X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/39934deb5202149f98198c111a35c21cb4d0d0f8..6226c9390d23d6868edde63b9568891cd88631cc:/putty.h diff --git a/putty.h b/putty.h index d4deb62b..8277bbc2 100644 --- a/putty.h +++ b/putty.h @@ -27,6 +27,15 @@ typedef struct terminal_tag Terminal; #include "network.h" #include "misc.h" +/* + * Fingerprints of the PGP master keys that can be used to establish a trust + * path between an executable and other files. + */ +#define PGP_RSA_MASTER_KEY_FP \ + "8F 15 97 DA 25 30 AB 0D 88 D1 92 54 11 CF 0C 4C" +#define PGP_DSA_MASTER_KEY_FP \ + "313C 3E76 4B74 C2C5 F2AE 83A8 4F5E 6DF5 6A93 B34E" + /* Three attribute types: * The ATTRs (normal attributes) are stored with the characters in * the main display arrays @@ -36,6 +45,11 @@ typedef struct terminal_tag Terminal; * * The LATTRs (line attributes) are an entirely disjoint space of * flags. + * + * The DATTRs (display attributes) are internal to terminal.c (but + * defined here because their values have to match the others + * here); they reuse the TATTR_* space but are always masked off + * before sending to the front end. * * ATTR_INVALID is an illegal colour combination. */ @@ -45,15 +59,23 @@ typedef struct terminal_tag Terminal; #define TATTR_RIGHTCURS 0x10000000UL /* cursor-on-RHS */ #define TATTR_COMBINING 0x80000000UL /* combining characters */ +#define DATTR_STARTRUN 0x80000000UL /* start of redraw run */ + +#define TDATTR_MASK 0xF0000000UL +#define TATTR_MASK (TDATTR_MASK) +#define DATTR_MASK (TDATTR_MASK) + #define LATTR_NORM 0x00000000UL #define LATTR_WIDE 0x00000001UL #define LATTR_TOP 0x00000002UL #define LATTR_BOT 0x00000003UL #define LATTR_MODE 0x00000003UL -#define LATTR_WRAPPED 0x00000010UL -#define LATTR_WRAPPED2 0x00000020UL +#define LATTR_WRAPPED 0x00000010UL /* this line wraps to next */ +#define LATTR_WRAPPED2 0x00000020UL /* with WRAPPED: CJK wide character + wrapped to next line, so last + single-width cell is empty */ -#define ATTR_INVALID 0x03FFU +#define ATTR_INVALID 0x03FFFFU /* Like Linux use the F000 page for direct to font. */ #define CSET_OEMCP 0x0000F000UL /* OEM Codepage DTF */ @@ -80,24 +102,40 @@ typedef struct terminal_tag Terminal; */ #define UCSWIDE 0xDFFF -#define ATTR_NARROW 0x8000U -#define ATTR_WIDE 0x4000U -#define ATTR_BOLD 0x0400U -#define ATTR_UNDER 0x0800U -#define ATTR_REVERSE 0x1000U -#define ATTR_BLINK 0x2000U -#define ATTR_FGMASK 0x001FU -#define ATTR_BGMASK 0x03E0U -#define ATTR_COLOURS 0x03FFU +#define ATTR_NARROW 0x800000U +#define ATTR_WIDE 0x400000U +#define ATTR_BOLD 0x040000U +#define ATTR_UNDER 0x080000U +#define ATTR_REVERSE 0x100000U +#define ATTR_BLINK 0x200000U +#define ATTR_FGMASK 0x0001FFU +#define ATTR_BGMASK 0x03FE00U +#define ATTR_COLOURS 0x03FFFFU #define ATTR_FGSHIFT 0 -#define ATTR_BGSHIFT 5 +#define ATTR_BGSHIFT 9 -#define ATTR_DEFAULT 0x0128U /* bg 9, fg 8 */ -#define ATTR_DEFFG 0x0008U -#define ATTR_DEFBG 0x0120U +/* + * The definitive list of colour numbers stored in terminal + * attribute words is kept here. It is: + * + * - 0-7 are ANSI colours (KRGYBMCW). + * - 8-15 are the bold versions of those colours. + * - 16-255 are the remains of the xterm 256-colour mode (a + * 216-colour cube with R at most significant and B at least, + * followed by a uniform series of grey shades running between + * black and white but not including either on grounds of + * redundancy). + * - 256 is default foreground + * - 257 is default bold foreground + * - 258 is default background + * - 259 is default bold background + * - 260 is cursor foreground + * - 261 is cursor background + */ -#define ATTR_CUR_AND (~(ATTR_BOLD|ATTR_REVERSE|ATTR_BLINK|ATTR_COLOURS)) -#define ATTR_CUR_XOR 0x016AU +#define ATTR_DEFFG (256 << ATTR_FGSHIFT) +#define ATTR_DEFBG (258 << ATTR_BGSHIFT) +#define ATTR_DEFAULT (ATTR_DEFFG | ATTR_DEFBG) struct sesslist { int nsessions; @@ -132,6 +170,8 @@ typedef enum { TS_AYT, TS_BRK, TS_SYNCH, TS_EC, TS_EL, TS_GA, TS_NOP, TS_ABORT, TS_AO, TS_IP, TS_SUSP, TS_EOR, TS_EOF, TS_LECHO, TS_RECHO, TS_PING, TS_EOL, + /* Special command for SSH. */ + TS_REKEY, /* POSIX-style signals. (not Telnet) */ TS_SIGABRT, TS_SIGALRM, TS_SIGFPE, TS_SIGHUP, TS_SIGILL, TS_SIGINT, TS_SIGKILL, TS_SIGPIPE, TS_SIGQUIT, TS_SIGSEGV, @@ -205,13 +245,25 @@ enum { enum { /* - * SSH ciphers (both SSH1 and SSH2) + * SSH-2 key exchange algorithms + */ + KEX_WARN, + KEX_DHGROUP1, + KEX_DHGROUP14, + KEX_DHGEX, + KEX_MAX +}; + +enum { + /* + * SSH ciphers (both SSH-1 and SSH-2) */ CIPHER_WARN, /* pseudo 'cipher' */ CIPHER_3DES, CIPHER_BLOWFISH, - CIPHER_AES, /* (SSH 2 only) */ + CIPHER_AES, /* (SSH-2 only) */ CIPHER_DES, + CIPHER_ARCFOUR, CIPHER_MAX /* no. ciphers (inc warn) */ }; @@ -274,6 +326,22 @@ enum { FUNKY_SCO }; +enum { + FQ_DEFAULT, FQ_ANTIALIASED, FQ_NONANTIALIASED, FQ_CLEARTYPE +}; + +extern const char *const ttymodes[]; + +enum { + /* + * Network address types. Used for specifying choice of IPv4/v6 + * in config; also used in proxy.c to indicate whether a given + * host name has already been resolved or will be resolved at + * the proxy end. + */ + ADDRTYPE_UNSPEC, ADDRTYPE_IPV4, ADDRTYPE_IPV6, ADDRTYPE_NAME +}; + struct backend_tag { const char *(*init) (void *frontend_handle, void **backend_handle, Config *cfg, @@ -289,8 +357,10 @@ struct backend_tag { void (*size) (void *handle, int width, int height); void (*special) (void *handle, Telnet_Special code); const struct telnet_special *(*get_specials) (void *handle); - Socket(*socket) (void *handle); + int (*connected) (void *handle); int (*exitcode) (void *handle); + /* If back->sendok() returns FALSE, data sent to it from the frontend + * may be lost. */ int (*sendok) (void *handle); int (*ldisc) (void *handle, int); void (*provide_ldisc) (void *handle, void *ldisc); @@ -300,6 +370,7 @@ struct backend_tag { * buffer is clearing. */ void (*unthrottle) (void *handle, int); + int (*cfg_info) (void *handle); int default_port; }; @@ -334,6 +405,7 @@ struct config_tag { char host[512]; int port; int protocol; + int addressfamily; int close_on_exit; int warn_on_close; int ping_interval; /* in seconds */ @@ -359,12 +431,17 @@ struct config_tag { * but never for loading/saving */ int nopty; int compression; + int ssh_kexlist[KEX_MAX]; + int ssh_rekey_time; /* in minutes */ + char ssh_rekey_data[16]; + int tryagent; int agentfwd; - int change_username; /* allow username switching in SSH2 */ + int change_username; /* allow username switching in SSH-2 */ int ssh_cipherlist[CIPHER_MAX]; Filename keyfile; int sshprot; /* use v1 or v2 when both available */ - int ssh2_des_cbc; /* "des-cbc" nonstandard SSH2 cipher */ + int ssh2_des_cbc; /* "des-cbc" unrecommended SSH-2 cipher */ + int ssh_no_userauth; /* bypass "ssh-userauth" (SSH-2 only) */ int try_tis_auth; int try_ki_auth; int ssh_subsys; /* run a subsystem rather than a command */ @@ -373,6 +450,7 @@ struct config_tag { /* Telnet options */ char termtype[32]; char termspeed[32]; + char ttymodes[768]; /* MODE\tVvalue\0MODE\tA\0\0 */ char environmt[1024]; /* VAR\tvalue\0VAR\tvalue\0\0 */ char username[100]; char localusername[100]; @@ -431,9 +509,11 @@ struct config_tag { int win_name_always; int width, height; FontSpec font; + int font_quality; Filename logfilename; int logtype; int logxfovr; + int logflush; int logomitpass; int logomitdata; int hide_mouseptr; @@ -445,6 +525,7 @@ struct config_tag { int bidi; /* Colour options */ int ansi_colour; + int xterm_256_colour; int system_colour; int try_palette; int bold_colour; @@ -459,6 +540,7 @@ struct config_tag { /* translations */ int vtmode; char line_codepage[128]; + int cjk_ambig_wide; int utf8_override; int xlat_capslockcyr; /* X11 forwarding */ @@ -467,7 +549,7 @@ struct config_tag { int x11_auth; /* port forwarding */ int lport_acceptall; /* accept conns from hosts other than localhost */ - int rport_acceptall; /* same for remote forwarded ports (SSH2 only) */ + int rport_acceptall; /* same for remote forwarded ports (SSH-2 only) */ /* * The port forwarding string contains a number of * NUL-terminated substrings, terminated in turn by an empty @@ -483,7 +565,7 @@ struct config_tag { /* SSH bug compatibility modes */ int sshbug_ignore1, sshbug_plainpw1, sshbug_rsa1, sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2, - sshbug_dhgex2, sshbug_pksessid2; + sshbug_pksessid2, sshbug_rekey2; /* Options for pterm. Should split out into platform-dependent part. */ int stamp_utmp; int login_shell; @@ -538,7 +620,53 @@ GLOBAL int loaded_session; struct RSAKey; /* be a little careful of scope */ /* - * Exports from window.c. + * Mechanism for getting text strings such as usernames and passwords + * from the front-end. + * The fields are mostly modelled after SSH's keyboard-interactive auth. + * FIXME We should probably mandate a character set/encoding (probably UTF-8). + * + * Since many of the pieces of text involved may be chosen by the server, + * the caller must take care to ensure that the server can't spoof locally- + * generated prompts such as key passphrase prompts. Some ground rules: + * - If the front-end needs to truncate a string, it should lop off the + * end. + * - The front-end should filter out any dangerous characters and + * generally not trust the strings. (But \n is required to behave + * vaguely sensibly, at least in `instruction', and ideally in + * `prompt[]' too.) + */ +typedef struct { + char *prompt; + int echo; + char *result; /* allocated/freed by caller */ + size_t result_len; +} prompt_t; +typedef struct { + /* + * Indicates whether the information entered is to be used locally + * (for instance a key passphrase prompt), or is destined for the wire. + * This is a hint only; the front-end is at liberty not to use this + * information (so the caller should ensure that the supplied text is + * sufficient). + */ + int to_server; + char *name; /* Short description, perhaps for dialog box title */ + int name_reqd; /* Display of `name' required or optional? */ + char *instruction; /* Long description, maybe with embedded newlines */ + int instr_reqd; /* Display of `instruction' required or optional? */ + size_t n_prompts; + prompt_t **prompts; + void *frontend; + void *data; /* slot for housekeeping data, managed by + * get_userpass_input(); initially NULL */ +} prompts_t; +prompts_t *new_prompts(void *frontend); +void add_prompt(prompts_t *p, char *promptstr, int echo, size_t len); +/* Burn the evidence. (Assumes _all_ strings want free()ing.) */ +void free_prompts(prompts_t *p); + +/* + * Exports from the front end. */ void request_resize(void *frontend, int, int); void do_text(Context, int, int, wchar_t *, int, unsigned long, int); @@ -555,7 +683,7 @@ void free_ctx(Context); void palette_set(void *frontend, int, int, int, int); void palette_reset(void *frontend); void write_aclip(void *frontend, char *, int, int); -void write_clip(void *frontend, wchar_t *, int, int); +void write_clip(void *frontend, wchar_t *, int *, int, int); void get_clip(void *frontend, wchar_t **, int *); void optimised_move(void *frontend, int, int, int); void set_raw_mouse_mode(void *frontend, int); @@ -566,7 +694,7 @@ void modalfatalbox(char *, ...); #pragma noreturn(fatalbox) #pragma noreturn(modalfatalbox) #endif -void beep(void *frontend, int); +void do_beep(void *frontend, int); void begin_session(void *frontend); void sys_cursor(void *frontend, int x, int y); void request_paste(void *frontend); @@ -578,7 +706,17 @@ void ldisc_update(void *frontend, int echo, int edit); * shutdown. */ void update_specials_menu(void *frontend); int from_backend(void *frontend, int is_stderr, const char *data, int len); +int from_backend_untrusted(void *frontend, const char *data, int len); void notify_remote_exit(void *frontend); +/* Get a sensible value for a tty mode. NULL return = don't set. + * Otherwise, returned value should be freed by caller. */ +char *get_ttymode(void *frontend, const char *mode); +/* + * >0 = `got all results, carry on' + * 0 = `user cancelled' (FIXME distinguish "give up entirely" and "next auth"?) + * <0 = `please call back later with more in/inlen' + */ +int get_userpass_input(prompts_t *p, unsigned char *in, int inlen); #define OPTIMISE_IS_SCROLL 1 void set_iconic(void *frontend, int iconic); @@ -590,6 +728,16 @@ int is_iconic(void *frontend); void get_window_pos(void *frontend, int *x, int *y); void get_window_pixels(void *frontend, int *x, int *y); char *get_window_title(void *frontend, int icon); +/* Hint from backend to frontend about time-consuming operations. + * Initial state is assumed to be BUSY_NOT. */ +enum { + BUSY_NOT, /* Not busy, all user interaction OK */ + BUSY_WAITING, /* Waiting for something; local event loops still running + so some local interaction (e.g. menus) OK, but network + stuff is suspended */ + BUSY_CPU /* Locally busy (e.g. crypto); user interaction suspended */ +}; +void set_busy_status(void *frontend, int status); void cleanup_exit(int); @@ -637,10 +785,9 @@ FontSpec platform_default_fontspec(const char *name); Terminal *term_init(Config *, struct unicode_data *, void *); void term_free(Terminal *); void term_size(Terminal *, int, int, int); -void term_out(Terminal *); void term_paint(Terminal *, Context, int, int, int, int, int); void term_scroll(Terminal *, int, int); -void term_pwron(Terminal *); +void term_pwron(Terminal *, int); void term_clrsb(Terminal *); void term_mouse(Terminal *, Mouse_Button, Mouse_Button, Mouse_Action, int,int,int,int,int); @@ -659,10 +806,15 @@ void term_copyall(Terminal *); void term_reconfig(Terminal *, Config *); void term_seen_key_event(Terminal *); int term_data(Terminal *, int is_stderr, const char *data, int len); +int term_data_untrusted(Terminal *, const char *data, int len); void term_provide_resize_fn(Terminal *term, void (*resize_fn)(void *, int, int), void *resize_ctx); void term_provide_logctx(Terminal *term, void *logctx); +void term_set_focus(Terminal *term, int has_focus); +char *term_get_ttymode(Terminal *term, const char *mode); +int term_get_userpass_input(Terminal *term, prompts_t *p, + unsigned char *in, int inlen); /* * Exports from logging.c. @@ -712,14 +864,8 @@ extern Backend rlogin_backend; extern Backend telnet_backend; /* - * Exports from ssh.c. (NB the getline variables have to be GLOBAL - * so that PuTTYtel will still compile - otherwise it would depend - * on ssh.c.) + * Exports from ssh.c. */ - -GLOBAL int (*ssh_get_line) (const char *prompt, char *str, int maxlen, - int is_pw); -GLOBAL int ssh_getline_pw_only; extern Backend ssh_backend; /* @@ -740,10 +886,14 @@ void luni_send(void *, wchar_t * widebuf, int len, int interactive); */ void random_add_noise(void *noise, int length); -void random_init(void); int random_byte(void); void random_get_savedata(void **data, int *len); extern int random_active; +/* The random number subsystem is activated if at least one other entity + * within the program expresses an interest in it. So each SSH session + * calls random_ref on startup and random_unref on shutdown. */ +void random_ref(void); +void random_unref(void); /* * Exports from pinger.c. @@ -787,8 +937,10 @@ void get_unitab(int codepage, wchar_t * unitab, int ftype); /* * Exports from wcwidth.c */ -int wcwidth(wchar_t ucs); -int wcswidth(const wchar_t *pwcs, size_t n); +int mk_wcwidth(wchar_t ucs); +int mk_wcswidth(const wchar_t *pwcs, size_t n); +int mk_wcwidth_cjk(wchar_t ucs); +int mk_wcswidth_cjk(const wchar_t *pwcs, size_t n); /* * Exports from mscrypto.c @@ -822,20 +974,47 @@ int wc_match(const char *wildcard, const char *target); int wc_unescape(char *output, const char *wildcard); /* - * Exports from windlg.c + * Exports from frontend (windlg.c etc) */ void logevent(void *frontend, const char *); -void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, - char *keystr, char *fingerprint); -void askcipher(void *frontend, char *ciphername, int cs); -int askappend(void *frontend, Filename filename); +void pgp_fingerprints(void); +/* + * verify_ssh_host_key() can return one of three values: + * + * - +1 means `key was OK' (either already known or the user just + * approved it) `so continue with the connection' + * + * - 0 means `key was not OK, abandon the connection' + * + * - -1 means `I've initiated enquiries, please wait to be called + * back via the provided function with a result that's either 0 + * or +1'. + */ +int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype, + char *keystr, char *fingerprint, + void (*callback)(void *ctx, int result), void *ctx); +/* + * askalg has the same set of return values as verify_ssh_host_key. + */ +int askalg(void *frontend, const char *algtype, const char *algname, + void (*callback)(void *ctx, int result), void *ctx); +/* + * askappend can return four values: + * + * - 2 means overwrite the log file + * - 1 means append to the log file + * - 0 means cancel logging for this session + * - -1 means please wait. + */ +int askappend(void *frontend, Filename filename, + void (*callback)(void *ctx, int result), void *ctx); /* - * Exports from console.c (that aren't equivalents to things in - * windlg.c). + * Exports from console frontends (wincons.c, uxcons.c) + * that aren't equivalents to things in windlg.c et al. */ extern int console_batch_mode; -int console_get_line(const char *prompt, char *str, int maxlen, int is_pw); +int console_get_userpass_input(prompts_t *p, unsigned char *in, int inlen); void console_provide_logctx(void *logctx); int is_interactive(void); @@ -859,7 +1038,7 @@ void printer_finish_job(printer_job *); int cmdline_process_param(char *, char *, int, Config *); void cmdline_run_saved(Config *); void cmdline_cleanup(void); -extern char *cmdline_password; +int cmdline_get_passwd_input(prompts_t *p, unsigned char *in, int inlen); #define TOOLTYPE_FILETRANSFER 1 #define TOOLTYPE_NONNETWORK 2 extern int cmdline_tooltype; @@ -870,8 +1049,8 @@ void cmdline_error(char *, ...); * Exports from config.c. */ struct controlbox; -void setup_config_box(struct controlbox *b, struct sesslist *sesslist, - int midsession, int protocol); +void setup_config_box(struct controlbox *b, int midsession, + int protocol, int protcfginfo); /* * Exports from minibidi.c. @@ -932,6 +1111,67 @@ char *get_random_data(int bytes); /* used in cmdgen.c */ * notifies the front end that a new timer has been added to the * list which is sooner than any existing ones. It provides the * time when that timer needs to go off. + * + * *** FRONT END IMPLEMENTORS NOTE: + * + * There's an important subtlety in the front-end implementation of + * the timer interface. When a front end is given a `next' value, + * either returned from run_timers() or via timer_change_notify(), + * it should ensure that it really passes _that value_ as the `now' + * parameter to its next run_timers call. It should _not_ simply + * call GETTICKCOUNT() to get the `now' parameter when invoking + * run_timers(). + * + * The reason for this is that an OS's system clock might not agree + * exactly with the timing mechanisms it supplies to wait for a + * given interval. I'll illustrate this by the simple example of + * Unix Plink, which uses timeouts to select() in a way which for + * these purposes can simply be considered to be a wait() function. + * Suppose, for the sake of argument, that this wait() function + * tends to return early by 1%. Then a possible sequence of actions + * is: + * + * - run_timers() tells the front end that the next timer firing + * is 10000ms from now. + * - Front end calls wait(10000ms), but according to + * GETTICKCOUNT() it has only waited for 9900ms. + * - Front end calls run_timers() again, passing time T-100ms as + * `now'. + * - run_timers() does nothing, and says the next timer firing is + * still 100ms from now. + * - Front end calls wait(100ms), which only waits for 99ms. + * - Front end calls run_timers() yet again, passing time T-1ms. + * - run_timers() says there's still 1ms to wait. + * - Front end calls wait(1ms). + * + * If you're _lucky_ at this point, wait(1ms) will actually wait + * for 1ms and you'll only have woken the program up three times. + * If you're unlucky, wait(1ms) might do nothing at all due to + * being below some minimum threshold, and you might find your + * program spends the whole of the last millisecond tight-looping + * between wait() and run_timers(). + * + * Instead, what you should do is to _save_ the precise `next' + * value provided by run_timers() or via timer_change_notify(), and + * use that precise value as the input to the next run_timers() + * call. So: + * + * - run_timers() tells the front end that the next timer firing + * is at time T, 10000ms from now. + * - Front end calls wait(10000ms). + * - Front end then immediately calls run_timers() and passes it + * time T, without stopping to check GETTICKCOUNT() at all. + * + * This guarantees that the program wakes up only as many times as + * there are actual timer actions to be taken, and that the timing + * mechanism will never send it into a tight loop. + * + * (It does also mean that the timer action in the above example + * will occur 100ms early, but this is not generally critical. And + * the hypothetical 1% error in wait() will be partially corrected + * for anyway when, _after_ run_timers() returns, you call + * GETTICKCOUNT() and compare the result with the returned `next' + * value to find out how long you have to make your next wait().) */ typedef void (*timer_fn_t)(void *ctx, long now); long schedule_timer(int ticks, timer_fn_t fn, void *ctx);