1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Commit Graph

48 Commits

Author SHA1 Message Date
Simon Tatham
0fffc62fc6 errors.but: add a note about firewalls.
An irate user complained today that they wished we'd documented
firewalls as a possible cause of WSAECONNREFUSED, because it took them
ages to think of checking that. Fair enough.
2023-07-20 20:49:36 +01:00
Jacob Nevins
bb1ebc9b57 Docs: tweak certified-host-key warning responses.
Mainly to try to clarify that if you're sat at this warning dialog/
prompt, no response you make to it will cause a new CA to be trusted for
signing arbitrary host keys.
2022-10-21 20:12:23 +01:00
Jacob Nevins
5716c638a5 Docs: cross-reference host-key warning sections.
The 'certified host key' variant of the host key warning always comes
with a scary 'POTENTIAL SECURITY BREACH!' message. So the error message
section with the scary title that should acknowledge that variant, and
the section about that variant should mention the scary warning.
2022-10-21 19:46:51 +01:00
Simon Tatham
e52087719c Documentation for OpenSSH certificates.
Also I've filled in the help contexts in all the new GUI controls.
2022-08-07 18:44:11 +01:00
Jacob Nevins
16ead30c0f Update docs for new host key prompts.
The message wording changed in d1dc1e927c.
2022-01-11 23:57:39 +00:00
Jacob Nevins
557164b043 Tweaks to SUPDUP documentation.
Including noting that it can't be used with Plink, and better indexing.
2021-02-21 16:44:51 +00:00
Simon Tatham
5d718ef64b Whitespace rationalisation of entire code base.
The number of people has been steadily increasing who read our source
code with an editor that thinks tab stops are 4 spaces apart, as
opposed to the traditional tty-derived 8 that the PuTTY code expects.

So I've been wondering for ages about just fixing it, and switching to
a spaces-only policy throughout the code. And I recently found out
about 'git blame -w', which should make this change not too disruptive
for the purposes of source-control archaeology; so perhaps now is the
time.

While I'm at it, I've also taken the opportunity to remove all the
trailing spaces from source lines (on the basis that git dislikes
them, and is the only thing that seems to have a strong opinion one
way or the other).
    
Apologies to anyone downstream of this code who has complicated patch
sets to rebase past this change. I don't intend it to be needed again.
2019-09-08 20:29:21 +01:00
Jacob Nevins
5aacd0d98e Docs: talk about SSH-2 before SSH-1.
Because SSH-1 is a very niche interest these days. Mostly this affects
the public key documentation.

Also, a couple of unrelated concessions to modernity.
2019-04-19 15:49:05 +01:00
Jacob Nevins
461844a5ec Docs: tweak other error messages for truth. 2019-04-19 15:49:05 +01:00
Jacob Nevins
c86a56f49c Docs: correct some error messages.
In some messages, "server" became "remote" in 21a7ce7a07.
2019-04-19 15:49:05 +01:00
Jacob Nevins
464e351c7b Remove most traces of WinHelp support.
Remove the 'winhelp-topic' IDs from the Halibut source, and from the
code. Now we have one fewer name to think of every time we add a
setting.

I've left the HELPCTX system in place, with the vague notion that it
might be a useful layer of indirection for some future help system on a
platform like Mac OS X.

(I've left the putty.hlp target in doc/Makefile, if nothing else because
this is a convenient test case for Halibut's WinHelp support. But the
resulting help file will no longer support context help.)
2019-03-26 00:27:04 +00:00
Jacob Nevins
22cf2823d1 Remove some ancient cruft from the FAQ.
- I haven't heard of OpenSSH/OpenSSL mismatches being a common problem
   for a long time. Specific advice about OpenSSH 3.1/3.4 seems unlikely
   to be useful these days.
 - "Incorrect MAC received on packet" doesn't seem to be a common
   problem these days, and if anyone encounters it, the words in the
   "Errors" bit of the docs seem adequate without a FAQ entry as well.
2017-05-23 23:13:17 +01:00
Simon Tatham
00bcf6ecbc Update documentation for 0.68.
Several places in the docs were labelled for review because they need
to change when 0.68's feature set comes in - no SSH-2 to SSH-1
fallback any more, but on the other hand, Unix Pageant now exists.
2017-02-18 17:09:37 +00:00
Jacob Nevins
16dfefcbde Stop supporting fallback between SSH versions.
The UI now only has "1" and "2" options for SSH protocol version, which
behave like the old "1 only" and "2 only" options; old
SSH-N-with-fallback settings are interpreted as SSH-N-only.

This prevents any attempt at a protocol downgrade attack.
Most users should see no difference; those poor souls who still have to
work with SSH-1 equipment now have to explicitly opt in.
2016-04-02 12:46:04 +01:00
Jacob Nevins
c4f963ebd7 Document 'Cannot assign requested address' error.
Often it means you tried to connect to port 0.
2015-11-21 12:21:31 +00:00
Simon Tatham
4d8782e74f Rework versioning system to not depend on Subversion.
I've shifted away from using the SVN revision number as a monotonic
version identifier (replacing it in the Windows version resource with
a count of days since an arbitrary epoch), and I've removed all uses
of SVN keyword expansion (replacing them with version information
written out by Buildscr).

While I'm at it, I've done a major rewrite of the affected code which
centralises all the computation of the assorted version numbers and
strings into Buildscr, so that they're all more or less alongside each
other rather than scattered across multiple source files.

I've also retired the MD5-based manifest file system. A long time ago,
it seemed like a good idea to arrange that binaries of PuTTY would
automatically cease to identify themselves as a particular upstream
version number if any changes were made to the source code, so that if
someone made a local tweak and distributed the result then I wouldn't
get blamed for the results. Since then I've decided the whole idea is
more trouble than it's worth, so now distribution tarballs will have
version information baked in and people can just cope with that.

[originally from svn r10262]
2014-09-24 10:33:13 +00:00
Jacob Nevins
85c95e30e4 Fix markup error introduced in r9626.
[originally from svn r9627]
[r9626 == 92fc25c6cd]
2012-08-26 09:50:57 +00:00
Ben Harris
92fc25c6cd Remove documentation for "Out of space for port forwardings" error.
It no longer exists in the code, and should have been obsoleted by
r9214 at the latest.

[originally from svn r9626]
[r9214 == a1f3b7a358]
2012-08-26 09:19:34 +00:00
Jacob Nevins
12b6a4e7dd Tweak description of dynamic port forwarding, and point people running into
'Out of space for port forwardings' at it.

[originally from svn r8897]
[this svn revision also touched putty-wishlist]
2010-03-13 14:47:14 +00:00
Jacob Nevins
c26dbd0337 The "server refused our key" bit didn't link to the public-key auth chapter,
which has some hints on server-side setup. Now it does.

[originally from svn r8194]
2008-09-25 19:00:42 +00:00
Ben Harris
b2b89061d3 Document maxpkt bug under garbled packet error message.
[originally from svn r7806]
2007-12-05 00:28:22 +00:00
Ben Harris
187d481d73 Document "No supported authentication methods available", and make it clear
that TIS/CryptoCard auth can be used for simple passwords too.

[originally from svn r7730]
2007-09-22 13:55:25 +00:00
Jacob Nevins
c2bb01fa93 Index "MAC" a bit more thoroughly.
[originally from svn r7610]
2007-05-29 20:06:45 +00:00
Jacob Nevins
3a79eff8e2 Explicitly spell out that "incorrect MAC" type errors can be caused by
data corruption in the network.

[originally from svn r7609]
2007-05-29 20:01:32 +00:00
Jacob Nevins
407ed0d2f4 Missing close parenthesis.
[originally from svn r6461]
2005-11-14 09:41:42 +00:00
Jacob Nevins
de945281fc r6437 broke the case where Pageant is running but contains no SSH-2 keys
that the SSH-2 server is happy with. Fixed, and since I'm here, fix
`pubkeyfile-and-pageant' as well (for SSH-1 and SSH-2).
Also, in SSH-2, we now reexamine "methods that can continue" for every
Pageant key offer, which is technically more correct although it seems
unlikely that it was causing any real problems.
(It's not entirely pretty, but neither was the old code. We could probably
do with some sort of abstraction for public/private keys to avoid carting
lots of fiddly bits of data around.)

[originally from svn r6459]
[r6437 == 8719f92c14]
[this svn revision also touched putty-wishlist]
2005-11-13 16:06:41 +00:00
Ben Harris
09951c6078 Implement my experimental arcfour modes. The 256-bit version is disabled
until I can test it against someone else's implementation.

[originally from svn r5633]
2005-04-14 22:58:29 +00:00
Jacob Nevins
0e82598a35 Index the complete PuTTY manual.
This was a bit rushed, and could doubtless be improved.
Also fix a couple of things I noted on the way, including:
 - "pscp -ls" wasn't documented
 - Windows XP wasn't mentioned enough

[originally from svn r5593]
2005-04-05 18:01:32 +00:00
Simon Tatham
9e4d795787 Add text to the troubleshooting chapter about the errors that can be
caused when an active connection times out due to outgoing data
exceeding its maximum number of retries, and mention that this can
occur even when you didn't think you'd sent anything due to rekeys
and/or keepalives.

Unix generates ETIMEDOUT in this situation. Windows, it turns out
after doing an actual experiment by disabling my firewall, generates
ECONNABORTED! So _that's_ what it means under Windows. I wish I'd
done this experiment years ago now.

[originally from svn r5585]
2005-03-31 18:52:21 +00:00
Jacob Nevins
5eb26fa459 I believe MAC/CRC errors can be caused by network corruption, in principle.
[originally from svn r5520]
2005-03-18 12:58:39 +00:00
Jacob Nevins
5aa719d16e Consistently use a single notation to refer to SSH protocol versions, as
discussed. Use Barrett and Silverman's convention of "SSH-1" for SSH protocol
version 1 and "SSH-2" for protocol 2 ("SSH1"/"SSH2" refer to ssh.com
implementations in this scheme). <http://www.snailbook.com/terms.html>

[originally from svn r5480]
2005-03-10 16:36:05 +00:00
Jacob Nevins
a2b583f137 Add context help to a couple of message boxes. Unfortunately the ones
I wanted to get to -- "software caused connection abort" and friends --
are going to be more involved (probably requiring some cross-platform
notion of help contexts), and these ones hardly seem worth the effort.
Still, I've done it now.

Side-effect: Pageant now uses the same `hinst' and `hwnd' globals as
everything else. Tested basic functionality.

[originally from svn r5417]
2005-03-01 01:16:57 +00:00
Jacob Nevins
99122767f5 The Windows host key dialogs now have a `Help' button that should give
appropriate context help, iff the help file is present. (Shame it's prey to
`winhelp-crash'.)

(I've perpetrated a widening of visibility of `hwnd'; the alternative, putting
it into a frontend handle, seemed too likely to cause maintenance trouble if
we don't also _use_ that frontend handle everywhere we now use the global
`hwnd'.)

[originally from svn r5309]
2005-02-15 22:23:47 +00:00
Jacob Nevins
9d9c0fcffc Extra note on "connection reset by peer" on Windows.
Note default circumstances of cipher warning. (I haven't bothered with the
similar kex warning since it doesn't come up in the default configuration,
and is in any case unlikely to be common.)

[originally from svn r5302]
2005-02-15 12:35:59 +00:00
Jacob Nevins
63c26e722a WSAECONNABORTED: Soften claims + emphasise applicability to established
connections, based on KB 819124.

[originally from svn r5296]
2005-02-14 11:07:52 +00:00
Ben Harris
0ed4829537 Mention that a common reason for keys' being rejected is dodgy permissions.
[originally from svn r5274]
2005-02-08 12:40:51 +00:00
Jacob Nevins
6e8de53dcb "Software caused connection abort": a couple of people now have got rid of
this with keepalives. Also try to emphasise that this seems to be a generic
catch-all type of error.

[originally from svn r4818]
2004-11-18 19:41:41 +00:00
Simon Tatham
5d32d4af14 Now we use Subversion, it seems excessive to have an individual $Id$
line for every single .but file at the bottom of each page of the
HTML PuTTY docs. However, we can't _always_ replace that with a
single SVN revision, because there isn't always one available (SVN
still allows mixed working copies in which some files are
deliberately checked out against a different revision).

Hence, here's a mechanism for doing better. It uses `svnversion .'
to determine _whether_ a single revision number adequately describes
the current directory, and replaces all the version IDs with that if
so. If it can't do that, it uses the version IDs as before.

Also, this allows an explicit version string to be passed on the
make command line which will override _both_ these possibilities, so
that release documentation can be clearly labelled with the release
version number.

[originally from svn r4804]
2004-11-17 18:16:59 +00:00
Jacob Nevins
aba082f324 "Incoming packet was garbled on decryption": I think this could in principle
be due to corruption on the wire?

[originally from svn r4582]
2004-09-27 00:23:19 +00:00
Jacob Nevins
3373f5fb99 Add a section on the errors you see when you attempt to load a key of the
wrong type.

[originally from svn r4345]
2004-07-22 12:38:37 +00:00
Simon Tatham
fdcdecace9 I added more detail to the `Authentication failed at PuTTY X11
proxy' error message some time ago, but forgot to change the wording
in the error messages chapter.

[originally from svn r4235]
2004-05-20 12:48:19 +00:00
Jacob Nevins
ef14e3959a Add section on "Access denied". This was mostly inspired by the password
camouflage problems with SSH-1.5-OSU_1.4alpha3.

[originally from svn r3358]
2003-07-12 13:25:43 +00:00
Simon Tatham
e2874c40c8 Gah, another duplicate keyword. I must stop creating new docs
sections by cut and paste.

[originally from svn r2956]
2003-03-18 09:03:31 +00:00
Simon Tatham
13c7bf5dd5 Error messages update. It's now abundantly clear that WSAECONNABORTED
is not the same thing as ECONNABORTED, so I've removed the `we're a
bit confused about this, send us details' text. And someone has just
been confused by `connection timed out', so I've added that too.

[originally from svn r2950]
2003-03-17 16:57:23 +00:00
Ben Harris
8758cbf028 Mention the slightly odd "too many authentication attempts" message you
get from OpenSSH if you overfill Pageant.

[originally from svn r2757]
2003-01-31 23:18:44 +00:00
Simon Tatham
3a841b6e10 Antonin Brothanek points out that `Incoming packet was garbled on
decryption' could be a result of the wrong setting of the
`Miscomputes SSH2 encryption keys' bug workaround option.

[originally from svn r2751]
2003-01-30 10:19:05 +00:00
Ben Harris
76065bcb1e Remove a spurious 'q'.
[originally from svn r2257]
2002-11-25 19:02:23 +00:00
Simon Tatham
be71ff5568 Add a chapter explaining common error messages
[originally from svn r1984]
2002-10-01 16:27:36 +00:00