Simon Tatham [Mon, 23 Oct 2000 15:18:37 +0000 (15:18 +0000)]
Fix a bug which was causing occasional failed-host-key-check
messages. Also left some diagnostics in, under #if 0, so that next
time this happens it'll be easier to debug.
Simon Tatham [Mon, 23 Oct 2000 12:20:53 +0000 (12:20 +0000)]
Plink and PSCP were failing to load the `Default Settings' options
when connecting to an arbitrary hostname. In particular, setting a
default user name didn't work. Now it does.
Simon Tatham [Mon, 23 Oct 2000 11:55:11 +0000 (11:55 +0000)]
Created a shiny new abstraction for the socket handling. Has many
advantages:
- protocol modules can call sk_write() without having to worry
about writes blocking, because blocking writes are handled in the
abstraction layer and retried later.
- `Lost connection while sending' is a thing of the past.
- <winsock.h> is no longer needed in most modules, because
"putty.h" doesn't have to declare `SOCKET' variables any more,
only the abstracted `Socket' type.
- select()-equivalent between multiple sockets will now be handled
sensibly, which opens the way for things like SSH port
forwarding.
Simon Tatham [Mon, 23 Oct 2000 10:32:37 +0000 (10:32 +0000)]
Created a shiny new abstraction for the socket handling. Has many
advantages:
- protocol modules can call sk_write() without having to worry
about writes blocking, because blocking writes are handled in the
abstraction layer and retried later.
- `Lost connection while sending' is a thing of the past.
- <winsock.h> is no longer needed in most modules, because
"putty.h" doesn't have to declare `SOCKET' variables any more,
only the abstracted `Socket' type.
- select()-equivalent between multiple sockets will now be handled
sensibly, which opens the way for things like SSH port
forwarding.
Simon Tatham [Sat, 21 Oct 2000 17:52:54 +0000 (17:52 +0000)]
Ooh. Actually, that vulnerability is further-reaching than I
thought. As well as the ".." attack in recursive copies, the name
sent by the client was also trusted in a single-file implicit-
destination copy such as "pscp host:foo .". (The result was ./foo,
where foo is what the server claimed the file was rather than what
the user asked for. I think it's not unreasonable that if the user
requests file `foo' from the host, he should get the result in a
file called `foo' no matter what the host thinks.)
Simon Tatham [Sat, 21 Oct 2000 17:36:44 +0000 (17:36 +0000)]
Fix a potential vulnerability in incoming `pscp -r'. The server
sends filenames of things in the directory being copied. A malicious
server could have sent, for example, "..\..\windows\system\foo.dll"
and overwritten something crucial. The filenames are now vetted to
ensure they don't contain slashes or backslashes.
Simon Tatham [Sat, 21 Oct 2000 16:30:58 +0000 (16:30 +0000)]
Three new configurable options:
- Robert de Bath's Compose key is now off by default and configurable on
- The ages-old controversy over whether ALT by itself should bring the
System menu up is now controllable by a config option
- You can now independently configure whether scrollback resets on a
keypress _and_ whether it resets on screen activity.
Simon Tatham [Fri, 20 Oct 2000 15:20:53 +0000 (15:20 +0000)]
Put back the code that ensures "Default Settings" is always in the
session list even if it isn't in the Registry. This got deleted
overenthusiastically because I didn't have a comment explaining what
it was doing there. Now there's a comment, so I probably won't
remove it again.
Simon Tatham [Fri, 20 Oct 2000 13:51:46 +0000 (13:51 +0000)]
Introduce a sane interface function, from_backend(), for backends to
use when they have data from the network. Replaces the utterly daft
inbuf / inbuf_head / term_out() interface, which only made sense
when feeding to terminal.c. (terminal.c now implements
from_backend() as a small function that gateways to the old
interface.)
As a side effect, from_backend() also has an `is_stderr' parameter,
so scp can once again separate the server's pronouncements on stderr
from the actual protocol progress on stdout.
Simon Tatham [Thu, 19 Oct 2000 15:43:08 +0000 (15:43 +0000)]
PuTTYgen initial version. Still to do are basic user-friendliness
features (prompt for passphrase twice, prompt before overwriting a
file, check the key file was actually saved OK), testing of the
generated keys to make sure I got the file format right, and support
for a variable key size. I think what's already here is basically
sound though.
Simon Tatham [Wed, 18 Oct 2000 15:36:32 +0000 (15:36 +0000)]
Miscellaneous cleanups and reorgs in preparation for building
PuTTYgen. In particular, moved self-managing controls stuff out of
windlg.c into the new and reusable winctrls.c.
Simon Tatham [Tue, 10 Oct 2000 12:43:24 +0000 (12:43 +0000)]
ISO8859-2 to CP852 output translation wants to have Win1250 to ISO8859-2
input translation as its counterpart, not CP852 to ISO8859-2. Because the
reason you want this translation is if your _font_ is coded CP852 - in which
case your keymap will not follow suit but will still be in Win1250.
Simon Tatham [Tue, 10 Oct 2000 09:03:20 +0000 (09:03 +0000)]
Now when a saved session is loaded, its name appears in the
IDC_SESSEDIT box, so that clicking Save will save over it. Useful
for people who want to load, modify, and re-save. Special case: this
doesn't apply to Default Settings, because I think people will be
more likely to load DS, modify it, and save under a _different_
name, so it's good not to allow a single mouse click to screw them
up.
Simon Tatham [Mon, 9 Oct 2000 12:53:32 +0000 (12:53 +0000)]
Robert de Bath's big patch:
- cope with strange WinSock wrappers not supporting SIOCATMARK
- define yet more terminal compatibility modes
- support UK-ASCII (just like US-ASCII but # is a sterling sign)
- support connection keepalives at a configurable interval
Simon Tatham [Mon, 9 Oct 2000 09:10:09 +0000 (09:10 +0000)]
Add a compile option so that anyone who really wants to can build a
Win95-only (securityless) version of Pageant. This will refuse to
run at all under NT, so as to avoid the risk of people accidentally
running an insecure binary on a security-requiring system.
Simon Tatham [Fri, 6 Oct 2000 16:01:09 +0000 (16:01 +0000)]
Stop throwing out the Connection panel during midsession reconfig.
Instead, only throw out the useless parts of it. See, the new auto-
layout features bear fruit immediately!
Simon Tatham [Fri, 6 Oct 2000 13:21:36 +0000 (13:21 +0000)]
Create settings.c and move the load/save session code out of
windlg.c into it. Allows plink and pscp to no longer link with
windlg.c, meaning they lose some of the sillier stub functions and
also can provide a console-based form of verify_ssh_host_key().
Simon Tatham [Thu, 5 Oct 2000 17:19:04 +0000 (17:19 +0000)]
Revamp the auto-layout of PuTTY configuration box controls. They are
now auto-laid-out at runtime instead of compile time. Byebye
win_res.inp and mkres.c; byebye most of win_res.rc; hello a whole
new load of control-creation functions in windlg.c. Also, now that
we're creating the tab control at runtime, we can check to see if it
succeeded and use an alternative if so. This _should_ enable the
config box to work on Win32s, although at the time of checkin that's
untested.
Simon Tatham [Thu, 5 Oct 2000 12:15:22 +0000 (12:15 +0000)]
We now honour the PLINK_PROTOCOL environment variable if it's set.
Also we are able to notice when a backend is instantly sendok(),
rather than waiting until after the first successful socket read.
(This was zogging raw connections. They're still slightly zogged but
not as badly as they were.)
Simon Tatham [Mon, 2 Oct 2000 11:47:30 +0000 (11:47 +0000)]
Deletion case 2c can shift the root; case 3b is not the only case that
can do that. The bad case happens when you have a root node containing
only one actual element, and its two child nodes have only one element
each, and you try to delete the element in the root.