mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-04-14 01:28:06 -05:00
bdb3ac9f3b
Jacob spotted that an unused -pwfile input can be accidentally used as the answer to Plink's antispoof 'press Return to begin session' prompt, which is unintended and confusing. To fix that, I've made the use of a command-line password conditional on p->to_server, the flag in a prompts_t that indicates whether the results of the prompts are going to be sent directly to the server or consumed locally by PuTTY. (And I've also corrected the setting of to_server in the antispoof prompt, which was true when it should have been false.) A side effect of this is that -pwfile will no longer work to provide a private-key passphrase, if you're using public-key authentication without Pageant. This is deliberate, because if you're doing that on purpose then Pageant is a better way to achieve the same thing (or else just store the key unencrypted, which is no worse); but in the case of a server that sequentially demands public-key _and_ password authentication, the new behaviour makes -pwfile apply to the right one of the two prompts, i.e. the actual password.