nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-04-18 11:38:05 -05:00
Code Issues Projects Releases Wiki Activity

More arbitrary-limit hunting: retire PASSPHRASE_MAXLEN in the Windows

Browse Source 
GUIs of Pageant and PuTTYgen. With that and the prompts_t redesign,
there should no longer be any limit on passphrase length other than
the patience of the user.

[originally from svn r9320]
This commit is contained in:
Simon Tatham 2011-10-02 14:14:21 +00:00
parent ff5a9c77fd
commit a27605c784
2 changed files with 61 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
windows/winpgen.c
View File

@ -5,6 +5,7 @@
#include <time.h> #include <time.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <assert.h>
#define PUTTY_DO_GLOBALS #define PUTTY_DO_GLOBALS
@ -116,10 +117,8 @@ static void progress_update(void *param, int action, int phase, int iprogress)
extern char ver[]; extern char ver[];
#define PASSPHRASE_MAXLEN 512
struct PassphraseProcStruct { struct PassphraseProcStruct {
char *passphrase; char **passphrase;
char *comment; char *comment;
}; };
@ -129,7 +128,7 @@ struct PassphraseProcStruct {
static int CALLBACK PassphraseProc(HWND hwnd, UINT msg, static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
WPARAM wParam, LPARAM lParam) WPARAM wParam, LPARAM lParam)
{ {
static char *passphrase = NULL; static char **passphrase = NULL;
struct PassphraseProcStruct *p; struct PassphraseProcStruct *p;
switch (msg) { switch (msg) {
@ -157,8 +156,9 @@ static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
passphrase = p->passphrase; passphrase = p->passphrase;
if (p->comment) if (p->comment)
SetDlgItemText(hwnd, 101, p->comment); SetDlgItemText(hwnd, 101, p->comment);
*passphrase = 0; burnstr(*passphrase);
SetDlgItemText(hwnd, 102, passphrase); *passphrase = dupstr("");
SetDlgItemText(hwnd, 102, *passphrase);
return 0; return 0;
case WM_COMMAND: case WM_COMMAND:
switch (LOWORD(wParam)) { switch (LOWORD(wParam)) {
@ -173,9 +173,8 @@ static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
return 0; return 0;
case 102: /* edit box */ case 102: /* edit box */
if ((HIWORD(wParam) == EN_CHANGE) && passphrase) { if ((HIWORD(wParam) == EN_CHANGE) && passphrase) {
GetDlgItemText(hwnd, 102, passphrase, burnstr(*passphrase);
PASSPHRASE_MAXLEN - 1); *passphrase = GetDlgItemText_alloc(hwnd, 102);
passphrase[PASSPHRASE_MAXLEN - 1] = '\0';
} }
return 0; return 0;
} }
@ -617,13 +616,12 @@ void ui_set_state(HWND hwnd, struct MainDlgState *state, int status)
void load_key_file(HWND hwnd, struct MainDlgState *state, void load_key_file(HWND hwnd, struct MainDlgState *state,
Filename *filename, int was_import_cmd) Filename *filename, int was_import_cmd)
{ {
char passphrase[PASSPHRASE_MAXLEN]; char *passphrase;
int needs_pass; int needs_pass;
int type, realtype; int type, realtype;
int ret; int ret;
const char *errmsg = NULL; const char *errmsg = NULL;
char *comment; char *comment;
struct PassphraseProcStruct pps;
struct RSAKey newkey1; struct RSAKey newkey1;
struct ssh2_userkey *newkey2 = NULL; struct ssh2_userkey *newkey2 = NULL;
@ -646,17 +644,22 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
} }
comment = NULL; comment = NULL;
passphrase = NULL;
if (realtype == SSH_KEYTYPE_SSH1) if (realtype == SSH_KEYTYPE_SSH1)
needs_pass = rsakey_encrypted(filename, &comment); needs_pass = rsakey_encrypted(filename, &comment);
else if (realtype == SSH_KEYTYPE_SSH2) else if (realtype == SSH_KEYTYPE_SSH2)
needs_pass = ssh2_userkey_encrypted(filename, &comment); needs_pass = ssh2_userkey_encrypted(filename, &comment);
else else
needs_pass = import_encrypted(filename, realtype, &comment); needs_pass = import_encrypted(filename, realtype, &comment);
pps.passphrase = passphrase;
pps.comment = comment;
do { do {
burnstr(passphrase);
passphrase = NULL;
if (needs_pass) { if (needs_pass) {
int dlgret; int dlgret;
struct PassphraseProcStruct pps;
pps.passphrase = &passphrase;
pps.comment = comment;
dlgret = DialogBoxParam(hinst, dlgret = DialogBoxParam(hinst,
MAKEINTRESOURCE(210), MAKEINTRESOURCE(210),
NULL, PassphraseProc, NULL, PassphraseProc,
@ -665,8 +668,9 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
ret = -2; ret = -2;
break; break;
} }
assert(passphrase != NULL);
} else } else
*passphrase = '\0'; passphrase = dupstr("");
if (type == SSH_KEYTYPE_SSH1) { if (type == SSH_KEYTYPE_SSH1) {
if (realtype == type) if (realtype == type)
ret = loadrsakey(filename, &newkey1, passphrase, &errmsg); ret = loadrsakey(filename, &newkey1, passphrase, &errmsg);
@ -779,6 +783,7 @@ void load_key_file(HWND hwnd, struct MainDlgState *state,
MB_OK | MB_ICONINFORMATION); MB_OK | MB_ICONINFORMATION);
} }
} }
burnstr(passphrase);
} }
/* /*
@ -1097,8 +1102,7 @@ static int CALLBACK MainDlgProc(HWND hwnd, UINT msg,
(struct MainDlgState *) GetWindowLongPtr(hwnd, GWLP_USERDATA); (struct MainDlgState *) GetWindowLongPtr(hwnd, GWLP_USERDATA);
if (state->key_exists) { if (state->key_exists) {
char filename[FILENAME_MAX]; char filename[FILENAME_MAX];
char passphrase[PASSPHRASE_MAXLEN]; char *passphrase, *passphrase2;
char passphrase2[PASSPHRASE_MAXLEN];
int type, realtype; int type, realtype;
if (state->ssh2) if (state->ssh2)
@ -1124,16 +1128,17 @@ static int CALLBACK MainDlgProc(HWND hwnd, UINT msg,
break; break;
} }
GetDlgItemText(hwnd, IDC_PASSPHRASE1EDIT, passphrase = GetDlgItemText_alloc(hwnd, IDC_PASSPHRASE1EDIT);
passphrase, sizeof(passphrase)); passphrase2 = GetDlgItemText_alloc(hwnd, IDC_PASSPHRASE2EDIT);
GetDlgItemText(hwnd, IDC_PASSPHRASE2EDIT,
passphrase2, sizeof(passphrase2));
if (strcmp(passphrase, passphrase2)) { if (strcmp(passphrase, passphrase2)) {
MessageBox(hwnd, MessageBox(hwnd,
"The two passphrases given do not match.", "The two passphrases given do not match.",
"PuTTYgen Error", MB_OK | MB_ICONERROR); "PuTTYgen Error", MB_OK | MB_ICONERROR);
burnstr(passphrase);
burnstr(passphrase2);
break; break;
} }
burnstr(passphrase2);
if (!*passphrase) { if (!*passphrase) {
int ret; int ret;
ret = MessageBox(hwnd, ret = MessageBox(hwnd,
@ -1141,8 +1146,10 @@ static int CALLBACK MainDlgProc(HWND hwnd, UINT msg,
"without a passphrase to protect it?", "without a passphrase to protect it?",
"PuTTYgen Warning", "PuTTYgen Warning",
MB_YESNO | MB_ICONWARNING); MB_YESNO | MB_ICONWARNING);
if (ret != IDYES) if (ret != IDYES) {
break; burnstr(passphrase);
break;
}
} }
if (prompt_keyfile(hwnd, "Save private key as:", if (prompt_keyfile(hwnd, "Save private key as:",
filename, 1, (type == realtype))) { filename, 1, (type == realtype))) {
@ -1156,8 +1163,10 @@ static int CALLBACK MainDlgProc(HWND hwnd, UINT msg,
ret = MessageBox(hwnd, buffer, "PuTTYgen Warning", ret = MessageBox(hwnd, buffer, "PuTTYgen Warning",
MB_YESNO | MB_ICONWARNING); MB_YESNO | MB_ICONWARNING);
sfree(buffer); sfree(buffer);
if (ret != IDYES) if (ret != IDYES) {
burnstr(passphrase);
break; break;
}
} }
if (state->ssh2) { if (state->ssh2) {
@ -1185,6 +1194,7 @@ static int CALLBACK MainDlgProc(HWND hwnd, UINT msg,
"PuTTYgen Error", MB_OK | MB_ICONERROR); "PuTTYgen Error", MB_OK | MB_ICONERROR);
} }
} }
burnstr(passphrase);
} }
break; break;
case IDC_SAVEPUB: case IDC_SAVEPUB:

46
windows/winpgnt.c
View File

@ -159,10 +159,8 @@ struct blob {
}; };
static int cmpkeys_ssh2_asymm(void *av, void *bv); static int cmpkeys_ssh2_asymm(void *av, void *bv);
#define PASSPHRASE_MAXLEN 512
struct PassphraseProcStruct { struct PassphraseProcStruct {
char *passphrase; char **passphrase;
char *comment; char *comment;
}; };
@ -247,7 +245,7 @@ static HWND passphrase_box;
static int CALLBACK PassphraseProc(HWND hwnd, UINT msg, static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
WPARAM wParam, LPARAM lParam) WPARAM wParam, LPARAM lParam)
{ {
static char *passphrase = NULL; static char **passphrase = NULL;
struct PassphraseProcStruct *p; struct PassphraseProcStruct *p;
switch (msg) { switch (msg) {
@ -275,8 +273,9 @@ static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
passphrase = p->passphrase; passphrase = p->passphrase;
if (p->comment) if (p->comment)
SetDlgItemText(hwnd, 101, p->comment); SetDlgItemText(hwnd, 101, p->comment);
*passphrase = 0; burnstr(*passphrase);
SetDlgItemText(hwnd, 102, passphrase); *passphrase = dupstr("");
SetDlgItemText(hwnd, 102, *passphrase);
return 0; return 0;
case WM_COMMAND: case WM_COMMAND:
switch (LOWORD(wParam)) { switch (LOWORD(wParam)) {
@ -291,9 +290,8 @@ static int CALLBACK PassphraseProc(HWND hwnd, UINT msg,
return 0; return 0;
case 102: /* edit box */ case 102: /* edit box */
if ((HIWORD(wParam) == EN_CHANGE) && passphrase) { if ((HIWORD(wParam) == EN_CHANGE) && passphrase) {
GetDlgItemText(hwnd, 102, passphrase, burnstr(*passphrase);
PASSPHRASE_MAXLEN - 1); *passphrase = GetDlgItemText_alloc(hwnd, 102);
passphrase[PASSPHRASE_MAXLEN - 1] = '\0';
} }
return 0; return 0;
} }
@ -387,7 +385,7 @@ static void keylist_update(void)
*/ */
static void add_keyfile(Filename *filename) static void add_keyfile(Filename *filename)
{ {
char passphrase[PASSPHRASE_MAXLEN]; char *passphrase;
struct RSAKey *rkey = NULL; struct RSAKey *rkey = NULL;
struct ssh2_userkey *skey = NULL; struct ssh2_userkey *skey = NULL;
int needs_pass; int needs_pass;
@ -395,7 +393,6 @@ static void add_keyfile(Filename *filename)
int attempts; int attempts;
char *comment; char *comment;
const char *error = NULL; const char *error = NULL;
struct PassphraseProcStruct pps;
int type; int type;
int original_pass; int original_pass;
@ -523,17 +520,24 @@ static void add_keyfile(Filename *filename)
attempts = 0; attempts = 0;
if (type == SSH_KEYTYPE_SSH1) if (type == SSH_KEYTYPE_SSH1)
rkey = snew(struct RSAKey); rkey = snew(struct RSAKey);
pps.passphrase = passphrase; passphrase = NULL;
pps.comment = comment;
original_pass = 0; original_pass = 0;
do { do {
burnstr(passphrase);
passphrase = NULL;
if (needs_pass) { if (needs_pass) {
/* try all the remembered passphrases first */ /* try all the remembered passphrases first */
char *pp = index234(passphrases, attempts); char *pp = index234(passphrases, attempts);
if(pp) { if(pp) {
strcpy(passphrase, pp); passphrase = dupstr(pp);
} else { } else {
int dlgret; int dlgret;
struct PassphraseProcStruct pps;
pps.passphrase = &passphrase;
pps.comment = comment;
original_pass = 1; original_pass = 1;
dlgret = DialogBoxParam(hinst, MAKEINTRESOURCE(210), dlgret = DialogBoxParam(hinst, MAKEINTRESOURCE(210),
NULL, PassphraseProc, (LPARAM) &pps); NULL, PassphraseProc, (LPARAM) &pps);
@ -545,9 +549,12 @@ static void add_keyfile(Filename *filename)
sfree(rkey); sfree(rkey);
return; /* operation cancelled */ return; /* operation cancelled */
} }
assert(passphrase != NULL);
} }
} else } else
*passphrase = '\0'; passphrase = dupstr("");
if (type == SSH_KEYTYPE_SSH1) if (type == SSH_KEYTYPE_SSH1)
ret = loadrsakey(filename, rkey, passphrase, &error); ret = loadrsakey(filename, rkey, passphrase, &error);
else { else {
@ -562,11 +569,14 @@ static void add_keyfile(Filename *filename)
attempts++; attempts++;
} while (ret == -1); } while (ret == -1);
/* if they typed in an ok passphrase, remember it */
if(original_pass && ret) { if(original_pass && ret) {
char *pp = dupstr(passphrase); /* If they typed in an ok passphrase, remember it */
addpos234(passphrases, pp, 0); addpos234(passphrases, passphrase, 0);
} else {
/* Otherwise, destroy it */
burnstr(passphrase);
} }
passphrase = NULL;
if (comment) if (comment)
sfree(comment); sfree(comment);