Add a new SSH2 bug: some servers apparently claim to be able to do

DH group exchange, but choke when you actually try it. Never
automatically enabled; manual control only.

git-svn-id: svn://svn.tartarus.org/sgt/putty@1982 cda61777-01e9-0310-a592-d414129be87e

diff --git a/doc/config.but b/doc/config.but
index 4193681..6af3546 100644 (file)
--- a/doc/config.but
+++ b/doc/config.but
@@ -1,4 +1,4 @@
-\versionid $Id: config.but,v 1.41 2002/09/23 09:55:11 jacob Exp $
+\versionid $Id: config.but,v 1.42 2002/09/26 18:37:33 simon Exp $
 
 \C{config} Configuring PuTTY
 
@@ -2005,7 +2005,7 @@ server, communication will fail.
 
 This is an SSH2-specific bug.
 
-\S{config-ssh-bug-ssh} \q{Requires padding on SSH2 RSA signatures}
+\S{config-ssh-bug-sig} \q{Requires padding on SSH2 RSA signatures}
 
 \cfg{winhelp-topic}{ssh.bugs.rsapad2}
 
@@ -2024,6 +2024,23 @@ to talking to OpenSSH.
 
 This is an SSH2-specific bug.
 
+\S{config-ssh-bug-dhgex} \q{Chokes on Diffie-Hellman group exchange}
+
+\cfg{winhelp-topic}{ssh.bugs.dhgex2}
+
+We have anecdotal evidence that some SSH servers claim to be able to
+perform Diffie-Hellman group exchange, but fail to actually do so
+when PuTTY tries to. If your SSH2 sessions spontaneously close
+immediately after opening the PuTTY window, it might be worth
+enabling the workaround for this bug to see if it helps.
+
+We have no hard evidence that any specific version of specific
+server software reliably demonstrates this bug. Therefore, PuTTY
+will never \e{assume} a server has this bug; if you want the
+workaround, you need to enable it manually.
+
+This is an SSH2-specific bug.
+
 \H{config-file} Storing configuration in a file
 
 PuTTY does not currently support storing its configuration in a file

diff --git a/putty.h b/putty.h
index d69339a..903695e 100644 (file)
--- a/putty.h
+++ b/putty.h
@@ -372,7 +372,8 @@ typedef struct {
     enum {
        BUG_AUTO, BUG_OFF, BUG_ON
     } sshbug_ignore1, sshbug_plainpw1, sshbug_rsa1,
-       sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2;
+       sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2,
+       sshbug_dhgex2;
 } Config;
 
 /*

diff --git a/settings.c b/settings.c
index faed9e5..ef0446f 100644 (file)
--- a/settings.c
+++ b/settings.c
@@ -309,6 +309,7 @@ void save_settings(char *section, int do_host, Config * cfg)
     write_setting_i(sesskey, "BugHMAC2", cfg->sshbug_hmac2);
     write_setting_i(sesskey, "BugDeriveKey2", cfg->sshbug_derivekey2);
     write_setting_i(sesskey, "BugRSAPad2", cfg->sshbug_rsapad2);
+    write_setting_i(sesskey, "BugDHGEx2", cfg->sshbug_dhgex2);
     close_settings_w(sesskey);
 }
 
@@ -583,6 +584,7 @@ void load_settings(char *section, int do_host, Config * cfg)
     }
     gppi(sesskey, "BugDeriveKey2", BUG_AUTO, &cfg->sshbug_derivekey2);
     gppi(sesskey, "BugRSAPad2", BUG_AUTO, &cfg->sshbug_rsapad2);
+    gppi(sesskey, "BugDHGEx2", BUG_AUTO, &cfg->sshbug_dhgex2);
 
     close_settings_r(sesskey);
 }

diff --git a/ssh.c b/ssh.c
index 3cc76be..e0fd106 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -183,6 +183,7 @@ static const char *const ssh2_disconnect_reasons[] = {
 #define BUG_CHOKES_ON_RSA                        8
 #define BUG_SSH2_RSA_PADDING                    16
 #define BUG_SSH2_DERIVEKEY                       32
+#define BUG_SSH2_DH_GEX                          64
 
 static int ssh_pkt_ctx = 0;
 
@@ -1742,6 +1743,14 @@ static void ssh_detect_bugs(char *vstring)
        ssh_remote_bugs |= BUG_SSH2_RSA_PADDING;
        logevent("We believe remote version has SSH2 RSA padding bug");
     }
+
+    if (cfg.sshbug_dhgex2 == BUG_ON) {
+       /*
+        * These versions have the SSH2 DH GEX bug.
+        */
+       ssh_remote_bugs |= BUG_SSH2_DH_GEX;
+       logevent("We believe remote version has SSH2 DH group exchange bug");
+    }
 }
 
 static int do_ssh_init(unsigned char c)
@@ -3648,6 +3657,9 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
     /* List key exchange algorithms. */
     ssh2_pkt_addstring_start();
     for (i = 0; i < lenof(kex_algs); i++) {
+       if (kex_algs[i] == &ssh_diffiehellman_gex &&
+           (ssh_remote_bugs & BUG_SSH2_DH_GEX))
+           continue;
        ssh2_pkt_addstring_str(kex_algs[i]->name);
        if (i < lenof(kex_algs) - 1)
            ssh2_pkt_addstring_str(",");
@@ -3754,6 +3766,9 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
     pktin.savedpos += 16;             /* skip garbage cookie */
     ssh2_pkt_getstring(&str, &len);    /* key exchange algorithms */
     for (i = 0; i < lenof(kex_algs); i++) {
+       if (kex_algs[i] == &ssh_diffiehellman_gex &&
+           (ssh_remote_bugs & BUG_SSH2_DH_GEX))
+           continue;
        if (in_commasep_string(kex_algs[i]->name, str, len)) {
            kex = kex_algs[i];
            break;

diff --git a/windlg.c b/windlg.c
index 5c8d048..fe3a1ad 100644 (file)
--- a/windlg.c
+++ b/windlg.c
@@ -548,6 +548,8 @@ enum { IDCX_ABOUT =
     IDC_BUGD_DERIVEKEY2,
     IDC_BUGS_RSAPAD2,
     IDC_BUGD_RSAPAD2,
+    IDC_BUGS_DHGEX2,
+    IDC_BUGD_DHGEX2,
     sshbugspanelend,
 
     selectionpanelstart,
@@ -1044,6 +1046,9 @@ char *help_context_cmd(int id)
       case IDC_BUGS_RSAPAD2:
       case IDC_BUGD_RSAPAD2:
        return "JI(`',`ssh.bugs.rsapad2')";
+      case IDC_BUGS_DHGEX2:
+      case IDC_BUGD_DHGEX2:
+       return "JI(`',`ssh.bugs.dhgex2')";
 
       default:
         return NULL;
@@ -1391,6 +1396,13 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess)
     SendDlgItemMessage(hwnd, IDC_BUGD_RSAPAD2, CB_SETCURSEL,
                       cfg.sshbug_rsapad2 == BUG_ON ? 2 :
                       cfg.sshbug_rsapad2 == BUG_OFF ? 1 : 0, 0);
+    SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_RESETCONTENT, 0, 0);
+    SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"Auto");
+    SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"Off");
+    SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_ADDSTRING, 0, (LPARAM)"On");
+    SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2, CB_SETCURSEL,
+                      cfg.sshbug_dhgex2 == BUG_ON ? 2 :
+                      cfg.sshbug_dhgex2 == BUG_OFF ? 1 : 0, 0);
 }
 
 struct treeview_faff {
@@ -1994,6 +2006,8 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
                      IDC_BUGS_DERIVEKEY2, IDC_BUGD_DERIVEKEY2, 20);
            staticddl(&cp, "Requires &padding on SSH2 RSA signatures",
                      IDC_BUGS_RSAPAD2, IDC_BUGD_RSAPAD2, 20);
+           staticddl(&cp, "Chokes on &Diffie-Hellman group exchange",
+                     IDC_BUGS_DHGEX2, IDC_BUGD_DHGEX2, 20);
            endbox(&cp);
        }
     }
@@ -3612,6 +3626,14 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
                                          index == 1 ? BUG_OFF : BUG_ON);
                }
                break;
+             case IDC_BUGD_DHGEX2:
+               if (HIWORD(wParam) == CBN_SELCHANGE) {
+                   int index = SendDlgItemMessage(hwnd, IDC_BUGD_DHGEX2,
+                                                  CB_GETCURSEL, 0, 0);
+                   cfg.sshbug_dhgex2 = (index == 0 ? BUG_AUTO :
+                                        index == 1 ? BUG_OFF : BUG_ON);
+               }
+               break;
            }
        return 0;
       case WM_HELP: