diff options
author | Logan Dethrow <log@lindenlab.com> | 2011-06-28 19:54:53 -0400 |
---|---|---|
committer | Logan Dethrow <log@lindenlab.com> | 2011-06-28 19:54:53 -0400 |
commit | 7717b6f647feb250c0b94d038f72a640a7888915 (patch) | |
tree | b021d01c78cd8fde5df522b11e2a71ebef9ed34b | |
parent | f91d40c25949ee8c5b1d5c1babab62d6dd90d0c8 (diff) |
STORM-1112 More cleanup of SOCKS 5 proxy code.
Renamed llsocks5.cpp to llproxy.cpp.
20 files changed, 282 insertions, 254 deletions
diff --git a/indra/llmessage/CMakeLists.txt b/indra/llmessage/CMakeLists.txt index 4b679ef6a5..0f40a670fa 100644 --- a/indra/llmessage/CMakeLists.txt +++ b/indra/llmessage/CMakeLists.txt @@ -65,6 +65,7 @@ set(llmessage_SOURCE_FILES llpacketbuffer.cpp llpacketring.cpp llpartdata.cpp + llproxy.cpp llpumpio.cpp llregionpresenceverifier.cpp llsdappservices.cpp @@ -76,7 +77,6 @@ set(llmessage_SOURCE_FILES llsdrpcserver.cpp llservicebuilder.cpp llservice.cpp - llsocks5.cpp llstoredmessage.cpp lltemplatemessagebuilder.cpp lltemplatemessagedispatcher.cpp @@ -162,6 +162,7 @@ set(llmessage_HEADER_FILES llpacketring.h llpartdata.h llpumpio.h + llproxy.h llqueryflags.h llregionflags.h llregionhandle.h @@ -175,7 +176,6 @@ set(llmessage_HEADER_FILES llsdrpcserver.h llservice.h llservicebuilder.h - llsocks5.h llstoredmessage.h lltaskname.h llteleportflags.h diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 32dd438e68..0b368196d2 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -46,12 +46,12 @@ #endif #include "llbufferstream.h" -#include "llstl.h" #include "llsdserialize.h" +#include "llproxy.h" +#include "llstl.h" #include "llthread.h" #include "lltimer.h" -#include "llsocks5.h" ////////////////////////////////////////////////////////////////////////////// /* @@ -357,27 +357,6 @@ LLCurl::Easy* LLCurl::Easy::getEasy() // multi handles cache if they are added to one. CURLcode result = curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_DNS_CACHE_TIMEOUT, 0); check_curl_code(result); - - //Set the CURL options for either Socks or HTTP proxy - if (LLSocks::getInstance()->isHTTPProxyEnabled()) - { - std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXY,address.c_str()); - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYPORT,port); - if (LLSocks::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) - { - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) - { - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYUSERPWD,LLSocks::getInstance()->getProxyUserPwd().c_str()); - } - } - else - { - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); - } - } ++gCurlEasyCount; return easy; @@ -557,18 +536,19 @@ void LLCurl::Easy::prepRequest(const std::string& url, //setopt(CURLOPT_VERBOSE, 1); // usefull for debugging setopt(CURLOPT_NOSIGNAL, 1); - if (LLSocks::getInstance()->isHTTPProxyEnabled()) + // Set the CURL options for either Socks or HTTP proxy + if (LLProxy::getInstance()->isHTTPProxyEnabled()) { - std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); + std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); + U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); setoptString(CURLOPT_PROXY, address.c_str()); setopt(CURLOPT_PROXYPORT, port); - if (LLSocks::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) { setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) + if(LLProxy::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) { - setoptString(CURLOPT_PROXYUSERPWD,LLSocks::getInstance()->getProxyUserPwd()); + setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); } } else diff --git a/indra/llmessage/lliosocket.h b/indra/llmessage/lliosocket.h index 6806e5084a..ec60470459 100644 --- a/indra/llmessage/lliosocket.h +++ b/indra/llmessage/lliosocket.h @@ -159,7 +159,7 @@ protected: public: /** - * @brief Do not call this directly. + * @brief Do not call this directly. Use LLSocket::ptr_t.reset() instead. */ ~LLSocket(); diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index 62aaca0672..91ab1df149 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -37,19 +37,13 @@ // linden library includes #include "llerror.h" -#include "message.h" -#include "llsocks5.h" #include "lltimer.h" -#include "timing.h" +#include "llproxy.h" #include "llrand.h" +#include "message.h" +#include "timing.h" #include "u64.h" - - - - - - /////////////////////////////////////////////////////////// LLPacketRing::LLPacketRing () : mUseInThrottle(FALSE), @@ -231,28 +225,28 @@ S32 LLPacketRing::receivePacket (S32 socket, char *datap) else { // no delay, pull straight from net - if (LLSocks::isEnabled()) + if (LLProxy::isEnabled()) { - U8 buffer[MAX_BUFFER_SIZE]; - packet_size = receive_packet(socket, (char*)buffer); + U8 buffer[NET_BUFFER_SIZE]; + packet_size = receive_packet(socket, reinterpret_cast<char *>(buffer)); if (packet_size > 10) { - memcpy(datap,buffer+10,packet_size-10); + // *FIX We are assuming ATYP is 0x01 (IPv4), not 0x03 (hostname) or 0x04 (IPv6) + memcpy(datap, buffer + 10, packet_size - 10); + proxywrap_t * header = reinterpret_cast<proxywrap_t *>(buffer); + mLastSender.setAddress(header->addr); + mLastSender.setPort(ntohs(header->port)); } else { - packet_size=0; + packet_size = 0; } - - proxywrap_t * header = (proxywrap_t *)buffer; - mLastSender.setAddress(header->addr); - mLastSender.setPort(ntohs(header->port)); } else { - packet_size = receive_packet(socket, datap); - mLastSender = ::get_sender(); + packet_size = receive_packet(socket, datap); + mLastSender = ::get_sender(); } mLastReceivingIF = ::get_receiving_interface(); @@ -352,7 +346,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL BOOL LLPacketRing::doSendPacket(int h_socket, const char * send_buffer, S32 buf_size, LLHost host) { - if (!LLSocks::isEnabled()) + if (!LLProxy::isEnabled()) { return send_packet(h_socket, send_buffer, buf_size, host.getAddress(), host.getPort()); } @@ -364,7 +358,7 @@ BOOL LLPacketRing::doSendPacket(int h_socket, const char * send_buffer, S32 buf_ socks_header->atype = ADDRESS_IPV4; socks_header->frag = 0; - memcpy(mProxyWrappedSendBuffer+10, send_buffer, buf_size); + memcpy(mProxyWrappedSendBuffer + 10, send_buffer, buf_size); - return send_packet(h_socket,(const char*) mProxyWrappedSendBuffer, buf_size+10, LLSocks::getInstance()->getUDPProxy().getAddress(), LLSocks::getInstance()->getUDPProxy().getPort()); + return send_packet(h_socket,(const char*) mProxyWrappedSendBuffer, buf_size + 10, LLProxy::getInstance()->getUDPProxy().getAddress(), LLProxy::getInstance()->getUDPProxy().getPort()); } diff --git a/indra/llmessage/llsocks5.cpp b/indra/llmessage/llproxy.cpp index 278350bf25..6bc9e8b62b 100644 --- a/indra/llmessage/llsocks5.cpp +++ b/indra/llmessage/llproxy.cpp @@ -26,7 +26,7 @@ #include "linden_common.h" -#include "llsocks5.h" +#include "llproxy.h" #include <string> @@ -40,26 +40,37 @@ // We want this to be static to avoid excessive indirection on every // incoming packet just to do a simple bool test. The getter for this // member is also static -bool LLSocks::sUDPProxyEnabled; -bool LLSocks::sHTTPProxyEnabled; +bool LLProxy::sUDPProxyEnabled = false; +bool LLProxy::sHTTPProxyEnabled = false; // Some helpful TCP functions -static LLSocket::ptr_t tcp_open_channel(LLHost host); // Open a TCP channel to a given host +static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host); // Open a TCP channel to a given host static void tcp_close_channel(LLSocket::ptr_t handle); // Close an open TCP channel static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake -LLSocks::LLSocks() +LLProxy::LLProxy(): + mProxyType(LLPROXY_SOCKS), + mUDPProxy(), + mTCPProxy(), + mHTTPProxy(), + mAuthMethodSelected(METHOD_NOAUTH), + mSocksUsername(), + mSocksPassword(), + mPool(gAPRPoolp) { +} + +LLProxy::~LLProxy() +{ + tcp_close_channel(mProxyControlChannel); sUDPProxyEnabled = false; sHTTPProxyEnabled = false; - mProxyControlChannel.reset(); - mProxyType = LLPROXY_SOCKS; } // Perform a SOCKS 5 authentication and UDP association to the proxy // specified by proxy, and associate UDP port message_port -int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) +int LLProxy::proxyHandshake(LLHost proxy, U32 message_port) { int result; @@ -71,7 +82,7 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) socks_auth_request.num_methods = 1; // Sending 1 method. socks_auth_request.methods = mAuthMethodSelected; // Send only the selected method. - result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request_t), (char*)&socks_auth_response, sizeof(socks_auth_response_t)); + result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request), (char*)&socks_auth_response, sizeof(socks_auth_response)); if (result != 0) { llwarns << "SOCKS authentication request failed, error on TCP control channel : " << result << llendl; @@ -95,7 +106,7 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) password_auth[0] = 0x01; password_auth[1] = mSocksUsername.size(); memcpy(&password_auth[2], mSocksUsername.c_str(), mSocksUsername.size()); - password_auth[mSocksUsername.size()+2] = mSocksPassword.size(); + password_auth[mSocksUsername.size() + 2] = mSocksPassword.size(); memcpy(&password_auth[mSocksUsername.size()+3], mSocksPassword.c_str(), mSocksPassword.size()); authmethod_password_reply_t password_reply; @@ -129,7 +140,7 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) connect_request.atype = ADDRESS_IPV4; connect_request.address = htonl(0); // 0.0.0.0 connect_request.port = htons(0); // 0 - // "If the client is not in possesion of the information at the time of the UDP ASSOCIATE, + // "If the client is not in possession of the information at the time of the UDP ASSOCIATE, // the client MUST use a port number and address of all zeros. RFC 1928" result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); @@ -155,38 +166,37 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) return SOCKS_OK; } -int LLSocks::startProxy(LLHost proxy, U32 message_port) +int LLProxy::startProxy(std::string host, U32 port) { - int status; + mTCPProxy.setHostByName(host); + mTCPProxy.setPort(port); - mTCPProxy = proxy; + int status; if (mProxyControlChannel) { tcp_close_channel(mProxyControlChannel); } - mProxyControlChannel = tcp_open_channel(mTCPProxy); + mProxyControlChannel = tcp_open_channel(mPool, mTCPProxy); if (!mProxyControlChannel) { return SOCKS_HOST_CONNECT_FAILED; } - status = proxyHandshake(proxy, message_port); + status = proxyHandshake(mTCPProxy, (U32)gMessageSystem->mPort); if (status == SOCKS_OK) { sUDPProxyEnabled = true; } + else + { + stopProxy(); + } return status; -} -int LLSocks::startProxy(std::string host, U32 port) -{ - mTCPProxy.setHostByName(host); - mTCPProxy.setPort(port); - return startProxy(mTCPProxy, (U32)gMessageSystem->mPort); } -void LLSocks::stopProxy() +void LLProxy::stopProxy() { sUDPProxyEnabled = false; @@ -205,19 +215,19 @@ void LLSocks::stopProxy() } } -void LLSocks::setAuthNone() +void LLProxy::setAuthNone() { mAuthMethodSelected = METHOD_NOAUTH; } -void LLSocks::setAuthPassword(std::string username, std::string password) +void LLProxy::setAuthPassword(const std::string &username, const std::string &password) { mAuthMethodSelected = METHOD_PASSWORD; mSocksUsername = username; mSocksPassword = password; } -void LLSocks::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) +void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) { sHTTPProxyEnabled = true; mHTTPProxy = httpHost; @@ -266,7 +276,7 @@ static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outl return 0; } -static LLSocket::ptr_t tcp_open_channel(LLHost host) +static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host) { LLSocket::ptr_t socket = LLSocket::create(gAPRPoolp, LLSocket::STREAM_TCP); bool connected = socket->blockingConnect(host); @@ -282,4 +292,3 @@ static void tcp_close_channel(LLSocket::ptr_t handle) { handle.reset(); } - diff --git a/indra/llmessage/llsocks5.h b/indra/llmessage/llproxy.h index 3c10f661de..979514a7e0 100644 --- a/indra/llmessage/llsocks5.h +++ b/indra/llmessage/llproxy.h @@ -24,8 +24,8 @@ * $/LicenseInfo$ */ -#ifndef LL_SOCKS5_H -#define LL_SOCKS5_H +#ifndef LL_PROXY_H +#define LL_PROXY_H #include "llhost.h" #include "lliosocket.h" @@ -154,20 +154,20 @@ enum LLSocks5AuthType METHOD_PASSWORD = 0x02 // Client supports username/password }; -class LLSocks: public LLSingleton<LLSocks> +class LLProxy: public LLSingleton<LLProxy> { public: - LLSocks(); + LLProxy(); + ~LLProxy(); // Start a connection to the SOCKS 5 proxy int startProxy(std::string host, U32 port); - int startProxy(LLHost proxy, U32 messagePort); // Disconnect and clean up any connection to the SOCKS 5 proxy void stopProxy(); // Set up to use Password auth when connecting to the SOCKS proxy - void setAuthPassword(std::string username, std::string password); + void setAuthPassword(const std::string &username, const std::string &password); // Set up to use No Auth when connecting to the SOCKS proxy void setAuthNone(); @@ -201,7 +201,10 @@ public: LLHttpProxyType getHTTPProxyType() const { return mProxyType; } // Get the username password in a curl compatible format - std::string getProxyUserPwd() const { return (mSocksUsername + ":" + mSocksPassword); } + std::string getProxyUserPwdCURL() const { return (mSocksUsername + ":" + mSocksPassword); } + + std::string getSocksPwd() const { return mSocksPassword; } + std::string getSocksUser() const { return mSocksUsername; } private: diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index e2d185b959..f8ab55143c 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -50,7 +50,7 @@ #include "lltimer.h" #include "indra_constants.h" -#include "llsocks5.h" +#include "llproxy.h" // Globals #if LL_WINDOWS diff --git a/indra/llui/llfunctorregistry.h b/indra/llui/llfunctorregistry.h index 752c7df7ee..899cc3a326 100644 --- a/indra/llui/llfunctorregistry.h +++ b/indra/llui/llfunctorregistry.h @@ -103,7 +103,7 @@ public: } else { - llwarns << "tried to find '" << name << "' in LLFunctorRegistry, but it wasn't there." << llendl; + lldebugs << "tried to find '" << name << "' in LLFunctorRegistry, but it wasn't there." << llendl; return mMap[LOGFUNCTOR]; } } @@ -115,7 +115,7 @@ private: static void log_functor(const LLSD& notification, const LLSD& payload) { - llwarns << "log_functor called with payload: " << payload << llendl; + lldebugs << "log_functor called with payload: " << payload << llendl; } static void do_nothing(const LLSD& notification, const LLSD& payload) diff --git a/indra/newview/llfloaterpreference.cpp b/indra/newview/llfloaterpreference.cpp index c97f0779a1..ebdef8e38f 100755 --- a/indra/newview/llfloaterpreference.cpp +++ b/indra/newview/llfloaterpreference.cpp @@ -105,7 +105,7 @@ #include "llviewermedia.h" #include "llpluginclassmedia.h" #include "llteleporthistorystorage.h" -#include "llsocks5.h" +#include "llproxy.h" #include "lllogininstance.h" // to check if logged in yet #include "llsdserialize.h" @@ -1940,15 +1940,19 @@ LLFloaterPreferenceProxy::~LLFloaterPreferenceProxy() BOOL LLFloaterPreferenceProxy::postBuild() { - LLLineEditor* edit = getChild<LLLineEditor>("socks_password_editor"); - if (edit) edit->setDrawAsterixes(TRUE); - LLRadioGroup* socksAuth = getChild<LLRadioGroup>("socks5_auth_type"); if(socksAuth->getSelectedValue().asString() == "None") { getChild<LLLineEditor>("socks5_username")->setEnabled(false); getChild<LLLineEditor>("socks5_password")->setEnabled(false); } + else + { + // Populate the SOCKS 5 credential fields with protected values. + LLPointer<LLCredential> socks_cred = gSecAPIHandler->loadCredential("SOCKS5"); + getChild<LLLineEditor>("socks5_username")->setValue(socks_cred->getIdentifier()["username"].asString()); + getChild<LLLineEditor>("socks5_password")->setValue(socks_cred->getAuthenticator()["creds"].asString()); + } center(); return TRUE; @@ -1968,11 +1972,8 @@ void LLFloaterPreferenceProxy::onClose(bool app_quitting) // it will not be updated until next restart. if(LLStartUp::getStartupState()>STATE_LOGIN_WAIT) { - if(this->mSocksSettingsDirty == true ) - { - LLNotifications::instance().add("ChangeSocks5Settings",LLSD(),LLSD()); - mSocksSettingsDirty = false; // we have notified the user now be quiet again - } + LLNotifications::instance().add("ChangeSocks5Settings", LLSD(), LLSD()); + mSocksSettingsDirty = false; // we have notified the user now be quiet again } } } @@ -2006,7 +2007,6 @@ void LLFloaterPreferenceProxy::saveSettings() view_stack.push_back(*iter); } } - } void LLFloaterPreferenceProxy::onBtnOk() @@ -2020,6 +2020,29 @@ void LLFloaterPreferenceProxy::onBtnOk() cur_focus->onCommit(); } } + + // Save SOCKS proxy credentials securely if password auth is enabled + LLRadioGroup* socksAuth = getChild<LLRadioGroup>("socks5_auth_type"); + if(socksAuth->getSelectedValue().asString() == "UserPass") + { + LLSD socks_id = LLSD::emptyMap(); + socks_id["type"] = "SOCKS5"; + socks_id["username"] = getChild<LLLineEditor>("socks5_username")->getValue().asString(); + + LLSD socks_authenticator = LLSD::emptyMap(); + socks_authenticator["type"] = "SOCKS5"; + socks_authenticator["creds"] = getChild<LLLineEditor>("socks5_password")->getValue().asString(); + + LLPointer<LLCredential> socks_cred = gSecAPIHandler->createCredential("SOCKS5", socks_id, socks_authenticator); + gSecAPIHandler->saveCredential(socks_cred, true); + } + else + { + // Clear SOCKS5 credentials since they are no longer needed. + LLPointer<LLCredential> socks_cred = new LLCredential("SOCKS5"); + gSecAPIHandler->deleteCredential(socks_cred); + } + closeFloater(false); } @@ -2036,8 +2059,8 @@ void LLFloaterPreferenceProxy::onBtnCancel() } cancel(); - } + void LLFloaterPreferenceProxy::cancel() { @@ -2068,7 +2091,7 @@ void LLFloaterPreferenceProxy::onChangeSocksSettings() getChild<LLLineEditor>("socks5_password")->setEnabled(true); } - //Check for invalid states for the other http proxy radio + // Check for invalid states for the other HTTP proxy radio LLRadioGroup* otherHttpProxy = getChild<LLRadioGroup>("other_http_proxy_selection"); if( (otherHttpProxy->getSelectedValue().asString() == "Socks" && getChild<LLCheckBoxCtrl>("socks_proxy_enabled")->get() == FALSE )||( diff --git a/indra/newview/llloginhandler.cpp b/indra/newview/llloginhandler.cpp index 48be251611..9b4f146332 100644 --- a/indra/newview/llloginhandler.cpp +++ b/indra/newview/llloginhandler.cpp @@ -30,13 +30,13 @@ // viewer includes #include "llsecapi.h" -#include "lllogininstance.h" // to check if logged in yet -#include "llpanellogin.h" // save_password_to_disk() +#include "lllogininstance.h" // to check if logged in yet +#include "llpanellogin.h" #include "llstartup.h" // getStartupState() #include "llslurl.h" #include "llviewercontrol.h" // gSavedSettings #include "llviewernetwork.h" // EGridInfo -#include "llviewerwindow.h" // getWindow() +#include "llviewerwindow.h" // getWindow() // library includes #include "llmd5.h" diff --git a/indra/newview/llpanellogin.h b/indra/newview/llpanellogin.h index 11273453ba..b1390a483a 100644 --- a/indra/newview/llpanellogin.h +++ b/indra/newview/llpanellogin.h @@ -115,7 +115,4 @@ private: static BOOL sCapslockDidNotification; }; -std::string load_password_from_disk(void); -void save_password_to_disk(const char* hashed_password); - #endif diff --git a/indra/newview/llsecapi.h b/indra/newview/llsecapi.h index b65cf37e7f..812a539324 100644 --- a/indra/newview/llsecapi.h +++ b/indra/newview/llsecapi.h @@ -286,8 +286,8 @@ bool operator!=(const LLCertificateVector::iterator& _lhs, const LLCertificateVe #define CRED_AUTHENTICATOR_TYPE_HASH "hash" // // LLCredential - interface for credentials providing the following functionality: -// * persistance of credential information based on grid (for saving username/password) -// * serialization to an OGP identifier/authenticator pair +// * Persistence of credential information based on grid (for saving username/password) +// * Serialization to an OGP identifier/authenticator pair // class LLCredential : public LLRefCount { diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index c2f0ca164b..7f14e403b0 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -125,6 +125,7 @@ #include "llpanelgroupnotices.h" #include "llpreview.h" #include "llpreviewscript.h" +#include "llproxy.h" #include "llproductinforequest.h" #include "llsecondlifeurls.h" #include "llselectmgr.h" @@ -191,8 +192,6 @@ #include "llevents.h" #include "llstartuplistener.h" -#include "llsocks5.h" - #if LL_WINDOWS #include "lldxhardware.h" #endif @@ -392,7 +391,7 @@ bool idle_startup() gSavedSettings.setS32("LastGPUClass", LLFeatureManager::getInstance()->getGPUClass()); // load dynamic GPU/feature tables from website (S3) - //LLFeatureManager::getInstance()->fetchHTTPTables(); + LLFeatureManager::getInstance()->fetchHTTPTables(); std::string xml_file = LLUI::locateSkin("xui_version.xml"); LLXMLNodePtr root; @@ -595,13 +594,13 @@ bool idle_startup() LL_INFOS("AppInit") << "Message System Initialized." << LL_ENDL; //------------------------------------------------- - // Init the socks 5 proxy and open the control TCP - // connection if the user is using SOCKS5 - // We need to do this early incase the user is using - // socks for http so we get the login screen via socks + // Init the SOCKS 5 proxy and open the control TCP + // connection if the user is using SOCKS 5 + // We need to do this early in case the user is using + // socks for HTTP so we get the login screen via SOCKS //------------------------------------------------- - LLStartUp::handleSocksProxy(false); + LLStartUp::handleSocksProxy(); //------------------------------------------------- // Init audio, which may be needed for prefs dialog @@ -823,7 +822,7 @@ bool idle_startup() // past this point may require the proxy to be up. if ( gSavedSettings.getBOOL("Socks5ProxyEnabled") ) { - if (!LLStartUp::handleSocksProxy(true)) + if (!LLStartUp::handleSocksProxy()) { // Proxy start up failed, we should now bail the state machine // HandleSocksProxy() will have reported an error to the user @@ -835,7 +834,7 @@ bool idle_startup() } else { - LLSocks::getInstance()->stopProxy(); + LLProxy::getInstance()->stopProxy(); } @@ -2760,54 +2759,70 @@ void LLStartUp::setStartSLURL(const LLSLURL& slurl) } } -bool LLStartUp::handleSocksProxy(bool reportOK) +bool LLStartUp::handleSocksProxy() { std::string httpProxyType = gSavedSettings.getString("Socks5HttpProxyType"); - // Determine the http proxy type (if any) + // Determine the HTTP proxy type (if any) if ((httpProxyType.compare("Web") == 0) && gSavedSettings.getBOOL("BrowserProxyEnabled")) { LLHost httpHost; httpHost.setHostByName(gSavedSettings.getString("BrowserProxyAddress")); httpHost.setPort(gSavedSettings.getS32("BrowserProxyPort")); - LLSocks::getInstance()->enableHTTPProxy(httpHost,LLPROXY_HTTP); + LLProxy::getInstance()->enableHTTPProxy(httpHost, LLPROXY_HTTP); } else if ((httpProxyType.compare("Socks") == 0) && gSavedSettings.getBOOL("Socks5ProxyEnabled")) { LLHost httpHost; httpHost.setHostByName(gSavedSettings.getString("Socks5ProxyHost")); httpHost.setPort(gSavedSettings.getU32("Socks5ProxyPort")); - LLSocks::getInstance()->enableHTTPProxy(httpHost,LLPROXY_SOCKS); + LLProxy::getInstance()->enableHTTPProxy(httpHost, LLPROXY_SOCKS); } else { - LLSocks::getInstance()->disableHTTPProxy(); + LLProxy::getInstance()->disableHTTPProxy(); } bool use_socks_proxy = gSavedSettings.getBOOL("Socks5ProxyEnabled"); if (use_socks_proxy) { - // Determine and update LLSocks with the saved authentication system + // Determine and update LLProxy with the saved authentication system std::string auth_type = gSavedSettings.getString("Socks5AuthType"); - - if (auth_type.compare("None") == 0) - { - LLSocks::getInstance()->setAuthNone(); - } if (auth_type.compare("UserPass") == 0) { - LLSocks::getInstance()->setAuthPassword(gSavedSettings.getString("Socks5Username"),gSavedSettings.getString("Socks5Password")); + LLPointer<LLCredential> socks_cred = gSecAPIHandler->loadCredential("SOCKS5"); + std::string socks_user = socks_cred->getIdentifier()["username"].asString(); + std::string socks_password = socks_cred->getAuthenticator()["creds"].asString(); + LLProxy::getInstance()->setAuthPassword(socks_user, socks_password); + } + else if (auth_type.compare("None") == 0) + { + LLProxy::getInstance()->setAuthNone(); + } + else + { + // Unknown or missing setting. + gSavedSettings.setString("Socks5AuthType", "None"); + + // Clear the SOCKS credentials. + LLPointer<LLCredential> socks_cred = new LLCredential("SOCKS5"); + gSecAPIHandler->deleteCredential(socks_cred); + + LLProxy::getInstance()->setAuthNone(); } // Start the proxy and check for errors - int status = LLSocks::getInstance()->startProxy(gSavedSettings.getString("Socks5ProxyHost"), gSavedSettings.getU32("Socks5ProxyPort")); + // If status != SOCKS_OK, stopProxy() will already have been called when startProxy() returns. + int status = LLProxy::getInstance()->startProxy(gSavedSettings.getString("Socks5ProxyHost"), gSavedSettings.getU32("Socks5ProxyPort")); LLSD subs; LLSD payload; subs["HOST"] = gSavedSettings.getString("Socks5ProxyHost"); subs["PORT"] = (S32)gSavedSettings.getU32("Socks5ProxyPort"); + std::string error_string; + switch(status) { case SOCKS_OK: @@ -2815,35 +2830,36 @@ bool LLStartUp::handleSocksProxy(bool reportOK) break; case SOCKS_CONNECT_ERROR: // TCP Fail - LLNotifications::instance().add("SOCKS_CONNECT_ERROR", subs,payload); + error_string = "SOCKS_CONNECT_ERROR"; break; - case SOCKS_NOT_PERMITTED: // Socks5 server rule set refused connection - LLNotifications::instance().add("SOCKS_NOT_PERMITTED", subs,payload); + case SOCKS_NOT_PERMITTED: // SOCKS 5 server rule set refused connection + error_string = "SOCKS_NOT_PERMITTED"; break; case SOCKS_NOT_ACCEPTABLE: // Selected authentication is not acceptable to server - LLNotifications::instance().add("SOCKS_NOT_ACCEPTABLE", subs,payload); + error_string = "SOCKS_NOT_ACCEPTABLE"; break; case SOCKS_AUTH_FAIL: // Authentication failed - LLNotifications::instance().add("SOCKS_AUTH_FAIL", subs,payload); + error_string = "SOCKS_AUTH_FAIL"; break; case SOCKS_UDP_FWD_NOT_GRANTED: // UDP forward request failed - LLNotifications::instance().add("SOCKS_UDP_FWD_NOT_GRANTED", subs,payload); + error_string = "SOCKS_UDP_FWD_NOT_GRANTED"; break; case SOCKS_HOST_CONNECT_FAILED: // Failed to open a TCP channel to the socks server - LLNotifications::instance().add("SOCKS_HOST_CONNECT_FAILED", subs,payload); - break; + error_string = "SOCKS_HOST_CONNECT_FAILED"; + break; } + LLNotificationsUtil::add(error_string, subs); return false; } else { - LLSocks::getInstance()->stopProxy(); // ensure no UDP proxy is running and it's all cleaned up + LLProxy::getInstance()->stopProxy(); // ensure no UDP proxy is running and it's all cleaned up } return true; diff --git a/indra/newview/llstartup.h b/indra/newview/llstartup.h index a512ec7bff..7292e4d68c 100644 --- a/indra/newview/llstartup.h +++ b/indra/newview/llstartup.h @@ -113,7 +113,7 @@ public: static void setStartSLURL(const LLSLURL& slurl); static LLSLURL& getStartSLURL() { return sStartSLURL; } - static bool handleSocksProxy(bool reportOK); //handle kicking the socks 5 proxy code at startup time + static bool handleSocksProxy(); // Initialize the SOCKS 5 proxy private: static LLSLURL sStartSLURL; diff --git a/indra/newview/llxmlrpctransaction.cpp b/indra/newview/llxmlrpctransaction.cpp index b9ce7d9fae..ef6763a5d1 100644 --- a/indra/newview/llxmlrpctransaction.cpp +++ b/indra/newview/llxmlrpctransaction.cpp @@ -41,7 +41,7 @@ #include "llappviewer.h" #include "lltrans.h" -#include "llsocks5.h" +#include "llproxy.h" // Static instance of LLXMLRPCListener declared here so that every time we // bring in this code, we instantiate a listener. If we put the static @@ -309,18 +309,18 @@ void LLXMLRPCTransaction::Impl::init(XMLRPC_REQUEST request, bool useGzip) } mErrorCert = NULL; - if (LLSocks::getInstance()->isHTTPProxyEnabled()) + if (LLProxy::getInstance()->isHTTPProxyEnabled()) { - std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); + std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); + U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); mCurlRequest->setoptString(CURLOPT_PROXY, address.c_str()); mCurlRequest->setopt(CURLOPT_PROXYPORT, port); - if (LLSocks::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) { mCurlRequest->setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) + if(LLProxy::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) { - mCurlRequest->setoptString(CURLOPT_PROXYUSERPWD,LLSocks::getInstance()->getProxyUserPwd()); + mCurlRequest->setoptString(CURLOPT_PROXYUSERPWD,LLProxy::getInstance()->getProxyUserPwdCURL()); } } else diff --git a/indra/newview/skins/default/xui/en/floater_preferences_proxy.xml b/indra/newview/skins/default/xui/en/floater_preferences_proxy.xml index 9baa9a0e02..53060b0326 100644 --- a/indra/newview/skins/default/xui/en/floater_preferences_proxy.xml +++ b/indra/newview/skins/default/xui/en/floater_preferences_proxy.xml @@ -3,82 +3,82 @@ legacy_header_height="18" height="490" layout="topleft" - name="Socks5 Advanced Settings Floater" + name="Proxy Settings Floater" help_topic="hardware_settings_floater" title="Socks5 proxy advanced settings" width="385"> - <check_box - control_name="BrowserProxyEnabled" - top="30" - enabled="true" - follows="left|top" - height="14" - initial_value="false" - commit_callback.function="Proxy.Change" - label="Use HTTP Proxy for Web pages" - left_delta="10" - mouse_opaque="true" - name="web_proxy_enabled" - radio_style="false" - width="400" - top_pad="5" /> - <check_box - control_name="Socks5ProxyEnabled" - height="16" - label="Use Socks 5 Proxy for UDP traffic" - layout="topleft" - left_delta="0" - name="socks_proxy_enabled" - top_pad="5" - width="256" - commit_callback.function="Proxy.Change" /> - <text - type="string" - length="1" - follows="left|top" - height="10" - layout="topleft" - left="10" - name="Proxy location" - top_delta="30" - width="300"> - Other Http traffic proxy: - </text> - <radio_group - control_name="Socks5HttpProxyType" - height="60" - layout="topleft" - name="other_http_proxy_selection" - top_pad="10" - width="120" - border="1" - left_delta="10" - commit_callback.function="Proxy.Change" > - <radio_item - height="16" - label="Do not proxy" - layout="topleft" - value="None" - width="120" - tool_tip="Non web Http traffic should NOT be sent to any proxy."/> - <radio_item - height="16" - label="Use Socks 5 Proxy" - layout="topleft" - value="Socks" - width="120" - enabled_control="Socks5ProxyEnabled" - tool_tip="Non-web Http will be sent to the configured Socks 5 proxy."/> - <radio_item - height="16" - label="Use Http Proxy" - layout="topleft" - value="Web" - width="120" - enabled_control="BrowserProxyEnabled" - tool_tip="Non-web Http will be sent to the configured Web proxy." /> - </radio_group> - <text + <check_box + control_name="BrowserProxyEnabled" + top="30" + enabled="true" + follows="left|top" + height="14" + initial_value="false" + commit_callback.function="Proxy.Change" + label="Use HTTP Proxy for Web pages" + left_delta="10" + mouse_opaque="true" + name="web_proxy_enabled" + radio_style="false" + width="400" + top_pad="5" /> + <check_box + control_name="Socks5ProxyEnabled" + height="16" + label="Use Socks 5 Proxy for UDP traffic" + layout="topleft" + left_delta="0" + name="socks_proxy_enabled" + top_pad="5" + width="256" + commit_callback.function="Proxy.Change" /> + <text + type="string" + length="1" + follows="left|top" + height="10" + layout="topleft" + left="10" + name="Proxy location" + top_delta="30" + width="300"> + Other Http traffic proxy: + </text> + <radio_group + control_name="Socks5HttpProxyType" + height="60" + layout="topleft" + name="other_http_proxy_selection" + top_pad="10" + width="120" + border="1" + left_delta="10" + commit_callback.function="Proxy.Change" > + <radio_item + height="16" + label="Do not proxy" + layout="topleft" + value="None" + width="120" + tool_tip="Non web Http traffic should NOT be sent to any proxy."/> + <radio_item + height="16" + label="Use Socks 5 Proxy" + layout="topleft" + value="Socks" + width="120" + enabled_control="Socks5ProxyEnabled" + tool_tip="Non-web Http will be sent to the configured Socks 5 proxy."/> + <radio_item + height="16" + label="Use Http Proxy" + layout="topleft" + value="Web" + width="120" + enabled_control="BrowserProxyEnabled" + tool_tip="Non-web Http will be sent to the configured Web proxy." /> + </radio_group> + <text type="string" length="1" follows="left|top" @@ -93,7 +93,7 @@ <line_editor control_name="BrowserProxyAddress" enabled_control="BrowserProxyEnabled" - follows="left|top" + follows="left|top" font="SansSerif" height="23" layout="topleft" @@ -118,7 +118,7 @@ min_val="10" name="web_proxy_port" top_delta="0" - tool_tip="The port of the HTTP proxy you would like to use." + tool_tip="The port of the HTTP proxy you would like to use." width="145" /> <text type="string" @@ -162,18 +162,18 @@ name="socks_proxy_port" top_delta="0" width="145" - tool_tip="The port of the SOCKS 5 proxy you would like to use." - commit_callback.function="Pref.SocksProxy" /> + tool_tip="The port of the SOCKS 5 proxy you would like to use." + commit_callback.function="Proxy.Change" /> <text - type="string" - length="1" - follows="left|top" - height="10" - layout="topleft" - left="16" - name="Proxy location" - top_delta="35" - width="300"> + type="string" + length="1" + follows="left|top" + height="10" + layout="topleft" + left="16" + name="Proxy location" + top_delta="35" + width="300"> Authentication: </text> <radio_group @@ -186,13 +186,13 @@ width="120" border="1" commit_callback.function="Proxy.Change" > - <radio_item + <radio_item height="16" label="No Authentication" layout="topleft" name="Socks5NoAuth" value="None" - tool_tip="Socks5 proxy requires no authentication."/> + tool_tip="Socks5 proxy requires no authentication." width="120" /> <radio_item height="16" @@ -200,7 +200,7 @@ layout="topleft" name="Socks5UserPass" value="UserPass" - tool_tip="Socks5 proxy requires username/password authentication."/> + tool_tip="Socks5 proxy requires username/password authentication." width="120" /> </radio_group> <text @@ -215,7 +215,6 @@ Username: </text> <line_editor - control_name="Socks5Username" follows="left|top" font="SansSerif" height="23" @@ -238,7 +237,6 @@ Password: </text> <line_editor - control_name="Socks5Password" follows="left|top" font="SansSerif" height="23" @@ -248,6 +246,7 @@ tool_tip="The password used to authenticate with your SOCKS 5 server" top_pad="4" width="200" + is_password="true" commit_callback.function="Proxy.Change" /> <button follows="left|top" diff --git a/indra/newview/skins/default/xui/en/notifications.xml b/indra/newview/skins/default/xui/en/notifications.xml index 06a9baf8c8..7bf742d949 100755 --- a/indra/newview/skins/default/xui/en/notifications.xml +++ b/indra/newview/skins/default/xui/en/notifications.xml @@ -7164,7 +7164,8 @@ Click and drag anywhere on the world to rotate your view icon="alertmodal.tga" name="SOCKS_NOT_PERMITTED" type="alertmodal"> - The Socks5 proxy "[HOST]:[PORT]" refused the connection, not allowed by rule set + The SOCKS 5 proxy "[HOST]:[PORT]" refused the connection, not allowed by rule set + <tag>fail</tag> <usetemplate name="okbutton" yestext="OK"/> @@ -7174,7 +7175,8 @@ Click and drag anywhere on the world to rotate your view icon="alertmodal.tga" name="SOCKS_CONNECT_ERROR" type="alertmodal"> - The Socks5 proxy "[HOST]:[PORT]" refused the connection, could not open TCP channel + The SOCKS 5 proxy "[HOST]:[PORT]" refused the connection, could not open TCP channel + <tag>fail</tag> <usetemplate name="okbutton" yestext="OK"/> @@ -7184,7 +7186,8 @@ Click and drag anywhere on the world to rotate your view icon="alertmodal.tga" name="SOCKS_NOT_ACCEPTABLE" type="alertmodal"> - The Socks5 proxy "[HOST]:[PORT]" refused the selected authentication system + The SOCKS 5 proxy "[HOST]:[PORT]" refused the selected authentication system + <tag>fail</tag> <usetemplate name="okbutton" yestext="OK"/> @@ -7194,7 +7197,8 @@ Click and drag anywhere on the world to rotate your view icon="alertmodal.tga" name="SOCKS_AUTH_FAIL" type="alertmodal"> - The Socks5 proxy "[HOST]:[PORT]" reported your credentials are invalid + The SOCKS 5 proxy "[HOST]:[PORT]" reported your credentials are invalid + <tag>fail</tag> <usetemplate name="okbutton" yestext="OK"/> @@ -7204,7 +7208,8 @@ Click and drag anywhere on the world to rotate your view icon="alertmodal.tga" name="SOCKS_UDP_FWD_NOT_GRANTED" type="alertmodal"> - The Socks5 proxy "[HOST]:[PORT]" refused the UDP associate request + The SOCKS 5 proxy "[HOST]:[PORT]" refused the UDP associate request + <tag>fail</tag> <usetemplate name="okbutton" yestext="OK"/> @@ -7214,7 +7219,8 @@ Click and drag anywhere on the world to rotate your view icon="alertmodal.tga" name="SOCKS_HOST_CONNECT_FAILED" type="alertmodal"> - Could not connect to Socks5 proxy server "[HOST]:[PORT]" + Could not connect to SOCKS 5 proxy server "[HOST]:[PORT]" + <tag>fail</tag> <usetemplate name="okbutton" yestext="OK"/> @@ -7224,7 +7230,8 @@ Click and drag anywhere on the world to rotate your view icon="alertmodal.tga" name="ChangeSocks5Settings" type="alert"> - Socks 5 proxy settings take effect after you restart [APP_NAME]. + SOCKS 5 proxy settings take effect after you restart [APP_NAME]. + <tag>fail</tag> <usetemplate name="okbutton" yestext="OK"/> diff --git a/indra/newview/skins/default/xui/en/panel_cof_wearables.xml b/indra/newview/skins/default/xui/en/panel_cof_wearables.xml index bbeb592e96..beea53437a 100644 --- a/indra/newview/skins/default/xui/en/panel_cof_wearables.xml +++ b/indra/newview/skins/default/xui/en/panel_cof_wearables.xml @@ -52,7 +52,7 @@ multi_select="true" name="list_attachments" top="0" - width="311"> + width="311" /> </accordion_tab> <accordion_tab layout="topleft" diff --git a/indra/newview/skins/default/xui/en/panel_preferences_privacy.xml b/indra/newview/skins/default/xui/en/panel_preferences_privacy.xml index 30be5bc853..47236c1a48 100644 --- a/indra/newview/skins/default/xui/en/panel_preferences_privacy.xml +++ b/indra/newview/skins/default/xui/en/panel_preferences_privacy.xml @@ -139,7 +139,7 @@ height="16" label="Add datestamp to log file name." layout="topleft" - left_detla="5" + left_delta="5" name="logfile_name_datestamp" top_pad="10" width="350"/> diff --git a/indra/newview/skins/default/xui/en/panel_preferences_setup.xml b/indra/newview/skins/default/xui/en/panel_preferences_setup.xml index d306e46d5e..b0281b11fd 100644 --- a/indra/newview/skins/default/xui/en/panel_preferences_setup.xml +++ b/indra/newview/skins/default/xui/en/panel_preferences_setup.xml @@ -79,7 +79,7 @@ <spinner control_name="ConnectionPort" enabled_control="ConnectionPortEnabled" - decimal_digits="0" + decimal_digits="0" follows="left|top" height="23" increment="1" |