From: s_kawamoto Date: Tue, 11 Oct 2011 15:36:43 +0000 (+0900) Subject: Change UI to enter a new master password. X-Git-Url: http://git.sourceforge.jp/view?p=ffftp%2Fffftp.git;a=commitdiff_plain;h=732108b3e9b10886168500f6bd32e60da02e27db Change UI to enter a new master password. Fix improper error handling of WinVerifyTrust. --- diff --git a/FFFTP.vc90.vcproj b/FFFTP.vc90.vcproj index d421ce2..5b2cba9 100644 --- a/FFFTP.vc90.vcproj +++ b/FFFTP.vc90.vcproj @@ -72,12 +72,12 @@ diff --git a/FFFTP_Eng_Release/FFFTP.exe b/FFFTP_Eng_Release/FFFTP.exe index c143e3b..d4dea80 100644 Binary files a/FFFTP_Eng_Release/FFFTP.exe and b/FFFTP_Eng_Release/FFFTP.exe differ diff --git a/FFFTP_English.vc90.vcproj b/FFFTP_English.vc90.vcproj index 88b7cc7..b4e6f3c 100644 --- a/FFFTP_English.vc90.vcproj +++ b/FFFTP_English.vc90.vcproj @@ -73,12 +73,12 @@ diff --git a/Release/FFFTP.exe b/Release/FFFTP.exe index 5c4620c..cc7fa88 100644 Binary files a/Release/FFFTP.exe and b/Release/FFFTP.exe differ diff --git a/Resource/FFFTP.rc b/Resource/FFFTP.rc index d9a7363..34bbc1d 100644 --- a/Resource/FFFTP.rc +++ b/Resource/FFFTP.rc @@ -495,10 +495,10 @@ END newmasterpasswd_dlg DIALOGEX 0, 0, 187, 43 STYLE DS_SETFONT | DS_MODALFRAME | WS_POPUP | WS_CAPTION -CAPTION "V‚µ‚¢ƒ}ƒXƒ^[ƒpƒXƒ[ƒh‚ð“ü‚ê‚Ä‚­‚¾‚³‚¢" +CAPTION "V‚µ‚¢ƒ}ƒXƒ^[ƒpƒXƒ[ƒh‚ð2‰ñ“ü‚ê‚Ä‚­‚¾‚³‚¢" FONT 9, "‚l‚r ‚oƒSƒVƒbƒN", 0, 0, 0x0 BEGIN - EDITTEXT INP_INPSTR,7,7,173,12,ES_AUTOHSCROLL + EDITTEXT INP_INPSTR,7,7,173,12,ES_PASSWORD | ES_AUTOHSCROLL DEFPUSHBUTTON "OK",IDOK,16,25,50,14 PUSHBUTTON "ƒLƒƒƒ“ƒZƒ‹",IDCANCEL,68,25,50,14 CONTROL "",INP_ANONYMOUS,"Button",BS_AUTOCHECKBOX | NOT WS_VISIBLE | WS_DISABLED | WS_TABSTOP,172,31,8,8 diff --git a/Resource_eng/FFFTP-eng.rc b/Resource_eng/FFFTP-eng.rc index 701765a..e82bebf 100644 --- a/Resource_eng/FFFTP-eng.rc +++ b/Resource_eng/FFFTP-eng.rc @@ -498,10 +498,10 @@ END newmasterpasswd_dlg DIALOGEX 0, 0, 187, 43 STYLE DS_SETFONT | DS_MODALFRAME | WS_POPUP | WS_CAPTION -CAPTION "Enter new master password" +CAPTION "Enter new master password twice" FONT 9, "MS Sans Serif", 0, 0, 0x0 BEGIN - EDITTEXT INP_INPSTR,7,7,173,12,ES_AUTOHSCROLL + EDITTEXT INP_INPSTR,7,7,173,12,ES_PASSWORD | ES_AUTOHSCROLL DEFPUSHBUTTON "OK",IDOK,25,25,43,14 PUSHBUTTON "Cancel",IDCANCEL,72,25,43,14 CONTROL "",INP_ANONYMOUS,"Button",BS_AUTOCHECKBOX | NOT WS_VISIBLE | WS_DISABLED | WS_TABSTOP,172,31,8,8 diff --git a/main.c b/main.c index 3f949c9..6ea14fc 100644 --- a/main.c +++ b/main.c @@ -499,7 +499,7 @@ static int InitApp(LPSTR lpszCmdLine, int cmdShow) DispWindowTitle(); // SourceForge.JPによるフォーク // SetTaskMsg("FFFTP Ver." VER_STR " Copyright(C) 1997-2010 Sota & cooperators."); - SetTaskMsg("FFFTP Ver." VER_STR " Copyright(C) 1997-2010 Sota & cooperators.\r\nCopyright (C) 2011 Hiromichi Matsushima, Suguru Kawamoto."); + SetTaskMsg("FFFTP Ver." VER_STR " Copyright(C) 1997-2010 Sota & cooperators.\r\nCopyright (C) 2011 FFFTP Project (Hiromichi Matsushima, Suguru Kawamoto)."); if(ForceIni) SetTaskMsg("%s%s", MSGJPN283, IniPath); @@ -2767,12 +2767,29 @@ int AskAutoExit(void) int EnterMasterPasswordAndSet( int Res, HWND hWnd ) { char buf[MAX_PASSWORD_LEN + 1]; + // パスワードの入力欄を非表示 + // 非表示にしたため新しいパスワードを2回入力させる + char buf1[MAX_PASSWORD_LEN + 1]; char *p; int Flag; buf[0] = NUL; if( InputDialogBox(Res, hWnd, NULL, buf, MAX_PASSWORD_LEN + 1, &Flag, IDH_HELP_TOPIC_0000064) == YES){ + // パスワードの入力欄を非表示 + if(Res == newmasterpasswd_dlg) + { + buf1[0] = NUL; + if( InputDialogBox(Res, hWnd, NULL, buf1, MAX_PASSWORD_LEN + 1, + &Flag, IDH_HELP_TOPIC_0000064) != YES){ + return 0; + } + if(strcmp(buf, buf1) != 0) + { + MessageBox(hWnd, MSGJPN325, "FFFTP", MB_OK | MB_ICONERROR); + return 0; + } + } /* 末尾の空白を削除 */ RemoveTailingSpaces(buf); /* 先頭の空白を削除 */ diff --git a/mesg-eng.h b/mesg-eng.h index 59386b6..ff0fa7d 100644 --- a/mesg-eng.h +++ b/mesg-eng.h @@ -322,3 +322,4 @@ #define MSGJPN322 "Debugger was detected." #define MSGJPN323 "Failed to unload untrustworthy DLLs." #define MSGJPN324 "Failed to hook required functions to protect the process." +#define MSGJPN325 "New master passwords are not identical." diff --git a/mesg-eng.old.h b/mesg-eng.old.h index 405dfd8..4853403 100644 --- a/mesg-eng.old.h +++ b/mesg-eng.old.h @@ -322,3 +322,4 @@ #define MSGJPN322 "Debugger was detected." #define MSGJPN323 "Failed to unload untrustworthy DLLs." #define MSGJPN324 "Failed to hook required functions to protect the process." +#define MSGJPN325 "New master passwords are not identical." diff --git a/mesg-jpn.h b/mesg-jpn.h index b9345d8..53be6c7 100644 --- a/mesg-jpn.h +++ b/mesg-jpn.h @@ -322,3 +322,4 @@ #define MSGJPN322 "\xE3\x83\x87\xE3\x83\x90\xE3\x83\x83\xE3\x82\xAC\xE3\x81\x8C\xE6\xA4\x9C\xE5\x87\xBA\xE3\x81\x95\xE3\x82\x8C\xE3\x81\xBE\xE3\x81\x97\xE3\x81\x9F." #define MSGJPN323 "\xE4\xBF\xA1\xE9\xA0\xBC\xE3\x81\xA7\xE3\x81\x8D\xE3\x81\xAA\xE3\x81\x84\x44LL\xE3\x82\x92\xE3\x82\xA2\xE3\x83\xB3\xE3\x83\xAD\xE3\x83\xBC\xE3\x83\x89\xE3\x81\xA7\xE3\x81\x8D\xE3\x81\xBE\xE3\x81\x9B\xE3\x82\x93\xE3\x81\xA7\xE3\x81\x97\xE3\x81\x9F." #define MSGJPN324 "\xE3\x83\x97\xE3\x83\xAD\xE3\x82\xBB\xE3\x82\xB9\xE3\x81\xAE\xE4\xBF\x9D\xE8\xAD\xB7\xE3\x81\xAB\xE5\xBF\x85\xE8\xA6\x81\xE3\x81\xAA\xE9\x96\xA2\xE6\x95\xB0\xE3\x82\x92\xE3\x83\x95\xE3\x83\x83\xE3\x82\xAF\xE3\x81\xA7\xE3\x81\x8D\xE3\x81\xBE\xE3\x81\x9B\xE3\x82\x93\xE3\x81\xA7\xE3\x81\x97\xE3\x81\x9F." +#define MSGJPN325 "\xE6\x96\xB0\xE3\x81\x97\xE3\x81\x84\xE3\x83\x9E\xE3\x82\xB9\xE3\x82\xBF\xE3\x83\xBC\xE3\x83\x91\xE3\x82\xB9\xE3\x83\xAF\xE3\x83\xBC\xE3\x83\x89\xE3\x81\x8C\xE4\xB8\x80\xE8\x87\xB4\xE3\x81\x97\xE3\x81\xBE\xE3\x81\x9B\xE3\x82\x93." diff --git a/mesg-jpn.old.h b/mesg-jpn.old.h index 49442f5..8757091 100644 --- a/mesg-jpn.old.h +++ b/mesg-jpn.old.h @@ -322,3 +322,4 @@ #define MSGJPN322 "ƒfƒoƒbƒK‚ªŒŸo‚³‚ê‚Ü‚µ‚½." #define MSGJPN323 "M—Š‚Å‚«‚È‚¢DLL‚ðƒAƒ“ƒ[ƒh‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½." #define MSGJPN324 "ƒvƒƒZƒX‚Ì•ÛŒì‚É•K—v‚Ȋ֐”‚ðƒtƒbƒN‚Å‚«‚Ü‚¹‚ñ‚Å‚µ‚½." +#define MSGJPN325 "V‚µ‚¢ƒ}ƒXƒ^[ƒpƒXƒ[ƒh‚ªˆê’v‚µ‚Ü‚¹‚ñ." diff --git a/protectprocess.c b/protectprocess.c index 928f1b5..7c7c60f 100644 --- a/protectprocess.c +++ b/protectprocess.c @@ -388,27 +388,69 @@ BOOL FindTrustedModuleSHA1Hash(void* pHash) // ƒtƒ@ƒCƒ‹‚̏–¼‚ðŠm”F BOOL VerifyFileSignature(LPCWSTR Filename) { +// BOOL bResult; +// GUID g = WINTRUST_ACTION_GENERIC_VERIFY_V2; +// WINTRUST_FILE_INFO wfi; +// WINTRUST_DATA wd; +// LONG Error; +// bResult = FALSE; +// ZeroMemory(&wfi, sizeof(WINTRUST_FILE_INFO)); +// wfi.cbStruct = sizeof(WINTRUST_FILE_INFO); +// wfi.pcwszFilePath = Filename; +// ZeroMemory(&wd, sizeof(WINTRUST_DATA)); +// wd.cbStruct = sizeof(WINTRUST_DATA); +// wd.dwUIChoice = WTD_UI_NONE; +// wd.dwUnionChoice = WTD_CHOICE_FILE; +// wd.pFile = &wfi; +// Error = WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &g, &wd); +// if(Error == ERROR_SUCCESS) +// bResult = TRUE; +// else if((g_ProcessProtectionLevel & PROCESS_PROTECTION_EXPIRED) && Error == CERT_E_EXPIRED) +// bResult = TRUE; +// else if((g_ProcessProtectionLevel & PROCESS_PROTECTION_UNAUTHORIZED) && (Error == CERT_E_UNTRUSTEDROOT || Error == CERT_E_UNTRUSTEDCA)) +// bResult = TRUE; +// return bResult; BOOL bResult; - GUID g = WINTRUST_ACTION_GENERIC_VERIFY_V2; - WINTRUST_FILE_INFO wfi; - WINTRUST_DATA wd; - LONG Error; + HCERTSTORE hStore; + PCCERT_CONTEXT pcc; + CERT_CHAIN_PARA ccp; + CERT_CHAIN_CONTEXT* pccc; + CERT_CHAIN_POLICY_PARA ccpp; + CERT_CHAIN_POLICY_STATUS ccps; bResult = FALSE; - ZeroMemory(&wfi, sizeof(WINTRUST_FILE_INFO)); - wfi.cbStruct = sizeof(WINTRUST_FILE_INFO); - wfi.pcwszFilePath = Filename; - ZeroMemory(&wd, sizeof(WINTRUST_DATA)); - wd.cbStruct = sizeof(WINTRUST_DATA); - wd.dwUIChoice = WTD_UI_NONE; - wd.dwUnionChoice = WTD_CHOICE_FILE; - wd.pFile = &wfi; - Error = WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &g, &wd); - if(Error == ERROR_SUCCESS) - bResult = TRUE; - else if((g_ProcessProtectionLevel & PROCESS_PROTECTION_EXPIRED) && Error == CERT_E_EXPIRED) - bResult = TRUE; - else if((g_ProcessProtectionLevel & PROCESS_PROTECTION_UNAUTHORIZED) && (Error == CERT_E_UNTRUSTEDROOT || Error == CERT_E_UNTRUSTEDCA)) - bResult = TRUE; + if(CryptQueryObject(CERT_QUERY_OBJECT_FILE, Filename, CERT_QUERY_CONTENT_FLAG_ALL, CERT_QUERY_FORMAT_FLAG_ALL, 0, NULL, NULL, NULL, &hStore, NULL, NULL)) + { + pcc = NULL; + while(!bResult && (pcc = CertEnumCertificatesInStore(hStore, pcc))) + { + ZeroMemory(&ccp, sizeof(CERT_CHAIN_PARA)); + ccp.cbSize = sizeof(CERT_CHAIN_PARA); + if(CertGetCertificateChain(NULL, pcc, NULL, NULL, &ccp, 0, NULL, &pccc)) + { + ZeroMemory(&ccpp, sizeof(CERT_CHAIN_POLICY_PARA)); + ccpp.cbSize = sizeof(CERT_CHAIN_POLICY_PARA); + if(g_ProcessProtectionLevel & PROCESS_PROTECTION_EXPIRED) + ccpp.dwFlags |= CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG; + else if(g_ProcessProtectionLevel & PROCESS_PROTECTION_UNAUTHORIZED) + ccpp.dwFlags |= CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG; + ZeroMemory(&ccps, sizeof(CERT_CHAIN_POLICY_STATUS)); + ccps.cbSize = sizeof(CERT_CHAIN_POLICY_STATUS); + if(CertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_AUTHENTICODE, pccc, &ccpp, &ccps)) + { + if(ccps.dwError == ERROR_SUCCESS) + { + bResult = TRUE; + break; + } + } + CertFreeCertificateChain(pccc); + } + } + while(pcc = CertEnumCertificatesInStore(hStore, pcc)) + { + } + CertCloseStore(hStore, 0); + } return bResult; } @@ -419,7 +461,6 @@ BOOL VerifyFileSignatureInCatalog(LPCWSTR Catalog, LPCWSTR Filename) GUID g = WINTRUST_ACTION_GENERIC_VERIFY_V2; WINTRUST_CATALOG_INFO wci; WINTRUST_DATA wd; - LONG Error; bResult = FALSE; if(VerifyFileSignature(Catalog)) { @@ -439,12 +480,7 @@ BOOL VerifyFileSignatureInCatalog(LPCWSTR Catalog, LPCWSTR Filename) wd.dwUIChoice = WTD_UI_NONE; wd.dwUnionChoice = WTD_CHOICE_CATALOG; wd.pCatalog = &wci; - Error = WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &g, &wd); - if(Error == ERROR_SUCCESS) - bResult = TRUE; - else if((g_ProcessProtectionLevel & PROCESS_PROTECTION_EXPIRED) && Error == CERT_E_EXPIRED) - bResult = TRUE; - else if((g_ProcessProtectionLevel & PROCESS_PROTECTION_UNAUTHORIZED) && (Error == CERT_E_UNTRUSTEDROOT || Error == CERT_E_UNTRUSTEDCA)) + if(WinVerifyTrust((HWND)INVALID_HANDLE_VALUE, &g, &wd) == ERROR_SUCCESS) bResult = TRUE; } free(wci.pbCalculatedFileHash);