simon-git: putty (master): Simon Tatham
Commits to Tartarus CVS repository.
tartarus-commits at lists.tartarus.org
Fri May 15 10:16:49 BST 2015
TL;DR:
79fe961 Const-correctness in struct ssh_hash.
a5fc95b Const-correctness of name fields in struct ssh_*.
870ad6a Pass the ssh_signkey structure itself to public key methods.
1293334 Provide an 'extra' pointer in ssh_signkey and ssh_kex.
7db526c Clean up elliptic curve selection and naming.
a8c4e67 Clean up hash selection in ECDSA.
Repository: git://git.tartarus.org/simon/putty.git
On the web: http://tartarus.org/~simon-git/gitweb/?p=putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2015-05-15 10:16:49
commit 79fe96155a9486a58c1ce588069975346b4f4a22
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=79fe96155a9486a58c1ce588069975346b4f4a22;hp=8423f79e326f463364aa1274180cd39eba1b98d9
Author: Simon Tatham <anakin at pobox.com>
Date: Fri May 15 10:12:05 2015 +0100
Const-correctness in struct ssh_hash.
The 'bytes' function should take a const void * as input, not a void *.
ssh.h | 2 +-
sshsh256.c | 2 +-
sshsh512.c | 2 +-
sshsha.c | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
commit a5fc95b715256a7db4492ccf6872788613f105c4
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=a5fc95b715256a7db4492ccf6872788613f105c4;hp=79fe96155a9486a58c1ce588069975346b4f4a22
Author: Simon Tatham <anakin at pobox.com>
Date: Fri May 15 10:12:06 2015 +0100
Const-correctness of name fields in struct ssh_*.
All the name strings in ssh_cipher, ssh_mac, ssh_hash, ssh_signkey
point to compile-time string literals, hence should obviously be const
char *.
Most of these const-correctness patches are just a mechanical job of
adding a 'const' in the one place you need it right now, and then
chasing the implications through the code adding further consts until
it compiles. But this one has actually shown up a bug: the 'algorithm'
output parameter in ssh2_userkey_loadpub was sometimes returning a
pointer to a string literal, and sometimes a pointer to dynamically
allocated memory, so callers were forced to either sometimes leak
memory or sometimes free a bad thing. Now it's consistently
dynamically allocated, and should be freed everywhere too.
cmdgen.c | 1 +
macosx/osxdlg.m | 4 ++--
putty.h | 4 ++--
ssh.c | 1 +
ssh.h | 16 ++++++++--------
sshpubk.c | 2 +-
unix/gtkdlg.c | 4 ++--
unix/uxcons.c | 4 ++--
windows/wincons.c | 4 ++--
windows/windlg.c | 4 ++--
10 files changed, 23 insertions(+), 21 deletions(-)
commit 870ad6ab0780c68e0e71d1a14d394aa543a8b89e
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=870ad6ab0780c68e0e71d1a14d394aa543a8b89e;hp=a5fc95b715256a7db4492ccf6872788613f105c4
Author: Simon Tatham <anakin at pobox.com>
Date: Fri May 15 10:12:07 2015 +0100
Pass the ssh_signkey structure itself to public key methods.
Not all of them, but the ones that don't get a 'void *key' parameter.
This means I can share methods between multiple ssh_signkey
structures, and still give those methods an easy way to find out which
public key method they're dealing with, by loading parameters from a
larger structure in which the ssh_signkey is the first element.
(In OO terms, I'm arranging that all static methods of my public key
classes get a pointer to the class vtable, to make up for not having a
pointer to the class instance.)
I haven't actually done anything with the new facility in this commit,
but it will shortly allow me to clean up the constant lookups by curve
name in the ECDSA code.
cmdgen.c | 3 ++-
import.c | 9 +++++----
pageant.c | 2 +-
ssh.c | 9 ++++++---
ssh.h | 12 ++++++++----
sshdss.c | 16 ++++++++++------
sshecc.c | 19 ++++++++++++-------
sshpubk.c | 4 ++--
sshrsa.c | 18 +++++++++++-------
9 files changed, 57 insertions(+), 35 deletions(-)
commit 1293334ebf50805a3e150d8808f7013bdcf8f1b3
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=1293334ebf50805a3e150d8808f7013bdcf8f1b3;hp=870ad6ab0780c68e0e71d1a14d394aa543a8b89e
Author: Simon Tatham <anakin at pobox.com>
Date: Fri May 15 10:12:08 2015 +0100
Provide an 'extra' pointer in ssh_signkey and ssh_kex.
This gives families of public key and kex functions (by which I mean
those sharing a set of methods) a place to store parameters that allow
the methods to vary depending on which exact algorithm is in use.
The ssh_kex structure already had a set of parameters specific to
Diffie-Hellman key exchange; I've moved those into sshdh.c and made
them part of the 'extra' structure for that family only, so that
unrelated kex methods don't have to faff about saying NULL,NULL,0,0.
(This required me to write an extra accessor function for ssh.c to ask
whether a DH method was group-exchange style or fixed-group style, but
that doesn't seem too silly.)
ssh.c | 6 +++---
ssh.h | 6 +++---
sshdh.c | 36 ++++++++++++++++++++++++++++++------
sshdss.c | 3 ++-
sshecc.c | 12 ++++++++----
sshrsa.c | 7 ++++---
6 files changed, 50 insertions(+), 20 deletions(-)
commit 7db526c7306a12d86bff9ce1de00e9838987c0af
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=7db526c7306a12d86bff9ce1de00e9838987c0af;hp=1293334ebf50805a3e150d8808f7013bdcf8f1b3
Author: Simon Tatham <anakin at pobox.com>
Date: Fri May 15 10:13:05 2015 +0100
Clean up elliptic curve selection and naming.
The ec_name_to_curve and ec_curve_to_name functions shouldn't really
have had to exist at all: whenever any part of the PuTTY codebase
starts using sshecc.c, it's starting from an ssh_signkey or ssh_kex
pointer already found by some other means. So if we make sure not to
lose that pointer, we should never need to do any string-based lookups
to find the curve we want, and conversely, when we need to know the
name of our curve or our algorithm, we should be able to look it up as
a straightforward const char * starting from the algorithm pointer.
This commit cleans things up so that that is indeed what happens. The
ssh_signkey and ssh_kex structures defined in sshecc.c now have
'extra' fields containing pointers to all the necessary stuff;
ec_name_to_curve and ec_curve_to_name have been completely removed;
struct ec_curve has a string field giving the curve's name (but only
for those curves which _have_ a name exposed in the wire protocol,
i.e. the three NIST ones); struct ec_key keeps a pointer to the
ssh_signkey it started from, and uses that to remember the algorithm
name rather than reconstructing it from the curve. And I think I've
got rid of all the ad-hockery scattered around the code that switches
on curve->fieldBits or manually constructs curve names using stuff
like sprintf("nistp%d"); the only remaining switch on fieldBits
(necessary because that's the UI for choosing a curve in PuTTYgen) is
at least centralised into one place in sshecc.c.
One user-visible result is that the format of ed25519 host keys in the
registry has changed: there's now no curve name prefix on them,
because I think it's not really right to make up a name to use. So any
early adopters who've been using snapshot PuTTY in the last week will
be inconvenienced; sorry about that.
cmdgen.c | 8 +-
import.c | 83 +++++-------
ssh.c | 2 +-
ssh.h | 29 +++--
sshecc.c | 367 ++++++++++++++++++++++++++---------------------------
sshecdsag.c | 16 +--
windows/winpgen.c | 7 +-
7 files changed, 233 insertions(+), 279 deletions(-)
commit a8c4e67ff9ebdced0a4fb393f934b22cb5aae02f
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=a8c4e67ff9ebdced0a4fb393f934b22cb5aae02f;hp=7db526c7306a12d86bff9ce1de00e9838987c0af
Author: Simon Tatham <anakin at pobox.com>
Date: Fri May 15 10:13:06 2015 +0100
Clean up hash selection in ECDSA.
Removed another set of ad-hoc tests of the key size to decide which
hash to use for the signature system, and replaced them with a
straightforward pointer to an ssh_hash structure in the 'extra' area.
sshecc.c | 48 ++++++++++++++++++++++--------------------------
1 file changed, 22 insertions(+), 26 deletions(-)
More information about the tartarus-commits
mailing list