X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=windows%2Fwinplink.c;h=99e269fdc106687e7edff5c51fb778ee22d545b7;hb=1de7240eb88fa24a8532ded116b4ec72dd213008;hp=37453bb734ae87abeed26f7f7359db6759d1d41f;hpb=acf38797ebbcc9c86974f4ada47160ab7d5e5c12;p=PuTTY.git diff --git a/windows/winplink.c b/windows/winplink.c index 37453bb7..99e269fd 100644 --- a/windows/winplink.c +++ b/windows/winplink.c @@ -11,6 +11,7 @@ #include "putty.h" #include "storage.h" #include "tree234.h" +#include "winsecur.h" #define WM_AGENT_CALLBACK (WM_APP + 4) @@ -21,7 +22,7 @@ struct agent_callback { int len; }; -void fatalbox(char *p, ...) +void fatalbox(const char *p, ...) { va_list ap; fprintf(stderr, "FATAL ERROR: "); @@ -35,7 +36,7 @@ void fatalbox(char *p, ...) } cleanup_exit(1); } -void modalfatalbox(char *p, ...) +void modalfatalbox(const char *p, ...) { va_list ap; fprintf(stderr, "FATAL ERROR: "); @@ -49,7 +50,7 @@ void modalfatalbox(char *p, ...) } cleanup_exit(1); } -void nonfatal(char *p, ...) +void nonfatal(const char *p, ...) { va_list ap; fprintf(stderr, "ERROR: "); @@ -57,12 +58,8 @@ void nonfatal(char *p, ...) vfprintf(stderr, p, ap); va_end(ap); fputc('\n', stderr); - if (logctx) { - log_free(logctx); - logctx = NULL; - } } -void connection_fatal(void *frontend, char *p, ...) +void connection_fatal(void *frontend, const char *p, ...) { va_list ap; fprintf(stderr, "FATAL ERROR: "); @@ -76,7 +73,7 @@ void connection_fatal(void *frontend, char *p, ...) } cleanup_exit(1); } -void cmdline_error(char *p, ...) +void cmdline_error(const char *p, ...) { va_list ap; fprintf(stderr, "plink: "); @@ -102,7 +99,7 @@ int term_ldisc(Terminal *term, int mode) { return FALSE; } -void ldisc_update(void *frontend, int echo, int edit) +void frontend_echoedit_update(void *frontend, int echo, int edit) { /* Update stdin read mode to reflect changes in line discipline. */ DWORD mode; @@ -149,7 +146,7 @@ int from_backend_eof(void *frontend_handle) return FALSE; /* do not respond to incoming EOF with outgoing */ } -int get_userpass_input(prompts_t *p, unsigned char *in, int inlen) +int get_userpass_input(prompts_t *p, const unsigned char *in, int inlen) { int ret; ret = cmdline_get_passwd_input(p, in, inlen); @@ -176,7 +173,7 @@ void agent_schedule_callback(void (*callback)(void *, void *, int), */ static void usage(void) { - printf("PuTTY Link: command-line connection utility\n"); + printf("Plink: command-line connection utility\n"); printf("%s\n", ver); printf("Usage: plink [options] [user@]host [command]\n"); printf(" (\"host\" can also be a PuTTY saved session name)\n"); @@ -190,6 +187,8 @@ static void usage(void) printf(" -P port connect to specified port\n"); printf(" -l user connect with specified username\n"); printf(" -batch disable all interactive prompts\n"); + printf(" -sercfg configuration-string (e.g. 19200,8,n,1,X)\n"); + printf(" Specify the serial configuration (serial only)\n"); printf("The following options only apply to SSH connections:\n"); printf(" -pw passw login with specified password\n"); printf(" -D [listen-IP:]listen-port\n"); @@ -204,16 +203,21 @@ static void usage(void) printf(" -1 -2 force use of particular protocol version\n"); printf(" -4 -6 force use of IPv4 or IPv6\n"); printf(" -C enable compression\n"); - printf(" -i key private key file for authentication\n"); + printf(" -i key private key file for user authentication\n"); printf(" -noagent disable use of Pageant\n"); printf(" -agent enable use of Pageant\n"); + printf(" -hostkey aa:bb:cc:...\n"); + printf(" manually specify a host key (may be repeated)\n"); printf(" -m file read remote command(s) from file\n"); printf(" -s remote command is an SSH subsystem (SSH-2 only)\n"); printf(" -N don't start a shell/command (SSH-2 only)\n"); printf(" -nc host:port\n"); printf(" open tunnel in place of session (SSH-2 only)\n"); - printf(" -sercfg configuration-string (e.g. 19200,8,n,1,X)\n"); - printf(" Specify the serial configuration (serial only)\n"); + printf(" -sshlog file\n"); + printf(" -sshrawlog file\n"); + printf(" log protocol details to a file\n"); + printf(" -shareexists\n"); + printf(" test whether a connection-sharing upstream exists\n"); exit(1); } @@ -292,6 +296,9 @@ void stdouterr_sent(struct handle *h, int new_backlog) } } +const int share_can_be_downstream = TRUE; +const int share_can_be_upstream = TRUE; + int main(int argc, char **argv) { int sending; @@ -302,6 +309,7 @@ int main(int argc, char **argv) int errors; int got_host = FALSE; int use_subsystem = 0; + int just_test_share_exists = FALSE; unsigned long now, next, then; sklist = NULL; @@ -363,6 +371,8 @@ int main(int argc, char **argv) } else if (!strcmp(p, "-pgpfp")) { pgp_fingerprints(); exit(1); + } else if (!strcmp(p, "-shareexists")) { + just_test_share_exists = TRUE; } else { fprintf(stderr, "plink: unknown option \"%s\"\n", p); errors = 1; @@ -383,8 +393,7 @@ int main(int argc, char **argv) q += 2; conf_set_int(conf, CONF_protocol, PROT_TELNET); p = q; - while (*p && *p != ':' && *p != '/') - p++; + p += host_strcspn(p, ":/"); c = *p; if (*p) *p++ = '\0'; @@ -489,6 +498,22 @@ int main(int argc, char **argv) } } +#if !defined UNPROTECT && !defined NO_SECURITY + /* + * Protect our process. + */ + { + char *error = NULL; + if (!setprocessacl(error)) { + char *message = dupprintf("Could not restrict process ACL: %s", + error); + logevent(NULL, message); + sfree(message); + sfree(error); + } + } +#endif + if (errors) return 1; @@ -522,10 +547,21 @@ int main(int argc, char **argv) } } - /* - * Trim off a colon suffix if it's there. - */ - host[strcspn(host, ":")] = '\0'; + /* + * Trim a colon suffix off the hostname if it's there. In + * order to protect unbracketed IPv6 address literals + * against this treatment, we do not do this if there's + * _more_ than one colon. + */ + { + char *c = host_strchr(host, ':'); + + if (c) { + char *d = host_strchr(c+1, ':'); + if (!d) + *c = '\0'; + } + } /* * Remove any remaining whitespace. @@ -582,9 +618,33 @@ int main(int argc, char **argv) return 1; } + /* + * Plink doesn't provide any way to add forwardings after the + * connection is set up, so if there are none now, we can safely set + * the "simple" flag. + */ + if (conf_get_int(conf, CONF_protocol) == PROT_SSH && + !conf_get_int(conf, CONF_x11_forward) && + !conf_get_int(conf, CONF_agentfwd) && + !conf_get_str_nthstrkey(conf, CONF_portfwd, 0)) + conf_set_int(conf, CONF_ssh_simple, TRUE); + logctx = log_init(NULL, conf); console_provide_logctx(logctx); + if (just_test_share_exists) { + if (!back->test_for_upstream) { + fprintf(stderr, "Connection sharing not supported for connection " + "type '%s'\n", back->name); + return 1; + } + if (back->test_for_upstream(conf_get_str(conf, CONF_host), + conf_get_int(conf, CONF_port), conf)) + return 0; + else + return 1; + } + /* * Start up the connection. */ @@ -648,7 +708,10 @@ int main(int argc, char **argv) sending = TRUE; } - if (run_timers(now, &next)) { + if (toplevel_callback_pending()) { + ticks = 0; + next = now; + } else if (run_timers(now, &next)) { then = now; now = GETTICKCOUNT(); if (now - then > next - then) @@ -657,6 +720,8 @@ int main(int argc, char **argv) ticks = next - now; } else { ticks = INFINITE; + /* no need to initialise next here because we can never + * get WAIT_TIMEOUT */ } handles = handle_get_events(&nhandles); @@ -738,6 +803,8 @@ int main(int argc, char **argv) } } + run_toplevel_callbacks(); + if (n == WAIT_TIMEOUT) { now = next; } else {