asedeno.scripts.mit.edu Git - PuTTY.git/commit

author	Simon Tatham <anakin@pobox.com>
	Tue, 29 Aug 2006 19:07:11 +0000 (19:07 +0000)
committer	Simon Tatham <anakin@pobox.com>
	Tue, 29 Aug 2006 19:07:11 +0000 (19:07 +0000)
commit	8b11c26c579d0c8aa92ec077941da3008e5a6638
tree	34a7b09a88d8884fd91e936a1676dc81c1a1844c	tree \| snapshot
parent	bb6482c35dca92a801046abe2dc2b665ee236e36	commit \| diff

New logging mode, which records the exact bytes sent over the wire
in an SSH connection _in addition_ to the decrypted packets. This
will hopefully come in useful for debugging wire data corruption
issues: you can strace the server, enable this mode in the client,
and compare the sent and received data.

I'd _like_ to have this mode also log Diffie-Hellman private
exponents, session IDs, encryption and MAC keys, so that the
resulting log file could be used to independently verify the
correctness of all cryptographic operations performed by PuTTY.
However, I haven't been able to convince myself that the security
implications are acceptable. (It doesn't matter that this
information would permit an attacker to decrypt the session, because
the _already_ decrypted session is stored alongside it in the log
file. And I'm not planning, under any circumstances, to log users'
private keys. But gaining access to the log file while the session
was still running would permit an attacker to _hijack_ the session,
and that's the iffy bit.)

[originally from svn r6835]

config.c		diff \| blob \| history
logging.c		diff \| blob \| history
putty.h		diff \| blob \| history
ssh.c		diff \| blob \| history