#include "network.h"
#include "misc.h"
+/*
+ * Fingerprints of the PGP master keys that can be used to establish a trust
+ * path between an executable and other files.
+ */
+#define PGP_RSA_MASTER_KEY_FP \
+ "8F 15 97 DA 25 30 AB 0D 88 D1 92 54 11 CF 0C 4C"
+#define PGP_DSA_MASTER_KEY_FP \
+ "313C 3E76 4B74 C2C5 F2AE 83A8 4F5E 6DF5 6A93 B34E"
+
/* Three attribute types:
* The ATTRs (normal attributes) are stored with the characters in
* the main display arrays
#define LATTR_TOP 0x00000002UL
#define LATTR_BOT 0x00000003UL
#define LATTR_MODE 0x00000003UL
-#define LATTR_WRAPPED 0x00000010UL
-#define LATTR_WRAPPED2 0x00000020UL
+#define LATTR_WRAPPED 0x00000010UL /* this line wraps to next */
+#define LATTR_WRAPPED2 0x00000020UL /* with WRAPPED: CJK wide character
+ wrapped to next line, so last
+ single-width cell is empty */
#define ATTR_INVALID 0x03FFFFU
#define LGTYP_ASCII 1 /* logmode: pure ascii */
#define LGTYP_DEBUG 2 /* logmode: all chars of traffic */
#define LGTYP_PACKETS 3 /* logmode: SSH data packets */
+#define LGTYP_SSHRAW 4 /* logmode: SSH raw data */
typedef enum {
/* Actual special commands. Originally Telnet, but some codes have
KEX_DHGROUP1,
KEX_DHGROUP14,
KEX_DHGEX,
+ KEX_RSA,
KEX_MAX
};
enum {
/*
- * SSH ciphers (both SSH1 and SSH2)
+ * SSH ciphers (both SSH-1 and SSH-2)
*/
CIPHER_WARN, /* pseudo 'cipher' */
CIPHER_3DES,
CIPHER_BLOWFISH,
- CIPHER_AES, /* (SSH 2 only) */
+ CIPHER_AES, /* (SSH-2 only) */
CIPHER_DES,
+ CIPHER_ARCFOUR,
CIPHER_MAX /* no. ciphers (inc warn) */
};
};
enum {
+ /* Actions on remote window title query */
+ TITLE_NONE, TITLE_EMPTY, TITLE_REAL
+};
+
+enum {
/* Protocol back ends. (cfg.protocol) */
- PROT_RAW, PROT_TELNET, PROT_RLOGIN, PROT_SSH
+ PROT_RAW, PROT_TELNET, PROT_RLOGIN, PROT_SSH,
+ /* PROT_SERIAL is supported on a subset of platforms, but it doesn't
+ * hurt to define it globally. */
+ PROT_SERIAL
};
enum {
};
enum {
+ FQ_DEFAULT, FQ_ANTIALIASED, FQ_NONANTIALIASED, FQ_CLEARTYPE
+};
+
+enum {
+ SER_PAR_NONE, SER_PAR_ODD, SER_PAR_EVEN, SER_PAR_MARK, SER_PAR_SPACE
+};
+
+enum {
+ SER_FLOW_NONE, SER_FLOW_XONXOFF, SER_FLOW_RTSCTS, SER_FLOW_DSRDTR
+};
+
+/*
+ * Tables of string <-> enum value mappings used in settings.c.
+ * Defined here so that backends can export their GSS library tables
+ * to the cross-platform settings code.
+ */
+struct keyval { char *s; int v; };
+
+#ifndef NO_GSSAPI
+extern const int ngsslibs;
+extern const char *const gsslibnames[];/* for displaying in configuration */
+extern const struct keyval gsslibkeywords[]; /* for storing by settings.c */
+#endif
+
+extern const char *const ttymodes[];
+
+enum {
/*
* Network address types. Used for specifying choice of IPv4/v6
* in config; also used in proxy.c to indicate whether a given
void (*size) (void *handle, int width, int height);
void (*special) (void *handle, Telnet_Special code);
const struct telnet_special *(*get_specials) (void *handle);
- Socket(*socket) (void *handle);
+ int (*connected) (void *handle);
int (*exitcode) (void *handle);
+ /* If back->sendok() returns FALSE, data sent to it from the frontend
+ * may be lost. */
int (*sendok) (void *handle);
int (*ldisc) (void *handle, int);
void (*provide_ldisc) (void *handle, void *ldisc);
*/
void (*unthrottle) (void *handle, int);
int (*cfg_info) (void *handle);
+ char *name;
+ int protocol;
int default_port;
};
-extern struct backend_list {
- int protocol;
- char *name;
- Backend *backend;
-} backends[];
+extern Backend *backends[];
/*
* Suggested default protocol provided by the backend link module.
int ping_interval; /* in seconds */
int tcp_nodelay;
int tcp_keepalives;
+ char loghost[512]; /* logical host being contacted, for host key check */
/* Proxy options */
char proxy_exclude_list[512];
int proxy_dns;
char proxy_telnet_command[512];
/* SSH options */
char remote_cmd[512];
- char remote_cmd2[512]; /* fallback if the first fails
- * (used internally for scp) */
char *remote_cmd_ptr; /* might point to a larger command
* but never for loading/saving */
char *remote_cmd_ptr2; /* might point to a larger command
int ssh_kexlist[KEX_MAX];
int ssh_rekey_time; /* in minutes */
char ssh_rekey_data[16];
+ int tryagent;
int agentfwd;
- int change_username; /* allow username switching in SSH2 */
+ int change_username; /* allow username switching in SSH-2 */
int ssh_cipherlist[CIPHER_MAX];
Filename keyfile;
int sshprot; /* use v1 or v2 when both available */
- int ssh2_des_cbc; /* "des-cbc" nonstandard SSH2 cipher */
+ int ssh2_des_cbc; /* "des-cbc" unrecommended SSH-2 cipher */
+ int ssh_no_userauth; /* bypass "ssh-userauth" (SSH-2 only) */
+ int ssh_show_banner; /* show USERAUTH_BANNERs (SSH-2 only) */
int try_tis_auth;
int try_ki_auth;
+ int try_gssapi_auth; /* attempt gssapi auth */
+ int gssapifwd; /* forward tgt via gss */
+ int ssh_gsslist[4]; /* preference order for local GSS libs */
+ Filename ssh_gss_custom;
int ssh_subsys; /* run a subsystem rather than a command */
- int ssh_subsys2; /* fallback to go with remote_cmd2 */
+ int ssh_subsys2; /* fallback to go with remote_cmd_ptr2 */
int ssh_no_shell; /* avoid running a shell */
+ char ssh_nc_host[512]; /* host to connect to in `nc' mode */
+ int ssh_nc_port; /* port to connect to in `nc' mode */
/* Telnet options */
char termtype[32];
char termspeed[32];
+ char ttymodes[768]; /* MODE\tVvalue\0MODE\tA\0\0 */
char environmt[1024]; /* VAR\tvalue\0VAR\tvalue\0\0 */
char username[100];
+ int username_from_env;
char localusername[100];
int rfc_environ;
int passive_telnet;
+ /* Serial port options */
+ char serline[256];
+ int serspeed;
+ int serdatabits, serstopbits;
+ int serparity;
+ int serflow;
/* Keyboard options */
int bksp_is_delete;
int rxvt_homeend;
int no_remote_wintitle; /* disable remote retitling */
int no_dbackspace; /* disable destructive backspace */
int no_remote_charset; /* disable remote charset config */
- int no_remote_qtitle; /* disable remote win title query */
+ int remote_qtitle_action; /* remote win title query action */
int app_cursor;
int app_keypad;
int nethack_keypad;
int win_name_always;
int width, height;
FontSpec font;
+ int font_quality;
Filename logfilename;
int logtype;
int logxfovr;
/* translations */
int vtmode;
char line_codepage[128];
+ int cjk_ambig_wide;
int utf8_override;
int xlat_capslockcyr;
/* X11 forwarding */
int x11_forward;
char x11_display[128];
int x11_auth;
+ Filename xauthfile;
/* port forwarding */
int lport_acceptall; /* accept conns from hosts other than localhost */
- int rport_acceptall; /* same for remote forwarded ports (SSH2 only) */
+ int rport_acceptall; /* same for remote forwarded ports (SSH-2 only) */
/*
* The port forwarding string contains a number of
* NUL-terminated substrings, terminated in turn by an empty
/* SSH bug compatibility modes */
int sshbug_ignore1, sshbug_plainpw1, sshbug_rsa1,
sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2,
- sshbug_pksessid2;
+ sshbug_pksessid2, sshbug_rekey2, sshbug_maxpkt2,
+ sshbug_ignore2;
+ /*
+ * ssh_simple means that we promise never to open any channel other
+ * than the main one, which means it can safely use a very large
+ * window in SSH-2.
+ */
+ int ssh_simple;
/* Options for pterm. Should split out into platform-dependent part. */
int stamp_utmp;
int login_shell;
FontSpec widefont;
FontSpec wideboldfont;
int shadowboldoffset;
+ int crhaslf;
};
/*
* This is set TRUE by cmdline.c iff a session is loaded with "-load".
*/
GLOBAL int loaded_session;
+/*
+ * This is set to the name of the loaded session.
+ */
+GLOBAL char *cmdline_session_name;
struct RSAKey; /* be a little careful of scope */
/*
- * Exports from window.c.
+ * Mechanism for getting text strings such as usernames and passwords
+ * from the front-end.
+ * The fields are mostly modelled after SSH's keyboard-interactive auth.
+ * FIXME We should probably mandate a character set/encoding (probably UTF-8).
+ *
+ * Since many of the pieces of text involved may be chosen by the server,
+ * the caller must take care to ensure that the server can't spoof locally-
+ * generated prompts such as key passphrase prompts. Some ground rules:
+ * - If the front-end needs to truncate a string, it should lop off the
+ * end.
+ * - The front-end should filter out any dangerous characters and
+ * generally not trust the strings. (But \n is required to behave
+ * vaguely sensibly, at least in `instruction', and ideally in
+ * `prompt[]' too.)
+ */
+typedef struct {
+ char *prompt;
+ int echo;
+ char *result; /* allocated/freed by caller */
+ size_t result_len;
+} prompt_t;
+typedef struct {
+ /*
+ * Indicates whether the information entered is to be used locally
+ * (for instance a key passphrase prompt), or is destined for the wire.
+ * This is a hint only; the front-end is at liberty not to use this
+ * information (so the caller should ensure that the supplied text is
+ * sufficient).
+ */
+ int to_server;
+ char *name; /* Short description, perhaps for dialog box title */
+ int name_reqd; /* Display of `name' required or optional? */
+ char *instruction; /* Long description, maybe with embedded newlines */
+ int instr_reqd; /* Display of `instruction' required or optional? */
+ size_t n_prompts; /* May be zero (in which case display the foregoing,
+ * if any, and return success) */
+ prompt_t **prompts;
+ void *frontend;
+ void *data; /* slot for housekeeping data, managed by
+ * get_userpass_input(); initially NULL */
+} prompts_t;
+prompts_t *new_prompts(void *frontend);
+void add_prompt(prompts_t *p, char *promptstr, int echo, size_t len);
+/* Burn the evidence. (Assumes _all_ strings want free()ing.) */
+void free_prompts(prompts_t *p);
+
+/*
+ * Exports from the front end.
*/
void request_resize(void *frontend, int, int);
void do_text(Context, int, int, wchar_t *, int, unsigned long, int);
void palette_set(void *frontend, int, int, int, int);
void palette_reset(void *frontend);
void write_aclip(void *frontend, char *, int, int);
-void write_clip(void *frontend, wchar_t *, int, int);
+void write_clip(void *frontend, wchar_t *, int *, int, int);
void get_clip(void *frontend, wchar_t **, int *);
void optimised_move(void *frontend, int, int, int);
void set_raw_mouse_mode(void *frontend, int);
#pragma noreturn(fatalbox)
#pragma noreturn(modalfatalbox)
#endif
-void beep(void *frontend, int);
+void do_beep(void *frontend, int);
void begin_session(void *frontend);
void sys_cursor(void *frontend, int x, int y);
void request_paste(void *frontend);
* shutdown. */
void update_specials_menu(void *frontend);
int from_backend(void *frontend, int is_stderr, const char *data, int len);
+int from_backend_untrusted(void *frontend, const char *data, int len);
void notify_remote_exit(void *frontend);
+/* Get a sensible value for a tty mode. NULL return = don't set.
+ * Otherwise, returned value should be freed by caller. */
+char *get_ttymode(void *frontend, const char *mode);
+/*
+ * >0 = `got all results, carry on'
+ * 0 = `user cancelled' (FIXME distinguish "give up entirely" and "next auth"?)
+ * <0 = `please call back later with more in/inlen'
+ */
+int get_userpass_input(prompts_t *p, unsigned char *in, int inlen);
#define OPTIMISE_IS_SCROLL 1
void set_iconic(void *frontend, int iconic);
void get_window_pos(void *frontend, int *x, int *y);
void get_window_pixels(void *frontend, int *x, int *y);
char *get_window_title(void *frontend, int icon);
+/* Hint from backend to frontend about time-consuming operations.
+ * Initial state is assumed to be BUSY_NOT. */
+enum {
+ BUSY_NOT, /* Not busy, all user interaction OK */
+ BUSY_WAITING, /* Waiting for something; local event loops still running
+ so some local interaction (e.g. menus) OK, but network
+ stuff is suspended */
+ BUSY_CPU /* Locally busy (e.g. crypto); user interaction suspended */
+};
+void set_busy_status(void *frontend, int status);
void cleanup_exit(int);
/*
* Exports from settings.c.
*/
-char *save_settings(char *section, int do_host, Config * cfg);
-void save_open_settings(void *sesskey, int do_host, Config *cfg);
-void load_settings(char *section, int do_host, Config * cfg);
-void load_open_settings(void *sesskey, int do_host, Config *cfg);
+Backend *backend_from_name(const char *name);
+Backend *backend_from_proto(int proto);
+int get_remote_username(Config *cfg, char *user, size_t len);
+char *save_settings(char *section, Config * cfg);
+void save_open_settings(void *sesskey, Config *cfg);
+void load_settings(char *section, Config * cfg);
+void load_open_settings(void *sesskey, Config *cfg);
void get_sesslist(struct sesslist *, int allocate);
void do_defaults(char *, Config *);
void registry_cleanup(void);
void term_size(Terminal *, int, int, int);
void term_paint(Terminal *, Context, int, int, int, int, int);
void term_scroll(Terminal *, int, int);
-void term_pwron(Terminal *);
+void term_scroll_to_selection(Terminal *, int);
+void term_pwron(Terminal *, int);
void term_clrsb(Terminal *);
void term_mouse(Terminal *, Mouse_Button, Mouse_Button, Mouse_Action,
int,int,int,int,int);
void term_reconfig(Terminal *, Config *);
void term_seen_key_event(Terminal *);
int term_data(Terminal *, int is_stderr, const char *data, int len);
+int term_data_untrusted(Terminal *, const char *data, int len);
void term_provide_resize_fn(Terminal *term,
void (*resize_fn)(void *, int, int),
void *resize_ctx);
void term_provide_logctx(Terminal *term, void *logctx);
void term_set_focus(Terminal *term, int has_focus);
+char *term_get_ttymode(Terminal *term, const char *mode);
+int term_get_userpass_input(Terminal *term, prompts_t *p,
+ unsigned char *in, int inlen);
+
+int format_arrow_key(char *buf, Terminal *term, int xkey, int ctrl);
/*
* Exports from logging.c.
int type;
};
void log_packet(void *logctx, int direction, int type,
- char *texttype, void *data, int len,
- int n_blanks, const struct logblank_t *blanks);
+ char *texttype, const void *data, int len,
+ int n_blanks, const struct logblank_t *blanks,
+ const unsigned long *sequence);
/*
* Exports from testback.c
extern Backend telnet_backend;
/*
- * Exports from ssh.c. (NB the getline variables have to be GLOBAL
- * so that PuTTYtel will still compile - otherwise it would depend
- * on ssh.c.)
+ * Exports from ssh.c.
*/
-
-GLOBAL int (*ssh_get_line) (const char *prompt, char *str, int maxlen,
- int is_pw);
-GLOBAL int ssh_getline_pw_only;
extern Backend ssh_backend;
/*
*/
#include "misc.h"
+int cfg_launchable(const Config *cfg);
+char const *cfg_dest(const Config *cfg);
+
+/*
+ * Exports from sercfg.c.
+ */
+void ser_setup_config_box(struct controlbox *b, int midsession,
+ int parity_mask, int flow_mask);
/*
* Exports from version.c.
/*
* Exports from wcwidth.c
*/
-int wcwidth(wchar_t ucs);
-int wcswidth(const wchar_t *pwcs, size_t n);
+int mk_wcwidth(wchar_t ucs);
+int mk_wcswidth(const wchar_t *pwcs, size_t n);
+int mk_wcwidth_cjk(wchar_t ucs);
+int mk_wcswidth_cjk(const wchar_t *pwcs, size_t n);
/*
* Exports from mscrypto.c
int wc_unescape(char *output, const char *wildcard);
/*
- * Exports from windlg.c
+ * Exports from frontend (windlg.c etc)
*/
void logevent(void *frontend, const char *);
-void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
- char *keystr, char *fingerprint);
-void askalg(void *frontend, const char *algtype, const char *algname);
-int askappend(void *frontend, Filename filename);
+void pgp_fingerprints(void);
+/*
+ * verify_ssh_host_key() can return one of three values:
+ *
+ * - +1 means `key was OK' (either already known or the user just
+ * approved it) `so continue with the connection'
+ *
+ * - 0 means `key was not OK, abandon the connection'
+ *
+ * - -1 means `I've initiated enquiries, please wait to be called
+ * back via the provided function with a result that's either 0
+ * or +1'.
+ */
+int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
+ char *keystr, char *fingerprint,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askalg has the same set of return values as verify_ssh_host_key.
+ */
+int askalg(void *frontend, const char *algtype, const char *algname,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askappend can return four values:
+ *
+ * - 2 means overwrite the log file
+ * - 1 means append to the log file
+ * - 0 means cancel logging for this session
+ * - -1 means please wait.
+ */
+int askappend(void *frontend, Filename filename,
+ void (*callback)(void *ctx, int result), void *ctx);
/*
- * Exports from console.c (that aren't equivalents to things in
- * windlg.c).
+ * Exports from console frontends (wincons.c, uxcons.c)
+ * that aren't equivalents to things in windlg.c et al.
*/
extern int console_batch_mode;
-int console_get_line(const char *prompt, char *str, int maxlen, int is_pw);
+int console_get_userpass_input(prompts_t *p, unsigned char *in, int inlen);
void console_provide_logctx(void *logctx);
int is_interactive(void);
int cmdline_process_param(char *, char *, int, Config *);
void cmdline_run_saved(Config *);
void cmdline_cleanup(void);
-extern char *cmdline_password;
+int cmdline_get_passwd_input(prompts_t *p, unsigned char *in, int inlen);
#define TOOLTYPE_FILETRANSFER 1
#define TOOLTYPE_NONNETWORK 2
extern int cmdline_tooltype;
* Exports from config.c.
*/
struct controlbox;
-void setup_config_box(struct controlbox *b, struct sesslist *sesslist,
- int midsession, int protocol, int protcfginfo);
+void setup_config_box(struct controlbox *b, int midsession,
+ int protocol, int protcfginfo);
/*
* Exports from minibidi.c.
} bidi_char;
int do_bidi(bidi_char *line, int count);
int do_shape(bidi_char *line, bidi_char *to, int count);
+int is_rtl(int c);
/*
* X11 auth mechanisms we know about.
* notifies the front end that a new timer has been added to the
* list which is sooner than any existing ones. It provides the
* time when that timer needs to go off.
+ *
+ * *** FRONT END IMPLEMENTORS NOTE:
+ *
+ * There's an important subtlety in the front-end implementation of
+ * the timer interface. When a front end is given a `next' value,
+ * either returned from run_timers() or via timer_change_notify(),
+ * it should ensure that it really passes _that value_ as the `now'
+ * parameter to its next run_timers call. It should _not_ simply
+ * call GETTICKCOUNT() to get the `now' parameter when invoking
+ * run_timers().
+ *
+ * The reason for this is that an OS's system clock might not agree
+ * exactly with the timing mechanisms it supplies to wait for a
+ * given interval. I'll illustrate this by the simple example of
+ * Unix Plink, which uses timeouts to select() in a way which for
+ * these purposes can simply be considered to be a wait() function.
+ * Suppose, for the sake of argument, that this wait() function
+ * tends to return early by 1%. Then a possible sequence of actions
+ * is:
+ *
+ * - run_timers() tells the front end that the next timer firing
+ * is 10000ms from now.
+ * - Front end calls wait(10000ms), but according to
+ * GETTICKCOUNT() it has only waited for 9900ms.
+ * - Front end calls run_timers() again, passing time T-100ms as
+ * `now'.
+ * - run_timers() does nothing, and says the next timer firing is
+ * still 100ms from now.
+ * - Front end calls wait(100ms), which only waits for 99ms.
+ * - Front end calls run_timers() yet again, passing time T-1ms.
+ * - run_timers() says there's still 1ms to wait.
+ * - Front end calls wait(1ms).
+ *
+ * If you're _lucky_ at this point, wait(1ms) will actually wait
+ * for 1ms and you'll only have woken the program up three times.
+ * If you're unlucky, wait(1ms) might do nothing at all due to
+ * being below some minimum threshold, and you might find your
+ * program spends the whole of the last millisecond tight-looping
+ * between wait() and run_timers().
+ *
+ * Instead, what you should do is to _save_ the precise `next'
+ * value provided by run_timers() or via timer_change_notify(), and
+ * use that precise value as the input to the next run_timers()
+ * call. So:
+ *
+ * - run_timers() tells the front end that the next timer firing
+ * is at time T, 10000ms from now.
+ * - Front end calls wait(10000ms).
+ * - Front end then immediately calls run_timers() and passes it
+ * time T, without stopping to check GETTICKCOUNT() at all.
+ *
+ * This guarantees that the program wakes up only as many times as
+ * there are actual timer actions to be taken, and that the timing
+ * mechanism will never send it into a tight loop.
+ *
+ * (It does also mean that the timer action in the above example
+ * will occur 100ms early, but this is not generally critical. And
+ * the hypothetical 1% error in wait() will be partially corrected
+ * for anyway when, _after_ run_timers() returns, you call
+ * GETTICKCOUNT() and compare the result with the returned `next'
+ * value to find out how long you have to make your next wait().)
*/
typedef void (*timer_fn_t)(void *ctx, long now);
long schedule_timer(int ticks, timer_fn_t fn, void *ctx);
int run_timers(long now, long *next);
void timer_change_notify(long next);
+/*
+ * Define no-op macros for the jump list functions, on platforms that
+ * don't support them. (This is a bit of a hack, and it'd be nicer to
+ * localise even the calls to those functions into the Windows front
+ * end, but it'll do for the moment.)
+ */
+#ifndef JUMPLIST_SUPPORTED
+#define add_session_to_jumplist(x) ((void)0)
+#define remove_session_from_jumplist(x) ((void)0)
+#endif
+
#endif