simon-git: putty (master): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sat Mar 16 16:59:29 GMT 2019
TL;DR:
63a58759 Sanity-check the 'Public-Lines' field in ppk files.
67d3791d Stop looking for putty.chm alongside the binary.
a8d30081 Stop shipping old WinHelp (.HLP) file.
8b745811 Tweak version string resources for EMBED_CHM.
9f0e0b02 Include the installer versions of binaries in checksum files.
47202c4e Introduce an enum of the uxsel / select_result flags.
5c926d9e Switch to using poll(2) in place of select(2).
d8285499 RSA kex: enforce the minimum key length.
3edc1b33 Disallow REP escape sequence with no prior graphic char.
daf91ef8 Fix crash on ESC#6 + combining chars + GTK + odd-width terminal.
03777723 Fix crash printing a width-2 char in a width-1 terminal.
5fbd294c Add missing dh_validate_f in GSSAPI key exchange.
b9d0371c Add validation of remote keys in ECC Diffie-Hellman.
da1c8f15 Limit the number of combining chars per terminal cell.
3936616f Add line-length limit feature in StripCtrlChars.
530b6fed Anti-spoofing protection for SSH auth banners.
767a9c6e Add a 'from_server' flag in prompts_t.
e21afff6 Move sanitisation of k-i prompts into the SSH code.
2a5d8e05 Add a TermWin method to draw a 'trust sigil'.
9c367eba Add a per-line 'trusted' status in Terminal.
76d8d363 Seat method to set the current trust status.
514796b7 Add an interactive anti-spoofing prompt in Plink.
31b4c6ad Draft FAQ entries for the spoofing defences.
c081f3e2 Reorganise the default cipher preference order.
abfc751c Update version number for 0.71 release.
c1fa520f release.pl: allow for installer-only sha*sums.
bda765db Post-0.71 checklist updates.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2019-03-16 16:59:29
commit 63a58759b5c0c11183726767a095f3a154b0f131
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=63a58759b5c0c11183726767a095f3a154b0f131;hp=baa04337a4e842f76c17ceca1730ad1ca72173d6
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 19 07:40:07 2019 +0000
Sanity-check the 'Public-Lines' field in ppk files.
If it's too large, memory allocation can fail, or worse,
under-allocate due to integer overflow.
sshpubk.c | 36 +++++++++++++++++++++++++++++++++---
1 file changed, 33 insertions(+), 3 deletions(-)
commit 67d3791de83569dd55b307b775087815ad0d9002
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=67d3791de83569dd55b307b775087815ad0d9002;hp=63a58759b5c0c11183726767a095f3a154b0f131
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 26 20:26:09 2019 +0000
Stop looking for putty.chm alongside the binary.
With this change, we stop expecting to find putty.chm alongside the
executable file. That was a security hazard comparable to DLL
hijacking, because of the risk that a malicious CHM file could be
dropped into the same directory as putty.exe (e.g. if someone ran
PuTTY from their browser's download dir)..
Instead, the standalone putty.exe (and other binaries needing help)
embed the proper CHM file within themselves, as a Windows resource,
and if called on to display the help then they write the file out to a
temporary location. This has the advantage that if you download and
run the standalone putty.exe then you actually _get_ help, which
previously didn't happen!
The versions of the binaries in the installer don't each contain a
copy of the help file; that would be extravagant. Instead, the
installer itself writes a registry entry pointing at the proper help
file, and the executables will look there.
Another effect of this commit is that I've withdrawn support for the
older .HLP format completely. It's now entirely outdated, and
supporting it through this security fix would have been a huge pain.
Buildscr | 65 ++++++++---
Recipe | 10 +-
misc.c | 8 ++
windows/installer.wxs | 4 +
windows/pageant.rc | 2 +
windows/putty.rc | 1 +
windows/puttygen.rc | 2 +
windows/puttytel.rc | 1 +
windows/win_res.h | 3 +
windows/winhelp.c | 306 ++++++++++++++++++++++++++++++++++----------------
windows/winhelp.rc2 | 5 +
windows/winmisc.c | 37 ++++++
windows/winnohlp.c | 15 +++
windows/winstuff.h | 4 +
14 files changed, 346 insertions(+), 117 deletions(-)
commit a8d30081432020a86dd8a519471002db19806743
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=a8d30081432020a86dd8a519471002db19806743;hp=67d3791de83569dd55b307b775087815ad0d9002
Author: Jacob Nevins <jacobn at chiark.greenend.org.uk>
Date: Fri Mar 15 22:56:37 2019 +0000
Stop shipping old WinHelp (.HLP) file.
The executables were already ignoring it.
This is a minimal change; PUTTY.HLP can still be built, and there's
still all the context IDs lying around.
Buildscr changes are untested.
Buildscr | 16 ++++++----------
doc/Makefile | 10 ++++++----
windows/winhelp.c | 4 +---
windows/winhelp.h | 3 ++-
windows/winstuff.h | 2 --
5 files changed, 15 insertions(+), 20 deletions(-)
commit 8b7458119f0653d41fb8017ba07f8272a0af1e2f
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=8b7458119f0653d41fb8017ba07f8272a0af1e2f;hp=a8d30081432020a86dd8a519471002db19806743
Author: Jacob Nevins <jacobn at chiark.greenend.org.uk>
Date: Sat Mar 16 01:30:34 2019 +0000
Tweak version string resources for EMBED_CHM.
So that it's possible to distinguish the CHMful from the CHMless binary
without running it.
windows/putty.rc | 2 +-
windows/puttytel.rc | 2 +-
windows/version.rc2 | 4 ++++
windows/winhelp.rc2 | 3 +++
4 files changed, 9 insertions(+), 2 deletions(-)
commit 9f0e0b02e3a7d2265ffbe3c1a597e850149c6bd1
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=9f0e0b02e3a7d2265ffbe3c1a597e850149c6bd1;hp=8b7458119f0653d41fb8017ba07f8272a0af1e2f
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 16 12:13:49 2019 +0000
Include the installer versions of binaries in checksum files.
Those hashes aren't directly needed for authenticating downloaded
files (the installer itself is checksummed, which covers all the files
it will unpack from itself). But they'll surely come in useful for
other purposes sooner or later, so we should arrange to keep them
somewhere easy to find.
Buildscr | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
commit 47202c4e163373736a5bce01730bebc2d9e878fd
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=47202c4e163373736a5bce01730bebc2d9e878fd;hp=9f0e0b02e3a7d2265ffbe3c1a597e850149c6bd1
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Feb 7 18:13:56 2019 +0000
Introduce an enum of the uxsel / select_result flags.
Those magic numbers 1,2,4 were getting annoying. Time to replace them
while I can still remember what they do.
unix/gtkcomm.c | 12 ++++++------
unix/unix.h | 1 +
unix/uxagentc.c | 4 ++--
unix/uxfdsock.c | 8 ++++----
unix/uxnet.c | 14 +++++++-------
unix/uxpgnt.c | 6 +++---
unix/uxplink.c | 6 +++---
unix/uxpty.c | 16 ++++++++--------
unix/uxserver.c | 6 +++---
unix/uxsftp.c | 6 +++---
10 files changed, 40 insertions(+), 39 deletions(-)
commit 5c926d9ea4a9e0a0a2384f06c7583648cdff3ed6
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5c926d9ea4a9e0a0a2384f06c7583648cdff3ed6;hp=47202c4e163373736a5bce01730bebc2d9e878fd
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Feb 7 18:21:06 2019 +0000
Switch to using poll(2) in place of select(2).
I've always thought poll was more hassle to set up, because if you
want to reuse part of your pollfds list between calls then you have to
index every fd by its position in the list as well as the fd number
itself, which gives you twice as many indices to keep track of than if
the fd is always its own key.
But the problem is that select is fundamentally limited to the range
of fds that can fit in an fd_set, which is not the range of fds that
can _exist_, so I've had a change of heart and now have to go with
poll.
For the moment, I've surrounded it with a 'pollwrapper' structure that
lets me treat it more or less like select, containing a tree234 that
maps each fd to its location in the list, and also translating between
the simple select r/w/x classification and the richer poll flags.
That's let me do the migration with minimal disruption to the call
sites.
In future perhaps I can start using poll more directly, and/or using
the richer flag system (though the latter might be fiddly because of
sometimes being constrained to use the glib event loop). But this will
do for now.
Recipe | 3 +-
cmdline.c | 2 +-
configure.ac | 2 +-
putty.h | 6 +--
unix/unix.h | 19 ++++++++
unix/uxcons.c | 18 ++++----
unix/uxnet.c | 2 +-
unix/uxpgnt.c | 55 +++++++++++------------
unix/uxplink.c | 69 +++++++++++++---------------
unix/uxpoll.c | 136 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
unix/uxsel.c | 4 +-
unix/uxserver.c | 48 ++++++++------------
unix/uxsftp.c | 56 +++++++++++------------
13 files changed, 272 insertions(+), 148 deletions(-)
commit d82854999516046122501b2e145099740ed0284f
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=d82854999516046122501b2e145099740ed0284f;hp=5c926d9ea4a9e0a0a2384f06c7583648cdff3ed6
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Feb 7 20:04:17 2019 +0000
RSA kex: enforce the minimum key length.
I completely forgot to check that the server had actually sent a key
of at least MINKLEN bits, as RFC 4432 clearly says that it MUST.
Without this restriction, not only can a server trick the client into
using a shared secret with inadequate entropy, but it can send a key
so short that the client attempts to generate a secret integer of
negative length, with integer-overflowing results.
ssh2kex-client.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
commit 3edc1b330dc73eea2eff0edd3a669bb371956329
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=3edc1b330dc73eea2eff0edd3a669bb371956329;hp=d82854999516046122501b2e145099740ed0284f
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Feb 10 13:45:10 2019 +0000
Disallow REP escape sequence with no prior graphic char.
The REP escape (ESC [ nnn b) causes the previously printed graphic
character to be repeated another nnn times. So if it's sent as the
very first thing in a terminal session, when there _is_ no previously
printed graphic character, there's nothing sensible it can do.
In fact, in that situation, it does something decidedly _not_
sensible: it takes the uninitialised value term->last_graphic_char and
sends it directly to term_display_graphic_char, with undesirable
results if it's not actually a printing character. In particular, the
value 0 is treated as a combining char (because it has zero wcwidth),
leading to a knock-on assertion failure when compressing the
scrollback lines (which uses \0 as a terminating value for sequences
of combining characters, precisely because it expects it never to show
up in an actual cc slot!).
terminal.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
commit daf91ef8ae9780bb1dfb534afa79e4babb89ba26
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=daf91ef8ae9780bb1dfb534afa79e4babb89ba26;hp=3edc1b330dc73eea2eff0edd3a669bb371956329
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Feb 14 18:05:22 2019 +0000
Fix crash on ESC#6 + combining chars + GTK + odd-width terminal.
When we're displaying double-width text as a result of the VT100 ESC#6
escape sequence or its friends, and the terminal width is an odd
number of columns, we divide by 2 the number of characters we'll even
try to display, and round _down_: if there's a rightmost odd column,
it stays blank, and doesn't show the left half of a double-width char.
In the GTK redraw function, that rounding-down can set the 'len'
variable to zero. But when we're displaying a character with Unicode
combining chars on top, that fails an assertion that len == 1, because
at the top of the function we set it to 1.
The fix is just to return early if len is reduced to zero by that
rounding: if we're not displaying any characters, then we don't have
to do anything at all.
unix/gtkwin.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
commit 03777723e553024e94d8bfcf182f3a2e92ffb914
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=03777723e553024e94d8bfcf182f3a2e92ffb914;hp=daf91ef8ae9780bb1dfb534afa79e4babb89ba26
Author: Simon Tatham <anakin at pobox.com>
Date: Thu Mar 14 18:13:01 2019 +0000
Fix crash printing a width-2 char in a width-1 terminal.
If the terminal is one column wide, it's not possible to print a
double-width CJK character at all - it won't fit. Replace it with
U+FFFD to indicate that impossibility.
The previous behaviour was to notice that we're in the rightmost
column of the terminal, and invoke the LATTR_WRAPPED2 special case to
wrap to the leftmost column on the next line. But in a width-1
terminal, the rightmost column _is_ the leftmost column, so this would
leave us no better off, and we would have fallen through into the next
case while in exactly the situation we'd tried to rule out.
terminal.c | 10 ++++++++++
1 file changed, 10 insertions(+)
commit 5fbd294c208af4fc30e2bc6e23285dc7ee88a7d9
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5fbd294c208af4fc30e2bc6e23285dc7ee88a7d9;hp=03777723e553024e94d8bfcf182f3a2e92ffb914
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Feb 16 17:03:32 2019 +0000
Add missing dh_validate_f in GSSAPI key exchange.
This checks that the public Diffie-Hellman value sent by the server is
not an obviously silly one like 1 or -1 (mod p). We already had the
validation function, and were using it in standard DH key exchange,
but the parallel code in the GSSAPI case missed it out.
ssh2kex-client.c | 9 +++++++++
1 file changed, 9 insertions(+)
commit b9d0371c47c1b0b0bb856fee6bb770627aa50a11
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=b9d0371c47c1b0b0bb856fee6bb770627aa50a11;hp=5fbd294c208af4fc30e2bc6e23285dc7ee88a7d9
Author: Simon Tatham <anakin at pobox.com>
Date: Tue Feb 19 19:38:15 2019 +0000
Add validation of remote keys in ECC Diffie-Hellman.
In both the Weierstrass and Montgomery forms, we now check that the
provided curve point isn't a silly one, like the identity or a torsion
point, which will give little or no variation in the possible outputs
of key exchange.
sshecc.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
commit da1c8f15b1bc14c855f0027cf06ba7f1a9c36f3c
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=da1c8f15b1bc14c855f0027cf06ba7f1a9c36f3c;hp=b9d0371c47c1b0b0bb856fee6bb770627aa50a11
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Mar 1 19:20:12 2019 +0000
Limit the number of combining chars per terminal cell.
The previous unlimited system was nicely general, but unfortunately
meant you could easily DoS a PuTTY-based terminal by sending a
printing character followed by an endless stream of identical
combining chars. (In fact, due to accidentally-quadratic linked list
management, you'd DoS it by using up all the CPU even before you got
the point of making it allocate all the RAM.)
The new limit is chosen to be 32, more or less arbitrarily. Overlong
sequences of combining characters are signalled by turning the whole
character cell into U+FFFD REPLACEMENT CHARACTER.
terminal.c | 52 +++++++++++++++++++++++++++++++++++++++++++++-------
terminal.h | 15 +++++++++++++++
2 files changed, 60 insertions(+), 7 deletions(-)
commit 3936616feb0d37cc00f6ef6df61f858f4015c726
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=3936616feb0d37cc00f6ef6df61f858f4015c726;hp=da1c8f15b1bc14c855f0027cf06ba7f1a9c36f3c
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 9 16:45:12 2019 +0000
Add line-length limit feature in StripCtrlChars.
Now it can optionally check that output lines don't go beyond a
certain length (measured in terminal columns, via wcwidth, rather than
bytes or characters). In this mode, lines are prefixed with a
distinctive character (namely '|'), and if a line is too long, then it
is broken and the continuation line gets a different prefix ('>').
When StripCtrlChars is targeting a terminal, it asks the terminal to
call wcwidth on its behalf, so it can be sure to use the same idea as
the real terminal about which characters are wide (i.e. depending on
the configuration of ambiguous characters).
This mode isn't yet used anywhere.
Recipe | 2 +-
misc.h | 1 +
stripctrl.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-
terminal.c | 4 +---
terminal.h | 4 ++++
5 files changed, 61 insertions(+), 5 deletions(-)
commit 530b6fed5dd32e9a751d440c6c2096485c31e7f7
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=530b6fed5dd32e9a751d440c6c2096485c31e7f7;hp=3936616feb0d37cc00f6ef6df61f858f4015c726
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Mar 3 19:38:35 2019 +0000
Anti-spoofing protection for SSH auth banners.
The banner text sent by the server was already being run through a
StripCtrlChars. Now it's run through one in line-limiting mode, and
surrounded by header and footer lines long enough that the line-length
limit wouldn't allow the server to counterfeit one. So it should now
be reliably possible to tell what is banner text sent by the server,
and what is not.
ssh2userauth.c | 67 ++++++++++++++++++++++++++++++++++++++++------------------
1 file changed, 47 insertions(+), 20 deletions(-)
commit 767a9c6e451453c38a6f8f08a50dcdfbe1f7e298
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=767a9c6e451453c38a6f8f08a50dcdfbe1f7e298;hp=530b6fed5dd32e9a751d440c6c2096485c31e7f7
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 9 15:50:23 2019 +0000
Add a 'from_server' flag in prompts_t.
This goes with the existing 'to_server' flag (indicating whether the
values typed by the user are going to be sent over the wire or remain
local), to indicate whether the _text of the prompts_ has come over
the wire or is originated locally.
Like to_server, nothing yet uses this. It's a hedge against the
possibility of maybe having an option for all the auth prompts to work
via GUI dialog boxes.
cmdgen.c | 2 ++
putty.h | 9 +++++++++
rlogin.c | 1 +
ssh1login.c | 5 +++++
ssh2userauth.c | 5 +++++
unix/uxpgnt.c | 1 +
6 files changed, 23 insertions(+)
commit e21afff605a65758e84958d96d1708a984663c82
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e21afff605a65758e84958d96d1708a984663c82;hp=767a9c6e451453c38a6f8f08a50dcdfbe1f7e298
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 9 15:51:38 2019 +0000
Move sanitisation of k-i prompts into the SSH code.
Now, instead of each seat's prompt-handling function doing the
control-char sanitisation of prompt text, the SSH code does it. This
means we can do it differently depending on the prompt.
In particular, prompts _we_ generate (e.g. a genuine request for your
private key's passphrase) are not sanitised; but prompts coming from
the server (in keyboard-interactive mode, or its more restricted SSH-1
analogues, TIS and CryptoCard) are not only sanitised but also
line-length limited and surrounded by uncounterfeitable headers, like
I've just done to the authentication banners.
This should mean that if a malicious server tries to fake the local
passphrase prompt (perhaps because it's somehow already got a copy of
your _encrypted_ private key), you can tell the difference.
ssh1login.c | 90 ++++++++++++++++++++++++++++----------------
ssh2userauth.c | 110 +++++++++++++++++++++++++++++++++++++++---------------
terminal.c | 44 ++++++++++------------
terminal.h | 2 -
unix/uxcons.c | 37 ++++++------------
windows/wincons.c | 41 +++++++-------------
6 files changed, 182 insertions(+), 142 deletions(-)
commit 2a5d8e05e822e77f7fc7037e7ae7e7ca9d14516f
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=2a5d8e05e822e77f7fc7037e7ae7e7ca9d14516f;hp=e21afff605a65758e84958d96d1708a984663c82
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Mar 10 14:37:11 2019 +0000
Add a TermWin method to draw a 'trust sigil'.
This is not yet used by anything, but the idea is that it'll be a
graphic in the terminal window that can't be replicated by a server
sending escape sequences, and hence can be used as a reliable
indication that the text on a particular terminal line is generated by
PuTTY itself and not passed through from the server. This will make it
possible to detect a malicious server trying to mimic local prompts to
trick you out of information that shouldn't be sent over the wire
(such as private-key passphrases).
The trust sigil I've picked is a small copy of the PuTTY icon, which
is thematically nice (it can be read as if the PuTTY icon is the name
of the speaker in a dialogue) and also convenient because we had that
graphic available already on all platforms. (Though the contortions I
had to go through to make the GTK 1 code draw it were quite annoying.)
The trust sigil has the same dimensions as a CJK double-width
character, i.e. it's 2 character cells wide by 1 high.
fuzzterm.c | 5 ++
putty.h | 6 +++
unix/gtkwin.c | 159 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
windows/window.c | 19 ++++++-
4 files changed, 188 insertions(+), 1 deletion(-)
commit 9c367eba4c0d70b94315a0f6d461e4a1104a2a0c
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=9c367eba4c0d70b94315a0f6d461e4a1104a2a0c;hp=2a5d8e05e822e77f7fc7037e7ae7e7ca9d14516f
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Mar 10 14:39:28 2019 +0000
Add a per-line 'trusted' status in Terminal.
This indicates that a line contains trusted information (originated by
PuTTY) or untrusted (from the server). Trusted lines are prefixed by a
three-column signature consisting of the trust sigil (i.e. PuTTY icon)
and a separating space.
To protect against a server using escape sequences to move the cursor
back up to a trusted line and overwrite its contents, any attempt to
write to a termline is preceded by a call to check_trust_status(),
which clears the line completely if the terminal's current trust
status is different from the previous state of that line.
In the terminal data structures, the trust sigil is represented by
0xDFFE (an otherwise unused value, because it's in the surrogate
space). For bidi purposes I've arranged to treat that value as
direction-neutral, so that it will appear on the right if a terminal
line needs it to. (Not that that's currently likely to happen, with
PuTTY not being properly localised, but it's a bit of futureproofing.)
The bidi system is also where I actually insert the trust sigil: the
_logical_ terminal data structures don't include it. term_bidi_line
was a convenient place to add it, because that function was already
transforming a logical terminal line into a physical one in a way that
also generates a logical<->physical mapping table for handling mouse
clicks and cursor positioning; so that function now adds the trust
sigil as well as running the bidi algorithm.
(A knock-on effect of _that_ is that the log<->phys position map now
has to have a value for 'no correspondence', because if the user does
click on the trust sigil, there's no logical terminal position
corresponding to that. So the map can now contain the special value
BIDI_CHAR_INDEX_NONE, and anyone looking things up in it has to be
prepared to receive that as an answer.)
Of course, this terminal-data transformation can't be kept _wholly_
within term_bidi_line, because unlike proper bidi, it actually reduces
the number of visible columns on the line. So the wrapping code
(during glyph display and also copy and paste) has to take account of
the trusted status and use it to ignore the last 3 columns of the
line. This is probably not done absolutely perfectly, but then, it
doesn't need to be - trusted lines will be filled with well-controlled
data generated from the SSH code, which won't be doing every trick in
the book with escape sequences. Only untrusted terminal lines will be
using all the terminal's capabilities, and they don't have this sigil
getting in the way.
minibidi.c | 3 +-
putty.h | 2 +
terminal.c | 166 +++++++++++++++++++++++++++++++++++++++++++++++++------------
terminal.h | 11 ++++
4 files changed, 148 insertions(+), 34 deletions(-)
commit 76d8d363be73b5d3a25951549ed6912ee93fcc10
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=76d8d363be73b5d3a25951549ed6912ee93fcc10;hp=9c367eba4c0d70b94315a0f6d461e4a1104a2a0c
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Mar 10 14:42:11 2019 +0000
Seat method to set the current trust status.
In terminal-based GUI applications, this is passed through to
term_set_trust_status, to toggle whether lines are prefixed with the
new trust sigil. In console applications, the function returns false,
indicating to the backend that it should employ some other technique
for spoofing protection.
misc.c | 2 ++
pscp.c | 1 +
psftp.c | 1 +
putty.h | 21 ++++++++++++++++++++-
raw.c | 3 +++
sesschan.c | 1 +
ssh2userauth.c | 33 +++++++++++++++++++++++++++------
sshserver.c | 1 +
telnet.c | 3 +++
terminal.c | 7 ++-----
testback.c | 6 ++++++
unix/gtkwin.c | 9 +++++++++
unix/uxcons.c | 5 +++++
unix/uxplink.c | 1 +
unix/uxpty.c | 3 +++
unix/uxser.c | 3 +++
windows/wincons.c | 5 +++++
windows/window.c | 8 ++++++++
windows/winplink.c | 1 +
windows/winser.c | 3 +++
20 files changed, 105 insertions(+), 12 deletions(-)
commit 514796b7e421327f2291571179e8657a07ace14d
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=514796b7e421327f2291571179e8657a07ace14d;hp=76d8d363be73b5d3a25951549ed6912ee93fcc10
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Mar 10 14:42:33 2019 +0000
Add an interactive anti-spoofing prompt in Plink.
At the point when we change over the seat's trust status to untrusted
for the last time, to finish authentication, Plink will now present a
final interactive prompt saying 'Press Return to begin session'. This
is a hint that anything after that that resembles an auth prompt
should be treated with suspicion, because _PuTTY_ thinks it's finished
authenticating.
This is of course an annoying inconvenience for interactive users, so
I've tried to reduce its impact as much as I can. It doesn't happen in
GUI PuTTY at all (because the trust sigil system is used instead); it
doesn't happen if you use plink -batch (because then the user already
knows that they _never_ expect an interactive prompt); and it doesn't
happen if Plink's standard input is being redirected from anywhere
other than the terminal / console (because then it would be pointless
for the server to try to scam passphrases out of the user anyway,
since the user isn't in a position to enter one in response to a spoof
prompt). So it should only happen to people who are using Plink in a
terminal for interactive login purposes, and that's not _really_ what
I ever intended Plink to be used for (which is why it's never had any
out-of-band control UI like OpenSSH's ~ system).
If anyone _still_ doesn't like this new prompt, it can also be turned
off using the new -no-antispoof flag, if the user is willing to
knowingly assume the risk.
doc/plink.but | 40 ++++++++++++++++++++++++++++++++++++++++
putty.h | 2 +-
ssh2connection-client.c | 5 +++++
ssh2connection-server.c | 5 +++++
ssh2connection.c | 35 +++++++++++++++++++++++++++++++++++
ssh2connection.h | 5 +++++
unix/uxcons.c | 18 ++++++++++++++++++
unix/uxplink.c | 4 ++++
windows/wincons.c | 23 +++++++++++++++++++++++
windows/winplink.c | 4 ++++
10 files changed, 140 insertions(+), 1 deletion(-)
commit 31b4c6ad9c5940cd0e2f6d1218bdbc2c534de0dc
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=31b4c6ad9c5940cd0e2f6d1218bdbc2c534de0dc;hp=514796b7e421327f2291571179e8657a07ace14d
Author: Simon Tatham <anakin at pobox.com>
Date: Fri Mar 15 07:15:33 2019 +0000
Draft FAQ entries for the spoofing defences.
doc/faq.but | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 50 insertions(+)
commit c081f3e234153554d4b1e28546b2b42df9a7cb03
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=c081f3e234153554d4b1e28546b2b42df9a7cb03;hp=31b4c6ad9c5940cd0e2f6d1218bdbc2c534de0dc
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 16 11:01:30 2019 +0000
Reorganise the default cipher preference order.
After all the side-channel removal work I've done, I'm demoting
Blowfish and Arcfour right to the bottom of the pile, because they're
the ciphers that still have cache and timing leaks in them. (Neither
one can be sanitised without making it _extremely_ slow - the factor
of 4.5 slowdown in DES would be small by comparison).
Single-DES is also still below the warning threshold for simply being
too weak (irrespective of side channels), but it's above the other two.
settings.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
commit abfc751c3ee7d57bf3f127a458c40bb4ca2b6996
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=abfc751c3ee7d57bf3f127a458c40bb4ca2b6996;hp=c081f3e234153554d4b1e28546b2b42df9a7cb03
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 16 12:26:06 2019 +0000
Update version number for 0.71 release.
Buildscr | 2 +-
LATEST.VER | 2 +-
doc/plink.but | 3 ++-
doc/pscp.but | 2 +-
windows/putty.iss | 8 ++++----
5 files changed, 9 insertions(+), 8 deletions(-)
commit c1fa520f98e9d3f30e57bbc0012a8d04fd432586
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=c1fa520f98e9d3f30e57bbc0012a8d04fd432586;hp=abfc751c3ee7d57bf3f127a458c40bb4ca2b6996
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 16 16:46:50 2019 +0000
release.pl: allow for installer-only sha*sums.
Now there are lines in the checksum lists that don't correspond
directly to files we uploaded as part of the main release process,
release.pl needs to ignore them to avoid embarrassing upload failures.
release.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit bda765dbd2d18f624a94b42d07257ae5dadb2041
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=bda765dbd2d18f624a94b42d07257ae5dadb2041;hp=c1fa520f98e9d3f30e57bbc0012a8d04fd432586
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Mar 16 16:58:51 2019 +0000
Post-0.71 checklist updates.
CHECKLST.txt | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
More information about the tartarus-commits
mailing list