From ef490e308ccce8e6df85144784a0f4580f5ac6a1 Mon Sep 17 00:00:00 2001 From: Aleric Inglewood Date: Sat, 5 Feb 2011 15:58:07 +0100 Subject: Introduces a LLThreadLocalData class that can be accessed through the static LLThread::tldata(). Currently this object contains two (public) thread-local objects: a LLAPRRootPool and a LLVolatileAPRPool. The first is the general memory pool used by this thread (and this thread alone), while the second is intended for short lived memory allocations (needed for APR). The advantages of not mixing those two is that the latter is used most frequently, and as a result of it's nature can be destroyed and reconstructed on a "regular" basis. This patch adds LLAPRPool (completely replacing the old one), which is a wrapper around apr_pool_t* and has complete thread-safity checking. Whenever an apr call requires memory for some resource, a memory pool in the form of an LLAPRPool object can be created with the same life-time as this resource; assuring clean up of the memory no sooner, but also not much later than the life-time of the resource that needs the memory. Many, many function calls and constructors had the pool parameter simply removed (it is no longer the concern of the developer, if you don't write code that actually does an libapr call then you are no longer bothered with memory pools at all). However, I kept the notion of short-lived and long-lived allocations alive (see my remark in the jira here: https://jira.secondlife.com/browse/STORM-864?focusedCommentId=235356&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-235356 which requires that the LLAPRFile API needs to allow the user to specify how long they think a file will stay open. By choosing 'short_lived' as default for the constructor that immediately opens a file, the number of instances where this needs to be specified is drastically reduced however (obviously, any automatic LLAPRFile is short lived). *** Addressed Boroondas remarks in https://codereview.secondlife.com/r/99/ regarding (doxygen) comments. This patch effectively only changes comments. Includes some 'merge' stuff that ended up in llvocache.cpp (while starting as a bug fix, now only resulting in a cleanup). *** Added comment 'The use of apr_pool_t is OK here'. Added this comment on every line where apr_pool_t is correctly being used. This should make it easier to spot (future) errors where someone started to use apr_pool_t; you can just grep all sources for 'apr_pool_t' and immediately see where it's being used while LLAPRPool should have been used. Note that merging this patch is very easy: If there are no other uses of apr_pool_t in the code (one grep) and it compiles, then it will work. *** Second Merge (needed to remove 'delete mCreationMutex' from LLImageDecodeThread::~LLImageDecodeThread). *** Added back #include . Apparently that is needed on libapr version 1.2.8., the version used by Linden Lab, for calls to apr_queue_*. This is a bug in libapr (we also include , that is fixed in (at least) 1.3.7. Note that 1.2.8 is VERY old. Even 1.3.x is old. *** License fixes (GPL -> LGPL). And typo in comments. Addresses merov's comments on the review board. *** Added Merov's compile fixes for windows. --- indra/llmessage/llares.cpp | 17 ++----- indra/llmessage/llcurl.cpp | 2 +- indra/llmessage/lliohttpserver.cpp | 10 ++-- indra/llmessage/lliohttpserver.h | 2 +- indra/llmessage/lliosocket.cpp | 99 ++++++++++++++------------------------ indra/llmessage/lliosocket.h | 33 ++++--------- indra/llmessage/llmail.cpp | 17 ++++--- indra/llmessage/llmail.h | 4 +- indra/llmessage/llpumpio.cpp | 74 ++++++++++------------------ indra/llmessage/llpumpio.h | 31 ++++-------- indra/llmessage/llurlrequest.cpp | 25 ++++++---- indra/llmessage/message.cpp | 17 +++---- indra/llmessage/tests/networkio.h | 9 +--- 13 files changed, 122 insertions(+), 218 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llares.cpp b/indra/llmessage/llares.cpp index 5a67035ed1..fab9858b69 100644 --- a/indra/llmessage/llares.cpp +++ b/indra/llmessage/llares.cpp @@ -28,6 +28,7 @@ #include "linden_common.h" #include "llares.h" +#include "llscopedvolatileaprpool.h" #include #include @@ -464,11 +465,6 @@ void LLAres::search(const std::string &query, LLResType type, bool LLAres::process(U64 timeout) { - if (!gAPRPoolp) - { - ll_init_apr(); - } - ares_socket_t socks[ARES_GETSOCK_MAXNUM]; apr_pollfd_t aprFds[ARES_GETSOCK_MAXNUM]; apr_int32_t nsds = 0; @@ -482,10 +478,7 @@ bool LLAres::process(U64 timeout) return nsds > 0; } - apr_status_t status; - LLAPRPool pool; - status = pool.getStatus() ; - ll_apr_assert_status(status); + LLScopedVolatileAPRPool scoped_pool; for (int i = 0; i < ARES_GETSOCK_MAXNUM; i++) { @@ -502,7 +495,7 @@ bool LLAres::process(U64 timeout) apr_socket_t *aprSock = NULL; - status = apr_os_sock_put(&aprSock, (apr_os_sock_t *) &socks[i], pool.getAPRPool()); + apr_status_t status = apr_os_sock_put(&aprSock, (apr_os_sock_t *) &socks[i], scoped_pool); if (status != APR_SUCCESS) { ll_apr_warn_status(status); @@ -511,7 +504,7 @@ bool LLAres::process(U64 timeout) aprFds[nactive].desc.s = aprSock; aprFds[nactive].desc_type = APR_POLL_SOCKET; - aprFds[nactive].p = pool.getAPRPool(); + aprFds[nactive].p = scoped_pool; aprFds[nactive].rtnevents = 0; aprFds[nactive].client_data = &socks[i]; @@ -520,7 +513,7 @@ bool LLAres::process(U64 timeout) if (nactive > 0) { - status = apr_poll(aprFds, nactive, &nsds, timeout); + apr_status_t status = apr_poll(aprFds, nactive, &nsds, timeout); if (status != APR_SUCCESS && status != APR_TIMEUP) { diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index a485fa0160..4d3b382f7a 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -1039,7 +1039,7 @@ void LLCurl::initClass() S32 mutex_count = CRYPTO_num_locks(); for (S32 i=0; i factory_ptr(factory); - LLIOServerSocket* server = new LLIOServerSocket(pool, socket, factory_ptr); + LLIOServerSocket* server = new LLIOServerSocket(socket, factory_ptr); LLPumpIO::chain_t chain; chain.push_back(LLIOPipe::ptr_t(server)); diff --git a/indra/llmessage/lliohttpserver.h b/indra/llmessage/lliohttpserver.h index 5c1b0531ff..2294e4b8ae 100644 --- a/indra/llmessage/lliohttpserver.h +++ b/indra/llmessage/lliohttpserver.h @@ -50,7 +50,7 @@ class LLIOHTTPServer public: typedef void (*timing_callback_t)(const char* hashed_name, F32 time, void* data); - static LLHTTPNode& create(apr_pool_t* pool, LLPumpIO& pump, U16 port); + static LLHTTPNode& create(LLPumpIO& pump, U16 port); /**< Creates an HTTP wire server on the pump for the given TCP port. * * Returns the root node of the new server. Add LLHTTPNode instances diff --git a/indra/llmessage/lliosocket.cpp b/indra/llmessage/lliosocket.cpp index ca84fa8bb8..e802d9b3a6 100644 --- a/indra/llmessage/lliosocket.cpp +++ b/indra/llmessage/lliosocket.cpp @@ -35,6 +35,7 @@ #include "llhost.h" #include "llmemtype.h" #include "llpumpio.h" +#include "llthread.h" // // constants @@ -98,51 +99,31 @@ void ll_debug_socket(const char* msg, apr_socket_t* apr_sock) /// // static -LLSocket::ptr_t LLSocket::create(apr_pool_t* pool, EType type, U16 port) +LLSocket::ptr_t LLSocket::create(EType type, U16 port) { LLMemType m1(LLMemType::MTYPE_IO_TCP); - LLSocket::ptr_t rv; - apr_socket_t* socket = NULL; - apr_pool_t* new_pool = NULL; apr_status_t status = APR_EGENERAL; - - // create a pool for the socket - status = apr_pool_create(&new_pool, pool); - if(ll_apr_warn_status(status)) - { - if(new_pool) apr_pool_destroy(new_pool); - return rv; - } + LLSocket::ptr_t rv(new LLSocket); if(STREAM_TCP == type) { - status = apr_socket_create( - &socket, - APR_INET, - SOCK_STREAM, - APR_PROTO_TCP, - new_pool); + status = apr_socket_create(&rv->mSocket, APR_INET, SOCK_STREAM, APR_PROTO_TCP, rv->mPool()); } else if(DATAGRAM_UDP == type) { - status = apr_socket_create( - &socket, - APR_INET, - SOCK_DGRAM, - APR_PROTO_UDP, - new_pool); + status = apr_socket_create(&rv->mSocket, APR_INET, SOCK_DGRAM, APR_PROTO_UDP, rv->mPool()); } else { - if(new_pool) apr_pool_destroy(new_pool); + rv.reset(); return rv; } if(ll_apr_warn_status(status)) { - if(new_pool) apr_pool_destroy(new_pool); + rv->mSocket = NULL; + rv.reset(); return rv; } - rv = ptr_t(new LLSocket(socket, new_pool)); if(port > 0) { apr_sockaddr_t* sa = NULL; @@ -152,7 +133,7 @@ LLSocket::ptr_t LLSocket::create(apr_pool_t* pool, EType type, U16 port) APR_UNSPEC, port, 0, - new_pool); + rv->mPool()); if(ll_apr_warn_status(status)) { rv.reset(); @@ -160,8 +141,8 @@ LLSocket::ptr_t LLSocket::create(apr_pool_t* pool, EType type, U16 port) } // This allows us to reuse the address on quick down/up. This // is unlikely to create problems. - ll_apr_warn_status(apr_socket_opt_set(socket, APR_SO_REUSEADDR, 1)); - status = apr_socket_bind(socket, sa); + ll_apr_warn_status(apr_socket_opt_set(rv->mSocket, APR_SO_REUSEADDR, 1)); + status = apr_socket_bind(rv->mSocket, sa); if(ll_apr_warn_status(status)) { rv.reset(); @@ -175,7 +156,7 @@ LLSocket::ptr_t LLSocket::create(apr_pool_t* pool, EType type, U16 port) // to keep a queue of incoming connections for ACCEPT. lldebugs << "Setting listen state for socket." << llendl; status = apr_socket_listen( - socket, + rv->mSocket, LL_DEFAULT_LISTEN_BACKLOG); if(ll_apr_warn_status(status)) { @@ -196,21 +177,28 @@ LLSocket::ptr_t LLSocket::create(apr_pool_t* pool, EType type, U16 port) } // static -LLSocket::ptr_t LLSocket::create(apr_socket_t* socket, apr_pool_t* pool) +LLSocket::ptr_t LLSocket::create(apr_status_t& status, LLSocket::ptr_t& listen_socket) { LLMemType m1(LLMemType::MTYPE_IO_TCP); - LLSocket::ptr_t rv; - if(!socket) + if (!listen_socket->getSocket()) + { + status = APR_ENOSOCKET; + return LLSocket::ptr_t(); + } + LLSocket::ptr_t rv(new LLSocket); + lldebugs << "accepting socket" << llendl; + status = apr_socket_accept(&rv->mSocket, listen_socket->getSocket(), rv->mPool()); + if (status != APR_SUCCESS) { + rv->mSocket = NULL; + rv.reset(); return rv; } - rv = ptr_t(new LLSocket(socket, pool)); rv->mPort = PORT_EPHEMERAL; rv->setOptions(); return rv; } - bool LLSocket::blockingConnect(const LLHost& host) { if(!mSocket) return false; @@ -223,7 +211,7 @@ bool LLSocket::blockingConnect(const LLHost& host) APR_UNSPEC, host.getPort(), 0, - mPool))) + mPool()))) { return false; } @@ -234,13 +222,11 @@ bool LLSocket::blockingConnect(const LLHost& host) return true; } -LLSocket::LLSocket(apr_socket_t* socket, apr_pool_t* pool) : - mSocket(socket), - mPool(pool), +LLSocket::LLSocket() : + mSocket(NULL), + mPool(LLThread::tldata().mRootPool), mPort(PORT_INVALID) { - ll_debug_socket("Constructing wholely formed socket", mSocket); - LLMemType m1(LLMemType::MTYPE_IO_TCP); } LLSocket::~LLSocket() @@ -252,10 +238,6 @@ LLSocket::~LLSocket() ll_debug_socket("Destroying socket", mSocket); apr_socket_close(mSocket); } - if(mPool) - { - apr_pool_destroy(mPool); - } } void LLSocket::setOptions() @@ -516,10 +498,8 @@ LLIOPipe::EStatus LLIOSocketWriter::process_impl( /// LLIOServerSocket::LLIOServerSocket( - apr_pool_t* pool, LLIOServerSocket::socket_t listener, factory_t factory) : - mPool(pool), mListenSocket(listener), mReactor(factory), mInitialized(false), @@ -579,21 +559,15 @@ LLIOPipe::EStatus LLIOServerSocket::process_impl( lldebugs << "accepting socket" << llendl; PUMP_DEBUG; - apr_pool_t* new_pool = NULL; - apr_status_t status = apr_pool_create(&new_pool, mPool); - apr_socket_t* socket = NULL; - status = apr_socket_accept( - &socket, - mListenSocket->getSocket(), - new_pool); - LLSocket::ptr_t llsocket(LLSocket::create(socket, new_pool)); + apr_status_t status; + LLSocket::ptr_t llsocket(LLSocket::create(status, mListenSocket)); //EStatus rv = STATUS_ERROR; - if(llsocket) + if(llsocket && status == APR_SUCCESS) { PUMP_DEBUG; apr_sockaddr_t* remote_addr; - apr_socket_addr_get(&remote_addr, APR_REMOTE, socket); + apr_socket_addr_get(&remote_addr, APR_REMOTE, llsocket->getSocket()); char* remote_host_string; apr_sockaddr_ip_get(&remote_host_string, remote_addr); @@ -608,7 +582,6 @@ LLIOPipe::EStatus LLIOServerSocket::process_impl( { chain.push_back(LLIOPipe::ptr_t(new LLIOSocketWriter(llsocket))); pump->addChain(chain, mResponseTimeout); - status = STATUS_OK; } else { @@ -617,7 +590,8 @@ LLIOPipe::EStatus LLIOServerSocket::process_impl( } else { - llwarns << "Unable to create linden socket." << llendl; + char buf[256]; + llwarns << "Unable to accept linden socket: " << apr_strerror(status, buf, sizeof(buf)) << llendl; } PUMP_DEBUG; @@ -630,11 +604,10 @@ LLIOPipe::EStatus LLIOServerSocket::process_impl( #if 0 LLIODataSocket::LLIODataSocket( U16 suggested_port, - U16 start_discovery_port, - apr_pool_t* pool) : + U16 start_discovery_port) : mSocket(NULL) { - if(!pool || (PORT_INVALID == suggested_port)) return; + if(PORT_INVALID == suggested_port) return; if(ll_apr_warn_status(apr_socket_create(&mSocket, APR_INET, SOCK_DGRAM, APR_PROTO_UDP, pool))) return; apr_sockaddr_t* sa = NULL; if(ll_apr_warn_status(apr_sockaddr_info_get(&sa, APR_ANYADDR, APR_UNSPEC, suggested_port, 0, pool))) return; diff --git a/indra/llmessage/lliosocket.h b/indra/llmessage/lliosocket.h index 6806e5084a..1e35225512 100644 --- a/indra/llmessage/lliosocket.h +++ b/indra/llmessage/lliosocket.h @@ -38,7 +38,6 @@ */ #include "lliopipe.h" -#include "apr_pools.h" #include "apr_network_io.h" #include "llchainio.h" @@ -88,34 +87,22 @@ public: * socket. If you intend the socket to be known to external * clients without prior port notification, do not use * PORT_EPHEMERAL. - * @param pool The apr pool to use. A child pool will be created - * and associated with the socket. * @param type The type of socket to create * @param port The port for the socket * @return A valid socket shared pointer if the call worked. */ static ptr_t create( - apr_pool_t* pool, EType type, U16 port = PORT_EPHEMERAL); /** - * @brief Create a LLSocket when you already have an apr socket. + * @brief Create a LLSocket by accepting a connection from a listen socket. * - * This method assumes an ephemeral port. This is typically used - * by calls which spawn a socket such as a call to - * accept() as in the server socket. This call should - * not fail if you have a valid apr socket. - * Because of the nature of how accept() works, you are expected - * to create a new pool for the socket, use that pool for the - * accept, and pass it in here where it will be bound with the - * socket and destroyed at the same time. - * @param socket The apr socket to use - * @param pool The pool used to create the socket. *NOTE: The pool - * passed in will be DESTROYED. + * @param status Output. Status of the accept if a valid listen socket was passed. + * @param listen_socket The listen socket to use. * @return A valid socket shared pointer if the call worked. */ - static ptr_t create(apr_socket_t* socket, apr_pool_t* pool); + static ptr_t create(apr_status_t& status, ptr_t& listen_socket); /** * @brief Perform a blocking connect to a host. Do not use in production. @@ -150,7 +137,7 @@ protected: * @brief Protected constructor since should only make sockets * with one of the two create() calls. */ - LLSocket(apr_socket_t* socket, apr_pool_t* pool); + LLSocket(void); /** * @brief Set default socket options. @@ -167,8 +154,8 @@ protected: // The apr socket. apr_socket_t* mSocket; - // our memory pool - apr_pool_t* mPool; + // Our memory pool. + LLAPRPool mPool; // The port if we know it. U16 mPort; @@ -293,7 +280,7 @@ class LLIOServerSocket : public LLIOPipe public: typedef LLSocket::ptr_t socket_t; typedef boost::shared_ptr factory_t; - LLIOServerSocket(apr_pool_t* pool, socket_t listener, factory_t reactor); + LLIOServerSocket(socket_t listener, factory_t reactor); virtual ~LLIOServerSocket(); /** @@ -325,7 +312,6 @@ protected: //@} protected: - apr_pool_t* mPool; socket_t mListenSocket; factory_t mReactor; bool mInitialized; @@ -359,8 +345,7 @@ public: */ LLIODataSocket( U16 suggested_port, - U16 start_discovery_port, - apr_pool_t* pool); + U16 start_discovery_port); virtual ~LLIODataSocket(); protected: diff --git a/indra/llmessage/llmail.cpp b/indra/llmessage/llmail.cpp index 08b31e9c7a..8a898ab1b0 100644 --- a/indra/llmessage/llmail.cpp +++ b/indra/llmessage/llmail.cpp @@ -50,6 +50,7 @@ #include "llstring.h" #include "lluuid.h" #include "net.h" +#include "llaprpool.h" // // constants @@ -57,7 +58,7 @@ const size_t LL_MAX_KNOWN_GOOD_MAIL_SIZE = 4096; static bool gMailEnabled = true; -static apr_pool_t* gMailPool; +static LLAPRPool gMailPool; static apr_sockaddr_t* gSockAddr; static apr_socket_t* gMailSocket; @@ -82,7 +83,7 @@ bool connect_smtp() gSockAddr->sa.sin.sin_family, SOCK_STREAM, APR_PROTO_TCP, - gMailPool); + gMailPool()); if(ll_apr_warn_status(status)) return false; status = apr_socket_connect(gMailSocket, gSockAddr); if(ll_apr_warn_status(status)) @@ -139,19 +140,19 @@ BOOL LLMail::send( } // static -void LLMail::init(const std::string& hostname, apr_pool_t* pool) +void LLMail::init(const std::string& hostname) { gMailSocket = NULL; - if(hostname.empty() || !pool) + if (hostname.empty()) { - gMailPool = NULL; gSockAddr = NULL; + gMailPool.destroy(); } else { - gMailPool = pool; + gMailPool.create(); - // collect all the information into a socaddr sturcture. the + // Collect all the information into a sockaddr structure. the // documentation is a bit unclear, but I either have to // specify APR_UNSPEC or not specify any flags. I am not sure // which option is better. @@ -161,7 +162,7 @@ void LLMail::init(const std::string& hostname, apr_pool_t* pool) APR_UNSPEC, 25, APR_IPV4_ADDR_OK, - gMailPool); + gMailPool()); ll_apr_warn_status(status); } } diff --git a/indra/llmessage/llmail.h b/indra/llmessage/llmail.h index 3791714363..0a5c532088 100644 --- a/indra/llmessage/llmail.h +++ b/indra/llmessage/llmail.h @@ -27,15 +27,13 @@ #ifndef LL_LLMAIL_H #define LL_LLMAIL_H -typedef struct apr_pool_t apr_pool_t; - #include "llsd.h" class LLMail { public: // if hostname is NULL, then the host is resolved as 'mail' - static void init(const std::string& hostname, apr_pool_t* pool); + static void init(const std::string& hostname); // Allow all email transmission to be disabled/enabled. static void enable(bool mail_enabled); diff --git a/indra/llmessage/llpumpio.cpp b/indra/llmessage/llpumpio.cpp index a8d2a0a224..89cfd66e1b 100644 --- a/indra/llmessage/llpumpio.cpp +++ b/indra/llmessage/llpumpio.cpp @@ -37,6 +37,7 @@ #include "llmemtype.h" #include "llstl.h" #include "llstat.h" +#include "llthread.h" // These should not be enabled in production, but they can be // intensely useful during development for finding certain kinds of @@ -162,14 +163,12 @@ struct ll_delete_apr_pollset_fd_client_data /** * LLPumpIO */ -LLPumpIO::LLPumpIO(apr_pool_t* pool) : +LLPumpIO::LLPumpIO(void) : mState(LLPumpIO::NORMAL), mRebuildPollset(false), mPollset(NULL), mPollsetClientID(0), mNextLock(0), - mPool(NULL), - mCurrentPool(NULL), mCurrentPoolReallocCount(0), mChainsMutex(NULL), mCallbackMutex(NULL), @@ -178,21 +177,24 @@ LLPumpIO::LLPumpIO(apr_pool_t* pool) : mCurrentChain = mRunningChains.end(); LLMemType m1(LLMemType::MTYPE_IO_PUMP); - initialize(pool); + initialize(); } LLPumpIO::~LLPumpIO() { LLMemType m1(LLMemType::MTYPE_IO_PUMP); - cleanup(); -} - -bool LLPumpIO::prime(apr_pool_t* pool) -{ - LLMemType m1(LLMemType::MTYPE_IO_PUMP); - cleanup(); - initialize(pool); - return ((pool == NULL) ? false : true); +#if LL_THREADS_APR + if (mChainsMutex) apr_thread_mutex_destroy(mChainsMutex); + if (mCallbackMutex) apr_thread_mutex_destroy(mCallbackMutex); +#endif + mChainsMutex = NULL; + mCallbackMutex = NULL; + if(mPollset) + { +// lldebugs << "cleaning up pollset" << llendl; + apr_pollset_destroy(mPollset); + mPollset = NULL; + } } bool LLPumpIO::addChain(const chain_t& chain, F32 timeout) @@ -352,8 +354,7 @@ bool LLPumpIO::setConditional(LLIOPipe* pipe, const apr_pollfd_t* poll) { // each fd needs a pool to work with, so if one was // not specified, use this pool. - // *FIX: Should it always be this pool? - value.second.p = mPool; + value.second.p = (*mCurrentChain).mDescriptorsPool->operator()(); } value.second.client_data = new S32(++mPollsetClientID); (*mCurrentChain).mDescriptors.push_back(value); @@ -825,39 +826,15 @@ void LLPumpIO::control(LLPumpIO::EControl op) } } -void LLPumpIO::initialize(apr_pool_t* pool) +void LLPumpIO::initialize(void) { LLMemType m1(LLMemType::MTYPE_IO_PUMP); - if(!pool) return; + mPool.create(); #if LL_THREADS_APR // SJB: Windows defaults to NESTED and OSX defaults to UNNESTED, so use UNNESTED explicitly. - apr_thread_mutex_create(&mChainsMutex, APR_THREAD_MUTEX_UNNESTED, pool); - apr_thread_mutex_create(&mCallbackMutex, APR_THREAD_MUTEX_UNNESTED, pool); -#endif - mPool = pool; -} - -void LLPumpIO::cleanup() -{ - LLMemType m1(LLMemType::MTYPE_IO_PUMP); -#if LL_THREADS_APR - if(mChainsMutex) apr_thread_mutex_destroy(mChainsMutex); - if(mCallbackMutex) apr_thread_mutex_destroy(mCallbackMutex); + apr_thread_mutex_create(&mChainsMutex, APR_THREAD_MUTEX_UNNESTED, mPool()); + apr_thread_mutex_create(&mCallbackMutex, APR_THREAD_MUTEX_UNNESTED, mPool()); #endif - mChainsMutex = NULL; - mCallbackMutex = NULL; - if(mPollset) - { -// lldebugs << "cleaning up pollset" << llendl; - apr_pollset_destroy(mPollset); - mPollset = NULL; - } - if(mCurrentPool) - { - apr_pool_destroy(mCurrentPool); - mCurrentPool = NULL; - } - mPool = NULL; } void LLPumpIO::rebuildPollset() @@ -885,21 +862,19 @@ void LLPumpIO::rebuildPollset() if(mCurrentPool && (0 == (++mCurrentPoolReallocCount % POLLSET_POOL_RECYCLE_COUNT))) { - apr_pool_destroy(mCurrentPool); - mCurrentPool = NULL; + mCurrentPool.destroy(); mCurrentPoolReallocCount = 0; } if(!mCurrentPool) { - apr_status_t status = apr_pool_create(&mCurrentPool, mPool); - (void)ll_apr_warn_status(status); + mCurrentPool.create(mPool); } // add all of the file descriptors run_it = mRunningChains.begin(); LLChainInfo::conditionals_t::iterator fd_it; LLChainInfo::conditionals_t::iterator fd_end; - apr_pollset_create(&mPollset, size, mCurrentPool, 0); + apr_pollset_create(&mPollset, size, mCurrentPool(), 0); for(; run_it != run_end; ++run_it) { fd_it = (*run_it).mDescriptors.begin(); @@ -1157,7 +1132,8 @@ bool LLPumpIO::handleChainError( LLPumpIO::LLChainInfo::LLChainInfo() : mInit(false), mLock(0), - mEOS(false) + mEOS(false), + mDescriptorsPool(new LLAPRPool(LLThread::tldata().mRootPool)) { LLMemType m1(LLMemType::MTYPE_IO_PUMP); mTimer.setTimerExpirySec(DEFAULT_CHAIN_EXPIRY_SECS); diff --git a/indra/llmessage/llpumpio.h b/indra/llmessage/llpumpio.h index 9303c9d7fc..75c35ae7ab 100644 --- a/indra/llmessage/llpumpio.h +++ b/indra/llmessage/llpumpio.h @@ -30,11 +30,12 @@ #define LL_LLPUMPIO_H #include +#include #if LL_LINUX // needed for PATH_MAX in APR. #include #endif -#include "apr_pools.h" +#include "llaprpool.h" #include "llbuffer.h" #include "llframetimer.h" #include "lliopipe.h" @@ -58,9 +59,8 @@ extern const F32 NEVER_CHAIN_EXPIRY_SECS; * pump() on a thread used for IO and call * respond() on a thread that is expected to do higher * level processing. You can call almost any other method from any - * thread - see notes for each method for details. In order for the - * threading abstraction to work, you need to call prime() - * with a valid apr pool. + * thread - see notes for each method for details. + * * A pump instance manages much of the state for the pipe, including * the list of pipes in the chain, the channel for each element in the * chain, the buffer, and if any pipe has marked the stream or process @@ -79,24 +79,13 @@ public: /** * @brief Constructor. */ - LLPumpIO(apr_pool_t* pool); + LLPumpIO(void); /** * @brief Destructor. */ ~LLPumpIO(); - /** - * @brief Prepare this pump for usage. - * - * If you fail to call this method prior to use, the pump will - * try to work, but will not come with any thread locking - * mechanisms. - * @param pool The apr pool to use. - * @return Returns true if the pump is primed. - */ - bool prime(apr_pool_t* pool); - /** * @brief Typedef for having a chain of pipes. */ @@ -368,6 +357,7 @@ protected: typedef std::pair pipe_conditional_t; typedef std::vector conditionals_t; conditionals_t mDescriptors; + boost::shared_ptr mDescriptorsPool; }; // All the running chains & info @@ -386,9 +376,9 @@ protected: callbacks_t mPendingCallbacks; callbacks_t mCallbacks; - // memory allocator for pollsets & mutexes. - apr_pool_t* mPool; - apr_pool_t* mCurrentPool; + // Memory pool for pollsets & mutexes. + LLAPRPool mPool; + LLAPRPool mCurrentPool; S32 mCurrentPoolReallocCount; #if LL_THREADS_APR @@ -400,8 +390,7 @@ protected: #endif protected: - void initialize(apr_pool_t* pool); - void cleanup(); + void initialize(); /** * @brief Given the internal state of the chains, rebuild the pollset diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index cb9d1c3731..83b6f7cf71 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -40,6 +40,7 @@ #include "llstring.h" #include "apr_env.h" #include "llapr.h" +#include "llscopedvolatileaprpool.h" static const U32 HTTP_STATUS_PIPE_ERROR = 499; /** @@ -210,27 +211,31 @@ void LLURLRequest::setCallback(LLURLRequestComplete* callback) // is called with use_proxy = FALSE void LLURLRequest::useProxy(bool use_proxy) { - static char *env_proxy; + static std::string env_proxy; - if (use_proxy && (env_proxy == NULL)) + if (use_proxy && env_proxy.empty()) { - apr_status_t status; - LLAPRPool pool; - status = apr_env_get(&env_proxy, "ALL_PROXY", pool.getAPRPool()); + char* env_proxy_str; + LLScopedVolatileAPRPool scoped_pool; + apr_status_t status = apr_env_get(&env_proxy_str, "ALL_PROXY", scoped_pool); if (status != APR_SUCCESS) { - status = apr_env_get(&env_proxy, "http_proxy", pool.getAPRPool()); + status = apr_env_get(&env_proxy_str, "http_proxy", scoped_pool); } if (status != APR_SUCCESS) { - use_proxy = FALSE; + use_proxy = false; } + else + { + // env_proxy_str is stored in the scoped_pool, so we have to make a copy. + env_proxy = env_proxy_str; + } } + lldebugs << "use_proxy = " << (use_proxy?'Y':'N') << ", env_proxy = \"" << env_proxy << "\"" << llendl; - lldebugs << "use_proxy = " << (use_proxy?'Y':'N') << ", env_proxy = " << (env_proxy ? env_proxy : "(null)") << llendl; - - if (env_proxy && use_proxy) + if (use_proxy) { mDetail->mCurlRequest->setoptString(CURLOPT_PROXY, env_proxy); } diff --git a/indra/llmessage/message.cpp b/indra/llmessage/message.cpp index 2f0d815be5..302cfc7ca2 100644 --- a/indra/llmessage/message.cpp +++ b/indra/llmessage/message.cpp @@ -97,8 +97,10 @@ std::string get_shared_secret(); class LLMessagePollInfo { public: + LLMessagePollInfo(void) : mPool(LLThread::tldata().mRootPool) { } apr_socket_t *mAPRSocketp; apr_pollfd_t mPollFD; + LLAPRPool mPool; }; namespace @@ -287,20 +289,13 @@ LLMessageSystem::LLMessageSystem(const std::string& filename, U32 port, } // LL_DEBUGS("Messaging") << << "*** port: " << mPort << llendl; - // - // Create the data structure that we can poll on - // - if (!gAPRPoolp) - { - LL_ERRS("Messaging") << "No APR pool before message system initialization!" << llendl; - ll_init_apr(); - } + mPollInfop = new LLMessagePollInfo; + apr_socket_t *aprSocketp = NULL; - apr_os_sock_put(&aprSocketp, (apr_os_sock_t*)&mSocket, gAPRPoolp); + apr_os_sock_put(&aprSocketp, (apr_os_sock_t*)&mSocket, mPollInfop->mPool()); - mPollInfop = new LLMessagePollInfo; mPollInfop->mAPRSocketp = aprSocketp; - mPollInfop->mPollFD.p = gAPRPoolp; + mPollInfop->mPollFD.p = mPollInfop->mPool(); mPollInfop->mPollFD.desc_type = APR_POLL_SOCKET; mPollInfop->mPollFD.reqevents = APR_POLLIN; mPollInfop->mPollFD.rtnevents = 0; diff --git a/indra/llmessage/tests/networkio.h b/indra/llmessage/tests/networkio.h index 2aff90ca1e..23e1c791f4 100644 --- a/indra/llmessage/tests/networkio.h +++ b/indra/llmessage/tests/networkio.h @@ -30,7 +30,6 @@ #define LL_NETWORKIO_H #include "llmemory.h" // LLSingleton -#include "llapr.h" #include "llares.h" #include "llpumpio.h" #include "llhttpclient.h" @@ -48,14 +47,8 @@ public: mServicePump(NULL), mDone(false) { - ll_init_apr(); - if (! gAPRPoolp) - { - throw std::runtime_error("Can't initialize APR"); - } - // Create IO Pump to use for HTTP Requests. - mServicePump = new LLPumpIO(gAPRPoolp); + mServicePump = new LLPumpIO; LLHTTPClient::setPump(*mServicePump); if (ll_init_ares() == NULL || !gAres->isInitialized()) { -- cgit v1.2.3 From 74d9bf0d5525426feae4ea21e2a81034ddcf4d7f Mon Sep 17 00:00:00 2001 From: Robin Cornelius Date: Mon, 28 Mar 2011 11:20:06 +0100 Subject: VWR-20801 Implement SOCKS 5 Proxy for the viewer --- indra/llmessage/CMakeLists.txt | 2 + indra/llmessage/llcurl.cpp | 44 +++++++ indra/llmessage/llpacketring.cpp | 60 +++++++++- indra/llmessage/llpacketring.h | 3 + indra/llmessage/llsocks5.cpp | 224 ++++++++++++++++++++++++++++++++++++ indra/llmessage/llsocks5.h | 243 +++++++++++++++++++++++++++++++++++++++ indra/llmessage/net.cpp | 156 +++++++++++++++++++++++++ indra/llmessage/net.h | 5 + 8 files changed, 734 insertions(+), 3 deletions(-) create mode 100644 indra/llmessage/llsocks5.cpp create mode 100644 indra/llmessage/llsocks5.h (limited to 'indra/llmessage') diff --git a/indra/llmessage/CMakeLists.txt b/indra/llmessage/CMakeLists.txt index 1cad0f6d22..8c68d38926 100644 --- a/indra/llmessage/CMakeLists.txt +++ b/indra/llmessage/CMakeLists.txt @@ -74,6 +74,7 @@ set(llmessage_SOURCE_FILES llsdrpcserver.cpp llservicebuilder.cpp llservice.cpp + llsocks5.cpp llstoredmessage.cpp lltemplatemessagebuilder.cpp lltemplatemessagedispatcher.cpp @@ -172,6 +173,7 @@ set(llmessage_HEADER_FILES llsdrpcserver.h llservice.h llservicebuilder.h + llsocks5.h llstoredmessage.h lltaskname.h llteleportflags.h diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index a485fa0160..020c0d6a4a 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -50,6 +50,8 @@ #include "llsdserialize.h" #include "llthread.h" +#include "llsocks5.h" + ////////////////////////////////////////////////////////////////////////////// /* The trick to getting curl to do keep-alives is to reuse the @@ -273,6 +275,28 @@ LLCurl::Easy* LLCurl::Easy::getEasy() // set no DMS caching as default for all easy handles. This prevents them adopting a // multi handles cache if they are added to one. curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_DNS_CACHE_TIMEOUT, 0); + + //Set the CURL options for either Socks or HTTP proxy + if (LLSocks::getInstance()->isHttpProxyEnabled()) + { + std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); + U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); + curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXY,address.c_str()); + curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYPORT,port); + if (LLSocks::getInstance()->getHttpProxyType() == LLPROXY_SOCKS) + { + curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); + if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) + { + curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYUSERPWD,LLSocks::getInstance()->getProxyUserPwd().c_str()); + } + } + else + { + curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); + } + } + ++gCurlEasyCount; return easy; } @@ -446,6 +470,26 @@ void LLCurl::Easy::prepRequest(const std::string& url, // setopt(CURLOPT_VERBOSE, 1); // usefull for debugging setopt(CURLOPT_NOSIGNAL, 1); + if (LLSocks::getInstance()->isHttpProxyEnabled()) + { + std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); + U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); + setoptString(CURLOPT_PROXY, address.c_str()); + setopt(CURLOPT_PROXYPORT, port); + if (LLSocks::getInstance()->getHttpProxyType() == LLPROXY_SOCKS) + { + setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); + if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) + { + setoptString(CURLOPT_PROXYUSERPWD,LLSocks::getInstance()->getProxyUserPwd()); + } + } + else + { + setopt(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); + } + } + mOutput.reset(new LLBufferArray); setopt(CURLOPT_WRITEFUNCTION, (void*)&curlWriteCallback); setopt(CURLOPT_WRITEDATA, (void*)this); diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index 8999dec64a..0c8c5f763c 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -35,6 +35,17 @@ #include "llrand.h" #include "u64.h" +#include "llsocks5.h" +#include "message.h" + +#if LL_WINDOWS + #include +#else + #include + #include +#endif + + /////////////////////////////////////////////////////////// LLPacketRing::LLPacketRing () : mUseInThrottle(FALSE), @@ -216,8 +227,31 @@ S32 LLPacketRing::receivePacket (S32 socket, char *datap) else { // no delay, pull straight from net + if (LLSocks::isEnabled()) + { + U8 buffer[MAX_BUFFER_SIZE]; + packet_size = receive_packet(socket, (char*)buffer); + + if (packet_size > 10) + { + memcpy(datap,buffer+10,packet_size-10); + } + else + { + packet_size=0; + } + + proxywrap_t * header; + header = (proxywrap_t *)buffer; + mLastSender.setAddress(header->addr); + mLastSender.setPort(ntohs(header->port)); + } + else + { packet_size = receive_packet(socket, datap); mLastSender = ::get_sender(); + } + mLastReceivingIF = ::get_receiving_interface(); if (packet_size) // did we actually get a packet? @@ -243,7 +277,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL BOOL status = TRUE; if (!mUseOutThrottle) { - return send_packet(h_socket, send_buffer, buf_size, host.getAddress(), host.getPort() ); + return doSendPacket(h_socket, send_buffer, buf_size, host ); } else { @@ -264,7 +298,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL mOutBufferLength -= packetp->getSize(); packet_size = packetp->getSize(); - status = send_packet(h_socket, packetp->getData(), packet_size, packetp->getHost().getAddress(), packetp->getHost().getPort()); + status = doSendPacket(h_socket, packetp->getData(), packet_size, packetp->getHost()); delete packetp; // Update the throttle @@ -273,7 +307,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL else { // If the queue's empty, we can just send this packet right away. - status = send_packet(h_socket, send_buffer, buf_size, host.getAddress(), host.getPort() ); + status = doSendPacket(h_socket, send_buffer, buf_size, host ); packet_size = buf_size; // Update the throttle @@ -311,3 +345,23 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL return status; } + +BOOL LLPacketRing::doSendPacket(int h_socket, const char * send_buffer, S32 buf_size, LLHost host) +{ + + if (!LLSocks::isEnabled()) + { + return send_packet(h_socket, send_buffer, buf_size, host.getAddress(), host.getPort()); + } + + proxywrap_t *socks_header = (proxywrap_t *)&mProxyWrappedSendBuffer; + socks_header->rsv = 0; + socks_header->addr = host.getAddress(); + socks_header->port = htons(host.getPort()); + socks_header->atype = ADDRESS_IPV4; + socks_header->frag = 0; + + memcpy(mProxyWrappedSendBuffer+10, send_buffer, buf_size); + + return send_packet(h_socket,(const char*) mProxyWrappedSendBuffer, buf_size+10, LLSocks::getInstance()->getUDPProxy().getAddress(), LLSocks::getInstance()->getUDPProxy().getPort()); +} diff --git a/indra/llmessage/llpacketring.h b/indra/llmessage/llpacketring.h index e6409d2048..2fe2f8e1e9 100644 --- a/indra/llmessage/llpacketring.h +++ b/indra/llmessage/llpacketring.h @@ -82,6 +82,9 @@ protected: LLHost mLastSender; LLHost mLastReceivingIF; + + BOOL doSendPacket(int h_socket, const char * send_buffer, S32 buf_size, LLHost host); + U8 mProxyWrappedSendBuffer[NET_BUFFER_SIZE]; }; diff --git a/indra/llmessage/llsocks5.cpp b/indra/llmessage/llsocks5.cpp new file mode 100644 index 0000000000..1f458a007c --- /dev/null +++ b/indra/llmessage/llsocks5.cpp @@ -0,0 +1,224 @@ +/** + * @file llsocks5.cpp + * @brief Socks 5 implementation + * + * $LicenseInfo:firstyear=2000&license=viewergpl$ + * + * Copyright (c) 2000-2009, Linden Research, Inc. + * + * Second Life Viewer Source Code + * The source code in this file ("Source Code") is provided by Linden Lab + * to you under the terms of the GNU General Public License, version 2.0 + * ("GPL"), unless you have obtained a separate licensing agreement + * ("Other License"), formally executed by you and Linden Lab. Terms of + * the GPL can be found in doc/GPL-license.txt in this distribution, or + * online at http://secondlifegrid.net/programs/open_source/licensing/gplv2 + * + * There are special exceptions to the terms and conditions of the GPL as + * it is applied to this Source Code. View the full text of the exception + * in the file doc/FLOSS-exception.txt in this software distribution, or + * online at + * http://secondlifegrid.net/programs/open_source/licensing/flossexception + * + * By copying, modifying or distributing this software, you acknowledge + * that you have read and understood your obligations described above, + * and agree to abide by those obligations. + * + * ALL LINDEN LAB SOURCE CODE IS PROVIDED "AS IS." LINDEN LAB MAKES NO + * WARRANTIES, EXPRESS, IMPLIED OR OTHERWISE, REGARDING ITS ACCURACY, + * COMPLETENESS OR PERFORMANCE. + * $/LicenseInfo$ + */ + +#include + +#include "linden_common.h" +#include "net.h" +#include "llhost.h" +#include "message.h" +#include "llsocks5.h" + +// Static class variable instances + +// We want this to be static to avoid excessive indirection on every +// incomming packet just to do a simple bool test. The getter for this +// member is also static +bool LLSocks::sUdpProxyEnabled; +bool LLSocks::sHttpProxyEnabled; + +LLSocks::LLSocks() +{ + sUdpProxyEnabled = false; + sHttpProxyEnabled = false; + hProxyControlChannel = 0; + mProxyType = LLPROXY_SOCKS; +} + +// Perform a Socks5 authentication and UDP assioacation to the proxy +// specified by proxy, and assiocate UDP port message_port +int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) +{ + int result; + + /* Socks 5 Auth request */ + socks_auth_request_t socks_auth_request; + socks_auth_response_t socks_auth_response; + + socks_auth_request.version = SOCKS_VERSION; // Socks version 5 + socks_auth_request.num_methods = 1; // Sending 1 method + socks_auth_request.methods = mAuthMethodSelected; // send only the selected metho + + result = tcp_handshake(hProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request_t), (char*)&socks_auth_response, sizeof(socks_auth_response_t)); + if (result != 0) + { + llwarns << "Socks authentication request failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) + { + llwarns << "Socks5 server refused all our authentication methods" << llendl; + stopProxy(); + return SOCKS_NOT_ACCEPTABLE; + } + + // SOCKS5 USERNAME/PASSWORD authentication + if (socks_auth_response.method == METHOD_PASSWORD) + { + // The server has requested a username/password combination + U32 request_size = mSocksUsername.size() + mSocksPassword.size() + 3; + char * password_auth = (char *)malloc(request_size); + password_auth[0] = 0x01; + password_auth[1] = mSocksUsername.size(); + memcpy(&password_auth[2],mSocksUsername.c_str(), mSocksUsername.size()); + password_auth[mSocksUsername.size()+2] = mSocksPassword.size(); + memcpy(&password_auth[mSocksUsername.size()+3], mSocksPassword.c_str(), mSocksPassword.size()); + + authmethod_password_reply_t password_reply; + + result = tcp_handshake(hProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(authmethod_password_reply_t)); + free (password_auth); + + if (result != 0) + { + llwarns << "Socks authentication failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (password_reply.status != AUTH_SUCCESS) + { + llwarns << "Socks authentication failed" << llendl; + stopProxy(); + return SOCKS_AUTH_FAIL; + } + } + + /* SOCKS5 connect request */ + + socks_command_request_t connect_request; + socks_command_response_t connect_reply; + + connect_request.version = SOCKS_VERSION; //Socks V5 + connect_request.command = COMMAND_UDP_ASSOCIATE; // Associate UDP + connect_request.flag = FIELD_RESERVED; + connect_request.atype = ADDRESS_IPV4; + connect_request.address = 0; // 0.0.0.0 We are not fussy about address + // UDP is promiscious receive for our protocol + connect_request.port = 0; // Port must be 0 if you ever want to connect via NAT and your router does port rewrite for you + + result = tcp_handshake(hProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); + if (result != 0) + { + llwarns << "Socks connect request failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (connect_reply.reply != REPLY_REQUEST_GRANTED) + { + //Something went wrong + llwarns << "Connection to SOCKS5 server failed, UDP forward request not granted" << llendl; + stopProxy(); + return SOCKS_UDP_FWD_NOT_GRANTED; + } + + mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order + mUDPProxy.setAddress(proxy.getAddress()); + // All good now we have been given the UDP port to send requests that need forwarding. + llinfos << "Socks 5 UDP proxy connected on " << mUDPProxy << llendl; + return SOCKS_OK; +} + +int LLSocks::startProxy(LLHost proxy, U32 message_port) +{ + int status; + + mTCPProxy = proxy; + + if (hProxyControlChannel) + { + tcp_close_channel(hProxyControlChannel); + hProxyControlChannel=0; + } + + hProxyControlChannel = tcp_open_channel(proxy); + if (hProxyControlChannel == -1) + { + return SOCKS_HOST_CONNECT_FAILED; + } + + status = proxyHandshake(proxy, message_port); + if (status == SOCKS_OK) + { + sUdpProxyEnabled=true; + } + return status; +} + +int LLSocks::startProxy(std::string host, U32 port) +{ + mTCPProxy.setHostByName(host); + mTCPProxy.setPort(port); + return startProxy(mTCPProxy, (U32)gMessageSystem->mPort); +} + +void LLSocks::stopProxy() +{ + sUdpProxyEnabled = false; + + // If the Socks proxy is requested to stop and we are using that for http as well + // then we must shut down any http proxy operations. But it is allowable if web + // proxy is being used to continue proxying http. + + if(LLPROXY_SOCKS == mProxyType) + { + sHttpProxyEnabled = false; + } + + if (hProxyControlChannel) + { + tcp_close_channel(hProxyControlChannel); + hProxyControlChannel=0; + } +} + +void LLSocks::setAuthNone() +{ + mAuthMethodSelected = METHOD_NOAUTH; +} + +void LLSocks::setAuthPassword(std::string username, std::string password) +{ + mAuthMethodSelected = METHOD_PASSWORD; + mSocksUsername = username; + mSocksPassword = password; +} + +void LLSocks::EnableHttpProxy(LLHost httpHost, LLHttpProxyType type) +{ + sHttpProxyEnabled = true; + mHTTPProxy = httpHost; + mProxyType = type; +} diff --git a/indra/llmessage/llsocks5.h b/indra/llmessage/llsocks5.h new file mode 100644 index 0000000000..83e311a962 --- /dev/null +++ b/indra/llmessage/llsocks5.h @@ -0,0 +1,243 @@ +/** + * @file llsocks5.h + * @brief Socks 5 implementation + * + * $LicenseInfo:firstyear=2001&license=viewergpl$ + * + * Copyright (c) 2001-2009, Linden Research, Inc. + * + * Second Life Viewer Source Code + * The source code in this file ("Source Code") is provided by Linden Lab + * to you under the terms of the GNU General Public License, version 2.0 + * ("GPL"), unless you have obtained a separate licensing agreement + * ("Other License"), formally executed by you and Linden Lab. Terms of + * the GPL can be found in doc/GPL-license.txt in this distribution, or + * online at http://secondlifegrid.net/programs/open_source/licensing/gplv2 + * + * There are special exceptions to the terms and conditions of the GPL as + * it is applied to this Source Code. View the full text of the exception + * in the file doc/FLOSS-exception.txt in this software distribution, or + * online at + * http://secondlifegrid.net/programs/open_source/licensing/flossexception + * + * By copying, modifying or distributing this software, you acknowledge + * that you have read and understood your obligations described above, + * and agree to abide by those obligations. + * + * ALL LINDEN LAB SOURCE CODE IS PROVIDED "AS IS." LINDEN LAB MAKES NO + * WARRANTIES, EXPRESS, IMPLIED OR OTHERWISE, REGARDING ITS ACCURACY, + * COMPLETENESS OR PERFORMANCE. + * $/LicenseInfo$ + */ + +#ifndef LL_SOCKS5_H +#define LL_SOCKS5_H + +#include "llhost.h" +#include "llmemory.h" +#include "llsingleton.h" +#include + +// Error codes returned from the StartProxy method + +#define SOCKS_OK 0 +#define SOCKS_CONNECT_ERROR -1 +#define SOCKS_NOT_PERMITTED -2 +#define SOCKS_NOT_ACCEPTABLE -3 +#define SOCKS_AUTH_FAIL -4 +#define SOCKS_UDP_FWD_NOT_GRANTED -5 +#define SOCKS_HOST_CONNECT_FAILED -6 + +#ifndef MAXHOSTNAMELEN +#define MAXHOSTNAMELEN (255 + 1) /* socks5: 255, +1 for len. */ +#endif + +#define SOCKS_VERSION 0x05 // we are using socks 5 + +// socks 5 address/hostname types +#define ADDRESS_IPV4 0x01 +#define ADDRESS_HOSTNAME 0x03 +#define ADDRESS_IPV6 0x04 + +// Lets just use our own ipv4 struct rather than dragging in system +// specific headers +union ipv4_address_t { + unsigned char octects[4]; + U32 addr32; +}; + +// Socks 5 control channel commands +#define COMMAND_TCP_STREAM 0x01 +#define COMMAND_TCP_BIND 0x02 +#define COMMAND_UDP_ASSOCIATE 0x03 + +// Socks 5 command replys +#define REPLY_REQUEST_GRANTED 0x00 +#define REPLY_GENERAL_FAIL 0x01 +#define REPLY_RULESET_FAIL 0x02 +#define REPLY_NETWORK_UNREACHABLE 0x03 +#define REPLY_HOST_UNREACHABLE 0x04 +#define REPLY_CONNECTION_REFUSED 0x05 +#define REPLY_TTL_EXPIRED 0x06 +#define REPLY_PROTOCOL_ERROR 0x07 +#define REPLY_TYPE_NOT_SUPPORTED 0x08 + +#define FIELD_RESERVED 0x00 + +// The standard socks5 request packet +// Push current alignment to stack and set alignment to 1 byte boundary +// This enabled us to use structs directly to set up and receive network packets +// into the correct fields, without fear of boundary alignment causing issues +#pragma pack(push,1) + +// Socks5 command packet +struct socks_command_request_t { + unsigned char version; + unsigned char command; + unsigned char flag; + unsigned char atype; + U32 address; + U16 port; +}; + +// Standard socks5 reply packet +struct socks_command_response_t { + unsigned char version; + unsigned char reply; + unsigned char flag; + unsigned char atype; + unsigned char add_bytes[4]; + U16 port; +}; + +#define AUTH_NOT_ACCEPTABLE 0xFF // reply if prefered methods are not avaiable +#define AUTH_SUCCESS 0x00 // reply if authentication successfull + +// socks 5 authentication request, stating which methods the client supports +struct socks_auth_request_t { + unsigned char version; + unsigned char num_methods; + unsigned char methods; // We are only using a single method currently +}; + +// socks 5 authentication response packet, stating server prefered method +struct socks_auth_response_t { + unsigned char version; + unsigned char method; +}; + +// socks 5 password reply packet +struct authmethod_password_reply_t { + unsigned char version; + unsigned char status; +}; + +// socks 5 UDP packet header +struct proxywrap_t { + U16 rsv; + U8 frag; + U8 atype; + U32 addr; + U16 port; +}; + +#pragma pack(pop) /* restore original alignment from stack */ + + +// Currently selected http proxy type +enum LLHttpProxyType +{ + LLPROXY_SOCKS = 0, + LLPROXY_HTTP = 1 +}; + +// Auth types +enum LLSocks5AuthType +{ + METHOD_NOAUTH = 0x00, // Client supports no auth + METHOD_GSSAPI = 0x01, // Client supports GSSAPI (Not currently supported) + METHOD_PASSWORD = 0x02 // Client supports username/password +}; + +class LLSocks: public LLSingleton +{ +public: + LLSocks(); + + // Start a connection to the socks 5 proxy + int startProxy(std::string host,U32 port); + int startProxy(LLHost proxy,U32 messagePort); + + // Disconnect and clean up any connection to the socks 5 proxy + void stopProxy(); + + // Set up to use Password auth when connecting to the socks proxy + void setAuthPassword(std::string username,std::string password); + + // Set up to use No Auth when connecting to the socks proxy; + void setAuthNone(); + + // get the currently selected auth method + LLSocks5AuthType getSelectedAuthMethod() { return mAuthMethodSelected; }; + + // static check for enabled status for UDP packets + static bool isEnabled(){return sUdpProxyEnabled;}; + + // static check for enabled status for http packets + static bool isHttpProxyEnabled(){return sHttpProxyEnabled;}; + + // Proxy http packets via httpHost, which can be a Socks5 or a http proxy + // as specified in type + void EnableHttpProxy(LLHost httpHost,LLHttpProxyType type); + + // Stop proxying http packets + void DisableHttpProxy() {sHttpProxyEnabled = false;}; + + // get the UDP proxy address and port + LLHost getUDPProxy(){return mUDPProxy;}; + + // get the socks 5 TCP control channel address and port + LLHost getTCPProxy(){return mTCPProxy;}; + + //get the http proxy address and port + LLHost getHTTPProxy(){return mHTTPProxy;}; + + // get the currently selected http proxy type + LLHttpProxyType getHttpProxyType(){return mProxyType;}; + + //Get the username password in a curl compatible format + std::string getProxyUserPwd(){ return (mSocksUsername + ":" + mSocksPassword);}; + +private: + + // Open a communication channel to the socks5 proxy proxy, at port messagePort + int proxyHandshake(LLHost proxy,U32 messagePort); + + // socket handle to proxy tcp control channel + S32 hProxyControlChannel; + + // is the UDP proxy enabled + static bool sUdpProxyEnabled; + // is the http proxy enabled + static bool sHttpProxyEnabled; + + // currently selected http proxy type + LLHttpProxyType mProxyType; + + // UDP proxy address and port + LLHost mUDPProxy; + // TCP Proxy control channel address and port + LLHost mTCPProxy; + // HTTP proxy address and port + LLHost mHTTPProxy; + + // socks 5 auth method selected + LLSocks5AuthType mAuthMethodSelected; + + // socks 5 username + std::string mSocksUsername; + // socks 5 password + std::string mSocksPassword; +}; + +#endif diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index 97611c3b51..ab5c1950c6 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -50,6 +50,7 @@ #include "lltimer.h" #include "indra_constants.h" +#include "llsocks5.h" // Globals #if LL_WINDOWS @@ -189,6 +190,90 @@ U32 ip_string_to_u32(const char* ip_string) #if LL_WINDOWS +int tcp_handshake(S32 handle, char * dataout, int outlen, char * datain, int maxinlen) +{ + int result; + result = send(handle, dataout, outlen, 0); + if (result != outlen) + { + S32 err = WSAGetLastError(); + llwarns << "Error sending data to proxy control channel, number of bytes sent were " << result << " error code was " << err << llendl; + return -1; + } + + result = recv(handle, datain, maxinlen, 0); + if (result != maxinlen) + { + S32 err = WSAGetLastError(); + llwarns << "Error receiving data from proxy control channel, number of bytes received were " << result << " error code was " << err << llendl; + return -1; + } + + return 0; +} + +S32 tcp_open_channel(LLHost host) +{ + // Open a TCP channel + // Jump through some hoops to ensure that if the request hosts is down + // or not reachable connect() does not block + + S32 handle; + handle = socket(AF_INET, SOCK_STREAM, 0); + if (!handle) + { + llwarns << "Error opening TCP control socket, socket() returned " << handle << llendl; + return -1; + } + + struct sockaddr_in address; + address.sin_port = htons(host.getPort()); + address.sin_family = AF_INET; + address.sin_addr.s_addr = host.getAddress(); + + // Non blocking + WSAEVENT hEvent=WSACreateEvent(); + WSAEventSelect(handle, hEvent, FD_CONNECT) ; + connect(handle, (struct sockaddr*)&address, sizeof(address)) ; + // Wait fot 5 seconds, if we can't get a TCP channel open in this + // time frame then there is something badly wrong. + WaitForSingleObject(hEvent, 1000*5); // 5 seconds time out + + WSANETWORKEVENTS netevents; + WSAEnumNetworkEvents(handle,hEvent,&netevents); + + // Check the async event status to see if we connected + if ((netevents.lNetworkEvents & FD_CONNECT) == FD_CONNECT) + { + if (netevents.iErrorCode[FD_CONNECT_BIT] != 0) + { + llwarns << "Unable to open TCP channel, WSA returned an error code of " << netevents.iErrorCode[FD_CONNECT_BIT] << llendl; + WSACloseEvent(hEvent); + return -1; + } + + // Now we are connected disable non blocking + // we don't need support an async interface as + // currently our only consumer (socks5) will make one round + // of packets then just hold the connection open + WSAEventSelect(handle, hEvent, NULL) ; + unsigned long NonBlock = 0; + ioctlsocket(handle, FIONBIO, &NonBlock); + + return handle; + } + + llwarns << "Unable to open TCP channel, Timeout is the host up?" << netevents.iErrorCode[FD_CONNECT_BIT] << llendl; + return -1; +} + +void tcp_close_channel(S32 handle) +{ + llinfos << "Closing TCP channel" << llendl; + shutdown(handle, SD_BOTH); + closesocket(handle); +} + S32 start_net(S32& socket_out, int& nPort) { // Create socket, make non-blocking @@ -385,6 +470,77 @@ BOOL send_packet(int hSocket, const char *sendBuffer, int size, U32 recipient, i #else + +int tcp_handshake(S32 handle, char * dataout, int outlen, char * datain, int maxinlen) +{ + if (send(handle, dataout, outlen, 0) != outlen) + { + llwarns << "Error sending data to proxy control channel" << llendl; + return -1; + } + + if (recv(handle, datain, maxinlen, 0) != maxinlen) + { + llwarns << "Error receiving data to proxy control channel" << llendl; + return -1; + } + + return 0; +} + +S32 tcp_open_channel(LLHost host) +{ + S32 handle; + handle = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + if (!handle) + { + llwarns << "Error opening TCP control socket, socket() returned " << handle << llendl; + return -1; + } + + struct sockaddr_in address; + address.sin_port = htons(host.getPort()); + address.sin_family = AF_INET; + address.sin_addr.s_addr = host.getAddress(); + + // Set the socket to non blocking for the connect() + int flags = fcntl(handle, F_GETFL, 0); + fcntl(handle, F_SETFL, flags | O_NONBLOCK); + + S32 error = connect(handle, (sockaddr*)&address, sizeof(address)); + if (error && (errno != EINPROGRESS)) + { + llwarns << "Unable to open TCP channel, error code: " << errno << llendl; + return -1; + } + + struct timeval timeout; + timeout.tv_sec = 5; // Maximum time to wait for the connect() to complete + timeout.tv_usec = 0; + fd_set fds; + FD_ZERO(&fds); + FD_SET(handle, &fds); + + // See if we have connectde or time out after 5 seconds + U32 rc = select(sizeof(fds)*8, NULL, &fds, NULL, &timeout); + + if (rc != 1) // we require exactly one descriptor to be set + { + llwarns << "Unable to open TCP channel" << llendl; + return -1; + } + + // Return the socket to blocking operations + fcntl(handle, F_SETFL, flags); + + return handle; +} + +void tcp_close_channel(S32 handle) +{ + close(handle); +} + // Create socket, make non-blocking S32 start_net(S32& socket_out, int& nPort) { diff --git a/indra/llmessage/net.h b/indra/llmessage/net.h index 9f4f5c5821..d93ed20c98 100644 --- a/indra/llmessage/net.h +++ b/indra/llmessage/net.h @@ -52,6 +52,11 @@ U32 get_sender_ip(void); LLHost get_receiving_interface(); U32 get_receiving_interface_ip(void); +// Some helpful tcp functions added for the socks 5 proxy support +S32 tcp_open_channel(LLHost host); // Open a tcp channel to a given host +void tcp_close_channel(S32 handle); // Close an open tcp channel +int tcp_handshake(S32 handle, char * dataout, int outlen, char * datain, int maxinlen); // Do a TCP data handshake + const char* u32_to_ip_string(U32 ip); // Returns pointer to internal string buffer, "(bad IP addr)" on failure, cannot nest calls char* u32_to_ip_string(U32 ip, char *ip_string); // NULL on failure, ip_string on success, you must allocate at least MAXADDRSTR chars U32 ip_string_to_u32(const char* ip_string); // Wrapper for inet_addr() -- cgit v1.2.3 From 1213e5d3548a111a39b6556c6178fc4bc655d367 Mon Sep 17 00:00:00 2001 From: Xiaohong Bao Date: Mon, 4 Apr 2011 14:40:32 -0600 Subject: fix a crash inherited from viewer-development --- indra/llmessage/llavatarnamecache.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llavatarnamecache.cpp b/indra/llmessage/llavatarnamecache.cpp index 767001b633..f6a1aca71b 100644 --- a/indra/llmessage/llavatarnamecache.cpp +++ b/indra/llmessage/llavatarnamecache.cpp @@ -561,7 +561,7 @@ void LLAvatarNameCache::eraseUnrefreshed() const LLAvatarName& av_name = cur->second; if (av_name.mExpires < max_unrefreshed) { - const LLUUID& agent_id = it->first; + const LLUUID& agent_id = cur->first; LL_DEBUGS("AvNameCache") << agent_id << " user '" << av_name.mUsername << "' " << "expired " << now - av_name.mExpires << " secs ago" -- cgit v1.2.3 From 9bfae21706288802f94d642eb252ac78b4d9e85c Mon Sep 17 00:00:00 2001 From: Dave SIMmONs Date: Mon, 2 May 2011 16:35:55 -0700 Subject: ER-858: Add viewer checkbox to toggle parcel privacy settings. Reviewed by Kelly --- indra/llmessage/message_prehash.cpp | 1 + indra/llmessage/message_prehash.h | 1 + 2 files changed, 2 insertions(+) (limited to 'indra/llmessage') diff --git a/indra/llmessage/message_prehash.cpp b/indra/llmessage/message_prehash.cpp index 5d03615e53..020ece5414 100644 --- a/indra/llmessage/message_prehash.cpp +++ b/indra/llmessage/message_prehash.cpp @@ -1375,3 +1375,4 @@ char const* const _PREHASH_VCoord = LLMessageStringTable::getInstance()->getStri char const* const _PREHASH_FaceIndex = LLMessageStringTable::getInstance()->getString("FaceIndex"); char const* const _PREHASH_StatusData = LLMessageStringTable::getInstance()->getString("StatusData"); char const* const _PREHASH_ProductSKU = LLMessageStringTable::getInstance()->getString("ProductSKU"); +char const* const _PREHASH_Privacy = LLMessageStringTable::getInstance()->getString("Privacy"); diff --git a/indra/llmessage/message_prehash.h b/indra/llmessage/message_prehash.h index 8dc86601e6..32bf882d90 100644 --- a/indra/llmessage/message_prehash.h +++ b/indra/llmessage/message_prehash.h @@ -1375,4 +1375,5 @@ extern char const* const _PREHASH_VCoord; extern char const* const _PREHASH_FaceIndex; extern char const* const _PREHASH_StatusData; extern char const* const _PREHASH_ProductSKU; +extern char const* const _PREHASH_Privacy; #endif -- cgit v1.2.3 From 50393788693578a2fe3a934faa04b382d75f1657 Mon Sep 17 00:00:00 2001 From: Dave SIMmONs Date: Thu, 9 Jun 2011 13:46:19 -0700 Subject: ER-910: Parcel Privacy. Rename things in code to reflect feature name change to "hidden avatars" --- indra/llmessage/message_prehash.cpp | 2 +- indra/llmessage/message_prehash.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/message_prehash.cpp b/indra/llmessage/message_prehash.cpp index 020ece5414..1248436f16 100644 --- a/indra/llmessage/message_prehash.cpp +++ b/indra/llmessage/message_prehash.cpp @@ -1375,4 +1375,4 @@ char const* const _PREHASH_VCoord = LLMessageStringTable::getInstance()->getStri char const* const _PREHASH_FaceIndex = LLMessageStringTable::getInstance()->getString("FaceIndex"); char const* const _PREHASH_StatusData = LLMessageStringTable::getInstance()->getString("StatusData"); char const* const _PREHASH_ProductSKU = LLMessageStringTable::getInstance()->getString("ProductSKU"); -char const* const _PREHASH_Privacy = LLMessageStringTable::getInstance()->getString("Privacy"); +char const* const _PREHASH_HiddenAVs = LLMessageStringTable::getInstance()->getString("HiddenAVs"); diff --git a/indra/llmessage/message_prehash.h b/indra/llmessage/message_prehash.h index 32bf882d90..f871caa3df 100644 --- a/indra/llmessage/message_prehash.h +++ b/indra/llmessage/message_prehash.h @@ -1375,5 +1375,5 @@ extern char const* const _PREHASH_VCoord; extern char const* const _PREHASH_FaceIndex; extern char const* const _PREHASH_StatusData; extern char const* const _PREHASH_ProductSKU; -extern char const* const _PREHASH_Privacy; +extern char const* const _PREHASH_HiddenAVs; #endif -- cgit v1.2.3 From 6ce2c20a06e32825f4e4260575059a9867510ecd Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Fri, 10 Jun 2011 17:34:00 -0400 Subject: STORM-1112 First pass at cleanup of SOCKS 5 proxy code based on Linden Coding Standard and comments in the code review. --- indra/llmessage/llpacketring.cpp | 23 +-- indra/llmessage/llsocks5.cpp | 295 ++++++++++++++++++++------------------- indra/llmessage/llsocks5.h | 184 ++++++++++++------------ indra/llmessage/net.cpp | 61 ++++---- indra/llmessage/net.h | 4 +- 5 files changed, 288 insertions(+), 279 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index 0c8c5f763c..62aaca0672 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -28,22 +28,26 @@ #include "llpacketring.h" +#if LL_WINDOWS + #include +#else + #include + #include +#endif + // linden library includes #include "llerror.h" +#include "message.h" +#include "llsocks5.h" #include "lltimer.h" #include "timing.h" #include "llrand.h" #include "u64.h" -#include "llsocks5.h" -#include "message.h" -#if LL_WINDOWS - #include -#else - #include - #include -#endif + + + /////////////////////////////////////////////////////////// @@ -241,8 +245,7 @@ S32 LLPacketRing::receivePacket (S32 socket, char *datap) packet_size=0; } - proxywrap_t * header; - header = (proxywrap_t *)buffer; + proxywrap_t * header = (proxywrap_t *)buffer; mLastSender.setAddress(header->addr); mLastSender.setPort(ntohs(header->port)); } diff --git a/indra/llmessage/llsocks5.cpp b/indra/llmessage/llsocks5.cpp index 8a63287f22..7eac27d4bb 100644 --- a/indra/llmessage/llsocks5.cpp +++ b/indra/llmessage/llsocks5.cpp @@ -35,184 +35,185 @@ // Static class variable instances // We want this to be static to avoid excessive indirection on every -// incomming packet just to do a simple bool test. The getter for this +// incoming packet just to do a simple bool test. The getter for this // member is also static bool LLSocks::sUdpProxyEnabled; bool LLSocks::sHttpProxyEnabled; LLSocks::LLSocks() { - sUdpProxyEnabled = false; - sHttpProxyEnabled = false; - hProxyControlChannel = 0; - mProxyType = LLPROXY_SOCKS; + sUdpProxyEnabled = false; + sHttpProxyEnabled = false; + mProxyControlChannel = 0; + mProxyType = LLPROXY_SOCKS; } -// Perform a Socks5 authentication and UDP assioacation to the proxy -// specified by proxy, and assiocate UDP port message_port +// Perform a Socks5 authentication and UDP association to the proxy +// specified by proxy, and associate UDP port message_port int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) { - int result; - - /* Socks 5 Auth request */ - socks_auth_request_t socks_auth_request; - socks_auth_response_t socks_auth_response; - - socks_auth_request.version = SOCKS_VERSION; // Socks version 5 - socks_auth_request.num_methods = 1; // Sending 1 method - socks_auth_request.methods = mAuthMethodSelected; // send only the selected metho - - result = tcp_handshake(hProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request_t), (char*)&socks_auth_response, sizeof(socks_auth_response_t)); - if (result != 0) - { - llwarns << "Socks authentication request failed, error on TCP control channel : " << result << llendl; - stopProxy(); - return SOCKS_CONNECT_ERROR; - } - - if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) - { - llwarns << "Socks5 server refused all our authentication methods" << llendl; - stopProxy(); - return SOCKS_NOT_ACCEPTABLE; - } - - // SOCKS5 USERNAME/PASSWORD authentication - if (socks_auth_response.method == METHOD_PASSWORD) - { - // The server has requested a username/password combination - U32 request_size = mSocksUsername.size() + mSocksPassword.size() + 3; - char * password_auth = (char *)malloc(request_size); - password_auth[0] = 0x01; - password_auth[1] = mSocksUsername.size(); - memcpy(&password_auth[2],mSocksUsername.c_str(), mSocksUsername.size()); - password_auth[mSocksUsername.size()+2] = mSocksPassword.size(); - memcpy(&password_auth[mSocksUsername.size()+3], mSocksPassword.c_str(), mSocksPassword.size()); - - authmethod_password_reply_t password_reply; - - result = tcp_handshake(hProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(authmethod_password_reply_t)); - free (password_auth); - - if (result != 0) - { - llwarns << "Socks authentication failed, error on TCP control channel : " << result << llendl; - stopProxy(); - return SOCKS_CONNECT_ERROR; - } - - if (password_reply.status != AUTH_SUCCESS) - { - llwarns << "Socks authentication failed" << llendl; - stopProxy(); - return SOCKS_AUTH_FAIL; - } - } - - /* SOCKS5 connect request */ - - socks_command_request_t connect_request; - socks_command_response_t connect_reply; - - connect_request.version = SOCKS_VERSION; //Socks V5 - connect_request.command = COMMAND_UDP_ASSOCIATE; // Associate UDP - connect_request.flag = FIELD_RESERVED; - connect_request.atype = ADDRESS_IPV4; - connect_request.address = 0; // 0.0.0.0 We are not fussy about address - // UDP is promiscious receive for our protocol - connect_request.port = 0; // Port must be 0 if you ever want to connect via NAT and your router does port rewrite for you - - result = tcp_handshake(hProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); - if (result != 0) - { - llwarns << "Socks connect request failed, error on TCP control channel : " << result << llendl; - stopProxy(); - return SOCKS_CONNECT_ERROR; - } - - if (connect_reply.reply != REPLY_REQUEST_GRANTED) - { - //Something went wrong - llwarns << "Connection to SOCKS5 server failed, UDP forward request not granted" << llendl; - stopProxy(); - return SOCKS_UDP_FWD_NOT_GRANTED; - } - - mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order - mUDPProxy.setAddress(proxy.getAddress()); - // All good now we have been given the UDP port to send requests that need forwarding. - llinfos << "Socks 5 UDP proxy connected on " << mUDPProxy << llendl; - return SOCKS_OK; + int result; + + /* Socks 5 Auth request */ + socks_auth_request_t socks_auth_request; + socks_auth_response_t socks_auth_response; + + socks_auth_request.version = SOCKS_VERSION; // Socks version 5 + socks_auth_request.num_methods = 1; // Sending 1 method + socks_auth_request.methods = mAuthMethodSelected; // send only the selected method + + result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request_t), (char*)&socks_auth_response, sizeof(socks_auth_response_t)); + if (result != 0) + { + llwarns << "Socks authentication request failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) + { + llwarns << "Socks5 server refused all our authentication methods" << llendl; + stopProxy(); + return SOCKS_NOT_ACCEPTABLE; + } + + // SOCKS5 USERNAME/PASSWORD authentication + if (socks_auth_response.method == METHOD_PASSWORD) + { + // The server has requested a username/password combination + U32 request_size = mSocksUsername.size() + mSocksPassword.size() + 3; + // char * password_auth = (char *)malloc(request_size); + char * password_auth = new char[request_size]; + password_auth[0] = 0x01; + password_auth[1] = mSocksUsername.size(); + memcpy(&password_auth[2], mSocksUsername.c_str(), mSocksUsername.size()); + password_auth[mSocksUsername.size()+2] = mSocksPassword.size(); + memcpy(&password_auth[mSocksUsername.size()+3], mSocksPassword.c_str(), mSocksPassword.size()); + + authmethod_password_reply_t password_reply; + + result = tcp_handshake(mProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(authmethod_password_reply_t)); + delete[] password_auth; + + if (result != 0) + { + llwarns << "Socks authentication failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (password_reply.status != AUTH_SUCCESS) + { + llwarns << "Socks authentication failed" << llendl; + stopProxy(); + return SOCKS_AUTH_FAIL; + } + } + + /* SOCKS5 connect request */ + + socks_command_request_t connect_request; + socks_command_response_t connect_reply; + + connect_request.version = SOCKS_VERSION; //Socks V5 + connect_request.command = COMMAND_UDP_ASSOCIATE; // Associate UDP + connect_request.flag = FIELD_RESERVED; + connect_request.atype = ADDRESS_IPV4; + connect_request.address = 0; // 0.0.0.0 We are not fussy about address + // UDP is promiscuous receive for our protocol + connect_request.port = 0; // Port must be 0 if you ever want to connect via NAT and your router does port rewrite for you + + result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); + if (result != 0) + { + llwarns << "Socks connect request failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (connect_reply.reply != REPLY_REQUEST_GRANTED) + { + //Something went wrong + llwarns << "Connection to SOCKS5 server failed, UDP forward request not granted" << llendl; + stopProxy(); + return SOCKS_UDP_FWD_NOT_GRANTED; + } + + mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order + mUDPProxy.setAddress(proxy.getAddress()); + // All good now we have been given the UDP port to send requests that need forwarding. + llinfos << "Socks 5 UDP proxy connected on " << mUDPProxy << llendl; + return SOCKS_OK; } int LLSocks::startProxy(LLHost proxy, U32 message_port) { - int status; - - mTCPProxy = proxy; - - if (hProxyControlChannel) - { - tcp_close_channel(hProxyControlChannel); - hProxyControlChannel=0; - } - - hProxyControlChannel = tcp_open_channel(proxy); - if (hProxyControlChannel == -1) - { - return SOCKS_HOST_CONNECT_FAILED; - } - - status = proxyHandshake(proxy, message_port); - if (status == SOCKS_OK) - { - sUdpProxyEnabled=true; - } - return status; + int status; + + mTCPProxy = proxy; + + if (mProxyControlChannel) + { + tcp_close_channel(mProxyControlChannel); + mProxyControlChannel = 0; + } + + mProxyControlChannel = tcp_open_channel(proxy); + if (mProxyControlChannel == -1) + { + return SOCKS_HOST_CONNECT_FAILED; + } + + status = proxyHandshake(proxy, message_port); + if (status == SOCKS_OK) + { + sUdpProxyEnabled = true; + } + return status; } int LLSocks::startProxy(std::string host, U32 port) { - mTCPProxy.setHostByName(host); - mTCPProxy.setPort(port); - return startProxy(mTCPProxy, (U32)gMessageSystem->mPort); + mTCPProxy.setHostByName(host); + mTCPProxy.setPort(port); + return startProxy(mTCPProxy, (U32)gMessageSystem->mPort); } void LLSocks::stopProxy() { - sUdpProxyEnabled = false; - - // If the Socks proxy is requested to stop and we are using that for http as well - // then we must shut down any http proxy operations. But it is allowable if web - // proxy is being used to continue proxying http. - - if(LLPROXY_SOCKS == mProxyType) - { - sHttpProxyEnabled = false; - } - - if (hProxyControlChannel) - { - tcp_close_channel(hProxyControlChannel); - hProxyControlChannel=0; - } + sUdpProxyEnabled = false; + + // If the Socks proxy is requested to stop and we are using that for http as well + // then we must shut down any http proxy operations. But it is allowable if web + // proxy is being used to continue proxying http. + + if(LLPROXY_SOCKS == mProxyType) + { + sHttpProxyEnabled = false; + } + + if (mProxyControlChannel) + { + tcp_close_channel(mProxyControlChannel); + mProxyControlChannel = 0; + } } void LLSocks::setAuthNone() { - mAuthMethodSelected = METHOD_NOAUTH; + mAuthMethodSelected = METHOD_NOAUTH; } void LLSocks::setAuthPassword(std::string username, std::string password) { - mAuthMethodSelected = METHOD_PASSWORD; - mSocksUsername = username; - mSocksPassword = password; + mAuthMethodSelected = METHOD_PASSWORD; + mSocksUsername = username; + mSocksPassword = password; } -void LLSocks::EnableHttpProxy(LLHost httpHost, LLHttpProxyType type) +void LLSocks::enableHttpProxy(LLHost httpHost, LLHttpProxyType type) { - sHttpProxyEnabled = true; - mHTTPProxy = httpHost; - mProxyType = type; + sHttpProxyEnabled = true; + mHTTPProxy = httpHost; + mProxyType = type; } diff --git a/indra/llmessage/llsocks5.h b/indra/llmessage/llsocks5.h index a78acb8b23..171a933d32 100644 --- a/indra/llmessage/llsocks5.h +++ b/indra/llmessage/llsocks5.h @@ -35,12 +35,12 @@ // Error codes returned from the StartProxy method #define SOCKS_OK 0 -#define SOCKS_CONNECT_ERROR -1 -#define SOCKS_NOT_PERMITTED -2 -#define SOCKS_NOT_ACCEPTABLE -3 -#define SOCKS_AUTH_FAIL -4 -#define SOCKS_UDP_FWD_NOT_GRANTED -5 -#define SOCKS_HOST_CONNECT_FAILED -6 +#define SOCKS_CONNECT_ERROR (-1) +#define SOCKS_NOT_PERMITTED (-2) +#define SOCKS_NOT_ACCEPTABLE (-3) +#define SOCKS_AUTH_FAIL (-4) +#define SOCKS_UDP_FWD_NOT_GRANTED (-5) +#define SOCKS_HOST_CONNECT_FAILED (-6) #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN (255 + 1) /* socks5: 255, +1 for len. */ @@ -56,8 +56,8 @@ // Lets just use our own ipv4 struct rather than dragging in system // specific headers union ipv4_address_t { - unsigned char octects[4]; - U32 addr32; + unsigned char octets[4]; + U32 addr32; }; // Socks 5 control channel commands @@ -86,53 +86,53 @@ union ipv4_address_t { // Socks5 command packet struct socks_command_request_t { - unsigned char version; - unsigned char command; - unsigned char flag; - unsigned char atype; - U32 address; - U16 port; + unsigned char version; + unsigned char command; + unsigned char flag; + unsigned char atype; + U32 address; + U16 port; }; // Standard socks5 reply packet struct socks_command_response_t { - unsigned char version; - unsigned char reply; - unsigned char flag; - unsigned char atype; - unsigned char add_bytes[4]; - U16 port; + unsigned char version; + unsigned char reply; + unsigned char flag; + unsigned char atype; + unsigned char add_bytes[4]; + U16 port; }; -#define AUTH_NOT_ACCEPTABLE 0xFF // reply if prefered methods are not avaiable -#define AUTH_SUCCESS 0x00 // reply if authentication successfull +#define AUTH_NOT_ACCEPTABLE 0xFF // reply if preferred methods are not available +#define AUTH_SUCCESS 0x00 // reply if authentication successful // socks 5 authentication request, stating which methods the client supports struct socks_auth_request_t { - unsigned char version; - unsigned char num_methods; - unsigned char methods; // We are only using a single method currently + unsigned char version; + unsigned char num_methods; + unsigned char methods; // We are only using a single method currently }; // socks 5 authentication response packet, stating server prefered method struct socks_auth_response_t { - unsigned char version; - unsigned char method; + unsigned char version; + unsigned char method; }; // socks 5 password reply packet struct authmethod_password_reply_t { - unsigned char version; - unsigned char status; + unsigned char version; + unsigned char status; }; // socks 5 UDP packet header struct proxywrap_t { - U16 rsv; - U8 frag; - U8 atype; - U32 addr; - U16 port; + U16 rsv; + U8 frag; + U8 atype; + U32 addr; + U16 port; }; #pragma pack(pop) /* restore original alignment from stack */ @@ -141,97 +141,97 @@ struct proxywrap_t { // Currently selected http proxy type enum LLHttpProxyType { - LLPROXY_SOCKS = 0, - LLPROXY_HTTP = 1 + LLPROXY_SOCKS = 0, + LLPROXY_HTTP = 1 }; // Auth types enum LLSocks5AuthType { - METHOD_NOAUTH = 0x00, // Client supports no auth - METHOD_GSSAPI = 0x01, // Client supports GSSAPI (Not currently supported) - METHOD_PASSWORD = 0x02 // Client supports username/password + METHOD_NOAUTH = 0x00, // Client supports no auth + METHOD_GSSAPI = 0x01, // Client supports GSSAPI (Not currently supported) + METHOD_PASSWORD = 0x02 // Client supports username/password }; class LLSocks: public LLSingleton { public: - LLSocks(); + LLSocks(); - // Start a connection to the socks 5 proxy - int startProxy(std::string host,U32 port); - int startProxy(LLHost proxy,U32 messagePort); + // Start a connection to the socks 5 proxy + int startProxy(std::string host,U32 port); + int startProxy(LLHost proxy,U32 messagePort); - // Disconnect and clean up any connection to the socks 5 proxy - void stopProxy(); + // Disconnect and clean up any connection to the socks 5 proxy + void stopProxy(); - // Set up to use Password auth when connecting to the socks proxy - void setAuthPassword(std::string username,std::string password); + // Set up to use Password auth when connecting to the socks proxy + void setAuthPassword(std::string username,std::string password); - // Set up to use No Auth when connecting to the socks proxy; - void setAuthNone(); + // Set up to use No Auth when connecting to the socks proxy + void setAuthNone(); - // get the currently selected auth method - LLSocks5AuthType getSelectedAuthMethod() { return mAuthMethodSelected; }; + // get the currently selected auth method + LLSocks5AuthType getSelectedAuthMethod() const { return mAuthMethodSelected; } - // static check for enabled status for UDP packets - static bool isEnabled(){return sUdpProxyEnabled;}; + // static check for enabled status for UDP packets + static bool isEnabled() { return sUdpProxyEnabled; } - // static check for enabled status for http packets - static bool isHttpProxyEnabled(){return sHttpProxyEnabled;}; + // static check for enabled status for http packets + static bool isHttpProxyEnabled() { return sHttpProxyEnabled; } - // Proxy http packets via httpHost, which can be a Socks5 or a http proxy - // as specified in type - void EnableHttpProxy(LLHost httpHost,LLHttpProxyType type); + // Proxy http packets via httpHost, which can be a Socks5 or a http proxy + // as specified in type + void enableHttpProxy(LLHost httpHost, LLHttpProxyType type); - // Stop proxying http packets - void DisableHttpProxy() {sHttpProxyEnabled = false;}; + // Stop proxying http packets + void disableHttpProxy() { sHttpProxyEnabled = false; }; - // get the UDP proxy address and port - LLHost getUDPProxy(){return mUDPProxy;}; + // Get the UDP proxy address and port + LLHost getUDPProxy() const { return mUDPProxy; } - // get the socks 5 TCP control channel address and port - LLHost getTCPProxy(){return mTCPProxy;}; + // Get the socks 5 TCP control channel address and port + LLHost getTCPProxy() const { return mTCPProxy; } - //get the http proxy address and port - LLHost getHTTPProxy(){return mHTTPProxy;}; + // Get the http proxy address and port + LLHost getHTTPProxy() const { return mHTTPProxy; } - // get the currently selected http proxy type - LLHttpProxyType getHttpProxyType(){return mProxyType;}; + // Get the currently selected http proxy type + LLHttpProxyType getHttpProxyType() const { return mProxyType; } - //Get the username password in a curl compatible format - std::string getProxyUserPwd(){ return (mSocksUsername + ":" + mSocksPassword);}; + // Get the username password in a curl compatible format + std::string getProxyUserPwd() const { return (mSocksUsername + ":" + mSocksPassword); } private: - // Open a communication channel to the socks5 proxy proxy, at port messagePort - int proxyHandshake(LLHost proxy,U32 messagePort); + // Open a communication channel to the socks5 proxy proxy, at port messagePort + int proxyHandshake(LLHost proxy,U32 messagePort); - // socket handle to proxy tcp control channel - S32 hProxyControlChannel; + // socket handle to proxy tcp control channel + S32 mProxyControlChannel; - // is the UDP proxy enabled - static bool sUdpProxyEnabled; - // is the http proxy enabled - static bool sHttpProxyEnabled; + // is the UDP proxy enabled? + static bool sUdpProxyEnabled; + // is the http proxy enabled? + static bool sHttpProxyEnabled; - // currently selected http proxy type - LLHttpProxyType mProxyType; + // currently selected http proxy type + LLHttpProxyType mProxyType; - // UDP proxy address and port - LLHost mUDPProxy; - // TCP Proxy control channel address and port - LLHost mTCPProxy; - // HTTP proxy address and port - LLHost mHTTPProxy; + // UDP proxy address and port + LLHost mUDPProxy; + // TCP Proxy control channel address and port + LLHost mTCPProxy; + // HTTP proxy address and port + LLHost mHTTPProxy; - // socks 5 auth method selected - LLSocks5AuthType mAuthMethodSelected; + // socks 5 auth method selected + LLSocks5AuthType mAuthMethodSelected; - // socks 5 username - std::string mSocksUsername; - // socks 5 password - std::string mSocksPassword; + // socks 5 username + std::string mSocksUsername; + // socks 5 password + std::string mSocksPassword; }; #endif diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index ab5c1950c6..a51d80ff48 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -175,7 +175,7 @@ U32 ip_string_to_u32(const char* ip_string) // use wildcard addresses. -Ambroff U32 ip = inet_addr(ip_string); if (ip == INADDR_NONE - && strncmp(ip_string, BROADCAST_ADDRESS_STRING, MAXADDRSTR) != 0) + && strncmp(ip_string, BROADCAST_ADDRESS_STRING, MAXADDRSTR) != 0) { llwarns << "ip_string_to_u32() failed, Error: Invalid IP string '" << ip_string << "'" << llendl; return INVALID_HOST_IP_ADDRESS; @@ -220,9 +220,10 @@ S32 tcp_open_channel(LLHost host) S32 handle; handle = socket(AF_INET, SOCK_STREAM, 0); - if (!handle) + if (INVALID_SOCKET == handle) { - llwarns << "Error opening TCP control socket, socket() returned " << handle << llendl; + llwarns << "Error opening TCP control socket, socket() returned " + << WSAGetLastError() << ", " << DecodeError(WSAGetLastError()) << llendl; return -1; } @@ -232,15 +233,15 @@ S32 tcp_open_channel(LLHost host) address.sin_addr.s_addr = host.getAddress(); // Non blocking - WSAEVENT hEvent=WSACreateEvent(); + WSAEVENT hEvent = WSACreateEvent(); WSAEventSelect(handle, hEvent, FD_CONNECT) ; connect(handle, (struct sockaddr*)&address, sizeof(address)) ; - // Wait fot 5 seconds, if we can't get a TCP channel open in this + // Wait for 5 seconds, if we can't get a TCP channel open in this // time frame then there is something badly wrong. - WaitForSingleObject(hEvent, 1000*5); // 5 seconds time out + WaitForSingleObject(hEvent, 1000 * 5); // 5 seconds time out WSANETWORKEVENTS netevents; - WSAEnumNetworkEvents(handle,hEvent,&netevents); + WSAEnumNetworkEvents(handle, hEvent, &netevents); // Check the async event status to see if we connected if ((netevents.lNetworkEvents & FD_CONNECT) == FD_CONNECT) @@ -249,6 +250,7 @@ S32 tcp_open_channel(LLHost host) { llwarns << "Unable to open TCP channel, WSA returned an error code of " << netevents.iErrorCode[FD_CONNECT_BIT] << llendl; WSACloseEvent(hEvent); + tcp_close_channel(handle); return -1; } @@ -264,6 +266,7 @@ S32 tcp_open_channel(LLHost host) } llwarns << "Unable to open TCP channel, Timeout is the host up?" << netevents.iErrorCode[FD_CONNECT_BIT] << llendl; + tcp_close_channel(handle); return -1; } @@ -277,7 +280,7 @@ void tcp_close_channel(S32 handle) S32 start_net(S32& socket_out, int& nPort) { // Create socket, make non-blocking - // Init WinSock + // Init WinSock int nRet; int hSocket; @@ -286,7 +289,7 @@ S32 start_net(S32& socket_out, int& nPort) int buff_size = 4; // Initialize windows specific stuff - if(WSAStartup(0x0202, &stWSAData)) + if (WSAStartup(0x0202, &stWSAData)) { S32 err = WSAGetLastError(); WSACleanup(); @@ -295,8 +298,8 @@ S32 start_net(S32& socket_out, int& nPort) } // Get a datagram socket - hSocket = (int)socket(AF_INET, SOCK_DGRAM, 0); - if (hSocket == INVALID_SOCKET) + hSocket = (int)socket(AF_INET, SOCK_DGRAM, 0); + if (hSocket == INVALID_SOCKET) { S32 err = WSAGetLastError(); WSACleanup(); @@ -389,7 +392,7 @@ S32 start_net(S32& socket_out, int& nPort) // Setup a destination address stDstAddr.sin_family = AF_INET; stDstAddr.sin_addr.s_addr = INVALID_HOST_IP_ADDRESS; - stDstAddr.sin_port = htons(nPort); + stDstAddr.sin_port = htons(nPort); socket_out = hSocket; return 0; @@ -492,9 +495,9 @@ S32 tcp_open_channel(LLHost host) { S32 handle; handle = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if (!handle) + if (-1 == handle) { - llwarns << "Error opening TCP control socket, socket() returned " << handle << llendl; + llwarns << "Error opening TCP control socket, socket() returned " << handle << "error code: " << errno << llendl; return -1; } @@ -511,6 +514,7 @@ S32 tcp_open_channel(LLHost host) if (error && (errno != EINPROGRESS)) { llwarns << "Unable to open TCP channel, error code: " << errno << llendl; + tcp_close_channel(handle); return -1; } @@ -521,12 +525,13 @@ S32 tcp_open_channel(LLHost host) FD_ZERO(&fds); FD_SET(handle, &fds); - // See if we have connectde or time out after 5 seconds - U32 rc = select(sizeof(fds)*8, NULL, &fds, NULL, &timeout); + // See if we have connected or time out after 5 seconds + S32 rc = select(sizeof(fds)*8, NULL, &fds, NULL, &timeout); if (rc != 1) // we require exactly one descriptor to be set { llwarns << "Unable to open TCP channel" << llendl; + tcp_close_channel(handle); return -1; } @@ -549,10 +554,10 @@ S32 start_net(S32& socket_out, int& nPort) int rec_size = RECEIVE_BUFFER_SIZE; socklen_t buff_size = 4; - + // Create socket - hSocket = socket(AF_INET, SOCK_DGRAM, 0); - if (hSocket < 0) + hSocket = socket(AF_INET, SOCK_DGRAM, 0); + if (hSocket < 0) { llwarns << "socket() failed" << llendl; return 1; @@ -585,7 +590,7 @@ S32 start_net(S32& socket_out, int& nPort) } else { - // Name the socket (assign the local port number to receive on) + // Name the socket (assign the local port number to receive on) stLclAddr.sin_family = AF_INET; stLclAddr.sin_addr.s_addr = htonl(INADDR_ANY); stLclAddr.sin_port = htons(nPort); @@ -630,7 +635,7 @@ S32 start_net(S32& socket_out, int& nPort) nPort = attempt_port; } // Set socket to be non-blocking - fcntl(hSocket, F_SETFL, O_NONBLOCK); + fcntl(hSocket, F_SETFL, O_NONBLOCK); // set a large receive buffer nRet = setsockopt(hSocket, SOL_SOCKET, SO_RCVBUF, (char *)&rec_size, buff_size); if (nRet) @@ -666,8 +671,8 @@ S32 start_net(S32& socket_out, int& nPort) // Setup a destination address char achMCAddr[MAXADDRSTR] = "127.0.0.1"; /* Flawfinder: ignore */ stDstAddr.sin_family = AF_INET; - stDstAddr.sin_addr.s_addr = ip_string_to_u32(achMCAddr); - stDstAddr.sin_port = htons(nPort); + stDstAddr.sin_addr.s_addr = ip_string_to_u32(achMCAddr); + stDstAddr.sin_port = htons(nPort); socket_out = hSocket; return 0; @@ -693,7 +698,7 @@ static int recvfrom_destip( int socket, void *buf, int len, struct sockaddr *fro iov[0].iov_base = buf; iov[0].iov_len = len; - memset( &msg, 0, sizeof msg ); + memset(&msg, 0, sizeof msg); msg.msg_name = from; msg.msg_namelen = *fromlen; msg.msg_iov = iov; @@ -701,14 +706,14 @@ static int recvfrom_destip( int socket, void *buf, int len, struct sockaddr *fro msg.msg_control = &cmsg; msg.msg_controllen = sizeof(cmsg); - size = recvmsg( socket, &msg, 0 ); + size = recvmsg(socket, &msg, 0); - if( size == -1 ) + if (size == -1) { return -1; } - for( cmsgptr = CMSG_FIRSTHDR(&msg); cmsgptr != NULL; cmsgptr = CMSG_NXTHDR( &msg, cmsgptr ) ) + for (cmsgptr = CMSG_FIRSTHDR(&msg); cmsgptr != NULL; cmsgptr = CMSG_NXTHDR( &msg, cmsgptr)) { if( cmsgptr->cmsg_level == SOL_IP && cmsgptr->cmsg_type == IP_PKTINFO ) { @@ -806,7 +811,7 @@ BOOL send_packet(int hSocket, const char * sendBuffer, int size, U32 recipient, } } } - while ( resend && send_attempts < 3); + while (resend && send_attempts < 3); if (send_attempts >= 3) { diff --git a/indra/llmessage/net.h b/indra/llmessage/net.h index d93ed20c98..047e8ce646 100644 --- a/indra/llmessage/net.h +++ b/indra/llmessage/net.h @@ -46,10 +46,10 @@ S32 receive_packet(int hSocket, char * receiveBuffer); BOOL send_packet(int hSocket, const char *sendBuffer, int size, U32 recipient, int nPort); // Returns TRUE on success. //void get_sender(char * tmp); -LLHost get_sender(); +LLHost get_sender(); U32 get_sender_port(); U32 get_sender_ip(void); -LLHost get_receiving_interface(); +LLHost get_receiving_interface(); U32 get_receiving_interface_ip(void); // Some helpful tcp functions added for the socks 5 proxy support -- cgit v1.2.3 From c0c0a2b9a5f41fc06619330a81c34955a39ddfe2 Mon Sep 17 00:00:00 2001 From: "simon@lindenlab.com" Date: Mon, 20 Jun 2011 09:28:10 -0700 Subject: ER-944: Add feature to control user sounds on a parcel. Added new checkboxes to the About Land / Sound tab. Reviewed by Kelly. --- indra/llmessage/message_prehash.cpp | 2 ++ indra/llmessage/message_prehash.h | 2 ++ 2 files changed, 4 insertions(+) (limited to 'indra/llmessage') diff --git a/indra/llmessage/message_prehash.cpp b/indra/llmessage/message_prehash.cpp index 1248436f16..f7615b5ccb 100644 --- a/indra/llmessage/message_prehash.cpp +++ b/indra/llmessage/message_prehash.cpp @@ -1376,3 +1376,5 @@ char const* const _PREHASH_FaceIndex = LLMessageStringTable::getInstance()->getS char const* const _PREHASH_StatusData = LLMessageStringTable::getInstance()->getString("StatusData"); char const* const _PREHASH_ProductSKU = LLMessageStringTable::getInstance()->getString("ProductSKU"); char const* const _PREHASH_HiddenAVs = LLMessageStringTable::getInstance()->getString("HiddenAVs"); +char const* const _PREHASH_AnyAVSounds = LLMessageStringTable::getInstance()->getString("AnyAVSounds"); +char const* const _PREHASH_GroupAVSounds = LLMessageStringTable::getInstance()->getString("GroupAVSounds"); diff --git a/indra/llmessage/message_prehash.h b/indra/llmessage/message_prehash.h index f871caa3df..44c7440436 100644 --- a/indra/llmessage/message_prehash.h +++ b/indra/llmessage/message_prehash.h @@ -1376,4 +1376,6 @@ extern char const* const _PREHASH_FaceIndex; extern char const* const _PREHASH_StatusData; extern char const* const _PREHASH_ProductSKU; extern char const* const _PREHASH_HiddenAVs; +extern char const* const _PREHASH_AnyAVSounds; +extern char const* const _PREHASH_GroupAVSounds; #endif -- cgit v1.2.3 From aba4f7ddc89c9d28bdd4b02735134101f40634ed Mon Sep 17 00:00:00 2001 From: Xiaohong Bao Date: Mon, 20 Jun 2011 14:01:32 -0600 Subject: fix for SH-1870: can not upload book_collection_1.dae when include textures --- indra/llmessage/llcurl.cpp | 14 +++++++------- indra/llmessage/llcurl.h | 4 ++-- 2 files changed, 9 insertions(+), 9 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 7c8b7e3584..44330cf8ff 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -244,7 +244,7 @@ public: U32 report(CURLcode); void getTransferInfo(LLCurl::TransferInfo* info); - void prepRequest(const std::string& url, const std::vector& headers, ResponderPtr, bool post = false); + void prepRequest(const std::string& url, const std::vector& headers, ResponderPtr, S32 time_out = 0, bool post = false); const char* getErrorBuffer(); @@ -525,7 +525,7 @@ size_t curlHeaderCallback(void* data, size_t size, size_t nmemb, void* user_data void LLCurl::Easy::prepRequest(const std::string& url, const std::vector& headers, - ResponderPtr responder, bool post) + ResponderPtr responder, S32 time_out, bool post) { resetState(); @@ -558,7 +558,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, //don't verify host name so urls with scrubbed host names will work (improves DNS performance) setopt(CURLOPT_SSL_VERIFYHOST, 0); - setopt(CURLOPT_TIMEOUT, CURL_REQUEST_TIMEOUT); + setopt(CURLOPT_TIMEOUT, llmax(time_out, CURL_REQUEST_TIMEOUT)); setoptString(CURLOPT_URL, url); @@ -855,14 +855,14 @@ bool LLCurlRequest::getByteRange(const std::string& url, bool LLCurlRequest::post(const std::string& url, const headers_t& headers, const LLSD& data, - LLCurl::ResponderPtr responder) + LLCurl::ResponderPtr responder, S32 time_out) { LLCurl::Easy* easy = allocEasy(); if (!easy) { return false; } - easy->prepRequest(url, headers, responder); + easy->prepRequest(url, headers, responder, time_out); LLSDSerialize::toXML(data, easy->getInput()); S32 bytes = easy->getInput().str().length(); @@ -882,14 +882,14 @@ bool LLCurlRequest::post(const std::string& url, bool LLCurlRequest::post(const std::string& url, const headers_t& headers, const std::string& data, - LLCurl::ResponderPtr responder) + LLCurl::ResponderPtr responder, S32 time_out) { LLCurl::Easy* easy = allocEasy(); if (!easy) { return false; } - easy->prepRequest(url, headers, responder); + easy->prepRequest(url, headers, responder, time_out); easy->getInput().write(data.data(), data.size()); S32 bytes = easy->getInput().str().length(); diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index 4ce3fa1078..5833a27b84 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -201,8 +201,8 @@ public: void get(const std::string& url, LLCurl::ResponderPtr responder); bool getByteRange(const std::string& url, const headers_t& headers, S32 offset, S32 length, LLCurl::ResponderPtr responder); - bool post(const std::string& url, const headers_t& headers, const LLSD& data, LLCurl::ResponderPtr responder); - bool post(const std::string& url, const headers_t& headers, const std::string& data, LLCurl::ResponderPtr responder); + bool post(const std::string& url, const headers_t& headers, const LLSD& data, LLCurl::ResponderPtr responder, S32 time_out = 0); + bool post(const std::string& url, const headers_t& headers, const std::string& data, LLCurl::ResponderPtr responder, S32 time_out = 0); S32 process(); S32 getQueued(); -- cgit v1.2.3 From 20100ba38c6d3fa16ab11be2ed326ab0964c4c21 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Tue, 21 Jun 2011 17:09:12 -0400 Subject: Refactored SOCKS 5 handshake to use existing LLSocket class. --- indra/llmessage/llcurl.cpp | 8 +- indra/llmessage/llsocks5.cpp | 73 +++++++-------- indra/llmessage/llsocks5.h | 129 ++++++++++++------------- indra/llmessage/net.cpp | 219 ++++++++++++------------------------------- indra/llmessage/net.h | 11 ++- 5 files changed, 171 insertions(+), 269 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 9c507517c7..32dd438e68 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -359,13 +359,13 @@ LLCurl::Easy* LLCurl::Easy::getEasy() check_curl_code(result); //Set the CURL options for either Socks or HTTP proxy - if (LLSocks::getInstance()->isHttpProxyEnabled()) + if (LLSocks::getInstance()->isHTTPProxyEnabled()) { std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXY,address.c_str()); curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYPORT,port); - if (LLSocks::getInstance()->getHttpProxyType() == LLPROXY_SOCKS) + if (LLSocks::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) { curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) @@ -557,13 +557,13 @@ void LLCurl::Easy::prepRequest(const std::string& url, //setopt(CURLOPT_VERBOSE, 1); // usefull for debugging setopt(CURLOPT_NOSIGNAL, 1); - if (LLSocks::getInstance()->isHttpProxyEnabled()) + if (LLSocks::getInstance()->isHTTPProxyEnabled()) { std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); setoptString(CURLOPT_PROXY, address.c_str()); setopt(CURLOPT_PROXYPORT, port); - if (LLSocks::getInstance()->getHttpProxyType() == LLPROXY_SOCKS) + if (LLSocks::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) { setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) diff --git a/indra/llmessage/llsocks5.cpp b/indra/llmessage/llsocks5.cpp index 7eac27d4bb..27a31e35b3 100644 --- a/indra/llmessage/llsocks5.cpp +++ b/indra/llmessage/llsocks5.cpp @@ -1,6 +1,6 @@ /** * @file llsocks5.cpp - * @brief Socks 5 implementation + * @brief SOCKS 5 implementation * * $LicenseInfo:firstyear=2011&license=viewerlgpl$ * Second Life Viewer Source Code @@ -37,52 +37,51 @@ // We want this to be static to avoid excessive indirection on every // incoming packet just to do a simple bool test. The getter for this // member is also static -bool LLSocks::sUdpProxyEnabled; -bool LLSocks::sHttpProxyEnabled; +bool LLSocks::sUDPProxyEnabled; +bool LLSocks::sHTTPProxyEnabled; LLSocks::LLSocks() { - sUdpProxyEnabled = false; - sHttpProxyEnabled = false; - mProxyControlChannel = 0; + sUDPProxyEnabled = false; + sHTTPProxyEnabled = false; + mProxyControlChannel.reset(); mProxyType = LLPROXY_SOCKS; } -// Perform a Socks5 authentication and UDP association to the proxy +// Perform a SOCKS 5 authentication and UDP association to the proxy // specified by proxy, and associate UDP port message_port int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) { int result; - /* Socks 5 Auth request */ + /* SOCKS 5 Auth request */ socks_auth_request_t socks_auth_request; socks_auth_response_t socks_auth_response; - socks_auth_request.version = SOCKS_VERSION; // Socks version 5 - socks_auth_request.num_methods = 1; // Sending 1 method - socks_auth_request.methods = mAuthMethodSelected; // send only the selected method + socks_auth_request.version = SOCKS_VERSION; // SOCKS version 5 + socks_auth_request.num_methods = 1; // Sending 1 method. + socks_auth_request.methods = mAuthMethodSelected; // Send only the selected method. result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request_t), (char*)&socks_auth_response, sizeof(socks_auth_response_t)); if (result != 0) { - llwarns << "Socks authentication request failed, error on TCP control channel : " << result << llendl; + llwarns << "SOCKS authentication request failed, error on TCP control channel : " << result << llendl; stopProxy(); return SOCKS_CONNECT_ERROR; } if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) { - llwarns << "Socks5 server refused all our authentication methods" << llendl; + llwarns << "SOCKS 5 server refused all our authentication methods" << llendl; stopProxy(); return SOCKS_NOT_ACCEPTABLE; } - // SOCKS5 USERNAME/PASSWORD authentication + // SOCKS 5 USERNAME/PASSWORD authentication if (socks_auth_response.method == METHOD_PASSWORD) { // The server has requested a username/password combination U32 request_size = mSocksUsername.size() + mSocksPassword.size() + 3; - // char * password_auth = (char *)malloc(request_size); char * password_auth = new char[request_size]; password_auth[0] = 0x01; password_auth[1] = mSocksUsername.size(); @@ -97,14 +96,14 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) if (result != 0) { - llwarns << "Socks authentication failed, error on TCP control channel : " << result << llendl; + llwarns << "SOCKS authentication failed, error on TCP control channel : " << result << llendl; stopProxy(); return SOCKS_CONNECT_ERROR; } if (password_reply.status != AUTH_SUCCESS) { - llwarns << "Socks authentication failed" << llendl; + llwarns << "SOCKS authentication failed" << llendl; stopProxy(); return SOCKS_AUTH_FAIL; } @@ -115,18 +114,19 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) socks_command_request_t connect_request; socks_command_response_t connect_reply; - connect_request.version = SOCKS_VERSION; //Socks V5 - connect_request.command = COMMAND_UDP_ASSOCIATE; // Associate UDP - connect_request.flag = FIELD_RESERVED; - connect_request.atype = ADDRESS_IPV4; - connect_request.address = 0; // 0.0.0.0 We are not fussy about address - // UDP is promiscuous receive for our protocol - connect_request.port = 0; // Port must be 0 if you ever want to connect via NAT and your router does port rewrite for you + connect_request.version = SOCKS_VERSION; // SOCKS V5 + connect_request.command = COMMAND_UDP_ASSOCIATE; // Associate UDP + connect_request.reserved = FIELD_RESERVED; + connect_request.atype = ADDRESS_IPV4; + connect_request.address = htonl(0); // 0.0.0.0 + connect_request.port = htons(0); // 0 + // "If the client is not in possesion of the information at the time of the UDP ASSOCIATE, + // the client MUST use a port number and address of all zeros. RFC 1928" result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); if (result != 0) { - llwarns << "Socks connect request failed, error on TCP control channel : " << result << llendl; + llwarns << "SOCKS connect request failed, error on TCP control channel : " << result << llendl; stopProxy(); return SOCKS_CONNECT_ERROR; } @@ -134,7 +134,7 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) if (connect_reply.reply != REPLY_REQUEST_GRANTED) { //Something went wrong - llwarns << "Connection to SOCKS5 server failed, UDP forward request not granted" << llendl; + llwarns << "Connection to SOCKS 5 server failed, UDP forward request not granted" << llendl; stopProxy(); return SOCKS_UDP_FWD_NOT_GRANTED; } @@ -142,7 +142,7 @@ int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order mUDPProxy.setAddress(proxy.getAddress()); // All good now we have been given the UDP port to send requests that need forwarding. - llinfos << "Socks 5 UDP proxy connected on " << mUDPProxy << llendl; + llinfos << "SOCKS 5 UDP proxy connected on " << mUDPProxy << llendl; return SOCKS_OK; } @@ -155,19 +155,17 @@ int LLSocks::startProxy(LLHost proxy, U32 message_port) if (mProxyControlChannel) { tcp_close_channel(mProxyControlChannel); - mProxyControlChannel = 0; } - mProxyControlChannel = tcp_open_channel(proxy); - if (mProxyControlChannel == -1) + mProxyControlChannel = tcp_open_channel(mTCPProxy); + if (!mProxyControlChannel) { return SOCKS_HOST_CONNECT_FAILED; } - status = proxyHandshake(proxy, message_port); if (status == SOCKS_OK) { - sUdpProxyEnabled = true; + sUDPProxyEnabled = true; } return status; } @@ -181,21 +179,20 @@ int LLSocks::startProxy(std::string host, U32 port) void LLSocks::stopProxy() { - sUdpProxyEnabled = false; + sUDPProxyEnabled = false; - // If the Socks proxy is requested to stop and we are using that for http as well + // If the SOCKS proxy is requested to stop and we are using that for http as well // then we must shut down any http proxy operations. But it is allowable if web // proxy is being used to continue proxying http. if(LLPROXY_SOCKS == mProxyType) { - sHttpProxyEnabled = false; + sHTTPProxyEnabled = false; } if (mProxyControlChannel) { tcp_close_channel(mProxyControlChannel); - mProxyControlChannel = 0; } } @@ -211,9 +208,9 @@ void LLSocks::setAuthPassword(std::string username, std::string password) mSocksPassword = password; } -void LLSocks::enableHttpProxy(LLHost httpHost, LLHttpProxyType type) +void LLSocks::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) { - sHttpProxyEnabled = true; + sHTTPProxyEnabled = true; mHTTPProxy = httpHost; mProxyType = type; } diff --git a/indra/llmessage/llsocks5.h b/indra/llmessage/llsocks5.h index 171a933d32..43a7c82fea 100644 --- a/indra/llmessage/llsocks5.h +++ b/indra/llmessage/llsocks5.h @@ -46,9 +46,9 @@ #define MAXHOSTNAMELEN (255 + 1) /* socks5: 255, +1 for len. */ #endif -#define SOCKS_VERSION 0x05 // we are using socks 5 +#define SOCKS_VERSION 0x05 // we are using SOCKS 5 -// socks 5 address/hostname types +// SOCKS 5 address/hostname types #define ADDRESS_IPV4 0x01 #define ADDRESS_HOSTNAME 0x03 #define ADDRESS_IPV6 0x04 @@ -56,16 +56,16 @@ // Lets just use our own ipv4 struct rather than dragging in system // specific headers union ipv4_address_t { - unsigned char octets[4]; - U32 addr32; + U8 octets[4]; + U32 addr32; }; -// Socks 5 control channel commands +// SOCKS 5 control channel commands #define COMMAND_TCP_STREAM 0x01 #define COMMAND_TCP_BIND 0x02 #define COMMAND_UDP_ASSOCIATE 0x03 -// Socks 5 command replys +// SOCKS 5 command replies #define REPLY_REQUEST_GRANTED 0x00 #define REPLY_GENERAL_FAIL 0x01 #define REPLY_RULESET_FAIL 0x02 @@ -78,61 +78,61 @@ union ipv4_address_t { #define FIELD_RESERVED 0x00 -// The standard socks5 request packet +// The standard SOCKS 5 request packet // Push current alignment to stack and set alignment to 1 byte boundary // This enabled us to use structs directly to set up and receive network packets // into the correct fields, without fear of boundary alignment causing issues #pragma pack(push,1) -// Socks5 command packet +// SOCKS 5 command packet struct socks_command_request_t { - unsigned char version; - unsigned char command; - unsigned char flag; - unsigned char atype; - U32 address; - U16 port; + U8 version; + U8 command; + U8 reserved; + U8 atype; + U32 address; + U16 port; }; -// Standard socks5 reply packet +// Standard SOCKS 5 reply packet struct socks_command_response_t { - unsigned char version; - unsigned char reply; - unsigned char flag; - unsigned char atype; - unsigned char add_bytes[4]; - U16 port; + U8 version; + U8 reply; + U8 reserved; + U8 atype; + U8 add_bytes[4]; + U16 port; }; #define AUTH_NOT_ACCEPTABLE 0xFF // reply if preferred methods are not available #define AUTH_SUCCESS 0x00 // reply if authentication successful -// socks 5 authentication request, stating which methods the client supports +// SOCKS 5 authentication request, stating which methods the client supports struct socks_auth_request_t { - unsigned char version; - unsigned char num_methods; - unsigned char methods; // We are only using a single method currently + U8 version; + U8 num_methods; + U8 methods; // We are only using a single method currently }; -// socks 5 authentication response packet, stating server prefered method +// SOCKS 5 authentication response packet, stating server preferred method struct socks_auth_response_t { - unsigned char version; - unsigned char method; + U8 version; + U8 method; }; -// socks 5 password reply packet +// SOCKS 5 password reply packet struct authmethod_password_reply_t { - unsigned char version; - unsigned char status; + U8 version; + U8 status; }; -// socks 5 UDP packet header +// SOCKS 5 UDP packet header struct proxywrap_t { - U16 rsv; - U8 frag; - U8 atype; - U32 addr; - U16 port; + U16 rsv; + U8 frag; + U8 atype; + U32 addr; + U16 port; }; #pragma pack(pop) /* restore original alignment from stack */ @@ -158,62 +158,62 @@ class LLSocks: public LLSingleton public: LLSocks(); - // Start a connection to the socks 5 proxy - int startProxy(std::string host,U32 port); - int startProxy(LLHost proxy,U32 messagePort); + // Start a connection to the SOCKS 5 proxy + int startProxy(std::string host, U32 port); + int startProxy(LLHost proxy, U32 messagePort); - // Disconnect and clean up any connection to the socks 5 proxy + // Disconnect and clean up any connection to the SOCKS 5 proxy void stopProxy(); - // Set up to use Password auth when connecting to the socks proxy - void setAuthPassword(std::string username,std::string password); + // Set up to use Password auth when connecting to the SOCKS proxy + void setAuthPassword(std::string username, std::string password); - // Set up to use No Auth when connecting to the socks proxy + // Set up to use No Auth when connecting to the SOCKS proxy void setAuthNone(); // get the currently selected auth method LLSocks5AuthType getSelectedAuthMethod() const { return mAuthMethodSelected; } // static check for enabled status for UDP packets - static bool isEnabled() { return sUdpProxyEnabled; } + static bool isEnabled() { return sUDPProxyEnabled; } // static check for enabled status for http packets - static bool isHttpProxyEnabled() { return sHttpProxyEnabled; } + static bool isHTTPProxyEnabled() { return sHTTPProxyEnabled; } - // Proxy http packets via httpHost, which can be a Socks5 or a http proxy + // Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy // as specified in type - void enableHttpProxy(LLHost httpHost, LLHttpProxyType type); + void enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); - // Stop proxying http packets - void disableHttpProxy() { sHttpProxyEnabled = false; }; + // Stop proxying HTTP packets + void disableHTTPProxy() { sHTTPProxyEnabled = false; }; // Get the UDP proxy address and port LLHost getUDPProxy() const { return mUDPProxy; } - // Get the socks 5 TCP control channel address and port + // Get the SOCKS 5 TCP control channel address and port LLHost getTCPProxy() const { return mTCPProxy; } - // Get the http proxy address and port + // Get the HTTP proxy address and port LLHost getHTTPProxy() const { return mHTTPProxy; } - // Get the currently selected http proxy type - LLHttpProxyType getHttpProxyType() const { return mProxyType; } + // Get the currently selected HTTP proxy type + LLHttpProxyType getHTTPProxyType() const { return mProxyType; } // Get the username password in a curl compatible format std::string getProxyUserPwd() const { return (mSocksUsername + ":" + mSocksPassword); } private: - // Open a communication channel to the socks5 proxy proxy, at port messagePort - int proxyHandshake(LLHost proxy,U32 messagePort); + // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort + int proxyHandshake(LLHost proxy, U32 messagePort); - // socket handle to proxy tcp control channel - S32 mProxyControlChannel; + // socket handle to proxy TCP control channel + LLSocket::ptr_t mProxyControlChannel; // is the UDP proxy enabled? - static bool sUdpProxyEnabled; + static bool sUDPProxyEnabled; // is the http proxy enabled? - static bool sHttpProxyEnabled; + static bool sHTTPProxyEnabled; // currently selected http proxy type LLHttpProxyType mProxyType; @@ -225,13 +225,16 @@ private: // HTTP proxy address and port LLHost mHTTPProxy; - // socks 5 auth method selected + // SOCKS 5 auth method selected LLSocks5AuthType mAuthMethodSelected; - // socks 5 username + // SOCKS 5 username std::string mSocksUsername; - // socks 5 password + // SOCKS 5 password std::string mSocksPassword; + + // APR pool for the socket + apr_pool_t* mPool; }; #endif diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index a51d80ff48..366a1835ca 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -189,93 +189,6 @@ U32 ip_string_to_u32(const char* ip_string) ////////////////////////////////////////////////////////////////////////////////////////// #if LL_WINDOWS - -int tcp_handshake(S32 handle, char * dataout, int outlen, char * datain, int maxinlen) -{ - int result; - result = send(handle, dataout, outlen, 0); - if (result != outlen) - { - S32 err = WSAGetLastError(); - llwarns << "Error sending data to proxy control channel, number of bytes sent were " << result << " error code was " << err << llendl; - return -1; - } - - result = recv(handle, datain, maxinlen, 0); - if (result != maxinlen) - { - S32 err = WSAGetLastError(); - llwarns << "Error receiving data from proxy control channel, number of bytes received were " << result << " error code was " << err << llendl; - return -1; - } - - return 0; -} - -S32 tcp_open_channel(LLHost host) -{ - // Open a TCP channel - // Jump through some hoops to ensure that if the request hosts is down - // or not reachable connect() does not block - - S32 handle; - handle = socket(AF_INET, SOCK_STREAM, 0); - if (INVALID_SOCKET == handle) - { - llwarns << "Error opening TCP control socket, socket() returned " - << WSAGetLastError() << ", " << DecodeError(WSAGetLastError()) << llendl; - return -1; - } - - struct sockaddr_in address; - address.sin_port = htons(host.getPort()); - address.sin_family = AF_INET; - address.sin_addr.s_addr = host.getAddress(); - - // Non blocking - WSAEVENT hEvent = WSACreateEvent(); - WSAEventSelect(handle, hEvent, FD_CONNECT) ; - connect(handle, (struct sockaddr*)&address, sizeof(address)) ; - // Wait for 5 seconds, if we can't get a TCP channel open in this - // time frame then there is something badly wrong. - WaitForSingleObject(hEvent, 1000 * 5); // 5 seconds time out - - WSANETWORKEVENTS netevents; - WSAEnumNetworkEvents(handle, hEvent, &netevents); - - // Check the async event status to see if we connected - if ((netevents.lNetworkEvents & FD_CONNECT) == FD_CONNECT) - { - if (netevents.iErrorCode[FD_CONNECT_BIT] != 0) - { - llwarns << "Unable to open TCP channel, WSA returned an error code of " << netevents.iErrorCode[FD_CONNECT_BIT] << llendl; - WSACloseEvent(hEvent); - tcp_close_channel(handle); - return -1; - } - - // Now we are connected disable non blocking - // we don't need support an async interface as - // currently our only consumer (socks5) will make one round - // of packets then just hold the connection open - WSAEventSelect(handle, hEvent, NULL) ; - unsigned long NonBlock = 0; - ioctlsocket(handle, FIONBIO, &NonBlock); - - return handle; - } - - llwarns << "Unable to open TCP channel, Timeout is the host up?" << netevents.iErrorCode[FD_CONNECT_BIT] << llendl; - tcp_close_channel(handle); - return -1; -} - -void tcp_close_channel(S32 handle) -{ - llinfos << "Closing TCP channel" << llendl; - shutdown(handle, SD_BOTH); - closesocket(handle); -} S32 start_net(S32& socket_out, int& nPort) { @@ -473,79 +386,6 @@ BOOL send_packet(int hSocket, const char *sendBuffer, int size, U32 recipient, i #else - -int tcp_handshake(S32 handle, char * dataout, int outlen, char * datain, int maxinlen) -{ - if (send(handle, dataout, outlen, 0) != outlen) - { - llwarns << "Error sending data to proxy control channel" << llendl; - return -1; - } - - if (recv(handle, datain, maxinlen, 0) != maxinlen) - { - llwarns << "Error receiving data to proxy control channel" << llendl; - return -1; - } - - return 0; -} - -S32 tcp_open_channel(LLHost host) -{ - S32 handle; - handle = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if (-1 == handle) - { - llwarns << "Error opening TCP control socket, socket() returned " << handle << "error code: " << errno << llendl; - return -1; - } - - struct sockaddr_in address; - address.sin_port = htons(host.getPort()); - address.sin_family = AF_INET; - address.sin_addr.s_addr = host.getAddress(); - - // Set the socket to non blocking for the connect() - int flags = fcntl(handle, F_GETFL, 0); - fcntl(handle, F_SETFL, flags | O_NONBLOCK); - - S32 error = connect(handle, (sockaddr*)&address, sizeof(address)); - if (error && (errno != EINPROGRESS)) - { - llwarns << "Unable to open TCP channel, error code: " << errno << llendl; - tcp_close_channel(handle); - return -1; - } - - struct timeval timeout; - timeout.tv_sec = 5; // Maximum time to wait for the connect() to complete - timeout.tv_usec = 0; - fd_set fds; - FD_ZERO(&fds); - FD_SET(handle, &fds); - - // See if we have connected or time out after 5 seconds - S32 rc = select(sizeof(fds)*8, NULL, &fds, NULL, &timeout); - - if (rc != 1) // we require exactly one descriptor to be set - { - llwarns << "Unable to open TCP channel" << llendl; - tcp_close_channel(handle); - return -1; - } - - // Return the socket to blocking operations - fcntl(handle, F_SETFL, flags); - - return handle; -} - -void tcp_close_channel(S32 handle) -{ - close(handle); -} - // Create socket, make non-blocking S32 start_net(S32& socket_out, int& nPort) { @@ -824,4 +664,63 @@ BOOL send_packet(int hSocket, const char * sendBuffer, int size, U32 recipient, #endif +int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) +{ + apr_socket_t* apr_socket = handle->getSocket(); + apr_status_t rv; + + apr_size_t expected_len = outlen; + + apr_socket_opt_set(apr_socket, APR_SO_NONBLOCK, -5); // Blocking connection, 5 second timeout + apr_socket_timeout_set(apr_socket, (APR_USEC_PER_SEC * 5)); + + rv = apr_socket_send(apr_socket, dataout, &outlen); + if (rv != APR_SUCCESS || expected_len != outlen) + { + llwarns << "Error sending data to proxy control channel" << llendl; + ll_apr_warn_status(rv); + return -1; + } + + expected_len = maxinlen; + do + { + rv = apr_socket_recv(apr_socket, datain, &maxinlen); + llinfos << "Receiving packets." << llendl; + llwarns << "Proxy control channel status: " << rv << llendl; + } while (APR_STATUS_IS_EAGAIN(rv)); + + if (rv != APR_SUCCESS) + { + llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; + llwarns << "Received " << maxinlen << " bytes." << llendl; + ll_apr_warn_status(rv); + return rv; + } + else if (expected_len != maxinlen) + { + llwarns << "Incorrect data received length in proxy control channel" << llendl; + return -1; + } + + return 0; +} + +LLSocket::ptr_t tcp_open_channel(LLHost host) +{ + LLSocket::ptr_t socket = LLSocket::create(gAPRPoolp, LLSocket::STREAM_TCP); + bool connected = socket->blockingConnect(host); + if (!connected) + { + tcp_close_channel(socket); + } + + return socket; +} + +void tcp_close_channel(LLSocket::ptr_t handle) +{ + handle.reset(); +} + //EOF diff --git a/indra/llmessage/net.h b/indra/llmessage/net.h index 047e8ce646..0d91cf2a2f 100644 --- a/indra/llmessage/net.h +++ b/indra/llmessage/net.h @@ -27,6 +27,9 @@ #ifndef LL_NET_H #define LL_NET_H +#include "lliosocket.h" +#include "llapr.h" + class LLTimer; class LLHost; @@ -52,10 +55,10 @@ U32 get_sender_ip(void); LLHost get_receiving_interface(); U32 get_receiving_interface_ip(void); -// Some helpful tcp functions added for the socks 5 proxy support -S32 tcp_open_channel(LLHost host); // Open a tcp channel to a given host -void tcp_close_channel(S32 handle); // Close an open tcp channel -int tcp_handshake(S32 handle, char * dataout, int outlen, char * datain, int maxinlen); // Do a TCP data handshake +// Some helpful TCP functions +LLSocket::ptr_t tcp_open_channel(LLHost host); // Open a TCP channel to a given host +void tcp_close_channel(LLSocket::ptr_t handle); // Close an open TCP channel +int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake const char* u32_to_ip_string(U32 ip); // Returns pointer to internal string buffer, "(bad IP addr)" on failure, cannot nest calls char* u32_to_ip_string(U32 ip, char *ip_string); // NULL on failure, ip_string on success, you must allocate at least MAXADDRSTR chars -- cgit v1.2.3 From f91d40c25949ee8c5b1d5c1babab62d6dd90d0c8 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Wed, 22 Jun 2011 14:35:31 -0400 Subject: Merge, fixed build issues by refactoring SOCKS 5 code. --- indra/llmessage/llsocks5.cpp | 75 ++++++++++++++++++++++++++++++++++++++++++-- indra/llmessage/llsocks5.h | 1 + indra/llmessage/net.cpp | 59 ---------------------------------- indra/llmessage/net.h | 8 ----- 4 files changed, 73 insertions(+), 70 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llsocks5.cpp b/indra/llmessage/llsocks5.cpp index 27a31e35b3..278350bf25 100644 --- a/indra/llmessage/llsocks5.cpp +++ b/indra/llmessage/llsocks5.cpp @@ -24,13 +24,16 @@ * $/LicenseInfo$ */ +#include "linden_common.h" + +#include "llsocks5.h" + #include -#include "linden_common.h" -#include "net.h" +#include "llapr.h" #include "llhost.h" #include "message.h" -#include "llsocks5.h" +#include "net.h" // Static class variable instances @@ -40,6 +43,12 @@ bool LLSocks::sUDPProxyEnabled; bool LLSocks::sHTTPProxyEnabled; +// Some helpful TCP functions +static LLSocket::ptr_t tcp_open_channel(LLHost host); // Open a TCP channel to a given host +static void tcp_close_channel(LLSocket::ptr_t handle); // Close an open TCP channel +static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake + + LLSocks::LLSocks() { sUDPProxyEnabled = false; @@ -214,3 +223,63 @@ void LLSocks::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) mHTTPProxy = httpHost; mProxyType = type; } + +static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) +{ + apr_socket_t* apr_socket = handle->getSocket(); + apr_status_t rv; + + apr_size_t expected_len = outlen; + + apr_socket_opt_set(apr_socket, APR_SO_NONBLOCK, -5); // Blocking connection, 5 second timeout + apr_socket_timeout_set(apr_socket, (APR_USEC_PER_SEC * 5)); + + rv = apr_socket_send(apr_socket, dataout, &outlen); + if (rv != APR_SUCCESS || expected_len != outlen) + { + llwarns << "Error sending data to proxy control channel" << llendl; + ll_apr_warn_status(rv); + return -1; + } + + expected_len = maxinlen; + do + { + rv = apr_socket_recv(apr_socket, datain, &maxinlen); + llinfos << "Receiving packets." << llendl; + llwarns << "Proxy control channel status: " << rv << llendl; + } while (APR_STATUS_IS_EAGAIN(rv)); + + if (rv != APR_SUCCESS) + { + llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; + llwarns << "Received " << maxinlen << " bytes." << llendl; + ll_apr_warn_status(rv); + return rv; + } + else if (expected_len != maxinlen) + { + llwarns << "Incorrect data received length in proxy control channel" << llendl; + return -1; + } + + return 0; +} + +static LLSocket::ptr_t tcp_open_channel(LLHost host) +{ + LLSocket::ptr_t socket = LLSocket::create(gAPRPoolp, LLSocket::STREAM_TCP); + bool connected = socket->blockingConnect(host); + if (!connected) + { + tcp_close_channel(socket); + } + + return socket; +} + +static void tcp_close_channel(LLSocket::ptr_t handle) +{ + handle.reset(); +} + diff --git a/indra/llmessage/llsocks5.h b/indra/llmessage/llsocks5.h index 43a7c82fea..3c10f661de 100644 --- a/indra/llmessage/llsocks5.h +++ b/indra/llmessage/llsocks5.h @@ -28,6 +28,7 @@ #define LL_SOCKS5_H #include "llhost.h" +#include "lliosocket.h" #include "llmemory.h" #include "llsingleton.h" #include diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index 366a1835ca..e2d185b959 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -664,63 +664,4 @@ BOOL send_packet(int hSocket, const char * sendBuffer, int size, U32 recipient, #endif -int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) -{ - apr_socket_t* apr_socket = handle->getSocket(); - apr_status_t rv; - - apr_size_t expected_len = outlen; - - apr_socket_opt_set(apr_socket, APR_SO_NONBLOCK, -5); // Blocking connection, 5 second timeout - apr_socket_timeout_set(apr_socket, (APR_USEC_PER_SEC * 5)); - - rv = apr_socket_send(apr_socket, dataout, &outlen); - if (rv != APR_SUCCESS || expected_len != outlen) - { - llwarns << "Error sending data to proxy control channel" << llendl; - ll_apr_warn_status(rv); - return -1; - } - - expected_len = maxinlen; - do - { - rv = apr_socket_recv(apr_socket, datain, &maxinlen); - llinfos << "Receiving packets." << llendl; - llwarns << "Proxy control channel status: " << rv << llendl; - } while (APR_STATUS_IS_EAGAIN(rv)); - - if (rv != APR_SUCCESS) - { - llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; - llwarns << "Received " << maxinlen << " bytes." << llendl; - ll_apr_warn_status(rv); - return rv; - } - else if (expected_len != maxinlen) - { - llwarns << "Incorrect data received length in proxy control channel" << llendl; - return -1; - } - - return 0; -} - -LLSocket::ptr_t tcp_open_channel(LLHost host) -{ - LLSocket::ptr_t socket = LLSocket::create(gAPRPoolp, LLSocket::STREAM_TCP); - bool connected = socket->blockingConnect(host); - if (!connected) - { - tcp_close_channel(socket); - } - - return socket; -} - -void tcp_close_channel(LLSocket::ptr_t handle) -{ - handle.reset(); -} - //EOF diff --git a/indra/llmessage/net.h b/indra/llmessage/net.h index 0d91cf2a2f..0f2437479d 100644 --- a/indra/llmessage/net.h +++ b/indra/llmessage/net.h @@ -27,9 +27,6 @@ #ifndef LL_NET_H #define LL_NET_H -#include "lliosocket.h" -#include "llapr.h" - class LLTimer; class LLHost; @@ -55,11 +52,6 @@ U32 get_sender_ip(void); LLHost get_receiving_interface(); U32 get_receiving_interface_ip(void); -// Some helpful TCP functions -LLSocket::ptr_t tcp_open_channel(LLHost host); // Open a TCP channel to a given host -void tcp_close_channel(LLSocket::ptr_t handle); // Close an open TCP channel -int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake - const char* u32_to_ip_string(U32 ip); // Returns pointer to internal string buffer, "(bad IP addr)" on failure, cannot nest calls char* u32_to_ip_string(U32 ip, char *ip_string); // NULL on failure, ip_string on success, you must allocate at least MAXADDRSTR chars U32 ip_string_to_u32(const char* ip_string); // Wrapper for inet_addr() -- cgit v1.2.3 From c91d6962337e3394038d72b173431dceffb44317 Mon Sep 17 00:00:00 2001 From: Aaron Stone Date: Mon, 27 Jun 2011 12:49:45 -0700 Subject: STORM-1446 Portability fix when setting non-blocking socket options. --- indra/llmessage/lliosocket.cpp | 26 +++++++++++++++++++++----- indra/llmessage/lliosocket.h | 11 +++++++++-- 2 files changed, 30 insertions(+), 7 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/lliosocket.cpp b/indra/llmessage/lliosocket.cpp index ca84fa8bb8..8c752fbe30 100644 --- a/indra/llmessage/lliosocket.cpp +++ b/indra/llmessage/lliosocket.cpp @@ -191,7 +191,7 @@ LLSocket::ptr_t LLSocket::create(apr_pool_t* pool, EType type, U16 port) port = PORT_EPHEMERAL; } rv->mPort = port; - rv->setOptions(); + rv->setNonBlocking(); return rv; } @@ -206,7 +206,7 @@ LLSocket::ptr_t LLSocket::create(apr_socket_t* socket, apr_pool_t* pool) } rv = ptr_t(new LLSocket(socket, pool)); rv->mPort = PORT_EPHEMERAL; - rv->setOptions(); + rv->setNonBlocking(); return rv; } @@ -227,10 +227,10 @@ bool LLSocket::blockingConnect(const LLHost& host) { return false; } - apr_socket_timeout_set(mSocket, 1000); + setBlocking(1000); ll_debug_socket("Blocking connect", mSocket); if(ll_apr_warn_status(apr_socket_connect(mSocket, sa))) return false; - setOptions(); + setNonBlocking(); return true; } @@ -258,11 +258,27 @@ LLSocket::~LLSocket() } } -void LLSocket::setOptions() +// See http://dev.ariel-networks.com/apr/apr-tutorial/html/apr-tutorial-13.html#ss13.4 +// for an explanation of how to get non-blocking sockets and timeouts with +// consistent behavior across platforms. + +void LLSocket::setBlocking(S32 timeout) +{ + LLMemType m1(LLMemType::MTYPE_IO_TCP); + // set up the socket options + ll_apr_warn_status(apr_socket_timeout_set(mSocket, timeout)); + ll_apr_warn_status(apr_socket_opt_set(mSocket, APR_SO_NONBLOCK, 0)); + ll_apr_warn_status(apr_socket_opt_set(mSocket, APR_SO_SNDBUF, LL_SEND_BUFFER_SIZE)); + ll_apr_warn_status(apr_socket_opt_set(mSocket, APR_SO_RCVBUF, LL_RECV_BUFFER_SIZE)); + +} + +void LLSocket::setNonBlocking() { LLMemType m1(LLMemType::MTYPE_IO_TCP); // set up the socket options ll_apr_warn_status(apr_socket_timeout_set(mSocket, 0)); + ll_apr_warn_status(apr_socket_opt_set(mSocket, APR_SO_NONBLOCK, 1)); ll_apr_warn_status(apr_socket_opt_set(mSocket, APR_SO_SNDBUF, LL_SEND_BUFFER_SIZE)); ll_apr_warn_status(apr_socket_opt_set(mSocket, APR_SO_RCVBUF, LL_RECV_BUFFER_SIZE)); diff --git a/indra/llmessage/lliosocket.h b/indra/llmessage/lliosocket.h index 6806e5084a..e0f6c1e34d 100644 --- a/indra/llmessage/lliosocket.h +++ b/indra/llmessage/lliosocket.h @@ -153,9 +153,16 @@ protected: LLSocket(apr_socket_t* socket, apr_pool_t* pool); /** - * @brief Set default socket options. + * @brief Set default socket options, with SO_NONBLOCK = 0 and a timeout in us. + * @param timeout Number of microseconds to wait on this socket. Any + * negative number means block-forever. TIMEOUT OF 0 IS NON-PORTABLE. */ - void setOptions(); + void setBlocking(S32 timeout); + + /** + * @brief Set default socket options, with SO_NONBLOCK = 1 and timeout = 0. + */ + void setNonBlocking(); public: /** -- cgit v1.2.3 From 7717b6f647feb250c0b94d038f72a640a7888915 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Tue, 28 Jun 2011 19:54:53 -0400 Subject: STORM-1112 More cleanup of SOCKS 5 proxy code. Renamed llsocks5.cpp to llproxy.cpp. --- indra/llmessage/CMakeLists.txt | 4 +- indra/llmessage/llcurl.cpp | 38 ++--- indra/llmessage/lliosocket.h | 2 +- indra/llmessage/llpacketring.cpp | 40 +++--- indra/llmessage/llproxy.cpp | 294 +++++++++++++++++++++++++++++++++++++++ indra/llmessage/llproxy.h | 244 ++++++++++++++++++++++++++++++++ indra/llmessage/llsocks5.cpp | 285 ------------------------------------- indra/llmessage/llsocks5.h | 241 -------------------------------- indra/llmessage/net.cpp | 2 +- 9 files changed, 568 insertions(+), 582 deletions(-) create mode 100644 indra/llmessage/llproxy.cpp create mode 100644 indra/llmessage/llproxy.h delete mode 100644 indra/llmessage/llsocks5.cpp delete mode 100644 indra/llmessage/llsocks5.h (limited to 'indra/llmessage') diff --git a/indra/llmessage/CMakeLists.txt b/indra/llmessage/CMakeLists.txt index 4b679ef6a5..0f40a670fa 100644 --- a/indra/llmessage/CMakeLists.txt +++ b/indra/llmessage/CMakeLists.txt @@ -65,6 +65,7 @@ set(llmessage_SOURCE_FILES llpacketbuffer.cpp llpacketring.cpp llpartdata.cpp + llproxy.cpp llpumpio.cpp llregionpresenceverifier.cpp llsdappservices.cpp @@ -76,7 +77,6 @@ set(llmessage_SOURCE_FILES llsdrpcserver.cpp llservicebuilder.cpp llservice.cpp - llsocks5.cpp llstoredmessage.cpp lltemplatemessagebuilder.cpp lltemplatemessagedispatcher.cpp @@ -162,6 +162,7 @@ set(llmessage_HEADER_FILES llpacketring.h llpartdata.h llpumpio.h + llproxy.h llqueryflags.h llregionflags.h llregionhandle.h @@ -175,7 +176,6 @@ set(llmessage_HEADER_FILES llsdrpcserver.h llservice.h llservicebuilder.h - llsocks5.h llstoredmessage.h lltaskname.h llteleportflags.h diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 32dd438e68..0b368196d2 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -46,12 +46,12 @@ #endif #include "llbufferstream.h" -#include "llstl.h" #include "llsdserialize.h" +#include "llproxy.h" +#include "llstl.h" #include "llthread.h" #include "lltimer.h" -#include "llsocks5.h" ////////////////////////////////////////////////////////////////////////////// /* @@ -357,27 +357,6 @@ LLCurl::Easy* LLCurl::Easy::getEasy() // multi handles cache if they are added to one. CURLcode result = curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_DNS_CACHE_TIMEOUT, 0); check_curl_code(result); - - //Set the CURL options for either Socks or HTTP proxy - if (LLSocks::getInstance()->isHTTPProxyEnabled()) - { - std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXY,address.c_str()); - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYPORT,port); - if (LLSocks::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) - { - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) - { - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYUSERPWD,LLSocks::getInstance()->getProxyUserPwd().c_str()); - } - } - else - { - curl_easy_setopt(easy->mCurlEasyHandle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); - } - } ++gCurlEasyCount; return easy; @@ -557,18 +536,19 @@ void LLCurl::Easy::prepRequest(const std::string& url, //setopt(CURLOPT_VERBOSE, 1); // usefull for debugging setopt(CURLOPT_NOSIGNAL, 1); - if (LLSocks::getInstance()->isHTTPProxyEnabled()) + // Set the CURL options for either Socks or HTTP proxy + if (LLProxy::getInstance()->isHTTPProxyEnabled()) { - std::string address = LLSocks::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLSocks::getInstance()->getHTTPProxy().getPort(); + std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); + U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); setoptString(CURLOPT_PROXY, address.c_str()); setopt(CURLOPT_PROXYPORT, port); - if (LLSocks::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) { setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if(LLSocks::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) + if(LLProxy::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) { - setoptString(CURLOPT_PROXYUSERPWD,LLSocks::getInstance()->getProxyUserPwd()); + setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); } } else diff --git a/indra/llmessage/lliosocket.h b/indra/llmessage/lliosocket.h index 6806e5084a..ec60470459 100644 --- a/indra/llmessage/lliosocket.h +++ b/indra/llmessage/lliosocket.h @@ -159,7 +159,7 @@ protected: public: /** - * @brief Do not call this directly. + * @brief Do not call this directly. Use LLSocket::ptr_t.reset() instead. */ ~LLSocket(); diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index 62aaca0672..91ab1df149 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -37,19 +37,13 @@ // linden library includes #include "llerror.h" -#include "message.h" -#include "llsocks5.h" #include "lltimer.h" -#include "timing.h" +#include "llproxy.h" #include "llrand.h" +#include "message.h" +#include "timing.h" #include "u64.h" - - - - - - /////////////////////////////////////////////////////////// LLPacketRing::LLPacketRing () : mUseInThrottle(FALSE), @@ -231,28 +225,28 @@ S32 LLPacketRing::receivePacket (S32 socket, char *datap) else { // no delay, pull straight from net - if (LLSocks::isEnabled()) + if (LLProxy::isEnabled()) { - U8 buffer[MAX_BUFFER_SIZE]; - packet_size = receive_packet(socket, (char*)buffer); + U8 buffer[NET_BUFFER_SIZE]; + packet_size = receive_packet(socket, reinterpret_cast(buffer)); if (packet_size > 10) { - memcpy(datap,buffer+10,packet_size-10); + // *FIX We are assuming ATYP is 0x01 (IPv4), not 0x03 (hostname) or 0x04 (IPv6) + memcpy(datap, buffer + 10, packet_size - 10); + proxywrap_t * header = reinterpret_cast(buffer); + mLastSender.setAddress(header->addr); + mLastSender.setPort(ntohs(header->port)); } else { - packet_size=0; + packet_size = 0; } - - proxywrap_t * header = (proxywrap_t *)buffer; - mLastSender.setAddress(header->addr); - mLastSender.setPort(ntohs(header->port)); } else { - packet_size = receive_packet(socket, datap); - mLastSender = ::get_sender(); + packet_size = receive_packet(socket, datap); + mLastSender = ::get_sender(); } mLastReceivingIF = ::get_receiving_interface(); @@ -352,7 +346,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL BOOL LLPacketRing::doSendPacket(int h_socket, const char * send_buffer, S32 buf_size, LLHost host) { - if (!LLSocks::isEnabled()) + if (!LLProxy::isEnabled()) { return send_packet(h_socket, send_buffer, buf_size, host.getAddress(), host.getPort()); } @@ -364,7 +358,7 @@ BOOL LLPacketRing::doSendPacket(int h_socket, const char * send_buffer, S32 buf_ socks_header->atype = ADDRESS_IPV4; socks_header->frag = 0; - memcpy(mProxyWrappedSendBuffer+10, send_buffer, buf_size); + memcpy(mProxyWrappedSendBuffer + 10, send_buffer, buf_size); - return send_packet(h_socket,(const char*) mProxyWrappedSendBuffer, buf_size+10, LLSocks::getInstance()->getUDPProxy().getAddress(), LLSocks::getInstance()->getUDPProxy().getPort()); + return send_packet(h_socket,(const char*) mProxyWrappedSendBuffer, buf_size + 10, LLProxy::getInstance()->getUDPProxy().getAddress(), LLProxy::getInstance()->getUDPProxy().getPort()); } diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp new file mode 100644 index 0000000000..6bc9e8b62b --- /dev/null +++ b/indra/llmessage/llproxy.cpp @@ -0,0 +1,294 @@ +/** + * @file llsocks5.cpp + * @brief SOCKS 5 implementation + * + * $LicenseInfo:firstyear=2011&license=viewerlgpl$ + * Second Life Viewer Source Code + * Copyright (C) 2011, Linden Research, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; + * version 2.1 of the License only. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + * Linden Research, Inc., 945 Battery Street, San Francisco, CA 94111 USA + * $/LicenseInfo$ + */ + +#include "linden_common.h" + +#include "llproxy.h" + +#include + +#include "llapr.h" +#include "llhost.h" +#include "message.h" +#include "net.h" + +// Static class variable instances + +// We want this to be static to avoid excessive indirection on every +// incoming packet just to do a simple bool test. The getter for this +// member is also static +bool LLProxy::sUDPProxyEnabled = false; +bool LLProxy::sHTTPProxyEnabled = false; + +// Some helpful TCP functions +static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host); // Open a TCP channel to a given host +static void tcp_close_channel(LLSocket::ptr_t handle); // Close an open TCP channel +static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake + + +LLProxy::LLProxy(): + mProxyType(LLPROXY_SOCKS), + mUDPProxy(), + mTCPProxy(), + mHTTPProxy(), + mAuthMethodSelected(METHOD_NOAUTH), + mSocksUsername(), + mSocksPassword(), + mPool(gAPRPoolp) +{ +} + +LLProxy::~LLProxy() +{ + tcp_close_channel(mProxyControlChannel); + sUDPProxyEnabled = false; + sHTTPProxyEnabled = false; +} + +// Perform a SOCKS 5 authentication and UDP association to the proxy +// specified by proxy, and associate UDP port message_port +int LLProxy::proxyHandshake(LLHost proxy, U32 message_port) +{ + int result; + + /* SOCKS 5 Auth request */ + socks_auth_request_t socks_auth_request; + socks_auth_response_t socks_auth_response; + + socks_auth_request.version = SOCKS_VERSION; // SOCKS version 5 + socks_auth_request.num_methods = 1; // Sending 1 method. + socks_auth_request.methods = mAuthMethodSelected; // Send only the selected method. + + result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request), (char*)&socks_auth_response, sizeof(socks_auth_response)); + if (result != 0) + { + llwarns << "SOCKS authentication request failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) + { + llwarns << "SOCKS 5 server refused all our authentication methods" << llendl; + stopProxy(); + return SOCKS_NOT_ACCEPTABLE; + } + + // SOCKS 5 USERNAME/PASSWORD authentication + if (socks_auth_response.method == METHOD_PASSWORD) + { + // The server has requested a username/password combination + U32 request_size = mSocksUsername.size() + mSocksPassword.size() + 3; + char * password_auth = new char[request_size]; + password_auth[0] = 0x01; + password_auth[1] = mSocksUsername.size(); + memcpy(&password_auth[2], mSocksUsername.c_str(), mSocksUsername.size()); + password_auth[mSocksUsername.size() + 2] = mSocksPassword.size(); + memcpy(&password_auth[mSocksUsername.size()+3], mSocksPassword.c_str(), mSocksPassword.size()); + + authmethod_password_reply_t password_reply; + + result = tcp_handshake(mProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(authmethod_password_reply_t)); + delete[] password_auth; + + if (result != 0) + { + llwarns << "SOCKS authentication failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (password_reply.status != AUTH_SUCCESS) + { + llwarns << "SOCKS authentication failed" << llendl; + stopProxy(); + return SOCKS_AUTH_FAIL; + } + } + + /* SOCKS5 connect request */ + + socks_command_request_t connect_request; + socks_command_response_t connect_reply; + + connect_request.version = SOCKS_VERSION; // SOCKS V5 + connect_request.command = COMMAND_UDP_ASSOCIATE; // Associate UDP + connect_request.reserved = FIELD_RESERVED; + connect_request.atype = ADDRESS_IPV4; + connect_request.address = htonl(0); // 0.0.0.0 + connect_request.port = htons(0); // 0 + // "If the client is not in possession of the information at the time of the UDP ASSOCIATE, + // the client MUST use a port number and address of all zeros. RFC 1928" + + result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); + if (result != 0) + { + llwarns << "SOCKS connect request failed, error on TCP control channel : " << result << llendl; + stopProxy(); + return SOCKS_CONNECT_ERROR; + } + + if (connect_reply.reply != REPLY_REQUEST_GRANTED) + { + //Something went wrong + llwarns << "Connection to SOCKS 5 server failed, UDP forward request not granted" << llendl; + stopProxy(); + return SOCKS_UDP_FWD_NOT_GRANTED; + } + + mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order + mUDPProxy.setAddress(proxy.getAddress()); + // All good now we have been given the UDP port to send requests that need forwarding. + llinfos << "SOCKS 5 UDP proxy connected on " << mUDPProxy << llendl; + return SOCKS_OK; +} + +int LLProxy::startProxy(std::string host, U32 port) +{ + mTCPProxy.setHostByName(host); + mTCPProxy.setPort(port); + + int status; + + if (mProxyControlChannel) + { + tcp_close_channel(mProxyControlChannel); + } + + mProxyControlChannel = tcp_open_channel(mPool, mTCPProxy); + if (!mProxyControlChannel) + { + return SOCKS_HOST_CONNECT_FAILED; + } + status = proxyHandshake(mTCPProxy, (U32)gMessageSystem->mPort); + if (status == SOCKS_OK) + { + sUDPProxyEnabled = true; + } + else + { + stopProxy(); + } + return status; + +} + +void LLProxy::stopProxy() +{ + sUDPProxyEnabled = false; + + // If the SOCKS proxy is requested to stop and we are using that for http as well + // then we must shut down any http proxy operations. But it is allowable if web + // proxy is being used to continue proxying http. + + if(LLPROXY_SOCKS == mProxyType) + { + sHTTPProxyEnabled = false; + } + + if (mProxyControlChannel) + { + tcp_close_channel(mProxyControlChannel); + } +} + +void LLProxy::setAuthNone() +{ + mAuthMethodSelected = METHOD_NOAUTH; +} + +void LLProxy::setAuthPassword(const std::string &username, const std::string &password) +{ + mAuthMethodSelected = METHOD_PASSWORD; + mSocksUsername = username; + mSocksPassword = password; +} + +void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) +{ + sHTTPProxyEnabled = true; + mHTTPProxy = httpHost; + mProxyType = type; +} + +static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) +{ + apr_socket_t* apr_socket = handle->getSocket(); + apr_status_t rv; + + apr_size_t expected_len = outlen; + + apr_socket_opt_set(apr_socket, APR_SO_NONBLOCK, -5); // Blocking connection, 5 second timeout + apr_socket_timeout_set(apr_socket, (APR_USEC_PER_SEC * 5)); + + rv = apr_socket_send(apr_socket, dataout, &outlen); + if (rv != APR_SUCCESS || expected_len != outlen) + { + llwarns << "Error sending data to proxy control channel" << llendl; + ll_apr_warn_status(rv); + return -1; + } + + expected_len = maxinlen; + do + { + rv = apr_socket_recv(apr_socket, datain, &maxinlen); + llinfos << "Receiving packets." << llendl; + llwarns << "Proxy control channel status: " << rv << llendl; + } while (APR_STATUS_IS_EAGAIN(rv)); + + if (rv != APR_SUCCESS) + { + llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; + llwarns << "Received " << maxinlen << " bytes." << llendl; + ll_apr_warn_status(rv); + return rv; + } + else if (expected_len != maxinlen) + { + llwarns << "Incorrect data received length in proxy control channel" << llendl; + return -1; + } + + return 0; +} + +static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host) +{ + LLSocket::ptr_t socket = LLSocket::create(gAPRPoolp, LLSocket::STREAM_TCP); + bool connected = socket->blockingConnect(host); + if (!connected) + { + tcp_close_channel(socket); + } + + return socket; +} + +static void tcp_close_channel(LLSocket::ptr_t handle) +{ + handle.reset(); +} diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h new file mode 100644 index 0000000000..979514a7e0 --- /dev/null +++ b/indra/llmessage/llproxy.h @@ -0,0 +1,244 @@ +/** + * @file llsocks5.h + * @brief Socks 5 implementation + * + * $LicenseInfo:firstyear=2011&license=viewerlgpl$ + * Second Life Viewer Source Code + * Copyright (C) 2011, Linden Research, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; + * version 2.1 of the License only. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + * Linden Research, Inc., 945 Battery Street, San Francisco, CA 94111 USA + * $/LicenseInfo$ + */ + +#ifndef LL_PROXY_H +#define LL_PROXY_H + +#include "llhost.h" +#include "lliosocket.h" +#include "llmemory.h" +#include "llsingleton.h" +#include + +// Error codes returned from the StartProxy method + +#define SOCKS_OK 0 +#define SOCKS_CONNECT_ERROR (-1) +#define SOCKS_NOT_PERMITTED (-2) +#define SOCKS_NOT_ACCEPTABLE (-3) +#define SOCKS_AUTH_FAIL (-4) +#define SOCKS_UDP_FWD_NOT_GRANTED (-5) +#define SOCKS_HOST_CONNECT_FAILED (-6) + +#ifndef MAXHOSTNAMELEN +#define MAXHOSTNAMELEN (255 + 1) /* socks5: 255, +1 for len. */ +#endif + +#define SOCKS_VERSION 0x05 // we are using SOCKS 5 + +// SOCKS 5 address/hostname types +#define ADDRESS_IPV4 0x01 +#define ADDRESS_HOSTNAME 0x03 +#define ADDRESS_IPV6 0x04 + +// Lets just use our own ipv4 struct rather than dragging in system +// specific headers +union ipv4_address_t { + U8 octets[4]; + U32 addr32; +}; + +// SOCKS 5 control channel commands +#define COMMAND_TCP_STREAM 0x01 +#define COMMAND_TCP_BIND 0x02 +#define COMMAND_UDP_ASSOCIATE 0x03 + +// SOCKS 5 command replies +#define REPLY_REQUEST_GRANTED 0x00 +#define REPLY_GENERAL_FAIL 0x01 +#define REPLY_RULESET_FAIL 0x02 +#define REPLY_NETWORK_UNREACHABLE 0x03 +#define REPLY_HOST_UNREACHABLE 0x04 +#define REPLY_CONNECTION_REFUSED 0x05 +#define REPLY_TTL_EXPIRED 0x06 +#define REPLY_PROTOCOL_ERROR 0x07 +#define REPLY_TYPE_NOT_SUPPORTED 0x08 + +#define FIELD_RESERVED 0x00 + +// The standard SOCKS 5 request packet +// Push current alignment to stack and set alignment to 1 byte boundary +// This enabled us to use structs directly to set up and receive network packets +// into the correct fields, without fear of boundary alignment causing issues +#pragma pack(push,1) + +// SOCKS 5 command packet +struct socks_command_request_t { + U8 version; + U8 command; + U8 reserved; + U8 atype; + U32 address; + U16 port; +}; + +// Standard SOCKS 5 reply packet +struct socks_command_response_t { + U8 version; + U8 reply; + U8 reserved; + U8 atype; + U8 add_bytes[4]; + U16 port; +}; + +#define AUTH_NOT_ACCEPTABLE 0xFF // reply if preferred methods are not available +#define AUTH_SUCCESS 0x00 // reply if authentication successful + +// SOCKS 5 authentication request, stating which methods the client supports +struct socks_auth_request_t { + U8 version; + U8 num_methods; + U8 methods; // We are only using a single method currently +}; + +// SOCKS 5 authentication response packet, stating server preferred method +struct socks_auth_response_t { + U8 version; + U8 method; +}; + +// SOCKS 5 password reply packet +struct authmethod_password_reply_t { + U8 version; + U8 status; +}; + +// SOCKS 5 UDP packet header +struct proxywrap_t { + U16 rsv; + U8 frag; + U8 atype; + U32 addr; + U16 port; +}; + +#pragma pack(pop) /* restore original alignment from stack */ + + +// Currently selected http proxy type +enum LLHttpProxyType +{ + LLPROXY_SOCKS = 0, + LLPROXY_HTTP = 1 +}; + +// Auth types +enum LLSocks5AuthType +{ + METHOD_NOAUTH = 0x00, // Client supports no auth + METHOD_GSSAPI = 0x01, // Client supports GSSAPI (Not currently supported) + METHOD_PASSWORD = 0x02 // Client supports username/password +}; + +class LLProxy: public LLSingleton +{ +public: + LLProxy(); + ~LLProxy(); + + // Start a connection to the SOCKS 5 proxy + int startProxy(std::string host, U32 port); + + // Disconnect and clean up any connection to the SOCKS 5 proxy + void stopProxy(); + + // Set up to use Password auth when connecting to the SOCKS proxy + void setAuthPassword(const std::string &username, const std::string &password); + + // Set up to use No Auth when connecting to the SOCKS proxy + void setAuthNone(); + + // get the currently selected auth method + LLSocks5AuthType getSelectedAuthMethod() const { return mAuthMethodSelected; } + + // static check for enabled status for UDP packets + static bool isEnabled() { return sUDPProxyEnabled; } + + // static check for enabled status for http packets + static bool isHTTPProxyEnabled() { return sHTTPProxyEnabled; } + + // Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy + // as specified in type + void enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); + + // Stop proxying HTTP packets + void disableHTTPProxy() { sHTTPProxyEnabled = false; }; + + // Get the UDP proxy address and port + LLHost getUDPProxy() const { return mUDPProxy; } + + // Get the SOCKS 5 TCP control channel address and port + LLHost getTCPProxy() const { return mTCPProxy; } + + // Get the HTTP proxy address and port + LLHost getHTTPProxy() const { return mHTTPProxy; } + + // Get the currently selected HTTP proxy type + LLHttpProxyType getHTTPProxyType() const { return mProxyType; } + + // Get the username password in a curl compatible format + std::string getProxyUserPwdCURL() const { return (mSocksUsername + ":" + mSocksPassword); } + + std::string getSocksPwd() const { return mSocksPassword; } + std::string getSocksUser() const { return mSocksUsername; } + +private: + + // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort + int proxyHandshake(LLHost proxy, U32 messagePort); + + // socket handle to proxy TCP control channel + LLSocket::ptr_t mProxyControlChannel; + + // is the UDP proxy enabled? + static bool sUDPProxyEnabled; + // is the http proxy enabled? + static bool sHTTPProxyEnabled; + + // currently selected http proxy type + LLHttpProxyType mProxyType; + + // UDP proxy address and port + LLHost mUDPProxy; + // TCP Proxy control channel address and port + LLHost mTCPProxy; + // HTTP proxy address and port + LLHost mHTTPProxy; + + // SOCKS 5 auth method selected + LLSocks5AuthType mAuthMethodSelected; + + // SOCKS 5 username + std::string mSocksUsername; + // SOCKS 5 password + std::string mSocksPassword; + + // APR pool for the socket + apr_pool_t* mPool; +}; + +#endif diff --git a/indra/llmessage/llsocks5.cpp b/indra/llmessage/llsocks5.cpp deleted file mode 100644 index 278350bf25..0000000000 --- a/indra/llmessage/llsocks5.cpp +++ /dev/null @@ -1,285 +0,0 @@ -/** - * @file llsocks5.cpp - * @brief SOCKS 5 implementation - * - * $LicenseInfo:firstyear=2011&license=viewerlgpl$ - * Second Life Viewer Source Code - * Copyright (C) 2011, Linden Research, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; - * version 2.1 of the License only. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - * Linden Research, Inc., 945 Battery Street, San Francisco, CA 94111 USA - * $/LicenseInfo$ - */ - -#include "linden_common.h" - -#include "llsocks5.h" - -#include - -#include "llapr.h" -#include "llhost.h" -#include "message.h" -#include "net.h" - -// Static class variable instances - -// We want this to be static to avoid excessive indirection on every -// incoming packet just to do a simple bool test. The getter for this -// member is also static -bool LLSocks::sUDPProxyEnabled; -bool LLSocks::sHTTPProxyEnabled; - -// Some helpful TCP functions -static LLSocket::ptr_t tcp_open_channel(LLHost host); // Open a TCP channel to a given host -static void tcp_close_channel(LLSocket::ptr_t handle); // Close an open TCP channel -static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake - - -LLSocks::LLSocks() -{ - sUDPProxyEnabled = false; - sHTTPProxyEnabled = false; - mProxyControlChannel.reset(); - mProxyType = LLPROXY_SOCKS; -} - -// Perform a SOCKS 5 authentication and UDP association to the proxy -// specified by proxy, and associate UDP port message_port -int LLSocks::proxyHandshake(LLHost proxy, U32 message_port) -{ - int result; - - /* SOCKS 5 Auth request */ - socks_auth_request_t socks_auth_request; - socks_auth_response_t socks_auth_response; - - socks_auth_request.version = SOCKS_VERSION; // SOCKS version 5 - socks_auth_request.num_methods = 1; // Sending 1 method. - socks_auth_request.methods = mAuthMethodSelected; // Send only the selected method. - - result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request_t), (char*)&socks_auth_response, sizeof(socks_auth_response_t)); - if (result != 0) - { - llwarns << "SOCKS authentication request failed, error on TCP control channel : " << result << llendl; - stopProxy(); - return SOCKS_CONNECT_ERROR; - } - - if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) - { - llwarns << "SOCKS 5 server refused all our authentication methods" << llendl; - stopProxy(); - return SOCKS_NOT_ACCEPTABLE; - } - - // SOCKS 5 USERNAME/PASSWORD authentication - if (socks_auth_response.method == METHOD_PASSWORD) - { - // The server has requested a username/password combination - U32 request_size = mSocksUsername.size() + mSocksPassword.size() + 3; - char * password_auth = new char[request_size]; - password_auth[0] = 0x01; - password_auth[1] = mSocksUsername.size(); - memcpy(&password_auth[2], mSocksUsername.c_str(), mSocksUsername.size()); - password_auth[mSocksUsername.size()+2] = mSocksPassword.size(); - memcpy(&password_auth[mSocksUsername.size()+3], mSocksPassword.c_str(), mSocksPassword.size()); - - authmethod_password_reply_t password_reply; - - result = tcp_handshake(mProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(authmethod_password_reply_t)); - delete[] password_auth; - - if (result != 0) - { - llwarns << "SOCKS authentication failed, error on TCP control channel : " << result << llendl; - stopProxy(); - return SOCKS_CONNECT_ERROR; - } - - if (password_reply.status != AUTH_SUCCESS) - { - llwarns << "SOCKS authentication failed" << llendl; - stopProxy(); - return SOCKS_AUTH_FAIL; - } - } - - /* SOCKS5 connect request */ - - socks_command_request_t connect_request; - socks_command_response_t connect_reply; - - connect_request.version = SOCKS_VERSION; // SOCKS V5 - connect_request.command = COMMAND_UDP_ASSOCIATE; // Associate UDP - connect_request.reserved = FIELD_RESERVED; - connect_request.atype = ADDRESS_IPV4; - connect_request.address = htonl(0); // 0.0.0.0 - connect_request.port = htons(0); // 0 - // "If the client is not in possesion of the information at the time of the UDP ASSOCIATE, - // the client MUST use a port number and address of all zeros. RFC 1928" - - result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); - if (result != 0) - { - llwarns << "SOCKS connect request failed, error on TCP control channel : " << result << llendl; - stopProxy(); - return SOCKS_CONNECT_ERROR; - } - - if (connect_reply.reply != REPLY_REQUEST_GRANTED) - { - //Something went wrong - llwarns << "Connection to SOCKS 5 server failed, UDP forward request not granted" << llendl; - stopProxy(); - return SOCKS_UDP_FWD_NOT_GRANTED; - } - - mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order - mUDPProxy.setAddress(proxy.getAddress()); - // All good now we have been given the UDP port to send requests that need forwarding. - llinfos << "SOCKS 5 UDP proxy connected on " << mUDPProxy << llendl; - return SOCKS_OK; -} - -int LLSocks::startProxy(LLHost proxy, U32 message_port) -{ - int status; - - mTCPProxy = proxy; - - if (mProxyControlChannel) - { - tcp_close_channel(mProxyControlChannel); - } - - mProxyControlChannel = tcp_open_channel(mTCPProxy); - if (!mProxyControlChannel) - { - return SOCKS_HOST_CONNECT_FAILED; - } - status = proxyHandshake(proxy, message_port); - if (status == SOCKS_OK) - { - sUDPProxyEnabled = true; - } - return status; -} - -int LLSocks::startProxy(std::string host, U32 port) -{ - mTCPProxy.setHostByName(host); - mTCPProxy.setPort(port); - return startProxy(mTCPProxy, (U32)gMessageSystem->mPort); -} - -void LLSocks::stopProxy() -{ - sUDPProxyEnabled = false; - - // If the SOCKS proxy is requested to stop and we are using that for http as well - // then we must shut down any http proxy operations. But it is allowable if web - // proxy is being used to continue proxying http. - - if(LLPROXY_SOCKS == mProxyType) - { - sHTTPProxyEnabled = false; - } - - if (mProxyControlChannel) - { - tcp_close_channel(mProxyControlChannel); - } -} - -void LLSocks::setAuthNone() -{ - mAuthMethodSelected = METHOD_NOAUTH; -} - -void LLSocks::setAuthPassword(std::string username, std::string password) -{ - mAuthMethodSelected = METHOD_PASSWORD; - mSocksUsername = username; - mSocksPassword = password; -} - -void LLSocks::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) -{ - sHTTPProxyEnabled = true; - mHTTPProxy = httpHost; - mProxyType = type; -} - -static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) -{ - apr_socket_t* apr_socket = handle->getSocket(); - apr_status_t rv; - - apr_size_t expected_len = outlen; - - apr_socket_opt_set(apr_socket, APR_SO_NONBLOCK, -5); // Blocking connection, 5 second timeout - apr_socket_timeout_set(apr_socket, (APR_USEC_PER_SEC * 5)); - - rv = apr_socket_send(apr_socket, dataout, &outlen); - if (rv != APR_SUCCESS || expected_len != outlen) - { - llwarns << "Error sending data to proxy control channel" << llendl; - ll_apr_warn_status(rv); - return -1; - } - - expected_len = maxinlen; - do - { - rv = apr_socket_recv(apr_socket, datain, &maxinlen); - llinfos << "Receiving packets." << llendl; - llwarns << "Proxy control channel status: " << rv << llendl; - } while (APR_STATUS_IS_EAGAIN(rv)); - - if (rv != APR_SUCCESS) - { - llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; - llwarns << "Received " << maxinlen << " bytes." << llendl; - ll_apr_warn_status(rv); - return rv; - } - else if (expected_len != maxinlen) - { - llwarns << "Incorrect data received length in proxy control channel" << llendl; - return -1; - } - - return 0; -} - -static LLSocket::ptr_t tcp_open_channel(LLHost host) -{ - LLSocket::ptr_t socket = LLSocket::create(gAPRPoolp, LLSocket::STREAM_TCP); - bool connected = socket->blockingConnect(host); - if (!connected) - { - tcp_close_channel(socket); - } - - return socket; -} - -static void tcp_close_channel(LLSocket::ptr_t handle) -{ - handle.reset(); -} - diff --git a/indra/llmessage/llsocks5.h b/indra/llmessage/llsocks5.h deleted file mode 100644 index 3c10f661de..0000000000 --- a/indra/llmessage/llsocks5.h +++ /dev/null @@ -1,241 +0,0 @@ -/** - * @file llsocks5.h - * @brief Socks 5 implementation - * - * $LicenseInfo:firstyear=2011&license=viewerlgpl$ - * Second Life Viewer Source Code - * Copyright (C) 2011, Linden Research, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; - * version 2.1 of the License only. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - * - * Linden Research, Inc., 945 Battery Street, San Francisco, CA 94111 USA - * $/LicenseInfo$ - */ - -#ifndef LL_SOCKS5_H -#define LL_SOCKS5_H - -#include "llhost.h" -#include "lliosocket.h" -#include "llmemory.h" -#include "llsingleton.h" -#include - -// Error codes returned from the StartProxy method - -#define SOCKS_OK 0 -#define SOCKS_CONNECT_ERROR (-1) -#define SOCKS_NOT_PERMITTED (-2) -#define SOCKS_NOT_ACCEPTABLE (-3) -#define SOCKS_AUTH_FAIL (-4) -#define SOCKS_UDP_FWD_NOT_GRANTED (-5) -#define SOCKS_HOST_CONNECT_FAILED (-6) - -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN (255 + 1) /* socks5: 255, +1 for len. */ -#endif - -#define SOCKS_VERSION 0x05 // we are using SOCKS 5 - -// SOCKS 5 address/hostname types -#define ADDRESS_IPV4 0x01 -#define ADDRESS_HOSTNAME 0x03 -#define ADDRESS_IPV6 0x04 - -// Lets just use our own ipv4 struct rather than dragging in system -// specific headers -union ipv4_address_t { - U8 octets[4]; - U32 addr32; -}; - -// SOCKS 5 control channel commands -#define COMMAND_TCP_STREAM 0x01 -#define COMMAND_TCP_BIND 0x02 -#define COMMAND_UDP_ASSOCIATE 0x03 - -// SOCKS 5 command replies -#define REPLY_REQUEST_GRANTED 0x00 -#define REPLY_GENERAL_FAIL 0x01 -#define REPLY_RULESET_FAIL 0x02 -#define REPLY_NETWORK_UNREACHABLE 0x03 -#define REPLY_HOST_UNREACHABLE 0x04 -#define REPLY_CONNECTION_REFUSED 0x05 -#define REPLY_TTL_EXPIRED 0x06 -#define REPLY_PROTOCOL_ERROR 0x07 -#define REPLY_TYPE_NOT_SUPPORTED 0x08 - -#define FIELD_RESERVED 0x00 - -// The standard SOCKS 5 request packet -// Push current alignment to stack and set alignment to 1 byte boundary -// This enabled us to use structs directly to set up and receive network packets -// into the correct fields, without fear of boundary alignment causing issues -#pragma pack(push,1) - -// SOCKS 5 command packet -struct socks_command_request_t { - U8 version; - U8 command; - U8 reserved; - U8 atype; - U32 address; - U16 port; -}; - -// Standard SOCKS 5 reply packet -struct socks_command_response_t { - U8 version; - U8 reply; - U8 reserved; - U8 atype; - U8 add_bytes[4]; - U16 port; -}; - -#define AUTH_NOT_ACCEPTABLE 0xFF // reply if preferred methods are not available -#define AUTH_SUCCESS 0x00 // reply if authentication successful - -// SOCKS 5 authentication request, stating which methods the client supports -struct socks_auth_request_t { - U8 version; - U8 num_methods; - U8 methods; // We are only using a single method currently -}; - -// SOCKS 5 authentication response packet, stating server preferred method -struct socks_auth_response_t { - U8 version; - U8 method; -}; - -// SOCKS 5 password reply packet -struct authmethod_password_reply_t { - U8 version; - U8 status; -}; - -// SOCKS 5 UDP packet header -struct proxywrap_t { - U16 rsv; - U8 frag; - U8 atype; - U32 addr; - U16 port; -}; - -#pragma pack(pop) /* restore original alignment from stack */ - - -// Currently selected http proxy type -enum LLHttpProxyType -{ - LLPROXY_SOCKS = 0, - LLPROXY_HTTP = 1 -}; - -// Auth types -enum LLSocks5AuthType -{ - METHOD_NOAUTH = 0x00, // Client supports no auth - METHOD_GSSAPI = 0x01, // Client supports GSSAPI (Not currently supported) - METHOD_PASSWORD = 0x02 // Client supports username/password -}; - -class LLSocks: public LLSingleton -{ -public: - LLSocks(); - - // Start a connection to the SOCKS 5 proxy - int startProxy(std::string host, U32 port); - int startProxy(LLHost proxy, U32 messagePort); - - // Disconnect and clean up any connection to the SOCKS 5 proxy - void stopProxy(); - - // Set up to use Password auth when connecting to the SOCKS proxy - void setAuthPassword(std::string username, std::string password); - - // Set up to use No Auth when connecting to the SOCKS proxy - void setAuthNone(); - - // get the currently selected auth method - LLSocks5AuthType getSelectedAuthMethod() const { return mAuthMethodSelected; } - - // static check for enabled status for UDP packets - static bool isEnabled() { return sUDPProxyEnabled; } - - // static check for enabled status for http packets - static bool isHTTPProxyEnabled() { return sHTTPProxyEnabled; } - - // Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy - // as specified in type - void enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); - - // Stop proxying HTTP packets - void disableHTTPProxy() { sHTTPProxyEnabled = false; }; - - // Get the UDP proxy address and port - LLHost getUDPProxy() const { return mUDPProxy; } - - // Get the SOCKS 5 TCP control channel address and port - LLHost getTCPProxy() const { return mTCPProxy; } - - // Get the HTTP proxy address and port - LLHost getHTTPProxy() const { return mHTTPProxy; } - - // Get the currently selected HTTP proxy type - LLHttpProxyType getHTTPProxyType() const { return mProxyType; } - - // Get the username password in a curl compatible format - std::string getProxyUserPwd() const { return (mSocksUsername + ":" + mSocksPassword); } - -private: - - // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort - int proxyHandshake(LLHost proxy, U32 messagePort); - - // socket handle to proxy TCP control channel - LLSocket::ptr_t mProxyControlChannel; - - // is the UDP proxy enabled? - static bool sUDPProxyEnabled; - // is the http proxy enabled? - static bool sHTTPProxyEnabled; - - // currently selected http proxy type - LLHttpProxyType mProxyType; - - // UDP proxy address and port - LLHost mUDPProxy; - // TCP Proxy control channel address and port - LLHost mTCPProxy; - // HTTP proxy address and port - LLHost mHTTPProxy; - - // SOCKS 5 auth method selected - LLSocks5AuthType mAuthMethodSelected; - - // SOCKS 5 username - std::string mSocksUsername; - // SOCKS 5 password - std::string mSocksPassword; - - // APR pool for the socket - apr_pool_t* mPool; -}; - -#endif diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index e2d185b959..f8ab55143c 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -50,7 +50,7 @@ #include "lltimer.h" #include "indra_constants.h" -#include "llsocks5.h" +#include "llproxy.h" // Globals #if LL_WINDOWS -- cgit v1.2.3 From 918238dd18f74ee2783d55dfb961e8f44b2f4b1b Mon Sep 17 00:00:00 2001 From: "simon@lindenlab.com" Date: Fri, 1 Jul 2011 14:06:08 -0700 Subject: ER-1016 - "Remove ability for anyone to edit terrain" and ER-910 "Parcel Privacy" changes. Many naming changes for the featureto be "See avatars" instead of "hidden avatars". Also removed the "anyone can edit terrain" checkbox and slammed the value to FALSE. --- indra/llmessage/message_prehash.cpp | 2 +- indra/llmessage/message_prehash.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/message_prehash.cpp b/indra/llmessage/message_prehash.cpp index e33da51aee..e71fb96540 100644 --- a/indra/llmessage/message_prehash.cpp +++ b/indra/llmessage/message_prehash.cpp @@ -1376,6 +1376,6 @@ char const* const _PREHASH_VCoord = LLMessageStringTable::getInstance()->getStri char const* const _PREHASH_FaceIndex = LLMessageStringTable::getInstance()->getString("FaceIndex"); char const* const _PREHASH_StatusData = LLMessageStringTable::getInstance()->getString("StatusData"); char const* const _PREHASH_ProductSKU = LLMessageStringTable::getInstance()->getString("ProductSKU"); -char const* const _PREHASH_HiddenAVs = LLMessageStringTable::getInstance()->getString("HiddenAVs"); +char const* const _PREHASH_SeeAVs = LLMessageStringTable::getInstance()->getString("SeeAVs"); char const* const _PREHASH_AnyAVSounds = LLMessageStringTable::getInstance()->getString("AnyAVSounds"); char const* const _PREHASH_GroupAVSounds = LLMessageStringTable::getInstance()->getString("GroupAVSounds"); diff --git a/indra/llmessage/message_prehash.h b/indra/llmessage/message_prehash.h index b706ef8866..dd2c2dbd64 100644 --- a/indra/llmessage/message_prehash.h +++ b/indra/llmessage/message_prehash.h @@ -1376,7 +1376,7 @@ extern char const* const _PREHASH_VCoord; extern char const* const _PREHASH_FaceIndex; extern char const* const _PREHASH_StatusData; extern char const* const _PREHASH_ProductSKU; -extern char const* const _PREHASH_HiddenAVs; +extern char const* const _PREHASH_SeeAVs; extern char const* const _PREHASH_AnyAVSounds; extern char const* const _PREHASH_GroupAVSounds; #endif -- cgit v1.2.3 From 975975029d7f248cdf917da670ffd6c6b98d40c1 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Tue, 5 Jul 2011 16:55:43 -0400 Subject: STORM-1112 Fixed crash on quit. Other minor fixes: * Reordered HTTP proxy choices in settings dialog * Now using setBlocking and setNonBlocking LLSocket methods during TCP handshakes. * Made those LLSocket methods available outside the class. --- indra/llmessage/lliosocket.cpp | 2 + indra/llmessage/lliosocket.h | 16 ++++---- indra/llmessage/llproxy.cpp | 93 +++++++++++++++++++++++------------------- indra/llmessage/llproxy.h | 7 +++- 4 files changed, 65 insertions(+), 53 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/lliosocket.cpp b/indra/llmessage/lliosocket.cpp index 8c752fbe30..a349849c30 100644 --- a/indra/llmessage/lliosocket.cpp +++ b/indra/llmessage/lliosocket.cpp @@ -251,10 +251,12 @@ LLSocket::~LLSocket() { ll_debug_socket("Destroying socket", mSocket); apr_socket_close(mSocket); + mSocket = NULL; } if(mPool) { apr_pool_destroy(mPool); + mPool = NULL; } } diff --git a/indra/llmessage/lliosocket.h b/indra/llmessage/lliosocket.h index 5a2eaf2d44..be0f7dfcc6 100644 --- a/indra/llmessage/lliosocket.h +++ b/indra/llmessage/lliosocket.h @@ -145,13 +145,6 @@ public: */ apr_socket_t* getSocket() const { return mSocket; } -protected: - /** - * @brief Protected constructor since should only make sockets - * with one of the two create() calls. - */ - LLSocket(apr_socket_t* socket, apr_pool_t* pool); - /** * @brief Set default socket options, with SO_NONBLOCK = 0 and a timeout in us. * @param timeout Number of microseconds to wait on this socket. Any @@ -164,9 +157,16 @@ protected: */ void setNonBlocking(); +protected: + /** + * @brief Protected constructor since should only make sockets + * with one of the two create() calls. + */ + LLSocket(apr_socket_t* socket, apr_pool_t* pool); + public: /** - * @brief Do not call this directly. Use LLSocket::ptr_t.reset() instead. + * @brief Do not call this directly. */ ~LLSocket(); diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index 6bc9e8b62b..6278751c31 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -45,9 +45,8 @@ bool LLProxy::sHTTPProxyEnabled = false; // Some helpful TCP functions static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host); // Open a TCP channel to a given host -static void tcp_close_channel(LLSocket::ptr_t handle); // Close an open TCP channel -static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake - +static void tcp_close_channel(LLSocket::ptr_t* handle_ptr); // Close an open TCP channel +static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake LLProxy::LLProxy(): mProxyType(LLPROXY_SOCKS), @@ -63,16 +62,16 @@ LLProxy::LLProxy(): LLProxy::~LLProxy() { - tcp_close_channel(mProxyControlChannel); + stopProxy(); sUDPProxyEnabled = false; sHTTPProxyEnabled = false; } // Perform a SOCKS 5 authentication and UDP association to the proxy // specified by proxy, and associate UDP port message_port -int LLProxy::proxyHandshake(LLHost proxy, U32 message_port) +S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) { - int result; + S32 result; /* SOCKS 5 Auth request */ socks_auth_request_t socks_auth_request; @@ -153,7 +152,6 @@ int LLProxy::proxyHandshake(LLHost proxy, U32 message_port) if (connect_reply.reply != REPLY_REQUEST_GRANTED) { - //Something went wrong llwarns << "Connection to SOCKS 5 server failed, UDP forward request not granted" << llendl; stopProxy(); return SOCKS_UDP_FWD_NOT_GRANTED; @@ -161,21 +159,21 @@ int LLProxy::proxyHandshake(LLHost proxy, U32 message_port) mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order mUDPProxy.setAddress(proxy.getAddress()); - // All good now we have been given the UDP port to send requests that need forwarding. + // The connection was successful. We now have the UDP port to send requests that need forwarding to. llinfos << "SOCKS 5 UDP proxy connected on " << mUDPProxy << llendl; return SOCKS_OK; } -int LLProxy::startProxy(std::string host, U32 port) +S32 LLProxy::startProxy(std::string host, U32 port) { mTCPProxy.setHostByName(host); mTCPProxy.setPort(port); - int status; + S32 status; if (mProxyControlChannel) { - tcp_close_channel(mProxyControlChannel); + tcp_close_channel(&mProxyControlChannel); } mProxyControlChannel = tcp_open_channel(mPool, mTCPProxy); @@ -200,9 +198,9 @@ void LLProxy::stopProxy() { sUDPProxyEnabled = false; - // If the SOCKS proxy is requested to stop and we are using that for http as well - // then we must shut down any http proxy operations. But it is allowable if web - // proxy is being used to continue proxying http. + // If the SOCKS proxy is requested to stop and we are using that for HTTP as well + // then we must shut down any HTTP proxy operations. But it is allowable if web + // proxy is being used to continue proxying HTTP. if(LLPROXY_SOCKS == mProxyType) { @@ -211,7 +209,7 @@ void LLProxy::stopProxy() if (mProxyControlChannel) { - tcp_close_channel(mProxyControlChannel); + tcp_close_channel(&mProxyControlChannel); } } @@ -234,46 +232,53 @@ void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) mProxyType = type; } -static int tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) +//static +void LLProxy::cleanupClass() { + LLProxy::getInstance()->stopProxy(); +} + +static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) +{ + apr_socket_t* apr_socket = handle->getSocket(); - apr_status_t rv; + apr_status_t rv = APR_SUCCESS; apr_size_t expected_len = outlen; - apr_socket_opt_set(apr_socket, APR_SO_NONBLOCK, -5); // Blocking connection, 5 second timeout - apr_socket_timeout_set(apr_socket, (APR_USEC_PER_SEC * 5)); + handle->setBlocking(1000); - rv = apr_socket_send(apr_socket, dataout, &outlen); - if (rv != APR_SUCCESS || expected_len != outlen) + rv = apr_socket_send(apr_socket, dataout, &outlen); + if (APR_SUCCESS != rv || expected_len != outlen) { llwarns << "Error sending data to proxy control channel" << llendl; ll_apr_warn_status(rv); - return -1; } - - expected_len = maxinlen; - do - { - rv = apr_socket_recv(apr_socket, datain, &maxinlen); - llinfos << "Receiving packets." << llendl; - llwarns << "Proxy control channel status: " << rv << llendl; - } while (APR_STATUS_IS_EAGAIN(rv)); - - if (rv != APR_SUCCESS) + else if (expected_len != outlen) { - llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; - llwarns << "Received " << maxinlen << " bytes." << llendl; - ll_apr_warn_status(rv); - return rv; + llwarns << "Error sending data to proxy control channel" << llendl; + rv = -1; } - else if (expected_len != maxinlen) + + if (APR_SUCCESS == rv) { - llwarns << "Incorrect data received length in proxy control channel" << llendl; - return -1; + expected_len = maxinlen; + rv = apr_socket_recv(apr_socket, datain, &maxinlen); + if (rv != APR_SUCCESS) + { + llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; + ll_apr_warn_status(rv); + } + else if (expected_len != maxinlen) + { + llwarns << "Received incorrect amount of data in proxy control channel" << llendl; + rv = -1; + } } - return 0; + handle->setNonBlocking(); + + return rv; } static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host) @@ -282,13 +287,15 @@ static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host) bool connected = socket->blockingConnect(host); if (!connected) { - tcp_close_channel(socket); + tcp_close_channel(&socket); } return socket; } -static void tcp_close_channel(LLSocket::ptr_t handle) +// Pass a pointer-to-pointer to avoid changing use_count(). +static void tcp_close_channel(LLSocket::ptr_t* handle_ptr) { - handle.reset(); + lldebugs << "Resetting proxy LLSocket handle, use_count == " << handle_ptr->use_count() << llendl; + handle_ptr->reset(); } diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index 979514a7e0..498ffce24e 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -161,11 +161,14 @@ public: ~LLProxy(); // Start a connection to the SOCKS 5 proxy - int startProxy(std::string host, U32 port); + S32 startProxy(std::string host, U32 port); // Disconnect and clean up any connection to the SOCKS 5 proxy void stopProxy(); + // Delete LLProxy singleton, destroying the APR pool used by the control channel. + static void cleanupClass(); + // Set up to use Password auth when connecting to the SOCKS proxy void setAuthPassword(const std::string &username, const std::string &password); @@ -209,7 +212,7 @@ public: private: // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort - int proxyHandshake(LLHost proxy, U32 messagePort); + S32 proxyHandshake(LLHost proxy, U32 messagePort); // socket handle to proxy TCP control channel LLSocket::ptr_t mProxyControlChannel; -- cgit v1.2.3 From f630f997c0d1ceb52872304474160850c0abde72 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Wed, 6 Jul 2011 18:49:22 -0400 Subject: Changed lllog messages in llproxy.cpp to new macros. --- indra/llmessage/llproxy.cpp | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index 6278751c31..0143803f2b 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -84,14 +84,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request), (char*)&socks_auth_response, sizeof(socks_auth_response)); if (result != 0) { - llwarns << "SOCKS authentication request failed, error on TCP control channel : " << result << llendl; + LL_WARNS("Proxy") << "SOCKS authentication request failed, error on TCP control channel : " << result << LL_ENDL; stopProxy(); return SOCKS_CONNECT_ERROR; } if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) { - llwarns << "SOCKS 5 server refused all our authentication methods" << llendl; + LL_WARNS("Proxy") << "SOCKS 5 server refused all our authentication methods" << LL_ENDL; stopProxy(); return SOCKS_NOT_ACCEPTABLE; } @@ -115,14 +115,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) if (result != 0) { - llwarns << "SOCKS authentication failed, error on TCP control channel : " << result << llendl; + LL_WARNS("Proxy") << "SOCKS authentication failed, error on TCP control channel : " << result << LL_ENDL; stopProxy(); return SOCKS_CONNECT_ERROR; } if (password_reply.status != AUTH_SUCCESS) { - llwarns << "SOCKS authentication failed" << llendl; + LL_WARNS("Proxy") << "SOCKS authentication failed" << LL_ENDL; stopProxy(); return SOCKS_AUTH_FAIL; } @@ -145,14 +145,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); if (result != 0) { - llwarns << "SOCKS connect request failed, error on TCP control channel : " << result << llendl; + LL_WARNS("Proxy") << "SOCKS connect request failed, error on TCP control channel : " << result << LL_ENDL; stopProxy(); return SOCKS_CONNECT_ERROR; } if (connect_reply.reply != REPLY_REQUEST_GRANTED) { - llwarns << "Connection to SOCKS 5 server failed, UDP forward request not granted" << llendl; + LL_WARNS("Proxy") << "Connection to SOCKS 5 server failed, UDP forward request not granted" << LL_ENDL; stopProxy(); return SOCKS_UDP_FWD_NOT_GRANTED; } @@ -160,7 +160,7 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) mUDPProxy.setPort(ntohs(connect_reply.port)); // reply port is in network byte order mUDPProxy.setAddress(proxy.getAddress()); // The connection was successful. We now have the UDP port to send requests that need forwarding to. - llinfos << "SOCKS 5 UDP proxy connected on " << mUDPProxy << llendl; + LL_INFOS("Proxy") << "SOCKS 5 UDP proxy connected on " << mUDPProxy << LL_ENDL; return SOCKS_OK; } @@ -251,12 +251,12 @@ static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outl rv = apr_socket_send(apr_socket, dataout, &outlen); if (APR_SUCCESS != rv || expected_len != outlen) { - llwarns << "Error sending data to proxy control channel" << llendl; + LL_WARNS("Proxy") << "Error sending data to proxy control channel" << LL_ENDL; ll_apr_warn_status(rv); } else if (expected_len != outlen) { - llwarns << "Error sending data to proxy control channel" << llendl; + LL_WARNS("Proxy") << "Error sending data to proxy control channel" << LL_ENDL; rv = -1; } @@ -266,12 +266,12 @@ static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outl rv = apr_socket_recv(apr_socket, datain, &maxinlen); if (rv != APR_SUCCESS) { - llwarns << "Error receiving data from proxy control channel, status: " << rv << llendl; + LL_WARNS("Proxy") << "Error receiving data from proxy control channel, status: " << rv << LL_ENDL; ll_apr_warn_status(rv); } else if (expected_len != maxinlen) { - llwarns << "Received incorrect amount of data in proxy control channel" << llendl; + LL_WARNS("Proxy") << "Received incorrect amount of data in proxy control channel" << LL_ENDL; rv = -1; } } @@ -296,6 +296,6 @@ static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host) // Pass a pointer-to-pointer to avoid changing use_count(). static void tcp_close_channel(LLSocket::ptr_t* handle_ptr) { - lldebugs << "Resetting proxy LLSocket handle, use_count == " << handle_ptr->use_count() << llendl; + LL_DEBUGS("Proxy") << "Resetting proxy LLSocket handle, use_count == " << handle_ptr->use_count() << LL_ENDL; handle_ptr->reset(); } -- cgit v1.2.3 From 43616131dc5e27bb49b849ed597a98772c5bbb95 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 7 Jul 2011 22:21:59 -0400 Subject: CHOP-661: Fix HTTPServer usage to turn off allow_reuse_address. Turns out that BaseHTTPServer.HTTPServer turns on that flag by default, which causes freeport() to fail (on Windows only?), happily instantiating multiple servers on the same port. Change known instances, fix freeport() docstring to highlight the issue. Add freeport() unit tests to verify expected behavior. --- indra/llmessage/tests/test_llsdmessage_peer.py | 9 ++- indra/llmessage/tests/testrunner.py | 100 ++++++++++++++++++++++++- 2 files changed, 105 insertions(+), 4 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/tests/test_llsdmessage_peer.py b/indra/llmessage/tests/test_llsdmessage_peer.py index 9886d49ccc..22edd9dad8 100644 --- a/indra/llmessage/tests/test_llsdmessage_peer.py +++ b/indra/llmessage/tests/test_llsdmessage_peer.py @@ -124,14 +124,19 @@ class TestHTTPRequestHandler(BaseHTTPRequestHandler): # Suppress error output as well pass +class Server(HTTPServer): + # This pernicious flag is on by default in HTTPServer. But proper + # operation of freeport() absolutely depends on it being off. + allow_reuse_address = False + if __name__ == "__main__": - # Instantiate an HTTPServer(TestHTTPRequestHandler) on the first free port + # Instantiate a Server(TestHTTPRequestHandler) on the first free port # in the specified port range. Doing this inline is better than in a # daemon thread: if it blows up here, we'll get a traceback. If it blew up # in some other thread, the traceback would get eaten and we'd run the # subject test program anyway. httpd, port = freeport(xrange(8000, 8020), - lambda port: HTTPServer(('127.0.0.1', port), TestHTTPRequestHandler)) + lambda port: Server(('127.0.0.1', port), TestHTTPRequestHandler)) # Pass the selected port number to the subject test program via the # environment. We don't want to impose requirements on the test program's # command-line parsing -- and anyway, for C++ integration tests, that's diff --git a/indra/llmessage/tests/testrunner.py b/indra/llmessage/tests/testrunner.py index f329ec2a0e..f2c841532a 100644 --- a/indra/llmessage/tests/testrunner.py +++ b/indra/llmessage/tests/testrunner.py @@ -27,6 +27,8 @@ Linden Research, Inc., 945 Battery Street, San Francisco, CA 94111 USA $/LicenseInfo$ """ +from __future__ import with_statement + import os import sys import re @@ -79,9 +81,14 @@ def freeport(portlist, expr): Example: + class Server(HTTPServer): + # If you use BaseHTTPServer.HTTPServer, turning off this flag is + # essential for proper operation of freeport()! + allow_reuse_address = False + # ... server, port = freeport(xrange(8000, 8010), - lambda port: HTTPServer(("localhost", port), - MyRequestHandler)) + lambda port: Server(("localhost", port), + MyRequestHandler)) # pass 'port' to client code # call server.serve_forever() """ @@ -164,3 +171,92 @@ def run(*args, **kwds): rc = os.spawnv(os.P_WAIT, args[0], args) debug("%s returned %s", args[0], rc) return rc + +# **************************************************************************** +# test code -- manual at this point, see SWAT-564 +# **************************************************************************** +def test_freeport(): + # ------------------------------- Helpers -------------------------------- + from contextlib import contextmanager + # helper Context Manager for expecting an exception + # with exc(SomeError): + # raise SomeError() + # raises AssertionError otherwise. + @contextmanager + def exc(exception_class, *args): + try: + yield + except exception_class, err: + for i, expected_arg in enumerate(args): + assert expected_arg == err.args[i], \ + "Raised %s, but args[%s] is %r instead of %r" % \ + (err.__class__.__name__, i, err.args[i], expected_arg) + print "Caught expected exception %s(%s)" % \ + (err.__class__.__name__, ', '.join(repr(arg) for arg in err.args)) + else: + assert False, "Failed to raise " + exception_class.__class__.__name__ + + # helper to raise specified exception + def raiser(exception): + raise exception + + # the usual + def assert_equals(a, b): + assert a == b, "%r != %r" % (a, b) + + # ------------------------ Sanity check the above ------------------------ + class SomeError(Exception): pass + # Without extra args, accept any err.args value + with exc(SomeError): + raiser(SomeError("abc")) + # With extra args, accept only the specified value + with exc(SomeError, "abc"): + raiser(SomeError("abc")) + with exc(AssertionError): + with exc(SomeError, "abc"): + raiser(SomeError("def")) + with exc(AssertionError): + with exc(socket.error, errno.EADDRINUSE): + raiser(socket.error(errno.ECONNREFUSED, 'Connection refused')) + + # ----------- freeport() without engaging socket functionality ----------- + # If portlist is empty, freeport() raises StopIteration. + with exc(StopIteration): + freeport([], None) + + assert_equals(freeport([17], str), ("17", 17)) + + # This is the magic exception that should prompt us to retry + inuse = socket.error(errno.EADDRINUSE, 'Address already in use') + # Get the iterator to our ports list so we can check later if we've used all + ports = iter(xrange(5)) + with exc(socket.error, errno.EADDRINUSE): + freeport(ports, lambda port: raiser(inuse)) + # did we entirely exhaust 'ports'? + with exc(StopIteration): + ports.next() + + ports = iter(xrange(2)) + # Any exception but EADDRINUSE should quit immediately + with exc(SomeError): + freeport(ports, lambda port: raiser(SomeError())) + assert_equals(ports.next(), 1) + + # ----------- freeport() with platform-dependent socket stuff ------------ + # This is what we should've had unit tests to begin with (see CHOP-661). + def newbind(port): + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sock.bind(('127.0.0.1', port)) + return sock + + bound0, port0 = freeport(xrange(7777, 7780), newbind) + assert_equals(port0, 7777) + bound1, port1 = freeport(xrange(7777, 7780), newbind) + assert_equals(port1, 7778) + bound2, port2 = freeport(xrange(7777, 7780), newbind) + assert_equals(port2, 7779) + with exc(socket.error, errno.EADDRINUSE): + bound3, port3 = freeport(xrange(7777, 7780), newbind) + +if __name__ == "__main__": + test_freeport() -- cgit v1.2.3 From cfce3686dea74dfa2a6c92dbd1e8e1ae8518f259 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Wed, 13 Jul 2011 11:40:50 -0400 Subject: STORM-1112 Fixed network buffers that need to have space for the SOCKS proxy header. --- indra/llmessage/llcurl.cpp | 4 ++-- indra/llmessage/llpacketring.cpp | 20 ++++++++++---------- indra/llmessage/llpacketring.h | 13 ++++++++----- indra/llmessage/llproxy.h | 4 +++- 4 files changed, 23 insertions(+), 18 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 0b368196d2..25249e9444 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -533,7 +533,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, if (post) setoptString(CURLOPT_ENCODING, ""); - //setopt(CURLOPT_VERBOSE, 1); // usefull for debugging + //setopt(CURLOPT_VERBOSE, 1); // useful for debugging setopt(CURLOPT_NOSIGNAL, 1); // Set the CURL options for either Socks or HTTP proxy @@ -546,7 +546,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) { setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if(LLProxy::getInstance()->getSelectedAuthMethod()==METHOD_PASSWORD) + if(LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) { setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); } diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index 91ab1df149..a86b7b4370 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -227,13 +227,13 @@ S32 LLPacketRing::receivePacket (S32 socket, char *datap) // no delay, pull straight from net if (LLProxy::isEnabled()) { - U8 buffer[NET_BUFFER_SIZE]; + U8 buffer[NET_BUFFER_SIZE + SOCKS_HEADER_SIZE]; packet_size = receive_packet(socket, reinterpret_cast(buffer)); - if (packet_size > 10) + if (packet_size > SOCKS_HEADER_SIZE) { // *FIX We are assuming ATYP is 0x01 (IPv4), not 0x03 (hostname) or 0x04 (IPv6) - memcpy(datap, buffer + 10, packet_size - 10); + memcpy(datap, buffer + SOCKS_HEADER_SIZE, packet_size - SOCKS_HEADER_SIZE); proxywrap_t * header = reinterpret_cast(buffer); mLastSender.setAddress(header->addr); mLastSender.setPort(ntohs(header->port)); @@ -274,7 +274,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL BOOL status = TRUE; if (!mUseOutThrottle) { - return doSendPacket(h_socket, send_buffer, buf_size, host ); + return sendPacketImpl(h_socket, send_buffer, buf_size, host ); } else { @@ -295,7 +295,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL mOutBufferLength -= packetp->getSize(); packet_size = packetp->getSize(); - status = doSendPacket(h_socket, packetp->getData(), packet_size, packetp->getHost()); + status = sendPacketImpl(h_socket, packetp->getData(), packet_size, packetp->getHost()); delete packetp; // Update the throttle @@ -304,7 +304,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL else { // If the queue's empty, we can just send this packet right away. - status = doSendPacket(h_socket, send_buffer, buf_size, host ); + status = sendPacketImpl(h_socket, send_buffer, buf_size, host ); packet_size = buf_size; // Update the throttle @@ -343,7 +343,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL return status; } -BOOL LLPacketRing::doSendPacket(int h_socket, const char * send_buffer, S32 buf_size, LLHost host) +BOOL LLPacketRing::sendPacketImpl(int h_socket, const char * send_buffer, S32 buf_size, LLHost host) { if (!LLProxy::isEnabled()) @@ -351,14 +351,14 @@ BOOL LLPacketRing::doSendPacket(int h_socket, const char * send_buffer, S32 buf_ return send_packet(h_socket, send_buffer, buf_size, host.getAddress(), host.getPort()); } - proxywrap_t *socks_header = (proxywrap_t *)&mProxyWrappedSendBuffer; + proxywrap_t *socks_header = reinterpret_cast(&mProxyWrappedSendBuffer); socks_header->rsv = 0; socks_header->addr = host.getAddress(); socks_header->port = htons(host.getPort()); socks_header->atype = ADDRESS_IPV4; socks_header->frag = 0; - memcpy(mProxyWrappedSendBuffer + 10, send_buffer, buf_size); + memcpy(mProxyWrappedSendBuffer + SOCKS_HEADER_SIZE, send_buffer, buf_size); - return send_packet(h_socket,(const char*) mProxyWrappedSendBuffer, buf_size + 10, LLProxy::getInstance()->getUDPProxy().getAddress(), LLProxy::getInstance()->getUDPProxy().getPort()); + return send_packet(h_socket, (const char*) mProxyWrappedSendBuffer, buf_size + 10, LLProxy::getInstance()->getUDPProxy().getAddress(), LLProxy::getInstance()->getUDPProxy().getPort()); } diff --git a/indra/llmessage/llpacketring.h b/indra/llmessage/llpacketring.h index 2fe2f8e1e9..7edcc834db 100644 --- a/indra/llmessage/llpacketring.h +++ b/indra/llmessage/llpacketring.h @@ -30,11 +30,11 @@ #include -#include "llpacketbuffer.h" #include "llhost.h" -#include "net.h" +#include "llpacketbuffer.h" +#include "llproxy.h" #include "llthrottle.h" - +#include "net.h" class LLPacketRing { @@ -83,8 +83,11 @@ protected: LLHost mLastSender; LLHost mLastReceivingIF; - BOOL doSendPacket(int h_socket, const char * send_buffer, S32 buf_size, LLHost host); - U8 mProxyWrappedSendBuffer[NET_BUFFER_SIZE]; + + U8 mProxyWrappedSendBuffer[NET_BUFFER_SIZE + SOCKS_HEADER_SIZE]; + +private: + BOOL sendPacketImpl(int h_socket, const char * send_buffer, S32 buf_size, LLHost host); }; diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index 498ffce24e..7893545b9d 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -49,6 +49,8 @@ #define SOCKS_VERSION 0x05 // we are using SOCKS 5 +#define SOCKS_HEADER_SIZE 10 + // SOCKS 5 address/hostname types #define ADDRESS_IPV4 0x01 #define ADDRESS_HOSTNAME 0x03 @@ -139,7 +141,7 @@ struct proxywrap_t { #pragma pack(pop) /* restore original alignment from stack */ -// Currently selected http proxy type +// Currently selected HTTP proxy type enum LLHttpProxyType { LLPROXY_SOCKS = 0, -- cgit v1.2.3 From cb24dff9e36a963af280be1aead9424be8a678b6 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Wed, 13 Jul 2011 16:46:36 -0400 Subject: Code cleanup for the SOCKS 5 proxy viewer. --- indra/llmessage/llcurl.cpp | 10 +++++----- indra/llmessage/llpacketring.cpp | 2 ++ indra/llmessage/llproxy.cpp | 6 +++--- indra/llmessage/llproxy.h | 2 +- indra/llmessage/net.cpp | 2 -- 5 files changed, 11 insertions(+), 11 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 25249e9444..a7ce4310c1 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -206,7 +206,7 @@ namespace boost void intrusive_ptr_release(LLCurl::Responder* p) { - if(p && 0 == --p->mReferenceCount) + if (p && 0 == --p->mReferenceCount) { delete p; } @@ -406,11 +406,11 @@ const char* LLCurl::Easy::getErrorBuffer() void LLCurl::Easy::setCA() { - if(!sCAPath.empty()) + if (!sCAPath.empty()) { setoptString(CURLOPT_CAPATH, sCAPath); } - if(!sCAFile.empty()) + if (!sCAFile.empty()) { setoptString(CURLOPT_CAINFO, sCAFile); } @@ -546,7 +546,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) { setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if(LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) + if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) { setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); } @@ -568,7 +568,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, setopt(CURLOPT_HEADERDATA, (void*)this); // Allow up to five redirects - if(responder && responder->followRedir()) + if (responder && responder->followRedir()) { setopt(CURLOPT_FOLLOWLOCATION, 1); setopt(CURLOPT_MAXREDIRS, MAX_REDIRECTS); diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index a86b7b4370..ba82957b47 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -237,6 +237,8 @@ S32 LLPacketRing::receivePacket (S32 socket, char *datap) proxywrap_t * header = reinterpret_cast(buffer); mLastSender.setAddress(header->addr); mLastSender.setPort(ntohs(header->port)); + + packet_size -= SOCKS_HEADER_SIZE; // The unwrapped packet size } else { diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index 0143803f2b..11a5c480f0 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -110,7 +110,7 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) authmethod_password_reply_t password_reply; - result = tcp_handshake(mProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(authmethod_password_reply_t)); + result = tcp_handshake(mProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(password_reply)); delete[] password_auth; if (result != 0) @@ -142,7 +142,7 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) // "If the client is not in possession of the information at the time of the UDP ASSOCIATE, // the client MUST use a port number and address of all zeros. RFC 1928" - result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(socks_command_request_t), (char*)&connect_reply, sizeof(socks_command_response_t)); + result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(connect_request), (char*)&connect_reply, sizeof(connect_reply)); if (result != 0) { LL_WARNS("Proxy") << "SOCKS connect request failed, error on TCP control channel : " << result << LL_ENDL; @@ -202,7 +202,7 @@ void LLProxy::stopProxy() // then we must shut down any HTTP proxy operations. But it is allowable if web // proxy is being used to continue proxying HTTP. - if(LLPROXY_SOCKS == mProxyType) + if (LLPROXY_SOCKS == mProxyType) { sHTTPProxyEnabled = false; } diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index 7893545b9d..cf2dfdc60e 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -191,7 +191,7 @@ public: void enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); // Stop proxying HTTP packets - void disableHTTPProxy() { sHTTPProxyEnabled = false; }; + void disableHTTPProxy() { sHTTPProxyEnabled = false; } // Get the UDP proxy address and port LLHost getUDPProxy() const { return mUDPProxy; } diff --git a/indra/llmessage/net.cpp b/indra/llmessage/net.cpp index f8ab55143c..85aef5da00 100644 --- a/indra/llmessage/net.cpp +++ b/indra/llmessage/net.cpp @@ -50,8 +50,6 @@ #include "lltimer.h" #include "indra_constants.h" -#include "llproxy.h" - // Globals #if LL_WINDOWS -- cgit v1.2.3 From 792667ff8ef13e16823d96b490ea9a4f498425ea Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Tue, 19 Jul 2011 14:20:21 -0400 Subject: STORM-1112 Added LLProxy::applyProxySettings() to apply proxy settings to curl handles. Added call to that function everywhere curl handles are created in the viewer. --- indra/llmessage/llcurl.cpp | 125 ++------------------------------- indra/llmessage/llcurl.h | 103 +++++++++++++++++++++++++++ indra/llmessage/llhttpassetstorage.cpp | 5 ++ indra/llmessage/llhttpclient.cpp | 5 +- indra/llmessage/llproxy.cpp | 88 +++++++++++++++++++++++ indra/llmessage/llproxy.h | 10 +++ indra/llmessage/llurlrequest.cpp | 2 + 7 files changed, 216 insertions(+), 122 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index a7ce4310c1..2b6d3e5dc4 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -46,8 +46,8 @@ #endif #include "llbufferstream.h" -#include "llsdserialize.h" #include "llproxy.h" +#include "llsdserialize.h" #include "llstl.h" #include "llthread.h" #include "lltimer.h" @@ -216,73 +216,6 @@ namespace boost ////////////////////////////////////////////////////////////////////////////// - -class LLCurl::Easy -{ - LOG_CLASS(Easy); - -private: - Easy(); - -public: - static Easy* getEasy(); - ~Easy(); - - CURL* getCurlHandle() const { return mCurlEasyHandle; } - - void setErrorBuffer(); - void setCA(); - - void setopt(CURLoption option, S32 value); - // These assume the setter does not free value! - void setopt(CURLoption option, void* value); - void setopt(CURLoption option, char* value); - // Copies the string so that it is gauranteed to stick around - void setoptString(CURLoption option, const std::string& value); - - void slist_append(const char* str); - void setHeaders(); - - U32 report(CURLcode); - void getTransferInfo(LLCurl::TransferInfo* info); - - void prepRequest(const std::string& url, const std::vector& headers, ResponderPtr, bool post = false); - - const char* getErrorBuffer(); - - std::stringstream& getInput() { return mInput; } - std::stringstream& getHeaderOutput() { return mHeaderOutput; } - LLIOPipe::buffer_ptr_t& getOutput() { return mOutput; } - const LLChannelDescriptors& getChannels() { return mChannels; } - - void resetState(); - - static CURL* allocEasyHandle(); - static void releaseEasyHandle(CURL* handle); - -private: - friend class LLCurl; - - CURL* mCurlEasyHandle; - struct curl_slist* mHeaders; - - std::stringstream mRequest; - LLChannelDescriptors mChannels; - LLIOPipe::buffer_ptr_t mOutput; - std::stringstream mInput; - std::stringstream mHeaderOutput; - char mErrorBuffer[CURL_ERROR_SIZE]; - - // Note: char*'s not strings since we pass pointers to curl - std::vector mStrings; - - ResponderPtr mResponder; - - static std::set sFreeHandles; - static std::set sActiveHandles; - static LLMutex* sHandleMutex; -}; - std::set LLCurl::Easy::sFreeHandles; std::set LLCurl::Easy::sActiveHandles; LLMutex* LLCurl::Easy::sHandleMutex = NULL; @@ -537,25 +470,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, setopt(CURLOPT_NOSIGNAL, 1); // Set the CURL options for either Socks or HTTP proxy - if (LLProxy::getInstance()->isHTTPProxyEnabled()) - { - std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); - setoptString(CURLOPT_PROXY, address.c_str()); - setopt(CURLOPT_PROXYPORT, port); - if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) - { - setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) - { - setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); - } - } - else - { - setopt(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); - } - } + LLProxy::getInstance()->applyProxySettings(this); mOutput.reset(new LLBufferArray); setopt(CURLOPT_WRITEFUNCTION, (void*)&curlWriteCallback); @@ -602,40 +517,6 @@ void LLCurl::Easy::prepRequest(const std::string& url, //////////////////////////////////////////////////////////////////////////// -class LLCurl::Multi -{ - LOG_CLASS(Multi); -public: - - Multi(); - ~Multi(); - - Easy* allocEasy(); - bool addEasy(Easy* easy); - - void removeEasy(Easy* easy); - - S32 process(); - S32 perform(); - - CURLMsg* info_read(S32* msgs_in_queue); - - S32 mQueued; - S32 mErrorCount; - -private: - void easyFree(Easy*); - - CURLM* mCurlMultiHandle; - - typedef std::set easy_active_list_t; - easy_active_list_t mEasyActiveList; - typedef std::map easy_active_map_t; - easy_active_map_t mEasyActiveMap; - typedef std::set easy_free_list_t; - easy_free_list_t mEasyFreeList; -}; - LLCurl::Multi::Multi() : mQueued(0), mErrorCount(0) @@ -981,6 +862,8 @@ LLCurlEasyRequest::LLCurlEasyRequest() { mEasy->setErrorBuffer(); mEasy->setCA(); + // Set proxy settings if configured to do so. + LLProxy::getInstance()->applyProxySettings(mEasy); } } diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index 4ce3fa1078..5dd894d9b8 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -184,6 +184,106 @@ private: static const unsigned int MAX_REDIRECTS; }; +class LLCurl::Easy +{ + LOG_CLASS(Easy); + +private: + Easy(); + +public: + static Easy* getEasy(); + ~Easy(); + + CURL* getCurlHandle() const { return mCurlEasyHandle; } + + void setErrorBuffer(); + void setCA(); + + void setopt(CURLoption option, S32 value); + // These assume the setter does not free value! + void setopt(CURLoption option, void* value); + void setopt(CURLoption option, char* value); + // Copies the string so that it is guaranteed to stick around + void setoptString(CURLoption option, const std::string& value); + + void slist_append(const char* str); + void setHeaders(); + + U32 report(CURLcode); + void getTransferInfo(LLCurl::TransferInfo* info); + + void prepRequest(const std::string& url, const std::vector& headers, ResponderPtr, bool post = false); + + const char* getErrorBuffer(); + + std::stringstream& getInput() { return mInput; } + std::stringstream& getHeaderOutput() { return mHeaderOutput; } + LLIOPipe::buffer_ptr_t& getOutput() { return mOutput; } + const LLChannelDescriptors& getChannels() { return mChannels; } + + void resetState(); + + static CURL* allocEasyHandle(); + static void releaseEasyHandle(CURL* handle); + +private: + friend class LLCurl; + + CURL* mCurlEasyHandle; + struct curl_slist* mHeaders; + + std::stringstream mRequest; + LLChannelDescriptors mChannels; + LLIOPipe::buffer_ptr_t mOutput; + std::stringstream mInput; + std::stringstream mHeaderOutput; + char mErrorBuffer[CURL_ERROR_SIZE]; + + // Note: char*'s not strings since we pass pointers to curl + std::vector mStrings; + + ResponderPtr mResponder; + + static std::set sFreeHandles; + static std::set sActiveHandles; + static LLMutex* sHandleMutex; +}; + +class LLCurl::Multi +{ + LOG_CLASS(Multi); +public: + + Multi(); + ~Multi(); + + Easy* allocEasy(); + bool addEasy(Easy* easy); + + void removeEasy(Easy* easy); + + S32 process(); + S32 perform(); + + CURLMsg* info_read(S32* msgs_in_queue); + + S32 mQueued; + S32 mErrorCount; + +private: + void easyFree(Easy*); + + CURLM* mCurlMultiHandle; + + typedef std::set easy_active_list_t; + easy_active_list_t mEasyActiveList; + typedef std::map easy_active_map_t; + easy_active_map_t mEasyActiveMap; + typedef std::set easy_free_list_t; + easy_free_list_t mEasyFreeList; +}; + namespace boost { void intrusive_ptr_add_ref(LLCurl::Responder* p); @@ -250,4 +350,7 @@ private: bool mResultReturned; }; +void check_curl_code(CURLcode code); +void check_curl_multi_code(CURLMcode code); + #endif // LL_LLCURL_H diff --git a/indra/llmessage/llhttpassetstorage.cpp b/indra/llmessage/llhttpassetstorage.cpp index 5a38b7fd9f..2bca517e97 100644 --- a/indra/llmessage/llhttpassetstorage.cpp +++ b/indra/llmessage/llhttpassetstorage.cpp @@ -33,6 +33,7 @@ #include "indra_constants.h" #include "message.h" +#include "llproxy.h" #include "llvfile.h" #include "llvfs.h" @@ -232,6 +233,10 @@ void LLHTTPAssetRequest::setupCurlHandle() { // *NOTE: Similar code exists in mapserver/llcurlutil.cpp JC mCurlHandle = curl_easy_init(); + + // Apply proxy settings if configured to do so + LLProxy::getInstance()->applyProxySettings(mCurlHandle); + curl_easy_setopt(mCurlHandle, CURLOPT_NOSIGNAL, 1); curl_easy_setopt(mCurlHandle, CURLOPT_NOPROGRESS, 1); curl_easy_setopt(mCurlHandle, CURLOPT_URL, mURLBuffer.c_str()); diff --git a/indra/llmessage/llhttpclient.cpp b/indra/llmessage/llhttpclient.cpp index 0e5206a520..dd4e3a6300 100644 --- a/indra/llmessage/llhttpclient.cpp +++ b/indra/llmessage/llhttpclient.cpp @@ -428,6 +428,9 @@ static LLSD blocking_request( std::string body_str; // other request method checks root cert first, we skip? + + // Apply configured proxy settings + LLProxy::getInstance()->applyProxySettings(curlp); // * Set curl handle options curl_easy_setopt(curlp, CURLOPT_NOSIGNAL, 1); // don't use SIGALRM for timeouts @@ -436,7 +439,7 @@ static LLSD blocking_request( curl_easy_setopt(curlp, CURLOPT_WRITEDATA, &http_buffer); curl_easy_setopt(curlp, CURLOPT_URL, url.c_str()); curl_easy_setopt(curlp, CURLOPT_ERRORBUFFER, curl_error_buffer); - + // * Setup headers (don't forget to free them after the call!) curl_slist* headers_list = NULL; if (headers.isMap()) diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index 11a5c480f0..6040472cba 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -28,9 +28,12 @@ #include "llproxy.h" +#include #include +#include #include "llapr.h" +#include "llcurl.h" #include "llhost.h" #include "message.h" #include "net.h" @@ -65,6 +68,10 @@ LLProxy::~LLProxy() stopProxy(); sUDPProxyEnabled = false; sHTTPProxyEnabled = false; + + // Delete c_str versions of the addresses and credentials. + for_each(mSOCKSAuthStrings.begin(), mSOCKSAuthStrings.end(), DeletePointerArray()); + for_each(mSOCKSAddrStrings.begin(), mSOCKSAddrStrings.end(), DeletePointerArray()); } // Perform a SOCKS 5 authentication and UDP association to the proxy @@ -223,6 +230,11 @@ void LLProxy::setAuthPassword(const std::string &username, const std::string &pa mAuthMethodSelected = METHOD_PASSWORD; mSocksUsername = username; mSocksPassword = password; + + U32 size = username.length() + password.length() + 2; + char* curl_auth_string = new char[size]; + snprintf(curl_auth_string, size, "%s:%s", username.c_str(), password.c_str()); + mSOCKSAuthStrings.push_back(curl_auth_string); } void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) @@ -230,6 +242,11 @@ void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) sHTTPProxyEnabled = true; mHTTPProxy = httpHost; mProxyType = type; + + U32 size = httpHost.getIPString().length() + 1; + char* socks_addr_string = new char[size]; + strncpy(socks_addr_string, httpHost.getIPString().c_str(), size); + mSOCKSAddrStrings.push_back(socks_addr_string); } //static @@ -238,6 +255,77 @@ void LLProxy::cleanupClass() LLProxy::getInstance()->stopProxy(); } +// Apply proxy settings to CuRL request if either type of HTTP proxy is enabled. +void LLProxy::applyProxySettings(LLCurl::Easy* handle) +{ + if (LLProxy::getInstance()->isHTTPProxyEnabled()) + { + std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); + U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); + handle->setoptString(CURLOPT_PROXY, address.c_str()); + handle->setopt(CURLOPT_PROXYPORT, port); + if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + { + handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); + if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) + { + handle->setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); + } + } + else + { + handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); + } + } +} + +void LLProxy::applyProxySettings(LLCurlEasyRequest* handle) +{ + if (LLProxy::getInstance()->isHTTPProxyEnabled()) + { + std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); + U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); + handle->setoptString(CURLOPT_PROXY, address.c_str()); + handle->setopt(CURLOPT_PROXYPORT, port); + if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + { + handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); + if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) + { + handle->setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); + } + } + else + { + handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); + } + } +} + +void LLProxy::applyProxySettings(CURL* handle) +{ + if (LLProxy::getInstance()->isHTTPProxyEnabled()) + { + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXY, mSOCKSAddrStrings.back())); + + U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYPORT, port)); + + if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + { + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5)); + if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) + { + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYUSERPWD, mSOCKSAuthStrings.back())); + } + } + else + { + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP)); + } + } +} + static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) { diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index cf2dfdc60e..7d1431a4b3 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -27,6 +27,7 @@ #ifndef LL_PROXY_H #define LL_PROXY_H +#include "llcurl.h" #include "llhost.h" #include "lliosocket.h" #include "llmemory.h" @@ -211,6 +212,11 @@ public: std::string getSocksPwd() const { return mSocksPassword; } std::string getSocksUser() const { return mSocksUsername; } + // Apply the current proxy settings to a curl request. Doesn't do anything if sHTTPProxyEnabled is false. + void applyProxySettings(CURL* handle); + void applyProxySettings(LLCurl::Easy* handle); + void applyProxySettings(LLCurlEasyRequest* handle); + private: // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort @@ -242,6 +248,10 @@ private: // SOCKS 5 password std::string mSocksPassword; + // Vectors to store valid pointers to string options that have been passed to CURL requests. + std::vector mSOCKSAuthStrings; + std::vector mSOCKSAddrStrings; + // APR pool for the socket apr_pool_t* mPool; }; diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index 28bd09fc4c..6fe9dce7d3 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -35,6 +35,7 @@ #include "llcurl.h" #include "llioutil.h" #include "llmemtype.h" +#include "llproxy.h" #include "llpumpio.h" #include "llsd.h" #include "llstring.h" @@ -415,6 +416,7 @@ void LLURLRequest::initialize() LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST); mState = STATE_INITIALIZED; mDetail = new LLURLRequestDetail; + LLProxy::getInstance()->applyProxySettings(mDetail->mCurlRequest); mDetail->mCurlRequest->setopt(CURLOPT_NOSIGNAL, 1); mDetail->mCurlRequest->setWriteCallback(&downCallback, (void*)this); mDetail->mCurlRequest->setReadCallback(&upCallback, (void*)this); -- cgit v1.2.3 From 859dc52c30a8c750047323399caa4fec18adfb2d Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Thu, 21 Jul 2011 15:16:54 -0400 Subject: STORM-1112 Protected LLProxy members during cross-thread calls to LLProxy::applyProxySettings() --- indra/llmessage/llproxy.cpp | 72 ++++++++++++++++++++++++++-------------- indra/llmessage/llproxy.h | 21 ++++++++---- indra/llmessage/llurlrequest.cpp | 3 +- 3 files changed, 62 insertions(+), 34 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index 6040472cba..d34ad1a811 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -59,7 +59,10 @@ LLProxy::LLProxy(): mAuthMethodSelected(METHOD_NOAUTH), mSocksUsername(), mSocksPassword(), - mPool(gAPRPoolp) + mPool(gAPRPoolp), + mSOCKSAuthStrings(), + mHTTPProxyAddrStrings(), + mProxyMutex(0) { } @@ -71,7 +74,7 @@ LLProxy::~LLProxy() // Delete c_str versions of the addresses and credentials. for_each(mSOCKSAuthStrings.begin(), mSOCKSAuthStrings.end(), DeletePointerArray()); - for_each(mSOCKSAddrStrings.begin(), mSOCKSAddrStrings.end(), DeletePointerArray()); + for_each(mHTTPProxyAddrStrings.begin(), mHTTPProxyAddrStrings.end(), DeletePointerArray()); } // Perform a SOCKS 5 authentication and UDP association to the proxy @@ -211,7 +214,7 @@ void LLProxy::stopProxy() if (LLPROXY_SOCKS == mProxyType) { - sHTTPProxyEnabled = false; + void disableHTTPProxy(); } if (mProxyControlChannel) @@ -234,42 +237,61 @@ void LLProxy::setAuthPassword(const std::string &username, const std::string &pa U32 size = username.length() + password.length() + 2; char* curl_auth_string = new char[size]; snprintf(curl_auth_string, size, "%s:%s", username.c_str(), password.c_str()); + + LLMutexLock lock(&mProxyMutex); mSOCKSAuthStrings.push_back(curl_auth_string); } void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) { + LLMutexLock lock(&mProxyMutex); + sHTTPProxyEnabled = true; mHTTPProxy = httpHost; mProxyType = type; U32 size = httpHost.getIPString().length() + 1; - char* socks_addr_string = new char[size]; - strncpy(socks_addr_string, httpHost.getIPString().c_str(), size); - mSOCKSAddrStrings.push_back(socks_addr_string); + char* http_addr_string = new char[size]; + strncpy(http_addr_string, httpHost.getIPString().c_str(), size); + mHTTPProxyAddrStrings.push_back(http_addr_string); +} + +void LLProxy::enableHTTPProxy() +{ + LLMutexLock lock(&mProxyMutex); + + sHTTPProxyEnabled = true; +} + +void LLProxy::disableHTTPProxy() +{ + LLMutexLock lock(&mProxyMutex); + + sHTTPProxyEnabled = false; } //static void LLProxy::cleanupClass() { - LLProxy::getInstance()->stopProxy(); + getInstance()->stopProxy(); + deleteSingleton(); } // Apply proxy settings to CuRL request if either type of HTTP proxy is enabled. void LLProxy::applyProxySettings(LLCurl::Easy* handle) { - if (LLProxy::getInstance()->isHTTPProxyEnabled()) + if (sHTTPProxyEnabled) { - std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); + std::string address = mHTTPProxy.getIPString(); + U16 port = mHTTPProxy.getPort(); handle->setoptString(CURLOPT_PROXY, address.c_str()); handle->setopt(CURLOPT_PROXYPORT, port); - if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + if (mProxyType == LLPROXY_SOCKS) { handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) + if (mAuthMethodSelected == METHOD_PASSWORD) { - handle->setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); + handle->setoptString(CURLOPT_PROXYUSERPWD, getProxyUserPwdCURL()); } } else @@ -281,18 +303,18 @@ void LLProxy::applyProxySettings(LLCurl::Easy* handle) void LLProxy::applyProxySettings(LLCurlEasyRequest* handle) { - if (LLProxy::getInstance()->isHTTPProxyEnabled()) + if (sHTTPProxyEnabled) { - std::string address = LLProxy::getInstance()->getHTTPProxy().getIPString(); - U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); + std::string address = mHTTPProxy.getIPString(); + U16 port = mHTTPProxy.getPort(); handle->setoptString(CURLOPT_PROXY, address.c_str()); handle->setopt(CURLOPT_PROXYPORT, port); - if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + if (mProxyType == LLPROXY_SOCKS) { handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) + if (mAuthMethodSelected == METHOD_PASSWORD) { - handle->setoptString(CURLOPT_PROXYUSERPWD, LLProxy::getInstance()->getProxyUserPwdCURL()); + handle->setoptString(CURLOPT_PROXYUSERPWD, getProxyUserPwdCURL()); } } else @@ -304,17 +326,17 @@ void LLProxy::applyProxySettings(LLCurlEasyRequest* handle) void LLProxy::applyProxySettings(CURL* handle) { - if (LLProxy::getInstance()->isHTTPProxyEnabled()) + LLMutexLock lock(&mProxyMutex); + if (sHTTPProxyEnabled) { - check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXY, mSOCKSAddrStrings.back())); - - U16 port = LLProxy::getInstance()->getHTTPProxy().getPort(); + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXY, mHTTPProxyAddrStrings.back())); + U16 port = mHTTPProxy.getPort(); check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYPORT, port)); - if (LLProxy::getInstance()->getHTTPProxyType() == LLPROXY_SOCKS) + if (mProxyType == LLPROXY_SOCKS) { check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5)); - if (LLProxy::getInstance()->getSelectedAuthMethod() == METHOD_PASSWORD) + if (mAuthMethodSelected == METHOD_PASSWORD) { check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYUSERPWD, mSOCKSAuthStrings.back())); } diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index 7d1431a4b3..df1ec9121e 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -32,6 +32,7 @@ #include "lliosocket.h" #include "llmemory.h" #include "llsingleton.h" +#include "llthread.h" #include // Error codes returned from the StartProxy method @@ -190,9 +191,10 @@ public: // Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy // as specified in type void enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); + void enableHTTPProxy(); // Stop proxying HTTP packets - void disableHTTPProxy() { sHTTPProxyEnabled = false; } + void disableHTTPProxy(); // Get the UDP proxy address and port LLHost getUDPProxy() const { return mUDPProxy; } @@ -218,16 +220,17 @@ public: void applyProxySettings(LLCurlEasyRequest* handle); private: - // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort S32 proxyHandshake(LLHost proxy, U32 messagePort); +private: // socket handle to proxy TCP control channel LLSocket::ptr_t mProxyControlChannel; - // is the UDP proxy enabled? + // Is the UDP proxy enabled? static bool sUDPProxyEnabled; - // is the http proxy enabled? + // Is the HTTP proxy enabled? + // Do not toggle directly, use enableHTTPProxy() and disableHTTPProxy() static bool sHTTPProxyEnabled; // currently selected http proxy type @@ -235,7 +238,7 @@ private: // UDP proxy address and port LLHost mUDPProxy; - // TCP Proxy control channel address and port + // TCP proxy control channel address and port LLHost mTCPProxy; // HTTP proxy address and port LLHost mHTTPProxy; @@ -248,9 +251,13 @@ private: // SOCKS 5 password std::string mSocksPassword; - // Vectors to store valid pointers to string options that have been passed to CURL requests. + // Vectors to store valid pointers to string options that might have been set on CURL requests. + // This results in a behavior similar to LLCurl::Easy::setoptstring() std::vector mSOCKSAuthStrings; - std::vector mSOCKSAddrStrings; + std::vector mHTTPProxyAddrStrings; + + // Mutex to protect members in cross-thread calls to applyProxySettings() + LLMutex mProxyMutex; // APR pool for the socket apr_pool_t* mPool; diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index 6fe9dce7d3..528830dc56 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -228,8 +228,7 @@ void LLURLRequest::useProxy(bool use_proxy) } } - - lldebugs << "use_proxy = " << (use_proxy?'Y':'N') << ", env_proxy = " << (env_proxy ? env_proxy : "(null)") << llendl; + LL_DEBUGS("Proxy") << "use_proxy = " << (use_proxy?'Y':'N') << ", env_proxy = " << (env_proxy ? env_proxy : "(null)") << LL_ENDL; if (env_proxy && use_proxy) { -- cgit v1.2.3 From 764a13a196fb66bf4b3fe4fcf98625a385e99e6e Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Thu, 21 Jul 2011 17:35:04 -0500 Subject: SH-2031 Don't do network I/O from the main thread in llcurl. Reviewed by Kelly --- indra/llmessage/llcurl.cpp | 65 +++++++++++++++++++++++++++++------ indra/llmessage/llcurl.h | 2 +- indra/llmessage/llfiltersd2xmlrpc.cpp | 12 +++++++ indra/llmessage/lliohttpserver.cpp | 9 +++++ indra/llmessage/lliosocket.cpp | 7 ++++ indra/llmessage/llioutil.cpp | 5 +++ indra/llmessage/llsdrpcclient.cpp | 6 ++++ indra/llmessage/llsdrpcserver.cpp | 3 ++ indra/llmessage/llurlrequest.cpp | 36 +++++++++++++++++-- 9 files changed, 131 insertions(+), 14 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 7c8b7e3584..453ffa9db9 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -579,11 +579,18 @@ void LLCurl::Easy::prepRequest(const std::string& url, //////////////////////////////////////////////////////////////////////////// -class LLCurl::Multi +class LLCurl::Multi : public LLThread { LOG_CLASS(Multi); public: - + + typedef enum + { + PERFORM_STATE_READY=0, + PERFORM_STATE_PERFORMING=1, + PERFORM_STATE_COMPLETED=2 + } ePerformState; + Multi(); ~Multi(); @@ -593,13 +600,17 @@ public: void removeEasy(Easy* easy); S32 process(); - S32 perform(); + void perform(); + virtual void run(); + CURLMsg* info_read(S32* msgs_in_queue); S32 mQueued; S32 mErrorCount; + S32 mPerformState; + private: void easyFree(Easy*); @@ -614,8 +625,10 @@ private: }; LLCurl::Multi::Multi() - : mQueued(0), - mErrorCount(0) + : LLThread("Curl Multi"), + mQueued(0), + mErrorCount(0), + mPerformState(PERFORM_STATE_READY) { mCurlMultiHandle = curl_multi_init(); if (!mCurlMultiHandle) @@ -630,6 +643,7 @@ LLCurl::Multi::Multi() LLCurl::Multi::~Multi() { + llassert(isStopped()); // Clean up active for(easy_active_list_t::iterator iter = mEasyActiveList.begin(); iter != mEasyActiveList.end(); ++iter) @@ -655,8 +669,16 @@ CURLMsg* LLCurl::Multi::info_read(S32* msgs_in_queue) return curlmsg; } +void LLCurl::Multi::perform() +{ + if (mPerformState == PERFORM_STATE_READY) + { + mPerformState = PERFORM_STATE_PERFORMING; + start(); + } +} -S32 LLCurl::Multi::perform() +void LLCurl::Multi::run() { S32 q = 0; for (S32 call_count = 0; @@ -672,13 +694,18 @@ S32 LLCurl::Multi::perform() } mQueued = q; - return q; + mPerformState = PERFORM_STATE_COMPLETED; } S32 LLCurl::Multi::process() { perform(); - + + if (mPerformState != PERFORM_STATE_COMPLETED) + { + return 0; + } + CURLMsg* msg; int msgs_in_queue; @@ -709,6 +736,8 @@ S32 LLCurl::Multi::process() } } } + + mPerformState = PERFORM_STATE_READY; return processed; } @@ -923,6 +952,12 @@ S32 LLCurlRequest::process() if (multi != mActiveMulti && tres == 0 && multi->mQueued == 0) { mMultiSet.erase(curiter); + + while (!multi->isStopped()) + { + apr_sleep(1000); + } + delete multi; } } @@ -963,6 +998,10 @@ LLCurlEasyRequest::LLCurlEasyRequest() LLCurlEasyRequest::~LLCurlEasyRequest() { + while (!mMulti->isStopped()) + { + apr_sleep(1000); + } delete mMulti; } @@ -1059,14 +1098,20 @@ void LLCurlEasyRequest::requestComplete() } } -S32 LLCurlEasyRequest::perform() +void LLCurlEasyRequest::perform() { - return mMulti->perform(); + mMulti->perform(); } // Usage: Call getRestult until it returns false (no more messages) bool LLCurlEasyRequest::getResult(CURLcode* result, LLCurl::TransferInfo* info) { + if (mMulti->mPerformState != LLCurl::Multi::PERFORM_STATE_COMPLETED) + { //we're busy, try again later + return false; + } + mMulti->mPerformState = LLCurl::Multi::PERFORM_STATE_READY; + if (!mEasy) { // Special case - we failed to initialize a curl_easy (can happen if too many open files) diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index 4ce3fa1078..2f951d6ab8 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -236,7 +236,7 @@ public: void slist_append(const char* str); void sendRequest(const std::string& url); void requestComplete(); - S32 perform(); + void perform(); bool getResult(CURLcode* result, LLCurl::TransferInfo* info = NULL); std::string getErrorString(); diff --git a/indra/llmessage/llfiltersd2xmlrpc.cpp b/indra/llmessage/llfiltersd2xmlrpc.cpp index 812ef7c151..e0ca056a5f 100644 --- a/indra/llmessage/llfiltersd2xmlrpc.cpp +++ b/indra/llmessage/llfiltersd2xmlrpc.cpp @@ -308,6 +308,7 @@ LLFilterSD2XMLRPCResponse::~LLFilterSD2XMLRPCResponse() } +static LLFastTimer::DeclareTimer FTM_PROCESS_SD2XMLRPC_RESPONSE("SD2XMLRPC Response"); // virtual LLIOPipe::EStatus LLFilterSD2XMLRPCResponse::process_impl( const LLChannelDescriptors& channels, @@ -316,6 +317,8 @@ LLIOPipe::EStatus LLFilterSD2XMLRPCResponse::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SD2XMLRPC_RESPONSE); + PUMP_DEBUG; // This pipe does not work if it does not have everyting. This // could be addressed by making a stream parser for llsd which @@ -382,6 +385,8 @@ LLFilterSD2XMLRPCRequest::~LLFilterSD2XMLRPCRequest() { } +static LLFastTimer::DeclareTimer FTM_PROCESS_SD2XMLRPC_REQUEST("S22XMLRPC Request"); + // virtual LLIOPipe::EStatus LLFilterSD2XMLRPCRequest::process_impl( const LLChannelDescriptors& channels, @@ -390,6 +395,7 @@ LLIOPipe::EStatus LLFilterSD2XMLRPCRequest::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SD2XMLRPC_REQUEST); // This pipe does not work if it does not have everyting. This // could be addressed by making a stream parser for llsd which // handled partial information. @@ -586,6 +592,8 @@ LLFilterXMLRPCResponse2LLSD::~LLFilterXMLRPCResponse2LLSD() { } +static LLFastTimer::DeclareTimer FTM_PROCESS_XMLRPC2LLSD_RESPONSE("XMLRPC2LLSD Response"); + LLIOPipe::EStatus LLFilterXMLRPCResponse2LLSD::process_impl( const LLChannelDescriptors& channels, buffer_ptr_t& buffer, @@ -593,6 +601,8 @@ LLIOPipe::EStatus LLFilterXMLRPCResponse2LLSD::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_XMLRPC2LLSD_RESPONSE); + PUMP_DEBUG; if(!eos) return STATUS_BREAK; if(!buffer) return STATUS_ERROR; @@ -668,6 +678,7 @@ LLFilterXMLRPCRequest2LLSD::~LLFilterXMLRPCRequest2LLSD() { } +static LLFastTimer::DeclareTimer FTM_PROCESS_XMLRPC2LLSD_REQUEST("XMLRPC2LLSD Request"); LLIOPipe::EStatus LLFilterXMLRPCRequest2LLSD::process_impl( const LLChannelDescriptors& channels, buffer_ptr_t& buffer, @@ -675,6 +686,7 @@ LLIOPipe::EStatus LLFilterXMLRPCRequest2LLSD::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_XMLRPC2LLSD_REQUEST); PUMP_DEBUG; if(!eos) return STATUS_BREAK; if(!buffer) return STATUS_ERROR; diff --git a/indra/llmessage/lliohttpserver.cpp b/indra/llmessage/lliohttpserver.cpp index 3b18a9177c..73e8a69085 100644 --- a/indra/llmessage/lliohttpserver.cpp +++ b/indra/llmessage/lliohttpserver.cpp @@ -140,6 +140,7 @@ private: LLSD mHeaders; }; +static LLFastTimer::DeclareTimer FTM_PROCESS_HTTP_PIPE("HTTP Pipe"); LLIOPipe::EStatus LLHTTPPipe::process_impl( const LLChannelDescriptors& channels, buffer_ptr_t& buffer, @@ -147,6 +148,7 @@ LLIOPipe::EStatus LLHTTPPipe::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_HTTP_PIPE); PUMP_DEBUG; lldebugs << "LLSDHTTPServer::process_impl" << llendl; @@ -428,6 +430,9 @@ protected: /** * LLHTTPResponseHeader */ + +static LLFastTimer::DeclareTimer FTM_PROCESS_HTTP_HEADER("HTTP Header"); + // virtual LLIOPipe::EStatus LLHTTPResponseHeader::process_impl( const LLChannelDescriptors& channels, @@ -436,6 +441,7 @@ LLIOPipe::EStatus LLHTTPResponseHeader::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_HTTP_HEADER); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_HTTP_SERVER); if(eos) @@ -630,6 +636,8 @@ void LLHTTPResponder::markBad( << "\n\n"; } +static LLFastTimer::DeclareTimer FTM_PROCESS_HTTP_RESPONDER("HTTP Responder"); + // virtual LLIOPipe::EStatus LLHTTPResponder::process_impl( const LLChannelDescriptors& channels, @@ -638,6 +646,7 @@ LLIOPipe::EStatus LLHTTPResponder::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_HTTP_RESPONDER); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_HTTP_SERVER); LLIOPipe::EStatus status = STATUS_OK; diff --git a/indra/llmessage/lliosocket.cpp b/indra/llmessage/lliosocket.cpp index 8c752fbe30..b717e321bf 100644 --- a/indra/llmessage/lliosocket.cpp +++ b/indra/llmessage/lliosocket.cpp @@ -301,6 +301,8 @@ LLIOSocketReader::~LLIOSocketReader() //lldebugs << "Destroying LLIOSocketReader" << llendl; } +static LLFastTimer::DeclareTimer FTM_PROCESS_SOCKET_READER("Socket Reader"); + // virtual LLIOPipe::EStatus LLIOSocketReader::process_impl( const LLChannelDescriptors& channels, @@ -309,6 +311,7 @@ LLIOPipe::EStatus LLIOSocketReader::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SOCKET_READER); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_TCP); if(!mSource) return STATUS_PRECONDITION_NOT_MET; @@ -401,6 +404,7 @@ LLIOSocketWriter::~LLIOSocketWriter() //lldebugs << "Destroying LLIOSocketWriter" << llendl; } +static LLFastTimer::DeclareTimer FTM_PROCESS_SOCKET_WRITER("Socket Writer"); // virtual LLIOPipe::EStatus LLIOSocketWriter::process_impl( const LLChannelDescriptors& channels, @@ -409,6 +413,7 @@ LLIOPipe::EStatus LLIOSocketWriter::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SOCKET_WRITER); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_TCP); if(!mDestination) return STATUS_PRECONDITION_NOT_MET; @@ -555,6 +560,7 @@ void LLIOServerSocket::setResponseTimeout(F32 timeout_secs) mResponseTimeout = timeout_secs; } +static LLFastTimer::DeclareTimer FTM_PROCESS_SERVER_SOCKET("Server Socket"); // virtual LLIOPipe::EStatus LLIOServerSocket::process_impl( const LLChannelDescriptors& channels, @@ -563,6 +569,7 @@ LLIOPipe::EStatus LLIOServerSocket::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SERVER_SOCKET); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_TCP); if(!pump) diff --git a/indra/llmessage/llioutil.cpp b/indra/llmessage/llioutil.cpp index 2e6ee59ff2..8c50fd5069 100644 --- a/indra/llmessage/llioutil.cpp +++ b/indra/llmessage/llioutil.cpp @@ -43,6 +43,8 @@ LLIOPipe::EStatus LLIOFlush::process_impl( return STATUS_OK; } + +static LLFastTimer::DeclareTimer FTM_PROCESS_SLEEP("IO Sleep"); /** * @class LLIOSleep */ @@ -53,6 +55,7 @@ LLIOPipe::EStatus LLIOSleep::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SLEEP); if(mSeconds > 0.0) { if(pump) pump->sleepChain(mSeconds); @@ -62,6 +65,7 @@ LLIOPipe::EStatus LLIOSleep::process_impl( return STATUS_DONE; } +static LLFastTimer::DeclareTimer FTM_PROCESS_ADD_CHAIN("Add Chain"); /** * @class LLIOAddChain */ @@ -72,6 +76,7 @@ LLIOPipe::EStatus LLIOAddChain::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_ADD_CHAIN); pump->addChain(mChain, mTimeout); return STATUS_DONE; } diff --git a/indra/llmessage/llsdrpcclient.cpp b/indra/llmessage/llsdrpcclient.cpp index 86fe5c7912..91fd070f07 100644 --- a/indra/llmessage/llsdrpcclient.cpp +++ b/indra/llmessage/llsdrpcclient.cpp @@ -82,6 +82,8 @@ bool LLSDRPCResponse::extractResponse(const LLSD& sd) return rv; } +static LLFastTimer::DeclareTimer FTM_SDRPC_RESPONSE("SDRPC Response"); + // virtual LLIOPipe::EStatus LLSDRPCResponse::process_impl( const LLChannelDescriptors& channels, @@ -90,6 +92,7 @@ LLIOPipe::EStatus LLSDRPCResponse::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_SDRPC_RESPONSE); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_SD_CLIENT); if(mIsError) @@ -178,6 +181,8 @@ bool LLSDRPCClient::call( return true; } +static LLFastTimer::DeclareTimer FTM_PROCESS_SDRPC_CLIENT("SDRPC Client"); + // virtual LLIOPipe::EStatus LLSDRPCClient::process_impl( const LLChannelDescriptors& channels, @@ -186,6 +191,7 @@ LLIOPipe::EStatus LLSDRPCClient::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SDRPC_CLIENT); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_SD_CLIENT); if((STATE_NONE == mState) || (!pump)) diff --git a/indra/llmessage/llsdrpcserver.cpp b/indra/llmessage/llsdrpcserver.cpp index f87c418fb1..9f776aca72 100644 --- a/indra/llmessage/llsdrpcserver.cpp +++ b/indra/llmessage/llsdrpcserver.cpp @@ -97,6 +97,8 @@ void LLSDRPCServer::clearLock() } } +static LLFastTimer::DeclareTimer FTM_PROCESS_SDRPC_SERVER("SDRPC Server"); + // virtual LLIOPipe::EStatus LLSDRPCServer::process_impl( const LLChannelDescriptors& channels, @@ -105,6 +107,7 @@ LLIOPipe::EStatus LLSDRPCServer::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_SDRPC_SERVER); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_SD_SERVER); // lldebugs << "LLSDRPCServer::process_impl" << llendl; diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index 28bd09fc4c..e8e35d00a2 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -270,6 +270,8 @@ LLIOPipe::EStatus LLURLRequest::handleError( return status; } +static LLFastTimer::DeclareTimer FTM_PROCESS_URL_REQUEST("URL Request"); + // virtual LLIOPipe::EStatus LLURLRequest::process_impl( const LLChannelDescriptors& channels, @@ -278,6 +280,7 @@ LLIOPipe::EStatus LLURLRequest::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_URL_REQUEST); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST); //llinfos << "LLURLRequest::process_impl()" << llendl; @@ -288,6 +291,8 @@ LLIOPipe::EStatus LLURLRequest::process_impl( const S32 MIN_ACCUMULATION = 100000; if(pump && (mDetail->mByteAccumulator > MIN_ACCUMULATION)) { + static LLFastTimer::DeclareTimer FTM_URL_ADJUST_TIMEOUT("Adjust Timeout"); + LLFastTimer t(FTM_URL_ADJUST_TIMEOUT); // This is a pretty sloppy calculation, but this // tries to make the gross assumption that if data // is coming in at 56kb/s, then this transfer will @@ -335,16 +340,30 @@ LLIOPipe::EStatus LLURLRequest::process_impl( { PUMP_DEBUG; LLIOPipe::EStatus status = STATUS_BREAK; - mDetail->mCurlRequest->perform(); + static LLFastTimer::DeclareTimer FTM_URL_PERFORM("Perform"); + { + LLFastTimer t(FTM_URL_PERFORM); + mDetail->mCurlRequest->perform(); + } + while(1) { CURLcode result; - bool newmsg = mDetail->mCurlRequest->getResult(&result); + + static LLFastTimer::DeclareTimer FTM_PROCESS_URL_REQUEST_GET_RESULT("Get Result"); + + bool newmsg = false; + { + LLFastTimer t(FTM_PROCESS_URL_REQUEST_GET_RESULT); + newmsg = mDetail->mCurlRequest->getResult(&result); + } + if(!newmsg) { // keep processing break; } + mState = STATE_HAVE_RESPONSE; context[CONTEXT_REQUEST][CONTEXT_TRANSFERED_BYTES] = mRequestTransferedBytes; @@ -370,7 +389,11 @@ LLIOPipe::EStatus LLURLRequest::process_impl( link.mChannels = LLBufferArray::makeChannelConsumer( channels); chain.push_back(link); - pump->respond(chain, buffer, context); + static LLFastTimer::DeclareTimer FTM_PROCESS_URL_PUMP_RESPOND("Pump Respond"); + { + LLFastTimer t(FTM_PROCESS_URL_PUMP_RESPOND); + pump->respond(chain, buffer, context); + } mCompletionCallback = NULL; } break; @@ -422,8 +445,11 @@ void LLURLRequest::initialize() mResponseTransferedBytes = 0; } +static LLFastTimer::DeclareTimer FTM_URL_REQUEST_CONFIGURE("URL Configure"); bool LLURLRequest::configure() { + LLFastTimer t(FTM_URL_REQUEST_CONFIGURE); + LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST); bool rv = false; S32 bytes = mDetail->mResponseBuffer->countAfter( @@ -624,6 +650,7 @@ static size_t headerCallback(void* data, size_t size, size_t nmemb, void* user) return header_len; } +static LLFastTimer::DeclareTimer FTM_PROCESS_URL_EXTRACTOR("URL Extractor"); /** * LLContextURLExtractor */ @@ -635,6 +662,7 @@ LLIOPipe::EStatus LLContextURLExtractor::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_URL_EXTRACTOR); PUMP_DEBUG; LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST); // The destination host is in the context. @@ -713,6 +741,7 @@ void LLURLRequestComplete::responseStatus(LLIOPipe::EStatus status) mRequestStatus = status; } +static LLFastTimer::DeclareTimer FTM_PROCESS_URL_COMPLETE("URL Complete"); // virtual LLIOPipe::EStatus LLURLRequestComplete::process_impl( const LLChannelDescriptors& channels, @@ -721,6 +750,7 @@ LLIOPipe::EStatus LLURLRequestComplete::process_impl( LLSD& context, LLPumpIO* pump) { + LLFastTimer t(FTM_PROCESS_URL_COMPLETE); PUMP_DEBUG; complete(channels, buffer); return STATUS_OK; -- cgit v1.2.3 From 7b6afd1eba69a61fae87e3f1e7b03d03ee4ea15e Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Thu, 21 Jul 2011 23:33:23 -0500 Subject: SH-2031 Followup to curl threading work -- don't start and stop the thread on every request, use a signal (cuts time spent in Pump IO down from 1-2 ms to 0.1ms) --- indra/llmessage/llcurl.cpp | 45 ++++++++++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 13 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 453ffa9db9..2bb36f494c 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -611,6 +611,9 @@ public: S32 mPerformState; + LLCondition* mSignal; + bool mQuitting; + private: void easyFree(Easy*); @@ -630,6 +633,9 @@ LLCurl::Multi::Multi() mErrorCount(0), mPerformState(PERFORM_STATE_READY) { + mQuitting = false; + mSignal = new LLCondition(NULL); + mCurlMultiHandle = curl_multi_init(); if (!mCurlMultiHandle) { @@ -644,6 +650,10 @@ LLCurl::Multi::Multi() LLCurl::Multi::~Multi() { llassert(isStopped()); + + delete mSignal; + mSignal = NULL; + // Clean up active for(easy_active_list_t::iterator iter = mEasyActiveList.begin(); iter != mEasyActiveList.end(); ++iter) @@ -674,27 +684,31 @@ void LLCurl::Multi::perform() if (mPerformState == PERFORM_STATE_READY) { mPerformState = PERFORM_STATE_PERFORMING; - start(); + mSignal->signal(); } } void LLCurl::Multi::run() { - S32 q = 0; - for (S32 call_count = 0; - call_count < MULTI_PERFORM_CALL_REPEAT; - call_count += 1) + while (!mQuitting) { - CURLMcode code = curl_multi_perform(mCurlMultiHandle, &q); - if (CURLM_CALL_MULTI_PERFORM != code || q == 0) + mSignal->wait(); + S32 q = 0; + for (S32 call_count = 0; + call_count < MULTI_PERFORM_CALL_REPEAT; + call_count += 1) { - check_curl_multi_code(code); - break; - } + CURLMcode code = curl_multi_perform(mCurlMultiHandle, &q); + if (CURLM_CALL_MULTI_PERFORM != code || q == 0) + { + check_curl_multi_code(code); + break; + } + } + mQueued = q; + mPerformState = PERFORM_STATE_COMPLETED; } - mQueued = q; - mPerformState = PERFORM_STATE_COMPLETED; } S32 LLCurl::Multi::process() @@ -823,6 +837,7 @@ void LLCurlRequest::addMulti() { llassert_always(mThreadID == LLThread::currentID()); LLCurl::Multi* multi = new LLCurl::Multi(); + multi->start(); mMultiSet.insert(multi); mActiveMulti = multi; mActiveRequestCount = 0; @@ -952,9 +967,10 @@ S32 LLCurlRequest::process() if (multi != mActiveMulti && tres == 0 && multi->mQueued == 0) { mMultiSet.erase(curiter); - + multi->mQuitting = true; while (!multi->isStopped()) { + multi->mSignal->signal(); apr_sleep(1000); } @@ -988,6 +1004,7 @@ LLCurlEasyRequest::LLCurlEasyRequest() mResultReturned(false) { mMulti = new LLCurl::Multi(); + mMulti->start(); mEasy = mMulti->allocEasy(); if (mEasy) { @@ -998,8 +1015,10 @@ LLCurlEasyRequest::LLCurlEasyRequest() LLCurlEasyRequest::~LLCurlEasyRequest() { + mMulti->mQuitting = true; while (!mMulti->isStopped()) { + mMulti->mSignal->signal(); apr_sleep(1000); } delete mMulti; -- cgit v1.2.3 From e4a8ef4ce2572db98d08233c58e23d3ec75f30d7 Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Fri, 22 Jul 2011 02:33:55 -0500 Subject: SH-2031 Cleanup from threaded curl implementation (remove errors/loops on shutdown). --- indra/llmessage/llcurl.cpp | 38 +++++++++++++++++++++++++++----------- 1 file changed, 27 insertions(+), 11 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 2bb36f494c..1e735c4bbd 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -693,21 +693,25 @@ void LLCurl::Multi::run() while (!mQuitting) { mSignal->wait(); - S32 q = 0; - for (S32 call_count = 0; - call_count < MULTI_PERFORM_CALL_REPEAT; - call_count += 1) + + if (!mQuitting) { - CURLMcode code = curl_multi_perform(mCurlMultiHandle, &q); - if (CURLM_CALL_MULTI_PERFORM != code || q == 0) + S32 q = 0; + for (S32 call_count = 0; + call_count < MULTI_PERFORM_CALL_REPEAT; + call_count += 1) { - check_curl_multi_code(code); - break; - } + CURLMcode code = curl_multi_perform(mCurlMultiHandle, &q); + if (CURLM_CALL_MULTI_PERFORM != code || q == 0) + { + check_curl_multi_code(code); + break; + } + } + mQueued = q; + mPerformState = PERFORM_STATE_COMPLETED; } - mQueued = q; - mPerformState = PERFORM_STATE_COMPLETED; } } @@ -830,6 +834,18 @@ LLCurlRequest::LLCurlRequest() : LLCurlRequest::~LLCurlRequest() { llassert_always(mThreadID == LLThread::currentID()); + + //stop all Multi handle background threads + for (curlmulti_set_t::iterator iter = mMultiSet.begin(); iter != mMultiSet.end(); ++iter) + { + LLCurl::Multi* multi = *iter; + multi->mQuitting = true; + while (!multi->isStopped()) + { + multi->mSignal->signal(); + apr_sleep(1000); + } + } for_each(mMultiSet.begin(), mMultiSet.end(), DeletePointer()); } -- cgit v1.2.3 From 26a9a6929c23eabfef0a53355a392fef0ad26b83 Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Fri, 22 Jul 2011 16:22:51 -0500 Subject: SH-2031 Fix for sometimes deadlocking a curl thread. --- indra/llmessage/llcurl.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 1e735c4bbd..0735842dcd 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -683,7 +683,6 @@ void LLCurl::Multi::perform() { if (mPerformState == PERFORM_STATE_READY) { - mPerformState = PERFORM_STATE_PERFORMING; mSignal->signal(); } } @@ -693,7 +692,7 @@ void LLCurl::Multi::run() while (!mQuitting) { mSignal->wait(); - + mPerformState = PERFORM_STATE_PERFORMING; if (!mQuitting) { S32 q = 0; -- cgit v1.2.3 From cd923af21f4fa6e251dea47ffb53ace934a382d1 Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Thu, 28 Jul 2011 00:26:30 -0500 Subject: SH-2183 Fix for multi-threaded curl not playing nice with mesh upload. --- indra/llmessage/llcurl.cpp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 9484f572f6..b7208f3e19 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -1006,6 +1006,10 @@ S32 LLCurlRequest::getQueued() curlmulti_set_t::iterator curiter = iter++; LLCurl::Multi* multi = *curiter; queued += multi->mQueued; + if (multi->mPerformState != LLCurl::Multi::PERFORM_STATE_READY) + { + ++queued; + } } return queued; } -- cgit v1.2.3 From f15d28a636da7b6d2784d9301e7a030b5bd38a8c Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Thu, 28 Jul 2011 13:47:20 -0400 Subject: Proxy cleanup in llstartup.cpp and llproxy.cpp. --- indra/llmessage/llcurl.h | 2 ++ indra/llmessage/llproxy.cpp | 45 +++++---------------------------------------- 2 files changed, 7 insertions(+), 40 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index 79f5eeb927..d60d3b6f40 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -355,6 +355,8 @@ public: bool getResult(CURLcode* result, LLCurl::TransferInfo* info = NULL); std::string getErrorString(); + LLCurl::Easy* getEasy() const { return mEasy; } + private: CURLMsg* info_read(S32* queue, LLCurl::TransferInfo* info); diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index d34ad1a811..e1970f1368 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -278,50 +278,15 @@ void LLProxy::cleanupClass() } // Apply proxy settings to CuRL request if either type of HTTP proxy is enabled. -void LLProxy::applyProxySettings(LLCurl::Easy* handle) +void LLProxy::applyProxySettings(LLCurlEasyRequest* handle) { - if (sHTTPProxyEnabled) - { - std::string address = mHTTPProxy.getIPString(); - U16 port = mHTTPProxy.getPort(); - handle->setoptString(CURLOPT_PROXY, address.c_str()); - handle->setopt(CURLOPT_PROXYPORT, port); - if (mProxyType == LLPROXY_SOCKS) - { - handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if (mAuthMethodSelected == METHOD_PASSWORD) - { - handle->setoptString(CURLOPT_PROXYUSERPWD, getProxyUserPwdCURL()); - } - } - else - { - handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); - } - } + applyProxySettings(handle->getEasy()); } -void LLProxy::applyProxySettings(LLCurlEasyRequest* handle) + +void LLProxy::applyProxySettings(LLCurl::Easy* handle) { - if (sHTTPProxyEnabled) - { - std::string address = mHTTPProxy.getIPString(); - U16 port = mHTTPProxy.getPort(); - handle->setoptString(CURLOPT_PROXY, address.c_str()); - handle->setopt(CURLOPT_PROXYPORT, port); - if (mProxyType == LLPROXY_SOCKS) - { - handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); - if (mAuthMethodSelected == METHOD_PASSWORD) - { - handle->setoptString(CURLOPT_PROXYUSERPWD, getProxyUserPwdCURL()); - } - } - else - { - handle->setopt(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); - } - } + applyProxySettings(handle->getCurlHandle()); } void LLProxy::applyProxySettings(CURL* handle) -- cgit v1.2.3 From d2c72cb7e92896cb414e357ef262d91b0498a6b7 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Fri, 29 Jul 2011 15:38:20 -0400 Subject: STORM-1112 Input sanitization of proxy options. --- indra/llmessage/llproxy.cpp | 79 +++++++++++++++++++++++++++++++-------------- indra/llmessage/llproxy.h | 18 ++++++++--- 2 files changed, 68 insertions(+), 29 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index e1970f1368..381308fb2a 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -68,7 +68,7 @@ LLProxy::LLProxy(): LLProxy::~LLProxy() { - stopProxy(); + stopSOCKSProxy(); sUDPProxyEnabled = false; sHTTPProxyEnabled = false; @@ -95,14 +95,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) if (result != 0) { LL_WARNS("Proxy") << "SOCKS authentication request failed, error on TCP control channel : " << result << LL_ENDL; - stopProxy(); + stopSOCKSProxy(); return SOCKS_CONNECT_ERROR; } if (socks_auth_response.method == AUTH_NOT_ACCEPTABLE) { LL_WARNS("Proxy") << "SOCKS 5 server refused all our authentication methods" << LL_ENDL; - stopProxy(); + stopSOCKSProxy(); return SOCKS_NOT_ACCEPTABLE; } @@ -126,14 +126,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) if (result != 0) { LL_WARNS("Proxy") << "SOCKS authentication failed, error on TCP control channel : " << result << LL_ENDL; - stopProxy(); + stopSOCKSProxy(); return SOCKS_CONNECT_ERROR; } if (password_reply.status != AUTH_SUCCESS) { LL_WARNS("Proxy") << "SOCKS authentication failed" << LL_ENDL; - stopProxy(); + stopSOCKSProxy(); return SOCKS_AUTH_FAIL; } } @@ -156,14 +156,14 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) if (result != 0) { LL_WARNS("Proxy") << "SOCKS connect request failed, error on TCP control channel : " << result << LL_ENDL; - stopProxy(); + stopSOCKSProxy(); return SOCKS_CONNECT_ERROR; } if (connect_reply.reply != REPLY_REQUEST_GRANTED) { LL_WARNS("Proxy") << "Connection to SOCKS 5 server failed, UDP forward request not granted" << LL_ENDL; - stopProxy(); + stopSOCKSProxy(); return SOCKS_UDP_FWD_NOT_GRANTED; } @@ -174,37 +174,49 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) return SOCKS_OK; } -S32 LLProxy::startProxy(std::string host, U32 port) +S32 LLProxy::startSOCKSProxy(LLHost host) { - mTCPProxy.setHostByName(host); - mTCPProxy.setPort(port); + S32 status = SOCKS_OK; - S32 status; + if (host.isOk()) + { + mTCPProxy = host; + } + else + { + status = SOCKS_INVALID_HOST; + } - if (mProxyControlChannel) + if (mProxyControlChannel && status == SOCKS_OK) { tcp_close_channel(&mProxyControlChannel); } - mProxyControlChannel = tcp_open_channel(mPool, mTCPProxy); - if (!mProxyControlChannel) + if (status == SOCKS_OK) + { + mProxyControlChannel = tcp_open_channel(mPool, mTCPProxy); + if (!mProxyControlChannel) + { + status = SOCKS_HOST_CONNECT_FAILED; + } + } + + if (status == SOCKS_OK) { - return SOCKS_HOST_CONNECT_FAILED; + status = proxyHandshake(mTCPProxy, (U32)gMessageSystem->mPort); } - status = proxyHandshake(mTCPProxy, (U32)gMessageSystem->mPort); if (status == SOCKS_OK) { sUDPProxyEnabled = true; } else { - stopProxy(); + stopSOCKSProxy(); } return status; - } -void LLProxy::stopProxy() +void LLProxy::stopSOCKSProxy() { sUDPProxyEnabled = false; @@ -228,8 +240,15 @@ void LLProxy::setAuthNone() mAuthMethodSelected = METHOD_NOAUTH; } -void LLProxy::setAuthPassword(const std::string &username, const std::string &password) +bool LLProxy::setAuthPassword(const std::string &username, const std::string &password) { + if (username.length() > SOCKSMAXUSERNAMELEN || password.length() > SOCKSMAXPASSWORDLEN || + username.length() < SOCKSMINUSERNAMELEN || password.length() < SOCKSMINPASSWORDLEN) + { + LL_WARNS("Proxy") << "Invalid SOCKS 5 password or username length." << LL_ENDL; + return false; + } + mAuthMethodSelected = METHOD_PASSWORD; mSocksUsername = username; mSocksPassword = password; @@ -240,10 +259,18 @@ void LLProxy::setAuthPassword(const std::string &username, const std::string &pa LLMutexLock lock(&mProxyMutex); mSOCKSAuthStrings.push_back(curl_auth_string); + + return true; } -void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) -{ +bool LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) +{ + if (httpHost.isOk()) + { + LL_WARNS("Proxy") << "Invalid SOCKS 5 Server" << LL_ENDL; + return false; + } + LLMutexLock lock(&mProxyMutex); sHTTPProxyEnabled = true; @@ -254,13 +281,17 @@ void LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) char* http_addr_string = new char[size]; strncpy(http_addr_string, httpHost.getIPString().c_str(), size); mHTTPProxyAddrStrings.push_back(http_addr_string); + + return true; } -void LLProxy::enableHTTPProxy() +bool LLProxy::enableHTTPProxy() { LLMutexLock lock(&mProxyMutex); sHTTPProxyEnabled = true; + + return true; } void LLProxy::disableHTTPProxy() @@ -273,7 +304,7 @@ void LLProxy::disableHTTPProxy() //static void LLProxy::cleanupClass() { - getInstance()->stopProxy(); + getInstance()->stopSOCKSProxy(); deleteSingleton(); } diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index df1ec9121e..ce5bdec5ad 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -44,11 +44,19 @@ #define SOCKS_AUTH_FAIL (-4) #define SOCKS_UDP_FWD_NOT_GRANTED (-5) #define SOCKS_HOST_CONNECT_FAILED (-6) +#define SOCKS_INVALID_HOST (-7) + #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN (255 + 1) /* socks5: 255, +1 for len. */ #endif +#define SOCKSMAXUSERNAMELEN 255 +#define SOCKSMAXPASSWORDLEN 255 + +#define SOCKSMINUSERNAMELEN 1 +#define SOCKSMINPASSWORDLEN 1 + #define SOCKS_VERSION 0x05 // we are using SOCKS 5 #define SOCKS_HEADER_SIZE 10 @@ -165,16 +173,16 @@ public: ~LLProxy(); // Start a connection to the SOCKS 5 proxy - S32 startProxy(std::string host, U32 port); + S32 startSOCKSProxy(LLHost host); // Disconnect and clean up any connection to the SOCKS 5 proxy - void stopProxy(); + void stopSOCKSProxy(); // Delete LLProxy singleton, destroying the APR pool used by the control channel. static void cleanupClass(); // Set up to use Password auth when connecting to the SOCKS proxy - void setAuthPassword(const std::string &username, const std::string &password); + bool setAuthPassword(const std::string &username, const std::string &password); // Set up to use No Auth when connecting to the SOCKS proxy void setAuthNone(); @@ -190,8 +198,8 @@ public: // Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy // as specified in type - void enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); - void enableHTTPProxy(); + bool enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); + bool enableHTTPProxy(); // Stop proxying HTTP packets void disableHTTPProxy(); -- cgit v1.2.3 From 3a82169e2e985f1275426eab73683d973dccca29 Mon Sep 17 00:00:00 2001 From: Vadim ProductEngine Date: Mon, 1 Aug 2011 21:33:11 +0300 Subject: STORM-1186 FIXED Removed the "no mCurrentRMessageTemplate" warning message. The mCurrentRMessageTemplate member seems to only be non-NULL for a short while after an incoming message was validated and parsed, thus there is no guarantee that we can obtain name of the last received message at any given time. So if we can't we'll simply return an empty string without spamming the log with warnings. --- indra/llmessage/lltemplatemessagereader.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/lltemplatemessagereader.cpp b/indra/llmessage/lltemplatemessagereader.cpp index f470e1b2a5..ab91f74abe 100644 --- a/indra/llmessage/lltemplatemessagereader.cpp +++ b/indra/llmessage/lltemplatemessagereader.cpp @@ -795,7 +795,7 @@ const char* LLTemplateMessageReader::getMessageName() const { if (!mCurrentRMessageTemplate) { - llwarns << "no mCurrentRMessageTemplate" << llendl; + // no message currently being read return ""; } return mCurrentRMessageTemplate->mName; -- cgit v1.2.3 From fbd5bd7adc205acecc49c7e9887efa3bca6552d0 Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Mon, 1 Aug 2011 17:50:43 -0500 Subject: SH-2183 Add a debug setting to control whether or not to use multiple threads in LLCurl --- indra/llmessage/llcurl.cpp | 101 +++++++++++++++++++++++++++++++-------------- indra/llmessage/llcurl.h | 4 +- 2 files changed, 74 insertions(+), 31 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index b7208f3e19..ece539bb48 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -26,6 +26,7 @@ * $/LicenseInfo$ */ + #if LL_WINDOWS #define SAFE_SSL 1 #elif LL_DARWIN @@ -84,6 +85,8 @@ S32 gCurlMultiCount = 0; std::vector LLCurl::sSSLMutex; std::string LLCurl::sCAPath; std::string LLCurl::sCAFile; +bool LLCurl::sMultiThreaded = false; + void check_curl_code(CURLcode code) { @@ -601,6 +604,7 @@ public: S32 process(); void perform(); + void doPerform(); virtual void run(); @@ -634,7 +638,14 @@ LLCurl::Multi::Multi() mPerformState(PERFORM_STATE_READY) { mQuitting = false; - mSignal = new LLCondition(NULL); + if (LLCurl::sMultiThreaded) + { + mSignal = new LLCondition(NULL); + } + else + { + mSignal = NULL; + } mCurlMultiHandle = curl_multi_init(); if (!mCurlMultiHandle) @@ -681,37 +692,51 @@ CURLMsg* LLCurl::Multi::info_read(S32* msgs_in_queue) void LLCurl::Multi::perform() { - if (mPerformState == PERFORM_STATE_READY) + if (LLCurl::sMultiThreaded) + { + if (mPerformState == PERFORM_STATE_READY) + { + mSignal->signal(); + } + } + else { - mSignal->signal(); + doPerform(); } } void LLCurl::Multi::run() { + llassert(LLCurl::sMultiThreaded); + while (!mQuitting) { mSignal->wait(); mPerformState = PERFORM_STATE_PERFORMING; if (!mQuitting) { - S32 q = 0; - for (S32 call_count = 0; - call_count < MULTI_PERFORM_CALL_REPEAT; - call_count += 1) - { - CURLMcode code = curl_multi_perform(mCurlMultiHandle, &q); - if (CURLM_CALL_MULTI_PERFORM != code || q == 0) - { - check_curl_multi_code(code); - break; - } - - } - mQueued = q; - mPerformState = PERFORM_STATE_COMPLETED; + doPerform(); + } + } +} + +void LLCurl::Multi::doPerform() +{ + S32 q = 0; + for (S32 call_count = 0; + call_count < MULTI_PERFORM_CALL_REPEAT; + call_count += 1) + { + CURLMcode code = curl_multi_perform(mCurlMultiHandle, &q); + if (CURLM_CALL_MULTI_PERFORM != code || q == 0) + { + check_curl_multi_code(code); + break; } + } + mQueued = q; + mPerformState = PERFORM_STATE_COMPLETED; } S32 LLCurl::Multi::process() @@ -839,10 +864,13 @@ LLCurlRequest::~LLCurlRequest() { LLCurl::Multi* multi = *iter; multi->mQuitting = true; - while (!multi->isStopped()) + if (LLCurl::sMultiThreaded) { - multi->mSignal->signal(); - apr_sleep(1000); + while (!multi->isStopped()) + { + multi->mSignal->signal(); + apr_sleep(1000); + } } } for_each(mMultiSet.begin(), mMultiSet.end(), DeletePointer()); @@ -852,7 +880,10 @@ void LLCurlRequest::addMulti() { llassert_always(mThreadID == LLThread::currentID()); LLCurl::Multi* multi = new LLCurl::Multi(); - multi->start(); + if (LLCurl::sMultiThreaded) + { + multi->start(); + } mMultiSet.insert(multi); mActiveMulti = multi; mActiveRequestCount = 0; @@ -983,10 +1014,13 @@ S32 LLCurlRequest::process() { mMultiSet.erase(curiter); multi->mQuitting = true; - while (!multi->isStopped()) + if (LLCurl::sMultiThreaded) { - multi->mSignal->signal(); - apr_sleep(1000); + while (!multi->isStopped()) + { + multi->mSignal->signal(); + apr_sleep(1000); + } } delete multi; @@ -1023,7 +1057,10 @@ LLCurlEasyRequest::LLCurlEasyRequest() mResultReturned(false) { mMulti = new LLCurl::Multi(); - mMulti->start(); + if (LLCurl::sMultiThreaded) + { + mMulti->start(); + } mEasy = mMulti->allocEasy(); if (mEasy) { @@ -1035,10 +1072,13 @@ LLCurlEasyRequest::LLCurlEasyRequest() LLCurlEasyRequest::~LLCurlEasyRequest() { mMulti->mQuitting = true; - while (!mMulti->isStopped()) + if (LLCurl::sMultiThreaded) { - mMulti->mSignal->signal(); - apr_sleep(1000); + while (!mMulti->isStopped()) + { + mMulti->mSignal->signal(); + apr_sleep(1000); + } } delete mMulti; } @@ -1234,8 +1274,9 @@ unsigned long LLCurl::ssl_thread_id(void) } #endif -void LLCurl::initClass() +void LLCurl::initClass(bool multi_threaded) { + sMultiThreaded = multi_threaded; // Do not change this "unless you are familiar with and mean to control // internal operations of libcurl" // - http://curl.haxx.se/libcurl/c/curl_global_init.html diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index 56d086c30a..b2c7b36a76 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -55,6 +55,8 @@ public: class Easy; class Multi; + static bool sMultiThreaded; + struct TransferInfo { TransferInfo() : mSizeDownload(0.0), mTotalTime(0.0), mSpeedDownload(0.0) {} @@ -159,7 +161,7 @@ public: /** * @ brief Initialize LLCurl class */ - static void initClass(); + static void initClass(bool multi_threaded = false); /** * @ brief Cleanup LLCurl class -- cgit v1.2.3 From 97bedac2a1274f26a6a346afccea7596f1d13923 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Tue, 2 Aug 2011 11:08:07 -0400 Subject: Proxy: Improved mutex usage in LLProxy. Introduced an LLAtomic member to track the status of the http proxy that can be checked without locking a mutex. --- indra/llmessage/llproxy.cpp | 129 ++++++++++++++++++++++++++------------------ indra/llmessage/llproxy.h | 72 ++++++++++++------------- 2 files changed, 114 insertions(+), 87 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index 381308fb2a..b224757673 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -1,6 +1,6 @@ /** - * @file llsocks5.cpp - * @brief SOCKS 5 implementation + * @file llproxy.cpp + * @brief UDP and HTTP proxy communications * * $LicenseInfo:firstyear=2011&license=viewerlgpl$ * Second Life Viewer Source Code @@ -28,7 +28,6 @@ #include "llproxy.h" -#include #include #include @@ -44,7 +43,6 @@ // incoming packet just to do a simple bool test. The getter for this // member is also static bool LLProxy::sUDPProxyEnabled = false; -bool LLProxy::sHTTPProxyEnabled = false; // Some helpful TCP functions static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host); // Open a TCP channel to a given host @@ -52,17 +50,16 @@ static void tcp_close_channel(LLSocket::ptr_t* handle_ptr); // Close an open TCP static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake LLProxy::LLProxy(): - mProxyType(LLPROXY_SOCKS), + mHTTPProxyEnabled(false), + mProxyMutex(0), mUDPProxy(), mTCPProxy(), + mPool(gAPRPoolp), mHTTPProxy(), + mProxyType(LLPROXY_SOCKS), mAuthMethodSelected(METHOD_NOAUTH), mSocksUsername(), - mSocksPassword(), - mPool(gAPRPoolp), - mSOCKSAuthStrings(), - mHTTPProxyAddrStrings(), - mProxyMutex(0) + mSocksPassword() { } @@ -70,11 +67,7 @@ LLProxy::~LLProxy() { stopSOCKSProxy(); sUDPProxyEnabled = false; - sHTTPProxyEnabled = false; - - // Delete c_str versions of the addresses and credentials. - for_each(mSOCKSAuthStrings.begin(), mSOCKSAuthStrings.end(), DeletePointerArray()); - for_each(mHTTPProxyAddrStrings.begin(), mHTTPProxyAddrStrings.end(), DeletePointerArray()); + mHTTPProxyEnabled = false; } // Perform a SOCKS 5 authentication and UDP association to the proxy @@ -89,7 +82,7 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) socks_auth_request.version = SOCKS_VERSION; // SOCKS version 5 socks_auth_request.num_methods = 1; // Sending 1 method. - socks_auth_request.methods = mAuthMethodSelected; // Send only the selected method. + socks_auth_request.methods = getSelectedAuthMethod(); // Send only the selected method. result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request), (char*)&socks_auth_response, sizeof(socks_auth_response)); if (result != 0) @@ -110,13 +103,15 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) if (socks_auth_response.method == METHOD_PASSWORD) { // The server has requested a username/password combination - U32 request_size = mSocksUsername.size() + mSocksPassword.size() + 3; + std::string socks_username(getSocksUser()); + std::string socks_password(getSocksPwd()); + U32 request_size = socks_username.size() + socks_password.size() + 3; char * password_auth = new char[request_size]; password_auth[0] = 0x01; - password_auth[1] = mSocksUsername.size(); - memcpy(&password_auth[2], mSocksUsername.c_str(), mSocksUsername.size()); - password_auth[mSocksUsername.size() + 2] = mSocksPassword.size(); - memcpy(&password_auth[mSocksUsername.size()+3], mSocksPassword.c_str(), mSocksPassword.size()); + password_auth[1] = socks_username.size(); + memcpy(&password_auth[2], socks_username.c_str(), socks_username.size()); + password_auth[socks_username.size() + 2] = socks_password.size(); + memcpy(&password_auth[socks_username.size()+3], socks_password.c_str(), socks_password.size()); authmethod_password_reply_t password_reply; @@ -224,7 +219,7 @@ void LLProxy::stopSOCKSProxy() // then we must shut down any HTTP proxy operations. But it is allowable if web // proxy is being used to continue proxying HTTP. - if (LLPROXY_SOCKS == mProxyType) + if (LLPROXY_SOCKS == getHTTPProxyType()) { void disableHTTPProxy(); } @@ -237,6 +232,8 @@ void LLProxy::stopSOCKSProxy() void LLProxy::setAuthNone() { + LLMutexLock lock(&mProxyMutex); + mAuthMethodSelected = METHOD_NOAUTH; } @@ -249,23 +246,18 @@ bool LLProxy::setAuthPassword(const std::string &username, const std::string &pa return false; } + LLMutexLock lock(&mProxyMutex); + mAuthMethodSelected = METHOD_PASSWORD; mSocksUsername = username; mSocksPassword = password; - U32 size = username.length() + password.length() + 2; - char* curl_auth_string = new char[size]; - snprintf(curl_auth_string, size, "%s:%s", username.c_str(), password.c_str()); - - LLMutexLock lock(&mProxyMutex); - mSOCKSAuthStrings.push_back(curl_auth_string); - return true; } bool LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) { - if (httpHost.isOk()) + if (!httpHost.isOk()) { LL_WARNS("Proxy") << "Invalid SOCKS 5 Server" << LL_ENDL; return false; @@ -273,14 +265,10 @@ bool LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) LLMutexLock lock(&mProxyMutex); - sHTTPProxyEnabled = true; mHTTPProxy = httpHost; mProxyType = type; - U32 size = httpHost.getIPString().length() + 1; - char* http_addr_string = new char[size]; - strncpy(http_addr_string, httpHost.getIPString().c_str(), size); - mHTTPProxyAddrStrings.push_back(http_addr_string); + mHTTPProxyEnabled = true; return true; } @@ -289,7 +277,7 @@ bool LLProxy::enableHTTPProxy() { LLMutexLock lock(&mProxyMutex); - sHTTPProxyEnabled = true; + mHTTPProxyEnabled = true; return true; } @@ -298,7 +286,40 @@ void LLProxy::disableHTTPProxy() { LLMutexLock lock(&mProxyMutex); - sHTTPProxyEnabled = false; + mHTTPProxyEnabled = false; +} + +// Get the HTTP proxy address and port +LLHost LLProxy::getHTTPProxy() const +{ + LLMutexLock lock(&mProxyMutex); + return mHTTPProxy; +} + +// Get the currently selected HTTP proxy type +LLHttpProxyType LLProxy::getHTTPProxyType() const +{ + LLMutexLock lock(&mProxyMutex); + return mProxyType; +} + +std::string LLProxy::getSocksPwd() const +{ + LLMutexLock lock(&mProxyMutex); + return mSocksPassword; +} + +std::string LLProxy::getSocksUser() const +{ + LLMutexLock lock(&mProxyMutex); + return mSocksUsername; +} + +// get the currently selected auth method +LLSocks5AuthType LLProxy::getSelectedAuthMethod() const +{ + LLMutexLock lock(&mProxyMutex); + return mAuthMethodSelected; } //static @@ -322,24 +343,30 @@ void LLProxy::applyProxySettings(LLCurl::Easy* handle) void LLProxy::applyProxySettings(CURL* handle) { - LLMutexLock lock(&mProxyMutex); - if (sHTTPProxyEnabled) + // Do a faster unlocked check to see if we are supposed to proxy. + if (mHTTPProxyEnabled) { - check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXY, mHTTPProxyAddrStrings.back())); - U16 port = mHTTPProxy.getPort(); - check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYPORT, port)); - - if (mProxyType == LLPROXY_SOCKS) + // We think we should proxy, lock the proxy mutex. + LLMutexLock lock(&mProxyMutex); + // Now test again to verify that the proxy wasn't disabled between the first check and the lock. + if (mHTTPProxyEnabled) { - check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5)); - if (mAuthMethodSelected == METHOD_PASSWORD) + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXY, mHTTPProxy.getIPString().c_str())); + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYPORT, mHTTPProxy.getPort())); + + if (mProxyType == LLPROXY_SOCKS) { - check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYUSERPWD, mSOCKSAuthStrings.back())); + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5)); + if (mAuthMethodSelected == METHOD_PASSWORD) + { + std::string auth_string = mSocksUsername + ":" + mSocksPassword; + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYUSERPWD, auth_string.c_str())); + } + } + else + { + check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP)); } - } - else - { - check_curl_code(curl_easy_setopt(handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP)); } } } diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index ce5bdec5ad..22954f2733 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -1,6 +1,6 @@ /** - * @file llsocks5.h - * @brief Socks 5 implementation + * @file llproxy.h + * @brief UDP and HTTP proxy communications * * $LicenseInfo:firstyear=2011&license=viewerlgpl$ * Second Life Viewer Source Code @@ -188,13 +188,14 @@ public: void setAuthNone(); // get the currently selected auth method - LLSocks5AuthType getSelectedAuthMethod() const { return mAuthMethodSelected; } + LLSocks5AuthType getSelectedAuthMethod() const; // static check for enabled status for UDP packets static bool isEnabled() { return sUDPProxyEnabled; } - // static check for enabled status for http packets - static bool isHTTPProxyEnabled() { return sHTTPProxyEnabled; } + // check for enabled status for HTTP packets + // mHTTPProxyEnabled is atomic, so no locking is required for thread safety. + bool isHTTPProxyEnabled() const { return mHTTPProxyEnabled; } // Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy // as specified in type @@ -204,6 +205,11 @@ public: // Stop proxying HTTP packets void disableHTTPProxy(); + // Apply the current proxy settings to a curl request. Doesn't do anything if mHTTPProxyEnabled is false. + void applyProxySettings(CURL* handle); + void applyProxySettings(LLCurl::Easy* handle); + void applyProxySettings(LLCurlEasyRequest* handle); + // Get the UDP proxy address and port LLHost getUDPProxy() const { return mUDPProxy; } @@ -211,46 +217,51 @@ public: LLHost getTCPProxy() const { return mTCPProxy; } // Get the HTTP proxy address and port - LLHost getHTTPProxy() const { return mHTTPProxy; } + LLHost getHTTPProxy() const; // Get the currently selected HTTP proxy type - LLHttpProxyType getHTTPProxyType() const { return mProxyType; } + LLHttpProxyType getHTTPProxyType() const; - // Get the username password in a curl compatible format - std::string getProxyUserPwdCURL() const { return (mSocksUsername + ":" + mSocksPassword); } - - std::string getSocksPwd() const { return mSocksPassword; } - std::string getSocksUser() const { return mSocksUsername; } - - // Apply the current proxy settings to a curl request. Doesn't do anything if sHTTPProxyEnabled is false. - void applyProxySettings(CURL* handle); - void applyProxySettings(LLCurl::Easy* handle); - void applyProxySettings(LLCurlEasyRequest* handle); + std::string getSocksPwd() const; + std::string getSocksUser() const; private: // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort S32 proxyHandshake(LLHost proxy, U32 messagePort); private: - // socket handle to proxy TCP control channel - LLSocket::ptr_t mProxyControlChannel; + // Is the HTTP proxy enabled? + // Safe to read in any thread, do not write directly, + // use enableHTTPProxy() and disableHTTPProxy() instead. + mutable LLAtomic32 mHTTPProxyEnabled; + + // Mutex to protect shared members in non-main thread calls to applyProxySettings() + mutable LLMutex mProxyMutex; + + // MEMBERS READ AND WRITTEN ONLY IN THE MAIN THREAD. DO NOT SHARE! // Is the UDP proxy enabled? static bool sUDPProxyEnabled; - // Is the HTTP proxy enabled? - // Do not toggle directly, use enableHTTPProxy() and disableHTTPProxy() - static bool sHTTPProxyEnabled; - - // currently selected http proxy type - LLHttpProxyType mProxyType; // UDP proxy address and port LLHost mUDPProxy; // TCP proxy control channel address and port LLHost mTCPProxy; + + // socket handle to proxy TCP control channel + LLSocket::ptr_t mProxyControlChannel; + + // APR pool for the socket + apr_pool_t* mPool; + + // MEMBERS WRITTEN IN MAIN THREAD AND READ IN ANY THREAD. ONLY READ OR WRITE AFTER LOCKING mProxyMutex! + // HTTP proxy address and port LLHost mHTTPProxy; + // Currently selected HTTP proxy type. Can be web or socks. + LLHttpProxyType mProxyType; + // SOCKS 5 auth method selected LLSocks5AuthType mAuthMethodSelected; @@ -258,17 +269,6 @@ private: std::string mSocksUsername; // SOCKS 5 password std::string mSocksPassword; - - // Vectors to store valid pointers to string options that might have been set on CURL requests. - // This results in a behavior similar to LLCurl::Easy::setoptstring() - std::vector mSOCKSAuthStrings; - std::vector mHTTPProxyAddrStrings; - - // Mutex to protect members in cross-thread calls to applyProxySettings() - LLMutex mProxyMutex; - - // APR pool for the socket - apr_pool_t* mPool; }; #endif -- cgit v1.2.3 From aa0e35142a35d293acc439e3194260bb4468e728 Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Tue, 2 Aug 2011 12:23:50 -0500 Subject: SH-2183 Only apply multi-threaded curl on the main thread. --- indra/llmessage/llcurl.cpp | 3 ++- indra/llmessage/llcurl.h | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index ece539bb48..d48991e5f7 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -85,7 +85,8 @@ S32 gCurlMultiCount = 0; std::vector LLCurl::sSSLMutex; std::string LLCurl::sCAPath; std::string LLCurl::sCAFile; -bool LLCurl::sMultiThreaded = false; + +bool ll_thread_local LLCurl::sMultiThreaded = false; void check_curl_code(CURLcode code) diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index b2c7b36a76..52810bac73 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -41,6 +41,7 @@ #include "llbuffer.h" #include "lliopipe.h" #include "llsd.h" +#include "llthread.h" class LLMutex; @@ -55,7 +56,7 @@ public: class Easy; class Multi; - static bool sMultiThreaded; + static bool ll_thread_local sMultiThreaded; struct TransferInfo { -- cgit v1.2.3 From 9883c33993f7a548c876b43494ffd5835473a211 Mon Sep 17 00:00:00 2001 From: Dave Parks Date: Tue, 2 Aug 2011 12:47:35 -0500 Subject: SH-2183 Thread local storage initialization is unreliable. --- indra/llmessage/llcurl.cpp | 25 +++++++++++++++---------- indra/llmessage/llcurl.h | 2 +- 2 files changed, 16 insertions(+), 11 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index d48991e5f7..1a86a69a04 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -75,6 +75,7 @@ static const S32 MULTI_PERFORM_CALL_REPEAT = 5; static const S32 CURL_REQUEST_TIMEOUT = 30; // seconds static const S32 MAX_ACTIVE_REQUEST_COUNT = 100; +static // DEBUG // S32 gCurlEasyCount = 0; S32 gCurlMultiCount = 0; @@ -86,8 +87,8 @@ std::vector LLCurl::sSSLMutex; std::string LLCurl::sCAPath; std::string LLCurl::sCAFile; -bool ll_thread_local LLCurl::sMultiThreaded = false; - +bool LLCurl::sMultiThreaded = false; +static U32 sMainThreadID = 0; void check_curl_code(CURLcode code) { @@ -618,6 +619,7 @@ public: LLCondition* mSignal; bool mQuitting; + bool mThreaded; private: void easyFree(Easy*); @@ -639,7 +641,9 @@ LLCurl::Multi::Multi() mPerformState(PERFORM_STATE_READY) { mQuitting = false; - if (LLCurl::sMultiThreaded) + + mThreaded = LLCurl::sMultiThreaded && LLThread::currentID() == sMainThreadID; + if (mThreaded) { mSignal = new LLCondition(NULL); } @@ -693,7 +697,7 @@ CURLMsg* LLCurl::Multi::info_read(S32* msgs_in_queue) void LLCurl::Multi::perform() { - if (LLCurl::sMultiThreaded) + if (mThreaded) { if (mPerformState == PERFORM_STATE_READY) { @@ -708,7 +712,7 @@ void LLCurl::Multi::perform() void LLCurl::Multi::run() { - llassert(LLCurl::sMultiThreaded); + llassert(mThreaded); while (!mQuitting) { @@ -865,7 +869,7 @@ LLCurlRequest::~LLCurlRequest() { LLCurl::Multi* multi = *iter; multi->mQuitting = true; - if (LLCurl::sMultiThreaded) + if (multi->mThreaded) { while (!multi->isStopped()) { @@ -881,7 +885,7 @@ void LLCurlRequest::addMulti() { llassert_always(mThreadID == LLThread::currentID()); LLCurl::Multi* multi = new LLCurl::Multi(); - if (LLCurl::sMultiThreaded) + if (multi->mThreaded) { multi->start(); } @@ -1015,7 +1019,7 @@ S32 LLCurlRequest::process() { mMultiSet.erase(curiter); multi->mQuitting = true; - if (LLCurl::sMultiThreaded) + if (multi->mThreaded) { while (!multi->isStopped()) { @@ -1058,7 +1062,7 @@ LLCurlEasyRequest::LLCurlEasyRequest() mResultReturned(false) { mMulti = new LLCurl::Multi(); - if (LLCurl::sMultiThreaded) + if (mMulti->mThreaded) { mMulti->start(); } @@ -1073,7 +1077,7 @@ LLCurlEasyRequest::LLCurlEasyRequest() LLCurlEasyRequest::~LLCurlEasyRequest() { mMulti->mQuitting = true; - if (LLCurl::sMultiThreaded) + if (mMulti->mThreaded) { while (!mMulti->isStopped()) { @@ -1277,6 +1281,7 @@ unsigned long LLCurl::ssl_thread_id(void) void LLCurl::initClass(bool multi_threaded) { + sMainThreadID = LLThread::currentID(); sMultiThreaded = multi_threaded; // Do not change this "unless you are familiar with and mean to control // internal operations of libcurl" diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index 52810bac73..f7518c8e5c 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -56,7 +56,7 @@ public: class Easy; class Multi; - static bool ll_thread_local sMultiThreaded; + static bool sMultiThreaded; struct TransferInfo { -- cgit v1.2.3 From d3b4cc34a8d388ab66ef2ca717ee0d814d87ff3d Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Tue, 2 Aug 2011 17:18:54 -0400 Subject: LLProxy cleanup. * Removed early returns in LLStartup::handleSocksProxy * Corrected some cases that would result in handleSocksProxy not being called again during login if settings changed * Allowed for short replies in tcp_handshake in LLProxy.cpp * Renamed LLProxy::isEnabled() to LLProxy::isSocksProxyEnabled() to clarify its use. --- indra/llmessage/llpacketring.cpp | 4 ++-- indra/llmessage/llproxy.cpp | 12 +++++++----- indra/llmessage/llproxy.h | 2 +- 3 files changed, 10 insertions(+), 8 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llpacketring.cpp b/indra/llmessage/llpacketring.cpp index ba82957b47..7628984de4 100644 --- a/indra/llmessage/llpacketring.cpp +++ b/indra/llmessage/llpacketring.cpp @@ -225,7 +225,7 @@ S32 LLPacketRing::receivePacket (S32 socket, char *datap) else { // no delay, pull straight from net - if (LLProxy::isEnabled()) + if (LLProxy::isSOCKSProxyEnabled()) { U8 buffer[NET_BUFFER_SIZE + SOCKS_HEADER_SIZE]; packet_size = receive_packet(socket, reinterpret_cast(buffer)); @@ -348,7 +348,7 @@ BOOL LLPacketRing::sendPacket(int h_socket, char * send_buffer, S32 buf_size, LL BOOL LLPacketRing::sendPacketImpl(int h_socket, const char * send_buffer, S32 buf_size, LLHost host) { - if (!LLProxy::isEnabled()) + if (!LLProxy::isSOCKSProxyEnabled()) { return send_packet(h_socket, send_buffer, buf_size, host.getAddress(), host.getPort()); } diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index b224757673..d2e64e60ac 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -382,14 +382,15 @@ static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outl handle->setBlocking(1000); rv = apr_socket_send(apr_socket, dataout, &outlen); - if (APR_SUCCESS != rv || expected_len != outlen) + if (APR_SUCCESS != rv) { - LL_WARNS("Proxy") << "Error sending data to proxy control channel" << LL_ENDL; + LL_WARNS("Proxy") << "Error sending data to proxy control channel, status: " << rv << LL_ENDL; ll_apr_warn_status(rv); } else if (expected_len != outlen) { - LL_WARNS("Proxy") << "Error sending data to proxy control channel" << LL_ENDL; + LL_WARNS("Proxy") << "Incorrect data length sent. Expected: " << expected_len << + " Sent: " << outlen << LL_ENDL; rv = -1; } @@ -402,9 +403,10 @@ static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outl LL_WARNS("Proxy") << "Error receiving data from proxy control channel, status: " << rv << LL_ENDL; ll_apr_warn_status(rv); } - else if (expected_len != maxinlen) + else if (expected_len < maxinlen) { - LL_WARNS("Proxy") << "Received incorrect amount of data in proxy control channel" << LL_ENDL; + LL_WARNS("Proxy") << "Incorrect data length received. Expected: " << expected_len << + " Received: " << maxinlen << LL_ENDL; rv = -1; } } diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index 22954f2733..68c40561c8 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -191,7 +191,7 @@ public: LLSocks5AuthType getSelectedAuthMethod() const; // static check for enabled status for UDP packets - static bool isEnabled() { return sUDPProxyEnabled; } + static bool isSOCKSProxyEnabled() { return sUDPProxyEnabled; } // check for enabled status for HTTP packets // mHTTPProxyEnabled is atomic, so no locking is required for thread safety. -- cgit v1.2.3 From 37f88470850cf572f30b0d1dae2f46a8e3b43977 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Thu, 4 Aug 2011 11:17:03 -0400 Subject: LLProxy: Added another attempt to download gpu and feature tables after successfully setting up a proxy. Other minor changes: Clarified why we are using SOCKS5 as the "grid" argument to store proxy credentials. Added class wide logging to the LLProxy class. --- indra/llmessage/llproxy.cpp | 8 +++----- indra/llmessage/llproxy.h | 1 + 2 files changed, 4 insertions(+), 5 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index d2e64e60ac..bdffa34fbc 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -85,7 +85,7 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) socks_auth_request.methods = getSelectedAuthMethod(); // Send only the selected method. result = tcp_handshake(mProxyControlChannel, (char*)&socks_auth_request, sizeof(socks_auth_request), (char*)&socks_auth_response, sizeof(socks_auth_response)); - if (result != 0) + if (result != APR_SUCCESS) { LL_WARNS("Proxy") << "SOCKS authentication request failed, error on TCP control channel : " << result << LL_ENDL; stopSOCKSProxy(); @@ -118,7 +118,7 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) result = tcp_handshake(mProxyControlChannel, password_auth, request_size, (char*)&password_reply, sizeof(password_reply)); delete[] password_auth; - if (result != 0) + if (result != APR_SUCCESS) { LL_WARNS("Proxy") << "SOCKS authentication failed, error on TCP control channel : " << result << LL_ENDL; stopSOCKSProxy(); @@ -148,7 +148,7 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) // the client MUST use a port number and address of all zeros. RFC 1928" result = tcp_handshake(mProxyControlChannel, (char*)&connect_request, sizeof(connect_request), (char*)&connect_reply, sizeof(connect_reply)); - if (result != 0) + if (result != APR_SUCCESS) { LL_WARNS("Proxy") << "SOCKS connect request failed, error on TCP control channel : " << result << LL_ENDL; stopSOCKSProxy(); @@ -335,7 +335,6 @@ void LLProxy::applyProxySettings(LLCurlEasyRequest* handle) applyProxySettings(handle->getEasy()); } - void LLProxy::applyProxySettings(LLCurl::Easy* handle) { applyProxySettings(handle->getCurlHandle()); @@ -373,7 +372,6 @@ void LLProxy::applyProxySettings(CURL* handle) static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) { - apr_socket_t* apr_socket = handle->getSocket(); apr_status_t rv = APR_SUCCESS; diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index 68c40561c8..534455a6dd 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -168,6 +168,7 @@ enum LLSocks5AuthType class LLProxy: public LLSingleton { + LOG_CLASS(LLProxy); public: LLProxy(); ~LLProxy(); -- cgit v1.2.3 From 5915da89f06106d0e811c6655144df93d35144f8 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Mon, 8 Aug 2011 15:53:06 -0400 Subject: LLProxy cleanup. Made the socks proxy start first in llstartup.cpp Moved initialization of the proxy to before the HTTP table fetch Added Doxygen comments to LLProxy methods. Removed call to applyProxySettings in llxmlrpctransaction.cpp since the ctor of LLCurlEasyRequest will apply the proxy settings. --- indra/llmessage/llproxy.cpp | 149 +++++++++++++++++++++++++++++++++++++++----- indra/llmessage/llproxy.h | 99 ++++++++++++++++++++++++----- 2 files changed, 216 insertions(+), 32 deletions(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llproxy.cpp b/indra/llmessage/llproxy.cpp index bdffa34fbc..3f4a6accbf 100644 --- a/indra/llmessage/llproxy.cpp +++ b/indra/llmessage/llproxy.cpp @@ -34,8 +34,6 @@ #include "llapr.h" #include "llcurl.h" #include "llhost.h" -#include "message.h" -#include "net.h" // Static class variable instances @@ -44,10 +42,10 @@ // member is also static bool LLProxy::sUDPProxyEnabled = false; -// Some helpful TCP functions +// Some helpful TCP static functions. +static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host); // Open a TCP channel to a given host static void tcp_close_channel(LLSocket::ptr_t* handle_ptr); // Close an open TCP channel -static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen); // Do a TCP data handshake LLProxy::LLProxy(): mHTTPProxyEnabled(false), @@ -70,9 +68,15 @@ LLProxy::~LLProxy() mHTTPProxyEnabled = false; } -// Perform a SOCKS 5 authentication and UDP association to the proxy -// specified by proxy, and associate UDP port message_port -S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) +/** + * @brief Open the SOCKS 5 TCP control channel. + * + * Perform a SOCKS 5 authentication and UDP association to the proxy server. + * + * @param proxy The SOCKS 5 server to connect to. + * @return SOCKS_OK if successful, otherwise a socks error code from llproxy.h. + */ +S32 LLProxy::proxyHandshake(LLHost proxy) { S32 result; @@ -169,6 +173,16 @@ S32 LLProxy::proxyHandshake(LLHost proxy, U32 message_port) return SOCKS_OK; } +/** + * @brief Initiates a SOCKS 5 proxy session. + * + * Performs basic checks on host to verify that it is a valid address. Opens the control channel + * and then negotiates the proxy connection with the server. + * + * + * @param host Socks server to connect to. + * @return SOCKS_OK if successful, otherwise a SOCKS error code defined in llproxy.h. + */ S32 LLProxy::startSOCKSProxy(LLHost host) { S32 status = SOCKS_OK; @@ -198,7 +212,7 @@ S32 LLProxy::startSOCKSProxy(LLHost host) if (status == SOCKS_OK) { - status = proxyHandshake(mTCPProxy, (U32)gMessageSystem->mPort); + status = proxyHandshake(mTCPProxy); } if (status == SOCKS_OK) { @@ -211,6 +225,13 @@ S32 LLProxy::startSOCKSProxy(LLHost host) return status; } +/** + * @brief Stop using the SOCKS 5 proxy. + * + * This will stop sending UDP packets through the SOCKS 5 proxy + * and will also stop the HTTP proxy if it is configured to use SOCKS. + * The proxy control channel will also be disconnected. + */ void LLProxy::stopSOCKSProxy() { sUDPProxyEnabled = false; @@ -230,6 +251,9 @@ void LLProxy::stopSOCKSProxy() } } +/** + * @brief Set the proxy's SOCKS authentication method to none. + */ void LLProxy::setAuthNone() { LLMutexLock lock(&mProxyMutex); @@ -237,6 +261,18 @@ void LLProxy::setAuthNone() mAuthMethodSelected = METHOD_NOAUTH; } +/** + * @brief Set the proxy's SOCKS authentication method to password. + * + * Check whether the lengths of the supplied username + * and password conform to the lengths allowed by the + * SOCKS protocol. + * + * @param username The SOCKS username to send. + * @param password The SOCKS password to send. + * @return Return true if applying the settings was successful. No changes are made if false. + * + */ bool LLProxy::setAuthPassword(const std::string &username, const std::string &password) { if (username.length() > SOCKSMAXUSERNAMELEN || password.length() > SOCKSMAXPASSWORDLEN || @@ -255,6 +291,15 @@ bool LLProxy::setAuthPassword(const std::string &username, const std::string &pa return true; } +/** + * @brief Enable the HTTP proxy for either SOCKS or HTTP. + * + * Check the supplied host to see if it is a valid IP and port. + * + * @param httpHost Proxy server to connect to. + * @param type Is the host a SOCKS or HTTP proxy. + * @return Return true if applying the setting was successful. No changes are made if false. + */ bool LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) { if (!httpHost.isOk()) @@ -273,15 +318,31 @@ bool LLProxy::enableHTTPProxy(LLHost httpHost, LLHttpProxyType type) return true; } +/** + * @brief Enable the HTTP proxy without changing the proxy settings. + * + * This should not be called unless the proxy has already been set up. + * + * @return Return true only if the current settings are valid and the proxy was enabled. + */ bool LLProxy::enableHTTPProxy() { + bool ok; + LLMutexLock lock(&mProxyMutex); - mHTTPProxyEnabled = true; + ok = (mHTTPProxy.isOk()); + if (ok) + { + mHTTPProxyEnabled = true; + } - return true; + return ok; } +/** + * @brief Disable the HTTP proxy. + */ void LLProxy::disableHTTPProxy() { LLMutexLock lock(&mProxyMutex); @@ -289,39 +350,59 @@ void LLProxy::disableHTTPProxy() mHTTPProxyEnabled = false; } -// Get the HTTP proxy address and port +/** + * @brief Get the HTTP proxy address and port + */ +// LLHost LLProxy::getHTTPProxy() const { LLMutexLock lock(&mProxyMutex); return mHTTPProxy; } -// Get the currently selected HTTP proxy type +/** + * @brief Get the currently selected HTTP proxy type + */ LLHttpProxyType LLProxy::getHTTPProxyType() const { LLMutexLock lock(&mProxyMutex); return mProxyType; } +/** + * @brief Get the SOCKS 5 password. + */ std::string LLProxy::getSocksPwd() const { LLMutexLock lock(&mProxyMutex); return mSocksPassword; } +/** + * @brief Get the SOCKS 5 username. + */ std::string LLProxy::getSocksUser() const { LLMutexLock lock(&mProxyMutex); return mSocksUsername; } -// get the currently selected auth method +/** + * @brief Get the currently selected SOCKS 5 authentication method. + * + * @return Returns either none or password. + */ LLSocks5AuthType LLProxy::getSelectedAuthMethod() const { LLMutexLock lock(&mProxyMutex); return mAuthMethodSelected; } +/** + * @brief Stop the LLProxy and make certain that any APR pools and classes are deleted before terminating APR. + * + * Deletes the LLProxy singleton, destroying the APR pool used by the control channel as well as . + */ //static void LLProxy::cleanupClass() { @@ -329,7 +410,6 @@ void LLProxy::cleanupClass() deleteSingleton(); } -// Apply proxy settings to CuRL request if either type of HTTP proxy is enabled. void LLProxy::applyProxySettings(LLCurlEasyRequest* handle) { applyProxySettings(handle->getEasy()); @@ -340,6 +420,17 @@ void LLProxy::applyProxySettings(LLCurl::Easy* handle) applyProxySettings(handle->getCurlHandle()); } +/** + * @brief Apply proxy settings to a CuRL request if an HTTP proxy is enabled. + * + * This method has been designed to be safe to call from + * any thread in the viewer. This allows requests in the + * texture fetch thread to be aware of the proxy settings. + * When the HTTP proxy is enabled, the proxy mutex will + * be locked every time this method is called. + * + * @param handle A pointer to a valid CURL request, before it has been performed. + */ void LLProxy::applyProxySettings(CURL* handle) { // Do a faster unlocked check to see if we are supposed to proxy. @@ -370,6 +461,19 @@ void LLProxy::applyProxySettings(CURL* handle) } } +/** + * @brief Send one TCP packet and receive one in return. + * + * This operation is done synchronously with a 1000ms timeout. Therefore, it should not be used when a blocking + * operation would impact the operation of the viewer. + * + * @param handle_ptr Pointer to a connected LLSocket of type STREAM_TCP. + * @param dataout Data to send. + * @param outlen Length of dataout. + * @param datain Buffer for received data. Undefined if return value is not APR_SUCCESS. + * @param maxinlen Maximum possible length of received data. Short reads are allowed. + * @return Indicates APR status code of exchange. APR_SUCCESS if exchange was successful, -1 if invalid data length was received. + */ static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outlen, char * datain, apr_size_t maxinlen) { apr_socket_t* apr_socket = handle->getSocket(); @@ -414,9 +518,18 @@ static S32 tcp_handshake(LLSocket::ptr_t handle, char * dataout, apr_size_t outl return rv; } +/** + * @brief Open a LLSocket and do a blocking connect to the chosen host. + * + * Checks for a successful connection, and makes sure the connection is closed if it fails. + * + * @param pool APR pool to pass into the LLSocket. + * @param host The host to open the connection to. + * @return The created socket. Will evaluate as NULL if the connection is unsuccessful. + */ static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host) { - LLSocket::ptr_t socket = LLSocket::create(gAPRPoolp, LLSocket::STREAM_TCP); + LLSocket::ptr_t socket = LLSocket::create(pool, LLSocket::STREAM_TCP); bool connected = socket->blockingConnect(host); if (!connected) { @@ -426,7 +539,11 @@ static LLSocket::ptr_t tcp_open_channel(apr_pool_t* pool, LLHost host) return socket; } -// Pass a pointer-to-pointer to avoid changing use_count(). +/** + * @brief Close the socket. + * + * @param handle_ptr A pointer-to-pointer to avoid increasing the use count. + */ static void tcp_close_channel(LLSocket::ptr_t* handle_ptr) { LL_DEBUGS("Proxy") << "Resetting proxy LLSocket handle, use_count == " << handle_ptr->use_count() << LL_ENDL; diff --git a/indra/llmessage/llproxy.h b/indra/llmessage/llproxy.h index 534455a6dd..29e7e28567 100644 --- a/indra/llmessage/llproxy.h +++ b/indra/llmessage/llproxy.h @@ -35,7 +35,7 @@ #include "llthread.h" #include -// Error codes returned from the StartProxy method +// SOCKS error codes returned from the StartProxy method #define SOCKS_OK 0 #define SOCKS_CONNECT_ERROR (-1) @@ -166,11 +166,86 @@ enum LLSocks5AuthType METHOD_PASSWORD = 0x02 // Client supports username/password }; +/** + * @brief Manage SOCKS 5 UDP proxy and HTTP proxy. + * + * This class is responsible for managing two interconnected tasks, + * connecting to a SOCKS 5 proxy for use by LLPacketRing to send UDP + * packets and managing proxy settings for HTTP requests. + * + *

Threading:

+ * Because HTTP requests can be generated in threads outside the + * main thread, it is necessary for some of the information stored + * by this class to be available to other threads. The members that + * need to be read across threads are in a labeled section below. + * To protect those members, a mutex, mProxyMutex should be locked + * before reading or writing those members. Methods that can lock + * mProxyMutex are in a labeled section below. Those methods should + * not be called while the mutex is already locked. + * + * There is also a LLAtomic type flag (mHTTPProxyEnabled) that is used + * to track whether the HTTP proxy is currently enabled. This allows + * for faster unlocked checks to see if the proxy is enabled. This + * allows us to cut down on the performance hit when the proxy is + * disabled compared to before this class was introduced. + * + *

UDP Proxying:

+ * UDP datagrams are proxied via a SOCKS 5 proxy with the UDP associate + * command. To initiate the proxy, a TCP socket connection is opened + * to the SOCKS 5 host, and after a handshake exchange, the server + * returns a port and address to send the UDP traffic that is to be + * proxied to. The LLProxy class tracks this address and port after the + * exchange and provides it to LLPacketRing when required to. All UDP + * proxy management occurs in the main thread. + * + *

HTTP Proxying:

+ * This class allows all viewer HTTP packets to be sent through a proxy. + * The user can select whether to send HTTP packets through a standard + * "web" HTTP proxy, through a SOCKS 5 proxy, or to not proxy HTTP + * communication. This class does not manage the integrated web browser + * proxy, which is handled in llviewermedia.cpp. + * + * The implementation of HTTP proxying is handled by libcurl. LLProxy + * is responsible for managing the HTTP proxy options and provides a + * thread-safe method to apply those options to a curl request + * (LLProxy::applyProxySettings()). This method is overloaded + * to accommodate the various abstraction libcurl layers that exist + * throughout the viewer (LLCurlEasyRequest, LLCurl::Easy, and CURL). + * + * If you are working with LLCurl or LLCurlEasyRequest objects, + * the configured proxy settings will be applied in the constructors + * of those request handles. If you are working with CURL objects + * directly, you will need to pass the handle of the request to + * applyProxySettings() before issuing the request. + * + * To ensure thread safety, all LLProxy members that relate to the HTTP + * proxy require the LLProxyMutex to be locked before accessing. + */ class LLProxy: public LLSingleton { LOG_CLASS(LLProxy); public: + // METHODS THAT DO NOT LOCK mProxyMutex! + LLProxy(); + + // static check for enabled status for UDP packets + static bool isSOCKSProxyEnabled() { return sUDPProxyEnabled; } + + // check for enabled status for HTTP packets + // mHTTPProxyEnabled is atomic, so no locking is required for thread safety. + bool isHTTPProxyEnabled() const { return mHTTPProxyEnabled; } + + // Get the UDP proxy address and port + LLHost getUDPProxy() const { return mUDPProxy; } + + // Get the SOCKS 5 TCP control channel address and port + LLHost getTCPProxy() const { return mTCPProxy; } + + // END OF NON-LOCKING METHODS + + // METHODS THAT DO LOCK mProxyMutex! DO NOT CALL WHILE mProxyMutex IS LOCKED! + ~LLProxy(); // Start a connection to the SOCKS 5 proxy @@ -188,16 +263,9 @@ public: // Set up to use No Auth when connecting to the SOCKS proxy void setAuthNone(); - // get the currently selected auth method + // Get the currently selected auth method. LLSocks5AuthType getSelectedAuthMethod() const; - // static check for enabled status for UDP packets - static bool isSOCKSProxyEnabled() { return sUDPProxyEnabled; } - - // check for enabled status for HTTP packets - // mHTTPProxyEnabled is atomic, so no locking is required for thread safety. - bool isHTTPProxyEnabled() const { return mHTTPProxyEnabled; } - // Proxy HTTP packets via httpHost, which can be a SOCKS 5 or a HTTP proxy // as specified in type bool enableHTTPProxy(LLHost httpHost, LLHttpProxyType type); @@ -211,12 +279,6 @@ public: void applyProxySettings(LLCurl::Easy* handle); void applyProxySettings(LLCurlEasyRequest* handle); - // Get the UDP proxy address and port - LLHost getUDPProxy() const { return mUDPProxy; } - - // Get the SOCKS 5 TCP control channel address and port - LLHost getTCPProxy() const { return mTCPProxy; } - // Get the HTTP proxy address and port LLHost getHTTPProxy() const; @@ -226,9 +288,10 @@ public: std::string getSocksPwd() const; std::string getSocksUser() const; + // END OF LOCKING METHODS private: // Open a communication channel to the SOCKS 5 proxy proxy, at port messagePort - S32 proxyHandshake(LLHost proxy, U32 messagePort); + S32 proxyHandshake(LLHost proxy); private: // Is the HTTP proxy enabled? @@ -255,6 +318,8 @@ private: // APR pool for the socket apr_pool_t* mPool; + // END OF UNSHARED MEMBERS + // MEMBERS WRITTEN IN MAIN THREAD AND READ IN ANY THREAD. ONLY READ OR WRITE AFTER LOCKING mProxyMutex! // HTTP proxy address and port @@ -270,6 +335,8 @@ private: std::string mSocksUsername; // SOCKS 5 password std::string mSocksPassword; + + // END OF SHARED MEMBERS }; #endif -- cgit v1.2.3 From 3743ec176c3c8fc1b93b2133e385331140819d8f Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Mon, 15 Aug 2011 13:21:33 -0400 Subject: LLProxy: Removed unneeded call to LLProxy::applyProxySettings, since it was already being called. --- indra/llmessage/llurlrequest.cpp | 1 - 1 file changed, 1 deletion(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index a186596582..d5400e4169 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -438,7 +438,6 @@ void LLURLRequest::initialize() LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST); mState = STATE_INITIALIZED; mDetail = new LLURLRequestDetail; - LLProxy::getInstance()->applyProxySettings(mDetail->mCurlRequest); mDetail->mCurlRequest->setopt(CURLOPT_NOSIGNAL, 1); mDetail->mCurlRequest->setWriteCallback(&downCallback, (void*)this); mDetail->mCurlRequest->setReadCallback(&upCallback, (void*)this); -- cgit v1.2.3 From ff870e977034cc17292aeb8d274ed553c7b2e3e3 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Mon, 15 Aug 2011 13:22:23 -0400 Subject: Back out later: Turned on curl verbose logging for debugging purposes. --- indra/llmessage/llcurl.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index bfdf49c74b..9ddf8e2824 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -469,7 +469,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, if (post) setoptString(CURLOPT_ENCODING, ""); - //setopt(CURLOPT_VERBOSE, 1); // useful for debugging + setopt(CURLOPT_VERBOSE, 1); // useful for debugging setopt(CURLOPT_NOSIGNAL, 1); // Set the CURL options for either Socks or HTTP proxy -- cgit v1.2.3 From 61a7a874aa699d0549eb6aef2ee79ee81a384bdb Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Mon, 15 Aug 2011 20:05:28 -0400 Subject: Backed out rev 42d5f5df0a6a. Code was apparently needed afterall. --- indra/llmessage/llurlrequest.cpp | 1 + 1 file changed, 1 insertion(+) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index d5400e4169..a186596582 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -438,6 +438,7 @@ void LLURLRequest::initialize() LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST); mState = STATE_INITIALIZED; mDetail = new LLURLRequestDetail; + LLProxy::getInstance()->applyProxySettings(mDetail->mCurlRequest); mDetail->mCurlRequest->setopt(CURLOPT_NOSIGNAL, 1); mDetail->mCurlRequest->setWriteCallback(&downCallback, (void*)this); mDetail->mCurlRequest->setReadCallback(&upCallback, (void*)this); -- cgit v1.2.3 From 797b4df42a17f0674a1ac64946deca50b726e523 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Tue, 16 Aug 2011 17:35:16 -0400 Subject: Backed out changeset 694594710de2 --- indra/llmessage/llurlrequest.cpp | 1 - 1 file changed, 1 deletion(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index a186596582..d5400e4169 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -438,7 +438,6 @@ void LLURLRequest::initialize() LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST); mState = STATE_INITIALIZED; mDetail = new LLURLRequestDetail; - LLProxy::getInstance()->applyProxySettings(mDetail->mCurlRequest); mDetail->mCurlRequest->setopt(CURLOPT_NOSIGNAL, 1); mDetail->mCurlRequest->setWriteCallback(&downCallback, (void*)this); mDetail->mCurlRequest->setReadCallback(&upCallback, (void*)this); -- cgit v1.2.3 From 4fb809eed5fbed458b5be883fba7196a5712aa48 Mon Sep 17 00:00:00 2001 From: Logan Dethrow Date: Thu, 18 Aug 2011 16:10:49 -0400 Subject: Backed out revision cbc793dcd3db to disable libcurl verbose logging. --- indra/llmessage/llcurl.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'indra/llmessage') diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index 9ddf8e2824..bfdf49c74b 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -469,7 +469,7 @@ void LLCurl::Easy::prepRequest(const std::string& url, if (post) setoptString(CURLOPT_ENCODING, ""); - setopt(CURLOPT_VERBOSE, 1); // useful for debugging + //setopt(CURLOPT_VERBOSE, 1); // useful for debugging setopt(CURLOPT_NOSIGNAL, 1); // Set the CURL options for either Socks or HTTP proxy -- cgit v1.2.3