X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=config.c;h=ded510956a7a7305a1db4df40bfb1bc4e51b53d9;hb=89da2ddf564a93414ee9ab2df3f053608094e417;hp=657f6069a908e31a70faef2a5a22b13d0775cf57;hpb=54588750c9d878ae58bbba0c172a482260b36325;p=PuTTY.git

diff --git a/config.c b/config.c
index 657f6069..ded51095 100644
--- a/config.c
+++ b/config.c
@@ -356,7 +356,7 @@ static void cipherlist_handler(union control *ctrl, void *dlg,
     if (event == EVENT_REFRESH) {
 	int i;
 
-	static const struct { char *s; int c; } ciphers[] = {
+	static const struct { const char *s; int c; } ciphers[] = {
 	    { "3DES",			CIPHER_3DES },
 	    { "Blowfish",		CIPHER_BLOWFISH },
 	    { "DES",			CIPHER_DES },
@@ -372,7 +372,7 @@ static void cipherlist_handler(union control *ctrl, void *dlg,
 	for (i = 0; i < CIPHER_MAX; i++) {
 	    int c = conf_get_int_int(conf, CONF_ssh_cipherlist, i);
 	    int j;
-	    char *cstr = NULL;
+	    const char *cstr = NULL;
 	    for (j = 0; j < (sizeof ciphers) / (sizeof ciphers[0]); j++) {
 		if (ciphers[j].c == c) {
 		    cstr = ciphers[j].s;
@@ -428,11 +428,12 @@ static void kexlist_handler(union control *ctrl, void *dlg,
     if (event == EVENT_REFRESH) {
 	int i;
 
-	static const struct { char *s; int k; } kexes[] = {
+	static const struct { const char *s; int k; } kexes[] = {
 	    { "Diffie-Hellman group 1",		KEX_DHGROUP1 },
 	    { "Diffie-Hellman group 14",	KEX_DHGROUP14 },
 	    { "Diffie-Hellman group exchange",	KEX_DHGEX },
 	    { "RSA-based key exchange", 	KEX_RSA },
+            { "ECDH key exchange",              KEX_ECDH },
 	    { "-- warn below here --",		KEX_WARN }
 	};
 
@@ -443,7 +444,7 @@ static void kexlist_handler(union control *ctrl, void *dlg,
 	for (i = 0; i < KEX_MAX; i++) {
 	    int k = conf_get_int_int(conf, CONF_ssh_kexlist, i);
 	    int j;
-	    char *kstr = NULL;
+	    const char *kstr = NULL;
 	    for (j = 0; j < (sizeof kexes) / (sizeof kexes[0]); j++) {
 		if (kexes[j].k == k) {
 		    kstr = kexes[j].s;
@@ -471,7 +472,7 @@ static void printerbox_handler(union control *ctrl, void *dlg,
     if (event == EVENT_REFRESH) {
 	int nprinters, i;
 	printer_enum *pe;
-	char *printer;
+	const char *printer;
 
 	dlg_update_start(ctrl, dlg);
 	/*
@@ -568,6 +569,7 @@ struct sessionsaver_data {
 static void sessionsaver_data_free(void *ssdv)
 {
     struct sessionsaver_data *ssd = (struct sessionsaver_data *)ssdv;
+    get_sesslist(&ssd->sesslist, FALSE);
     sfree(ssd->savedsession);
     sfree(ssd);
 }
@@ -1117,7 +1119,8 @@ static void portfwd_handler(union control *ctrl, void *dlg,
 	}
     } else if (event == EVENT_ACTION) {
 	if (ctrl == pfd->addbutton) {
-	    char *family, *type, *src, *key, *val;
+	    const char *family, *type;
+            char *src, *key, *val;
 	    int whichbutton;
 
 #ifndef NO_IPV6
@@ -1176,7 +1179,8 @@ static void portfwd_handler(union control *ctrl, void *dlg,
 	    if (i < 0) {
 		dlg_beep(dlg);
 	    } else {
-		char *key, *val, *p;
+		char *key, *p;
+                const char *val;
 
 		key = conf_get_str_nthstrkey(conf, CONF_portfwd, i);
 		if (key) {
@@ -1448,7 +1452,7 @@ void setup_config_box(struct controlbox *b, int midsession,
      * logging can sensibly be available.
      */
     {
-	char *sshlogname, *sshrawlogname;
+	const char *sshlogname, *sshrawlogname;
 	if ((midsession && protocol == PROT_SSH) ||
 	    (!midsession && backend_from_proto(PROT_SSH))) {
 	    sshlogname = "SSH packets";
@@ -1925,7 +1929,7 @@ void setup_config_box(struct controlbox *b, int midsession,
 #endif
 
 	    {
-		char *label = backend_from_proto(PROT_SSH) ?
+		const char *label = backend_from_proto(PROT_SSH) ?
 		    "Logical name of remote host (e.g. for SSH key lookup):" :
 		    "Logical name of remote host:";
 		s = ctrl_getset(b, "Connection", "identity",
@@ -2136,7 +2140,8 @@ void setup_config_box(struct controlbox *b, int midsession,
 	ctrl_settitle(b, "Connection/SSH",
 		      "Options controlling SSH connections");
 
-	if (midsession && protcfginfo == 1) {
+	/* SSH-1 or connection-sharing downstream */
+	if (midsession && (protcfginfo == 1 || protcfginfo == -1)) {
 	    s = ctrl_getset(b, "Connection/SSH", "disclaimer", NULL);
 	    ctrl_text(s, "Nothing on this panel may be reconfigured in mid-"
 		      "session; it is only here so that sub-panels of it can "
@@ -2158,7 +2163,7 @@ void setup_config_box(struct controlbox *b, int midsession,
 			  I(CONF_ssh_no_shell));
 	}
 
-	if (!midsession || protcfginfo != 1) {
+	if (!midsession || !(protcfginfo == 1 || protcfginfo == -1)) {
 	    s = ctrl_getset(b, "Connection/SSH", "protocol", "Protocol options");
 
 	    ctrl_checkbox(s, "Enable compression", 'e',
@@ -2202,10 +2207,11 @@ void setup_config_box(struct controlbox *b, int midsession,
 
 	/*
 	 * The Connection/SSH/Kex panel. (Owing to repeat key
-	 * exchange, this is all meaningful in mid-session _if_
-	 * we're using SSH-2 or haven't decided yet.)
+	 * exchange, much of this is meaningful in mid-session _if_
+	 * we're using SSH-2 and are not a connection-sharing
+	 * downstream, or haven't decided yet.)
 	 */
-	if (protcfginfo != 1) {
+	if (protcfginfo != 1 && protcfginfo != -1) {
 	    ctrl_settitle(b, "Connection/SSH/Kex",
 			  "Options controlling SSH key exchange");
 
@@ -2231,7 +2237,14 @@ void setup_config_box(struct controlbox *b, int midsession,
 			 I(16));
 	    ctrl_text(s, "(Use 1M for 1 megabyte, 1G for 1 gigabyte etc)",
 		      HELPCTX(ssh_kex_repeat));
+	}
 
+	/*
+	 * Manual host key configuration is irrelevant mid-session,
+	 * as we enforce that the host key for rekeys is the
+	 * same as that used at the start of the session.
+	 */
+	if (!midsession) {
 	    s = ctrl_getset(b, "Connection/SSH/Kex", "hostkeys",
 			    "Manually configure host keys for this connection");
 
@@ -2269,7 +2282,7 @@ void setup_config_box(struct controlbox *b, int midsession,
             ctrl_columns(s, 1, 100);
 	}
 
-	if (!midsession || protcfginfo != 1) {
+	if (!midsession || !(protcfginfo == 1 || protcfginfo == -1)) {
 	    /*
 	     * The Connection/SSH/Cipher panel.
 	     */
@@ -2554,7 +2567,7 @@ void setup_config_box(struct controlbox *b, int midsession,
 
 	if (!midsession) {
 	    /*
-	     * The Connection/SSH/Bugs panel.
+	     * The Connection/SSH/Bugs panels.
 	     */
 	    ctrl_settitle(b, "Connection/SSH/Bugs",
 			  "Workarounds for SSH server bugs");
@@ -2582,6 +2595,12 @@ void setup_config_box(struct controlbox *b, int midsession,
 	    ctrl_droplist(s, "Miscomputes SSH-2 encryption keys", 'e', 20,
 			  HELPCTX(ssh_bugs_derivekey2),
 			  sshbug_handler, I(CONF_sshbug_derivekey2));
+
+	    ctrl_settitle(b, "Connection/SSH/More bugs",
+			  "Further workarounds for SSH server bugs");
+
+	    s = ctrl_getset(b, "Connection/SSH/More bugs", "main",
+			    "Detection of known bugs in SSH servers");
 	    ctrl_droplist(s, "Requires padding on SSH-2 RSA signatures", 'p', 20,
 			  HELPCTX(ssh_bugs_rsapad2),
 			  sshbug_handler, I(CONF_sshbug_rsapad2));
@@ -2594,8 +2613,11 @@ void setup_config_box(struct controlbox *b, int midsession,
 	    ctrl_droplist(s, "Ignores SSH-2 maximum packet size", 'x', 20,
 			  HELPCTX(ssh_bugs_maxpkt2),
 			  sshbug_handler, I(CONF_sshbug_maxpkt2));
-	    ctrl_droplist(s, "Replies to channel requests after channel close",
-                          'q', 20, HELPCTX(ssh_bugs_chanreq),
+	    ctrl_droplist(s, "Only supports pre-RFC4419 SSH-2 DH GEX", 'd', 20,
+			  HELPCTX(ssh_bugs_oldgex2),
+			  sshbug_handler, I(CONF_sshbug_oldgex2));
+	    ctrl_droplist(s, "Replies to requests on closed channels", 'q', 20,
+			  HELPCTX(ssh_bugs_chanreq),
 			  sshbug_handler, I(CONF_sshbug_chanreq));
 	}
     }