/* The cipher order given here is the default order. */
static const struct keyvalwhere ciphernames[] = {
+ { "chacha20", CIPHER_CHACHA20, -1, -1 },
{ "aes", CIPHER_AES, -1, -1 },
{ "blowfish", CIPHER_BLOWFISH, -1, -1 },
{ "3des", CIPHER_3DES, -1, -1 },
};
static const struct keyvalwhere kexnames[] = {
+ { "ecdh", KEX_ECDH, -1, +1 },
{ "dh-gex-sha1", KEX_DHGEX, -1, -1 },
{ "dh-group14-sha1", KEX_DHGROUP14, -1, -1 },
{ "dh-group1-sha1", KEX_DHGROUP1, -1, -1 },
{ "WARN", KEX_WARN, -1, -1 }
};
+static const struct keyvalwhere hknames[] = {
+ { "ed25519", HK_ED25519, -1, +1 },
+ { "ecdsa", HK_ECDSA, -1, -1 },
+ { "dsa", HK_DSA, -1, -1 },
+ { "rsa", HK_RSA, -1, -1 },
+ { "WARN", HK_WARN, -1, -1 },
+};
+
/*
* All the terminal modes that we know about for the "TerminalModes"
* setting. (Also used by config.c for the drop-down list.)
filename_free(result);
}
-static int gppi_raw(void *handle, char *name, int def)
+static int gppi_raw(void *handle, const char *name, int def)
{
def = platform_default_i(name, def);
return read_setting_i(handle, name, def);
}
-static void gppi(void *handle, char *name, int def, Conf *conf, int primary)
+static void gppi(void *handle, const char *name, int def,
+ Conf *conf, int primary)
{
conf_set_int(conf, primary, gppi_raw(handle, name, def));
}
* Read a set of name-value pairs in the format we occasionally use:
* NAME\tVALUE\0NAME\tVALUE\0\0 in memory
* NAME=VALUE,NAME=VALUE, in storage
- * `def' is in the storage format.
+ * If there's no "=VALUE" (e.g. just NAME,NAME,NAME) then those keys
+ * are mapped to the empty string.
*/
-static int gppmap(void *handle, char *name, Conf *conf, int primary)
+static int gppmap(void *handle, const char *name, Conf *conf, int primary)
{
char *buf, *p, *q, *key, *val;
}
/*
- * Write a set of name/value pairs in the above format.
+ * Write a set of name/value pairs in the above format, or just the
+ * names if include_values is FALSE.
*/
-static void wmap(void *handle, char const *outkey, Conf *conf, int primary)
+static void wmap(void *handle, char const *outkey, Conf *conf, int primary,
+ int include_values)
{
- char *buf, *p, *q, *key, *realkey, *val;
+ char *buf, *p, *key, *realkey;
+ const char *val, *q;
int len;
len = 1; /* allow for NUL */
*p++ = '\\';
*p++ = *q;
}
- *p++ = '=';
- for (q = val; *q; q++) {
- if (*q == '=' || *q == ',' || *q == '\\')
- *p++ = '\\';
- *p++ = *q;
- }
+ if (include_values) {
+ *p++ = '=';
+ for (q = val; *q; q++) {
+ if (*q == '=' || *q == ',' || *q == '\\')
+ *p++ = '\\';
+ *p++ = *q;
+ }
+ }
if (realkey) {
free(key);
* to the end and duplicates are weeded.
* XXX: assumes vals in 'mapping' are small +ve integers
*/
-static void gprefs(void *sesskey, char *name, char *def,
+static void gprefs(void *sesskey, const char *name, const char *def,
const struct keyvalwhere *mapping, int nvals,
Conf *conf, int primary)
{
/*
* Write out a preference list.
*/
-static void wprefs(void *sesskey, char *name,
+static void wprefs(void *sesskey, const char *name,
const struct keyvalwhere *mapping, int nvals,
Conf *conf, int primary)
{
sfree(buf);
}
-char *save_settings(char *section, Conf *conf)
+char *save_settings(const char *section, Conf *conf)
{
void *sesskey;
char *errmsg;
void save_open_settings(void *sesskey, Conf *conf)
{
int i;
- char *p;
+ const char *p;
write_setting_i(sesskey, "Present", 1);
write_setting_s(sesskey, "HostName", conf_get_str(conf, CONF_host));
write_setting_i(sesskey, "TCPKeepalives", conf_get_int(conf, CONF_tcp_keepalives));
write_setting_s(sesskey, "TerminalType", conf_get_str(conf, CONF_termtype));
write_setting_s(sesskey, "TerminalSpeed", conf_get_str(conf, CONF_termspeed));
- wmap(sesskey, "TerminalModes", conf, CONF_ttymodes);
+ wmap(sesskey, "TerminalModes", conf, CONF_ttymodes, TRUE);
/* Address family selection */
write_setting_i(sesskey, "AddressFamily", conf_get_int(conf, CONF_addressfamily));
write_setting_s(sesskey, "ProxyUsername", conf_get_str(conf, CONF_proxy_username));
write_setting_s(sesskey, "ProxyPassword", conf_get_str(conf, CONF_proxy_password));
write_setting_s(sesskey, "ProxyTelnetCommand", conf_get_str(conf, CONF_proxy_telnet_command));
- wmap(sesskey, "Environment", conf, CONF_environmt);
+ write_setting_i(sesskey, "ProxyLogToTerm", conf_get_int(conf, CONF_proxy_log_to_term));
+ wmap(sesskey, "Environment", conf, CONF_environmt, TRUE);
write_setting_s(sesskey, "UserName", conf_get_str(conf, CONF_username));
write_setting_i(sesskey, "UserNameFromEnvironment", conf_get_int(conf, CONF_username_from_env));
write_setting_s(sesskey, "LocalUserName", conf_get_str(conf, CONF_localusername));
write_setting_i(sesskey, "ChangeUsername", conf_get_int(conf, CONF_change_username));
wprefs(sesskey, "Cipher", ciphernames, CIPHER_MAX, conf, CONF_ssh_cipherlist);
wprefs(sesskey, "KEX", kexnames, KEX_MAX, conf, CONF_ssh_kexlist);
+ wprefs(sesskey, "HostKey", hknames, HK_MAX, conf, CONF_ssh_hklist);
write_setting_i(sesskey, "RekeyTime", conf_get_int(conf, CONF_ssh_rekey_time));
write_setting_s(sesskey, "RekeyBytes", conf_get_str(conf, CONF_ssh_rekey_data));
write_setting_i(sesskey, "SshNoAuth", conf_get_int(conf, CONF_ssh_no_userauth));
write_setting_i(sesskey, "AltOnly", conf_get_int(conf, CONF_alt_only));
write_setting_i(sesskey, "ComposeKey", conf_get_int(conf, CONF_compose_key));
write_setting_i(sesskey, "CtrlAltKeys", conf_get_int(conf, CONF_ctrlaltkeys));
+#ifdef OSX_META_KEY_CONFIG
+ write_setting_i(sesskey, "OSXOptionMeta", conf_get_int(conf, CONF_osx_option_meta));
+ write_setting_i(sesskey, "OSXCommandMeta", conf_get_int(conf, CONF_osx_command_meta));
+#endif
write_setting_i(sesskey, "TelnetKey", conf_get_int(conf, CONF_telnet_keyboard));
write_setting_i(sesskey, "TelnetRet", conf_get_int(conf, CONF_telnet_newline));
write_setting_i(sesskey, "LocalEcho", conf_get_int(conf, CONF_localecho));
write_setting_filename(sesskey, "X11AuthFile", conf_get_filename(conf, CONF_xauthfile));
write_setting_i(sesskey, "LocalPortAcceptAll", conf_get_int(conf, CONF_lport_acceptall));
write_setting_i(sesskey, "RemotePortAcceptAll", conf_get_int(conf, CONF_rport_acceptall));
- wmap(sesskey, "PortForwardings", conf, CONF_portfwd);
+ wmap(sesskey, "PortForwardings", conf, CONF_portfwd, TRUE);
write_setting_i(sesskey, "BugIgnore1", 2-conf_get_int(conf, CONF_sshbug_ignore1));
write_setting_i(sesskey, "BugPlainPW1", 2-conf_get_int(conf, CONF_sshbug_plainpw1));
write_setting_i(sesskey, "BugRSA1", 2-conf_get_int(conf, CONF_sshbug_rsa1));
write_setting_i(sesskey, "BugPKSessID2", 2-conf_get_int(conf, CONF_sshbug_pksessid2));
write_setting_i(sesskey, "BugRekey2", 2-conf_get_int(conf, CONF_sshbug_rekey2));
write_setting_i(sesskey, "BugMaxPkt2", 2-conf_get_int(conf, CONF_sshbug_maxpkt2));
+ write_setting_i(sesskey, "BugOldGex2", 2-conf_get_int(conf, CONF_sshbug_oldgex2));
write_setting_i(sesskey, "BugWinadj", 2-conf_get_int(conf, CONF_sshbug_winadj));
write_setting_i(sesskey, "BugChanReq", 2-conf_get_int(conf, CONF_sshbug_chanreq));
write_setting_i(sesskey, "StampUtmp", conf_get_int(conf, CONF_stamp_utmp));
write_setting_i(sesskey, "ConnectionSharing", conf_get_int(conf, CONF_ssh_connection_sharing));
write_setting_i(sesskey, "ConnectionSharingUpstream", conf_get_int(conf, CONF_ssh_connection_sharing_upstream));
write_setting_i(sesskey, "ConnectionSharingDownstream", conf_get_int(conf, CONF_ssh_connection_sharing_downstream));
+ wmap(sesskey, "SSHManualHostKeys", conf, CONF_ssh_manual_hostkeys, FALSE);
}
-void load_settings(char *section, Conf *conf)
+void load_settings(const char *section, Conf *conf)
{
void *sesskey;
gpps(sesskey, "ProxyPassword", "", conf, CONF_proxy_password);
gpps(sesskey, "ProxyTelnetCommand", "connect %host %port\\n",
conf, CONF_proxy_telnet_command);
+ gppi(sesskey, "ProxyLogToTerm", FORCE_OFF, conf, CONF_proxy_log_to_term);
gppmap(sesskey, "Environment", conf, CONF_environmt);
gpps(sesskey, "UserName", "", conf, CONF_username);
gppi(sesskey, "UserNameFromEnvironment", 0, conf, CONF_username_from_env);
* disable gex under the "bugs" panel after one report of
* a server which offered it then choked, but we never got
* a server version string or any other reports. */
- char *default_kexes;
+ const char *default_kexes;
i = 2 - gppi_raw(sesskey, "BugDHGEx2", 0);
if (i == FORCE_ON)
- default_kexes = "dh-group14-sha1,dh-group1-sha1,rsa,WARN,dh-gex-sha1";
+ default_kexes = "ecdh,dh-group14-sha1,dh-group1-sha1,rsa,"
+ "WARN,dh-gex-sha1";
else
- default_kexes = "dh-gex-sha1,dh-group14-sha1,dh-group1-sha1,rsa,WARN";
+ default_kexes = "ecdh,dh-gex-sha1,dh-group14-sha1,"
+ "dh-group1-sha1,rsa,WARN";
gprefs(sesskey, "KEX", default_kexes,
kexnames, KEX_MAX, conf, CONF_ssh_kexlist);
}
+ gprefs(sesskey, "HostKey", "ed25519,ecdsa,rsa,dsa,WARN",
+ hknames, HK_MAX, conf, CONF_ssh_hklist);
gppi(sesskey, "RekeyTime", 60, conf, CONF_ssh_rekey_time);
gpps(sesskey, "RekeyBytes", "1G", conf, CONF_ssh_rekey_data);
- gppi(sesskey, "SshProt", 2, conf, CONF_sshprot);
+ /* SSH-2 only by default */
+ gppi(sesskey, "SshProt", 3, conf, CONF_sshprot);
gpps(sesskey, "LogHost", "", conf, CONF_loghost);
gppi(sesskey, "SSH2DES", 0, conf, CONF_ssh2_des_cbc);
gppi(sesskey, "SshNoAuth", 0, conf, CONF_ssh_no_userauth);
gppi(sesskey, "AltOnly", 0, conf, CONF_alt_only);
gppi(sesskey, "ComposeKey", 0, conf, CONF_compose_key);
gppi(sesskey, "CtrlAltKeys", 1, conf, CONF_ctrlaltkeys);
+#ifdef OSX_META_KEY_CONFIG
+ gppi(sesskey, "OSXOptionMeta", 1, conf, CONF_osx_option_meta);
+ gppi(sesskey, "OSXCommandMeta", 0, conf, CONF_osx_command_meta);
+#endif
gppi(sesskey, "TelnetKey", 0, conf, CONF_telnet_keyboard);
gppi(sesskey, "TelnetRet", 1, conf, CONF_telnet_newline);
gppi(sesskey, "LocalEcho", AUTO, conf, CONF_localecho);
i = gppi_raw(sesskey, "BugPKSessID2", 0); conf_set_int(conf, CONF_sshbug_pksessid2, 2-i);
i = gppi_raw(sesskey, "BugRekey2", 0); conf_set_int(conf, CONF_sshbug_rekey2, 2-i);
i = gppi_raw(sesskey, "BugMaxPkt2", 0); conf_set_int(conf, CONF_sshbug_maxpkt2, 2-i);
+ i = gppi_raw(sesskey, "BugOldGex2", 0); conf_set_int(conf, CONF_sshbug_oldgex2, 2-i);
i = gppi_raw(sesskey, "BugWinadj", 0); conf_set_int(conf, CONF_sshbug_winadj, 2-i);
i = gppi_raw(sesskey, "BugChanReq", 0); conf_set_int(conf, CONF_sshbug_chanreq, 2-i);
conf_set_int(conf, CONF_ssh_simple, FALSE);
gppi(sesskey, "ConnectionSharing", 0, conf, CONF_ssh_connection_sharing);
gppi(sesskey, "ConnectionSharingUpstream", 1, conf, CONF_ssh_connection_sharing_upstream);
gppi(sesskey, "ConnectionSharingDownstream", 1, conf, CONF_ssh_connection_sharing_downstream);
+ gppmap(sesskey, "SSHManualHostKeys", conf, CONF_ssh_manual_hostkeys);
}
-void do_defaults(char *session, Conf *conf)
+void do_defaults(const char *session, Conf *conf)
{
load_settings(session, conf);
}
p++;
}
- list->sessions = snewn(list->nsessions + 1, char *);
+ list->sessions = snewn(list->nsessions + 1, const char *);
list->sessions[0] = "Default Settings";
p = list->buffer;
i = 1;
p++;
}
- qsort(list->sessions, i, sizeof(char *), sessioncmp);
+ qsort(list->sessions, i, sizeof(const char *), sessioncmp);
} else {
sfree(list->buffer);
sfree(list->sessions);