Ticket #85 (closed enhancement: fixed)

Opened 7 years ago

Last modified 4 years ago

disconnect connection feature

Reported by: kuschky Owned by: alamaison
Priority: minor (e.g. uncommon, cosmetic, has workaround) Milestone: 0.9.x Bug sprint
Component: authentication Version:
Keywords: Cc:

Description

it should be possible to disconnect a connection even without logging out from the current Windows session. So an disconnect entry in the context menu would be nice

Change History

comment:1 Changed 7 years ago by alamaison

  • Status changed from new to accepted

comment:2 Changed 6 years ago by alamaison

  • Milestone set to 0.30 Better dialogues

comment:3 Changed 5 years ago by alamaison

  • Milestone changed from 0.30 Better dialogues to 0.7 Public-key authentication

comment:4 Changed 5 years ago by alamaison

* Ticket #148 marked duplicate of this one *

comment:5 follow-up: ↓ 6 Changed 5 years ago by anonymous

Hm... I wish I knew this before I installed Swish. I promptly uninstalled it when I realized there is no way to log out.

It seems this problem was reported 2 years ago and there is still no action on it, which unfortunately sends the message that the authors don't care much about security.

It's completely unacceptable to keep access to SSH servers open with no way to close it (except logging out of Windows). Every other SSH/SFTP client offers a way to log out without closing your Windows session.

What if you lose your laptop? Most laptops don't shut down when you close the lid. Now someone has full access to the SSH servers you administer, your website hosts and what not.

Explicit log out is an absolute necessity, and it would also be nice to have an option to log out of all connections whenever the Windows session is locked (by e.g. closing the lid, or when the Windows sessions lock automatically due to inactivity).

comment:6 in reply to: ↑ 5 Changed 5 years ago by alamaison

Replying to anonymous:

Hm... I wish I knew this before I installed Swish. I promptly uninstalled it when I realized there is no way to log out.

It seems this problem was reported 2 years ago and there is still no action on it, which unfortunately sends the message that the authors don't care much about security.

We're keen to get this added, but please remember Swish is developed by us and by you. If you want a feature, submit a patch.

comment:7 Changed 5 years ago by alamaison

  • Milestone changed from 0.7 Public-key authentication to 0.7.x Bug sprint

comment:8 Changed 4 years ago by alamaison

In [4e0c0687a5f04081d2bb27ee4b9df39e2af617d5/swish]:

Added command to close running sessions.

The command removes the session from the pool. However, any existing reference to the session will not be affected so running tasks will continue and the session will only be closed once they are complete.

We should provide a way for the user to truly log out and kill even those sessions that are in use. This also relates to a bug where the session is in the pool but has not been authenticated (probably because authentication failed). At the moment, these sessions appear to the user to be connected.

Addresses #85.

comment:9 Changed 4 years ago by alamaison

In [865677d9cc3d86d49f2d04a42c86da155334e39c/swish]:

Decoupled session pooling from CProvider.

This is part of getting better control over the session's lifetime, which we need to do to be sure a session is disconnected (see #85).

comment:10 Changed 4 years ago by alamaison

In [45982a892ddc5aea23cc7b26a00b4937c3a8a3b8/swish]:

Give session_pool complete control over the session lifetimes.

Instead of being stored and retrieved using shared_ptr<session_pool>, they are now stored non-copyably. This means when they are removed from the pool the are immediately disconnected.

Part of out effort to allow the user to force-disconnect a connection. See #85.

comment:11 Changed 4 years ago by alamaison

  • Status changed from accepted to closed
  • Resolution set to fixed

In [270067f372f7e11766f5abd0fdd0b41c8d8b254a/swish]:

Make all uses of a session reserve a ticket first.

In 45982a892ddc5aea23cc7b26a00b4937c3a8a3b8 the session_pool started handing out non-copyable authenticated_sessions references, instead of shared_ptr<authenticated_session>s, so that it can guarantee a session would be disconnected when remove_session is called. As a result, when the user clicks 'Close session', any remaining uses of that session would crash Explorer.

This commit reworks the session management so that all session uses register their interest in the session by reserving it and receiving a ticket for that reservation. As long as they hold the ticket, they may use the session without fear that it will be disconnected. The allow this, the 'Close session' command is changed to wait for all outstanding tickets to be released before disconnecting the session.

A part of the implementation would benefit from future work, but will do for now: While the disconnection is occurring, the progress dialog it displays blocks the window, which prevents the user cancelling the tasks holding tickets by making their UI unresponsive. See #260.

Closes #85

comment:2 Changed 4 years ago by alamaison

In [270067f372f7e11766f5abd0fdd0b41c8d8b254a/swish]:

Make all uses of a session reserve a ticket first.

In 45982a892ddc5aea23cc7b26a00b4937c3a8a3b8 the session_pool started handing out non-copyable authenticated_sessions references, instead of shared_ptr<authenticated_session>s, so that it can guarantee a session would be disconnected when remove_session is called. As a result, when the user clicks 'Close session', any remaining uses of that session would crash Explorer.

This commit reworks the session management so that all session uses register their interest in the session by reserving it and receiving a ticket for that reservation. As long as they hold the ticket, they may use the session without fear that it will be disconnected. The allow this, the 'Close session' command is changed to wait for all outstanding tickets to be released before disconnecting the session.

A part of the implementation would benefit from future work, but will do for now: While the disconnection is occurring, the progress dialog it displays blocks the window, which prevents the user cancelling the tasks holding tickets by making their UI unresponsive. See #260.

Closes #85

Note: See TracTickets for help on using tickets.