Jacob Nevins [Thu, 23 Dec 2004 02:24:07 +0000 (02:24 +0000)]
Add a preference list for SSH-2 key exchange algorithms, on a new "Kex" panel
(which will gain more content anon).
Retire BUG_SSH2_DH_GEX and add a backwards-compatibility wart, since we never
did find a way of automatically detecting this alleged server bug, and in any
case there was only ever one report (<3D91F3B5.7030309@inwind.it>, FWIW).
Also generalise askcipher() to a new askalg() (thus touching all the
front-ends).
I've made some attempt to document what SSH key exchange is and why you care,
but it could use some review for clarity (and outright lies).
Simon Tatham [Wed, 22 Dec 2004 10:21:50 +0000 (10:21 +0000)]
In my revamp of cursor handling I had assumed that you were supposed
to call _either_ do_text() _or_ do_cursor() on a given character
cell. In fact you're supposed to call do_text() no matter what, and
then call do_cursor() as well if it's got the cursor on it, since
do_cursor() _only_ draws the actual cursor, which often doesn't also
cause the text to get drawn.
I'm half tempted to change this in the interface, retire do_cursor()
as an external function and relegate it to an internal function in
each front end, and require that do_text() must fully process all
cursor attributes it is passed. However, I haven't done this yet.
Simon Tatham [Mon, 20 Dec 2004 09:27:44 +0000 (09:27 +0000)]
The end condition in the binary search loop in the new getType() was
incorrect. I must have written that binary search idiom a hundred
times, so it's rather embarrassing that I can't _automatically_ get
it right! This was causing all kinds of characters to be classified
as ON when they should have been various other classes.
Also while I'm here, I've added another test case to utf8.txt (a
small piece of Arabic within a predominantly L->R line), and also
supplied a means to compile minibidi.c with -DTEST_GETTYPE to
produce a command-line character class lookup tool. (Not sure what
use that'll be _other_ than debugging this precise problem, but I
don't like to throw it away now I've written it :-)
Simon Tatham [Sat, 18 Dec 2004 10:00:27 +0000 (10:00 +0000)]
zip apparently gives a warning (`-l used on binary file') when you
use -l on a UTF-8 text file. Move potentially UTF-8 things (the new
testdata files) into a new category of source files, and suppress
zip's warning for that category.
Simon Tatham [Fri, 17 Dec 2004 14:25:53 +0000 (14:25 +0000)]
Jacob has pointed out why SIGCHLD was blocked, so I've updated the
comment when I unblock it in pty.c to reflect reality. Also I've
moved block_signal() out of pterm.c into signal.c, so I can
conveniently use it for unblocking SIGCHLD rather than having to
reinvent it in pty.c.
Simon Tatham [Fri, 17 Dec 2004 13:39:41 +0000 (13:39 +0000)]
The xfer mechanism wasn't gracefully terminating when an error was
encountered part way through transfer. In particular, this caused
psftp to hang (waiting for FXP_READ replies which had already
arrived) if you try `get' (without -r) on a remote directory.
Jacob Nevins [Fri, 17 Dec 2004 13:00:01 +0000 (13:00 +0000)]
Document recent SFTP changes:
- document behaviour of "-r" with mget/mput/reget/reput
- document "close" command
- document SFTP wildcard syntax for those who may not be familiar with Unix
wildcards
Simon Tatham [Fri, 17 Dec 2004 12:55:12 +0000 (12:55 +0000)]
I _think_ I've just fixed `font-overflow'. term->disptext now tracks
the start of every contiguous run passed to do_text() or
do_cursor(), and arranges never to overwrite only part of such a run
on the next update.
I'm a bit worried about this checkin because I've also completely
revamped cursor handling: the cursor was previously being drawn
_outside_ the main loop over the display line, and is now drawn as
part of that loop when it gets to the cursor location. It _seems_ to
still work sensibly, even in complex cases involving LATTR_WIDE and
double-width CJK characters etc, but I won't be entirely happy until
it's had some beta use.
Simon Tatham [Fri, 17 Dec 2004 11:37:16 +0000 (11:37 +0000)]
Divide the do_paint() loop into several subloops. The activity of
going through the line and working out which bits need to be redrawn
is now in a separate loop from the subsequent activity of actually
going through and doing the redraws. This _should_ enable me to
tinker with the which-bits-to-redraw data in between the two, thus
fixing `font-overflow'. However, I thought it would be sensible to
break the work up into two commits so we can track bugs in the
restructuring separately from bugs introduced by the new feature.
Simon Tatham [Fri, 17 Dec 2004 11:24:25 +0000 (11:24 +0000)]
I had apparently broken wrapping of double-width characters (again).
Also fixed the new UTF-8 test file so that it tests double-width
wrapping both with _and_ without LATTR_WRAPPED2.
Simon Tatham [Fri, 17 Dec 2004 09:43:09 +0000 (09:43 +0000)]
Apparently SIGCHLD is blocked by default in processes run in a
pterm, which was breaking my bash job notification patch. This is
apparently not the case for xterm, so I've fiddled with it. Not
entirely sure _why_ it did this in the first place, but there we go.
Simon Tatham [Thu, 16 Dec 2004 19:19:59 +0000 (19:19 +0000)]
Implement the `close' command, which terminates an SFTP session but
does not quit PSFTP, so you can then issue another `open' to connect
to somewhere else. This has apparently been trivial for some time,
for exactly the same reasons that `reuse-windows' was so easy, but
it hadn't occurred to me to actually do it until now.
Simon Tatham [Thu, 16 Dec 2004 19:15:38 +0000 (19:15 +0000)]
Jacob points out that I introduced a bug in PSFTP when I did the
timing shakeup: just running `psftp' caused the net/stdin select
loop (on both Unix and Windows) to get confused at the lack of any
network connection and give up immediately. Should now be fixed.
Jacob Nevins [Thu, 16 Dec 2004 15:22:36 +0000 (15:22 +0000)]
Abe Crabtree complains that flushing the log file as often as we do in 0.56
results in unacceptable performance for him on Win2000. Add a checkbox to
revert to the old behaviour.
Simon Tatham [Thu, 16 Dec 2004 15:01:43 +0000 (15:01 +0000)]
Rename scp.* to pscp.*, because I always misspell it that way. Also
it's more consistent with PSFTP like this: scp.c/pscp.c is more
similar to psftp.c (the main application framework) than it is to
sftp.c (a set of back-end library routines).
Simon Tatham [Fri, 10 Dec 2004 11:41:14 +0000 (11:41 +0000)]
Unix PSCP was tight-looping when connecting through a ProxyCommand.
Turned out that sk_localproxy_close() was closing the pipe fds
without removing them from the uxsel list.
Simon Tatham [Wed, 8 Dec 2004 19:41:14 +0000 (19:41 +0000)]
Replace the RLE-based getType() function with one that binary-
searches a list of (start,end,type) tuples. This increases data size
by about 5Kb, which is a shame; but on the plus side, it boosts
performance from O(N) to O(log N). As an added bonus, the table now
covers _all_ of Unicode, not just the BMP.
Simon Tatham [Wed, 8 Dec 2004 19:07:05 +0000 (19:07 +0000)]
Further clarity and speed cleanups of minibidi:
- rewrote the reversal loop in flipThisRun to be considerably clearer
- rewrote leastGreaterOdd and leastGreaterEven as bit-twiddling macros
- replaced malloc/free with snewn/sfree
- lost some gratuitous repeat calls of getType on the same character
And most noticeably:
- got rid of minibidi.h, since it was entirely full of minibidi.c
internals (including constant data definitions!) and wasn't used
to provide an external interface at all. Everything in it has
been folded into minibidi.c.
Jacob Nevins [Thu, 2 Dec 2004 13:37:28 +0000 (13:37 +0000)]
NULL a couple of members after freeing them in ssh_free(). In particular,
should stop ssh_do_close() accessing freed ssh->channels when invoked later
from ssh_free(). Spotted by Fred Sauer.
(Perhaps this is the cause of the crashes people have been reporting on
abnormal closures such as `Software caused connection abort'? I've not been
able to test this.)
Simon Tatham [Wed, 1 Dec 2004 15:34:12 +0000 (15:34 +0000)]
Bah. Ben points out that SSH_1_ version strings should still end in
\n, and also that `\r' and `\n' don't mean what I think they mean on
all compilers (Mac reverses them).
Simon Tatham [Wed, 1 Dec 2004 09:25:20 +0000 (09:25 +0000)]
term_bidi_cache_store() now has a need to distinguish between the
_width_ of a terminal line (number of character cell positions) and
its _size_ (number of termchars), since of course these differ in
the presence of combining characters.
Simon Tatham [Sun, 28 Nov 2004 09:24:57 +0000 (09:24 +0000)]
Cursor position, selection highlights and mouse clicks are now all
transformed back and forth according to the character position
permutation output from the bidi algorithm. I was expecting that to
be a lot harder.
Simon Tatham [Sat, 27 Nov 2004 19:56:38 +0000 (19:56 +0000)]
Loose end from timing shakeup: sshrand.c is now a client of
timing.c, and hence takes its own responsibility for calling
noise_regular() at regular intervals. Again, this means it will be
called consistently in _all_ the SSH-speaking tools, not just those
in which I remembered to call it!
Simon Tatham [Sat, 27 Nov 2004 19:34:45 +0000 (19:34 +0000)]
Slight improvement to cursor blink timing: since the cursor doesn't
blink when the window doesn't have focus, we don't schedule blink
timers at that point either.
Infrastructure change: term->has_focus should now not be written
directly from outside terminal.c. Instead, use the function
term_set_focus, which will sort out the blink timers as well.
Simon Tatham [Sat, 27 Nov 2004 15:32:45 +0000 (15:32 +0000)]
Almost _all_ of the final connection-layer loop, in both SSH1 and
SSH2, is now handled by the packet dispatch table. Dispatch table
entries are enabled as soon as possible, so that if anyone tries to
(for example) start using a forwarded port before the main shell
session setup has finished, things should work sensibly.
The SSH code is now a hybrid of coroutine-based sequential logic and
table-driven event dispatch, each where it makes the most sense. I'm
rather pleased with it.
Simon Tatham [Sat, 27 Nov 2004 14:29:20 +0000 (14:29 +0000)]
Implement client-initiated rekeys after an hour, or after 1Gb of
data transfer in either direction (whichever comes first), or at
explicit client request (nice idea Jacob). Have tested by lowering
the limits, and it all seems solid enough; in particular, this has
also allowed me to test the behaviour when connection-level data is
received during rekey, and that looks fine too (at least it does
_now_ :-).
Simon Tatham [Sat, 27 Nov 2004 13:20:21 +0000 (13:20 +0000)]
New timing infrastructure. There's a new function schedule_timer()
which pretty much any module can call to request a call-back in the
future. So terminal.c can do its own handling of blinking, visual
bells and deferred screen updates, without having to rely on
term_update() being called 50 times a second (fixes: pterm-timer);
and ssh.c and telnet.c both invoke a new module pinger.c which takes
care of sending keepalives, so they get sent uniformly in all front
ends (fixes: plink-keepalives, unix-keepalives).
Simon Tatham [Wed, 24 Nov 2004 20:35:15 +0000 (20:35 +0000)]
Re-architected the top level of the SSH protocol handlers.
ssh1_protocol() and ssh2_protocol() are now high-level functions
which see _every_ SSH packet and decide which lower-level function
to pass it to. Also, they each support a dispatch table of simple
handler functions for message types which can arrive at any time.
Results are:
- ignore, debug and disconnect messages are now handled by the
dispatch table rather than being warts in the rdpkt functions
- SSH2_MSG_WINDOW_ADJUST is handled by the dispatch table, which
means that do_ssh2_authconn doesn't have to explicitly
special-case it absolutely every time it waits for a response to
its latest channel request
- the top-level SSH2 protocol function chooses whether messages get
funnelled to the transport layer or the auth/conn layer based on
the message number ranges defined in the SSH architecture draft -
so things that should go to auth/conn go there even in the middle
of a rekey (although a special case is that nothing goes to
auth/conn until initial kex has finished). This should fix the
other half of ssh2-kex-data.
Simon Tatham [Wed, 24 Nov 2004 19:23:02 +0000 (19:23 +0000)]
Now that Packet structures are dynamically allocated, it means we
can keep several of them in parallel. In particular, this allows us
to queue outgoing packets during repeat key exchange, to be actually
sent after the rekey completes.
(This doesn't fully fix ssh2-kex-data; also required is the ability
to handle _incoming_ connection-layer packets during rekey without
exploding.)
Simon Tatham [Wed, 24 Nov 2004 18:45:52 +0000 (18:45 +0000)]
Minor refactoring: the fields `pktin' and `pktout' in the Ssh
structure have been retired. Now all Packet structures are
dynamically allocated. Each rdpkt function allocates one, and it's
freed after being used; and the packet construction functions
allocate them too, and they're freed by the send functions.
`pktin' and `pktout' were ugly. They were _morally_ still global
variables; even though they were replicated per SSH session to
comply with the Mac no-globals requirement, they weren't really in
the _spirit_ of `dynamically allocate your data'.
As a side effect of this change, the `pktout_blanks' and
`pktout_nblanks' fields in the Ssh structure have been moved into
the Packet structure.
Simon Tatham [Wed, 24 Nov 2004 11:36:08 +0000 (11:36 +0000)]
RJK's OS X portability patch:
- initialise blank mbstate_t using memset rather than an ad-hoc
initialiser.
- expand the OMIT_UTMP ifdefs to enclose a load of entire functions
that would generate `static function never called' warnings if
left as empty shells.
- couple of other fiddly things.
Simon Tatham [Wed, 24 Nov 2004 11:35:27 +0000 (11:35 +0000)]
It's probably about time I took my private path to the Halibut
binary out of the PuTTY docs Makefile. Instead, I expect to find
Halibut as simply `halibut' on the PATH, and anyone who doesn't have
it there can always do `make HALIBUT=/path/to/halibut'.
Jacob Nevins [Sat, 20 Nov 2004 18:29:58 +0000 (18:29 +0000)]
UI tweak from Malcolm Rowe: set IDM_VIEWKEYS as the default menu item and use
that mechanism to invoke it on double-click; this emboldens it in the right-
click menu.
Jacob Nevins [Sat, 20 Nov 2004 17:47:40 +0000 (17:47 +0000)]
XXX comment in the logic which sends failed password auth back to username
prompt for keyboard-interactive. I suspect we should do the same with that
method (especially given the apparent number of systems that use it for
regular password auth), but in the absence of systems to test against I've
not actually made the change. (I'm worried that the `partial success' field
might not be set correctly in a multi-stage authentication, for instance.)
Jacob Nevins [Sat, 20 Nov 2004 17:11:38 +0000 (17:11 +0000)]
As a result of the policy allowing changes of username to reset the
authentication state, a failed `password' authentication in SSH-2 was
sending us back to trying `none' and `keyboard-interactive' each time
round, which uses up OpenSSH's quota of authentication attempts rather
quickly. Added a check for `cfg.change_username' to the logic which
sends us back to the start.
Jacob Nevins [Fri, 19 Nov 2004 21:05:31 +0000 (21:05 +0000)]
console_get_line() returns failure iff console_batch_mode is set, whereas
before is would return success and the empty string. IMO this makes `-batch'
much more useful; before, utilities such as Plink in `-batch' mode would
attempt to plough on using empty strings for usernames, passwords, and so on.
Jacob Nevins [Fri, 19 Nov 2004 20:57:32 +0000 (20:57 +0000)]
Remove FLAG_INTERACTIVE test from "login as:" prompt. Kelly John Carney
pointed out that Plink would attempt to use a zero-length username iff
a remote command was specified (because the FLAG_INTERACTIVE test was
erroneously combined with the no-username test).
I don't think this will break non-interactive use; in the cases which
behave differently, Plink would be attempting to use the empty
username, which was almost certainly wrong, whereas now it will give a
prompt (which can be avoided with -batch as usual).
(Although perhaps we should attempt to use a local username as a guess for
the remote username, as PSCP does? I've not done this.)
Jacob Nevins [Thu, 18 Nov 2004 19:41:41 +0000 (19:41 +0000)]
"Software caused connection abort": a couple of people now have got rid of
this with keepalives. Also try to emphasise that this seems to be a generic
catch-all type of error.
Jacob Nevins [Thu, 18 Nov 2004 17:13:45 +0000 (17:13 +0000)]
*sigh* X11 forwarding to a local display (":0" or similar) specified in the
environment rather than the configuraton was failing as of 0.56 (introduced
in r4604). This probably only bit users of Unix PuTTY. Didn't spot in testing
as I was forwarding to already-forwarded displays. I really wasn't having a
good month that month, was I?
Simon Tatham [Thu, 18 Nov 2004 15:16:18 +0000 (15:16 +0000)]
Add an extra appendix to the manual containing PuTTY's (hitherto)
unwritten design principles, so would-be contributors won't have to
either read our minds or pay _very_ close attention to the code.
Simon Tatham [Thu, 18 Nov 2004 11:30:39 +0000 (11:30 +0000)]
Move MODULE files out of individual project directories into a
MODULES top-level directory, which is where the Tartarus website
scripts will (hopefully) start reading them from.
Simon Tatham [Wed, 17 Nov 2004 18:27:04 +0000 (18:27 +0000)]
mkunxarc.sh was still including (mostly empty) .svn directories, and
that in turn was confusing the new doc/Makefile mechanism. Fixed the
former, and also put an additional safeguard in the latter in a
belt-and-braces sort of fashion.
Simon Tatham [Wed, 17 Nov 2004 18:16:59 +0000 (18:16 +0000)]
Now we use Subversion, it seems excessive to have an individual $Id$
line for every single .but file at the bottom of each page of the
HTML PuTTY docs. However, we can't _always_ replace that with a
single SVN revision, because there isn't always one available (SVN
still allows mixed working copies in which some files are
deliberately checked out against a different revision).
Hence, here's a mechanism for doing better. It uses `svnversion .'
to determine _whether_ a single revision number adequately describes
the current directory, and replaces all the version IDs with that if
so. If it can't do that, it uses the version IDs as before.
Also, this allows an explicit version string to be passed on the
make command line which will override _both_ these possibilities, so
that release documentation can be clearly labelled with the release
version number.
Simon Tatham [Tue, 16 Nov 2004 23:26:22 +0000 (23:26 +0000)]
Fix Windows installer script: the paths were wrong after the
directory reorganisation, and also the EOL style needs to be CRLF or
Inno Setup gets upset.
Simon Tatham [Tue, 16 Nov 2004 22:14:56 +0000 (22:14 +0000)]
Now that we have Subversion's file renaming ability, it's time at
long last to move all the Windows-specific source files down into a
`windows' subdirectory. Only platform-specific files remain at the
top level. With any luck this will act as a hint to anyone still
contemplating sending us a Windows-centric patch...
Simon Tatham [Tue, 16 Nov 2004 15:27:00 +0000 (15:27 +0000)]
CVS revision numbers, stored as `cvs2svn:cvs-rev' properties, are a
useful piece of history in this repository but we don't want to
preserve their latest values on future commits. Accordingly, I'm
deleting them from all active development (though not from past
release branches).
Jacob Nevins [Mon, 15 Nov 2004 15:57:28 +0000 (15:57 +0000)]
Mention that comp.terminals may also be a useful newsgroup.
I've done this by centralising information about newsgroups in feedback.but
and linking to that from elsewhere; I've also put in a link to Google Groups.
Simon Tatham [Mon, 15 Nov 2004 11:10:36 +0000 (11:10 +0000)]
Miloslav Cempirek Ing points out that we should return from
sessionsaver_handler after processing a one-click saved session
launch, to protect against accidentally calling dlg_end twice on the
same dialog.