📄 pageant.c
字号:
/*
* Pageant: the PuTTY Authentication Agent.
*/
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#include <assert.h>
#include <tchar.h>
#include "putty.h"
#include "ssh.h"
#include "misc.h"
#include "tree234.h"
#include <shellapi.h>
#ifndef NO_SECURITY
#include <aclapi.h>
#endif
#define IDI_MAINICON 200
#define IDI_TRAYICON 201
#define WM_XUSER (WM_USER + 0x2000)
#define WM_SYSTRAY (WM_XUSER + 6)
#define WM_SYSTRAY2 (WM_XUSER + 7)
#define AGENT_COPYDATA_ID 0x804e50ba /* random goop */
/*
* FIXME: maybe some day we can sort this out ...
*/
#define AGENT_MAX_MSGLEN 8192
#define IDM_CLOSE 0x0010
#define IDM_VIEWKEYS 0x0020
#define IDM_ADDKEY 0x0030
#define IDM_HELP 0x0040
#define IDM_ABOUT 0x0050
#define APPNAME "Pageant"
extern char ver[];
static HINSTANCE instance;
static HWND main_hwnd;
static HWND keylist;
static HWND aboutbox;
static HMENU systray_menu, session_menu;
static int already_running;
static int requested_help;
char *help_path;
static char *putty_path;
#define IDM_PUTTY 0x0060
#define IDM_SESSIONS_BASE 0x1000
#define IDM_SESSIONS_MAX 0x2000
#define PUTTY_REGKEY "Software\\SimonTatham\\PuTTY\\Sessions"
#define PUTTY_DEFAULT "Default%20Settings"
static int initial_menuitems_count;
/*
* Print a modal (Really Bad) message box and perform a fatal exit.
*/
void modalfatalbox(char *fmt, ...)
{
va_list ap;
char *buf;
va_start(ap, fmt);
buf = dupvprintf(fmt, ap);
va_end(ap);
MessageBox(main_hwnd, buf, "Pageant Fatal Error",
MB_SYSTEMMODAL | MB_ICONERROR | MB_OK);
sfree(buf);
exit(1);
}
/* Un-munge session names out of the registry. */
static void unmungestr(char *in, char *out, int outlen)
{
while (*in) {
if (*in == '%' && in[1] && in[2]) {
int i, j;
i = in[1] - '0';
i -= (i > 9 ? 7 : 0);
j = in[2] - '0';
j -= (j > 9 ? 7 : 0);
*out++ = (i << 4) + j;
if (!--outlen)
return;
in += 3;
} else {
*out++ = *in++;
if (!--outlen)
return;
}
}
*out = '\0';
return;
}
static tree234 *rsakeys, *ssh2keys;
static int has_security;
#ifndef NO_SECURITY
typedef DWORD(WINAPI * gsi_fn_t)
(HANDLE, SE_OBJECT_TYPE, SECURITY_INFORMATION,
PSID *, PSID *, PACL *, PACL *, PSECURITY_DESCRIPTOR *);
static gsi_fn_t getsecurityinfo;
#endif
/*
* Forward references
*/
static void *make_keylist1(int *length);
static void *make_keylist2(int *length);
static void *get_keylist1(int *length);
static void *get_keylist2(int *length);
/*
* We need this to link with the RSA code, because rsaencrypt()
* pads its data with random bytes. Since we only use rsadecrypt()
* and the signing functions, which are deterministic, this should
* never be called.
*
* If it _is_ called, there is a _serious_ problem, because it
* won't generate true random numbers. So we must scream, panic,
* and exit immediately if that should happen.
*/
int random_byte(void)
{
MessageBox(main_hwnd, "Internal Error", APPNAME, MB_OK | MB_ICONERROR);
exit(0);
/* this line can't be reached but it placates MSVC's warnings :-) */
return 0;
}
/*
* Blob structure for passing to the asymmetric SSH2 key compare
* function, prototyped here.
*/
struct blob {
unsigned char *blob;
int len;
};
static int cmpkeys_ssh2_asymm(void *av, void *bv);
#define GET_32BIT(cp) \
(((unsigned long)(unsigned char)(cp)[0] << 24) | \
((unsigned long)(unsigned char)(cp)[1] << 16) | \
((unsigned long)(unsigned char)(cp)[2] << 8) | \
((unsigned long)(unsigned char)(cp)[3]))
#define PUT_32BIT(cp, value) { \
(cp)[0] = (unsigned char)((value) >> 24); \
(cp)[1] = (unsigned char)((value) >> 16); \
(cp)[2] = (unsigned char)((value) >> 8); \
(cp)[3] = (unsigned char)(value); }
#define PASSPHRASE_MAXLEN 512
struct PassphraseProcStruct {
char *passphrase;
char *comment;
};
static tree234 *passphrases = NULL;
/*
* After processing a list of filenames, we want to forget the
* passphrases.
*/
static void forget_passphrases(void)
{
while (count234(passphrases) > 0) {
char *pp = index234(passphrases, 0);
memset(pp, 0, strlen(pp));
delpos234(passphrases, 0);
free(pp);
}
}
/*
* Dialog-box function for the Licence box.
*/
static int CALLBACK LicenceProc(HWND hwnd, UINT msg,
WPARAM wParam, LPARAM lParam)
{
switch (msg) {
case WM_INITDIALOG:
return 1;
case WM_COMMAND:
switch (LOWORD(wParam)) {
case IDOK:
EndDialog(hwnd, 1);
return 0;
}
return 0;
case WM_CLOSE:
EndDialog(hwnd, 1);
return 0;
}
return 0;
}
/*
* Dialog-box function for the About box.
*/
static int CALLBACK AboutProc(HWND hwnd, UINT msg,
WPARAM wParam, LPARAM lParam)
{
switch (msg) {
case WM_INITDIALOG:
SetDlgItemText(hwnd, 100, ver);
return 1;
case WM_COMMAND:
switch (LOWORD(wParam)) {
case IDOK:
aboutbox = NULL;
DestroyWindow(hwnd);
return 0;
case 101:
EnableWindow(hwnd, 0);
DialogBox(instance, MAKEINTRESOURCE(214), hwnd, LicenceProc);
EnableWindow(hwnd, 1);
SetActiveWindow(hwnd);
return 0;
}
return 0;
case WM_CLOSE:
aboutbox = NULL;
DestroyWindow(hwnd);
return 0;
}
return 0;
}
static HWND passphrase_box;
/*
* Dialog-box function for the passphrase box.
*/
static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
WPARAM wParam, LPARAM lParam)
{
static char *passphrase = NULL;
struct PassphraseProcStruct *p;
switch (msg) {
case WM_INITDIALOG:
passphrase_box = hwnd;
/*
* Centre the window.
*/
{ /* centre the window */
RECT rs, rd;
HWND hw;
hw = GetDesktopWindow();
if (GetWindowRect(hw, &rs) && GetWindowRect(hwnd, &rd))
MoveWindow(hwnd,
(rs.right + rs.left + rd.left - rd.right) / 2,
(rs.bottom + rs.top + rd.top - rd.bottom) / 2,
rd.right - rd.left, rd.bottom - rd.top, TRUE);
}
SetForegroundWindow(hwnd);
SetWindowPos(hwnd, HWND_TOP, 0, 0, 0, 0,
SWP_NOMOVE | SWP_NOSIZE | SWP_SHOWWINDOW);
p = (struct PassphraseProcStruct *) lParam;
passphrase = p->passphrase;
if (p->comment)
SetDlgItemText(hwnd, 101, p->comment);
*passphrase = 0;
SetDlgItemText(hwnd, 102, passphrase);
return 0;
case WM_COMMAND:
switch (LOWORD(wParam)) {
case IDOK:
if (*passphrase)
EndDialog(hwnd, 1);
else
MessageBeep(0);
return 0;
case IDCANCEL:
EndDialog(hwnd, 0);
return 0;
case 102: /* edit box */
if ((HIWORD(wParam) == EN_CHANGE) && passphrase) {
GetDlgItemText(hwnd, 102, passphrase,
PASSPHRASE_MAXLEN - 1);
passphrase[PASSPHRASE_MAXLEN - 1] = '\0';
}
return 0;
}
return 0;
case WM_CLOSE:
EndDialog(hwnd, 0);
return 0;
}
return 0;
}
/*
* Warn about the obsolescent key file format.
*/
void old_keyfile_warning(void)
{
static const char mbtitle[] = "PuTTY Key File Warning";
static const char message[] =
"You are loading an SSH 2 private key which has an\n"
"old version of the file format. This means your key\n"
"file is not fully tamperproof. Future versions of\n"
"PuTTY may stop supporting this private key format,\n"
"so we recommend you convert your key to the new\n"
"format.\n"
"\n"
"You can perform this conversion by loading the key\n"
"into PuTTYgen and then saving it again.";
MessageBox(NULL, message, mbtitle, MB_OK);
}
/*
* Update the visible key list.
*/
static void keylist_update(void)
{
struct RSAKey *rkey;
struct ssh2_userkey *skey;
int i;
if (keylist) {
SendDlgItemMessage(keylist, 100, LB_RESETCONTENT, 0, 0);
for (i = 0; NULL != (rkey = index234(rsakeys, i)); i++) {
char listentry[512], *p;
/*
* Replace two spaces in the fingerprint with tabs, for
* nice alignment in the box.
*/
strcpy(listentry, "ssh1\t");
p = listentry + strlen(listentry);
rsa_fingerprint(p, sizeof(listentry) - (p - listentry), rkey);
p = strchr(listentry, ' ');
if (p)
*p = '\t';
p = strchr(listentry, ' ');
if (p)
*p = '\t';
SendDlgItemMessage(keylist, 100, LB_ADDSTRING,
0, (LPARAM) listentry);
}
for (i = 0; NULL != (skey = index234(ssh2keys, i)); i++) {
char listentry[512], *p;
int len;
/*
* Replace two spaces in the fingerprint with tabs, for
* nice alignment in the box.
*/
p = skey->alg->fingerprint(skey->data);
strncpy(listentry, p, sizeof(listentry));
p = strchr(listentry, ' ');
if (p)
*p = '\t';
p = strchr(listentry, ' ');
if (p)
*p = '\t';
len = strlen(listentry);
if (len < sizeof(listentry) - 2) {
listentry[len] = '\t';
strncpy(listentry + len + 1, skey->comment,
sizeof(listentry) - len - 1);
}
SendDlgItemMessage(keylist, 100, LB_ADDSTRING, 0,
(LPARAM) listentry);
}
SendDlgItemMessage(keylist, 100, LB_SETCURSEL, (WPARAM) - 1, 0);
}
}
/*
* This function loads a key from a file and adds it.
*/
static void add_keyfile(Filename filename)
{
char passphrase[PASSPHRASE_MAXLEN];
struct RSAKey *rkey = NULL;
struct ssh2_userkey *skey = NULL;
int needs_pass;
int ret;
int attempts;
char *comment;
struct PassphraseProcStruct pps;
int type;
int original_pass;
type = key_type(&filename);
if (type != SSH_KEYTYPE_SSH1 && type != SSH_KEYTYPE_SSH2) {
char msg[256];
sprintf(msg, "Couldn't load this key (%s)", key_type_to_str(type));
MessageBox(NULL, msg, APPNAME, MB_OK | MB_ICONERROR);
return;
}
/*
* See if the key is already loaded (in the primary Pageant,
* which may or may not be us).
*/
{
void *blob;
unsigned char *keylist, *p;
int i, nkeys, bloblen, keylistlen;
if (type == SSH_KEYTYPE_SSH1) {
if (!rsakey_pubblob(&filename, &blob, &bloblen, NULL)) {
MessageBox(NULL, "Couldn't load private key.", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
keylist = get_keylist1(&keylistlen);
} else {
unsigned char *blob2;
blob = ssh2_userkey_loadpub(&filename, NULL, &bloblen, NULL);
if (!blob) {
MessageBox(NULL, "Couldn't load private key.", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
/* For our purposes we want the blob prefixed with its length */
blob2 = snewn(bloblen+4, unsigned char);
PUT_32BIT(blob2, bloblen);
memcpy(blob2 + 4, blob, bloblen);
sfree(blob);
blob = blob2;
keylist = get_keylist2(&keylistlen);
}
if (keylist) {
if (keylistlen < 4) {
MessageBox(NULL, "Received broken key list?!", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
nkeys = GET_32BIT(keylist);
p = keylist + 4;
keylistlen -= 4;
for (i = 0; i < nkeys; i++) {
if (!memcmp(blob, p, bloblen)) {
/* Key is already present; we can now leave. */
sfree(keylist);
sfree(blob);
return;
}
/* Now skip over public blob */
if (type == SSH_KEYTYPE_SSH1) {
int n = rsa_public_blob_len(p, keylistlen);
if (n < 0) {
MessageBox(NULL, "Received broken key list?!", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
p += n;
keylistlen -= n;
} else {
int n;
if (keylistlen < 4) {
MessageBox(NULL, "Received broken key list?!", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
n = 4 + GET_32BIT(p);
if (keylistlen < n) {
MessageBox(NULL, "Received broken key list?!", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
p += n;
keylistlen -= n;
}
/* Now skip over comment field */
{
int n;
if (keylistlen < 4) {
MessageBox(NULL, "Received broken key list?!", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
n = 4 + GET_32BIT(p);
if (keylistlen < n) {
MessageBox(NULL, "Received broken key list?!", APPNAME,
MB_OK | MB_ICONERROR);
return;
}
p += n;
keylistlen -= n;
}
}
sfree(keylist);
}
sfree(blob);
}
if (type == SSH_KEYTYPE_SSH1)
needs_pass = rsakey_encrypted(&filename, &comment);
else
needs_pass = ssh2_userkey_encrypted(&filename, &comment);
attempts = 0;
if (type == SSH_KEYTYPE_SSH1)
rkey = snew(struct RSAKey);
pps.passphrase = passphrase;
pps.comment = comment;
original_pass = 0;
do {
if (needs_pass) {
/* try all the remembered passphrases first */
char *pp = index234(passphrases, attempts);
if(pp) {
strcpy(passphrase, pp);
} else {
int dlgret;
original_pass = 1;
dlgret = DialogBoxParam(instance, MAKEINTRESOURCE(210),
NULL, PassphraseProc, (LPARAM) & pps);
passphrase_box = NULL;
if (!dlgret) {
if (comment)
sfree(comment);
if (type == SSH_KEYTYPE_SSH1)
sfree(rkey);
return; /* operation cancelled */
}
}
} else
*passphrase = '\0';
if (type == SSH_KEYTYPE_SSH1)
ret = loadrsakey(&filename, rkey, passphrase, NULL);
else {
skey = ssh2_load_userkey(&filename, passphrase, NULL);
if (skey == SSH2_WRONG_PASSPHRASE)
ret = -1;
else if (!skey)
ret = 0;
else
ret = 1;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -