The one-off reminder to finish the key rollover is now done, so I can
remove it.

(cherry picked...

The initial test for a line ending with "PRIVATE KEY-----" failed to
take into account the possi...

I spotted that I've been checking that old-style Windows Help files
were delivered with content-...

I've added a few sample shell commands in the upload procedure (mostly
so that I don't have to f...

All those bits are clear anyway.

Bug found with the help of afl-fuzz.

(cherry picked from comm...

GCC 6 emits strict-aliasing warnings here, so use the existing
sockaddr_union arrangements to av...

GCC 6 warns about potentially misleading indentation, such as:

if (condition) stmt1; stmt2;...

Not that anyone actually needs to use that conditioned-out main(),
since it only generates the t...

Thanks to @ch3root again for this patch.

Thanks to @ch3root on Twitter for spotting it, and thanks to Chris
Emerson for bothering to let ...

Arrgh, _another_ one I only remember seconds too late!

Now we have licence.pl, it seems to me to make very good sense to have
it generate the Halibut f...

Now all the uses of the licence text or the short copyright notice get
it from a new header "lic...

This makes the About and Licence boxes copy-and-pasteable, similarly
to what I've just done on U...

I've made the licence text, the About box, and the host key dialog
into GTK selectable edit cont...

Proper snprintf is finally supported as of the latest Visual Studio,
and has better semantics fo...

One of these days I'll think of a way of not forgetting this every
time...

Occurred as a side effect of commit 198bca233, in which I wrote a Perl
loop of the form 'foreach...

Now you can run a command like "nmake /f Makefile.vc BUILDDIR=foo\",
which will cause all the ge...

We had inadvertently raised the minimum supported Windows version in
the course of restricting P...

This enables it to combine the compilation of multiple source files
into a single 'cl' command w...

This is noticeably faster than a sequence of 'echo' commands, because
the file gets created all ...

I've found in the last day or two that the first thing I want to do
after any successful run of ...

This makes it easier to compile in multiple debugging modes, or on
Windows, without having to co...

This commit fulfills the promise of the previous one: now one of the
branches of sshbn.h's big i...

As I mentioned in the previous commit, I'm going to want PuTTY to be
able to run sensibly when c...

DIVMOD_WORD is a portability hazard, because implementing it requires
either a way to get direct...

I'm about to rewrite the division code, so it'll be useful to have a
way to test it directly, pa...

I called a 'pow' test line 'mul' in an error message.

Or, at least, potentially do so. The build script now has a slot into
which code-signing can be ...

When we provide an editable text box with a drop-down list of useful
preset values, such as the ...

logevent() doesn't do printf-style formatting (though the logeventf
wrapper in ssh.c does), so i...

I'd missed out an if statement in the Unix proxy stderr code
introduced by commit 297efff30, cau...

/dynamicbase and /nxcompat on the VC linker command line should
enable DEP and ASLR according to...

By default Windows processes have wide open ACLs which allow interference
by other processes run...

gtk_misc_set_alignment was deprecated in GTK 3.14. But my replacement
code using gtk_label_set_x...

Thanks to Colin Harrison for spotting it very quickly. No thanks to
Visual Studio for only givin...

It has three settings: on, off, and 'only until session starts'. The
idea of the last one is tha...

I'm about to want to make a change to all those functions at once, and
since they're almost iden...

We set up a pair of bufchains for the standard input and output
exchanged with the proxy process...

On both Unix and Windows, we now redirect the local proxy command's
standard error into a third ...

I've defined a new value for the 'int type' parameter passed to
plug_log(), which proxy sockets ...

There was a very old plan to flesh this out into an implementation of
SSLified Telnet, back when...

We've always had the back-end code unconditionally print 'Looking up
host' before calling name_l...

make_private_security_descriptor and a new function protectprocess().

protectprocess() opens the...

Often it means you tried to connect to port 0.

-codpage -fontname -fontsize

Half the release checklist has changed recently, what with me
completely reworking the website a...

I've added extra modes to release.pl which should automate the more
tedious parts of the deploym...

Forgot that a zero-length string might have come back from fgets.

Thanks to Hanno Böck for spot...

The initial test for a line ending with "PRIVATE KEY-----" failed to
take into account the possi...

The length coming back from ber_read_id_len might have overflowed, so
treat it as potentially ne...

TOOLTYPE_NONNETWORK (i.e. pterm) already has "-log" (as does Unix
PuTTY), so there's no sense su...

When we set ssh->sc{cipher,mac} to s->sc{cipher,mac}_tobe
conditionally, we should be conditiona...

I've added a few sample shell commands in the upload procedure (mostly
so that I don't have to f...

I spotted that I've been checking that old-style Windows Help files
were delivered with content-...

It's for regression testing and fuzzing, so there's no use for it if
you're not a developer work...

Apparently if you maintain a branch for a long time where you only
compile with a non-default if...

This includes fixes arising from the fuzzing, and also changes to make
the code compile into use...

The one-off reminder to finish the key rollover is now done, so I can
remove it.

This brings in the rest of the 0.66 branch, including some changes new
on master.

Conflicts:
...

If I'm going to announce them as a feature in 0.66, it would be
embarrassing to forget to mentio...

Everything up to here on the release branch is cherry-picks from
master anyway, and some of thei...

(cherry picked from commit 9f9d72ec58642e91b4f93ee4405a8086ee2fb2f0)

Handles managed by winhandl.c have a 'busy' flag, which is used to
mean two things: (a) is a sub...

The aim is to try to reduce the incidence of the two least helpful
classes of those reports: the...

This also means that FUZZING can just ignore host-key verification
failure while preserving inva...

Bug found with the help of afl-fuzz.

Not very much, but it might be useful for testing that changes don't
unexpectedly break things.

This adds the "none" cipher and MAC, and also disables kex signure
verification and host-key che...

The previous assertion failure is obviously wrong, but RFC 4253 doesn't
explicitly declare them ...

Starting up the random number generator is by far the slowest part of
plink's startup, and rando...

It's not used outside logfopen, and leaving an invalid file pointer
lying around in the log cont...

This saves the need to fork and exec "cat", which should speed things
up. It also ensures that ...

It just sets the proxy command to "cat %host", which is crude and slow
but seems like a good sta...

This is a minimal fix for CVE-2015-5309, and while it's probably
unnecessary now, it seems worth...

"amax == 0 || a[amax] != 0"

Essentially, when decodepoint_ed() clears the top bit of the key, i...

"confused" meaning "reading off the end of the input".

Bug found with the help of afl-fuzz.

All those bits are clear anyway.

Bug found with the help of afl-fuzz.

Dereferencing it is not correct.
Bug found with the help of afl-fuzz.

This one might be exploitable, since without the fix, ecdsa_freekey()
tries to wipe the bignum p...

Bug found with the help of afl-fuzz.

Parameters are now accumulated in unsigned integers and carefully checked
for overflow (which is...

This is a minimal fix for CVE-2015-5309, and while it's probably
unnecessary now, it seems worth...