void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
char *keystr, char *fingerprint)
{
- Str255 stuff;
+ Str255 pappname;
+ Str255 pfingerprint;
+ Str255 pkeytype;
Session *s = frontend;
- int ret;
+ int ret, alertret;
+
+ c2pstrcpy(pappname, appname);
+ c2pstrcpy(pkeytype, keytype);
+ c2pstrcpy(pfingerprint, fingerprint);
/*
* This function is horribly wrong. For one thing, the alert
if (ret == 0) /* success - key matched OK */
return;
if (ret == 2) { /* key was different */
- stuff[0] = sprintf((char *)(&stuff[1]),
- "WARNING - POTENTIAL SECURITY BREACH\n",
- "The key fingerprint is: %s\n"
- "Continue connecting?", fingerprint);
- ParamText(stuff, NULL, NULL, NULL);
+ ParamText(pappname, pkeytype, pfingerprint, NULL);
+ alertret=CautionAlert(wWrong, NULL);
+ if (alertret == 9) {
+ /* Cancel */
+ goto cancel;
+ } else if (alertret == 8) {
+ /* Connect Just Once */
+ } else {
+ /* Update Key */
+ store_host_key(host, port, keytype, keystr);
+ }
}
if (ret == 1) { /* key was absent */
- stuff[0] = sprintf((char *)(&stuff[1]),
- "The server's key fingerprint is: %s\n"
- "Continue connecting?", fingerprint);
- ParamText(stuff, NULL, NULL, NULL);
+ ParamText(pkeytype, pfingerprint, pappname, NULL);
+ alertret=CautionAlert(wAbsent, NULL);
+ if (alertret == 8) {
+ /* Cancel */
+ goto cancel;
+ } else if (alertret == 7) {
+ /* Connect Just Once */
+ } else {
+ /* Update Key */
+ store_host_key(host, port, keytype, keystr);
+ }
}
- if (CautionAlert(wQuestion, NULL) == 2) {
- /*
- * User chose "Cancel". Unfortunately, if I tear the
- * connection down here, Bad Things happen when I return. I
- * think this function should actually return something
- * telling the SSH code to abandon the connection.
- */
- } else {
- store_host_key(host, port, keytype, keystr);
- }
+ return;
+
+ cancel:
+ /*
+ * User chose "Cancel". Unfortunately, if I tear the
+ * connection down here, Bad Things happen when I return. I
+ * think this function should actually return something
+ * telling the SSH code to abandon the connection.
+ */
+ return;
}
void askalg(void *frontend, const char *algtype, const char *algname)
}
};
+/* Absent host key */
+
+resource 'ALRT' (wAbsent, "absent", purgeable) {
+ {32, 67, 332, 435},
+ wAbsent,
+ beepStages,
+ alertPositionMainScreen
+};
+
+resource 'DITL' (wAbsent, "absent", purgeable) {
+ { /* array DITLarray: 8 elements */
+ /* [1] */
+ {11, 72, 60, 357},
+ StaticText {
+ disabled,
+ "The server's host key is not cached. You "
+ "have no guarantee that the server is the "
+ "computer you think it is."
+ },
+ /* [2] */
+ {65, 71, 113, 355},
+ StaticText {
+ disabled,
+ "The server's ^0 key fingerprint is:\n^1"
+ },
+ /* [3] */
+ {121, 70, 172, 354},
+ StaticText {
+ disabled,
+ "If you trust this host, hit Add Key to add "
+ "the key to ^2's cache and carry on "
+ "connecting."
+ },
+ /* [4] */
+ {178, 70, 226, 354},
+ StaticText {
+ disabled,
+ "If you want to carry on connecting just "
+ "once, without adding the key to the cache, "
+ "select Just Once."
+ },
+ /* [5] */
+ {233, 69, 281, 353},
+ StaticText {
+ disabled,
+ "If you do not trust this host, hit Cancel "
+ "to abandon the connection."
+ },
+ /* [6] */
+ {285, 70, 303, 139},
+ Button {
+ enabled,
+ "Add Key"
+ },
+ /* [7] */
+ {285, 214, 305, 288},
+ Button {
+ enabled,
+ "Just Once"
+ },
+ /* [8] */
+ {284, 295, 304, 354},
+ Button {
+ enabled,
+ "Cancel"
+ }
+ }
+};
+
+/* Wrong host key */
+
+resource 'ALRT' (wWrong, "wrong", purgeable) {
+ {32, 67, 422, 435},
+ wWrong,
+ beepStages,
+ alertPositionMainScreen
+};
+
+resource 'DITL' (wWrong, "wrong", purgeable) {
+ { /* array DITLarray: 9 elements */
+ /* [1] */
+ {7, 74, 23, 358},
+ StaticText {
+ disabled,
+ "WARNING - POTENTIAL SECURITY BREACH!"
+ },
+ /* [2] */
+ {32, 72, 131, 357},
+ StaticText {
+ disabled,
+ "The server's host key does not match the "
+ "one ^0 has cached. This means that either "
+ "the server administrator has changed "
+ "the host key, or you have actually connected "
+ "to another computer pretending to be the "
+ "server."
+ },
+ /* [3] */
+ {142, 72, 190, 356},
+ StaticText {
+ disabled,
+ "The new ^1 key fingerprint is:\n^2"
+ },
+ /* [4] */
+ {190, 73, 238, 357},
+ StaticText {
+ disabled,
+ "If you were expecting this change and "
+ "trust the new key, hit Update Key to update "
+ "^0's cache and continue connecting."
+ },
+ /* [5] */
+ {246, 74, 294, 358},
+ StaticText {
+ disabled,
+ "If you want to carry on connecting just "
+ "once, without adding the key to the cache, "
+ "select Just Once."
+ },
+ /* [6] */
+ {301, 74, 349, 358},
+ StaticText {
+ disabled,
+ "If you do not trust this host, hit Cancel "
+ "to abandon the connection. This is the "
+ "ONLY guaranteed safe choice."
+ },
+ /* [7] */
+ {361, 76, 379, 163},
+ Button {
+ enabled,
+ "Update Key"
+ },
+ /* [8] */
+ {360, 215, 380, 289},
+ Button {
+ enabled,
+ "Just Once"
+ },
+ /* [9] */
+ {360, 298, 380, 357},
+ Button {
+ enabled,
+ "Cancel"
+ }
+ }
+};
+
/* Terminal window */
resource 'WIND' (wTerminal, "terminal", purgeable) {
char *resname;
Str255 presname;
Handle resvalue;
+ Handle reshandle;
int id;
/* Open the host key file */
UseResFile(keyrefnum);
resname = dupprintf("%s@%d:%s", keytype, port, hostname);
c2pstrcpy(presname, resname);
-
+
+ reshandle = Get1NamedResource(FOUR_CHAR_CODE('TEXT'), presname);
+ if (reshandle != NULL) {
+ /* The resource exists, we're replacing a host key */
+ RemoveResource(reshandle);
+ }
error = PtrToHand(key, &resvalue, strlen(key));
if (error != noErr) goto out;