// common code for all the checkboxes
void COptionsDlg::CheckOption(int param)
{
CButton *button = (CButton *) GetDlgItem(checkboxes[param]);
assert(button != NULL);
BOOL has_value = (hasvalue[param] != NOVALUE);
CString *value = values[param];
assert(!has_value || value != NULL);
UpdateData(TRUE); // TRUE means read from controls
int start, end;
BOOL found = find_param(m_opstring.GetBuffer(0), param, start, end);
int checked = button->GetCheck();
if (checked) {
if (has_value && value->IsEmpty()) {
button->SetCheck(0);
return;
}
if (found) {
// occurs if things get out of sync...try to recover
RemoveOption(param);
OnChangeOptionsEdit();
}
if (!m_opstring.IsEmpty() &&
m_opstring.GetAt(m_opstring.GetLength()-1) != _T(' ')) {
m_opstring += CString(_T(" "));
}
m_opstring += CString(names[param]);
if (has_value) {
// if has spaces, put quotes around
CString val = *value;
if (val.Find(_T(' '), 0) != -1)
val.Format(_T("\"%s\""), *value);
m_opstring += CString(_T(" ")) + val;
}
} else {
assert(found);
RemoveOption(param);
}
UpdateData(FALSE); // FALSE means set controls
}
void COptionsDlg::OnLoggingButton()
{
UpdateData(TRUE); // get values from controls
int level = _ttoi(m_LogLevel);
if (level < 0)
level = 0;
if (level > 4)
level = 4;
int mask;
int res = _stscanf(m_LogMask, _T("%X"), &mask);
if (res <= 0 || res == EOF)
mask = 0;
CLoggingDlg dlg(level, mask);
res = dlg.DoModal();
if (res == IDCANCEL)
return;
m_LogLevel.Format(_T("%d"), dlg.GetLevel());
m_LogMask.Format(_T("0x%04X"), dlg.GetMask());
UpdateData(FALSE); // write to controls
#if 1
UpdateValue(LOGLEVEL);
UpdateValue(LOGMASK);
#else
// FIXME: change in place...for now we just remove and re-add
CButton *button = (CButton *) GetDlgItem(checkboxes[LOGLEVEL]);
assert(button != NULL);
if (button->GetCheck() > 0) {
RemoveOption(LOGLEVEL);
CheckOption(LOGLEVEL);
}
button = (CButton *) GetDlgItem(checkboxes[LOGMASK]);
assert(button != NULL);
if (button->GetCheck() > 0) {
RemoveOption(LOGMASK);
CheckOption(LOGMASK);
}
#endif
}
void COptionsDlg::OnBrowseInstrlibname()
{
CFileDialog fileDlg(TRUE, _T(".dll"), NULL,
// hide the "open as read-only" checkbox
OFN_FILEMUSTEXIST | OFN_PATHMUSTEXIST | OFN_HIDEREADONLY,
szFilter);
int res = fileDlg.DoModal();
if (res == IDCANCEL)
return;
CButton *button = (CButton *) GetDlgItem(checkboxes[INSTRLIBNAME]);
assert(button != NULL);
if (button->GetCheck() > 0 && _tcscmp(m_InstrLibName, fileDlg.GetPathName()) != 0) {
m_InstrLibName = fileDlg.GetPathName();
UpdateData(FALSE); // FALSE means set controls
RemoveOption(INSTRLIBNAME);
CheckOption(INSTRLIBNAME);
} else {
m_InstrLibName = fileDlg.GetPathName();
UpdateData(FALSE); // FALSE means set controls
}
}
//
// Construct a URL from text and an optional relative base.
//
FURL::FURL( FURL* Base, const TCHAR* TextURL, ETravelType Type )
: Protocol ( UrlConfig.DefaultProtocol )
, Host ( UrlConfig.DefaultHost )
, Port ( UrlConfig.DefaultPort )
, Map ( UGameMapsSettings::GetGameDefaultMap() )
, Op ()
, Portal ( UrlConfig.DefaultPortal )
, Valid ( 1 )
{
check(TextURL);
if( !bDefaultsInitialized )
{
FURL::StaticInit();
Protocol = UrlConfig.DefaultProtocol;
Host = UrlConfig.DefaultHost;
Port = UrlConfig.DefaultPort;
Portal = UrlConfig.DefaultPortal;
}
// Make a copy.
const int32 URLLength = FCString::Strlen(TextURL);
TCHAR* TempURL = new TCHAR[URLLength+1];
TCHAR* URL = TempURL;
FCString::Strcpy( TempURL, URLLength + 1, TextURL );
// Copy Base.
if( Type==TRAVEL_Relative )
{
check(Base);
Protocol = Base->Protocol;
Host = Base->Host;
Map = Base->Map;
Portal = Base->Portal;
Port = Base->Port;
}
if( Type==TRAVEL_Relative || Type==TRAVEL_Partial )
{
check(Base);
for( int32 i=0; i<Base->Op.Num(); i++ )
{
new(Op)FString(Base->Op[i]);
}
}
// Skip leading blanks.
while( *URL == ' ' )
{
URL++;
}
// Options.
TCHAR* s = HelperStrchr(URL,'?','#');
if( s )
{
TCHAR OptionChar=*s, NextOptionChar=0;
*(s++) = 0;
do
{
TCHAR* t = HelperStrchr(s,'?','#');
if( t )
{
NextOptionChar = *t;
*(t++) = 0;
}
if( !ValidNetChar( s ) )
{
*this = FURL();
Valid = 0;
break;
}
if( OptionChar=='?' )
{
if (s && s[0] == '-')
{
// Remove an option if it starts with -
s++;
RemoveOption( s );
}
else
{
AddOption( s );
}
}
else
{
Portal = s;
}
s = t;
OptionChar = NextOptionChar;
} while( s );
}
if (Valid == 1)
{
// Handle pure filenames & Posix paths.
bool FarHost=0;
bool FarMap=0;
if( FCString::Strlen(URL)>2 && (URL[1]==':' || (URL[0]=='/' && !FPackageName::IsValidLongPackageName(URL, true))) )
{
// Pure filename.
Protocol = UrlConfig.DefaultProtocol;
Host = UrlConfig.DefaultHost;
Map = URL;
Portal = UrlConfig.DefaultPortal;
URL = NULL;
FarHost = 1;
FarMap = 1;
Host = TEXT("");
}
else
{
// Parse protocol.
if
( (FCString::Strchr(URL,':')!=NULL)
&& (FCString::Strchr(URL,':')>URL+1)
&& (FCString::Strchr(URL,'.')==NULL || FCString::Strchr(URL,':')<FCString::Strchr(URL,'.')) )
{
TCHAR* ss = URL;
URL = FCString::Strchr(URL,':');
*(URL++) = 0;
Protocol = ss;
}
// Parse optional leading double-slashes.
if( *URL=='/' && *(URL+1) =='/' )
{
URL += 2;
FarHost = 1;
Host = TEXT("");
}
// Parse optional host name and port.
const TCHAR* Dot = FCString::Strchr(URL,'.');
const int32 ExtLen = FPackageName::GetMapPackageExtension().Len();
if
( (Dot)
&& (Dot-URL>0)
&& (FCString::Strnicmp( Dot, *FPackageName::GetMapPackageExtension(), FPackageName::GetMapPackageExtension().Len() )!=0 || FChar::IsAlnum(Dot[ExtLen]) )
&& (FCString::Strnicmp( Dot+1,*UrlConfig.DefaultSaveExt, UrlConfig.DefaultSaveExt.Len() )!=0 || FChar::IsAlnum(Dot[UrlConfig.DefaultSaveExt.Len()+1]) )
&& (FCString::Strnicmp( Dot+1,TEXT("demo"), 4 ) != 0 || FChar::IsAlnum(Dot[5])) )
{
TCHAR* ss = URL;
URL = FCString::Strchr(URL,'/');
if( URL )
{
*(URL++) = 0;
}
TCHAR* t = FCString::Strchr(ss,':');
if( t )
{
// Port.
*(t++) = 0;
Port = FCString::Atoi( t );
}
Host = ss;
if( FCString::Stricmp(*Protocol,*UrlConfig.DefaultProtocol)==0 )
{
Map = UGameMapsSettings::GetGameDefaultMap();
}
else
{
Map = TEXT("");
}
FarHost = 1;
}
}
}
// Parse optional map
if (Valid == 1 && URL && *URL)
{
// Map.
if (*URL != '/')
{
// find full pathname from short map name
FString MapFullName;
FText MapNameError;
if (FPaths::FileExists(URL))
{
Map = FPackageName::FilenameToLongPackageName(URL);
}
else if (!FPackageName::DoesPackageNameContainInvalidCharacters(URL, &MapNameError) && FPackageName::SearchForPackageOnDisk(URL, &MapFullName))
{
Map = MapFullName;
}
else
{
// can't find file, invalidate and bail
UE_CLOG(MapNameError.ToString().Len() > 0, LogLongPackageNames, Warning, TEXT("URL: %s: %s"), URL, *MapNameError.ToString());
*this = FURL();
Valid = 0;
}
}
else
{
// already a full pathname
Map = URL;
}
}
// Validate everything.
// The FarHost check does not serve any purpose I can see, and will just cause valid URLs to fail (URLs with no options, why does a URL
// need an option to be valid?)
if (Valid == 1 && (!ValidNetChar(*Protocol) || !ValidNetChar(*Host) /*|| !ValidNetChar(*Map)*/ || !ValidNetChar(*Portal) /*|| (!FarHost && !FarMap && !Op.Num())*/))
{
*this = FURL();
Valid = 0;
}
// If Valid == 1, success.
delete[] TempURL;
}
static QueryResult UpdateSshdConf(struct SshConf *conf, PCSTR testPrefix,
PCSTR binaryPath, BOOLEAN enable, PSTR *changeDescription,
const JoinProcessOptions *options, LWException **exc)
{
size_t i;
BOOLEAN modified = conf->modified;
PSTR requiredOptions = NULL;
PSTR optionalOptions = NULL;
BOOLEAN supported;
PSTR temp = NULL;
QueryResult result = NotConfigured;
const char *requiredSshdOptions[] = {
"ChallengeResponseAuthentication",
"UsePAM", "PAMAuthenticationViaKBDInt",
"KbdInteractiveAuthentication", NULL};
const char *optionalSshdOptions[] = {"GSSAPIAuthentication",
"GSSAPICleanupCredentials", NULL};
SshdVersion version;
BOOLEAN compromisedOptions = FALSE;
if(changeDescription != NULL)
*changeDescription = NULL;
LW_TRY(exc, GetSshVersion("", &version, binaryPath, &LW_EXC));
if(enable)
{
LW_CLEANUP_CTERR(exc, CTStrdup("", &requiredOptions));
LW_CLEANUP_CTERR(exc, CTStrdup("", &optionalOptions));
for(i = 0; requiredSshdOptions[i] != NULL; i++)
{
PCSTR option = requiredSshdOptions[i];
LW_TRY(exc, supported = TestOption(testPrefix, conf, binaryPath, "-t", option, &LW_EXC));
if(supported)
{
PCSTR value = "yes";
if(IsNewerThanOrEq(&version, 2, 3, 1, -1) &&
IsOlderThanOrEq(&version, 3, 3, -1, -1) &&
(!strcmp(option, "ChallengeResponseAuthentication") ||
!strcmp(option, "PAMAuthenticationViaKBDInt")))
{
value = "no";
compromisedOptions = TRUE;
}
conf->modified = FALSE;
LW_CLEANUP_CTERR(exc, SetOption(conf, option, value));
if(conf->modified)
{
modified = TRUE;
temp = requiredOptions;
requiredOptions = NULL;
CTAllocateStringPrintf(&requiredOptions, "%s\t%s\n", temp, option);
CT_SAFE_FREE_STRING(temp);
}
}
}
for(i = 0; optionalSshdOptions[i] != NULL; i++)
{
PCSTR option = optionalSshdOptions[i];
LW_TRY(exc, supported = TestOption(testPrefix, conf, binaryPath, "-t", option, &LW_EXC));
if(supported)
{
conf->modified = FALSE;
LW_CLEANUP_CTERR(exc, SetOption(conf, option, "yes"));
if(conf->modified)
{
modified = TRUE;
temp = optionalOptions;
optionalOptions = NULL;
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(&optionalOptions, "%s\t%s\n", temp, option));
CT_SAFE_FREE_STRING(temp);
}
}
}
result = FullyConfigured;
if(strlen(optionalOptions) > 0)
{
temp = optionalOptions;
optionalOptions = NULL;
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(
&optionalOptions,
"The following options will be enabled in %s to provide a better user experience:\n%s",
conf->filename, temp));
CT_SAFE_FREE_STRING(temp);
result = SufficientlyConfigured;
}
if(strlen(requiredOptions) > 0)
{
temp = requiredOptions;
requiredOptions = NULL;
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(
&requiredOptions,
"The following options must be enabled in %s:\n%s",
conf->filename, temp));
CT_SAFE_FREE_STRING(temp);
result = NotConfigured;
}
if(changeDescription != NULL)
{
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(
changeDescription,
"%s%s",
requiredOptions, optionalOptions));
}
}
else
{
conf->modified = FALSE;
LW_CLEANUP_CTERR(exc, RemoveOption(conf, "GSSAPIAuthentication"));
if(conf->modified)
{
if(changeDescription != NULL)
{
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(
changeDescription,
"In %s, GSSAPIAuthentication may optionally be removed.\n",
conf->filename));
}
result = SufficientlyConfigured;
}
else
result = FullyConfigured;
}
if(changeDescription != NULL && *changeDescription == NULL)
LW_CLEANUP_CTERR(exc, CTStrdup("", changeDescription));
if(options != NULL)
{
ModuleState *state = DJGetModuleStateByName(options, "ssh");
if(state->moduleData == (void *)-1)
{
//We already showed a warning
}
else if(compromisedOptions)
{
state->moduleData = (void *)-1;
if (options->warningCallback != NULL)
{
options->warningCallback(options, "Unpatched version of SSH",
"The version of your sshd daemon indicates that it is susceptible to the remote exploit described at http://www.openssh.com/txt/preauth.adv . To avoid exposing your system to this exploit, the 'ChallengeResponseAuthentication' and 'PAMAuthenticationViaKBDInt' options will be set to 'no' instead of 'yes'. As a side effect, all login error messages will appear as 'permission denied' instead of more detailed messages like 'account disabled'. Additionally, password changes on login may not work.\n\
\n\
Even when those options are disabled, your system is still vulnerable to http://www.cert.org/advisories/CA-2003-24.html . We recommend upgrading your version of SSH.");
}
}
// Removes all options from the list.
void WidgetDropDown::ClearOptions()
{
while (!options.empty())
RemoveOption((int) options.size() - 1);
}
