Граф коммитов

38 Коммитов

Автор SHA1 Сообщение Дата
Jacob Nevins 92db92af5a Control of 'addr' is now handed over to {platform_,}new_connection() and
sk_new() on invocation; these functions become responsible for (eventually)
freeing it. The caller must not do anything with 'addr' after it's been passed
in. (Ick.)

Why:
A SOCKS5 crash appears to have been caused by overzealous freeing of
a SockAddr (ssh.c:1.257 [r2492]), which for proxied connections is
squirreled away long-term (and this can't easily be avoided).

It would have been nice to make a copy of the SockAddr, in case the caller has
a use for it, but one of the implementations (uxnet.c) hides a "struct
addrinfo" in there, and we have no defined way to duplicate those. (None of the
current callers _do_ have a further use for the SockAddr.)

As far as I can tell, everything _except_ proxying only needs addr for the
duration of the call, so sk_addr_free()s immediately. If I'm mistaken, it
should at least be easier to find the offending free()...

[originally from svn r3383]
[r2492 == bdd6633970]
2003-08-07 16:04:33 +00:00
Ben Harris 8a91a0516f Move prototype for platform_new_connection() to a header file so the
definitions can be checked against it.

[originally from svn r3248]
2003-06-06 10:42:14 +00:00
Jacob Nevins 2b6fb2ceae Incorporate matthew.gabeler-lee's suggested fix for badness with multiple
exact hostnames in the proxy exclusion list.
<OF63043512.26ABC6B9-ON85256D21.006C33C6-85256D21.006C4B81@EU.novartis.net>

[originally from svn r3205]
2003-05-24 10:57:53 +00:00
Ben Harris c98b69f651 Eliminate a "possible unintended assignment" warning.
[originally from svn r3179]
2003-05-10 11:50:18 +00:00
Simon Tatham 9a242f06ba Fixes for Debian bug #192701 (64-bit gccs warn about casts between
ptrs and ints of different size and -Werror makes this serious).
The GTK bits are done by Colin's patch to use GINT_TO_POINTER
(thanks); the uxnet bits are done by cleaning up the rest of the
code. In particular, network.h now typedefs `OSSocket' to be a type
capable of holding whatever the OS's socket data type is that
underlies our socket abstraction. Individual platforms can make this
typedef themselves if they define OSSOCKET_DEFINED to prevent
network.h redoing it; so the Unix OSSocket is now int. Default is
still void *, so other platforms should be unaffected.

[originally from svn r3171]
2003-05-10 08:35:54 +00:00
Simon Tatham 8460ecd27d Yesterday's proxy enhancements also slightly nadgered the config
box, in that it started to expand under the weight of proxy options.
Now fixed, by folding the SOCKS version selector into the general
proxy type selector so there's one single 5- or 6-way radio button
set split over two lines. settings.c has of course grown a backwards
compatibility wart to deal with legacy config data.

[originally from svn r3168]
2003-05-07 12:07:23 +00:00
Simon Tatham 03fa61025b Support, on Unix only (so far), for OpenSSH-style generic proxying
(running a local command in a pair of pipes and proxying through
that, for example `ssh proxyhost nc -q0 %host %port').

[originally from svn r3164]
2003-05-06 19:52:31 +00:00
Simon Tatham 6bb121ecb9 Colin's const-fixing Patch Of Death. Seems to build fine on Windows
as well as Unix, so it can go in.

[originally from svn r3162]
2003-05-04 14:18:18 +00:00
Simon Tatham 041dcfd83d Unix makefile now uses -O2, which massively cuts down key exchange
time. This gives rise to a whole bunch of spare warnings, one or two
of which might have been actual bugs; now all resolved.

[originally from svn r3134]
2003-04-23 13:48:09 +00:00
Ben Harris 62c756c3f3 socks5_negotiate(): rather than using an uninitialised value when passed
an address of an invalid type, assert() that it will never happen.
Do something similar for SOCKS4 as well.

[originally from svn r3114]
2003-04-12 21:23:58 +00:00
Simon Tatham d36a4c3685 Introduced wrapper macros snew(), snewn() and sresize() for the
malloc functions, which automatically cast to the same type they're
allocating the size of. Should prevent any future errors involving
mallocing the size of the wrong structure type, and will also make
life easier if we ever need to turn the PuTTY core code from real C
into C++-friendly C. I haven't touched the Mac frontend in this
checkin because I couldn't compile or test it.

[originally from svn r3014]
2003-03-29 16:14:26 +00:00
Ben Harris 7f84c9f2da Change the token for HTTP Basic Authentication from "basic" to "Basic".
According to RFC 2617, it should be case-insensitive, but some proxies
(Microsoft Proxy Server in particular) erroneously reject "basic".
Should fix semi-bug msproxy-denied.

[originally from svn r2959]
2003-03-18 19:12:40 +00:00
Simon Tatham 73203bce79 Never pass a `char' to a ctype function. I had relied on gcc -Wall
letting me know about instances of this, but it turns out that my
ctype.h explicitly casts input values to `int' to evade the
`subscript has type char' warning, so it had been carefully not
letting me know! Found them all by compiling with a doctored
ctype.h, and hopefully fixed them all too.

[originally from svn r2927]
2003-03-11 09:30:31 +00:00
Simon Tatham 6aa4211f6e Remove all `enum'-typed variables from the Config structure.
Everything in there which is integral is now an actual int, which
means my forthcoming revamp of the config box will be able to work
with `int *' pointers without fear of doom.

[originally from svn r2733]
2003-01-27 18:02:24 +00:00
Simon Tatham 952857fca3 proxy.c now no longer refers to `cfg'. Instead, each of the three
proxy-indirection network functions (name_lookup, new_connection,
new_listener) takes a `const Config *' as an argument, and extracts
enough information from it before returning to handle that
particular network operation in accordance with the proxy settings
it specifies. This involved {win,ux}net.c due to a `const'
repercussion.

[originally from svn r2567]
2003-01-12 15:26:10 +00:00
Simon Tatham 86977efa81 Introduce framework for authenticating with the local X server.
Windows and Mac backends have acquired auth-finding functions which
do nothing; Unix backend has acquired one which actually works, so
Plink can now do X forwarding believably.
(This checkin stretches into some unlikely parts of the code because
there have been one or two knock-on effects involving `const'. Bah.)

[originally from svn r2536]
2003-01-10 18:33:35 +00:00
Ben Harris 6796ffc082 Fix some char * vs unsigned char * conversions, plus a stylistic nit, both
courtesy of Apple's compilers.

[originally from svn r2448]
2003-01-04 16:56:33 +00:00
Simon Tatham 327b9b7f1a Presence of unexpected characters in the proxy exclude list causes a
tight loop in proxy_for_destination(). Fixed.

[originally from svn r2415]
2003-01-02 10:07:17 +00:00
Simon Tatham a564ad3140 Support for doing DNS at the proxy end. I've invented a new type of
SockAddr, which just contains an unresolved hostname and is created
by a stub function in *net.c. It's an error to pass this to most of
the real-meat functions in *net.c; these fake addresses should have
been dealt with by the time they get down that far. proxy.c now
contains name_lookup(), a wrapper on sk_namelookup() which decides
whether or not to do real DNS, and the individual proxy
implementations each deal sensibly with being handed an unresolved
address and avoid ever passing one down to *net.c.

[originally from svn r2353]
2002-12-18 16:23:11 +00:00
Simon Tatham e1cc16e6be Better reporting of DNS errors while trying to find the proxy server.
[originally from svn r2350]
2002-12-18 12:32:18 +00:00
Simon Tatham 8304f4e0dc Stop proxying connections to localhost by default; should fix
`x11-proxy-crash'.

[originally from svn r2348]
2002-12-18 12:18:54 +00:00
Simon Tatham 99b870dbc6 Implement `portfwd-loopback-choice'. Works on local side in Unix as
well, though it's a lot less useful since you still can't bind to
low-numbered ports of odd loopback IPs. Should work in principle for
SSH2 remote forwardings as well as local ones, but OpenSSH seems
unwilling to cooperate.

[originally from svn r2344]
2002-12-18 11:39:25 +00:00
Jacob Nevins 93c1b22f0d IPv4/IPv6 sense problem in SOCKS5 proxying spotted by Andrey Borzenkov --
recent change.

[originally from svn r2301]
2002-12-10 10:19:51 +00:00
Jacob Nevins 5d20178a12 Wrong length was causing spurious \0 to be sent during SSH negotiation with
HTTP proxy -- fixed. (Also added a "len -= eol" to HTTP header munching,
although it has no practical effect.) HTTP proxying now works again, hurrah.

[originally from svn r2292]
2002-12-08 15:32:40 +00:00
Jacob Nevins 602834d887 Fix write to freed memory in HTTP proxying. Things aren't entirely happy yet,
though.

[originally from svn r2285]
2002-12-07 21:15:49 +00:00
Simon Tatham 7c95ea19c8 Robustness fixes for KEXINIT handling and others. In particular, I've
created a self-mallocing variant of sprintf, to obviate any future
need for paranoid %.100s type stuff in format strings.

[originally from svn r2199]
2002-11-07 19:49:03 +00:00
Simon Tatham 52bdffbfe0 More preparatory work: remove the <windows.h> include from lots of
source files in which it's no longer required (it was previously
required in anything that included <putty.h>, but not any more).
Also moved a couple of stray bits of exposed WinSock back into
winnet.c (getservbyname from ssh.c and AF_INET from proxy.c).

[originally from svn r2160]
2002-10-30 17:57:31 +00:00
Simon Tatham feec0e22ea Fix proxy.c so that the static variables become const.
[originally from svn r2144]
2002-10-26 11:12:24 +00:00
Jacob Nevins c0a3c62f6a Minor compiler nits:
- use smalloc/sfree, not malloc/free
 - include <ctype.h>
 - include <string.h> (although this doesn't shut the compiler up about
   non-ANSI stricmp/strnicmp)

[originally from svn r2121]
2002-10-23 14:24:40 +00:00
Simon Tatham d32e06c1fe Justin Bradford's patch for increased proxy robustness.
[originally from svn r2111]
2002-10-22 09:40:38 +00:00
Jacob Nevins 71a97ab286 Initialise some members of the Proxy_Socket structure that were left
uninitialised. This problem only showed up with mingw builds of PuTTY
(maybe MSVCRT is more forgiving with malloc initialisation than CRTDLL?).
The 'error' field was causing me most trouble, and I think the other two
were necessary too before things started working.
Note however that I don't fully understand the code, and that there are
more uninitialised fields in the structure.

[originally from svn r2029]
2002-10-11 12:29:27 +00:00
Simon Tatham d7b36aed7f Finish replacing `Network error' with `Proxy error' throughout proxy
code.

[originally from svn r1976]
2002-09-24 19:27:58 +00:00
Simon Tatham e7e92ac22a Cleanups to proxy code: greater robustness in receiving proxy data,
better error reporting for SOCKS 5 and HTTP proxies.

[originally from svn r1973]
2002-09-21 16:52:21 +00:00
Simon Tatham d33c200de1 Support username/password authentication in SOCKS 5.
[originally from svn r1972]
2002-09-21 16:07:43 +00:00
Simon Tatham 442a360fb2 Support username and password authentication when talking to HTTP
proxies.

[originally from svn r1971]
2002-09-21 14:03:05 +00:00
Simon Tatham 5331956c07 SOCKS proxy support added (next instalment of Justin Bradford's
proxy work). SOCKS 5 username/password authentication still
unsupported.

[originally from svn r1622]
2002-04-27 15:01:18 +00:00
Simon Tatham ecd496a621 Updates to proxy support, both from me and from Justin Bradford.
Removed unnecessary spin locks, added a few comments, added support
for Telnet-type proxies, and wrote some documentation.

[originally from svn r1607]
2002-03-27 21:09:16 +00:00
Simon Tatham eabd704d1e Justin Bradford's proxy support patch. Currently supports only HTTP
CONNECT, but contains an extensible framework to allow other
proxies. Apparently SOCKS and ad-hoc-telnet-proxy are already
planned (the GUI mentions them already even though they don't work
yet). GUI includes full configurability and allows definition of
exclusion zones. Rock and roll.

[originally from svn r1598]
2002-03-23 17:47:21 +00:00