Ben Harris [Mon, 17 Jan 2005 16:38:55 +0000 (16:38 +0000)]
Currentish ssh.com supports single-DES in SSH2 as "des-cbc@ssh.com". It
seems to be entirely the same as "des-cbc", so supporting it is trivial
and we may as well do so. If nothing else, it makes it clear whose fault
it is.
Ben Harris [Sun, 16 Jan 2005 14:43:12 +0000 (14:43 +0000)]
Be a little less enthusiastic about sending SSH_MSG_CHANNEL_WINDOW_ADJUST:
only send it when it will significantly increase the server's idea of our
window. This avoids the slew of one-byte WINDOW_ADJUSTs that an interactive
shell typically generates.
Ben Harris [Sat, 15 Jan 2005 20:39:27 +0000 (20:39 +0000)]
Turn of ICRNL in the client tty when we're not in editing mode. This
means that we send literal CRs and let the remote pty layer work out what to
do with them, so that if it wants raw mode it can have it.
Ben Harris [Fri, 14 Jan 2005 12:26:38 +0000 (12:26 +0000)]
Don't use GNUish pattern rules in the Unix Makefile, since they're not
supported by non-GNU makes. This allows the standard Solaris /usr/ccs/bin/make
to handle that Makefile.
Simon Tatham [Tue, 11 Jan 2005 19:33:41 +0000 (19:33 +0000)]
Fix `disconnect': arrange that we keep track of when we're expecting
to see the server slam the TCP connection shut (i.e. almost never,
unless it's just sent us an SSH_MSG_DISCONNECT), and treat an
unexpected closure as a non-clean session termination. Previously
any server-initiated connection closure was being treated as a clean
exit, which was a hangover from the good old Telnet-only days.
Ben Harris [Tue, 11 Jan 2005 16:33:08 +0000 (16:33 +0000)]
Versions of OpenSSH before 2.5.4 kill the connection if the client attempts
to rekey. Extend the description of SSH2_BUG_REKEY to cover this situation
and apply it to the relevant OpenSSH versions.
Simon Tatham [Tue, 11 Jan 2005 10:45:43 +0000 (10:45 +0000)]
The Unix `make install' target now allows you to define UTMP_GROUP,
in which case pterm will be installed setgid that, or to define
UTMP_USER in which case it will be installed setuid that. If you
define neither, it will be installed without any set-id bits as
before.
Simon Tatham [Tue, 11 Jan 2005 10:37:55 +0000 (10:37 +0000)]
Servers announcing themselves as `Sun_SSH_1.0' apparently cannot
deal with rekeys at all: they totally ignore mid-session KEXINIT
sent by the client. Hence, a new bug entry so we don't try it.
Simon Tatham [Sun, 9 Jan 2005 14:55:55 +0000 (14:55 +0000)]
sk_namelookup() on Unix was failing to translate from our platform-
independent ADDRTYPE_* constants to real AF_* ones, causing explicit
protocol specification to fail.
Owen Dunn [Sun, 9 Jan 2005 14:27:48 +0000 (14:27 +0000)]
New function ltime() returns a struct tm of the current local time.
Fixes crashes when time() returns (time_t)-1 on Windows by using the
Win32 GetLocalTime() function. (The Unix implementation still just
uses time() and localtime().)
Simon Tatham [Sun, 9 Jan 2005 11:44:21 +0000 (11:44 +0000)]
I've changed my mind about what the IP version selection options in
the config should do when IPv6 is configured out. They shouldn't sit
there looking silly with only `Auto' and `IPv4' settings: they
should instead be completely absent. I had thought the former was
acceptable since IPv4-only was a configuration that people should
only be using if their compilers didn't support IPv6, but now it
occurs to me that ports to fundamentally non-IPv6-supporting
platforms are not implausible, and on such ports the presence of a
vestigial config option under the _standard_ build conditions would
be a low-quality solution.
Simon Tatham [Sat, 8 Jan 2005 14:45:26 +0000 (14:45 +0000)]
For local and dynamic port forwardings (i.e. the ones which listen
on a local port), the `Auto' protocol option on the Tunnels panel
should always produce a port you can connect to in _either_ of IPv4
and v6, because the aim is for the user not to have to know or care
which one they're using. This was not the case on Windows, and now
is. Also, updated the docs to give more detail on issues like this.
Simon Tatham [Sat, 8 Jan 2005 14:02:06 +0000 (14:02 +0000)]
Cleanups to sk_namelookup(). In particular, it now doesn't segfault
if you explicitly specify IPv6 and then try to look up a hostname
which doesn't have an IPv6 address.
Simon Tatham [Sat, 8 Jan 2005 13:28:41 +0000 (13:28 +0000)]
Clear the kex-specific context in ssh->pkt_ctx for every new key
exchange. Without doing this, after we have done one specific-group
DH exchange (group1 or group14), ssh2_pkt_type _always_ translates
30 and 31 as KEXDH_INIT and KEXDH_REPLY, making a subsequent
group-exchange kex look rather strange in an SSH packet log.
Simon Tatham [Sat, 8 Jan 2005 13:08:32 +0000 (13:08 +0000)]
Jacob points out that changing TICKSPERSEC in unix.h changed the
meaning of BellOverload{T,S} in Unix saved sessions. Add a Unix-
specific backwards compatibility wart to settings.c to compensate.
Of course when I do the serious config format revamp, I will ensure
that no config item depends on internal #defines (these time
intervals will be specified as a floating-point number of seconds)
and this horror will be relegated to the old-config-compatibility
code.
Jacob Nevins [Fri, 7 Jan 2005 16:55:45 +0000 (16:55 +0000)]
Simon points out that r5068 broke keyboard-interactive with multiple
INFO_REQUESTs, and for some reason Debian OpenSSH is sending INFO_REQUESTs
containing no prompts after a normal password authentication, so this
should fix Shai's problem.
Simon Tatham [Fri, 7 Jan 2005 14:22:17 +0000 (14:22 +0000)]
Proxy command formatting now recognises `%proxyhost' and
`%proxyport' in addition to the other things it interpolates. This
is useful when using the Unix-only `Local' proxy type: it allows me
to, for example, set up a proxy command such as
ssh %proxyhost nc -q0 %host %port
and then enter the name of the proxy machine in `Proxy hostname',
which makes it marginally more convenient to quickly change to using
a different proxy to get at the same target.
I haven't documented this, because we currently don't document the
Local proxy type at all. Possibly we should, though.
Simon Tatham [Fri, 7 Jan 2005 09:24:24 +0000 (09:24 +0000)]
Use sk_set_frozen() to ensure that no data will be accepted from an
SSH connection when we're in the middle of asking the user a
dialog-box-type question. Fixes `unix-kex-packet', which has just
bitten me when connecting to one of the work Suns.
Jacob Nevins [Thu, 6 Jan 2005 13:23:47 +0000 (13:23 +0000)]
`kbdint-failure': we now offer keyboard-interactive auth to the user for as
long as the server offers it, rather than only once, unless the server responds
to our initial USERAUTH_REQUEST("keyboard-interactive") with FAILURE, in which
case we give up on it entirely.
Simon Tatham [Tue, 4 Jan 2005 17:39:35 +0000 (17:39 +0000)]
Don't forget to initialise ret->ai to NULL in sk_nonamelookup. Was
causing segfaults in IPv6-enabled Unix PuTTY connecting through a
proxy when letting the proxy do the DNS.
Simon Tatham [Sat, 1 Jan 2005 12:34:32 +0000 (12:34 +0000)]
"Nirwana Nirwana" points out that mget, mput and ls are not the only
PSFTP commands that can make good use of wildcards! Now implemented
wildcard support in rmdir, rm, mv and chmod.
Simon Tatham [Fri, 31 Dec 2004 13:02:46 +0000 (13:02 +0000)]
Rename some of the more stupidly named files in the Unix back end.
Notably pterm.c, which was a sensible name right at the start but
became a misnomer as soon as I created Unix PuTTY.
Simon Tatham [Fri, 31 Dec 2004 11:46:28 +0000 (11:46 +0000)]
In r5043 Jacob removed the `Load' and `Delete' buttons in the saved-
sessions panel in the reconfig box. I think, given that, the title
of that box also wants work :-)
Simon Tatham [Fri, 31 Dec 2004 10:51:14 +0000 (10:51 +0000)]
Allow reconfiguration of compression and cipher settings in
mid-session in SSH2: this forces an immediate rekey to activate the
new settings. I'm not sure exactly what this will be useful for
(except possibly it might make comparative performance testing
easier?), but it has wonderful James Bond value for being able to
switch to a more secure cipher before doing anything sensitive :-)
If, that is, you weren't using the most secure one to begin with...
Simon Tatham [Thu, 30 Dec 2004 17:53:26 +0000 (17:53 +0000)]
Reinstate the textual service name in port forwarding Event Log
messages where specified. (I had removed this in the previous
revision through forgetfulness.)
Simon Tatham [Thu, 30 Dec 2004 17:48:35 +0000 (17:48 +0000)]
Jacob points out that when we reconfigure port forwarding, we ought
to be destroying old ones _before_ creating new ones, so that we can
reuse a port for a new purpose without colliding with ourselves.
Also fixed port forwarding, which my IPv6 checkin had completely
funted :-)
Ben Harris [Thu, 30 Dec 2004 17:29:54 +0000 (17:29 +0000)]
If we're going to define _XOPEN_SOURCE, we should at least define it to a
version that includes putenv(). Make it 600 (the current one) for good
measure.
Simon Tatham [Thu, 30 Dec 2004 16:45:11 +0000 (16:45 +0000)]
Integrate unfix.org's IPv6 patches up to level 10, with rather a lot
of polishing to bring them to what I think should in principle be
release quality. Unlike the unfix.org patches themselves, this
checkin enables IPv6 by default; if you want to leave it out, you
have to build with COMPAT=-DNO_IPV6.
I have tested that this compiles on Visual C 7 (so the nightlies
_should_ acquire IPv6 support without missing a beat), but since I
don't have IPv6 set up myself I haven't actually tested that it
_works_. It still seems to make correct IPv4 connections, but that's
all I've been able to verify for myself. Further testing is needed.
Simon Tatham [Thu, 30 Dec 2004 13:51:37 +0000 (13:51 +0000)]
I've decided that trying to do wildcards in PSFTP as a special case
of directory recursion was a strategic error: it obfuscates
sftp_{get,put}_file(), and also it makes it very hard to handle
subdirectory wildcards such as `foo/*'. Accordingly, here's a
completely different approach, in which sftp_{get,put}_file() are
still responsible for directory recursion, but wildcards are
expanded in sftp_general_{get,put}() before being passed thereto.
Subdirectory wildcards are now handled consistently across Unix,
Windows and the remote server.
Jacob Nevins [Thu, 30 Dec 2004 10:58:28 +0000 (10:58 +0000)]
Remove "Load" button in mid-session configuration dialog, as it allows the user
to manipulate settings they can't see so could lead to confusion. (Also remove
"Delete" button for some sort of UI consistency even though it's harmless.)
Also conditionalise other aspects of sessionsaver_handler() that don't make
sense mid-session.
Simon Tatham [Wed, 29 Dec 2004 13:44:20 +0000 (13:44 +0000)]
Add some discussion of rekeys-as-keepalives, and their potential
adverse effect on the life expectancy of a low-use connection over a
low-reliability network.
Simon Tatham [Wed, 29 Dec 2004 12:32:25 +0000 (12:32 +0000)]
Loose end from r5031: the Kex panel should only be displayed in
mid-session if we are not using SSHv1. I've done this by introducing
a generic `cfg_info' function which every back end can use to
communicate an int's worth of data to setup_config_box; in SSH
that's the protocol version in use, and in everything else it's
currently zero.
Simon Tatham [Tue, 28 Dec 2004 17:12:20 +0000 (17:12 +0000)]
The latest unfix.org IPv6 patch contains these apparently
IPv6-unrelated changes, which convert ints into unsigned in a few
key places in ssh.c. Looks harmless at worst, possibly terribly
useful, so I think we'll have these no matter what the real IPv6
stuff is up to!
Simon Tatham [Tue, 28 Dec 2004 16:46:30 +0000 (16:46 +0000)]
Ability to save in mid-session! Simplest possible resolution to all
the difficult questions about when it's sensible to offer the option
of saving to the slot we loaded from: _we never do_. The user must
always explicitly specify a slot to save to.
Simon Tatham [Tue, 28 Dec 2004 14:10:32 +0000 (14:10 +0000)]
Support reconfiguration of key exchange in mid-session. The fiddly
bit is working out when to reschedule the next rekey for when the
timeout or data limit changes; sometimes it will be _right now_
because we're already over the new limit.
Still to do: the Kex panel should not appear in mid-session if we
are using SSHv1.
Simon Tatham [Tue, 28 Dec 2004 14:07:05 +0000 (14:07 +0000)]
SSH port forwarding is now configurable in mid-session. After doing
Change Settings, the port forwarding setup function is run again,
and tags all existing port forwardings as `do not keep'. Then it
iterates through the config in the normal way; when it encounters a
port forwarding which is already in the tree, it tags it `keep'
rather than setting it up from scratch. Finally, it goes through the
tree and removes any that haven't been labelled `keep'. Hence,
editing the list of forwardings in Change Settings has the effect of
cancelling any forwardings you remove, and adding any new ones.
The SSH panel now appears in the reconfig box, and is empty apart
from a message explaining that it has to be there for subpanels of
it to exist. Better wording for this message would be welcome.
Simon Tatham [Tue, 28 Dec 2004 14:04:58 +0000 (14:04 +0000)]
Abstracted out the rather large port-forwarding setup code into a
routine which is common between SSH1 and SSH2. Since this routine is
not part of the coroutine system, this means it can't sit and wait
to get its various success/failure responses back. Hence, I've
introduced a system of queued packet handlers, each of which waits
for exactly one of a pair of messages (SSH1_SMSG_{SUCCESS,FAILURE}
or SSH2_MSG_REQUEST_{SUCCESS,FAILURE}), handles it when it arrives,
and automatically de-registers itself. Hence the port-forwarding
setup code can be called once, and then subsequent packets related
to it will automatically be handled as they arrive.
The real purpose of all this is that the infrastructure is now there
for me to arrange mid-session configurability of port forwarding.
However, a side benefit is that fewer round trips are involved in
session startup. I'd quite like to move more of the connection setup
(X forwarding, agent forwarding, pty allocation etc) to using the
new queued handler mechanism for this reason.
Jacob Nevins [Thu, 23 Dec 2004 02:24:07 +0000 (02:24 +0000)]
Add a preference list for SSH-2 key exchange algorithms, on a new "Kex" panel
(which will gain more content anon).
Retire BUG_SSH2_DH_GEX and add a backwards-compatibility wart, since we never
did find a way of automatically detecting this alleged server bug, and in any
case there was only ever one report (<3D91F3B5.7030309@inwind.it>, FWIW).
Also generalise askcipher() to a new askalg() (thus touching all the
front-ends).
I've made some attempt to document what SSH key exchange is and why you care,
but it could use some review for clarity (and outright lies).
Simon Tatham [Wed, 22 Dec 2004 10:21:50 +0000 (10:21 +0000)]
In my revamp of cursor handling I had assumed that you were supposed
to call _either_ do_text() _or_ do_cursor() on a given character
cell. In fact you're supposed to call do_text() no matter what, and
then call do_cursor() as well if it's got the cursor on it, since
do_cursor() _only_ draws the actual cursor, which often doesn't also
cause the text to get drawn.
I'm half tempted to change this in the interface, retire do_cursor()
as an external function and relegate it to an internal function in
each front end, and require that do_text() must fully process all
cursor attributes it is passed. However, I haven't done this yet.
Simon Tatham [Mon, 20 Dec 2004 09:27:44 +0000 (09:27 +0000)]
The end condition in the binary search loop in the new getType() was
incorrect. I must have written that binary search idiom a hundred
times, so it's rather embarrassing that I can't _automatically_ get
it right! This was causing all kinds of characters to be classified
as ON when they should have been various other classes.
Also while I'm here, I've added another test case to utf8.txt (a
small piece of Arabic within a predominantly L->R line), and also
supplied a means to compile minibidi.c with -DTEST_GETTYPE to
produce a command-line character class lookup tool. (Not sure what
use that'll be _other_ than debugging this precise problem, but I
don't like to throw it away now I've written it :-)
Simon Tatham [Sat, 18 Dec 2004 10:00:27 +0000 (10:00 +0000)]
zip apparently gives a warning (`-l used on binary file') when you
use -l on a UTF-8 text file. Move potentially UTF-8 things (the new
testdata files) into a new category of source files, and suppress
zip's warning for that category.
Simon Tatham [Fri, 17 Dec 2004 14:25:53 +0000 (14:25 +0000)]
Jacob has pointed out why SIGCHLD was blocked, so I've updated the
comment when I unblock it in pty.c to reflect reality. Also I've
moved block_signal() out of pterm.c into signal.c, so I can
conveniently use it for unblocking SIGCHLD rather than having to
reinvent it in pty.c.
Simon Tatham [Fri, 17 Dec 2004 13:39:41 +0000 (13:39 +0000)]
The xfer mechanism wasn't gracefully terminating when an error was
encountered part way through transfer. In particular, this caused
psftp to hang (waiting for FXP_READ replies which had already
arrived) if you try `get' (without -r) on a remote directory.
Jacob Nevins [Fri, 17 Dec 2004 13:00:01 +0000 (13:00 +0000)]
Document recent SFTP changes:
- document behaviour of "-r" with mget/mput/reget/reput
- document "close" command
- document SFTP wildcard syntax for those who may not be familiar with Unix
wildcards
Simon Tatham [Fri, 17 Dec 2004 12:55:12 +0000 (12:55 +0000)]
I _think_ I've just fixed `font-overflow'. term->disptext now tracks
the start of every contiguous run passed to do_text() or
do_cursor(), and arranges never to overwrite only part of such a run
on the next update.
I'm a bit worried about this checkin because I've also completely
revamped cursor handling: the cursor was previously being drawn
_outside_ the main loop over the display line, and is now drawn as
part of that loop when it gets to the cursor location. It _seems_ to
still work sensibly, even in complex cases involving LATTR_WIDE and
double-width CJK characters etc, but I won't be entirely happy until
it's had some beta use.