PuTTY 0.70

Source commit: 220c6764f058763aaa170b2ed524f18828db22d5

source/putty/WINDOWS/winhsock.c

@@ -54,10 +54,11 @@ static int handle_gotdata(struct handle *h, void *data, int len)
     Handle_Socket ps = (Handle_Socket) handle_get_privdata(h);
 
     if (len < 0) {
-	return plug_closing(ps->plug, "Read error from handle",
-			    0, 0);
+	plug_closing(ps->plug, "Read error from handle", 0, 0);
+	return 0;
     } else if (len == 0) {
-	return plug_closing(ps->plug, NULL, 0, 0);
+	plug_closing(ps->plug, NULL, 0, 0);
+	return 0;
     } else {
         assert(ps->frozen != FROZEN && ps->frozen != THAWING);
         if (ps->frozen == FREEZING) {
@@ -76,7 +77,8 @@ static int handle_gotdata(struct handle *h, void *data, int len)
              */
             return INT_MAX;
         } else {
-            return plug_receive(ps->plug, 0, data, len);
+            plug_receive(ps->plug, 0, data, len);
+	    return 0;
         }
     }
 }
@@ -168,7 +170,7 @@ static void handle_socket_unfreeze(void *psv)
 {
     Handle_Socket ps = (Handle_Socket) psv;
     void *data;
-    int len, new_backlog;
+    int len;
 
     /*
      * If we've been put into a state other than THAWING since the
@@ -188,7 +190,7 @@ static void handle_socket_unfreeze(void *psv)
      * have the effect of trying to close this socket.
      */
     ps->defer_close = TRUE;
-    new_backlog = plug_receive(ps->plug, 0, data, len);
+    plug_receive(ps->plug, 0, data, len);
     bufchain_consume(&ps->inputdata, len);
     ps->defer_close = FALSE;
     if (ps->deferred_close) {
@@ -207,7 +209,7 @@ static void handle_socket_unfreeze(void *psv)
          * Otherwise, we've successfully thawed!
          */
         ps->frozen = UNFROZEN;
-        handle_unthrottle(ps->recv_h, new_backlog);
+        handle_unthrottle(ps->recv_h, 0);
     }
 }
 
@@ -282,10 +284,11 @@ static char *sk_handle_peer_info(Socket s)
 
     if (!kernel32_module) {
         kernel32_module = load_system32_dll("kernel32.dll");
-#if (defined _MSC_VER && _MSC_VER < 1900) || defined __MINGW32__
+#if (defined _MSC_VER && _MSC_VER < 1900) || defined __MINGW32__ || defined COVERITY
         /* For older Visual Studio, and MinGW too (at least as of
          * Ubuntu 16.04), this function isn't available in the header
-         * files to type-check */
+         * files to type-check. Ditto the toolchain I use for
+         * Coveritying the Windows code. */
         GET_WINDOWS_FUNCTION_NO_TYPECHECK(
             kernel32_module, GetNamedPipeClientProcessId);
 #else

source/putty/doc/Makefile

@@ -44,19 +44,17 @@ INPUTS = $(patsubst %,%.but,$(CHAPTERS))
 HALIBUT = halibut
 
 index.html: $(INPUTS)
-	$(HALIBUT) --text --html --winhelp $(INPUTS)
+	$(HALIBUT) --text --html --winhelp --chm $(INPUTS)
 
-# During formal builds it's useful to be able to build this one alone.
+# During formal builds it's useful to be able to build these ones alone.
 putty.hlp: $(INPUTS)
 	$(HALIBUT) --winhelp $(INPUTS)
+putty.chm: $(INPUTS)
+	$(HALIBUT) --chm $(INPUTS)
 
 putty.info: $(INPUTS)
 	$(HALIBUT) --info $(INPUTS)
 
-chm: putty.hhp
-putty.hhp: $(INPUTS) chm.but
-	$(HALIBUT) --html $(INPUTS) chm.but
-
 MKMAN = $(HALIBUT) --man=$@ mancfg.but $<
 MANPAGES = putty.1 puttygen.1 plink.1 pscp.1 psftp.1 puttytel.1 pterm.1 \
            pageant.1

source/putty/doc/blurb.but

@@ -7,17 +7,23 @@
 \cfg{xhtml-leaf-contains-contents}{true}
 \cfg{xhtml-body-end}{<p>If you want to provide feedback on this manual
 or on the PuTTY tools themselves, see the
-<a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html">Feedback
+<a href="https://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html">Feedback
 page</a>.</p>}
 
 \cfg{html-template-fragment}{%k}{%b}
 
 \cfg{info-max-file-size}{0}
 
+\cfg{chm-contents-filename}{index.html}
+\cfg{chm-template-filename}{%k.html}
+\cfg{chm-head-end}{<link rel="stylesheet" type="text/css" href="chm.css">}
+\cfg{chm-extra-file}{chm.css}
+
 \cfg{xhtml-contents-filename}{index.html}
 \cfg{text-filename}{puttydoc.txt}
 \cfg{winhelp-filename}{putty.hlp}
 \cfg{info-filename}{putty.info}
+\cfg{chm-filename}{putty.chm}
 
 PuTTY is a free (MIT-licensed) Windows Telnet and SSH client. This
 manual documents PuTTY, and its companion utilities PSCP, PSFTP,

source/putty/doc/chm.but

@@ -1,22 +0,0 @@
-\# File containing the magic HTML configuration directives to create
-\# an MS HTML Help project. We put this on the end of the PuTTY
-\# docs build command line to build the HHP and friends.
-
-\cfg{html-leaf-level}{infinite}
-\cfg{html-leaf-contains-contents}{false}
-\cfg{html-suppress-navlinks}{true}
-\cfg{html-suppress-address}{true}
-
-\cfg{html-contents-filename}{index.html}
-\cfg{html-template-filename}{%k.html}
-\cfg{html-template-fragment}{%k}
-
-\cfg{html-mshtmlhelp-chm}{putty.chm}
-\cfg{html-mshtmlhelp-project}{putty.hhp}
-\cfg{html-mshtmlhelp-contents}{putty.hhc}
-\cfg{html-mshtmlhelp-index}{putty.hhk}
-
-\cfg{html-body-end}{}
-
-\cfg{html-head-end}{<link rel="stylesheet" type="text/css" href="chm.css">}
-

source/putty/doc/config.but

@@ -499,8 +499,8 @@ instead of relying on the automatic detection.
 \cfg{winhelp-topic}{terminal.printing}
 
 A lot of VT100-compatible terminals support printing under control
-of the remote server. PuTTY supports this feature as well, but it is
-turned off by default.
+of the remote server (sometimes called \q{passthrough printing}).
+PuTTY supports this feature as well, but it is turned off by default.
 
 To enable remote-controlled printing, choose a printer from the
 \q{Printer to send ANSI printer output to} drop-down list box. This
@@ -2959,7 +2959,7 @@ modes from the local terminal, if any.
 
 }
 
-\b If \q{Nothing} is selected, no value for the mode will not be
+\b If \q{Nothing} is selected, no value for the mode will be
 specified to the server under any circumstances.
 
 \b If a value is specified, it will be sent to the server under all
@@ -3006,18 +3006,19 @@ PuTTY in a variety of ways, such as \cw{true}/\cw{false},
 \cw{no} is different from not sending the mode at all.)
 
 \b The boolean mode \I{IUTF8 terminal mode}\cw{IUTF8} signals to the
-server whether the terminal character set is \i{UTF-8} or not.
-If this is set incorrectly, keys like backspace may do the wrong thing
-in some circumstances. However, setting this is not usually
-sufficient to cause servers to expect the terminal to be in UTF-8 mode;
-POSIX servers will generally require the locale to be set (by some
-server-dependent means), although many default to UTF-8. Also,
-since this mode was added to the SSH protocol much later than the
-others, \#{circa 2016} many servers (particularly older servers) do
-not honour this mode sent over SSH; indeed, a few poorly-written
-servers object to its mere presence, so you may find you need to set
-it to not be sent at all. When set to \q{Auto}, this follows the local
-configured character set (see \k{config-charset}).
+server whether the terminal character set is \i{UTF-8} or not, for
+purposes such as basic line editing; if this is set incorrectly,
+the backspace key may erase the wrong amount of text, for instance.
+However, simply setting this is not usually sufficient for the server
+to use UTF-8; POSIX servers will generally also require the locale to
+be set (by some server-dependent means), although many newer
+installations default to UTF-8. Also, since this mode was added to the
+SSH protocol much later than the others, \#{circa 2016} many servers
+(particularly older servers) do not honour this mode sent over SSH;
+indeed, a few poorly-written servers object to its mere presence, so
+you may find you need to set it to not be sent at all. When set to
+\q{Auto}, this follows the local configured character set (see
+\k{config-charset}).
 
 \b Terminal speeds are configured elsewhere; see \k{config-termspeed}.
 

source/putty/doc/errors.but

@@ -122,9 +122,7 @@ ridiculous amount of memory, and will terminate with an \q{Out of
 memory} error.
 
 This can happen in SSH-2, if PuTTY and the server have not enabled
-encryption in the same way (see \k{faq-outofmem} in the FAQ). Some
-versions of \i{OpenSSH} have a known problem with this: see
-\k{faq-openssh-bad-openssl}.
+encryption in the same way (see \k{faq-outofmem} in the FAQ).
 
 This can also happen in PSCP or PSFTP, if your \i{login scripts} on the
 server generate output: the client program will be expecting an SFTP
@@ -233,8 +231,13 @@ protection (such as HTTP) will manifest in more subtle failures (such
 as misdisplayed text or images in a web browser) which may not be
 noticed.
 
-A known server problem which can cause this error is described in
-\k{faq-openssh-bad-openssl} in the FAQ.
+Occasionally this has been caused by server bugs. An example is the
+bug described at \k{config-ssh-bug-hmac2}, although you're very
+unlikely to encounter that one these days. 
+
+In this context MAC stands for \ii{Message Authentication Code}. It's a
+cryptographic term, and it has nothing at all to do with Ethernet
+MAC (Media Access Control) addresses, or with the Apple computer.
 
 \H{errors-garbled} \q{Incoming packet was garbled on decryption}
 
@@ -247,10 +250,7 @@ in the server, or in between.
 If you get this error, one thing you could try would be to fiddle with
 the setting of \q{Miscomputes SSH-2 encryption keys} (see
 \k{config-ssh-bug-derivekey2}) or \q{Ignores SSH-2 maximum packet
-size} (see \k{config-ssh-bug-maxpkt2}) on the Bugs panel .
-
-Another known server problem which can cause this error is described
-in \k{faq-openssh-bad-openssl} in the FAQ.
+size} (see \k{config-ssh-bug-maxpkt2}) on the Bugs panel.
 
 \H{errors-x11-proxy} \q{PuTTY X11 proxy: \e{various errors}}
 

source/putty/doc/faq.but

@@ -27,18 +27,18 @@ else.
 
 \I{supported features}In general, if you want to know if PuTTY supports
 a particular feature, you should look for it on the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}{PuTTY web site}.
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/}{PuTTY web site}.
 In particular:
 
 \b try the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{changes
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{changes
 page}, and see if you can find the feature on there. If a feature is
 listed there, it's been implemented. If it's listed as a change made
 \e{since} the latest version, it should be available in the
 development snapshots, in which case testing will be very welcome.
 
 \b try the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
 page}, and see if you can find the feature there. If it's on there,
 and not in the \q{Recently fixed} section, it probably \e{hasn't} been
 implemented.
@@ -54,7 +54,7 @@ version 0.52.
 \cw{ssh.com} SSH-2 private key files?
 
 PuTTY doesn't support this natively (see
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/key-formats-natively.html}{the wishlist entry}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/key-formats-natively.html}{the wishlist entry}
 for reasons why not), but as of 0.53
 PuTTYgen can convert both OpenSSH and \cw{ssh.com} private key
 files into PuTTY's format.
@@ -236,7 +236,7 @@ port, or any other port of PuTTY, they were mistaken. We don't.
 
 There are some third-party ports to various platforms, mentioned
 on the 
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website}.
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website}.
 
 \S{faq-unix}{Question} \I{Unix version}Is there a port to Unix?
 
@@ -323,7 +323,7 @@ for, it might be a long time before any of us get round to learning
 a new system and doing the port for that.
 
 However, some of the work has been done by other people; see the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/links.html}{Links page of our website}
 for various third-party ports.
 
 \S{faq-iphone}{Question} Will there be a port to the iPhone?
@@ -351,7 +351,7 @@ Most of the code cleanup work would be a good thing to happen in
 general, so if anyone feels like helping, we wouldn't say no.
 
 See also
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/dll-frontend.html}{the wishlist entry}.
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/dll-frontend.html}{the wishlist entry}.
 
 \S{faq-vb}{Question} Is the SSH or Telnet code available as a Visual
 Basic component?
@@ -601,34 +601,6 @@ documentation.)
 
 \H{faq-trouble} Troubleshooting
 
-\S{faq-incorrect-mac}{Question} Why do I see \q{Incorrect MAC
-received on packet}?
-
-One possible cause of this that used to be common is a bug in old
-SSH-2 servers distributed by \cw{ssh.com}. (This is not the only
-possible cause; see \k{errors-crc} in the documentation.)
-Version 2.3.0 and below of their SSH-2 server
-constructs Message Authentication Codes in the wrong way, and
-expects the client to construct them in the same wrong way. PuTTY
-constructs the MACs correctly by default, and hence these old
-servers will fail to work with it.
-
-If you are using PuTTY version 0.52 or better, this should work
-automatically: PuTTY should detect the buggy servers from their
-version number announcement, and automatically start to construct
-its MACs in the same incorrect manner as they do, so it will be able
-to work with them.
-
-If you are using PuTTY version 0.51 or below, you can enable the
-workaround by going to the SSH panel and ticking the box labelled
-\q{Imitate SSH2 MAC bug}. It's possible that you might have to do
-this with 0.52 as well, if a buggy server exists that PuTTY doesn't
-know about.
-
-In this context MAC stands for \ii{Message Authentication Code}. It's a
-cryptographic term, and it has nothing at all to do with Ethernet
-MAC (Media Access Control) addresses.
-
 \S{faq-pscp-protocol}{Question} Why do I see \q{Fatal: Protocol
 error: Expected control record} in PSCP?
 
@@ -664,21 +636,6 @@ Clicking on \q{ANSI Green} won't turn your session green; it will
 only allow you to adjust the \e{shade} of green used when PuTTY is
 instructed by the server to display green text.
 
-\S{faq-winsock2}{Question} Plink on \i{Windows 95} says it can't find
-\i\cw{WS2_32.DLL}.
-
-Plink requires the extended Windows network library, WinSock version
-2. This is installed as standard on Windows 98 and above, and on
-Windows NT, and even on later versions of Windows 95; but early
-Win95 installations don't have it.
-
-In order to use Plink on these systems, you will need to download
-the
-\W{http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/}{WinSock 2 upgrade}:
-
-\c http://www.microsoft.com/windows95/downloads/contents/
-\c   wuadmintools/s_wunetworkingtools/w95sockets2/
-
 \S{faq-outofmem}{Question} After trying to establish an SSH-2
 connection, PuTTY says \q{\ii{Out of memory}} and dies.
 
@@ -891,45 +848,10 @@ us \q{I wanted the F1 key to send \c{^[[11~}, but instead it's
 sending \c{^[OP}, can this be done?}, or something similar.
 
 You should still read the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html}{Feedback
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/feedback.html}{Feedback
 page} on the PuTTY website (also provided as \k{feedback} in the
 manual), and follow the guidelines contained in that.
 
-\S{faq-openssh-bad-openssl}{Question} Since my SSH server was upgraded
-to \i{OpenSSH} 3.1p1/3.4p1, I can no longer connect with PuTTY.
-
-There is a known problem when OpenSSH has been built against an
-incorrect version of OpenSSL; the quick workaround is to configure
-PuTTY to use SSH protocol 2 and the Blowfish cipher.
-
-For more details and OpenSSH patches, see
-\W{http://bugzilla.mindrot.org/show_bug.cgi?id=138}{bug 138} in the
-OpenSSH BTS.
-
-This is not a PuTTY-specific problem; if you try to connect with
-another client you'll likely have similar problems. (Although PuTTY's
-default cipher differs from many other clients.)
-
-\e{OpenSSH 3.1p1:} configurations known to be broken (and symptoms):
-
-\b SSH-2 with AES cipher (PuTTY says \q{Assertion failed! Expression:
-(len & 15) == 0} in \cw{sshaes.c}, or \q{Out of memory}, or crashes)
-
-\b SSH-2 with 3DES (PuTTY says \q{Incorrect MAC received on packet})
-
-\b SSH-1 with Blowfish (PuTTY says \q{Incorrect CRC received on
-packet})
-
-\b SSH-1 with 3DES
-
-\e{OpenSSH 3.4p1:} as of 3.4p1, only the problem with SSH-1 and
-Blowfish remains. Rebuild your server, apply the patch linked to from
-bug 138 above, or use another cipher (e.g., 3DES) instead.
-
-\e{Other versions:} we occasionally get reports of the same symptom
-and workarounds with older versions of OpenSSH, although it's not
-clear the underlying cause is the same.
-
 \S{faq-ssh2key-ssh1conn}{Question} Why do I see \q{Couldn't load
 private key from ...}? Why can PuTTYgen load my key but not PuTTY?
 
@@ -1060,7 +982,7 @@ still. We do not recommend it.)
 
 This is caused by a bug in certain versions of \i{Windows XP} which
 is triggered by PuTTY 0.58. This was fixed in 0.59. The
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/xp-wont-run}{\q{xp-wont-run}}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/xp-wont-run}{\q{xp-wont-run}}
 entry in PuTTY's wishlist has more details.
 
 \S{faq-system32}{Question} When I put 32-bit PuTTY in

source/putty/doc/feedback.but

@@ -112,7 +112,7 @@ If you think you have found a bug in PuTTY, your first steps should
 be:
 
 \b Check the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
 page} on the PuTTY website, and see if we already know about the
 problem. If we do, it is almost certainly not necessary to mail us
 about it, unless you think you have extra information that might be
@@ -121,12 +121,12 @@ specific extra information about a particular bug, the Wishlist page
 will say so.)
 
 \b Check the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{Change
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{Change
 Log} on the PuTTY website, and see if we have already fixed the bug
 in the \i{development snapshots}.
 
 \b Check the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html}{FAQ}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html}{FAQ}
 on the PuTTY website (also provided as \k{faq} in the manual), and
 see if it answers your question. The FAQ lists the most common
 things which people think are bugs, but which aren't bugs.
@@ -188,7 +188,7 @@ you haven't supplied us with full information about the actual bug,
 then we won't be able to find a better solution.
 
 \b
-\W{http://www.chiark.greenend.org.uk/~sgtatham/bugs.html}\cw{http://www.chiark.greenend.org.uk/~sgtatham/bugs.html}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/bugs.html}\cw{https://www.chiark.greenend.org.uk/~sgtatham/bugs.html}
 is an article on how to report bugs effectively in general. If your
 bug report is \e{particularly} unclear, we may ask you to go away,
 read this article, and then report the bug again.
@@ -224,14 +224,14 @@ If you want to request a new feature in PuTTY, the very first things
 you should do are:
 
 \b Check the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/}{Wishlist
 page} on the PuTTY website, and see if your feature is already on
 the list. If it is, it probably won't achieve very much to repeat
 the request. (But see \k{feedback-feature-priority} if you want to
 persuade us to give your particular feature higher priority.)
 
 \b Check the Wishlist and
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{Change
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{Change
 Log} on the PuTTY website, and see if we have already added your
 feature in the development snapshots. If it isn't clear, download
 the latest development snapshot and see if the feature is present.
@@ -350,7 +350,7 @@ Of course, if the web site has some other error (Connection Refused,
 If you want to report a problem with our web site, check that you're
 looking at our \e{real} web site and not a mirror. The real web site
 is at
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}\c{http://www.chiark.greenend.org.uk/~sgtatham/putty/};
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/}\c{https://www.chiark.greenend.org.uk/~sgtatham/putty/};
 if that's not where you're reading this, then don't report the
 problem to us until you've checked that it's really a problem with
 the main site. If it's only a problem with the mirror, you should
@@ -399,7 +399,7 @@ setting up a mirror. You already have permission.
 
 If the mirror is in a country where we don't already have plenty of
 mirrors, we may be willing to add it to the list on our
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html}{mirrors
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html}{mirrors
 page}. Read the guidelines on that page, make sure your mirror
 works, and email us the information listed at the bottom of the
 page.
@@ -414,7 +414,7 @@ to be a cheap way to gain search rankings.
 
 If you have technical questions about the process of mirroring, then
 you might want to mail us before setting up the mirror (see also the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html#guidelines}{guidelines on the Mirrors page});
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html#guidelines}{guidelines on the Mirrors page});
 but if you just want to ask for permission, you don't need to. You
 already have permission.
 

source/putty/doc/index.but

@@ -340,6 +340,7 @@ saved sessions from
 \IM{remote-controlled printing} ANSI printing
 \IM{remote-controlled printing} remote-controlled printing
 \IM{remote-controlled printing} printing, remote-controlled
+\IM{remote-controlled printing} passthrough printing
 
 \IM{Home and End keys} Home key
 \IM{Home and End keys} End key
@@ -829,9 +830,6 @@ saved sessions from
 \IM{login scripts}{startup scripts} login scripts
 \IM{login scripts}{startup scripts} startup scripts
 
-\IM{WS2_32.DLL} \cw{WS2_32.DLL}
-\IM{WS2_32.DLL} WinSock version 2
-
 \IM{Red Hat Linux} Red Hat Linux
 \IM{Red Hat Linux} Linux, Red Hat
 

source/putty/doc/man-pl.but

@@ -260,7 +260,7 @@ exists, nonzero otherwise.
 For more information on plink, it's probably best to go and look at
 the manual on the PuTTY web page:
 
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{http://www.chiark.greenend.org.uk/~sgtatham/putty/}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{https://www.chiark.greenend.org.uk/~sgtatham/putty/}
 
 \S{plink-manpage-bugs} BUGS
 

source/putty/doc/man-pscp.but

@@ -174,7 +174,7 @@ encrypted packet data.
 For more information on \cw{pscp} it's probably best to go and look at
 the manual on the PuTTY web page:
 
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{http://www.chiark.greenend.org.uk/~sgtatham/putty/}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{https://www.chiark.greenend.org.uk/~sgtatham/putty/}
 
 \S{pscp-manpage-bugs} BUGS
 

source/putty/doc/man-psft.but

@@ -159,7 +159,7 @@ at the \cw{psftp>} prompt.
 For more information on \cw{psftp} it's probably best to go and look at
 the manual on the PuTTY web page:
 
-\cw{http://www.chiark.greenend.org.uk/~sgtatham/putty/}
+\cw{https://www.chiark.greenend.org.uk/~sgtatham/putty/}
 
 \S{psftp-manpage-bugs} BUGS
 

source/putty/doc/man-ptel.but

@@ -208,7 +208,7 @@ your home directory.
 For more information on PuTTY and PuTTYtel, it's probably best to go
 and look at the manual on the web page:
 
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{http://www.chiark.greenend.org.uk/~sgtatham/putty/}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{https://www.chiark.greenend.org.uk/~sgtatham/putty/}
 
 \S{puttytel-manpage-bugs} BUGS
 

source/putty/doc/man-putt.but

@@ -321,7 +321,7 @@ your home directory.
 For more information on PuTTY, it's probably best to go and look at
 the manual on the web page:
 
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{http://www.chiark.greenend.org.uk/~sgtatham/putty/}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/putty/}\cw{https://www.chiark.greenend.org.uk/~sgtatham/putty/}
 
 \S{putty-manpage-bugs} BUGS
 

source/putty/doc/pgpkeys.but

@@ -53,19 +53,19 @@ The current issue of those keys are available for download from the
 PuTTY website, and are also available on PGP keyservers using the key
 IDs listed below.
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-2015.asc}{\s{Master Key}}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-2015.asc}{\s{Master Key}}
 
 \dd RSA, 4096-bit. Key ID: \cw{4096R/04676F7C} (long version:
 \cw{4096R/AB585DC604676F7C}). Fingerprint:
 \cw{440D\_E3B5\_B7A1\_CA85\_B3CC\_\_1718\_AB58\_5DC6\_0467\_6F7C}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-2015.asc}{\s{Release Key}}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-2015.asc}{\s{Release Key}}
 
 \dd RSA, 2048-bit. Key ID: \cw{2048R/B43434E4} (long version:
 \cw{2048R/9DFE2648B43434E4}). Fingerprint:
 \cw{0054\_DDAA\_8ADA\_15D2\_768A\_\_6DE7\_9DFE\_2648\_B434\_34E4}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/contact-2016.asc}{\s{Secure Contact Key}}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/contact-2016.asc}{\s{Secure Contact Key}}
 
 \dd RSA, 2048-bit. Main key ID: \cw{2048R/8A0AF00B} (long version:
 \cw{2048R/C4FCAAD08A0AF00B}). Encryption subkey ID:
@@ -73,7 +73,7 @@ IDs listed below.
 Fingerprint:
 \cw{8A26\_250E\_763F\_E359\_75F3\_\_118F\_C4FC\_AAD0\_8A0A\_F00B}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-2015.asc}{\s{Snapshot Key}}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-2015.asc}{\s{Snapshot Key}}
 
 \dd RSA, 2048-bit. Key ID: \cw{2048R/D15F7E8A} (long version:
 \cw{2048R/EEF20295D15F7E8A}). Fingerprint:
@@ -179,37 +179,37 @@ Releases prior to the rollover are signed with the old Release Keys.
 
 For completeness, those old keys are given here:
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-rsa.asc}{\s{Master Key} (original RSA)}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-rsa.asc}{\s{Master Key} (original RSA)}
 
 \dd RSA, 1024-bit. Key ID: \cw{1024R/1E34AC41} (long version:
 \cw{1024R/9D5877BF1E34AC41}). Fingerprint:
 \cw{8F\_15\_97\_DA\_25\_30\_AB\_0D\_\_88\_D1\_92\_54\_11\_CF\_0C\_4C}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-dsa.asc}{\s{Master Key} (original DSA)}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-dsa.asc}{\s{Master Key} (original DSA)}
 
 \dd DSA, 1024-bit. Key ID: \cw{1024D/6A93B34E} (long version:
 \cw{1024D/4F5E6DF56A93B34E}). Fingerprint:
 \cw{313C\_3E76\_4B74\_C2C5\_F2AE\_\_83A8\_4F5E\_6DF5\_6A93\_B34E}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-rsa.asc}{\s{Release Key} (original RSA)}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-rsa.asc}{\s{Release Key} (original RSA)}
 
 \dd RSA, 1024-bit. Key ID: \cw{1024R/B41CAE29} (long version:
 \cw{1024R/EF39CCC0B41CAE29}). Fingerprint:
 \cw{AE\_65\_D3\_F7\_85\_D3\_18\_E0\_\_3B\_0C\_9B\_02\_FF\_3A\_81\_FE}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-dsa.asc}{\s{Release Key} (original DSA)}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-dsa.asc}{\s{Release Key} (original DSA)}
 
 \dd DSA, 1024-bit. Key ID: \cw{1024D/08B0A90B} (long version:
 \cw{1024D/FECD6F3F08B0A90B}). Fingerprint:
 \cw{00B1\_1009\_38E6\_9800\_6518\_\_F0AB\_FECD\_6F3F\_08B0\_A90B}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-rsa.asc}{\s{Snapshot Key} (original RSA)}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-rsa.asc}{\s{Snapshot Key} (original RSA)}
 
 \dd RSA, 1024-bit. Key ID: \cw{1024R/32B903A9} (long version:
 \cw{1024R/FAAED21532B903A9}). Fingerprint:
 \cw{86\_8B\_1F\_79\_9C\_F4\_7F\_BD\_\_8B\_1B\_D7\_8E\_C6\_4E\_4C\_03}
 
-\dt \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-dsa.asc}{\s{Snapshot Key} (original DSA)}
+\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-dsa.asc}{\s{Snapshot Key} (original DSA)}
 
 \dd DSA, 1024-bit. Key ID: \cw{1024D/7D3E4A00} (long version:
 \cw{1024D/165E56F77D3E4A00}). Fingerprint:

source/putty/doc/plink.but

@@ -41,7 +41,7 @@ use Plink:
 
 \c Z:\sysosd>plink
 \c Plink: command-line connection utility
-\c Release 0.69
+\c Release 0.70
 \c Usage: plink [options] [user@]host [command]
 \c        ("host" can also be a PuTTY saved session name)
 \c Options:

source/putty/doc/pscp.but

@@ -39,7 +39,7 @@ use PSCP:
 
 \c Z:\owendadmin>pscp
 \c PuTTY Secure Copy client
-\c Release 0.69
+\c Release 0.70
 \c Usage: pscp [options] [user@]host:source target
 \c        pscp [options] source [source...] [user@]host:target
 \c        pscp [options] -ls [user@]host:filespec

source/putty/doc/udp.but

@@ -331,7 +331,7 @@ local state structures \c{s} or \c{st} in each function, or the
 backend-wide structure \c{ssh}.
 
 See
-\W{http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html}\c{http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html}
+\W{https://www.chiark.greenend.org.uk/~sgtatham/coroutines.html}\c{https://www.chiark.greenend.org.uk/~sgtatham/coroutines.html}
 for a more in-depth discussion of what these macros are for and how
 they work.
 

source/putty/import.c

@@ -445,7 +445,7 @@ static struct openssh_pem_key *load_openssh_pem_key(const Filename *filename,
 		if (!strcmp(p, "ENCRYPTED"))
 		    ret->encrypted = TRUE;
 	    } else if (!strcmp(line, "DEK-Info")) {
-		int i, j, ivlen;
+		int i, ivlen;
 
 		if (!strncmp(p, "DES-EDE3-CBC,", 13)) {
 		    ret->encryption = OP_E_3DES;
@@ -459,6 +459,7 @@ static struct openssh_pem_key *load_openssh_pem_key(const Filename *filename,
 		}
 		p = strchr(p, ',') + 1;/* always non-NULL, by above checks */
 		for (i = 0; i < ivlen; i++) {
+                    unsigned j;
 		    if (1 != sscanf(p, "%2x", &j)) {
 			errmsg = "expected more iv data in DEK-Info";
 			goto error;

source/putty/misc.c

@@ -157,7 +157,8 @@ int main(void)
             passes++;                                                   \
         } else {                                                        \
             printf("fail: %s(%s,%s)%s = %u, expected %u\n",             \
-                   #func, #string, #arg2, #suffix, ret, result);        \
+                   #func, #string, #arg2, #suffix, ret,                 \
+                   (unsigned)result);                                   \
             fails++;                                                    \
         }                                                               \
 } while (0)
@@ -1165,11 +1166,21 @@ char *buildinfo(const char *newline)
                 BUILDINFO_PLATFORM);
 
 #ifdef __clang_version__
+#define FOUND_COMPILER
     strbuf_catf(buf, "%sCompiler: clang %s", newline, __clang_version__);
 #elif defined __GNUC__ && defined __VERSION__
+#define FOUND_COMPILER
     strbuf_catf(buf, "%sCompiler: gcc %s", newline, __VERSION__);
-#elif defined _MSC_VER
-    strbuf_catf(buf, "%sCompiler: Visual Studio", newline);
+#endif
+
+#if defined _MSC_VER
+#ifndef FOUND_COMPILER
+#define FOUND_COMPILER
+    strbuf_catf(buf, "%sCompiler: ", newline);
+#else
+    strbuf_catf(buf, ", emulating ");
+#endif
+    strbuf_catf(buf, "Visual Studio", newline);
 #if _MSC_VER == 1900
     strbuf_catf(buf, " 2015 / MSVC++ 14.0");
 #elif _MSC_VER == 1800
@@ -1178,12 +1189,14 @@ char *buildinfo(const char *newline)
     strbuf_catf(buf, " 2012 / MSVC++ 11.0");
 #elif _MSC_VER == 1600
     strbuf_catf(buf, " 2010 / MSVC++ 10.0");
-#elif  _MSC_VER == 1500
+#elif _MSC_VER == 1500
     strbuf_catf(buf, " 2008 / MSVC++ 9.0");
-#elif  _MSC_VER == 1400
+#elif _MSC_VER == 1400
     strbuf_catf(buf, " 2005 / MSVC++ 8.0");
-#elif  _MSC_VER == 1310
+#elif _MSC_VER == 1310
     strbuf_catf(buf, " 2003 / MSVC++ 7.1");
+#elif _MSC_VER == 1300
+    strbuf_catf(buf, " 2003 / MSVC++ 7.0");
 #else
     strbuf_catf(buf, ", unrecognised version");
 #endif
@@ -1201,6 +1214,9 @@ char *buildinfo(const char *newline)
     }
 #endif
 
+#if defined _WINDOWS && defined MINEFIELD
+    strbuf_catf(buf, "%sBuild option: MINEFIELD", newline);
+#endif
 #ifdef NO_SECURITY
     strbuf_catf(buf, "%sBuild option: NO_SECURITY", newline);
 #endif

source/putty/network.h

@@ -64,12 +64,12 @@ struct plug_function_table {
      *    proxy command, so the receiver should probably prefix it to
      *    indicate this.
      */
-    int (*closing)
+    void (*closing)
      (Plug p, const char *error_msg, int error_code, int calling_back);
     /* error_msg is NULL iff it is not an error (ie it closed normally) */
     /* calling_back != 0 iff there is a Plug function */
     /* currently running (would cure the fixme in try_send()) */
-    int (*receive) (Plug p, int urgent, char *data, int len);
+    void (*receive) (Plug p, int urgent, char *data, int len);
     /*
      *  - urgent==0. `data' points to `len' bytes of perfectly
      *    ordinary data.

source/putty/portfwd.c

@@ -117,8 +117,8 @@ static void pfl_log(Plug plug, int type, SockAddr addr, int port,
     /* we have to dump these since we have no interface to logging.c */
 }
 
-static int pfd_closing(Plug plug, const char *error_msg, int error_code,
-		       int calling_back)
+static void pfd_closing(Plug plug, const char *error_msg, int error_code,
+			int calling_back)
 {
     struct PortForwarding *pf = (struct PortForwarding *) plug;
 
@@ -145,16 +145,13 @@ static int pfd_closing(Plug plug, const char *error_msg, int error_code,
         if (pf->c)
             sshfwd_write_eof(pf->c);
     }
-
-    return 1;
 }
 
-static int pfl_closing(Plug plug, const char *error_msg, int error_code,
-		       int calling_back)
+static void pfl_closing(Plug plug, const char *error_msg, int error_code,
+			int calling_back)
 {
     struct PortListener *pl = (struct PortListener *) plug;
     pfl_terminate(pl);
-    return 1;
 }
 
 static void wrap_send_port_open(void *channel, const char *hostname, int port,
@@ -172,7 +169,7 @@ static void wrap_send_port_open(void *channel, const char *hostname, int port,
     sfree(description);
 }
 
-static int pfd_receive(Plug plug, int urgent, char *data, int len)
+static void pfd_receive(Plug plug, int urgent, char *data, int len)
 {
     struct PortForwarding *pf = (struct PortForwarding *) plug;
     if (pf->dynamic) {
@@ -204,7 +201,7 @@ static int pfd_receive(Plug plug, int urgent, char *data, int len)
 		    data[1] = 91;      /* generic `request rejected' */
 		    sk_write(pf->s, data, 8);
 		    pfd_close(pf);
-		    return 1;
+		    return;
 		}
 		if (pf->sockslen <= 8)
                     continue;      /* haven't started user/hostname */
@@ -320,7 +317,7 @@ static int pfd_receive(Plug plug, int urgent, char *data, int len)
 			reply[1] = 1;	/* generic failure */
 			sk_write(pf->s, (char *) reply, lenof(reply));
 			pfd_close(pf);
-			return 1;
+			return;
 		    }
 		    /*
 		     * Now we have a viable connect request. Switch
@@ -350,7 +347,7 @@ static int pfd_receive(Plug plug, int urgent, char *data, int len)
 			reply[1] = 8;	/* atype not supported */
 			sk_write(pf->s, (char *) reply, lenof(reply));
 			pfd_close(pf);
-			return 1;
+			return;
 		    }
 		}
 	    }
@@ -362,9 +359,9 @@ static int pfd_receive(Plug plug, int urgent, char *data, int len)
 	     * close the connection rudely.
 	     */
 	    pfd_close(pf);
-	    return 1;
+            break;
 	}
-	return 1;
+	return;
 
 	/*
 	 * We come here when we're ready to make an actual
@@ -383,7 +380,7 @@ static int pfd_receive(Plug plug, int urgent, char *data, int len)
 	pf->c = new_sock_channel(pf->backhandle, pf);
 	if (pf->c == NULL) {
 	    pfd_close(pf);
-	    return 1;
+	    return;
 	} else {
 	    /* asks to forward to the specified host/port for this */
 	    wrap_send_port_open(pf->c, pf->hostname, pf->port, pf->s);
@@ -406,7 +403,6 @@ static int pfd_receive(Plug plug, int urgent, char *data, int len)
 	    sk_set_frozen(pf->s, 1);
 	}
     }
-    return 1;
 }
 
 static void pfd_sent(Plug plug, int bufsize)

source/putty/proxy.c

@@ -201,8 +201,8 @@ static void plug_proxy_log(Plug plug, int type, SockAddr addr, int port,
     plug_log(ps->plug, type, addr, port, error_msg, error_code);
 }
 
-static int plug_proxy_closing (Plug p, const char *error_msg,
-			       int error_code, int calling_back)
+static void plug_proxy_closing (Plug p, const char *error_msg,
+				int error_code, int calling_back)
 {
     Proxy_Plug pp = (Proxy_Plug) p;
     Proxy_Socket ps = pp->proxy_socket;
@@ -211,13 +211,13 @@ static int plug_proxy_closing (Plug p, const char *error_msg,
 	ps->closing_error_msg = error_msg;
 	ps->closing_error_code = error_code;
 	ps->closing_calling_back = calling_back;
-	return ps->negotiate(ps, PROXY_CHANGE_CLOSING);
+	ps->negotiate(ps, PROXY_CHANGE_CLOSING);
+    } else {
+        plug_closing(ps->plug, error_msg, error_code, calling_back);
     }
-    return plug_closing(ps->plug, error_msg,
-			error_code, calling_back);
 }
 
-static int plug_proxy_receive (Plug p, int urgent, char *data, int len)
+static void plug_proxy_receive (Plug p, int urgent, char *data, int len)
 {
     Proxy_Plug pp = (Proxy_Plug) p;
     Proxy_Socket ps = pp->proxy_socket;
@@ -231,9 +231,10 @@ static int plug_proxy_receive (Plug p, int urgent, char *data, int len)
 	ps->receive_urgent = urgent;
 	ps->receive_data = data;
 	ps->receive_len = len;
-	return ps->negotiate(ps, PROXY_CHANGE_RECEIVE);
+	ps->negotiate(ps, PROXY_CHANGE_RECEIVE);
+    } else {
+        plug_receive(ps->plug, urgent, data, len);
     }
-    return plug_receive(ps->plug, urgent, data, len);
 }
 
 static void plug_proxy_sent (Plug p, int bufsize)
@@ -644,9 +645,9 @@ int proxy_http_negotiate (Proxy_Socket p, int change)
 	 * a socket close, then some error must have occurred. we'll
 	 * just pass those errors up to the backend.
 	 */
-	return plug_closing(p->plug, p->closing_error_msg,
-			    p->closing_error_code,
-			    p->closing_calling_back);
+	plug_closing(p->plug, p->closing_error_msg, p->closing_error_code,
+		     p->closing_calling_back);
+	return 0; /* ignored */
     }
 
     if (change == PROXY_CHANGE_SENT) {
@@ -847,9 +848,9 @@ int proxy_socks4_negotiate (Proxy_Socket p, int change)
 	 * a socket close, then some error must have occurred. we'll
 	 * just pass those errors up to the backend.
 	 */
-	return plug_closing(p->plug, p->closing_error_msg,
-			    p->closing_error_code,
-			    p->closing_calling_back);
+	plug_closing(p->plug, p->closing_error_msg, p->closing_error_code,
+		     p->closing_calling_back);
+	return 0; /* ignored */
     }
 
     if (change == PROXY_CHANGE_SENT) {
@@ -987,9 +988,9 @@ int proxy_socks5_negotiate (Proxy_Socket p, int change)
 	 * a socket close, then some error must have occurred. we'll
 	 * just pass those errors up to the backend.
 	 */
-	return plug_closing(p->plug, p->closing_error_msg,
-			    p->closing_error_code,
-			    p->closing_calling_back);
+        plug_closing(p->plug, p->closing_error_msg, p->closing_error_code,
+		     p->closing_calling_back);
+	return 0; /* ignored */
     }
 
     if (change == PROXY_CHANGE_SENT) {
@@ -1561,9 +1562,9 @@ int proxy_telnet_negotiate (Proxy_Socket p, int change)
 	 * a socket close, then some error must have occurred. we'll
 	 * just pass those errors up to the backend.
 	 */
-	return plug_closing(p->plug, p->closing_error_msg,
-			    p->closing_error_code,
-			    p->closing_calling_back);
+	plug_closing(p->plug, p->closing_error_msg, p->closing_error_code,
+		     p->closing_calling_back);
+	return 0; /* ignored */
     }
 
     if (change == PROXY_CHANGE_SENT) {

source/putty/ssh.c

@@ -303,7 +303,7 @@ enum {
  * macros look impenetrable to you, you might find it helpful to
  * read
  * 
- *   http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html
+ *   https://www.chiark.greenend.org.uk/~sgtatham/coroutines.html
  * 
  * which explains the theory behind these macros.
  * 
@@ -3560,8 +3560,8 @@ void ssh_connshare_log(Ssh ssh, int event, const char *logtext,
     }
 }
 
-static int ssh_closing(Plug plug, const char *error_msg, int error_code,
-		       int calling_back)
+static void ssh_closing(Plug plug, const char *error_msg, int error_code,
+			int calling_back)
 {
     Ssh ssh = (Ssh) plug;
     int need_notify = ssh_do_close(ssh, FALSE);
@@ -3583,18 +3583,15 @@ static int ssh_closing(Plug plug, const char *error_msg, int error_code,
 	logevent(error_msg);
     if (!ssh->close_expected || !ssh->clean_exit)
 	connection_fatal(ssh->frontend, "%s", error_msg);
-    return 0;
 }
 
-static int ssh_receive(Plug plug, int urgent, char *data, int len)
+static void ssh_receive(Plug plug, int urgent, char *data, int len)
 {
     Ssh ssh = (Ssh) plug;
     ssh_gotdata(ssh, (unsigned char *)data, len);
     if (ssh->state == SSH_STATE_CLOSED) {
 	ssh_do_close(ssh, TRUE);
-	return 0;
     }
-    return 1;
 }
 
 static void ssh_sent(Plug plug, int bufsize)
@@ -8499,18 +8496,37 @@ static void ssh2_msg_channel_open_confirmation(Ssh ssh, struct Packet *pktin)
         ssh_channel_try_eof(c);        /* in case we had a pending EOF */
 }
 
-static void ssh2_msg_channel_open_failure(Ssh ssh, struct Packet *pktin)
+static char *ssh2_channel_open_failure_error_text(struct Packet *pktin)
 {
     static const char *const reasons[] = {
-	"<unknown reason code>",
-	    "Administratively prohibited",
-	    "Connect failed",
-	    "Unknown channel type",
-	    "Resource shortage",
+        NULL,
+        "Administratively prohibited",
+        "Connect failed",
+        "Unknown channel type",
+        "Resource shortage",
     };
     unsigned reason_code;
+    const char *reason_code_string;
+    char reason_code_buf[256];
     char *reason_string;
     int reason_length;
+
+    reason_code = ssh_pkt_getuint32(pktin);
+    if (reason_code < lenof(reasons) && reasons[reason_code]) {
+        reason_code_string = reasons[reason_code];
+    } else {
+        reason_code_string = reason_code_buf;
+        sprintf(reason_code_buf, "unknown reason code %#x", reason_code);
+    }
+
+    ssh_pkt_getstring(pktin, &reason_string, &reason_length);
+
+    return dupprintf("%s [%.*s]", reason_code_string,
+                     reason_length, NULLTOEMPTY(reason_string));
+}
+
+static void ssh2_msg_channel_open_failure(Ssh ssh, struct Packet *pktin)
+{
     struct ssh_channel *c;
 
     c = ssh_channel_msg(ssh, pktin);
@@ -8519,14 +8535,9 @@ static void ssh2_msg_channel_open_failure(Ssh ssh, struct Packet *pktin)
     assert(c->halfopen); /* ssh_channel_msg will have enforced this */
 
     if (c->type == CHAN_SOCKDATA) {
-        reason_code = ssh_pkt_getuint32(pktin);
-        if (reason_code >= lenof(reasons))
-            reason_code = 0; /* ensure reasons[reason_code] in range */
-        ssh_pkt_getstring(pktin, &reason_string, &reason_length);
-        logeventf(ssh, "Forwarded connection refused by server: %s [%.*s]",
-                  reasons[reason_code], reason_length,
-                  NULLTOEMPTY(reason_string));
-
+        char *errtext = ssh2_channel_open_failure_error_text(pktin);
+        logeventf(ssh, "Forwarded connection refused by server: %s", errtext);
+        sfree(errtext);
         pfd_close(c->u.pfd.pf);
     } else if (c->type == CHAN_ZOMBIE) {
         /*
@@ -10730,15 +10741,24 @@ static void do_ssh2_authconn(Ssh ssh, const unsigned char *in, int inlen,
 	    ssh->ncmode = FALSE;
 	}
 	crWaitUntilV(pktin);
-	if (pktin->type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION) {
-	    bombout(("Server refused to open channel"));
+        if (pktin->type != SSH2_MSG_CHANNEL_OPEN_CONFIRMATION &&
+            pktin->type != SSH2_MSG_CHANNEL_OPEN_FAILURE) {
+            bombout(("Server sent strange packet %d in response to main "
+                     "channel open request", pktin->type));
 	    crStopV;
-	    /* FIXME: error data comes back in FAILURE packet */
-	}
+        }
 	if (ssh_pkt_getuint32(pktin) != ssh->mainchan->localid) {
-	    bombout(("Server's channel confirmation cited wrong channel"));
+	    bombout(("Server's response to main channel open cited wrong"
+                     " channel number"));
+	    crStopV;
+	}
+	if (pktin->type == SSH2_MSG_CHANNEL_OPEN_FAILURE) {
+            char *errtext = ssh2_channel_open_failure_error_text(pktin);
+            bombout(("Server refused to open main channel: %s", errtext));
+            sfree(errtext);
 	    crStopV;
 	}
+
 	ssh->mainchan->remoteid = ssh_pkt_getuint32(pktin);
 	ssh->mainchan->halfopen = FALSE;
 	ssh->mainchan->type = CHAN_MAINSESSION;

source/putty/sshshare.c

@@ -911,8 +911,8 @@ static void share_disconnect(struct ssh_sharing_connstate *cs,
     share_begin_cleanup(cs);
 }
 
-static int share_closing(Plug plug, const char *error_msg, int error_code,
-                         int calling_back)
+static void share_closing(Plug plug, const char *error_msg, int error_code,
+			  int calling_back)
 {
     struct ssh_sharing_connstate *cs = (struct ssh_sharing_connstate *)plug;
 
@@ -935,7 +935,6 @@ static int share_closing(Plug plug, const char *error_msg, int error_code,
                              "Socket error: %s", error_msg);
     }
     share_begin_cleanup(cs);
-    return 1;
 }
 
 static int getstring_inner(const void *vdata, int datalen,
@@ -1775,17 +1774,17 @@ static void share_got_pkt_from_downstream(struct ssh_sharing_connstate *cs,
  * Coroutine macros similar to, but simplified from, those in ssh.c.
  */
 #define crBegin(v)	{ int *crLine = &v; switch(v) { case 0:;
-#define crFinish(z)	} *crLine = 0; return (z); }
+#define crFinishV	} *crLine = 0; return; }
 #define crGetChar(c) do                                         \
     {                                                           \
         while (len == 0) {                                      \
-            *crLine =__LINE__; return 1; case __LINE__:;        \
+            *crLine =__LINE__; return; case __LINE__:;          \
         }                                                       \
         len--;                                                  \
         (c) = (unsigned char)*data++;                           \
     } while (0)
 
-static int share_receive(Plug plug, int urgent, char *data, int len)
+static void share_receive(Plug plug, int urgent, char *data, int len)
 {
     struct ssh_sharing_connstate *cs = (struct ssh_sharing_connstate *)plug;
     static const char expected_verstring_prefix[] =
@@ -1858,7 +1857,7 @@ static int share_receive(Plug plug, int urgent, char *data, int len)
     }
 
   dead:;
-    crFinish(1);
+    crFinishV;
 }
 
 static void share_sent(Plug plug, int bufsize)
@@ -1875,8 +1874,8 @@ static void share_sent(Plug plug, int bufsize)
      */
 }
 
-static int share_listen_closing(Plug plug, const char *error_msg,
-                                int error_code, int calling_back)
+static void share_listen_closing(Plug plug, const char *error_msg,
+				 int error_code, int calling_back)
 {
     struct ssh_sharing_state *sharestate = (struct ssh_sharing_state *)plug;
     if (error_msg)
@@ -1884,7 +1883,6 @@ static int share_listen_closing(Plug plug, const char *error_msg,
                          "listening socket: %s", error_msg);
     sk_close(sharestate->listensock);
     sharestate->listensock = NULL;
-    return 1;
 }
 
 static void share_send_verstring(struct ssh_sharing_connstate *cs)
@@ -2047,10 +2045,9 @@ char *ssh_share_sockname(const char *host, int port, Conf *conf)
 
 static void nullplug_socket_log(Plug plug, int type, SockAddr addr, int port,
                                 const char *error_msg, int error_code) {}
-static int nullplug_closing(Plug plug, const char *error_msg, int error_code,
-                            int calling_back) { return 0; }
-static int nullplug_receive(Plug plug, int urgent, char *data,
-                            int len) { return 0; }
+static void nullplug_closing(Plug plug, const char *error_msg, int error_code,
+			     int calling_back) {}
+static void nullplug_receive(Plug plug, int urgent, char *data, int len) {}
 static void nullplug_sent(Plug plug, int bufsize) {}
 
 int ssh_share_test_for_upstream(const char *host, int port, Conf *conf)

source/putty/tree234.c

@@ -681,7 +681,7 @@ static void *delpos234_internal(tree234 * t, int index)
 	    LOG(("  moving to subtree %d\n", ki));
 	    sub = n->kids[ki];
 	    if (!sub->elems[1]) {
-		LOG(("  subtree has only one element!\n", ki));
+		LOG(("  subtree has only one element!\n"));
 		if (ki > 0 && n->kids[ki - 1]->elems[1]) {
 		    /*
 		     * Case 3a, left-handed variant. Child ki has

source/putty/version.h

@@ -1,6 +1,6 @@
 /* Generated by automated build script */
-#define RELEASE 0.69
-#define TEXTVER "Release 0.69"
-#define SSHVER "PuTTY-Release-0.69"
-#define BINARY_VERSION 0,69,0,0
-#define SOURCE_COMMIT "b1829b81b5c0d12dcc91f6b50b0b4d83c3df6a8e"
+#define RELEASE 0.70
+#define TEXTVER "Release 0.70"
+#define SSHVER "PuTTY-Release-0.70"
+#define BINARY_VERSION 0,70,0,0
+#define SOURCE_COMMIT "3cd10509a51edf5a21cdc80aabf7e6a934522d47"

source/putty/windows/winmisc.c

@@ -177,9 +177,11 @@ void dll_hijacking_protection(void)
 
     if (!kernel32_module) {
         kernel32_module = load_system32_dll("kernel32.dll");
-#if defined _MSC_VER && _MSC_VER < 1900
-        /* For older Visual Studio, this function isn't available in
-         * the header files to type-check */
+#if (defined _MSC_VER && _MSC_VER < 1900) || defined COVERITY
+        /* For older Visual Studio, and also for the system I
+         * currently use for Coveritying the Windows code, this
+         * function isn't available in the header files to
+         * type-check */
         GET_WINDOWS_FUNCTION_NO_TYPECHECK(
             kernel32_module, SetDefaultDllDirectories);
 #else

source/putty/windows/winnet.c

@@ -305,11 +305,21 @@ void sk_init(void)
     GET_WINDOWS_FUNCTION(winsock_module, WSAStartup);
     GET_WINDOWS_FUNCTION(winsock_module, WSACleanup);
     GET_WINDOWS_FUNCTION(winsock_module, closesocket);
+#ifndef COVERITY
     GET_WINDOWS_FUNCTION(winsock_module, ntohl);
     GET_WINDOWS_FUNCTION(winsock_module, htonl);
     GET_WINDOWS_FUNCTION(winsock_module, htons);
     GET_WINDOWS_FUNCTION(winsock_module, ntohs);
     GET_WINDOWS_FUNCTION(winsock_module, gethostname);
+#else
+    /* The toolchain I use for Windows Coverity builds doesn't know
+     * the type signatures of these */
+    GET_WINDOWS_FUNCTION_NO_TYPECHECK(winsock_module, ntohl);
+    GET_WINDOWS_FUNCTION_NO_TYPECHECK(winsock_module, htonl);
+    GET_WINDOWS_FUNCTION_NO_TYPECHECK(winsock_module, htons);
+    GET_WINDOWS_FUNCTION_NO_TYPECHECK(winsock_module, ntohs);
+    GET_WINDOWS_FUNCTION_NO_TYPECHECK(winsock_module, gethostname);
+#endif
     GET_WINDOWS_FUNCTION(winsock_module, gethostbyname);
     GET_WINDOWS_FUNCTION(winsock_module, getservbyname);
     GET_WINDOWS_FUNCTION(winsock_module, inet_addr);
@@ -548,7 +558,7 @@ SockAddr sk_namelookup(const char *host, char **canonicalname,
 
     if ((a = p_inet_addr(host)) == (unsigned long) INADDR_NONE) {
 	struct hostent *h = NULL;
-	int err;
+	int err = 0;
 #ifndef NO_IPV6
 	/*
 	 * Use getaddrinfo when it's available
@@ -1625,9 +1635,9 @@ static void sk_tcp_write_eof(Socket sock)
 	try_send(s);
 }
 
-int select_result(WPARAM wParam, LPARAM lParam)
+void select_result(WPARAM wParam, LPARAM lParam)
 {
-    int ret, open;
+    int ret;
     DWORD err;
     char buf[20480];		       /* nice big buffer for plenty of speed */
     Actual_Socket s;
@@ -1636,11 +1646,11 @@ int select_result(WPARAM wParam, LPARAM lParam)
     /* wParam is the socket itself */
 
     if (wParam == 0)
-	return 1;		       /* boggle */
+	return;		       /* boggle */
 
     s = find234(sktree, (void *) wParam, cmpforsearch);
     if (!s)
-	return 1;		       /* boggle */
+	return;		       /* boggle */
 
     if ((err = WSAGETSELECTERROR(lParam)) != 0) {
 	/*
@@ -1657,9 +1667,8 @@ int select_result(WPARAM wParam, LPARAM lParam)
 	    }
 	}
 	if (err != 0)
-	    return plug_closing(s->plug, winsock_error_string(err), err, 0);
-	else
-	    return 1;
+	    plug_closing(s->plug, winsock_error_string(err), err, 0);
+	return;
     }
 
     noise_ultralight(lParam);
@@ -1712,12 +1721,11 @@ int select_result(WPARAM wParam, LPARAM lParam)
 	    }
 	}
 	if (ret < 0) {
-	    return plug_closing(s->plug, winsock_error_string(err), err,
-				0);
+	    plug_closing(s->plug, winsock_error_string(err), err, 0);
 	} else if (0 == ret) {
-	    return plug_closing(s->plug, NULL, 0, 0);
+	    plug_closing(s->plug, NULL, 0, 0);
 	} else {
-	    return plug_receive(s->plug, atmark ? 0 : 1, buf, ret);
+	    plug_receive(s->plug, atmark ? 0 : 1, buf, ret);
 	}
 	break;
       case FD_OOB:
@@ -1737,7 +1745,7 @@ int select_result(WPARAM wParam, LPARAM lParam)
 	    logevent(NULL, str);
 	    fatalbox("%s", str);
 	} else {
-	    return plug_receive(s->plug, 2, buf, ret);
+	    plug_receive(s->plug, 2, buf, ret);
 	}
 	break;
       case FD_WRITE:
@@ -1753,23 +1761,21 @@ int select_result(WPARAM wParam, LPARAM lParam)
 	break;
       case FD_CLOSE:
 	/* Signal a close on the socket. First read any outstanding data. */
-	open = 1;
 	do {
 	    ret = p_recv(s->s, buf, sizeof(buf), 0);
 	    if (ret < 0) {
 		err = p_WSAGetLastError();
 		if (err == WSAEWOULDBLOCK)
 		    break;
-		return plug_closing(s->plug, winsock_error_string(err),
-				    err, 0);
+		plug_closing(s->plug, winsock_error_string(err), err, 0);
 	    } else {
 		if (ret)
-		    open &= plug_receive(s->plug, 0, buf, ret);
+		    plug_receive(s->plug, 0, buf, ret);
 		else
-		    open &= plug_closing(s->plug, NULL, 0, 0);
+		    plug_closing(s->plug, NULL, 0, 0);
 	    }
 	} while (ret > 0);
-	return open;
+	return;
        case FD_ACCEPT:
 	{
 #ifdef NO_IPV6
@@ -1807,8 +1813,6 @@ int select_result(WPARAM wParam, LPARAM lParam)
 	    }
 	}
     }
-
-    return 1;
 }
 
 /*

source/putty/windows/winstuff.h

@@ -19,7 +19,7 @@
  * stddef.h. So here we try to make sure _some_ standard header is
  * included which defines uintptr_t. */
 #include <stddef.h>
-#if !defined _MSC_VER || _MSC_VER >= 1600
+#if !defined _MSC_VER || _MSC_VER >= 1600 || defined __clang__
 #include <stdint.h>
 #endif
 
@@ -284,7 +284,7 @@ GLOBAL void *logctx;
 /*
  * Exports from winnet.c.
  */
-extern int select_result(WPARAM, LPARAM);
+extern void select_result(WPARAM, LPARAM);
 
 /*
  * winnet.c dynamically loads WinSock 2 or WinSock 1 depending on
@@ -533,8 +533,9 @@ GLOBAL int restricted_acl;
 #ifndef LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR
 #define LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR 0x00000100
 #endif
-#if _MSC_VER < 1400
+#ifndef DLL_DIRECTORY_COOKIE
 typedef PVOID DLL_DIRECTORY_COOKIE;
+DECLSPEC_IMPORT DLL_DIRECTORY_COOKIE WINAPI AddDllDirectory (PCWSTR NewDirectory);
 #endif
 
 /*

source/putty/x11fwd.c

@@ -58,11 +58,9 @@ static int xdmseen_cmp(void *a, void *b)
  *      independent network.c or something */
 static void dummy_plug_log(Plug p, int type, SockAddr addr, int port,
 			   const char *error_msg, int error_code) { }
-static int dummy_plug_closing
-     (Plug p, const char *error_msg, int error_code, int calling_back)
-{ return 1; }
-static int dummy_plug_receive(Plug p, int urgent, char *data, int len)
-{ return 1; }
+static void dummy_plug_closing
+     (Plug p, const char *error_msg, int error_code, int calling_back) { }
+static void dummy_plug_receive(Plug p, int urgent, char *data, int len) { }
 static void dummy_plug_sent(Plug p, int bufsize) { }
 static int dummy_plug_accepting(Plug p, accept_fn_t constructor, accept_ctx_t ctx) { return 1; }
 static const struct plug_function_table dummy_plug = {
@@ -616,8 +614,8 @@ static void x11_log(Plug p, int type, SockAddr addr, int port,
 static void x11_send_init_error(struct X11Connection *conn,
                                 const char *err_message);
 
-static int x11_closing(Plug plug, const char *error_msg, int error_code,
-		       int calling_back)
+static void x11_closing(Plug plug, const char *error_msg, int error_code,
+			int calling_back)
 {
     struct X11Connection *xconn = (struct X11Connection *) plug;
 
@@ -646,11 +644,9 @@ static int x11_closing(Plug plug, const char *error_msg, int error_code,
         if (xconn->c)
             sshfwd_write_eof(xconn->c);
     }
-
-    return 1;
 }
 
-static int x11_receive(Plug plug, int urgent, char *data, int len)
+static void x11_receive(Plug plug, int urgent, char *data, int len)
 {
     struct X11Connection *xconn = (struct X11Connection *) plug;
 
@@ -659,8 +655,6 @@ static int x11_receive(Plug plug, int urgent, char *data, int len)
         xconn->no_data_sent_to_x_client = FALSE;
 	sk_set_frozen(xconn->s, 1);
     }
-
-    return 1;
 }
 
 static void x11_sent(Plug plug, int bufsize)