1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-12 10:58:00 +00:00
Commit Graph

4591 Commits

Author SHA1 Message Date
Jacob Nevins
55947f2346 It's a new year.
[originally from svn r7048]
[this svn revision also touched putty-website,puzzles]
2007-01-01 21:19:14 +00:00
Jacob Nevins
4ae926fa8a Patch inspired by one from Daniel Silverstone in Debian bug #229232:
We now have an option where a remote window title query returns a well-formed
response containing the empty string. This should keep stop any server-side
application that was expecting a response from hanging, while not permitting
the response to be influenced by an attacker.

We also retain the ability to stay schtum. The existing checkbox has thus
grown into a set of radio buttons.

I've changed the default to the "empty string" response, even in the backward-
compatibility mode of loading old settings, which is a change in behaviour;
any users who want the old behaviour back will have to explicitly select it. I
think this is probably the Right Thing. (The only drawback I can think of is
that an attacker could still potentially use the relevant fixed strings for
mischief, but we already have other, similar reports.)

[originally from svn r7043]
2006-12-31 15:33:33 +00:00
Jacob Nevins
cd94e3bc3c Patch from Colin Watson intended to give a clean Unix compile with GCC 4.
(Since we choose to compile with -Werror, this is particularly important.)

I haven't yet checked that the resulting source actually compiles cleanly with
GCC 4, hence not marking `gcc4-warnings' as fixed just yet.

[originally from svn r7041]
2006-12-30 23:00:14 +00:00
Jacob Nevins
dbb8e96493 Use va_copy() where available. This should fix a segfault in vsnprintf()
on AMD 64 Linux.
(This has been sitting in my checkout for ages and hasn't obviously caused
any trouble -- I think I was waiting to get round to trying it with VC6, which
I haven't yet. There are some notes in comments on further tweaks that could
be made.)

[originally from svn r7035]
2006-12-29 16:38:52 +00:00
Simon Tatham
9cea4aaf06 Colin Watson points out that there was no need for me to write the
custom Panels container widget for the PuTTY config box, since the
perfectly standard GtkNotebook does the same job. Hence, let's
remove Panels completely in favour of doing it the proper way.

[originally from svn r7034]
2006-12-29 14:35:34 +00:00
Jacob Nevins
89f7c2c8ce Add a NO_HTMLHELP option, and enable it by default in the Cygwin Makefile,
since even the latest version of w32api (3.6) shows no sign of HTMLHelp
support.

(This touches mkfiles.pl because that's where the details of what Cygwin
doesn't support are kept currently. This may be deliberate, so I haven't
changed it.)

[originally from svn r7032]
2006-12-28 20:56:01 +00:00
Simon Tatham
82b3b2fdb7 I'm not sure why I added htmlhelp.lib to the PuTTY link lines in
r7000. I was probably half asleep. Actually, it's completely
unnecessary to bind to it at link time, because we load it at run
time in order to continue working as before on Win95. So I'm
removing it again.

[originally from svn r7030]
[r7000 == 1dac1bc911]
2006-12-28 15:47:53 +00:00
Simon Tatham
3a13c14e62 Nearly forgot: add the .CHM to the PuTTY installer. This involves
making the manual shortcut in the Start menu point to one or other
of the two help files depending on the version of Windows;
fortunately Inno Setup has no difficulty doing that.

[originally from svn r7028]
2006-12-28 10:39:56 +00:00
Simon Tatham
7e4786355d `make mostlyclean', to remove everything directly Halibut-generated
but not the CHM. It'll come in useful during the release process.

[originally from svn r7027]
2006-12-28 10:38:46 +00:00
Simon Tatham
1f352e935b Add some CHM-related stuff to the release checklist. Don't want to
forget about it when the time comes.

[originally from svn r7012]
2006-12-24 16:25:30 +00:00
Simon Tatham
d86e01e836 After discussion with Jeroen Massar, here's a patch (mostly his)
which we think fixes the vista-ipv6 problem.

[originally from svn r7007]
2006-12-23 09:04:27 +00:00
Simon Tatham
8f458f7825 Minor style tweaks for the CHM.
[originally from svn r7002]
2006-12-19 10:28:44 +00:00
Jacob Nevins
d660f65ac1 Sort out line-endings on new file.
[originally from svn r7001]
2006-12-17 17:46:12 +00:00
Simon Tatham
1dac1bc911 Initial support for HTML Help. All the ad-hoc help-file finding code
and various calls to WinHelp() have been centralised into a new file
winhelp.c, which in turn has been modified to detect a .CHM file as
well as .HLP and select between them as appropriate. It explicitly
tries to load HHCTRL.OCX and use GetProcAddress, meaning that it
_should_ still work correctly on pre-HTML-Help platforms, falling
gracefully back to WinHelp, but although I tested this by
temporarily renaming my own HHCTRL.OCX I haven't yet been able to
test it on a real HTML-Help-free platform.

Also in this checkin: a new .but file and docs makefile changes to
make it convenient to build the sources for a .CHM. As yet, owing to
limitations of Halibut's CHM support, I'm not able to write a .CHM
directly, more's the pity.

[originally from svn r7000]
2006-12-17 11:16:07 +00:00
Ben Harris
86eac20abb Set FD_CLOEXEC in a little convenience function that does the right thing
with F_GETFD and F_SETFD.

[originally from svn r6978]
2006-12-09 15:44:31 +00:00
Simon Tatham
2226098a9e Correct an embarrassingly wrong comment.
[originally from svn r6926]
2006-11-28 21:51:54 +00:00
Simon Tatham
fd6d9bd677 I've just discovered that using the saved sessions menu from Unix
PuTTY causes the child process to inherit a lot of socket fds from
its parent, which is a pain if one of them then ends up holding open
a listening socket which the parent was using for port forwarding
after the parent itself is dead.

Therefore, this checkin sprinkles FD_CLOEXEC throughout the Unix
platform directory wherever there looks like being a long-lived fd.

[originally from svn r6917]
2006-11-23 14:32:11 +00:00
Simon Tatham
230d400ddc Reinstate as much of the Windows font-linking behaviour as I can
easily manage, by adopting a hybrid approach to Unicode text
display. The old approach of simply calling ExtTextOutW provided
font linking without us having to lift a finger, but didn't do the
right thing when it came to bidirectional or Arabic-shaped text.
Arabeyes' replacement exact_textout() supported the latter, but
turned out to break the former (with no warning from the Windows API
documentation, so it's not their fault).

So now I've got a second wrapper layer called general_textout(),
which splits the input string into substrings based on bidi
character class. Any character liable to cause bidi or shaping
behaviour if fed straight to ExtTextOutW is instead fed through
Arabeyes' exact_textout(), but the rest is fed straight to
ExtTextOutW as it used to be.

The effect appears to be that font linking is restored for all
characters _except_ Arabic and other bidi scripts, which means in
particular that we are no longer in a state of regression over 0.57.
(0.57 would have done font linking on Arabic as well, but would also
have misbidied it, so we've merely exchanged one failure mode for
another slightly less harmful one in that situation.)

[originally from svn r6910]
2006-11-18 15:10:48 +00:00
Jacob Nevins
53843b7392 Chris Boucher spotted that after "-nc" was added (r6823), cfg->ssh_nc_host
was not always initialised, which could lead to spurious attempts to open
a bogus channel (typically refused: "FATAL ERROR: Server refused to open
a direct-tcpip channel"). Fixed.

[originally from svn r6907]
[r6823 == 631b494807]
2006-11-15 23:42:22 +00:00
Jacob Nevins
ffdbfd42a0 (Config).remote_cmd2[512] was added in r1208, but it wasn't used then and isn't
now, so presumably never has been. Remove.

[originally from svn r6906]
[r1208 == ff9a038cdd]
2006-11-15 23:12:20 +00:00
Jacob Nevins
908acc3adb publickeyfile now an RFC
[originally from svn r6905]
[this svn revision also touched putty-website]
2006-11-15 12:56:48 +00:00
Jacob Nevins
27c50ee652 Link to faq-cleanup from faq-settings.
[originally from svn r6904]
2006-11-15 11:48:07 +00:00
Jacob Nevins
3bc889e6e1 There's been an increase in people posting non-SSH PuTTY-related questions
to comp.security.ssh, posting queries that are clearly about PuTTY to
newsgroups without actually mentioning PuTTY, and so on. They may have been
directed there by this document :( Add a futile attempt to instil a sense of
etiquette.

[originally from svn r6895]
2006-11-08 21:15:30 +00:00
Jacob Nevins
e2215a31f6 Administrivia: most SSH-2 specs are no longer drafts.
[originally from svn r6890]
2006-11-08 00:55:13 +00:00
Jacob Nevins
06c7e29607 Tiny comment fix.
[originally from svn r6885]
2006-10-31 16:59:56 +00:00
Jacob Nevins
cc28093380 Spotted by Tim Kosse: we were returning an incorrect path in canonify() when
we couldn't get any sense out of the server.

[originally from svn r6877]
2006-10-22 20:19:55 +00:00
Jacob Nevins
64f19d46d8 Minor semantic tweak to bug-compatibility modes: make
BUG_NEEDS_SSH1_PLAIN_PASSWORD do exactly what it says on the tin, independent
of whether BUG_CHOKES_ON_SSH1_IGNORE is set.

This is invisible in the default configuration, as all servers marked as having
the second bug have the first one too, but it would allow one to manually
configure PuTTY to cope with a SSH-1 server that got upset by ignore messages
during authentication, but was fine with their use as keepalives.

[originally from svn r6876]
2006-10-22 19:51:28 +00:00
Simon Tatham
e9ce146b9f Disable a bunch of undesirable termios flags. ICRNL, in particular,
is liable to have been set on serial ports previously used as
terminal devices, and definitely wants not to be set on serial ports
being used for callout.

[originally from svn r6865]
2006-10-03 17:16:26 +00:00
Simon Tatham
1ee1d694cf IXON and IXOFF belong in _iflag_, not cflag! While I'm here, be more
reliable in clearing of RTS/CTS flags.

[originally from svn r6864]
2006-10-02 20:52:57 +00:00
Simon Tatham
a2338cb6f2 Fix breakage of `Restart Session' in r6802. When restarting the
session, we were clearing the new session_closed flag, but failing
to clear must_close_session; with that set, the session was being
opened but immediately re-closed.

[originally from svn r6857]
[r6802 == 0dcdb6c3c1]
2006-09-21 11:48:32 +00:00
Jacob Nevins
234faec96c Note that the dynamic-tunnel proxy does not support UDP, since we get asked
about this quite often.

[originally from svn r6855]
2006-09-15 14:44:21 +00:00
Jacob Nevins
9c954238bd CSI 3 J now clears the scrollback, as in xterm.
[originally from svn r6847]
[this svn revision also touched putty-wishlist]
2006-09-05 22:08:00 +00:00
Jacob Nevins
2afdb02660 I seem to have slightly funted Plink's display of banners etc in r6437, oops.
Fixed.

[originally from svn r6846]
[r6437 == 8719f92c14]
2006-09-05 21:41:38 +00:00
Jacob Nevins
e67b9cfd78 Slight change to password expiry UI for the benefit of Cisco servers, which
are as usual slightly odd.

[originally from svn r6845]
2006-09-05 21:39:30 +00:00
Simon Tatham
16510bf3b9 Support for an alternative mechanism for displaying wide characters
under X: instead of having two separate fixed-width fonts one of
which is twice the width of the other, you can instead have a single
font in which some characters are twice as wide as others.

This is implemented very simply: if you specify a wide font, it will
be used for wide characters, and if you don't then the normal font
will be used for wide characters (so they'd better _be_ wide in that
font, or there'll be trouble).

I got this idea from Jed, whose latest version supports UTF-8 and
requires a font of this type. If there are going to be X fonts like
that kicking around, there will doubtless be people who want to use
them.

[originally from svn r6844]
2006-09-03 14:31:34 +00:00
Simon Tatham
33e827818a Add a mini-rant to the top comment explaining why threads are
required. (I just tried getting rid of them; it worked fine for
serial ports, but not for anything else. The Windows I/O API sucks.)

[originally from svn r6843]
2006-09-03 12:55:16 +00:00
Jacob Nevins
de84239159 Updates for today's changes:
- changes to Logging panel
 - breaks in serial backend
(Plus, completely unrelated, an index term entry related to port forwarding
which seems to have been sitting around for ages, possibly waiting for me to
think about `see also' index terms in Halibut.)

[originally from svn r6836]
2006-08-29 21:46:56 +00:00
Simon Tatham
8b11c26c57 New logging mode, which records the exact bytes sent over the wire
in an SSH connection _in addition_ to the decrypted packets. This
will hopefully come in useful for debugging wire data corruption
issues: you can strace the server, enable this mode in the client,
and compare the sent and received data.

I'd _like_ to have this mode also log Diffie-Hellman private
exponents, session IDs, encryption and MAC keys, so that the
resulting log file could be used to independently verify the
correctness of all cryptographic operations performed by PuTTY.
However, I haven't been able to convince myself that the security
implications are acceptable. (It doesn't matter that this
information would permit an attacker to decrypt the session, because
the _already_ decrypted session is stored alongside it in the log
file. And I'm not planning, under any circumstances, to log users'
private keys. But gaining access to the log file while the session
was still running would permit an attacker to _hijack_ the session,
and that's the iffy bit.)

[originally from svn r6835]
2006-08-29 19:07:11 +00:00
Simon Tatham
bb6482c35d Explicitly closing logctx on various kinds of error exit means that
the log file gets fclosed properly and the critical last few
messages might be recoverable from the log file more often...

[originally from svn r6834]
2006-08-29 18:50:07 +00:00
Simon Tatham
f0a9c33f25 The Windows HANDLE type, despite being a `void *', does not actually
behave like a pointer. In particular, the right thing to set a
HANDLE to to indicate that it's invalid is INVALID_HANDLE_VALUE, not
NULL. Crack down on sloppy use of NULL HANDLEs across all Windows
code.

(There is one oddity, which is that {Create,Open}FileMapping are
documented to return a NULL HANDLE instead of INVALID_HANDLE_VALUE
on failure. Shrug. If MS want to be inconsistent, I suppose I have
to live with it.)

[originally from svn r6833]
2006-08-29 18:32:44 +00:00
Simon Tatham
088bc613ed Support for sending serial breaks, in both the Windows and Unix
serial backends.

[originally from svn r6832]
2006-08-29 18:20:57 +00:00
Simon Tatham
d38ea07616 Inhibit the Serial configuration panel in mid-session if the session
isn't a serial one. In particular, this causes pterm not to fail an
assertion if you select `Change Settings'. Ahem.

[originally from svn r6831]
2006-08-29 09:18:09 +00:00
Simon Tatham
4c460326d9 Apparently MsgWaitForMultipleObjects doesn't always return the
values one might expect, which means that GetMessage() was
occasionally blocking the process. That appears to be the last of
the annoying data loss issues, so I think the Windows serial back
end actually looks vaguely reliable now. Phew.

[originally from svn r6830]
2006-08-28 19:09:28 +00:00
Simon Tatham
c3d7d326b5 That OVERLAPPED fix seems to have made flow control useful as well
(presumably Windows's serial buffer is actually _filling up_,
causing an XOFF to be sent, now that my dodgy I/O code isn't causing
it to leak). So I think I'll switch the default flow control to
XON/XOFF, since it actually seems to do something now.

[originally from svn r6829]
2006-08-28 18:36:11 +00:00
Simon Tatham
32582f0fab Eep! Next bit flag after 1 and 2 is _4_, not 3. Perhaps it's time I
stopped coding and went and sat down quietly and tried not to touch
anything for a while.

[originally from svn r6828]
2006-08-28 18:27:54 +00:00
Simon Tatham
a485923ae4 Reading 4K at a time from a serial port turns out to be a bit
unfriendly in an interactive session, because at 19200 baud it takes
nearly two seconds to receive that much data, and as long as the
data is flowing continuously Windows waits until it has a full
buffer. So here's another annoying flag in the winhandl API, which
restricts reads to length 1 so that serial output shows up as it
appears.

(I tried this yesterday, but without the OVERLAPPED fix in r6826 it
behaved very erratically. It now seems solid.)

[originally from svn r6827]
[r6826 == 2aedc83f8d]
2006-08-28 18:26:50 +00:00
Simon Tatham
2aedc83f8d Apparently it helps for an OVERLAPPED structure to contain a valid
event handle. This seems to have fixed _some_, but not all, of the
curious data loss issues in the Windows serial backend.

[originally from svn r6826]
2006-08-28 18:16:49 +00:00
Jacob Nevins
74278dcd64 Minor tweaks to -nc:
- log host:port in event log
 - add -nc to Plink usage message

[originally from svn r6825]
2006-08-28 17:47:43 +00:00
Simon Tatham
38ebd5f5ba Missed a couple of instances of cfg_launchable().
[originally from svn r6824]
2006-08-28 17:41:02 +00:00
Simon Tatham
631b494807 New command-line option in Plink (and PuTTY, though it's less useful
there): `plink host -nc host2:port' causes the SSH connection's main
channel to be replaced with a direct-tcpip connection to the
specified destination. This feature is mainly designed for use as a
local proxy: setting your local proxy command to `plink %proxyhost
-nc %host:%port' lets you tunnel SSH over SSH with a minimum of
fuss. Works on all platforms.

[originally from svn r6823]
2006-08-28 15:12:37 +00:00