re-entrant call to its handler in config.c, which destroys the
previous value in cfg->line_codepage. Therefore, preserve the right
value in an automatic variable until all the re-entrant calls have
finished.
[originally from svn r8592]
While I'm here, a cosmetic PuTTYtel change: remove a reference to SSH from the
"logical host name" label in PuTTYtel only.
[originally from svn r8331]
[r8305 == ca6fc3a4da]
if we have no better ideas, with UI shamelessly stolen from Quest PuTTY.
Off by default, which effectively reverts the change to using the local
username by default that came in with GSSAPI support in r8138. Anyone wanting
seamless single sign-on will need to set the new option. (The previous
default behaviour was getting in the way in ad-hoc scenarios.)
Note that the PSCP and Unix-Plink behaviour of using the local username by
default have remained unchanged throughout; they are not affected by the new
option. Not sure if that's the Right Thing.
[originally from svn r8324]
[r8138 == de5dd9d65c]
on received data. Experiment and suggestion suggest that the character set
configuration applies equally to keystrokes sent to the server, or at least
that that's close enough to being true that we should document it as a first
approximation.
[originally from svn r8209]
read uninitialised (because the only circumstance under which it
isn't initialised is when "update" is FALSE, in which case it isn't
read either). Placate it.
[originally from svn r8119]
The colour list box beeped at the user whenever it found that
something other than exactly one colour was selected. This seems to
happen implicitly in Gtk when the pane is changed. In Gtk1, this gave
you a beep whenever you left the Colours dialog after having selected
a colour from the list; in Gtk2, you additionally got a beep _every_
time you subsequently re-entered the Colours dialog (for reasons I
haven't investigated). Windows was unaffected.
Also, in Gtk (unlike Windows), it's possible for the user to go back
to the state where no items in the list box are selected at all.
For these reasons, stop beeping at the user, and instead blank the RGB
edit boxes as a hint that edits to them would be futile. (Really we
should be disabling them entirely, but the cross-platform edit
controls aren't up to that yet.)
[originally from svn r8074]
to manually tweak the host name and port number under which the SSH
host key is read and written.
I've put it in the cross-platform Connection panel. Partly under the
flimsy pretext that other backends _can_ use it if they so wish (and
in fact it overrides the host name for title-bar purposes in all
network backends, though it has no other effect in anything but
SSH); but mostly because the SSH panel was too full already :-)
[originally from svn r8033]
advertise so that the server can't exceed our maximum packet size.
Enable it for "1.36_sshlib GlobalSCAPE" which apparently sends oversize
packets otherwise.
[originally from svn r7804]
port number in the GUI when the connection type is changed if the current
port number is the standard one for the current protocol.
It's not perfect, but it should make the common case of tabbing through the
Session panel easier when starting non-SSH connections on odd ports.
[originally from svn r7635]
Should be no significant change in behaviour.
(Well, entering usernames containing commas on Plink's command line will be
a little harder now.)
[originally from svn r7628]
(SSH tunnels, TTY modes, and environment variables), when the Remove button is
pressed, populate the edit controls from the entry that has just been deleted.
Several users have requested this, as it makes editing an entry easier (read-
modify-write) in the cases where order is unimportant, and also provides a
degree of undo-ability.
[originally from svn r7298]
launchable session without getting confused by it, we can relax the
restriction on storing a host name in DS, which has attracted a
steady stream of complaints over the past six or seven years.
[originally from svn r7266]
represent a launchable session, unless the user can be construed to
have really meant it. This means:
- starting up PuTTY when the Default Settings are launchable still
brings up the config box, and you have to hit Open to actually
launch that session
- double-clicking on Default Settings from the config box will load
them but not launch them.
On the other hand:
- explicitly loading the Default Settings on the command line using
`-load' _does_ still launch them.
[originally from svn r7265]
We now have an option where a remote window title query returns a well-formed
response containing the empty string. This should keep stop any server-side
application that was expecting a response from hanging, while not permitting
the response to be influenced by an attacker.
We also retain the ability to stay schtum. The existing checkbox has thus
grown into a set of radio buttons.
I've changed the default to the "empty string" response, even in the backward-
compatibility mode of loading old settings, which is a change in behaviour;
any users who want the old behaviour back will have to explicitly select it. I
think this is probably the Right Thing. (The only drawback I can think of is
that an attacker could still potentially use the relevant fixed strings for
mischief, but we already have other, similar reports.)
[originally from svn r7043]
in an SSH connection _in addition_ to the decrypted packets. This
will hopefully come in useful for debugging wire data corruption
issues: you can strace the server, enable this mode in the client,
and compare the sent and received data.
I'd _like_ to have this mode also log Diffie-Hellman private
exponents, session IDs, encryption and MAC keys, so that the
resulting log file could be used to independently verify the
correctness of all cryptographic operations performed by PuTTY.
However, I haven't been able to convince myself that the security
implications are acceptable. (It doesn't matter that this
information would permit an attacker to decrypt the session, because
the _already_ decrypted session is stored alongside it in the log
file. And I'm not planning, under any circumstances, to log users'
private keys. But gaining access to the log file while the session
was still running would permit an attacker to _hijack_ the session,
and that's the iffy bit.)
[originally from svn r6835]
in place of making a network connection. This has involved a couple
of minor infrastructure changes:
- New dlg_label_change() function in the dialog.h interface, which
alters the label on a control. Only used, at present, to switch
the Host Name and Port boxes into Serial Line and Speed, which
means that any platform not implementing serial connections (i.e.
currently all but Windows) does not need to actually do anything
in this function. Yet.
- New small piece of infrastructure: cfg_launchable() determines
whether a Config structure describes a session ready to be
launched. This was previously determined by seeing if it had a
non-empty host name, but it has to check the serial line as well
so there's a centralised function for it. I haven't gone through
all front ends and arranged for this function to be used
everywhere it needs to be; so far I've only checked Windows.
- Similarly, cfg_dest() returns the destination of a connection
(host name or serial line) in a text format suitable for putting
into messages such as `Unable to connect to %s'.
[originally from svn r6815]
Pageant for local authentication. (This is a `don't use Pageant for
authentication at session startup' button rather than a `pretend
Pageant doesn't exist' button: that is, agent forwarding is
independent of this option.)
[originally from svn r6572]
in the session name box. Thwarted on Unix by GTK not automatically
scrolling the listbox to the selected item, but we can fix that in
the platform-specific side later.
[originally from svn r6337]
there are servers which could in principle operate in this mode, although I
don't know if any do in practice. (Hence, I haven't been able to test it.)
[originally from svn r5748]
[this svn revision also touched putty-wishlist]
Unix Plink sends everything sensible it can find, and it's fully configurable
from the GUI.
I'm not entirely sure about the precise set of modes that Unix Plink should
look at; informed tweaks are welcome.
Also the Mac bits are guesses (but trivial).
[originally from svn r5653]
[this svn revision also touched putty-wishlist]
that the global `sesslist' got out of sync with the saved-sessions submenu,
causing the latter to launch the wrong sessions.
Also, Change Settings wasn't getting a fresh session list, so if the set of
sessions had changed since session startup it wouldn't reflect that (at least
until a session was saved). Fixed (on all platforms).
Therefore, since the global sesslist didn't seem to be useful, I've got rid
of it; config.c creates one as needed, as do the frontends. (Not tried
compiling Mac changes.)
Also, we now build the saved-sessions submenu on demand on Windows and Unix.
(This should probably also be done on the Mac.)
[originally from svn r5609]
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>
[originally from svn r5480]
cfg.remote_cmd is to be used, rather than actually pointing at
cfg.remote_cmd. This change restores the ability to structure-copy
Configs without breaking them. (Though of course this is only a
temporary solution: really what wants doing is to fix
`config-struct'.)
[originally from svn r5335]
deal with rekeys at all: they totally ignore mid-session KEXINIT
sent by the client. Hence, a new bug entry so we don't try it.
[originally from svn r5092]
the config should do when IPv6 is configured out. They shouldn't sit
there looking silly with only `Auto' and `IPv4' settings: they
should instead be completely absent. I had thought the former was
acceptable since IPv4-only was a configuration that people should
only be using if their compilers didn't support IPv6, but now it
occurs to me that ports to fundamentally non-IPv6-supporting
platforms are not implausible, and on such ports the presence of a
vestigial config option under the _standard_ build conditions would
be a low-quality solution.
[originally from svn r5084]
mid-session in SSH2: this forces an immediate rekey to activate the
new settings. I'm not sure exactly what this will be useful for
(except possibly it might make comparative performance testing
easier?), but it has wonderful James Bond value for being able to
switch to a more secure cipher before doing anything sensitive :-)
If, that is, you weren't using the most secure one to begin with...
[originally from svn r5051]
of polishing to bring them to what I think should in principle be
release quality. Unlike the unfix.org patches themselves, this
checkin enables IPv6 by default; if you want to leave it out, you
have to build with COMPAT=-DNO_IPV6.
I have tested that this compiles on Visual C 7 (so the nightlies
_should_ acquire IPv6 support without missing a beat), but since I
don't have IPv6 set up myself I haven't actually tested that it
_works_. It still seems to make correct IPv4 connections, but that's
all I've been able to verify for myself. Further testing is needed.
[originally from svn r5047]
[this svn revision also touched putty-wishlist]
to manipulate settings they can't see so could lead to confusion. (Also remove
"Delete" button for some sort of UI consistency even though it's harmless.)
Also conditionalise other aspects of sessionsaver_handler() that don't make
sense mid-session.
[originally from svn r5043]
mid-session if we are not using SSHv1. I've done this by introducing
a generic `cfg_info' function which every back end can use to
communicate an int's worth of data to setup_config_box; in SSH
that's the protocol version in use, and in everything else it's
currently zero.
[originally from svn r5040]
[r5031 == d77102a8d5]
the difficult questions about when it's sensible to offer the option
of saving to the slot we loaded from: _we never do_. The user must
always explicitly specify a slot to save to.
[originally from svn r5035]
[this svn revision also touched putty-wishlist]
