mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-04-10 07:38:06 -05:00
dff4bd4d14
Now the return value is a dynamically allocated string instead of a static one, which means that the error message can include details taken from the specific failing connection. In particular, if someone requests an X11 authorisation protocol we don't support, we can print its name as part of the message, which may help users debug the problem. One particularly important special case of this is that if the client connection presents _no_ authorisation - which is surely by far the most likely thing to happen by accident, e.g. if the auth file has gone missing, or the hostname doesn't match for some reason - then we now give a specific message "No authorisation provided", which I think is considerably more helpful than just lumping that very common case in with "Unsupported authorisation protocol". Even changing the latter to "Unsupported authorisation protocol ''" is still not very sensible. The problem in that case is not that the user has tried an exotic auth protocol we've never heard of - it's that they've forgotten, or failed, to provide one at all. The error message for "XDM-AUTHORIZATION-1 data was wrong length" is the other modified one: it now says what the wrong length _was_. However, all other failures of X-A-1 are still kept deliberately vague, because saying which part of the decrypted string didn't match is an obvious information leak.