1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Commit Graph

40 Commits

Author SHA1 Message Date
Simon Tatham
cd7f6c4407 Certificate-aware handling of key fingerprints.
OpenSSH, when called on to give the fingerprint of a certified public
key, will in many circumstances generate the hash of the public blob
of the _underlying_ key, rather than the hash of the full certificate.

I think the hash of the certificate is also potentially useful (if
nothing else, it provides a way to tell apart multiple certificates on
the same key). But I can also see that it's useful to be able to
recognise a key as the same one 'really' (since all certificates on
the same key share a private key, so they're unavoidably related).

So I've dealt with this by introducing an extra pair of fingerprint
types, giving the cross product of {MD5, SHA-256} x {base key only,
full certificate}. You can manually select which one you want to see
in some circumstances (notably PuTTYgen), and in others (such as
diagnostics) both fingerprints will be emitted side by side via the
new functions ssh2_double_fingerprint[_blob].

The default, following OpenSSH, is to just fingerprint the base key.
2022-08-05 18:08:59 +01:00
Simon Tatham
3e7274fdad Windows Pageant: use an owner-drawn list box for the key list.
The main key list control in the Pageant window was previously an
ordinary LBS_HASSTRINGS list box, with tab characters aligning the
various parts of the key information into different columns. This was
fragile because any mistake in the font metrics could have overflowed
a tab stop and forced the text to move on to the next one.

Now I've switched the list box into LBS_OWNERDRAWFIXED mode, which
means that in place of a string for each list item I store a struct of
my choice, and I have to draw the list-box entries myself by
responding to WM_DRAWITEM. So now I'm drawing each component of the
key information as a separate call to ExtTextOut (plus one
TabbedTextOut to put the '(encrypted)' suffix on the end), which means
that the tab stops are now guaranteed to appear where I tell them to.

No functional change, for the moment: this is pure refactoring. As
closely as I can tell, the appearance of the list box is
pixel-for-pixel what it was before this commit. But it opens the door
for two further improvements (neither one done in this commit): I can
dynamically choose the tab stop locations based on querying the text
metrics of the strings that will actually need to fit in the columns,
and also, whatever reorganisation I need to do to make certificates
fit sensibly in this list box can now be done without worrying about
breaking anything terribly fragile.
2022-08-01 19:40:24 +01:00
Simon Tatham
932f6f5387 windows/pageant.rc: add missing symbolic constant.
The main list box in the Pageant key list window was identified by a
numeric control id, even though pageant-rc.h has a nice meaningful
macro name for it (and pageant.c uses that).
2022-08-01 17:32:40 +01:00
Simon Tatham
f39c51f9a7 Rename most of the platform source files.
This gets rid of all those annoying 'win', 'ux' and 'gtk' prefixes
which made filenames annoying to type and to tab-complete. Also, as
with my other recent renaming sprees, I've taken the opportunity to
expand and clarify some of the names so that they're not such cryptic
abbreviations.
2021-04-26 18:00:01 +01:00
Simon Tatham
f5a962fb34 winpgnt: add a help button to async passphrase prompt.
Suggested by Jacob: if this dialog box is going to pop up
_unexpectedly_ - perhaps when people have momentarily forgotten
they're even running Pageant, or at least forgotten they added a key
encrypted,, or maybe haven't found out yet that their IT installed it
- then it could usefully come with a help button that pops up further
explanation of what the dialog box means, and from which you can find
your way to the rest of the help.
2021-04-22 20:00:46 +01:00
Simon Tatham
16a59b5972 winpgnt: say 'click to focus' in async passphrase prompt.
I continue to believe that there's nothing I can (or should) do about
the fact that on Windows, Pageant's async passphrase prompt dialog box
doesn't automatically get the input focus when it pops up in response
to a request received via invisible IPC.

However, one thing I can do is add some text to the box that _warns_
people about it, so that at least there's some kind of suggestion that
you should get into the habit of clicking on the passphrase prompt
before typing your passphrase into it.

(I would be less concerned about all of this if it weren't for the
fact that focus is surprisingly non-obvious on Windows 10, at least on
the machine I have here. When the window doesn't have focus, the title
bar has the same background colour, and only the text is fainter. And
perhaps more confusingly, the cursor in the edit box still flashes!
That fooled _me_ a few times to begin with.)
2021-04-22 20:00:46 +01:00
Simon Tatham
f5df09adb7 winpgnt: add GUI button to re-encrypt an SSH-2 key. 2021-04-04 09:44:00 +01:00
Simon Tatham
0f61291f80 pageant.rc: make a header file of dialog/control ids.
I'm tired of remembering all those fiddly magic numbers and copying
them back and forth between the .rc file and the source code. I'm even
more tired of having to remember that in the long string of numbers
after a dialog item definition, the first one of them _isn't_ one of
the position and size coordinates. I've given them all symbolic names,
like they should have had all along.

I think I originally didn't bother because this was such a small GUI
compared to the much larger one in PuTTY proper. But it's growing!
2021-04-04 09:28:46 +01:00
Simon Tatham
b0f9e3a6ad winpgnt: GUI actions to add keys encrypted.
I've added a new option to the system tray menu, and a new button to
the key list window.
2021-04-02 13:43:20 +01:00
Simon Tatham
efc31ee30d Polish up passphrase prompts for key decryption.
Now Windows Pageant has two clearly distinct dialog boxes for
requesting a key passphrase: one to use synchronously when the user
has just used the 'Add Key' GUI action, and one to use asynchronously
in response to an agent client's attempt to use a key that was loaded
encrypted.

Also fixed the wording in the asynchronous box: there were two copies
of the 'enter passphrase' instruction, one from the dialog definition
in pageant.rc file and one from the cross-platform pageant.c. Now
pageant.c doesn't format a whole user-facing message any more: it
leaves that to the platform front end to do it the way it wants.

I've also added a call to SetForegroundWindow, to try to get the
passphrase prompt into the foreground. In my experience this doesn't
actually get it the keyboard focus, which I think is deliberate on
Windows's part and there's nothing I can do about it. But at least the
user should _see_ that the prompt is there, so they can focus it
themself.
2021-04-02 13:43:20 +01:00
Simon Tatham
911ead25e7 Windows Pageant: configurable fingerprint type.
There's now a drop-down list box below the key list, from which you
can select a fingerprint type. Also, like GUI PuTTYgen, I've widened
the key list window to make room for wider SHA256 fingerprints.
2021-03-13 11:01:35 +00:00
Jacob Nevins
a60d455c27 Grow the Windows Licence dialog.
It was cutting off the last line or so, on some fairly standard
Win7/Win10 installations.
2019-03-18 20:32:55 +00:00
Jacob Nevins
57020eef82 Grow PuTTYgen and Pageant About boxes.
To match a2b040ee09 for PuTTY/PuTTYtel.
2019-03-18 20:32:06 +00:00
Simon Tatham
67d3791de8 Stop looking for putty.chm alongside the binary.
With this change, we stop expecting to find putty.chm alongside the
executable file. That was a security hazard comparable to DLL
hijacking, because of the risk that a malicious CHM file could be
dropped into the same directory as putty.exe (e.g. if someone ran
PuTTY from their browser's download dir)..

Instead, the standalone putty.exe (and other binaries needing help)
embed the proper CHM file within themselves, as a Windows resource,
and if called on to display the help then they write the file out to a
temporary location. This has the advantage that if you download and
run the standalone putty.exe then you actually _get_ help, which
previously didn't happen!

The versions of the binaries in the installer don't each contain a
copy of the help file; that would be extravagant. Instead, the
installer itself writes a registry entry pointing at the proper help
file, and the executables will look there.

Another effect of this commit is that I've withdrawn support for the
older .HLP format completely. It's now entirely outdated, and
supporting it through this security fix would have been a huge pain.
2019-03-16 12:25:23 +00:00
Simon Tatham
9ce982622f Pageant and PuTTYgen About boxes: add the website button.
While I'm looking at these two dialog boxes, I notice there's another
prominent difference between PuTTY's one and these: I also never got
round to adding the button to go to PuTTY's main website. Now added.
2017-02-22 07:06:00 +00:00
Simon Tatham
aa68c2872c Pageant and PuTTYgen About boxes: enlarge to modern size.
The current About boxes are too small to fit in all the buildinfo
data, in particular the source-control commit id. Apparently I forgot
to enlarge them when I enlarged the one in PuTTY proper.

(All the same information is nonetheless *present* in the box, but
there seems to be no way to scroll a static text control, so you can
only find that out by 'Select All' and copying to the clipboard.)

Anyway. Now resized to the same dimensions as the main PuTTY About
box. (Really I should centralise more definitions into a common
resource file, but there we go.)
2017-02-22 07:04:34 +00:00
Simon Tatham
7e14730b83 Include 'build info' in all --version text and About boxes.
This shows the build platform (32- vs 64-bit in particular, and also
whether Unix GTK builds were compiled with or without the X11 pieces),
what compiler was used to build the binary, and any interesting build
options that might have been set on the make command line (especially,
but not limited to, the security-damaging ones like NO_SECURITY or
UNPROTECT). This will probably be useful all over the place, but in
particular it should allow the different Windows binaries to be told
apart!

Commits 21101c739 and 2eb952ca3 laid the groundwork for this, by
allowing the various About boxes to contain free text and also
ensuring they could be copied and pasted easily as part of a bug
report.
2017-01-21 14:55:53 +00:00
Simon Tatham
2eb952ca31 Use readonly edit controls in some Windows dialogs.
This makes the About and Licence boxes copy-and-pasteable, similarly
to what I've just done on Unix.

(But unlike on the Unix side, here I haven't touched the host key
prompt dialog, because that's a standard Windows MessageBox and not
easy to mess around with. Plus, in any case, you can already hit ^C to
copy the whole text out of a MessageBox. Same goes for the PGP
fingerprints dialog.)

As a side effect, several copies of the copyright notice and licence
text have moved from .rc files into C source. I've updated
CHECKLST.txt, but they won't stay there for long.
2015-12-22 13:32:39 +00:00
Jacob Nevins
5904545cc1 Merge branch 'pre-0.64' 2015-01-05 23:49:25 +00:00
Jacob Nevins
bff08a95e7 It's a new year. 2015-01-05 23:48:11 +00:00
Jacob Nevins
7ef8505c78 Rewrap Windows licence dialogs.
The extra contributor pushed one line past the edge.
2014-11-03 23:45:47 +00:00
Simon Tatham
880421a9af Add Christopher Staite to the list of copyright holders. 2014-11-02 18:16:54 +00:00
Jacob Nevins
bd119b1fba It's a new year.
[originally from svn r10114]
2014-01-15 23:57:54 +00:00
Jacob Nevins
0cc6fb8bfe Belatedly update the copyright year to 2013.
[originally from svn r9993]
[this svn revision also touched putty-website]
2013-08-05 15:15:17 +00:00
Jacob Nevins
0e6f6ff4eb It's a new year.
[originally from svn r9390]
[this svn revision also touched putty-website]
2012-01-26 18:53:53 +00:00
Jacob Nevins
c5228adce3 It's a new year.
[originally from svn r9072]
[this svn revision also touched putty-website]
2011-01-05 12:01:00 +00:00
Jacob Nevins
075d6e819e It's a new year.
[originally from svn r8848]
[this svn revision also touched putty-website]
2010-01-17 17:27:27 +00:00
Jacob Nevins
e4027368fd It's a new year (and there have even been checkins).
[originally from svn r8392]
[this svn revision also touched putty-website]
2009-01-05 23:49:19 +00:00
Simon Tatham
822628246e Merge out from trunk, to keep this branch viable. We are now up to
date as of r7913.

[originally from svn r7914]
[r7913 == d7eda6d99c]
2008-03-10 18:48:36 +00:00
Jacob Nevins
9503c5e5c3 It's a new year (and we've even made a code checkin).
[originally from svn r7883]
[this svn revision also touched putty-website]
2008-02-24 00:16:29 +00:00
Simon Tatham
35309b5683 Add Colin to the licence. (I must remember to add him to the licence
on the website, when we merge this back into the trunk.)

[originally from svn r7158]
2007-01-25 19:36:11 +00:00
Jacob Nevins
55947f2346 It's a new year.
[originally from svn r7048]
[this svn revision also touched putty-website,puzzles]
2007-01-01 21:19:14 +00:00
Jacob Nevins
6a596c736a It's a new year.
[originally from svn r6513]
[this svn revision also touched halibut,putty-website,puzzles]
2006-01-08 18:18:11 +00:00
Jacob Nevins
4d48ba62e8 `win-versioninfo': all builds of all Windows binaries now contain
a VERSIONINFO resource. The versioning scheme is described in
windows/version.rc2.

Some .rc files are now #included in others. In order to keep MSVC
project files working, these have been renamed to .rc2; there may exist
a better solution.

(This checkin also includes the documentation tweak missing from r6367.)

Testing performed:
 - MinGW (cross-compiler): works
 - VC nmake: works (tested with VC6)
 - VC project files: builds with VERSIONINFO resource (no VER variable though)
 - Borland: an old version of this patch was tested with it and more or
   less worked, except that some of the VERSIONINFO strings were apparently
   not terminated properly. Not attempted to work around this.
 - LCC: not tested. Some fixes are in there from the last time we tried
   this, but then the build ultimately failed and I haven't tried this
   since that was fixed.
 - Dev-C++: untested. (Haven't done anything special.)
 - Unix Gtk/autoconf Makefiles work as before.

[originally from svn r6374]
[r6367 == f86ad059db]
[this svn revision also touched putty-wishlist]
2005-10-04 14:13:28 +00:00
Jacob Nevins
2ba272c262 Add NO_MANIFESTS option to Windows build, as the manifests apparently cause
trouble for 64-bit Windows builds.
Also flag the build flags that only apply to Windows.

[originally from svn r5820]
2005-05-21 14:35:21 +00:00
Jacob Nevins
62faf61d6e Oops, forgot to credit Ahmad Khalifa of arabeyes.org for the bidi/shaping work.
[originally from svn r5612]
[this svn revision also touched putty-website]
2005-04-07 12:00:01 +00:00
Jacob Nevins
2d379524c3 Since Markus Kuhn no longer explicitly places wcwidth.c in the public domain,
it'd probably be generous to list him in the copyrights.

[originally from svn r5548]
[this svn revision also touched putty-website]
2005-03-23 20:23:07 +00:00
Jacob Nevins
eba099d006 Pull out the common compiler-specific workarounds and so on from individual
resource files into windows/rcstuff.h.

[originally from svn r5405]
2005-02-26 17:43:47 +00:00
Simon Tatham
b93e12d477 It's a new year!
[originally from svn r5061]
[this svn revision also touched putty-website]
2005-01-02 09:19:14 +00:00
Simon Tatham
cb45b9cc25 Now that we have Subversion's file renaming ability, it's time at
long last to move all the Windows-specific source files down into a
`windows' subdirectory. Only platform-specific files remain at the
top level. With any luck this will act as a hint to anyone still
contemplating sending us a Windows-centric patch...

[originally from svn r4792]
2004-11-16 22:14:56 +00:00