diff options
| author | Robert Knop <prospero@lindenlab.com> | 2009-01-19 22:05:19 +0000 |
|---|---|---|
| committer | Robert Knop <prospero@lindenlab.com> | 2009-01-19 22:05:19 +0000 |
| commit | ce888706c5589bbd30423cd1cbfb7b168b16d680 (patch) | |
| tree | 9869898ee1d915bfc6faec72a5c9f5198702f2df /indra/llmessage/message.cpp | |
| parent | f1380f2fc3eecd8dfd2f75d053ff86716d5055f7 (diff) | |
svn merge -r108236:108243 svn+ssh://svn.lindenlab.com/svn/linden/branches/server/server-1.25
Still merging from server-1.25... one day I will catch up!
No conflicts
Diffstat (limited to 'indra/llmessage/message.cpp')
| -rw-r--r-- | indra/llmessage/message.cpp | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/indra/llmessage/message.cpp b/indra/llmessage/message.cpp index 83e1ddb894..d5f362d780 100644 --- a/indra/llmessage/message.cpp +++ b/indra/llmessage/message.cpp @@ -306,6 +306,9 @@ LLMessageSystem::LLMessageSystem(const std::string& filename, U32 port, // default to not accepting packets from not alive circuits mbProtected = TRUE; + // default to blocking trusted connections on a public interface if one is specified + mBlockUntrustedInterface = true; + mSendPacketFailureCount = 0; mCircuitPrintFreq = 60.f; // seconds @@ -440,6 +443,7 @@ void LLMessageSystem::clearReceiveState() mCurrentRecvPacketID = 0; mIncomingCompressedSize = 0; mLastSender.invalidate(); + mLastReceivingIF.invalidate(); mMessageReader->clearMessage(); } @@ -589,6 +593,7 @@ BOOL LLMessageSystem::checkMessages( S64 frame_count ) receive_size = mTrueReceiveSize; mLastSender = mPacketRing.getLastSender(); + mLastReceivingIF = mPacketRing.getLastReceivingInterface(); if (receive_size < (S32) LL_MINIMUM_VALID_PACKET_SIZE) { @@ -2355,6 +2360,23 @@ void process_create_trusted_circuit(LLMessageSystem *msg, void **) return; } + U32 untrusted_interface = msg->getUntrustedInterface().getAddress(); + U32 last_interface = msg->getReceivingInterface().getAddress(); + if ( ( untrusted_interface != INVALID_HOST_IP_ADDRESS ) && ( untrusted_interface == last_interface ) ) + { + if( msg->getBlockUntrustedInterface() ) + { + LL_WARNS("Messaging") << "Refusing trust on public interface from host: " + << msg->getSender() << llendl; + return; + } + else + { + LL_WARNS("Messaging") << "Establishing trust on public interface from host: " + << msg->getSender() << llendl; + } + } + char their_digest[MD5HEX_STR_SIZE]; /* Flawfinder: ignore */ S32 size = msg->getSizeFast(_PREHASH_DataBlock, _PREHASH_Digest); if(size != MD5HEX_STR_BYTES) |