aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region
diff options
context:
space:
mode:
authordiva2009-04-14 19:35:35 +0000
committerdiva2009-04-14 19:35:35 +0000
commit0413d052a3ec541164049e7d39278c57fb92ed06 (patch)
tree9a58c9c51487278d67e1ad9b3a60668769434001 /OpenSim/Region
parent* Make archiver tests pump the asset server manually instead of starting the ... (diff)
downloadopensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.zip
opensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.tar.gz
opensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.tar.bz2
opensim-SC-0413d052a3ec541164049e7d39278c57fb92ed06.tar.xz
Adds session authentication upon NewUserConnections. Adds user key authentication (in safemode only) upon CreateChildAgents. All of this for Hypergrid users too. This addresses assorted spoofing vulnerabilities.
Diffstat (limited to 'OpenSim/Region')
-rw-r--r--OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs1
-rw-r--r--OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs6
-rw-r--r--OpenSim/Region/Communications/Hypergrid/HGUserServices.cs221
-rw-r--r--OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs79
-rw-r--r--OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs2
-rw-r--r--OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs3
-rw-r--r--OpenSim/Region/Framework/Scenes/Scene.cs93
7 files changed, 291 insertions, 114 deletions
diff --git a/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs b/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs
index d1be94f..2ef0fd3 100644
--- a/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs
+++ b/OpenSim/Region/Communications/Hypergrid/HGCommunicationsGridMode.cs
@@ -59,6 +59,7 @@ namespace OpenSim.Region.Communications.Hypergrid
59 59
60 // The HG InventoryService always uses secure handlers 60 // The HG InventoryService always uses secure handlers
61 HGInventoryServiceClient invService = new HGInventoryServiceClient(serversInfo.InventoryURL, this.m_userProfileCacheService, true); 61 HGInventoryServiceClient invService = new HGInventoryServiceClient(serversInfo.InventoryURL, this.m_userProfileCacheService, true);
62 invService.UserProfileCache = m_userProfileCacheService;
62 AddSecureInventoryService(invService); 63 AddSecureInventoryService(invService);
63 m_defaultInventoryHost = invService.Host; 64 m_defaultInventoryHost = invService.Host;
64 if (SecureInventoryService != null) 65 if (SecureInventoryService != null)
diff --git a/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs b/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs
index 5e3f229..156137e 100644
--- a/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs
+++ b/OpenSim/Region/Communications/Hypergrid/HGInventoryService.cs
@@ -62,7 +62,7 @@ namespace OpenSim.Region.Communications.Hypergrid
62 { 62 {
63 _inventoryServerUrl = HGNetworkServersInfo.ServerURI(inventoryServerUrl); 63 _inventoryServerUrl = HGNetworkServersInfo.ServerURI(inventoryServerUrl);
64 //m_Uri = new Uri(_inventoryServerUrl); 64 //m_Uri = new Uri(_inventoryServerUrl);
65 m_userProfileCache = userProfileCacheService; 65 //m_userProfileCache = userProfileCacheService;
66 m_gridmode = gridmode; 66 m_gridmode = gridmode;
67 } 67 }
68 68
@@ -506,6 +506,9 @@ namespace OpenSim.Region.Communications.Hypergrid
506 506
507 private bool IsLocalStandaloneUser(UUID userID) 507 private bool IsLocalStandaloneUser(UUID userID)
508 { 508 {
509 if (m_userProfileCache == null)
510 return false;
511
509 CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID); 512 CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID);
510 if (uinfo == null) 513 if (uinfo == null)
511 return true; 514 return true;
@@ -522,6 +525,7 @@ namespace OpenSim.Region.Communications.Hypergrid
522 private string GetUserInventoryURI(UUID userID) 525 private string GetUserInventoryURI(UUID userID)
523 { 526 {
524 string invURI = _inventoryServerUrl; 527 string invURI = _inventoryServerUrl;
528
525 CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID); 529 CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userID);
526 if ((uinfo == null) || (uinfo.UserProfile == null)) 530 if ((uinfo == null) || (uinfo.UserProfile == null))
527 return invURI; 531 return invURI;
diff --git a/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs b/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs
index ef08421..05ae5a9 100644
--- a/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs
+++ b/OpenSim/Region/Communications/Hypergrid/HGUserServices.cs
@@ -31,7 +31,10 @@ using System.Collections.Generic;
31using OpenMetaverse; 31using OpenMetaverse;
32using OpenSim.Framework; 32using OpenSim.Framework;
33using OpenSim.Framework.Communications; 33using OpenSim.Framework.Communications;
34using OpenSim.Framework.Communications.Cache;
35using OpenSim.Framework.Communications.Clients;
34using OpenSim.Region.Communications.OGS1; 36using OpenSim.Region.Communications.OGS1;
37using OpenSim.Region.Communications.Local;
35 38
36namespace OpenSim.Region.Communications.Hypergrid 39namespace OpenSim.Region.Communications.Hypergrid
37{ 40{
@@ -40,32 +43,30 @@ namespace OpenSim.Region.Communications.Hypergrid
40 /// so it always fails for foreign users. 43 /// so it always fails for foreign users.
41 /// Later it needs to talk with the foreign users' user servers. 44 /// Later it needs to talk with the foreign users' user servers.
42 /// </summary> 45 /// </summary>
43 public class HGUserServices : IUserService, IAvatarService, IMessagingService 46 public class HGUserServices : OGS1UserServices
44 { 47 {
45 //private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); 48 //private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
46 49
47 //private HGCommunicationsGridMode m_parent; 50 //private CommunicationsManager m_parent;
48 private OGS1UserServices m_remoteUserServices; 51 //private OGS1UserServices m_remoteUserServices;
52 private LocalUserServices m_localUserServices;
49 53
50 public HGUserServices(HGCommunicationsGridMode parent) 54 // Constructor called when running in grid mode
55 public HGUserServices(CommunicationsManager parent)
56 : base(parent)
51 { 57 {
52 //m_parent = parent;
53 m_remoteUserServices = new OGS1UserServices(parent);
54 } 58 }
55 59
56 public UserProfileData ConvertXMLRPCDataToUserProfile(Hashtable data) 60 // Constructor called when running in standalone
61 public HGUserServices(LocalUserServices local)
57 { 62 {
58 return m_remoteUserServices.ConvertXMLRPCDataToUserProfile(data); 63 m_localUserServices = local;
59 } 64 }
60 65
61 public UserProfileData GetUserProfile(Uri uri) 66 // Called for standalone mode only, to set up the communications manager
67 public void SetCommunicationsManager(CommunicationsManager parent)
62 { 68 {
63 throw new System.NotImplementedException(); 69 m_commsManager = parent;
64 }
65
66 public Uri GetUserUri(UserProfileData userProfile)
67 {
68 throw new NotImplementedException();
69 } 70 }
70 71
71 /// <summary> 72 /// <summary>
@@ -73,25 +74,15 @@ namespace OpenSim.Region.Communications.Hypergrid
73 /// </summary> 74 /// </summary>
74 /// <param name="avatarID"></param> 75 /// <param name="avatarID"></param>
75 /// <returns>null if the request fails</returns> 76 /// <returns>null if the request fails</returns>
76 public UserAgentData GetAgentByUUID(UUID userId) 77 public override UserAgentData GetAgentByUUID(UUID userId)
77 { 78 {
78 return m_remoteUserServices.GetAgentByUUID(userId); 79 string url = string.Empty;
79 } 80 if ((m_localUserServices != null) && !IsForeignUser(userId, out url))
80 81 return m_localUserServices.GetAgentByUUID(userId);
81 public AvatarAppearance ConvertXMLRPCDataToAvatarAppearance(Hashtable data)
82 {
83 return m_remoteUserServices.ConvertXMLRPCDataToAvatarAppearance(data);
84 }
85 82
86 public List<AvatarPickerAvatar> ConvertXMLRPCDataToAvatarPickerList(UUID queryID, Hashtable data) 83 return base.GetAgentByUUID(userId);
87 {
88 return m_remoteUserServices.ConvertXMLRPCDataToAvatarPickerList(queryID, data);
89 } 84 }
90 85
91 public List<FriendListItem> ConvertXMLRPCDataToFriendListItemList(Hashtable data)
92 {
93 return m_remoteUserServices.ConvertXMLRPCDataToFriendListItemList(data);
94 }
95 86
96 /// <summary> 87 /// <summary>
97 /// Logs off a user on the user server 88 /// Logs off a user on the user server
@@ -101,9 +92,13 @@ namespace OpenSim.Region.Communications.Hypergrid
101 /// <param name="regionhandle">regionhandle</param> 92 /// <param name="regionhandle">regionhandle</param>
102 /// <param name="position">final position</param> 93 /// <param name="position">final position</param>
103 /// <param name="lookat">final lookat</param> 94 /// <param name="lookat">final lookat</param>
104 public void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, Vector3 position, Vector3 lookat) 95 public override void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, Vector3 position, Vector3 lookat)
105 { 96 {
106 m_remoteUserServices.LogOffUser(userid, regionid, regionhandle, position, lookat); 97 string url = string.Empty;
98 if ((m_localUserServices != null) && !IsForeignUser(userid, out url))
99 m_localUserServices.LogOffUser(userid, regionid, regionhandle, position, lookat);
100 else
101 base.LogOffUser(userid, regionid, regionhandle, position, lookat);
107 } 102 }
108 103
109 /// <summary> 104 /// <summary>
@@ -115,19 +110,29 @@ namespace OpenSim.Region.Communications.Hypergrid
115 /// <param name="posx">final position x</param> 110 /// <param name="posx">final position x</param>
116 /// <param name="posy">final position y</param> 111 /// <param name="posy">final position y</param>
117 /// <param name="posz">final position z</param> 112 /// <param name="posz">final position z</param>
118 public void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, float posx, float posy, float posz) 113 public override void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, float posx, float posy, float posz)
119 { 114 {
120 m_remoteUserServices.LogOffUser(userid, regionid, regionhandle, posx, posy, posz); 115 string url = string.Empty;
116 if ((m_localUserServices != null) && !IsForeignUser(userid, out url))
117 m_localUserServices.LogOffUser(userid, regionid, regionhandle, posx, posy, posz);
118 else
119 base.LogOffUser(userid, regionid, regionhandle, posx, posy, posz);
121 } 120 }
122 121
123 public UserProfileData GetUserProfile(string firstName, string lastName) 122 public override UserProfileData GetUserProfile(string firstName, string lastName)
124 { 123 {
124 if (m_localUserServices != null)
125 return m_localUserServices.GetUserProfile(firstName, lastName);
126
125 return GetUserProfile(firstName + " " + lastName); 127 return GetUserProfile(firstName + " " + lastName);
126 } 128 }
127 129
128 public List<AvatarPickerAvatar> GenerateAgentPickerRequestResponse(UUID queryID, string query) 130 public override List<AvatarPickerAvatar> GenerateAgentPickerRequestResponse(UUID queryID, string query)
129 { 131 {
130 return m_remoteUserServices.GenerateAgentPickerRequestResponse(queryID, query); 132 if (m_localUserServices != null)
133 return m_localUserServices.GenerateAgentPickerRequestResponse(queryID, query);
134
135 return base.GenerateAgentPickerRequestResponse(queryID, query);
131 } 136 }
132 137
133 /// <summary> 138 /// <summary>
@@ -135,9 +140,11 @@ namespace OpenSim.Region.Communications.Hypergrid
135 /// </summary> 140 /// </summary>
136 /// <param name="avatarID"></param> 141 /// <param name="avatarID"></param>
137 /// <returns>null if the request fails</returns> 142 /// <returns>null if the request fails</returns>
138 public UserProfileData GetUserProfile(string name) 143 public override UserProfileData GetUserProfile(string name)
139 { 144 {
140 return m_remoteUserServices.GetUserProfile(name); 145 // This doesn't exist in LocalUserServices
146
147 return base.GetUserProfile(name);
141 } 148 }
142 149
143 /// <summary> 150 /// <summary>
@@ -145,14 +152,24 @@ namespace OpenSim.Region.Communications.Hypergrid
145 /// </summary> 152 /// </summary>
146 /// <param name="avatarID"></param> 153 /// <param name="avatarID"></param>
147 /// <returns>null if the request fails</returns> 154 /// <returns>null if the request fails</returns>
148 public UserProfileData GetUserProfile(UUID avatarID) 155 public override UserProfileData GetUserProfile(UUID avatarID)
149 { 156 {
150 return m_remoteUserServices.GetUserProfile(avatarID); 157 string url = string.Empty;
158 // Unfortunately we can't query for foreigners here,
159 // because we'll end up in an infinite loop...
160 //if ((m_localUserServices != null) && (!IsForeignUser(avatarID, out url)))
161 if (m_localUserServices != null)
162 return m_localUserServices.GetUserProfile(avatarID);
163
164 return base.GetUserProfile(avatarID);
151 } 165 }
152 166
153 public void ClearUserAgent(UUID avatarID) 167 public override void ClearUserAgent(UUID avatarID)
154 { 168 {
155 m_remoteUserServices.ClearUserAgent(avatarID); 169 if (m_localUserServices != null)
170 m_localUserServices.ClearUserAgent(avatarID);
171 else
172 base.ClearUserAgent(avatarID);
156 } 173 }
157 174
158 /// <summary> 175 /// <summary>
@@ -160,9 +177,12 @@ namespace OpenSim.Region.Communications.Hypergrid
160 /// </summary> 177 /// </summary>
161 /// <param name="uuid"></param> 178 /// <param name="uuid"></param>
162 /// <returns></returns> 179 /// <returns></returns>
163 public UserProfileData SetupMasterUser(string firstName, string lastName) 180 public override UserProfileData SetupMasterUser(string firstName, string lastName)
164 { 181 {
165 return m_remoteUserServices.SetupMasterUser(firstName, lastName); 182 if (m_localUserServices != null)
183 return m_localUserServices.SetupMasterUser(firstName, lastName);
184
185 return base.SetupMasterUser(firstName, lastName);
166 } 186 }
167 187
168 /// <summary> 188 /// <summary>
@@ -170,9 +190,12 @@ namespace OpenSim.Region.Communications.Hypergrid
170 /// </summary> 190 /// </summary>
171 /// <param name="uuid"></param> 191 /// <param name="uuid"></param>
172 /// <returns></returns> 192 /// <returns></returns>
173 public UserProfileData SetupMasterUser(string firstName, string lastName, string password) 193 public override UserProfileData SetupMasterUser(string firstName, string lastName, string password)
174 { 194 {
175 return m_remoteUserServices.SetupMasterUser(firstName, lastName, password); 195 if (m_localUserServices != null)
196 return m_localUserServices.SetupMasterUser(firstName, lastName, password);
197
198 return base.SetupMasterUser(firstName, lastName, password);
176 } 199 }
177 200
178 /// <summary> 201 /// <summary>
@@ -180,36 +203,47 @@ namespace OpenSim.Region.Communications.Hypergrid
180 /// </summary> 203 /// </summary>
181 /// <param name="uuid"></param> 204 /// <param name="uuid"></param>
182 /// <returns></returns> 205 /// <returns></returns>
183 public UserProfileData SetupMasterUser(UUID uuid) 206 public override UserProfileData SetupMasterUser(UUID uuid)
184 { 207 {
185 return m_remoteUserServices.SetupMasterUser(uuid); 208 if (m_localUserServices != null)
209 return m_localUserServices.SetupMasterUser(uuid);
210
211 return base.SetupMasterUser(uuid);
186 } 212 }
187 213
188 public UUID AddUserProfile(string firstName, string lastName, string pass, uint regX, uint regY) 214 public override bool ResetUserPassword(string firstName, string lastName, string newPassword)
189 { 215 {
190 return m_remoteUserServices.AddUserProfile(firstName, lastName, pass, regX, regY); 216 if (m_localUserServices != null)
217 return m_localUserServices.ResetUserPassword(firstName, lastName, newPassword);
218 else
219 return base.ResetUserPassword(firstName, lastName, newPassword);
191 } 220 }
192
193 public bool ResetUserPassword(string firstName, string lastName, string newPassword)
194 {
195 return m_remoteUserServices.ResetUserPassword(firstName, lastName, newPassword);
196 }
197 221
198 public bool UpdateUserProfile(UserProfileData userProfile) 222 public override bool UpdateUserProfile(UserProfileData userProfile)
199 { 223 {
200 return m_remoteUserServices.UpdateUserProfile(userProfile); 224 string url = string.Empty;
225 if ((m_localUserServices != null) && (!IsForeignUser(userProfile.ID, out url)))
226 return m_localUserServices.UpdateUserProfile(userProfile);
227
228 return base.UpdateUserProfile(userProfile);
201 } 229 }
202 230
203 #region IUserServices Friend Methods 231 #region IUserServices Friend Methods
232
233 // NOTE: We're still not dealing with foreign user friends
234
204 /// <summary> 235 /// <summary>
205 /// Adds a new friend to the database for XUser 236 /// Adds a new friend to the database for XUser
206 /// </summary> 237 /// </summary>
207 /// <param name="friendlistowner">The agent that who's friends list is being added to</param> 238 /// <param name="friendlistowner">The agent that who's friends list is being added to</param>
208 /// <param name="friend">The agent that being added to the friends list of the friends list owner</param> 239 /// <param name="friend">The agent that being added to the friends list of the friends list owner</param>
209 /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> 240 /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param>
210 public void AddNewUserFriend(UUID friendlistowner, UUID friend, uint perms) 241 public override void AddNewUserFriend(UUID friendlistowner, UUID friend, uint perms)
211 { 242 {
212 m_remoteUserServices.AddNewUserFriend(friendlistowner, friend, perms); 243 if (m_localUserServices != null)
244 m_localUserServices.AddNewUserFriend(friendlistowner, friend, perms);
245 else
246 base.AddNewUserFriend(friendlistowner, friend, perms);
213 } 247 }
214 248
215 /// <summary> 249 /// <summary>
@@ -217,9 +251,12 @@ namespace OpenSim.Region.Communications.Hypergrid
217 /// </summary> 251 /// </summary>
218 /// <param name="friendlistowner">The agent that who's friends list is being updated</param> 252 /// <param name="friendlistowner">The agent that who's friends list is being updated</param>
219 /// <param name="friend">The Ex-friend agent</param> 253 /// <param name="friend">The Ex-friend agent</param>
220 public void RemoveUserFriend(UUID friendlistowner, UUID friend) 254 public override void RemoveUserFriend(UUID friendlistowner, UUID friend)
221 { 255 {
222 m_remoteUserServices.RemoveUserFriend(friend, friend); 256 if (m_localUserServices != null)
257 m_localUserServices.RemoveUserFriend(friendlistowner, friend);
258 else
259 base.RemoveUserFriend(friend, friend);
223 } 260 }
224 261
225 /// <summary> 262 /// <summary>
@@ -228,39 +265,79 @@ namespace OpenSim.Region.Communications.Hypergrid
228 /// <param name="friendlistowner">The agent that who's friends list is being updated</param> 265 /// <param name="friendlistowner">The agent that who's friends list is being updated</param>
229 /// <param name="friend">The agent that is getting or loosing permissions</param> 266 /// <param name="friend">The agent that is getting or loosing permissions</param>
230 /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> 267 /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param>
231 public void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms) 268 public override void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms)
232 { 269 {
233 m_remoteUserServices.UpdateUserFriendPerms(friendlistowner, friend, perms); 270 if (m_localUserServices != null)
271 m_localUserServices.UpdateUserFriendPerms(friendlistowner, friend, perms);
272 else
273 base.UpdateUserFriendPerms(friendlistowner, friend, perms);
234 } 274 }
235 /// <summary> 275 /// <summary>
236 /// Returns a list of FriendsListItems that describe the friends and permissions in the friend relationship for UUID friendslistowner 276 /// Returns a list of FriendsListItems that describe the friends and permissions in the friend relationship for UUID friendslistowner
237 /// </summary> 277 /// </summary>
238 /// <param name="friendlistowner">The agent that we're retreiving the friends Data.</param> 278 /// <param name="friendlistowner">The agent that we're retreiving the friends Data.</param>
239 public List<FriendListItem> GetUserFriendList(UUID friendlistowner) 279 public override List<FriendListItem> GetUserFriendList(UUID friendlistowner)
240 { 280 {
241 return m_remoteUserServices.GetUserFriendList(friendlistowner); 281 if (m_localUserServices != null)
282 return m_localUserServices.GetUserFriendList(friendlistowner);
283
284 return base.GetUserFriendList(friendlistowner);
242 } 285 }
243 286
244 #endregion 287 #endregion
245 288
246 /// Appearance 289 /// Appearance
247 public AvatarAppearance GetUserAppearance(UUID user) 290 public override AvatarAppearance GetUserAppearance(UUID user)
248 { 291 {
249 return m_remoteUserServices.GetUserAppearance(user); 292 string url = string.Empty;
293 if ((m_localUserServices != null) && (!IsForeignUser(user, out url)))
294 return m_localUserServices.GetUserAppearance(user);
295 else
296 return base.GetUserAppearance(user);
250 } 297 }
251 298
252 public void UpdateUserAppearance(UUID user, AvatarAppearance appearance) 299 public override void UpdateUserAppearance(UUID user, AvatarAppearance appearance)
253 { 300 {
254 m_remoteUserServices.UpdateUserAppearance(user, appearance); 301 string url = string.Empty;
302 if ((m_localUserServices != null) && (!IsForeignUser(user, out url)))
303 m_localUserServices.UpdateUserAppearance(user, appearance);
304 else
305 base.UpdateUserAppearance(user, appearance);
255 } 306 }
256 307
257 #region IMessagingService 308 #region IMessagingService
258 309
259 public Dictionary<UUID, FriendRegionInfo> GetFriendRegionInfos(List<UUID> uuids) 310 public override Dictionary<UUID, FriendRegionInfo> GetFriendRegionInfos(List<UUID> uuids)
260 { 311 {
261 return m_remoteUserServices.GetFriendRegionInfos(uuids); 312 if (m_localUserServices != null)
313 return m_localUserServices.GetFriendRegionInfos(uuids);
314
315 return base.GetFriendRegionInfos(uuids);
262 } 316 }
263 #endregion 317 #endregion
264 318
319 protected override string GetUserServerURL(UUID userID)
320 {
321 string serverURL = string.Empty;
322 if (IsForeignUser(userID, out serverURL))
323 return serverURL;
324
325 return m_commsManager.NetworkServersInfo.UserURL;
326 }
327
328 private bool IsForeignUser(UUID userID, out string userServerURL)
329 {
330 userServerURL = string.Empty;
331 CachedUserInfo uinfo = m_commsManager.UserProfileCacheService.GetUserDetails(userID);
332 if (uinfo != null)
333 {
334 if (!HGNetworkServersInfo.Singleton.IsLocalUser(uinfo.UserProfile))
335 {
336 userServerURL = ((ForeignUserProfileData)(uinfo.UserProfile)).UserServerURI;
337 return true;
338 }
339 }
340 return false;
341 }
265 } 342 }
266} 343}
diff --git a/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs b/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs
index 87272a1..97ffeae 100644
--- a/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs
+++ b/OpenSim/Region/CoreModules/Communications/REST/RESTInterregionComms.cs
@@ -59,6 +59,9 @@ namespace OpenSim.Region.CoreModules.Communications.REST
59 59
60 protected RegionToRegionClient m_regionClient; 60 protected RegionToRegionClient m_regionClient;
61 61
62 protected bool m_safemode;
63 protected IPAddress m_thisIP;
64
62 #region IRegionModule 65 #region IRegionModule
63 66
64 public virtual void Initialise(Scene scene, IConfigSource config) 67 public virtual void Initialise(Scene scene, IConfigSource config)
@@ -74,6 +77,9 @@ namespace OpenSim.Region.CoreModules.Communications.REST
74 { 77 {
75 m_log.Info("[REST COMMS]: Enabling InterregionComms RESTComms module"); 78 m_log.Info("[REST COMMS]: Enabling InterregionComms RESTComms module");
76 m_enabled = true; 79 m_enabled = true;
80 if (config.Configs["Hypergrid"] != null)
81 m_safemode = config.Configs["Hypergrid"].GetBoolean("safemode", false);
82
77 InitOnce(scene); 83 InitOnce(scene);
78 } 84 }
79 } 85 }
@@ -117,6 +123,7 @@ namespace OpenSim.Region.CoreModules.Communications.REST
117 m_commsManager = scene.CommsManager; 123 m_commsManager = scene.CommsManager;
118 m_aScene = scene; 124 m_aScene = scene;
119 m_regionClient = new RegionToRegionClient(m_aScene); 125 m_regionClient = new RegionToRegionClient(m_aScene);
126 m_thisIP = Util.GetHostFromDNS(scene.RegionInfo.ExternalHostName);
120 } 127 }
121 128
122 protected virtual void AddHTTPHandlers() 129 protected virtual void AddHTTPHandlers()
@@ -148,7 +155,7 @@ namespace OpenSim.Region.CoreModules.Communications.REST
148 { 155 {
149 m_regionClient.SendUserInformation(regInfo, aCircuit); 156 m_regionClient.SendUserInformation(regInfo, aCircuit);
150 157
151 return m_regionClient.DoCreateChildAgentCall(regInfo, aCircuit); 158 return m_regionClient.DoCreateChildAgentCall(regInfo, aCircuit, "None");
152 } 159 }
153 //else 160 //else
154 // m_log.Warn("[REST COMMS]: Region not found " + regionHandle); 161 // m_log.Warn("[REST COMMS]: Region not found " + regionHandle);
@@ -331,6 +338,7 @@ namespace OpenSim.Region.CoreModules.Communications.REST
331 responsedata["content_type"] = "text/html"; 338 responsedata["content_type"] = "text/html";
332 responsedata["keepalive"] = false; 339 responsedata["keepalive"] = false;
333 340
341
334 UUID agentID; 342 UUID agentID;
335 string action; 343 string action;
336 ulong regionHandle; 344 ulong regionHandle;
@@ -378,6 +386,28 @@ namespace OpenSim.Region.CoreModules.Communications.REST
378 386
379 protected virtual void DoAgentPost(Hashtable request, Hashtable responsedata, UUID id) 387 protected virtual void DoAgentPost(Hashtable request, Hashtable responsedata, UUID id)
380 { 388 {
389 if (m_safemode)
390 {
391 // Authentication
392 string authority = string.Empty;
393 string authToken = string.Empty;
394 if (!GetAuthentication(request, out authority, out authToken))
395 {
396 m_log.InfoFormat("[REST COMMS]: Authentication failed for agent message {0}", request["uri"]);
397 responsedata["int_response_code"] = 403;
398 responsedata["str_response_string"] = "Forbidden";
399 return ;
400 }
401 if (!VerifyKey(id, authority, authToken))
402 {
403 m_log.InfoFormat("[REST COMMS]: Authentication failed for agent message {0}", request["uri"]);
404 responsedata["int_response_code"] = 403;
405 responsedata["str_response_string"] = "Forbidden";
406 return ;
407 }
408 m_log.DebugFormat("[REST COMMS]: Authentication succeeded for {0}", id);
409 }
410
381 OSDMap args = RegionClient.GetOSDMap((string)request["body"]); 411 OSDMap args = RegionClient.GetOSDMap((string)request["body"]);
382 if (args == null) 412 if (args == null)
383 { 413 {
@@ -793,6 +823,53 @@ namespace OpenSim.Region.CoreModules.Communications.REST
793 } 823 }
794 } 824 }
795 825
826 public static bool GetAuthentication(Hashtable request, out string authority, out string authKey)
827 {
828 authority = string.Empty;
829 authKey = string.Empty;
830
831 Uri authUri;
832 Hashtable headers = (Hashtable)request["headers"];
833
834 // Authorization keys look like this:
835 // http://orgrid.org:8002/<uuid>
836 if (headers.ContainsKey("authorization") && (string)headers["authorization"] != "None")
837 {
838 if (Uri.TryCreate((string)headers["authorization"], UriKind.Absolute, out authUri))
839 {
840 authority = authUri.Authority;
841 authKey = authUri.PathAndQuery.Trim('/');
842 m_log.DebugFormat("[REST COMMS]: Got authority {0} and key {1}", authority, authKey);
843 return true;
844 }
845 else
846 m_log.Debug("[REST COMMS]: Wrong format for Authorization header: " + (string)headers["authorization"]);
847 }
848 else
849 m_log.Debug("[REST COMMS]: Authorization header not found");
850
851 return false;
852 }
853
854 bool VerifyKey(UUID userID, string authority, string key)
855 {
856 string[] parts = authority.Split(':');
857 IPAddress ipaddr = IPAddress.None;
858 uint port = 0;
859 if (parts.Length <= 2)
860 ipaddr = Util.GetHostFromDNS(parts[0]);
861 if (parts.Length == 2)
862 UInt32.TryParse(parts[1], out port);
863
864 // local authority (standalone), local call
865 if (m_thisIP.Equals(ipaddr) && (m_aScene.RegionInfo.HttpPort == port))
866 return ((IAuthentication)m_aScene.CommsManager.UserAdminService).VerifyKey(userID, key);
867 // remote call
868 else
869 return AuthClient.VerifyKey("http://" + authority, userID, key);
870 }
871
872
796 #endregion Misc 873 #endregion Misc
797 874
798 protected class RegionToRegionClient : RegionClient 875 protected class RegionToRegionClient : RegionClient
diff --git a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs
index 3675583..f0d70a7 100644
--- a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs
+++ b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs
@@ -93,7 +93,7 @@ namespace OpenSim.Region.CoreModules.Hypergrid
93 93
94 m_inventoryService = new HGInventoryService(m_inventoryBase, 94 m_inventoryService = new HGInventoryService(m_inventoryBase,
95 ((AssetServerBase)m_scene.CommsManager.AssetCache.AssetServer).AssetProviderPlugin, 95 ((AssetServerBase)m_scene.CommsManager.AssetCache.AssetServer).AssetProviderPlugin,
96 (UserManagerBase)m_scene.CommsManager.UserService, m_scene.CommsManager.HttpServer, 96 (UserManagerBase)m_scene.CommsManager.UserAdminService, m_scene.CommsManager.HttpServer,
97 m_scene.CommsManager.NetworkServersInfo.InventoryURL); 97 m_scene.CommsManager.NetworkServersInfo.InventoryURL);
98 98
99 AddHttpHandlers(m_scene.CommsManager.HttpServer); 99 AddHttpHandlers(m_scene.CommsManager.HttpServer);
diff --git a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs
index f0e957b..c458b89 100644
--- a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs
+++ b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs
@@ -104,11 +104,12 @@ namespace OpenSim.Region.CoreModules.Hypergrid
104 IHttpServer httpServer = m_firstScene.CommsManager.HttpServer; 104 IHttpServer httpServer = m_firstScene.CommsManager.HttpServer;
105 105
106 //TODO: fix the casting of the user service, maybe by registering the userManagerBase with scenes, or refactoring so we just need a IUserService reference 106 //TODO: fix the casting of the user service, maybe by registering the userManagerBase with scenes, or refactoring so we just need a IUserService reference
107 m_loginService = new HGLoginAuthService((UserManagerBase)m_firstScene.CommsManager.UserService, welcomeMessage, m_firstScene.CommsManager.InterServiceInventoryService, m_firstScene.CommsManager.NetworkServersInfo, authenticate, rootFolder, this); 107 m_loginService = new HGLoginAuthService((UserManagerBase)m_firstScene.CommsManager.UserAdminService, welcomeMessage, m_firstScene.CommsManager.InterServiceInventoryService, m_firstScene.CommsManager.NetworkServersInfo, authenticate, rootFolder, this);
108 108
109 httpServer.AddXmlRPCHandler("hg_login", m_loginService.XmlRpcLoginMethod); 109 httpServer.AddXmlRPCHandler("hg_login", m_loginService.XmlRpcLoginMethod);
110 httpServer.AddXmlRPCHandler("hg_new_auth_key", m_loginService.XmlRpcGenerateKeyMethod); 110 httpServer.AddXmlRPCHandler("hg_new_auth_key", m_loginService.XmlRpcGenerateKeyMethod);
111 httpServer.AddXmlRPCHandler("hg_verify_auth_key", m_loginService.XmlRpcVerifyKeyMethod); 111 httpServer.AddXmlRPCHandler("hg_verify_auth_key", m_loginService.XmlRpcVerifyKeyMethod);
112 httpServer.AddXmlRPCHandler("check_auth_session", m_loginService.XmlRPCCheckAuthSession);
112 113
113 } 114 }
114 } 115 }
diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs
index c26adc0..5ffa64c 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.cs
@@ -40,6 +40,7 @@ using OpenMetaverse.Imaging;
40using OpenSim.Framework; 40using OpenSim.Framework;
41using OpenSim.Framework.Communications; 41using OpenSim.Framework.Communications;
42using OpenSim.Framework.Communications.Cache; 42using OpenSim.Framework.Communications.Cache;
43using OpenSim.Framework.Communications.Clients;
43using OpenSim.Framework.Console; 44using OpenSim.Framework.Console;
44using OpenSim.Region.Framework.Interfaces; 45using OpenSim.Region.Framework.Interfaces;
45using OpenSim.Region.Framework.Scenes.Scripting; 46using OpenSim.Region.Framework.Scenes.Scripting;
@@ -2372,64 +2373,80 @@ namespace OpenSim.Region.Framework.Scenes
2372 /// <param name="agent"></param> 2373 /// <param name="agent"></param>
2373 public bool NewUserConnection(AgentCircuitData agent) 2374 public bool NewUserConnection(AgentCircuitData agent)
2374 { 2375 {
2375 CapsModule.NewUserConnection(agent); 2376 bool goodUserConnection = AuthenticateUser(agent);
2376 2377
2377 ScenePresence sp = m_sceneGraph.GetScenePresence(agent.AgentID); 2378 if (goodUserConnection)
2378 if (sp != null)
2379 { 2379 {
2380 m_log.DebugFormat( 2380 CapsModule.NewUserConnection(agent);
2381 "[SCENE]: Adjusting known seeds for existing agent {0} in {1}",
2382 agent.AgentID, RegionInfo.RegionName);
2383 2381
2384 sp.AdjustKnownSeeds(); 2382 ScenePresence sp = m_sceneGraph.GetScenePresence(agent.AgentID);
2383 if (sp != null)
2384 {
2385 m_log.DebugFormat(
2386 "[SCENE]: Adjusting known seeds for existing agent {0} in {1}",
2387 agent.AgentID, RegionInfo.RegionName);
2385 2388
2386 return true; 2389 sp.AdjustKnownSeeds();
2387 }
2388 2390
2389 // Don't disable this log message - it's too helpful 2391 return true;
2390 m_log.InfoFormat( 2392 }
2391 "[CONNECTION BEGIN]: Region {0} told of incoming client {1} {2} {3} (circuit code {4})",
2392 RegionInfo.RegionName, agent.firstname, agent.lastname, agent.AgentID, agent.circuitcode);
2393 2393
2394 if (m_regInfo.EstateSettings.IsBanned(agent.AgentID)) 2394 // Don't disable this log message - it's too helpful
2395 { 2395 m_log.InfoFormat(
2396 m_log.WarnFormat( 2396 "[CONNECTION BEGIN]: Region {0} told of incoming client {1} {2} {3} (circuit code {4})",
2397 "[CONNECTION BEGIN]: Incoming user {0} at {1} is on the region banlist", 2397 RegionInfo.RegionName, agent.firstname, agent.lastname, agent.AgentID, agent.circuitcode);
2398 agent.AgentID, RegionInfo.RegionName); 2398
2399 //return false; 2399 if (m_regInfo.EstateSettings.IsBanned(agent.AgentID))
2400 } 2400 {
2401 m_log.WarnFormat(
2402 "[CONNECTION BEGIN]: Incoming user {0} at {1} is on the region banlist",
2403 agent.AgentID, RegionInfo.RegionName);
2404 //return false;
2405 }
2401 2406
2402 CapsModule.AddCapsHandler(agent.AgentID); 2407 CapsModule.AddCapsHandler(agent.AgentID);
2403 2408
2404 if (!agent.child) 2409 if (!agent.child)
2405 {
2406 // Honor parcel landing type and position.
2407 ILandObject land = LandChannel.GetLandObject(agent.startpos.X, agent.startpos.Y);
2408 if (land != null)
2409 { 2410 {
2410 if (land.landData.LandingType == (byte)1 && land.landData.UserLocation != Vector3.Zero) 2411 // Honor parcel landing type and position.
2412 ILandObject land = LandChannel.GetLandObject(agent.startpos.X, agent.startpos.Y);
2413 if (land != null)
2411 { 2414 {
2412 agent.startpos = land.landData.UserLocation; 2415 if (land.landData.LandingType == (byte)1 && land.landData.UserLocation != Vector3.Zero)
2416 {
2417 agent.startpos = land.landData.UserLocation;
2418 }
2413 } 2419 }
2414 } 2420 }
2415 }
2416 2421
2417 m_authenticateHandler.AddNewCircuit(agent.circuitcode, agent); 2422 m_authenticateHandler.AddNewCircuit(agent.circuitcode, agent);
2418 2423
2419 // rewrite session_id 2424 // rewrite session_id
2420 CachedUserInfo userinfo = CommsManager.UserProfileCacheService.GetUserDetails(agent.AgentID); 2425 CachedUserInfo userinfo = CommsManager.UserProfileCacheService.GetUserDetails(agent.AgentID);
2426 if (userinfo != null)
2427 {
2428 userinfo.SessionID = agent.SessionID;
2429 }
2430 else
2431 {
2432 m_log.WarnFormat(
2433 "[CONNECTION BEGIN]: We couldn't find a User Info record for {0}. This is usually an indication that the UUID we're looking up is invalid", agent.AgentID);
2434 }
2421 2435
2422 if (userinfo != null) 2436 return true;
2423 {
2424 userinfo.SessionID = agent.SessionID;
2425 } 2437 }
2426 else 2438 else
2427 { 2439 {
2428 m_log.WarnFormat( 2440 m_log.WarnFormat("[CONNECTION BEGIN]: failed to authenticate user {0} {1}. Denying connection.", agent.firstname, agent.lastname);
2429 "[CONNECTION BEGIN]: We couldn't find a User Info record for {0}. This is usually an indication that the UUID we're looking up is invalid", agent.AgentID); 2441 return false;
2430 } 2442 }
2443 }
2431 2444
2432 return true; 2445 public virtual bool AuthenticateUser(AgentCircuitData agent)
2446 {
2447 bool result = CommsManager.UserService.VerifySession(agent.AgentID, agent.SessionID);
2448 m_log.Debug("[CONNECTION BEGIN]: User authentication returned " + result);
2449 return result;
2433 } 2450 }
2434 2451
2435 public void UpdateCircuitData(AgentCircuitData data) 2452 public void UpdateCircuitData(AgentCircuitData data)