2002-03-16 15:49:28 +00:00
|
|
|
# -*- makefile -*-
|
|
|
|
#
|
|
|
|
# This file describes which PuTTY programs are made up from which
|
|
|
|
# object and resource files. It is processed into the various
|
|
|
|
# Makefiles by means of a Perl script. Makefile changes should
|
|
|
|
# really be made by editing this file and/or the Perl script, not
|
|
|
|
# by editing the actual Makefiles.
|
|
|
|
|
2004-04-25 09:04:38 +00:00
|
|
|
# ------------------------------------------------------------
|
|
|
|
# Top-level configuration.
|
|
|
|
|
|
|
|
# Overall project name.
|
|
|
|
!name putty
|
|
|
|
# Locations and types of output Makefiles.
|
2017-02-05 10:59:08 +00:00
|
|
|
!makefile clangcl windows/Makefile.clangcl
|
2004-11-16 22:14:56 +00:00
|
|
|
!makefile vc windows/Makefile.vc
|
|
|
|
!makefile vcproj windows/MSVC
|
2016-04-10 13:26:54 +00:00
|
|
|
!makefile cygwin windows/Makefile.mgw
|
2004-11-16 22:14:56 +00:00
|
|
|
!makefile lcc windows/Makefile.lcc
|
2004-04-25 09:04:38 +00:00
|
|
|
!makefile gtk unix/Makefile.gtk
|
2009-05-11 18:48:43 +00:00
|
|
|
!makefile unix unix/Makefile.ux
|
2014-02-22 18:01:32 +00:00
|
|
|
!makefile am Makefile.am
|
2005-08-22 20:37:13 +00:00
|
|
|
!makefile devcppproj windows/DEVCPP
|
2014-01-11 11:23:12 +00:00
|
|
|
!makefile vstudio10 windows/VS2010
|
|
|
|
!makefile vstudio12 windows/VS2012
|
2004-04-25 09:26:52 +00:00
|
|
|
# Source directories.
|
|
|
|
!srcdir charset/
|
2004-11-16 22:14:56 +00:00
|
|
|
!srcdir windows/
|
2004-04-25 09:26:52 +00:00
|
|
|
!srcdir unix/
|
2004-04-25 09:04:38 +00:00
|
|
|
|
2002-03-16 15:49:28 +00:00
|
|
|
# Help text added to the top of each Makefile, with /D converted
|
|
|
|
# into -D as appropriate for the particular Makefile.
|
|
|
|
|
|
|
|
!begin help
|
|
|
|
#
|
|
|
|
# Extra options you can set:
|
|
|
|
#
|
2005-05-21 14:35:21 +00:00
|
|
|
# - COMPAT=/DAUTO_WINSOCK (Windows only)
|
2002-03-16 15:49:28 +00:00
|
|
|
# Causes PuTTY to assume that <windows.h> includes its own WinSock
|
|
|
|
# header file, so that it won't try to include <winsock.h>.
|
|
|
|
#
|
2005-05-21 14:35:21 +00:00
|
|
|
# - COMPAT=/DWINSOCK_TWO (Windows only)
|
2002-03-16 15:49:28 +00:00
|
|
|
# Causes the PuTTY utilities to include <winsock2.h> instead of
|
|
|
|
# <winsock.h>, except Plink which _needs_ WinSock 2 so it already
|
|
|
|
# does this.
|
|
|
|
#
|
2005-05-21 14:35:21 +00:00
|
|
|
# - COMPAT=/DNO_SECURITY (Windows only)
|
2016-04-10 13:37:43 +00:00
|
|
|
# Disables use of <aclapi.h>, which is not available with some
|
|
|
|
# development environments (such as very old versions of the
|
|
|
|
# mingw/Cygwin GNU toolchain). This has the following effects:
|
|
|
|
# - Pageant won't care about the local user ID of processes
|
|
|
|
# accessing it; a version of Pageant built with this option
|
|
|
|
# will therefore refuse to run under NT-series OSes on
|
|
|
|
# security grounds (although it will run fine on Win95-series
|
|
|
|
# OSes where there is no access control anyway).
|
|
|
|
# - SSH connection sharing is disabled.
|
2017-01-28 21:56:28 +00:00
|
|
|
# - There is no support for restriction of the process ACLs.
|
2002-03-16 15:49:28 +00:00
|
|
|
#
|
2005-05-21 14:35:21 +00:00
|
|
|
# - COMPAT=/DNO_MULTIMON (Windows only)
|
2002-03-16 15:49:28 +00:00
|
|
|
# Disables PuTTY's use of <multimon.h>, which is not available
|
|
|
|
# with some development environments. This means that PuTTY's
|
|
|
|
# full-screen mode (configurable to work on Alt-Enter) will
|
|
|
|
# not behave usefully in a multi-monitor environment.
|
|
|
|
#
|
2006-12-28 20:56:01 +00:00
|
|
|
# - COMPAT=/DNO_HTMLHELP (Windows only)
|
|
|
|
# Disables PuTTY's use of <htmlhelp.h>, which is not available
|
|
|
|
# with some development environments. The resulting binary
|
|
|
|
# will only look for an old-style WinHelp file (.HLP/.CNT), and
|
|
|
|
# will ignore any .CHM file.
|
|
|
|
#
|
2016-04-10 13:40:39 +00:00
|
|
|
# If you don't have this header, you may be able to use the copy
|
|
|
|
# supplied with HTML Help Workshop.
|
2006-12-28 20:56:01 +00:00
|
|
|
#
|
2005-05-21 15:09:36 +00:00
|
|
|
# - RCFL=/DNO_MANIFESTS (Windows only)
|
2005-05-21 14:35:21 +00:00
|
|
|
# Disables inclusion of XML application manifests in the PuTTY
|
|
|
|
# binaries. This may be necessary to build for 64-bit Windows;
|
|
|
|
# the manifests are only included to use the XP GUI style on
|
|
|
|
# Windows XP, and the architecture tags are a lie on 64-bit.
|
|
|
|
#
|
2004-12-30 16:45:11 +00:00
|
|
|
# - COMPAT=/DNO_IPV6
|
|
|
|
# Disables PuTTY's ability to make IPv6 connections, enabling
|
|
|
|
# it to compile under development environments which do not
|
|
|
|
# support IPv6 in their header files.
|
|
|
|
#
|
2008-08-10 13:10:31 +00:00
|
|
|
# - COMPAT=/DNO_GSSAPI
|
|
|
|
# Disables PuTTY's ability to use GSSAPI functions for
|
|
|
|
# authentication and key exchange.
|
|
|
|
#
|
2010-05-19 18:22:17 +00:00
|
|
|
# - COMPAT=/DSTATIC_GSSAPI
|
|
|
|
# Causes PuTTY to try to link statically against the GSSAPI
|
|
|
|
# library instead of the default of doing it at run time.
|
|
|
|
#
|
2005-05-21 14:35:21 +00:00
|
|
|
# - COMPAT=/DMSVC4 (Windows only)
|
2002-03-16 15:49:28 +00:00
|
|
|
# - RCFL=/DMSVC4
|
|
|
|
# Makes a couple of minor changes so that PuTTY compiles using
|
|
|
|
# MSVC 4. You will also need /DNO_SECURITY and /DNO_MULTIMON.
|
|
|
|
#
|
2012-09-18 23:05:29 +00:00
|
|
|
# - COMPAT=/DNO_SECUREZEROMEMORY (Windows only)
|
|
|
|
# Disables PuTTY's use of SecureZeroMemory(), which is missing
|
2016-04-10 13:40:39 +00:00
|
|
|
# from some environments' header files.
|
2012-09-18 23:05:29 +00:00
|
|
|
#
|
2003-01-15 15:22:58 +00:00
|
|
|
# - XFLAGS=/DTELNET_DEFAULT
|
|
|
|
# Causes PuTTY to default to the Telnet protocol (in the absence
|
|
|
|
# of Default Settings and so on to the contrary). Normally PuTTY
|
|
|
|
# will default to SSH.
|
|
|
|
#
|
2002-03-16 15:49:28 +00:00
|
|
|
# - XFLAGS=/DDEBUG
|
|
|
|
# Causes PuTTY to enable internal debugging.
|
|
|
|
#
|
|
|
|
# - XFLAGS=/DMALLOC_LOG
|
|
|
|
# Causes PuTTY to emit a file called putty_mem.log, logging every
|
|
|
|
# memory allocation and free, so you can track memory leaks.
|
|
|
|
#
|
2005-05-21 14:35:21 +00:00
|
|
|
# - XFLAGS=/DMINEFIELD (Windows only)
|
2002-03-16 15:49:28 +00:00
|
|
|
# Causes PuTTY to use a custom memory allocator, similar in
|
|
|
|
# concept to Electric Fence, in place of regular malloc(). Wastes
|
|
|
|
# huge amounts of RAM, but should cause heap-corruption bugs to
|
|
|
|
# show up as GPFs at the point of failure rather than appearing
|
|
|
|
# later on as second-level damage.
|
|
|
|
#
|
2015-10-17 15:26:51 +00:00
|
|
|
# - XFLAGS=/DFUZZING
|
|
|
|
# Builds a version of PuTTY with some tweaks to make fuzz testing
|
|
|
|
# easier: the SSH random number generator is replaced by one that
|
|
|
|
# always returns the same thing. Note that this makes SSH
|
|
|
|
# completely insecure -- a FUZZING build should never be used to
|
|
|
|
# connect to a real server.
|
2002-03-16 15:49:28 +00:00
|
|
|
!end
|
|
|
|
|
2004-04-25 09:04:38 +00:00
|
|
|
# ------------------------------------------------------------
|
|
|
|
# Additional text added verbatim to each individual Makefile.
|
|
|
|
|
2017-01-21 14:57:31 +00:00
|
|
|
!cflags am version
|
Show the git commit hash in local dev builds too.
This is perhaps the more useful end of the mechanism I added in the
previous commit: now, when a developer runs a configure+make build
from a git checkout (rather than from a bob-built source tarball), the
Makefile will automatically run 'git rev-parse HEAD' and embed the
result in the binaries.
So now when I want to deploy my own bleeding-edge code for day-to-day
use on my own machine, I can easily check whether I've done it right
(e.g. did I install to the right prefix?), and also easily check
whether any given PuTTY or pterm has been restarted since I rolled out
a new version.
In order to arrange this (and in particular to force version.o to be
rebuilt when _any_ source file changes), I've had to reintroduce some
of the slightly painful Makefile nastiness that I removed in 4d8782e74
when I retired the 'manifest' system, namely having version.o depend
on a file empty.h, which in turn is trivially rebuilt by a custom make
rule whose dependencies include $(allsources). That's a bit
unfortunate, but I think acceptable: the main horribleness of the
manifest system was not that part, but the actual _manifests_, which
were there to arrange that if you modified the sources in a
distribution tarball the binaries would automatically switch to
reporting themselves as local builds rather than the version baked
into the tarball. I haven't reintroduced that part of the system: if
you check out a given git commit, modify the checked-out sources, and
build the result, the Makefile won't make any inconvenient attempts to
detect that, and the resulting build will still announce itself as the
git commit you started from.
2017-01-21 14:57:31 +00:00
|
|
|
!begin am
|
2017-01-21 14:57:31 +00:00
|
|
|
if AUTO_GIT_COMMIT
|
Show the git commit hash in local dev builds too.
This is perhaps the more useful end of the mechanism I added in the
previous commit: now, when a developer runs a configure+make build
from a git checkout (rather than from a bob-built source tarball), the
Makefile will automatically run 'git rev-parse HEAD' and embed the
result in the binaries.
So now when I want to deploy my own bleeding-edge code for day-to-day
use on my own machine, I can easily check whether I've done it right
(e.g. did I install to the right prefix?), and also easily check
whether any given PuTTY or pterm has been restarted since I rolled out
a new version.
In order to arrange this (and in particular to force version.o to be
rebuilt when _any_ source file changes), I've had to reintroduce some
of the slightly painful Makefile nastiness that I removed in 4d8782e74
when I retired the 'manifest' system, namely having version.o depend
on a file empty.h, which in turn is trivially rebuilt by a custom make
rule whose dependencies include $(allsources). That's a bit
unfortunate, but I think acceptable: the main horribleness of the
manifest system was not that part, but the actual _manifests_, which
were there to arrange that if you modified the sources in a
distribution tarball the binaries would automatically switch to
reporting themselves as local builds rather than the version baked
into the tarball. I haven't reintroduced that part of the system: if
you check out a given git commit, modify the checked-out sources, and
build the result, the Makefile won't make any inconvenient attempts to
detect that, and the resulting build will still announce itself as the
git commit you started from.
2017-01-21 14:57:31 +00:00
|
|
|
BUILT_SOURCES = empty.h
|
|
|
|
CLEANFILES = empty.h
|
2017-01-21 14:57:31 +00:00
|
|
|
libversion_a_CFLAGS += -DSOURCE_COMMIT=\"`git --git-dir=$(srcdir)/.git rev-parse HEAD 2>/dev/null`\"
|
Show the git commit hash in local dev builds too.
This is perhaps the more useful end of the mechanism I added in the
previous commit: now, when a developer runs a configure+make build
from a git checkout (rather than from a bob-built source tarball), the
Makefile will automatically run 'git rev-parse HEAD' and embed the
result in the binaries.
So now when I want to deploy my own bleeding-edge code for day-to-day
use on my own machine, I can easily check whether I've done it right
(e.g. did I install to the right prefix?), and also easily check
whether any given PuTTY or pterm has been restarted since I rolled out
a new version.
In order to arrange this (and in particular to force version.o to be
rebuilt when _any_ source file changes), I've had to reintroduce some
of the slightly painful Makefile nastiness that I removed in 4d8782e74
when I retired the 'manifest' system, namely having version.o depend
on a file empty.h, which in turn is trivially rebuilt by a custom make
rule whose dependencies include $(allsources). That's a bit
unfortunate, but I think acceptable: the main horribleness of the
manifest system was not that part, but the actual _manifests_, which
were there to arrange that if you modified the sources in a
distribution tarball the binaries would automatically switch to
reporting themselves as local builds rather than the version baked
into the tarball. I haven't reintroduced that part of the system: if
you check out a given git commit, modify the checked-out sources, and
build the result, the Makefile won't make any inconvenient attempts to
detect that, and the resulting build will still announce itself as the
git commit you started from.
2017-01-21 14:57:31 +00:00
|
|
|
empty.h: $(allsources)
|
|
|
|
echo '/* Empty file touched by automake makefile to force rebuild of version.o */' >$@
|
2017-01-21 14:57:31 +00:00
|
|
|
endif
|
Show the git commit hash in local dev builds too.
This is perhaps the more useful end of the mechanism I added in the
previous commit: now, when a developer runs a configure+make build
from a git checkout (rather than from a bob-built source tarball), the
Makefile will automatically run 'git rev-parse HEAD' and embed the
result in the binaries.
So now when I want to deploy my own bleeding-edge code for day-to-day
use on my own machine, I can easily check whether I've done it right
(e.g. did I install to the right prefix?), and also easily check
whether any given PuTTY or pterm has been restarted since I rolled out
a new version.
In order to arrange this (and in particular to force version.o to be
rebuilt when _any_ source file changes), I've had to reintroduce some
of the slightly painful Makefile nastiness that I removed in 4d8782e74
when I retired the 'manifest' system, namely having version.o depend
on a file empty.h, which in turn is trivially rebuilt by a custom make
rule whose dependencies include $(allsources). That's a bit
unfortunate, but I think acceptable: the main horribleness of the
manifest system was not that part, but the actual _manifests_, which
were there to arrange that if you modified the sources in a
distribution tarball the binaries would automatically switch to
reporting themselves as local builds rather than the version baked
into the tarball. I haven't reintroduced that part of the system: if
you check out a given git commit, modify the checked-out sources, and
build the result, the Makefile won't make any inconvenient attempts to
detect that, and the resulting build will still announce itself as the
git commit you started from.
2017-01-21 14:57:31 +00:00
|
|
|
!end
|
|
|
|
!begin >empty.h
|
|
|
|
/* Empty file touched by automake makefile to force rebuild of version.o */
|
|
|
|
!end
|
|
|
|
|
2005-10-04 14:13:28 +00:00
|
|
|
!begin vc vars
|
2014-11-01 14:44:16 +00:00
|
|
|
CFLAGS = $(CFLAGS) /DHAS_GSSAPI
|
2005-10-04 14:13:28 +00:00
|
|
|
!end
|
|
|
|
|
2017-02-05 10:59:08 +00:00
|
|
|
!begin clangcl vars
|
|
|
|
CFLAGS += /DHAS_GSSAPI
|
|
|
|
!end
|
|
|
|
|
2004-04-25 09:04:38 +00:00
|
|
|
# `make install' target for Unix.
|
|
|
|
!begin gtk
|
|
|
|
install:
|
2007-04-30 20:09:58 +00:00
|
|
|
mkdir -p $(DESTDIR)$(bindir) $(DESTDIR)$(man1dir)
|
2017-03-05 20:33:49 +00:00
|
|
|
$(INSTALL_PROGRAM) -m 755 pageant $(DESTDIR)$(bindir)/pageant
|
2004-04-25 09:04:38 +00:00
|
|
|
$(INSTALL_PROGRAM) -m 755 plink $(DESTDIR)$(bindir)/plink
|
|
|
|
$(INSTALL_PROGRAM) -m 755 pscp $(DESTDIR)$(bindir)/pscp
|
|
|
|
$(INSTALL_PROGRAM) -m 755 psftp $(DESTDIR)$(bindir)/psftp
|
|
|
|
$(INSTALL_PROGRAM) -m 755 pterm $(DESTDIR)$(bindir)/pterm
|
2005-01-11 10:45:43 +00:00
|
|
|
if test -n "$(UTMP_GROUP)"; then \
|
|
|
|
chgrp $(UTMP_GROUP) $(DESTDIR)$(bindir)/pterm && \
|
|
|
|
chmod 2755 $(DESTDIR)$(bindir)/pterm; \
|
|
|
|
elif test -n "$(UTMP_USER)"; then \
|
|
|
|
chown $(UTMP_USER) $(DESTDIR)$(bindir)/pterm && \
|
|
|
|
chmod 4755 $(DESTDIR)$(bindir)/pterm; \
|
|
|
|
fi
|
2004-04-25 09:04:38 +00:00
|
|
|
$(INSTALL_PROGRAM) -m 755 putty $(DESTDIR)$(bindir)/putty
|
|
|
|
$(INSTALL_PROGRAM) -m 755 puttygen $(DESTDIR)$(bindir)/puttygen
|
|
|
|
$(INSTALL_PROGRAM) -m 755 puttytel $(DESTDIR)$(bindir)/puttytel
|
2017-03-05 20:33:49 +00:00
|
|
|
$(INSTALL_DATA) -m 644 ../doc/pageant.1 $(DESTDIR)$(man1dir)/pageant.1
|
2004-04-25 09:04:38 +00:00
|
|
|
$(INSTALL_DATA) -m 644 ../doc/plink.1 $(DESTDIR)$(man1dir)/plink.1
|
|
|
|
$(INSTALL_DATA) -m 644 ../doc/pscp.1 $(DESTDIR)$(man1dir)/pscp.1
|
|
|
|
$(INSTALL_DATA) -m 644 ../doc/psftp.1 $(DESTDIR)$(man1dir)/psftp.1
|
|
|
|
$(INSTALL_DATA) -m 644 ../doc/pterm.1 $(DESTDIR)$(man1dir)/pterm.1
|
|
|
|
$(INSTALL_DATA) -m 644 ../doc/putty.1 $(DESTDIR)$(man1dir)/putty.1
|
|
|
|
$(INSTALL_DATA) -m 644 ../doc/puttygen.1 $(DESTDIR)$(man1dir)/puttygen.1
|
|
|
|
$(INSTALL_DATA) -m 644 ../doc/puttytel.1 $(DESTDIR)$(man1dir)/puttytel.1
|
|
|
|
|
|
|
|
install-strip:
|
|
|
|
$(MAKE) install INSTALL_PROGRAM="$(INSTALL_PROGRAM) -s"
|
|
|
|
!end
|
|
|
|
|
Switch to using automake for the Unix autoconfigured build.
mkfiles.pl no longer generates a Makefile.in, but instead generates a
Makefile.am on which mkauto.sh runs automake. This means that the
autoconfigured makefile now does build-time dependency tracking (a
standard feature of automake-generated makefiles), and is generally
more like what Unix people will expect.
Some of the old-style make command-line settings (VER=-DRELEASE=foo,
XFLAGS=-DDEBUG) will still work; the COMPAT settings are better done
by autoconfiguration, and my habitual 'XFLAGS="-g -O0"' for an easily
debuggable build will actually not work any more because CFLAGS is
specified _after_ XFLAGS, so I should instead write 'make CFLAGS=-O0'
(-g is the default in automake, removed at 'make install' time).
The new makefile will automatically degrade into one that builds the
command-line tools only, in the case where GTK could not be found. In
principle, therefore, it should be an adequate replacement for _both_
the static Unix makefiles, Makefile.gtk and Makefile.ux. I haven't
actually retired those in this commit, but I'm pretty tempted.
[originally from svn r9239]
2011-07-23 11:33:29 +00:00
|
|
|
# List the man pages for the automake makefile.
|
|
|
|
!begin am
|
2017-02-21 22:17:48 +00:00
|
|
|
if HAVE_GTK
|
|
|
|
man1_MANS = doc/plink.1 doc/pscp.1 doc/psftp.1 doc/puttygen.1 \
|
2017-02-21 22:24:26 +00:00
|
|
|
doc/pageant.1 doc/pterm.1 doc/putty.1 doc/puttytel.1
|
2017-02-21 22:17:48 +00:00
|
|
|
else
|
|
|
|
man1_MANS = doc/plink.1 doc/pscp.1 doc/psftp.1 doc/puttygen.1
|
|
|
|
endif
|
Switch to using automake for the Unix autoconfigured build.
mkfiles.pl no longer generates a Makefile.in, but instead generates a
Makefile.am on which mkauto.sh runs automake. This means that the
autoconfigured makefile now does build-time dependency tracking (a
standard feature of automake-generated makefiles), and is generally
more like what Unix people will expect.
Some of the old-style make command-line settings (VER=-DRELEASE=foo,
XFLAGS=-DDEBUG) will still work; the COMPAT settings are better done
by autoconfiguration, and my habitual 'XFLAGS="-g -O0"' for an easily
debuggable build will actually not work any more because CFLAGS is
specified _after_ XFLAGS, so I should instead write 'make CFLAGS=-O0'
(-g is the default in automake, removed at 'make install' time).
The new makefile will automatically degrade into one that builds the
command-line tools only, in the case where GTK could not be found. In
principle, therefore, it should be an adequate replacement for _both_
the static Unix makefiles, Makefile.gtk and Makefile.ux. I haven't
actually retired those in this commit, but I'm pretty tempted.
[originally from svn r9239]
2011-07-23 11:33:29 +00:00
|
|
|
!end
|
|
|
|
|
|
|
|
# In automake, chgrp/chmod pterm after installation, if configured to.
|
|
|
|
!begin am
|
|
|
|
if HAVE_SETID_CMD
|
|
|
|
install-exec-local:
|
|
|
|
@SETID_CMD@ $(bindir)/pterm
|
|
|
|
chmod @SETID_MODE@ $(bindir)/pterm
|
|
|
|
endif
|
|
|
|
!end
|
|
|
|
|
2016-03-23 22:14:13 +00:00
|
|
|
# In automake makefile, build the OS X app bundle, if configured in
|
|
|
|
# Quartz mode.
|
|
|
|
!begin am
|
|
|
|
if HAVE_QUARTZ
|
|
|
|
noinst_SCRIPTS = unix/PuTTY.app unix/Pterm.app
|
|
|
|
unix/PuTTY.app: unix/putty.bundle puttyapp osxlaunch
|
2017-11-26 10:58:56 +00:00
|
|
|
rm -rf $@ && PUTTY_GTK_PREFIX_FROM_MAKEFILE=$$(pkg-config --variable=prefix gtk+-3.0) gtk-mac-bundler $<
|
2016-03-23 22:14:13 +00:00
|
|
|
unix/Pterm.app: unix/pterm.bundle ptermapp osxlaunch
|
2017-11-26 10:58:56 +00:00
|
|
|
rm -rf $@ && PUTTY_GTK_PREFIX_FROM_MAKEFILE=$$(pkg-config --variable=prefix gtk+-3.0) gtk-mac-bundler $<
|
2016-03-23 22:14:13 +00:00
|
|
|
endif
|
|
|
|
!end
|
|
|
|
|
2007-01-09 23:47:15 +00:00
|
|
|
# Random symbols.
|
|
|
|
!begin cygwin vars
|
|
|
|
# _WIN32_IE is required to expose identifiers that only make sense on
|
|
|
|
# systems with IE5+ installed, such as some arguments to SHGetFolderPath().
|
2007-01-16 20:54:58 +00:00
|
|
|
# WINVER etc perform a similar function for FlashWindowEx().
|
2007-01-09 23:47:15 +00:00
|
|
|
CFLAGS += -D_WIN32_IE=0x0500
|
2007-01-16 20:54:58 +00:00
|
|
|
CFLAGS += -DWINVER=0x0500 -D_WIN32_WINDOWS=0x0410 -D_WIN32_WINNT=0x0500
|
2007-01-09 23:47:15 +00:00
|
|
|
!end
|
|
|
|
|
2004-04-25 09:04:38 +00:00
|
|
|
# ------------------------------------------------------------
|
2002-03-16 15:49:28 +00:00
|
|
|
# Definitions of object groups. A group name, followed by an =,
|
|
|
|
# followed by any number of objects or other already-defined group
|
|
|
|
# names. A line beginning `+' is assumed to continue the previous
|
|
|
|
# line.
|
|
|
|
|
2018-05-24 09:48:20 +00:00
|
|
|
# conf.c and its dependencies.
|
|
|
|
CONF = conf marshal
|
|
|
|
|
2004-05-22 10:36:50 +00:00
|
|
|
# Terminal emulator and its (platform-independent) dependencies.
|
|
|
|
TERMINAL = terminal wcwidth ldiscucs logging tree234 minibidi
|
2018-05-24 09:48:20 +00:00
|
|
|
+ config dialog CONF
|
2004-05-22 10:36:50 +00:00
|
|
|
|
2002-03-16 15:49:28 +00:00
|
|
|
# GUI front end and terminal emulator (putty, puttytel).
|
2017-04-03 19:30:18 +00:00
|
|
|
GUITERM = TERMINAL window windlg winctrls sizetip winprint winutils
|
2017-12-03 14:35:03 +00:00
|
|
|
+ wincfg sercfg winhelp winjump sessprep
|
2002-03-16 15:49:28 +00:00
|
|
|
|
2003-04-27 11:10:48 +00:00
|
|
|
# Same thing on Unix.
|
2015-07-27 19:06:02 +00:00
|
|
|
UXTERM = TERMINAL uxcfg sercfg uxucs uxprint timing callback miscucs
|
Divide the whole of gtkwin.c into three parts.
This lays further groundwork for the OS X GTK3 port, which is going to
have to deal with multiple sessions sharing the same process. gtkwin.c
was a bit too monolithic for this, since it included some
process-global runtime state (timers, toplevel callbacks), some
process startup stuff (gtk_init, gtk_main, argv processing) and some
per-session-window stuff.
The per-session stuff remains in gtkwin.c, with the top-level function
now being new_session_window() taking a Conf. The new gtkmain.c
contains the outer skeleton of pt_main(), handling argv processing and
one-off startup stuff like setlocale; and the new gtkcomm.c contains
the pieces of PuTTY infrastructure like timers and uxsel that are
shared between multiple sessions rather than reinstantiated per
session, which have been rewritten to use global variables rather than
fields in 'inst' (since it's now clear to me that they'll have to
apply to all the insts in existence at once).
There are still some lurking assumptions of one-session-per-process,
e.g. the use of gtk_main_quit when a session finishes, and the fact
that the config box insists on running as a separate invocation of
gtk_main so that one session's preliminary config box can't coexist
with another session already active. But this should make it possible
to at least write an OS X app good enough to start testing with, even
if it doesn't get everything quite right yet.
This change is almost entirely rearranging existing code, so it
shouldn't be seriously destabilising. But two noticeable actual
changes have happened, both pleasantly simplifying:
Firstly, the global-variables rewrite of gtkcomm.c has allowed the
post_main edifice to become a great deal simpler. Most of its
complexity was about remembering what 'inst' it had to call back to,
and in fact the right answer is that it shouldn't be calling back to
one at all. So now the post_main() called by gtkdlg.c has become the
same function as the old inst_post_main() that actually did the work,
instead of the two having to be connected by a piece of ugly plumbing.
Secondly, a piece of code that's vanished completely in this
refactoring is the temporary blocking of SIGCHLD around most of the
session setup code. This turns out to have been introduced in 2002,
_before_ I switched to using the intra-process signal pipe strategy
for SIGCHLD handling in 2003. So I now expect that we should be robust
in any case against receiving SIGCHLD at an inconvenient moment, and
hence there's no need to block it.
2016-03-22 21:24:30 +00:00
|
|
|
GTKTERM = UXTERM gtkwin gtkcfg gtkdlg gtkfont gtkcols gtkmisc xkeysym
|
2017-12-03 14:35:03 +00:00
|
|
|
+ x11misc gtkcomm sessprep
|
2017-11-27 19:38:02 +00:00
|
|
|
GTKMAIN = gtkmain cmdline
|
2003-03-29 19:52:50 +00:00
|
|
|
|
2002-03-16 15:49:28 +00:00
|
|
|
# Non-SSH back ends (putty, puttytel, plink).
|
2004-11-27 13:20:21 +00:00
|
|
|
NONSSH = telnet raw rlogin ldisc pinger
|
2002-03-16 15:49:28 +00:00
|
|
|
|
|
|
|
# SSH back end (putty, plink, pscp, psftp).
|
Add an actual SSH server program.
This server is NOT SECURE! If anyone is reading this commit message,
DO NOT DEPLOY IT IN A HOSTILE-FACING ENVIRONMENT! Its purpose is to
speak the server end of everything PuTTY speaks on the client side, so
that I can test that I haven't broken PuTTY when I reorganise its
code, even things like RSA key exchange or chained auth methods which
it's hard to find a server that speaks at all.
(For this reason, it's declared with [UT] in the Recipe file, so that
it falls into the same category as programs like testbn, which won't
be installed by 'make install'.)
Working title is 'Uppity', partly for 'Universal PuTTY Protocol
Interaction Test Yoke', but mostly because it looks quite like the
word 'PuTTY' with part of it reversed. (Apparently 'test yoke' is a
very rarely used term meaning something not altogether unlike 'test
harness', which is a bit of a stretch, but it'll do.)
It doesn't actually _support_ everything I want yet. At the moment,
it's a proof of concept only. But it has most of the machinery
present, and the parts it's missing - such as chained auth methods -
should be easy enough to add because I've built in the required
flexibility, in the form of an AuthPolicy object which can request
them if it wants to. However, the current AuthPolicy object is
entirely trivial, and will let in any user with the password "weasel".
(Another way in which this is not a production-ready server is that it
also has no interaction with the OS's authentication system. In
particular, it will not only let in any user with the same password,
but it won't even change uid - it will open shells and forwardings
under whatever user id you started it up as.)
Currently, the program can only speak the SSH protocol on its standard
I/O channels (using the new FdSocket facility), so if you want it to
listen on a network port, you'll have to run it from some kind of
separate listening program similar to inetd. For my own tests, I'm not
even doing that: I'm just having PuTTY spawn it as a local proxy
process, which also conveniently eliminates the risk of anyone hostile
connecting to it.
The bulk of the actual code reorganisation is already done by previous
commits, so this change is _mostly_ just dropping in a new set of
server-specific source files alongside the client-specific ones I
created recently. The remaining changes in the shared SSH code are
numerous, but all minor:
- a few extra parameters to BPP and PPL constructors (e.g. 'are you
in server mode?'), and pass both sets of SSH-1 protocol flags from
the login to the connection layer
- in server mode, unconditionally send our version string _before_
waiting for the remote one
- a new hook in the SSH-1 BPP to handle enabling compression in
server mode, where the message exchange works the other way round
- new code in the SSH-2 BPP to do _deferred_ compression the other
way round (the non-deferred version is still nicely symmetric)
- in the SSH-2 transport layer, some adjustments to do key derivation
either way round (swapping round the identifying letters in the
various hash preimages, and making sure to list the KEXINITs in the
right order)
- also in the SSH-2 transport layer, an if statement that controls
whether we send SERVICE_REQUEST and wait for SERVICE_ACCEPT, or
vice versa
- new ConnectionLayer methods for opening outgoing channels for X and
agent forwardings
- new functions in portfwd.c to establish listening sockets suitable
for remote-to-local port forwarding (i.e. not under the direction
of a Conf the way it's done on the client side).
2018-10-20 21:09:54 +00:00
|
|
|
SSHCOMMON = sshcommon sshrand
|
|
|
|
+ sshverstring sshcrc sshdes sshmd5 sshrsa sshsha sshblowf
|
|
|
|
+ sshdh sshcrcda sshpubk sshzlib sshdss ssharcf
|
|
|
|
+ sshaes sshccp sshsh256 sshsh512 sshbn sshmac marshal nullplug
|
|
|
|
+ sshgssc pgssapi sshecc wildcard ssh1censor ssh2censor ssh2bpp
|
|
|
|
+ ssh2transport ssh2transhk ssh2connection portfwd x11fwd
|
|
|
|
+ ssh1connection ssh1bpp
|
|
|
|
SSH = SSHCOMMON ssh ssh2bpp-bare
|
|
|
|
+ ssh1login ssh2userauth
|
|
|
|
+ pinger
|
|
|
|
+ sshshare aqsync agentf
|
|
|
|
+ mainchan ssh2kex-client ssh2connection-client ssh1connection-client
|
2015-11-24 22:02:24 +00:00
|
|
|
WINSSH = SSH winnoise wincapi winpgntc wingss winshare winnps winnpc
|
2013-11-17 14:05:41 +00:00
|
|
|
+ winhsock errsock
|
|
|
|
UXSSH = SSH uxnoise uxagentc uxgss uxshare
|
2002-03-16 15:49:28 +00:00
|
|
|
|
|
|
|
# SFTP implementation (pscp, psftp).
|
Add an SFTP server to the SSH server code.
Unlike the traditional Unix SSH server organisation, the SFTP server
is built into the same process as all the rest of the code. sesschan.c
spots a subsystem request for "sftp", and responds to it by
instantiating an SftpServer object and swapping out its own vtable for
one that talks to it.
(I rather like the idea of an object swapping its own vtable for a
different one in the middle of its lifetime! This is one of those
tricks that would be absurdly hard to implement in a 'proper' OO
language, but when you're doing vtables by hand in C, it's no more
difficult than any other piece of ordinary pointer manipulation. As
long as the methods in both vtables expect the same physical structure
layout, it doesn't cause a problem.)
The SftpServer object doesn't deal directly with SFTP packet formats;
it implements the SFTP server logic in a more abstract way, by having
a vtable method for each SFTP request type with an appropriate
parameter list. It sends its replies by calling methods in another
vtable called SftpReplyBuilder, which in the normal case will write an
SFTP reply packet to send back to the client. So SftpServer can focus
more or less completely on the details of a particular filesystem API
- and hence, the implementation I've got lives in the unix source
directory, and works directly with file descriptors and struct stat
and the like.
(One purpose of this abstraction layer is that I may well want to
write a second dummy implementation, for test-suite purposes, with
completely controllable behaviour, and now I have a handy place to
plug it in in place of the live filesystem.)
In between sesschan's parsing of the byte stream into SFTP packets and
the SftpServer object, there's a layer in the new file sftpserver.c
which does the actual packet decoding and encoding: each request
packet is passed to that, which pulls the fields out of the request
packet and calls the appropriate method of SftpServer. It also
provides the default SftpReplyBuilder which makes the output packet.
I've moved some code out of the previous SFTP client implementation -
basic packet construction code, and in particular the BinarySink/
BinarySource marshalling fuinction for fxp_attrs - into sftpcommon.c,
so that the two directions can share as much as possible.
2018-10-20 21:10:32 +00:00
|
|
|
SFTP = sftp sftpcommon int64 logging cmdline
|
2002-03-16 15:49:28 +00:00
|
|
|
|
2018-05-24 08:17:13 +00:00
|
|
|
# Miscellaneous objects appearing in all the utilities, or all the
|
|
|
|
# network ones, or the Unix or Windows subsets of those in turn.
|
|
|
|
MISC = misc marshal
|
Add an actual SSH server program.
This server is NOT SECURE! If anyone is reading this commit message,
DO NOT DEPLOY IT IN A HOSTILE-FACING ENVIRONMENT! Its purpose is to
speak the server end of everything PuTTY speaks on the client side, so
that I can test that I haven't broken PuTTY when I reorganise its
code, even things like RSA key exchange or chained auth methods which
it's hard to find a server that speaks at all.
(For this reason, it's declared with [UT] in the Recipe file, so that
it falls into the same category as programs like testbn, which won't
be installed by 'make install'.)
Working title is 'Uppity', partly for 'Universal PuTTY Protocol
Interaction Test Yoke', but mostly because it looks quite like the
word 'PuTTY' with part of it reversed. (Apparently 'test yoke' is a
very rarely used term meaning something not altogether unlike 'test
harness', which is a bit of a stretch, but it'll do.)
It doesn't actually _support_ everything I want yet. At the moment,
it's a proof of concept only. But it has most of the machinery
present, and the parts it's missing - such as chained auth methods -
should be easy enough to add because I've built in the required
flexibility, in the form of an AuthPolicy object which can request
them if it wants to. However, the current AuthPolicy object is
entirely trivial, and will let in any user with the password "weasel".
(Another way in which this is not a production-ready server is that it
also has no interaction with the OS's authentication system. In
particular, it will not only let in any user with the same password,
but it won't even change uid - it will open shells and forwardings
under whatever user id you started it up as.)
Currently, the program can only speak the SSH protocol on its standard
I/O channels (using the new FdSocket facility), so if you want it to
listen on a network port, you'll have to run it from some kind of
separate listening program similar to inetd. For my own tests, I'm not
even doing that: I'm just having PuTTY spawn it as a local proxy
process, which also conveniently eliminates the risk of anyone hostile
connecting to it.
The bulk of the actual code reorganisation is already done by previous
commits, so this change is _mostly_ just dropping in a new set of
server-specific source files alongside the client-specific ones I
created recently. The remaining changes in the shared SSH code are
numerous, but all minor:
- a few extra parameters to BPP and PPL constructors (e.g. 'are you
in server mode?'), and pass both sets of SSH-1 protocol flags from
the login to the connection layer
- in server mode, unconditionally send our version string _before_
waiting for the remote one
- a new hook in the SSH-1 BPP to handle enabling compression in
server mode, where the message exchange works the other way round
- new code in the SSH-2 BPP to do _deferred_ compression the other
way round (the non-deferred version is still nicely symmetric)
- in the SSH-2 transport layer, some adjustments to do key derivation
either way round (swapping round the identifying letters in the
various hash preimages, and making sure to list the KEXINITs in the
right order)
- also in the SSH-2 transport layer, an if statement that controls
whether we send SERVICE_REQUEST and wait for SERVICE_ACCEPT, or
vice versa
- new ConnectionLayer methods for opening outgoing channels for X and
agent forwardings
- new functions in portfwd.c to establish listening sockets suitable
for remote-to-local port forwarding (i.e. not under the direction
of a Conf the way it's done on the client side).
2018-10-20 21:09:54 +00:00
|
|
|
MISCNETCOMMON = timing callback MISC version tree234 CONF
|
|
|
|
MISCNET = MISCNETCOMMON be_misc settings proxy
|
2018-05-24 08:17:13 +00:00
|
|
|
WINMISC = MISCNET winstore winnet winhandl cmdline windefs winmisc winproxy
|
2017-04-03 19:30:18 +00:00
|
|
|
+ wintime winhsock errsock winsecur winucs miscucs
|
Add an actual SSH server program.
This server is NOT SECURE! If anyone is reading this commit message,
DO NOT DEPLOY IT IN A HOSTILE-FACING ENVIRONMENT! Its purpose is to
speak the server end of everything PuTTY speaks on the client side, so
that I can test that I haven't broken PuTTY when I reorganise its
code, even things like RSA key exchange or chained auth methods which
it's hard to find a server that speaks at all.
(For this reason, it's declared with [UT] in the Recipe file, so that
it falls into the same category as programs like testbn, which won't
be installed by 'make install'.)
Working title is 'Uppity', partly for 'Universal PuTTY Protocol
Interaction Test Yoke', but mostly because it looks quite like the
word 'PuTTY' with part of it reversed. (Apparently 'test yoke' is a
very rarely used term meaning something not altogether unlike 'test
harness', which is a bit of a stretch, but it'll do.)
It doesn't actually _support_ everything I want yet. At the moment,
it's a proof of concept only. But it has most of the machinery
present, and the parts it's missing - such as chained auth methods -
should be easy enough to add because I've built in the required
flexibility, in the form of an AuthPolicy object which can request
them if it wants to. However, the current AuthPolicy object is
entirely trivial, and will let in any user with the password "weasel".
(Another way in which this is not a production-ready server is that it
also has no interaction with the OS's authentication system. In
particular, it will not only let in any user with the same password,
but it won't even change uid - it will open shells and forwardings
under whatever user id you started it up as.)
Currently, the program can only speak the SSH protocol on its standard
I/O channels (using the new FdSocket facility), so if you want it to
listen on a network port, you'll have to run it from some kind of
separate listening program similar to inetd. For my own tests, I'm not
even doing that: I'm just having PuTTY spawn it as a local proxy
process, which also conveniently eliminates the risk of anyone hostile
connecting to it.
The bulk of the actual code reorganisation is already done by previous
commits, so this change is _mostly_ just dropping in a new set of
server-specific source files alongside the client-specific ones I
created recently. The remaining changes in the shared SSH code are
numerous, but all minor:
- a few extra parameters to BPP and PPL constructors (e.g. 'are you
in server mode?'), and pass both sets of SSH-1 protocol flags from
the login to the connection layer
- in server mode, unconditionally send our version string _before_
waiting for the remote one
- a new hook in the SSH-1 BPP to handle enabling compression in
server mode, where the message exchange works the other way round
- new code in the SSH-2 BPP to do _deferred_ compression the other
way round (the non-deferred version is still nicely symmetric)
- in the SSH-2 transport layer, some adjustments to do key derivation
either way round (swapping round the identifying letters in the
various hash preimages, and making sure to list the KEXINITs in the
right order)
- also in the SSH-2 transport layer, an if statement that controls
whether we send SERVICE_REQUEST and wait for SERVICE_ACCEPT, or
vice versa
- new ConnectionLayer methods for opening outgoing channels for X and
agent forwardings
- new functions in portfwd.c to establish listening sockets suitable
for remote-to-local port forwarding (i.e. not under the direction
of a Conf the way it's done on the client side).
2018-10-20 21:09:54 +00:00
|
|
|
UXMISCCOMMON = MISCNETCOMMON uxstore uxsel uxnet uxpeer uxmisc time
|
|
|
|
+ uxfdsock errsock
|
|
|
|
UXMISC = MISCNET UXMISCCOMMON uxproxy
|
|
|
|
|
|
|
|
# SSH server.
|
|
|
|
SSHSERVER = SSHCOMMON sshserver settings be_none logging ssh2kex-server
|
|
|
|
+ ssh2userauth-server sshrsag sshprime ssh2connection-server
|
Add an SFTP server to the SSH server code.
Unlike the traditional Unix SSH server organisation, the SFTP server
is built into the same process as all the rest of the code. sesschan.c
spots a subsystem request for "sftp", and responds to it by
instantiating an SftpServer object and swapping out its own vtable for
one that talks to it.
(I rather like the idea of an object swapping its own vtable for a
different one in the middle of its lifetime! This is one of those
tricks that would be absurdly hard to implement in a 'proper' OO
language, but when you're doing vtables by hand in C, it's no more
difficult than any other piece of ordinary pointer manipulation. As
long as the methods in both vtables expect the same physical structure
layout, it doesn't cause a problem.)
The SftpServer object doesn't deal directly with SFTP packet formats;
it implements the SFTP server logic in a more abstract way, by having
a vtable method for each SFTP request type with an appropriate
parameter list. It sends its replies by calling methods in another
vtable called SftpReplyBuilder, which in the normal case will write an
SFTP reply packet to send back to the client. So SftpServer can focus
more or less completely on the details of a particular filesystem API
- and hence, the implementation I've got lives in the unix source
directory, and works directly with file descriptors and struct stat
and the like.
(One purpose of this abstraction layer is that I may well want to
write a second dummy implementation, for test-suite purposes, with
completely controllable behaviour, and now I have a handy place to
plug it in in place of the live filesystem.)
In between sesschan's parsing of the byte stream into SFTP packets and
the SftpServer object, there's a layer in the new file sftpserver.c
which does the actual packet decoding and encoding: each request
packet is passed to that, which pulls the fields out of the request
packet and calls the appropriate method of SftpServer. It also
provides the default SftpReplyBuilder which makes the output packet.
I've moved some code out of the previous SFTP client implementation -
basic packet construction code, and in particular the BinarySink/
BinarySource marshalling fuinction for fxp_attrs - into sftpcommon.c,
so that the two directions can share as much as possible.
2018-10-20 21:10:32 +00:00
|
|
|
+ sesschan sftpcommon int64 sftpserver proxy cproxy ssh1login-server
|
Add an actual SSH server program.
This server is NOT SECURE! If anyone is reading this commit message,
DO NOT DEPLOY IT IN A HOSTILE-FACING ENVIRONMENT! Its purpose is to
speak the server end of everything PuTTY speaks on the client side, so
that I can test that I haven't broken PuTTY when I reorganise its
code, even things like RSA key exchange or chained auth methods which
it's hard to find a server that speaks at all.
(For this reason, it's declared with [UT] in the Recipe file, so that
it falls into the same category as programs like testbn, which won't
be installed by 'make install'.)
Working title is 'Uppity', partly for 'Universal PuTTY Protocol
Interaction Test Yoke', but mostly because it looks quite like the
word 'PuTTY' with part of it reversed. (Apparently 'test yoke' is a
very rarely used term meaning something not altogether unlike 'test
harness', which is a bit of a stretch, but it'll do.)
It doesn't actually _support_ everything I want yet. At the moment,
it's a proof of concept only. But it has most of the machinery
present, and the parts it's missing - such as chained auth methods -
should be easy enough to add because I've built in the required
flexibility, in the form of an AuthPolicy object which can request
them if it wants to. However, the current AuthPolicy object is
entirely trivial, and will let in any user with the password "weasel".
(Another way in which this is not a production-ready server is that it
also has no interaction with the OS's authentication system. In
particular, it will not only let in any user with the same password,
but it won't even change uid - it will open shells and forwardings
under whatever user id you started it up as.)
Currently, the program can only speak the SSH protocol on its standard
I/O channels (using the new FdSocket facility), so if you want it to
listen on a network port, you'll have to run it from some kind of
separate listening program similar to inetd. For my own tests, I'm not
even doing that: I'm just having PuTTY spawn it as a local proxy
process, which also conveniently eliminates the risk of anyone hostile
connecting to it.
The bulk of the actual code reorganisation is already done by previous
commits, so this change is _mostly_ just dropping in a new set of
server-specific source files alongside the client-specific ones I
created recently. The remaining changes in the shared SSH code are
numerous, but all minor:
- a few extra parameters to BPP and PPL constructors (e.g. 'are you
in server mode?'), and pass both sets of SSH-1 protocol flags from
the login to the connection layer
- in server mode, unconditionally send our version string _before_
waiting for the remote one
- a new hook in the SSH-1 BPP to handle enabling compression in
server mode, where the message exchange works the other way round
- new code in the SSH-2 BPP to do _deferred_ compression the other
way round (the non-deferred version is still nicely symmetric)
- in the SSH-2 transport layer, some adjustments to do key derivation
either way round (swapping round the identifying letters in the
various hash preimages, and making sure to list the KEXINITs in the
right order)
- also in the SSH-2 transport layer, an if statement that controls
whether we send SERVICE_REQUEST and wait for SERVICE_ACCEPT, or
vice versa
- new ConnectionLayer methods for opening outgoing channels for X and
agent forwardings
- new functions in portfwd.c to establish listening sockets suitable
for remote-to-local port forwarding (i.e. not under the direction
of a Conf the way it's done on the client side).
2018-10-20 21:09:54 +00:00
|
|
|
+ ssh1connection-server
|
2002-03-16 15:49:28 +00:00
|
|
|
|
2015-04-27 19:48:29 +00:00
|
|
|
# import.c and dependencies, for PuTTYgen-like utilities that have to
|
|
|
|
# load foreign key files.
|
2018-05-24 12:11:56 +00:00
|
|
|
IMPORT = import sshbcrypt sshblowf marshal
|
2015-04-27 19:48:29 +00:00
|
|
|
|
2002-12-31 12:20:34 +00:00
|
|
|
# Character set library, for use in pterm.
|
2003-04-05 16:36:11 +00:00
|
|
|
CHARSET = sbcsdat slookup sbcs utf8 toucs fromucs xenc mimeenc macenc localenc
|
2002-12-31 12:20:34 +00:00
|
|
|
|
2003-10-12 13:46:12 +00:00
|
|
|
# Standard libraries.
|
2017-03-13 21:42:44 +00:00
|
|
|
LIBS = advapi32.lib user32.lib gdi32.lib comdlg32.lib
|
2017-03-13 21:28:36 +00:00
|
|
|
+ shell32.lib imm32.lib ole32.lib
|
2002-03-16 15:49:28 +00:00
|
|
|
|
2004-08-30 13:11:17 +00:00
|
|
|
# Network backend sets. This also brings in the relevant attachment
|
|
|
|
# to proxy.c depending on whether we're crypto-avoidant or not.
|
|
|
|
BE_ALL = be_all cproxy
|
|
|
|
BE_NOSSH = be_nossh nocproxy
|
2011-07-27 18:43:16 +00:00
|
|
|
BE_SSH = be_ssh cproxy
|
2004-08-30 13:11:17 +00:00
|
|
|
BE_NONE = be_none nocproxy
|
2006-08-28 10:35:12 +00:00
|
|
|
# More backend sets, with the additional Windows serial-port module.
|
|
|
|
W_BE_ALL = be_all_s winser cproxy
|
|
|
|
W_BE_NOSSH = be_nos_s winser nocproxy
|
2006-08-28 14:29:02 +00:00
|
|
|
# And with the Unix serial-port module.
|
|
|
|
U_BE_ALL = be_all_s uxser cproxy
|
|
|
|
U_BE_NOSSH = be_nos_s uxser nocproxy
|
2004-08-30 13:11:17 +00:00
|
|
|
|
2004-04-25 09:04:38 +00:00
|
|
|
# ------------------------------------------------------------
|
2002-03-16 15:49:28 +00:00
|
|
|
# Definitions of actual programs. The program name, followed by a
|
|
|
|
# colon, followed by a list of objects. Also in the list may be the
|
2002-10-07 16:45:23 +00:00
|
|
|
# keywords [G] for Windows GUI app, [C] for Console app, [X] for
|
2010-09-25 08:37:30 +00:00
|
|
|
# X/GTK Unix app, [U] for command-line Unix app.
|
2002-03-16 15:49:28 +00:00
|
|
|
|
2008-11-17 18:38:09 +00:00
|
|
|
putty : [G] GUITERM NONSSH WINSSH W_BE_ALL WINMISC winx11 putty.res LIBS
|
2010-05-19 18:22:17 +00:00
|
|
|
puttytel : [G] GUITERM NONSSH W_BE_NOSSH WINMISC puttytel.res nogss LIBS
|
2006-08-28 10:35:12 +00:00
|
|
|
plink : [C] winplink wincons NONSSH WINSSH W_BE_ALL logging WINMISC
|
2017-12-03 14:35:03 +00:00
|
|
|
+ winx11 plink.res winnojmp sessprep noterm LIBS
|
2004-12-16 15:01:43 +00:00
|
|
|
pscp : [C] pscp winsftp wincons WINSSH BE_SSH SFTP wildcard WINMISC
|
2010-12-23 17:32:28 +00:00
|
|
|
+ pscp.res winnojmp LIBS
|
2005-02-28 00:17:09 +00:00
|
|
|
psftp : [C] psftp winsftp wincons WINSSH BE_SSH SFTP wildcard WINMISC
|
2010-12-23 17:32:28 +00:00
|
|
|
+ psftp.res winnojmp LIBS
|
2002-03-16 15:49:28 +00:00
|
|
|
|
2015-05-05 19:16:19 +00:00
|
|
|
pageant : [G] winpgnt pageant sshrsa sshpubk sshdes sshbn sshmd5 version
|
2018-05-24 08:17:13 +00:00
|
|
|
+ tree234 MISC sshaes sshsha winsecur winpgntc aqsync sshdss sshsh256
|
2015-05-05 19:16:19 +00:00
|
|
|
+ sshsh512 winutils sshecc winmisc winhelp conf pageant.res LIBS
|
2002-03-16 15:49:28 +00:00
|
|
|
|
2004-11-16 22:14:56 +00:00
|
|
|
puttygen : [G] winpgen sshrsag sshdssg sshprime sshdes sshbn sshmd5 version
|
2018-05-24 08:17:13 +00:00
|
|
|
+ sshrand winnoise sshsha winstore MISC winctrls sshrsa sshdss winmisc
|
2015-04-27 19:48:29 +00:00
|
|
|
+ sshpubk sshaes sshsh256 sshsh512 IMPORT winutils puttygen.res
|
2018-05-24 09:48:20 +00:00
|
|
|
+ tree234 notiming winhelp winnojmp CONF LIBS wintime sshecc
|
2016-04-02 07:00:07 +00:00
|
|
|
+ sshecdsag winsecur
|
2002-10-07 16:45:23 +00:00
|
|
|
|
2005-02-15 21:45:50 +00:00
|
|
|
pterm : [X] GTKTERM uxmisc misc ldisc settings uxpty uxsel BE_NONE uxstore
|
2007-01-06 20:01:30 +00:00
|
|
|
+ uxsignal CHARSET cmdline uxpterm version time xpmpterm xpmptcfg
|
2017-11-27 19:38:02 +00:00
|
|
|
+ nogss GTKMAIN
|
2006-08-28 14:29:02 +00:00
|
|
|
putty : [X] GTKTERM uxmisc misc ldisc settings uxsel U_BE_ALL uxstore
|
2007-01-06 20:01:30 +00:00
|
|
|
+ uxsignal CHARSET uxputty NONSSH UXSSH UXMISC ux_x11 xpmputty
|
2017-11-27 19:38:02 +00:00
|
|
|
+ xpmpucfg GTKMAIN
|
2006-08-28 14:29:02 +00:00
|
|
|
puttytel : [X] GTKTERM uxmisc misc ldisc settings uxsel U_BE_NOSSH
|
2007-01-06 20:01:30 +00:00
|
|
|
+ uxstore uxsignal CHARSET uxputty NONSSH UXMISC xpmputty xpmpucfg
|
2017-11-27 19:38:02 +00:00
|
|
|
+ nogss GTKMAIN
|
2002-10-31 19:49:52 +00:00
|
|
|
|
2006-08-28 14:29:02 +00:00
|
|
|
plink : [U] uxplink uxcons NONSSH UXSSH U_BE_ALL logging UXMISC uxsignal
|
2017-12-03 14:35:03 +00:00
|
|
|
+ ux_x11 noterm uxnogtk sessprep cmdline
|
2002-12-02 21:03:14 +00:00
|
|
|
|
2016-03-30 07:25:25 +00:00
|
|
|
PUTTYGEN_UNIX = sshrsag sshdssg sshprime sshdes sshbn sshmd5 version
|
2018-05-24 08:17:13 +00:00
|
|
|
+ sshrand uxnoise sshsha MISC sshrsa sshdss uxcons uxstore uxmisc
|
2015-04-27 19:48:29 +00:00
|
|
|
+ sshpubk sshaes sshsh256 sshsh512 IMPORT puttygen.res time tree234
|
2018-05-24 09:48:20 +00:00
|
|
|
+ uxgen notiming CONF sshecc sshecdsag uxnogtk
|
2016-03-30 07:25:25 +00:00
|
|
|
puttygen : [U] cmdgen PUTTYGEN_UNIX
|
|
|
|
cgtest : [UT] cgtest PUTTYGEN_UNIX
|
2004-01-22 19:15:32 +00:00
|
|
|
|
2017-02-15 19:29:05 +00:00
|
|
|
pscp : [U] pscp uxsftp uxcons UXSSH BE_SSH SFTP wildcard UXMISC uxnogtk
|
|
|
|
psftp : [U] psftp uxsftp uxcons UXSSH BE_SSH SFTP wildcard UXMISC uxnogtk
|
2003-08-24 12:47:46 +00:00
|
|
|
|
2017-01-29 20:24:15 +00:00
|
|
|
pageant : [X] uxpgnt uxagentc aqsync pageant sshrsa sshpubk sshdes sshbn
|
|
|
|
+ sshmd5 version tree234 misc sshaes sshsha sshdss sshsh256 sshsh512
|
2018-05-24 09:48:20 +00:00
|
|
|
+ sshecc CONF uxsignal nocproxy nogss be_none x11fwd ux_x11 uxcons
|
2018-10-14 17:48:02 +00:00
|
|
|
+ gtkask gtkmisc nullplug logging UXMISC uxagentsock
|
2015-05-05 19:16:23 +00:00
|
|
|
|
2016-03-23 22:22:30 +00:00
|
|
|
ptermapp : [XT] GTKTERM uxmisc misc ldisc settings uxpty uxsel BE_NONE uxstore
|
2017-11-27 19:38:02 +00:00
|
|
|
+ uxsignal CHARSET uxpterm version time xpmpterm xpmptcfg
|
|
|
|
+ nogss gtkapp nocmdline
|
2016-03-23 22:22:30 +00:00
|
|
|
puttyapp : [XT] GTKTERM uxmisc misc ldisc settings uxsel U_BE_ALL uxstore
|
|
|
|
+ uxsignal CHARSET uxputty NONSSH UXSSH UXMISC ux_x11 xpmputty
|
2017-11-27 19:38:02 +00:00
|
|
|
+ xpmpucfg gtkapp nocmdline
|
2016-03-23 22:13:30 +00:00
|
|
|
osxlaunch : [UT] osxlaunch
|
|
|
|
|
2017-01-21 14:55:53 +00:00
|
|
|
fuzzterm : [UT] UXTERM CHARSET misc version uxmisc uxucs fuzzterm time settings
|
2017-02-15 19:29:05 +00:00
|
|
|
+ uxstore be_none uxnogtk
|
2018-05-24 09:48:20 +00:00
|
|
|
testbn : [UT] testbn sshbn MISC version CONF tree234 uxmisc uxnogtk
|
|
|
|
testbn : [C] testbn sshbn MISC version CONF tree234 winmisc LIBS
|
2015-12-16 14:40:00 +00:00
|
|
|
|
Add an actual SSH server program.
This server is NOT SECURE! If anyone is reading this commit message,
DO NOT DEPLOY IT IN A HOSTILE-FACING ENVIRONMENT! Its purpose is to
speak the server end of everything PuTTY speaks on the client side, so
that I can test that I haven't broken PuTTY when I reorganise its
code, even things like RSA key exchange or chained auth methods which
it's hard to find a server that speaks at all.
(For this reason, it's declared with [UT] in the Recipe file, so that
it falls into the same category as programs like testbn, which won't
be installed by 'make install'.)
Working title is 'Uppity', partly for 'Universal PuTTY Protocol
Interaction Test Yoke', but mostly because it looks quite like the
word 'PuTTY' with part of it reversed. (Apparently 'test yoke' is a
very rarely used term meaning something not altogether unlike 'test
harness', which is a bit of a stretch, but it'll do.)
It doesn't actually _support_ everything I want yet. At the moment,
it's a proof of concept only. But it has most of the machinery
present, and the parts it's missing - such as chained auth methods -
should be easy enough to add because I've built in the required
flexibility, in the form of an AuthPolicy object which can request
them if it wants to. However, the current AuthPolicy object is
entirely trivial, and will let in any user with the password "weasel".
(Another way in which this is not a production-ready server is that it
also has no interaction with the OS's authentication system. In
particular, it will not only let in any user with the same password,
but it won't even change uid - it will open shells and forwardings
under whatever user id you started it up as.)
Currently, the program can only speak the SSH protocol on its standard
I/O channels (using the new FdSocket facility), so if you want it to
listen on a network port, you'll have to run it from some kind of
separate listening program similar to inetd. For my own tests, I'm not
even doing that: I'm just having PuTTY spawn it as a local proxy
process, which also conveniently eliminates the risk of anyone hostile
connecting to it.
The bulk of the actual code reorganisation is already done by previous
commits, so this change is _mostly_ just dropping in a new set of
server-specific source files alongside the client-specific ones I
created recently. The remaining changes in the shared SSH code are
numerous, but all minor:
- a few extra parameters to BPP and PPL constructors (e.g. 'are you
in server mode?'), and pass both sets of SSH-1 protocol flags from
the login to the connection layer
- in server mode, unconditionally send our version string _before_
waiting for the remote one
- a new hook in the SSH-1 BPP to handle enabling compression in
server mode, where the message exchange works the other way round
- new code in the SSH-2 BPP to do _deferred_ compression the other
way round (the non-deferred version is still nicely symmetric)
- in the SSH-2 transport layer, some adjustments to do key derivation
either way round (swapping round the identifying letters in the
various hash preimages, and making sure to list the KEXINITs in the
right order)
- also in the SSH-2 transport layer, an if statement that controls
whether we send SERVICE_REQUEST and wait for SERVICE_ACCEPT, or
vice versa
- new ConnectionLayer methods for opening outgoing channels for X and
agent forwardings
- new functions in portfwd.c to establish listening sockets suitable
for remote-to-local port forwarding (i.e. not under the direction
of a Conf the way it's done on the client side).
2018-10-20 21:09:54 +00:00
|
|
|
uppity : [UT] uxserver SSHSERVER UXMISC uxsignal uxnoise uxgss uxnogtk
|
Add an SFTP server to the SSH server code.
Unlike the traditional Unix SSH server organisation, the SFTP server
is built into the same process as all the rest of the code. sesschan.c
spots a subsystem request for "sftp", and responds to it by
instantiating an SftpServer object and swapping out its own vtable for
one that talks to it.
(I rather like the idea of an object swapping its own vtable for a
different one in the middle of its lifetime! This is one of those
tricks that would be absurdly hard to implement in a 'proper' OO
language, but when you're doing vtables by hand in C, it's no more
difficult than any other piece of ordinary pointer manipulation. As
long as the methods in both vtables expect the same physical structure
layout, it doesn't cause a problem.)
The SftpServer object doesn't deal directly with SFTP packet formats;
it implements the SFTP server logic in a more abstract way, by having
a vtable method for each SFTP request type with an appropriate
parameter list. It sends its replies by calling methods in another
vtable called SftpReplyBuilder, which in the normal case will write an
SFTP reply packet to send back to the client. So SftpServer can focus
more or less completely on the details of a particular filesystem API
- and hence, the implementation I've got lives in the unix source
directory, and works directly with file descriptors and struct stat
and the like.
(One purpose of this abstraction layer is that I may well want to
write a second dummy implementation, for test-suite purposes, with
completely controllable behaviour, and now I have a handy place to
plug it in in place of the live filesystem.)
In between sesschan's parsing of the byte stream into SFTP packets and
the SftpServer object, there's a layer in the new file sftpserver.c
which does the actual packet decoding and encoding: each request
packet is passed to that, which pulls the fields out of the request
packet and calls the appropriate method of SftpServer. It also
provides the default SftpReplyBuilder which makes the output packet.
I've moved some code out of the previous SFTP client implementation -
basic packet construction code, and in particular the BinarySink/
BinarySource marshalling fuinction for fxp_attrs - into sftpcommon.c,
so that the two directions can share as much as possible.
2018-10-20 21:10:32 +00:00
|
|
|
+ uxpty uxsftpserver ux_x11 uxagentsock
|
Add an actual SSH server program.
This server is NOT SECURE! If anyone is reading this commit message,
DO NOT DEPLOY IT IN A HOSTILE-FACING ENVIRONMENT! Its purpose is to
speak the server end of everything PuTTY speaks on the client side, so
that I can test that I haven't broken PuTTY when I reorganise its
code, even things like RSA key exchange or chained auth methods which
it's hard to find a server that speaks at all.
(For this reason, it's declared with [UT] in the Recipe file, so that
it falls into the same category as programs like testbn, which won't
be installed by 'make install'.)
Working title is 'Uppity', partly for 'Universal PuTTY Protocol
Interaction Test Yoke', but mostly because it looks quite like the
word 'PuTTY' with part of it reversed. (Apparently 'test yoke' is a
very rarely used term meaning something not altogether unlike 'test
harness', which is a bit of a stretch, but it'll do.)
It doesn't actually _support_ everything I want yet. At the moment,
it's a proof of concept only. But it has most of the machinery
present, and the parts it's missing - such as chained auth methods -
should be easy enough to add because I've built in the required
flexibility, in the form of an AuthPolicy object which can request
them if it wants to. However, the current AuthPolicy object is
entirely trivial, and will let in any user with the password "weasel".
(Another way in which this is not a production-ready server is that it
also has no interaction with the OS's authentication system. In
particular, it will not only let in any user with the same password,
but it won't even change uid - it will open shells and forwardings
under whatever user id you started it up as.)
Currently, the program can only speak the SSH protocol on its standard
I/O channels (using the new FdSocket facility), so if you want it to
listen on a network port, you'll have to run it from some kind of
separate listening program similar to inetd. For my own tests, I'm not
even doing that: I'm just having PuTTY spawn it as a local proxy
process, which also conveniently eliminates the risk of anyone hostile
connecting to it.
The bulk of the actual code reorganisation is already done by previous
commits, so this change is _mostly_ just dropping in a new set of
server-specific source files alongside the client-specific ones I
created recently. The remaining changes in the shared SSH code are
numerous, but all minor:
- a few extra parameters to BPP and PPL constructors (e.g. 'are you
in server mode?'), and pass both sets of SSH-1 protocol flags from
the login to the connection layer
- in server mode, unconditionally send our version string _before_
waiting for the remote one
- a new hook in the SSH-1 BPP to handle enabling compression in
server mode, where the message exchange works the other way round
- new code in the SSH-2 BPP to do _deferred_ compression the other
way round (the non-deferred version is still nicely symmetric)
- in the SSH-2 transport layer, some adjustments to do key derivation
either way round (swapping round the identifying letters in the
various hash preimages, and making sure to list the KEXINITs in the
right order)
- also in the SSH-2 transport layer, an if statement that controls
whether we send SERVICE_REQUEST and wait for SERVICE_ACCEPT, or
vice versa
- new ConnectionLayer methods for opening outgoing channels for X and
agent forwardings
- new functions in portfwd.c to establish listening sockets suitable
for remote-to-local port forwarding (i.e. not under the direction
of a Conf the way it's done on the client side).
2018-10-20 21:09:54 +00:00
|
|
|
|
2015-12-16 14:40:00 +00:00
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
# On Windows, provide a means of removing local test binaries that we
|
|
|
|
# aren't going to actually ship. (I prefer this to not building them
|
|
|
|
# in the first place, so that we find out about build breakage early.)
|
|
|
|
!begin vc
|
|
|
|
cleantestprogs:
|
2015-12-16 18:20:30 +00:00
|
|
|
-del $(BUILDDIR)testbn.exe
|
2015-12-16 14:40:00 +00:00
|
|
|
!end
|
2017-02-05 10:59:08 +00:00
|
|
|
!begin clangcl
|
|
|
|
cleantestprogs:
|
|
|
|
-rm -f $(BUILDDIR)testbn.exe
|
|
|
|
!end
|