Make keyboard-interactive authentication configurable off. (This is

a stopgap until we get round to a proper authentications preference list.) [originally from svn r1426]
2001-11-29 20:34:06 +00:00 · 2001-11-29 20:34:06 +00:00 · 82e7fd0f23
--- a/putty.h
+++ b/putty.h
@ -252,6 +252,7 @@ typedef struct {
    int sshprot;		       /* use v1 or v2 when both available */
    int buggymac;		       /* MAC bug commmercial <=v2.3.x SSH2 */
    int try_tis_auth;
+    int try_ki_auth;
    int ssh_subsys;		       /* run a subsystem rather than a command */
    int ssh_subsys2;		       /* fallback to go with remote_cmd2 */
    /* Telnet options */
--- a/settings.c
+++ b/settings.c
@ -174,6 +174,7 @@ void save_settings(char *section, int do_host, Config * cfg)
    wprefs(sesskey, "Cipher", ciphernames, CIPHER_MAX,
 	   cfg->ssh_cipherlist);
    write_setting_i(sesskey, "AuthTIS", cfg->try_tis_auth);
+    write_setting_i(sesskey, "AuthKI", cfg->try_ki_auth);
    write_setting_i(sesskey, "SshProt", cfg->sshprot);
    write_setting_i(sesskey, "BuggyMAC", cfg->buggymac);
    write_setting_s(sesskey, "PublicKeyFile", cfg->keyfile);
@ -360,6 +361,7 @@ void load_settings(char *section, int do_host, Config * cfg)
    gppi(sesskey, "SshProt", 1, &cfg->sshprot);
    gppi(sesskey, "BuggyMAC", 0, &cfg->buggymac);
    gppi(sesskey, "AuthTIS", 0, &cfg->try_tis_auth);
+    gppi(sesskey, "AuthKI", 1, &cfg->try_ki_auth);
    gpps(sesskey, "PublicKeyFile", "", cfg->keyfile, sizeof(cfg->keyfile));
    gpps(sesskey, "RemoteCommand", "", cfg->remote_cmd,
 	 sizeof(cfg->remote_cmd));
--- a/ssh.c
+++ b/ssh.c
@ -3910,7 +3910,7 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt)
 		    in_commasep_string("publickey", methods, methlen);
 		can_passwd =
 		    in_commasep_string("password", methods, methlen);
-		can_keyb_inter = 
+		can_keyb_inter = cfg.try_ki_auth &&
 		    in_commasep_string("keyboard-interactive", methods, methlen);
 	    }

--- a/windlg.c
+++ b/windlg.c
@ -474,6 +474,7 @@ enum { IDCX_ABOUT =
    IDC_PKBUTTON,
    IDC_AGENTFWD,
    IDC_AUTHTIS,
+    IDC_AUTHKI,
    sshauthpanelend,

    selectionpanelstart,
@ -740,6 +741,7 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess)
    CheckRadioButton(hwnd, IDC_SSHPROT1, IDC_SSHPROT2,
 		     cfg.sshprot == 1 ? IDC_SSHPROT1 : IDC_SSHPROT2);
    CheckDlgButton(hwnd, IDC_AUTHTIS, cfg.try_tis_auth);
+    CheckDlgButton(hwnd, IDC_AUTHKI, cfg.try_ki_auth);
    SetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile);
    SetDlgItemText(hwnd, IDC_CMDEDIT, cfg.remote_cmd);

@ -1322,7 +1324,7 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
    }

    if (panel == sshauthpanelstart) {
-	/* The SSH authentication panel. Accelerators used: [acgo] m fkw */
+	/* The SSH authentication panel. Accelerators used: [acgo] m fkiw */
 	struct ctlpos cp;
 	ctlposinit(&cp, hwnd, 80, 3, 13);
 	if (dlgtype == 0) {
@ -1330,8 +1332,10 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
 		     IDC_TITLE_SSHAUTH);
 	    beginbox(&cp, "Authentication methods",
 		     IDC_BOX_SSHAUTH1);
-	    checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication",
+	    checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication (SSH1)",
 		     IDC_AUTHTIS);
+	    checkbox(&cp, "Attempt \"keyboard-&interactive\" authentication"
+		     " (SSH2)", IDC_AUTHKI);
 	    endbox(&cp);
 	    beginbox(&cp, "Authentication parameters",
 		     IDC_BOX_SSHAUTH2);
@ -2401,6 +2405,12 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
 			cfg.try_tis_auth =
 			IsDlgButtonChecked(hwnd, IDC_AUTHTIS);
 		break;
+	      case IDC_AUTHKI:
+		if (HIWORD(wParam) == BN_CLICKED ||
+		    HIWORD(wParam) == BN_DOUBLECLICKED)
+			cfg.try_ki_auth =
+			IsDlgButtonChecked(hwnd, IDC_AUTHKI);
+		break;
 	      case IDC_PKEDIT:
 		if (HIWORD(wParam) == EN_CHANGE)
 		    GetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile,