Jacob Nevins [Wed, 20 Aug 2008 22:21:04 +0000 (22:21 +0000)]
Fix for portfwd-addr-family: on Unix, when a tunnel is specified as "Auto"
(rather than IPv4 or IPv6-only; this is the default), try to open up listening
sockets on both address families, rather than (unhelpfully) just IPv6. (And
don't open one if the other can't be bound, in a nod to CVE-2008-1483.)
Based on a patch from Ben A L Jemmett.
Simon Tatham [Thu, 17 Jul 2008 17:01:27 +0000 (17:01 +0000)]
At least one version of gcc won't figure out that "clear" is never
read uninitialised (because the only circumstance under which it
isn't initialised is when "update" is FALSE, in which case it isn't
read either). Placate it.
Simon Tatham [Sun, 6 Jul 2008 12:24:56 +0000 (12:24 +0000)]
Patch from Tim Kosse: check back->exitcode() in both loops on
ssh_sftp_loop_iteration(), not just one. Fixes exiting on a negative
response to the host key confirmation prompt on Windows (because
winsftp.c doesn't have the equivalent of uxsftp.c's no_fds_ok); on
Unix it worked already but gave a suboptimal error message, which is
fixed too by this patch.
Jacob Nevins [Sun, 15 Jun 2008 12:39:09 +0000 (12:39 +0000)]
Exorcise beeps from the Colours pane in Gtk.
The colour list box beeped at the user whenever it found that
something other than exactly one colour was selected. This seems to
happen implicitly in Gtk when the pane is changed. In Gtk1, this gave
you a beep whenever you left the Colours dialog after having selected
a colour from the list; in Gtk2, you additionally got a beep _every_
time you subsequently re-entered the Colours dialog (for reasons I
haven't investigated). Windows was unaffected.
Also, in Gtk (unlike Windows), it's possible for the user to go back
to the state where no items in the list box are selected at all.
For these reasons, stop beeping at the user, and instead blank the RGB
edit boxes as a hint that edits to them would be futile. (Really we
should be disabling them entirely, but the cross-platform edit
controls aren't up to that yet.)
Simon Tatham [Wed, 11 Jun 2008 18:03:35 +0000 (18:03 +0000)]
Work around a bug in early versions of GTK (which I'm still forced
to use, gah) in which the "model" argument to
gtk_tree_selection_get_selected_rows() couldn't be NULL.
Simon Tatham [Tue, 10 Jun 2008 20:18:23 +0000 (20:18 +0000)]
Manfred Schwarb points out that scroll wheel support stopped working
with the switch to GTK2. This turns out to be because, where GTK1
represented the scroll wheel as mouse buttons 4 and 5 and generated
GdkEventButton when it was moved, GTK2 has moved wheel actions out
into a new event type GdkEventScroll which we were not handling. Now
we do, so scroll wheel support should be back in place.
Simon Tatham [Sat, 7 Jun 2008 16:30:45 +0000 (16:30 +0000)]
Manfred Schwarb also mentions that Alt+drag is captured by at least
one well known window manager (KDE's); document that Shift+Alt+drag
is worth trying as a workaround.
Simon Tatham [Thu, 5 Jun 2008 17:06:39 +0000 (17:06 +0000)]
Add an include statement to Makefile.gtk that imports if present a
file called Makefile.local. This means that if you're compiling on a
platform that needs COMPAT definitions, you can put them in a local
file and not have to type them on the command line every time.
Simon Tatham [Sun, 1 Jun 2008 11:16:32 +0000 (11:16 +0000)]
Been meaning to do this for years: introduce a configuration option
to manually tweak the host name and port number under which the SSH
host key is read and written.
I've put it in the cross-platform Connection panel. Partly under the
flimsy pretext that other backends _can_ use it if they so wish (and
in fact it overrides the host name for title-bar purposes in all
network backends, though it has no other effect in anything but
SSH); but mostly because the SSH panel was too full already :-)
Jacob Nevins [Sat, 31 May 2008 17:22:29 +0000 (17:22 +0000)]
Apparently Vista's printf-like functions don't support %n by default.
We could explicitly re-enable %n, but we only use it in one place, so take
the path of least resistance and remove that single instance. This stops
dupvprintf() getting stuck in a loop (a behaviour that's caused by a workaround
for a broken libc).
Simon Tatham [Wed, 28 May 2008 19:23:57 +0000 (19:23 +0000)]
OS X Leopard, it turns out, has a new and exciting strategy for
addressing X displays. Update PuTTY's display-name-to-Unix-socket-
path translation code to cope with it, thus causing X forwarding to
start working again on Leopard.
Simon Tatham [Fri, 11 Apr 2008 13:28:38 +0000 (13:28 +0000)]
Utterly hideous new approach to extracting install-sh from the
autoconf/automake edifice, since my previous approach of guessing
its pathname turns out not to work on at least one kind of system.
Simon Tatham [Sat, 22 Mar 2008 12:01:16 +0000 (12:01 +0000)]
For convenience of debugging, and perhaps some real convenience at
some point too: introduce a bunch of environment variables which can
override Unix PuTTY's usual idea of where to find its dotfiles.
Setting PUTTYDIR moves the entire ~/.putty directory; setting
PUTTYSESSIONS, PUTTYSSHHOSTKEYS or PUTTYRANDOMSEED move specific
things within that directory.
While I'm here, also be prepared to fall back to password file
lookups if $HOME is undefined (though we still use $HOME in
preference when it is defined, because that's polite and useful).
Also, on general principles, tweak the make_filename() function
prototype so it doesn't rely on fixed-size buffers.
Simon Tatham [Fri, 7 Mar 2008 18:30:37 +0000 (18:30 +0000)]
Fix a cursor positioning infelicity.
The scenario: I start a small, say 80x24, pterm. I do some work in
it, generating plenty of scrollback, and eventually I `less' a file.
`less' switches to the alt screen. Then I want more vertical space
to look at the file, so I enlarge the window to more like 80x60.
When I quit `less' and switch back to the primary screen, some
scrollback has been pulled down into the screen, as expected - but
the saved _cursor position_ is still at line 24, not at the bottom
of the new terminal where the prompt it goes with has moved to.
Solution: term_size() should adjust the alt-screen saved cursor
positions as well as the normal cursor position.
(Curiously, the problem doesn't happen on my home Debian box, even
without this fix. It happens on my RH9 box at work, though.)
Simon Tatham [Thu, 21 Feb 2008 09:18:24 +0000 (09:18 +0000)]
Aha, _that's_ why I've been periodically getting blocking-write
problems using Unix PuTTY port forwarding. Sockets we create by
connect() are immediately set into nonblocking mode by fcntl, but
sockets we create by accept() were not. This trivial fix should help.
Ben Harris [Wed, 5 Dec 2007 00:02:06 +0000 (00:02 +0000)]
Add a new bug-compatibility mode that limits the window size we'll
advertise so that the server can't exceed our maximum packet size.
Enable it for "1.36_sshlib GlobalSCAPE" which apparently sends oversize
packets otherwise.
Simon Tatham [Mon, 26 Nov 2007 21:09:54 +0000 (21:09 +0000)]
sktree is indexed on the numeric value of the socket structure's
underlying WinSock SOCKET. Therefore, if we plan to modify the
SOCKET in a socket, we must remove it from the tree before doing so,
and put it back again afterwards. Otherwise it'll violate the tree's
sorting order, and sooner or later someone will try to find it and
get back NULL.
Jacob Nevins [Fri, 19 Oct 2007 21:47:47 +0000 (21:47 +0000)]
Marc TERRIER pointed out a couple of places that claim there is an X11
forwarding checkbox on the Tunnels panel, which hasn't been the case for
a while.
Ben Harris [Wed, 3 Oct 2007 20:29:27 +0000 (20:29 +0000)]
Take the code that does flow control in SSH-1, and make it work in SSH-2
as well. This won't be triggered in the usual case, but it's useful
if the remote end ignores our window, or if we're in "simple" mode and
setting the window far larger than is necessary.
Ben Harris [Tue, 2 Oct 2007 21:43:53 +0000 (21:43 +0000)]
More fixes to stdout and stderr. When the backlog on either clears, call
the backend's unthrottle function. If we don't, we'll deadlock. While
we're here, also pump as much data as possible out during each call to
try_output(), rather than restricting ourselves to a single call to
write().
Ben Harris [Tue, 2 Oct 2007 21:07:52 +0000 (21:07 +0000)]
As far as I can see (at least in NetBSD) O_NONBLOCK and FIONBIO are equivalent,
except that O_NONBLOCK is standardised and FIONBIO isn't. In consequence,
replace our only use of FIONBIO with O_NONBLOCK.
Inspired by Jonathan H N Chin, who had problems with this on Solaris.
Ben Harris [Mon, 1 Oct 2007 21:11:11 +0000 (21:11 +0000)]
Rather than rejecting spurious SSH_MSG_CHANNEL_SUCCESSes, and ignoring
spurious SSH_MSG_CHANNEL_FAILUREs, treat them as the protocol errors
they are and forcibly disconnect. Inspired by recent traffic on
comp.security.ssh.
Ben Harris [Sun, 30 Sep 2007 19:42:31 +0000 (19:42 +0000)]
Merge the looking up of channel numbers for SSH-2 channel messages into
a single function which also handles checking that channels exist and
are properly open. This should make PuTTY a little less tolerant of
servers that send bogus messages.
Ben Harris [Sun, 30 Sep 2007 12:45:49 +0000 (12:45 +0000)]
When writing session data to stdout or stderr, switch the relevant file
descriptor into non-blocking mode temporarily, and correctly handle returns
of EAGAIN from write(). This should fix unix-plink-stdout-nonblock, while
avoiding EAGAIN turning up where we aren't expecting it.
Ben Harris [Sat, 29 Sep 2007 12:27:45 +0000 (12:27 +0000)]
Add support for resetting the terminal modes on stderr to something sensible
before printing error messages to it. This should fix the stair-stepping
in Plink's progress messages.
Ben Harris [Mon, 24 Sep 2007 21:43:48 +0000 (21:43 +0000)]
My changes in r7738 (O_NONBLOCK for Unix Plink) were half-arsed, and
completely broke interactive logins. The problem, or at least one of the
problems, was that in interactive use stdin, stdout, and stderr tend to be
the same file, so setting O_NONBLOCK on the latter two also sets it on the
former. Thus, we need to cope with all of them being non-blocking.
Ben Harris [Mon, 24 Sep 2007 15:18:11 +0000 (15:18 +0000)]
Add support for automatically tuning the SSH-2 window size for decent
performance. The theory behind this is fairly simple, though the
implementation turns out to be a little trickier than it looks.
The basic idea is that when the connection isn't being limited by our ability
to process data, we want to ensure that the window size _as seen by the server_
never drops to zero. Measuring the server's view of the window size is done
by arranging for it to acknowledge every SSH_MSG_CHANNEL_WINDOW_ADJUST, or
rather an SSH_MSG_CHANNEL_REQUEST sent just before it. That way we can tell
when it its outgoing data stream it received the window adjustment, and
thus how small the server's view of the window got.
At present, we only ever increase the window size. In theory, we could
arrange to reduce it again if the server's view of it seemed to be persistently
too large, but my experiments suggest that getting this right will be tricky.
Ben Harris [Thu, 20 Sep 2007 21:33:21 +0000 (21:33 +0000)]
Don't try SSH-1 RSA authentication unless the server has advertised support
for it. It's possible that this obsoletes BUG_CHOKES_ON_RSA. Certainly
the one SSH-1.5-Cisco-1.25 server I found was correctly not advertising RSA
auth. For now, leave it in, because I'm not feeling entirely confident.
Ben Harris [Thu, 20 Sep 2007 21:07:24 +0000 (21:07 +0000)]
In SSH-1, don't attempt password authentication unless the server has
announced support for it. Instead exit with a fatal error (since password
auth is our last resort).
Ben Harris [Tue, 7 Aug 2007 22:02:03 +0000 (22:02 +0000)]
Correctly terminate nc target hostname when copying it.
While we're here, use memcpy rather than strncpy when we've already worked
out how much we're going to copy.
Ben Harris [Mon, 6 Aug 2007 20:56:52 +0000 (20:56 +0000)]
Use "int" rather than "unsigned" as the argument to ssh2_set_window, not
because it can ever be negative, but because we'll be comparing it with
another int. This way, C's promotion rules don't bite us and we should
stand slightly more chance of coping with broken servers that overrun our
window.
Ben Harris [Sun, 5 Aug 2007 14:18:43 +0000 (14:18 +0000)]
Small window-handling tweaks. Set the default big window to 0x7fffffff bytes,
and tweak ssh2_set_window() so it can cope with that. Also arrange to send
a private channel message in simple mode to tell the server that it can safely
use a large window too.
Ben Harris [Sat, 4 Aug 2007 22:14:19 +0000 (22:14 +0000)]
In the file-transfer applications, which only ever use the main
channel, arrange to set the SSH-2 window size to something very
large. This prevents the connection stalling when the window fills
up, and means that PSCP receives data _much_ faster.
Ben Harris [Sat, 4 Aug 2007 16:04:08 +0000 (16:04 +0000)]
Tweak window handling so that we send a window adjust if the window is half
used up, rather than over half. That this increases the throughput of PSCP
by 50% indicates just how broken our window handling is.
Ben Harris [Sat, 4 Aug 2007 15:48:52 +0000 (15:48 +0000)]
When omitting session data from logs, don't omit the length of the session
data string. This isn't strictly necessary, but it makes the logs easier to
use.
Ben Harris [Sat, 4 Aug 2007 14:32:06 +0000 (14:32 +0000)]
Tweak to window handling: Keep the local window in a signed integer, and
arrange to handle usefully the case where the server sends us more data
than it's allowed to. There's no danger of overflow, since the maximum is
OUR_V2_WINSIZE and the minimum is -OUR_V2_MAXPKT (at least if the server is
nice).
Ben Harris [Sun, 29 Jul 2007 14:02:00 +0000 (14:02 +0000)]
Don't throw away data that we receive before we're ready for it. Just save
it up for later. This should prevent hangs when talking to particularly
enthusiastic servers.
Ben Harris [Sat, 21 Jul 2007 21:39:36 +0000 (21:39 +0000)]
Split pkt_ctx into a separate enumeration for each of kex and userauth
instead of a bitfield for both. This doesn't gain much here, but it should
make it easier to make things other than logging use the context.
Ben Harris [Sat, 21 Jul 2007 13:43:57 +0000 (13:43 +0000)]
Arrange that log_packet() isn't called for raw data logging if logctx is null.
This allows us to send data in ssh_init(), albeit at the expense of its not
being properly logged, so arrange to send the version string then if that's
sensible, which should reduce the number of round-trips required to bring
up an SSH-2 connection.
Ben Harris [Thu, 19 Jul 2007 23:53:02 +0000 (23:53 +0000)]
Separate out the code for creating and sending SSH version strings so that in
the SSH-2-only case, we can send it as soon as we connect rather than waiting
for the server's one. Unfortunately, actually doing so will take a little
more effort -- there are subtleties to do with having a working log context
at the right moment that need to be sorted out.
Jacob Nevins [Sun, 1 Jul 2007 15:47:31 +0000 (15:47 +0000)]
Implement Marcin Bulandra's suggestion of only automatically updating the
port number in the GUI when the connection type is changed if the current
port number is the standard one for the current protocol.
It's not perfect, but it should make the common case of tabbing through the
Session panel easier when starting non-SSH connections on odd ports.
Jacob Nevins [Sun, 1 Jul 2007 15:41:09 +0000 (15:41 +0000)]
Remove port number validation from Windows PuTTY -- it could cause unnecessary
trouble with serial connections, and a port number of zero gets caught later
anyway.
Jacob Nevins [Sat, 30 Jun 2007 21:56:44 +0000 (21:56 +0000)]
Rationalise access to, and content of, backends[] array.
Should be no significant change in behaviour.
(Well, entering usernames containing commas on Plink's command line will be
a little harder now.)
Simon Tatham [Tue, 22 May 2007 18:37:17 +0000 (18:37 +0000)]
Retire the e-gold link. Nobody's used it in years; I honestly don't
know how I'd go about retrieving money from them any more because my
last exchange transaction went through a company who subsequently
turned out to be dodgy; and a user points out that e-gold is in
legal trouble, which suggests that avoiding it is probably wise.
Simon Tatham [Tue, 1 May 2007 12:26:44 +0000 (12:26 +0000)]
Reindent the section that was marked `XXX The lines below should be
reindented before this is committed'. Unfortunately not before it
was committed, but you can't have everything :-)