about it very hard; it's a plausible fix for the observed cause of the extreme
CPU usage, being that we were asking to be notified of Windows messages and
then not dealing with them, plausibly leading to a loop. Works for me,
anyway.)
[originally from svn r7098]
it'll let you see an identifier (SHGFP_TYPE_CURRENT) referenced since r7082.
(Actually, you need a pretty recent w32api before it's there at all.)
Morally, this should be defined for all toolchains, not just MinGW/Cygwin, but I'll leave that to people who have those toolchains.
<http://msdn2.microsoft.com/en-us/library/aa383745.aspx>
Also add some other comments on our use of this API (since it's a horrible one
that I suspect will come back and haunt us...)
[originally from svn r7087]
[r7082 == dbbd6eb5ec]
[this svn revision also touched putty-wishlist]
takes a third argument which is TRUE if the file is being opened for
writing and wants to be created in such a way that it's readable
only to the owner. This is used when saving private keys.
While I'm here, I also use this option when writing session logs, on
the general principle that they probably contain _something_
sensitive.
The new argument is only supported on Unix, for the moment. (I think
writing owner-accessible-only files is the default on Windows.)
[originally from svn r7084]
Application Data directory in preference to the old-fashioned
attempt to find the user's home directory, and use the _local-
machine_ Application Data directory in preference even to that.
SHGetFolderPath() is called via GetProcAddress, so this degrades
gracefully on old Windowses. (Tested myself on Win95.)
As part of this change, we now search for a location for the seed
file separately for reading and writing, so that installing the new
PuTTY should cause a seamless migration as the old seed file is read
from the old location and then a new one written to the new location.
`putty -cleanup' attempts to delete the seed file from _all_
affected locations.
Naturally, a user-specified seed file path in the Registry still
takes priority over all other means of finding the location.
[originally from svn r7082]
caused by the MessageBox() internal message loop eating WinSock
FD_READ notifications, which then don't reappear afterwards because
you have to explicitly prod a socket in order to get a repeat
notification on it.
Hence, here's a piece of infrastructure which seems to sort it out:
a new winnet.c function called socket_reselect_all(), whose function
is to go through all currently active sockets and re-run
WSAAsyncSelect() on them, causing repeat notifications for anything
we might have missed. I call this after every call to MessageBox(),
and that seems to solve the problem.
(The problem was actually masked in very recent revisions, probably
by the reinstatement of pending_netevent in r7071. However, I don't
believe that was a complete fix. This should be.)
[originally from svn r7077]
[r7071 == 57a763b0ec]
instead of the previous rate of one per character. In `Flush log
file frequently' mode, the latter was causing excessive slowdown due
to fflush()ing once per byte.
[originally from svn r7076]
ability to easily re-enable the r5122 behaviour, in case we need to
conditionally switch between the two at a later date.
[originally from svn r7073]
[r5122 == 8a20515844]
[this svn revision also touched putty-wishlist]
and LF, and don't object if the final line of the key lacks a
newline. Also, while I'm here, switch to using fgetline() throughout
so as not to have to do nasty buffer-size ad-hockery.
[originally from svn r7072]
r4906 in the process of adding the new timing code. It seems to have
been what was previously preventing spew-lockup, and still seems to
prevent it now I've put it back in.
[originally from svn r7071]
[r4906 == 7ecf13564a]
[this svn revision also touched putty-wishlist]
match the original icons. (Apparently I managed to introduce errors
while transcribing the originals for detailed analysis.)
While I'm at it, add the obviously useful `make install' target in
icons/Makefile, and fix the svn:ignore property on the icons
directory.
[originally from svn r7068]
suite. In a dramatic break with tradition, I'm actually checking in
the resulting icon files as well as the script that generates them,
because the script requires Python and ImageMagick and I don't think
it's reasonable to require that much extra infrastructure on
everyone checking out from Subversion.
The new icons should be _almost_ indistinguishable from the old
ones, at least at the 32x32 resolution. The immediately visible
change is that all the icons now come in 16x16, 32x32 and 48x48
formats, in both 16 colours and monochrome, instead of an ad-hoc
mixture of whichever ones I could be bothered to draw.
The same code can also be adapted to generate icons for the GTK port
(although icons for the running programs don't seem to be supported
by GTK 1 - another reason to upgrade to GTK 2!).
[originally from svn r7063]
We now have an option where a remote window title query returns a well-formed
response containing the empty string. This should keep stop any server-side
application that was expecting a response from hanging, while not permitting
the response to be influenced by an attacker.
We also retain the ability to stay schtum. The existing checkbox has thus
grown into a set of radio buttons.
I've changed the default to the "empty string" response, even in the backward-
compatibility mode of loading old settings, which is a change in behaviour;
any users who want the old behaviour back will have to explicitly select it. I
think this is probably the Right Thing. (The only drawback I can think of is
that an attacker could still potentially use the relevant fixed strings for
mischief, but we already have other, similar reports.)
[originally from svn r7043]
(Since we choose to compile with -Werror, this is particularly important.)
I haven't yet checked that the resulting source actually compiles cleanly with
GCC 4, hence not marking `gcc4-warnings' as fixed just yet.
[originally from svn r7041]
on AMD 64 Linux.
(This has been sitting in my checkout for ages and hasn't obviously caused
any trouble -- I think I was waiting to get round to trying it with VC6, which
I haven't yet. There are some notes in comments on further tweaks that could
be made.)
[originally from svn r7035]
custom Panels container widget for the PuTTY config box, since the
perfectly standard GtkNotebook does the same job. Hence, let's
remove Panels completely in favour of doing it the proper way.
[originally from svn r7034]
since even the latest version of w32api (3.6) shows no sign of HTMLHelp
support.
(This touches mkfiles.pl because that's where the details of what Cygwin
doesn't support are kept currently. This may be deliberate, so I haven't
changed it.)
[originally from svn r7032]
r7000. I was probably half asleep. Actually, it's completely
unnecessary to bind to it at link time, because we load it at run
time in order to continue working as before on Win95. So I'm
removing it again.
[originally from svn r7030]
[r7000 == 1dac1bc911]
making the manual shortcut in the Start menu point to one or other
of the two help files depending on the version of Windows;
fortunately Inno Setup has no difficulty doing that.
[originally from svn r7028]
and various calls to WinHelp() have been centralised into a new file
winhelp.c, which in turn has been modified to detect a .CHM file as
well as .HLP and select between them as appropriate. It explicitly
tries to load HHCTRL.OCX and use GetProcAddress, meaning that it
_should_ still work correctly on pre-HTML-Help platforms, falling
gracefully back to WinHelp, but although I tested this by
temporarily renaming my own HHCTRL.OCX I haven't yet been able to
test it on a real HTML-Help-free platform.
Also in this checkin: a new .but file and docs makefile changes to
make it convenient to build the sources for a .CHM. As yet, owing to
limitations of Halibut's CHM support, I'm not able to write a .CHM
directly, more's the pity.
[originally from svn r7000]
PuTTY causes the child process to inherit a lot of socket fds from
its parent, which is a pain if one of them then ends up holding open
a listening socket which the parent was using for port forwarding
after the parent itself is dead.
Therefore, this checkin sprinkles FD_CLOEXEC throughout the Unix
platform directory wherever there looks like being a long-lived fd.
[originally from svn r6917]
easily manage, by adopting a hybrid approach to Unicode text
display. The old approach of simply calling ExtTextOutW provided
font linking without us having to lift a finger, but didn't do the
right thing when it came to bidirectional or Arabic-shaped text.
Arabeyes' replacement exact_textout() supported the latter, but
turned out to break the former (with no warning from the Windows API
documentation, so it's not their fault).
So now I've got a second wrapper layer called general_textout(),
which splits the input string into substrings based on bidi
character class. Any character liable to cause bidi or shaping
behaviour if fed straight to ExtTextOutW is instead fed through
Arabeyes' exact_textout(), but the rest is fed straight to
ExtTextOutW as it used to be.
The effect appears to be that font linking is restored for all
characters _except_ Arabic and other bidi scripts, which means in
particular that we are no longer in a state of regression over 0.57.
(0.57 would have done font linking on Arabic as well, but would also
have misbidied it, so we've merely exchanged one failure mode for
another slightly less harmful one in that situation.)
[originally from svn r6910]
was not always initialised, which could lead to spurious attempts to open
a bogus channel (typically refused: "FATAL ERROR: Server refused to open
a direct-tcpip channel"). Fixed.
[originally from svn r6907]
[r6823 == 631b494807]
to comp.security.ssh, posting queries that are clearly about PuTTY to
newsgroups without actually mentioning PuTTY, and so on. They may have been
directed there by this document :( Add a futile attempt to instil a sense of
etiquette.
[originally from svn r6895]
BUG_NEEDS_SSH1_PLAIN_PASSWORD do exactly what it says on the tin, independent
of whether BUG_CHOKES_ON_SSH1_IGNORE is set.
This is invisible in the default configuration, as all servers marked as having
the second bug have the first one too, but it would allow one to manually
configure PuTTY to cope with a SSH-1 server that got upset by ignore messages
during authentication, but was fine with their use as keepalives.
[originally from svn r6876]
is liable to have been set on serial ports previously used as
terminal devices, and definitely wants not to be set on serial ports
being used for callout.
[originally from svn r6865]
session, we were clearing the new session_closed flag, but failing
to clear must_close_session; with that set, the session was being
opened but immediately re-closed.
[originally from svn r6857]
[r6802 == 0dcdb6c3c1]
