mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-09 17:38:00 +00:00
ce1774282c
This is a piece I forgot in the initial implementation of HTTP Digest: an HTTP server can send _more than one_ authentication request header (WWW-Authenticate for normal servers, Proxy-Authenticate for proxies), and if it does, they're supposed to be treated as alternatives to each other, so that the client chooses one to reply to. I suppose that technically we were 'complying' with that spec already, in that HttpProxyNegotiator would have read each new header and overwritten all the fields set by the previous one, so we'd always have gone with the last header presented by the server. But that seems inelegant: better to choose the one we actually like best. So now we do that. All the details of an auth header are moved out of the main HttpProxyNegotiator struct into a sub-struct we can have multiple copies of. Each new header is parsed into a fresh struct of that kind, and then we can compare it with the previous one and decide which we prefer. The preference order, naturally, is 'more secure is better': Digest beats Basic, and between two Digest headers, SHA-256 beats MD5. (And anything beats a header we can't make sense of at all.) Another side effect of this change is that a 407 response which contains _no_ Proxy-Authenticate headers will trigger an error message saying so, instead of just going with whatever happened to be left in the relevant variables from the previous attempt. |
||
|---|---|---|
| charset | ||
| cmake | ||
| contrib | ||
| crypto | ||
| doc | ||
| icons | ||
| keygen | ||
| otherbackends | ||
| proxy | ||
| ssh | ||
| stubs | ||
| terminal | ||
| test | ||
| unix | ||
| utils | ||
| windows | ||
| .gitignore | ||
| aqsync.c | ||
| be_list.c | ||
| Buildscr | ||
| Buildscr.cv | ||
| callback.c | ||
| cgtest.c | ||
| CHECKLST.txt | ||
| clicons.c | ||
| CMakeLists.txt | ||
| cmdgen.c | ||
| cmdline.c | ||
| config.c | ||
| console.c | ||
| console.h | ||
| defs.h | ||
| dialog.c | ||
| dialog.h | ||
| errsock.c | ||
| import.c | ||
| LATEST.VER | ||
| ldisc.c | ||
| LICENCE | ||
| licence.pl | ||
| logging.c | ||
| marshal.h | ||
| misc.h | ||
| mksrcarc.sh | ||
| mkunxarc.sh | ||
| mpint.h | ||
| network.h | ||
| pageant.c | ||
| pageant.h | ||
| pinger.c | ||
| pscp.c | ||
| psftp.c | ||
| psftp.h | ||
| psftpcommon.c | ||
| psocks.c | ||
| psocks.h | ||
| putty.h | ||
| puttymem.h | ||
| README | ||
| release.pl | ||
| settings.c | ||
| sign.sh | ||
| ssh.h | ||
| sshcr.h | ||
| sshkeygen.h | ||
| sshpubk.c | ||
| sshrand.c | ||
| storage.h | ||
| timing.c | ||
| tree234.h | ||
| version.h | ||
| x11disp.c | ||
This is the README for PuTTY, a free Windows and Unix Telnet and SSH
client.
PuTTY is built using CMake <https://cmake.org/>. To compile in the
simplest way (on any of Linux, Windows or Mac), run these commands in
the source directory:
cmake .
cmake --build .
Documentation (in various formats including Windows Help and Unix
`man' pages) is built from the Halibut (`.but') files in the `doc'
subdirectory using `doc/Makefile'. If you aren't using one of our
source snapshots, you'll need to do this yourself. Halibut can be
found at <https://www.chiark.greenend.org.uk/~sgtatham/halibut/>.
The PuTTY home web site is
https://www.chiark.greenend.org.uk/~sgtatham/putty/
If you want to send bug reports or feature requests, please read the
Feedback section of the web site before doing so. Sending one-line
reports saying `it doesn't work' will waste your time as much as
ours.
See the file LICENCE for the licence conditions.