-\versionid $Id: config.but,v 1.41 2002/09/23 09:55:11 jacob Exp $
+\versionid $Id: config.but,v 1.42 2002/09/26 18:37:33 simon Exp $
\C{config} Configuring PuTTY
This is an SSH2-specific bug.
-\S{config-ssh-bug-ssh} \q{Requires padding on SSH2 RSA signatures}
+\S{config-ssh-bug-sig} \q{Requires padding on SSH2 RSA signatures}
\cfg{winhelp-topic}{ssh.bugs.rsapad2}
This is an SSH2-specific bug.
+\S{config-ssh-bug-dhgex} \q{Chokes on Diffie-Hellman group exchange}
+
+\cfg{winhelp-topic}{ssh.bugs.dhgex2}
+
+We have anecdotal evidence that some SSH servers claim to be able to
+perform Diffie-Hellman group exchange, but fail to actually do so
+when PuTTY tries to. If your SSH2 sessions spontaneously close
+immediately after opening the PuTTY window, it might be worth
+enabling the workaround for this bug to see if it helps.
+
+We have no hard evidence that any specific version of specific
+server software reliably demonstrates this bug. Therefore, PuTTY
+will never \e{assume} a server has this bug; if you want the
+workaround, you need to enable it manually.
+
+This is an SSH2-specific bug.
+
\H{config-file} Storing configuration in a file
PuTTY does not currently support storing its configuration in a file
enum {
BUG_AUTO, BUG_OFF, BUG_ON
} sshbug_ignore1, sshbug_plainpw1, sshbug_rsa1,
- sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2;
+ sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2,
+ sshbug_dhgex2;
} Config;
/*
write_setting_i(sesskey, "BugHMAC2", cfg->sshbug_hmac2);
write_setting_i(sesskey, "BugDeriveKey2", cfg->sshbug_derivekey2);
write_setting_i(sesskey, "BugRSAPad2", cfg->sshbug_rsapad2);
+ write_setting_i(sesskey, "BugDHGEx2", cfg->sshbug_dhgex2);
close_settings_w(sesskey);
}
}
gppi(sesskey, "BugDeriveKey2", BUG_AUTO, &cfg->sshbug_derivekey2);
gppi(sesskey, "BugRSAPad2", BUG_AUTO, &cfg->sshbug_rsapad2);
+ gppi(sesskey, "BugDHGEx2", BUG_AUTO, &cfg->sshbug_dhgex2);
close_settings_r(sesskey);
}
#define BUG_CHOKES_ON_RSA 8
#define BUG_SSH2_RSA_PADDING 16
#define BUG_SSH2_DERIVEKEY 32
+#define BUG_SSH2_DH_GEX 64
static int ssh_pkt_ctx = 0;
ssh_remote_bugs |= BUG_SSH2_RSA_PADDING;
logevent("We believe remote version has SSH2 RSA padding bug");
}
+
+ if (cfg.sshbug_dhgex2 == BUG_ON) {
+ /*
+ * These versions have the SSH2 DH GEX bug.
+ */
+ ssh_remote_bugs |= BUG_SSH2_DH_GEX;
+ logevent("We believe remote version has SSH2 DH group exchange bug");
+ }
}
static int do_ssh_init(unsigned char c)
/* List key exchange algorithms. */
ssh2_pkt_addstring_start();
for (i = 0; i < lenof(kex_algs); i++) {
+ if (kex_algs[i] == &ssh_diffiehellman_gex &&
+ (ssh_remote_bugs & BUG_SSH2_DH_GEX))
+ continue;
ssh2_pkt_addstring_str(kex_algs[i]->name);
if (i < lenof(kex_algs) - 1)
ssh2_pkt_addstring_str(",");
pktin.savedpos += 16; /* skip garbage cookie */
ssh2_pkt_getstring(&str, &len); /* key exchange algorithms */
for (i = 0; i < lenof(kex_algs); i++) {
+ if (kex_algs[i] == &ssh_diffiehellman_gex &&
+ (ssh_remote_bugs & BUG_SSH2_DH_GEX))
+ continue;
if (in_commasep_string(kex_algs[i]->name, str, len)) {
kex = kex_algs[i];
break;
IDC_BUGD_DERIVEKEY2,
IDC_BUGS_RSAPAD2,
IDC_BUGD_RSAPAD2,
+ IDC_BUGS_DHGEX2,
+ IDC_BUGD_DHGEX2,
sshbugspanelend,
selectionpanelstart,
case IDC_BUGS_RSAPAD2:
case IDC_BUGD_RSAPAD2:
return "JI(`',`ssh.bugs.rsapad2')";
+ case IDC_BUGS_DHGEX2:
+ case IDC_BUGD_DHGEX2:
+ return "JI(`',`ssh.bugs.dhgex2')";
default:
return NULL;
SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, CB_SETCURSEL,
cfg.sshbug_rsapad2 == BUG_ON ? 2 :
cfg.sshbug_rsapad2 == BUG_OFF ? 1 : 0, 0);
+ SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_RESETCONTENT, 0, 0);
+ SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"Auto");
+ SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"Off");
+ SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"On");
+ SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_SETCURSEL,
+ cfg.sshbug_dhgex2 == BUG_ON ? 2 :
+ cfg.sshbug_dhgex2 == BUG_OFF ? 1 : 0, 0);
}
struct treeview_faff {
IDC_BUGS_DERIVEKEY2, IDC_BUGD_DERIVEKEY2, 20);
staticddl(&cp, "Requires &padding on SSH2 RSA signatures",
IDC_BUGS_RSAPAD2, IDC_BUGD_RSAPAD2, 20);
+ staticddl(&cp, "Chokes on &Diffie-Hellman group exchange",
+ IDC_BUGS_DHGEX2, IDC_BUGD_DHGEX2, 20);
endbox(&cp);
}
}
index == 1 ? BUG_OFF : BUG_ON);
}
break;
+ case IDC_BUGD_DHGEX2:
+ if (HIWORD(wParam) == CBN_SELCHANGE) {
+ int index = SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2,
+ CB_GETCURSEL, 0, 0);
+ cfg.sshbug_dhgex2 = (index == 0 ? BUG_AUTO :
+ index == 1 ? BUG_OFF : BUG_ON);
+ }
+ break;
}
return 0;
case WM_HELP: