Merge branch 'thirdparty_dev' into dev

Conflicts:
	source/putty/WINDOWS/winpgntc.c
	source/putty/misc.h

No real conflict

Source commit: 0e27b518b61d2c5035661c0c286b80ca24d9ba8d

source/putty/cproxy.c

@@ -173,7 +173,8 @@ int proxy_socks5_selectchap(Proxy_Socket p)
 	chapbuf[5] = '\x02'; /* Second attribute - username */
 
 	ulen = strlen(username);
-	if (ulen > 255) ulen = 255; if (ulen < 1) ulen = 1;
+	if (ulen > 255) ulen = 255;
+	if (ulen < 1) ulen = 1;
 
 	chapbuf[6] = ulen;
 	memcpy(chapbuf+7, username, ulen);

source/putty/misc.h

@@ -190,4 +190,9 @@ void debug_memdump(const void *buf, int len, int L);
   (cp)[0] = (unsigned char)((value) >> 8), \
   (cp)[1] = (unsigned char)(value) )
 
+/* Replace NULL with the empty string, permitting an idiom in which we
+ * get a string (pointer,length) pair that might be NULL,0 and can
+ * then safely say things like printf("%.*s", length, NULLTOEMPTY(ptr)) */
+#define NULLTOEMPTY(s) ((s)?(s):"")
+
 #endif

source/putty/proxy.c

@@ -1254,9 +1254,11 @@ int proxy_socks5_negotiate (Proxy_Socket p, int change)
 		char userpwbuf[255 + 255 + 3];
 		int ulen, plen;
 		ulen = strlen(username);
-		if (ulen > 255) ulen = 255; if (ulen < 1) ulen = 1;
+		if (ulen > 255) ulen = 255;
+		if (ulen < 1) ulen = 1;
 		plen = strlen(password);
-		if (plen > 255) plen = 255; if (plen < 1) plen = 1;
+		if (plen > 255) plen = 255;
+		if (plen < 1) plen = 1;
 		userpwbuf[0] = 1;      /* version number of subnegotiation */
 		userpwbuf[1] = ulen;
 		memcpy(userpwbuf+2, username, ulen);

source/putty/ssh.c

@@ -5579,7 +5579,7 @@ static void ssh1_msg_port_open(Ssh ssh, struct Packet *pktin)
     ssh_pkt_getstring(pktin, &host, &hostsize);
     port = ssh_pkt_getuint32(pktin);
 
-    pf.dhost = dupprintf("%.*s", hostsize, host);
+    pf.dhost = dupprintf("%.*s", hostsize, NULLTOEMPTY(host));
     pf.dport = port;
     pfp = find234(ssh->rportfwds, &pf, NULL);
 
@@ -6062,7 +6062,7 @@ static void ssh1_msg_debug(Ssh ssh, struct Packet *pktin)
     int msglen;
 
     ssh_pkt_getstring(pktin, &msg, &msglen);
-    logeventf(ssh, "Remote debug message: %.*s", msglen, msg);
+    logeventf(ssh, "Remote debug message: %.*s", msglen, NULLTOEMPTY(msg));
 }
 
 static void ssh1_msg_disconnect(Ssh ssh, struct Packet *pktin)
@@ -6072,7 +6072,8 @@ static void ssh1_msg_disconnect(Ssh ssh, struct Packet *pktin)
     int msglen;
 
     ssh_pkt_getstring(pktin, &msg, &msglen);
-    bombout(("Server sent disconnect message:\n\"%.*s\"", msglen, msg));
+    bombout(("Server sent disconnect message:\n\"%.*s\"",
+             msglen, NULLTOEMPTY(msg)));
 }
 
 static void ssh_msg_ignore(Ssh ssh, struct Packet *pktin)
@@ -8285,7 +8286,8 @@ static void ssh2_msg_channel_open_failure(Ssh ssh, struct Packet *pktin)
             reason_code = 0; /* ensure reasons[reason_code] in range */
         ssh_pkt_getstring(pktin, &reason_string, &reason_length);
         logeventf(ssh, "Forwarded connection refused by server: %s [%.*s]",
-                  reasons[reason_code], reason_length, reason_string);
+                  reasons[reason_code], reason_length,
+                  NULLTOEMPTY(reason_string));
 
         pfd_close(c->u.pfd.pf);
     } else if (c->type == CHAN_ZOMBIE) {
@@ -8581,9 +8583,7 @@ static void ssh2_msg_channel_open(Ssh ssh, struct Packet *pktin)
 	char *addrstr;
 
 	ssh_pkt_getstring(pktin, &peeraddr, &peeraddrlen);
-	addrstr = snewn(peeraddrlen+1, char);
-	memcpy(addrstr, peeraddr, peeraddrlen);
-	addrstr[peeraddrlen] = '\0';
+	addrstr = dupprintf("%.*s", peeraddrlen, NULLTOEMPTY(peeraddr));
 	peerport = ssh_pkt_getuint32(pktin);
 
 	logeventf(ssh, "Received X11 connect request from %s:%d",
@@ -8618,13 +8618,14 @@ static void ssh2_msg_channel_open(Ssh ssh, struct Packet *pktin)
 	char *shost;
 	int shostlen;
 	ssh_pkt_getstring(pktin, &shost, &shostlen);/* skip address */
-        pf.shost = dupprintf("%.*s", shostlen, shost);
+        pf.shost = dupprintf("%.*s", shostlen, NULLTOEMPTY(shost));
 	pf.sport = ssh_pkt_getuint32(pktin);
 	ssh_pkt_getstring(pktin, &peeraddr, &peeraddrlen);
 	peerport = ssh_pkt_getuint32(pktin);
 	realpf = find234(ssh->rportfwds, &pf, NULL);
 	logeventf(ssh, "Received remote port %s:%d open request "
-		  "from %s:%d", pf.shost, pf.sport, peeraddr, peerport);
+		  "from %.*s:%d", pf.shost, pf.sport,
+                  peeraddrlen, NULLTOEMPTY(peeraddr), peerport);
         sfree(pf.shost);
 
 	if (realpf == NULL) {
@@ -10305,7 +10306,7 @@ static void do_ssh2_authconn(Ssh ssh, const unsigned char *in, int inlen,
 		    s->cur_prompt->to_server = TRUE;
 		    s->cur_prompt->name = dupstr("New SSH password");
 		    s->cur_prompt->instruction =
-			dupprintf("%.*s", prompt_len, prompt);
+			dupprintf("%.*s", prompt_len, NULLTOEMPTY(prompt));
 		    s->cur_prompt->instr_reqd = TRUE;
 		    /*
 		     * There's no explicit requirement in the protocol
@@ -10749,13 +10750,13 @@ static void ssh2_msg_disconnect(Ssh ssh, struct Packet *pktin)
     logevent(buf);
     sfree(buf);
     buf = dupprintf("Disconnection message text: %.*s",
-		    msglen, msg);
+		    msglen, NULLTOEMPTY(msg));
     logevent(buf);
     bombout(("Server sent disconnect message\ntype %d (%s):\n\"%.*s\"",
 	     reason,
 	     (reason > 0 && reason < lenof(ssh2_disconnect_reasons)) ?
 	     ssh2_disconnect_reasons[reason] : "unknown",
-	     msglen, msg));
+	     msglen, NULLTOEMPTY(msg)));
     sfree(buf);
 }
 
@@ -10769,7 +10770,7 @@ static void ssh2_msg_debug(Ssh ssh, struct Packet *pktin)
     ssh2_pkt_getbool(pktin);
     ssh_pkt_getstring(pktin, &msg, &msglen);
 
-    logeventf(ssh, "Remote debug message: %.*s", msglen, msg);
+    logeventf(ssh, "Remote debug message: %.*s", msglen, NULLTOEMPTY(msg));
 }
 
 static void ssh2_msg_transport(Ssh ssh, struct Packet *pktin)

source/putty/sshcrc.c

@@ -198,12 +198,11 @@ static const unsigned long crc32_table[256] = {
 #ifdef GENPROGRAM
 int main(void)
 {
-    unsigned long crcword;
     int i;
 
     crc32_init();
     for (i = 0; i < 256; i++) {
-	printf("%s0x%08XL%s",
+	printf("%s0x%08lXL%s",
 	       (i % 4 == 0 ? "    " : " "),
 	       crc32_table[i],
 	       (i % 4 == 3 ? (i == 255 ? "\n" : ",\n") : ","));

source/putty/sshecc.c

@@ -2761,10 +2761,7 @@ void *ssh_ecdhkex_newkey(const struct ssh_kex *kex)
         bytes[31] &= 127;
         bytes[31] |= 64;
         key->privateKey = bignum_from_bytes(bytes, sizeof(bytes));
-        for (i = 0; i < sizeof(bytes); ++i)
-        {
-            ((volatile char*)bytes)[i] = 0;
-        }
+        smemclr(bytes, sizeof(bytes));
         if (!key->privateKey) {
             sfree(key);
             return NULL;

source/putty/version.h

@@ -1,5 +1,5 @@
 /* Generated by automated build script */
 #define SNAPSHOT
-#define TEXTVER "Development snapshot 2015-12-22.51465fa"
-#define SSHVER "PuTTY-Snapshot-2015-12-22.51465fa"
-#define BINARY_VERSION 0,66,1058,0
+#define TEXTVER "Development snapshot 2016-03-06.8e41e0a"
+#define SSHVER "PuTTY-Snapshot-2016-03-06.8e41e0a"
+#define BINARY_VERSION 0,67,1006,0

source/putty/windows/winpgntc.c

@@ -182,6 +182,5 @@ int agent_query(void *in, int inlen, void **out, int *outlen,
     sfree(mapname);
     if (psd)
         LocalFree(psd);
-    sfree(usersid);
     return 1;
 }

source/putty/windows/winsecur.c

@@ -44,6 +44,9 @@ PSID get_user_sid(void)
     DWORD toklen, sidlen;
     PSID sid = NULL, ret = NULL;
 
+    if (usersid)
+        return usersid;
+
     if (!got_advapi())
         goto cleanup;
 
@@ -73,7 +76,7 @@ PSID get_user_sid(void)
 
     /* Success. Move sid into the return value slot, and null it out
      * to stop the cleanup code freeing it. */
-    ret = sid;
+    ret = usersid = sid;
     sid = NULL;
 
   cleanup:
@@ -140,8 +143,6 @@ int make_private_security_descriptor(DWORD permissions,
                                      PACL *acl,
                                      char **error)
 {
-    SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
-    SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
     EXPLICIT_ACCESS ea[3];
     int acl_err;
     int ret = FALSE;
@@ -225,8 +226,6 @@ int make_private_security_descriptor(DWORD permissions,
 
 int setprocessacl(char *error)
 {
-    SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
-    SID_IDENTIFIER_AUTHORITY nt_auth = SECURITY_NT_AUTHORITY;
     EXPLICIT_ACCESS ea[2];
     int acl_err;
     int ret=FALSE;