Граф коммитов

85 Коммитов

Автор SHA1 Сообщение Дата
Jacob Nevins 5aa719d16e Consistently use a single notation to refer to SSH protocol versions, as
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>

[originally from svn r5480]
2005-03-10 16:36:05 +00:00
Jacob Nevins bd6eadd196 Improvements to PuTTYgen error reporting:
- will now display a reason when it fails to load a key
 - uses existing error return from native keys
 - import.c had a lot of error descriptions which weren't going anywhere;
   since the strings are probably taking up space in the binary, we
   may as well use them

[originally from svn r5408]
2005-02-27 23:01:11 +00:00
Simon Tatham 5e2305bdc9 Owen tells me the Mac compiler complains at a char / unsigned char
mismatch in the invocation of hmacmd5_key(). Do it properly with a
void * argument.

[originally from svn r5117]
2005-01-16 14:02:56 +00:00
Simon Tatham 6daf6faede Integrate unfix.org's IPv6 patches up to level 10, with rather a lot
of polishing to bring them to what I think should in principle be
release quality. Unlike the unfix.org patches themselves, this
checkin enables IPv6 by default; if you want to leave it out, you
have to build with COMPAT=-DNO_IPV6.

I have tested that this compiles on Visual C 7 (so the nightlies
_should_ acquire IPv6 support without missing a beat), but since I
don't have IPv6 set up myself I haven't actually tested that it
_works_. It still seems to make correct IPv4 connections, but that's
all I've been able to verify for myself. Further testing is needed.

[originally from svn r5047]
[this svn revision also touched putty-wishlist]
2004-12-30 16:45:11 +00:00
Simon Tatham 81df0d4253 SSH port forwarding is now configurable in mid-session. After doing
Change Settings, the port forwarding setup function is run again,
and tags all existing port forwardings as `do not keep'. Then it
iterates through the config in the normal way; when it encounters a
port forwarding which is already in the tree, it tags it `keep'
rather than setting it up from scratch. Finally, it goes through the
tree and removes any that haven't been labelled `keep'. Hence,
editing the list of forwardings in Change Settings has the effect of
cancelling any forwardings you remove, and adding any new ones.

The SSH panel now appears in the reconfig box, and is empty apart
from a message explaining that it has to be there for subpanels of
it to exist. Better wording for this message would be welcome.

[originally from svn r5030]
2004-12-28 14:07:05 +00:00
Simon Tatham 56d5dc7eec Support diffie-hellman-group14-sha1 group exchange. Tested against
locally built OpenSSH 3.9, and seems to work fine.

[originally from svn r5018]
2004-12-22 10:53:58 +00:00
Jacob Nevins 98028c746f X forwarding changes:
- new function platform_get_x_display() to find a sensible local display.
   On Unix, the Gtk apps weren't taking account of --display when
   determining where to send forwarded X traffic.
 - explicitly document that leaving X display location blank in config tries
   to do something sensible (and that it's now blank by default)
 - don't override X11Display setting in plink, since that's more properly
   done later

[originally from svn r4604]
2004-10-06 22:31:07 +00:00
Jacob Nevins fb92f118bd Mention the negotiated SSH-2 MAC algorithm(s) in the Event Log.
(It should be possible to at least see what MAC is in use without going to a
SSH packet log.)

[originally from svn r4591]
2004-09-29 23:57:03 +00:00
Simon Tatham 3af7d33340 Malcolm Smith's patch to support CHAP (digest-based) authentication
when talking to SOCKS 5 proxies. Configures itself transparently (if
the proxy offers CHAP it will use it, otherwise it falls back to
ordinary cleartext passwords).

[originally from svn r4517]
2004-08-30 13:11:17 +00:00
Simon Tatham 4217269931 Merged SSH1 robustness changes from 0.55 release branch on to trunk.
[originally from svn r4379]
2004-08-01 12:07:11 +00:00
Simon Tatham a2acc6ae0d RJK's patch to enable PuTTY's X forwarding to connect to local X
servers using Unix sockets (on Unix only, obviously!).

[originally from svn r4263]
2004-05-31 14:01:52 +00:00
Simon Tatham 2d1287b9ca Added a command-line key generation tool. Currently builds and runs
on Linux, but the (very few) platform-specific bits are already
abstracted out of the main code, so it should port to other
platforms with a minimum of fuss.

[originally from svn r3762]
2004-01-22 19:15:32 +00:00
Jacob Nevins eebc7529ed Work towards wish `keyfile-diagnostic'. Many sshpubk.c keyfile-loading
functions have sprouted `**errorstr' arguments, which if non-NULL can
return a textual error message. The interface additions are patchy and
ad-hoc since this seemed to suit the style of the existing interfaces.

I've since realised that most of this is masked by sanity-checking that
gets done before these functions are called, but it will at least report
MAC failures and the like (tested on Unix), which was the original point
of the exercise.

Note that not everyone who could be using this information is at the
moment.

[originally from svn r3430]
2003-08-29 22:52:57 +00:00
Simon Tatham 06e6997a74 Rename crc32() to crc32_compute(), to avoid clashing catastrophically
with the crc32() function in the zlib interface. (Not that PuTTY
itself _uses_ zlib, but on Unix it's linked against libgtk which
uses libpng which uses zlib. And zlib has poor namespace management
so it defines this ridiculously intrusive function name. Arrrrgh.)

[originally from svn r3191]
2003-05-13 18:23:43 +00:00
Simon Tatham 6bb121ecb9 Colin's const-fixing Patch Of Death. Seems to build fine on Windows
as well as Unix, so it can go in.

[originally from svn r3162]
2003-05-04 14:18:18 +00:00
Simon Tatham afd4b4d662 Added framework to sshbn.c to make it possible to vary the
underlying integer type forming the Bignum. Using this, arranged
that gcc/x86 uses 32-bit chunks rather than the guaranteed ANSI-
portable 16-bit chunks. This has gained another 30% on key exchanges
by my measurements, but I'm not yet convinced that it's all
perfectly robust - it seems to work fine for SSH1 and SSH2/RSA but
I haven't ensured that every bignum routine is actually being
tested, so it may yet show up problems in DSA or key generation.

[originally from svn r3135]
2003-04-23 14:48:57 +00:00
Simon Tatham 8a3ff2bf3e Dynamic port forwarding by means of a local SOCKS server. Fully
supports SOCKS 4, SOCKS 4A and SOCKS 5 (well, actually IPv6 in SOCKS
5 isn't supported, but it'll be no difficulty once I actually get
round to it). Thanks to Chas Honton for his `stone soup' patch: I
didn't end up actually using any of his code, but it galvanised me
into doing it properly myself :-)

[originally from svn r3055]
2003-04-05 11:45:21 +00:00
Simon Tatham f26b7aa0d3 Created new data types `Filename' and `FontSpec', intended to be
opaque to all platform-independent modules and only handled within
per-platform code. `Filename' is there because the Mac has a magic
way to store filenames (though currently this checkin doesn't
support it!); `FontSpec' is there so that all the auxiliary stuff
such as font height and charset and so on which is needed under
Windows but not Unix can be kept where it belongs, and so that I can
have a hope in hell of dealing with a font chooser in the forthcoming
cross-platform config box code, and best of all it gets the horrid
font height wart out of settings.c and into the Windows code where
it should be.
The Mac part of this checkin is a bunch of random guesses which will
probably not quite compile, but which look roughly right to me.
Sorry if I screwed it up, Ben :-)

[originally from svn r2765]
2003-02-01 12:54:40 +00:00
Ben Harris 694aafa071 Add the ability to close sessions. This adds *_free() functions to most
areas of the code.  Not all back-ends have been tested, but Telnet and SSH
behave reasonably.

Incidentally, almost all of this patch was written through Mac PuTTY,
admittedly over a Telnet connection.

[originally from svn r2615]
2003-01-15 23:30:21 +00:00
Simon Tatham 952857fca3 proxy.c now no longer refers to `cfg'. Instead, each of the three
proxy-indirection network functions (name_lookup, new_connection,
new_listener) takes a `const Config *' as an argument, and extracts
enough information from it before returning to handle that
particular network operation in accordance with the proxy settings
it specifies. This involved {win,ux}net.c due to a `const'
repercussion.

[originally from svn r2567]
2003-01-12 15:26:10 +00:00
Simon Tatham 5ecbac2441 There's no real need for portfwd.c to reference `cfg' directly, when
it only needs one item from it and that can easily be passed in from
the call site in ssh.c.

[originally from svn r2564]
2003-01-12 14:56:19 +00:00
Simon Tatham fee1624c69 Support for XDM-AUTHORIZATION-1 at the SSH server end, making use of
the remote IP/port data provided by the server for forwarded
connections. Disabled by default, since it's incompatible with SSH2,
probably incompatible with some X clients, and tickles a bug in
at least one version of OpenSSH.

[originally from svn r2554]
2003-01-12 14:11:38 +00:00
Ben Harris 3aec19fa72 Move the prototype for platform_get_x11_auth() from x11fwd.c to ssh.h so that
it can be checked against the implementation.

[originally from svn r2542]
2003-01-11 14:20:00 +00:00
Simon Tatham 87f9446a26 Support XDM-AUTHORIZATION-1 for connecting to local X servers. If
we're going to be a security program, we can at least make a token
effort to use the most secure local X auth available! And I'm still
half-tempted to see if I can support it for remote X servers too...

[originally from svn r2537]
2003-01-11 09:31:54 +00:00
Simon Tatham 86977efa81 Introduce framework for authenticating with the local X server.
Windows and Mac backends have acquired auth-finding functions which
do nothing; Unix backend has acquired one which actually works, so
Plink can now do X forwarding believably.
(This checkin stretches into some unlikely parts of the code because
there have been one or two knock-on effects involving `const'. Bah.)

[originally from svn r2536]
2003-01-10 18:33:35 +00:00
Ben Harris a6c994ca94 Move prototypes for base64_decode_atom(), base64_lines(), and base64_encode()
from import.c to ssh.h, so that the implementation can see them.  This
necessitates ssh.h's including <stdio.h>.
Also remove a spare prototype for base64_encode_atom() from import.c.

[originally from svn r2481]
2003-01-05 23:28:02 +00:00
Ben Harris 3f055f22d8 Move x11fwd and portfwd prototypes from ssh.c into ssh.h so they can be seen
by (and checked against) the definitions.

[originally from svn r2474]
2003-01-05 22:53:23 +00:00
Simon Tatham 4756c15fc9 Yet more global-removal. The static variables in logging.c are now
absent, and also (I think) all the frontend request functions (such
as request_resize) take a context pointer, so that multiple windows
can be handled sensibly. I wouldn't swear to this, but I _think_
that only leaves the Unicode stuff as the last stubborn holdout.

[originally from svn r2147]
2002-10-26 12:58:13 +00:00
Simon Tatham 24530b945e Port forwarding module now passes backend handles around properly.
As a result I've now been able to turn the global variables `back'
and `backhandle' into module-level statics in the individual front
ends. Now _that's_ progress!

[originally from svn r2142]
2002-10-26 10:33:59 +00:00
Simon Tatham 5df8e45c2e The Zlib module now uses dynamically allocated contexts. I think
that completes the static-removal in the crypto library. Ooh.

[originally from svn r2136]
2002-10-25 13:26:33 +00:00
Simon Tatham db7196c174 Diffie-Hellman key exchange now uses a dynamically allocated context.
[originally from svn r2135]
2002-10-25 13:08:01 +00:00
Simon Tatham 107d1d875d SSH CRC attack detector now uses a dynamically allocated context.
[originally from svn r2132]
2002-10-25 12:58:21 +00:00
Simon Tatham 8f91f07599 SSH2 MACs now use dynamically allocated contexts.
[originally from svn r2131]
2002-10-25 12:51:28 +00:00
Simon Tatham 9848062b86 SSH ciphers now use dynamically allocated contexts.
[originally from svn r2130]
2002-10-25 12:35:22 +00:00
Simon Tatham 72ff571148 Major destabilisation, phase 2. This time it's the backends' turn:
each backend now stores all its internal variables in a big struct,
and each backend function gets a pointer to this struct passed to
it. This still isn't the end of the work - lots of subsidiary things
still use globals, notably all the cipher and compressor modules and
the X11 forwarding authentication stuff. But ssh.c itself has now
been transformed, and that was the really painful bit, so from here
on it all ought to be a sequence of much smaller and simpler pieces
of work.

[originally from svn r2127]
2002-10-25 11:30:33 +00:00
Simon Tatham ed29fdc91c Add some basic framework code preparatory to adding key export.
[originally from svn r1675]
2002-05-13 16:56:11 +00:00
Simon Tatham 9a8c58a64b Added a framework for importing foreign key formats, and implemented
importing of OpenSSH SSH2 private key files (both encrypted and
unencrypted). Seems to work fine.

[originally from svn r1668]
2002-05-11 16:45:29 +00:00
Simon Tatham 8c3a0eb50b Improved error messages if you use the wrong key type: you should
now be told that the key is the wrong type, _and_ what type it is,
rather than being given a blanket `unable to read key file' message.

[originally from svn r1662]
2002-05-11 12:13:42 +00:00
Simon Tatham d237773599 Add the CRC32 compensation attack detector that all other SSH
clients have had for ages and I forgot about. Of course I've got the
version with the buffer overflow fixed!

[originally from svn r1535]
2002-01-08 11:57:32 +00:00
Simon Tatham cf356a9a5f Pageant is now able to avoid asking for the passphrase when asked to
load a key that is already loaded. This makes command lines such as
`pageant mykey -c mycommand' almost infinitely more useful.

[originally from svn r1522]
2001-12-30 15:58:17 +00:00
Simon Tatham 6608016fc2 INCOMPATIBLE CHANGE to the SSH2 private key file format. There is
now a passphrase-keyed MAC covering _all_ important data in the
file, including the public blob and the key comment. Should
conclusively scupper any attacks based on nobbling the key file in
an attempt to sucker the machine that decrypts it. MACing the
comment field also protects against a key-substitution attack (if
someone's worked out a way past our DSA protections and can extract
the private key from a signature, swapping key files and
substituting comments might just enable them to get the signature
they need to do this. Paranoid, but might as well).

[originally from svn r1413]
2001-11-25 14:31:46 +00:00
Simon Tatham b49fde9410 Add single-DES support in SSH2
[originally from svn r1396]
2001-11-21 23:06:10 +00:00
Simon Tatham 5f096142a7 Remember to initialise p->nphases to zero in progress report structure.
[originally from svn r1378]
2001-11-12 09:19:57 +00:00
Simon Tatham d345ebc2a5 Add support for DSA authentication in SSH2, following clever ideas
on how to get round the problem of generating a good k.

[originally from svn r1284]
2001-09-22 20:52:21 +00:00
Simon Tatham abee2a59ab Cygwin build fixes: update the dependencies, add -DNO_SECURITY to
the Cygwin CFLAGS, and declare `struct ssh_channel' in ssh.h to
prevent gcc warning about scope-confined-to-parameter-list.

[originally from svn r1268]
2001-09-15 14:58:26 +00:00
Simon Tatham ff9a038cdd PSCP now uses the modern SFTP protocol if it can, and falls back to
scp1 if it can't. Currently not very tested - I checked it in as
soon as it completed a successful recursive copy in both directions.
Also, one known bug: you can't specify a remote wildcard, because by
the nature of SFTP we'll need to implement the wildcard engine on
the client side. I do intend to do this (and use the same wildcard
engine in PSFTP as well) but I haven't got round to it yet.

[originally from svn r1208]
2001-08-26 18:32:28 +00:00
Simon Tatham c87fa98d09 Extensive changes that _should_ fix the socket buffering problems,
by ceasing to listen on input channels if the corresponding output
channel isn't accepting data. Has had basic check-I-didn't-actually-
break-anything-too-badly testing, but hasn't been genuinely tested
in stress conditions (because concocting stress conditions is non-
trivial).

[originally from svn r1198]
2001-08-25 17:09:23 +00:00
Simon Tatham 50766ce729 SSH port forwarding! How cool is that?
Only currently works on SSH1; SSH2 should be doable but it's late
and I have other things to do tonight. The Cool Guy award for this
one goes to Nicolas Barry, for doing most of the work and actually
understanding the code he was adding to.

[originally from svn r1176]
2001-08-08 20:44:35 +00:00
Simon Tatham 3730ada5ce Run entire source base through GNU indent to tidy up the varying
coding styles of the various contributors! Woohoo!

[originally from svn r1098]
2001-05-06 14:35:20 +00:00
Simon Tatham 3abea3d4ea Having now compiled the last few days' changes with MSVC, it's turned
up a bunch of warnings, mostly unused variables. All fixed.

[originally from svn r1058]
2001-04-17 08:24:29 +00:00