Print announce error response (#11878)

ShadowNinja · web-flow · commit 29d2b2ccd06c · 2022-01-01T22:44:56.000+01:00
Fix HTTPFetch caller and request ID to 64 bits
Check that allocated caller ID is not DISCARD
Print body if serverlist request returns error
Don't print control characters from HTTP responses
Document special HTTPFetch caller IDs
Allow unicode to be printed
diff --git a/src/client/clientmedia.h b/src/client/clientmedia.h
@@ -174,12 +174,12 @@ class ClientMediaDownloader : public IClientMediaDownloader
 	s32 m_uncached_received_count = 0;
 
 	// Status of remote transfers
-	unsigned long m_httpfetch_caller;
-	unsigned long m_httpfetch_next_id = 0;
+	u64 m_httpfetch_caller;
+	u64 m_httpfetch_next_id = 0;
 	s32 m_httpfetch_active = 0;
 	s32 m_httpfetch_active_limit = 0;
 	s32 m_outstanding_hash_sets = 0;
-	std::unordered_map<unsigned long, std::string> m_remote_file_transfers;
+	std::unordered_map<u64, std::string> m_remote_file_transfers;
 
 	// All files up to this name have either been received from a
 	// remote server or failed on all remote servers, so those files
diff --git a/src/httpfetch.cpp b/src/httpfetch.cpp
@@ -38,7 +38,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 #include "noise.h"
 
 static std::mutex g_httpfetch_mutex;
-static std::unordered_map<unsigned long, std::queue<HTTPFetchResult>>
+static std::unordered_map<u64, std::queue<HTTPFetchResult>>
 	g_httpfetch_results;
 static PcgRandom g_callerid_randomness;
 
@@ -52,22 +52,21 @@ HTTPFetchRequest::HTTPFetchRequest() :
 
 static void httpfetch_deliver_result(const HTTPFetchResult &fetch_result)
 {
-	unsigned long caller = fetch_result.caller;
+	u64 caller = fetch_result.caller;
 	if (caller != HTTPFETCH_DISCARD) {
 		MutexAutoLock lock(g_httpfetch_mutex);
 		g_httpfetch_results[caller].emplace(fetch_result);
 	}
 }
 
-static void httpfetch_request_clear(unsigned long caller);
+static void httpfetch_request_clear(u64 caller);
 
-unsigned long httpfetch_caller_alloc()
+u64 httpfetch_caller_alloc()
 {
 	MutexAutoLock lock(g_httpfetch_mutex);
 
-	// Check each caller ID except HTTPFETCH_DISCARD
-	const unsigned long discard = HTTPFETCH_DISCARD;
-	for (unsigned long caller = discard + 1; caller != discard; ++caller) {
+	// Check each caller ID except reserved ones
+	for (u64 caller = HTTPFETCH_CID_START; caller != 0; ++caller) {
 		auto it = g_httpfetch_results.find(caller);
 		if (it == g_httpfetch_results.end()) {
 			verbosestream << "httpfetch_caller_alloc: allocating "
@@ -79,18 +78,17 @@ unsigned long httpfetch_caller_alloc()
 	}
 
 	FATAL_ERROR("httpfetch_caller_alloc: ran out of caller IDs");
-	return discard;
 }
 
-unsigned long httpfetch_caller_alloc_secure()
+u64 httpfetch_caller_alloc_secure()
 {
 	MutexAutoLock lock(g_httpfetch_mutex);
 
 	// Generate random caller IDs and make sure they're not
-	// already used or equal to HTTPFETCH_DISCARD
+	// already used or reserved.
 	// Give up after 100 tries to prevent infinite loop
-	u8 tries = 100;
-	unsigned long caller;
+	size_t tries = 100;
+	u64 caller;
 
 	do {
 		caller = (((u64) g_callerid_randomness.next()) << 32) |
@@ -100,7 +98,8 @@ unsigned long httpfetch_caller_alloc_secure()
 			FATAL_ERROR("httpfetch_caller_alloc_secure: ran out of caller IDs");
 			return HTTPFETCH_DISCARD;
 		}
-	} while (g_httpfetch_results.find(caller) != g_httpfetch_results.end());
+	} while (caller >= HTTPFETCH_CID_START &&
+		g_httpfetch_results.find(caller) != g_httpfetch_results.end());
 
 	verbosestream << "httpfetch_caller_alloc_secure: allocating "
 		<< caller << std::endl;
@@ -110,7 +109,7 @@ unsigned long httpfetch_caller_alloc_secure()
 	return caller;
 }
 
-void httpfetch_caller_free(unsigned long caller)
+void httpfetch_caller_free(u64 caller)
 {
 	verbosestream<<"httpfetch_caller_free: freeing "
 			<<caller<<std::endl;
@@ -122,7 +121,7 @@ void httpfetch_caller_free(unsigned long caller)
 	}
 }
 
-bool httpfetch_async_get(unsigned long caller, HTTPFetchResult &fetch_result)
+bool httpfetch_async_get(u64 caller, HTTPFetchResult &fetch_result)
 {
 	MutexAutoLock lock(g_httpfetch_mutex);
 
@@ -242,7 +241,6 @@ HTTPFetchOngoing::HTTPFetchOngoing(const HTTPFetchRequest &request_,
 
 	// Set static cURL options
 	curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1);
-	curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1);
 	curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1);
 	curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 3);
 	curl_easy_setopt(curl, CURLOPT_ENCODING, "gzip");
@@ -393,10 +391,17 @@ const HTTPFetchResult * HTTPFetchOngoing::complete(CURLcode res)
 	}
 
 	if (res != CURLE_OK) {
-		errorstream << request.url << " not found ("
-			<< curl_easy_strerror(res) << ")"
-			<< " (response code " << result.response_code << ")"
+		errorstream << "HTTPFetch for " << request.url << " failed ("
+			<< curl_easy_strerror(res) << ")" << std::endl;
+	} else if (result.response_code >= 400) {
+		errorstream << "HTTPFetch for " << request.url
+			<< " returned response code " << result.response_code
 			<< std::endl;
+		if (result.caller == HTTPFETCH_PRINT_ERR && !result.data.empty()) {
+			errorstream << "Response body:" << std::endl;
+			safe_print_string(errorstream, result.data);
+			errorstream << std::endl;
+		}
 	}
 
 	return &result;
@@ -474,7 +479,7 @@ class CurlFetchThread : public Thread
 		m_requests.push_back(req);
 	}
 
-	void requestClear(unsigned long caller, Event *event)
+	void requestClear(u64 caller, Event *event)
 	{
 		Request req;
 		req.type = RT_CLEAR;
@@ -505,7 +510,7 @@ class CurlFetchThread : public Thread
 
 		}
 		else if (req.type == RT_CLEAR) {
-			unsigned long caller = req.fetch_request.caller;
+			u64 caller = req.fetch_request.caller;
 
 			// Abort all ongoing fetches for the caller
 			for (std::vector<HTTPFetchOngoing*>::iterator
@@ -778,7 +783,7 @@ void httpfetch_async(const HTTPFetchRequest &fetch_request)
 		g_httpfetch_thread->start();
 }
 
-static void httpfetch_request_clear(unsigned long caller)
+static void httpfetch_request_clear(u64 caller)
 {
 	if (g_httpfetch_thread->isRunning()) {
 		Event event;
@@ -827,7 +832,7 @@ void httpfetch_async(const HTTPFetchRequest &fetch_request)
 	httpfetch_deliver_result(fetch_result);
 }
 
-static void httpfetch_request_clear(unsigned long caller)
+static void httpfetch_request_clear(u64 caller)
 {
 }
 
diff --git a/src/httpfetch.h b/src/httpfetch.h
@@ -23,10 +23,17 @@ with this program; if not, write to the Free Software Foundation, Inc.,
 #include "util/string.h"
 #include "config.h"
 
-// Can be used in place of "caller" in asynchronous transfers to discard result
-// (used as default value of "caller")
+// These can be used in place of "caller" in to specify special handling.
+// Discard result (used as default value of "caller").
 #define HTTPFETCH_DISCARD 0
+// Indicates that the result should not be discarded when performing a
+// synchronous request (since a real caller ID is not needed for synchronous
+// requests because the result does not have to be retrieved later).
 #define HTTPFETCH_SYNC 1
+// Print response body to console if the server returns an error code.
+#define HTTPFETCH_PRINT_ERR 2
+// Start of regular allocated caller IDs.
+#define HTTPFETCH_CID_START 3
 
 //  Methods
 enum HttpMethod : u8
@@ -43,11 +50,11 @@ struct HTTPFetchRequest
 
 	// Identifies the caller (for asynchronous requests)
 	// Ignored by httpfetch_sync
-	unsigned long caller = HTTPFETCH_DISCARD;
+	u64 caller = HTTPFETCH_DISCARD;
 
 	// Some number that identifies the request
 	// (when the same caller issues multiple httpfetch_async calls)
-	unsigned long request_id = 0;
+	u64 request_id = 0;
 
 	// Timeout for the whole transfer, in milliseconds
 	long timeout;
@@ -85,8 +92,8 @@ struct HTTPFetchResult
 	long response_code = 0;
 	std::string data = "";
 	// The caller and request_id from the corresponding HTTPFetchRequest.
-	unsigned long caller = HTTPFETCH_DISCARD;
-	unsigned long request_id = 0;
+	u64 caller = HTTPFETCH_DISCARD;
+	u64 request_id = 0;
 
 	HTTPFetchResult() = default;
 
@@ -107,19 +114,19 @@ void httpfetch_async(const HTTPFetchRequest &fetch_request);
 
 // If any fetch for the given caller ID is complete, removes it from the
 // result queue, sets the fetch result and returns true. Otherwise returns false.
-bool httpfetch_async_get(unsigned long caller, HTTPFetchResult &fetch_result);
+bool httpfetch_async_get(u64 caller, HTTPFetchResult &fetch_result);
 
 // Allocates a caller ID for httpfetch_async
 // Not required if you want to set caller = HTTPFETCH_DISCARD
-unsigned long httpfetch_caller_alloc();
+u64 httpfetch_caller_alloc();
 
 // Allocates a non-predictable caller ID for httpfetch_async
-unsigned long httpfetch_caller_alloc_secure();
+u64 httpfetch_caller_alloc_secure();
 
 // Frees a caller ID allocated with httpfetch_caller_alloc
 // Note: This can be expensive, because the httpfetch thread is told
 // to stop any ongoing fetches for the given caller.
-void httpfetch_caller_free(unsigned long caller);
+void httpfetch_caller_free(u64 caller);
 
 // Performs a synchronous HTTP request. This blocks and therefore should
 // only be used from background threads.
diff --git a/src/serverlist.cpp b/src/serverlist.cpp
@@ -97,6 +97,7 @@ void sendAnnounce(AnnounceAction action,
 	}
 
 	HTTPFetchRequest fetch_request;
+	fetch_request.caller = HTTPFETCH_PRINT_ERR;
 	fetch_request.url = g_settings->get("serverlist_url") + std::string("/announce");
 	fetch_request.method = HTTP_POST;
 	fetch_request.fields["json"] = fastWriteJson(server);
diff --git a/src/util/string.cpp b/src/util/string.cpp
@@ -887,3 +887,19 @@ std::string sanitizeDirName(const std::string &str, const std::string &optional_
 
 	return wide_to_utf8(safe_name);
 }
+
+
+void safe_print_string(std::ostream &os, const std::string &str)
+{
+	std::ostream::fmtflags flags = os.flags();
+	os << std::hex;
+	for (const char c : str) {
+		if (IS_ASCII_PRINTABLE_CHAR(c) || IS_UTF8_MULTB_START(c) ||
+				IS_UTF8_MULTB_INNER(c) || c == '\n' || c == '\t') {
+			os << c;
+		} else {
+			os << '<' << std::setw(2) << (int)c << '>';
+		}
+	}
+	os.setf(flags);
+}
diff --git a/src/util/string.h b/src/util/string.h
@@ -753,3 +753,11 @@ inline irr::core::stringw utf8_to_stringw(const std::string &input)
  * 2. Remove 'unsafe' characters from the name by replacing them with '_'
  */
 std::string sanitizeDirName(const std::string &str, const std::string &optional_prefix);
+
+/**
+ * Prints a sanitized version of a string without control characters.
+ * '\t' and '\n' are allowed, as are UTF-8 control characters (e.g. RTL).
+ * ASCII control characters are replaced with their hex encoding in angle
+ * brackets (e.g. "a\x1eb" -> "a<1e>b").
+ */
+void safe_print_string(std::ostream &os, const std::string &str);

Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,`
`38`	`38`	`#include "noise.h"`
`39`	`39`
`40`	`40`	`static std::mutex g_httpfetch_mutex;`
`41`		`-static std::unordered_map<unsigned long, std::queue<HTTPFetchResult>>`
	`41`	`+static std::unordered_map<u64, std::queue<HTTPFetchResult>>`
`42`	`42`	`g_httpfetch_results;`
`43`	`43`	`static PcgRandom g_callerid_randomness;`
`44`	`44`
`@@ -52,22 +52,21 @@ HTTPFetchRequest::HTTPFetchRequest() :`
`52`	`52`
`53`	`53`	`static void httpfetch_deliver_result(const HTTPFetchResult &fetch_result)`
`54`	`54`	`{`
`55`		`- unsigned long caller = fetch_result.caller;`
	`55`	`+ u64 caller = fetch_result.caller;`
`56`	`56`	`if (caller != HTTPFETCH_DISCARD) {`
`57`	`57`	`MutexAutoLock lock(g_httpfetch_mutex);`
`58`	`58`	`g_httpfetch_results[caller].emplace(fetch_result);`
`59`	`59`	`}`
`60`	`60`	`}`
`61`	`61`
`62`		`-static void httpfetch_request_clear(unsigned long caller);`
	`62`	`+static void httpfetch_request_clear(u64 caller);`
`63`	`63`
`64`		`-unsigned long httpfetch_caller_alloc()`
	`64`	`+u64 httpfetch_caller_alloc()`
`65`	`65`	`{`
`66`	`66`	`MutexAutoLock lock(g_httpfetch_mutex);`
`67`	`67`
`68`		`- // Check each caller ID except HTTPFETCH_DISCARD`
`69`		`- const unsigned long discard = HTTPFETCH_DISCARD;`
`70`		`- for (unsigned long caller = discard + 1; caller != discard; ++caller) {`
	`68`	`+ // Check each caller ID except reserved ones`
	`69`	`+ for (u64 caller = HTTPFETCH_CID_START; caller != 0; ++caller) {`
`71`	`70`	`auto it = g_httpfetch_results.find(caller);`
`72`	`71`	`if (it == g_httpfetch_results.end()) {`
`73`	`72`	`verbosestream << "httpfetch_caller_alloc: allocating "`
`@@ -79,18 +78,17 @@ unsigned long httpfetch_caller_alloc()`
`79`	`78`	`}`
`80`	`79`
`81`	`80`	`FATAL_ERROR("httpfetch_caller_alloc: ran out of caller IDs");`
`82`		`- return discard;`
`83`	`81`	`}`
`84`	`82`
`85`		`-unsigned long httpfetch_caller_alloc_secure()`
	`83`	`+u64 httpfetch_caller_alloc_secure()`
`86`	`84`	`{`
`87`	`85`	`MutexAutoLock lock(g_httpfetch_mutex);`
`88`	`86`
`89`	`87`	`// Generate random caller IDs and make sure they're not`
`90`		`- // already used or equal to HTTPFETCH_DISCARD`
	`88`	`+ // already used or reserved.`
`91`	`89`	`// Give up after 100 tries to prevent infinite loop`
`92`		`- u8 tries = 100;`
`93`		`- unsigned long caller;`
	`90`	`+ size_t tries = 100;`
	`91`	`+ u64 caller;`
`94`	`92`
`95`	`93`	`do {`
`96`	`94`	`caller = (((u64) g_callerid_randomness.next()) << 32) \|`
`@@ -100,7 +98,8 @@ unsigned long httpfetch_caller_alloc_secure()`
`100`	`98`	`FATAL_ERROR("httpfetch_caller_alloc_secure: ran out of caller IDs");`
`101`	`99`	`return HTTPFETCH_DISCARD;`
`102`	`100`	`}`
`103`		`- } while (g_httpfetch_results.find(caller) != g_httpfetch_results.end());`
	`101`	`+ } while (caller >= HTTPFETCH_CID_START &&`
	`102`	`+ g_httpfetch_results.find(caller) != g_httpfetch_results.end());`
`104`	`103`
`105`	`104`	`verbosestream << "httpfetch_caller_alloc_secure: allocating "`
`106`	`105`	`<< caller << std::endl;`
`@@ -110,7 +109,7 @@ unsigned long httpfetch_caller_alloc_secure()`
`110`	`109`	`return caller;`
`111`	`110`	`}`
`112`	`111`
`113`		`-void httpfetch_caller_free(unsigned long caller)`
	`112`	`+void httpfetch_caller_free(u64 caller)`
`114`	`113`	`{`
`115`	`114`	`verbosestream<<"httpfetch_caller_free: freeing "`
`116`	`115`	`<<caller<<std::endl;`
`@@ -122,7 +121,7 @@ void httpfetch_caller_free(unsigned long caller)`
`122`	`121`	`}`
`123`	`122`	`}`
`124`	`123`
`125`		`-bool httpfetch_async_get(unsigned long caller, HTTPFetchResult &fetch_result)`
	`124`	`+bool httpfetch_async_get(u64 caller, HTTPFetchResult &fetch_result)`
`126`	`125`	`{`
`127`	`126`	`MutexAutoLock lock(g_httpfetch_mutex);`
`128`	`127`
`@@ -242,7 +241,6 @@ HTTPFetchOngoing::HTTPFetchOngoing(const HTTPFetchRequest &request_,`
`242`	`241`
`243`	`242`	`// Set static cURL options`
`244`	`243`	`curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1);`
`245`		`- curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1);`
`246`	`244`	`curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1);`
`247`	`245`	`curl_easy_setopt(curl, CURLOPT_MAXREDIRS, 3);`
`248`	`246`	`curl_easy_setopt(curl, CURLOPT_ENCODING, "gzip");`
`@@ -393,10 +391,17 @@ const HTTPFetchResult * HTTPFetchOngoing::complete(CURLcode res)`
`393`	`391`	`}`
`394`	`392`
`395`	`393`	`if (res != CURLE_OK) {`
`396`		`- errorstream << request.url << " not found ("`
`397`		`- << curl_easy_strerror(res) << ")"`
`398`		`- << " (response code " << result.response_code << ")"`
	`394`	`+ errorstream << "HTTPFetch for " << request.url << " failed ("`
	`395`	`+ << curl_easy_strerror(res) << ")" << std::endl;`
	`396`	`+ } else if (result.response_code >= 400) {`
	`397`	`+ errorstream << "HTTPFetch for " << request.url`
	`398`	`+ << " returned response code " << result.response_code`
`399`	`399`	`<< std::endl;`
	`400`	`+ if (result.caller == HTTPFETCH_PRINT_ERR && !result.data.empty()) {`
	`401`	`+ errorstream << "Response body:" << std::endl;`
	`402`	`+ safe_print_string(errorstream, result.data);`
	`403`	`+ errorstream << std::endl;`
	`404`	`+ }`
`400`	`405`	`}`
`401`	`406`
`402`	`407`	`return &result;`
`@@ -474,7 +479,7 @@ class CurlFetchThread : public Thread`
`474`	`479`	`m_requests.push_back(req);`
`475`	`480`	`}`
`476`	`481`
`477`		`- void requestClear(unsigned long caller, Event *event)`
	`482`	`+ void requestClear(u64 caller, Event *event)`
`478`	`483`	`{`
`479`	`484`	`Request req;`
`480`	`485`	`req.type = RT_CLEAR;`
`@@ -505,7 +510,7 @@ class CurlFetchThread : public Thread`
`505`	`510`
`506`	`511`	`}`
`507`	`512`	`else if (req.type == RT_CLEAR) {`
`508`		`- unsigned long caller = req.fetch_request.caller;`
	`513`	`+ u64 caller = req.fetch_request.caller;`
`509`	`514`
`510`	`515`	`// Abort all ongoing fetches for the caller`
`511`	`516`	`for (std::vector<HTTPFetchOngoing*>::iterator`
`@@ -778,7 +783,7 @@ void httpfetch_async(const HTTPFetchRequest &fetch_request)`
`778`	`783`	`g_httpfetch_thread->start();`
`779`	`784`	`}`
`780`	`785`
`781`		`-static void httpfetch_request_clear(unsigned long caller)`
	`786`	`+static void httpfetch_request_clear(u64 caller)`
`782`	`787`	`{`
`783`	`788`	`if (g_httpfetch_thread->isRunning()) {`
`784`	`789`	`Event event;`
`@@ -827,7 +832,7 @@ void httpfetch_async(const HTTPFetchRequest &fetch_request)`
`827`	`832`	`httpfetch_deliver_result(fetch_result);`
`828`	`833`	`}`
`829`	`834`
`830`		`-static void httpfetch_request_clear(unsigned long caller)`
	`835`	`+static void httpfetch_request_clear(u64 caller)`
`831`	`836`	`{`
`832`	`837`	`}`
`833`	`838`
Original file line number	Diff line number	Diff line change
`@@ -97,6 +97,7 @@ void sendAnnounce(AnnounceAction action,`
`97`	`97`	`}`
`98`	`98`
`99`	`99`	`HTTPFetchRequest fetch_request;`
	`100`	`+ fetch_request.caller = HTTPFETCH_PRINT_ERR;`
`100`	`101`	`fetch_request.url = g_settings->get("serverlist_url") + std::string("/announce");`
`101`	`102`	`fetch_request.method = HTTP_POST;`
`102`	`103`	`fetch_request.fields["json"] = fastWriteJson(server);`