simon-git: putty (pre-0.77): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sat Feb 19 13:06:11 GMT 2022
TL;DR:
5c9a43f4 HTTP proxy: support 'Transfer-encoding: chunked'.
099d00c4 HTTP proxy: accept the 'Proxy-Connection' header.
6c754822 Proxy system: ability to reconnect to the proxy server.
f85716be HTTP proxy: accept Digest algorithm name as a quoted string.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: pre-0.77
Committer: Simon Tatham <anakin at pobox.com>
Date: 2022-02-19 13:06:11
commit 5c9a43f47872a3c1eed99863fefda9b13a5f9e49
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5c9a43f47872a3c1eed99863fefda9b13a5f9e49;hp=445f9de1297e408b9ca08f231873e312eb2222d4
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Feb 19 11:55:07 2022 +0000
HTTP proxy: support 'Transfer-encoding: chunked'.
I had a report that the Windows free-as-in-beer proxy tool 'FreeProxy'
didn't work with the new HTTP proxy code, and it turns out that the
first reason why not is that the error-document in its 407 response is
sent via chunked transfer encoding, which is to say, instead of an
up-front Content-length header, you receive a sequence of chunks each
prefixed with a hex length.
(In 0.76, before the rewritten proxy support, we never even noticed
this because we sent Basic auth details up front in our first attempt,
rather than attempting a no-auth connection first and waiting to see
what kind of auth the proxy asks us for. So we'd only ever see a 407
if the auth details were refused - and since 0.76 didn't have
interactive proxy auth prompts, there was nothing we could do at that
point but abort immediately, without attempting to parse the rest of
the 407 at all.)
Now we spot the Transfer-encoding header and successfully parse
chunked transfers. Happily, we don't need to worry about the further
transfer-encodings such as 'gzip', because we're not actually _using_
the error document - we only have to skip over it to find the end of
the HTTP response.
This still doesn't make PuTTY work with FreeProxy, because there are
further problems hiding behind that one, which I'll fix in following
commits.
proxy/http.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 77 insertions(+), 3 deletions(-)
commit 099d00c4acaaa28f660d3a941eaadbaa012b5924
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=099d00c4acaaa28f660d3a941eaadbaa012b5924;hp=5c9a43f47872a3c1eed99863fefda9b13a5f9e49
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Feb 19 11:56:54 2022 +0000
HTTP proxy: accept the 'Proxy-Connection' header.
FreeProxy sends this as a substitute for the standard 'Connection'
header (with the same contents, i.e. 'keep-alive' or 'close' depending
on whether the TCP connection is going to continue afterwards). The
Internet reckons it's not standard, but it's easy to recognise as an
ad-hoc synonym for 'Connection'.
proxy/http.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
commit 6c754822bca7284374f15ba90392e598909f9833
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=6c754822bca7284374f15ba90392e598909f9833;hp=099d00c4acaaa28f660d3a941eaadbaa012b5924
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Feb 19 12:04:09 2022 +0000
Proxy system: ability to reconnect to the proxy server.
Another awkward thing that FreeProxy does is to slam the connection
shut after sending its 407 response, at least in Basic auth mode. (It
keeps the connection alive in digest mode, which makes sense to me,
because that's a more stateful system.)
It was surprisingly easy to make the proxy code able to tolerate this!
I've set it up so that a ProxyNegotiator can just set its 'reconnect'
flag on return from the negotiation coroutine, and the effect will be
that proxy.c makes a new connection to the same proxy server before
doing anything else. In particular, you can set that flag _and_ put
data in the output bufchain, and there's no problem - the output data
will be queued directly into the new socket.
proxy/http.c | 6 +++---
proxy/proxy.c | 25 +++++++++++++++++++++----
proxy/proxy.h | 10 ++++++++++
3 files changed, 34 insertions(+), 7 deletions(-)
commit f85716be45a0cd47085c978744a6276fe189175e
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=f85716be45a0cd47085c978744a6276fe189175e;hp=6c754822bca7284374f15ba90392e598909f9833
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Feb 19 12:06:29 2022 +0000
HTTP proxy: accept Digest algorithm name as a quoted string.
FreeProxy sends 'algorithm="MD5"' instead of 'algorithm=MD5.' I'm
actually not sure whether that's legal by RFC 7616, but it's certainly
no trouble to parse if we see it.
With all these changes, PuTTY now _can_ successfully make connections
through FreeProxy again, whether it's in Basic or Digest mode.
proxy/http.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
More information about the tartarus-commits
mailing list