simon-git: putty (master): Simon Tatham

Commits to Tartarus CVS repository. tartarus-commits at lists.tartarus.org
Thu Sep 24 12:06:45 BST 2015 

TL;DR:
  5f6e443 Don't try to agree a MAC we'll never use.
  bea758a Fix spurious EAGAIN in Plink host key (and other) prompts.

Repository:     git://git.tartarus.org/simon/putty.git
On the web:     http://tartarus.org/~simon-git/gitweb/?p=putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2015-09-24 12:06:45

commit 5f6e443b55d9d2c53b0aadc857181ec377c95e18
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=5f6e443b55d9d2c53b0aadc857181ec377c95e18;hp=43be90e287996e1be6f92f5a426475df25c16e10
Author: Simon Tatham <anakin at pobox.com>
Date:   Thu Sep 24 11:41:43 2015 +0100

    Don't try to agree a MAC we'll never use.
    
    If we've chosen the ChaCha20-Poly1305 option for a cipher, then that
    forces the use of its associated MAC. In that situation, we should
    avoid even _trying_ to figure out a MAC by examining the MAC string
    from the server's KEXINIT, because we won't use the MAC selected by
    that method anyway, so there's no point imposing the requirement on
    servers to present a MAC we believe in just so we know it's there.
    
    This was breaking interoperation with tinysshd, and is in violation of
    OpenSSH's spec for the "chacha20-poly1305 at openssh.com" cipher.

 ssh.c |   28 ++++++++++++++++++----------
 1 file changed, 18 insertions(+), 10 deletions(-)

commit bea758a7ae0507e0d4a24b370f8401661cc1a2c8
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=bea758a7ae0507e0d4a24b370f8401661cc1a2c8;hp=5f6e443b55d9d2c53b0aadc857181ec377c95e18
Author: Simon Tatham <anakin at pobox.com>
Date:   Thu Sep 24 11:58:44 2015 +0100

    Fix spurious EAGAIN in Plink host key (and other) prompts.
    
    Plink sets standard input into nonblocking mode, meaning that read()
    from fd 0 in an interactive context will typically return -1 EAGAIN.
    But the prompt functions in uxcons.c, used for verifying SSH host keys
    and suchlike, were doing an unguarded read() from fd 0, and then
    panicking and aborting the session when they got EAGAIN.
    
    Fixed by inventing a wrapper around read(2) which handles EAGAIN but
    passes all other errors back to the caller. (Seemed slightly less
    dangerous than the stateful alternative of temporarily re-blockifying
    the file descriptor.)

 unix/uxcons.c |   39 ++++++++++++++++++++++++++++++++++++---
 1 file changed, 36 insertions(+), 3 deletions(-)

More information about the tartarus-commits mailing list