X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=windows%2Fwinpgnt.c;h=86998a2bb49127c90e04ce8ce75c435335a23d5f;hb=1de7240eb88fa24a8532ded116b4ec72dd213008;hp=2d6917c2ea01d72553a63a2597cbabad9c45a109;hpb=3ca54e45e32e73c0c6e4530cf95218f45a07c9d3;p=PuTTY.git diff --git a/windows/winpgnt.c b/windows/winpgnt.c index 2d6917c2..86998a2b 100644 --- a/windows/winpgnt.c +++ b/windows/winpgnt.c @@ -16,6 +16,7 @@ #include "tree234.h" #include "winsecur.h" #include "pageant.h" +#include "licence.h" #include @@ -48,7 +49,7 @@ #define APPNAME "Pageant" -extern char ver[]; +extern const char ver[]; static HWND keylist; static HWND aboutbox; @@ -125,6 +126,7 @@ static INT_PTR CALLBACK LicenceProc(HWND hwnd, UINT msg, { switch (msg) { case WM_INITDIALOG: + SetDlgItemText(hwnd, 1000, LICENCE_TEXT("\r\n\r\n")); return 1; case WM_COMMAND: switch (LOWORD(wParam)) { @@ -149,7 +151,14 @@ static INT_PTR CALLBACK AboutProc(HWND hwnd, UINT msg, { switch (msg) { case WM_INITDIALOG: - SetDlgItemText(hwnd, 100, ver); + { + char *text = dupprintf + ("Pageant\r\n\r\n%s\r\n\r\n%s", + ver, + "\251 " SHORT_COPYRIGHT_DETAILS ". All rights reserved."); + SetDlgItemText(hwnd, 1000, text); + sfree(text); + } return 1; case WM_COMMAND: switch (LOWORD(wParam)) { @@ -292,11 +301,32 @@ void keylist_update(void) for (i = 0; NULL != (skey = pageant_nth_ssh2_key(i)); i++) { char *listentry, *p; int pos; - /* - * Replace spaces with tabs in the fingerprint prefix, for - * nice alignment in the list box, until we encounter a : - * meaning we're into the fingerprint proper. - */ + + /* + * For nice alignment in the list box, we would ideally + * want every entry to align to the tab stop settings, and + * have a column for algorithm name, one for bit count, + * one for hex fingerprint, and one for key comment. + * + * Unfortunately, some of the algorithm names are so long + * that they overflow into the bit-count field. + * Fortunately, at the moment, those are _precisely_ the + * algorithm names that don't need a bit count displayed + * anyway (because for NIST-style ECDSA the bit count is + * mentioned in the algorithm name, and for ssh-ed25519 + * there is only one possible value anyway). So we fudge + * this by simply omitting the bit count field in that + * situation. + * + * This is fragile not only in the face of further key + * types that don't follow this pattern, but also in the + * face of font metrics changes - the Windows semantics + * for list box tab stops is that \t aligns to the next + * one you haven't already exceeded, so I have to guess + * when the key type will overflow past the bit-count tab + * stop and leave out a tab character. Urgh. + */ + p = ssh2_fingerprint(skey->alg, skey->data); listentry = dupprintf("%s\t%s", p, skey->comment); sfree(p); @@ -308,6 +338,26 @@ void keylist_update(void) break; listentry[pos++] = '\t'; } + if (skey->alg != &ssh_dss && skey->alg != &ssh_rsa) { + /* + * Remove the bit-count field, which is between the + * first and second \t. + */ + int outpos; + pos = 0; + while (listentry[pos] && listentry[pos] != '\t') + pos++; + outpos = pos; + pos++; + while (listentry[pos] && listentry[pos] != '\t') + pos++; + while (1) { + if ((listentry[outpos] = listentry[pos]) == '\0') + break; + outpos++; + pos++; + } + } SendDlgItemMessage(keylist, 100, LB_ADDSTRING, 0, (LPARAM) listentry); @@ -377,11 +427,11 @@ static void win_add_keyfile(Filename *filename) NULL, PassphraseProc, (LPARAM) &pps); passphrase_box = NULL; - sfree(err); - if (!dlgret) goto done; /* operation cancelled */ + sfree(err); + assert(passphrase != NULL); ret = pageant_add_keyfile(filename, passphrase, &err); @@ -789,7 +839,7 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message, case WM_SYSCOMMAND: switch (wParam & ~0xF) { /* low 4 bits reserved to Windows */ case IDM_PUTTY: - if((int)ShellExecute(hwnd, NULL, putty_path, _T(""), _T(""), + if((INT_PTR)ShellExecute(hwnd, NULL, putty_path, _T(""), _T(""), SW_SHOW) <= 32) { MessageBox(NULL, "Unable to execute PuTTY!", "Error", MB_OK | MB_ICONERROR); @@ -856,7 +906,7 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message, GetMenuItemInfo(session_menu, wParam, FALSE, &mii); strcpy(param, "@"); strcat(param, mii.dwTypeData); - if((int)ShellExecute(hwnd, NULL, putty_path, param, + if((INT_PTR)ShellExecute(hwnd, NULL, putty_path, param, _T(""), SW_SHOW) <= 32) { MessageBox(NULL, "Unable to execute PuTTY!", "Error", MB_OK | MB_ICONERROR); @@ -912,7 +962,6 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message, debug(("couldn't get default SID\n")); #endif CloseHandle(filemap); - sfree(ourself); return 0; } @@ -925,7 +974,6 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message, rc)); #endif CloseHandle(filemap); - sfree(ourself); sfree(ourself2); return 0; } @@ -946,7 +994,6 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message, !EqualSid(mapowner, ourself2)) { CloseHandle(filemap); LocalFree(psd); - sfree(ourself); sfree(ourself2); return 0; /* security ID mismatch! */ } @@ -954,7 +1001,6 @@ static LRESULT CALLBACK WndProc(HWND hwnd, UINT message, debug(("security stuff matched\n")); #endif LocalFree(psd); - sfree(ourself); sfree(ourself2); } else { #ifdef DEBUG_IPC @@ -1128,6 +1174,23 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show) } } +#if !defined UNPROTECT && !defined NO_SECURITY + /* + * Protect our process. + */ + { + char *error = NULL; + if (!setprocessacl(error)) { + char *message = dupprintf("Could not restrict process ACL: %s", + error); + MessageBox(NULL, message, "Pageant Warning", + MB_ICONWARNING | MB_OK); + sfree(message); + sfree(error); + } + } +#endif + /* * Forget any passphrase that we retained while going over * command line keyfiles.