diff options
7 files changed, 208 insertions, 4 deletions
diff --git a/security/putty/Makefile b/security/putty/Makefile index b2d31c2b8aa9..a7ae097d6c5e 100644 --- a/security/putty/Makefile +++ b/security/putty/Makefile @@ -1,5 +1,5 @@ PORTNAME= putty -DISTVERSION= 0.81 +DISTVERSION= 0.82 PORTREVISION= 0 #DISTVERSIONSUFFIX= .0c59d49 CATEGORIES= security @@ -21,6 +21,8 @@ USE_PERL5= build CONFLICTS_INSTALL?= pssh* putty-nogtk* +PATCH_STRIP= -p1 + PLIST_FILES= bin/pageant \ bin/plink \ bin/pscp \ diff --git a/security/putty/distinfo b/security/putty/distinfo index d802e3c0fcf6..541b081ab0de 100644 --- a/security/putty/distinfo +++ b/security/putty/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1713247208 -SHA256 (putty-0.81.tar.gz) = cb8b00a94f453494e345a3df281d7a3ed26bb0dd7e36264f145206f8857639fe -SIZE (putty-0.81.tar.gz) = 2844616 +TIMESTAMP = 1734704014 +SHA256 (putty-0.82.tar.gz) = 195621638bb6b33784b4e96cdc296f332991b5244968dc623521c3703097b5d9 +SIZE (putty-0.82.tar.gz) = 2944148 diff --git a/security/putty/files/patch-296b6291d39c0cf118cd3081c3ab86a5889eb4d9 b/security/putty/files/patch-296b6291d39c0cf118cd3081c3ab86a5889eb4d9 new file mode 100644 index 000000000000..30de85c82802 --- /dev/null +++ b/security/putty/files/patch-296b6291d39c0cf118cd3081c3ab86a5889eb4d9 @@ -0,0 +1,33 @@ +From: Simon Tatham <anakin@pobox.com> +Date: Sat, 7 Dec 2024 19:28:44 +0000 (+0000) +Subject: Fix error message when KEXINIT negotiation fails. +X-Git-Url: https://git.tartarus.org/?p=simon%2Fputty.git;a=commitdiff_plain;h=7da3449586ea3e6faaa92663d32774e28cf4e2e3;hp=296b6291d39c0cf118cd3081c3ab86a5889eb4d9 + +Fix error message when KEXINIT negotiation fails. + +By putting the wrong error-type enum value in a ScanKexinitsResult, I +accidentally caused nonsense messages of the form + + Selected key exchange algorithm "foo,bar,baz" does not correspond to any supported algorithm + +where "foo,bar,baz" is the full comma-separated list sent by the +server, so it's not even _an_ algorithm as the message suggests. + +Now the message is the one it should have been all along: + + Couldn't agree a key exchange algorithm (available: foo,bar,baz) +--- + +diff --git a/ssh/transport2.c b/ssh/transport2.c +index 5dd73cfe..b8e0d1c6 100644 +--- a/ssh/transport2.c ++++ b/ssh/transport2.c +@@ -1166,7 +1166,7 @@ static ScanKexinitsResult ssh2_scan_kexinits( + * Otherwise, any match failure _is_ a fatal error. + */ + ScanKexinitsResult skr = { +- .success = false, .error = SKR_UNKNOWN_ID, ++ .success = false, .error = SKR_NO_AGREEMENT, + .kind = kexlist_descr[i], .desc = slists[i], + }; + return skr; diff --git a/security/putty/files/patch-6a88b294276b9c24584efa18b9a37f437fa46712 b/security/putty/files/patch-6a88b294276b9c24584efa18b9a37f437fa46712 new file mode 100644 index 000000000000..37bda1c8a77a --- /dev/null +++ b/security/putty/files/patch-6a88b294276b9c24584efa18b9a37f437fa46712 @@ -0,0 +1,50 @@ +From: Simon Tatham <anakin@pobox.com> +Date: Sat, 7 Dec 2024 09:37:15 +0000 (+0000) +Subject: GTK: fix a crash when clicking Cancel on Change Settings. +X-Git-Url: https://git.tartarus.org/?p=simon%2Fputty.git;a=commitdiff_plain;h=296b6291d39c0cf118cd3081c3ab86a5889eb4d9;hp=6a88b294276b9c24584efa18b9a37f437fa46712 + +GTK: fix a crash when clicking Cancel on Change Settings. + +I only observed this in the GTK1 build, but I don't know for sure it +can't happen in other situations, so there's no reason not to be +careful. + +What seems to happen is that when the user clicks Cancel on the Change +Settings dialog box, we call gtk_widget_destroy on the window, which +emits the "destroy" signal on the window, our handler for which frees +the whole dlgparam. But _then_ GTK goes through and cleans up all the +sub-widgets of the dialog box, and some of those generate extra +events. In particular, destroying a list box is done by first deleting +all the list entries - and if one of those is selected, the list box's +selection changes, triggering an event which calls our callback that +tries to look up the control in the dlgparam we just freed. + +My simple workaround is to defer actually freeing the dlgparam, via a +toplevel callback. Then it's still lying around empty while all those +random events are firing. +--- + +diff --git a/unix/dialog.c b/unix/dialog.c +index 835ad978..fa645b3a 100644 +--- a/unix/dialog.c ++++ b/unix/dialog.c +@@ -3345,9 +3345,18 @@ static void dlgparam_destroy(GtkWidget *widget, gpointer data) + sfree(dp->selparams[i]); + } + sfree(dp->selparams); ++ dp->selparams = NULL; + } + #endif +- sfree(dp); ++ /* ++ * Instead of freeing dp right now, defer it until we return to ++ * the GTK main loop. Then if any other last-minute GTK events ++ * happen while the rest of the widgets are being cleaned up, our ++ * handlers will still be able to try to look things up in dp. ++ * (They won't find anything - we've just emptied it - but at ++ * least they won't crash while trying.) ++ */ ++ queue_toplevel_callback(sfree, dp); + } + + static void messagebox_handler(dlgcontrol *ctrl, dlgparam *dp, diff --git a/security/putty/files/patch-7da3449586ea3e6faaa92663d32774e28cf4e2e3 b/security/putty/files/patch-7da3449586ea3e6faaa92663d32774e28cf4e2e3 new file mode 100644 index 000000000000..8c2427e006f9 --- /dev/null +++ b/security/putty/files/patch-7da3449586ea3e6faaa92663d32774e28cf4e2e3 @@ -0,0 +1,36 @@ +From: Simon Tatham <anakin@pobox.com> +Date: Wed, 4 Dec 2024 12:02:05 +0000 (+0100) +Subject: Fix use of aligned_alloc() to be ASan-clean. +X-Git-Url: https://git.tartarus.org/?p=simon%2Fputty.git;a=commitdiff_plain;h=c2d7ea8e67c462341e16d74e7a0ea42edd514635;hp=7da3449586ea3e6faaa92663d32774e28cf4e2e3 + +Fix use of aligned_alloc() to be ASan-clean. + +aligned_alloc() is used by testsc for all its memory allocation, to +avoid false-positive timing variations that depend on memory alignment +rather than actual secret data. But I'd forgotten that aligned_alloc +requires the allocation size to be a multiple of the requested +alignment. + +This showed up when I ran testsc in dry-run mode, and my normal build +happened to be using ASan, which complains at the invalid allocation +size. But it was theoretically a problem in all builds of +testsc. (Though, as far as I'm aware, not practically; and it _only_ +affected testsc.) +--- + +diff --git a/utils/memory.c b/utils/memory.c +index 0ba791ad..590be002 100644 +--- a/utils/memory.c ++++ b/utils/memory.c +@@ -35,7 +35,10 @@ void *safemalloc(size_t factor1, size_t factor2, size_t addend) + #ifdef MINEFIELD + p = minefield_c_malloc(size); + #elif defined ALLOCATION_ALIGNMENT +- p = aligned_alloc(ALLOCATION_ALIGNMENT, size); ++ /* aligned_alloc requires the allocation size to be rounded up */ ++ p = aligned_alloc( ++ ALLOCATION_ALIGNMENT, ++ (size + ALLOCATION_ALIGNMENT - 1) & ~(ALLOCATION_ALIGNMENT-1)); + #else + p = malloc(size); + #endif diff --git a/security/putty/files/patch-c72a86272446c0e4fb33c68601563549044b29e6 b/security/putty/files/patch-c72a86272446c0e4fb33c68601563549044b29e6 new file mode 100644 index 000000000000..ca26d6758f9d --- /dev/null +++ b/security/putty/files/patch-c72a86272446c0e4fb33c68601563549044b29e6 @@ -0,0 +1,40 @@ +From: Simon Tatham <anakin@pobox.com> +Date: Thu, 28 Nov 2024 18:30:48 +0000 (+0000) +Subject: Fix a build failure with NO_GSSAPI defined. +X-Git-Url: https://git.tartarus.org/?p=simon%2Fputty.git;a=commitdiff_plain;h=8805cf3d9a1bb39c190345b9820ecefa9cfe801d;hp=c72a86272446c0e4fb33c68601563549044b29e6 + +Fix a build failure with NO_GSSAPI defined. + +The stub no-gss.c still wanted to know the layout of the +ssh_gss_liblist structure, in order to fill it in with nothing. +--- + +diff --git a/ssh/gss.h b/ssh/gss.h +index c819d48b..d11a359f 100644 +--- a/ssh/gss.h ++++ b/ssh/gss.h +@@ -3,6 +3,13 @@ + #include "putty.h" + #include "pgssapi.h" + ++/* This struct is defined even in NO_GSSAPI mode, so that stubs/no-gss.c can ++ * return an instance of it containing no libraries */ ++struct ssh_gss_liblist { ++ struct ssh_gss_library *libraries; ++ int nlibraries; ++}; ++ + #ifndef NO_GSSAPI + + #define SSH2_GSS_OIDTYPE 0x06 +@@ -49,10 +56,6 @@ struct ssh_gss_library; + * The free function cleans up the structure, and its associated + * libraries (if any). + */ +-struct ssh_gss_liblist { +- struct ssh_gss_library *libraries; +- int nlibraries; +-}; + struct ssh_gss_liblist *ssh_gss_setup(Conf *conf); + void ssh_gss_cleanup(struct ssh_gss_liblist *list); + diff --git a/security/putty/files/patch-f8e1a2b3a934d750aba7c26d182f52d71952c529 b/security/putty/files/patch-f8e1a2b3a934d750aba7c26d182f52d71952c529 new file mode 100644 index 000000000000..b2b67f41e4f7 --- /dev/null +++ b/security/putty/files/patch-f8e1a2b3a934d750aba7c26d182f52d71952c529 @@ -0,0 +1,43 @@ +From: Simon Tatham <anakin@pobox.com> +Date: Sat, 14 Dec 2024 11:44:28 +0000 (+0000) +Subject: Fix assertion failure on Restart Session. +X-Git-Url: https://git.tartarus.org/?p=simon%2Fputty.git;a=commitdiff_plain;h=edd5e13ffc976025443e0b9d75888249aa3325a9;hp=f8e1a2b3a934d750aba7c26d182f52d71952c529 + +Fix assertion failure on Restart Session. + +This occurred if the SSH server closed the connection for any +reason (in practice usually a timeout, but reproducible more easily by +manually killing a test server process) while the user was in the +middle of any kind of interactive prompt-based login in the GUI PuTTY +terminal (be it simple password, k-i, private key passphrase, +whatever). + +The problem was that term->userpass_state wasn't cleaned up when the +connection died, and then if you started a fresh SSH session in the +same terminal, the attempt to create a new term->userpass_state would +find there was one already there. + +The simplest place to insert the missing cleanup is the call to +term_provide_backend(), because that's a terminal API function which +is already called to notify the terminal that one backend has gone +away and the next one has turned up. + +(In fact, it's called twice, once to set term->backend to NULL when +the first session closes, and again when the session is restarted. I +see no harm in making the cleanup unconditional, not bothering to tell +the difference between the two cases.) +--- + +diff --git a/terminal/terminal.c b/terminal/terminal.c +index e127ff6e..2db81c9a 100644 +--- a/terminal/terminal.c ++++ b/terminal/terminal.c +@@ -2374,6 +2374,8 @@ void term_resize_request_completed(Terminal *term) + void term_provide_backend(Terminal *term, Backend *backend) + { + term->backend = backend; ++ if (term->userpass_state) ++ term_userpass_state_free(term->userpass_state); + if (term->backend && term->cols > 0 && term->rows > 0) + backend_size(term->backend, term->cols, term->rows); + } |