move the primary conditions out of them into their callers. Fixes a
crash in 'plink -N', since those functions would be called with a NULL
channel parameter and immediately dereference it to try to get c->ssh.
[originally from svn r9644]
an unencrypted key. (The other import function, sshcom_read(), already
got this right.) Thanks to David Wedderwille for the report.
This is more than just an error-reporting mistake; it actually causes
Windows PuTTYgen to tight-loop on attempting to load a corrupt OpenSSH
key, because the 'wrong passphrase' return value causes the caller to
loop round and try again, but of course it knows the key is
unencrypted so it doesn't prompt for a different passphrase and just
tries again with no change...
[originally from svn r9643]
doesn't have TIOCSCTTY, so my attempt to set the ctty of the child
process isn't doing anything, and only works by chance when you run
bash because bash does the thing that _will_ set the ctty, namely
opening the terminal file again without O_NOCTTY. So now we do that
too.
[originally from svn r9638]
result of memcmp, but untrue that we can do so _unconditionally_: if
memcmp returns zero, we still need to fall through to the next
comparison.
[originally from svn r9637]
[r9636 == 538090ede4]
I'm not entirely sure that using memcmp() is any more defined by the C
standard, but at least Clang doesn't complain about it. While I'm
here, tree234 doesn't require that comparison functions return
precisely +1 or -1, so we can use the return value of memcmp()
directly.
[originally from svn r9636]
They're only likely to be useful for freeing a coroutine state
structure, in which case there's no need to reset the line number
(since all such coroutines keep their line number in the state
structure) and the state structure pointer is always called "s".
[originally from svn r9632]
In sshfwd_unclean_close(), get ssh2_check_close() to handle sending
SSH_MSG_CHANNEL_CLOSE. That way, it can hold off doing so until any
outstanding channel requests are processed.
Also add event log message for unclean channel closures.
[originally from svn r9631]
crFinish or crFinishV, since they will attempt to write to the
coroutine state variable contained in that structure. Introduced some
new all-in-one macros crFinishFree and crFinishFreeV, and used those
instead. Should fix today's report of a crash just after authentication.
[originally from svn r9630]
Unconditionally override the configured terminal size with the one
from stdin if it's available. This avoids the silliness whereby if
Default Settings had a terminal size set, Plink used this and thus
caused the server to use the wrong size.
[originally from svn r9624]
Part the first: make sure that all structures describing channel
requests are freed when the SSH connection is freed. This involves
adding a means to ask a response handler to free any memory it holds.
Part the second: in ssh_channel_try_eof(), call
ssh2_channel_check_close() rather than emitting an SSH_MSG_CHANNEL_EOF
directly. This avoids the possibility of closing the channel while a
CHANNEL_REQUEST is outstanding.
Also add some assertions that helped with tracking down the latter
problem.
[originally from svn r9623]
This reduces code size a little and also makes it harder to
accidentally request a reply without putting in place a handler for
it or vice versa.
[originally from svn r9620]
The various setup routines can only receive CHANNEL_SUCCESS or
CHANNEL_FAILURE, so there's no need for the to worry about receiving
anything else. Strange packets will end up in do_ssh2_authconn
instead.
[originally from svn r9619]
In each case, want_reply was being treated as true even when it wasn't,
because it got decoded into "yes"/"no", both of which are true in
Perl.
[originally from svn r9617]
Each of the minor start-of-session requests is now dealt with by its own
little co-routine, while the shell/command is done in do_ssh2_authconn()
itself. This eliminates one more round-trip in session setup: PuTTY gets
all the way up to sending a shell request before worrying about any
replies.
[originally from svn r9616]
Now each channel has a queue of arbitrary handlers for those messages,
with anything that sends a CHANNEL_REQUEST with want_reply true pushing
a new entry onto the queue, and a shared handler that dispatches
responses appropriately.
Currently, this is only used for winadj@putty.projects.tartarus.org, but
extending it to cover the initial requests as well shouldn't be too
painful.
[originally from svn r9615]
There's no need to have identical code generating server-to-client and
client-to-server versions of the cipher and MAC lists; a couple of
twice-around loops will do fine.
[originally from svn r9610]
Before, NULL in the dispatch table meant "send to the appropriate one of
do_ssh2_transport() and do_ssh2_authconn()". Now those (via small
shims) are specified directly in the dispatch table, so ssh2_protocol()
is much simpler.
In the process, this has somewhat centralised the handling of gross
server protocol violations. PuTTY will now disconnect with a rude
message when (e.g.) OpenSSH sends us an SSH_MSG_UNIMPLEMENTED when we
try to KEXINIT during authentication.
[originally from svn r9609]
using one for the length field and one for the rest of the packet
contents. Since sftp_senddata() has no queuing or deferral mechanism
but instead constructs and sends an SSH2_MSG_CHANNEL_DATA message
immediately, this change has the effect of ceasing to split every SFTP
packet across two SSH messages.
[originally from svn r9603]
bufchain_add() now allocates at most one new granule. Granules still
have a minimum size, so small adds still get coalesced.
The main practical consequence of this is that PSCP and PSFTP now
generate 4K SSH packets rather than 512-byte ones. Also, the compiled
code (on my Ubuntu box) is fractionally smaller.
[originally from svn r9602]
by sending most of the initial SSH_MSG_CHANNEL_REQUEST messages before
waiting for any replies. The initial version of this code was a clever
thing with a two-pass loop, but that got hairy so I went for the simpler
approach of separating the request and reply code and having flags to
keep track of which requests have been sent.
[originally from svn r9599]
winadj@putty.projects.tartarus.org request. Not currently enabled
automatically, but should be usable as a manual workaround.
[originally from svn r9592]
zero but does it in such a way that over-clever compilers hopefully
won't helpfully optimise the call away if you do it just before
freeing something or letting it go out of scope. Use this for
(hopefully) every memset whose job is to destroy sensitive data that
might otherwise be left lying around in the process's memory.
[originally from svn r9586]
having just noticed that Makefile.gtk had it and this one doesn't. (Of
course, this being autoconf, we can easily enough make it conditional
on the compiler actually being gcc.)
[originally from svn r9583]
compile warning ('left-hand operand of comma expression has no
effect'), which of course becomes fatal under -Werror.
(This would have been instantly noticeable to people compiling with
the old-fashioned Makefile.gtk, which does include -Wall -Werror, but
those of us using the new autoconf makefile hadn't noticed.)
[originally from svn r9582]
platform manner, but which nothing ever called. It thus served only to
trap up the unwary. The live function key handling code lives in the
frontends, i.e. window.c on Windows and gtkwin.c on Unix.
[originally from svn r9579]
and the argument list contains only one string, try again by passing
that single string to "$SHELL -c" to be parsed as a shell command.
This matches xterm's behaviour (as of xterm 261, at least), and means
in practice that users can do _either_ of 'pterm -e some command' and
'pterm -e "some command"'.
(A quick survey suggests that the majority of X terminal programs agree
with pterm's old behaviour of only supporting '-e some command',
except that gnome-terminal only supports the other behaviour and xterm
supports both. With that disagreement, I think supporting both is
probably the sensible thing.)
[originally from svn r9575]
piece of keyboard handling: if Num Lock is on, numeric keypad keys are
eaten by the IM, so we must avoid passing them to the IM in the first
place if we're in any non-default numeric keypad mode (application or
Nethack).
This is a grubby way to do it, but the more obvious approach of just
moving the Nethack and app-keypad if statements up to above the IM
call doesn't work because those statements depend on the generic
Alt-prefix handling that happens just _below_ the IM call. So instead
I just repeat the list of keystrokes and modes in an if statement
conditionalising the IM call.
[originally from svn r9573]
[r9567 == 7fc8db15b2]
FXP_READDIR on an empty directory by returning a zero-length list of
filenames, instead of the more common response of a list containing
just "." and "..". Stop PSFTP failing an assertion when that happens.
[originally from svn r9569]
a GtkIMMulticontext and having that filter most keypresses. I think
I've got this right so that it doesn't break any previous deliberate
keyboard-handling behaviour that's now _after_ the 'if (filter
keypress) return' statement.
[originally from svn r9567]
