nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-18 11:31:00 -05:00
Code Issues Projects Releases Wiki Activity

SSH-1: disable trust sigils after session starts.

Browse Source 
This exactly replicates the way it's done in SSH-2: at the start of
the connection layer we set the trust status to untrusted, and if that
reports that it didn't give any indication to the user, we fall back
to presenting an interactive anti-spoofing prompt.

I don't know how I forgot to do that in SSH-1, and even more, how we
haven't noticed for a month. We noticed the same bug in _Rlogin_
within a day of the 0.71 release, after all!
This commit is contained in:
Simon Tatham
2019-04-20 08:24:16 +01:00
parent 98ed37f517
commit 128d001c3e
4 changed files with 54 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ssh1connection.h
View File

@ -52,6 +52,9 @@ struct ssh1_connection_state {
bool compressing; /* used in server mode only */
bool sent_exit_status; /* also for server mode */
prompts_t *antispoof_prompt;
int antispoof_ret;
const SshServerConfig *ssc;
ConnectionLayer cl;
@ -120,3 +123,5 @@ bool ssh1_handle_direction_specific_packet(
struct ssh1_connection_state *s, PktIn *pktin);
bool ssh1_check_termination(struct ssh1_connection_state *s);
bool ssh1_connection_need_antispoof_prompt(struct ssh1_connection_state *s);