Add notification when using the various auth methods with server-supplied

prompts, to make it more obvious if a server is attempting to spoof a local
passphrase prompt.

I believe an alert user could have spotted this in all cases in SSH-2,
although perhaps not in SSH-1. (But they'd have to have enabled
TIS/CryptoCard.)

git-svn-id: svn://svn.tartarus.org/sgt/putty@5450 cda61777-01e9-0310-a592-d414129be87e

diff --git a/ssh.c b/ssh.c
index 94a04fd..e202dbb 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -3337,6 +3337,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen,
                    bombout(("TIS challenge packet was badly formed"));
                    crStop(0);
                }
+               c_write_str(ssh, "Using TIS authentication.\r\n");
                logevent("Received TIS challenge");
                if (challengelen > sizeof(s->prompt) - 1)
                    challengelen = sizeof(s->prompt) - 1;/* prevent overrun */
@@ -3370,6 +3371,7 @@ static int do_ssh1_login(Ssh ssh, unsigned char *in, int inlen,
                    bombout(("CryptoCard challenge packet was badly formed"));
                    crStop(0);
                }
+               c_write_str(ssh, "Using CryptoCard authentication.\r\n");
                logevent("Received CryptoCard challenge");
                if (challengelen > sizeof(s->prompt) - 1)
                    challengelen = sizeof(s->prompt) - 1;/* prevent overrun */
@@ -6802,6 +6804,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen,
                    continue;
                }
 
+               c_write_str(ssh, "Using keyboard-interactive authentication.\r\n");
                s->kbd_inter_running = TRUE;
                s->curr_prompt = 0;
            }