Simon Tatham [Sat, 28 Apr 2001 11:27:04 +0000 (11:27 +0000)]
Only update the system caret when we have the focus. This was
apparently causing the weird caret behaviour in Change Settings,
because that routine was still being called...
Simon Tatham [Sat, 28 Apr 2001 11:25:58 +0000 (11:25 +0000)]
Fix completely stupid agent_exists test. (Hint to self: you have to
actually _call_ a boolean-returning function, not just test its
address for nonzerohood.) Thanks Jacob.
Simon Tatham [Tue, 17 Apr 2001 09:25:52 +0000 (09:25 +0000)]
Two more small bugs introduced by the B-tree reorg: scroll() now
requires fix_cpos() to be called after it (otherwise cpos might point
to a line that isn't where you remember it being), and a mis-aimed
incpos() was causing forward selection dragging not to include the
char under the mouse. Both fixed.
Simon Tatham [Tue, 17 Apr 2001 08:53:31 +0000 (08:53 +0000)]
Fix alternate-screen bugs introduced by move to B-trees. Alternate
screen wasn't being correctly cleared on creation, and also wasn't
inhibiting scrollback like it should have.
Simon Tatham [Mon, 16 Apr 2001 21:29:12 +0000 (21:29 +0000)]
Put back Robert de Bath's second level of bell overload tracking. It
had a useful purpose: when primary overload handling is disabled, it
prevents MessageBeep calls overloading the program, because they
don't cancel each other like async PlaySounds do.
Simon Tatham [Mon, 16 Apr 2001 21:25:13 +0000 (21:25 +0000)]
Terminal now uses unsorted counted tree234 as its basic data type.
Should speed up scrollback to usable levels no matter how big your
scrollback buffer.
Simon Tatham [Mon, 16 Apr 2001 11:16:58 +0000 (11:16 +0000)]
Pageant interface changes. You can now do `pageant -c command' to
spawn another command after starting Pageant. Also, if Pageant is
already running, `pageant keyfile' and `pageant -c command' will do
the Right Thing, that is, add the key to the _first_ Pageant and/or
run a command and then exit. The only time you now get the `Pageant
is already running' error is if you try to start the second copy
with no arguments.
NB the affected files in this checkin are rather wide-ranging
because I renamed the not really SSH1-specific
`ssh1_bignum_bitcount' function to just `bignum_bitcount'.
Simon Tatham [Mon, 16 Apr 2001 09:10:34 +0000 (09:10 +0000)]
Log the text message in SSH_MSG_DISCONNECT (both protocols) so that
when people submit Event Logs for diagnosis it's a little easier to
work out what's up.
Simon Tatham [Fri, 13 Apr 2001 10:52:36 +0000 (10:52 +0000)]
New improved bell handling. Choice between visual and audible bell;
configurable bell overload handling. Thanks to Robert de Bath for
galvanising me into doing this, but I've had to rip most of his code
out and redo it myself...
Simon Tatham [Mon, 9 Apr 2001 12:52:43 +0000 (12:52 +0000)]
Keyboard handling patch from RDB: the Windows Application key is now
always Compose (we have no better use for it), and Ctrl-Alt can be
made to act like AltGr (but it's never Compose even when AltGr is).
Simon Tatham [Mon, 9 Apr 2001 11:59:35 +0000 (11:59 +0000)]
Default handling of VT100 line drawing characters in cut and paste is
now to translate them into poor man's characters (+--+ and |). We also
have an option to disable this (and map line drawing characters to the
corresponding ASCII code as before). Thanks to Robert de Bath.
Simon Tatham [Wed, 28 Mar 2001 16:38:40 +0000 (16:38 +0000)]
Oops. The new remote_cmd_ptr points in the wrong place when you copy a
Config structure like plink does at one point. (I'm almost tempted to
say this is where a copy constructor would be handy :-/ )
Simon Tatham [Fri, 23 Mar 2001 13:02:39 +0000 (13:02 +0000)]
Modify the new rsa_verify routine. We now also check the integrity of
the private data (verifying that p > q and that iqmp really is the
inverse of q mod p). In addition, we _no longer_ check that e*d == 1
mod (p-1)(q-1): instead we do separate checks mod (p-1) and mod (q-1),
since the order of the multiplicative group mod n is actually equal to
lcm(p-1,q-1) rather than phi(n)=(p-1)(q-1). (In other words, the
Fermat-Euler theorem doesn't point both ways.)
Simon Tatham [Fri, 23 Mar 2001 10:28:36 +0000 (10:28 +0000)]
Fix the SSH protocol version exchange, which had a weird stack trash
in it which for some reason didn't show up when built with VC++6 but
blew up the nightlies. Should be OK now.
Simon Tatham [Thu, 22 Mar 2001 21:48:33 +0000 (21:48 +0000)]
Following the recent advisory about attacks on PGP keys based on
tampering with the unencrypted public part of the key but leaving
the private part intact ... we are now ultra-paranoid about RSA key
files, and we check that the public part matches the private part
_before_ we generate any signatures with them.
Simon Tatham [Thu, 22 Mar 2001 17:32:40 +0000 (17:32 +0000)]
Remove the length limit on protocol version strings. (In principle, I
could have got away with upping it to 256, but I didn't want a repeat
of the chaos when some server accidentally breaks that limit too...)
Simon Tatham [Mon, 19 Mar 2001 10:27:59 +0000 (10:27 +0000)]
Plink in noninteractive-script mode should not show the `Authenticated
with public key' message in SSH2 (it already doesn't in SSH1). It
shouldn't show the login banner either, since its output is probably
redirected to something which will choke on it.
Simon Tatham [Mon, 19 Mar 2001 10:24:55 +0000 (10:24 +0000)]
Add Norman Brandinger's suggested `-m' option in plink, to read the
remote command from a local file. Advantage: you can have more than
one line in it, so you can remotely run what's effectively a small
script.
Simon Tatham [Fri, 16 Mar 2001 12:09:44 +0000 (12:09 +0000)]
SSH2 channel fix: received WINDOW_ADJUSTs were always applied to the
primary (shell session) channel, rather than the one they were aimed
at. This _despite_ me having deliberately gone and looked the channel
ID up in the B-tree - I was ignoring the result by accident :-/
X forwarding should now work in SSH2 even on non-trivial clients (ie
things other than xdpyinfo).
Simon Tatham [Fri, 16 Mar 2001 11:58:54 +0000 (11:58 +0000)]
Correct handling of SSH1 protocol flags, in particular
PROTOFLAG_SCREEN_NUMBER, without which OpenSSH 2.5.1 was objecting to
my gratuitous inclusion of a screen number in the SSH1 X forwarding
request. Ahem.
Simon Tatham [Thu, 15 Mar 2001 17:14:31 +0000 (17:14 +0000)]
Add support for SSH2 userauth banners. We currently can't deal with
printing them _before_ the username prompt. This apparently isn't very
serious because OpenSSH doesn't _send_ it before the username prompt,
but only in response to USERAUTH_REQUEST "none". Good job we do that!
Simon Tatham [Thu, 15 Mar 2001 12:15:02 +0000 (12:15 +0000)]
At long last: PuTTY will now report its version to the server
sensibly, as a release or a snapshot or a local build. With any luck
this should make bug reporting easier to handle, because anyone who
sends their Event Log should automatically include the version :-)
Simon Tatham [Mon, 12 Mar 2001 12:24:07 +0000 (12:24 +0000)]
Finally fixed the point/pixel confusion in font handling. Thanks to
Roman Surma for pointing me at the relevant bits of documentation. All
font sizes should now be measured in points, and everything should be
consistent, and (with any luck) old Registry settings should adapt
gracefully too.
Simon Tatham [Sat, 10 Mar 2001 11:04:07 +0000 (11:04 +0000)]
Add support for using Diffie-Hellman with short exponents (sshdh.c
contains a reference to a paper on the subject). Reduces time taken
for DH group exchange to the point where it's viable to enable it
all the time, so I have. :-)
Simon Tatham [Mon, 5 Mar 2001 16:38:42 +0000 (16:38 +0000)]
Make the SSH2 traffic analysis defence robust in the face of Zlib
compression. This involves introducing an option to disable Zlib
compression (that is, continue to work within the Zlib format but
output an uncompressed block) for the duration of a single packet.
Simon Tatham [Sat, 3 Mar 2001 16:38:44 +0000 (16:38 +0000)]
Implement OpenSSH's private agent forwarding extension. I believe we
now interoperate with OpenSSH/SSH2 to _exactly_ the same level as we
interoperate with SSH1. Which is pretty cool really.
Simon Tatham [Sat, 3 Mar 2001 13:53:44 +0000 (13:53 +0000)]
The authentication diagnostics in SSH2 should now be better.
Additionally, the ability to switch usernames if you mistype the
first one has been restored (although it didn't actually work
because OpenSSH didn't feel like playing; patch submitted :-).
Simon Tatham [Sat, 3 Mar 2001 11:54:34 +0000 (11:54 +0000)]
Preliminary support for RSA user authentication in SSH2! Most of the
error messages are currently wrong, and Pageant doesn't yet support
the new key type, and I haven't thoroughly tested that falling back
to password authentication and trying invalid keys etc all work. But
what I have here has successfully performed a public key
authentication, so it's working to at least some extent.
Simon Tatham [Fri, 2 Mar 2001 13:55:23 +0000 (13:55 +0000)]
Support for selecting AES from the GUI. In the process, I've had to
introduce another layer of abstraction in SSH2 ciphers, such that a
single `logical cipher' (as desired by a user) can equate to more
than one `physical cipher'. This is because AES comes in several key
lengths (PuTTY will pick the highest supported by the remote end)
and several different SSH2-protocol-level names (aes*-cbc,
rijndael*-cbc, and an unofficial one rijndael-cbc@lysator.liu.se).
Simon Tatham [Thu, 1 Mar 2001 17:55:40 +0000 (17:55 +0000)]
Diffie-Hellman group exchange in SSH2. Currently #ifdeffed out
(change the sense of #ifdef DO_DIFFIE_HELLMAN_GEX in ssh.c) because
it's _far_ too slow. Will be re-enabled once the bignum routines
work a bit faster (or rather a _lot_ faster).
Simon Tatham [Thu, 1 Mar 2001 17:45:31 +0000 (17:45 +0000)]
Add a key length indication to each SSH2 cipher structure, in
preparation for needing to know how much key material each cipher
needs in order to select a suitable Diffie-Hellman group.
Simon Tatham [Thu, 1 Mar 2001 17:41:26 +0000 (17:41 +0000)]
Remove the last lingering knowledge, outside sshbn.c, of the
internal structure of the Bignum type. Bignum is now a fully opaque
type unless you're inside sshbn.c.