simon-git: putty (main): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sun Jul 17 14:23:05 BST 2022
TL;DR:
a50178eb Fix typo in #undef.
42740a54 Allow manually confirming and caching certified keys.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: main
Committer: Simon Tatham <anakin at pobox.com>
Date: 2022-07-17 14:23:05
commit a50178eba79ecbbeb9949f2c9827fe14b50c1941
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=a50178eba79ecbbeb9949f2c9827fe14b50c1941;hp=f1c82980007f9afa1ab5a5fefeab5dcaf12e8803
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jul 16 11:24:59 2022 +0100
Fix typo in #undef.
In the macro automation for ssh2_bpp_check_unimplemented, I #defined
SSH2_BITMAP_WORD, and 20 lines later, tried to #undef it by the wrong
spelling. Of course this gave no error, so I didn't notice! But I
spotted it just now, so let's fix it.
ssh/common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
commit 42740a54550476e47b8f68981f24ac455c1daa51
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=42740a54550476e47b8f68981f24ac455c1daa51;hp=a50178eba79ecbbeb9949f2c9827fe14b50c1941
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jul 16 11:23:13 2022 +0100
Allow manually confirming and caching certified keys.
In the case where a server presents a host key signed by a different
certificate from the one you've configured, it need not _always_ be
evidence of wrongdoing. I can imagine situations in which two CAs
cover overlapping sets of things, and you don't want to blanket-trust
one of them, but you do want to connect to a specific host signed by
that one.
Accordingly, PuTTY's previous policy of unconditionally aborting the
connection if certificate validation fails (which was always intended
as a stopgap until I thought through what I wanted to replace it with)
is now replaced by fallback handling: we present the host key
fingerprint to the user and give them the option to accept and/or
cache it based on the public key itself.
This means that the certified key types have to have a representation
in the host key cache. So I've assigned each one a type id, and
generate the cache string itself by simply falling back to the base
key.
(Rationale for the latter: re-signing a public key with a different
certificate doesn't change the _private_ key, or the set of valid
signatures generated with it. So if you've been convinced for reasons
other than the certificate that a particular private key is in the
possession of $host, then proof of ownership of that private key
should be enough to convince you you're talking to $host no matter
what CA has signed the public half this week.)
We now offer to receive a given certified host key type if _either_ we
have at least one CA configured to trust that host, _or_ we have a
certified key of that type cached. (So once you've decided manually
that you trust a particular key, we can still receive that key and
authenticate the host with it, even if you later delete the CA record
that it didn't match anyway.)
One change from normal (uncertified) host key handling is that for
certified key types _all_ the host key prompts use the stronger
language, with "WARNING - POTENTIAL SECURITY BREACH!" rather than the
mild 'hmm, we haven't seen this host before'. Rationale: if you
expected this CA key and got that one, it _could_ be a bold-as-brass
MITM attempt in which someone hoped you'd accept their entire CA key.
The mild wording is only for the case where we had no previous
expectations _at all_ for the host to violate: not a CA _or_ a cached
key.
crypto/openssh-certs.c | 6 +++---
ssh.h | 4 ++--
ssh/common.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++---
ssh/kex2-client.c | 37 +++++++++++++++++++++++++------------
ssh/login1.c | 2 +-
ssh/transport2.c | 8 ++++----
6 files changed, 82 insertions(+), 25 deletions(-)
More information about the tartarus-commits
mailing list