KEX_MAX
};
+enum {
+ /*
+ * SSH-2 host key algorithms
+ */
+ HK_WARN,
+ HK_RSA,
+ HK_DSA,
+ HK_ECDSA,
+ HK_ED25519,
+ HK_MAX
+};
+
enum {
/*
* SSH ciphers (both SSH-1 and SSH-2)
BUSY_CPU /* Locally busy (e.g. crypto); user interaction suspended */
};
void set_busy_status(void *frontend, int status);
+int frontend_is_utf8(void *frontend);
void cleanup_exit(int);
X(INT, NONE, nopty) \
X(INT, NONE, compression) \
X(INT, INT, ssh_kexlist) \
+ X(INT, INT, ssh_hklist) \
X(INT, NONE, ssh_rekey_time) /* in minutes */ \
X(STR, NONE, ssh_rekey_data) /* string encoding e.g. "100K", "2M", "1G" */ \
X(INT, NONE, tryagent) \
X(INT, NONE, change_username) /* allow username switching in SSH-2 */ \
X(INT, INT, ssh_cipherlist) \
X(FILENAME, NONE, keyfile) \
- X(INT, NONE, sshprot) /* use v1 or v2 when both available */ \
+ /* \
+ * Which SSH protocol to use. \
+ * For historical reasons, the current legal values for CONF_sshprot \
+ * are: \
+ * 0 = SSH-1 only \
+ * 3 = SSH-2 only \
+ * We used to also support \
+ * 1 = SSH-1 with fallback to SSH-2 \
+ * 2 = SSH-2 with fallback to SSH-1 \
+ * and we continue to use 0/3 in storage formats rather than the more \
+ * obvious 1/2 to avoid surprises if someone saves a session and later \
+ * downgrades PuTTY. So it's easier to use these numbers internally too. \
+ */ \
+ X(INT, NONE, sshprot) \
X(INT, NONE, ssh2_des_cbc) /* "des-cbc" unrecommended SSH-2 cipher */ \
X(INT, NONE, ssh_no_userauth) /* bypass "ssh-userauth" (SSH-2 only) */ \
X(INT, NONE, ssh_show_banner) /* show USERAUTH_BANNERs (SSH-2 only) */ \
X(INT, NONE, no_remote_resize) /* disable remote resizing */ \
X(INT, NONE, no_alt_screen) /* disable alternate screen */ \
X(INT, NONE, no_remote_wintitle) /* disable remote retitling */ \
+ X(INT, NONE, no_remote_clearscroll) /* disable ESC[3J */ \
X(INT, NONE, no_dbackspace) /* disable destructive backspace */ \
X(INT, NONE, no_remote_charset) /* disable remote charset config */ \
X(INT, NONE, remote_qtitle_action) /* remote win title query action */ \
/*
* Exports from version.c.
*/
-extern char ver[];
+extern const char ver[];
/*
* Exports from unicode.c.
/*
* Exports from pageantc.c.
*
- * agent_query returns 1 for here's-a-response, and 0 for query-in-
- * progress. In the latter case there will be a call to `callback'
- * at some future point, passing callback_ctx as the first
+ * agent_query returns NULL for here's-a-response, and non-NULL for
+ * query-in- progress. In the latter case there will be a call to
+ * `callback' at some future point, passing callback_ctx as the first
* parameter and the actual reply data as the second and third.
*
* The response may be a NULL pointer (in either of the synchronous
* or asynchronous cases), which indicates failure to receive a
* response.
+ *
+ * When the return from agent_query is not NULL, it identifies the
+ * in-progress query in case it needs to be cancelled. If
+ * agent_cancel_query is called, then the pending query is destroyed
+ * and the callback will not be called. (E.g. if you're going to throw
+ * away the thing you were using as callback_ctx.)
+ *
+ * Passing a null pointer as callback forces agent_query to behave
+ * synchronously, i.e. it will block if necessary, and guarantee to
+ * return NULL. The wrapper function agent_query_synchronous() makes
+ * this easier.
*/
-int agent_query(void *in, int inlen, void **out, int *outlen,
- void (*callback)(void *, void *, int), void *callback_ctx);
+typedef struct agent_pending_query agent_pending_query;
+agent_pending_query *agent_query(
+ void *in, int inlen, void **out, int *outlen,
+ void (*callback)(void *, void *, int), void *callback_ctx);
+void agent_cancel_query(agent_pending_query *);
+void agent_query_synchronous(void *in, int inlen, void **out, int *outlen);
int agent_exists(void);
/*
*/
int have_ssh_host_key(const char *host, int port, const char *keytype);
/*
- * askalg has the same set of return values as verify_ssh_host_key.
+ * askalg and askhk have the same set of return values as
+ * verify_ssh_host_key.
+ *
+ * (askhk is used in the case where we're using a host key below the
+ * warning threshold because that's all we have cached, but at least
+ * one acceptable algorithm is available that we don't have cached.)
*/
int askalg(void *frontend, const char *algtype, const char *algname,
void (*callback)(void *ctx, int result), void *ctx);
+int askhk(void *frontend, const char *algname, const char *betteralgs,
+ void (*callback)(void *ctx, int result), void *ctx);
/*
* askappend can return four values:
*
int filename_serialise(const Filename *f, void *data);
Filename *filename_deserialise(void *data, int maxsize, int *used);
char *get_username(void); /* return value needs freeing */
-char *get_random_data(int bytes); /* used in cmdgen.c */
+char *get_random_data(int bytes, const char *device); /* used in cmdgen.c */
char filename_char_sanitise(char c); /* rewrite special pathname chars */
/*
void expire_timer_context(void *ctx);
int run_timers(unsigned long now, unsigned long *next);
void timer_change_notify(unsigned long next);
+unsigned long timing_last_clock(void);
/*
* Exports from callback.c.