nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-01 03:22:48 -05:00
Code Issues Projects Releases Wiki Activity

Add a preference list for SSH-2 key exchange algorithms, on a new "Kex" panel

Browse Source 
(which will gain more content anon).

Retire BUG_SSH2_DH_GEX and add a backwards-compatibility wart, since we never
did find a way of automatically detecting this alleged server bug, and in any
case there was only ever one report (<3D91F3B5.7030309@inwind.it>, FWIW).

Also generalise askcipher() to a new askalg() (thus touching all the
front-ends).

I've made some attempt to document what SSH key exchange is and why you care,
but it could use some review for clarity (and outright lies).

[originally from svn r5022]
This commit is contained in:
Jacob Nevins
2004-12-23 02:24:07 +00:00
parent f13f9f6420
commit 3c98d6e60d
11 changed files with 262 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
unix/uxcons.c
View File

@ -143,18 +143,17 @@ void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
}
/*
* Ask whether the selected cipher is acceptable (since it was
* Ask whether the selected algorithm is acceptable (since it was
* below the configured 'warn' threshold).
* cs: 0 = both ways, 1 = client->server, 2 = server->client
*/
void askcipher(void *frontend, char *ciphername, int cs)
void askalg(void *frontend, const char *algtype, const char *algname)
{
static const char msg[] =
"The first %scipher supported by the server is\n"
"The first %s supported by the server is\n"
"%s, which is below the configured warning threshold.\n"
"Continue with connection? (y/n) ";
static const char msg_batch[] =
"The first %scipher supported by the server is\n"
"The first %s supported by the server is\n"
"%s, which is below the configured warning threshold.\n"
"Connection abandoned.\n";
static const char abandoned[] = "Connection abandoned.\n";
@ -162,17 +161,11 @@ void askcipher(void *frontend, char *ciphername, int cs)
char line[32];
if (console_batch_mode) {
fprintf(stderr, msg_batch,
(cs == 0) ? "" :
(cs == 1) ? "client-to-server " : "server-to-client ",
ciphername);
fprintf(stderr, msg_batch, algtype, algname);
cleanup_exit(1);
}
fprintf(stderr, msg,
(cs == 0) ? "" :
(cs == 1) ? "client-to-server " : "server-to-client ",
ciphername);
fprintf(stderr, msg, algtype, algname);
fflush(stderr);
{