1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 09:12:24 +00:00
Commit Graph

77 Commits

Author SHA1 Message Date
Simon Tatham
8581676ee9 Dedicated routines for poly1305 arithmetic.
Rather than doing arithmetic mod 2^130-5 using the general-purpose
Bignum library, which requires lots of mallocs and frees per operation
and also uses a general-purpose divide routine for each modular
reduction, we now have some dedicated routines in sshccp.c to do
arithmetic mod 2^130-5 in a more efficient way, and hopefully also
with data-independent performance.

Because PuTTY's target platforms don't all use the same size of bignum
component, I've arranged to auto-generate the arithmetic functions
using a Python script living in the 'contrib' directory. As and when
we need to support an extra BignumInt size, that script should still
be around to re-run with different arguments.
2015-06-07 13:50:05 +01:00
Simon Tatham
e222db14ff Commit my replacement Windows I-beam mouse pointer.
Installing this systemwide as the Windows text selection cursor is a
workaround for 'black-pointer'. It's a white I-beam with a one-pixel
black outline around it, so it should be visible on any background
colour. (I suppose that a backdrop of tightly packed I-beams looking
just like it might successfully hide it, but that's unlikely :-)

I constructed this some years ago for personal use; I needed it again
this week and had to go and recover it from a backup of a defunct
system, which made me think I really ought to check it in somewhere,
and this 'contrib' directory seems like the ideal place.
2015-05-28 18:14:14 +01:00
Simon Tatham
12d5b00d62 New 'contrib' tool: a script for faking initial KEX.
encodelib.py is a Python library which implements some handy SSH-2
encoding primitives; samplekex.py uses that to fabricate the start of
an SSH connection, up to the point where key exchange totally fails
its crypto.

The idea is that you adapt samplekex.py to construct initial-kex
sequences with particular properties, in order to test robustness and
security fixes that affect the initial-kex sequence. For example, I
used an adaptation of this to test the Diffie-Hellman range check
that's just gone into 0.64.
2015-02-28 07:58:29 +00:00
Jacob Nevins
d89fdf65a7 Merge branch 'pre-0.64' 2015-02-24 10:37:53 +00:00
Jacob Nevins
56a42d09d4 Make kh2reg.py compatible with modern Python.
Bare string exceptions aren't supported any more.
Patch by Will Aoki, plus a backward compatibility tweak from Colin Watson.
Seen working with Python 2.4.3 and 2.7.6.
2015-02-24 10:30:18 +00:00
Chris Staite
2bf8688355 Elliptic-curve cryptography support.
This provides support for ECDSA public keys, for both hosts and users,
and also ECDH key exchange. Supported curves are currently just the
three NIST curves required by RFC 5656.
2014-11-02 18:16:54 +00:00
Simon Tatham
4d8782e74f Rework versioning system to not depend on Subversion.
I've shifted away from using the SVN revision number as a monotonic
version identifier (replacing it in the Windows version resource with
a count of days since an arbitrary epoch), and I've removed all uses
of SVN keyword expansion (replacing them with version information
written out by Buildscr).

While I'm at it, I've done a major rewrite of the affected code which
centralises all the computation of the assorted version numbers and
strings into Buildscr, so that they're all more or less alongside each
other rather than scattered across multiple source files.

I've also retired the MD5-based manifest file system. A long time ago,
it seemed like a good idea to arrange that binaries of PuTTY would
automatically cease to identify themselves as a particular upstream
version number if any changes were made to the source code, so that if
someone made a local tweak and distributed the result then I wouldn't
get blamed for the results. Since then I've decided the whole idea is
more trouble than it's worth, so now distribution tarballs will have
version information baked in and people can just cope with that.

[originally from svn r10262]
2014-09-24 10:33:13 +00:00
Simon Tatham
1472aa2a26 Fix SSH2_MSG_CHANNEL_EXTENDED_DATA in logparse.
It looks as if it's never worked at all: it had a spurious second
printf, it completely forgot to allow for the uint32 type code that
SSH2_MSG_CHANNEL_DATA doesn't have, it accessed the channel state's
sequence number fields in a way that made no sense and didn't match
the rest of the program, *and* it misinvoked the file opening API. I
must have never had an occasion to test it.

[originally from svn r10037]
2013-09-07 16:15:11 +00:00
Simon Tatham
b6668d263f Make logparse handle completely bogus channel numbers.
Previously it would throw a bunch of Perl undefined-variable-usage
warnings; now it cleanly detects the problem, dumps as much of the
message as it still reasonably can, and doesn't update any channel
states.

[originally from svn r10036]
2013-09-07 16:15:10 +00:00
Simon Tatham
ddfca43402 Fix a controlling-terminal bug reported by Anthony Heading: Cygwin
doesn't have TIOCSCTTY, so my attempt to set the ctty of the child
process isn't doing anything, and only works by chance when you run
bash because bash does the thing that _will_ set the ctty, namely
opening the terminal file again without O_NOCTTY. So now we do that
too.

[originally from svn r9638]
2012-08-28 17:42:47 +00:00
Ben Harris
1c4eac5fa3 Add some kind of window tracking to logparse.pl.
[originally from svn r9618]
2012-08-25 14:34:20 +00:00
Ben Harris
8387897d90 Fix matching of channel and global requests with replies in logparse.pl.
In each case, want_reply was being treated as true even when it wasn't,
because it got decoded into "yes"/"no", both of which are true in
Perl.

[originally from svn r9617]
2012-08-25 13:54:56 +00:00
Simon Tatham
f796f2d2d3 Enhance logparse.pl so that it detects channels running SFTP and
decodes the SFTP message layer in addition to the underlying SSH.
Requests and responses are matched up via their ids.

[originally from svn r9612]
2012-08-22 18:25:28 +00:00
Simon Tatham
615455a913 Fix a bug in cygtermd, spotted by Casey Zacek, in which we
unconditionally set the telnet state to SEENCR regardless of whether
we have actually seen a CR, and as a result sending a NUL through
PuTTY (via Ctrl-Space or whatever) does not work. Must have arisen
through some kind of really weird cut-and-paste error!

[originally from svn r9545]
2012-06-01 06:50:37 +00:00
Simon Tatham
03cc84d3f3 Fix trivial Perl goof in logparse.pl which caused
SSH2_MSG_CHANNEL_FAILURE to be reported as replying to
ARRAY(0xrubbish) instead of to a message number.

[originally from svn r9472]
2012-04-30 17:28:28 +00:00
Simon Tatham
5c743effc0 Fix a Perl warning about useless use of a constant in void context.
[originally from svn r9458]
2012-04-16 18:21:31 +00:00
Simon Tatham
76cdb3f523 New utility script to parse an SSH packet dump and write out an
interpretation with some analysis done on it. The script will do its
own tracking of the set of open channels and their states, and its
output is in a one-line-per-packet format such that every distinct
channel has a unique identifier in it which should make it easy to
grep out all lines relating to that channel. The script also matches
up {CHANNEL,REQUEST}_{SUCCESS,FAILURE} to the requests that caused
them, by tracking a queue of requests in each direction per channel
and for global requests. Command-line options permit generating a
final dump of all channels ever known to the script and their various
ids and final state, and also dumping out the data transferred over
each channel in each direction.

Output is not complete, in the sense that some parameters in some
messages (e.g. pixel sizes in window-size specifications) are
deliberately omitted due to being boring, and the entire contents of
some messages (e.g. KEXINIT) are omitted because I haven't yet seen
any purpose in decoding them. Filling them in might be a useful thing,
although I'm inclined to think that the default should still be to
show only the potentially interesting stuff (e.g. still not pixel
sizes!) and enable the rest using a -v option.

Hopefully this should do a lot of the legwork in debugging issues in
which a channel mysteriously remains partially open and prevents PuTTY
closing.

[originally from svn r9457]
2012-04-14 17:24:12 +00:00
Simon Tatham
b642aa086a Add a directory 'contrib/cygtermd', containing the source code for my
hacky helper program to let PuTTY act as a local pterm-oid on
Cygwin-enabled Windows systems.

[originally from svn r9191]
2011-07-10 14:22:32 +00:00
Jacob Nevins
8b88d653de Ansgar Wiechers points out that known_hosts (at least OpenSSH's) has grown a
means of specifying port numbers, so we should support that.

[originally from svn r8519]
2009-04-26 23:44:28 +00:00
Jacob Nevins
54c3773c91 Discard hashed hostnames from input.
[originally from svn r8518]
2009-04-26 23:03:02 +00:00
Jacob Nevins
5aa719d16e Consistently use a single notation to refer to SSH protocol versions, as
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>

[originally from svn r5480]
2005-03-10 16:36:05 +00:00
Jacob Nevins
7bc5b64c20 Fix usage comments
[originally from svn r3519]
2003-10-21 13:26:12 +00:00
Jacob Nevins
a90f643907 Add `--unix' mode to generate ~/.putty/sshhostkeys from known_hosts.
(should now be called `kh2putty.py')

[originally from svn r3508]
2003-10-14 23:23:28 +00:00
Jacob Nevins
e322770ab5 This script has been unnecessary for some time; since the config box revamp,
accelerator clashes have been checked for at run-time.

[originally from svn r3053]
2003-04-04 11:22:14 +00:00
Jacob Nevins
25d65cd5b5 accel.pl knows about the accelerators added by winctrls.c:prefslist().
(I'm amazed this still works...)

[originally from svn r2675]
2003-01-21 21:05:35 +00:00
Jacob Nevins
a2a2668458 Slightly less grotty script to convert OpenSSH known_hosts and known_hosts2
host key files to .REG files for Windows.
(renamed from 'hosts2reg' because of 8.3 considerations)

[originally from svn r1586]
2002-03-10 22:00:06 +00:00
Jacob Nevins
6bcc8e85e8 Grotty script to sanity-check the accelerator keys in windlg.c.
(private RCS rev 1.4)

[originally from svn r1585]
2002-03-10 21:56:55 +00:00