git.distorted.org.uk Git - u/mdw/putty/log

sshec.c: Initial cut at elliptic curve arithmetic.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>

sshbn.c: New functions for left and right shifts of bignums.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>

sshbn.c, bn-internal.h: Export bignum representation details.

They will be useful to the elliptic curve arithmetic support coming
soon.

sshbn.c: Some number-theoretic utilities.

The `kronecker' function computes the Kronecker symbol (a|n), which is
an extension of the Jacobi symbol (itself an extension of the Legendre
symbol) with three useful properties.

  * It's fairly fast to compute -- a little slower than a GCD using
    Euclid's algorithm.

  * It's well-defined on all inputs (unlike the Jacobi and Legendre
    symbols), so it's safe to call.

  * When n is prime, the result tells you whether a is a quadratic
    residue mod n.

The code doesn't describe the algorithm in detail, but it basically
follows from Gauss's work on quadratic residues in `Disquisitiones
Arithmeticae'.  The relevant theory is part of most introductory number
theory texts; I like Shoup, `A Computational Introduction to Number
Theory and Algebra', <http://shoup.net/ntb/>.

The `modsqrt' function calculates square roots in a prime field.  It
takes a bit longer than a `modpow' call.  The algorithm is basically the
same as described in Menezes, van Oorschott and Vanstone, `Handbook of
Applied Cryptography', <http://cacr.uwaterloo.ca/hac/>; but the
explanation is based on Crandall and Pomerance, `Primes: A Computational
Introduction'.

The `kronecker' function is currently untested (except via `modsqrt');
`modsqrt' itself is tested via `testdata/bignum-fixed.txt' which will
gather more non-randomized tests with time.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>

sshbn.c: Turn the bignum arithmetic internals back-to-front.

The internal arithmetic used to be done on a big-endian representation
of the integers, while the external format was defined to be
little-endian. This causes a bunch of indexing operations to be more
complicated than they really need to be, and, more importantly,
introduces an unfortunate mismatch between the two different strata of
the bignum library, which will be annoying later. Finally, and least
important of all, in my very brief testing, the bignum test runs about
4.7% faster with this new version.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>

sshbn.c (modmul): Prevent buffer underrun.

In `modmul', if

  * the topmost bit of mod is clear, so mshift is nonzero; and

  * both p and q are no more than half as long as mod, so 2*pqlen <=
    mlen

then we run this code:

    if (mshift) {
        for (i = 2 * pqlen - mlen - 1; i < 2 * pqlen - 1; i++)
            a[i] = (a[i] << mshift) | (a[i + 1] >> (BIGNUM_INT_BITS - mshift));

But then mlen + 1 > 2*pqlen and therefore i is initially negative
-- and therefore certainly less than 2*pqlen.  So the initial access to
a[] is illegal.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>

sshbn.c (internal_mul): Zap conditional redeclaration of `i'.

This looks like old debugging code which has bitrotted somewhat. The
build fails when `KARA_DEBUG' is turned on, because `i' has since been
declared unconditionally in the same scope.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>

Patch from Egmont Koblinger to implement two extended variants of
xterm mouse tracking, both supported by the current up-to-date xterm
(288). They take the form of two new DEC terminal modes, 1006 and
1015, which do not in themselves _enable_ mouse tracking but they
modify the escape sequences sent if mouse tracking is enabled in the
usual way.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9752 cda61777-01e9-0310-a592-d414129be87e

Adjust comments around split_into_argv() to clarify that it's not
*Windows's* command-line splitting rules we're mimicking here; it's
VC7's, and they're not the same as VC10's.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9748 cda61777-01e9-0310-a592-d414129be87e

Reorganise setup_fonts_ucs so that in case of error it does nothing
and returns its error message as a string, instead of actually
printing it on standard error and exiting. Now we can preserve the
previous error behaviour when we get a nonexistent font name at
startup time, but no longer rudely terminate in mid-session if the
user configures a bogus font name in Change Settings.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9745 cda61777-01e9-0310-a592-d414129be87e

Move the -I options for all our source subdirectories out of AM_CFLAGS
and into AM_CPPFLAGS. This is more conceptually sensible according to
my reading of the automake manual, and also has the specific desirable
effect that they move to the front of the command line, ahead of any
'system' type -I options that autoconf might have felt a need for.

A user reported that autoconf had added -I/usr/local/include to their
command line for the sake of a required header file, but their
/usr/local/include also turned out to include a thing called 'proxy.h'
(from libproxy, nothing to do with us) which shadowed our own proxy.h
and caused a build failure. This should fix that.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9736 cda61777-01e9-0310-a592-d414129be87e

Update the suggested compile command in sshbn.c's test rig.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9732 cda61777-01e9-0310-a592-d414129be87e

Fix two gcc warnings about confused printf format strings in the
bignum code's test harness. Thanks to Sup Yut Sum for fixing this in
TortoisePlink and Sven Strickroth for bringing it to my attention.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9731 cda61777-01e9-0310-a592-d414129be87e

Ronald Landheer-Cieslak points out that the various back ends which
treat all socket closures as clean exits (because the protocol doesn't
provide for transferring a process exit code) could usefully at least
treat _socket errors_ as unclean exits. Patch the Telnet, Rlogin and
Raw backends to retain that information and return INT_MAX to the
frontend.

I wasn't sure whether it was better to solve this by modifying each
affected frontend, or each affected backend. Neither is really ideal;
this is the sort of thing that makes me wish we had a piece of fixed
middleware in between, independent of both platform and protocol.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9730 cda61777-01e9-0310-a592-d414129be87e

Switch round a bogus if statement I've just noticed. Both the write to
pty_utmp_helper_pipe _and_ the close of it if we're not going to write
should be conditionalised on the pipe existing, rather than just the
former!

git-svn-id: svn://svn.tartarus.org/sgt/putty@9729 cda61777-01e9-0310-a592-d414129be87e

Patch from Brad Smith to use posix_openpt() instead of
open("/dev/ptmx"), where the former is available. Improves
portability, since at least one OS (OpenBSD) supports the POSIX pty
functions but does it via an underlying mechanism which doesn't
involving having a /dev/ptmx.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9728 cda61777-01e9-0310-a592-d414129be87e

Use O_NOCTTY (if available) when opening /dev/ptmx, just in case any
OS doesn't automatically assume it.

(It would seem faintly weird to me - surely opening the master end of
a given pty is a fairly good indication that you're _not_ a process
running inside it which wants to have it available as /dev/tty! But
you never know...)

git-svn-id: svn://svn.tartarus.org/sgt/putty@9727 cda61777-01e9-0310-a592-d414129be87e

Add a bounds check in the word-by-word selection code to prevent
attempting to call lineptr() with a y-coordinate off the bottom of the
screen and triggering the dreaded 'line==NULL' message box.

This crash can only occur if the bottommost line of the screen has the
LATTR_WRAPPED flag set, which as far as I can see you can only
contrive by constructing a LATTR_WRAPPED line further up the screen
and then moving it down using an insert-line escape sequence. That's
probably why this bug has been around forever without anyone coming
across it.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9726 cda61777-01e9-0310-a592-d414129be87e

Patch from Hideki Eiraku to make PuTTY call GetScrollInfo, so it can
use 32-bit scrollbar position data instead of being limited to the
16-bit version that comes in scrollbar messages' wParam.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9720 cda61777-01e9-0310-a592-d414129be87e

Fix another error-reporting bug, in which sk_newlistener would fail to
capture the error code if listen() returned an error, and instead pass
0 (saved from the previous successful bind) to winsock_error_string.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9708 cda61777-01e9-0310-a592-d414129be87e

When manually initialising a 'struct RSAKey' due to loading an SSH1
public key but not the private half, NULL out all the CRT-optimisation
fields as well as the private exponent pointer. Otherwise segfaults -
security-harmless, but annoying - can happen in freersakey() when we
notice they aren't null and try to free them.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9705 cda61777-01e9-0310-a592-d414129be87e

Add a fallback case to winsock_error_string() which makes it call
FormatMessage to get the OS's text for any error not in our own
translation table. Should eliminate the frustrating 'unknown error'.

(I haven't chosen to use FormatMessage unconditionally, because it
comes out with enormous messages along the lines of "No connection
could be made because the target machine actively refused it" in place
of "Connection refused" and I'm Unixy enough to prefer the latter.
Also, on older Windowses, Winsock error codes are in a separate API
segment and don't work with FormatMessage anyway.)

git-svn-id: svn://svn.tartarus.org/sgt/putty@9704 cda61777-01e9-0310-a592-d414129be87e

Windows's sk_address_is_local() was returning the wrong answers for
IPv6 addresses, because I'd mistakenly cast an ai_addr to the low-
level 'struct in6_addr' instead of the correct 'struct sockaddr_in6'.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9690 cda61777-01e9-0310-a592-d414129be87e

When a proxy negotiation function is called with PROXY_CHANGE_NEW, it
should not call plug functions, because it's being called from within
new_connection(), and the state on which the plug functions depend
will not have been set up until new_connection() returns success.
Instead, we set the error string in the Proxy_Socket, which will cause
the same error message to be returned as a failure of new_connection().

git-svn-id: svn://svn.tartarus.org/sgt/putty@9689 cda61777-01e9-0310-a592-d414129be87e

If you configure Unix PuTTY to use a proxy, tell it to even proxy
localhost connections, and also enable X forwarding in such a way that
it will attempt to connect to a Unix-domain X server socket, an
assertion will fail when proxy_for_destination() tries to call
sk_getaddr(). Fix by ensuring that Unix-domain sockets are _never_
proxied, since they fundamentally can't be.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9688 cda61777-01e9-0310-a592-d414129be87e

Add timestamps to the 'SSH raw data' logging mode.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9687 cda61777-01e9-0310-a592-d414129be87e

A user points out that we should free the 'hProcess' and 'hThread'
handles returned in the PROCESS_INFORMATION structure after we call
CreateProcess.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9686 cda61777-01e9-0310-a592-d414129be87e

Sumudu Fernando points out that in the big r9214 destabilisation I
mistakenly rearranged the logic in an if statement in window.c, with
the effect that scroll-wheel events are no longer sent via xterm mouse
tracking. Put it back to the way it was.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9679 cda61777-01e9-0310-a592-d414129be87e

Clip the 'lines' parameter to scroll() at the size of the scroll
window. scroll() iterates that many times, so this prevents a tedious
wait if you give a very large parameter to ESC[L or ESC[M, for
example.

A side effect is that very large requests for upward scrolling in a
context that affects the scrollback will not actually wipe out the
whole scrollback: instead they push just the current lines of the
screen into the scrollback, and don't continue on to fill it up with
endless boring blank lines. I think this is likely to be more useful
in general, since it avoids wiping out lots of useful scrollback data
by mistake. I can imagine that people might have been using it
precisely _to_ wipe the scrollback in some situations, but if so then
they should use CSI 3 J instead.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9677 cda61777-01e9-0310-a592-d414129be87e

Windows PSFTP has two places that call run_timers and I'd only updated
one of them. Correct that.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9676 cda61777-01e9-0310-a592-d414129be87e

Fix indentation mess in my timing overhaul.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9675 cda61777-01e9-0310-a592-d414129be87e

Fix a stupid sign bug in run_timers() that broke Windows Plink (and
should really have broken everything else too).

git-svn-id: svn://svn.tartarus.org/sgt/putty@9674 cda61777-01e9-0310-a592-d414129be87e

Make --help and --version work consistently across all tools.

Well, at least across all command-line tools on both Windows and Unix,
and the GTK apps on Unix too. The Windows GUI apps fundamentally can't
write to standard output and it doesn't seem sensible to use message
boxes for these purposes :-)

git-svn-id: svn://svn.tartarus.org/sgt/putty@9673 cda61777-01e9-0310-a592-d414129be87e

Better document the various environments with which Makefile.cyg works.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9670 cda61777-01e9-0310-a592-d414129be87e

Add a new COMPAT option for environments lacking SecureZeroMemory(),
rather than explicitly checking for Winelib. It seems that w32api is
lacking it as well.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9669 cda61777-01e9-0310-a592-d414129be87e

Allow remote-to-local forwardings to use IPv6.

RFC 4245 section 7.1 specifies the meaning of the "address to bind"
parameter in a "tcpip-forward" request. "0.0.0.0" and "127.0.0.1" are
specified to be all interfaces and the loopback interface respectively
in IPv4, while "" and "localhost" are the address-family-agnostic
equivalents. Switch PuTTY to using the latter, since it doesn't seem
right to force IPv4.

There's an argument that PuTTY should provide a means of configuring the
address family used for remote forwardings like it does for local ones.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9668 cda61777-01e9-0310-a592-d414129be87e

Two related changes to timing code:

First, make absolute times unsigned. This means that it's safe to
depend on their overflow behaviour (which is undefined for signed
integers). This requires a little extra care in handling comparisons,
but I think I've correctly adjusted them all.

Second, functions registered with schedule_timer() are guaranteed to be
called with precisely the time that was returned by schedule_timer().
Thus, it's only necessary to check these values for equality rather than
doing risky range checks, so do that.

The timing code still does lots that's undefined, unnecessary, or just
wrong, but this is a good start.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9667 cda61777-01e9-0310-a592-d414129be87e

Quell a (correct) GCC warning in the NO_HTMLHELP case.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9666 cda61777-01e9-0310-a592-d414129be87e

Should have been part of r9663: do use the platform-independent version
of smemclr when compiling with Winelib.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9665 cda61777-01e9-0310-a592-d414129be87e

Tweak comment in Recipe that had become separated from its code.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9664 cda61777-01e9-0310-a592-d414129be87e

Don't try to use SecureZeroMemory under Winelib, since it isn't available
there (yet).

git-svn-id: svn://svn.tartarus.org/sgt/putty@9663 cda61777-01e9-0310-a592-d414129be87e

Define SECURITY_WIN32 for Winelib/Cygwin builds as well as for VC.

This should perhaps go into winmisc.c: it's caused problems for
other people too:

<http://stackoverflow.com/questions/8530159/vs2010-build-error-at-putty-source>

git-svn-id: svn://svn.tartarus.org/sgt/putty@9662 cda61777-01e9-0310-a592-d414129be87e

In the cygwin Makefile, use "-o" on the windres command line to specify
the output file. This appears to be supported by windres, and is
required by wrc (the Winelib resource compiler).

git-svn-id: svn://svn.tartarus.org/sgt/putty@9661 cda61777-01e9-0310-a592-d414129be87e

Most of the code for "nc" mode duplicated that for opening a session or
a fowarded port. Arrange that this code is shared instead. The main
visible change is a slight change of log messages.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9655 cda61777-01e9-0310-a592-d414129be87e

Hiroshi Oota points out that PuTTY's agent forwarding sockets can get
confused if they receive a request followed by immediate EOF, since we
currently send outgoing EOF as soon as we see the incoming one - and
then, when the response comes back from the real SSH agent, we send it
along anyway as channel data in spite of having sent EOF.

To fix this, I introduce a new field for each agent channel which
counts the number of calls to ssh_agentf_callback that are currently
expected, and we don't send EOF on an agent channel until we've both
received EOF and that value drops to zero.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9651 cda61777-01e9-0310-a592-d414129be87e

Factor out some common code for constructing SSH2_CHANNEL_OPEN.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9649 cda61777-01e9-0310-a592-d414129be87e

struct winadj is unused now. G/c it.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9648 cda61777-01e9-0310-a592-d414129be87e

All of the initial CHANNEL_REQUESTs are conditional on (ssh->mainchan &&
!ssh->ncmode), so bundle them up in a big block conditional on this rather
than checking it five times.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9647 cda61777-01e9-0310-a592-d414129be87e

do_ssh2_authconn() now installs the standard handlers for CHANNEL_SUCCESS
and CHANNEL_FAILURE as soon as it's opened a channel, so there's no need
for it to set them again later.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9646 cda61777-01e9-0310-a592-d414129be87e

Memory leak fixes reported by Balazs Domjan.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9645 cda61777-01e9-0310-a592-d414129be87e

Rename the various ssh2_maybe_setup_* functions to ssh2_setup_*, and
move the primary conditions out of them into their callers. Fixes a
crash in 'plink -N', since those functions would be called with a NULL
channel parameter and immediately dereference it to try to get c->ssh.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9644 cda61777-01e9-0310-a592-d414129be87e

In openssh_read(), we shouldn't ever return SSH2_WRONG_PASSPHRASE for
an unencrypted key. (The other import function, sshcom_read(), already
got this right.) Thanks to David Wedderwille for the report.

This is more than just an error-reporting mistake; it actually causes
Windows PuTTYgen to tight-loop on attempting to load a corrupt OpenSSH
key, because the 'wrong passphrase' return value causes the caller to
loop round and try again, but of course it knows the key is
unencrypted so it doesn't prompt for a different passphrase and just
tries again with no change...

git-svn-id: svn://svn.tartarus.org/sgt/putty@9643 cda61777-01e9-0310-a592-d414129be87e

Avoid leaking file handles in load_openssh_key(), as reported by David
Wedderwille.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9642 cda61777-01e9-0310-a592-d414129be87e

Fix a controlling-terminal bug reported by Anthony Heading: Cygwin
doesn't have TIOCSCTTY, so my attempt to set the ctty of the child
process isn't doing anything, and only works by chance when you run
bash because bash does the thing that _will_ set the ctty, namely
opening the terminal file again without O_NOCTTY. So now we do that
too.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9638 cda61777-01e9-0310-a592-d414129be87e

Partially revert r9636. It is true that we can directly return the
result of memcmp, but untrue that we can do so _unconditionally_: if
memcmp returns zero, we still need to fall through to the next
comparison.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9637 cda61777-01e9-0310-a592-d414129be87e

Clang, like LCC, objects to using '<' and '>' on function pointers.

I'm not entirely sure that using memcmp() is any more defined by the C
standard, but at least Clang doesn't complain about it. While I'm
here, tree234 doesn't require that comparison functions return
precisely +1 or -1, so we can use the return value of memcmp()
directly.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9636 cda61777-01e9-0310-a592-d414129be87e

Change return type of do_ssh2_transport() to void.

Nothing pays attention to it any more, anyway.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9635 cda61777-01e9-0310-a592-d414129be87e

Make bombout() less of a macro and more of a function.

This gives GCC slightly fewer opportunities to gratuitously inflate
its output.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9634 cda61777-01e9-0310-a592-d414129be87e

Fix a memory leak in parse_ttymodes() (found by Memcheck/Valgrind).

git-svn-id: svn://svn.tartarus.org/sgt/putty@9633 cda61777-01e9-0310-a592-d414129be87e

Slightly simplify crFinishFree{,V}.

They're only likely to be useful for freeing a coroutine state
structure, in which case there's no need to reset the line number
(since all such coroutines keep their line number in the state
structure) and the state structure pointer is always called "s".

git-svn-id: svn://svn.tartarus.org/sgt/putty@9632 cda61777-01e9-0310-a592-d414129be87e

Don't close SSH-2 channels with outstanding channel requests on local error.

In sshfwd_unclean_close(), get ssh2_check_close() to handle sending
SSH_MSG_CHANNEL_CLOSE. That way, it can hold off doing so until any
outstanding channel requests are processed.

Also add event log message for unclean channel closures.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9631 cda61777-01e9-0310-a592-d414129be87e

It's not legal to free a coroutine's state structure before invoking
crFinish or crFinishV, since they will attempt to write to the
coroutine state variable contained in that structure. Introduced some
new all-in-one macros crFinishFree and crFinishFreeV, and used those
instead. Should fix today's report of a crash just after authentication.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9630 cda61777-01e9-0310-a592-d414129be87e

Fix markup error introduced in r9626.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9627 cda61777-01e9-0310-a592-d414129be87e

Remove documentation for "Out of space for port forwardings" error.

It no longer exists in the code, and should have been obsoleted by
r9214 at the latest.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9626 cda61777-01e9-0310-a592-d414129be87e

Improve window-size handling in Unix Plink.

Unconditionally override the configured terminal size with the one
from stdin if it's available. This avoids the silliness whereby if
Default Settings had a terminal size set, Plink used this and thus
caused the server to use the wrong size.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9624 cda61777-01e9-0310-a592-d414129be87e

Better handling of outstanding CHANNEL_REQUESTS on channel destruction.

Part the first: make sure that all structures describing channel
requests are freed when the SSH connection is freed. This involves
adding a means to ask a response handler to free any memory it holds.

Part the second: in ssh_channel_try_eof(), call
ssh2_channel_check_close() rather than emitting an SSH_MSG_CHANNEL_EOF
directly. This avoids the possibility of closing the channel while a
CHANNEL_REQUEST is outstanding.

Also add some assertions that helped with tracking down the latter
problem.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9623 cda61777-01e9-0310-a592-d414129be87e

Factor out common code to construct CHANNEL_REQUESTS.

This reduces code size a little and also makes it harder to
accidentally request a reply without putting in place a handler for
it or vice versa.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9620 cda61777-01e9-0310-a592-d414129be87e

Simplify handling of responses to channel requests.

The various setup routines can only receive CHANNEL_SUCCESS or
CHANNEL_FAILURE, so there's no need for the to worry about receiving
anything else. Strange packets will end up in do_ssh2_authconn
instead.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9619 cda61777-01e9-0310-a592-d414129be87e

Add some kind of window tracking to logparse.pl.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9618 cda61777-01e9-0310-a592-d414129be87e

Fix matching of channel and global requests with replies in logparse.pl.

In each case, want_reply was being treated as true even when it wasn't,
because it got decoded into "yes"/"no", both of which are true in
Perl.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9617 cda61777-01e9-0310-a592-d414129be87e

Handle all replies to CHANNEL_REQUESTs through the per-channel queue.

Each of the minor start-of-session requests is now dealt with by its own
little co-routine, while the shell/command is done in do_ssh2_authconn()
itself. This eliminates one more round-trip in session setup: PuTTY gets
all the way up to sending a shell request before worrying about any
replies.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9616 cda61777-01e9-0310-a592-d414129be87e

Generalise SSH_MSG_CHANNEL_{SUCCESS,FAILURE} handling.

Now each channel has a queue of arbitrary handlers for those messages,
with anything that sends a CHANNEL_REQUEST with want_reply true pushing
a new entry onto the queue, and a shared handler that dispatches
responses appropriately.

Currently, this is only used for winadj@putty.projects.tartarus.org, but
extending it to cover the initial requests as well shouldn't be too
painful.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9615 cda61777-01e9-0310-a592-d414129be87e

Fix a bug in the PSFTP command parser which would cause it to
hallucinate an extra empty argument word at the end of a line if the
line ended in more than one whitespace character.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9613 cda61777-01e9-0310-a592-d414129be87e

Enhance logparse.pl so that it detects channels running SFTP and
decodes the SFTP message layer in addition to the underlying SSH.
Requests and responses are matched up via their ids.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9612 cda61777-01e9-0310-a592-d414129be87e

Fix recently-introduced memory leak in ssh2_msg_unexpected().

git-svn-id: svn://svn.tartarus.org/sgt/putty@9611 cda61777-01e9-0310-a592-d414129be87e

De-duplicate code in KEXINIT generation.

There's no need to have identical code generating server-to-client and
client-to-server versions of the cipher and MAC lists; a couple of
twice-around loops will do fine.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9610 cda61777-01e9-0310-a592-d414129be87e

Reworking of packet delivery to coroutines in SSH-2.

Before, NULL in the dispatch table meant "send to the appropriate one of
do_ssh2_transport() and do_ssh2_authconn()". Now those (via small
shims) are specified directly in the dispatch table, so ssh2_protocol()
is much simpler.

In the process, this has somewhat centralised the handling of gross
server protocol violations. PuTTY will now disconnect with a rude
message when (e.g.) OpenSSH sends us an SSH_MSG_UNIMPLEMENTED when we
try to KEXINIT during authentication.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9609 cda61777-01e9-0310-a592-d414129be87e

Fix an erroneous "case" fallthrough in ssh1_msg_channel_close, which was
causing assertion failures when closing X11 channels in SSH-1. Also fix
another pasto.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9608 cda61777-01e9-0310-a592-d414129be87e

Tweak to SSH coroutine code: put line number in the coroutine state
structure, which is consistent with Simon's canonical version of the
macros.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9607 cda61777-01e9-0310-a592-d414129be87e

Use a single sftp_senddata() to send each SFTP packet, rather than
using one for the length field and one for the rest of the packet
contents. Since sftp_senddata() has no queuing or deferral mechanism
but instead constructs and sends an SSH2_MSG_CHANNEL_DATA message
immediately, this change has the effect of ceasing to split every SFTP
packet across two SSH messages.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9603 cda61777-01e9-0310-a592-d414129be87e

Rework bufchain code to allow for variable-sized granules.
bufchain_add() now allocates at most one new granule. Granules still
have a minimum size, so small adds still get coalesced.

The main practical consequence of this is that PSCP and PSFTP now
generate 4K SSH packets rather than 512-byte ones. Also, the compiled
code (on my Ubuntu box) is fractionally smaller.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9602 cda61777-01e9-0310-a592-d414129be87e

Reduce the number of round-trips involved in opening an SSH-2 session
by sending most of the initial SSH_MSG_CHANNEL_REQUEST messages before
waiting for any replies. The initial version of this code was a clever
thing with a two-pass loop, but that got hairy so I went for the simpler
approach of separating the request and reply code and having flags to
keep track of which requests have been sent.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9599 cda61777-01e9-0310-a592-d414129be87e

Add a missing \define I accidentally assumed was there in r9592.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9593 cda61777-01e9-0310-a592-d414129be87e

Add a bug-compatibility flag to disable the
winadj@putty.projects.tartarus.org request. Not currently enabled
automatically, but should be usable as a manual workaround.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9592 cda61777-01e9-0310-a592-d414129be87e

Fix an embarrassing mistake in config box handling which was causing
changes to any SSH bug config option to be lost when the config box
switched to a different panel, at least on GTK.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9591 cda61777-01e9-0310-a592-d414129be87e

Move the declaration of smemclr() out of putty.h into misc.h, because
one of its uses (in sshaes.c) wasn't picking up the former. Thanks to
Ubuntu's gcc for spotting that.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9590 cda61777-01e9-0310-a592-d414129be87e

Remove an unused variable.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9589 cda61777-01e9-0310-a592-d414129be87e

Introduce a new utility function smemclr(), which memsets things to
zero but does it in such a way that over-clever compilers hopefully
won't helpfully optimise the call away if you do it just before
freeing something or letting it go out of scope. Use this for
(hopefully) every memset whose job is to destroy sensitive data that
might otherwise be left lying around in the process's memory.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9586 cda61777-01e9-0310-a592-d414129be87e

Remove a bashism in mksrcarc.sh, without which bob builds fail on
Ubuntu (whose /bin/sh is not bash).

git-svn-id: svn://svn.tartarus.org/sgt/putty@9585 cda61777-01e9-0310-a592-d414129be87e

Add '-Wall -Werror' to the compile options in the autotools makefile,
having just noticed that Makefile.gtk had it and this one doesn't. (Of
course, this being autoconf, we can easily enough make it conditional
on the compiler actually being gcc.)

git-svn-id: svn://svn.tartarus.org/sgt/putty@9583 cda61777-01e9-0310-a592-d414129be87e

Rework the new type-check in sresize so that it doesn't cause a
compile warning ('left-hand operand of comma expression has no
effect'), which of course becomes fatal under -Werror.

(This would have been instantly noticeable to people compiling with
the old-fashioned Makefile.gtk, which does include -Wall -Werror, but
those of us using the new autoconf makefile hadn't noticed.)

git-svn-id: svn://svn.tartarus.org/sgt/putty@9582 cda61777-01e9-0310-a592-d414129be87e

Remove term_key, which was intended to handle function keys in a cross-
platform manner, but which nothing ever called. It thus served only to
trap up the unwary. The live function key handling code lives in the
frontends, i.e. window.c on Windows and gtkwin.c on Unix.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9579 cda61777-01e9-0310-a592-d414129be87e

If pterm's execvp fails when given the whole argument list after -e,
and the argument list contains only one string, try again by passing
that single string to "$SHELL -c" to be parsed as a shell command.
This matches xterm's behaviour (as of xterm 261, at least), and means
in practice that users can do _either_ of 'pterm -e some command' and
'pterm -e "some command"'.

(A quick survey suggests that the majority of X terminal programs agree
with pterm's old behaviour of only supporting '-e some command',
except that gnome-terminal only supports the other behaviour and xterm
supports both. With that disagreement, I think supporting both is
probably the sensible thing.)

git-svn-id: svn://svn.tartarus.org/sgt/putty@9575 cda61777-01e9-0310-a592-d414129be87e

Turns out that the compose-keys fix in r9567 did in fact break one
piece of keyboard handling: if Num Lock is on, numeric keypad keys are
eaten by the IM, so we must avoid passing them to the IM in the first
place if we're in any non-default numeric keypad mode (application or
Nethack).

This is a grubby way to do it, but the more obvious approach of just
moving the Nethack and app-keypad if statements up to above the IM
call doesn't work because those statements depend on the generic
Alt-prefix handling that happens just _below_ the IM call. So instead
I just repeat the list of keystrokes and modes in an if statement
conditionalising the IM call.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9573 cda61777-01e9-0310-a592-d414129be87e

Stop including <gtk/gtkcontainer.h> directly, since a user points out
that it'll be absent in GTK 3.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9571 cda61777-01e9-0310-a592-d414129be87e

John Hartnup reports that Apache SSHD's SFTP server responds to
FXP_READDIR on an empty directory by returning a zero-length list of
filenames, instead of the more common response of a list containing
just "." and "..". Stop PSFTP failing an assertion when that happens.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9569 cda61777-01e9-0310-a592-d414129be87e

Add the missing code to treat data coming from the input method as
keypresses for purposes of hiding the mouse pointer and resetting the
scrollback.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9568 cda61777-01e9-0310-a592-d414129be87e

Support for dead keys and compose sequences on Unix, by instantiating
a GtkIMMulticontext and having that filter most keypresses. I think
I've got this right so that it doesn't break any previous deliberate
keyboard-handling behaviour that's now _after_ the 'if (filter
keypress) return' statement.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9567 cda61777-01e9-0310-a592-d414129be87e

Introduce a third setting for the 'bold as colour' mode, which lets
you both brighten the colour _and_ bold the font at the same time.
(Fixes 'bold-font-colour' and Debian #193352.)

git-svn-id: svn://svn.tartarus.org/sgt/putty@9559 cda61777-01e9-0310-a592-d414129be87e

Add missing check for failure to agree a host key algorithm.

git-svn-id: svn://svn.tartarus.org/sgt/putty@9557 cda61777-01e9-0310-a592-d414129be87e