diff --git a/3rdp/build/GNUmakefile b/3rdp/build/GNUmakefile
index 8e615d93a1ed1337f7c0d6f99ce647b71bffd869..8f21d156b1a77b96171c503b0dfb3496581cbc74 100644
--- a/3rdp/build/GNUmakefile
+++ b/3rdp/build/GNUmakefile
@@ -81,7 +81,7 @@ $(CRYPT_SRC): | $(3RDPSRCDIR)
$(CRYPT_IDIR): | $(3RDPODIR)
$(QUIET)$(IFNOTEXIST) mkdir $(CRYPT_IDIR)
-$(CRYPTLIB_BUILD): $(3RDP_ROOT)$(DIRSEP)dist/cryptlib.zip $(3RDP_ROOT)$(DIRSEP)build/terminal-params.patch $(3RDP_ROOT)$(DIRSEP)build/cl-mingw32-static.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ranlib.patch $(3RDP_ROOT)$(DIRSEP)build/cl-win32-noasm.patch $(3RDP_ROOT)$(DIRSEP)build/cl-zz-country.patch $(3RDP_ROOT)$(DIRSEP)build/cl-algorithms.patch $(3RDP_ROOT)$(DIRSEP)build/cl-allow-duplicate-ext.patch $(3RDP_ROOT)$(DIRSEP)build/cl-macosx-minver.patch $(3RDP_ROOT)$(DIRSEP)build/cl-endian.patch $(3RDP_ROOT)$(DIRSEP)build/cl-cryptodev.patch $(3RDP_ROOT)$(DIRSEP)build/cl-posix-me-gently.patch $(3RDP_ROOT)$(DIRSEP)build/cl-tpm-linux.patch $(3RDP_ROOT)$(DIRSEP)build/cl-PAM-noprompts.patch $(3RDP_ROOT)$(DIRSEP)build/cl-zlib.patch $(3RDP_ROOT)$(DIRSEP)build/Dynamic-linked-static-lib.patch $(3RDP_ROOT)$(DIRSEP)build/SSL-fix.patch $(3RDP_ROOT)$(DIRSEP)build/cl-bigger-maxattribute.patch $(3RDP_ROOT)$(DIRSEP)build/cl-vcxproj.patch $(3RDP_ROOT)$(DIRSEP)build/cl-mingw-vcver.patch $(3RDP_ROOT)$(DIRSEP)build/cl-win32-build-fix.patch $(3RDP_ROOT)$(DIRSEP)build/cl-gcc-non-const-time-val.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-odbc.patch $(3RDP_ROOT)$(DIRSEP)build/cl-noasm-defines.patch $(3RDP_ROOT)$(DIRSEP)build/cl-bn-noasm64-fix.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-RSA-suites.patch $(3RDP_ROOT)$(DIRSEP)build/cl-fix-ECC-RSA.patch $(3RDP_ROOT)$(DIRSEP)build/cl-prefer-ECC.patch $(3RDP_ROOT)$(DIRSEP)build/cl-prefer-ECC-harder.patch $(3RDP_ROOT)$(DIRSEP)build/cl-more-RSA-ECC-fixes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-DH-key-init.patch $(3RDP_ROOT)$(DIRSEP)build/cl-clear-GCM-flag.patch $(3RDP_ROOT)$(DIRSEP)build/cl-use-ssh-ctr.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ssh-list-ctr-modes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ssh-incCtr.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ssl-suite-blocksizes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-tpm.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-via-aes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-fix-ssh-ecc-ephemeral.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-just-use-cc.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-learn-numbers.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-no-safe-stack.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-allow-pkcs12.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-uint64_t-redefine.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-random-openbsd.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-openbsd-threads.patch | $(CRYPT_SRC) $(CRYPT_IDIR)
+$(CRYPTLIB_BUILD): $(3RDP_ROOT)$(DIRSEP)dist/cryptlib.zip $(3RDP_ROOT)$(DIRSEP)build/terminal-params.patch $(3RDP_ROOT)$(DIRSEP)build/cl-mingw32-static.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ranlib.patch $(3RDP_ROOT)$(DIRSEP)build/cl-win32-noasm.patch $(3RDP_ROOT)$(DIRSEP)build/cl-zz-country.patch $(3RDP_ROOT)$(DIRSEP)build/cl-algorithms.patch $(3RDP_ROOT)$(DIRSEP)build/cl-allow-duplicate-ext.patch $(3RDP_ROOT)$(DIRSEP)build/cl-macosx-minver.patch $(3RDP_ROOT)$(DIRSEP)build/cl-endian.patch $(3RDP_ROOT)$(DIRSEP)build/cl-cryptodev.patch $(3RDP_ROOT)$(DIRSEP)build/cl-posix-me-gently.patch $(3RDP_ROOT)$(DIRSEP)build/cl-tpm-linux.patch $(3RDP_ROOT)$(DIRSEP)build/cl-PAM-noprompts.patch $(3RDP_ROOT)$(DIRSEP)build/cl-zlib.patch $(3RDP_ROOT)$(DIRSEP)build/Dynamic-linked-static-lib.patch $(3RDP_ROOT)$(DIRSEP)build/SSL-fix.patch $(3RDP_ROOT)$(DIRSEP)build/cl-bigger-maxattribute.patch $(3RDP_ROOT)$(DIRSEP)build/cl-vcxproj.patch $(3RDP_ROOT)$(DIRSEP)build/cl-mingw-vcver.patch $(3RDP_ROOT)$(DIRSEP)build/cl-win32-build-fix.patch $(3RDP_ROOT)$(DIRSEP)build/cl-gcc-non-const-time-val.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-odbc.patch $(3RDP_ROOT)$(DIRSEP)build/cl-noasm-defines.patch $(3RDP_ROOT)$(DIRSEP)build/cl-bn-noasm64-fix.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-RSA-suites.patch $(3RDP_ROOT)$(DIRSEP)build/cl-fix-ECC-RSA.patch $(3RDP_ROOT)$(DIRSEP)build/cl-prefer-ECC.patch $(3RDP_ROOT)$(DIRSEP)build/cl-prefer-ECC-harder.patch $(3RDP_ROOT)$(DIRSEP)build/cl-more-RSA-ECC-fixes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-DH-key-init.patch $(3RDP_ROOT)$(DIRSEP)build/cl-clear-GCM-flag.patch $(3RDP_ROOT)$(DIRSEP)build/cl-use-ssh-ctr.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ssh-list-ctr-modes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ssh-incCtr.patch $(3RDP_ROOT)$(DIRSEP)build/cl-ssl-suite-blocksizes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-tpm.patch $(3RDP_ROOT)$(DIRSEP)build/cl-no-via-aes.patch $(3RDP_ROOT)$(DIRSEP)build/cl-fix-ssh-ecc-ephemeral.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-just-use-cc.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-learn-numbers.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-no-safe-stack.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-allow-pkcs12.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-uint64_t-redefine.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-random-openbsd.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-openbsd-threads.patch $(3RDP_ROOT)$(DIRSEP)/build/cl-allow-none-auth.patch | $(CRYPT_SRC) $(CRYPT_IDIR)
@echo Creating $@ ...
$(QUIET)-rm -rf $(CRYPT_SRC)/*
$(QUIET)unzip -oa $(3RDPDISTDIR)$(DIRSEP)cryptlib.zip -d $(CRYPT_SRC)
@@ -131,6 +131,7 @@ $(CRYPTLIB_BUILD): $(3RDP_ROOT)$(DIRSEP)dist/cryptlib.zip $(3RDP_ROOT)$(DIRSEP)b
$(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-uint64_t-redefine.patch
$(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-random-openbsd.patch
$(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-openbsd-threads.patch
+ $(QUIET)patch -b -p0 -d $(CRYPT_SRC) < cl-allow-none-auth.patch
ifeq ($(CC),mingw32-gcc)
$(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make directories
$(QUIET)cd $(CRYPT_SRC) && env - PATH="$(PATH)" CC="$(CC)" AR="$(AR)" RANLIB="$(RANLIB)" make toolscripts
diff --git a/3rdp/build/cl-allow-none-auth.patch b/3rdp/build/cl-allow-none-auth.patch
new file mode 100644
index 0000000000000000000000000000000000000000..95ab0fd6985c068f9bd2092abf2aaee3b541be31
--- /dev/null
+++ b/3rdp/build/cl-allow-none-auth.patch
@@ -0,0 +1,158 @@
+--- ../cl-old/cryptlib.h 2021-03-16 04:15:50.265534000 -0400
++++ ./cryptlib.h 2021-03-16 06:53:47.582168000 -0400
+@@ -1215,6 +1215,7 @@
+ CRYPT_SESSINFO_SSH_CHANNEL_ARG1,/* SSH channel argument 1 */
+ CRYPT_SESSINFO_SSH_CHANNEL_ARG2,/* SSH channel argument 2 */
+ CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE,/* SSH channel active */
++ CRYPT_SESSINFO_SSH_OPTIONS, /* SSH protocol options */
+ CRYPT_SESSINFO_SSL_OPTIONS, /* SSL/TLS protocol options */
+ CRYPT_SESSINFO_SSL_SUBPROTOCOL, /* SSL/TLS additional sub-protocol */
+ CRYPT_SESSINFO_SSL_WSPROTOCOL, /* SSL/TLS WebSockets sub-protocol */
+@@ -1680,6 +1681,14 @@
+ #define CRYPT_SSLOPTION_SUITEB_256 0x200 /* vanish in future releases) */
+ #ifdef _CRYPT_DEFINED
+ #define CRYPT_SSLOPTION_MAX 0x7F /* Defines for range checking */
++#endif /* _CRYPT_DEFINED */
++
++/* SSH protocol options. */
++
++#define CRYPT_SSHOPTION_NONE 0x000
++#define CRYPT_SSHOPTION_NONE_AUTH 0x001 /* Try none authentication */
++#ifdef _CRYPT_DEFINED
++#define CRYPT_SSHOPTION_MAX 0x01 /* Defines for range checking */
+ #endif /* _CRYPT_DEFINED */
+
+ /****************************************************************************
+diff -ur ../cl-old/kernel/attr_acl.c ./kernel/attr_acl.c
+--- ../cl-old/kernel/attr_acl.c 2021-03-16 04:15:50.398060000 -0400
++++ ./kernel/attr_acl.c 2021-03-16 06:53:47.606473000 -0400
+@@ -3731,6 +3731,12 @@
+ ST_NONE, ST_NONE, ST_SESS_SSH | ST_SESS_SSH_SVR,
+ MKPERM_SSH_EXT( RWx_xxx ),
+ ROUTE( OBJECT_TYPE_SESSION ) ),
++ MKACL_N( /* SSH protocol options */
++ CRYPT_SESSINFO_SSH_OPTIONS,
++ ST_NONE, ST_NONE, ST_SESS_SSH,
++ MKPERM_SSH_EXT( Rxx_RWx ),
++ ROUTE( OBJECT_TYPE_SESSION ),
++ RANGE( CRYPT_SSHOPTION_NONE, CRYPT_SSHOPTION_MAX ) ),
+
+ MKACL_N( /* SSL/TLS protocol options */
+ CRYPT_SESSINFO_SSL_OPTIONS,
+@@ -4653,7 +4659,7 @@
+ static_assert( CRYPT_CERTINFO_FIRST_EXTENSION == 2200, "Attribute value" );
+ static_assert( CRYPT_CERTINFO_FIRST_CMS == 2500, "Attribute value" );
+ static_assert( CRYPT_SESSINFO_FIRST_SPECIFIC == 6016, "Attribute value" );
+- static_assert( CRYPT_SESSINFO_LAST_SPECIFIC == 6031, "Attribute value" );
++ static_assert( CRYPT_SESSINFO_LAST_SPECIFIC == 6032, "Attribute value" );
+ static_assert( CRYPT_CERTFORMAT_LAST == 12, "Attribute value" );
+
+ /* Perform a consistency check on the attribute ACLs. The ACLs are
+diff -ur ../cl-old/session/ssh.c ./session/ssh.c
+--- ../cl-old/session/ssh.c 2021-03-16 04:15:50.257467000 -0400
++++ ./session/ssh.c 2021-03-16 06:53:47.638940000 -0400
+@@ -980,6 +980,18 @@
+ type == CRYPT_SESSINFO_SSH_CHANNEL_ARG2 || \
+ type == CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE );
+
++ if( type == CRYPT_SESSINFO_SSH_OPTIONS )
++ {
++ int *valuePtr = ( int * ) data;
++
++ *valuePtr = CRYPT_SSHOPTION_NONE;
++ if( TEST_FLAG( sessionInfoPtr->protocolFlags,
++ SSH_PFLAG_DUMMYUSERAUTH ) )
++ *valuePtr |= CRYPT_SSHOPTION_NONE_AUTH;
++
++ return( CRYPT_OK );
++ }
++
+ if( type == CRYPT_SESSINFO_SSH_CHANNEL || \
+ type == CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE )
+ {
+@@ -1010,11 +1022,13 @@
+ type == CRYPT_SESSINFO_SSH_CHANNEL_TYPE || \
+ type == CRYPT_SESSINFO_SSH_CHANNEL_ARG1 || \
+ type == CRYPT_SESSINFO_SSH_CHANNEL_ARG2 || \
++ type == CRYPT_SESSINFO_SSH_OPTIONS || \
+ type == CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE );
+
+ /* Get the data value if it's an integer parameter */
+ if( type == CRYPT_SESSINFO_SSH_CHANNEL || \
+- type == CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE )
++ type == CRYPT_SESSINFO_SSH_CHANNEL_ACTIVE || \
++ type == CRYPT_SESSINFO_SSH_OPTIONS)
+ value = *( ( int * ) data );
+
+ /* If we're selecting a channel and there's unwritten data from a
+@@ -1038,6 +1052,13 @@
+ return( createChannel( sessionInfoPtr ) );
+ }
+
++ if( type == CRYPT_SESSINFO_SSH_OPTIONS )
++ {
++ if (value & CRYPT_SSHOPTION_NONE_AUTH)
++ SET_FLAG( sessionInfoPtr->protocolFlags, SSH_PFLAG_DUMMYUSERAUTH );
++ return( CRYPT_OK );
++ }
++
+ /* If we 're setting the channel-active attribute, this implicitly
+ activates or deactivates the channel rather than setting any
+ attribute value */
+@@ -1165,8 +1186,6 @@
+ SESSION_FLAG_NONE, /* Flags */
+ SSH_PORT, /* SSH port */
+ SESSION_NEEDS_USERID | /* Client attributes */
+- SESSION_NEEDS_PASSWORD | \
+- SESSION_NEEDS_KEYORPASSWORD | \
+ SESSION_NEEDS_PRIVKEYSIGN,
+ /* The client private key is optional, but if present it has
+ to be signature-capable */
+diff -ur ../cl-old/session/ssh2_authc.c ./session/ssh2_authc.c
+--- ../cl-old/session/ssh2_authc.c 2021-03-16 04:15:50.264206000 -0400
++++ ./session/ssh2_authc.c 2021-03-16 07:46:47.873769000 -0400
+@@ -315,13 +315,22 @@
+ assert( isWritePtr( authAlgo, sizeof( CRYPT_ALGO_TYPE ) ) );
+ assert( isWritePtr( furtherAuthRequired, sizeof( BOOLEAN ) ) );
+
+- REQUIRES( isShortIntegerRangeNZ( length ) );
+ REQUIRES( usedPasswordAuth == TRUE || usedPasswordAuth == FALSE );
+
+ /* Clear return values */
+ *authAlgo = CRYPT_ALGO_NONE;
+ *furtherAuthRequired = FALSE;
+
++ if (length == 0 && GET_FLAG( sessionInfoPtr->protocolFlags, SSH_PFLAG_DUMMYUSERAUTH ) && !usedPasswordAuth)
++ {
++ CLEAR_FLAG( sessionInfoPtr->protocolFlags, SSH_PFLAG_DUMMYUSERAUTH );
++ *furtherAuthRequired = TRUE;
++ *authAlgo = CRYPT_PSEUDOALGO_PASSWORD;
++ return( CRYPT_OK );
++ }
++
++ REQUIRES( isShortIntegerRangeNZ( length ) );
++
+ /* Before we can try and interpret the response, we have to check for an
+ empty response */
+ if( length >= LENGTH_SIZE && \
+@@ -647,6 +656,8 @@
+ SSH_MSG_USERAUTH_REQUEST );
+ if( cryptStatusError( status ) )
+ return( status );
++ if (passwordPtr == NULL && GET_FLAG( sessionInfoPtr->protocolFlags, SSH_PFLAG_DUMMYUSERAUTH ))
++ return( OK_SPECIAL );
+ if( usePasswordAuth )
+ {
+ /* byte type = SSH_MSG_USERAUTH_REQUEST
+@@ -1220,6 +1231,11 @@
+ auth required */
+ if( !hasPassword )
+ {
++ if (length == 0)
++ {
++ return( reportAuthFailure( sessionInfoPtr, CRYPT_PSEUDOALGO_PASSWORD,
++ requiredAuthAlgo, TRUE ) );
++ }
+ return( reportAuthFailure( sessionInfoPtr, CRYPT_ALGO_RSA,
+ requiredAuthAlgo, TRUE ) );
+ }
diff --git a/src/syncterm/bbslist.c b/src/syncterm/bbslist.c
index 17695425cbb1e04d55c55d449fd74f4c5073a105..4fe5b12f30eb6ee7aa15635f95eb270d21e4e672 100644
--- a/src/syncterm/bbslist.c
+++ b/src/syncterm/bbslist.c
@@ -966,10 +966,18 @@ int edit_list(struct bbslist **list, struct bbslist *item,char *listpath,int isd
fc_str(opt[i++], item->flow_control);
else if (item->conn_type != CONN_TYPE_SHELL)
sprintf(opt[i++], "TCP Port %hu",item->port);
- printf_trunc(opt[i], sizeof(opt[i]), "Username %s",item->user);
- i++;
- sprintf(opt[i++], "Password %s",item->password[0]?"********":"<none>");
- sprintf(opt[i++], "System Password %s",item->syspass[0]?"********":"<none>");
+ if (item->conn_type == CONN_TYPE_SSHNA) {
+ printf_trunc(opt[i], sizeof(opt[i]), "SSH Username %s",item->user);
+ i++;
+ sprintf(opt[i++], "BBS Username %s",item->password);
+ sprintf(opt[i++], "BBS Password %s",item->syspass[0]?"********":"<none>");
+ }
+ else {
+ printf_trunc(opt[i], sizeof(opt[i]), "Username %s",item->user);
+ i++;
+ sprintf(opt[i++], "Password %s",item->password[0]?"********":"<none>");
+ sprintf(opt[i++], "System Password %s",item->syspass[0]?"********":"<none>");
+ }
sprintf(opt[i++], "Screen Mode %s",screen_modes[item->screen_mode]);
sprintf(opt[i++], "Hide Status Line %s",item->nostatus?"Yes":"No");
printf_trunc(opt[i], sizeof(opt[i]), "Download Path %s", item->dldir);
@@ -1179,27 +1187,45 @@ int edit_list(struct bbslist **list, struct bbslist *item,char *listpath,int isd
}
break;
case 4:
- uifc.helpbuf= "`Username`\n\n"
- "Enter the username to attempt auto-login to the remote with.\n"
- "For SSH, this must be the SSH user name.";
+ if (item->conn_type == CONN_TYPE_SSHNA) {
+ uifc.helpbuf= "`SSH Username`\n\n"
+ "Enter the username for passwordless SSH authentication.";
+ }
+ else {
+ uifc.helpbuf= "`Username`\n\n"
+ "Enter the username to attempt auto-login to the remote with.\n"
+ "For SSH, this must be the SSH user name.";
+ }
uifc.input(WIN_MID|WIN_SAV,0,0,"Username",item->user,MAX_USER_LEN,K_EDIT);
check_exit(FALSE);
iniSetString(&inifile,itemname,"UserName",item->user,&ini_style);
break;
case 5:
- uifc.helpbuf= "`Password`\n\n"
- "Enter your password for auto-login.\n"
- "For SSH, this must be the SSH password if it exists.\n";
+ if (item->conn_type == CONN_TYPE_SSHNA) {
+ uifc.helpbuf= "`BBS Username`\n\n"
+ "Enter the username to be sent for auto-login (ALT-L).";
+ }
+ else {
+ uifc.helpbuf= "`Password`\n\n"
+ "Enter your password for auto-login.\n"
+ "For SSH, this must be the SSH password if it exists.\n";
+ }
uifc.input(WIN_MID|WIN_SAV,0,0,"Password",item->password,MAX_PASSWD_LEN,K_EDIT);
check_exit(FALSE);
iniSetString(&inifile,itemname,"Password",item->password,&ini_style);
break;
case 6:
- uifc.helpbuf= "`System Password`\n\n"
- "Enter your System password for auto-login.\n"
- "This password is sent after the username and password, so for non-\n"
- "Synchronet, or non-sysop accounts, this can be used for simple\n"
- "scripting.";
+ if (item->conn_type == CONN_TYPE_SSHNA) {
+ uifc.helpbuf= "`BBS Password`\n\n"
+ "Enter your password for auto-login. (ALT-L)\n";
+ }
+ else {
+ uifc.helpbuf= "`System Password`\n\n"
+ "Enter your System password for auto-login.\n"
+ "This password is sent after the username and password, so for non-\n"
+ "Synchronet, or non-sysop accounts, this can be used for simple\n"
+ "scripting.";
+ }
uifc.input(WIN_MID|WIN_SAV,0,0,"System Password",item->syspass,MAX_SYSPASS_LEN,K_EDIT);
check_exit(FALSE);
iniSetString(&inifile,itemname,"SystemPassword",item->syspass,&ini_style);
@@ -1217,6 +1243,18 @@ int edit_list(struct bbslist **list, struct bbslist *item,char *listpath,int isd
item->conn_type++;
iniSetEnum(&inifile,itemname,"ConnectionType",conn_types_enum,item->conn_type,&ini_style);
+ // TODO: NOTE: This is destructive! Beware! Ooooooo....
+ if (i == CONN_TYPE_SSHNA && item->conn_type != CONN_TYPE_SSHNA) {
+ SAFECOPY(item->user, item->password);
+ SAFECOPY(item->password, item->syspass);
+ item->syspass[0] = 0;
+ }
+ if (i != CONN_TYPE_SSHNA && item->conn_type == CONN_TYPE_SSHNA) {
+ SAFECOPY(item->syspass, item->password);
+ SAFECOPY(item->password, item->user);
+ item->user[0] = 0;
+ }
+
if(item->conn_type!=CONN_TYPE_MODEM && item->conn_type!=CONN_TYPE_SERIAL
&& item->conn_type!=CONN_TYPE_SHELL
) {
diff --git a/src/syncterm/conn.c b/src/syncterm/conn.c
index 6a04211ebd6a6f9f6932e8a71b9810b84f3bfe33..572dab1c3e05e3b09926b318b0dfe0257dad23af 100644
--- a/src/syncterm/conn.c
+++ b/src/syncterm/conn.c
@@ -45,9 +45,9 @@
#include "conn_telnet.h"
struct conn_api conn_api;
-char *conn_types_enum[]={"Unknown","RLogin","RLoginReversed","Telnet","Raw","SSH","Modem","Serial","Shell","MBBSGhost","TelnetS", NULL};
-char *conn_types[]={"Unknown","RLogin","RLogin Reversed","Telnet","Raw","SSH","Modem","Serial","Shell","MBBS GHost","TelnetS",NULL};
-short unsigned int conn_ports[]={0,513,513,23,0,22,0,0,0,65535,992,0};
+char *conn_types_enum[]={"Unknown","RLogin","RLoginReversed","Telnet","Raw","SSH","SSHNA","Modem","Serial","Shell","MBBSGhost","TelnetS", NULL};
+char *conn_types[]={"Unknown","RLogin","RLogin Reversed","Telnet","Raw","SSH","SSH (no auth)","Modem","Serial","Shell","MBBS GHost","TelnetS",NULL};
+short unsigned int conn_ports[]={0,513,513,23,0,22,22,0,0,0,65535,992,0};
struct conn_buffer conn_inbuf;
struct conn_buffer conn_outbuf;
@@ -367,6 +367,7 @@ int conn_connect(struct bbslist *bbs)
conn_api.binary_mode_on=telnet_binary_mode_on;
conn_api.binary_mode_off=telnet_binary_mode_off;
break;
+ case CONN_TYPE_SSHNA:
case CONN_TYPE_SSH:
conn_api.connect=ssh_connect;
conn_api.close=ssh_close;
diff --git a/src/syncterm/conn.h b/src/syncterm/conn.h
index 0356e15fa7d83aa0c2b7556d37581968ad560a3f..2178e3708f376d9b1edc1770e073e64a45e2ad1f 100644
--- a/src/syncterm/conn.h
+++ b/src/syncterm/conn.h
@@ -21,6 +21,7 @@ enum {
,CONN_TYPE_TELNET
,CONN_TYPE_RAW
,CONN_TYPE_SSH
+ ,CONN_TYPE_SSHNA
,CONN_TYPE_MODEM
,CONN_TYPE_SERIAL
,CONN_TYPE_SHELL
diff --git a/src/syncterm/ssh.c b/src/syncterm/ssh.c
index ad9ad0bb44222b0a6d9e37a1289c2eee194deb9b..1dcaae8b8edd61cc671034622cadd5f148f78ea2 100644
--- a/src/syncterm/ssh.c
+++ b/src/syncterm/ssh.c
@@ -229,26 +229,41 @@ int ssh_connect(struct bbslist *bbs)
if (!bbs->hidepopups)
uifc.pop(NULL);
- if(!password[0]) {
- if (bbs->hidepopups)
- init_uifc(FALSE, FALSE);
- uifcinput("Password",MAX_PASSWD_LEN,password,K_PASSWORD,"Incorrect password. Try again.");
- if (bbs->hidepopups)
- uifcbail();
+ if (bbs->conn_type == CONN_TYPE_SSHNA) {
+ status = cl.SetAttribute(ssh_session, CRYPT_SESSINFO_SSH_OPTIONS, CRYPT_SSHOPTION_NONE_AUTH);
+ if(cryptStatusError(status)) {
+ char str[1024];
+ sprintf(str,"Error %d disabling password auth",status);
+ if (!bbs->hidepopups)
+ uifcmsg("Error disabling password auth",str);
+ conn_api.terminate=1;
+ if (!bbs->hidepopups)
+ uifc.pop(NULL);
+ return(-1);
+ }
}
+ else {
+ if(!password[0]) {
+ if (bbs->hidepopups)
+ init_uifc(FALSE, FALSE);
+ uifcinput("Password",MAX_PASSWD_LEN,password,K_PASSWORD,"Incorrect password. Try again.");
+ if (bbs->hidepopups)
+ uifcbail();
+ }
- if (!bbs->hidepopups)
- uifc.pop("Setting Password");
- status=cl.SetAttributeString(ssh_session, CRYPT_SESSINFO_PASSWORD, password, strlen(password));
- if(cryptStatusError(status)) {
- char str[1024];
- sprintf(str,"Error %d setting password",status);
- if (!bbs->hidepopups)
- uifcmsg("Error setting password",str);
- conn_api.terminate=1;
if (!bbs->hidepopups)
- uifc.pop(NULL);
- return(-1);
+ uifc.pop("Setting Password");
+ status=cl.SetAttributeString(ssh_session, CRYPT_SESSINFO_PASSWORD, password, strlen(password));
+ if(cryptStatusError(status)) {
+ char str[1024];
+ sprintf(str,"Error %d setting password",status);
+ if (!bbs->hidepopups)
+ uifcmsg("Error setting password",str);
+ conn_api.terminate=1;
+ if (!bbs->hidepopups)
+ uifc.pop(NULL);
+ return(-1);
+ }
}
if (!bbs->hidepopups) {
diff --git a/src/syncterm/st_crypt.c b/src/syncterm/st_crypt.c
index 90cdc7f634aae97899848e5411f68619cd7b0f2a..e46c51373b12ca5e473432965201d93915459649 100644
--- a/src/syncterm/st_crypt.c
+++ b/src/syncterm/st_crypt.c
@@ -49,6 +49,7 @@ int init_crypt(void)
cl.SetAttributeString=cryptSetAttributeString;
cl.DestroySession=cryptDestroySession;
cl.AddRandom=cryptAddRandom;
+ cl.DeleteAttribute=cryptDeleteAttribute;
#else
cryptlib=xp_dlopen(libnames,RTLD_LAZY, CRYPTLIB_VERSION/1000);
if(cryptlib==NULL)
@@ -101,6 +102,10 @@ int init_crypt(void)
xp_dlclose(cryptlib);
return(-1);
}
+ if((cl.DeleteAttribute=xp_dlsym(cryptlib,cryptDeleteAttribute))==NULL) {
+ xp_dlclose(cryptlib);
+ return(-1);
+ }
#endif
if(cryptStatusOK(cl.Init())) {
if(cryptStatusOK(cl.AddRandom(NULL, CRYPT_RANDOM_SLOWPOLL))) {
diff --git a/src/syncterm/st_crypt.h b/src/syncterm/st_crypt.h
index d9a704fecdf71266968db65f4fcf40fcf4088dcb..323b9a1f233b80a18e6750a9fed1df3a96000a1a 100644
--- a/src/syncterm/st_crypt.h
+++ b/src/syncterm/st_crypt.h
@@ -37,6 +37,8 @@ struct crypt_funcs {
C_IN void C_PTR value, C_IN int valueLength );
int (*DestroySession)( C_IN CRYPT_SESSION session );
int (*AddRandom)( C_IN void C_PTR randomData, C_IN int randomDataLength );
+ int (*DeleteAttribute)( C_IN CRYPT_HANDLE cryptHandle,
+ C_IN CRYPT_ATTRIBUTE_TYPE attributeType);
};
#endif
diff --git a/src/syncterm/term.c b/src/syncterm/term.c
index bbb608a0145e0fe820a1709151e90ef94fceb7af..6e5db091b259d99dfa1afbb3a0df0002c9413b0c 100644
--- a/src/syncterm/term.c
+++ b/src/syncterm/term.c
@@ -2824,10 +2824,12 @@ BOOL doterm(struct bbslist *bbs)
break;
case 0x2600: /* ALT-L */
if(bbs->conn_type != CONN_TYPE_RLOGIN && bbs->conn_type != CONN_TYPE_RLOGIN_REVERSED && bbs->conn_type != CONN_TYPE_SSH) {
- if(bbs->user[0]) {
- conn_send(bbs->user,strlen(bbs->user),0);
- conn_send(cterm->emulation==CTERM_EMULATION_ATASCII?"\x9b":"\r",1,0);
- SLEEP(10);
+ if (bbs->conn_type != CONN_TYPE_SSHNA) {
+ if(bbs->user[0]) {
+ conn_send(bbs->user,strlen(bbs->user),0);
+ conn_send(cterm->emulation==CTERM_EMULATION_ATASCII?"\x9b":"\r",1,0);
+ SLEEP(10);
+ }
}
if(bbs->password[0]) {
conn_send(bbs->password,strlen(bbs->password),0);