Make keyboard-interactive authentication configurable off. (This is

a stopgap until we get round to a proper authentications preference
list.)

git-svn-id: svn://svn.tartarus.org/sgt/putty@1426 cda61777-01e9-0310-a592-d414129be87e

diff --git a/putty.h b/putty.h
index cee5ae9..ada0858 100644 (file)
--- a/putty.h
+++ b/putty.h
@@ -252,6 +252,7 @@ typedef struct {
     int sshprot;                      /* use v1 or v2 when both available */
     int buggymac;                     /* MAC bug commmercial <=v2.3.x SSH2 */
     int try_tis_auth;
+    int try_ki_auth;
     int ssh_subsys;                   /* run a subsystem rather than a command */
     int ssh_subsys2;                  /* fallback to go with remote_cmd2 */
     /* Telnet options */

diff --git a/settings.c b/settings.c
index 26c7744..27c21dd 100644 (file)
--- a/settings.c
+++ b/settings.c
@@ -174,6 +174,7 @@ void save_settings(char *section, int do_host, Config * cfg)
     wprefs(sesskey, "Cipher", ciphernames, CIPHER_MAX,
           cfg->ssh_cipherlist);
     write_setting_i(sesskey, "AuthTIS", cfg->try_tis_auth);
+    write_setting_i(sesskey, "AuthKI", cfg->try_ki_auth);
     write_setting_i(sesskey, "SshProt", cfg->sshprot);
     write_setting_i(sesskey, "BuggyMAC", cfg->buggymac);
     write_setting_s(sesskey, "PublicKeyFile", cfg->keyfile);
@@ -360,6 +361,7 @@ void load_settings(char *section, int do_host, Config * cfg)
     gppi(sesskey, "SshProt", 1, &cfg->sshprot);
     gppi(sesskey, "BuggyMAC", 0, &cfg->buggymac);
     gppi(sesskey, "AuthTIS", 0, &cfg->try_tis_auth);
+    gppi(sesskey, "AuthKI", 1, &cfg->try_ki_auth);
     gpps(sesskey, "PublicKeyFile", "", cfg->keyfile, sizeof(cfg->keyfile));
     gpps(sesskey, "RemoteCommand", "", cfg->remote_cmd,
         sizeof(cfg->remote_cmd));

diff --git a/ssh.c b/ssh.c
index baa811f..0d299ea 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -3910,7 +3910,7 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt)
                    in_commasep_string("publickey", methods, methlen);
                can_passwd =
                    in_commasep_string("password", methods, methlen);
-               can_keyb_inter = 
+               can_keyb_inter = cfg.try_ki_auth &&
                    in_commasep_string("keyboard-interactive", methods, methlen);
            }
 

diff --git a/windlg.c b/windlg.c
index 3a33d7e..7113360 100644 (file)
--- a/windlg.c
+++ b/windlg.c
@@ -474,6 +474,7 @@ enum { IDCX_ABOUT =
     IDC_PKBUTTON,
     IDC_AGENTFWD,
     IDC_AUTHTIS,
+    IDC_AUTHKI,
     sshauthpanelend,
 
     selectionpanelstart,
@@ -740,6 +741,7 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess)
     CheckRadioButton(hwnd, IDC_SSHPROT1, IDC_SSHPROT2,
                     cfg.sshprot == 1 ? IDC_SSHPROT1 : IDC_SSHPROT2);
     CheckDlgButton(hwnd, IDC_AUTHTIS, cfg.try_tis_auth);
+    CheckDlgButton(hwnd, IDC_AUTHKI, cfg.try_ki_auth);
     SetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile);
     SetDlgItemText(hwnd, IDC_CMDEDIT, cfg.remote_cmd);
 
@@ -1322,7 +1324,7 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
     }
 
     if (panel == sshauthpanelstart) {
-       /* The SSH authentication panel. Accelerators used: [acgo] m fkw */
+       /* The SSH authentication panel. Accelerators used: [acgo] m fkiw */
        struct ctlpos cp;
        ctlposinit(&cp, hwnd, 80, 3, 13);
        if (dlgtype == 0) {
@@ -1330,8 +1332,10 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
                     IDC_TITLE_SSHAUTH);
            beginbox(&cp, "Authentication methods",
                     IDC_BOX_SSHAUTH1);
-           checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication",
+           checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication (SSH1)",
                     IDC_AUTHTIS);
+           checkbox(&cp, "Attempt \"keyboard-&interactive\" authentication"
+                    " (SSH2)", IDC_AUTHKI);
            endbox(&cp);
            beginbox(&cp, "Authentication parameters",
                     IDC_BOX_SSHAUTH2);
@@ -2401,6 +2405,12 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
                        cfg.try_tis_auth =
                        IsDlgButtonChecked(hwnd, IDC_AUTHTIS);
                break;
+             case IDC_AUTHKI:
+               if (HIWORD(wParam) == BN_CLICKED ||
+                   HIWORD(wParam) == BN_DOUBLECLICKED)
+                       cfg.try_ki_auth =
+                       IsDlgButtonChecked(hwnd, IDC_AUTHKI);
+               break;
              case IDC_PKEDIT:
                if (HIWORD(wParam) == EN_CHANGE)
                    GetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile,