simon-git: putty (master): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Sun Feb 2 23:02:47 GMT 2020 

TL;DR:
  08d5c233 Pageant: introduce an API for passphrase prompts.
  4d05eb42 Unix Pageant: implement runtime prompts in debug mode.
  d8337e20 Pageant core: initial deferred decryption facility.
  94a756f3 Unix Pageant: add a --symlink option.
  84fa07cf userauth: fix two small memory leaks.
  563cb062 userauth: fill in missing error path when agent goes away.

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2020-02-02 23:02:47

commit 08d5c233b345b79326b8e1da9c4bed39e90a899d
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=08d5c233b345b79326b8e1da9c4bed39e90a899d;hp=be30aac1536a94a572803c053444b6d1533482c8
Author: Simon Tatham <anakin at pobox.com>
Date:   Mon Jan 20 21:22:33 2020 +0000

    Pageant: introduce an API for passphrase prompts.
    
    This begins to head towards the goal of storing a key file encrypted
    in Pageant, and decrypting it on demand via a GUI prompt the first
    time a client requests a signature from it. That won't be a facility
    available in all situations, so we have to be able to return failure
    from the prompt.
    
    More precisely, there are two versions of this API, one in
    PageantClient and one in PageantListenerClient: the stream
    implementation of PageantClient implements the former API and hands it
    off to the latter. Windows Pageant has to directly implement both (but
    they will end up funnelling to the same function within winpgnt.c).
    
    NFC: for the moment, the new API functions are never called, and every
    implementation of them returns failure.

 pageant.c         | 10 ++++++++++
 pageant.h         | 18 ++++++++++++++++++
 unix/uxpgnt.c     |  8 ++++++++
 windows/winpgnt.c | 16 ++++++++++++++++
 4 files changed, 52 insertions(+)

commit 4d05eb424d521ce00a84063d4862d8e7aabcd50a
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4d05eb424d521ce00a84063d4862d8e7aabcd50a;hp=08d5c233b345b79326b8e1da9c4bed39e90a899d
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Feb 2 16:43:58 2020 +0000

    Unix Pageant: implement runtime prompts in debug mode.
    
    This is the easiest place to implement _something_ that will work as a
    runtime passphrase prompt, which means I get to use it to test the
    code I'm about to add to the Pageant core to make use of those
    prompts. Once that's working, we can think about adding prompts for
    the 'proper' usage modes.
    
    The debug-mode passphrase prompts are implemented by simply reading
    from standard input, having emitted a log message mentioning that a
    prompt is impending. We put standard input into non-echoing mode, but
    otherwise don't print any visible prompt (because standard output will
    in general receive further log messages, which would break it anyway).
    
    This is only just good enough for initial testing. In particular, it
    won't cope if two prompts are in flight at the same time. But good
    enough for initial testing is better than nothing!

 unix/uxpgnt.c | 131 ++++++++++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 118 insertions(+), 13 deletions(-)

commit d8337e20700ce7fb790a377fc14ac17a22f3b183
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=d8337e20700ce7fb790a377fc14ac17a22f3b183;hp=4d05eb424d521ce00a84063d4862d8e7aabcd50a
Author: Simon Tatham <anakin at pobox.com>
Date:   Tue Jan 7 19:56:47 2020 +0000

    Pageant core: initial deferred decryption facility.
    
    This adds an extension request to the agent protocol (named in our
    private namespace, naturally) which allows you to upload a key file in
    the form of a string containing an entire .ppk file. If the key is
    encrypted, then Pageant stores it in such a way that it will show up
    in the key list, and on the first attempt to sign something with it,
    prompt for a passphrase (if it can), decrypt the key, and then answer
    the request.
    
    There are a lot of rough edges still to deal with, but this is good
    enough to have successfully answered one request, so it's a start.

 pageant.c | 326 ++++++++++++++++++++++++++++++++++++++++++++++++++++++--------
 ssh.h     |   1 +
 2 files changed, 285 insertions(+), 42 deletions(-)

commit 94a756f3a9f9b04d55d0efc4c9c6074ece997750
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=94a756f3a9f9b04d55d0efc4c9c6074ece997750;hp=d8337e20700ce7fb790a377fc14ac17a22f3b183
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Feb 2 18:52:10 2020 +0000

    Unix Pageant: add a --symlink option.
    
    I've often found it useful that you can make symlinks to Unix-domain
    sockets, and then connect() on the symlink path will redirect to the
    original socket.
    
    This commit adds an option to Unix Pageant which will make it symlink
    its socket path to a link location of your choice. My initial use case
    is when running Pageant in debug mode during development: if you run a
    new copy of it every few minutes after making a code change, then it's
    annoying to have it change its socket path every time so you have to
    keep pasting its setup command into your test shell. Not any more! Now
    you can run 'pageant --debug --symlink fixed-location', and then your
    test shell can point its SSH_AUTH_SOCK at the fixed location all the
    time.
    
    There are very likely other use cases too, but that's the one that
    motivated me to add the option.

 unix/uxpgnt.c | 40 ++++++++++++++++++++++++++++++++++++++--
 1 file changed, 38 insertions(+), 2 deletions(-)

commit 84fa07cfebba2e82738568427d9feb55f782d7cd
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=84fa07cfebba2e82738568427d9feb55f782d7cd;hp=94a756f3a9f9b04d55d0efc4c9c6074ece997750
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Feb 2 18:53:15 2020 +0000

    userauth: fix two small memory leaks.
    
    Happened to notice these while I was testing the last few commits.

 ssh2userauth.c | 3 +++
 1 file changed, 3 insertions(+)

commit 563cb062b801fd447f5a5b04b9161890d8966e4a
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=563cb062b801fd447f5a5b04b9161890d8966e4a;hp=84fa07cfebba2e82738568427d9feb55f782d7cd
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Feb 2 18:53:24 2020 +0000

    userauth: fill in missing error path when agent goes away.
    
    If the agent client code doesn't even manage to read a full response
    message at all (for example, because the agent it's talking to is
    Pageant running in debug mode and you just ^Ced it or it crashed,
    which is what's been happening to me all afternoon), then previously,
    the userauth code would loop back round to the top of the main loop
    without having actually sent any request, so the client code would
    deadlock waiting for a response to nothing.

 ssh2userauth.c | 7 +++++++
 1 file changed, 7 insertions(+)

More information about the tartarus-commits mailing list