simon-git: putty (master): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sat Jun 2 18:28:32 BST 2018
TL;DR:
8d88275 Fix some missing void * and const in existing APIs.
9e96af5 Introduce a new 'ptrlen' type.
005ca6b Introduce a centralised unmarshaller, 'BinarySource'.
7d8312e Rewrite SSH-1 RSA handling functions using BinarySource.
2cb4d89 Replace sftp_pkt_get* with BinarySource.
7535f64 Replace ssh_pkt_get* with BinarySource.
e43605e Rewrite ssh2_add_sigblob using BinarySource.
392a8c0 Pageant server: parse requests using BinarySource.
e2431c3 Pageant client code: parse replies using BinarySource.
876e158 Rewrite conf deserialisation using BinarySource.
59e83a8 Rewrite key import functions using BinarySource.
28c086c Rewrite key loading functions using BinarySource.
5be57af Rewrite packet parsing in sshshare.c using BinarySource.
ae3edcd Clean up ssh_keyalg APIs and implementations.
5acd523 Rewrite .Xauthority parsing using BinarySource.
4d8c033 Rewrite SOCKS client code using BinarySource.
6dc6392 Remove obsolete functions.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2018-06-02 18:28:32
commit 8d882756b80cec8a2e3e7ef7c764e53d5de2170c
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=8d882756b80cec8a2e3e7ef7c764e53d5de2170c;hp=6ce79d8d22f2ee2901c52a87f15b78c21bcfb1d0
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jun 2 07:52:26 2018 +0100
Fix some missing void * and const in existing APIs.
Several changes here that should have been in commit 7babe66a8 but I
missed them.
portfwd.c | 2 +-
ssh.c | 4 ++--
ssh.h | 6 +++---
sshecc.c | 6 ++++--
x11fwd.c | 4 +++-
5 files changed, 13 insertions(+), 9 deletions(-)
commit 9e96af59ce7cd56aa181c1d3da40cedf0ecbaaf5
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=9e96af59ce7cd56aa181c1d3da40cedf0ecbaaf5;hp=8d882756b80cec8a2e3e7ef7c764e53d5de2170c
Author: Simon Tatham <anakin at pobox.com>
Date: Sun May 27 16:56:51 2018 +0100
Introduce a new 'ptrlen' type.
This wraps up a (pointer, length) pair into a convenient struct that
lets me return it by value from a function, and also pass it through
to other functions in one go.
Ideally quite a lot of this code base could be switched over to using
ptrlen in place of separate pointer and length variables or function
parameters. (In fact, in my personal ideal conception of C, the usual
string type would be of this form, and all the string.h functions
would operate on ptrlens instead of zero-terminated 'char *'.)
For the moment, I'm just introducing it to make some upcoming
refactoring less inconvenient. Bulk migration of existing code to
ptrlen is a project for another time.
Along with the type itself, I've provided a convenient system of
including the contents of a ptrlen in a printf; a constructor function
that wraps up a pointer and length so you can make a ptrlen on the fly
in mid-expression; a function to compare a ptrlen against an ordinary
C string (which I mostly expect to use with string literals); and a
function 'mkstr' to make a dynamically allocated C string out of one.
That last function replaces a function of the same name in sftp.c,
which I'm promoting to a whole-codebase facility and adjusting its
API.
defs.h | 11 +++++++++++
marshal.c | 5 +++++
marshal.h | 3 +++
misc.c | 32 ++++++++++++++++++++++++++++++++
misc.h | 8 ++++++++
pageant.c | 2 +-
sftp.c | 22 +++++-----------------
ssh.h | 2 +-
sshpubk.c | 21 +++++++++++----------
9 files changed, 77 insertions(+), 29 deletions(-)
commit 005ca6b25713682305502e2f1a5e8154a87e8625
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=005ca6b25713682305502e2f1a5e8154a87e8625;hp=9e96af59ce7cd56aa181c1d3da40cedf0ecbaaf5
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jun 2 08:25:19 2018 +0100
Introduce a centralised unmarshaller, 'BinarySource'.
This is the companion to the BinarySink system I introduced a couple
of weeks ago, and provides the same type-genericity which will let me
use the same get_* routines on an SSH packet, an SFTP packet or
anything else that chooses to include an implementing substructure.
However, unlike BinarySink which contained a (one-function) vtable,
BinarySource contains only mutable data fields - so another thing you
might very well want to do is to simply instantiate a bare one without
any containing object at all. I couldn't quite coerce C into letting
me use the same setup macro in both cases, so I've arranged a
BinarySource_INIT you can use on larger implementing objects and a
BinarySource_BARE_INIT you can use on a BinarySource not contained in
anything.
The API follows the general principle that even if decoding fails, the
decode functions will always return _some_ kind of value, with the
same dynamically-allocated-ness they would have used for a completely
successful value. But they also set an error flag in the BinarySource
which can be tested later. So instead of having to decode a 10-field
packet by means of 10 separate 'if (!get_foo(src)) throw error'
clauses, you can just write 10 'variable = get_foo(src)' statements
followed by a single check of get_err(src), and if the error check
fails, you have to do exactly the same set of frees you would have
after a successful decode.
defs.h | 1 +
int64.h | 1 +
marshal.c | 141 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
marshal.h | 123 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
ssh.h | 2 +
sshbn.c | 42 +++++++++++++++++--
6 files changed, 306 insertions(+), 4 deletions(-)
commit 7d8312e71f225d3f50bfbad4bd3032ad0f72eb55
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=7d8312e71f225d3f50bfbad4bd3032ad0f72eb55;hp=005ca6b25713682305502e2f1a5e8154a87e8625
Author: Simon Tatham <anakin at pobox.com>
Date: Sun May 27 21:51:36 2018 +0100
Rewrite SSH-1 RSA handling functions using BinarySource.
The SSH-1 RSA key reading functions now have BinarySource-shaped get_*
forms, although for the moment I'm still supporting the old API as a
wrapper on the new one, because I haven't switched over the client
code yet. Also, rsa_public_blob_len uses the new system internally,
although its API is unchanged.
marshal.h | 4 +++
ssh.h | 5 +++
sshrsa.c | 120 +++++++++++++++++++++++++++++++++++++-------------------------
3 files changed, 80 insertions(+), 49 deletions(-)
commit 2cb4d8913515d1254b0d1760e3c61ae353c424da
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=2cb4d8913515d1254b0d1760e3c61ae353c424da;hp=7d8312e71f225d3f50bfbad4bd3032ad0f72eb55
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jun 2 09:41:39 2018 +0100
Replace sftp_pkt_get* with BinarySource.
This is the first major piece of code converted to the new
unmarshalling system, and allows me to remove all the sftp_pkt_get*
functions in sftp.c that were previously duplicating standard decode
logic.
sftp.c | 253 ++++++++++++++++++++++++++---------------------------------------
sftp.h | 1 +
2 files changed, 103 insertions(+), 151 deletions(-)
commit 7535f645aba54c4bdbae0435036bba677c469360
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=7535f645aba54c4bdbae0435036bba677c469360;hp=2cb4d8913515d1254b0d1760e3c61ae353c424da
Author: Simon Tatham <anakin at pobox.com>
Date: Sun May 27 18:13:53 2018 +0100
Replace ssh_pkt_get* with BinarySource.
The 'savedpos' field in 'struct Packet', which was already unused on
the output side after I threw away ssh_pkt_addstring_start, is now
unused on the input side too because a BinarySource implementation has
taken over. So it's now completely gone.
ssh.c | 951 ++++++++++++++++++++++++++----------------------------------------
1 file changed, 372 insertions(+), 579 deletions(-)
commit e43605ee0501377fb043dbe7ff5f16634d8df54a
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e43605ee0501377fb043dbe7ff5f16634d8df54a;hp=7535f645aba54c4bdbae0435036bba677c469360
Author: Simon Tatham <anakin at pobox.com>
Date: Tue May 29 20:45:42 2018 +0100
Rewrite ssh2_add_sigblob using BinarySource.
This is the function that breaks apart a signature blob (generated
locally or received from an SSH agent) and adds leading zero bytes in
front of the signature integer, if we think we're talking to a server
that will incorrectly insist on that. The breaking-apart process is
just another instance of SSH-style data unmarshalling, so it should be
done by the new centralised routines.
ssh.c | 68 +++++++++++++++++++++++++++++++------------------------------------
1 file changed, 31 insertions(+), 37 deletions(-)
commit 392a8c00f60d3cf655865deca09b72e83d0d143b
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=392a8c00f60d3cf655865deca09b72e83d0d143b;hp=e43605ee0501377fb043dbe7ff5f16634d8df54a
Author: Simon Tatham <anakin at pobox.com>
Date: Sun May 27 23:47:40 2018 +0100
Pageant server: parse requests using BinarySource.
pageant_handle_msg was _particularly_ full of painful manual packet
decoding with error checks at every stage, so it's a great relief to
throw it all away and replace it with short sequences of calls to the
shiny new API!
pageant.c | 333 ++++++++++++++++----------------------------------------------
1 file changed, 86 insertions(+), 247 deletions(-)
commit e2431c3ef8d9ad48a882f7e7f9ccfb327cb1cf0d
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e2431c3ef8d9ad48a882f7e7f9ccfb327cb1cf0d;hp=392a8c00f60d3cf655865deca09b72e83d0d143b
Author: Simon Tatham <anakin at pobox.com>
Date: Sun May 27 23:58:20 2018 +0100
Pageant client code: parse replies using BinarySource.
This affects both the client code used by Pageant itself, in
pageant.c, and the client code in ssh.c used during SSH userauth.
pageant.c | 118 +++++++++------------------------
ssh.c | 221 +++++++++++++++++++++++---------------------------------------
2 files changed, 113 insertions(+), 226 deletions(-)
commit 876e1589f845febb4d4a7a5d29e8c533ed68bea4
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=876e1589f845febb4d4a7a5d29e8c533ed68bea4;hp=e2431c3ef8d9ad48a882f7e7f9ccfb327cb1cf0d
Author: Simon Tatham <anakin at pobox.com>
Date: Mon May 28 15:36:15 2018 +0100
Rewrite conf deserialisation using BinarySource.
Like the corresponding rewrite of conf serialisation, this affects not
just conf_deserialise itself but also the per-platform filename and
fontspec deserialisers.
conf.c | 84 +++++++++++++------------------------------------------
putty.h | 6 ++--
unix/gtkmain.c | 56 +++++++++++++++++++------------------
unix/uxmisc.c | 20 +++----------
windows/window.c | 5 +++-
windows/winmisc.c | 33 ++++++----------------
6 files changed, 69 insertions(+), 135 deletions(-)
commit 59e83a8c758c651ac26c434d1a3949dac035f9ee
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=59e83a8c758c651ac26c434d1a3949dac035f9ee;hp=876e1589f845febb4d4a7a5d29e8c533ed68bea4
Author: Simon Tatham <anakin at pobox.com>
Date: Mon May 28 17:42:03 2018 +0100
Rewrite key import functions using BinarySource.
The OpenSSH PEM reader is the most interesting conversion out of
these: it was using a standalone function called get_ber_id_len(),
which only skipped over the header of an ASN.1 BER data item and left
the current position at the start of the payload. That's been replaced
by a get_ber() function more in the spirit of the new API, which
consumes the entire BER element, returning its header details and also
a ptrlen pointing at its payload.
(That function could easily be promoted out of import.c to somewhere
more central, if we ever had a need to handle ASN.1 on a larger scale
- e.g. X.509 certificates would find the same function useful. For the
moment, though, it can stay where it is.)
Other than that, this is a fairly mechanical API translation.
import.c | 812 ++++++++++++++++++++++++++-------------------------------------
1 file changed, 340 insertions(+), 472 deletions(-)
commit 28c086ca9ad79f6ffc4d9af3f69e9eb204e3b5eb
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=28c086ca9ad79f6ffc4d9af3f69e9eb204e3b5eb;hp=59e83a8c758c651ac26c434d1a3949dac035f9ee
Author: Simon Tatham <anakin at pobox.com>
Date: Tue May 29 19:29:54 2018 +0100
Rewrite key loading functions using BinarySource.
This does for sshpubk.c's handling of PuTTY's native key formats what
the previous commit did for the foreign formats handled by import.c.
sshpubk.c | 157 ++++++++++++++++++++++++++------------------------------------
1 file changed, 65 insertions(+), 92 deletions(-)
commit 5be57af17365fc6ff3bf5c6a8bfd3334385b9428
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5be57af17365fc6ff3bf5c6a8bfd3334385b9428;hp=28c086ca9ad79f6ffc4d9af3f69e9eb204e3b5eb
Author: Simon Tatham <anakin at pobox.com>
Date: Tue May 29 19:11:22 2018 +0100
Rewrite packet parsing in sshshare.c using BinarySource.
Another set of localised decoding routines get thrown away here. Also,
I've changed the APIs of a couple of helper functions in x11fwd.c to
take ptrlens in place of zero-terminated C strings, because that's the
format in which they come back from the decode, and it saves mallocing
a zero-terminated version of each one just to pass to those helpers.
ssh.h | 4 +-
sshshare.c | 259 ++++++++++++++++++++++---------------------------------------
x11fwd.c | 12 +--
3 files changed, 100 insertions(+), 175 deletions(-)
commit ae3edcdfc0b6e71377aee57070f43faacd6f6456
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=ae3edcdfc0b6e71377aee57070f43faacd6f6456;hp=5be57af17365fc6ff3bf5c6a8bfd3334385b9428
Author: Simon Tatham <anakin at pobox.com>
Date: Thu May 31 18:40:51 2018 +0100
Clean up ssh_keyalg APIs and implementations.
Quite a few of the function pointers in the ssh_keyalg vtable now take
ptrlen arguments in place of separate pointer and length pairs.
Meanwhile, the various key types' implementations of those functions
now work by initialising a BinarySource with the input ptrlen and
using the new decode functions to walk along it.
One exception is the openssh_createkey method which reads a private
key in the wire format used by OpenSSH's SSH-2 agent protocol, which
has to consume a prefix of a larger data stream, and tell the caller
how much of that data was the private key. That function now takes an
actual BinarySource, and passes that directly to the decode functions,
so that on return the caller finds that the BinarySource's read
pointer has been advanced exactly past the private key.
This let me throw away _several_ reimplementations of mpint-reading
functions, one in each of sshrsa, sshdss.c and sshecc.c. Worse still,
they didn't all have exactly the SSH-2 semantics, because the thing in
sshrsa.c whose name suggested it was an mpint-reading function
actually tolerated the wrong number of leading zero bytes, which it
had to be able to do to cope with the "ssh-rsa" signature format which
contains a thing that isn't quite an SSH-2 mpint. Now that deviation
is clearly commented!
cmdgen.c | 5 +-
import.c | 18 ++++---
pageant.c | 9 +---
ssh.c | 18 +++----
ssh.h | 16 ++----
sshdss.c | 171 +++++++++++++++++-----------------------------------------
sshecc.c | 183 +++++++++++++++++++++-----------------------------------------
sshpubk.c | 7 +--
sshrsa.c | 137 ++++++++++++++++++----------------------------
9 files changed, 189 insertions(+), 375 deletions(-)
commit 5acd523ae6c5b6a4be83b5131d53826606778335
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5acd523ae6c5b6a4be83b5131d53826606778335;hp=ae3edcdfc0b6e71377aee57070f43faacd6f6456
Author: Simon Tatham <anakin at pobox.com>
Date: Tue May 29 22:41:37 2018 +0100
Rewrite .Xauthority parsing using BinarySource.
This rewrite replaces a particularly hairy macro-based system.
x11fwd.c | 103 ++++++++++++++++++++++++++++++++++++++-------------------------
1 file changed, 63 insertions(+), 40 deletions(-)
commit 4d8c03359614356244be9591abac4c5f6dc1e34b
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4d8c03359614356244be9591abac4c5f6dc1e34b;hp=5acd523ae6c5b6a4be83b5131d53826606778335
Author: Simon Tatham <anakin at pobox.com>
Date: Wed May 30 22:36:20 2018 +0100
Rewrite SOCKS client code using BinarySource.
I've also replaced the entire SOCKS state machine whose states were
barely-documented literal integers with one that uses an actual enum.
I think the result is a great deal clearer.
In the course of this rewrite I noticed that PuTTY's dynamic port
forwarding had never got round to supporting the SOCKS5 IPv6 address
format - though there was a FIXME comment saying it ought to. So now
it does: if a SOCKS5 client provides a binary IPv6 address (which
PuTTY's _own_ SOCKS5 client, in proxy.c, is quite capable of doing!),
then that will be translated into the usual IPv6 hex literal
representation to put in the "direct-tcpip" channel open request.
portfwd.c | 500 ++++++++++++++++++++++++++++++++------------------------------
1 file changed, 259 insertions(+), 241 deletions(-)
commit 6dc63925965f34e0e898c2c5e465476c536a215f
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=6dc63925965f34e0e898c2c5e465476c536a215f;hp=4d8c03359614356244be9591abac4c5f6dc1e34b
Author: Simon Tatham <anakin at pobox.com>
Date: Tue May 29 20:36:21 2018 +0100
Remove obsolete functions.
There are several old functions that the previous commits have removed
all, or nearly all, of the references to. match_ssh_id is superseded
by ptrlen_eq_string; get_ssh_{string,uint32} is yet another replicated
set of decode functions (this time _partly_ centralised into misc.c);
the old APIs for the SSH-1 RSA decode functions are gone (together
with their last couple of holdout clients), as are
ssh{1,2}_{read,write}_bignum and ssh{1,2}_bignum_length.
Particularly odd was the use of ssh1_{read,write}_bignum in the SSH-2
Diffie-Hellman implementation. I'd completely forgotten I did that!
Now replaced with a raw bignum_from_bytes, which is simpler anyway.
cmdgen.c | 23 +++------------------
misc.c | 33 ------------------------------
misc.h | 17 ----------------
ssh.h | 8 --------
sshbn.c | 65 +----------------------------------------------------------
sshdh.c | 9 ++++-----
sshrsa.c | 32 -----------------------------
unix/uxpgnt.c | 5 ++++-
8 files changed, 12 insertions(+), 180 deletions(-)
More information about the tartarus-commits
mailing list