Simon Tatham [Fri, 21 Jul 2000 09:17:05 +0000 (09:17 +0000)]
PSCP: After a password supplied with `-pw' fails to authenticate,
we should _not_ fall back to console input for a second attempt,
because this hangs batch files.
Simon Tatham [Tue, 6 Jun 2000 08:57:55 +0000 (08:57 +0000)]
Security improvement: check that string length field in
SSH_SMSG_{STDOUT,STDERR}_DATA packets is consistent with length
field in packet header. (Helps prevent insertion attack.)
Simon Tatham [Mon, 5 Jun 2000 16:33:58 +0000 (16:33 +0000)]
Hack to work around the rootshell.com xterm DoS problem. A better
fix might be possible, but it's unclear whether this is a productive
strategy in the long term.
Simon Tatham [Fri, 24 Mar 2000 11:46:39 +0000 (11:46 +0000)]
Rather silly byte-string / word-string transformations in RSA key
handling were failing when the key had an odd number of bytes. A
server with an 850-bit key was suffering connection failures as a
result. Now fixed.
Simon Tatham [Fri, 24 Mar 2000 09:45:49 +0000 (09:45 +0000)]
Peter Schellenbach's patch: re-implement the PuTTY cryptographic
functions as calls to the MS Crypto API. Not integrated into the
Makefile yet, but should eventually allow building of an SSH-enabled
PuTTY which contains no native crypto code, so it can be used
everywhere (and anyone who can get the MS encryption pack can still
use the SSH parts).
Simon Tatham [Fri, 17 Mar 2000 10:39:05 +0000 (10:39 +0000)]
RDB's patch. Oodles of new terminal functionality, including
ATTR_BLINK (as bold background) and VT52 support. Plus a
compatibility tracking system whereby all escape sequences can be
disabled for a pure-VT102 compatibility mode or other levels.
Simon Tatham [Fri, 17 Mar 2000 10:37:35 +0000 (10:37 +0000)]
RDB's patch:
- `local ldisc' config option now switches between PuTTY's original
behaviour when off (aggressively start negotiations, never use
local line discipline) and Unix telnet's off-port-25 behaviour
when on (wait to be negotiated with, toggle local line discipline
when TELOPT_ECHO changes)
- SYNCH handling has been improved again, though it may still be
broken due to WinSock being irretrievably pants
Simon Tatham [Fri, 17 Mar 2000 10:34:41 +0000 (10:34 +0000)]
RDB's patch:
- use WM_TIMER for various things (blinking cursor; updates while
moving/sizing; coping with overloading influx of netevents)
- clip text output to avoid underlines outside character cell
- even more careful font selection (we can now do OEMANSI by
default)
- a few extra keyboard mappings from the VTxxx terminals
Simon Tatham [Wed, 15 Mar 2000 15:08:48 +0000 (15:08 +0000)]
First stab at the ability to compile puttytel.exe, an SSH-free
variant which is patent-safe in the US and legal in France and
Russia. This is a horrible hack in some ways: it's shown up serious
deficiencies in the module boundaries. Needs further work, probably
once the SSH implementations are recombined.
Simon Tatham [Sat, 11 Mar 2000 14:25:35 +0000 (14:25 +0000)]
Robert de Bath's patch: when the user presses CR, the Telnet backend
now sends NVT `NL' (CR,LF) instead of NVT `CR' (CR,NUL). Unix
telnetd apparently cares not a jot for the difference, but others do.
Simon Tatham [Sat, 11 Mar 2000 14:16:55 +0000 (14:16 +0000)]
Robert de Bath's patch: ARG_DEFAULT is now zero because it's
apparently defined behaviour for _all_ CSI-type sequences that ESC[Q
should be equivalent to ESC[0Q. Which is a pain in the wossname and
not a sane way to do it, but if the standards say it then I suppose
... :-(
Simon Tatham [Sat, 11 Mar 2000 14:10:10 +0000 (14:10 +0000)]
Robert de Bath's patch: be a little more careful of main and
alternate screens when resizing the window. Should avoid lines of
alternate screen showing up in scrollback buffer.
Simon Tatham [Tue, 30 Nov 1999 10:52:07 +0000 (10:52 +0000)]
Robert de Bath's multi-purpose patch, slightly modified.
- ^E answerback is now `PuTTY'.
- The framework is now in place for the scrollback to reset to
bottom on display _or_ keyboard events _or_ both. An actual
configurable option isn't yet present, but most of the code is in
place.
- Try to deal with the problems where incoming data gets dropped
after decoding but before display.
- Scrollback behaviour has changed: instead of keying it off
`scroll' versus `delete top line', things now go into the
scrollback from _either_ of those but only if the primary screen
is selected. Should fix problems with `less' and talkers.
- must_update variable has gone because rdb correctly observed that
it didn't seem to be doing a great deal :-)
Simon Tatham [Mon, 15 Nov 1999 10:31:06 +0000 (10:31 +0000)]
Declare `struct RSAKey' so that its implicit declaration in the
parameter list of verify_ssh_host_key() does not have scope
restricted to that parameter list. Probably unnecessary but let's
not take chances.