I've gone through everywhere we handle host names / addresses (on
command lines, in PuTTY config, in port forwarding, in X display
names, in host key storage...) and tried to make them handle IPv6
literals sensibly, by using the host_str* functions I introduced in my
previous commit. Generally it's now OK to use a bracketed IPv6 literal
anywhere a hostname might have been valid; in a few cases where no
ambiguity exists (e.g. no :port suffix is permitted anyway)
unbracketed IPv6 literals are also acceptable.
[originally from svn r10120]
The basic strategy is described at the top of the new source file
sshshare.c. In very brief: an 'upstream' PuTTY opens a Unix-domain
socket or Windows named pipe, and listens for connections from other
PuTTYs wanting to run sessions on the same server. The protocol spoken
down that socket/pipe is essentially the bare ssh-connection protocol,
using a trivial binary packet protocol with no encryption, and the
upstream has to do some fiddly transformations that I've been
referring to as 'channel-number NAT' to avoid resource clashes between
the sessions it's managing.
This is quite different from OpenSSH's approach of using the Unix-
domain socket as a means of passing file descriptors around; the main
reason for that is that fd-passing is Unix-specific but this system
has to work on Windows too. However, there are additional advantages,
such as making it easy for each downstream PuTTY to run its own
independent set of port and X11 forwardings (though the method for
making the latter work is quite painful).
Sharing is off by default, but configuration is intended to be very
easy in the normal case - just tick one box in the SSH config panel
and everything else happens automatically.
[originally from svn r10083]
During the Conf revamp, I changed the internal representation of
dynamic forwardings so that they were stored as the conceptually
sensible L12345=D rather than the old D12345, and added compensation
code to translate to the latter form for backwards-compatible data
storage and for OpenSSH-harmonised GUI display. Unfortunately I forgot
that keys in the forwarding data can also prefix the L/R with a
character indicating IPv4/IPv6, and my translations didn't take
account of that possibility. Fix them.
[originally from svn r10031]
the session saving code, in which the contents of the edit box giving
the current saved session name was stored in a horrid place with a
fixed length. Now it's dangling off sessionsaver_data as it always
ought to have been, and it's dynamically reallocated to the
appropriate length, and there's a free function that cleans it up at
the end of the dialog's lifetime.
[originally from svn r9923]
winadj@putty.projects.tartarus.org request. Not currently enabled
automatically, but should be usable as a manual workaround.
[originally from svn r9592]
wonky because I'd used the subkey for the red component in four places
where I should have used the green/blue subkeys instead. Thanks to
Martin Kletzander for spotting it.
[originally from svn r9449]
[r9214 == a1f3b7a358]
allocated type.
The main reason for this is to stop it from taking up a fixed large
amount of space in every 'struct value' subunion in conf.c, although
that makes little difference so far because Filename is still doing
the same thing (and is therefore next on my list). However, the
removal of its arbitrary length limit is not to be sneezed at.
[originally from svn r9314]
'Config' in putty.h, which stores all PuTTY's settings and includes an
arbitrary length limit on every single one of those settings which is
stored in string form. In place of it is 'Conf', an opaque data type
everywhere outside the new file conf.c, which stores a list of (key,
value) pairs in which every key contains an integer identifying a
configuration setting, and for some of those integers the key also
contains extra parts (so that, for instance, CONF_environmt is a
string-to-string mapping). Everywhere that a Config was previously
used, a Conf is now; everywhere there was a Config structure copy,
conf_copy() is called; every lookup, adjustment, load and save
operation on a Config has been rewritten; and there's a mechanism for
serialising a Conf into a binary blob and back for use with Duplicate
Session.
User-visible effects of this change _should_ be minimal, though I
don't doubt I've introduced one or two bugs here and there which will
eventually be found. The _intended_ visible effects of this change are
that all arbitrary limits on configuration strings and lists (e.g.
limit on number of port forwardings) should now disappear; that list
boxes in the configuration will now be displayed in a sorted order
rather than the arbitrary order in which they were added to the list
(since the underlying data structure is now a sorted tree234 rather
than an ad-hoc comma-separated string); and one more specific change,
which is that local and dynamic port forwardings on the same port
number are now mutually exclusive in the configuration (putting 'D' in
the key rather than the value was a mistake in the first place).
One other reorganisation as a result of this is that I've moved all
the dialog.c standard handlers (dlg_stdeditbox_handler and friends)
out into config.c, because I can't really justify calling them generic
any more. When they took a pointer to an arbitrary structure type and
the offset of a field within that structure, they were independent of
whether that structure was a Config or something completely different,
but now they really do expect to talk to a Conf, which can _only_ be
used for PuTTY configuration, so I've renamed them all things like
conf_editbox_handler and moved them out of the nominally independent
dialog-box management module into the PuTTY-specific config.c.
[originally from svn r9214]
and avoiding trashing a non-default port, don't treat a port of 0 as special;
this was causing defaults to "freeze in" for sequences of clicks like SSH,
Raw, Telnet.
Arrange that a port of 0 (which in a backend indicates no default) is displayed
as a blank in the port box, to make this less jarring.
[originally from svn r9077]
[r7635 == db7cc1cba6]
are now loaded from standard locations (system32 for SSPI, the
registry-stored MIT KfW install location for KfW) rather than using
the risky default DLL search path; I've therefore also added an
option to manually specify a GSS DLL we haven't heard of (which
should in principle Just Work provided it supports proper GSS-API as
specified in the RFC). The same option exists on Unix too, because
it seemed like too useful an idea to reserve to Windows. In
addition, GSSAPI is now documented, and also (unfortunately) its GUI
configuration has been moved out into a sub-subpanel on the grounds
that it was too big to fit in Auth.
[originally from svn r9003]
reorganises the GSSAPI support so that it handles alternative
implementations of the GSS-API. In particular, this means PuTTY can
now talk to MIT Kerberos for Windows instead of being limited to
SSPI. I don't know for sure whether further tweaking will be needed
(to the UI, most likely, or to automatic selection of credentials),
but testing reports suggest it's now at least worth committing to
trunk to get it more widely tested.
[originally from svn r8952]
today reported an SSH2_MSG_UNIMPLEMENTED from a Cisco router which
looks as if it was triggered by SSH2_MSG_IGNORE, so I'm
experimentally putting this flag in. Currently must be manually
enabled, though if it turns out to solve the user's problem then
I'll probably add at least one version string...
[Edited commit message: actually, I also committed in error a piece
of experimental code as part of this checkin. Serve me right for not
running 'svn diff' first.]
[originally from svn r8926]
NameUserPrincipal, use that; this avoids an issue with SSPI/GSSAPI where
the user logged in to the local machine with a different case of username
to the (case-sensitive) Kerberos username. Falls back to GetUserName as
before if that doesn't work (for machines not on a domain, and Win9x).
Based on a patch by SebastianUnger.
[originally from svn r8909]
re-entrant call to its handler in config.c, which destroys the
previous value in cfg->line_codepage. Therefore, preserve the right
value in an automatic variable until all the re-entrant calls have
finished.
[originally from svn r8592]
While I'm here, a cosmetic PuTTYtel change: remove a reference to SSH from the
"logical host name" label in PuTTYtel only.
[originally from svn r8331]
[r8305 == ca6fc3a4da]
if we have no better ideas, with UI shamelessly stolen from Quest PuTTY.
Off by default, which effectively reverts the change to using the local
username by default that came in with GSSAPI support in r8138. Anyone wanting
seamless single sign-on will need to set the new option. (The previous
default behaviour was getting in the way in ad-hoc scenarios.)
Note that the PSCP and Unix-Plink behaviour of using the local username by
default have remained unchanged throughout; they are not affected by the new
option. Not sure if that's the Right Thing.
[originally from svn r8324]
[r8138 == de5dd9d65c]
on received data. Experiment and suggestion suggest that the character set
configuration applies equally to keystrokes sent to the server, or at least
that that's close enough to being true that we should document it as a first
approximation.
[originally from svn r8209]
read uninitialised (because the only circumstance under which it
isn't initialised is when "update" is FALSE, in which case it isn't
read either). Placate it.
[originally from svn r8119]
The colour list box beeped at the user whenever it found that
something other than exactly one colour was selected. This seems to
happen implicitly in Gtk when the pane is changed. In Gtk1, this gave
you a beep whenever you left the Colours dialog after having selected
a colour from the list; in Gtk2, you additionally got a beep _every_
time you subsequently re-entered the Colours dialog (for reasons I
haven't investigated). Windows was unaffected.
Also, in Gtk (unlike Windows), it's possible for the user to go back
to the state where no items in the list box are selected at all.
For these reasons, stop beeping at the user, and instead blank the RGB
edit boxes as a hint that edits to them would be futile. (Really we
should be disabling them entirely, but the cross-platform edit
controls aren't up to that yet.)
[originally from svn r8074]
to manually tweak the host name and port number under which the SSH
host key is read and written.
I've put it in the cross-platform Connection panel. Partly under the
flimsy pretext that other backends _can_ use it if they so wish (and
in fact it overrides the host name for title-bar purposes in all
network backends, though it has no other effect in anything but
SSH); but mostly because the SSH panel was too full already :-)
[originally from svn r8033]
advertise so that the server can't exceed our maximum packet size.
Enable it for "1.36_sshlib GlobalSCAPE" which apparently sends oversize
packets otherwise.
[originally from svn r7804]
port number in the GUI when the connection type is changed if the current
port number is the standard one for the current protocol.
It's not perfect, but it should make the common case of tabbing through the
Session panel easier when starting non-SSH connections on odd ports.
[originally from svn r7635]
Should be no significant change in behaviour.
(Well, entering usernames containing commas on Plink's command line will be
a little harder now.)
[originally from svn r7628]
(SSH tunnels, TTY modes, and environment variables), when the Remove button is
pressed, populate the edit controls from the entry that has just been deleted.
Several users have requested this, as it makes editing an entry easier (read-
modify-write) in the cases where order is unimportant, and also provides a
degree of undo-ability.
[originally from svn r7298]
launchable session without getting confused by it, we can relax the
restriction on storing a host name in DS, which has attracted a
steady stream of complaints over the past six or seven years.
[originally from svn r7266]
represent a launchable session, unless the user can be construed to
have really meant it. This means:
- starting up PuTTY when the Default Settings are launchable still
brings up the config box, and you have to hit Open to actually
launch that session
- double-clicking on Default Settings from the config box will load
them but not launch them.
On the other hand:
- explicitly loading the Default Settings on the command line using
`-load' _does_ still launch them.
[originally from svn r7265]
We now have an option where a remote window title query returns a well-formed
response containing the empty string. This should keep stop any server-side
application that was expecting a response from hanging, while not permitting
the response to be influenced by an attacker.
We also retain the ability to stay schtum. The existing checkbox has thus
grown into a set of radio buttons.
I've changed the default to the "empty string" response, even in the backward-
compatibility mode of loading old settings, which is a change in behaviour;
any users who want the old behaviour back will have to explicitly select it. I
think this is probably the Right Thing. (The only drawback I can think of is
that an attacker could still potentially use the relevant fixed strings for
mischief, but we already have other, similar reports.)
[originally from svn r7043]
in an SSH connection _in addition_ to the decrypted packets. This
will hopefully come in useful for debugging wire data corruption
issues: you can strace the server, enable this mode in the client,
and compare the sent and received data.
I'd _like_ to have this mode also log Diffie-Hellman private
exponents, session IDs, encryption and MAC keys, so that the
resulting log file could be used to independently verify the
correctness of all cryptographic operations performed by PuTTY.
However, I haven't been able to convince myself that the security
implications are acceptable. (It doesn't matter that this
information would permit an attacker to decrypt the session, because
the _already_ decrypted session is stored alongside it in the log
file. And I'm not planning, under any circumstances, to log users'
private keys. But gaining access to the log file while the session
was still running would permit an attacker to _hijack_ the session,
and that's the iffy bit.)
[originally from svn r6835]
in place of making a network connection. This has involved a couple
of minor infrastructure changes:
- New dlg_label_change() function in the dialog.h interface, which
alters the label on a control. Only used, at present, to switch
the Host Name and Port boxes into Serial Line and Speed, which
means that any platform not implementing serial connections (i.e.
currently all but Windows) does not need to actually do anything
in this function. Yet.
- New small piece of infrastructure: cfg_launchable() determines
whether a Config structure describes a session ready to be
launched. This was previously determined by seeing if it had a
non-empty host name, but it has to check the serial line as well
so there's a centralised function for it. I haven't gone through
all front ends and arranged for this function to be used
everywhere it needs to be; so far I've only checked Windows.
- Similarly, cfg_dest() returns the destination of a connection
(host name or serial line) in a text format suitable for putting
into messages such as `Unable to connect to %s'.
[originally from svn r6815]
Pageant for local authentication. (This is a `don't use Pageant for
authentication at session startup' button rather than a `pretend
Pageant doesn't exist' button: that is, agent forwarding is
independent of this option.)
[originally from svn r6572]
in the session name box. Thwarted on Unix by GTK not automatically
scrolling the listbox to the selected item, but we can fix that in
the platform-specific side later.
[originally from svn r6337]
there are servers which could in principle operate in this mode, although I
don't know if any do in practice. (Hence, I haven't been able to test it.)
[originally from svn r5748]
[this svn revision also touched putty-wishlist]
Unix Plink sends everything sensible it can find, and it's fully configurable
from the GUI.
I'm not entirely sure about the precise set of modes that Unix Plink should
look at; informed tweaks are welcome.
Also the Mac bits are guesses (but trivial).
[originally from svn r5653]
[this svn revision also touched putty-wishlist]
that the global `sesslist' got out of sync with the saved-sessions submenu,
causing the latter to launch the wrong sessions.
Also, Change Settings wasn't getting a fresh session list, so if the set of
sessions had changed since session startup it wouldn't reflect that (at least
until a session was saved). Fixed (on all platforms).
Therefore, since the global sesslist didn't seem to be useful, I've got rid
of it; config.c creates one as needed, as do the frontends. (Not tried
compiling Mac changes.)
Also, we now build the saved-sessions submenu on demand on Windows and Unix.
(This should probably also be done on the Mac.)
[originally from svn r5609]
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>
[originally from svn r5480]
cfg.remote_cmd is to be used, rather than actually pointing at
cfg.remote_cmd. This change restores the ability to structure-copy
Configs without breaking them. (Though of course this is only a
temporary solution: really what wants doing is to fix
`config-struct'.)
[originally from svn r5335]
deal with rekeys at all: they totally ignore mid-session KEXINIT
sent by the client. Hence, a new bug entry so we don't try it.
[originally from svn r5092]
the config should do when IPv6 is configured out. They shouldn't sit
there looking silly with only `Auto' and `IPv4' settings: they
should instead be completely absent. I had thought the former was
acceptable since IPv4-only was a configuration that people should
only be using if their compilers didn't support IPv6, but now it
occurs to me that ports to fundamentally non-IPv6-supporting
platforms are not implausible, and on such ports the presence of a
vestigial config option under the _standard_ build conditions would
be a low-quality solution.
[originally from svn r5084]
mid-session in SSH2: this forces an immediate rekey to activate the
new settings. I'm not sure exactly what this will be useful for
(except possibly it might make comparative performance testing
easier?), but it has wonderful James Bond value for being able to
switch to a more secure cipher before doing anything sensitive :-)
If, that is, you weren't using the most secure one to begin with...
[originally from svn r5051]
of polishing to bring them to what I think should in principle be
release quality. Unlike the unfix.org patches themselves, this
checkin enables IPv6 by default; if you want to leave it out, you
have to build with COMPAT=-DNO_IPV6.
I have tested that this compiles on Visual C 7 (so the nightlies
_should_ acquire IPv6 support without missing a beat), but since I
don't have IPv6 set up myself I haven't actually tested that it
_works_. It still seems to make correct IPv4 connections, but that's
all I've been able to verify for myself. Further testing is needed.
[originally from svn r5047]
[this svn revision also touched putty-wishlist]
to manipulate settings they can't see so could lead to confusion. (Also remove
"Delete" button for some sort of UI consistency even though it's harmless.)
Also conditionalise other aspects of sessionsaver_handler() that don't make
sense mid-session.
[originally from svn r5043]
mid-session if we are not using SSHv1. I've done this by introducing
a generic `cfg_info' function which every back end can use to
communicate an int's worth of data to setup_config_box; in SSH
that's the protocol version in use, and in everything else it's
currently zero.
[originally from svn r5040]
[r5031 == d77102a8d5]
the difficult questions about when it's sensible to offer the option
of saving to the slot we loaded from: _we never do_. The user must
always explicitly specify a slot to save to.
[originally from svn r5035]
[this svn revision also touched putty-wishlist]
bit is working out when to reschedule the next rekey for when the
timeout or data limit changes; sometimes it will be _right now_
because we're already over the new limit.
Still to do: the Kex panel should not appear in mid-session if we
are using SSHv1.
[originally from svn r5031]
Change Settings, the port forwarding setup function is run again,
and tags all existing port forwardings as `do not keep'. Then it
iterates through the config in the normal way; when it encounters a
port forwarding which is already in the tree, it tags it `keep'
rather than setting it up from scratch. Finally, it goes through the
tree and removes any that haven't been labelled `keep'. Hence,
editing the list of forwardings in Change Settings has the effect of
cancelling any forwardings you remove, and adding any new ones.
The SSH panel now appears in the reconfig box, and is empty apart
from a message explaining that it has to be there for subpanels of
it to exist. Better wording for this message would be welcome.
[originally from svn r5030]
(which will gain more content anon).
Retire BUG_SSH2_DH_GEX and add a backwards-compatibility wart, since we never
did find a way of automatically detecting this alleged server bug, and in any
case there was only ever one report (<3D91F3B5.7030309@inwind.it>, FWIW).
Also generalise askcipher() to a new askalg() (thus touching all the
front-ends).
I've made some attempt to document what SSH key exchange is and why you care,
but it could use some review for clarity (and outright lies).
[originally from svn r5022]
results in unacceptable performance for him on Win2000. Add a checkbox to
revert to the old behaviour.
[originally from svn r4988]
[this svn revision also touched putty-wishlist]
sessionsaver_handler after processing a one-click saved session
launch, to protect against accidentally calling dlg_end twice on the
same dialog.
[originally from svn r4779]
into the Connection panel, and implemented support for the SSH2
"env" request. (I haven't yet found a server which accepts this
request, so although I've visually checked the packet log and it
looks OK, I haven't yet been able to do a full end-to-end test.)
Also, the `pty' backend reads this data and does a series of
`putenv' commands before launching the shell or application.
This is mostly because in last week's UTF-8 faffings I got
thoroughly sick of typing `export LANG=en_GB.UTF-8' every time I
started a new testing pterm, and it suddenly occurred to me that
this would be precisely the sort of thing you'd want to have pterm
set up for you, particularly since you can configure it alongside
the translation settings and so you can ensure they match up
properly.
[originally from svn r4645]
PuTTY / Plink not to run a remote shell/command at all. Supported in
the GUI configuration and via the (OpenSSH-like) -N command-line
option.
No effort is currently made to arrange `nice' UI properties. If you
do this in GUI PuTTY, a full-size terminal window will still be
created, and will sit there with almost nothing in it throughout
your session. If you do it in Plink, Plink will not accept any kind
of request to terminate gracefully; you'll have to ^C or kill it.
Nonetheless, even this little will be useful to some people...
[originally from svn r4614]
by default (although they can be included). There's also an option to remove
session data, which is good both for privacy and for reducing the size of
logfiles.
[originally from svn r4593]
No very good reason, but I've occasionally wanted to frob it to see if it
makes any difference to problems I'm having, and it was easy.
Tested that it does actually cause keepalives on Windows (with tcpdump);
should also work on Unix. Not implemented on Mac (does nothing), but then
neither is TCP_NODELAY.
Quite a big checkin, much of which is adding `keepalive' alongside `nodelay'
in network function calls.
[originally from svn r4309]
there is a structure copy of a Config, which invalidated the remote_cmd_ptr
in that structure (pointing to its own remote_cmd).
This was causing remote commands not to be executed in this special case.
I've patched the pointer up manually (as is done in plink.c), but ugh.
[originally from svn r4140]
(we didn't before) - `ssh-termspeed'.
In the process, I've removed the individual controls on the Telnet and
Rlogin panels and replaced them with one on the Connection panel (since they
were backed by the same storage anyway).
The terminal speeds sent in SSH are logged in the Event Log.
[originally from svn r4133]
option from the Selection panel to the Translation panel (where it
fits at least as well). This frees a line in the Selection panel
which I'm about to use for an additional mouse handling option.
[originally from svn r3564]
box, in that it started to expand under the weight of proxy options.
Now fixed, by folding the SOCKS version selector into the general
proxy type selector so there's one single 5- or 6-way radio button
set split over two lines. settings.c has of course grown a backwards
compatibility wart to deal with legacy config data.
[originally from svn r3168]
now not show up when it's meaningless (in PuTTYtel, in pterm, and
in the middle of any non-SSH session), and the Connection panel is
inhibited completely in pterm.
[originally from svn r3146]
had to move another of its values out into wincfg.c - paradoxically,
this was the `font has X encoding' option! (Because the Unix font
handling code expects to be able to tell for _itself_ whether it has
a font with X-encoded line drawing glyphs.)
[originally from svn r3145]
hazard. I considered removing it completely, but I can't rule out
the possibility of an OS that actually takes security of its
terminal devices seriously, and which might be able to make sensible
and safe use of this feature.
[originally from svn r3103]
particular, the config box uses it in place of the word `PuTTY',
which means mid-session reconfig in pterm will look less strange
once I implement it. Also, while I'm at it, I've personalised all
the dialog boxes and menu items and suchlike so that PuTTYtel
actually claims to be PuTTYtel rather than PuTTY.
[originally from svn r3074]
former by simply removing it; the latter by adding an enumeration
function to libcharset.) This has had slight `const' repercussions
on cp_name() and cp_enumerate() which might break the Mac build.
[originally from svn r3064]
supports SOCKS 4, SOCKS 4A and SOCKS 5 (well, actually IPv6 in SOCKS
5 isn't supported, but it'll be no difficulty once I actually get
round to it). Thanks to Chas Honton for his `stone soup' patch: I
didn't end up actually using any of his code, but it galvanised me
into doing it properly myself :-)
[originally from svn r3055]
malloc functions, which automatically cast to the same type they're
allocating the size of. Should prevent any future errors involving
mallocing the size of the wrong structure type, and will also make
life easier if we ever need to turn the PuTTY core code from real C
into C++-friendly C. I haven't touched the Mac frontend in this
checkin because I couldn't compile or test it.
[originally from svn r3014]
the RGB values (it deals in floats with 2 d.p. instead). Hence I've
replaced the static RGB text item in the Colours panel with three
little edit boxes, so that a user can type in exact 0-255 RGB values
if necessary. This should have the additional advantage of being
quicker than faffing with the colour selector if you already know
exactly what you want and are in a hurry!
[originally from svn r2978]
Buttons now have an `iscancel' flag to go with `isdefault';
dlg_last_focused() now explicitly passes the control it _doesn't_
care about (`I want the last control that had focus and isn't this
one'); and in the GTK implementation, various fixes have happened,
notably including arrow keys working sensibly in list boxes and the
treeview and short font aliases being expanded correctly to
initialise the font selectors.
[originally from svn r2958]
Unix-specific config items; moved a stray Windows-specific config
item (scrollbar-in-fullscreen) out into wincfg.c to stop it
appearing on Unix; continued updates to gtkdlg.c. I now believe the
GTK config box looks basically correct (modulo minor cosmetic issues
and keyboard accelerators). Next step, add the event handling so
it's actually functional.
[originally from svn r2933]
(list boxes are particularly conspicuously absent), it has no event
handling at all, and it isn't in any way integrated into pterm - you
have to build it specially using the test stubs in gtkdlg.c. But
what there is so far seems to work plausibly well, so it's a start.
Rather than browbeat the existing GTK container/layout widgets into
doing what I wanted, I decided to implement two subclasses of
GtkContainer myself, which implement precisely the layout model
assumed by the config box specification; this has the rather cool
consequence that the box can be resized and will maintain the same
layout at all times that it would have had if initially created at
that size.
[originally from svn r2931]
in the portable dialog interface. This has allowed me to remove
`ssd->savedsession' in config.c, which was (I believe) the only
out-of-place piece of per-instance data in the dialog template
stuff. Now we should actually be able to run more than one config
box in the same process at the same time (for platforms that'll find
that useful).
[originally from svn r2925]
clears, and also to temporarily push the primary screen contents
into the scrollback while the alternate screen is active and bring
it back afterwards.
[originally from svn r2910]
to pieces, and put it back together in a new table-driven form.
config.c sets up a data structure describing most of the config box;
wincfg.c adds in the Windows-specific options (so that config.c can
also form the basis for Mac and Unix config boxes). Then winctrls.c
contains a shiny new layout engine which consumes that data
structure, and windlg.c passes all WM_COMMAND and similar messages
to a driver alongside that layout engine. In the process I've sorted
out nicer-looking panel titles and finally fixed the list-boxes-are-
never-the-right-size bug (turned out to be Windows's fault, of
course). I _believe_ it should do everything the old config box did,
including context help. Now everyone has to test it thoroughly...
[originally from svn r2908]
