now a passphrase-keyed MAC covering _all_ important data in the
file, including the public blob and the key comment. Should
conclusively scupper any attacks based on nobbling the key file in
an attempt to sucker the machine that decrypts it. MACing the
comment field also protects against a key-substitution attack (if
someone's worked out a way past our DSA protections and can extract
the private key from a signature, swapping key files and
substituting comments might just enable them to get the signature
they need to do this. Paranoid, but might as well).
[originally from svn r1413]
scp1 if it can't. Currently not very tested - I checked it in as
soon as it completed a successful recursive copy in both directions.
Also, one known bug: you can't specify a remote wildcard, because by
the nature of SFTP we'll need to implement the wildcard engine on
the client side. I do intend to do this (and use the same wildcard
engine in PSFTP as well) but I haven't got round to it yet.
[originally from svn r1208]
by me to make the drag list behaviour slightly more intuitive.
WARNING: DO NOT LOOK AT pl_itemfrompt() IF YOU ARE SQUEAMISH.
[originally from svn r1199]
by ceasing to listen on input channels if the corresponding output
channel isn't accepting data. Has had basic check-I-didn't-actually-
break-anything-too-badly testing, but hasn't been genuinely tested
in stress conditions (because concocting stress conditions is non-
trivial).
[originally from svn r1198]
Only currently works on SSH1; SSH2 should be doable but it's late
and I have other things to do tonight. The Cool Guy award for this
one goes to Nicolas Barry, for doing most of the work and actually
understanding the code he was adding to.
[originally from svn r1176]
host-key-changed prompt: update-cache-and-connect, connect-without-
updating-cache, and abandon-connection. (Previously the middle one
was missing.)
[originally from svn r1122]
Config structure like plink does at one point. (I'm almost tempted to
say this is where a copy constructor would be handy :-/ )
[originally from svn r1025]
remote command from a local file. Advantage: you can have more than
one line in it, so you can remotely run what's effectively a small
script.
[originally from svn r1010]
multiple switchable line disciplines, we now have a single unified
one which changes its behaviour based on option settings. Each
option setting can be suggested by the back end and/or the terminal
handler, and can be forcibly overridden by the configuration. Local
echo and local line editing are separate, independently switchable,
options.
[originally from svn r895]
interfering with X forwarding.)
Details of bug: the event object used as the target of
WSAEventSelect is created in such a way that it is automatically
reset when it releases a thread from WaitFor*Objects. Subsequently,
a read on the first socket in the list causes another network event
if not all the available data was read; thus the event object is set
again. Then, WSAEnumNetworkEvents is called again for the _second_
socket, and is passed the network event, which it therefore resets.
So an event has been dropped, and things only get restarted when
some more data arrives on the first socket.
[originally from svn r888]
advantages:
- protocol modules can call sk_write() without having to worry
about writes blocking, because blocking writes are handled in the
abstraction layer and retried later.
- `Lost connection while sending' is a thing of the past.
- <winsock.h> is no longer needed in most modules, because
"putty.h" doesn't have to declare `SOCKET' variables any more,
only the abstracted `Socket' type.
- select()-equivalent between multiple sockets will now be handled
sensibly, which opens the way for things like SSH port
forwarding.
[originally from svn r744]
use when they have data from the network. Replaces the utterly daft
inbuf / inbuf_head / term_out() interface, which only made sense
when feeding to terminal.c. (terminal.c now implements
from_backend() as a small function that gateways to the old
interface.)
As a side effect, from_backend() also has an `is_stderr' parameter,
so scp can once again separate the server's pronouncements on stderr
from the actual protocol progress on stdout.
[originally from svn r729]
windlg.c into it. Allows plink and pscp to no longer link with
windlg.c, meaning they lose some of the sillier stub functions and
also can provide a console-based form of verify_ssh_host_key().
[originally from svn r683]
Also we are able to notice when a backend is instantly sendok(),
rather than waiting until after the first successful socket read.
(This was zogging raw connections. They're still slightly zogged but
not as badly as they were.)
[originally from svn r671]
