#include "network.h"
#include "misc.h"
+/*
+ * Fingerprints of the PGP master keys that can be used to establish a trust
+ * path between an executable and other files.
+ */
+#define PGP_RSA_MASTER_KEY_FP \
+ "8F 15 97 DA 25 30 AB 0D 88 D1 92 54 11 CF 0C 4C"
+#define PGP_DSA_MASTER_KEY_FP \
+ "313C 3E76 4B74 C2C5 F2AE 83A8 4F5E 6DF5 6A93 B34E"
+
/* Three attribute types:
* The ATTRs (normal attributes) are stored with the characters in
* the main display arrays
*
* The LATTRs (line attributes) are an entirely disjoint space of
* flags.
+ *
+ * The DATTRs (display attributes) are internal to terminal.c (but
+ * defined here because their values have to match the others
+ * here); they reuse the TATTR_* space but are always masked off
+ * before sending to the front end.
*
* ATTR_INVALID is an illegal colour combination.
*/
#define TATTR_RIGHTCURS 0x10000000UL /* cursor-on-RHS */
#define TATTR_COMBINING 0x80000000UL /* combining characters */
+#define DATTR_STARTRUN 0x80000000UL /* start of redraw run */
+
+#define TDATTR_MASK 0xF0000000UL
+#define TATTR_MASK (TDATTR_MASK)
+#define DATTR_MASK (TDATTR_MASK)
+
#define LATTR_NORM 0x00000000UL
#define LATTR_WIDE 0x00000001UL
#define LATTR_TOP 0x00000002UL
#define LATTR_BOT 0x00000003UL
#define LATTR_MODE 0x00000003UL
-#define LATTR_WRAPPED 0x00000010UL
-#define LATTR_WRAPPED2 0x00000020UL
+#define LATTR_WRAPPED 0x00000010UL /* this line wraps to next */
+#define LATTR_WRAPPED2 0x00000020UL /* with WRAPPED: CJK wide character
+ wrapped to next line, so last
+ single-width cell is empty */
-#define ATTR_INVALID 0x03FFU
+#define ATTR_INVALID 0x03FFFFU
/* Like Linux use the F000 page for direct to font. */
#define CSET_OEMCP 0x0000F000UL /* OEM Codepage DTF */
*/
#define UCSWIDE 0xDFFF
-#define ATTR_NARROW 0x8000U
-#define ATTR_WIDE 0x4000U
-#define ATTR_BOLD 0x0400U
-#define ATTR_UNDER 0x0800U
-#define ATTR_REVERSE 0x1000U
-#define ATTR_BLINK 0x2000U
-#define ATTR_FGMASK 0x001FU
-#define ATTR_BGMASK 0x03E0U
-#define ATTR_COLOURS 0x03FFU
+#define ATTR_NARROW 0x800000U
+#define ATTR_WIDE 0x400000U
+#define ATTR_BOLD 0x040000U
+#define ATTR_UNDER 0x080000U
+#define ATTR_REVERSE 0x100000U
+#define ATTR_BLINK 0x200000U
+#define ATTR_FGMASK 0x0001FFU
+#define ATTR_BGMASK 0x03FE00U
+#define ATTR_COLOURS 0x03FFFFU
#define ATTR_FGSHIFT 0
-#define ATTR_BGSHIFT 5
+#define ATTR_BGSHIFT 9
-#define ATTR_DEFAULT 0x0128U /* bg 9, fg 8 */
-#define ATTR_DEFFG 0x0008U
-#define ATTR_DEFBG 0x0120U
+/*
+ * The definitive list of colour numbers stored in terminal
+ * attribute words is kept here. It is:
+ *
+ * - 0-7 are ANSI colours (KRGYBMCW).
+ * - 8-15 are the bold versions of those colours.
+ * - 16-255 are the remains of the xterm 256-colour mode (a
+ * 216-colour cube with R at most significant and B at least,
+ * followed by a uniform series of grey shades running between
+ * black and white but not including either on grounds of
+ * redundancy).
+ * - 256 is default foreground
+ * - 257 is default bold foreground
+ * - 258 is default background
+ * - 259 is default bold background
+ * - 260 is cursor foreground
+ * - 261 is cursor background
+ */
-#define ATTR_CUR_AND (~(ATTR_BOLD|ATTR_REVERSE|ATTR_BLINK|ATTR_COLOURS))
-#define ATTR_CUR_XOR 0x016AU
+#define ATTR_DEFFG (256 << ATTR_FGSHIFT)
+#define ATTR_DEFBG (258 << ATTR_BGSHIFT)
+#define ATTR_DEFAULT (ATTR_DEFFG | ATTR_DEFBG)
struct sesslist {
int nsessions;
#define LGTYP_ASCII 1 /* logmode: pure ascii */
#define LGTYP_DEBUG 2 /* logmode: all chars of traffic */
#define LGTYP_PACKETS 3 /* logmode: SSH data packets */
+#define LGTYP_SSHRAW 4 /* logmode: SSH raw data */
typedef enum {
/* Actual special commands. Originally Telnet, but some codes have
enum {
/*
- * SSH ciphers (both SSH1 and SSH2)
+ * SSH-2 key exchange algorithms
+ */
+ KEX_WARN,
+ KEX_DHGROUP1,
+ KEX_DHGROUP14,
+ KEX_DHGEX,
+ KEX_MAX
+};
+
+enum {
+ /*
+ * SSH ciphers (both SSH-1 and SSH-2)
*/
CIPHER_WARN, /* pseudo 'cipher' */
CIPHER_3DES,
CIPHER_BLOWFISH,
- CIPHER_AES, /* (SSH 2 only) */
+ CIPHER_AES, /* (SSH-2 only) */
CIPHER_DES,
+ CIPHER_ARCFOUR,
CIPHER_MAX /* no. ciphers (inc warn) */
};
enum {
/* Protocol back ends. (cfg.protocol) */
- PROT_RAW, PROT_TELNET, PROT_RLOGIN, PROT_SSH
+ PROT_RAW, PROT_TELNET, PROT_RLOGIN, PROT_SSH,
+ /* PROT_SERIAL is supported on a subset of platforms, but it doesn't
+ * hurt to define it globally. */
+ PROT_SERIAL
};
enum {
FUNKY_SCO
};
+enum {
+ FQ_DEFAULT, FQ_ANTIALIASED, FQ_NONANTIALIASED, FQ_CLEARTYPE
+};
+
+enum {
+ SER_PAR_NONE, SER_PAR_ODD, SER_PAR_EVEN, SER_PAR_MARK, SER_PAR_SPACE
+};
+
+enum {
+ SER_FLOW_NONE, SER_FLOW_XONXOFF, SER_FLOW_RTSCTS, SER_FLOW_DSRDTR
+};
+
+extern const char *const ttymodes[];
+
+enum {
+ /*
+ * Network address types. Used for specifying choice of IPv4/v6
+ * in config; also used in proxy.c to indicate whether a given
+ * host name has already been resolved or will be resolved at
+ * the proxy end.
+ */
+ ADDRTYPE_UNSPEC, ADDRTYPE_IPV4, ADDRTYPE_IPV6, ADDRTYPE_NAME
+};
+
struct backend_tag {
const char *(*init) (void *frontend_handle, void **backend_handle,
Config *cfg,
void (*size) (void *handle, int width, int height);
void (*special) (void *handle, Telnet_Special code);
const struct telnet_special *(*get_specials) (void *handle);
- Socket(*socket) (void *handle);
+ int (*connected) (void *handle);
int (*exitcode) (void *handle);
+ /* If back->sendok() returns FALSE, data sent to it from the frontend
+ * may be lost. */
int (*sendok) (void *handle);
int (*ldisc) (void *handle, int);
void (*provide_ldisc) (void *handle, void *ldisc);
* buffer is clearing.
*/
void (*unthrottle) (void *handle, int);
+ int (*cfg_info) (void *handle);
int default_port;
};
char host[512];
int port;
int protocol;
+ int addressfamily;
int close_on_exit;
int warn_on_close;
int ping_interval; /* in seconds */
* but never for loading/saving */
int nopty;
int compression;
+ int ssh_kexlist[KEX_MAX];
+ int ssh_rekey_time; /* in minutes */
+ char ssh_rekey_data[16];
+ int tryagent;
int agentfwd;
- int change_username; /* allow username switching in SSH2 */
+ int change_username; /* allow username switching in SSH-2 */
int ssh_cipherlist[CIPHER_MAX];
Filename keyfile;
int sshprot; /* use v1 or v2 when both available */
- int ssh2_des_cbc; /* "des-cbc" nonstandard SSH2 cipher */
+ int ssh2_des_cbc; /* "des-cbc" unrecommended SSH-2 cipher */
+ int ssh_no_userauth; /* bypass "ssh-userauth" (SSH-2 only) */
int try_tis_auth;
int try_ki_auth;
int ssh_subsys; /* run a subsystem rather than a command */
int ssh_subsys2; /* fallback to go with remote_cmd2 */
int ssh_no_shell; /* avoid running a shell */
+ char ssh_nc_host[512]; /* host to connect to in `nc' mode */
+ int ssh_nc_port; /* port to connect to in `nc' mode */
/* Telnet options */
char termtype[32];
char termspeed[32];
+ char ttymodes[768]; /* MODE\tVvalue\0MODE\tA\0\0 */
char environmt[1024]; /* VAR\tvalue\0VAR\tvalue\0\0 */
char username[100];
char localusername[100];
int rfc_environ;
int passive_telnet;
+ /* Serial port options */
+ char serline[256];
+ int serspeed;
+ int serdatabits, serstopbits;
+ int serparity;
+ int serflow;
/* Keyboard options */
int bksp_is_delete;
int rxvt_homeend;
int win_name_always;
int width, height;
FontSpec font;
+ int font_quality;
Filename logfilename;
int logtype;
int logxfovr;
+ int logflush;
int logomitpass;
int logomitdata;
int hide_mouseptr;
int bidi;
/* Colour options */
int ansi_colour;
+ int xterm_256_colour;
int system_colour;
int try_palette;
int bold_colour;
/* translations */
int vtmode;
char line_codepage[128];
+ int cjk_ambig_wide;
int utf8_override;
int xlat_capslockcyr;
/* X11 forwarding */
int x11_auth;
/* port forwarding */
int lport_acceptall; /* accept conns from hosts other than localhost */
- int rport_acceptall; /* same for remote forwarded ports (SSH2 only) */
+ int rport_acceptall; /* same for remote forwarded ports (SSH-2 only) */
/*
* The port forwarding string contains a number of
* NUL-terminated substrings, terminated in turn by an empty
/* SSH bug compatibility modes */
int sshbug_ignore1, sshbug_plainpw1, sshbug_rsa1,
sshbug_hmac2, sshbug_derivekey2, sshbug_rsapad2,
- sshbug_dhgex2, sshbug_pksessid2;
+ sshbug_pksessid2, sshbug_rekey2;
/* Options for pterm. Should split out into platform-dependent part. */
int stamp_utmp;
int login_shell;
struct RSAKey; /* be a little careful of scope */
/*
- * Exports from window.c.
+ * Mechanism for getting text strings such as usernames and passwords
+ * from the front-end.
+ * The fields are mostly modelled after SSH's keyboard-interactive auth.
+ * FIXME We should probably mandate a character set/encoding (probably UTF-8).
+ *
+ * Since many of the pieces of text involved may be chosen by the server,
+ * the caller must take care to ensure that the server can't spoof locally-
+ * generated prompts such as key passphrase prompts. Some ground rules:
+ * - If the front-end needs to truncate a string, it should lop off the
+ * end.
+ * - The front-end should filter out any dangerous characters and
+ * generally not trust the strings. (But \n is required to behave
+ * vaguely sensibly, at least in `instruction', and ideally in
+ * `prompt[]' too.)
+ */
+typedef struct {
+ char *prompt;
+ int echo;
+ char *result; /* allocated/freed by caller */
+ size_t result_len;
+} prompt_t;
+typedef struct {
+ /*
+ * Indicates whether the information entered is to be used locally
+ * (for instance a key passphrase prompt), or is destined for the wire.
+ * This is a hint only; the front-end is at liberty not to use this
+ * information (so the caller should ensure that the supplied text is
+ * sufficient).
+ */
+ int to_server;
+ char *name; /* Short description, perhaps for dialog box title */
+ int name_reqd; /* Display of `name' required or optional? */
+ char *instruction; /* Long description, maybe with embedded newlines */
+ int instr_reqd; /* Display of `instruction' required or optional? */
+ size_t n_prompts;
+ prompt_t **prompts;
+ void *frontend;
+ void *data; /* slot for housekeeping data, managed by
+ * get_userpass_input(); initially NULL */
+} prompts_t;
+prompts_t *new_prompts(void *frontend);
+void add_prompt(prompts_t *p, char *promptstr, int echo, size_t len);
+/* Burn the evidence. (Assumes _all_ strings want free()ing.) */
+void free_prompts(prompts_t *p);
+
+/*
+ * Exports from the front end.
*/
void request_resize(void *frontend, int, int);
void do_text(Context, int, int, wchar_t *, int, unsigned long, int);
void palette_set(void *frontend, int, int, int, int);
void palette_reset(void *frontend);
void write_aclip(void *frontend, char *, int, int);
-void write_clip(void *frontend, wchar_t *, int, int);
+void write_clip(void *frontend, wchar_t *, int *, int, int);
void get_clip(void *frontend, wchar_t **, int *);
void optimised_move(void *frontend, int, int, int);
void set_raw_mouse_mode(void *frontend, int);
#pragma noreturn(fatalbox)
#pragma noreturn(modalfatalbox)
#endif
-void beep(void *frontend, int);
+void do_beep(void *frontend, int);
void begin_session(void *frontend);
void sys_cursor(void *frontend, int x, int y);
void request_paste(void *frontend);
* shutdown. */
void update_specials_menu(void *frontend);
int from_backend(void *frontend, int is_stderr, const char *data, int len);
+int from_backend_untrusted(void *frontend, const char *data, int len);
void notify_remote_exit(void *frontend);
+/* Get a sensible value for a tty mode. NULL return = don't set.
+ * Otherwise, returned value should be freed by caller. */
+char *get_ttymode(void *frontend, const char *mode);
+/*
+ * >0 = `got all results, carry on'
+ * 0 = `user cancelled' (FIXME distinguish "give up entirely" and "next auth"?)
+ * <0 = `please call back later with more in/inlen'
+ */
+int get_userpass_input(prompts_t *p, unsigned char *in, int inlen);
#define OPTIMISE_IS_SCROLL 1
void set_iconic(void *frontend, int iconic);
void get_window_pos(void *frontend, int *x, int *y);
void get_window_pixels(void *frontend, int *x, int *y);
char *get_window_title(void *frontend, int icon);
+/* Hint from backend to frontend about time-consuming operations.
+ * Initial state is assumed to be BUSY_NOT. */
+enum {
+ BUSY_NOT, /* Not busy, all user interaction OK */
+ BUSY_WAITING, /* Waiting for something; local event loops still running
+ so some local interaction (e.g. menus) OK, but network
+ stuff is suspended */
+ BUSY_CPU /* Locally busy (e.g. crypto); user interaction suspended */
+};
+void set_busy_status(void *frontend, int status);
void cleanup_exit(int);
void term_size(Terminal *, int, int, int);
void term_paint(Terminal *, Context, int, int, int, int, int);
void term_scroll(Terminal *, int, int);
-void term_pwron(Terminal *);
+void term_pwron(Terminal *, int);
void term_clrsb(Terminal *);
void term_mouse(Terminal *, Mouse_Button, Mouse_Button, Mouse_Action,
int,int,int,int,int);
void term_reconfig(Terminal *, Config *);
void term_seen_key_event(Terminal *);
int term_data(Terminal *, int is_stderr, const char *data, int len);
+int term_data_untrusted(Terminal *, const char *data, int len);
void term_provide_resize_fn(Terminal *term,
void (*resize_fn)(void *, int, int),
void *resize_ctx);
void term_provide_logctx(Terminal *term, void *logctx);
void term_set_focus(Terminal *term, int has_focus);
+char *term_get_ttymode(Terminal *term, const char *mode);
+int term_get_userpass_input(Terminal *term, prompts_t *p,
+ unsigned char *in, int inlen);
/*
* Exports from logging.c.
extern Backend telnet_backend;
/*
- * Exports from ssh.c. (NB the getline variables have to be GLOBAL
- * so that PuTTYtel will still compile - otherwise it would depend
- * on ssh.c.)
+ * Exports from ssh.c.
*/
-
-GLOBAL int (*ssh_get_line) (const char *prompt, char *str, int maxlen,
- int is_pw);
-GLOBAL int ssh_getline_pw_only;
extern Backend ssh_backend;
/*
*/
void random_add_noise(void *noise, int length);
-void random_init(void);
int random_byte(void);
void random_get_savedata(void **data, int *len);
extern int random_active;
+/* The random number subsystem is activated if at least one other entity
+ * within the program expresses an interest in it. So each SSH session
+ * calls random_ref on startup and random_unref on shutdown. */
+void random_ref(void);
+void random_unref(void);
/*
* Exports from pinger.c.
*/
#include "misc.h"
+int cfg_launchable(const Config *cfg);
+char const *cfg_dest(const Config *cfg);
+
+/*
+ * Exports from sercfg.c.
+ */
+void ser_setup_config_box(struct controlbox *b, int midsession,
+ int parity_mask, int flow_mask);
/*
* Exports from version.c.
/*
* Exports from wcwidth.c
*/
-int wcwidth(wchar_t ucs);
-int wcswidth(const wchar_t *pwcs, size_t n);
+int mk_wcwidth(wchar_t ucs);
+int mk_wcswidth(const wchar_t *pwcs, size_t n);
+int mk_wcwidth_cjk(wchar_t ucs);
+int mk_wcswidth_cjk(const wchar_t *pwcs, size_t n);
/*
* Exports from mscrypto.c
int wc_unescape(char *output, const char *wildcard);
/*
- * Exports from windlg.c
+ * Exports from frontend (windlg.c etc)
*/
void logevent(void *frontend, const char *);
-void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
- char *keystr, char *fingerprint);
-void askcipher(void *frontend, char *ciphername, int cs);
-int askappend(void *frontend, Filename filename);
+void pgp_fingerprints(void);
+/*
+ * verify_ssh_host_key() can return one of three values:
+ *
+ * - +1 means `key was OK' (either already known or the user just
+ * approved it) `so continue with the connection'
+ *
+ * - 0 means `key was not OK, abandon the connection'
+ *
+ * - -1 means `I've initiated enquiries, please wait to be called
+ * back via the provided function with a result that's either 0
+ * or +1'.
+ */
+int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
+ char *keystr, char *fingerprint,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askalg has the same set of return values as verify_ssh_host_key.
+ */
+int askalg(void *frontend, const char *algtype, const char *algname,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askappend can return four values:
+ *
+ * - 2 means overwrite the log file
+ * - 1 means append to the log file
+ * - 0 means cancel logging for this session
+ * - -1 means please wait.
+ */
+int askappend(void *frontend, Filename filename,
+ void (*callback)(void *ctx, int result), void *ctx);
/*
- * Exports from console.c (that aren't equivalents to things in
- * windlg.c).
+ * Exports from console frontends (wincons.c, uxcons.c)
+ * that aren't equivalents to things in windlg.c et al.
*/
extern int console_batch_mode;
-int console_get_line(const char *prompt, char *str, int maxlen, int is_pw);
+int console_get_userpass_input(prompts_t *p, unsigned char *in, int inlen);
void console_provide_logctx(void *logctx);
int is_interactive(void);
int cmdline_process_param(char *, char *, int, Config *);
void cmdline_run_saved(Config *);
void cmdline_cleanup(void);
-extern char *cmdline_password;
+int cmdline_get_passwd_input(prompts_t *p, unsigned char *in, int inlen);
#define TOOLTYPE_FILETRANSFER 1
#define TOOLTYPE_NONNETWORK 2
extern int cmdline_tooltype;
* Exports from config.c.
*/
struct controlbox;
-void setup_config_box(struct controlbox *b, struct sesslist *sesslist,
- int midsession, int protocol);
+void setup_config_box(struct controlbox *b, int midsession,
+ int protocol, int protcfginfo);
/*
* Exports from minibidi.c.
* notifies the front end that a new timer has been added to the
* list which is sooner than any existing ones. It provides the
* time when that timer needs to go off.
+ *
+ * *** FRONT END IMPLEMENTORS NOTE:
+ *
+ * There's an important subtlety in the front-end implementation of
+ * the timer interface. When a front end is given a `next' value,
+ * either returned from run_timers() or via timer_change_notify(),
+ * it should ensure that it really passes _that value_ as the `now'
+ * parameter to its next run_timers call. It should _not_ simply
+ * call GETTICKCOUNT() to get the `now' parameter when invoking
+ * run_timers().
+ *
+ * The reason for this is that an OS's system clock might not agree
+ * exactly with the timing mechanisms it supplies to wait for a
+ * given interval. I'll illustrate this by the simple example of
+ * Unix Plink, which uses timeouts to select() in a way which for
+ * these purposes can simply be considered to be a wait() function.
+ * Suppose, for the sake of argument, that this wait() function
+ * tends to return early by 1%. Then a possible sequence of actions
+ * is:
+ *
+ * - run_timers() tells the front end that the next timer firing
+ * is 10000ms from now.
+ * - Front end calls wait(10000ms), but according to
+ * GETTICKCOUNT() it has only waited for 9900ms.
+ * - Front end calls run_timers() again, passing time T-100ms as
+ * `now'.
+ * - run_timers() does nothing, and says the next timer firing is
+ * still 100ms from now.
+ * - Front end calls wait(100ms), which only waits for 99ms.
+ * - Front end calls run_timers() yet again, passing time T-1ms.
+ * - run_timers() says there's still 1ms to wait.
+ * - Front end calls wait(1ms).
+ *
+ * If you're _lucky_ at this point, wait(1ms) will actually wait
+ * for 1ms and you'll only have woken the program up three times.
+ * If you're unlucky, wait(1ms) might do nothing at all due to
+ * being below some minimum threshold, and you might find your
+ * program spends the whole of the last millisecond tight-looping
+ * between wait() and run_timers().
+ *
+ * Instead, what you should do is to _save_ the precise `next'
+ * value provided by run_timers() or via timer_change_notify(), and
+ * use that precise value as the input to the next run_timers()
+ * call. So:
+ *
+ * - run_timers() tells the front end that the next timer firing
+ * is at time T, 10000ms from now.
+ * - Front end calls wait(10000ms).
+ * - Front end then immediately calls run_timers() and passes it
+ * time T, without stopping to check GETTICKCOUNT() at all.
+ *
+ * This guarantees that the program wakes up only as many times as
+ * there are actual timer actions to be taken, and that the timing
+ * mechanism will never send it into a tight loop.
+ *
+ * (It does also mean that the timer action in the above example
+ * will occur 100ms early, but this is not generally critical. And
+ * the hypothetical 1% error in wait() will be partially corrected
+ * for anyway when, _after_ run_timers() returns, you call
+ * GETTICKCOUNT() and compare the result with the returned `next'
+ * value to find out how long you have to make your next wait().)
*/
typedef void (*timer_fn_t)(void *ctx, long now);
long schedule_timer(int ticks, timer_fn_t fn, void *ctx);