Hi,
Attached you'll find my latest proxy patches along with some flow control
modifications. I'm afraid they are a bit ugly, suggestions, improvements
welcome. (My changes are: sent method in ssh_connection,
connection_flow_control class in channel.c)
My proxy is now able to proxy X11, agent, TCP and session channels with
password authentication. Each of these can be disabled, so firewalls may
make use of this feature. (enabling telnet-like access, but disabling TCP
forwarding is quite useful)
Finer access control is planned, but not yet completed.
As it seems I've found yet another ssh2 bug (yasb), now with flow control.
Sometimes it sends packets even if they are over the incoming window size.
When running netscape over the proxied X11 channel messages like these are
generated:
Channel data overflow. Extra data ignored (data->length=1024, rec_window_size=216).
Channel data overflow. Extra data ignored (data->length=68, rec_window_size=0).
Channel data overflow. Extra data ignored (data->length=1024, rec_window_size=0).
Channel data overflow. Extra data ignored (data->length=1024, rec_window_size=0).
Channel data overflow. Extra data ignored (data->length=68, rec_window_size=0).
If I disable this check, netscape launches without problems (though a little
bit slow)
This is against 0.9.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
url: http://www.balabit.hu/pgpkey.txt
lsh-0.9.bazsi.diff.gz
