From 82e7fd0f2307d11912b519674fd63470b0da13c0 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Thu, 29 Nov 2001 20:34:06 +0000 Subject: [PATCH] Make keyboard-interactive authentication configurable off. (This is a stopgap until we get round to a proper authentications preference list.) [originally from svn r1426] --- putty.h | 1 + settings.c | 2 ++ ssh.c | 2 +- windlg.c | 14 ++++++++++++-- 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/putty.h b/putty.h index cee5ae9f..ada08584 100644 --- a/putty.h +++ b/putty.h @@ -252,6 +252,7 @@ typedef struct { int sshprot; /* use v1 or v2 when both available */ int buggymac; /* MAC bug commmercial <=v2.3.x SSH2 */ int try_tis_auth; + int try_ki_auth; int ssh_subsys; /* run a subsystem rather than a command */ int ssh_subsys2; /* fallback to go with remote_cmd2 */ /* Telnet options */ diff --git a/settings.c b/settings.c index 26c77443..27c21dda 100644 --- a/settings.c +++ b/settings.c @@ -174,6 +174,7 @@ void save_settings(char *section, int do_host, Config * cfg) wprefs(sesskey, "Cipher", ciphernames, CIPHER_MAX, cfg->ssh_cipherlist); write_setting_i(sesskey, "AuthTIS", cfg->try_tis_auth); + write_setting_i(sesskey, "AuthKI", cfg->try_ki_auth); write_setting_i(sesskey, "SshProt", cfg->sshprot); write_setting_i(sesskey, "BuggyMAC", cfg->buggymac); write_setting_s(sesskey, "PublicKeyFile", cfg->keyfile); @@ -360,6 +361,7 @@ void load_settings(char *section, int do_host, Config * cfg) gppi(sesskey, "SshProt", 1, &cfg->sshprot); gppi(sesskey, "BuggyMAC", 0, &cfg->buggymac); gppi(sesskey, "AuthTIS", 0, &cfg->try_tis_auth); + gppi(sesskey, "AuthKI", 1, &cfg->try_ki_auth); gpps(sesskey, "PublicKeyFile", "", cfg->keyfile, sizeof(cfg->keyfile)); gpps(sesskey, "RemoteCommand", "", cfg->remote_cmd, sizeof(cfg->remote_cmd)); diff --git a/ssh.c b/ssh.c index baa811fb..0d299eaf 100644 --- a/ssh.c +++ b/ssh.c @@ -3910,7 +3910,7 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) in_commasep_string("publickey", methods, methlen); can_passwd = in_commasep_string("password", methods, methlen); - can_keyb_inter = + can_keyb_inter = cfg.try_ki_auth && in_commasep_string("keyboard-interactive", methods, methlen); } diff --git a/windlg.c b/windlg.c index 3a33d7e6..7113360d 100644 --- a/windlg.c +++ b/windlg.c @@ -474,6 +474,7 @@ enum { IDCX_ABOUT = IDC_PKBUTTON, IDC_AGENTFWD, IDC_AUTHTIS, + IDC_AUTHKI, sshauthpanelend, selectionpanelstart, @@ -740,6 +741,7 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess) CheckRadioButton(hwnd, IDC_SSHPROT1, IDC_SSHPROT2, cfg.sshprot == 1 ? IDC_SSHPROT1 : IDC_SSHPROT2); CheckDlgButton(hwnd, IDC_AUTHTIS, cfg.try_tis_auth); + CheckDlgButton(hwnd, IDC_AUTHKI, cfg.try_ki_auth); SetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile); SetDlgItemText(hwnd, IDC_CMDEDIT, cfg.remote_cmd); @@ -1322,7 +1324,7 @@ static void create_controls(HWND hwnd, int dlgtype, int panel) } if (panel == sshauthpanelstart) { - /* The SSH authentication panel. Accelerators used: [acgo] m fkw */ + /* The SSH authentication panel. Accelerators used: [acgo] m fkiw */ struct ctlpos cp; ctlposinit(&cp, hwnd, 80, 3, 13); if (dlgtype == 0) { @@ -1330,8 +1332,10 @@ static void create_controls(HWND hwnd, int dlgtype, int panel) IDC_TITLE_SSHAUTH); beginbox(&cp, "Authentication methods", IDC_BOX_SSHAUTH1); - checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication", + checkbox(&cp, "Atte&mpt TIS or CryptoCard authentication (SSH1)", IDC_AUTHTIS); + checkbox(&cp, "Attempt \"keyboard-&interactive\" authentication" + " (SSH2)", IDC_AUTHKI); endbox(&cp); beginbox(&cp, "Authentication parameters", IDC_BOX_SSHAUTH2); @@ -2401,6 +2405,12 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg, cfg.try_tis_auth = IsDlgButtonChecked(hwnd, IDC_AUTHTIS); break; + case IDC_AUTHKI: + if (HIWORD(wParam) == BN_CLICKED || + HIWORD(wParam) == BN_DOUBLECLICKED) + cfg.try_ki_auth = + IsDlgButtonChecked(hwnd, IDC_AUTHKI); + break; case IDC_PKEDIT: if (HIWORD(wParam) == EN_CHANGE) GetDlgItemText(hwnd, IDC_PKEDIT, cfg.keyfile,