X(INT, NONE, change_username) /* allow username switching in SSH-2 */ \
X(INT, INT, ssh_cipherlist) \
X(FILENAME, NONE, keyfile) \
- X(INT, NONE, sshprot) /* use v1 or v2 when both available */ \
+ /* \
+ * Which SSH protocol to use. \
+ * For historical reasons, the current legal values for CONF_sshprot \
+ * are: \
+ * 0 = SSH-1 only \
+ * 3 = SSH-2 only \
+ * We used to also support \
+ * 1 = SSH-1 with fallback to SSH-2 \
+ * 2 = SSH-2 with fallback to SSH-1 \
+ * and we continue to use 0/3 in storage formats rather than the more \
+ * obvious 1/2 to avoid surprises if someone saves a session and later \
+ * downgrades PuTTY. So it's easier to use these numbers internally too. \
+ */ \
+ X(INT, NONE, sshprot) \
X(INT, NONE, ssh2_des_cbc) /* "des-cbc" unrecommended SSH-2 cipher */ \
X(INT, NONE, ssh_no_userauth) /* bypass "ssh-userauth" (SSH-2 only) */ \
X(INT, NONE, ssh_show_banner) /* show USERAUTH_BANNERs (SSH-2 only) */ \
*/
int have_ssh_host_key(const char *host, int port, const char *keytype);
/*
- * askalg has the same set of return values as verify_ssh_host_key.
+ * askalg and askhk have the same set of return values as
+ * verify_ssh_host_key.
+ *
+ * (askhk is used in the case where we're using a host key below the
+ * warning threshold because that's all we have cached, but at least
+ * one acceptable algorithm is available that we don't have cached.)
*/
int askalg(void *frontend, const char *algtype, const char *algname,
void (*callback)(void *ctx, int result), void *ctx);
+int askhk(void *frontend, const char *algname, const char *betteralgs,
+ void (*callback)(void *ctx, int result), void *ctx);
/*
* askappend can return four values:
*
int filename_serialise(const Filename *f, void *data);
Filename *filename_deserialise(void *data, int maxsize, int *used);
char *get_username(void); /* return value needs freeing */
-char *get_random_data(int bytes); /* used in cmdgen.c */
+char *get_random_data(int bytes, const char *device); /* used in cmdgen.c */
char filename_char_sanitise(char c); /* rewrite special pathname chars */
/*
void expire_timer_context(void *ctx);
int run_timers(unsigned long now, unsigned long *next);
void timer_change_notify(unsigned long next);
+unsigned long timing_last_clock(void);
/*
* Exports from callback.c.