svnno****@sourc*****
svnno****@sourc*****
2015年 5月 8日 (金) 01:38:05 JST
Tera TermRevision: 5853
http://sourceforge.jp/projects/ttssh2/scm/svn/commits/5853
Author: yutakapon
Date: 2015-05-08 01:38:03 +0900 (Fri, 08 May 2015)
Log Message:
-----------
チケット #35047 SSH サーバホスト公開鍵の自動更新
known_hosts ファイルを更新する際の問い合わせダイアログにおいて、
・デフォルトボタンを"NO"にした。
・英文メッセージを変更した。
※I18N対応は未。
Ticket Links:
------------
http://sourceforge.jp/projects/ttssh2/tracker/detail/35047
Modified Paths:
--------------
trunk/ttssh2/ttxssh/key.c
trunk/ttssh2/ttxssh/ssh.c
-------------- next part --------------
Modified: trunk/ttssh2/ttxssh/key.c
===================================================================
--- trunk/ttssh2/ttxssh/key.c 2015-05-06 17:11:28 UTC (rev 5852)
+++ trunk/ttssh2/ttxssh/key.c 2015-05-07 16:38:03 UTC (rev 5853)
@@ -1915,8 +1915,9 @@
static void update_known_hosts(PTInstVar pvar, struct hostkeys_update_ctx *ctx)
{
size_t i;
- char msg[128];
int dlgresult;
+ char msg[1024];
+ char *fp;
// "/nosecuritywarning"\x82\xAA\x8Ew\x92肳\x82\xEA\x82Ă\xA2\x82\xE9\x8Fꍇ\x81A\x8DX\x90V\x82͈\xEA\x90؍s\x82\xED\x82Ȃ\xA2\x81B
if (pvar->nocheck_known_hosts) {
@@ -1927,8 +1928,25 @@
// known_hosts\x83t\x83@\x83C\x83\x8B\x82̍X\x90V\x82\xF0\x8Ds\x82\xA4\x82\xBD\x82߁A\x83\x86\x81[\x83U\x82ɖ₢\x8D\x87\x82킹\x82\xF0\x8Ds\x82\xA4\x81B
if (pvar->settings.UpdateHostkeys == SSH_UPDATE_HOSTKEYS_ASK) {
- _snprintf_s(msg, sizeof(msg), _TRUNCATE, "Accept updated hostkeys? (yes/no)");
- dlgresult = MessageBox(NULL, msg, "TTSSH: confirm", MB_YESNO | MB_ICONWARNING);
+ _snprintf_s(msg, sizeof(msg), _TRUNCATE,
+ "Are you sure you want to accept updated hostkeys?\n\n"
+ "A user has been received complete hostkeys from a remote server.\n"
+ "Your known_hosts file can be updated to the latest public hostkeys \n"
+ "because the file does not contain in the following keys:\n\n"
+ );
+
+ for (i = 0; i < ctx->nkeys; i++) {
+ if (ctx->keys_seen[i])
+ continue;
+ fp = key_fingerprint(ctx->keys[i], SSH_FP_HEX);
+ strcat_s(msg, sizeof(msg), get_sshname_from_key(ctx->keys[i]));
+ strcat_s(msg, sizeof(msg), " ");
+ strcat_s(msg, sizeof(msg), fp);
+ strcat_s(msg, sizeof(msg), "\n");
+ free(fp);
+ }
+
+ dlgresult = MessageBox(NULL, msg, "TTSSH: confirm", MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2);
if (dlgresult != IDYES) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "Hostkey was not updated because a user cancelled.");
notify_verbose_message(pvar, msg, LOG_LEVEL_VERBOSE);
@@ -1950,9 +1968,9 @@
return;
}
-static void client_global_hostkeys_private_confirm(PTInstVar pvar, int type, u_int32_t seq, void *_ctx)
+static void client_global_hostkeys_private_confirm(PTInstVar pvar, int type, u_int32_t seq, void *_ctx)
{
- struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx;
+ struct hostkeys_update_ctx *ctx = (struct hostkeys_update_ctx *)_ctx;
char msg[128];
char *data;
int len;
@@ -1961,8 +1979,8 @@
buffer_t *b = NULL;
buffer_t *bsig = NULL;
char *cp, *sig;
- size_t i, ndone, siglen;
- int ret;
+ size_t i, ndone, siglen;
+ int ret;
// SSH2 packet format:
// [size(4) + padding size(1) + type(1)] + [payload(N) + padding(X)]
@@ -1975,74 +1993,74 @@
data = pvar->ssh_state.payload;
// len = size - (padding size + 1): \x83p\x83f\x83B\x83\x93\x83O\x82\xF0\x8F\x9C\x82\xAD\x83{\x83f\x83B\x81Btype\x82\xAA\x90擪\x82Ɋ܂܂\xEA\x82\xE9\x81B
len = pvar->ssh_state.payloadlen;
- len--; // type \x95\xAA\x82\xF0\x8F\x9C\x82\xAD
-
+ len--; // type \x95\xAA\x82\xF0\x8F\x9C\x82\xAD
+
bsig = buffer_init();
if (bsig == NULL)
goto error;
cp = buffer_append_space(bsig, len);
memcpy(cp, data, len);
-
- if (ctx->nnew == 0) {
+
+ if (ctx->nnew == 0) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "Hostkey can not be updated because ctx->nnew %d(program bug).", ctx->nnew);
notify_verbose_message(pvar, msg, LOG_LEVEL_FATAL);
- goto error;
- }
- if (type != SSH2_MSG_REQUEST_SUCCESS) {
+ goto error;
+ }
+ if (type != SSH2_MSG_REQUEST_SUCCESS) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "Server failed to confirm ownership of private host keys(type %d)", type);
notify_verbose_message(pvar, msg, LOG_LEVEL_ERROR);
- goto error;
- }
- if (pvar->session_id_len == 0) {
+ goto error;
+ }
+ if (pvar->session_id_len == 0) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "Hostkey can not be updated because pvar->session_id_len %d(program bug).", pvar->session_id_len);
notify_verbose_message(pvar, msg, LOG_LEVEL_FATAL);
- goto error;
- }
-
+ goto error;
+ }
+
b = buffer_init();
if (b == NULL)
goto error;
ndone = 0;
- for (i = 0; i < ctx->nkeys; i++) {
- if (ctx->keys_seen[i])
- continue;
-
- buffer_clear(b);
+ for (i = 0; i < ctx->nkeys; i++) {
+ if (ctx->keys_seen[i])
+ continue;
+
+ buffer_clear(b);
buffer_put_cstring(b, "hostk****@opens*****");
buffer_put_string(b, pvar->session_id, pvar->session_id_len);
- key_to_blob(ctx->keys[i], &blob, &bloblen);
- buffer_put_string(b, blob, bloblen);
- free(blob);
- blob = NULL;
-
+ key_to_blob(ctx->keys[i], &blob, &bloblen);
+ buffer_put_string(b, blob, bloblen);
+ free(blob);
+ blob = NULL;
+
sig = buffer_get_string_msg(bsig, &siglen);
// Verify signature
ret = key_verify(ctx->keys[i], sig, siglen, buffer_ptr(b), buffer_len(b));
- free(sig);
- sig = NULL;
+ free(sig);
+ sig = NULL;
if (ret != 1) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "server gave bad signature for %s key %u",
get_sshname_from_key(ctx->keys[i]), i);
notify_verbose_message(pvar, msg, LOG_LEVEL_ERROR);
- goto error;
+ goto error;
}
ndone++;
}
- if (ndone != ctx->nnew) {
+ if (ndone != ctx->nnew) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "Hostkey can not be updated because ndone != ctx->nnew (%u / %u)(program bug).",
ndone, ctx->nnew);
notify_verbose_message(pvar, msg, LOG_LEVEL_FATAL);
- goto error;
- }
+ goto error;
+ }
update_known_hosts(pvar, ctx);
error:
buffer_free(b);
buffer_free(bsig);
- hostkeys_update_ctx_free(ctx);
+ hostkeys_update_ctx_free(ctx);
}
//
@@ -2172,15 +2190,15 @@
buffer_put_cstring(b, "hostk****@opens*****");
buffer_put_char(b, 1); /* bool: want reply */
- for (i = 0; i < ctx->nkeys; i++) {
- if (ctx->keys_seen[i])
- continue;
- key_to_blob(ctx->keys[i], &blob, &len);
- buffer_put_string(b, blob, len);
- free(blob);
- blob = NULL;
- }
-
+ for (i = 0; i < ctx->nkeys; i++) {
+ if (ctx->keys_seen[i])
+ continue;
+ key_to_blob(ctx->keys[i], &blob, &len);
+ buffer_put_string(b, blob, len);
+ free(blob);
+ blob = NULL;
+ }
+
len = buffer_len(b);
outmsg = begin_send_packet(pvar, SSH2_MSG_GLOBAL_REQUEST, len);
memcpy(outmsg, buffer_ptr(b), len);
Modified: trunk/ttssh2/ttxssh/ssh.c
===================================================================
--- trunk/ttssh2/ttxssh/ssh.c 2015-05-06 17:11:28 UTC (rev 5852)
+++ trunk/ttssh2/ttxssh/ssh.c 2015-05-07 16:38:03 UTC (rev 5853)
@@ -132,7 +132,7 @@
global_confirms.ref_count = 0;
}
-void client_register_global_confirm(global_confirm_cb *cb, void *ctx)
+void client_register_global_confirm(global_confirm_cb *cb, void *ctx)
{
struct global_confirm *gc = &global_confirms;
@@ -143,8 +143,8 @@
}
}
-static int client_global_request_reply(PTInstVar pvar, int type, unsigned int seq, void *ctxt)
-{
+static int client_global_request_reply(PTInstVar pvar, int type, unsigned int seq, void *ctxt)
+{
struct global_confirm *gc = &global_confirms;
if (gc->ref_count >= 1) {
@@ -154,7 +154,7 @@
}
return 0;
-}
+}
//
// channel function