simon-git: putty (pre-0.77): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Sat Feb 19 13:06:11 GMT 2022 

TL;DR:
  5c9a43f4 HTTP proxy: support 'Transfer-encoding: chunked'.
  099d00c4 HTTP proxy: accept the 'Proxy-Connection' header.
  6c754822 Proxy system: ability to reconnect to the proxy server.
  f85716be HTTP proxy: accept Digest algorithm name as a quoted string.

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: pre-0.77
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2022-02-19 13:06:11

commit 5c9a43f47872a3c1eed99863fefda9b13a5f9e49
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5c9a43f47872a3c1eed99863fefda9b13a5f9e49;hp=445f9de1297e408b9ca08f231873e312eb2222d4
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Feb 19 11:55:07 2022 +0000

    HTTP proxy: support 'Transfer-encoding: chunked'.
    
    I had a report that the Windows free-as-in-beer proxy tool 'FreeProxy'
    didn't work with the new HTTP proxy code, and it turns out that the
    first reason why not is that the error-document in its 407 response is
    sent via chunked transfer encoding, which is to say, instead of an
    up-front Content-length header, you receive a sequence of chunks each
    prefixed with a hex length.
    
    (In 0.76, before the rewritten proxy support, we never even noticed
    this because we sent Basic auth details up front in our first attempt,
    rather than attempting a no-auth connection first and waiting to see
    what kind of auth the proxy asks us for. So we'd only ever see a 407
    if the auth details were refused - and since 0.76 didn't have
    interactive proxy auth prompts, there was nothing we could do at that
    point but abort immediately, without attempting to parse the rest of
    the 407 at all.)
    
    Now we spot the Transfer-encoding header and successfully parse
    chunked transfers. Happily, we don't need to worry about the further
    transfer-encodings such as 'gzip', because we're not actually _using_
    the error document - we only have to skip over it to find the end of
    the HTTP response.
    
    This still doesn't make PuTTY work with FreeProxy, because there are
    further problems hiding behind that one, which I'll fix in following
    commits.

 proxy/http.c | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 77 insertions(+), 3 deletions(-)

commit 099d00c4acaaa28f660d3a941eaadbaa012b5924
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=099d00c4acaaa28f660d3a941eaadbaa012b5924;hp=5c9a43f47872a3c1eed99863fefda9b13a5f9e49
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Feb 19 11:56:54 2022 +0000

    HTTP proxy: accept the 'Proxy-Connection' header.
    
    FreeProxy sends this as a substitute for the standard 'Connection'
    header (with the same contents, i.e. 'keep-alive' or 'close' depending
    on whether the TCP connection is going to continue afterwards). The
    Internet reckons it's not standard, but it's easy to recognise as an
    ad-hoc synonym for 'Connection'.

 proxy/http.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

commit 6c754822bca7284374f15ba90392e598909f9833
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=6c754822bca7284374f15ba90392e598909f9833;hp=099d00c4acaaa28f660d3a941eaadbaa012b5924
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Feb 19 12:04:09 2022 +0000

    Proxy system: ability to reconnect to the proxy server.
    
    Another awkward thing that FreeProxy does is to slam the connection
    shut after sending its 407 response, at least in Basic auth mode. (It
    keeps the connection alive in digest mode, which makes sense to me,
    because that's a more stateful system.)
    
    It was surprisingly easy to make the proxy code able to tolerate this!
    I've set it up so that a ProxyNegotiator can just set its 'reconnect'
    flag on return from the negotiation coroutine, and the effect will be
    that proxy.c makes a new connection to the same proxy server before
    doing anything else. In particular, you can set that flag _and_ put
    data in the output bufchain, and there's no problem - the output data
    will be queued directly into the new socket.

 proxy/http.c  |  6 +++---
 proxy/proxy.c | 25 +++++++++++++++++++++----
 proxy/proxy.h | 10 ++++++++++
 3 files changed, 34 insertions(+), 7 deletions(-)

commit f85716be45a0cd47085c978744a6276fe189175e
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=f85716be45a0cd47085c978744a6276fe189175e;hp=6c754822bca7284374f15ba90392e598909f9833
Author: Simon Tatham <anakin at pobox.com>
Date:   Sat Feb 19 12:06:29 2022 +0000

    HTTP proxy: accept Digest algorithm name as a quoted string.
    
    FreeProxy sends 'algorithm="MD5"' instead of 'algorithm=MD5.' I'm
    actually not sure whether that's legal by RFC 7616, but it's certainly
    no trouble to parse if we see it.
    
    With all these changes, PuTTY now _can_ successfully make connections
    through FreeProxy again, whether it's in Basic or Digest mode.

 proxy/http.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

More information about the tartarus-commits mailing list