and add the ability to treat a local disconnection as "unclean" -- notably, if
we can't agree any authentication methods to even try; someone was complaining
that the PuTTY window by default just disappears for no apparent reason in this
circumstance.
Also, use appropriate disconnect codes for those SSH2_MSG_DISCONNECT messages
that we do send.
I don't think I've seriously broken any user-visible behaviour, but the way
that connection-close distinctions are transmitted to the front-end is shaky
(or so it seems to me), so there may be non-ideal changes on some platforms.
[originally from svn r5824]
hopefully solve `drop-banner'. I haven't been able to test the failure case,
but the behaviour with OpenSSH appears no worse.
[originally from svn r5772]
[this svn revision also touched putty-wishlist]
there are servers which could in principle operate in this mode, although I
don't know if any do in practice. (Hence, I haven't been able to test it.)
[originally from svn r5748]
[this svn revision also touched putty-wishlist]
server, which led to stalemate if the server did the same. PuTTY now sends
KEXINIT proactively as soon as it's worked out that it's talking SSH-2.
[originally from svn r5685]
default preferred cipher), add code to inject SSH_MSG_IGNOREs to randomise
the IV when using CBC-mode ciphers. Each cipher has a flag to indicate
whether it needs this workaround, and the SSH packet output maze has gained
some extra complexity to implement it.
[originally from svn r5659]
Unix Plink sends everything sensible it can find, and it's fully configurable
from the GUI.
I'm not entirely sure about the precise set of modes that Unix Plink should
look at; informed tweaks are welcome.
Also the Mac bits are guesses (but trivial).
[originally from svn r5653]
[this svn revision also touched putty-wishlist]
end, after the REQUIRED "hmac-sha1".) This has been present since SSH-2
support was introduced (r569).
[originally from svn r5643]
[r569 == 35205e5cb7]
I've added this to support `terminal-modes', but since this unifies some
SSH-1 and SSH-2 packet construction code, it saves a few hundred bytes.
Bonus.
[originally from svn r5642]
comp.security.ssh contains a Dr Watson log which looks to me as if
`unclean-close-crash' occurred due to a rekey timer going off after
the session had closed. Hence, ssh2_timer() now avoids doing
anything if the session is already closed, and also ssh_do_close()
proactively calls expire_timer_context(). Between those I think they
ought to solve the problem.
[originally from svn r5564]
ssh2_try_send() to no longer be run after receiving WINDOW_ADJUSTs.
I believe this is likely to have been the cause of recent PSCP
hanging issues.
[originally from svn r5517]
[r4909 == 02b0474f57]
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>
[originally from svn r5480]
prompts, to make it more obvious if a server is attempting to spoof a local
passphrase prompt.
I believe an alert user could have spotted this in all cases in SSH-2,
although perhaps not in SSH-1. (But they'd have to have enabled
TIS/CryptoCard.)
[originally from svn r5450]
Port forwardings are set up before initialising the last few details
of the main shell session, so ssh->state can reasonably hold values
other than SSH_STATE_SESSION and SSH_STATE_CLOSED during calls to
sshfwd_*.
[originally from svn r5446]
connection_fatal(), since the latter is entitled to destroy the
backend so `ssh' may no longer be valid once it returns.
For the Unix port, switch exit(0) to gtk_main_quit() in
notify_remote_exit(), so that we don't exit before the subsequent
connection_fatal()!
[originally from svn r5445]
cfg.remote_cmd is to be used, rather than actually pointing at
cfg.remote_cmd. This change restores the ability to structure-copy
Configs without breaking them. (Though of course this is only a
temporary solution: really what wants doing is to fix
`config-struct'.)
[originally from svn r5335]
now returns an integer: 0 means cancel the SSH connection and 1
means continue with it. Additionally, they can return -1, which
means `front end has set an asynchronous alert box in motion, please
wait to be called back with the result', and each one is passed a
callback function pointer and context for this purpose.
I have not yet done the same to askappend() yet, because it will
take a certain amount of reorganisation of logging.c.
Importantly, this checkin means the host key dialog box now works on
OS X.
[originally from svn r5330]
changing its mouse pointer. Currently this is only used in the (slightly-
arbitrarily-defined) "heavy" bits of SSH-2 key exchange. We override pointer
hiding while PuTTY is busy, but preserve pointer-hiding state.
Not yet implemented on the Mac.
Also switch to frobbing window-class cursor in Windows rather than relying on
SetCursor().
[originally from svn r5303]
for which we don't yet have a remote number, and instead add a flag to indicate
this fact. Fixes bug ssh-remoteid-minusone.
[originally from svn r5171]
tested since none of the common key-exchange protocols starts with a packet
from the server, so I don't have a server that implements this.
[originally from svn r5162]
only send it when it will significantly increase the server's idea of our
window. This avoids the slew of one-byte WINDOW_ADJUSTs that an interactive
shell typically generates.
[originally from svn r5121]
