From f3ee4dbe20cc935edc78d2fcdd37c24130f62e86 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Tue, 27 Apr 2021 17:58:28 +0100 Subject: [PATCH 1/2] Remove -Werror from all the default cflags. I've recently been coming round in general to the idea that -Werror is fine for developers and centralised binary builds, but has too many unanticipated failure modes in the field (with everyone's different versions of compilers, headers etc) to leave turned on for the 'just download and build' source tarball that's supposed to work everywhere. On main, I've already made the change to hide it behind a cmake 'strict' setting. In particular, I've just done pre-release build tests with various versions of GTK, which reminded me that the GTK 2 installation on Ubuntu 20.04 fails to build at -Werror, because GTK's own header files have a warning-generating inconsistency. (glib/gtypes.h declares GTimeVal as deprecated, and then gtk/gtktooltips.h uses it anyway.) Clearly this is the kind of thing that ought not to break the build of a client application! --- configure.ac | 4 ++-- mkfiles.pl | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/configure.ac b/configure.ac index 72874f32..51ea3691 100644 --- a/configure.ac +++ b/configure.ac @@ -10,7 +10,7 @@ AC_INIT(putty, X.XX) AC_CONFIG_FILES([Makefile]) AC_CONFIG_HEADERS([uxconfig.h:uxconfig.in]) -AM_INIT_AUTOMAKE([-Wall -Werror foreign]) +AM_INIT_AUTOMAKE([-Wall foreign]) AC_PROG_INSTALL AC_PROG_RANLIB @@ -198,7 +198,7 @@ AS_IF([test AS_VAR_GET(x_cv_linux_so_peercred) = yes], if test "x$GCC" = "xyes"; then : - AC_SUBST(WARNINGOPTS, ['-Wall -Werror -Wpointer-arith -Wvla']) + AC_SUBST(WARNINGOPTS, ['-Wall -Wpointer-arith -Wvla']) else : AC_SUBST(WARNINGOPTS, []) diff --git a/mkfiles.pl b/mkfiles.pl index 3282f359..b323e87f 100755 --- a/mkfiles.pl +++ b/mkfiles.pl @@ -549,7 +549,7 @@ if (defined $makefiles{'clangcl'}) { (join " ", map {"-I$dirpfx$_"} @srcdirs) . " /D_WINDOWS /D_WIN32_WINDOWS=0x500 /DWINVER=0x500 ". "/D_CRT_SECURE_NO_WARNINGS /D_WINSOCK_DEPRECATED_NO_WARNINGS"). - " -Werror \$(PLATFORMCFLAGS)\n". + " \$(PLATFORMCFLAGS)\n". "LFLAGS = /incremental:no /dynamicbase /nxcompat\n". &splitline("RCPPFLAGS = ".(join " ", map {"-I$dirpfx$_"} @srcdirs). " -DWIN32 -D_WIN32 -DWINVER=0x0400")." \$(RCFL)\n". @@ -1425,7 +1425,7 @@ if (defined $makefiles{'gtk'}) { "\n". "unexport CFLAGS # work around a weird issue with krb5-config\n". "\n". - &splitline("CFLAGS = -O2 -Wall -Werror -std=gnu99 -Wvla -g " . + &splitline("CFLAGS = -O2 -Wall -std=gnu99 -Wvla -g " . (join " ", map {"-I$dirpfx$_"} @srcdirs) . " \$(shell \$(GTK_CONFIG) --cflags)"). " -D _FILE_OFFSET_BITS=64\n". @@ -1506,7 +1506,7 @@ if (defined $makefiles{'unix'}) { "\n". "unexport CFLAGS # work around a weird issue with krb5-config\n". "\n". - &splitline("CFLAGS = -O2 -Wall -Werror -std=gnu99 -Wvla -g " . + &splitline("CFLAGS = -O2 -Wall -std=gnu99 -Wvla -g " . (join " ", map {"-I$dirpfx$_"} @srcdirs)). " -D _FILE_OFFSET_BITS=64\n". "ULDFLAGS = \$(LDFLAGS)\n". @@ -1748,7 +1748,7 @@ if (defined $makefiles{'osx'}) { print "CC = \$(TOOLPATH)gcc\n". "\n". - &splitline("CFLAGS = -O2 -Wall -Werror -std=gnu99 -Wvla -g " . + &splitline("CFLAGS = -O2 -Wall -std=gnu99 -Wvla -g " . (join " ", map {"-I$dirpfx$_"} @srcdirs))."\n". "MLDFLAGS = -framework Cocoa\n". "ULDFLAGS =\n". From fdfad6adca248ed56d1f32e0f1d0d853e78f2c3b Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sun, 2 May 2021 07:55:15 +0100 Subject: [PATCH 2/2] Fix accidental change to connshare pipe naming. Jacob spots that on Windows, current PuTTY is not compatible with 0.74, if one of them acts as a connection sharing upstream and the other as a downstream. That's because commit 1344d4d1cd84b58 accidentally changed the hash preimage in capi_obfuscate_string() so that it no longer had an SSH-like string length field at the front. So the two versions of PuTTY will expect the named pipe to have a different pathname, and so they won't be able to find each other. Interoperation between PuTTY versions is not the most important use case of connection sharing - surely the typical user will invoke it by activating the same session twice, or by using Duplicate Session. But it was never intended to deliberately _not_ work, so let's fix it before 0.75 goes out, so that at least the incompatible behaviour will only ever have appeared in development snapshots. --- windows/wincapi.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/windows/wincapi.c b/windows/wincapi.c index 8059f753..de78988b 100644 --- a/windows/wincapi.c +++ b/windows/wincapi.c @@ -71,7 +71,11 @@ char *capi_obfuscate_string(const char *realname) * We don't want to give away the length of the hostname either, * so having got it back out of CryptProtectMemory we now hash it. */ - hash_simple(&ssh_sha256, make_ptrlen(cryptdata, cryptlen), digest); + { + ssh_hash *h = ssh_hash_new(&ssh_sha256); + put_string(h, cryptdata, cryptlen); + ssh_hash_final(h, digest); + } sfree(cryptdata);