Jacob Nevins [Tue, 4 Oct 2005 14:13:28 +0000 (14:13 +0000)]
`win-versioninfo': all builds of all Windows binaries now contain
a VERSIONINFO resource. The versioning scheme is described in
windows/version.rc2.
Some .rc files are now #included in others. In order to keep MSVC
project files working, these have been renamed to .rc2; there may exist
a better solution.
(This checkin also includes the documentation tweak missing from r6367.)
Testing performed:
- MinGW (cross-compiler): works
- VC nmake: works (tested with VC6)
- VC project files: builds with VERSIONINFO resource (no VER variable though)
- Borland: an old version of this patch was tested with it and more or
less worked, except that some of the VERSIONINFO strings were apparently
not terminated properly. Not attempted to work around this.
- LCC: not tested. Some fixes are in there from the last time we tried
this, but then the build ultimately failed and I haven't tried this
since that was fixed.
- Dev-C++: untested. (Haven't done anything special.)
- Unix Gtk/autoconf Makefiles work as before.
Simon Tatham [Mon, 3 Oct 2005 11:38:30 +0000 (11:38 +0000)]
UTF-8 processing was discarding a valid character which interrupted
an otherwise legal sequence, if that valid character was the last
thing in a term_out() run. Spotted by Egmont Koblinger.
Jacob Nevins [Sat, 1 Oct 2005 12:36:46 +0000 (12:36 +0000)]
Split out SVN_REV from SNAPSHOT define. This is to support `win-versioninfo',
but since Simon's made the corresponding change to the build process, this bit
needs checking in now (it should be harmless).
(The documentation in Recipe is slightly out of date; with luck I'll be
checking in `win-versioninfo' changes soon, and I can't be bothered to
disentangle the relevant changes in the meantime.)
Jacob Nevins [Sat, 24 Sep 2005 18:33:06 +0000 (18:33 +0000)]
A first stab at guidance for those lost souls who email us asking for
login names and/or passwords. Feel free to hack.
(NB, renumbers a section of the FAQ.)
Owen Dunn [Wed, 21 Sep 2005 14:53:32 +0000 (14:53 +0000)]
Platform-independent support for zooming around session list by typing
in the session name box. Thwarted on Unix by GTK not automatically
scrolling the listbox to the selected item, but we can fix that in
the platform-specific side later.
Ben Harris [Wed, 14 Sep 2005 10:53:39 +0000 (10:53 +0000)]
Some systems (HP-UX) don't yet have <sys/select.h>, putting select() in
<sys/time.h>. Cope with this. Where <sys/select.h> _is_ available, though,
use it (since it's where POSIX puts select()). Problem reported by Mike
Protts.
Ben Harris [Tue, 13 Sep 2005 20:17:10 +0000 (20:17 +0000)]
When asked to malloc zero bytes, malloc one byte instead. This ensures
that we get a unique pointer rather than NULL (which ANSI C otherwise permits).
Problem pointed out by Mike Protts.
Ben Harris [Tue, 13 Sep 2005 20:08:25 +0000 (20:08 +0000)]
The ANSI-C constant FILENAME_MAX is ludicrously small on some systems.
Use the POSIX PATH_MAX if it exists, and fall back to 1024 otherwise.
We should really allocate filenames dynamically if PATH_MAX isn't defined.
Ben Harris [Mon, 12 Sep 2005 15:45:29 +0000 (15:45 +0000)]
When the first element in a preference list was unrecognised, PuTTY would
hang when reading it because strtok() kept getting the full list passed in.
Fix this, and add an assert() for an assumption documented in a comment while
I'm in the area.
Ben Harris [Sat, 10 Sep 2005 16:19:53 +0000 (16:19 +0000)]
Implement hmac-sha1-96. It's RECOMMENDED in the current transport draft,
and we don't have any strong reason not to implement it, for all that it's
rather pointless.
Ben Harris [Sun, 4 Sep 2005 14:53:39 +0000 (14:53 +0000)]
Add support for diffie-hellman-group-exchange-sha256. Tested against a
patched OpenSSH server. This is controlled by the same user settings
as diffie-hellman-group-exchange-sha1, which may not be optimal, especially
given that they're both referred to as dh-gex-sha1 in saved sessions.
Ben Harris [Sat, 3 Sep 2005 13:41:43 +0000 (13:41 +0000)]
Restructure things so that a single entry in the KEX preference list can
correspond to multiple SSH-2 KEX algorithms. We already do the equivalent
for cipher algorithms.
Ben Harris [Wed, 31 Aug 2005 21:48:22 +0000 (21:48 +0000)]
SHA-256 implementation, for use in future KEX algorithms, in particular
diffie-hellman-group-exchange-sha256, which the last DHGEX draft defined.
Code lifted from Simon's "crypto" directory, with changes to make it look
more like sshsh512.c.
Ben Harris [Wed, 31 Aug 2005 19:11:19 +0000 (19:11 +0000)]
Rename ssh_md5 and ssh_sha1 to ssh_hmac_md5 and ssh_hmac_sha1 respectively.
This is to make room for a hash abstraction that's likely to want to use
ssh_sha1, at least.
Ben Harris [Tue, 30 Aug 2005 22:39:35 +0000 (22:39 +0000)]
Further progress in the direction of variable exchange hashes -- stash the
outgoing KEXINIT, and only start generating the exchange hash once we know
which KEX method we're using.
Ben Harris [Tue, 30 Aug 2005 20:38:57 +0000 (20:38 +0000)]
Beginnings of support for multiple exchange hashes in SSH-2: rather than
storing a SHA-1 hash of the client and server version strings, store the
strings themselves so we can feed them through the appropriate hash when
we know what it is.
Jacob Nevins [Fri, 26 Aug 2005 21:17:49 +0000 (21:17 +0000)]
I think this should fix various problems with queued incoming data not being
processed and incoming data being processed out of order, which I suspect is
the cause of `ssh1-fwd-trouble' as noted by Gevan Dutton. I'm not able to
test the failure case, but it doesn't seem to have obviously broken anything
in the cases I have tested, anyway.
Jacob Nevins [Wed, 10 Aug 2005 18:31:24 +0000 (18:31 +0000)]
Ben Rudiak-Gould points out that we should be using WM_APP as the base for
our app-private window messages, which is considerably higher than the
WM_XUSER we arbitrarily chose. (This isn't known to be causing any actual
problems. The fix seems not to have obviously broken anything.)
Ben Harris [Sun, 24 Jul 2005 13:46:14 +0000 (13:46 +0000)]
draft-ietf-secsh-transport-24 says that only "SSH-" at the start of a line
marks a version string. It's a bit vague about the definition of a line,
but I think it's reasonable to assume that they'll end with LF. Change
do_ssh_init() to ignore "SSH-" anywhere else. This makes the existing state
machine overkill, so replace it with something a little more readable.
Jacob Nevins [Sun, 17 Jul 2005 13:37:58 +0000 (13:37 +0000)]
This is getting silly; nearly 25% of our mirrors are now in the US.
Discourage more strongly mirrors in well-served areas in the Feedback section.
Also, duplicate that text on the Mirrors page, along with a request to tell us
the country (since lots of people still don't).
Jacob Nevins [Fri, 15 Jul 2005 11:47:28 +0000 (11:47 +0000)]
Patch from Colin Watson: we were sometimes passing stack storage to putenv(),
which is Bad (in his case, it caused TERM to end up unset). Use malloc()'d
storage instead.
Jacob Nevins [Wed, 29 Jun 2005 18:20:17 +0000 (18:20 +0000)]
Try to make it slightly clearer that TIS/CryptoCard are generic, since
SSH:TDGv2 seems to think that TIS is only relevant to its original
application (whose name eludes me at the moment).
Ben Harris [Wed, 22 Jun 2005 10:00:09 +0000 (10:00 +0000)]
Improve IPA representation of "PuTTY", as suggested by John Lunney. My
rationale (as mailed to him):
I think you're right. I got the pronunciation there from the second edition
of the OED and my Collins dictionary at home, both of which believe that
"pretty" is pronounced /'prItI/, but, at least to me, those two vowels are
different. Both of them think that /i/ doesn't occur in English words, the
vowel in "beat" being /i:/. The third edition of the OED, though, adds /i/
as an English vowel in its pronunciation guide, with "happy" as an example
of its use. I'll update the FAQ following your suggestion.
Jacob Nevins [Tue, 21 Jun 2005 20:13:48 +0000 (20:13 +0000)]
Fix an apparently-harmless error spotted by Ben Rudiak-Gould:
do_ssh2_transport() was returning the wrong value for rekeys after the first.
This apparent error was introduced in r4901, but we can't see any reason for
the change to have been made. If it turns out to be a mistake to revert it,
I'm sure we'll find out.
Here for posterity is Simon's analysis:
| A lot of the return values from do_ssh2_transport appear to be vestigial: it
| used to be that a zero return from do_ssh2_transport meant it had handled the
| packet internally, and a 1 return meant the packet wasn't a transport-layer
| one and needed to pass on to do_ssh2_authconn. Since r4901, however, the
| layer discrimination is done based on the message type ranges, and the only
| remaining dependency on the return value from do_ssh2_transport is a special
| case in ssh2_protocol which detects the first 1 return and makes the
| initialisation call to do_ssh2_authconn.
|
| Therefore, the gratuitous 1 return on every key exchange as a result of the
| confusing if statement is simply ignored in ssh2_protocol (because
| ssh->protocol_initial_phase_done is already TRUE). So the remaining question
| was, why does the _lack_ of that 1 return not cause a problem, if the if's
| sense is indeed reversed?
|
| The answer is that 1 is still returned, just not by the crReturn inside the
| if statement. It's returned by the next crReturn, just after
| wait_for_rekey(). Which suggests that in fact, the if statement has the
| correct sense, but the crReturn inside it has the wrong value - it should be
| returning _zero_, to indicate that every NEWKEYS after the first one is
| uninteresting to the authconn code, and on the very first run through that
| doesn't happen and the NEWKEYS gets all the way to the crReturn(1) later on.
Ben Harris [Mon, 20 Jun 2005 13:56:30 +0000 (13:56 +0000)]
Make the sanity-checks on the size of incoming packets much stricter. We now
enforce the following:
* Packet must have at least one byte of payload and four bytes of padding.
* Total packet length must not exceed 35000 bytes compressed.
* Total packet length including length field must be a multiple of cipher
block size (or eight bytes).
The feebleness of our old checks was noticed by Ben Rudiak-Gould.
Ben Harris [Sun, 19 Jun 2005 14:17:24 +0000 (14:17 +0000)]
A major purpose of PuTTY's memory-allocation functions is to succeed or die
trying, so there's no need to check their return values for NULL. Spotted
by Ben Rudiak-Gould.
Jacob Nevins [Tue, 14 Jun 2005 14:48:17 +0000 (14:48 +0000)]
We should wait until the Rlogin server indicates that it's happy to receive
window-size notifications before we send them.
This clears up a problem where the first password entry always failed.
Jacob Nevins [Thu, 9 Jun 2005 10:05:29 +0000 (10:05 +0000)]
"SanskritFritz" points out that digits at the start of RTF pastes were being
eaten by the trailing "\f0" on the RTF preamble. The RTF spec (1.0 and 1.6)
suggests that adding a space should defuse this situation and be otherwise
harmless, and it works for me (Win98).
Jacob Nevins [Sat, 21 May 2005 16:49:27 +0000 (16:49 +0000)]
Factor out all local SSH disconnections into a new function ssh_disconnect(),
and add the ability to treat a local disconnection as "unclean" -- notably, if
we can't agree any authentication methods to even try; someone was complaining
that the PuTTY window by default just disappears for no apparent reason in this
circumstance.
Also, use appropriate disconnect codes for those SSH2_MSG_DISCONNECT messages
that we do send.
I don't think I've seriously broken any user-visible behaviour, but the way
that connection-close distinctions are transmitted to the front-end is shaky
(or so it seems to me), so there may be non-ideal changes on some platforms.
Jacob Nevins [Sat, 21 May 2005 14:35:21 +0000 (14:35 +0000)]
Add NO_MANIFESTS option to Windows build, as the manifests apparently cause
trouble for 64-bit Windows builds.
Also flag the build flags that only apply to Windows.
Jacob Nevins [Sat, 21 May 2005 14:16:43 +0000 (14:16 +0000)]
Use {Get,Set}WindowLongPtr() instead of {Get,Set}WindowLong() for compatibility
with 64-bit Windows. Untested on 64-bit, but it doesn't appear to have broken
anything on 32-bit.
Jacob Nevins [Mon, 16 May 2005 14:41:08 +0000 (14:41 +0000)]
connection_fatal() should be called after ssh_closing() and other accesses to
`ssh', since it potentially frees it and potentially doesn't return.
Only affected a couple of rare circumstances.
Ben Harris [Sat, 14 May 2005 22:01:10 +0000 (22:01 +0000)]
Add experimental support for detecting BREAK on input and propagating it as
TS_BRK on output. This is tested to the extent that other data survive the
escaping performed by PARMRK, at least on my system. Actual passing on
of BREAK is as-yet untested.
Jacob Nevins [Thu, 12 May 2005 15:09:35 +0000 (15:09 +0000)]
Use the packet dispatch table to handle USERAUTH_BANNER messages, which should
hopefully solve `drop-banner'. I haven't been able to test the failure case,
but the behaviour with OpenSSH appears no worse.
Jacob Nevins [Thu, 5 May 2005 22:37:54 +0000 (22:37 +0000)]
Implement `bypass-ssh2-userauth', since from correspondence it sounds like
there are servers which could in principle operate in this mode, although I
don't know if any do in practice. (Hence, I haven't been able to test it.)
Ben Harris [Sat, 30 Apr 2005 14:30:07 +0000 (14:30 +0000)]
Unlike the AES and Blowfish code, our implementations of the various DES
modes of operation all took separate source and destination pointers. They
were never called with those pointers different, though, so reduce them to
a single pointer like everything else uses.
Ben Harris [Thu, 28 Apr 2005 08:21:04 +0000 (08:21 +0000)]
Fix two more stupid bugs in 3des-ctr:
- We were using the first word of each block of keystream block twice and the
second not at all.
- We were incrementing the high-order word of the counter after every block
rather than the low-order one.
With those fixed, our 3des-ctr implementation interoperates with the one in
Moussh. Thanks to der Mouse for his help with the testing.
Ben Harris [Wed, 27 Apr 2005 21:42:51 +0000 (21:42 +0000)]
On monochrome displays, display the cursor in reverse video so that it's
visible on reversed out text. This only applies to active block cursors for
now.
Ben Harris [Wed, 27 Apr 2005 21:09:45 +0000 (21:09 +0000)]
On 1bpp displays, ignore colour attributes. This makes pterm minimally useful
there, though (e.g.) switching to using reverse video for the cursor would
probably also help. Displays with other silly depths (e.g. 2bpp) aren't
catered for, but I suspect they're rare in the X world.
Ben Harris [Wed, 27 Apr 2005 15:42:10 +0000 (15:42 +0000)]
Rather than checking for <sys/sockio.h>, just include it if our other
attempts at finding SIOCATMARK have failed. This removes one of our
Autoconf tests, which is always nice.
Ben Harris [Wed, 27 Apr 2005 11:10:54 +0000 (11:10 +0000)]
In SSH-2 mode, PuTTY wasn't sending KEXINIT until it had received one from the
server, which led to stalemate if the server did the same. PuTTY now sends
KEXINIT proactively as soon as it's worked out that it's talking SSH-2.
Simon Tatham [Wed, 27 Apr 2005 08:09:32 +0000 (08:09 +0000)]
mkunxarc.sh is supposed to be silent, so I'm having it discard the
stderr output from mkauto.sh. (I debated discarding it within
mkauto.sh itself, but decided against it.)
Ben Harris [Mon, 25 Apr 2005 23:57:45 +0000 (23:57 +0000)]
Squash OPOST locally when we're not in line-editing mode, and propagate
the other output flags with SSH. This means that when I log into a remote
system using Plink and then run "stty -onlcr" I get the expected
stair-stepping.
Ben Harris [Mon, 25 Apr 2005 23:28:25 +0000 (23:28 +0000)]
Use pututxline() in place of pututline(), since the former is standardised by
X/Open and actually seems to be more common (NetBSD has it). Also use
updwtmpx() rather than directly writing to the wtmpx file, though more for
reasons of aesthetics than anything practical.
Ben Harris [Mon, 25 Apr 2005 22:46:08 +0000 (22:46 +0000)]
Ask GDK to give us reasonable approximations if it can't get precisely the
colours we asked it for. This means that I can run pterm on an 8-bit
PseudoColor display even if I have another program running.
Ben Harris [Mon, 25 Apr 2005 18:51:15 +0000 (18:51 +0000)]
Check for <sys/sockio.h> and include it in uxnet.c if we find it. It's
necessary on Solaris if we want to use SIOCATMARK. Using sockatmark() might
be preferable, but despite being notionally standard it's missing on
Solaris 9 and Mac OS X 10.3.9, whereas everyone seems to have SIOCATMARK
somewhere.
Ben Harris [Mon, 25 Apr 2005 17:21:08 +0000 (17:21 +0000)]
uxpty.c uses non-X/Open facilities (notably strsignal()), so don't define
_XOPEN_SOURCE. We do still need _GNU_SOURCE in order to get grantpt()
on GNU systems. This allows uxpty.c to compile on NetBSD.