1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 09:58:01 +00:00
Commit Graph

534 Commits

Author SHA1 Message Date
Ben Harris
f1a22fb3cb While we're here, pad USERAUTH_INFO_RESPONSEs to 256 bytes too.
[originally from svn r5145]
2005-01-19 17:41:21 +00:00
Ben Harris
e94042612f Make the outgoing SSH2 sequence number unsigned, so as to avoid depending
on overflow behaviour of signed integers.

[originally from svn r5142]
2005-01-19 12:34:52 +00:00
Owen Dunn
9318800643 Yes we do mean assignment. Bah.
[originally from svn r5135]
2005-01-18 19:09:02 +00:00
Owen Dunn
7e19075103 ssh_pkt_getstring wants a boring int rather than an unsigned int. Let's
give it one.

[originally from svn r5129]
2005-01-18 09:38:58 +00:00
Owen Dunn
8bd1aacec0 Change some function arguments to void * to placate picky compilers.
[originally from svn r5124]
2005-01-17 10:07:13 +00:00
Ben Harris
8a20515844 In SSH2, rather than sending an SSH_MSG_IGNORE after every password, just
pad the packet out to 256 bytes.  Much simpler.

This leavs ssh2_pkt_defer() unused, so ifdef it out.

[originally from svn r5122]
2005-01-17 00:50:35 +00:00
Ben Harris
214e11a7fe Be a little less enthusiastic about sending SSH_MSG_CHANNEL_WINDOW_ADJUST:
only send it when it will significantly increase the server's idea of our
window.  This avoids the slew of one-byte WINDOW_ADJUSTs that an interactive
shell typically generates.

[originally from svn r5121]
2005-01-16 14:43:12 +00:00
Simon Tatham
f70efc5cc6 Support for falling back through the list of addresses returned from
a DNS lookup, whether they're IPv4, v6 or a mixture of both.

[originally from svn r5119]
[this svn revision also touched putty-wishlist]
2005-01-16 14:29:34 +00:00
Ben Harris
0f754aac82 Make our SSH2 maximum packet size into a constant, since it's used in several
places.

[originally from svn r5118]
2005-01-16 14:14:59 +00:00
Simon Tatham
f3b5bddd32 Fix `disconnect': arrange that we keep track of when we're expecting
to see the server slam the TCP connection shut (i.e. almost never,
unless it's just sent us an SSH_MSG_DISCONNECT), and treat an
unexpected closure as a non-clean session termination. Previously
any server-initiated connection closure was being treated as a clean
exit, which was a hangover from the good old Telnet-only days.

[originally from svn r5098]
[this svn revision also touched putty-wishlist]
2005-01-11 19:33:41 +00:00
Ben Harris
95368801d3 Versions of OpenSSH before 2.5.4 kill the connection if the client attempts
to rekey.  Extend the description of SSH2_BUG_REKEY to cover this situation
and apply it to the relevant OpenSSH versions.

[originally from svn r5097]
2005-01-11 16:33:08 +00:00
Simon Tatham
d5de8eacab Bah, I left a rogue event log entry lying around.
[originally from svn r5095]
2005-01-11 15:33:35 +00:00
Ben Harris
a16d64ee49 Sun_SSH_1.0.1 also has BUG_SSH2_REKEY.
[originally from svn r5094]
2005-01-11 13:24:47 +00:00
Simon Tatham
e7b53c3ad5 Servers announcing themselves as `Sun_SSH_1.0' apparently cannot
deal with rekeys at all: they totally ignore mid-session KEXINIT
sent by the client. Hence, a new bug entry so we don't try it.

[originally from svn r5092]
2005-01-11 10:37:55 +00:00
Simon Tatham
d72eb8f6db Clear the kex-specific context in ssh->pkt_ctx for every new key
exchange. Without doing this, after we have done one specific-group
DH exchange (group1 or group14), ssh2_pkt_type _always_ translates
30 and 31 as KEXDH_INIT and KEXDH_REPLY, making a subsequent
group-exchange kex look rather strange in an SSH packet log.

[originally from svn r5081]
2005-01-08 13:28:41 +00:00
Jacob Nevins
550f7b37cb Simon points out that r5068 broke keyboard-interactive with multiple
INFO_REQUESTs, and for some reason Debian OpenSSH is sending INFO_REQUESTs
containing no prompts after a normal password authentication, so this
should fix Shai's problem.

[originally from svn r5078]
[r5068 == 297ee2573e]
[this svn revision also touched putty-wishlist]
2005-01-07 16:55:45 +00:00
Simon Tatham
88c52fa85f Use sk_set_frozen() to ensure that no data will be accepted from an
SSH connection when we're in the middle of asking the user a
dialog-box-type question. Fixes `unix-kex-packet', which has just
bitten me when connecting to one of the work Suns.

[originally from svn r5071]
[this svn revision also touched putty-wishlist]
2005-01-07 09:24:24 +00:00
Jacob Nevins
4e550f96b2 Add an explicit message about lack of support for PASSWD_CHANGEREQ in a
half-hearted attempt to flush out any uses of it.

[originally from svn r5070]
2005-01-06 17:05:54 +00:00
Jacob Nevins
297ee2573e `kbdint-failure': we now offer keyboard-interactive auth to the user for as
long as the server offers it, rather than only once, unless the server responds
to our initial USERAUTH_REQUEST("keyboard-interactive") with FAILURE, in which
case we give up on it entirely.

[originally from svn r5068]
[this svn revision also touched putty-wishlist]
2005-01-06 13:23:47 +00:00
Simon Tatham
f5c90091bb Allow reconfiguration of compression and cipher settings in
mid-session in SSH2: this forces an immediate rekey to activate the
new settings. I'm not sure exactly what this will be useful for
(except possibly it might make comparative performance testing
easier?), but it has wonderful James Bond value for being able to
switch to a more secure cipher before doing anything sensitive :-)
If, that is, you weren't using the most secure one to begin with...

[originally from svn r5051]
2004-12-31 10:51:14 +00:00
Simon Tatham
44239efc6b Reinstate the textual service name in port forwarding Event Log
messages where specified. (I had removed this in the previous
revision through forgetfulness.)

[originally from svn r5050]
2004-12-30 17:53:26 +00:00
Simon Tatham
d006b68c5e Jacob points out that when we reconfigure port forwarding, we ought
to be destroying old ones _before_ creating new ones, so that we can
reuse a port for a new purpose without colliding with ourselves.

Also fixed port forwarding, which my IPv6 checkin had completely
funted :-)

[originally from svn r5049]
2004-12-30 17:48:35 +00:00
Simon Tatham
6daf6faede Integrate unfix.org's IPv6 patches up to level 10, with rather a lot
of polishing to bring them to what I think should in principle be
release quality. Unlike the unfix.org patches themselves, this
checkin enables IPv6 by default; if you want to leave it out, you
have to build with COMPAT=-DNO_IPV6.

I have tested that this compiles on Visual C 7 (so the nightlies
_should_ acquire IPv6 support without missing a beat), but since I
don't have IPv6 set up myself I haven't actually tested that it
_works_. It still seems to make correct IPv4 connections, but that's
all I've been able to verify for myself. Further testing is needed.

[originally from svn r5047]
[this svn revision also touched putty-wishlist]
2004-12-30 16:45:11 +00:00
Simon Tatham
7573f3733f Stray // comments.
[originally from svn r5046]
2004-12-30 15:29:38 +00:00
Simon Tatham
b0bf176dfb Loose end from r5031: the Kex panel should only be displayed in
mid-session if we are not using SSHv1. I've done this by introducing
a generic `cfg_info' function which every back end can use to
communicate an int's worth of data to setup_config_box; in SSH
that's the protocol version in use, and in everything else it's
currently zero.

[originally from svn r5040]
[r5031 == d77102a8d5]
2004-12-29 12:32:25 +00:00
Simon Tatham
6120d91507 The latest unfix.org IPv6 patch contains these apparently
IPv6-unrelated changes, which convert ints into unsigned in a few
key places in ssh.c. Looks harmless at worst, possibly terribly
useful, so I think we'll have these no matter what the real IPv6
stuff is up to!

[originally from svn r5038]
2004-12-28 17:12:20 +00:00
Simon Tatham
11655820ca Forgot to initialise ssh->portfwds to NULL. Unusually, this was
pointed out by the MSVC debugger, not by valgrind :-)

[originally from svn r5034]
2004-12-28 16:18:17 +00:00
Simon Tatham
d77102a8d5 Support reconfiguration of key exchange in mid-session. The fiddly
bit is working out when to reschedule the next rekey for when the
timeout or data limit changes; sometimes it will be _right now_
because we're already over the new limit.

Still to do: the Kex panel should not appear in mid-session if we
are using SSHv1.

[originally from svn r5031]
2004-12-28 14:10:32 +00:00
Simon Tatham
81df0d4253 SSH port forwarding is now configurable in mid-session. After doing
Change Settings, the port forwarding setup function is run again,
and tags all existing port forwardings as `do not keep'. Then it
iterates through the config in the normal way; when it encounters a
port forwarding which is already in the tree, it tags it `keep'
rather than setting it up from scratch. Finally, it goes through the
tree and removes any that haven't been labelled `keep'. Hence,
editing the list of forwardings in Change Settings has the effect of
cancelling any forwardings you remove, and adding any new ones.

The SSH panel now appears in the reconfig box, and is empty apart
from a message explaining that it has to be there for subpanels of
it to exist. Better wording for this message would be welcome.

[originally from svn r5030]
2004-12-28 14:07:05 +00:00
Simon Tatham
67f93aa30e Abstracted out the rather large port-forwarding setup code into a
routine which is common between SSH1 and SSH2. Since this routine is
not part of the coroutine system, this means it can't sit and wait
to get its various success/failure responses back. Hence, I've
introduced a system of queued packet handlers, each of which waits
for exactly one of a pair of messages (SSH1_SMSG_{SUCCESS,FAILURE}
or SSH2_MSG_REQUEST_{SUCCESS,FAILURE}), handles it when it arrives,
and automatically de-registers itself. Hence the port-forwarding
setup code can be called once, and then subsequent packets related
to it will automatically be handled as they arrive.

The real purpose of all this is that the infrastructure is now there
for me to arrange mid-session configurability of port forwarding.
However, a side benefit is that fewer round trips are involved in
session startup. I'd quite like to move more of the connection setup
(X forwarding, agent forwarding, pty allocation etc) to using the
new queued handler mechanism for this reason.

[originally from svn r5029]
2004-12-28 14:04:58 +00:00
Jacob Nevins
30896d650e Basic configurability for client-initiated rekeys.
[originally from svn r5027]
2004-12-24 13:39:32 +00:00
Jacob Nevins
d0da973746 Don't offer repeat key exchange as a special command in SSH-1.
[originally from svn r5026]
2004-12-24 10:04:28 +00:00
Jacob Nevins
3c98d6e60d Add a preference list for SSH-2 key exchange algorithms, on a new "Kex" panel
(which will gain more content anon).

Retire BUG_SSH2_DH_GEX and add a backwards-compatibility wart, since we never
did find a way of automatically detecting this alleged server bug, and in any
case there was only ever one report (<3D91F3B5.7030309@inwind.it>, FWIW).

Also generalise askcipher() to a new askalg() (thus touching all the
front-ends).

I've made some attempt to document what SSH key exchange is and why you care,
but it could use some review for clarity (and outright lies).

[originally from svn r5022]
2004-12-23 02:24:07 +00:00
Simon Tatham
56d5dc7eec Support diffie-hellman-group14-sha1 group exchange. Tested against
locally built OpenSSH 3.9, and seems to work fine.

[originally from svn r5018]
2004-12-22 10:53:58 +00:00
Simon Tatham
d67bc798aa Fix obviously stupid segfault. Ahem.
[originally from svn r4989]
2004-12-16 15:38:39 +00:00
Jacob Nevins
d46ebde528 NULL a couple of members after freeing them in ssh_free(). In particular,
should stop ssh_do_close() accessing freed ssh->channels when invoked later
from ssh_free(). Spotted by Fred Sauer.

(Perhaps this is the cause of the crashes people have been reporting on
abnormal closures such as `Software caused connection abort'? I've not been
able to test this.)

[originally from svn r4946]
2004-12-02 13:37:28 +00:00
Simon Tatham
9731b1425d Bah. Ben points out that SSH_1_ version strings should still end in
\n, and also that `\r' and `\n' don't mean what I think they mean on
all compilers (Mac reverses them).

[originally from svn r4941]
2004-12-01 15:34:12 +00:00
Simon Tatham
4c31b113a6 And now I look at it, the latest draft also says version strings
should be followed by \r\n, not just \n.

[originally from svn r4940]
2004-12-01 13:42:50 +00:00
Simon Tatham
22c46786be Kimmo Parviainen points out that SSH software version strings have
restrictions on the use of hyphens and spaces.

[originally from svn r4939]
2004-12-01 13:37:31 +00:00
Jacob Nevins
d0992ade3d typo in comment
[originally from svn r4923]
2004-11-29 09:27:13 +00:00
Simon Tatham
8c69ba0672 Loose end from timing shakeup: sshrand.c is now a client of
timing.c, and hence takes its own responsibility for calling
noise_regular() at regular intervals. Again, this means it will be
called consistently in _all_ the SSH-speaking tools, not just those
in which I remembered to call it!

[originally from svn r4913]
2004-11-27 19:56:38 +00:00
Simon Tatham
02b0474f57 Almost _all_ of the final connection-layer loop, in both SSH1 and
SSH2, is now handled by the packet dispatch table. Dispatch table
entries are enabled as soon as possible, so that if anyone tries to
(for example) start using a forwarded port before the main shell
session setup has finished, things should work sensibly.

The SSH code is now a hybrid of coroutine-based sequential logic and
table-driven event dispatch, each where it makes the most sense. I'm
rather pleased with it.

Should fix: ext-data-at-start, portfwd-at-start.

[originally from svn r4909]
[this svn revision also touched putty-wishlist]
2004-11-27 15:32:45 +00:00
Simon Tatham
812870d1b3 Implement client-initiated rekeys after an hour, or after 1Gb of
data transfer in either direction (whichever comes first), or at
explicit client request (nice idea Jacob). Have tested by lowering
the limits, and it all seems solid enough; in particular, this has
also allowed me to test the behaviour when connection-level data is
received during rekey, and that looks fine too (at least it does
_now_ :-).

[originally from svn r4908]
[this svn revision also touched putty-wishlist]
2004-11-27 14:29:20 +00:00
Simon Tatham
7ecf13564a New timing infrastructure. There's a new function schedule_timer()
which pretty much any module can call to request a call-back in the
future. So terminal.c can do its own handling of blinking, visual
bells and deferred screen updates, without having to rely on
term_update() being called 50 times a second (fixes: pterm-timer);
and ssh.c and telnet.c both invoke a new module pinger.c which takes
care of sending keepalives, so they get sent uniformly in all front
ends (fixes: plink-keepalives, unix-keepalives).

[originally from svn r4906]
[this svn revision also touched putty-wishlist]
2004-11-27 13:20:21 +00:00
Simon Tatham
a4ba026838 Re-architected the top level of the SSH protocol handlers.
ssh1_protocol() and ssh2_protocol() are now high-level functions
which see _every_ SSH packet and decide which lower-level function
to pass it to. Also, they each support a dispatch table of simple
handler functions for message types which can arrive at any time.
Results are:

 - ignore, debug and disconnect messages are now handled by the
   dispatch table rather than being warts in the rdpkt functions

 - SSH2_MSG_WINDOW_ADJUST is handled by the dispatch table, which
   means that do_ssh2_authconn doesn't have to explicitly
   special-case it absolutely every time it waits for a response to
   its latest channel request

 - the top-level SSH2 protocol function chooses whether messages get
   funnelled to the transport layer or the auth/conn layer based on
   the message number ranges defined in the SSH architecture draft -
   so things that should go to auth/conn go there even in the middle
   of a rekey (although a special case is that nothing goes to
   auth/conn until initial kex has finished). This should fix the
   other half of ssh2-kex-data.

[originally from svn r4901]
2004-11-24 20:35:15 +00:00
Simon Tatham
1ca821cfb1 Now that Packet structures are dynamically allocated, it means we
can keep several of them in parallel. In particular, this allows us
to queue outgoing packets during repeat key exchange, to be actually
sent after the rekey completes.

(This doesn't fully fix ssh2-kex-data; also required is the ability
to handle _incoming_ connection-layer packets during rekey without
exploding.)

[originally from svn r4899]
2004-11-24 19:23:02 +00:00
Simon Tatham
277089b0fb Minor refactoring: the fields pktin' and pktout' in the Ssh
structure have been retired. Now all Packet structures are
dynamically allocated. Each rdpkt function allocates one, and it's
freed after being used; and the packet construction functions
allocate them too, and they're freed by the send functions.

`pktin' and `pktout' were ugly. They were _morally_ still global
variables; even though they were replicated per SSH session to
comply with the Mac no-globals requirement, they weren't really in
the _spirit_ of `dynamically allocate your data'.

As a side effect of this change, the `pktout_blanks' and
`pktout_nblanks' fields in the Ssh structure have been moved into
the Packet structure.

[originally from svn r4898]
2004-11-24 18:45:52 +00:00
Jacob Nevins
1969da0208 XXX comment in the logic which sends failed password auth back to username
prompt for keyboard-interactive. I suspect we should do the same with that
method (especially given the apparent number of systems that use it for
regular password auth), but in the absence of systems to test against I've
not actually made the change. (I'm worried that the `partial success' field
might not be set correctly in a multi-stage authentication, for instance.)

[originally from svn r4850]
2004-11-20 17:47:40 +00:00
Jacob Nevins
abf999a809 As a result of the policy allowing changes of username to reset the
authentication state, a failed `password' authentication in SSH-2 was
sending us back to trying `none' and `keyboard-interactive' each time
round, which uses up OpenSSH's quota of authentication attempts rather
quickly. Added a check for `cfg.change_username' to the logic which
sends us back to the start.

[originally from svn r4849]
2004-11-20 17:11:38 +00:00
Jacob Nevins
b66d69ee25 Remove FLAG_INTERACTIVE test from "login as:" prompt. Kelly John Carney
pointed out that Plink would attempt to use a zero-length username iff
a remote command was specified (because the FLAG_INTERACTIVE test was
erroneously combined with the no-username test).

I don't think this will break non-interactive use; in the cases which
behave differently, Plink would be attempting to use the empty
username, which was almost certainly wrong, whereas now it will give a
prompt (which can be avoided with -batch as usual).

(Although perhaps we should attempt to use a local username as a guess for
the remote username, as PSCP does? I've not done this.)

[originally from svn r4831]
2004-11-19 20:57:32 +00:00
Jacob Nevins
352bca5b1e Argh, I messed up SSH1 remote tunnels too (same mistake).
[originally from svn r4728]
2004-11-01 14:18:37 +00:00
Jacob Nevins
f24ac64cef Ahem, let's not try initialising a static with a non-constant initialiser.
Also, I'm pretty sure that adding a source address to a remote SSH-2 forwarding
can never have worked, since we added an address string to the packet twice in
that case. OpenSSH 3.4p1 certainly doesn't like it (`Server has disabled port
forwarding' debug message). Fixed (and OpenSSH is happier now).

[originally from svn r4727]
2004-11-01 00:47:37 +00:00
Jacob Nevins
86ba7399bb Argh. Failure to make a variable static to get round coroutine
mechanics means that each SSH-2 remote tunnel will sfree() something
random and thus have a chance of crashing or doing something else
bad, although it won't otherwise affect execution. Introduced in
1.319 [r4529] (some of my improved diagnostics). One day I'll make a
checkin to ssh.c without forgetting about the coroutines...

[originally from svn r4725]
[r4529 == 27193c4bf0]
2004-11-01 00:17:31 +00:00
Jacob Nevins
2e90539429 Malcolm Rowe spotted that we broke display of SSH2_MSG_DEBUG messages while
fixing `vuln-ssh2-debug', by missing out a field. In most cases
(always_display = 0) we would log a zero-length or truncated message.

(Also add a prototype for ssh2_pkt_getbool().)

[originally from svn r4718]
2004-10-28 00:23:44 +00:00
Simon Tatham
64821979b1 Better bounds checking in the exit-signal handler.
[originally from svn r4670]
2004-10-22 16:50:51 +00:00
Simon Tatham
5ff0e6b1d9 We ought to be using the ssh_pkt_* routines for the messages which we
process at any time in the rdpkt routines, as well as everywhere else.

[originally from svn r4669]
2004-10-22 16:47:46 +00:00
Jacob Nevins
7543a93516 Add support for logging "exit-signal", why not.
This is disgustingly huge because old versions of OpenSSH got the message
format wrong, so we have to infer which format is in use. Tested with
Debian stable OpenSSH (3.4p1), with `uint32' packet, and lshd, which uses
the correct `string' packet, and also let me test "core dumped" and the
explanatory message.

[originally from svn r4653]
2004-10-18 00:41:48 +00:00
Jacob Nevins
17b0d8c58e Support the SSH-2 mechanism for sending signals to a running session. Neither
of the SSH servers I conveniently have access to (Debian stable OpenSSH --
3.4p1 -- and lshd) seem to take a blind bit of notice, but the channel
requests look fine to me in the packet log.

I've included all the signals explicitly defined by
draft-ietf-secsh-connect-19, but I've put the more obscure ones in a submenu
of the specials menu; there's therefore been some minor upheaval to support
such submenus.

[originally from svn r4652]
2004-10-17 21:22:22 +00:00
Jacob Nevins
1efa60e40d We shouldn't offer the Break special when we don't have a session to send it
down. (A side effect of fixing this is that ssh->mainchain is set to NULL
when it closes, which might avoid other sorts of trouble.)

While we're here, don't bother offering SSH1_MSG_IGNORE if we believe the
remote will barf on it.

[originally from svn r4650]
2004-10-17 15:32:42 +00:00
Simon Tatham
859d92a577 Moved the environment variables config block out of the Telnet panel
into the Connection panel, and implemented support for the SSH2
"env" request. (I haven't yet found a server which accepts this
request, so although I've visually checked the packet log and it
looks OK, I haven't yet been able to do a full end-to-end test.)
Also, the `pty' backend reads this data and does a series of
`putenv' commands before launching the shell or application.

This is mostly because in last week's UTF-8 faffings I got
thoroughly sick of typing `export LANG=en_GB.UTF-8' every time I
started a new testing pterm, and it suddenly occurred to me that
this would be precisely the sort of thing you'd want to have pterm
set up for you, particularly since you can configure it alongside
the translation settings and so you can ensure they match up
properly.

[originally from svn r4645]
2004-10-16 10:56:54 +00:00
Simon Tatham
dd279dffc2 Implement part of `ssh2-generality': introduce the ability to tell
PuTTY / Plink not to run a remote shell/command at all. Supported in
the GUI configuration and via the (OpenSSH-like) -N command-line
option.

No effort is currently made to arrange `nice' UI properties. If you
do this in GUI PuTTY, a full-size terminal window will still be
created, and will sit there with almost nothing in it throughout
your session. If you do it in Plink, Plink will not accept any kind
of request to terminate gracefully; you'll have to ^C or kill it.
Nonetheless, even this little will be useful to some people...

[originally from svn r4614]
2004-10-13 13:43:11 +00:00
Jacob Nevins
e375ba107d `ssh-log-pw-blank': known password fields are now omitted from SSH packet logs
by default (although they can be included). There's also an option to remove
session data, which is good both for privacy and for reducing the size of
logfiles.

[originally from svn r4593]
2004-10-02 00:33:27 +00:00
Jacob Nevins
fb92f118bd Mention the negotiated SSH-2 MAC algorithm(s) in the Event Log.
(It should be possible to at least see what MAC is in use without going to a
SSH packet log.)

[originally from svn r4591]
2004-09-29 23:57:03 +00:00
Simon Tatham
05696aabfd Report details in Event Log when receiving SSH2_MSG_CHANNEL_OPEN_FAILURE.
[originally from svn r4589]
2004-09-29 12:38:45 +00:00
Jacob Nevins
57c34f0872 Add `OSU_1.5alpha4' to BUG_CHOKES_ON_SSH1_IGNORE; this is apparently enough to
enable login with this version. (I'd suspected as much -- see ssh.c CVS
log 1.299 [r3359] -- and Geoffrey Hughes has now confirmed this.)

[originally from svn r4566]
[r3359 == d534d4e104]
2004-09-21 21:04:28 +00:00
Jacob Nevins
27193c4bf0 Improved diagnostics in port-forwarding: we now log any error returned by
pfd_addforward() rather than just ignoring it.

[originally from svn r4529]
2004-09-03 13:46:39 +00:00
Jacob Nevins
47997ad904 In SSH-2, list each compression algorithm only once. (No particular reason
for this change, just tidiness.)

[originally from svn r4528]
2004-09-03 12:28:19 +00:00
Simon Tatham
e2cd7e404e More sensible error handling when we receive an SSH1 public key
modulus of zero (!!), and also a robustness fix in ssh1_rdpkt which
I happened to notice while debugging that.

[originally from svn r4516]
2004-08-28 16:51:26 +00:00
Jacob Nevins
1af5523edc Someone complained that their keyboard-interactive password prompt was being
truncated - it was from OpenSSH on HP/UX and had all sorts of stuff in it
("last successful login" etc).

Bodged it by bumping up the space allocated in the fixed array for a password
prompt. Also added an indication that the prompt is being truncated, as
required by draft-ietf-secsh-auth-kbdinteract-06.

(NB that before this checkin, there was a more-or-less harmless buffer overread
where if we ever received a keyboard-interactive prompt with echo=1, we'd
probably spew goo on the terminal; fixed now.)

[originally from svn r4476]
2004-08-17 14:08:05 +00:00
Simon Tatham
f16d8aff82 ssh_free() should not call log_free(); it's for the front end to
decide whether the logctx is finished with or not.

[originally from svn r4452]
2004-08-14 12:24:02 +00:00
Jacob Nevins
f17522be6c Extra logging in SSH-2 port-forwarding. Most obviously, the opening of a
forwarded X11 connection is now logged as well as the closing; but we also
log the peer IP/port in case it's interesting, and log the reason for
refusing to honour a channel open.

[originally from svn r4451]
2004-08-13 01:08:34 +00:00
Jacob Nevins
11f628b075 When using remote forwarding with SSH-1, you'd get bogus 'SSH1 cannot
handle source address spec ":10023"; ignoring' type errors in the
Event Log. The forwarding would go ahead as normal so this is
cosmetic. Fixed.

[originally from svn r4392]
2004-08-03 23:43:07 +00:00
Simon Tatham
4217269931 Merged SSH1 robustness changes from 0.55 release branch on to trunk.
[originally from svn r4379]
2004-08-01 12:07:11 +00:00
Jacob Nevins
20f433efac Add a configuration option for TCP keepalives (SO_KEEPALIVE), default off.
No very good reason, but I've occasionally wanted to frob it to see if it
makes any difference to problems I'm having, and it was easy.

Tested that it does actually cause keepalives on Windows (with tcpdump);
should also work on Unix. Not implemented on Mac (does nothing), but then
neither is TCP_NODELAY.

Quite a big checkin, much of which is adding `keepalive' alongside `nodelay'
in network function calls.

[originally from svn r4309]
2004-06-20 17:07:38 +00:00
Simon Tatham
78dbf5df0e `Authenticating with key' message when using a local key file in
SSH2 was not contained within a test for FLAG_VERBOSE. Thanks to
Paul Gotch for pointing this out.

[originally from svn r4281]
2004-06-15 09:50:05 +00:00
Jacob Nevins
14d9628130 Spotted by Dimitry Andric: `ssh-termspeed' implementation was not taking
account of coroutines and used local variables over a crFoo. I believe the
impact was cosmetic, affecting the speeds reported in the Event Log only.

I've put the variables `ispeed' and `ospeed' in the main ssh_tag structure,
even though they're only live for a short duration; I did this rather than
create a new state struct for ssh1_protocol() (since ssh_tag already has
short-duration junk like portfwd_strptr).

[originally from svn r4272]
2004-06-03 10:36:27 +00:00
Jacob Nevins
3867e5956e In SSH, we now send terminal speeds to the server when requesting a pty
(we didn't before) - `ssh-termspeed'.
In the process, I've removed the individual controls on the Telnet and
Rlogin panels and replaced them with one on the Connection panel (since they
were backed by the same storage anyway).
The terminal speeds sent in SSH are logged in the Event Log.

[originally from svn r4133]
2004-04-24 20:05:03 +00:00
Simon Tatham
a326264500 Two small memory leaks, also noticed by Martin Prikryl.
[originally from svn r3752]
2004-01-21 19:41:34 +00:00
Simon Tatham
b424ea234f Martin Prikryl points out that need_pw may be used uninitialised.
[originally from svn r3751]
2004-01-21 19:33:48 +00:00
Simon Tatham
33a59e78f1 Memory management fixes. Fixed a segfault in SSH1 compression
cleanup noticed by Gerhard Wiesinger, and also fixed some memory
leaks spotted by valgrind while debugging same.

[originally from svn r3726]
2004-01-18 09:14:41 +00:00
Simon Tatham
c53056f95c Joe Yates's memory leak patch was overenthusiastically freeing
things; it called freebn on the DH gex values even if DH gex had not
taken place. Bug was trivially reproducible as a NULL-dereference
segfault by making any SSH2 connection with DH gex disabled. Should
now be fixed.

[originally from svn r3678]
2004-01-01 16:42:48 +00:00
Simon Tatham
7a1eae7ff2 Joe Yates's memory leak patches.
[originally from svn r3650]
2003-12-19 12:44:46 +00:00
Simon Tatham
f9f6763a0e Trivial braino in parsing of the port forwarding config data. Was
causing all port forwardings after the first dynamic one to be
ignored.

[originally from svn r3572]
2003-11-22 14:50:57 +00:00
Jacob Nevins
eebc7529ed Work towards wish `keyfile-diagnostic'. Many sshpubk.c keyfile-loading
functions have sprouted `**errorstr' arguments, which if non-NULL can
return a textual error message. The interface additions are patchy and
ad-hoc since this seemed to suit the style of the existing interfaces.

I've since realised that most of this is masked by sanity-checking that
gets done before these functions are called, but it will at least report
MAC failures and the like (tested on Unix), which was the original point
of the exercise.

Note that not everyone who could be using this information is at the
moment.

[originally from svn r3430]
2003-08-29 22:52:57 +00:00
Jacob Nevins
92db92af5a Control of 'addr' is now handed over to {platform_,}new_connection() and
sk_new() on invocation; these functions become responsible for (eventually)
freeing it. The caller must not do anything with 'addr' after it's been passed
in. (Ick.)

Why:
A SOCKS5 crash appears to have been caused by overzealous freeing of
a SockAddr (ssh.c:1.257 [r2492]), which for proxied connections is
squirreled away long-term (and this can't easily be avoided).

It would have been nice to make a copy of the SockAddr, in case the caller has
a use for it, but one of the implementations (uxnet.c) hides a "struct
addrinfo" in there, and we have no defined way to duplicate those. (None of the
current callers _do_ have a further use for the SockAddr.)

As far as I can tell, everything _except_ proxying only needs addr for the
duration of the call, so sk_addr_free()s immediately. If I'm mistaken, it
should at least be easier to find the offending free()...

[originally from svn r3383]
[r2492 == bdd6633970]
2003-08-07 16:04:33 +00:00
Jacob Nevins
d534d4e104 Add SSH-1 password camouflage bug detection for version OSU_1.4alpha3 of the
OSU VMS SSH server <http://kcgl1.eng.ohio-state.edu/~jonesd/ssh/>.

The changelog appears to indicate that the server was fixed for pwplain1 at
1.5alpha4, and for IGNORE and DEBUG messages at 1.5alpha6. However I'm going
to go on the reports we've had as I haven't tested this; and they indicate
only that 1.5alpha6 is known not to require any bug compatibility modes.

(I wasn't sure whether to add this at all, given that upgrading to version
OSU_1.5alpha6 is an easy way to fix the problem. However, there is precedent
for adding detection for old versions of servers which have since been fixed.)

[originally from svn r3359]
2003-07-12 13:45:21 +00:00
Simon Tatham
d02ea52abc Fix a segfault (non-security-critical - null dereference for
reading) in the zlib code when fed certain kinds of invalid data. As
a result, ssh.c now needs to be prepared for zlib_decompress_block
to return failure.

[originally from svn r3306]
2003-06-26 13:41:30 +00:00
Ben Harris
3006ebf15c Fix a couple of memory leaks pointed out by Adam Bernstein.
[originally from svn r3262]
2003-06-14 18:27:10 +00:00
Jacob Nevins
e955cc77ce Add exceptions for "VShell" to the ssh.com bug compatibility modes (which are
just numbers) in an attempt to fix `vshell-no-bug-compat'.
Not even tested a little bit.

[originally from svn r3219]
2003-05-24 19:03:34 +00:00
Simon Tatham
06e6997a74 Rename crc32() to crc32_compute(), to avoid clashing catastrophically
with the crc32() function in the zlib interface. (Not that PuTTY
itself _uses_ zlib, but on Unix it's linked against libgtk which
uses libpng which uses zlib. And zlib has poor namespace management
so it defines this ridiculously intrusive function name. Arrrrgh.)

[originally from svn r3191]
2003-05-13 18:23:43 +00:00
Ben Harris
ead3dee597 Make ssh_agent_callback() and ssh_agentf_callback() static.
[originally from svn r3182]
2003-05-10 12:54:29 +00:00
Simon Tatham
6bb121ecb9 Colin's const-fixing Patch Of Death. Seems to build fine on Windows
as well as Unix, so it can go in.

[originally from svn r3162]
2003-05-04 14:18:18 +00:00
Simon Tatham
0bfe876b57 Colin's and my fixes to connection_fatal().
[originally from svn r3161]
2003-05-04 14:14:10 +00:00
Simon Tatham
f6a208fbdd First half of `pageant-async' work. agent_query() is now passed a
callback function; it may return 0 to indicate that it doesn't have
an answer _yet_, in which case it will call the callback later on
when it does, or it may return 1 to indicate that it's got an answer
right now. The Windows agent_query() implementation is functionally
unchanged and still synchronous, but the Unix one is async (since
that one was really easy to do via uxsel). ssh.c copes cheerfully
with either return value, so other ports are at liberty to be sync
or async as they choose.

[originally from svn r3153]
2003-04-28 11:41:39 +00:00
Simon Tatham
1f9c9bb00f The new ssh_do_close() function itself causes a segfault if the
connection goes foom before ssh->channels is set up. Oops. Fixed.

[originally from svn r3141]
2003-04-25 17:44:09 +00:00
Simon Tatham
2a0fff2451 Robustness in the face of sudden connection closures: we now make a
credible effort to shut down open forwardings cleanly when the
owning SSH connection terminates abruptly (for whatever reason).

[originally from svn r3137]
2003-04-25 11:48:24 +00:00
Simon Tatham
041dcfd83d Unix makefile now uses -O2, which massively cuts down key exchange
time. This gives rise to a whole bunch of spare warnings, one or two
of which might have been actual bugs; now all resolved.

[originally from svn r3134]
2003-04-23 13:48:09 +00:00
Simon Tatham
717fd50963 Oops; we _do_ need to set dport even when doing dynamic forwarding,
because otherwise the `if (sport && dport)' statement runs the risk
of not working.

[originally from svn r3129]
2003-04-18 09:06:11 +00:00
Simon Tatham
a9c8e035dd Fix obvious foulup in X forwarding: my recent `how did this ever
work' change to port forwarding completely broke it, by failing to
set peeraddr{,len} before reading them. Oops.

[originally from svn r3127]
2003-04-18 09:00:16 +00:00
Simon Tatham
65fab07ad0 Remote-to-local port forwarding in SSH2 was apparently completely
broken! We were expecting the peer address/port in the incoming
packet _before_ the connected address/port, which is just wrong. I
wonder how I managed to mess that up.

[originally from svn r3083]
2003-04-09 11:19:39 +00:00
Simon Tatham
8a3ff2bf3e Dynamic port forwarding by means of a local SOCKS server. Fully
supports SOCKS 4, SOCKS 4A and SOCKS 5 (well, actually IPv6 in SOCKS
5 isn't supported, but it'll be no difficulty once I actually get
round to it). Thanks to Chas Honton for his `stone soup' patch: I
didn't end up actually using any of his code, but it galvanised me
into doing it properly myself :-)

[originally from svn r3055]
2003-04-05 11:45:21 +00:00
Simon Tatham
3bd0415579 Turned the old `Telnet Command' System-submenu into a more general
`Special Command' menu, in which any backend can place its own list
of magical things the user might want to ask the backend to do. In
particular I've implemented the recently proposed "break" extension
in SSH2 using this mechanism.
NB this checkin slightly breaks the Mac build, since it needs to
provide at least a stub form of update_specials_menu().

[originally from svn r3054]
2003-04-04 20:21:05 +00:00
Simon Tatham
09ba8ca111 Make sure the socket is closed properly in the various SSH exit paths.
[originally from svn r3037]
2003-03-31 13:15:51 +00:00
Simon Tatham
b044c350f4 Ahem; fix `bombout' so it passes the correct frontend handle to
connection_fatal().

[originally from svn r3030]
2003-03-31 11:22:30 +00:00
Ben Harris
3e4386d810 In a couple of places, snewn() was being asked for an array of char which was
then assigned to an unsigned char * variabe.  This fixes that.

[originally from svn r3023]
2003-03-29 23:05:36 +00:00
Simon Tatham
d36a4c3685 Introduced wrapper macros snew(), snewn() and sresize() for the
malloc functions, which automatically cast to the same type they're
allocating the size of. Should prevent any future errors involving
mallocing the size of the wrong structure type, and will also make
life easier if we ever need to turn the PuTTY core code from real C
into C++-friendly C. I haven't touched the Mac frontend in this
checkin because I couldn't compile or test it.

[originally from svn r3014]
2003-03-29 16:14:26 +00:00
Simon Tatham
cbb126917f While I'm adding explanatory comments by the coroutine macros, it
occurs to me that would also be a good place to put a copy of the
instructions for disabling Edit and Continue debugging. Nobody
_actually_ reads the README, after all...

[originally from svn r2935]
2003-03-14 21:20:32 +00:00
Simon Tatham
9890c7a57a I've been meaning to get round to this for _ages_: in front of my
coroutine macros, I now include a comment linking to my web article
that explains what they do.

[originally from svn r2902]
2003-03-03 16:35:45 +00:00
Simon Tatham
8aa463b7a1 In merging the username and password input functions I inadvertently
removed the support for control characters in passwords. Replaced.

[originally from svn r2900]
2003-02-28 20:28:03 +00:00
Ben Harris
01105493cc Work around an SC bug that causes it to try to use the same register for
two purposes in s_wrpkt_prepare().  This makes SSH1 work on 68K Macs, at
least until I deactivate the terminal window...

[originally from svn r2876]
2003-02-23 00:13:17 +00:00
Jacob Nevins
2bb23257f2 Fix `ssh2.0.11-keyderive-nonbug' on the strength of Ben's analysis.
Not tested it myself.

[originally from svn r2861]
2003-02-18 20:10:24 +00:00
Simon Tatham
be9718cb13 Add another bug workaround, this one for old OpenSSH (<2.3) servers
which have a strange idea of what data should be signed in a PK auth
request. This actually got in my way while doing serious things at
work! :-)

[originally from svn r2800]
2003-02-04 13:02:51 +00:00
Simon Tatham
b83b9fad77 Further fallout from the introduction of the Filename type. (Memo to
self: if you change the type of a variable and everything compiles
without type-checking errors, that doesn't mean it's all fixed,
because variadic functions aren't type-checked! Oops.)

[originally from svn r2799]
2003-02-04 13:00:54 +00:00
Simon Tatham
bd16b29a7a Oops, Ben is quite right about the rather appalling design of
filename_from_str. Here's a better fix, with some const
repercussions too.

[originally from svn r2768]
2003-02-01 17:24:27 +00:00
Simon Tatham
f26b7aa0d3 Created new data types Filename' and FontSpec', intended to be
opaque to all platform-independent modules and only handled within
per-platform code. `Filename' is there because the Mac has a magic
way to store filenames (though currently this checkin doesn't
support it!); `FontSpec' is there so that all the auxiliary stuff
such as font height and charset and so on which is needed under
Windows but not Unix can be kept where it belongs, and so that I can
have a hope in hell of dealing with a font chooser in the forthcoming
cross-platform config box code, and best of all it gets the horrid
font height wart out of settings.c and into the Windows code where
it should be.
The Mac part of this checkin is a bunch of random guesses which will
probably not quite compile, but which look roughly right to me.
Sorry if I screwed it up, Ben :-)

[originally from svn r2765]
2003-02-01 12:54:40 +00:00
Simon Tatham
6aa4211f6e Remove all `enum'-typed variables from the Config structure.
Everything in there which is integral is now an actual int, which
means my forthcoming revamp of the config box will be able to work
with `int *' pointers without fear of doom.

[originally from svn r2733]
2003-01-27 18:02:24 +00:00
Ben Harris
eaf6cce661 Remove stray debugging code that got in with the last commit.
[originally from svn r2650]
2003-01-18 22:02:22 +00:00
Ben Harris
35f3ef5cc9 Clear kex_ctx in a new session so we can safely free an ssh session without
one.

[originally from svn r2649]
2003-01-18 21:56:33 +00:00
Ben Harris
694aafa071 Add the ability to close sessions. This adds *_free() functions to most
areas of the code.  Not all back-ends have been tested, but Telnet and SSH
behave reasonably.

Incidentally, almost all of this patch was written through Mac PuTTY,
admittedly over a Telnet connection.

[originally from svn r2615]
2003-01-15 23:30:21 +00:00
Simon Tatham
952857fca3 proxy.c now no longer refers to `cfg'. Instead, each of the three
proxy-indirection network functions (name_lookup, new_connection,
new_listener) takes a `const Config *' as an argument, and extracts
enough information from it before returning to handle that
particular network operation in accordance with the proxy settings
it specifies. This involved {win,ux}net.c due to a `const'
repercussion.

[originally from svn r2567]
2003-01-12 15:26:10 +00:00
Simon Tatham
5ecbac2441 There's no real need for portfwd.c to reference `cfg' directly, when
it only needs one item from it and that can easily be passed in from
the call site in ssh.c.

[originally from svn r2564]
2003-01-12 14:56:19 +00:00
Simon Tatham
f49c8c5a07 The back ends now contain their own copies of the Config structure,
and have a function to pass in a new one. (Well, actually several
back ends don't actually bother to do this because they need nothing
out of Config after the initial setup phase, but they could if they
wanted to.)

[originally from svn r2561]
2003-01-12 14:48:29 +00:00
Simon Tatham
fee1624c69 Support for XDM-AUTHORIZATION-1 at the SSH server end, making use of
the remote IP/port data provided by the server for forwarded
connections. Disabled by default, since it's incompatible with SSH2,
probably incompatible with some X clients, and tickles a bug in
at least one version of OpenSSH.

[originally from svn r2554]
2003-01-12 14:11:38 +00:00
Simon Tatham
ee54789b25 Yet _another_ `received data for nonexistent channel' bug. This time
it was because we received WINDOW_ADJUST on a channel we'd already
sent CLOSE on, and reflexively attempted to continue sending the
buffered data in response. Should now be fixed.

[originally from svn r2539]
2003-01-11 10:05:29 +00:00
Simon Tatham
86977efa81 Introduce framework for authenticating with the local X server.
Windows and Mac backends have acquired auth-finding functions which
do nothing; Unix backend has acquired one which actually works, so
Plink can now do X forwarding believably.
(This checkin stretches into some unlikely parts of the code because
there have been one or two knock-on effects involving `const'. Bah.)

[originally from svn r2536]
2003-01-10 18:33:35 +00:00
Simon Tatham
10c1d43ac6 Yikes! Forgot to zero the password after SSH2 PW authentication.
[originally from svn r2512]
2003-01-09 17:33:49 +00:00
Ben Harris
40493b20ea Use '\012' as the end of the SSH banner line, not '\n'.
Mac compilers default to making '\n' == '\015'.

[originally from svn r2493]
2003-01-07 23:05:12 +00:00
Ben Harris
bdd6633970 Initialise the "protocol" field of a new ssh_tag to NULL so Bad Things don't
happen if we try to type things before the SSH banner has been received.

[originally from svn r2492]
2003-01-07 22:45:12 +00:00
Ben Harris
88b1506298 Make ssh1_pkt_type(), ssh2_pkt_type, logeventf(), setup_userpass_input(),
process_userpass_input(), and ssh_unthrottle() static, since they're not
referenced outside this file.

[originally from svn r2475]
2003-01-05 23:01:43 +00:00
Ben Harris
3f055f22d8 Move x11fwd and portfwd prototypes from ssh.c into ssh.h so they can be seen
by (and checked against) the definitions.

[originally from svn r2474]
2003-01-05 22:53:23 +00:00
Ben Harris
7c37547df8 Deal with "possible unintended assignment" warnings.
[originally from svn r2461]
2003-01-05 13:46:13 +00:00
Ben Harris
b91ae87c78 Attack char * vs unsigned char * conversions. In most cases, I've just
gone for replacing the implicit casts with explicit ones.  Where there was
something obviously better that I could do, I've done it, though.

[originally from svn r2460]
2003-01-05 13:43:02 +00:00
Simon Tatham
368ead15bc Propagate the screen number from a local X display to the remote
forwarded one. Fixes `x11-default-screen'.

[originally from svn r2418]
2003-01-02 10:41:22 +00:00
Simon Tatham
6c34f06a71 Move the stderr output of event log messages in verbose mode to the
general logging module rather than localising it in ssh.c. This
means it should work in other protocols as well (notably Telnet,
where it might actually be useful for debugging negotiations).

[originally from svn r2360]
2002-12-19 14:24:28 +00:00
Simon Tatham
7f7e3f539c logeventf() shouldn't throw stuff at stderr, since it invokes the
ssh.c logevent _macro_ which has already done so! Duhh.

[originally from svn r2356]
2002-12-19 11:51:42 +00:00
Simon Tatham
a564ad3140 Support for doing DNS at the proxy end. I've invented a new type of
SockAddr, which just contains an unresolved hostname and is created
by a stub function in *net.c. It's an error to pass this to most of
the real-meat functions in *net.c; these fake addresses should have
been dealt with by the time they get down that far. proxy.c now
contains name_lookup(), a wrapper on sk_namelookup() which decides
whether or not to do real DNS, and the individual proxy
implementations each deal sensibly with being handed an unresolved
address and avoid ever passing one down to *net.c.

[originally from svn r2353]
2002-12-18 16:23:11 +00:00
Simon Tatham
99b870dbc6 Implement `portfwd-loopback-choice'. Works on local side in Unix as
well, though it's a lot less useful since you still can't bind to
low-numbered ports of odd loopback IPs. Should work in principle for
SSH2 remote forwardings as well as local ones, but OpenSSH seems
unwilling to cooperate.

[originally from svn r2344]
2002-12-18 11:39:25 +00:00
Simon Tatham
8cb52a26e1 BUG_SSH2_DERIVEKEY is apparently only present in SSH 2.0.11 and
before, not in 2.0.13. Verified on at least one host. Fixes bug
`ssh2-keyderive-nonbug'.

[originally from svn r2342]
2002-12-18 10:06:38 +00:00
Simon Tatham
29b0705961 logeventf()'s first argument is ssh, not ssh->frontend! This is what
I get for making the latter a `void *' - type checking deserts me in
my hour of need. Should fix Andrey Borzenkov's bug.

[originally from svn r2340]
2002-12-18 09:47:20 +00:00
Jacob Nevins
4ffd0ca9d1 Modify bug-compatibility checks to use wildcards. Should have exactly the
same behaviour as before (tested a little bit), but should be easier to
expand.
(This is the easy bit -- work still needs to be done to fix
ssh2-keyderive-nonbug, vshell-no-bug-compat, etc -- but should be easier
now.)

[originally from svn r2293]
2002-12-08 16:54:31 +00:00
Simon Tatham
75ebfa28f0 Interchange two parameters in a printf, to prevent a silly segfault.
[originally from svn r2235]
2002-11-20 19:56:10 +00:00
Simon Tatham
7c95ea19c8 Robustness fixes for KEXINIT handling and others. In particular, I've
created a self-mallocing variant of sprintf, to obviate any future
need for paranoid %.100s type stuff in format strings.

[originally from svn r2199]
2002-11-07 19:49:03 +00:00
Simon Tatham
63f793b965 valgrind has caught two more uninitialised elements in the SSH
context structure. I knew the Unix port would be a good idea!

[originally from svn r2173]
2002-11-01 12:59:09 +00:00
Simon Tatham
a5da5adc07 Move an output newline to make username entry in Plink/SSH2 look
more sensible.

[originally from svn r2168]
2002-11-01 12:53:45 +00:00
Simon Tatham
2e25b715e3 Pass int rather than char to va_arg (the latter gets promoted).
[originally from svn r2167]
2002-11-01 12:53:10 +00:00
Simon Tatham
52bdffbfe0 More preparatory work: remove the <windows.h> include from lots of
source files in which it's no longer required (it was previously
required in anything that included <putty.h>, but not any more).
Also moved a couple of stray bits of exposed WinSock back into
winnet.c (getservbyname from ssh.c and AF_INET from proxy.c).

[originally from svn r2160]
2002-10-30 17:57:31 +00:00
Simon Tatham
ce677ce258 Yikes - put back a #include I accidentally removed two revs ago!
That'd have been embarrassing. Mind you I'd like to remove this
particular #include for good anyway, but the time is not now...

[originally from svn r2158]
2002-10-29 16:54:09 +00:00
Simon Tatham
1c80391e61 Hmm. Probably best initialise mainchan as well; oops.
[originally from svn r2157]
2002-10-29 14:41:10 +00:00
Simon Tatham
7e4f9e1af0 Try actually initialising ssh->v1_compressing. With any luck this
will be what was causing Owen's crash report today.

[originally from svn r2156]
2002-10-29 13:05:20 +00:00
Simon Tatham
4756c15fc9 Yet more global-removal. The static variables in logging.c are now
absent, and also (I think) all the frontend request functions (such
as request_resize) take a context pointer, so that multiple windows
can be handled sensibly. I wouldn't swear to this, but I _think_
that only leaves the Unicode stuff as the last stubborn holdout.

[originally from svn r2147]
2002-10-26 12:58:13 +00:00
Simon Tatham
ae09bf1c95 X forwarding authentication is now invented on a per-SSH-connection
basis, so the statics are gone from x11fwd.c.

[originally from svn r2145]
2002-10-26 11:23:15 +00:00
Simon Tatham
948f95d5e8 Reorganised the Unicode layer somewhat: moved luni_send and
lpage_send out into the line discipline, making them _clients_ of
the Unicode layer rather than part of it. This means they can access
ldisc->term, which in turn means I've been able to remove the
temporary global variable `term'. We're slowly getting there.

[originally from svn r2143]
2002-10-26 11:08:59 +00:00
Simon Tatham
24530b945e Port forwarding module now passes backend handles around properly.
As a result I've now been able to turn the global variables `back'
and `backhandle' into module-level statics in the individual front
ends. Now _that's_ progress!

[originally from svn r2142]
2002-10-26 10:33:59 +00:00
Simon Tatham
0b2523eeda Line discipline module now uses dynamically allocated data. Also
fixed one or two other minor problems.

[originally from svn r2141]
2002-10-26 10:16:19 +00:00
Simon Tatham
5df8e45c2e The Zlib module now uses dynamically allocated contexts. I think
that completes the static-removal in the crypto library. Ooh.

[originally from svn r2136]
2002-10-25 13:26:33 +00:00
Simon Tatham
db7196c174 Diffie-Hellman key exchange now uses a dynamically allocated context.
[originally from svn r2135]
2002-10-25 13:08:01 +00:00
Simon Tatham
107d1d875d SSH CRC attack detector now uses a dynamically allocated context.
[originally from svn r2132]
2002-10-25 12:58:21 +00:00
Simon Tatham
8f91f07599 SSH2 MACs now use dynamically allocated contexts.
[originally from svn r2131]
2002-10-25 12:51:28 +00:00
Simon Tatham
9848062b86 SSH ciphers now use dynamically allocated contexts.
[originally from svn r2130]
2002-10-25 12:35:22 +00:00
Simon Tatham
72ff571148 Major destabilisation, phase 2. This time it's the backends' turn:
each backend now stores all its internal variables in a big struct,
and each backend function gets a pointer to this struct passed to
it. This still isn't the end of the work - lots of subsidiary things
still use globals, notably all the cipher and compressor modules and
the X11 forwarding authentication stuff. But ssh.c itself has now
been transformed, and that was the really painful bit, so from here
on it all ought to be a sequence of much smaller and simpler pieces
of work.

[originally from svn r2127]
2002-10-25 11:30:33 +00:00
Jacob Nevins
771b0299c3 Fixes for (Backend)->size() changes -- internal declarations didn't include
new arguments and neither did internal calls.

[originally from svn r2119]
2002-10-23 14:03:11 +00:00
Simon Tatham
a9bd716df8 Cleanups from yesterday's destabilisation: lots of stuff in
terminal.c was apparently relying on implicit initialisation to
zero, and also I've removed the backends' dependency on terminal.h
by having terminal sizes explicitly passed in to back->size().

[originally from svn r2117]
2002-10-23 12:41:35 +00:00
Simon Tatham
0a80c983e2 Major destabilisation, phase 1. In this phase I've moved (I think)
all the global and function-static variables out of terminal.c into
a dynamically allocated data structure. Note that this does not yet
confer the ability to run more than one of them in the same process,
because other things (the line discipline, the back end) are still
global, and also in particular the address of the dynamically
allocated terminal-data structure is held in a global variable
`term'. But what I've got here represents a reasonable stopping
point at which to check things in. In _theory_ this should all still
work happily, on both Unix and Windows. In practice, who knows?

[originally from svn r2115]
2002-10-22 16:11:33 +00:00
Simon Tatham
ace232f5fa Remove last vestiges of `buggymac' in the Config structure. Might
have been cause of a Plink bug since it no longer got initialised.

[originally from svn r1986]
2002-10-01 18:30:15 +00:00
Simon Tatham
a394f20829 Add a new SSH2 bug: some servers apparently claim to be able to do
DH group exchange, but choke when you actually try it. Never
automatically enabled; manual control only.

[originally from svn r1982]
2002-09-26 18:37:33 +00:00
Simon Tatham
30e159d112 Be proactively pedantic about channel-close irregularities: we no
longer just sit there like a lemon if we can't find the channel in
question, we bomb out and complain. With any luck, remaining
problems of this type should be easier to catch under this policy.

[originally from svn r1962]
2002-09-15 13:31:11 +00:00
Simon Tatham
9b69e1b8aa Improvements to SSH1 channel close handling: track sending and
receiving of CLOSE and CLOSE_CONFIRMATION separately rather than
taking short cuts. I believe ssh-1.2.33 sending CLOSE_CONFIRMATION
before CLOSE was causing the remaining incidences of bug
`nonexistent-channel'. (ssh-1.2.33 appears to have unilaterally
decreed that CLOSE and CLOSE_CONFIRMATION are respectively renamed
INPUT_EOF and OUTPUT_CLOSING, hence there is no longer an ordering
constraint on them. Bah.)

[originally from svn r1961]
2002-09-15 13:24:00 +00:00
Jacob Nevins
9f9739602b Semi-bug "long-usernames":
Bump username storage from 32 to 100 chars. Also replaced a couple of magic
numbers with sizeof in ssh.c.
I don't believe this is going to startle any of the protocols PuTTY talks.

[originally from svn r1952]
2002-09-12 16:05:05 +00:00
Simon Tatham
3391745d2d Introduce the Bugs control panel, for overriding PuTTY's server
version number checks to determine the presence or absence of server
bugs.

[originally from svn r1936]
2002-09-08 13:28:38 +00:00
Simon Tatham
b15be34edf Increase length limit on SSH1_MSG_DEBUG; 70 chars is short enough to
lose vital information in some existing servers' messages.

[originally from svn r1932]
2002-09-07 12:27:13 +00:00
Simon Tatham
c24016e0da Add BUG_SSH2_DERIVEKEY, present (according to OpenSSH) in ssh.com
versions 2.0.*, and causing the shared secret not to be included in
key derivation hashes. (This doesn't quite cause a blatant security
hole because the session ID - _derived_ from the shared secret - is
still included.)

[originally from svn r1853]
2002-08-18 09:27:15 +00:00
Simon Tatham
67cb02d03d In SSH2, if decrypting the packet length gave us a negative value,
subsequent packet-receiver code would fail to notice anything was
wrong and segfault. Since this is clearly a silly packet length
anyway, we now explicitly reject it as a daft encryption error.

[originally from svn r1852]
2002-08-18 09:10:17 +00:00
Simon Tatham
4b64ea9db9 Final fixes to keyboard-interactive so it now works with packets
containing more than one prompt instead of less than one, and also
correctly enables echo on prompts that the server requests it for.
In the process I've moved the whole username/password input routine
out into its own function, where it's called independently of which
SSH protocol we're using, so this should even have _saved_ code
size. Rock!

[originally from svn r1830]
2002-08-11 13:02:01 +00:00
Simon Tatham
5ac941933a Oops. Didn't quite get the new SSH protocol selection code right. *blush*
[originally from svn r1818]
2002-08-07 17:57:06 +00:00
Simon Tatham
6e00685af0 Add an option to force SSH1 protocol only. Partly for symmetry;
mostly because I'm about to want it for the -1 command line option.

[originally from svn r1816]
2002-08-07 17:48:26 +00:00
Simon Tatham
118fc8c81e Revamp of command-line handling. Most command line options should
now be processed in cmdline.c, which is called from all utilities
(well, not Pageant or PuTTYgen). This should mean we get to
standardise almost all options across almost all tools. Also one
major change: `-load' is now the preferred option for loading a
saved session in PuTTY proper. `@session' still works but is
deprecated.

[originally from svn r1799]
2002-08-04 21:18:56 +00:00
Simon Tatham
949cecd569 Fix culpable lack of generality in keyboard-interactive
authentication: a k-i request packet can contain any number of auth
prompts (including zero!) and we must ask the user all of them and
send back a packet containing the same number of responses. FreeBSD
systems were sending a zero-prompts packet which was crashing us;
this now appears fixed (we correctly return a zero-responses packet)
but I haven't tested a multiple-prompts packet because I can't
immediately think of a server that generates them.

[originally from svn r1797]
2002-08-03 16:22:55 +00:00
Simon Tatham
3f8d151c5a One of the recent port forwarding crash reports contained details
which suggested bufchain_prefix() was finding an improperly
initialised bufchain structure. Looking at the code, this may indeed
have been able to happen, since the bufchain in a SOCKDATA_DORMANT
channel was not initialised until CHANNEL_OPEN_CONFIRMATION was
received. This seems utterly daft, so I now call bufchain_init()
when the channel structure is actually created. With any luck the
crash will mystically disappear now (I wasn't able to reproduce it
myself).

[originally from svn r1735]
2002-06-15 16:52:35 +00:00
Simon Tatham
858441ba81 Workaround for the SSH2 RSA padding bug in OpenSSH 2.5 - 3.2
inclusive. Padding is accomplished by rewriting the signature blob
rather than at the point of generation, in order to avoid having to
move part of the workaround into Pageant (and having to corrupt the
agent wire protocol to allow PuTTY to specify whether it wants its
signatures padded!).

[originally from svn r1708]
2002-05-31 17:39:16 +00:00
Simon Tatham
8cdae4f73b ieof-for-nonexistent-channel problem: avoid comparing an unsigned with -1
[originally from svn r1686]
2002-05-17 12:33:20 +00:00
Owen Dunn
c71432cb86 SSH2 only support
[originally from svn r1664]
2002-05-11 13:08:37 +00:00
Simon Tatham
8c3a0eb50b Improved error messages if you use the wrong key type: you should
now be told that the key is the wrong type, _and_ what type it is,
rather than being given a blanket `unable to read key file' message.

[originally from svn r1662]
2002-05-11 12:13:42 +00:00
Simon Tatham
17af65c78c Remember to wait for SSH1_MSG_SUCCESS after enabling remote port
forwardings in SSH1. Was causing several MSG_SUCCESS to be queued up
unread, which was wrong-but-benign in most cases but caused a hard
crash with compression enabled (one of those uncompressed
MSG_SUCCESSes was fed to the zlib decompressor with spectacular
results).

[originally from svn r1609]
2002-03-27 21:58:11 +00:00
Simon Tatham
e40f043ff8 Matt Harden's (modified) patch to do getservbyname() lookups on port-
forwarding port numbers.

[originally from svn r1608]
2002-03-27 21:43:37 +00:00
Simon Tatham
36d125e1d7 Attempt to ensure that everything passed to connection_fatal() is
also logged to the Event Log, so that it's easy to cut-and-paste the
error message afterwards.

[originally from svn r1599]
2002-03-23 18:04:27 +00:00
Simon Tatham
eabd704d1e Justin Bradford's proxy support patch. Currently supports only HTTP
CONNECT, but contains an extensible framework to allow other
proxies. Apparently SOCKS and ad-hoc-telnet-proxy are already
planned (the GUI mentions them already even though they don't work
yet). GUI includes full configurability and allows definition of
exclusion zones. Rock and roll.

[originally from svn r1598]
2002-03-23 17:47:21 +00:00
Simon Tatham
869989e7e6 Pedantic little patch to ensure blank usernames work vaguely as
expected, in case anyone really wants to use one

[originally from svn r1596]
2002-03-20 22:34:00 +00:00
Simon Tatham
dac0d45699 Ensure our network layer is properly cleaned up before PuTTY exits.
Specifically, we explicitly closesocket() all open sockets, which
appears to be necessary since otherwise Windows sends RST rather
than FIN. I'm _sure_ that's a Windows bug, but there we go.

[originally from svn r1574]
2002-03-06 20:13:22 +00:00
Simon Tatham
ae7c314f33 Set SSH socket variable to NULL if connect() fails. Failure to do
this was causing PSCP to hang indefinitely after reporting
Connection Refused.

[originally from svn r1569]
2002-02-27 22:45:52 +00:00
Simon Tatham
84c3ece865 Cisco routers apparently have yet another bug: they can't handle RSA
auth attempts at all without panicking and bombing out. Workaround
added.

[originally from svn r1568]
2002-02-27 22:41:31 +00:00
Simon Tatham
e6cc16b8b2 Add support for sending SSH2_MSG_UNIMPLEMENTED for unrecognised
messages; also do something with the debugging messages sent as
SSH2_MSG_DEBUG.

[originally from svn r1544]
2002-01-10 19:50:53 +00:00
Simon Tatham
46803abdbe Support SSH2_MSG_GLOBAL_REQUEST (just return failure)
[originally from svn r1542]
2002-01-10 16:42:17 +00:00
Simon Tatham
cf8190f637 Extra safety feature to avoid sending SSH2_MSG_WINDOW_ADJUST on
a nonexistent channel. I don't quite know why this was happening,
but whatever it was this ought to fix it.

[originally from svn r1540]
2002-01-10 13:29:43 +00:00
Simon Tatham
d237773599 Add the CRC32 compensation attack detector that all other SSH
clients have had for ages and I forgot about. Of course I've got the
version with the buffer overflow fixed!

[originally from svn r1535]
2002-01-08 11:57:32 +00:00
Simon Tatham
ccf9a051ca I have no brain at all. The SSH1 auth loop was trying all Pageant
keys before _every_ other authentication; so if you tried a local
pubkey _and_ a password, for example, you'd also try Pageant twice.
Now fixed.

[originally from svn r1524]
2001-12-30 16:27:07 +00:00
Simon Tatham
2ce502eae2 PuTTY can now detect when one of the Pageant keys it tries matches
the private key file given in the config; if it spots this then it
avoids trying it again (and in particular avoids needing to ask for
the passphrase when it knows perfectly well it won't work).

[originally from svn r1523]
2001-12-30 16:20:31 +00:00
Simon Tatham
ef885c78ca Add a new back-end function to return the exit code of the remote
process. This is functional in SSH, and vestigial (just returns 0)
in the other three protocols. Plink's Windows exit code is now
determined by the remote process exit code, which should make it
more usable in scripting applications. Tested in both SSH1 and SSH2.

[originally from svn r1518]
2001-12-29 15:31:42 +00:00
Simon Tatham
88a3baa065 Add the remote counterpart for the `local port forwardings accept
connections from outside localhost' switch. Interestingly OpenSSH
3.0 appears to ignore this (though I know it works because ssh.com
3.0 gets it right, and the SSH packet dump agrees that I'm doing the
right thing).

[originally from svn r1496]
2001-12-15 12:15:24 +00:00
Simon Tatham
3ed0d44f16 Retired the #ifdef DUMP_PACKETS stuff in ssh.c because I'm utterly
sick of recompiling to enable packet dumps. SSH packet dumping is
now provided as a logging option, and dumps to putty.log like all
the other logging options. While I'm at it I cleaned up the format
so that packet types are translated into strings for easy browsing.
POSSIBLE SIDE EFFECT: in the course of this work I had to re-enable
the SSH1 packet length checks which it turns out hadn't actually
been active for some time, so it's possible things might break as a
result. If need be I can always disable those checks for the 0.52
release and think about it more carefully later.

[originally from svn r1493]
2001-12-14 14:57:50 +00:00
Simon Tatham
7983d2dd28 Disable username switching between SSH2 auth attempts, and add a
configurable option so users can re-enable the feature _if_ they
know they have an SSH2 server that isn't going to get shirty about
it. Inspired by a spectacular increase in OpenSSH's shirtiness.

[originally from svn r1474]
2001-12-11 21:00:01 +00:00