nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-15 10:07:39 -05:00
Code Issues Projects Releases Wiki Activity

New logging mode, which records the exact bytes sent over the wire

Browse Source 
in an SSH connection _in addition_ to the decrypted packets. This
will hopefully come in useful for debugging wire data corruption
issues: you can strace the server, enable this mode in the client,
and compare the sent and received data.

I'd _like_ to have this mode also log Diffie-Hellman private
exponents, session IDs, encryption and MAC keys, so that the
resulting log file could be used to independently verify the
correctness of all cryptographic operations performed by PuTTY.
However, I haven't been able to convince myself that the security
implications are acceptable. (It doesn't matter that this
information would permit an attacker to decrypt the session, because
the _already_ decrypted session is stored alongside it in the log
file. And I'm not planning, under any circumstances, to log users'
private keys. But gaining access to the log file while the session
was still running would permit an attacker to _hijack_ the session,
and that's the iffy bit.)

[originally from svn r6835]
This commit is contained in:
Simon Tatham
2006-08-29 19:07:11 +00:00
parent bb6482c35d
commit 8b11c26c57
4 changed files with 43 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
logging.c
View File

@ -106,6 +106,7 @@ static void logfopen_callback(void *handle, int mode)
(ctx->cfg.logtype == LGTYP_ASCII ? "ASCII" :
ctx->cfg.logtype == LGTYP_DEBUG ? "raw" :
ctx->cfg.logtype == LGTYP_PACKETS ? "SSH packets" :
ctx->cfg.logtype == LGTYP_SSHRAW ? "SSH raw data" :
"unknown"),
filename_to_str(&ctx->currlogfilename));
logevent(ctx->frontend, event);
@ -203,9 +204,11 @@ void log_eventlog(void *handle, const char *event)
fprintf(stderr, "%s\n", event);
fflush(stderr);
}
if (ctx->cfg.logtype != LGTYP_PACKETS)
if (ctx->cfg.logtype != LGTYP_PACKETS &&
ctx->cfg.logtype != LGTYP_SSHRAW)
return;
logprintf(ctx, "Event Log: %s\r\n", event);
logflush(ctx);
}
/*
@ -222,13 +225,18 @@ void log_packet(void *handle, int direction, int type,
int p = 0, b = 0, omitted = 0;
int output_pos = 0; /* NZ if pending output in dumpdata */
if (ctx->cfg.logtype != LGTYP_PACKETS)
if (!(ctx->cfg.logtype == LGTYP_SSHRAW ||
(ctx->cfg.logtype == LGTYP_PACKETS && texttype)))
return;
/* Packet header. */
logprintf(ctx, "%s packet type %d / 0x%02x (%s)\r\n",
direction == PKT_INCOMING ? "Incoming" : "Outgoing",
type, type, texttype);
if (texttype)
logprintf(ctx, "%s packet type %d / 0x%02x (%s)\r\n",
direction == PKT_INCOMING ? "Incoming" : "Outgoing",
type, type, texttype);
else
logprintf(ctx, "%s raw data\r\n",
direction == PKT_INCOMING ? "Incoming" : "Outgoing");
/*
* Output a hex/ASCII dump of the packet body, blanking/omitting