diff options
author | diva | 2009-04-14 19:35:35 +0000 |
---|---|---|
committer | diva | 2009-04-14 19:35:35 +0000 |
commit | 0413d052a3ec541164049e7d39278c57fb92ed06 (patch) | |
tree | 9a58c9c51487278d67e1ad9b3a60668769434001 /OpenSim/Region | |
parent | * Make archiver tests pump the asset server manually instead of starting the ... (diff) | |
download | opensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.zip opensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.tar.gz opensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.tar.bz2 opensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.tar.xz |
Adds session authentication upon NewUserConnections. Adds user key authentication (in safemode only) upon CreateChildAgents. All of this for Hypergrid users too. This addresses assorted spoofing vulnerabilities.
Diffstat (limited to '')
7 files changed, 291 insertions, 114 deletions
diff --git a/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs b/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs index d1be94f..2ef0fd3 100644 --- a/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs +++ b/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs | |||
@@ -59,6 +59,7 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
59 | 59 | ||
60 | // The HG InventoryService always uses secure handlers | 60 | // The HG InventoryService always uses secure handlers |
61 | HGInventoryServiceClient invService = new HGInventoryServiceClient(serversInfo.InventoryURL, this.m_userProfileCacheService, true); | 61 | HGInventoryServiceClient invService = new HGInventoryServiceClient(serversInfo.InventoryURL, this.m_userProfileCacheService, true); |
62 | invService.UserProfileCache = m_userProfileCacheService; | ||
62 | AddSecureInventoryService(invService); | 63 | AddSecureInventoryService(invService); |
63 | m_defaultInventoryHost = invService.Host; | 64 | m_defaultInventoryHost = invService.Host; |
64 | if (SecureInventoryService != null) | 65 | if (SecureInventoryService != null) |
diff --git a/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs b/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs index 5e3f229..156137e 100644 --- a/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs +++ b/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs | |||
@@ -62,7 +62,7 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
62 | { | 62 | { |
63 | _inventoryServerUrl = HGNetworkServersInfo.ServerURI(inventoryServerUrl); | 63 | _inventoryServerUrl = HGNetworkServersInfo.ServerURI(inventoryServerUrl); |
64 | //m_Uri = new Uri(_inventoryServerUrl); | 64 | //m_Uri = new Uri(_inventoryServerUrl); |
65 | m_userProfileCache = userProfileCacheService; | 65 | //m_userProfileCache = userProfileCacheService; |
66 | m_gridmode = gridmode; | 66 | m_gridmode = gridmode; |
67 | } | 67 | } |
68 | 68 | ||
@@ -506,6 +506,9 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
506 | 506 | ||
507 | private bool IsLocalStandaloneUser(UUID userID) | 507 | private bool IsLocalStandaloneUser(UUID userID) |
508 | { | 508 | { |
509 | if (m_userProfileCache == null) | ||
510 | return false; | ||
511 | |||
509 | CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID); | 512 | CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID); |
510 | if (uinfo == null) | 513 | if (uinfo == null) |
511 | return true; | 514 | return true; |
@@ -522,6 +525,7 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
522 | private string GetUserInventoryURI(UUID userID) | 525 | private string GetUserInventoryURI(UUID userID) |
523 | { | 526 | { |
524 | string invURI = _inventoryServerUrl; | 527 | string invURI = _inventoryServerUrl; |
528 | |||
525 | CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID); | 529 | CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID); |
526 | if ((uinfo == null) || (uinfo.UserProfile == null)) | 530 | if ((uinfo == null) || (uinfo.UserProfile == null)) |
527 | return invURI; | 531 | return invURI; |
diff --git a/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs b/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs index ef08421..05ae5a9 100644 --- a/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs +++ b/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs | |||
@@ -31,7 +31,10 @@ using System.Collections.Generic; | |||
31 | using OpenMetaverse; | 31 | using OpenMetaverse; |
32 | using OpenSim.Framework; | 32 | using OpenSim.Framework; |
33 | using OpenSim.Framework.Communications; | 33 | using OpenSim.Framework.Communications; |
34 | using OpenSim.Framework.Communications.Cache; | ||
35 | using OpenSim.Framework.Communications.Clients; | ||
34 | using OpenSim.Region.Communications.OGS1; | 36 | using OpenSim.Region.Communications.OGS1; |
37 | using OpenSim.Region.Communications.Local; | ||
35 | 38 | ||
36 | namespace OpenSim.Region.Communications.Hypergrid | 39 | namespace OpenSim.Region.Communications.Hypergrid |
37 | { | 40 | { |
@@ -40,32 +43,30 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
40 | /// so it always fails for foreign users. | 43 | /// so it always fails for foreign users. |
41 | /// Later it needs to talk with the foreign users' user servers. | 44 | /// Later it needs to talk with the foreign users' user servers. |
42 | /// </summary> | 45 | /// </summary> |
43 | public class HGUserServices : IUserService, IAvatarService, IMessagingService | 46 | public class HGUserServices : OGS1UserServices |
44 | { | 47 | { |
45 | //private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 48 | //private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
46 | 49 | ||
47 | //private HGCommunicationsGridMode m_parent; | 50 | //private CommunicationsManager m_parent; |
48 | private OGS1UserServices m_remoteUserServices; | 51 | //private OGS1UserServices m_remoteUserServices; |
52 | private LocalUserServices m_localUserServices; | ||
49 | 53 | ||
50 | public HGUserServices(HGCommunicationsGridMode parent) | 54 | // Constructor called when running in grid mode |
55 | public HGUserServices(CommunicationsManager parent) | ||
56 | : base(parent) | ||
51 | { | 57 | { |
52 | //m_parent = parent; | ||
53 | m_remoteUserServices = new OGS1UserServices(parent); | ||
54 | } | 58 | } |
55 | 59 | ||
56 | public UserProfileData ConvertXMLRPCDataToUserProfile(Hashtable data) | 60 | // Constructor called when running in standalone |
61 | public HGUserServices(LocalUserServices local) | ||
57 | { | 62 | { |
58 | return m_remoteUserServices.ConvertXMLRPCDataToUserProfile(data); | 63 | m_localUserServices = local; |
59 | } | 64 | } |
60 | 65 | ||
61 | public UserProfileData GetUserProfile(Uri uri) | 66 | // Called for standalone mode only, to set up the communications manager |
67 | public void SetCommunicationsManager(CommunicationsManager parent) | ||
62 | { | 68 | { |
63 | throw new System.NotImplementedException(); | 69 | m_commsManager = parent; |
64 | } | ||
65 | |||
66 | public Uri GetUserUri(UserProfileData userProfile) | ||
67 | { | ||
68 | throw new NotImplementedException(); | ||
69 | } | 70 | } |
70 | 71 | ||
71 | /// <summary> | 72 | /// <summary> |
@@ -73,25 +74,15 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
73 | /// </summary> | 74 | /// </summary> |
74 | /// <param name="avatarID"></param> | 75 | /// <param name="avatarID"></param> |
75 | /// <returns>null if the request fails</returns> | 76 | /// <returns>null if the request fails</returns> |
76 | public UserAgentData GetAgentByUUID(UUID userId) | 77 | public override UserAgentData GetAgentByUUID(UUID userId) |
77 | { | 78 | { |
78 | return m_remoteUserServices.GetAgentByUUID(userId); | 79 | string url = string.Empty; |
79 | } | 80 | if ((m_localUserServices != null) && !IsForeignUser(userId, out url)) |
80 | 81 | return m_localUserServices.GetAgentByUUID(userId); | |
81 | public AvatarAppearance ConvertXMLRPCDataToAvatarAppearance(Hashtable data) | ||
82 | { | ||
83 | return m_remoteUserServices.ConvertXMLRPCDataToAvatarAppearance(data); | ||
84 | } | ||
85 | 82 | ||
86 | public List<AvatarPickerAvatar> ConvertXMLRPCDataToAvatarPickerList(UUID queryID, Hashtable data) | 83 | return base.GetAgentByUUID(userId); |
87 | { | ||
88 | return m_remoteUserServices.ConvertXMLRPCDataToAvatarPickerList(queryID, data); | ||
89 | } | 84 | } |
90 | 85 | ||
91 | public List<FriendListItem> ConvertXMLRPCDataToFriendListItemList(Hashtable data) | ||
92 | { | ||
93 | return m_remoteUserServices.ConvertXMLRPCDataToFriendListItemList(data); | ||
94 | } | ||
95 | 86 | ||
96 | /// <summary> | 87 | /// <summary> |
97 | /// Logs off a user on the user server | 88 | /// Logs off a user on the user server |
@@ -101,9 +92,13 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
101 | /// <param name="regionhandle">regionhandle</param> | 92 | /// <param name="regionhandle">regionhandle</param> |
102 | /// <param name="position">final position</param> | 93 | /// <param name="position">final position</param> |
103 | /// <param name="lookat">final lookat</param> | 94 | /// <param name="lookat">final lookat</param> |
104 | public void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, Vector3 position, Vector3 lookat) | 95 | public override void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, Vector3 position, Vector3 lookat) |
105 | { | 96 | { |
106 | m_remoteUserServices.LogOffUser(userid, regionid, regionhandle, position, lookat); | 97 | string url = string.Empty; |
98 | if ((m_localUserServices != null) && !IsForeignUser(userid, out url)) | ||
99 | m_localUserServices.LogOffUser(userid, regionid, regionhandle, position, lookat); | ||
100 | else | ||
101 | base.LogOffUser(userid, regionid, regionhandle, position, lookat); | ||
107 | } | 102 | } |
108 | 103 | ||
109 | /// <summary> | 104 | /// <summary> |
@@ -115,19 +110,29 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
115 | /// <param name="posx">final position x</param> | 110 | /// <param name="posx">final position x</param> |
116 | /// <param name="posy">final position y</param> | 111 | /// <param name="posy">final position y</param> |
117 | /// <param name="posz">final position z</param> | 112 | /// <param name="posz">final position z</param> |
118 | public void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, float posx, float posy, float posz) | 113 | public override void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, float posx, float posy, float posz) |
119 | { | 114 | { |
120 | m_remoteUserServices.LogOffUser(userid, regionid, regionhandle, posx, posy, posz); | 115 | string url = string.Empty; |
116 | if ((m_localUserServices != null) && !IsForeignUser(userid, out url)) | ||
117 | m_localUserServices.LogOffUser(userid, regionid, regionhandle, posx, posy, posz); | ||
118 | else | ||
119 | base.LogOffUser(userid, regionid, regionhandle, posx, posy, posz); | ||
121 | } | 120 | } |
122 | 121 | ||
123 | public UserProfileData GetUserProfile(string firstName, string lastName) | 122 | public override UserProfileData GetUserProfile(string firstName, string lastName) |
124 | { | 123 | { |
124 | if (m_localUserServices != null) | ||
125 | return m_localUserServices.GetUserProfile(firstName, lastName); | ||
126 | |||
125 | return GetUserProfile(firstName + " " + lastName); | 127 | return GetUserProfile(firstName + " " + lastName); |
126 | } | 128 | } |
127 | 129 | ||
128 | public List<AvatarPickerAvatar> GenerateAgentPickerRequestResponse(UUID queryID, string query) | 130 | public override List<AvatarPickerAvatar> GenerateAgentPickerRequestResponse(UUID queryID, string query) |
129 | { | 131 | { |
130 | return m_remoteUserServices.GenerateAgentPickerRequestResponse(queryID, query); | 132 | if (m_localUserServices != null) |
133 | return m_localUserServices.GenerateAgentPickerRequestResponse(queryID, query); | ||
134 | |||
135 | return base.GenerateAgentPickerRequestResponse(queryID, query); | ||
131 | } | 136 | } |
132 | 137 | ||
133 | /// <summary> | 138 | /// <summary> |
@@ -135,9 +140,11 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
135 | /// </summary> | 140 | /// </summary> |
136 | /// <param name="avatarID"></param> | 141 | /// <param name="avatarID"></param> |
137 | /// <returns>null if the request fails</returns> | 142 | /// <returns>null if the request fails</returns> |
138 | public UserProfileData GetUserProfile(string name) | 143 | public override UserProfileData GetUserProfile(string name) |
139 | { | 144 | { |
140 | return m_remoteUserServices.GetUserProfile(name); | 145 | // This doesn't exist in LocalUserServices |
146 | |||
147 | return base.GetUserProfile(name); | ||
141 | } | 148 | } |
142 | 149 | ||
143 | /// <summary> | 150 | /// <summary> |
@@ -145,14 +152,24 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
145 | /// </summary> | 152 | /// </summary> |
146 | /// <param name="avatarID"></param> | 153 | /// <param name="avatarID"></param> |
147 | /// <returns>null if the request fails</returns> | 154 | /// <returns>null if the request fails</returns> |
148 | public UserProfileData GetUserProfile(UUID avatarID) | 155 | public override UserProfileData GetUserProfile(UUID avatarID) |
149 | { | 156 | { |
150 | return m_remoteUserServices.GetUserProfile(avatarID); | 157 | string url = string.Empty; |
158 | // Unfortunately we can't query for foreigners here, | ||
159 | // because we'll end up in an infinite loop... | ||
160 | //if ((m_localUserServices != null) && (!IsForeignUser(avatarID, out url))) | ||
161 | if (m_localUserServices != null) | ||
162 | return m_localUserServices.GetUserProfile(avatarID); | ||
163 | |||
164 | return base.GetUserProfile(avatarID); | ||
151 | } | 165 | } |
152 | 166 | ||
153 | public void ClearUserAgent(UUID avatarID) | 167 | public override void ClearUserAgent(UUID avatarID) |
154 | { | 168 | { |
155 | m_remoteUserServices.ClearUserAgent(avatarID); | 169 | if (m_localUserServices != null) |
170 | m_localUserServices.ClearUserAgent(avatarID); | ||
171 | else | ||
172 | base.ClearUserAgent(avatarID); | ||
156 | } | 173 | } |
157 | 174 | ||
158 | /// <summary> | 175 | /// <summary> |
@@ -160,9 +177,12 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
160 | /// </summary> | 177 | /// </summary> |
161 | /// <param name="uuid"></param> | 178 | /// <param name="uuid"></param> |
162 | /// <returns></returns> | 179 | /// <returns></returns> |
163 | public UserProfileData SetupMasterUser(string firstName, string lastName) | 180 | public override UserProfileData SetupMasterUser(string firstName, string lastName) |
164 | { | 181 | { |
165 | return m_remoteUserServices.SetupMasterUser(firstName, lastName); | 182 | if (m_localUserServices != null) |
183 | return m_localUserServices.SetupMasterUser(firstName, lastName); | ||
184 | |||
185 | return base.SetupMasterUser(firstName, lastName); | ||
166 | } | 186 | } |
167 | 187 | ||
168 | /// <summary> | 188 | /// <summary> |
@@ -170,9 +190,12 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
170 | /// </summary> | 190 | /// </summary> |
171 | /// <param name="uuid"></param> | 191 | /// <param name="uuid"></param> |
172 | /// <returns></returns> | 192 | /// <returns></returns> |
173 | public UserProfileData SetupMasterUser(string firstName, string lastName, string password) | 193 | public override UserProfileData SetupMasterUser(string firstName, string lastName, string password) |
174 | { | 194 | { |
175 | return m_remoteUserServices.SetupMasterUser(firstName, lastName, password); | 195 | if (m_localUserServices != null) |
196 | return m_localUserServices.SetupMasterUser(firstName, lastName, password); | ||
197 | |||
198 | return base.SetupMasterUser(firstName, lastName, password); | ||
176 | } | 199 | } |
177 | 200 | ||
178 | /// <summary> | 201 | /// <summary> |
@@ -180,36 +203,47 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
180 | /// </summary> | 203 | /// </summary> |
181 | /// <param name="uuid"></param> | 204 | /// <param name="uuid"></param> |
182 | /// <returns></returns> | 205 | /// <returns></returns> |
183 | public UserProfileData SetupMasterUser(UUID uuid) | 206 | public override UserProfileData SetupMasterUser(UUID uuid) |
184 | { | 207 | { |
185 | return m_remoteUserServices.SetupMasterUser(uuid); | 208 | if (m_localUserServices != null) |
209 | return m_localUserServices.SetupMasterUser(uuid); | ||
210 | |||
211 | return base.SetupMasterUser(uuid); | ||
186 | } | 212 | } |
187 | 213 | ||
188 | public UUID AddUserProfile(string firstName, string lastName, string pass, uint regX, uint regY) | 214 | public override bool ResetUserPassword(string firstName, string lastName, string newPassword) |
189 | { | 215 | { |
190 | return m_remoteUserServices.AddUserProfile(firstName, lastName, pass, regX, regY); | 216 | if (m_localUserServices != null) |
217 | return m_localUserServices.ResetUserPassword(firstName, lastName, newPassword); | ||
218 | else | ||
219 | return base.ResetUserPassword(firstName, lastName, newPassword); | ||
191 | } | 220 | } |
192 | |||
193 | public bool ResetUserPassword(string firstName, string lastName, string newPassword) | ||
194 | { | ||
195 | return m_remoteUserServices.ResetUserPassword(firstName, lastName, newPassword); | ||
196 | } | ||
197 | 221 | ||
198 | public bool UpdateUserProfile(UserProfileData userProfile) | 222 | public override bool UpdateUserProfile(UserProfileData userProfile) |
199 | { | 223 | { |
200 | return m_remoteUserServices.UpdateUserProfile(userProfile); | 224 | string url = string.Empty; |
225 | if ((m_localUserServices != null) && (!IsForeignUser(userProfile.ID, out url))) | ||
226 | return m_localUserServices.UpdateUserProfile(userProfile); | ||
227 | |||
228 | return base.UpdateUserProfile(userProfile); | ||
201 | } | 229 | } |
202 | 230 | ||
203 | #region IUserServices Friend Methods | 231 | #region IUserServices Friend Methods |
232 | |||
233 | // NOTE: We're still not dealing with foreign user friends | ||
234 | |||
204 | /// <summary> | 235 | /// <summary> |
205 | /// Adds a new friend to the database for XUser | 236 | /// Adds a new friend to the database for XUser |
206 | /// </summary> | 237 | /// </summary> |
207 | /// <param name="friendlistowner">The agent that who's friends list is being added to</param> | 238 | /// <param name="friendlistowner">The agent that who's friends list is being added to</param> |
208 | /// <param name="friend">The agent that being added to the friends list of the friends list owner</param> | 239 | /// <param name="friend">The agent that being added to the friends list of the friends list owner</param> |
209 | /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> | 240 | /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> |
210 | public void AddNewUserFriend(UUID friendlistowner, UUID friend, uint perms) | 241 | public override void AddNewUserFriend(UUID friendlistowner, UUID friend, uint perms) |
211 | { | 242 | { |
212 | m_remoteUserServices.AddNewUserFriend(friendlistowner, friend, perms); | 243 | if (m_localUserServices != null) |
244 | m_localUserServices.AddNewUserFriend(friendlistowner, friend, perms); | ||
245 | else | ||
246 | base.AddNewUserFriend(friendlistowner, friend, perms); | ||
213 | } | 247 | } |
214 | 248 | ||
215 | /// <summary> | 249 | /// <summary> |
@@ -217,9 +251,12 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
217 | /// </summary> | 251 | /// </summary> |
218 | /// <param name="friendlistowner">The agent that who's friends list is being updated</param> | 252 | /// <param name="friendlistowner">The agent that who's friends list is being updated</param> |
219 | /// <param name="friend">The Ex-friend agent</param> | 253 | /// <param name="friend">The Ex-friend agent</param> |
220 | public void RemoveUserFriend(UUID friendlistowner, UUID friend) | 254 | public override void RemoveUserFriend(UUID friendlistowner, UUID friend) |
221 | { | 255 | { |
222 | m_remoteUserServices.RemoveUserFriend(friend, friend); | 256 | if (m_localUserServices != null) |
257 | m_localUserServices.RemoveUserFriend(friendlistowner, friend); | ||
258 | else | ||
259 | base.RemoveUserFriend(friend, friend); | ||
223 | } | 260 | } |
224 | 261 | ||
225 | /// <summary> | 262 | /// <summary> |
@@ -228,39 +265,79 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
228 | /// <param name="friendlistowner">The agent that who's friends list is being updated</param> | 265 | /// <param name="friendlistowner">The agent that who's friends list is being updated</param> |
229 | /// <param name="friend">The agent that is getting or loosing permissions</param> | 266 | /// <param name="friend">The agent that is getting or loosing permissions</param> |
230 | /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> | 267 | /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> |
231 | public void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms) | 268 | public override void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms) |
232 | { | 269 | { |
233 | m_remoteUserServices.UpdateUserFriendPerms(friendlistowner, friend, perms); | 270 | if (m_localUserServices != null) |
271 | m_localUserServices.UpdateUserFriendPerms(friendlistowner, friend, perms); | ||
272 | else | ||
273 | base.UpdateUserFriendPerms(friendlistowner, friend, perms); | ||
234 | } | 274 | } |
235 | /// <summary> | 275 | /// <summary> |
236 | /// Returns a list of FriendsListItems that describe the friends and permissions in the friend relationship for UUID friendslistowner | 276 | /// Returns a list of FriendsListItems that describe the friends and permissions in the friend relationship for UUID friendslistowner |
237 | /// </summary> | 277 | /// </summary> |
238 | /// <param name="friendlistowner">The agent that we're retreiving the friends Data.</param> | 278 | /// <param name="friendlistowner">The agent that we're retreiving the friends Data.</param> |
239 | public List<FriendListItem> GetUserFriendList(UUID friendlistowner) | 279 | public override List<FriendListItem> GetUserFriendList(UUID friendlistowner) |
240 | { | 280 | { |
241 | return m_remoteUserServices.GetUserFriendList(friendlistowner); | 281 | if (m_localUserServices != null) |
282 | return m_localUserServices.GetUserFriendList(friendlistowner); | ||
283 | |||
284 | return base.GetUserFriendList(friendlistowner); | ||
242 | } | 285 | } |
243 | 286 | ||
244 | #endregion | 287 | #endregion |
245 | 288 | ||
246 | /// Appearance | 289 | /// Appearance |
247 | public AvatarAppearance GetUserAppearance(UUID user) | 290 | public override AvatarAppearance GetUserAppearance(UUID user) |
248 | { | 291 | { |
249 | return m_remoteUserServices.GetUserAppearance(user); | 292 | string url = string.Empty; |
293 | if ((m_localUserServices != null) && (!IsForeignUser(user, out url))) | ||
294 | return m_localUserServices.GetUserAppearance(user); | ||
295 | else | ||
296 | return base.GetUserAppearance(user); | ||
250 | } | 297 | } |
251 | 298 | ||
252 | public void UpdateUserAppearance(UUID user, AvatarAppearance appearance) | 299 | public override void UpdateUserAppearance(UUID user, AvatarAppearance appearance) |
253 | { | 300 | { |
254 | m_remoteUserServices.UpdateUserAppearance(user, appearance); | 301 | string url = string.Empty; |
302 | if ((m_localUserServices != null) && (!IsForeignUser(user, out url))) | ||
303 | m_localUserServices.UpdateUserAppearance(user, appearance); | ||
304 | else | ||
305 | base.UpdateUserAppearance(user, appearance); | ||
255 | } | 306 | } |
256 | 307 | ||
257 | #region IMessagingService | 308 | #region IMessagingService |
258 | 309 | ||
259 | public Dictionary<UUID, FriendRegionInfo> GetFriendRegionInfos(List<UUID> uuids) | 310 | public override Dictionary<UUID, FriendRegionInfo> GetFriendRegionInfos(List<UUID> uuids) |
260 | { | 311 | { |
261 | return m_remoteUserServices.GetFriendRegionInfos(uuids); | 312 | if (m_localUserServices != null) |
313 | return m_localUserServices.GetFriendRegionInfos(uuids); | ||
314 | |||
315 | return base.GetFriendRegionInfos(uuids); | ||
262 | } | 316 | } |
263 | #endregion | 317 | #endregion |
264 | 318 | ||
319 | protected override string GetUserServerURL(UUID userID) | ||
320 | { | ||
321 | string serverURL = string.Empty; | ||
322 | if (IsForeignUser(userID, out serverURL)) | ||
323 | return serverURL; | ||
324 | |||
325 | return m_commsManager.NetworkServersInfo.UserURL; | ||
326 | } | ||
327 | |||
328 | private bool IsForeignUser(UUID userID, out string userServerURL) | ||
329 | { | ||
330 | userServerURL = string.Empty; | ||
331 | CachedUserInfo uinfo = m_commsManager.UserProfileCacheService.GetUserDetails(userID); | ||
332 | if (uinfo != null) | ||
333 | { | ||
334 | if (!HGNetworkServersInfo.Singleton.IsLocalUser(uinfo.UserProfile)) | ||
335 | { | ||
336 | userServerURL = ((ForeignUserProfileData)(uinfo.UserProfile)).UserServerURI; | ||
337 | return true; | ||
338 | } | ||
339 | } | ||
340 | return false; | ||
341 | } | ||
265 | } | 342 | } |
266 | } | 343 | } |
diff --git a/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs b/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs index 87272a1..97ffeae 100644 --- a/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs +++ b/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs | |||
@@ -59,6 +59,9 @@ namespace OpenSim.Region.CoreModules.Communications.REST | |||
59 | 59 | ||
60 | protected RegionToRegionClient m_regionClient; | 60 | protected RegionToRegionClient m_regionClient; |
61 | 61 | ||
62 | protected bool m_safemode; | ||
63 | protected IPAddress m_thisIP; | ||
64 | |||
62 | #region IRegionModule | 65 | #region IRegionModule |
63 | 66 | ||
64 | public virtual void Initialise(Scene scene, IConfigSource config) | 67 | public virtual void Initialise(Scene scene, IConfigSource config) |
@@ -74,6 +77,9 @@ namespace OpenSim.Region.CoreModules.Communications.REST | |||
74 | { | 77 | { |
75 | m_log.Info("[REST COMMS]: Enabling InterregionComms RESTComms module"); | 78 | m_log.Info("[REST COMMS]: Enabling InterregionComms RESTComms module"); |
76 | m_enabled = true; | 79 | m_enabled = true; |
80 | if (config.Configs["Hypergrid"] != null) | ||
81 | m_safemode = config.Configs["Hypergrid"].GetBoolean("safemode", false); | ||
82 | |||
77 | InitOnce(scene); | 83 | InitOnce(scene); |
78 | } | 84 | } |
79 | } | 85 | } |
@@ -117,6 +123,7 @@ namespace OpenSim.Region.CoreModules.Communications.REST | |||
117 | m_commsManager = scene.CommsManager; | 123 | m_commsManager = scene.CommsManager; |
118 | m_aScene = scene; | 124 | m_aScene = scene; |
119 | m_regionClient = new RegionToRegionClient(m_aScene); | 125 | m_regionClient = new RegionToRegionClient(m_aScene); |
126 | m_thisIP = Util.GetHostFromDNS(scene.RegionInfo.ExternalHostName); | ||
120 | } | 127 | } |
121 | 128 | ||
122 | protected virtual void AddHTTPHandlers() | 129 | protected virtual void AddHTTPHandlers() |
@@ -148,7 +155,7 @@ namespace OpenSim.Region.CoreModules.Communications.REST | |||
148 | { | 155 | { |
149 | m_regionClient.SendUserInformation(regInfo, aCircuit); | 156 | m_regionClient.SendUserInformation(regInfo, aCircuit); |
150 | 157 | ||
151 | return m_regionClient.DoCreateChildAgentCall(regInfo, aCircuit); | 158 | return m_regionClient.DoCreateChildAgentCall(regInfo, aCircuit, "None"); |
152 | } | 159 | } |
153 | //else | 160 | //else |
154 | // m_log.Warn("[REST COMMS]: Region not found " + regionHandle); | 161 | // m_log.Warn("[REST COMMS]: Region not found " + regionHandle); |
@@ -331,6 +338,7 @@ namespace OpenSim.Region.CoreModules.Communications.REST | |||
331 | responsedata["content_type"] = "text/html"; | 338 | responsedata["content_type"] = "text/html"; |
332 | responsedata["keepalive"] = false; | 339 | responsedata["keepalive"] = false; |
333 | 340 | ||
341 | |||
334 | UUID agentID; | 342 | UUID agentID; |
335 | string action; | 343 | string action; |
336 | ulong regionHandle; | 344 | ulong regionHandle; |
@@ -378,6 +386,28 @@ namespace OpenSim.Region.CoreModules.Communications.REST | |||
378 | 386 | ||
379 | protected virtual void DoAgentPost(Hashtable request, Hashtable responsedata, UUID id) | 387 | protected virtual void DoAgentPost(Hashtable request, Hashtable responsedata, UUID id) |
380 | { | 388 | { |
389 | if (m_safemode) | ||
390 | { | ||
391 | // Authentication | ||
392 | string authority = string.Empty; | ||
393 | string authToken = string.Empty; | ||
394 | if (!GetAuthentication(request, out authority, out authToken)) | ||
395 | { | ||
396 | m_log.InfoFormat("[REST COMMS]: Authentication failed for agent message {0}", request["uri"]); | ||
397 | responsedata["int_response_code"] = 403; | ||
398 | responsedata["str_response_string"] = "Forbidden"; | ||
399 | return ; | ||
400 | } | ||
401 | if (!VerifyKey(id, authority, authToken)) | ||
402 | { | ||
403 | m_log.InfoFormat("[REST COMMS]: Authentication failed for agent message {0}", request["uri"]); | ||
404 | responsedata["int_response_code"] = 403; | ||
405 | responsedata["str_response_string"] = "Forbidden"; | ||
406 | return ; | ||
407 | } | ||
408 | m_log.DebugFormat("[REST COMMS]: Authentication succeeded for {0}", id); | ||
409 | } | ||
410 | |||
381 | OSDMap args = RegionClient.GetOSDMap((string)request["body"]); | 411 | OSDMap args = RegionClient.GetOSDMap((string)request["body"]); |
382 | if (args == null) | 412 | if (args == null) |
383 | { | 413 | { |
@@ -793,6 +823,53 @@ namespace OpenSim.Region.CoreModules.Communications.REST | |||
793 | } | 823 | } |
794 | } | 824 | } |
795 | 825 | ||
826 | public static bool GetAuthentication(Hashtable request, out string authority, out string authKey) | ||
827 | { | ||
828 | authority = string.Empty; | ||
829 | authKey = string.Empty; | ||
830 | |||
831 | Uri authUri; | ||
832 | Hashtable headers = (Hashtable)request["headers"]; | ||
833 | |||
834 | // Authorization keys look like this: | ||
835 | // http://orgrid.org:8002/<uuid> | ||
836 | if (headers.ContainsKey("authorization") && (string)headers["authorization"] != "None") | ||
837 | { | ||
838 | if (Uri.TryCreate((string)headers["authorization"], UriKind.Absolute, out authUri)) | ||
839 | { | ||
840 | authority = authUri.Authority; | ||
841 | authKey = authUri.PathAndQuery.Trim('/'); | ||
842 | m_log.DebugFormat("[REST COMMS]: Got authority {0} and key {1}", authority, authKey); | ||
843 | return true; | ||
844 | } | ||
845 | else | ||
846 | m_log.Debug("[REST COMMS]: Wrong format for Authorization header: " + (string)headers["authorization"]); | ||
847 | } | ||
848 | else | ||
849 | m_log.Debug("[REST COMMS]: Authorization header not found"); | ||
850 | |||
851 | return false; | ||
852 | } | ||
853 | |||
854 | bool VerifyKey(UUID userID, string authority, string key) | ||
855 | { | ||
856 | string[] parts = authority.Split(':'); | ||
857 | IPAddress ipaddr = IPAddress.None; | ||
858 | uint port = 0; | ||
859 | if (parts.Length <= 2) | ||
860 | ipaddr = Util.GetHostFromDNS(parts[0]); | ||
861 | if (parts.Length == 2) | ||
862 | UInt32.TryParse(parts[1], out port); | ||
863 | |||
864 | // local authority (standalone), local call | ||
865 | if (m_thisIP.Equals(ipaddr) && (m_aScene.RegionInfo.HttpPort == port)) | ||
866 | return ((IAuthentication)m_aScene.CommsManager.UserAdminService).VerifyKey(userID, key); | ||
867 | // remote call | ||
868 | else | ||
869 | return AuthClient.VerifyKey("http://" + authority, userID, key); | ||
870 | } | ||
871 | |||
872 | |||
796 | #endregion Misc | 873 | #endregion Misc |
797 | 874 | ||
798 | protected class RegionToRegionClient : RegionClient | 875 | protected class RegionToRegionClient : RegionClient |
diff --git a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs index 3675583..f0d70a7 100644 --- a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs +++ b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs | |||
@@ -93,7 +93,7 @@ namespace OpenSim.Region.CoreModules.Hypergrid | |||
93 | 93 | ||
94 | m_inventoryService = new HGInventoryService(m_inventoryBase, | 94 | m_inventoryService = new HGInventoryService(m_inventoryBase, |
95 | ((AssetServerBase)m_scene.CommsManager.AssetCache.AssetServer).AssetProviderPlugin, | 95 | ((AssetServerBase)m_scene.CommsManager.AssetCache.AssetServer).AssetProviderPlugin, |
96 | (UserManagerBase)m_scene.CommsManager.UserService, m_scene.CommsManager.HttpServer, | 96 | (UserManagerBase)m_scene.CommsManager.UserAdminService, m_scene.CommsManager.HttpServer, |
97 | m_scene.CommsManager.NetworkServersInfo.InventoryURL); | 97 | m_scene.CommsManager.NetworkServersInfo.InventoryURL); |
98 | 98 | ||
99 | AddHttpHandlers(m_scene.CommsManager.HttpServer); | 99 | AddHttpHandlers(m_scene.CommsManager.HttpServer); |
diff --git a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs index f0e957b..c458b89 100644 --- a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs +++ b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs | |||
@@ -104,11 +104,12 @@ namespace OpenSim.Region.CoreModules.Hypergrid | |||
104 | IHttpServer httpServer = m_firstScene.CommsManager.HttpServer; | 104 | IHttpServer httpServer = m_firstScene.CommsManager.HttpServer; |
105 | 105 | ||
106 | //TODO: fix the casting of the user service, maybe by registering the userManagerBase with scenes, or refactoring so we just need a IUserService reference | 106 | //TODO: fix the casting of the user service, maybe by registering the userManagerBase with scenes, or refactoring so we just need a IUserService reference |
107 | m_loginService = new HGLoginAuthService((UserManagerBase)m_firstScene.CommsManager.UserService, welcomeMessage, m_firstScene.CommsManager.InterServiceInventoryService, m_firstScene.CommsManager.NetworkServersInfo, authenticate, rootFolder, this); | 107 | m_loginService = new HGLoginAuthService((UserManagerBase)m_firstScene.CommsManager.UserAdminService, welcomeMessage, m_firstScene.CommsManager.InterServiceInventoryService, m_firstScene.CommsManager.NetworkServersInfo, authenticate, rootFolder, this); |
108 | 108 | ||
109 | httpServer.AddXmlRPCHandler("hg_login", m_loginService.XmlRpcLoginMethod); | 109 | httpServer.AddXmlRPCHandler("hg_login", m_loginService.XmlRpcLoginMethod); |
110 | httpServer.AddXmlRPCHandler("hg_new_auth_key", m_loginService.XmlRpcGenerateKeyMethod); | 110 | httpServer.AddXmlRPCHandler("hg_new_auth_key", m_loginService.XmlRpcGenerateKeyMethod); |
111 | httpServer.AddXmlRPCHandler("hg_verify_auth_key", m_loginService.XmlRpcVerifyKeyMethod); | 111 | httpServer.AddXmlRPCHandler("hg_verify_auth_key", m_loginService.XmlRpcVerifyKeyMethod); |
112 | httpServer.AddXmlRPCHandler("check_auth_session", m_loginService.XmlRPCCheckAuthSession); | ||
112 | 113 | ||
113 | } | 114 | } |
114 | } | 115 | } |
diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs index c26adc0..5ffa64c 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.cs | |||
@@ -40,6 +40,7 @@ using OpenMetaverse.Imaging; | |||
40 | using OpenSim.Framework; | 40 | using OpenSim.Framework; |
41 | using OpenSim.Framework.Communications; | 41 | using OpenSim.Framework.Communications; |
42 | using OpenSim.Framework.Communications.Cache; | 42 | using OpenSim.Framework.Communications.Cache; |
43 | using OpenSim.Framework.Communications.Clients; | ||
43 | using OpenSim.Framework.Console; | 44 | using OpenSim.Framework.Console; |
44 | using OpenSim.Region.Framework.Interfaces; | 45 | using OpenSim.Region.Framework.Interfaces; |
45 | using OpenSim.Region.Framework.Scenes.Scripting; | 46 | using OpenSim.Region.Framework.Scenes.Scripting; |
@@ -2372,64 +2373,80 @@ namespace OpenSim.Region.Framework.Scenes | |||
2372 | /// <param name="agent"></param> | 2373 | /// <param name="agent"></param> |
2373 | public bool NewUserConnection(AgentCircuitData agent) | 2374 | public bool NewUserConnection(AgentCircuitData agent) |
2374 | { | 2375 | { |
2375 | CapsModule.NewUserConnection(agent); | 2376 | bool goodUserConnection = AuthenticateUser(agent); |
2376 | 2377 | ||
2377 | ScenePresence sp = m_sceneGraph.GetScenePresence(agent.AgentID); | 2378 | if (goodUserConnection) |
2378 | if (sp != null) | ||
2379 | { | 2379 | { |
2380 | m_log.DebugFormat( | 2380 | CapsModule.NewUserConnection(agent); |
2381 | "[SCENE]: Adjusting known seeds for existing agent {0} in {1}", | ||
2382 | agent.AgentID, RegionInfo.RegionName); | ||
2383 | 2381 | ||
2384 | sp.AdjustKnownSeeds(); | 2382 | ScenePresence sp = m_sceneGraph.GetScenePresence(agent.AgentID); |
2383 | if (sp != null) | ||
2384 | { | ||
2385 | m_log.DebugFormat( | ||
2386 | "[SCENE]: Adjusting known seeds for existing agent {0} in {1}", | ||
2387 | agent.AgentID, RegionInfo.RegionName); | ||
2385 | 2388 | ||
2386 | return true; | 2389 | sp.AdjustKnownSeeds(); |
2387 | } | ||
2388 | 2390 | ||
2389 | // Don't disable this log message - it's too helpful | 2391 | return true; |
2390 | m_log.InfoFormat( | 2392 | } |
2391 | "[CONNECTION BEGIN]: Region {0} told of incoming client {1} {2} {3} (circuit code {4})", | ||
2392 | RegionInfo.RegionName, agent.firstname, agent.lastname, agent.AgentID, agent.circuitcode); | ||
2393 | 2393 | ||
2394 | if (m_regInfo.EstateSettings.IsBanned(agent.AgentID)) | 2394 | // Don't disable this log message - it's too helpful |
2395 | { | 2395 | m_log.InfoFormat( |
2396 | m_log.WarnFormat( | 2396 | "[CONNECTION BEGIN]: Region {0} told of incoming client {1} {2} {3} (circuit code {4})", |
2397 | "[CONNECTION BEGIN]: Incoming user {0} at {1} is on the region banlist", | 2397 | RegionInfo.RegionName, agent.firstname, agent.lastname, agent.AgentID, agent.circuitcode); |
2398 | agent.AgentID, RegionInfo.RegionName); | 2398 | |
2399 | //return false; | 2399 | if (m_regInfo.EstateSettings.IsBanned(agent.AgentID)) |
2400 | } | 2400 | { |
2401 | m_log.WarnFormat( | ||
2402 | "[CONNECTION BEGIN]: Incoming user {0} at {1} is on the region banlist", | ||
2403 | agent.AgentID, RegionInfo.RegionName); | ||
2404 | //return false; | ||
2405 | } | ||
2401 | 2406 | ||
2402 | CapsModule.AddCapsHandler(agent.AgentID); | 2407 | CapsModule.AddCapsHandler(agent.AgentID); |
2403 | 2408 | ||
2404 | if (!agent.child) | 2409 | if (!agent.child) |
2405 | { | ||
2406 | // Honor parcel landing type and position. | ||
2407 | ILandObject land = LandChannel.GetLandObject(agent.startpos.X, agent.startpos.Y); | ||
2408 | if (land != null) | ||
2409 | { | 2410 | { |
2410 | if (land.landData.LandingType == (byte)1 && land.landData.UserLocation != Vector3.Zero) | 2411 | // Honor parcel landing type and position. |
2412 | ILandObject land = LandChannel.GetLandObject(agent.startpos.X, agent.startpos.Y); | ||
2413 | if (land != null) | ||
2411 | { | 2414 | { |
2412 | agent.startpos = land.landData.UserLocation; | 2415 | if (land.landData.LandingType == (byte)1 && land.landData.UserLocation != Vector3.Zero) |
2416 | { | ||
2417 | agent.startpos = land.landData.UserLocation; | ||
2418 | } | ||
2413 | } | 2419 | } |
2414 | } | 2420 | } |
2415 | } | ||
2416 | 2421 | ||
2417 | m_authenticateHandler.AddNewCircuit(agent.circuitcode, agent); | 2422 | m_authenticateHandler.AddNewCircuit(agent.circuitcode, agent); |
2418 | 2423 | ||
2419 | // rewrite session_id | 2424 | // rewrite session_id |
2420 | CachedUserInfo userinfo = CommsManager.UserProfileCacheService.GetUserDetails(agent.AgentID); | 2425 | CachedUserInfo userinfo = CommsManager.UserProfileCacheService.GetUserDetails(agent.AgentID); |
2426 | if (userinfo != null) | ||
2427 | { | ||
2428 | userinfo.SessionID = agent.SessionID; | ||
2429 | } | ||
2430 | else | ||
2431 | { | ||
2432 | m_log.WarnFormat( | ||
2433 | "[CONNECTION BEGIN]: We couldn't find a User Info record for {0}. This is usually an indication that the UUID we're looking up is invalid", agent.AgentID); | ||
2434 | } | ||
2421 | 2435 | ||
2422 | if (userinfo != null) | 2436 | return true; |
2423 | { | ||
2424 | userinfo.SessionID = agent.SessionID; | ||
2425 | } | 2437 | } |
2426 | else | 2438 | else |
2427 | { | 2439 | { |
2428 | m_log.WarnFormat( | 2440 | m_log.WarnFormat("[CONNECTION BEGIN]: failed to authenticate user {0} {1}. Denying connection.", agent.firstname, agent.lastname); |
2429 | "[CONNECTION BEGIN]: We couldn't find a User Info record for {0}. This is usually an indication that the UUID we're looking up is invalid", agent.AgentID); | 2441 | return false; |
2430 | } | 2442 | } |
2443 | } | ||
2431 | 2444 | ||
2432 | return true; | 2445 | public virtual bool AuthenticateUser(AgentCircuitData agent) |
2446 | { | ||
2447 | bool result = CommsManager.UserService.VerifySession(agent.AgentID, agent.SessionID); | ||
2448 | m_log.Debug("[CONNECTION BEGIN]: User authentication returned " + result); | ||
2449 | return result; | ||
2433 | } | 2450 | } |
2434 | 2451 | ||
2435 | public void UpdateCircuitData(AgentCircuitData data) | 2452 | public void UpdateCircuitData(AgentCircuitData data) |