on Linux, but the (very few) platform-specific bits are already
abstracted out of the main code, so it should port to other
platforms with a minimum of fuss.
[originally from svn r3762]
functions have sprouted `**errorstr' arguments, which if non-NULL can
return a textual error message. The interface additions are patchy and
ad-hoc since this seemed to suit the style of the existing interfaces.
I've since realised that most of this is masked by sanity-checking that
gets done before these functions are called, but it will at least report
MAC failures and the like (tested on Unix), which was the original point
of the exercise.
Note that not everyone who could be using this information is at the
moment.
[originally from svn r3430]
with the crc32() function in the zlib interface. (Not that PuTTY
itself _uses_ zlib, but on Unix it's linked against libgtk which
uses libpng which uses zlib. And zlib has poor namespace management
so it defines this ridiculously intrusive function name. Arrrrgh.)
[originally from svn r3191]
underlying integer type forming the Bignum. Using this, arranged
that gcc/x86 uses 32-bit chunks rather than the guaranteed ANSI-
portable 16-bit chunks. This has gained another 30% on key exchanges
by my measurements, but I'm not yet convinced that it's all
perfectly robust - it seems to work fine for SSH1 and SSH2/RSA but
I haven't ensured that every bignum routine is actually being
tested, so it may yet show up problems in DSA or key generation.
[originally from svn r3135]
supports SOCKS 4, SOCKS 4A and SOCKS 5 (well, actually IPv6 in SOCKS
5 isn't supported, but it'll be no difficulty once I actually get
round to it). Thanks to Chas Honton for his `stone soup' patch: I
didn't end up actually using any of his code, but it galvanised me
into doing it properly myself :-)
[originally from svn r3055]
opaque to all platform-independent modules and only handled within
per-platform code. `Filename' is there because the Mac has a magic
way to store filenames (though currently this checkin doesn't
support it!); `FontSpec' is there so that all the auxiliary stuff
such as font height and charset and so on which is needed under
Windows but not Unix can be kept where it belongs, and so that I can
have a hope in hell of dealing with a font chooser in the forthcoming
cross-platform config box code, and best of all it gets the horrid
font height wart out of settings.c and into the Windows code where
it should be.
The Mac part of this checkin is a bunch of random guesses which will
probably not quite compile, but which look roughly right to me.
Sorry if I screwed it up, Ben :-)
[originally from svn r2765]
areas of the code. Not all back-ends have been tested, but Telnet and SSH
behave reasonably.
Incidentally, almost all of this patch was written through Mac PuTTY,
admittedly over a Telnet connection.
[originally from svn r2615]
proxy-indirection network functions (name_lookup, new_connection,
new_listener) takes a `const Config *' as an argument, and extracts
enough information from it before returning to handle that
particular network operation in accordance with the proxy settings
it specifies. This involved {win,ux}net.c due to a `const'
repercussion.
[originally from svn r2567]
the remote IP/port data provided by the server for forwarded
connections. Disabled by default, since it's incompatible with SSH2,
probably incompatible with some X clients, and tickles a bug in
at least one version of OpenSSH.
[originally from svn r2554]
we're going to be a security program, we can at least make a token
effort to use the most secure local X auth available! And I'm still
half-tempted to see if I can support it for remote X servers too...
[originally from svn r2537]
Windows and Mac backends have acquired auth-finding functions which
do nothing; Unix backend has acquired one which actually works, so
Plink can now do X forwarding believably.
(This checkin stretches into some unlikely parts of the code because
there have been one or two knock-on effects involving `const'. Bah.)
[originally from svn r2536]
from import.c to ssh.h, so that the implementation can see them. This
necessitates ssh.h's including <stdio.h>.
Also remove a spare prototype for base64_encode_atom() from import.c.
[originally from svn r2481]
absent, and also (I think) all the frontend request functions (such
as request_resize) take a context pointer, so that multiple windows
can be handled sensibly. I wouldn't swear to this, but I _think_
that only leaves the Unicode stuff as the last stubborn holdout.
[originally from svn r2147]
As a result I've now been able to turn the global variables `back'
and `backhandle' into module-level statics in the individual front
ends. Now _that's_ progress!
[originally from svn r2142]
each backend now stores all its internal variables in a big struct,
and each backend function gets a pointer to this struct passed to
it. This still isn't the end of the work - lots of subsidiary things
still use globals, notably all the cipher and compressor modules and
the X11 forwarding authentication stuff. But ssh.c itself has now
been transformed, and that was the really painful bit, so from here
on it all ought to be a sequence of much smaller and simpler pieces
of work.
[originally from svn r2127]
now be told that the key is the wrong type, _and_ what type it is,
rather than being given a blanket `unable to read key file' message.
[originally from svn r1662]
load a key that is already loaded. This makes command lines such as
`pageant mykey -c mycommand' almost infinitely more useful.
[originally from svn r1522]
now a passphrase-keyed MAC covering _all_ important data in the
file, including the public blob and the key comment. Should
conclusively scupper any attacks based on nobbling the key file in
an attempt to sucker the machine that decrypts it. MACing the
comment field also protects against a key-substitution attack (if
someone's worked out a way past our DSA protections and can extract
the private key from a signature, swapping key files and
substituting comments might just enable them to get the signature
they need to do this. Paranoid, but might as well).
[originally from svn r1413]
the Cygwin CFLAGS, and declare `struct ssh_channel' in ssh.h to
prevent gcc warning about scope-confined-to-parameter-list.
[originally from svn r1268]
scp1 if it can't. Currently not very tested - I checked it in as
soon as it completed a successful recursive copy in both directions.
Also, one known bug: you can't specify a remote wildcard, because by
the nature of SFTP we'll need to implement the wildcard engine on
the client side. I do intend to do this (and use the same wildcard
engine in PSFTP as well) but I haven't got round to it yet.
[originally from svn r1208]
by ceasing to listen on input channels if the corresponding output
channel isn't accepting data. Has had basic check-I-didn't-actually-
break-anything-too-badly testing, but hasn't been genuinely tested
in stress conditions (because concocting stress conditions is non-
trivial).
[originally from svn r1198]
Only currently works on SSH1; SSH2 should be doable but it's late
and I have other things to do tonight. The Cool Guy award for this
one goes to Nicolas Barry, for doing most of the work and actually
understanding the code he was adding to.
[originally from svn r1176]
spawn another command after starting Pageant. Also, if Pageant is
already running, `pageant keyfile' and `pageant -c command' will do
the Right Thing, that is, add the key to the _first_ Pageant and/or
run a command and then exit. The only time you now get the `Pageant
is already running' error is if you try to start the second copy
with no arguments.
NB the affected files in this checkin are rather wide-ranging
because I renamed the not really SSH1-specific
`ssh1_bignum_bitcount' function to just `bignum_bitcount'.
[originally from svn r1044]
sensibly, as a release or a snapshot or a local build. With any luck
this should make bug reporting easier to handle, because anyone who
sends their Event Log should automatically include the version :-)
[originally from svn r1003]
contains a reference to a paper on the subject). Reduces time taken
for DH group exchange to the point where it's viable to enable it
all the time, so I have. :-)
[originally from svn r991]
compression. This involves introducing an option to disable Zlib
compression (that is, continue to work within the Zlib format but
output an uncompressed block) for the duration of a single packet.
[originally from svn r982]
error messages are currently wrong, and Pageant doesn't yet support
the new key type, and I haven't thoroughly tested that falling back
to password authentication and trying invalid keys etc all work. But
what I have here has successfully performed a public key
authentication, so it's working to at least some extent.
[originally from svn r973]
introduce another layer of abstraction in SSH2 ciphers, such that a
single `logical cipher' (as desired by a user) can equate to more
than one `physical cipher'. This is because AES comes in several key
lengths (PuTTY will pick the highest supported by the remote end)
and several different SSH2-protocol-level names (aes*-cbc,
rijndael*-cbc, and an unofficial one rijndael-cbc@lysator.liu.se).
[originally from svn r967]
(change the sense of #ifdef DO_DIFFIE_HELLMAN_GEX in ssh.c) because
it's _far_ too slow. Will be re-enabled once the bignum routines
work a bit faster (or rather a _lot_ faster).
[originally from svn r962]
smalloc() macros and thence to the safemalloc() functions in misc.c.
This should allow me to plug in a debugging allocator and track
memory leaks and segfaults and things.
[originally from svn r818]
abstraction, so as to be able to re-use the same abstraction for
user authentication keys and probably in the SSH2 agent (when that
happens) as well.
[originally from svn r815]
features (prompt for passphrase twice, prompt before overwriting a
file, check the key file was actually saved OK), testing of the
generated keys to make sure I got the file format right, and support
for a variable key size. I think what's already here is basically
sound though.
[originally from svn r715]
functions as calls to the MS Crypto API. Not integrated into the
Makefile yet, but should eventually allow building of an SSH-enabled
PuTTY which contains no native crypto code, so it can be used
everywhere (and anyone who can get the MS encryption pack can still
use the SSH parts).
[originally from svn r425]
- NetHack keypad mode (Shift only works with NumLock off)
- Alt-Space handling (best I could manage; not too bad considering)
- Event Log rather than Telnet Negotiation Log
[originally from svn r284]
- Stop using the identifier `environ' as some platforms make it a macro
- Fix silly error box at end of connection in FWHACK mode
- Fix GPF on maximise-then-restore
- Use SetCapture to allow drag-selecting outside the window
- Correctly update window title when iconic and in win_name_always mode
[originally from svn r12]
