+ dp.shortcuts = &scs;
+ dp.lastfocus = NULL;
+ dp.retval = 0;
+ dp.window = window;
+
+ gtk_window_set_modal(GTK_WINDOW(window), TRUE);
+ if (parentwin) {
+ set_transient_window_pos(parentwin, window);
+ gtk_window_set_transient_for(GTK_WINDOW(window),
+ GTK_WINDOW(parentwin));
+ } else
+ gtk_window_set_position(GTK_WINDOW(window), GTK_WIN_POS_CENTER);
+ gtk_widget_show(window);
+
+ gtk_signal_connect(GTK_OBJECT(window), "destroy",
+ GTK_SIGNAL_FUNC(window_destroy), NULL);
+ gtk_signal_connect(GTK_OBJECT(window), "key_press_event",
+ GTK_SIGNAL_FUNC(win_key_press), &dp);
+
+ gtk_main();
+
+ dlg_cleanup(&dp);
+ ctrl_free_box(ctrlbox);
+
+ return dp.retval;
+}
+
+static int string_width(char *text)
+{
+ GtkWidget *label = gtk_label_new(text);
+ GtkRequisition req;
+ gtk_widget_size_request(label, &req);
+ gtk_widget_unref(label);
+ return req.width;
+}
+
+int reallyclose(void *frontend)
+{
+ char *title = dupcat(appname, " Exit Confirmation", NULL);
+ int ret = messagebox(GTK_WIDGET(get_window(frontend)),
+ title, "Are you sure you want to close this session?",
+ string_width("Most of the width of the above text"),
+ "Yes", 'y', +1, 1,
+ "No", 'n', -1, 0,
+ NULL);
+ sfree(title);
+ return ret;
+}
+
+int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
+ char *keystr, char *fingerprint,
+ void (*callback)(void *ctx, int result), void *ctx)
+{
+ static const char absenttxt[] =
+ "The server's host key is not cached. You have no guarantee "
+ "that the server is the computer you think it is.\n"
+ "The server's %s key fingerprint is:\n"
+ "%s\n"
+ "If you trust this host, press \"Accept\" to add the key to "
+ "PuTTY's cache and carry on connecting.\n"
+ "If you want to carry on connecting just once, without "
+ "adding the key to the cache, press \"Connect Once\".\n"
+ "If you do not trust this host, press \"Cancel\" to abandon the "
+ "connection.";
+ static const char wrongtxt[] =
+ "WARNING - POTENTIAL SECURITY BREACH!\n"
+ "The server's host key does not match the one PuTTY has "
+ "cached. This means that either the server administrator "
+ "has changed the host key, or you have actually connected "
+ "to another computer pretending to be the server.\n"
+ "The new %s key fingerprint is:\n"
+ "%s\n"
+ "If you were expecting this change and trust the new key, "
+ "press \"Accept\" to update PuTTY's cache and continue connecting.\n"
+ "If you want to carry on connecting but without updating "
+ "the cache, press \"Connect Once\".\n"
+ "If you want to abandon the connection completely, press "
+ "\"Cancel\" to cancel. Pressing \"Cancel\" is the ONLY guaranteed "
+ "safe choice.";
+ char *text;
+ int ret;
+
+ /*
+ * Verify the key.
+ */
+ ret = verify_host_key(host, port, keytype, keystr);
+
+ if (ret == 0) /* success - key matched OK */
+ return 1;
+
+ text = dupprintf((ret == 2 ? wrongtxt : absenttxt), keytype, fingerprint);
+
+ ret = messagebox(GTK_WIDGET(get_window(frontend)),
+ "PuTTY Security Alert", text,
+ string_width(fingerprint),
+ "Accept", 'a', 0, 2,
+ "Connect Once", 'o', 0, 1,
+ "Cancel", 'c', -1, 0,
+ NULL);
+
+ sfree(text);
+
+ if (ret == 2) {
+ store_host_key(host, port, keytype, keystr);
+ return 1; /* continue with connection */
+ } else if (ret == 1)
+ return 1; /* continue with connection */
+ return 0; /* do not continue with connection */
+}
+
+/*
+ * Ask whether the selected algorithm is acceptable (since it was
+ * below the configured 'warn' threshold).