simon-git: putty (main): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Thu Sep 16 14:36:37 BST 2021
TL;DR:
7a022343 userauth2: add a missing free_prompts().
65270b56 free_prompts: deal with a reference from an Ldisc.
e5b6aba6 unix/console.c: add a missing postmsg().
f317f8e6 Centralise host key message formatting.
d1dc1e92 Mention the host name in host-key prompts.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: main
Committer: Simon Tatham <anakin at pobox.com>
Date: 2021-09-16 14:36:37
commit 7a0223435314084f51e9521781b0b64464967c6d
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=7a0223435314084f51e9521781b0b64464967c6d;hp=99b4229abf01ea9b9ef916985e6139feed0c0bf2
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Sep 16 09:27:25 2021 +0100
userauth2: add a missing free_prompts().
If a userauth layer is destroyed while userpass input is still
ongoing, ssh2_userauth_free forgot to free the active prompts_t,
leaking memory.
But adding the missing free_prompts call to ssh2_userauth_free results
in a double-free, because another thing I forgot was to null out that
pointer field everywhere _else_ it's freed. Fixed that too.
ssh/userauth2-client.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
commit 65270b56f050975ea255a6556cfde2dd38546308
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=65270b56f050975ea255a6556cfde2dd38546308;hp=7a0223435314084f51e9521781b0b64464967c6d
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Sep 16 09:41:03 2021 +0100
free_prompts: deal with a reference from an Ldisc.
In a GUI app, when interactive userpass input begins, the Ldisc
acquires a reference to a prompts_t. If something bad happens to the
SSH connection (e.g. unexpected server-side closure), then all the SSH
layers will be destroyed, including freeing that prompts_t. So the
Ldisc will have a stale reference to it, which it might potentially
use.
To fix that, I've arranged a back-pointer so that prompts_t itself can
find the Ldisc's reference to it, and NULL it out on free. So now,
whichever of a prompts_t and an Ldisc is freed first, the link between
them should be cleanly broken.
(I'm not 100% sure this is absolutely necessary, in the sense of
whether a sequence of events can _actually_ happen that causes a stale
pointer dereference. But I don't want to take the chance!)
ldisc.c | 4 ++++
putty.h | 12 ++++++++++--
utils/prompts.c | 7 +++++++
3 files changed, 21 insertions(+), 2 deletions(-)
commit e5b6aba63a84b28e7dcece026db47c9ccdb47060
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e5b6aba63a84b28e7dcece026db47c9ccdb47060;hp=65270b56f050975ea255a6556cfde2dd38546308
Author: Simon Tatham <anakin at pobox.com>
Date: Wed Sep 15 06:00:02 2021 +0100
unix/console.c: add a missing postmsg().
When abandoning a connection due to a host key mismatch in batch mode,
we'd forget to restore the termios settings.
unix/console.c | 1 +
1 file changed, 1 insertion(+)
commit f317f8e67e2286863ef81aabe7073283a2307255
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=f317f8e67e2286863ef81aabe7073283a2307255;hp=e5b6aba63a84b28e7dcece026db47c9ccdb47060
Author: Simon Tatham <anakin at pobox.com>
Date: Wed Sep 15 06:00:38 2021 +0100
Centralise host key message formatting.
The format _strings_ were previously centralised into the platform-
independent console.c, as const char arrays. Now the actual formatting
operation is centralised as well, by means of console.c providing a
function that takes all the necessary parameters and returns a
formatted piece of text for the console.
Mostly this is so that I can add extra parameters to the message with
some confidence: changing a format string in one file and two fprintf
statements in other files to match seems like the kind of situation
you wish you hadn't got into in the first place :-)
console.c | 34 +++++++++++++++++++++-------------
console.h | 5 +++--
unix/console.c | 17 ++++++++++-------
windows/console.c | 15 +++++++++------
4 files changed, 43 insertions(+), 28 deletions(-)
commit d1dc1e927c20d8278c311fc0694bdc8661c17dbd
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=d1dc1e927c20d8278c311fc0694bdc8661c17dbd;hp=f317f8e67e2286863ef81aabe7073283a2307255
Author: Simon Tatham <anakin at pobox.com>
Date: Wed Sep 15 14:41:00 2021 +0100
Mention the host name in host-key prompts.
Now that it's possible for a single invocation of PuTTY to connect to
multiple SSH servers (jump host followed by ultimate destination
host), it's rather unhelpful for host key prompts to just say "the
server". To check an unknown host key, users will need to know _which_
host it's purporting to be the key for.
Another possibility is to put a message in the terminal window
indicating which server we're currently in the SSH setup phase for.
That will certainly be what we have to end up doing for userpass
prompts that appear _in_ the terminal window. But that by itself is
still unhelpful for host key prompts in a separate dialog, because the
user would have to check both windows to get all the information they
need. Easier if the host key dialog itself tells you everything you
need to know to answer the question: is _this_ key the one you expect
for _that_ host?
console.c | 24 ++++++++++-------
console.h | 6 +++--
unix/console.c | 6 +++--
unix/dialog.c | 26 ++++++++++--------
windows/console.c | 6 +++--
windows/dialog.c | 9 +++++++
windows/putty-common.rc2 | 68 +++++++++++++++++++++++++-----------------------
windows/putty-rc.h | 5 ++--
8 files changed, 89 insertions(+), 61 deletions(-)
More information about the tartarus-commits
mailing list