", + HELPCTX(ssh_gssapi_libraries), + dlg_stdfilesel_handler, + I(offsetof(Config, ssh_gss_custom))); + } +#endif } if (!midsession) {