From 2d129d8e8a31317a35f2ddf0a5a888fecbe3649b Mon Sep 17 00:00:00 2001 From: simon Date: Tue, 22 Oct 2002 09:40:38 +0000 Subject: [PATCH] Justin Bradford's patch for increased proxy robustness. git-svn-id: svn://svn.tartarus.org/sgt/putty@2111 cda61777-01e9-0310-a592-d414129be87e --- doc/config.but | 21 ++++++++++--- proxy.c | 93 ++++++++++++++++++++++++++++++++++++++++++---------------- proxy.h | 3 +- 3 files changed, 86 insertions(+), 31 deletions(-) diff --git a/doc/config.but b/doc/config.but index 7191e848..8992638d 100644 --- a/doc/config.but +++ b/doc/config.but @@ -1,4 +1,4 @@ -\versionid $Id: config.but,v 1.43 2002/10/20 13:23:30 simon Exp $ +\versionid $Id: config.but,v 1.44 2002/10/22 09:40:38 simon Exp $ \C{config} Configuring PuTTY @@ -1454,7 +1454,8 @@ proxies and SOCKS 5 proxies. \b SOCKS 4 can use the \q{Username} field, but does not support passwords. -\b Authentication is meaningless in Telnet proxies. +\b You can specify a way to include a username and password in the +Telnet proxy command (see \k{config-proxy-command}). \S{config-proxy-command} Specifying the Telnet proxy command @@ -1472,8 +1473,20 @@ other character. \c{\\\\} is used to encode the \c{\\} character itself. Also, the special strings \c{%host} and \c{%port} will be replaced -by the host name and port number you want to connect to. To get a -literal \c{%} sign, enter \c{%%}. +by the host name and port number you want to connect to. The strings +\c{%user} and \c{%pass} will be replaced by the proxy username and +password you specify. To get a literal \c{%} sign, enter \c{%%}. + +If the Telnet proxy server prompts for a username and password +before commands can be sent, you can use a command such as: + +\c %user\\n%pass\\nconnect %host %port\\n + +This will send your username and password as the first two lines to +the proxy, followed by a command to connect to the desired host and +port. Note that if you do not include the \c{%user} or \c{%pass} +tokens in the Telnet command, then the \q{Username} and \q{Password} +configuration fields will be ignored. \S{config-proxy-socksver} Selecting the version of the SOCKS protocol diff --git a/proxy.c b/proxy.c index b9ed5489..9e3684ce 100644 --- a/proxy.c +++ b/proxy.c @@ -22,43 +22,50 @@ void proxy_activate (Proxy_Socket p) { void *data; int len; - + long output_before, output_after; + p->state = PROXY_STATE_ACTIVE; - /* let's try to keep extra receive events from coming through */ + /* we want to ignore new receive events until we have sent + * all of our buffered receive data. + */ sk_set_frozen(p->sub_socket, 1); + /* how many bytes of output have we buffered? */ + output_before = bufchain_size(&p->pending_oob_output_data) + + bufchain_size(&p->pending_output_data); + /* and keep track of how many bytes do not get sent. */ + output_after = 0; + /* send buffered OOB writes */ while (bufchain_size(&p->pending_oob_output_data) > 0) { bufchain_prefix(&p->pending_oob_output_data, &data, &len); - sk_write_oob(p->sub_socket, data, len); + output_after += sk_write_oob(p->sub_socket, data, len); bufchain_consume(&p->pending_oob_output_data, len); } - bufchain_clear(&p->pending_oob_output_data); /* send buffered normal writes */ while (bufchain_size(&p->pending_output_data) > 0) { bufchain_prefix(&p->pending_output_data, &data, &len); - sk_write(p->sub_socket, data, len); + output_after += sk_write(p->sub_socket, data, len); bufchain_consume(&p->pending_output_data, len); } - bufchain_clear(&p->pending_output_data); + + /* if we managed to send any data, let the higher levels know. */ + if (output_after < output_before) + plug_sent(p->plug, output_after); /* if we were asked to flush the output during * the proxy negotiation process, do so now. */ if (p->pending_flush) sk_flush(p->sub_socket); - /* forward buffered recv data to the backend */ - while (bufchain_size(&p->pending_input_data) > 0) { - bufchain_prefix(&p->pending_input_data, &data, &len); - plug_receive(p->plug, 0, data, len); - bufchain_consume(&p->pending_input_data, len); - } - bufchain_clear(&p->pending_input_data); - - /* now set the underlying socket to whatever freeze state they wanted */ - sk_set_frozen(p->sub_socket, p->freeze); + /* if the backend wanted the socket unfrozen, try to unfreeze. + * our set_frozen handler will flush buffered receive data before + * unfreezing the actual underlying socket. + */ + if (!p->freeze) + sk_set_frozen((Socket)p, 0); } /* basic proxy socket functions */ @@ -135,6 +142,30 @@ static void sk_proxy_set_frozen (Socket s, int is_frozen) ps->freeze = is_frozen; return; } + + /* handle any remaining buffered recv data first */ + if (bufchain_size(&ps->pending_input_data) > 0) { + ps->freeze = is_frozen; + + /* loop while we still have buffered data, and while we are + * unfrozen. the plug_receive call in the loop could result + * in a call back into this function refreezing the socket, + * so we have to check each time. + */ + while (!ps->freeze && bufchain_size(&ps->pending_input_data) > 0) { + char * data; + int len; + bufchain_prefix(&ps->pending_input_data, &data, &len); + plug_receive(ps->plug, 0, data, len); + bufchain_consume(&ps->pending_input_data, len); + } + + /* if we're still frozen, we'll have to wait for another + * call from the backend to finish unbuffering the data. + */ + if (ps->freeze) return; + } + sk_set_frozen(ps->sub_socket, is_frozen); } @@ -314,8 +345,6 @@ Socket new_connection(SockAddr addr, char *hostname, ret->remote_addr = addr; ret->remote_port = port; - /* XXX review these initialisations, and initialise other fields - * in Proxy_Socket structure */ ret->error = NULL; ret->pending_flush = 0; ret->freeze = 0; @@ -326,7 +355,8 @@ Socket new_connection(SockAddr addr, char *hostname, ret->sub_socket = NULL; ret->state = PROXY_STATE_NEW; - + ret->negotiate = NULL; + if (cfg.proxy_type == PROXY_HTTP) { ret->negotiate = proxy_http_negotiate; } else if (cfg.proxy_type == PROXY_SOCKS) { @@ -1069,7 +1099,7 @@ int proxy_telnet_negotiate (Proxy_Socket p, int change) int so = 0, eo = 0; /* we need to escape \\, \%, \r, \n, \t, \x??, \0???, - * %%, %host, and %port + * %%, %host, %port, %user, and %pass */ while (cfg.proxy_telnet_command[eo] != 0) { @@ -1177,27 +1207,40 @@ int proxy_telnet_negotiate (Proxy_Socket p, int change) } } else { - /* % escape. we recognize %%, %host, %port. anything else, - * we just send unescaped (including the %). */ + /* % escape. we recognize %%, %host, %port, %user, %pass. + * anything else, we just send unescaped (including the %). + */ if (cfg.proxy_telnet_command[eo] == '%') { sk_write(p->sub_socket, "%", 1); eo++; - } + } else if (strnicmp(cfg.proxy_telnet_command + eo, "host", 4) == 0) { char dest[64]; sk_getaddr(p->remote_addr, dest, 64); sk_write(p->sub_socket, dest, strlen(dest)); eo += 4; - } + } else if (strnicmp(cfg.proxy_telnet_command + eo, "port", 4) == 0) { char port[8]; sprintf(port, "%i", p->remote_port); sk_write(p->sub_socket, port, strlen(port)); eo += 4; - } + } + else if (strnicmp(cfg.proxy_telnet_command + eo, + "user", 4) == 0) { + sk_write(p->sub_socket, cfg.proxy_username, + strlen(cfg.proxy_username)); + eo += 4; + } + else if (strnicmp(cfg.proxy_telnet_command + eo, + "pass", 4) == 0) { + sk_write(p->sub_socket, cfg.proxy_password, + strlen(cfg.proxy_password)); + eo += 4; + } else { /* we don't escape this, so send the % now, and * don't advance eo, so that we'll consider the diff --git a/proxy.h b/proxy.h index 7c8d9484..6e641141 100644 --- a/proxy.h +++ b/proxy.h @@ -4,8 +4,7 @@ * A proxy layer, if necessary, wedges itself between the * network code and the higher level backend. * - * Supported proxies: HTTP CONNECT, generic telnet - * In progress: SOCKS + * Supported proxies: HTTP CONNECT, generic telnet, SOCKS 4 & 5 */ #ifndef PUTTY_PROXY_H -- 2.11.0