the primegen() function doesn't work well with <100 bits, so RSA
keys need to be >=200 to be generated correctly, and I thought 256
was a nice round number beyond that just to be sure. Perhaps I
should also have a security warning on any key less than 768; or
perhaps I should let people shoot themselves in the feet if they
really want to.
[originally from svn r767]
disablement option into two options so the app cursor keys and app
keypad can be controlled separately. The Pedantic Software Award in
this case goes to the Midnight Commander for its egregious failure
to just use the terminal in Perfectly Normal mode.
[originally from svn r766]
advantages:
- protocol modules can call sk_write() without having to worry
about writes blocking, because blocking writes are handled in the
abstraction layer and retried later.
- `Lost connection while sending' is a thing of the past.
- <winsock.h> is no longer needed in most modules, because
"putty.h" doesn't have to declare `SOCKET' variables any more,
only the abstracted `Socket' type.
- select()-equivalent between multiple sockets will now be handled
sensibly, which opens the way for things like SSH port
forwarding.
[originally from svn r745]
advantages:
- protocol modules can call sk_write() without having to worry
about writes blocking, because blocking writes are handled in the
abstraction layer and retried later.
- `Lost connection while sending' is a thing of the past.
- <winsock.h> is no longer needed in most modules, because
"putty.h" doesn't have to declare `SOCKET' variables any more,
only the abstracted `Socket' type.
- select()-equivalent between multiple sockets will now be handled
sensibly, which opens the way for things like SSH port
forwarding.
[originally from svn r744]
thought. As well as the ".." attack in recursive copies, the name
sent by the client was also trusted in a single-file implicit-
destination copy such as "pscp host:foo .". (The result was ./foo,
where foo is what the server claimed the file was rather than what
the user asked for. I think it's not unreasonable that if the user
requests file `foo' from the host, he should get the result in a
file called `foo' no matter what the host thinks.)
[originally from svn r743]
sends filenames of things in the directory being copied. A malicious
server could have sent, for example, "..\..\windows\system\foo.dll"
and overwritten something crucial. The filenames are now vetted to
ensure they don't contain slashes or backslashes.
[originally from svn r742]
- Robert de Bath's Compose key is now off by default and configurable on
- The ages-old controversy over whether ALT by itself should bring the
System menu up is now controllable by a config option
- You can now independently configure whether scrollback resets on a
keypress _and_ whether it resets on screen activity.
[originally from svn r741]
session list even if it isn't in the Registry. This got deleted
overenthusiastically because I didn't have a comment explaining what
it was doing there. Now there's a comment, so I probably won't
remove it again.
[originally from svn r733]
use when they have data from the network. Replaces the utterly daft
inbuf / inbuf_head / term_out() interface, which only made sense
when feeding to terminal.c. (terminal.c now implements
from_backend() as a small function that gateways to the old
interface.)
As a side effect, from_backend() also has an `is_stderr' parameter,
so scp can once again separate the server's pronouncements on stderr
from the actual protocol progress on stdout.
[originally from svn r729]
features (prompt for passphrase twice, prompt before overwriting a
file, check the key file was actually saved OK), testing of the
generated keys to make sure I got the file format right, and support
for a variable key size. I think what's already here is basically
sound though.
[originally from svn r715]
