mdw@git.distorted.org.uk Git - sgt/putty/blob - unix/uxcons.c

   1 /*
   2  * uxcons.c: various interactive-prompt routines shared between the
   3  * Unix console PuTTY tools
   4  */
   5
   6 #include <stdio.h>
   7 #include <stdlib.h>
   8 #include <stdarg.h>
   9 #include <assert.h>
  10 #include <termios.h>
  11 #include <unistd.h>
  12
  13 #include "putty.h"
  14 #include "storage.h"
  15 #include "ssh.h"
  16
  17 int console_batch_mode = FALSE;
  18
  19 /*
  20  * Clean up and exit.
  21  */
  22 void cleanup_exit(int code)
  23 {
  24     /*
  25      * Clean up.
  26      */
  27     sk_cleanup();
  28
  29     if (cfg.protocol == PROT_SSH)
  30         random_save_seed();
  31
  32     exit(code);
  33 }
  34
  35 void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
  36                          char *keystr, char *fingerprint)
  37 {
  38     int ret;
  39
  40     static const char absentmsg_batch[] =
  41         "The server's host key is not cached. You have no guarantee\n"
  42         "that the server is the computer you think it is.\n"
  43         "The server's key fingerprint is:\n"
  44         "%s\n"
  45         "Connection abandoned.\n";
  46     static const char absentmsg[] =
  47         "The server's host key is not cached. You have no guarantee\n"
  48         "that the server is the computer you think it is.\n"
  49         "The server's key fingerprint is:\n"
  50         "%s\n"
  51         "If you trust this host, enter \"y\" to add the key to\n"
  52         "PuTTY's cache and carry on connecting.\n"
  53         "If you want to carry on connecting just once, without\n"
  54         "adding the key to the cache, enter \"n\".\n"
  55         "If you do not trust this host, press Return to abandon the\n"
  56         "connection.\n"
  57         "Store key in cache? (y/n) ";
  58
  59     static const char wrongmsg_batch[] =
  60         "WARNING - POTENTIAL SECURITY BREACH!\n"
  61         "The server's host key does not match the one PuTTY has\n"
  62         "cached. This means that either the server administrator\n"
  63         "has changed the host key, or you have actually connected\n"
  64         "to another computer pretending to be the server.\n"
  65         "The new key fingerprint is:\n"
  66         "%s\n"
  67         "Connection abandoned.\n";
  68     static const char wrongmsg[] =
  69         "WARNING - POTENTIAL SECURITY BREACH!\n"
  70         "The server's host key does not match the one PuTTY has\n"
  71         "cached. This means that either the server administrator\n"
  72         "has changed the host key, or you have actually connected\n"
  73         "to another computer pretending to be the server.\n"
  74         "The new key fingerprint is:\n"
  75         "%s\n"
  76         "If you were expecting this change and trust the new key,\n"
  77         "enter \"y\" to update PuTTY's cache and continue connecting.\n"
  78         "If you want to carry on connecting but without updating\n"
  79         "the cache, enter \"n\".\n"
  80         "If you want to abandon the connection completely, press\n"
  81         "Return to cancel. Pressing Return is the ONLY guaranteed\n"
  82         "safe choice.\n"
  83         "Update cached key? (y/n, Return cancels connection) ";
  84
  85     static const char abandoned[] = "Connection abandoned.\n";
  86
  87     char line[32];
  88
  89     /*
  90      * Verify the key.
  91      */
  92     ret = verify_host_key(host, port, keytype, keystr);
  93
  94     if (ret == 0)                      /* success - key matched OK */
  95         return;
  96
  97     if (ret == 2) {                    /* key was different */
  98         if (console_batch_mode) {
  99             fprintf(stderr, wrongmsg_batch, fingerprint);
 100             cleanup_exit(1);
 101         }
 102         fprintf(stderr, wrongmsg, fingerprint);
 103         fflush(stderr);
 104     }
 105     if (ret == 1) {                    /* key was absent */
 106         if (console_batch_mode) {
 107             fprintf(stderr, absentmsg_batch, fingerprint);
 108             cleanup_exit(1);
 109         }
 110         fprintf(stderr, absentmsg, fingerprint);
 111         fflush(stderr);
 112     }
 113
 114     {
 115         struct termios oldmode, newmode;
 116         tcgetattr(0, &oldmode);
 117         newmode = oldmode;
 118         newmode.c_lflag |= ECHO | ISIG | ICANON;
 119         tcsetattr(0, TCSANOW, &newmode);
 120         line[0] = '\0';
 121         read(0, line, sizeof(line) - 1);
 122         tcsetattr(0, TCSANOW, &oldmode);
 123     }
 124
 125     if (line[0] != '\0' && line[0] != '\r' && line[0] != '\n') {
 126         if (line[0] == 'y' || line[0] == 'Y')
 127             store_host_key(host, port, keytype, keystr);
 128     } else {
 129         fprintf(stderr, abandoned);
 130         cleanup_exit(0);
 131     }
 132 }
 133
 134 /*
 135  * Ask whether the selected cipher is acceptable (since it was
 136  * below the configured 'warn' threshold).
 137  * cs: 0 = both ways, 1 = client->server, 2 = server->client
 138  */
 139 void askcipher(void *frontend, char *ciphername, int cs)
 140 {
 141     static const char msg[] =
 142         "The first %scipher supported by the server is\n"
 143         "%s, which is below the configured warning threshold.\n"
 144         "Continue with connection? (y/n) ";
 145     static const char msg_batch[] =
 146         "The first %scipher supported by the server is\n"
 147         "%s, which is below the configured warning threshold.\n"
 148         "Connection abandoned.\n";
 149     static const char abandoned[] = "Connection abandoned.\n";
 150
 151     char line[32];
 152
 153     if (console_batch_mode) {
 154         fprintf(stderr, msg_batch,
 155                 (cs == 0) ? "" :
 156                 (cs == 1) ? "client-to-server " : "server-to-client ",
 157                 ciphername);
 158         cleanup_exit(1);
 159     }
 160
 161     fprintf(stderr, msg,
 162             (cs == 0) ? "" :
 163             (cs == 1) ? "client-to-server " : "server-to-client ",
 164             ciphername);
 165     fflush(stderr);
 166
 167     {
 168         struct termios oldmode, newmode;
 169         tcgetattr(0, &oldmode);
 170         newmode = oldmode;
 171         newmode.c_lflag |= ECHO | ISIG | ICANON;
 172         tcsetattr(0, TCSANOW, &newmode);
 173         line[0] = '\0';
 174         read(0, line, sizeof(line) - 1);
 175         tcsetattr(0, TCSANOW, &oldmode);
 176     }
 177
 178     if (line[0] == 'y' || line[0] == 'Y') {
 179         return;
 180     } else {
 181         fprintf(stderr, abandoned);
 182         cleanup_exit(0);
 183     }
 184 }
 185
 186 /*
 187  * Ask whether to wipe a session log file before writing to it.
 188  * Returns 2 for wipe, 1 for append, 0 for cancel (don't log).
 189  */
 190 int askappend(void *frontend, char *filename)
 191 {
 192     static const char msgtemplate[] =
 193         "The session log file \"%.*s\" already exists.\n"
 194         "You can overwrite it with a new session log,\n"
 195         "append your session log to the end of it,\n"
 196         "or disable session logging for this session.\n"
 197         "Enter \"y\" to wipe the file, \"n\" to append to it,\n"
 198         "or just press Return to disable logging.\n"
 199         "Wipe the log file? (y/n, Return cancels logging) ";
 200
 201     static const char msgtemplate_batch[] =
 202         "The session log file \"%.*s\" already exists.\n"
 203         "Logging will not be enabled.\n";
 204
 205     char line[32];
 206
 207     if (console_batch_mode) {
 208         fprintf(stderr, msgtemplate_batch, FILENAME_MAX, filename);
 209         fflush(stderr);
 210         return 0;
 211     }
 212     fprintf(stderr, msgtemplate, FILENAME_MAX, filename);
 213     fflush(stderr);
 214
 215     {
 216         struct termios oldmode, newmode;
 217         tcgetattr(0, &oldmode);
 218         newmode = oldmode;
 219         newmode.c_lflag |= ECHO | ISIG | ICANON;
 220         tcsetattr(0, TCSANOW, &newmode);
 221         line[0] = '\0';
 222         read(0, line, sizeof(line) - 1);
 223         tcsetattr(0, TCSANOW, &oldmode);
 224     }
 225
 226     if (line[0] == 'y' || line[0] == 'Y')
 227         return 2;
 228     else if (line[0] == 'n' || line[0] == 'N')
 229         return 1;
 230     else
 231         return 0;
 232 }
 233
 234 /*
 235  * Warn about the obsolescent key file format.
 236  *
 237  * Uniquely among these functions, this one does _not_ expect a
 238  * frontend handle. This means that if PuTTY is ported to a
 239  * platform which requires frontend handles, this function will be
 240  * an anomaly. Fortunately, the problem it addresses will not have
 241  * been present on that platform, so it can plausibly be
 242  * implemented as an empty function.
 243  */
 244 void old_keyfile_warning(void)
 245 {
 246     static const char message[] =
 247         "You are loading an SSH 2 private key which has an\n"
 248         "old version of the file format. This means your key\n"
 249         "file is not fully tamperproof. Future versions of\n"
 250         "PuTTY may stop supporting this private key format,\n"
 251         "so we recommend you convert your key to the new\n"
 252         "format.\n"
 253         "\n"
 254         "Once the key is loaded into PuTTYgen, you can perform\n"
 255         "this conversion simply by saving it again.\n";
 256
 257     fputs(message, stderr);
 258 }
 259
 260 void logevent(void *frontend, char *string)
 261 {
 262     log_eventlog(logctx, string);
 263 }
 264
 265 int console_get_line(const char *prompt, char *str,
 266                      int maxlen, int is_pw)
 267 {
 268     struct termios oldmode, newmode;
 269     int i;
 270
 271     if (console_batch_mode) {
 272         if (maxlen > 0)
 273             str[0] = '\0';
 274     } else {
 275         tcgetattr(0, &oldmode);
 276         newmode = oldmode;
 277         newmode.c_lflag |= ISIG | ICANON;
 278         if (is_pw)
 279             newmode.c_lflag &= ~ECHO;
 280         else
 281             newmode.c_lflag |= ECHO;
 282         tcsetattr(0, TCSANOW, &newmode);
 283
 284         fputs(prompt, stdout);
 285         fflush(stdout);
 286         i = read(0, str, maxlen - 1);
 287
 288         tcsetattr(0, TCSANOW, &oldmode);
 289
 290         if (i > 0 && str[i-1] == '\n')
 291             i--;
 292         str[i] = '\0';
 293
 294         if (is_pw)
 295             fputs("\n", stdout);
 296     }
 297     return 1;
 298 }
 299
 300 void frontend_keypress(void *handle)
 301 {
 302     /*
 303      * This is nothing but a stub, in console code.
 304      */
 305     return;
 306 }