* Pageant: the PuTTY Authentication Agent.
*/
-#include <windows.h>
-#ifndef NO_SECURITY
-#include <aclapi.h>
-#endif
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
+#include <assert.h>
#include <tchar.h>
+#include "putty.h"
#include "ssh.h"
+#include "misc.h"
#include "tree234.h"
+#include <shellapi.h>
+
+#ifndef NO_SECURITY
+#include <aclapi.h>
+#endif
+
#define IDI_MAINICON 200
#define IDI_TRAYICON 201
#define IDM_CLOSE 0x0010
#define IDM_VIEWKEYS 0x0020
#define IDM_ADDKEY 0x0030
-#define IDM_ABOUT 0x0040
+#define IDM_HELP 0x0040
+#define IDM_ABOUT 0x0050
#define APPNAME "Pageant"
extern char ver[];
static HINSTANCE instance;
-static HWND hwnd;
+static HWND main_hwnd;
static HWND keylist;
static HWND aboutbox;
-static HMENU systray_menu;
+static HMENU systray_menu, session_menu;
static int already_running;
+static int requested_help;
+
+char *help_path;
+static char *putty_path;
+
+#define IDM_PUTTY 0x0060
+#define IDM_SESSIONS_BASE 0x1000
+#define IDM_SESSIONS_MAX 0x2000
+#define PUTTY_REGKEY "Software\\SimonTatham\\PuTTY\\Sessions"
+#define PUTTY_DEFAULT "Default%20Settings"
+static int initial_menuitems_count;
+
+/*
+ * Print a modal (Really Bad) message box and perform a fatal exit.
+ */
+void modalfatalbox(char *fmt, ...)
+{
+ va_list ap;
+ char *buf;
+
+ va_start(ap, fmt);
+ buf = dupvprintf(fmt, ap);
+ va_end(ap);
+ MessageBox(main_hwnd, buf, "Pageant Fatal Error",
+ MB_SYSTEMMODAL | MB_ICONERROR | MB_OK);
+ sfree(buf);
+ exit(1);
+}
+
+/* Un-munge session names out of the registry. */
+static void unmungestr(char *in, char *out, int outlen)
+{
+ while (*in) {
+ if (*in == '%' && in[1] && in[2]) {
+ int i, j;
+
+ i = in[1] - '0';
+ i -= (i > 9 ? 7 : 0);
+ j = in[2] - '0';
+ j -= (j > 9 ? 7 : 0);
+
+ *out++ = (i << 4) + j;
+ if (!--outlen)
+ return;
+ in += 3;
+ } else {
+ *out++ = *in++;
+ if (!--outlen)
+ return;
+ }
+ }
+ *out = '\0';
+ return;
+}
static tree234 *rsakeys, *ssh2keys;
#endif
/*
- * Exports from pageantc.c
+ * Forward references
*/
-void agent_query(void *in, int inlen, void **out, int *outlen);
-int agent_exists(void);
+static void *make_keylist1(int *length);
+static void *make_keylist2(int *length);
+static void *get_keylist1(int *length);
+static void *get_keylist2(int *length);
/*
* We need this to link with the RSA code, because rsaencrypt()
*/
int random_byte(void)
{
- MessageBox(hwnd, "Internal Error", APPNAME, MB_OK | MB_ICONERROR);
+ MessageBox(main_hwnd, "Internal Error", APPNAME, MB_OK | MB_ICONERROR);
exit(0);
/* this line can't be reached but it placates MSVC's warnings :-) */
return 0;
};
static int cmpkeys_ssh2_asymm(void *av, void *bv);
-/*
- * This function is needed to link with the DES code. We need not
- * have it do anything at all.
- */
-void logevent(char *msg)
-{
-}
-
#define GET_32BIT(cp) \
(((unsigned long)(unsigned char)(cp)[0] << 24) | \
((unsigned long)(unsigned char)(cp)[1] << 16) | \
char *comment;
};
+static tree234 *passphrases = NULL;
+
+/*
+ * After processing a list of filenames, we want to forget the
+ * passphrases.
+ */
+static void forget_passphrases(void)
+{
+ while (count234(passphrases) > 0) {
+ char *pp = index234(passphrases, 0);
+ memset(pp, 0, strlen(pp));
+ delpos234(passphrases, 0);
+ free(pp);
+ }
+}
+
/*
* Dialog-box function for the Licence box.
*/
return 0;
case 101:
EnableWindow(hwnd, 0);
- DialogBox(instance, MAKEINTRESOURCE(214), NULL, LicenceProc);
+ DialogBox(instance, MAKEINTRESOURCE(214), hwnd, LicenceProc);
EnableWindow(hwnd, 1);
SetActiveWindow(hwnd);
return 0;
/*
* This function loads a key from a file and adds it.
*/
-static void add_keyfile(char *filename)
+static void add_keyfile(Filename filename)
{
char passphrase[PASSPHRASE_MAXLEN];
struct RSAKey *rkey = NULL;
int attempts;
char *comment;
struct PassphraseProcStruct pps;
- int ver;
-
- ver = keyfile_version(filename);
- if (ver == 0) {
- MessageBox(NULL, "Couldn't load private key.", APPNAME,
- MB_OK | MB_ICONERROR);
+ int type;
+ int original_pass;
+
+ type = key_type(&filename);
+ if (type != SSH_KEYTYPE_SSH1 && type != SSH_KEYTYPE_SSH2) {
+ char msg[256];
+ sprintf(msg, "Couldn't load this key (%s)", key_type_to_str(type));
+ MessageBox(NULL, msg, APPNAME, MB_OK | MB_ICONERROR);
return;
}
- if (ver == 1)
- needs_pass = rsakey_encrypted(filename, &comment);
+ /*
+ * See if the key is already loaded (in the primary Pageant,
+ * which may or may not be us).
+ */
+ {
+ void *blob;
+ unsigned char *keylist, *p;
+ int i, nkeys, bloblen, keylistlen;
+
+ if (type == SSH_KEYTYPE_SSH1) {
+ if (!rsakey_pubblob(&filename, &blob, &bloblen, NULL)) {
+ MessageBox(NULL, "Couldn't load private key.", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ keylist = get_keylist1(&keylistlen);
+ } else {
+ unsigned char *blob2;
+ blob = ssh2_userkey_loadpub(&filename, NULL, &bloblen, NULL);
+ if (!blob) {
+ MessageBox(NULL, "Couldn't load private key.", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ /* For our purposes we want the blob prefixed with its length */
+ blob2 = snewn(bloblen+4, unsigned char);
+ PUT_32BIT(blob2, bloblen);
+ memcpy(blob2 + 4, blob, bloblen);
+ sfree(blob);
+ blob = blob2;
+
+ keylist = get_keylist2(&keylistlen);
+ }
+ if (keylist) {
+ if (keylistlen < 4) {
+ MessageBox(NULL, "Received broken key list?!", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ nkeys = GET_32BIT(keylist);
+ p = keylist + 4;
+ keylistlen -= 4;
+
+ for (i = 0; i < nkeys; i++) {
+ if (!memcmp(blob, p, bloblen)) {
+ /* Key is already present; we can now leave. */
+ sfree(keylist);
+ sfree(blob);
+ return;
+ }
+ /* Now skip over public blob */
+ if (type == SSH_KEYTYPE_SSH1) {
+ int n = rsa_public_blob_len(p, keylistlen);
+ if (n < 0) {
+ MessageBox(NULL, "Received broken key list?!", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ p += n;
+ keylistlen -= n;
+ } else {
+ int n;
+ if (keylistlen < 4) {
+ MessageBox(NULL, "Received broken key list?!", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ n = 4 + GET_32BIT(p);
+ if (keylistlen < n) {
+ MessageBox(NULL, "Received broken key list?!", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ p += n;
+ keylistlen -= n;
+ }
+ /* Now skip over comment field */
+ {
+ int n;
+ if (keylistlen < 4) {
+ MessageBox(NULL, "Received broken key list?!", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ n = 4 + GET_32BIT(p);
+ if (keylistlen < n) {
+ MessageBox(NULL, "Received broken key list?!", APPNAME,
+ MB_OK | MB_ICONERROR);
+ return;
+ }
+ p += n;
+ keylistlen -= n;
+ }
+ }
+
+ sfree(keylist);
+ }
+
+ sfree(blob);
+ }
+
+ if (type == SSH_KEYTYPE_SSH1)
+ needs_pass = rsakey_encrypted(&filename, &comment);
else
- needs_pass = ssh2_userkey_encrypted(filename, &comment);
+ needs_pass = ssh2_userkey_encrypted(&filename, &comment);
attempts = 0;
- if (ver == 1)
- rkey = smalloc(sizeof(*rkey));
+ if (type == SSH_KEYTYPE_SSH1)
+ rkey = snew(struct RSAKey);
pps.passphrase = passphrase;
pps.comment = comment;
+ original_pass = 0;
do {
if (needs_pass) {
- int dlgret;
- dlgret = DialogBoxParam(instance, MAKEINTRESOURCE(210),
- NULL, PassphraseProc, (LPARAM) & pps);
- passphrase_box = NULL;
- if (!dlgret) {
- if (comment)
- sfree(comment);
- if (ver == 1)
- sfree(rkey);
- return; /* operation cancelled */
+ /* try all the remembered passphrases first */
+ char *pp = index234(passphrases, attempts);
+ if(pp) {
+ strcpy(passphrase, pp);
+ } else {
+ int dlgret;
+ original_pass = 1;
+ dlgret = DialogBoxParam(instance, MAKEINTRESOURCE(210),
+ NULL, PassphraseProc, (LPARAM) & pps);
+ passphrase_box = NULL;
+ if (!dlgret) {
+ if (comment)
+ sfree(comment);
+ if (type == SSH_KEYTYPE_SSH1)
+ sfree(rkey);
+ return; /* operation cancelled */
+ }
}
} else
*passphrase = '\0';
- if (ver == 1)
- ret = loadrsakey(filename, rkey, passphrase);
+ if (type == SSH_KEYTYPE_SSH1)
+ ret = loadrsakey(&filename, rkey, passphrase, NULL);
else {
- skey = ssh2_load_userkey(filename, passphrase);
+ skey = ssh2_load_userkey(&filename, passphrase, NULL);
if (skey == SSH2_WRONG_PASSPHRASE)
ret = -1;
else if (!skey)
}
attempts++;
} while (ret == -1);
+
+ /* if they typed in an ok passphrase, remember it */
+ if(original_pass && ret) {
+ char *pp = dupstr(passphrase);
+ addpos234(passphrases, pp, 0);
+ }
+
if (comment)
sfree(comment);
if (ret == 0) {
MessageBox(NULL, "Couldn't load private key.", APPNAME,
MB_OK | MB_ICONERROR);
- if (ver == 1)
+ if (type == SSH_KEYTYPE_SSH1)
sfree(rkey);
return;
}
- if (ver == 1) {
+ if (type == SSH_KEYTYPE_SSH1) {
if (already_running) {
unsigned char *request, *response;
void *vresponse;
- int reqlen, clen, resplen;
+ int reqlen, clen, resplen, ret;
clen = strlen(rkey->comment);
ssh1_bignum_length(rkey->q) + 4 + clen /* comment */
;
- request = smalloc(reqlen);
+ request = snewn(reqlen, unsigned char);
request[4] = SSH1_AGENTC_ADD_RSA_IDENTITY;
reqlen = 5;
reqlen += 4 + clen;
PUT_32BIT(request, reqlen - 4);
- agent_query(request, reqlen, &vresponse, &resplen);
+ ret = agent_query(request, reqlen, &vresponse, &resplen,
+ NULL, NULL);
+ assert(ret == 1);
response = vresponse;
if (resplen < 5 || response[4] != SSH_AGENT_SUCCESS)
MessageBox(NULL, "The already running Pageant "
"refused to add the key.", APPNAME,
MB_OK | MB_ICONERROR);
+
+ sfree(request);
+ sfree(response);
} else {
if (add234(rsakeys, rkey) != rkey)
sfree(rkey); /* already present, don't waste RAM */
if (already_running) {
unsigned char *request, *response;
void *vresponse;
- int reqlen, alglen, clen, keybloblen, resplen;
+ int reqlen, alglen, clen, keybloblen, resplen, ret;
alglen = strlen(skey->alg->name);
clen = strlen(skey->comment);
4 + clen /* comment */
;
- request = smalloc(reqlen);
+ request = snewn(reqlen, unsigned char);
request[4] = SSH2_AGENTC_ADD_IDENTITY;
reqlen = 5;
keybloblen);
PUT_32BIT(request + reqlen, clen);
memcpy(request + reqlen + 4, skey->comment, clen);
- PUT_32BIT(request, reqlen - 4);
reqlen += clen + 4;
+ PUT_32BIT(request, reqlen - 4);
- agent_query(request, reqlen, &vresponse, &resplen);
+ ret = agent_query(request, reqlen, &vresponse, &resplen,
+ NULL, NULL);
+ assert(ret == 1);
response = vresponse;
if (resplen < 5 || response[4] != SSH_AGENT_SUCCESS)
- MessageBox(NULL, "The already running Pageant"
+ MessageBox(NULL, "The already running Pageant "
"refused to add the key.", APPNAME,
MB_OK | MB_ICONERROR);
+
+ sfree(request);
+ sfree(response);
} else {
if (add234(ssh2keys, skey) != skey) {
skey->alg->freekey(skey->data);
}
/*
+ * Create an SSH1 key list in a malloc'ed buffer; return its
+ * length.
+ */
+static void *make_keylist1(int *length)
+{
+ int i, nkeys, len;
+ struct RSAKey *key;
+ unsigned char *blob, *p, *ret;
+ int bloblen;
+
+ /*
+ * Count up the number and length of keys we hold.
+ */
+ len = 4;
+ nkeys = 0;
+ for (i = 0; NULL != (key = index234(rsakeys, i)); i++) {
+ nkeys++;
+ blob = rsa_public_blob(key, &bloblen);
+ len += bloblen;
+ sfree(blob);
+ len += 4 + strlen(key->comment);
+ }
+
+ /* Allocate the buffer. */
+ p = ret = snewn(len, unsigned char);
+ if (length) *length = len;
+
+ PUT_32BIT(p, nkeys);
+ p += 4;
+ for (i = 0; NULL != (key = index234(rsakeys, i)); i++) {
+ blob = rsa_public_blob(key, &bloblen);
+ memcpy(p, blob, bloblen);
+ p += bloblen;
+ sfree(blob);
+ PUT_32BIT(p, strlen(key->comment));
+ memcpy(p + 4, key->comment, strlen(key->comment));
+ p += 4 + strlen(key->comment);
+ }
+
+ assert(p - ret == len);
+ return ret;
+}
+
+/*
+ * Create an SSH2 key list in a malloc'ed buffer; return its
+ * length.
+ */
+static void *make_keylist2(int *length)
+{
+ struct ssh2_userkey *key;
+ int i, len, nkeys;
+ unsigned char *blob, *p, *ret;
+ int bloblen;
+
+ /*
+ * Count up the number and length of keys we hold.
+ */
+ len = 4;
+ nkeys = 0;
+ for (i = 0; NULL != (key = index234(ssh2keys, i)); i++) {
+ nkeys++;
+ len += 4; /* length field */
+ blob = key->alg->public_blob(key->data, &bloblen);
+ len += bloblen;
+ sfree(blob);
+ len += 4 + strlen(key->comment);
+ }
+
+ /* Allocate the buffer. */
+ p = ret = snewn(len, unsigned char);
+ if (length) *length = len;
+
+ /*
+ * Packet header is the obvious five bytes, plus four
+ * bytes for the key count.
+ */
+ PUT_32BIT(p, nkeys);
+ p += 4;
+ for (i = 0; NULL != (key = index234(ssh2keys, i)); i++) {
+ blob = key->alg->public_blob(key->data, &bloblen);
+ PUT_32BIT(p, bloblen);
+ p += 4;
+ memcpy(p, blob, bloblen);
+ p += bloblen;
+ sfree(blob);
+ PUT_32BIT(p, strlen(key->comment));
+ memcpy(p + 4, key->comment, strlen(key->comment));
+ p += 4 + strlen(key->comment);
+ }
+
+ assert(p - ret == len);
+ return ret;
+}
+
+/*
+ * Acquire a keylist1 from the primary Pageant; this means either
+ * calling make_keylist1 (if that's us) or sending a message to the
+ * primary Pageant (if it's not).
+ */
+static void *get_keylist1(int *length)
+{
+ void *ret;
+
+ if (already_running) {
+ unsigned char request[5], *response;
+ void *vresponse;
+ int resplen, retval;
+ request[4] = SSH1_AGENTC_REQUEST_RSA_IDENTITIES;
+ PUT_32BIT(request, 4);
+
+ retval = agent_query(request, 5, &vresponse, &resplen, NULL, NULL);
+ assert(retval == 1);
+ response = vresponse;
+ if (resplen < 5 || response[4] != SSH1_AGENT_RSA_IDENTITIES_ANSWER)
+ return NULL;
+
+ ret = snewn(resplen-5, unsigned char);
+ memcpy(ret, response+5, resplen-5);
+ sfree(response);
+
+ if (length)
+ *length = resplen-5;
+ } else {
+ ret = make_keylist1(length);
+ }
+ return ret;
+}
+
+/*
+ * Acquire a keylist2 from the primary Pageant; this means either
+ * calling make_keylist2 (if that's us) or sending a message to the
+ * primary Pageant (if it's not).
+ */
+static void *get_keylist2(int *length)
+{
+ void *ret;
+
+ if (already_running) {
+ unsigned char request[5], *response;
+ void *vresponse;
+ int resplen, retval;
+
+ request[4] = SSH2_AGENTC_REQUEST_IDENTITIES;
+ PUT_32BIT(request, 4);
+
+ retval = agent_query(request, 5, &vresponse, &resplen, NULL, NULL);
+ assert(retval == 1);
+ response = vresponse;
+ if (resplen < 5 || response[4] != SSH2_AGENT_IDENTITIES_ANSWER)
+ return NULL;
+
+ ret = snewn(resplen-5, unsigned char);
+ memcpy(ret, response+5, resplen-5);
+ sfree(response);
+
+ if (length)
+ *length = resplen-5;
+ } else {
+ ret = make_keylist2(length);
+ }
+ return ret;
+}
+
+/*
* This is the main agent function that answers messages.
*/
static void answer_msg(void *msg)
{
unsigned char *p = msg;
unsigned char *ret = msg;
+ unsigned char *msgend;
int type;
/*
+ * Get the message length.
+ */
+ msgend = p + 4 + GET_32BIT(p);
+
+ /*
* Get the message type.
*/
+ if (msgend < p+5)
+ goto failure;
type = p[4];
p += 5;
* Reply with SSH1_AGENT_RSA_IDENTITIES_ANSWER.
*/
{
- struct RSAKey *key;
- int len, nkeys;
- int i;
-
- /*
- * Count up the number and length of keys we hold.
- */
- len = nkeys = 0;
- for (i = 0; NULL != (key = index234(rsakeys, i)); i++) {
- nkeys++;
- len += 4; /* length field */
- len += ssh1_bignum_length(key->exponent);
- len += ssh1_bignum_length(key->modulus);
- len += 4 + strlen(key->comment);
- }
+ int len;
+ void *keylist;
- /*
- * Packet header is the obvious five bytes, plus four
- * bytes for the key count.
- */
- len += 5 + 4;
- if (len > AGENT_MAX_MSGLEN)
- goto failure; /* aaargh! too much stuff! */
- PUT_32BIT(ret, len - 4);
ret[4] = SSH1_AGENT_RSA_IDENTITIES_ANSWER;
- PUT_32BIT(ret + 5, nkeys);
- p = ret + 5 + 4;
- for (i = 0; NULL != (key = index234(rsakeys, i)); i++) {
- PUT_32BIT(p, bignum_bitcount(key->modulus));
- p += 4;
- p += ssh1_write_bignum(p, key->exponent);
- p += ssh1_write_bignum(p, key->modulus);
- PUT_32BIT(p, strlen(key->comment));
- memcpy(p + 4, key->comment, strlen(key->comment));
- p += 4 + strlen(key->comment);
+ keylist = make_keylist1(&len);
+ if (len + 5 > AGENT_MAX_MSGLEN) {
+ sfree(keylist);
+ goto failure;
}
+ PUT_32BIT(ret, len + 1);
+ memcpy(ret + 5, keylist, len);
+ sfree(keylist);
}
break;
case SSH2_AGENTC_REQUEST_IDENTITIES:
* Reply with SSH2_AGENT_IDENTITIES_ANSWER.
*/
{
- struct ssh2_userkey *key;
- int len, nkeys;
- unsigned char *blob;
- int bloblen;
- int i;
-
- /*
- * Count up the number and length of keys we hold.
- */
- len = nkeys = 0;
- for (i = 0; NULL != (key = index234(ssh2keys, i)); i++) {
- nkeys++;
- len += 4; /* length field */
- blob = key->alg->public_blob(key->data, &bloblen);
- len += bloblen;
- sfree(blob);
- len += 4 + strlen(key->comment);
- }
+ int len;
+ void *keylist;
- /*
- * Packet header is the obvious five bytes, plus four
- * bytes for the key count.
- */
- len += 5 + 4;
- if (len > AGENT_MAX_MSGLEN)
- goto failure; /* aaargh! too much stuff! */
- PUT_32BIT(ret, len - 4);
ret[4] = SSH2_AGENT_IDENTITIES_ANSWER;
- PUT_32BIT(ret + 5, nkeys);
- p = ret + 5 + 4;
- for (i = 0; NULL != (key = index234(ssh2keys, i)); i++) {
- blob = key->alg->public_blob(key->data, &bloblen);
- PUT_32BIT(p, bloblen);
- p += 4;
- memcpy(p, blob, bloblen);
- p += bloblen;
- sfree(blob);
- PUT_32BIT(p, strlen(key->comment));
- memcpy(p + 4, key->comment, strlen(key->comment));
- p += 4 + strlen(key->comment);
+ keylist = make_keylist2(&len);
+ if (len + 5 > AGENT_MAX_MSGLEN) {
+ sfree(keylist);
+ goto failure;
}
+ PUT_32BIT(ret, len + 1);
+ memcpy(ret + 5, keylist, len);
+ sfree(keylist);
}
break;
case SSH1_AGENTC_RSA_CHALLENGE:
int i, len;
p += 4;
- p += ssh1_read_bignum(p, &reqkey.exponent);
- p += ssh1_read_bignum(p, &reqkey.modulus);
- p += ssh1_read_bignum(p, &challenge);
+ i = ssh1_read_bignum(p, msgend - p, &reqkey.exponent);
+ if (i < 0)
+ goto failure;
+ p += i;
+ i = ssh1_read_bignum(p, msgend - p, &reqkey.modulus);
+ if (i < 0)
+ goto failure;
+ p += i;
+ i = ssh1_read_bignum(p, msgend - p, &challenge);
+ if (i < 0)
+ goto failure;
+ p += i;
+ if (msgend < p+16) {
+ freebn(reqkey.exponent);
+ freebn(reqkey.modulus);
+ freebn(challenge);
+ goto failure;
+ }
memcpy(response_source + 32, p, 16);
p += 16;
- if (GET_32BIT(p) != 1 ||
+ if (msgend < p+4 ||
+ GET_32BIT(p) != 1 ||
(key = find234(rsakeys, &reqkey, NULL)) == NULL) {
freebn(reqkey.exponent);
freebn(reqkey.modulus);
unsigned char *data, *signature;
int datalen, siglen, len;
+ if (msgend < p+4)
+ goto failure;
b.len = GET_32BIT(p);
p += 4;
+ if (msgend < p+b.len)
+ goto failure;
b.blob = p;
p += b.len;
+ if (msgend < p+4)
+ goto failure;
datalen = GET_32BIT(p);
p += 4;
+ if (msgend < p+datalen)
+ goto failure;
data = p;
key = find234(ssh2keys, &b, cmpkeys_ssh2_asymm);
if (!key)
{
struct RSAKey *key;
char *comment;
- int commentlen;
- key = smalloc(sizeof(struct RSAKey));
+ int n, commentlen;
+
+ key = snew(struct RSAKey);
memset(key, 0, sizeof(struct RSAKey));
- p += makekey(p, key, NULL, 1);
- p += makeprivate(p, key);
- p += ssh1_read_bignum(p, &key->iqmp); /* p^-1 mod q */
- p += ssh1_read_bignum(p, &key->p); /* p */
- p += ssh1_read_bignum(p, &key->q); /* q */
+
+ n = makekey(p, msgend - p, key, NULL, 1);
+ if (n < 0) {
+ freersakey(key);
+ sfree(key);
+ goto failure;
+ }
+ p += n;
+
+ n = makeprivate(p, msgend - p, key);
+ if (n < 0) {
+ freersakey(key);
+ sfree(key);
+ goto failure;
+ }
+ p += n;
+
+ n = ssh1_read_bignum(p, msgend - p, &key->iqmp); /* p^-1 mod q */
+ if (n < 0) {
+ freersakey(key);
+ sfree(key);
+ goto failure;
+ }
+ p += n;
+
+ n = ssh1_read_bignum(p, msgend - p, &key->p); /* p */
+ if (n < 0) {
+ freersakey(key);
+ sfree(key);
+ goto failure;
+ }
+ p += n;
+
+ n = ssh1_read_bignum(p, msgend - p, &key->q); /* q */
+ if (n < 0) {
+ freersakey(key);
+ sfree(key);
+ goto failure;
+ }
+ p += n;
+
+ if (msgend < p+4) {
+ freersakey(key);
+ sfree(key);
+ goto failure;
+ }
commentlen = GET_32BIT(p);
- comment = smalloc(commentlen+1);
+
+ if (msgend < p+commentlen) {
+ freersakey(key);
+ sfree(key);
+ goto failure;
+ }
+
+ comment = snewn(commentlen+1, char);
if (comment) {
memcpy(comment, p + 4, commentlen);
comment[commentlen] = '\0';
int alglen, commlen;
int bloblen;
- key = smalloc(sizeof(struct ssh2_userkey));
+ if (msgend < p+4)
+ goto failure;
alglen = GET_32BIT(p);
p += 4;
+ if (msgend < p+alglen)
+ goto failure;
alg = p;
p += alglen;
+
+ key = snew(struct ssh2_userkey);
/* Add further algorithm names here. */
if (alglen == 7 && !memcmp(alg, "ssh-rsa", 7))
key->alg = &ssh_rsa;
goto failure;
}
- bloblen =
- GET_32BIT((unsigned char *) msg) - (p -
- (unsigned char *) msg -
- 4);
+ bloblen = msgend - p;
key->data = key->alg->openssh_createkey(&p, &bloblen);
if (!key->data) {
sfree(key);
goto failure;
}
+
+ /*
+ * p has been advanced by openssh_createkey, but
+ * certainly not _beyond_ the end of the buffer.
+ */
+ assert(p <= msgend);
+
+ if (msgend < p+4) {
+ key->alg->freekey(key->data);
+ sfree(key);
+ goto failure;
+ }
commlen = GET_32BIT(p);
p += 4;
- comment = smalloc(commlen + 1);
+ if (msgend < p+commlen) {
+ key->alg->freekey(key->data);
+ sfree(key);
+ goto failure;
+ }
+ comment = snewn(commlen + 1, char);
if (comment) {
memcpy(comment, p, commlen);
comment[commlen] = '\0';
*/
{
struct RSAKey reqkey, *key;
+ int n;
+
+ n = makekey(p, msgend - p, &reqkey, NULL, 0);
+ if (n < 0)
+ goto failure;
- p += makekey(p, &reqkey, NULL, 0);
key = find234(rsakeys, &reqkey, NULL);
freebn(reqkey.exponent);
freebn(reqkey.modulus);
struct ssh2_userkey *key;
struct blob b;
+ if (msgend < p+4)
+ goto failure;
b.len = GET_32BIT(p);
p += 4;
+
+ if (msgend < p+b.len)
+ goto failure;
b.blob = p;
p += b.len;
+
key = find234(ssh2keys, &b, cmpkeys_ssh2_asymm);
if (!key)
goto failure;
{
OPENFILENAME of;
char filename[FILENAME_MAX];
+ char *filelist = snewn(8192, char);
+ char *filewalker;
+ int n, dirlen;
+
memset(&of, 0, sizeof(of));
#ifdef OPENFILENAME_SIZE_VERSION_400
of.lStructSize = OPENFILENAME_SIZE_VERSION_400;
#else
of.lStructSize = sizeof(of);
#endif
- of.hwndOwner = hwnd;
- of.lpstrFilter = "All Files\0*\0\0\0";
+ of.hwndOwner = main_hwnd;
+ of.lpstrFilter = "PuTTY Private Key Files (*.ppk)\0*.ppk\0"
+ "All Files (*.*)\0*\0\0\0";
of.lpstrCustomFilter = NULL;
of.nFilterIndex = 1;
- of.lpstrFile = filename;
- *filename = '\0';
- of.nMaxFile = sizeof(filename);
+ of.lpstrFile = filelist;
+ *filelist = '\0';
+ of.nMaxFile = FILENAME_MAX;
of.lpstrFileTitle = NULL;
of.lpstrInitialDir = NULL;
of.lpstrTitle = "Select Private Key File";
- of.Flags = 0;
+ of.Flags = OFN_ALLOWMULTISELECT | OFN_EXPLORER;
if (GetOpenFileName(&of)) {
- add_keyfile(filename);
+ if(strlen(filelist) > of.nFileOffset)
+ /* Only one filename returned? */
+ add_keyfile(filename_from_str(filelist));
+ else {
+ /* we are returned a bunch of strings, end to
+ * end. first string is the directory, the
+ * rest the filenames. terminated with an
+ * empty string.
+ */
+ filewalker = filelist;
+ dirlen = strlen(filewalker);
+ if(dirlen > FILENAME_MAX - 8) return;
+ memcpy(filename, filewalker, dirlen);
+
+ filewalker += dirlen + 1;
+ filename[dirlen++] = '\\';
+
+ /* then go over names one by one */
+ for(;;) {
+ n = strlen(filewalker) + 1;
+ /* end of the list */
+ if(n == 1)
+ break;
+ /* too big, shouldn't happen */
+ if(n + dirlen > FILENAME_MAX)
+ break;
+
+ memcpy(filename + dirlen, filewalker, n);
+ filewalker += n;
+
+ add_keyfile(filename_from_str(filename));
+ }
+ }
+
keylist_update();
+ forget_passphrases();
}
+ sfree(filelist);
}
/*
rd.right - rd.left, rd.bottom - rd.top, TRUE);
}
+ if (help_path)
+ SetWindowLong(hwnd, GWL_EXSTYLE,
+ GetWindowLong(hwnd, GWL_EXSTYLE) | WS_EX_CONTEXTHELP);
+ else {
+ HWND item = GetDlgItem(hwnd, 103); /* the Help button */
+ if (item)
+ DestroyWindow(item);
+ }
+ requested_help = FALSE;
+
keylist = hwnd;
{
static int tabs[] = { 35, 60, 210 };
case 102: /* remove key */
if (HIWORD(wParam) == BN_CLICKED ||
HIWORD(wParam) == BN_DOUBLECLICKED) {
- int n = SendDlgItemMessage(hwnd, 100, LB_GETCURSEL, 0, 0);
int i;
- if (n == LB_ERR) {
+ int rCount, sCount;
+ int *selectedArray;
+
+ /* our counter within the array of selected items */
+ int itemNum;
+
+ /* get the number of items selected in the list */
+ int numSelected =
+ SendDlgItemMessage(hwnd, 100, LB_GETSELCOUNT, 0, 0);
+
+ /* none selected? that was silly */
+ if (numSelected == 0) {
MessageBeep(0);
break;
}
- for (i = 0; NULL != (rkey = index234(rsakeys, i)); i++)
- if (n-- == 0)
- break;
- if (rkey) {
- del234(rsakeys, rkey);
- freersakey(rkey);
- sfree(rkey);
- } else {
- for (i = 0; NULL != (skey = index234(ssh2keys, i));
- i++) if (n-- == 0)
- break;
- if (skey) {
- del234(ssh2keys, skey);
- skey->alg->freekey(skey->data);
- sfree(skey);
- }
+
+ /* get item indices in an array */
+ selectedArray = snewn(numSelected, int);
+ SendDlgItemMessage(hwnd, 100, LB_GETSELITEMS,
+ numSelected, (WPARAM)selectedArray);
+
+ itemNum = numSelected - 1;
+ rCount = count234(rsakeys);
+ sCount = count234(ssh2keys);
+
+ /* go through the non-rsakeys until we've covered them all,
+ * and/or we're out of selected items to check. note that
+ * we go *backwards*, to avoid complications from deleting
+ * things hence altering the offset of subsequent items
+ */
+ for (i = sCount - 1; (itemNum >= 0) && (i >= 0); i--) {
+ skey = index234(ssh2keys, i);
+
+ if (selectedArray[itemNum] == rCount + i) {
+ del234(ssh2keys, skey);
+ skey->alg->freekey(skey->data);
+ sfree(skey);
+ itemNum--;
+ }
+ }
+
+ /* do the same for the rsa keys */
+ for (i = rCount - 1; (itemNum >= 0) && (i >= 0); i--) {
+ rkey = index234(rsakeys, i);
+
+ if(selectedArray[itemNum] == i) {
+ del234(rsakeys, rkey);
+ freersakey(rkey);
+ sfree(rkey);
+ itemNum--;
+ }
}
+
+ sfree(selectedArray);
keylist_update();
}
return 0;
+ case 103: /* help */
+ if (HIWORD(wParam) == BN_CLICKED ||
+ HIWORD(wParam) == BN_DOUBLECLICKED) {
+ if (help_path) {
+ WinHelp(main_hwnd, help_path, HELP_COMMAND,
+ (DWORD)"JI(`',`pageant.general')");
+ requested_help = TRUE;
+ }
+ }
+ return 0;
}
return 0;
+ case WM_HELP:
+ if (help_path) {
+ int id = ((LPHELPINFO)lParam)->iCtrlId;
+ char *cmd = NULL;
+ switch (id) {
+ case 100: cmd = "JI(`',`pageant.keylist')"; break;
+ case 101: cmd = "JI(`',`pageant.addkey')"; break;
+ case 102: cmd = "JI(`',`pageant.remkey')"; break;
+ }
+ if (cmd) {
+ WinHelp(main_hwnd, help_path, HELP_COMMAND, (DWORD)cmd);
+ requested_help = TRUE;
+ } else {
+ MessageBeep(0);
+ }
+ }
+ break;
case WM_CLOSE:
keylist = NULL;
DestroyWindow(hwnd);
return res;
}
+/* Update the saved-sessions menu. */
+static void update_sessions(void)
+{
+ int num_entries;
+ HKEY hkey;
+ TCHAR buf[MAX_PATH + 1];
+ MENUITEMINFO mii;
+
+ int index_key, index_menu;
+
+ if (!putty_path)
+ return;
+
+ if(ERROR_SUCCESS != RegOpenKey(HKEY_CURRENT_USER, PUTTY_REGKEY, &hkey))
+ return;
+
+ for(num_entries = GetMenuItemCount(session_menu);
+ num_entries > initial_menuitems_count;
+ num_entries--)
+ RemoveMenu(session_menu, 0, MF_BYPOSITION);
+
+ index_key = 0;
+ index_menu = 0;
+
+ while(ERROR_SUCCESS == RegEnumKey(hkey, index_key, buf, MAX_PATH)) {
+ TCHAR session_name[MAX_PATH + 1];
+ unmungestr(buf, session_name, MAX_PATH);
+ if(strcmp(buf, PUTTY_DEFAULT) != 0) {
+ memset(&mii, 0, sizeof(mii));
+ mii.cbSize = sizeof(mii);
+ mii.fMask = MIIM_TYPE | MIIM_STATE | MIIM_ID;
+ mii.fType = MFT_STRING;
+ mii.fState = MFS_ENABLED;
+ mii.wID = (index_menu * 16) + IDM_SESSIONS_BASE;
+ mii.dwTypeData = session_name;
+ InsertMenuItem(session_menu, index_menu, TRUE, &mii);
+ index_menu++;
+ }
+ index_key++;
+ }
+
+ RegCloseKey(hkey);
+
+ if(index_menu == 0) {
+ mii.cbSize = sizeof(mii);
+ mii.fMask = MIIM_TYPE | MIIM_STATE;
+ mii.fType = MFT_STRING;
+ mii.fState = MFS_GRAYED;
+ mii.dwTypeData = _T("(No sessions)");
+ InsertMenuItem(session_menu, index_menu, TRUE, &mii);
+ }
+}
+
static LRESULT CALLBACK WndProc(HWND hwnd, UINT message,
WPARAM wParam, LPARAM lParam)
{
case WM_SYSTRAY2:
if (!menuinprogress) {
menuinprogress = 1;
+ update_sessions();
SetForegroundWindow(hwnd);
ret = TrackPopupMenu(systray_menu,
TPM_RIGHTALIGN | TPM_BOTTOMALIGN |
case WM_COMMAND:
case WM_SYSCOMMAND:
switch (wParam & ~0xF) { /* low 4 bits reserved to Windows */
+ case IDM_PUTTY:
+ if((int)ShellExecute(hwnd, NULL, putty_path, _T(""), _T(""),
+ SW_SHOW) <= 32) {
+ MessageBox(NULL, "Unable to execute PuTTY!",
+ "Error", MB_OK | MB_ICONERROR);
+ }
+ break;
case IDM_CLOSE:
if (passphrase_box)
SendMessage(passphrase_box, WM_CLOSE, 0, 0);
keylist = CreateDialog(instance, MAKEINTRESOURCE(211),
NULL, KeyListProc);
ShowWindow(keylist, SW_SHOWNORMAL);
- /*
- * Sometimes the window comes up minimised / hidden
- * for no obvious reason. Prevent this.
- */
- SetForegroundWindow(keylist);
- SetWindowPos(keylist, HWND_TOP, 0, 0, 0, 0,
- SWP_NOMOVE | SWP_NOSIZE | SWP_SHOWWINDOW);
}
+ /*
+ * Sometimes the window comes up minimised / hidden for
+ * no obvious reason. Prevent this. This also brings it
+ * to the front if it's already present (the user
+ * selected View Keys because they wanted to _see_ the
+ * thing).
+ */
+ SetForegroundWindow(keylist);
+ SetWindowPos(keylist, HWND_TOP, 0, 0, 0, 0,
+ SWP_NOMOVE | SWP_NOSIZE | SWP_SHOWWINDOW);
break;
case IDM_ADDKEY:
if (passphrase_box) {
SWP_NOMOVE | SWP_NOSIZE | SWP_SHOWWINDOW);
}
break;
+ case IDM_HELP:
+ if (help_path) {
+ WinHelp(main_hwnd, help_path, HELP_COMMAND,
+ (DWORD)"JI(`',`pageant.general')");
+ requested_help = TRUE;
+ }
+ break;
+ default:
+ {
+ if(wParam >= IDM_SESSIONS_BASE && wParam <= IDM_SESSIONS_MAX) {
+ MENUITEMINFO mii;
+ TCHAR buf[MAX_PATH + 1];
+ TCHAR param[MAX_PATH + 1];
+ memset(&mii, 0, sizeof(mii));
+ mii.cbSize = sizeof(mii);
+ mii.fMask = MIIM_TYPE;
+ mii.cch = MAX_PATH;
+ mii.dwTypeData = buf;
+ GetMenuItemInfo(session_menu, wParam, FALSE, &mii);
+ strcpy(param, "@");
+ strcat(param, mii.dwTypeData);
+ if((int)ShellExecute(hwnd, NULL, putty_path, param,
+ _T(""), SW_SHOW) <= 32) {
+ MessageBox(NULL, "Unable to execute PuTTY!", "Error",
+ MB_OK | MB_ICONERROR);
+ }
+ }
+ }
+ break;
}
break;
case WM_DESTROY:
+ if (requested_help) {
+ WinHelp(main_hwnd, help_path, HELP_QUIT, 0);
+ requested_help = FALSE;
+ }
PostQuitMessage(0);
return 0;
case WM_COPYDATA:
/*
* Fork and Exec the command in cmdline. [DBW]
*/
-void spawn_cmd(char *cmdline, int show)
+void spawn_cmd(char *cmdline, char * args, int show)
{
if (ShellExecute(NULL, _T("open"), cmdline,
- NULL, NULL, show) <= (HINSTANCE) 32) {
- TCHAR sMsg[140];
- sprintf(sMsg, _T("Failed to run \"%.100s\", Error: %d"), cmdline,
- (int)GetLastError());
- MessageBox(NULL, sMsg, APPNAME, MB_OK | MB_ICONEXCLAMATION);
+ args, NULL, show) <= (HINSTANCE) 32) {
+ char *msg;
+ msg = dupprintf("Failed to run \"%.100s\", Error: %d", cmdline,
+ (int)GetLastError());
+ MessageBox(NULL, msg, APPNAME, MB_OK | MB_ICONEXCLAMATION);
+ sfree(msg);
}
}
+/*
+ * This is a can't-happen stub, since Pageant never makes
+ * asynchronous agent requests.
+ */
+void agent_schedule_callback(void (*callback)(void *, void *, int),
+ void *callback_ctx, void *data, int len)
+{
+ assert(!"We shouldn't get here");
+}
+
+void cleanup_exit(int code) { exit(code); }
+
+int flags = FLAG_SYNCAGENT;
+
int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)
{
WNDCLASS wndclass;
MSG msg;
- OSVERSIONINFO osi;
HMODULE advapi;
char *command = NULL;
int added_keys = 0;
+ int argc, i;
+ char **argv, **argstart;
/*
* Determine whether we're an NT system (should have security
* APIs) or a non-NT system (don't do security).
*/
- memset(&osi, 0, sizeof(OSVERSIONINFO));
- osi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
- if (GetVersionEx(&osi) && osi.dwPlatformId == VER_PLATFORM_WIN32_NT) {
+ if (!init_winver())
+ {
+ modalfatalbox("Windows refuses to report a version");
+ }
+ if (osVersion.dwPlatformId == VER_PLATFORM_WIN32_NT) {
has_security = TRUE;
} else
has_security = FALSE;
instance = inst;
/*
+ * See if we can find our Help file.
+ */
+ {
+ char b[2048], *p, *q, *r;
+ FILE *fp;
+ GetModuleFileName(NULL, b, sizeof(b) - 1);
+ r = b;
+ p = strrchr(b, '\\');
+ if (p && p >= r) r = p+1;
+ q = strrchr(b, ':');
+ if (q && q >= r) r = q+1;
+ strcpy(r, "putty.hlp");
+ if ( (fp = fopen(b, "r")) != NULL) {
+ help_path = dupstr(b);
+ fclose(fp);
+ } else
+ help_path = NULL;
+ }
+
+ /*
+ * Look for the PuTTY binary (we will enable the saved session
+ * submenu if we find it).
+ */
+ {
+ char b[2048], *p, *q, *r;
+ FILE *fp;
+ GetModuleFileName(NULL, b, sizeof(b) - 1);
+ r = b;
+ p = strrchr(b, '\\');
+ if (p && p >= r) r = p+1;
+ q = strrchr(b, ':');
+ if (q && q >= r) r = q+1;
+ strcpy(r, "putty.exe");
+ if ( (fp = fopen(b, "r")) != NULL) {
+ putty_path = dupstr(b);
+ fclose(fp);
+ } else
+ putty_path = NULL;
+ }
+
+ /*
* Find out if Pageant is already running.
*/
already_running = FALSE;
RegisterClass(&wndclass);
}
- hwnd = keylist = NULL;
+ main_hwnd = keylist = NULL;
- hwnd = CreateWindow(APPNAME, APPNAME,
- WS_OVERLAPPEDWINDOW | WS_VSCROLL,
- CW_USEDEFAULT, CW_USEDEFAULT,
- 100, 100, NULL, NULL, inst, NULL);
+ main_hwnd = CreateWindow(APPNAME, APPNAME,
+ WS_OVERLAPPEDWINDOW | WS_VSCROLL,
+ CW_USEDEFAULT, CW_USEDEFAULT,
+ 100, 100, NULL, NULL, inst, NULL);
/* Set up a system tray icon */
- AddTrayIcon(hwnd);
+ AddTrayIcon(main_hwnd);
+ /* Accelerators used: nsvkxa */
systray_menu = CreatePopupMenu();
- /* accelerators used: vkxa */
+ if (putty_path) {
+ session_menu = CreateMenu();
+ AppendMenu(systray_menu, MF_ENABLED, IDM_PUTTY, "&New Session");
+ AppendMenu(systray_menu, MF_POPUP | MF_ENABLED,
+ (UINT) session_menu, "&Saved Sessions");
+ AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
+ }
AppendMenu(systray_menu, MF_ENABLED, IDM_VIEWKEYS,
"&View Keys");
AppendMenu(systray_menu, MF_ENABLED, IDM_ADDKEY, "Add &Key");
+ AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
+ if (help_path)
+ AppendMenu(systray_menu, MF_ENABLED, IDM_HELP, "&Help");
AppendMenu(systray_menu, MF_ENABLED, IDM_ABOUT, "&About");
+ AppendMenu(systray_menu, MF_SEPARATOR, 0, 0);
AppendMenu(systray_menu, MF_ENABLED, IDM_CLOSE, "E&xit");
+ initial_menuitems_count = GetMenuItemCount(session_menu);
- ShowWindow(hwnd, SW_HIDE);
+ ShowWindow(main_hwnd, SW_HIDE);
/*
* Initialise storage for RSA keys.
}
/*
+ * Initialise storage for short-term passphrase cache.
+ */
+ passphrases = newtree234(NULL);
+
+ /*
* Process the command line and add keys as listed on it.
- * If we already determined that we need to spawn a program from above we
- * need to ignore the first two arguments. [DBW]
*/
- {
- char *p;
- int inquotes = 0;
- p = cmdline;
- while (*p) {
- while (*p && isspace(*p))
- p++;
- if (*p && !isspace(*p)) {
- char *q = p, *pp = p;
- while (*p && (inquotes || !isspace(*p))) {
- if (*p == '"') {
- inquotes = !inquotes;
- p++;
- continue;
- }
- *pp++ = *p++;
- }
- if (*pp) {
- if (*p)
- p++;
- *pp++ = '\0';
- }
- if (!strcmp(q, "-c")) {
- /*
- * If we see `-c', then the rest of the
- * command line should be treated as a
- * command to be spawned.
- */
- while (*p && isspace(*p))
- p++;
- command = p;
- break;
- } else {
- add_keyfile(q);
- added_keys = TRUE;
- }
- }
+ split_into_argv(cmdline, &argc, &argv, &argstart);
+ for (i = 0; i < argc; i++) {
+ if (!strcmp(argv[i], "-c")) {
+ /*
+ * If we see `-c', then the rest of the
+ * command line should be treated as a
+ * command to be spawned.
+ */
+ if (i < argc-1)
+ command = argstart[i+1];
+ else
+ command = "";
+ break;
+ } else {
+ add_keyfile(filename_from_str(argv[i]));
+ added_keys = TRUE;
}
}
- if (command)
- spawn_cmd(command, show);
+ /*
+ * Forget any passphrase that we retained while going over
+ * command line keyfiles.
+ */
+ forget_passphrases();
+
+ if (command) {
+ char *args;
+ if (command[0] == '"')
+ args = strchr(++command, '"');
+ else
+ args = strchr(command, ' ');
+ if (args) {
+ *args++ = 0;
+ while(*args && isspace(*args)) args++;
+ }
+ spawn_cmd(command, args, show);
+ }
/*
* If Pageant was already running, we leave now. If we haven't
* Main message loop.
*/
while (GetMessage(&msg, NULL, 0, 0) == 1) {
- TranslateMessage(&msg);
- DispatchMessage(&msg);
+ if (!(IsWindow(keylist) && IsDialogMessage(keylist, &msg)) &&
+ !(IsWindow(aboutbox) && IsDialogMessage(aboutbox, &msg))) {
+ TranslateMessage(&msg);
+ DispatchMessage(&msg);
+ }
}
/* Clean up the system tray icon */
NOTIFYICONDATA tnid;
tnid.cbSize = sizeof(NOTIFYICONDATA);
- tnid.hWnd = hwnd;
+ tnid.hWnd = main_hwnd;
tnid.uID = 1;
Shell_NotifyIcon(NIM_DELETE, &tnid);
if (advapi)
FreeLibrary(advapi);
- exit(msg.wParam);
+ return msg.wParam;
}