STORM-1112 Input sanitization of proxy options.

author: Logan Dethrow <log@lindenlab.com> 2011-07-29 15:38:20 -0400
committer: Logan Dethrow <log@lindenlab.com> 2011-07-29 15:38:20 -0400
commit: d2c72cb7e92896cb414e357ef262d91b0498a6b7 (patch)
tree: 6fec31cc40456a9ffe7fcbf626555418199d425e /indra/llmessage
parent: f15d28a636da7b6d2784d9301e7a030b5bd38a8c (diff)
2 files changed, 68 insertions, 29 deletions
diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp
index e1970f1368..381308fb2a 100644
--- a/indra/llmessage/llproxy.cpp
+++ b/indra/llmessage/llproxy.cpp
@@ -68,7 +68,7 @@ LLProxy::LLProxy():
 
 LLProxy::~LLProxy()
 {
-	stopProxy();
+	stopSOCKSProxy();
 	sUDPProxyEnabled  = false;
 	sHTTPProxyEnabled = false;
 
@@ -95,14 +95,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port)
 	if (result != 0)
 	{
 		LL_WARNS("Proxy") << "SOCKS authentication request failed, error on TCP control channel : " << result << LL_ENDL;
-		stopProxy();
+		stopSOCKSProxy();
 		return SOCKS_CONNECT_ERROR;
 	}
 
 	if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE)
 	{
 		LL_WARNS("Proxy") << "SOCKS 5 server refused all our authentication methods" << LL_ENDL;
-		stopProxy();
+		stopSOCKSProxy();
 		return SOCKS_NOT_ACCEPTABLE;
 	}
 
@@ -126,14 +126,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port)
 		if (result != 0)
 		{
 			LL_WARNS("Proxy") << "SOCKS authentication failed, error on TCP control channel : " << result << LL_ENDL;
-			stopProxy();
+			stopSOCKSProxy();
 			return SOCKS_CONNECT_ERROR;
 		}
 
 		if (password_reply.status != AUTH_SUCCESS)
 		{
 			LL_WARNS("Proxy") << "SOCKS authentication failed" << LL_ENDL;
-			stopProxy();
+			stopSOCKSProxy();
 			return SOCKS_AUTH_FAIL;
 		}
 	}
@@ -156,14 +156,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port)
 	if (result != 0)
 	{
 		LL_WARNS("Proxy") << "SOCKS connect request failed, error on TCP control channel : " << result << LL_ENDL;
-		stopProxy();
+		stopSOCKSProxy();
 		return SOCKS_CONNECT_ERROR;
 	}
 
 	if (connect_reply.reply != REPLY_REQUEST_GRANTED)
 	{
 		LL_WARNS("Proxy") << "Connection to SOCKS 5 server failed, UDP forward request not granted" << LL_ENDL;
-		stopProxy();
+		stopSOCKSProxy();
 		return SOCKS_UDP_FWD_NOT_GRANTED;
 	}
 
@@ -174,37 +174,49 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port)
 	return SOCKS_OK;
 }
 
-S32 LLProxy::startProxy(std::string host, U32 port)
+S32 LLProxy::startSOCKSProxy(LLHost host)
 {
-	mTCPProxy.setHostByName(host);
-	mTCPProxy.setPort(port);
+	S32 status = SOCKS_OK;
 
-	S32 status;
+	if (host.isOk())
+	{
+		mTCPProxy = host;
+	}
+	else
+	{
+		status = SOCKS_INVALID_HOST;
+	}
 
-	if (mProxyControlChannel)
+	if (mProxyControlChannel && status == SOCKS_OK)
 	{
 		tcp_close_channel(&mProxyControlChannel);
 	}
 
-	mProxyControlChannel = tcp_open_channel(mPool, mTCPProxy);
-	if (!mProxyControlChannel)
+	if (status == SOCKS_OK)
+	{
+		mProxyControlChannel = tcp_open_channel(mPool, mTCPProxy);
+		if (!mProxyControlChannel)
+		{
+			status = SOCKS_HOST_CONNECT_FAILED;
+		}
+	}
+
+	if (status == SOCKS_OK)
 	{
-		return SOCKS_HOST_CONNECT_FAILED;
+		status = proxyHandshake(mTCPProxy, (U32)gMessageSystem->mPort);
 	}
-	status = proxyHandshake(mTCPProxy, (U32)gMessageSystem->mPort);
 	if (status == SOCKS_OK)
 	{
 		sUDPProxyEnabled = true;
 	}
 	else
 	{
-		stopProxy();
+		stopSOCKSProxy();
 	}
 	return status;
-
 }
 
-void LLProxy::stopProxy()
+void LLProxy::stopSOCKSProxy()
 {
 	sUDPProxyEnabled = false;
 
@@ -228,8 +240,15 @@ void LLProxy::setAuthNone()
 	mAuthMethodSelected = METHOD_NOAUTH;
 }
 
-void LLProxy::setAuthPassword(const std::string &username, const std::string &password)
+bool LLProxy::setAuthPassword(const std::string &username, const std::string &password)
 {
+	if (username.length() > SOCKSMAXUSERNAMELEN || password.length() > SOCKSMAXPASSWORDLEN ||
+			username.length() < SOCKSMINUSERNAMELEN || password.length() < SOCKSMINPASSWORDLEN)
+	{
+		LL_WARNS("Proxy") << "Invalid SOCKS 5 password or username length." << LL_ENDL;
+		return false;
+	}
+
 	mAuthMethodSelected = METHOD_PASSWORD;
 	mSocksUsername      = username;
 	mSocksPassword      = password;
@@ -240,10 +259,18 @@ void LLProxy::setAuthPassword(const std::string &username, const std::string &pa
 
 	LLMutexLock lock(&mProxyMutex);
 	mSOCKSAuthStrings.push_back(curl_auth_string);
+
+	return true;
 }
 
-void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type)
-{ 
+bool LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type)
+{
+	if (httpHost.isOk())
+	{
+		LL_WARNS("Proxy") << "Invalid SOCKS 5 Server" << LL_ENDL;
+		return false;
+	}
+
 	LLMutexLock lock(&mProxyMutex);
 
 	sHTTPProxyEnabled = true;
@@ -254,13 +281,17 @@ void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type)
 	char* http_addr_string = new char[size];
 	strncpy(http_addr_string, httpHost.getIPString().c_str(), size);
 	mHTTPProxyAddrStrings.push_back(http_addr_string);
+
+	return true;
 }
 
-void LLProxy::enableHTTPProxy()
+bool LLProxy::enableHTTPProxy()
 {
 	LLMutexLock lock(&mProxyMutex);
 
 	sHTTPProxyEnabled = true;
+
+	return true;
 }
 
 void LLProxy::disableHTTPProxy()
@@ -273,7 +304,7 @@ void LLProxy::disableHTTPProxy()
 //static
 void LLProxy::cleanupClass()
 {
-	getInstance()->stopProxy();
+	getInstance()->stopSOCKSProxy();
 	deleteSingleton();
 }
 
diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h
index df1ec9121e..ce5bdec5ad 100644
--- a/indra/llmessage/llproxy.h
+++ b/indra/llmessage/llproxy.h
@@ -44,11 +44,19 @@
 #define SOCKS_AUTH_FAIL (-4)
 #define SOCKS_UDP_FWD_NOT_GRANTED (-5)
 #define SOCKS_HOST_CONNECT_FAILED (-6)
+#define SOCKS_INVALID_HOST (-7)
+
 
 #ifndef MAXHOSTNAMELEN
 #define	MAXHOSTNAMELEN (255 + 1) /* socks5: 255, +1 for len. */
 #endif
 
+#define SOCKSMAXUSERNAMELEN 255
+#define SOCKSMAXPASSWORDLEN 255
+
+#define SOCKSMINUSERNAMELEN 1
+#define SOCKSMINPASSWORDLEN 1
+
 #define SOCKS_VERSION 0x05 // we are using SOCKS 5
 
 #define SOCKS_HEADER_SIZE 10
@@ -165,16 +173,16 @@ public:
 	~LLProxy();
 
 	// Start a connection to the SOCKS 5 proxy
-	S32 startProxy(std::string host, U32 port);
+	S32 startSOCKSProxy(LLHost host);
 
 	// Disconnect and clean up any connection to the SOCKS 5 proxy
-	void stopProxy();
+	void stopSOCKSProxy();
 
 	// Delete LLProxy singleton, destroying the APR pool used by the control channel.
 	static void cleanupClass();
 
 	// Set up to use Password auth when connecting to the SOCKS proxy
-	void setAuthPassword(const std::string &username, const std::string &password);
+	bool setAuthPassword(const std::string &username, const std::string &password);
 
 	// Set up to use No Auth when connecting to the SOCKS proxy
 	void setAuthNone();
@@ -190,8 +198,8 @@ public:
 
 	// Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy
 	// as specified in type
-	void enableHTTPProxy(LLHost httpHost, LLHttpProxyType type);
-	void enableHTTPProxy();
+	bool enableHTTPProxy(LLHost httpHost, LLHttpProxyType type);
+	bool enableHTTPProxy();
 
 	// Stop proxying HTTP packets
 	void disableHTTPProxy();
author	Logan Dethrow <log@lindenlab.com>	2011-07-29 15:38:20 -0400
committer	Logan Dethrow <log@lindenlab.com>	2011-07-29 15:38:20 -0400
commit	d2c72cb7e92896cb414e357ef262d91b0498a6b7 (patch)
tree	6fec31cc40456a9ffe7fcbf626555418199d425e /indra/llmessage
parent	f15d28a636da7b6d2784d9301e7a030b5bd38a8c (diff)