1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00
putty-source/Recipe
Simon Tatham 03aeabfbea Use a proper PRNG for GTK askpass.
Coverity complained that it was wrong to use rand() in a security
context, and although in this case it's _very_ marginal, I can't
actually disagree that the choice of which light to light up to avoid
giving information about passphrase length is a security context.

So, no more rand(); instead we instantiate a shiny Fortuna PRNG
instance, seed it in more or less the usual way, and use that as an
overkill-level method of choosing which light to light up next.

(Acknowledging that this is a slightly unusual application and less
critical than most, I don't actually put the passphrase characters
themselves into the PRNG, and I don't use a random-seed file.)
2019-05-05 20:28:00 +01:00

414 lines
16 KiB
Makefile

# -*- makefile -*-
#
# This file describes which PuTTY programs are made up from which
# object and resource files. It is processed into the various
# Makefiles by means of a Perl script. Makefile changes should
# really be made by editing this file and/or the Perl script, not
# by editing the actual Makefiles.
# ------------------------------------------------------------
# Top-level configuration.
# Overall project name.
!name putty
# Locations and types of output Makefiles.
!makefile clangcl windows/Makefile.clangcl
!makefile vc windows/Makefile.vc
!makefile vcproj windows/MSVC
!makefile cygwin windows/Makefile.mgw
!makefile lcc windows/Makefile.lcc
!makefile gtk unix/Makefile.gtk
!makefile unix unix/Makefile.ux
!makefile am Makefile.am
!makefile devcppproj windows/DEVCPP
!makefile vstudio10 windows/VS2010
!makefile vstudio12 windows/VS2012
# Source directories.
!srcdir charset/
!srcdir windows/
!srcdir unix/
# Help text added to the top of each Makefile, with /D converted
# into -D as appropriate for the particular Makefile.
!begin help
#
# Extra options you can set:
#
# - COMPAT=/DAUTO_WINSOCK (Windows only)
# Causes PuTTY to assume that <windows.h> includes its own WinSock
# header file, so that it won't try to include <winsock.h>.
#
# - COMPAT=/DWINSOCK_TWO (Windows only)
# Causes the PuTTY utilities to include <winsock2.h> instead of
# <winsock.h>, except Plink which _needs_ WinSock 2 so it already
# does this.
#
# - COMPAT=/DNO_SECURITY (Windows only)
# Disables use of <aclapi.h>, which is not available with some
# development environments (such as very old versions of the
# mingw/Cygwin GNU toolchain). This has the following effects:
# - Pageant won't care about the local user ID of processes
# accessing it; a version of Pageant built with this option
# will therefore refuse to run under NT-series OSes on
# security grounds (although it will run fine on Win95-series
# OSes where there is no access control anyway).
# - SSH connection sharing is disabled.
# - There is no support for restriction of the process ACLs.
#
# - COMPAT=/DNO_MULTIMON (Windows only)
# Disables PuTTY's use of <multimon.h>, which is not available
# with some development environments. This means that PuTTY's
# full-screen mode (configurable to work on Alt-Enter) will
# not behave usefully in a multi-monitor environment.
#
# - COMPAT=/DNO_HTMLHELP (Windows only)
# Disables PuTTY's use of <htmlhelp.h>, which is not available
# with some development environments.
#
# If you don't have this header, you may be able to use the copy
# supplied with HTML Help Workshop.
#
# - RCFL=/DNO_MANIFESTS (Windows only)
# Disables inclusion of XML application manifests in the PuTTY
# binaries. This may be necessary to build for 64-bit Windows;
# the manifests are only included to use the XP GUI style on
# Windows XP, and the architecture tags are a lie on 64-bit.
#
# - COMPAT=/DNO_IPV6
# Disables PuTTY's ability to make IPv6 connections, enabling
# it to compile under development environments which do not
# support IPv6 in their header files.
#
# - COMPAT=/DNO_GSSAPI
# Disables PuTTY's ability to use GSSAPI functions for
# authentication and key exchange.
#
# - COMPAT=/DSTATIC_GSSAPI
# Causes PuTTY to try to link statically against the GSSAPI
# library instead of the default of doing it at run time.
#
# - COMPAT=/DMSVC4 (Windows only)
# - RCFL=/DMSVC4
# Makes a couple of minor changes so that PuTTY compiles using
# MSVC 4. You will also need /DNO_SECURITY and /DNO_MULTIMON.
#
# - COMPAT=/DNO_SECUREZEROMEMORY (Windows only)
# Disables PuTTY's use of SecureZeroMemory(), which is missing
# from some environments' header files.
#
# - XFLAGS=/DTELNET_DEFAULT
# Causes PuTTY to default to the Telnet protocol (in the absence
# of Default Settings and so on to the contrary). Normally PuTTY
# will default to SSH.
#
# - XFLAGS=/DDEBUG
# Causes PuTTY to enable internal debugging.
#
# - XFLAGS=/DMALLOC_LOG
# Causes PuTTY to emit a file called putty_mem.log, logging every
# memory allocation and free, so you can track memory leaks.
#
# - XFLAGS=/DMINEFIELD (Windows only)
# Causes PuTTY to use a custom memory allocator, similar in
# concept to Electric Fence, in place of regular malloc(). Wastes
# huge amounts of RAM, but should cause heap-corruption bugs to
# show up as GPFs at the point of failure rather than appearing
# later on as second-level damage.
#
# - XFLAGS=/DFUZZING
# Builds a version of PuTTY with some tweaks to make fuzz testing
# easier: the SSH random number generator is replaced by one that
# always returns the same thing. Note that this makes SSH
# completely insecure -- a FUZZING build should never be used to
# connect to a real server.
!end
# ------------------------------------------------------------
# Additional text added verbatim to each individual Makefile.
!cflags am version
!begin am
if AUTO_GIT_COMMIT
BUILT_SOURCES = empty.h
CLEANFILES = empty.h
libversion_a_CFLAGS += -DSOURCE_COMMIT=\"`git --git-dir=$(srcdir)/.git rev-parse HEAD 2>/dev/null`\"
empty.h: $(allsources)
echo '/* Empty file touched by automake makefile to force rebuild of version.o */' >$@
endif
# Run the cryptsuite tests as part of 'make check'. Override
# PUTTY_TESTCRYPT so that cryptsuite will take the testcrypt binary
# from the build directory instead of the source directory, in case
# this is an out-of-tree build.
check-local: testcrypt
PUTTY_TESTCRYPT=./testcrypt $(srcdir)/test/cryptsuite.py
!end
!begin >empty.h
/* Empty file touched by automake makefile to force rebuild of version.o */
!end
!begin vc vars
CFLAGS = $(CFLAGS) /DHAS_GSSAPI
!end
!begin clangcl vars
CFLAGS += /DHAS_GSSAPI
!end
# `make install' target for Unix.
!begin gtk
install:
mkdir -p $(DESTDIR)$(bindir) $(DESTDIR)$(man1dir)
$(INSTALL_PROGRAM) -m 755 pageant $(DESTDIR)$(bindir)/pageant
$(INSTALL_PROGRAM) -m 755 plink $(DESTDIR)$(bindir)/plink
$(INSTALL_PROGRAM) -m 755 pscp $(DESTDIR)$(bindir)/pscp
$(INSTALL_PROGRAM) -m 755 psftp $(DESTDIR)$(bindir)/psftp
$(INSTALL_PROGRAM) -m 755 pterm $(DESTDIR)$(bindir)/pterm
if test -n "$(UTMP_GROUP)"; then \
chgrp $(UTMP_GROUP) $(DESTDIR)$(bindir)/pterm && \
chmod 2755 $(DESTDIR)$(bindir)/pterm; \
elif test -n "$(UTMP_USER)"; then \
chown $(UTMP_USER) $(DESTDIR)$(bindir)/pterm && \
chmod 4755 $(DESTDIR)$(bindir)/pterm; \
fi
$(INSTALL_PROGRAM) -m 755 putty $(DESTDIR)$(bindir)/putty
$(INSTALL_PROGRAM) -m 755 puttygen $(DESTDIR)$(bindir)/puttygen
$(INSTALL_PROGRAM) -m 755 puttytel $(DESTDIR)$(bindir)/puttytel
$(INSTALL_DATA) -m 644 ../doc/pageant.1 $(DESTDIR)$(man1dir)/pageant.1
$(INSTALL_DATA) -m 644 ../doc/plink.1 $(DESTDIR)$(man1dir)/plink.1
$(INSTALL_DATA) -m 644 ../doc/pscp.1 $(DESTDIR)$(man1dir)/pscp.1
$(INSTALL_DATA) -m 644 ../doc/psftp.1 $(DESTDIR)$(man1dir)/psftp.1
$(INSTALL_DATA) -m 644 ../doc/pterm.1 $(DESTDIR)$(man1dir)/pterm.1
$(INSTALL_DATA) -m 644 ../doc/putty.1 $(DESTDIR)$(man1dir)/putty.1
$(INSTALL_DATA) -m 644 ../doc/puttygen.1 $(DESTDIR)$(man1dir)/puttygen.1
$(INSTALL_DATA) -m 644 ../doc/puttytel.1 $(DESTDIR)$(man1dir)/puttytel.1
install-strip:
$(MAKE) install INSTALL_PROGRAM="$(INSTALL_PROGRAM) -s"
!end
# List the man pages for the automake makefile.
!begin am
if HAVE_GTK
man1_MANS = doc/plink.1 doc/pscp.1 doc/psftp.1 doc/puttygen.1 \
doc/pageant.1 doc/pterm.1 doc/putty.1 doc/puttytel.1
else
man1_MANS = doc/plink.1 doc/pscp.1 doc/psftp.1 doc/puttygen.1
endif
!end
# In automake, chgrp/chmod pterm after installation, if configured to.
!begin am
if HAVE_SETID_CMD
install-exec-local:
@SETID_CMD@ $(bindir)/pterm
chmod @SETID_MODE@ $(bindir)/pterm
endif
!end
# In automake makefile, build the OS X app bundle, if configured in
# Quartz mode.
!begin am
if HAVE_QUARTZ
noinst_SCRIPTS = unix/PuTTY.app unix/Pterm.app
unix/PuTTY.app: unix/putty.bundle puttyapp osxlaunch
rm -rf $@ && PUTTY_GTK_PREFIX_FROM_MAKEFILE=$$(pkg-config --variable=prefix gtk+-3.0) gtk-mac-bundler $<
unix/Pterm.app: unix/pterm.bundle ptermapp osxlaunch
rm -rf $@ && PUTTY_GTK_PREFIX_FROM_MAKEFILE=$$(pkg-config --variable=prefix gtk+-3.0) gtk-mac-bundler $<
endif
!end
# Random symbols.
!begin cygwin vars
# _WIN32_IE is required to expose identifiers that only make sense on
# systems with IE5+ installed, such as some arguments to SHGetFolderPath().
# WINVER etc perform a similar function for FlashWindowEx().
CFLAGS += -D_WIN32_IE=0x0500
CFLAGS += -DWINVER=0x0500 -D_WIN32_WINDOWS=0x0410 -D_WIN32_WINNT=0x0500
!end
# ------------------------------------------------------------
# Definitions of object groups. A group name, followed by an =,
# followed by any number of objects or other already-defined group
# names. A line beginning `+' is assumed to continue the previous
# line.
# conf.c and its dependencies.
CONF = conf marshal
# Terminal emulator and its (platform-independent) dependencies.
TERMINAL = terminal stripctrl wcwidth ldiscucs logging tree234 minibidi
+ config dialog CONF
# GUI front end and terminal emulator (putty, puttytel).
GUITERM = TERMINAL window windlg winctrls sizetip winprint winutils
+ wincfg sercfg winhelp winjump sessprep
# Same thing on Unix.
UXTERM = TERMINAL uxcfg sercfg uxucs uxprint timing callback miscucs
GTKTERM = UXTERM gtkwin gtkcfg gtkdlg gtkfont gtkcols gtkmisc xkeysym
+ x11misc gtkcomm sessprep
GTKMAIN = gtkmain cmdline
# Non-SSH back ends (putty, puttytel, plink).
NONSSH = telnet raw rlogin ldisc pinger
# SSH back end (putty, plink, pscp, psftp).
ARITH = mpint ecc
SSHCRYPTO = ARITH sshmd5 sshsha sshsh256 sshsh512
+ sshrsa sshdss sshecc
+ sshdes sshblowf sshaes sshccp ssharcf
+ sshdh sshcrc sshcrcda sshauxcrypt
+ sshhmac
SSHCOMMON = sshcommon sshprng sshrand SSHCRYPTO
+ sshverstring
+ sshpubk sshzlib
+ sshmac marshal nullplug
+ sshgssc pgssapi wildcard ssh1censor ssh2censor ssh2bpp
+ ssh2transport ssh2transhk ssh2connection portfwd x11fwd
+ ssh1connection ssh1bpp
SSH = SSHCOMMON ssh ssh2bpp-bare
+ ssh1login ssh2userauth
+ pinger
+ sshshare aqsync agentf
+ mainchan ssh2kex-client ssh2connection-client ssh1connection-client
WINSSH = SSH winnoise wincapi winpgntc wingss winshare winnps winnpc
+ winhsock errsock
UXSSH = SSH uxnoise uxagentc uxgss uxshare
# SFTP implementation (pscp, psftp).
SFTP = sftp sftpcommon logging cmdline
# Miscellaneous objects appearing in all the utilities, or all the
# network ones, or the Unix or Windows subsets of those in turn.
MISC = misc utils marshal memory stripctrl wcwidth
MISCNETCOMMON = timing callback MISC version tree234 CONF
MISCNET = MISCNETCOMMON be_misc settings proxy
WINMISC = MISCNET winstore winnet winhandl cmdline windefs winmisc winproxy
+ wintime winhsock errsock winsecur winucs miscucs winmiscs
UXMISCCOMMON = MISCNETCOMMON uxstore uxsel uxpoll uxnet uxpeer uxmisc time
+ uxfdsock errsock
UXMISC = MISCNET UXMISCCOMMON uxproxy uxutils
# SSH server.
SSHSERVER = SSHCOMMON sshserver settings be_none logging ssh2kex-server
+ ssh2userauth-server sshrsag sshprime ssh2connection-server
+ sesschan sftpcommon sftpserver proxy cproxy ssh1login-server
+ ssh1connection-server scpserver
# import.c and dependencies, for PuTTYgen-like utilities that have to
# load foreign key files.
IMPORT = import sshbcrypt sshblowf marshal
# Character set library, for use in pterm.
CHARSET = sbcsdat slookup sbcs utf8 toucs fromucs xenc mimeenc macenc localenc
# Standard libraries.
LIBS = advapi32.lib user32.lib gdi32.lib comdlg32.lib
+ shell32.lib imm32.lib ole32.lib
# Network backend sets. This also brings in the relevant attachment
# to proxy.c depending on whether we're crypto-avoidant or not.
BE_ALL = be_all cproxy
BE_NOSSH = be_nossh nocproxy
BE_SSH = be_ssh cproxy
BE_NONE = be_none nocproxy
# More backend sets, with the additional Windows serial-port module.
W_BE_ALL = be_all_s winser cproxy
W_BE_NOSSH = be_nos_s winser nocproxy
# And with the Unix serial-port module.
U_BE_ALL = be_all_s uxser cproxy
U_BE_NOSSH = be_nos_s uxser nocproxy
# ------------------------------------------------------------
# Definitions of actual programs. The program name, followed by a
# colon, followed by a list of objects. Also in the list may be the
# keywords [G] for Windows GUI app, [C] for Console app, [X] for
# X/GTK Unix app, [U] for command-line Unix app.
putty : [G] GUITERM NONSSH WINSSH W_BE_ALL WINMISC winx11 putty.res LIBS
puttytel : [G] GUITERM NONSSH W_BE_NOSSH WINMISC puttytel.res nogss LIBS
plink : [C] winplink wincons NONSSH WINSSH W_BE_ALL logging WINMISC
+ winx11 plink.res winnojmp sessprep noterm winnohlp LIBS
pscp : [C] pscp winsftp wincons WINSSH BE_SSH SFTP wildcard WINMISC
+ pscp.res winnojmp winnohlp LIBS
psftp : [C] psftp winsftp wincons WINSSH BE_SSH SFTP wildcard WINMISC
+ psftp.res winnojmp winnohlp LIBS
pageant : [G] winpgnt pageant sshrsa sshpubk sshdes ARITH sshmd5 version
+ tree234 MISC sshaes sshsha winsecur winpgntc aqsync sshdss sshsh256
+ sshsh512 winutils sshecc winmisc winmiscs winhelp conf pageant.res
+ sshauxcrypt sshhmac LIBS
puttygen : [G] winpgen sshrsag sshdssg sshprime sshdes ARITH sshmd5 version
+ sshrand winnoise sshsha winstore MISC winctrls sshrsa sshdss winmisc
+ sshpubk sshaes sshsh256 sshsh512 IMPORT winutils puttygen.res
+ tree234 notiming winhelp winnojmp CONF LIBS wintime sshecc sshprng
+ sshecdsag sshauxcrypt sshhmac winsecur winmiscs
pterm : [X] GTKTERM uxmisc misc ldisc settings uxpty uxsel BE_NONE uxstore
+ uxsignal CHARSET cmdline uxpterm version time xpmpterm xpmptcfg
+ nogss utils memory GTKMAIN
putty : [X] GTKTERM uxmisc misc ldisc settings uxsel U_BE_ALL uxstore
+ uxsignal CHARSET uxputty NONSSH UXSSH UXMISC ux_x11 xpmputty
+ xpmpucfg utils memory GTKMAIN
puttytel : [X] GTKTERM uxmisc misc ldisc settings uxsel U_BE_NOSSH
+ uxstore uxsignal CHARSET uxputty NONSSH UXMISC xpmputty xpmpucfg
+ nogss utils memory GTKMAIN
plink : [U] uxplink uxcons NONSSH UXSSH U_BE_ALL logging UXMISC uxsignal
+ ux_x11 noterm uxnogtk sessprep cmdline
PUTTYGEN_UNIX = sshrsag sshdssg sshprime sshdes ARITH sshmd5 version sshprng
+ sshrand uxnoise sshsha MISC sshrsa sshdss uxcons uxstore uxmisc
+ sshpubk sshaes sshsh256 sshsh512 IMPORT puttygen.res time tree234
+ uxgen notiming CONF sshecc sshecdsag uxnogtk sshauxcrypt sshhmac
+ uxpoll uxutils
puttygen : [U] cmdgen PUTTYGEN_UNIX
cgtest : [UT] cgtest PUTTYGEN_UNIX
pscp : [U] pscp uxsftp uxcons UXSSH BE_SSH SFTP wildcard UXMISC uxnogtk
psftp : [U] psftp uxsftp uxcons UXSSH BE_SSH SFTP wildcard UXMISC uxnogtk
pageant : [X] uxpgnt uxagentc aqsync pageant sshrsa sshpubk sshdes ARITH
+ sshmd5 version tree234 misc sshaes sshsha sshdss sshsh256 sshsh512
+ sshecc CONF uxsignal nocproxy nogss be_none x11fwd ux_x11 uxcons
+ gtkask gtkmisc nullplug logging UXMISC uxagentsock utils memory
+ sshauxcrypt sshhmac sshprng uxnoise
ptermapp : [XT] GTKTERM uxmisc misc ldisc settings uxpty uxsel BE_NONE uxstore
+ uxsignal CHARSET uxpterm version time xpmpterm xpmptcfg
+ nogss gtkapp nocmdline utils memory
puttyapp : [XT] GTKTERM uxmisc misc ldisc settings uxsel U_BE_ALL uxstore
+ uxsignal CHARSET uxputty NONSSH UXSSH UXMISC ux_x11 xpmputty
+ xpmpucfg gtkapp nocmdline utils memory
osxlaunch : [UT] osxlaunch
fuzzterm : [UT] UXTERM CHARSET MISC version uxmisc uxucs fuzzterm time settings
+ uxstore be_none uxnogtk memory
testcrypt : [UT] testcrypt SSHCRYPTO sshprng sshprime marshal utils
+ memory tree234 uxutils
testcrypt : [C] testcrypt SSHCRYPTO sshprng sshprime marshal utils
+ memory tree234 winmiscs
testsc : [UT] testsc SSHCRYPTO marshal utils memory tree234 wildcard
+ sshmac uxutils
testzlib : [UT] testzlib sshzlib utils marshal memory
uppity : [UT] uxserver SSHSERVER UXMISC uxsignal uxnoise uxgss uxnogtk
+ uxpty uxsftpserver ux_x11 uxagentsock procnet
# ----------------------------------------------------------------------
# On Windows, provide a means of removing local test binaries that we
# aren't going to actually ship. (I prefer this to not building them
# in the first place, so that we find out about build breakage early.)
!begin vc
cleantestprogs:
-del $(BUILDDIR)testcrypt.exe
!end
!begin clangcl
cleantestprogs:
-rm -f $(BUILDDIR)testcrypt.exe
!end