X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=config.c;h=59d01e7479cded42d6e0384b7f1bac8b6c306d85;hb=510f49e405e71ba5c97875e7a019364e1ef5fac9;hp=395f9c81a46a293754f9ba9970b894337b85a06b;hpb=318076a1838c0e270afc5ac5a8081b3a1273cfb4;p=PuTTY.git diff --git a/config.c b/config.c index 395f9c81..59d01e74 100644 --- a/config.c +++ b/config.c @@ -356,7 +356,8 @@ static void cipherlist_handler(union control *ctrl, void *dlg, if (event == EVENT_REFRESH) { int i; - static const struct { char *s; int c; } ciphers[] = { + static const struct { const char *s; int c; } ciphers[] = { + { "ChaCha20 (SSH-2 only)", CIPHER_CHACHA20 }, { "3DES", CIPHER_3DES }, { "Blowfish", CIPHER_BLOWFISH }, { "DES", CIPHER_DES }, @@ -372,7 +373,7 @@ static void cipherlist_handler(union control *ctrl, void *dlg, for (i = 0; i < CIPHER_MAX; i++) { int c = conf_get_int_int(conf, CONF_ssh_cipherlist, i); int j; - char *cstr = NULL; + const char *cstr = NULL; for (j = 0; j < (sizeof ciphers) / (sizeof ciphers[0]); j++) { if (ciphers[j].c == c) { cstr = ciphers[j].s; @@ -428,11 +429,12 @@ static void kexlist_handler(union control *ctrl, void *dlg, if (event == EVENT_REFRESH) { int i; - static const struct { char *s; int k; } kexes[] = { + static const struct { const char *s; int k; } kexes[] = { { "Diffie-Hellman group 1", KEX_DHGROUP1 }, { "Diffie-Hellman group 14", KEX_DHGROUP14 }, { "Diffie-Hellman group exchange", KEX_DHGEX }, { "RSA-based key exchange", KEX_RSA }, + { "ECDH key exchange", KEX_ECDH }, { "-- warn below here --", KEX_WARN } }; @@ -443,7 +445,7 @@ static void kexlist_handler(union control *ctrl, void *dlg, for (i = 0; i < KEX_MAX; i++) { int k = conf_get_int_int(conf, CONF_ssh_kexlist, i); int j; - char *kstr = NULL; + const char *kstr = NULL; for (j = 0; j < (sizeof kexes) / (sizeof kexes[0]); j++) { if (kexes[j].k == k) { kstr = kexes[j].s; @@ -464,6 +466,49 @@ static void kexlist_handler(union control *ctrl, void *dlg, } } +static void hklist_handler(union control *ctrl, void *dlg, + void *data, int event) +{ + Conf *conf = (Conf *)data; + if (event == EVENT_REFRESH) { + int i; + + static const struct { const char *s; int k; } hks[] = { + { "Ed25519", HK_ED25519 }, + { "ECDSA", HK_ECDSA }, + { "DSA", HK_DSA }, + { "RSA", HK_RSA }, + { "-- warn below here --", HK_WARN } + }; + + /* Set up the "host key preference" box. */ + /* (hklist assumed to contain all algorithms) */ + dlg_update_start(ctrl, dlg); + dlg_listbox_clear(ctrl, dlg); + for (i = 0; i < HK_MAX; i++) { + int k = conf_get_int_int(conf, CONF_ssh_hklist, i); + int j; + const char *kstr = NULL; + for (j = 0; j < lenof(hks); j++) { + if (hks[j].k == k) { + kstr = hks[j].s; + break; + } + } + dlg_listbox_addwithid(ctrl, dlg, kstr, k); + } + dlg_update_done(ctrl, dlg); + + } else if (event == EVENT_VALCHANGE) { + int i; + + /* Update array to match the list box. */ + for (i=0; i < HK_MAX; i++) + conf_set_int_int(conf, CONF_ssh_hklist, i, + dlg_listbox_getid(ctrl, dlg, i)); + } +} + static void printerbox_handler(union control *ctrl, void *dlg, void *data, int event) { @@ -471,7 +516,7 @@ static void printerbox_handler(union control *ctrl, void *dlg, if (event == EVENT_REFRESH) { int nprinters, i; printer_enum *pe; - char *printer; + const char *printer; dlg_update_start(ctrl, dlg); /* @@ -568,6 +613,7 @@ struct sessionsaver_data { static void sessionsaver_data_free(void *ssdv) { struct sessionsaver_data *ssd = (struct sessionsaver_data *)ssdv; + get_sesslist(&ssd->sesslist, FALSE); sfree(ssd->savedsession); sfree(ssd); } @@ -1117,7 +1163,8 @@ static void portfwd_handler(union control *ctrl, void *dlg, } } else if (event == EVENT_ACTION) { if (ctrl == pfd->addbutton) { - char *family, *type, *src, *key, *val; + const char *family, *type; + char *src, *key, *val; int whichbutton; #ifndef NO_IPV6 @@ -1176,7 +1223,8 @@ static void portfwd_handler(union control *ctrl, void *dlg, if (i < 0) { dlg_beep(dlg); } else { - char *key, *val, *p; + char *key, *p; + const char *val; key = conf_get_str_nthstrkey(conf, CONF_portfwd, i); if (key) { @@ -1448,7 +1496,7 @@ void setup_config_box(struct controlbox *b, int midsession, * logging can sensibly be available. */ { - char *sshlogname, *sshrawlogname; + const char *sshlogname, *sshrawlogname; if ((midsession && protocol == PROT_SSH) || (!midsession && backend_from_proto(PROT_SSH))) { sshlogname = "SSH packets"; @@ -1473,7 +1521,7 @@ void setup_config_box(struct controlbox *b, int midsession, HELPCTX(logging_filename), conf_filesel_handler, I(CONF_logfilename)); ctrl_text(s, "(Log file name can contain &Y, &M, &D for date," - " &T for time, and &H for host name)", + " &T for time, &H for host name, and &P for port number)", HELPCTX(logging_filename)); ctrl_radiobuttons(s, "What to do if the log file already exists:", 'e', 1, HELPCTX(logging_exists), @@ -1642,6 +1690,10 @@ void setup_config_box(struct controlbox *b, int midsession, HELPCTX(features_retitle), conf_checkbox_handler, I(CONF_no_remote_wintitle)); + ctrl_checkbox(s, "Disable remote-controlled clearing of scrollback", 'e', + HELPCTX(features_clearscroll), + conf_checkbox_handler, + I(CONF_no_remote_clearscroll)); ctrl_radiobuttons(s, "Response to remote title query (SECURITY):", 'q', 3, HELPCTX(features_qtitle), conf_radiobutton_handler, @@ -1925,7 +1977,7 @@ void setup_config_box(struct controlbox *b, int midsession, #endif { - char *label = backend_from_proto(PROT_SSH) ? + const char *label = backend_from_proto(PROT_SSH) ? "Logical name of remote host (e.g. for SSH key lookup):" : "Logical name of remote host:"; s = ctrl_getset(b, "Connection", "identity", @@ -2067,6 +2119,15 @@ void setup_config_box(struct controlbox *b, int midsession, HELPCTX(proxy_command), conf_editbox_handler, I(CONF_proxy_telnet_command), I(1)); + + ctrl_radiobuttons(s, "Print proxy diagnostics " + "in the terminal window", 'r', 5, + HELPCTX(proxy_logging), + conf_radiobutton_handler, + I(CONF_proxy_log_to_term), + "No", I(FORCE_OFF), + "Yes", I(FORCE_ON), + "Only until session starts", I(AUTO), NULL); } /* @@ -2191,14 +2252,12 @@ void setup_config_box(struct controlbox *b, int midsession, if (!midsession) { s = ctrl_getset(b, "Connection/SSH", "protocol", "Protocol options"); - ctrl_radiobuttons(s, "Preferred SSH protocol version:", NO_SHORTCUT, 4, + ctrl_radiobuttons(s, "SSH protocol version:", NO_SHORTCUT, 2, HELPCTX(ssh_protocol), conf_radiobutton_handler, I(CONF_sshprot), - "1 only", 'l', I(0), - "1", '1', I(1), - "2", '2', I(2), - "2 only", 'y', I(3), NULL); + "2", '2', I(3), + "1 (INSECURE)", '1', I(0), NULL); } /* @@ -2235,13 +2294,28 @@ void setup_config_box(struct controlbox *b, int midsession, HELPCTX(ssh_kex_repeat)); } + /* + * The 'Connection/SSH/Host keys' panel. + */ + if (protcfginfo != 1 && protcfginfo != -1) { + ctrl_settitle(b, "Connection/SSH/Host keys", + "Options controlling SSH host keys"); + + s = ctrl_getset(b, "Connection/SSH/Host keys", "main", + "Host key algorithm preference"); + c = ctrl_draglist(s, "Algorithm selection policy:", 's', + HELPCTX(ssh_hklist), + hklist_handler, P(NULL)); + c->listbox.height = 5; + } + /* * Manual host key configuration is irrelevant mid-session, * as we enforce that the host key for rekeys is the * same as that used at the start of the session. */ if (!midsession) { - s = ctrl_getset(b, "Connection/SSH/Kex", "hostkeys", + s = ctrl_getset(b, "Connection/SSH/Host keys", "hostkeys", "Manually configure host keys for this connection"); ctrl_columns(s, 2, 75, 25); @@ -2307,14 +2381,14 @@ void setup_config_box(struct controlbox *b, int midsession, "Options controlling SSH authentication"); s = ctrl_getset(b, "Connection/SSH/Auth", "main", NULL); - ctrl_checkbox(s, "Bypass authentication entirely (SSH-2 only)", 'b', - HELPCTX(ssh_auth_bypass), - conf_checkbox_handler, - I(CONF_ssh_no_userauth)); ctrl_checkbox(s, "Display pre-authentication banner (SSH-2 only)", 'd', HELPCTX(ssh_auth_banner), conf_checkbox_handler, I(CONF_ssh_show_banner)); + ctrl_checkbox(s, "Bypass authentication entirely (SSH-2 only)", 'b', + HELPCTX(ssh_auth_bypass), + conf_checkbox_handler, + I(CONF_ssh_no_userauth)); s = ctrl_getset(b, "Connection/SSH/Auth", "methods", "Authentication methods"); @@ -2563,52 +2637,58 @@ void setup_config_box(struct controlbox *b, int midsession, if (!midsession) { /* - * The Connection/SSH/Bugs panel. + * The Connection/SSH/Bugs panels. */ ctrl_settitle(b, "Connection/SSH/Bugs", "Workarounds for SSH server bugs"); s = ctrl_getset(b, "Connection/SSH/Bugs", "main", "Detection of known bugs in SSH servers"); - ctrl_droplist(s, "Chokes on SSH-1 ignore messages", 'i', 20, - HELPCTX(ssh_bugs_ignore1), - sshbug_handler, I(CONF_sshbug_ignore1)); - ctrl_droplist(s, "Refuses all SSH-1 password camouflage", 's', 20, - HELPCTX(ssh_bugs_plainpw1), - sshbug_handler, I(CONF_sshbug_plainpw1)); - ctrl_droplist(s, "Chokes on SSH-1 RSA authentication", 'r', 20, - HELPCTX(ssh_bugs_rsa1), - sshbug_handler, I(CONF_sshbug_rsa1)); ctrl_droplist(s, "Chokes on SSH-2 ignore messages", '2', 20, HELPCTX(ssh_bugs_ignore2), sshbug_handler, I(CONF_sshbug_ignore2)); - ctrl_droplist(s, "Chokes on PuTTY's SSH-2 'winadj' requests", 'j', - 20, HELPCTX(ssh_bugs_winadj), - sshbug_handler, I(CONF_sshbug_winadj)); - ctrl_droplist(s, "Miscomputes SSH-2 HMAC keys", 'm', 20, - HELPCTX(ssh_bugs_hmac2), - sshbug_handler, I(CONF_sshbug_hmac2)); - ctrl_droplist(s, "Miscomputes SSH-2 encryption keys", 'e', 20, - HELPCTX(ssh_bugs_derivekey2), - sshbug_handler, I(CONF_sshbug_derivekey2)); - ctrl_droplist(s, "Requires padding on SSH-2 RSA signatures", 'p', 20, - HELPCTX(ssh_bugs_rsapad2), - sshbug_handler, I(CONF_sshbug_rsapad2)); - ctrl_droplist(s, "Misuses the session ID in SSH-2 PK auth", 'n', 20, - HELPCTX(ssh_bugs_pksessid2), - sshbug_handler, I(CONF_sshbug_pksessid2)); ctrl_droplist(s, "Handles SSH-2 key re-exchange badly", 'k', 20, HELPCTX(ssh_bugs_rekey2), sshbug_handler, I(CONF_sshbug_rekey2)); + ctrl_droplist(s, "Chokes on PuTTY's SSH-2 'winadj' requests", 'j', + 20, HELPCTX(ssh_bugs_winadj), + sshbug_handler, I(CONF_sshbug_winadj)); + ctrl_droplist(s, "Replies to requests on closed channels", 'q', 20, + HELPCTX(ssh_bugs_chanreq), + sshbug_handler, I(CONF_sshbug_chanreq)); ctrl_droplist(s, "Ignores SSH-2 maximum packet size", 'x', 20, HELPCTX(ssh_bugs_maxpkt2), sshbug_handler, I(CONF_sshbug_maxpkt2)); + + ctrl_settitle(b, "Connection/SSH/More bugs", + "Further workarounds for SSH server bugs"); + + s = ctrl_getset(b, "Connection/SSH/More bugs", "main", + "Detection of known bugs in SSH servers"); + ctrl_droplist(s, "Requires padding on SSH-2 RSA signatures", 'p', 20, + HELPCTX(ssh_bugs_rsapad2), + sshbug_handler, I(CONF_sshbug_rsapad2)); ctrl_droplist(s, "Only supports pre-RFC4419 SSH-2 DH GEX", 'd', 20, HELPCTX(ssh_bugs_oldgex2), sshbug_handler, I(CONF_sshbug_oldgex2)); - ctrl_droplist(s, "Replies to requests on closed channels", 'q', 20, - HELPCTX(ssh_bugs_chanreq), - sshbug_handler, I(CONF_sshbug_chanreq)); + ctrl_droplist(s, "Miscomputes SSH-2 HMAC keys", 'm', 20, + HELPCTX(ssh_bugs_hmac2), + sshbug_handler, I(CONF_sshbug_hmac2)); + ctrl_droplist(s, "Misuses the session ID in SSH-2 PK auth", 'n', 20, + HELPCTX(ssh_bugs_pksessid2), + sshbug_handler, I(CONF_sshbug_pksessid2)); + ctrl_droplist(s, "Miscomputes SSH-2 encryption keys", 'e', 20, + HELPCTX(ssh_bugs_derivekey2), + sshbug_handler, I(CONF_sshbug_derivekey2)); + ctrl_droplist(s, "Chokes on SSH-1 ignore messages", 'i', 20, + HELPCTX(ssh_bugs_ignore1), + sshbug_handler, I(CONF_sshbug_ignore1)); + ctrl_droplist(s, "Refuses all SSH-1 password camouflage", 's', 20, + HELPCTX(ssh_bugs_plainpw1), + sshbug_handler, I(CONF_sshbug_plainpw1)); + ctrl_droplist(s, "Chokes on SSH-1 RSA authentication", 'r', 20, + HELPCTX(ssh_bugs_rsa1), + sshbug_handler, I(CONF_sshbug_rsa1)); } } }