Граф коммитов

40 Коммитов

Автор SHA1 Сообщение Дата
Simon Tatham bb78583ad2 Implement connection sharing between instances of PuTTY.
The basic strategy is described at the top of the new source file
sshshare.c. In very brief: an 'upstream' PuTTY opens a Unix-domain
socket or Windows named pipe, and listens for connections from other
PuTTYs wanting to run sessions on the same server. The protocol spoken
down that socket/pipe is essentially the bare ssh-connection protocol,
using a trivial binary packet protocol with no encryption, and the
upstream has to do some fiddly transformations that I've been
referring to as 'channel-number NAT' to avoid resource clashes between
the sessions it's managing.

This is quite different from OpenSSH's approach of using the Unix-
domain socket as a means of passing file descriptors around; the main
reason for that is that fd-passing is Unix-specific but this system
has to work on Windows too. However, there are additional advantages,
such as making it easy for each downstream PuTTY to run its own
independent set of port and X11 forwardings (though the method for
making the latter work is quite painful).

Sharing is off by default, but configuration is intended to be very
easy in the normal case - just tick one box in the SSH config panel
and everything else happens automatically.

[originally from svn r10083]
2013-11-17 14:05:41 +00:00
Simon Tatham 8be6fbaa09 Remove sk_{get,set}_private_ptr completely!
It was only actually used in X11 and port forwarding, to find internal
state structures given only the Socket that ssh.c held. So now that
that lookup has been reworked to be the sensible way round,
private_ptr is no longer used for anything and can be removed.

[originally from svn r10075]
2013-11-17 14:04:48 +00:00
Simon Tatham 19fba3fe55 Replace the hacky 'OSSocket' type with a closure.
The mechanism for constructing a new connection-type Socket when a
listening one receives an incoming connection previously worked by
passing a platform-specific 'OSSocket' type to the plug_accepting
function, which would then call sk_register to wrap it with a proper
Socket instance. This is less flexible than ideal, because it presumes
that only one kind of OS object might ever need to be turned into a
Socket. So I've replaced OSSocket throughout the code base with a pair
of parameters consisting of a function pointer and a context such that
passing the latter to the former returns the appropriate Socket; this
will permit different classes of listening Socket to pass different
function pointers.

In deference to the reality that OSSockets tend to be small integers
or pointer-sized OS handles, I've made the context parameter an
int/pointer union that can hold either of those directly, rather than
the usual approach of making it a plain 'void *' and requiring a
context structure to be dynamically allocated every time.

[originally from svn r10068]
2013-11-17 14:03:55 +00:00
Simon Tatham a6139c1ad3 Add a Socket implementation which just holds an error message.
This isn't yet used, but I plan to use it in situations where you have
to report errors by returning a valid Socket on which the client wlil
call sk_socket_error, but in fact you notice the error _before_
instantiating your usual kind of Socket. The resulting Socket is
usable for nothing except reading out the error string and closing it.

[originally from svn r10065]
2013-11-17 14:03:36 +00:00
Simon Tatham d35a41f6ba Revamp net_pending_errors using toplevel callbacks.
Again, I've removed the special-purpose ad-hockery from the assorted
front end message loops that dealt with deferred handling of socket
errors, and instead uxnet.c and winnet.c arrange that for themselves
by calling the new general top-level callback mechanism.

[originally from svn r10023]
2013-08-17 16:06:27 +00:00
Simon Tatham 808df44e54 Add an assortment of missing consts I've just noticed.
[originally from svn r9972]
2013-07-27 18:35:48 +00:00
Simon Tatham 58870f60e4 If you configure Unix PuTTY to use a proxy, tell it to even proxy
localhost connections, and also enable X forwarding in such a way that
it will attempt to connect to a Unix-domain X server socket, an
assertion will fail when proxy_for_destination() tries to call
sk_getaddr(). Fix by ensuring that Unix-domain sockets are _never_
proxied, since they fundamentally can't be.

[originally from svn r9688]
2012-10-16 20:15:51 +00:00
Simon Tatham 947962e0b9 Revamp of EOF handling in all network connections, pipes and other
data channels. Should comprehensively fix 'half-closed', in principle,
though it's a big and complicated change and so there's a good chance
I've made at least one mistake somewhere.

All connections should now be rigorous about propagating end-of-file
(or end-of-data-stream, or socket shutdown, or whatever) independently
in both directions, except in frontends with no mechanism for sending
explicit EOF (e.g. interactive terminal windows) or backends which are
basically always used for interactive sessions so it's unlikely that
an application would be depending on independent EOF (telnet, rlogin).

EOF should now never accidentally be sent while there's still buffered
data to go out before it. (May help fix 'portfwd-corrupt', and also I
noticed recently that the ssh main session channel can accidentally
have MSG_EOF sent before the output bufchain is clear, leading to
embarrassment when it subsequently does send the output).

[originally from svn r9279]
2011-09-13 11:44:03 +00:00
Simon Tatham a1f3b7a358 Post-release destabilisation! Completely remove the struct type
'Config' in putty.h, which stores all PuTTY's settings and includes an
arbitrary length limit on every single one of those settings which is
stored in string form. In place of it is 'Conf', an opaque data type
everywhere outside the new file conf.c, which stores a list of (key,
value) pairs in which every key contains an integer identifying a
configuration setting, and for some of those integers the key also
contains extra parts (so that, for instance, CONF_environmt is a
string-to-string mapping). Everywhere that a Config was previously
used, a Conf is now; everywhere there was a Config structure copy,
conf_copy() is called; every lookup, adjustment, load and save
operation on a Config has been rewritten; and there's a mechanism for
serialising a Conf into a binary blob and back for use with Duplicate
Session.

User-visible effects of this change _should_ be minimal, though I
don't doubt I've introduced one or two bugs here and there which will
eventually be found. The _intended_ visible effects of this change are
that all arbitrary limits on configuration strings and lists (e.g.
limit on number of port forwardings) should now disappear; that list
boxes in the configuration will now be displayed in a sorted order
rather than the arbitrary order in which they were added to the list
(since the underlying data structure is now a sorted tree234 rather
than an ad-hoc comma-separated string); and one more specific change,
which is that local and dynamic port forwardings on the same port
number are now mutually exclusive in the configuration (putting 'D' in
the key rather than the value was a mistake in the first place).

One other reorganisation as a result of this is that I've moved all
the dialog.c standard handlers (dlg_stdeditbox_handler and friends)
out into config.c, because I can't really justify calling them generic
any more. When they took a pointer to an arbitrary structure type and
the offset of a field within that structure, they were independent of
whether that structure was a Config or something completely different,
but now they really do expect to talk to a Conf, which can _only_ be
used for PuTTY configuration, so I've renamed them all things like
conf_editbox_handler and moved them out of the nominally independent
dialog-box management module into the PuTTY-specific config.c.

[originally from svn r9214]
2011-07-14 18:52:21 +00:00
Jacob Nevins d699530e4c Since r8305, Unix PuTTY has always "upgraded" an X11 display like "localhost:0"
to a Unix-domain socket. This typically works fine when PuTTY is run on the
same machine as the X server, but it's broken multi-hop X forwarding through
OpenSSH; when OpenSSH creates a proxy X server "localhost:10", it only listens
on TCP, not on a Unix-domain socket.

Instead, when deciding on the details of the display, we actively probe to see
if there's a Unix-domain socket we can use instead, and only use it if it's
there, falling back to the specified IP "localhost" if not.

Independently, when looking for local auth details in Xauthority for a
"localhost" TCP display, we prefer a matching Unix-domain entry, but will fall
back to an IP "localhost" entry (which would be unusual, but we don't trust a
Windows X server not to do it) -- this is a generalisation of the special case
added in r2538 (but removed in r8305, as the automatic upgrade masked the need
for it).
(This is now done in platform-independent code, so a side-effect is that
get_hostname() is now part of the networking abstraction on all platforms.)

[originally from svn r8462]
[r2538 == fda9983243]
[r8305 == ca6fc3a4da]
2009-02-24 01:01:23 +00:00
Simon Tatham 59691d28a3 Implement sk_addr_dup().
[originally from svn r8294]
2008-11-08 16:58:55 +00:00
Simon Tatham f70efc5cc6 Support for falling back through the list of addresses returned from
a DNS lookup, whether they're IPv4, v6 or a mixture of both.

[originally from svn r5119]
[this svn revision also touched putty-wishlist]
2005-01-16 14:29:34 +00:00
Simon Tatham 6daf6faede Integrate unfix.org's IPv6 patches up to level 10, with rather a lot
of polishing to bring them to what I think should in principle be
release quality. Unlike the unfix.org patches themselves, this
checkin enables IPv6 by default; if you want to leave it out, you
have to build with COMPAT=-DNO_IPV6.

I have tested that this compiles on Visual C 7 (so the nightlies
_should_ acquire IPv6 support without missing a beat), but since I
don't have IPv6 set up myself I haven't actually tested that it
_works_. It still seems to make correct IPv4 connections, but that's
all I've been able to verify for myself. Further testing is needed.

[originally from svn r5047]
[this svn revision also touched putty-wishlist]
2004-12-30 16:45:11 +00:00
Jacob Nevins 20f433efac Add a configuration option for TCP keepalives (SO_KEEPALIVE), default off.
No very good reason, but I've occasionally wanted to frob it to see if it
makes any difference to problems I'm having, and it was easy.

Tested that it does actually cause keepalives on Windows (with tcpdump);
should also work on Unix. Not implemented on Mac (does nothing), but then
neither is TCP_NODELAY.

Quite a big checkin, much of which is adding `keepalive' alongside `nodelay'
in network function calls.

[originally from svn r4309]
2004-06-20 17:07:38 +00:00
Jacob Nevins 92db92af5a Control of 'addr' is now handed over to {platform_,}new_connection() and
sk_new() on invocation; these functions become responsible for (eventually)
freeing it. The caller must not do anything with 'addr' after it's been passed
in. (Ick.)

Why:
A SOCKS5 crash appears to have been caused by overzealous freeing of
a SockAddr (ssh.c:1.257 [r2492]), which for proxied connections is
squirreled away long-term (and this can't easily be avoided).

It would have been nice to make a copy of the SockAddr, in case the caller has
a use for it, but one of the implementations (uxnet.c) hides a "struct
addrinfo" in there, and we have no defined way to duplicate those. (None of the
current callers _do_ have a further use for the SockAddr.)

As far as I can tell, everything _except_ proxying only needs addr for the
duration of the call, so sk_addr_free()s immediately. If I'm mistaken, it
should at least be easier to find the offending free()...

[originally from svn r3383]
[r2492 == bdd6633970]
2003-08-07 16:04:33 +00:00
Ben Harris 8a91a0516f Move prototype for platform_new_connection() to a header file so the
definitions can be checked against it.

[originally from svn r3248]
2003-06-06 10:42:14 +00:00
Simon Tatham 9a242f06ba Fixes for Debian bug #192701 (64-bit gccs warn about casts between
ptrs and ints of different size and -Werror makes this serious).
The GTK bits are done by Colin's patch to use GINT_TO_POINTER
(thanks); the uxnet bits are done by cleaning up the rest of the
code. In particular, network.h now typedefs `OSSocket' to be a type
capable of holding whatever the OS's socket data type is that
underlies our socket abstraction. Individual platforms can make this
typedef themselves if they define OSSOCKET_DEFINED to prevent
network.h redoing it; so the Unix OSSocket is now int. Default is
still void *, so other platforms should be unaffected.

[originally from svn r3171]
2003-05-10 08:35:54 +00:00
Simon Tatham 6bb121ecb9 Colin's const-fixing Patch Of Death. Seems to build fine on Windows
as well as Unix, so it can go in.

[originally from svn r3162]
2003-05-04 14:18:18 +00:00
Simon Tatham 952857fca3 proxy.c now no longer refers to `cfg'. Instead, each of the three
proxy-indirection network functions (name_lookup, new_connection,
new_listener) takes a `const Config *' as an argument, and extracts
enough information from it before returning to handle that
particular network operation in accordance with the proxy settings
it specifies. This involved {win,ux}net.c due to a `const'
repercussion.

[originally from svn r2567]
2003-01-12 15:26:10 +00:00
Simon Tatham 86977efa81 Introduce framework for authenticating with the local X server.
Windows and Mac backends have acquired auth-finding functions which
do nothing; Unix backend has acquired one which actually works, so
Plink can now do X forwarding believably.
(This checkin stretches into some unlikely parts of the code because
there have been one or two knock-on effects involving `const'. Bah.)

[originally from svn r2536]
2003-01-10 18:33:35 +00:00
Simon Tatham a564ad3140 Support for doing DNS at the proxy end. I've invented a new type of
SockAddr, which just contains an unresolved hostname and is created
by a stub function in *net.c. It's an error to pass this to most of
the real-meat functions in *net.c; these fake addresses should have
been dealt with by the time they get down that far. proxy.c now
contains name_lookup(), a wrapper on sk_namelookup() which decides
whether or not to do real DNS, and the individual proxy
implementations each deal sensibly with being handed an unresolved
address and avoid ever passing one down to *net.c.

[originally from svn r2353]
2002-12-18 16:23:11 +00:00
Simon Tatham 8304f4e0dc Stop proxying connections to localhost by default; should fix
`x11-proxy-crash'.

[originally from svn r2348]
2002-12-18 12:18:54 +00:00
Simon Tatham 99b870dbc6 Implement `portfwd-loopback-choice'. Works on local side in Unix as
well, though it's a lot less useful since you still can't bind to
low-numbered ports of odd loopback IPs. Should work in principle for
SSH2 remote forwardings as well as local ones, but OpenSSH seems
unwilling to cooperate.

[originally from svn r2344]
2002-12-18 11:39:25 +00:00
Simon Tatham 52bdffbfe0 More preparatory work: remove the <windows.h> include from lots of
source files in which it's no longer required (it was previously
required in anything that included <putty.h>, but not any more).
Also moved a couple of stray bits of exposed WinSock back into
winnet.c (getservbyname from ssh.c and AF_INET from proxy.c).

[originally from svn r2160]
2002-10-30 17:57:31 +00:00
Simon Tatham 5331956c07 SOCKS proxy support added (next instalment of Justin Bradford's
proxy work). SOCKS 5 username/password authentication still
unsupported.

[originally from svn r1622]
2002-04-27 15:01:18 +00:00
Simon Tatham eabd704d1e Justin Bradford's proxy support patch. Currently supports only HTTP
CONNECT, but contains an extensible framework to allow other
proxies. Apparently SOCKS and ad-hoc-telnet-proxy are already
planned (the GUI mentions them already even though they don't work
yet). GUI includes full configurability and allows definition of
exclusion zones. Rock and roll.

[originally from svn r1598]
2002-03-23 17:47:21 +00:00
Simon Tatham dac0d45699 Ensure our network layer is properly cleaned up before PuTTY exits.
Specifically, we explicitly closesocket() all open sockets, which
appears to be necessary since otherwise Windows sends RST rather
than FIN. I'm _sure_ that's a Windows bug, but there we go.

[originally from svn r1574]
2002-03-06 20:13:22 +00:00
Simon Tatham 3270c74f9e Configurable TCP_NODELAY option on network connections
[originally from svn r1428]
2001-11-29 21:47:11 +00:00
Simon Tatham f2319456bc Tidy up the SERIOUS NETWORK ERROR fixes
[originally from svn r1345]
2001-10-30 20:57:22 +00:00
Simon Tatham f08de20a1e Robert de Bath's asynchronous-connect patch. Helps a lot in port
forwarding; improves Event Log; and causes the PuTTY window to
appear earlier in the setup process.

[originally from svn r1239]
2001-09-07 22:39:01 +00:00
Simon Tatham 4692974d7d Port forwarding update: local-host-only listening sockets are now
done properly (by binding to INADDR_LOOPBACK) instead of hackishly
(by binding to INADDR_ANY, looking at the peer address when a
connection is accepted, and slamming the connection shut at that
point).

[originally from svn r1215]
2001-08-27 15:59:37 +00:00
Simon Tatham c87fa98d09 Extensive changes that _should_ fix the socket buffering problems,
by ceasing to listen on input channels if the corresponding output
channel isn't accepting data. Has had basic check-I-didn't-actually-
break-anything-too-badly testing, but hasn't been genuinely tested
in stress conditions (because concocting stress conditions is non-
trivial).

[originally from svn r1198]
2001-08-25 17:09:23 +00:00
Simon Tatham 50766ce729 SSH port forwarding! How cool is that?
Only currently works on SSH1; SSH2 should be doable but it's late
and I have other things to do tonight. The Cool Guy award for this
one goes to Nicolas Barry, for doing most of the work and actually
understanding the code he was adding to.

[originally from svn r1176]
2001-08-08 20:44:35 +00:00
Simon Tatham 3730ada5ce Run entire source base through GNU indent to tidy up the varying
coding styles of the various contributors! Woohoo!

[originally from svn r1098]
2001-05-06 14:35:20 +00:00
Simon Tatham 7b0e082700 Dave Hinton's modifications to the network layer interface, which
should make it possible to add SSL support later.

[originally from svn r996]
2001-03-13 10:22:45 +00:00
Simon Tatham 60585cff9c Yet another attempt at OOB handling in the network abstraction. This
version allows you to specify, per socket, which sockets receive OOB
data in-line (so that you know what was before the mark and what was
after) and which receive it out of line (so it's really a one-byte
out-of-band facility rather than discard-to-mark). This reflects the
fact that rlogin appears to make more sense in the latter mode, and
telnet in the former. This patch makes rlogin work right for me.

[originally from svn r921]
2001-02-01 14:11:04 +00:00
Simon Tatham 89505459e3 Improve socket error handling so that a socket error isn't an
automatic fatalbox(). Instead, the error is passed to the receiver
routine, which can decide just how fatal the problem really is.

[originally from svn r894]
2001-01-24 10:11:18 +00:00
Simon Tatham ca90be26a8 Experimental Rlogin support, thanks to Delian Delchev. Local flow
control is unsupported, and server-to-client comms may fail for want
of working TCP Urgent.

[originally from svn r875]
2001-01-19 10:10:37 +00:00
Simon Tatham 384eeb3f76 Fix miscellaneous compiler warnings. Thanks to Jacob Nevins
[originally from svn r755]
2000-10-24 10:47:49 +00:00
Simon Tatham 988c1974ea Created a shiny new abstraction for the socket handling. Has many
advantages:
 - protocol modules can call sk_write() without having to worry
   about writes blocking, because blocking writes are handled in the
   abstraction layer and retried later.
 - `Lost connection while sending' is a thing of the past.
 - <winsock.h> is no longer needed in most modules, because
   "putty.h" doesn't have to declare `SOCKET' variables any more,
   only the abstracted `Socket' type.
 - select()-equivalent between multiple sockets will now be handled
   sensibly, which opens the way for things like SSH port
   forwarding.

[originally from svn r745]
2000-10-23 11:55:11 +00:00