#include "network.h"
#include "misc.h"
+/*
+ * Fingerprints of the PGP master keys that can be used to establish a trust
+ * path between an executable and other files.
+ */
+#define PGP_RSA_MASTER_KEY_FP \
+ "8F 15 97 DA 25 30 AB 0D 88 D1 92 54 11 CF 0C 4C"
+#define PGP_DSA_MASTER_KEY_FP \
+ "313C 3E76 4B74 C2C5 F2AE 83A8 4F5E 6DF5 6A93 B34E"
+
/* Three attribute types:
* The ATTRs (normal attributes) are stored with the characters in
* the main display arrays
*
* The LATTRs (line attributes) are an entirely disjoint space of
* flags.
+ *
+ * The DATTRs (display attributes) are internal to terminal.c (but
+ * defined here because their values have to match the others
+ * here); they reuse the TATTR_* space but are always masked off
+ * before sending to the front end.
*
* ATTR_INVALID is an illegal colour combination.
*/
#define TATTR_RIGHTCURS 0x10000000UL /* cursor-on-RHS */
#define TATTR_COMBINING 0x80000000UL /* combining characters */
+#define DATTR_STARTRUN 0x80000000UL /* start of redraw run */
+
+#define TDATTR_MASK 0xF0000000UL
+#define TATTR_MASK (TDATTR_MASK)
+#define DATTR_MASK (TDATTR_MASK)
+
#define LATTR_NORM 0x00000000UL
#define LATTR_WIDE 0x00000001UL
#define LATTR_TOP 0x00000002UL
#define LATTR_WRAPPED 0x00000010UL
#define LATTR_WRAPPED2 0x00000020UL
-#define ATTR_INVALID 0x03FFU
+#define ATTR_INVALID 0x03FFFFU
/* Like Linux use the F000 page for direct to font. */
#define CSET_OEMCP 0x0000F000UL /* OEM Codepage DTF */
enum {
/*
- * SSH ciphers (both SSH1 and SSH2)
+ * SSH-2 key exchange algorithms
+ */
+ KEX_WARN,
+ KEX_DHGROUP1,
+ KEX_DHGROUP14,
+ KEX_DHGEX,
+ KEX_MAX
+};
+
+enum {
+ /*
+ * SSH ciphers (both SSH-1 and SSH-2)
*/
CIPHER_WARN, /* pseudo 'cipher' */
CIPHER_3DES,
CIPHER_BLOWFISH,
- CIPHER_AES, /* (SSH 2 only) */
+ CIPHER_AES, /* (SSH-2 only) */
CIPHER_DES,
+ CIPHER_ARCFOUR,
CIPHER_MAX /* no. ciphers (inc warn) */
};
FUNKY_SCO
};
+extern const char *const ttymodes[];
+
+enum {
+ /*
+ * Network address types. Used for specifying choice of IPv4/v6
+ * in config; also used in proxy.c to indicate whether a given
+ * host name has already been resolved or will be resolved at
+ * the proxy end.
+ */
+ ADDRTYPE_UNSPEC, ADDRTYPE_IPV4, ADDRTYPE_IPV6, ADDRTYPE_NAME
+};
+
struct backend_tag {
const char *(*init) (void *frontend_handle, void **backend_handle,
Config *cfg,
* buffer is clearing.
*/
void (*unthrottle) (void *handle, int);
+ int (*cfg_info) (void *handle);
int default_port;
};
char host[512];
int port;
int protocol;
+ int addressfamily;
int close_on_exit;
int warn_on_close;
int ping_interval; /* in seconds */
* but never for loading/saving */
int nopty;
int compression;
+ int ssh_kexlist[KEX_MAX];
+ int ssh_rekey_time; /* in minutes */
+ char ssh_rekey_data[16];
int agentfwd;
- int change_username; /* allow username switching in SSH2 */
+ int change_username; /* allow username switching in SSH-2 */
int ssh_cipherlist[CIPHER_MAX];
Filename keyfile;
int sshprot; /* use v1 or v2 when both available */
- int ssh2_des_cbc; /* "des-cbc" nonstandard SSH2 cipher */
+ int ssh2_des_cbc; /* "des-cbc" unrecommended SSH-2 cipher */
+ int ssh_no_userauth; /* bypass "ssh-userauth" (SSH-2 only) */
int try_tis_auth;
int try_ki_auth;
int ssh_subsys; /* run a subsystem rather than a command */
/* Telnet options */
char termtype[32];
char termspeed[32];
+ char ttymodes[768]; /* MODE\tVvalue\0MODE\tA\0\0 */
char environmt[1024]; /* VAR\tvalue\0VAR\tvalue\0\0 */
char username[100];
char localusername[100];
/* translations */
int vtmode;
char line_codepage[128];
+ int cjk_ambig_wide;
int utf8_override;
int xlat_capslockcyr;
/* X11 forwarding */
int x11_auth;
/* port forwarding */
int lport_acceptall; /* accept conns from hosts other than localhost */
- int rport_acceptall; /* same for remote forwarded ports (SSH2 only) */
+ int rport_acceptall; /* same for remote forwarded ports (SSH-2 only) */
/*
* The port forwarding string contains a number of
* NUL-terminated substrings, terminated in turn by an empty
/* SSH bug compatibility modes */
int sshbug_ignore1, sshbug_plainpw1, sshbug_rsa1,
sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2,
- sshbug_dhgex2, sshbug_pksessid2;
+ sshbug_pksessid2, sshbug_rekey2;
/* Options for pterm. Should split out into platform-dependent part. */
int stamp_utmp;
int login_shell;
struct RSAKey; /* be a little careful of scope */
/*
- * Exports from window.c.
+ * Exports from the front end.
*/
void request_resize(void *frontend, int, int);
void do_text(Context, int, int, wchar_t *, int, unsigned long, int);
void update_specials_menu(void *frontend);
int from_backend(void *frontend, int is_stderr, const char *data, int len);
void notify_remote_exit(void *frontend);
+/* Get a sensible value for a tty mode. NULL return = don't set.
+ * Otherwise, returned value should be freed by caller. */
+char *get_ttymode(void *frontend, const char *mode);
#define OPTIMISE_IS_SCROLL 1
void set_iconic(void *frontend, int iconic);
void get_window_pos(void *frontend, int *x, int *y);
void get_window_pixels(void *frontend, int *x, int *y);
char *get_window_title(void *frontend, int icon);
+/* Hint from backend to frontend about time-consuming operations.
+ * Initial state is assumed to be BUSY_NOT. */
+enum {
+ BUSY_NOT, /* Not busy, all user interaction OK */
+ BUSY_WAITING, /* Waiting for something; local event loops still running
+ so some local interaction (e.g. menus) OK, but network
+ stuff is suspended */
+ BUSY_CPU /* Locally busy (e.g. crypto); user interaction suspended */
+};
+void set_busy_status(void *frontend, int status);
void cleanup_exit(int);
void *resize_ctx);
void term_provide_logctx(Terminal *term, void *logctx);
void term_set_focus(Terminal *term, int has_focus);
+char *term_get_ttymode(Terminal *term, const char *mode);
/*
* Exports from logging.c.
/*
* Exports from wcwidth.c
*/
-int wcwidth(wchar_t ucs);
-int wcswidth(const wchar_t *pwcs, size_t n);
+int mk_wcwidth(wchar_t ucs);
+int mk_wcswidth(const wchar_t *pwcs, size_t n);
+int mk_wcwidth_cjk(wchar_t ucs);
+int mk_wcswidth_cjk(const wchar_t *pwcs, size_t n);
/*
* Exports from mscrypto.c
int wc_unescape(char *output, const char *wildcard);
/*
- * Exports from windlg.c
+ * Exports from frontend (windlg.c etc)
*/
void logevent(void *frontend, const char *);
-void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
- char *keystr, char *fingerprint);
-void askcipher(void *frontend, char *ciphername, int cs);
-int askappend(void *frontend, Filename filename);
+void pgp_fingerprints(void);
+/*
+ * verify_ssh_host_key() can return one of three values:
+ *
+ * - +1 means `key was OK' (either already known or the user just
+ * approved it) `so continue with the connection'
+ *
+ * - 0 means `key was not OK, abandon the connection'
+ *
+ * - -1 means `I've initiated enquiries, please wait to be called
+ * back via the provided function with a result that's either 0
+ * or +1'.
+ */
+int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
+ char *keystr, char *fingerprint,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askalg has the same set of return values as verify_ssh_host_key.
+ */
+int askalg(void *frontend, const char *algtype, const char *algname,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askappend can return four values:
+ *
+ * - 2 means overwrite the log file
+ * - 1 means append to the log file
+ * - 0 means cancel logging for this session
+ * - -1 means please wait.
+ */
+int askappend(void *frontend, Filename filename,
+ void (*callback)(void *ctx, int result), void *ctx);
/*
* Exports from console.c (that aren't equivalents to things in
* Exports from config.c.
*/
struct controlbox;
-void setup_config_box(struct controlbox *b, struct sesslist *sesslist,
- int midsession, int protocol);
+void setup_config_box(struct controlbox *b, int midsession,
+ int protocol, int protcfginfo);
/*
* Exports from minibidi.c.
* notifies the front end that a new timer has been added to the
* list which is sooner than any existing ones. It provides the
* time when that timer needs to go off.
+ *
+ * *** FRONT END IMPLEMENTORS NOTE:
+ *
+ * There's an important subtlety in the front-end implementation of
+ * the timer interface. When a front end is given a `next' value,
+ * either returned from run_timers() or via timer_change_notify(),
+ * it should ensure that it really passes _that value_ as the `now'
+ * parameter to its next run_timers call. It should _not_ simply
+ * call GETTICKCOUNT() to get the `now' parameter when invoking
+ * run_timers().
+ *
+ * The reason for this is that an OS's system clock might not agree
+ * exactly with the timing mechanisms it supplies to wait for a
+ * given interval. I'll illustrate this by the simple example of
+ * Unix Plink, which uses timeouts to select() in a way which for
+ * these purposes can simply be considered to be a wait() function.
+ * Suppose, for the sake of argument, that this wait() function
+ * tends to return early by 1%. Then a possible sequence of actions
+ * is:
+ *
+ * - run_timers() tells the front end that the next timer firing
+ * is 10000ms from now.
+ * - Front end calls wait(10000ms), but according to
+ * GETTICKCOUNT() it has only waited for 9900ms.
+ * - Front end calls run_timers() again, passing time T-100ms as
+ * `now'.
+ * - run_timers() does nothing, and says the next timer firing is
+ * still 100ms from now.
+ * - Front end calls wait(100ms), which only waits for 99ms.
+ * - Front end calls run_timers() yet again, passing time T-1ms.
+ * - run_timers() says there's still 1ms to wait.
+ * - Front end calls wait(1ms).
+ *
+ * If you're _lucky_ at this point, wait(1ms) will actually wait
+ * for 1ms and you'll only have woken the program up three times.
+ * If you're unlucky, wait(1ms) might do nothing at all due to
+ * being below some minimum threshold, and you might find your
+ * program spends the whole of the last millisecond tight-looping
+ * between wait() and run_timers().
+ *
+ * Instead, what you should do is to _save_ the precise `next'
+ * value provided by run_timers() or via timer_change_notify(), and
+ * use that precise value as the input to the next run_timers()
+ * call. So:
+ *
+ * - run_timers() tells the front end that the next timer firing
+ * is at time T, 10000ms from now.
+ * - Front end calls wait(10000ms).
+ * - Front end then immediately calls run_timers() and passes it
+ * time T, without stopping to check GETTICKCOUNT() at all.
+ *
+ * This guarantees that the program wakes up only as many times as
+ * there are actual timer actions to be taken, and that the timing
+ * mechanism will never send it into a tight loop.
+ *
+ * (It does also mean that the timer action in the above example
+ * will occur 100ms early, but this is not generally critical. And
+ * the hypothetical 1% error in wait() will be partially corrected
+ * for anyway when, _after_ run_timers() returns, you call
+ * GETTICKCOUNT() and compare the result with the returned `next'
+ * value to find out how long you have to make your next wait().)
*/
typedef void (*timer_fn_t)(void *ctx, long now);
long schedule_timer(int ticks, timer_fn_t fn, void *ctx);