Commit graph

322 commits

Author SHA1 Message Date
Philip Hughes
939068c533 Swap to gzip compression (fixes #262 and #266)
Instead of making the browser sniffing more complicated, it's probably
better to use code that works for all current browsers. As such, this
swaps to use gzip compression encoding instead of deflate and drops the
IE browser sniffing code. This means shellinabox works in IE11 and
should work in every version of IE since IE7. From this commit, IE6 is
no longer supported. Thanks @lfourquaux.
2015-03-10 10:21:20 +00:00
Luka Krajger
5a69cc67ca Merge pull request #289 from KLuka/master
Keyboard icon, some html fixes ...
2015-03-10 10:51:55 +01:00
Guillaume Martres
a75bacb840 Set the encoding of .html files to UTF-8 2015-03-10 17:15:06 +01:00
Daniel Gröber
6d5b639816 Fix <input> element type
type="textfield" is invalid, however most browsers seem to default to
type="text" so this must have been overlooked.

This patch was modified to fit in our fork by @KLuka.
2015-03-10 17:13:47 +01:00
KLuka
25921c9961 Issue #173: Keyboard icon on dark background
Keyboard icon was not visible on dark background. This fixes icon to work well
on light and dark background. Image was fixed by @Grimthorr.

Copy of icon was removed from demo directory.
2015-03-10 17:04:06 +01:00
Luka Krajger
2754240709 Merge pull request #288 from KLuka/master
Another (final) fix for Firefox keycodes problems
2015-03-08 21:50:54 +01:00
KLuka
3570f20b0b Another (final) fix for Firefox keycodes problems
This patch adds new Firefox codes as normal keys.

Patch was taken from issue #202 comments, and merged to fit in our
code. Previous related patches were removed.

https://code.google.com/p/shellinabox/issues/detail?id=202#c23
2015-03-08 21:30:42 +01:00
Luka Krajger
ccbad6b906 Merge pull request #287 from KLuka/master
Keyboard fixes, raised version, ...
2015-03-08 16:06:31 +01:00
KLuka
61184ca8a5 Raised version to 2.15 2015-03-08 15:36:50 +01:00
KLuka
46ea812284 Removed at sign (@) from beggining of some JS comments
Posts from issue #118 tells us that at signs in JavaScript comments could produce
some troubles in IE browsers.

This related to something called "contional compilation" in JS ...
2015-03-08 15:14:20 +01:00
KLuka
699132d536 Issues #51, #202 ... : Keycodes fixes for FireFox
Added keycodes for handling <, >, + and * on Firefox 15+.
2015-03-08 14:50:25 +01:00
Luka Krajger
cc3f2fe917 Merge pull request #286 from KLuka/master
Partial fixes for issues #103, #203, #195 and README.md
2015-03-06 13:43:12 +01:00
KLuka
26fbc157ca Added README.md with basic info 2015-03-06 16:39:33 +01:00
KLuka
502891c626 Issue #195: A couple of bugs in vt100.jspp ...
Applied some fixes from issue comments.

https://code.google.com/p/shellinabox/issues/detail?id=195
2015-03-06 16:39:13 +01:00
KLuka
91f6eabe49 Issue #103, #203: Child process termination (partial fix)
When browser tab/window is closed during active session, child process
stays alive forever (even if shellinaboxd is terminated).

This fix works only if shellinaboxd is started without root privileges.
Droping them at runtime doesn't help either. Issue is related to PAM
session management process.

If we start shellinaboxd with root priviliges this fix will not affect
anything.

* When session timeouts cleanup procedure is triggered. Procedure is executed
in launcher process, because this is parent of child (service) process.
There we execute checks, if we have correct child pid (stored in session) and
than we can terminate process.
* Added debug information about cleaning up child process

https://code.google.com/p/shellinabox/issues/detail?id=103
https://code.google.com/p/shellinabox/issues/detail?id=203
2015-03-06 16:39:02 +01:00
Luka Krajger
68b5a487b4 Merge pull request #285 from KLuka/master
SSL patches, HTTP timeout patch
2015-03-05 18:36:58 +01:00
KLuka
97521bbfeb Issue #275: gracefully manage HTTP time-outs and connection problems
Patch reference: e69132f3762bd57a328dfc40b645d670d651afe7
Patch message:

When connecting to shellinabox through an HTTP Proxy, we need to be careful
in holding the HTTP/S connection with unbound pending HTTP-POST as they would
occupy one thread in the outbound proxy.

We do need to make sure that:
- HTTP POST will graceful time-out from the client side, if no data is returned
  by the server in 30s (gives the impression to the HTTP Proxy that the "page load"
  is completed after tha time and then would release the thread)
- In case of connection errors, the browser doesn't retry with a short loop but
  waits 1s before trying again. This prevent the browser freezing and the CPU looping.
2015-03-05 18:34:21 +01:00
Jonathan G Rennison
490781d998 Add dynamic linking for functions required by SSL v2/3 disabling patch. 2015-03-05 18:02:09 +01:00
Anders Kaseorg
b06b1f15ac Set SSL options for increased security
Disable SSLv2, SSLv3, and compression; generate new DH or ECDH keys
during each handshake; always start a new session on server
renegotiation; set a strong cipher list.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>

[ Patch from https://code.google.com/p/shellinabox/issues/detail?id=215 ]
2015-03-05 18:00:16 +01:00
KLuka
4f0b949081 IE 11 - This page can’t be displayed (Issue #262)
Now we are able to identify IE11 as MSIE browser and disable
compresion.

Patch taken from issue comments.

https://code.google.com/p/shellinabox/issues/detail?id=262
2015-03-05 17:26:47 +01:00
KLuka
bd3f0bd9fd Debug info and minor fix on child process exit (service exit)
* Added debug information when child process exits
	- pid of child process (service)
	- exit code (this should help for debuging issues related to "Session closed")

* Fixed status checking from waitpid() when child process exits
	- before we were checking wrong variable (checks were allways true)
	- now we use correct status variable
2015-03-05 17:23:24 +01:00
KLuka
7e0374b783 Issue #180: Ever growing console occurs in iPad
Patch taken from comments.

More info: https://code.google.com/p/shellinabox/issues/detail?id=180
Refernece: 7ba55246327ad9934ed5d082a12b6cc73f381511
2015-03-05 17:17:41 +01:00
KLuka
8e68059b50 Issue #202: "-_" keys don't not work in FF > 15
Added new keycodes for Firefox

More info: https://code.google.com/p/shellinabox/issues/detail?id=202
Refernece: 49b538590ea57da76a0af895a23c521c9a4538be
2015-03-05 17:10:55 +01:00
Ezra Buehler
821ee789c4 No longer set HTTP Content-Length 2015-03-05 16:27:35 +01:00
KLuka
33813cd46d Issue #245: Blank screen in Chrome 31.0.1650.57
Applied patch and fixed some formating.

Patch: https://code.google.com/p/shellinabox/issues/detail?id=245#c5
2015-03-05 16:15:12 +01:00
KLuka
618999f3cc Issue #114: popup warning on tab/window close
JS `window.onbeforeunload` handler was added, and it will be
trigger if session is active.

Reference: 6693512fde244cbb7f10e0033d4b4e5ec1b20e32
2015-03-05 15:46:13 +01:00
Luka Krajger
1dd54b224b Merge pull request #284 from KLuka/master
Some fixes
2015-03-05 15:32:24 +01:00
Luka Krajger
79574d8ac4 Merge pull request #283 from KLuka/cleanup
Project cleanup

* Updated .gitignore
* Autogenerated .js files were removed.
* Fixes for issues 39, 43, 166 and 172 were transferred from .js to .jspp files
2015-03-04 16:17:29 +01:00
KLuka
6336e9f376 Issues 39, 43, 166 and 172 commits applied to .jspp files
Autogenerated .js files with fixes were removed. Patches were taken
from commits:

* 7d396c8273
* b7dac10ec1
* ea179e89f7
* b74ddd066b
2015-03-04 17:01:06 +01:00
KLuka
7b7a844175 Updated .gitignore 2015-03-04 15:37:47 +01:00
KLuka
7859ad6868 Updated .gitignore and removed autogenerated .js files 2015-03-04 15:28:32 +01:00
Marc Singer
ea1937a55c Fixing errors reported by piuparts.
o Revised debian/rules dh_install.
o Revised postrm and prerm.
2012-04-21 10:30:44 -07:00
Marc Singer
9619327ddb Debian build now defaults to direct link with shared libraries.
o Use of runtime linkage emperils correctness of package.  So, runtime
  linking disabled in configuration.
o Workaround using environment variables to pass the names of the
  shared libraries into the daemon is disabled.
o Auxiliary source file used to determine the current soname for
  libssl is removed.
2012-04-10 15:28:53 -07:00
Marc Singer
4bac6f8b05 Removing PATH_MAX reference.
o Hurd doesn't support PATH_MAX, so we elide it from the forkPty
  function.  Code will work on non-hurd systems as well.
o In case ptsname_r isn't available, it is provided even when openpty
  *is* available.
2012-04-09 18:40:02 -07:00
Marc Singer
675af06a44 Typo in web address.
o Fixes debian #668130.
2012-04-09 10:34:18 -07:00
Marc Singer
7ecd468128 Revision to dependencies.
o Moved libssl from a dependency to being recommended.
o Added small program to support Recommended link generation.
o Fixed typo in lsb-base dependency.
o Added comment in the package description about the need for libssl.
o Fixed permissions on libhttp/ssl.c
o Added environment variables for specifying the ssl and crypto
  libraries.
2012-04-07 16:09:38 -07:00
Marc Singer
f1e59996b6 Fixups before release.
o Revised changelog.
o Revised control.
o Removed unnecessary README.
2012-04-05 20:58:51 -07:00
Marc Singer
f4a9e54dda Fixing Valgrind discovered issues.
o Clearing buffer sent via sendmsg.
2012-04-05 20:20:02 -07:00
Marc Singer
7d396c8273 Issue 172: autocorrect/autocapitalize can cause problems on mobile devices
o Applied patch from poster.
2012-04-05 11:51:00 -07:00
Marc Singer
52feb7abac Issue 167: Accept connections in subfolders
o According to the poster, the desired feature it supporting arbitrary
  paths in the request URL s.t. proxying doesn't break SIAB.
o Rewrote poster's patch to void pointer arithmetic.
o Integrating comments from Markus.
2012-04-04 13:54:11 -07:00
Marc Singer
55ca3e827c Revert "Issue 167: Accept connections in subfolders"
This reverts commit 1139b09b62.

o Revert this commit in order to revise it.
2012-04-04 13:53:14 -07:00
Marc Singer
33a92e9c93 Issue 39: Clipboard not integrated with client operating system
o Patch for html5 drag-and-drop applied.  From the poster,

  Here is a quick proof-of-concept patch against the current SVN head
  that adds support for dragging and dropping text into a shellinabox
  session if the browser supports HTML5 drag-and-drop. It has only
  been tested with shellinabox/demo/demo.html
2012-03-31 18:59:38 -07:00
Marc Singer
da7c1b5ec1 Cleanup of debian control file before 2.11. 2012-03-31 17:08:27 -07:00
Marc Singer
b7dac10ec1 Issue 166: Color goes away
o According to the poster,

  Hello, here is a patch to fix the problem. The problem was that in
  some places the author wrote "elem.style.className" while the
  correct property is "elem.className", thus when the screen was
  recreated (to fix some bug linked to print preview apparently), the
  property wasn't saved correctly.

Changes applied.
2012-03-31 16:28:16 -07:00
Marc Singer
1139b09b62 Issue 167: Accept connections in subfolders
o According to the poster, the desired feature it supporting arbitrary
  paths in the request URL s.t. proxying doesn't break SIAB.
o Rewrote poster's patch to void pointer arithmetic.  Use of rindex()
  may prove hazardous to portability.
2012-03-31 16:17:09 -07:00
Marc Singer
38fcacd6c7 Issue 134: How to add arguments?
o Confusion about quoting mitigated with documentation.
2012-03-31 15:44:15 -07:00
Marc Singer
18300eddc9 Issue 116: A shellinthebox runner / configuration file
o Added contib/siab.rb and README from user.
2012-03-31 15:29:18 -07:00
Marc Singer
6b2adb28d2 Issue 93: openssl required install-time
o The root cause is in the control file.  libssl will not appear as a
  dependency of the package.
2012-03-31 14:58:40 -07:00
Marc Singer
0abfde6d61 Issue 50: SSH service not working on Centos/RHEL
o From the poster:

  i had the same problem on ubuntu 8.04 (hardy heron) 64 bits.
  solved it by removing the option from the source code:
  shellinabox/service.c (line 150)
          //"-oVisualHostKey=no -oLogLevel=QUIET %%s@%s", host);
          "-oLogLevel=QUIET %%s@%s", host);

o A compatible change was made.
2012-03-31 12:47:49 -07:00
Marc Singer
12010660b1 Issue 49: Debian packageing uses cross-directory hardlinks
o install target of rules used a hard link from the usr/share
  directory to etc.  This will be unreliable in many circumstances.
  Linking changed to a copy.
2012-03-31 12:42:40 -07:00