Inicio Explorar Ayuda
Registro Iniciar sesión
Apq
/
winscp
espejo de https://github.com/winscp/winscp.git
1
0
Fork 0
Archivos Incidencias 0 Wiki
Explorar el Código

Bug 1863: Allow turning off GSSAPI key exchange

https://winscp.net/tracker/1863
(cherry picked from commit d8792e4806a6e95c78e6aaf58fd0c57d701d9364)

# Conflicts:
#	source/core/SecureShell.cpp

Source commit: f7068cb3aab6e7710553956191fe48f3f593b7f8
Martin Prikryl hace 5 años
padre
a955057e7b
commit
8185237b19
Se han modificado 5 ficheros con 17 adiciones y 3 borrados
Dividir vista Mostrar estadísticas de diff
  1. 1 1
      source/core/SecureShell.cpp
  2. 10 0
      source/core/SessionData.cpp
  3. 3 0
      source/core/SessionData.h
  4. 2 2
      source/core/SessionInfo.cpp
  5. 1 0
      source/core/Terminal.cpp

+ 1 - 1
source/core/SecureShell.cpp
Ver fichero 

@@ -263,7 +263,7 @@ Conf * __fastcall TSecureShell::StoreToConfig(TSessionData * Data, bool Simple)
 
   conf_set_bool(conf, CONF_try_tis_auth, Data->AuthTIS);

   conf_set_bool(conf, CONF_try_ki_auth, Data->AuthKI);

   conf_set_bool(conf, CONF_try_gssapi_auth, Data->AuthGSSAPI);

-  conf_set_bool(conf, CONF_try_gssapi_kex, false);

+  conf_set_bool(conf, CONF_try_gssapi_kex, Data->AuthGSSAPIKEX);

   conf_set_bool(conf, CONF_gssapifwd, Data->GSSAPIFwdTGT);

   conf_set_bool(conf, CONF_change_username, Data->ChangeUsername);

+ 10 - 0
source/core/SessionData.cpp
Ver fichero 

@@ -133,6 +133,7 @@ void __fastcall TSessionData::DefaultSettings()
 
   AuthKI = true;

   AuthKIPassword = true;

   AuthGSSAPI = true;

+  AuthGSSAPIKEX = true;

   GSSAPIFwdTGT = false;

   LogicalHostName = L"";

   ChangeUsername = false;

@@ -378,6 +379,7 @@ void __fastcall TSessionData::NonPersistant()
 
   PROPERTY(AuthKI); \

   PROPERTY(AuthKIPassword); \

   PROPERTY(AuthGSSAPI); \

+  PROPERTY(AuthGSSAPIKEX); \

   PROPERTY(GSSAPIFwdTGT); \

   PROPERTY(DeleteToRecycleBin); \

   PROPERTY(OverwrittenToRecycleBin); \

@@ -646,6 +648,7 @@ void __fastcall TSessionData::DoLoad(THierarchicalStorage * Storage, bool PuttyI
 
   // to allow imports from all putty versions.

   // Both vaclav tomec and official putty use AuthGSSAPI

   AuthGSSAPI = Storage->ReadBool(L"AuthGSSAPI", Storage->ReadBool(L"AuthSSPI", AuthGSSAPI));

+  AuthGSSAPIKEX = Storage->ReadBool(L"AuthGSSAPIKEX", AuthGSSAPIKEX);

   GSSAPIFwdTGT = Storage->ReadBool(L"GSSAPIFwdTGT", Storage->ReadBool(L"GssapiFwd", Storage->ReadBool(L"SSPIFwdTGT", GSSAPIFwdTGT)));

   // KerbPrincipal was used by Quest PuTTY

   // GSSAPIServerRealm was used by Vaclav Tomec

@@ -995,6 +998,7 @@ void __fastcall TSessionData::DoSave(THierarchicalStorage * Storage,
 
   WRITE_DATA(String, Note);

 

   WRITE_DATA(Bool, AuthGSSAPI);

+  WRITE_DATA(Bool, AuthGSSAPIKEX);

   WRITE_DATA(Bool, GSSAPIFwdTGT);

   Storage->DeleteValue(L"TryGSSKEX");

   Storage->DeleteValue(L"UserNameFromEnvironment");

@@ -2554,6 +2558,11 @@ void __fastcall TSessionData::SetAuthGSSAPI(bool value)
 
   SET_SESSION_PROPERTY(AuthGSSAPI);

 }

 //---------------------------------------------------------------------

+void __fastcall TSessionData::SetAuthGSSAPIKEX(bool value)

+{

+  SET_SESSION_PROPERTY(AuthGSSAPIKEX);

+}

+//---------------------------------------------------------------------

 void __fastcall TSessionData::SetGSSAPIFwdTGT(bool value)

 {

   SET_SESSION_PROPERTY(GSSAPIFwdTGT);

@@ -4173,6 +4182,7 @@ void __fastcall TSessionData::DisableAuthentationsExceptPassword()
 
   AuthKI = false;

   AuthKIPassword = false;

   AuthGSSAPI = false;

+  AuthGSSAPIKEX = false;

   PublicKeyFile = L"";

   TlsCertificateFile = L"";

   Passphrase = L"";

+ 3 - 0
source/core/SessionData.h
Ver fichero 

@@ -117,6 +117,7 @@ private:
 
   bool FAuthKI;

   bool FAuthKIPassword;

   bool FAuthGSSAPI;

+  bool FAuthGSSAPIKEX;

   bool FGSSAPIFwdTGT;

   bool FChangeUsername;

   bool FCompression;

@@ -255,6 +256,7 @@ private:
 
   void __fastcall SetAuthKI(bool value);

   void __fastcall SetAuthKIPassword(bool value);

   void __fastcall SetAuthGSSAPI(bool value);

+  void __fastcall SetAuthGSSAPIKEX(bool value);

   void __fastcall SetGSSAPIFwdTGT(bool value);

   void __fastcall SetChangeUsername(bool value);

   void __fastcall SetCompression(bool value);

@@ -534,6 +536,7 @@ public:
 
   __property bool AuthKI  = { read=FAuthKI, write=SetAuthKI };

   __property bool AuthKIPassword  = { read=FAuthKIPassword, write=SetAuthKIPassword };

   __property bool AuthGSSAPI  = { read=FAuthGSSAPI, write=SetAuthGSSAPI };

+  __property bool AuthGSSAPIKEX  = { read=FAuthGSSAPIKEX, write=SetAuthGSSAPIKEX };

   __property bool GSSAPIFwdTGT = { read=FGSSAPIFwdTGT, write=SetGSSAPIFwdTGT };

   __property bool ChangeUsername  = { read=FChangeUsername, write=SetChangeUsername };

   __property bool Compression  = { read=FCompression, write=SetCompression };

+ 2 - 2
source/core/SessionInfo.cpp
Ver fichero 

@@ -1271,8 +1271,8 @@ void __fastcall TSessionLog::DoAddStartupInfo(TSessionData * Data)
 
          BooleanToEngStr(Data->AuthKI), BooleanToEngStr(Data->AuthGSSAPI)));

       if (Data->AuthGSSAPI)

       {

-        ADF(L"GSSAPI: Forwarding: %s; Libs: %s; Custom: %s",

-          (BooleanToEngStr(Data->GSSAPIFwdTGT), Data->GssLibList, Data->GssLibCustom));

+        ADF(L"GSSAPI: KEX: Forwarding: %s; Libs: %s; Custom: %s",

+          (BooleanToEngStr(Data->AuthGSSAPIKEX), BooleanToEngStr(Data->GSSAPIFwdTGT), Data->GssLibList, Data->GssLibCustom));

       }

       ADF(L"Ciphers: %s; Ssh2DES: %s",

         (Data->CipherList, BooleanToEngStr(Data->Ssh2DES)));

+ 1 - 0
source/core/Terminal.cpp
Ver fichero 

@@ -1442,6 +1442,7 @@ void __fastcall TTerminal::OpenTunnel()
 
 

     FTunnelData->SshNoUserAuth = FSessionData->SshNoUserAuth;

     FTunnelData->AuthGSSAPI = FSessionData->AuthGSSAPI;

+    FTunnelData->AuthGSSAPIKEX = FSessionData->AuthGSSAPIKEX;

     FTunnelData->GSSAPIFwdTGT = FSessionData->GSSAPIFwdTGT;

     FTunnelData->TryAgent = FSessionData->TryAgent;

     FTunnelData->AgentFwd = FSessionData->AgentFwd;