could have got away with upping it to 256, but I didn't want a repeat
of the chaos when some server accidentally breaks that limit too...)
[originally from svn r1019]
with public key' message in SSH2 (it already doesn't in SSH1). It
shouldn't show the login banner either, since its output is probably
redirected to something which will choke on it.
[originally from svn r1011]
remote command from a local file. Advantage: you can have more than
one line in it, so you can remotely run what's effectively a small
script.
[originally from svn r1010]
primary (shell session) channel, rather than the one they were aimed
at. This _despite_ me having deliberately gone and looked the channel
ID up in the B-tree - I was ignoring the result by accident :-/
X forwarding should now work in SSH2 even on non-trivial clients (ie
things other than xdpyinfo).
[originally from svn r1007]
PROTOFLAG_SCREEN_NUMBER, without which OpenSSH 2.5.1 was objecting to
my gratuitous inclusion of a screen number in the SSH1 X forwarding
request. Ahem.
[originally from svn r1006]
printing them _before_ the username prompt. This apparently isn't very
serious because OpenSSH doesn't _send_ it before the username prompt,
but only in response to USERAUTH_REQUEST "none". Good job we do that!
[originally from svn r1005]
sensibly, as a release or a snapshot or a local build. With any luck
this should make bug reporting easier to handle, because anyone who
sends their Event Log should automatically include the version :-)
[originally from svn r1003]
contains a reference to a paper on the subject). Reduces time taken
for DH group exchange to the point where it's viable to enable it
all the time, so I have. :-)
[originally from svn r991]
compression. This involves introducing an option to disable Zlib
compression (that is, continue to work within the Zlib format but
output an uncompressed block) for the duration of a single packet.
[originally from svn r982]
Additionally, the ability to switch usernames if you mistype the
first one has been restored (although it didn't actually work
because OpenSSH didn't feel like playing; patch submitted :-).
[originally from svn r975]
error messages are currently wrong, and Pageant doesn't yet support
the new key type, and I haven't thoroughly tested that falling back
to password authentication and trying invalid keys etc all work. But
what I have here has successfully performed a public key
authentication, so it's working to at least some extent.
[originally from svn r973]
introduce another layer of abstraction in SSH2 ciphers, such that a
single `logical cipher' (as desired by a user) can equate to more
than one `physical cipher'. This is because AES comes in several key
lengths (PuTTY will pick the highest supported by the remote end)
and several different SSH2-protocol-level names (aes*-cbc,
rijndael*-cbc, and an unofficial one rijndael-cbc@lysator.liu.se).
[originally from svn r967]
(change the sense of #ifdef DO_DIFFIE_HELLMAN_GEX in ssh.c) because
it's _far_ too slow. Will be re-enabled once the bignum routines
work a bit faster (or rather a _lot_ faster).
[originally from svn r962]
version allows you to specify, per socket, which sockets receive OOB
data in-line (so that you know what was before the mark and what was
after) and which receive it out of line (so it's really a one-byte
out-of-band facility rather than discard-to-mark). This reflects the
fact that rlogin appears to make more sense in the latter mode, and
telnet in the former. This patch makes rlogin work right for me.
[originally from svn r921]
it's already NULL. The `Incorrect MAC' problem was causing
ssh2_rdpkt to bombout(), setting s to NULL, and then a secondary
bombout() was happening at the next level up, causing a segfault.
[originally from svn r909]
because the session id is the exchange hash from the _first_ key
exchange, so in subsequent key exchanges they're different.
[originally from svn r901]
multiple switchable line disciplines, we now have a single unified
one which changes its behaviour based on option settings. Each
option setting can be suggested by the back end and/or the terminal
handler, and can be forcibly overridden by the configuration. Local
echo and local line editing are separate, independently switchable,
options.
[originally from svn r895]
automatic fatalbox(). Instead, the error is passed to the receiver
routine, which can decide just how fatal the problem really is.
[originally from svn r894]
states where they're meaningful. In case Plink misses an EOF by
attempting to send it before reaching SSH_STATE_SESSION, it is
buffered and sent later. PINGs can be sent during any part of the
initialisation phase _except_ before deciding whether to use
protocol 1 or 2.
[originally from svn r850]
smalloc() macros and thence to the safemalloc() functions in misc.c.
This should allow me to plug in a debugging allocator and track
memory leaks and segfaults and things.
[originally from svn r818]
abstraction, so as to be able to re-use the same abstraction for
user authentication keys and probably in the SSH2 agent (when that
happens) as well.
[originally from svn r815]
if agent forwarding had not been negotiated on, and more
particularly even if it had been deliberately disabled by the user.
[originally from svn r814]
advantages:
- protocol modules can call sk_write() without having to worry
about writes blocking, because blocking writes are handled in the
abstraction layer and retried later.
- `Lost connection while sending' is a thing of the past.
- <winsock.h> is no longer needed in most modules, because
"putty.h" doesn't have to declare `SOCKET' variables any more,
only the abstracted `Socket' type.
- select()-equivalent between multiple sockets will now be handled
sensibly, which opens the way for things like SSH port
forwarding.
[originally from svn r744]
use when they have data from the network. Replaces the utterly daft
inbuf / inbuf_head / term_out() interface, which only made sense
when feeding to terminal.c. (terminal.c now implements
from_backend() as a small function that gateways to the old
interface.)
As a side effect, from_backend() also has an `is_stderr' parameter,
so scp can once again separate the server's pronouncements on stderr
from the actual protocol progress on stdout.
[originally from svn r729]
features (prompt for passphrase twice, prompt before overwriting a
file, check the key file was actually saved OK), testing of the
generated keys to make sure I got the file format right, and support
for a variable key size. I think what's already here is basically
sound though.
[originally from svn r715]
- cope with strange WinSock wrappers not supporting SIOCATMARK
- define yet more terminal compatibility modes
- support UK-ASCII (just like US-ASCII but # is a sterling sign)
- support connection keepalives at a configurable interval
[originally from svn r692]
