Added a optional key between the group remote connectors, sim and service. This allows for more secure group services, to be used by collections of mutually-trusting grids.

1 files changed, 36 insertions, 2 deletions

diff --git a/OpenSim/Addons/Groups/Remote/GroupsServiceRobustConnector.cs b/OpenSim/Addons/Groups/Remote/GroupsServiceRobustConnector.cs
index 616afa9..828965f 100644
--- a/OpenSim/Addons/Groups/Remote/GroupsServiceRobustConnector.cs
+++ b/OpenSim/Addons/Groups/Remote/GroupsServiceRobustConnector.cs
@@ -52,14 +52,24 @@ namespace OpenSim.Groups
         public GroupsServiceRobustConnector(IConfigSource config, IHttpServer server, string configName) :
             base(config, server, configName)
         {
+            string key = string.Empty;
             if (configName != String.Empty)
                 m_ConfigName = configName;
 
             m_log.DebugFormat("[Groups.RobustConnector]: Starting with config name {0}", m_ConfigName);
 
+            IConfig groupsConfig = config.Configs[m_ConfigName];
+            if (groupsConfig != null)
+            {
+                key = groupsConfig.GetString("SecretKey", string.Empty);
+                m_log.DebugFormat("[Groups.RobustConnector]: Starting with secret key {0}", key);
+            }
+            else
+                m_log.WarnFormat("[Groups.RobustConnector]: Unable to find {0} section in configuration", m_ConfigName);
+
             m_GroupsService = new GroupsService(config);
 
-            server.AddStreamHandler(new GroupsServicePostHandler(m_GroupsService));
+            server.AddStreamHandler(new GroupsServicePostHandler(m_GroupsService, key));
         }
     }
 
@@ -68,11 +78,13 @@ namespace OpenSim.Groups
         private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
 
         private GroupsService m_GroupsService;
+        private string m_SecretKey = String.Empty;
 
-        public GroupsServicePostHandler(GroupsService service) :
+        public GroupsServicePostHandler(GroupsService service, string key) :
             base("POST", "/groups")
         {
             m_GroupsService = service;
+            m_SecretKey = key;
         }
 
         protected override byte[] ProcessRequest(string path, Stream requestData,
@@ -96,6 +108,20 @@ namespace OpenSim.Groups
                 string method = request["METHOD"].ToString();
                 request.Remove("METHOD");
 
+                if (!String.IsNullOrEmpty(m_SecretKey)) // Verification required
+                {
+                    // Sender didn't send key
+                    if (!request.ContainsKey("KEY") || (request["KEY"] == null))
+                        return FailureResult("This service requires a secret key");
+
+                    // Sender sent wrong key
+                    if (!m_SecretKey.Equals(request["KEY"]))
+                        return FailureResult("Provided key does not match existing one");
+
+                    // OK, key matches. Remove it.
+                    request.Remove("KEY");
+                }
+
                 m_log.DebugFormat("[Groups.Handler]: {0}", method);
                 switch (method)
                 {
@@ -784,6 +810,14 @@ namespace OpenSim.Groups
             string xmlString = ServerUtils.BuildXmlResponse(result);
             return Util.UTF8NoBomEncoding.GetBytes(xmlString);
         }
+
+        private byte[] FailureResult(string reason)
+        {
+            Dictionary<string, object> result = new Dictionary<string, object>();
+            NullResult(result, reason);
+            string xmlString = ServerUtils.BuildXmlResponse(result);
+            return Util.UTF8NoBomEncoding.GetBytes(xmlString);
+        }
         #endregion
     }
 }