diff options
author | Diva Canto | 2010-01-18 16:34:23 -0800 |
---|---|---|
committer | Diva Canto | 2010-01-18 16:34:23 -0800 |
commit | 3d536944153d4931cf891d6a788a47484f3e6f4d (patch) | |
tree | 53802c5f051e8fbb089aeed02e0b9de760fabd8a /OpenSim/Services | |
parent | * Added missing GatekeeperServiceConnector (diff) | |
download | opensim-SC-3d536944153d4931cf891d6a788a47484f3e6f4d.zip opensim-SC-3d536944153d4931cf891d6a788a47484f3e6f4d.tar.gz opensim-SC-3d536944153d4931cf891d6a788a47484f3e6f4d.tar.bz2 opensim-SC-3d536944153d4931cf891d6a788a47484f3e6f4d.tar.xz |
Go Home works. With security!!
Diffstat (limited to 'OpenSim/Services')
5 files changed, 248 insertions, 16 deletions
diff --git a/OpenSim/Services/Connectors/Hypergrid/HomeUsersSecurityServiceConnector.cs b/OpenSim/Services/Connectors/Hypergrid/HomeUsersSecurityServiceConnector.cs new file mode 100644 index 0000000..150690b --- /dev/null +++ b/OpenSim/Services/Connectors/Hypergrid/HomeUsersSecurityServiceConnector.cs | |||
@@ -0,0 +1,132 @@ | |||
1 | using System; | ||
2 | using System.Collections; | ||
3 | using System.Collections.Generic; | ||
4 | using System.Net; | ||
5 | using System.Reflection; | ||
6 | |||
7 | using OpenSim.Services.Interfaces; | ||
8 | |||
9 | using OpenMetaverse; | ||
10 | using log4net; | ||
11 | using Nwc.XmlRpc; | ||
12 | using Nini.Config; | ||
13 | |||
14 | namespace OpenSim.Services.Connectors.Hypergrid | ||
15 | { | ||
16 | public class HomeUsersSecurityServiceConnector : IHomeUsersSecurityService | ||
17 | { | ||
18 | private static readonly ILog m_log = | ||
19 | LogManager.GetLogger( | ||
20 | MethodBase.GetCurrentMethod().DeclaringType); | ||
21 | |||
22 | string m_ServerURL; | ||
23 | public HomeUsersSecurityServiceConnector(string url) | ||
24 | { | ||
25 | m_ServerURL = url; | ||
26 | } | ||
27 | |||
28 | public HomeUsersSecurityServiceConnector(IConfigSource config) | ||
29 | { | ||
30 | } | ||
31 | |||
32 | public void SetEndPoint(UUID sessionID, IPEndPoint ep) | ||
33 | { | ||
34 | Hashtable hash = new Hashtable(); | ||
35 | hash["sessionID"] = sessionID.ToString(); | ||
36 | hash["ep_addr"] = ep.Address.ToString(); | ||
37 | hash["ep_port"] = ep.Port.ToString(); | ||
38 | |||
39 | Call("ep_set", hash); | ||
40 | } | ||
41 | |||
42 | public void RemoveEndPoint(UUID sessionID) | ||
43 | { | ||
44 | Hashtable hash = new Hashtable(); | ||
45 | hash["sessionID"] = sessionID.ToString(); | ||
46 | |||
47 | Call("ep_remove", hash); | ||
48 | } | ||
49 | |||
50 | public IPEndPoint GetEndPoint(UUID sessionID) | ||
51 | { | ||
52 | Hashtable hash = new Hashtable(); | ||
53 | hash["sessionID"] = sessionID.ToString(); | ||
54 | |||
55 | IList paramList = new ArrayList(); | ||
56 | paramList.Add(hash); | ||
57 | |||
58 | XmlRpcRequest request = new XmlRpcRequest("ep_get", paramList); | ||
59 | //m_log.Debug("[HGrid]: Linking to " + uri); | ||
60 | XmlRpcResponse response = null; | ||
61 | try | ||
62 | { | ||
63 | response = request.Send(m_ServerURL, 10000); | ||
64 | } | ||
65 | catch (Exception e) | ||
66 | { | ||
67 | m_log.Debug("[HGrid]: Exception " + e.Message); | ||
68 | return null; | ||
69 | } | ||
70 | |||
71 | if (response.IsFault) | ||
72 | { | ||
73 | m_log.ErrorFormat("[HGrid]: remote call returned an error: {0}", response.FaultString); | ||
74 | return null; | ||
75 | } | ||
76 | |||
77 | hash = (Hashtable)response.Value; | ||
78 | //foreach (Object o in hash) | ||
79 | // m_log.Debug(">> " + ((DictionaryEntry)o).Key + ":" + ((DictionaryEntry)o).Value); | ||
80 | try | ||
81 | { | ||
82 | bool success = false; | ||
83 | Boolean.TryParse((string)hash["result"], out success); | ||
84 | if (success) | ||
85 | { | ||
86 | IPEndPoint ep = null; | ||
87 | int port = 0; | ||
88 | if (hash["ep_port"] != null) | ||
89 | Int32.TryParse((string)hash["ep_port"], out port); | ||
90 | if (hash["ep_addr"] != null) | ||
91 | ep = new IPEndPoint(IPAddress.Parse((string)hash["ep_addr"]), port); | ||
92 | |||
93 | return ep; | ||
94 | } | ||
95 | |||
96 | } | ||
97 | catch (Exception e) | ||
98 | { | ||
99 | m_log.Error("[HGrid]: Got exception while parsing GetEndPoint response " + e.StackTrace); | ||
100 | return null; | ||
101 | } | ||
102 | |||
103 | return null; | ||
104 | } | ||
105 | |||
106 | private void Call(string method, Hashtable hash) | ||
107 | { | ||
108 | IList paramList = new ArrayList(); | ||
109 | paramList.Add(hash); | ||
110 | |||
111 | XmlRpcRequest request = new XmlRpcRequest(method, paramList); | ||
112 | XmlRpcResponse response = null; | ||
113 | try | ||
114 | { | ||
115 | response = request.Send(m_ServerURL, 10000); | ||
116 | } | ||
117 | catch (Exception e) | ||
118 | { | ||
119 | m_log.Debug("[HGrid]: Exception " + e.Message); | ||
120 | return ; | ||
121 | } | ||
122 | |||
123 | if (response.IsFault) | ||
124 | { | ||
125 | m_log.ErrorFormat("[HGrid]: remote call returned an error: {0}", response.FaultString); | ||
126 | return ; | ||
127 | } | ||
128 | |||
129 | } | ||
130 | |||
131 | } | ||
132 | } | ||
diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs index 55d9ce1..169cfa3 100644 --- a/OpenSim/Services/HypergridService/GatekeeperService.cs +++ b/OpenSim/Services/HypergridService/GatekeeperService.cs | |||
@@ -27,6 +27,7 @@ | |||
27 | 27 | ||
28 | using System; | 28 | using System; |
29 | using System.Collections.Generic; | 29 | using System.Collections.Generic; |
30 | using System.Net; | ||
30 | using System.Reflection; | 31 | using System.Reflection; |
31 | 32 | ||
32 | using OpenSim.Framework; | 33 | using OpenSim.Framework; |
@@ -51,6 +52,7 @@ namespace OpenSim.Services.HypergridService | |||
51 | IPresenceService m_PresenceService; | 52 | IPresenceService m_PresenceService; |
52 | IAuthenticationService m_AuthenticationService; | 53 | IAuthenticationService m_AuthenticationService; |
53 | IUserAccountService m_UserAccountService; | 54 | IUserAccountService m_UserAccountService; |
55 | IHomeUsersSecurityService m_HomeUsersSecurityService; | ||
54 | ISimulationService m_SimulationService; | 56 | ISimulationService m_SimulationService; |
55 | 57 | ||
56 | string m_AuthDll; | 58 | string m_AuthDll; |
@@ -66,14 +68,15 @@ namespace OpenSim.Services.HypergridService | |||
66 | throw new Exception(String.Format("No section GatekeeperService in config file")); | 68 | throw new Exception(String.Format("No section GatekeeperService in config file")); |
67 | 69 | ||
68 | string accountService = serverConfig.GetString("UserAccountService", String.Empty); | 70 | string accountService = serverConfig.GetString("UserAccountService", String.Empty); |
71 | string homeUsersSecurityService = serverConfig.GetString("HomeUsersSecurityService", string.Empty); | ||
69 | string gridService = serverConfig.GetString("GridService", String.Empty); | 72 | string gridService = serverConfig.GetString("GridService", String.Empty); |
70 | string presenceService = serverConfig.GetString("PresenceService", String.Empty); | 73 | string presenceService = serverConfig.GetString("PresenceService", String.Empty); |
71 | string simulationService = serverConfig.GetString("SimulationService", String.Empty); | 74 | string simulationService = serverConfig.GetString("SimulationService", String.Empty); |
72 | 75 | ||
73 | m_AuthDll = serverConfig.GetString("AuthenticationService", String.Empty); | 76 | m_AuthDll = serverConfig.GetString("AuthenticationService", String.Empty); |
74 | 77 | ||
75 | if (accountService == string.Empty || gridService == string.Empty || | 78 | // These 3 are mandatory, the others aren't |
76 | presenceService == string.Empty || m_AuthDll == string.Empty) | 79 | if (gridService == string.Empty || presenceService == string.Empty || m_AuthDll == string.Empty) |
77 | throw new Exception("Incomplete specifications, Gatekeeper Service cannot function."); | 80 | throw new Exception("Incomplete specifications, Gatekeeper Service cannot function."); |
78 | 81 | ||
79 | string scope = serverConfig.GetString("ScopeID", UUID.Zero.ToString()); | 82 | string scope = serverConfig.GetString("ScopeID", UUID.Zero.ToString()); |
@@ -82,16 +85,20 @@ namespace OpenSim.Services.HypergridService | |||
82 | m_AllowTeleportsToAnyRegion = serverConfig.GetBoolean("AllowTeleportsToAnyRegion", true); | 85 | m_AllowTeleportsToAnyRegion = serverConfig.GetBoolean("AllowTeleportsToAnyRegion", true); |
83 | 86 | ||
84 | Object[] args = new Object[] { config }; | 87 | Object[] args = new Object[] { config }; |
85 | m_UserAccountService = ServerUtils.LoadPlugin<IUserAccountService>(accountService, args); | ||
86 | m_GridService = ServerUtils.LoadPlugin<IGridService>(gridService, args); | 88 | m_GridService = ServerUtils.LoadPlugin<IGridService>(gridService, args); |
87 | m_PresenceService = ServerUtils.LoadPlugin<IPresenceService>(presenceService, args); | 89 | m_PresenceService = ServerUtils.LoadPlugin<IPresenceService>(presenceService, args); |
90 | |||
91 | if (accountService != string.Empty) | ||
92 | m_UserAccountService = ServerUtils.LoadPlugin<IUserAccountService>(accountService, args); | ||
93 | if (homeUsersSecurityService != string.Empty) | ||
94 | m_HomeUsersSecurityService = ServerUtils.LoadPlugin<IHomeUsersSecurityService>(homeUsersSecurityService, args); | ||
95 | |||
88 | if (simService != null) | 96 | if (simService != null) |
89 | m_SimulationService = simService; | 97 | m_SimulationService = simService; |
90 | else if (simulationService != string.Empty) | 98 | else if (simulationService != string.Empty) |
91 | m_SimulationService = ServerUtils.LoadPlugin<ISimulationService>(simulationService, args); | 99 | m_SimulationService = ServerUtils.LoadPlugin<ISimulationService>(simulationService, args); |
92 | 100 | ||
93 | if (m_UserAccountService == null || m_GridService == null || | 101 | if (m_GridService == null || m_PresenceService == null || m_SimulationService == null) |
94 | m_PresenceService == null || m_SimulationService == null) | ||
95 | throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); | 102 | throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); |
96 | 103 | ||
97 | m_log.Debug("[GATEKEEPER SERVICE]: Starting..."); | 104 | m_log.Debug("[GATEKEEPER SERVICE]: Starting..."); |
@@ -183,17 +190,31 @@ namespace OpenSim.Services.HypergridService | |||
183 | } | 190 | } |
184 | m_log.DebugFormat("[GATEKEEPER SERVICE]: Identity verified for {0} {1} @ {2}", aCircuit.firstname, aCircuit.lastname, authURL); | 191 | m_log.DebugFormat("[GATEKEEPER SERVICE]: Identity verified for {0} {1} @ {2}", aCircuit.firstname, aCircuit.lastname, authURL); |
185 | 192 | ||
186 | // Check to see if we have a local user with that UUID | 193 | //if (m_UserAccountService != null && m_HomeUsersSecurityService != null) |
187 | UserAccount account = m_UserAccountService.GetUserAccount(m_ScopeID, aCircuit.AgentID); | 194 | //{ |
188 | if (account != null) | 195 | // // Check to see if we have a local user with that UUID |
189 | { | 196 | // UserAccount account = m_UserAccountService.GetUserAccount(m_ScopeID, aCircuit.AgentID); |
190 | // No, sorry; go away | 197 | |
191 | reason = "User identifier not allowed on this grid"; | 198 | // // See if that user went out of this home grid |
192 | m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agent {0} {1} has UUID of local user {3}. Refusing service.", | 199 | // IPEndPoint ep = m_HomeUsersSecurityService.GetEndPoint(aCircuit.AgentID); |
193 | aCircuit.firstname, aCircuit.lastname, aCircuit.AgentID); | 200 | |
194 | return false; | 201 | // if (account != null) |
195 | } | 202 | // { |
196 | m_log.DebugFormat("[GATEKEEPER SERVICE]: User ID ok"); | 203 | // if ((ep == null) || // there's no memory of this agent going out |
204 | // (ep != null && (ep.Address != aCircuit.ClientEndPoint.Address || ep.Port != aCircuit.ClientEndPoint.Port))) // fake agent | ||
205 | // { | ||
206 | // // No, sorry; go away | ||
207 | // reason = "User identifier not allowed on this grid"; | ||
208 | // m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agent {0} {1} has UUID of local user {2}. Refusing service.", | ||
209 | // aCircuit.firstname, aCircuit.lastname, aCircuit.AgentID); | ||
210 | // return false; | ||
211 | // } | ||
212 | // else | ||
213 | // { | ||
214 | // } | ||
215 | // } | ||
216 | // m_log.DebugFormat("[GATEKEEPER SERVICE]: User ID ok"); | ||
217 | //} | ||
197 | 218 | ||
198 | // May want to authorize | 219 | // May want to authorize |
199 | 220 | ||
diff --git a/OpenSim/Services/HypergridService/HomeUsersSecurityService.cs b/OpenSim/Services/HypergridService/HomeUsersSecurityService.cs new file mode 100644 index 0000000..a7adfc1 --- /dev/null +++ b/OpenSim/Services/HypergridService/HomeUsersSecurityService.cs | |||
@@ -0,0 +1,67 @@ | |||
1 | using System; | ||
2 | using System.Collections.Generic; | ||
3 | using System.Net; | ||
4 | using System.Reflection; | ||
5 | |||
6 | using OpenSim.Services.Interfaces; | ||
7 | |||
8 | using OpenMetaverse; | ||
9 | using log4net; | ||
10 | using Nini.Config; | ||
11 | |||
12 | namespace OpenSim.Services.HypergridService | ||
13 | { | ||
14 | /// <summary> | ||
15 | /// This service is for HG1.5 only, to make up for the fact that clients don't | ||
16 | /// keep any private information in themselves, and that their 'home service' | ||
17 | /// needs to do it for them. | ||
18 | /// Once we have better clients, this shouldn't be needed. | ||
19 | /// </summary> | ||
20 | public class HomeUsersSecurityService : IHomeUsersSecurityService | ||
21 | { | ||
22 | private static readonly ILog m_log = | ||
23 | LogManager.GetLogger( | ||
24 | MethodBase.GetCurrentMethod().DeclaringType); | ||
25 | |||
26 | // | ||
27 | // This is a persistent storage wannabe for dealing with the | ||
28 | // quirks of HG1.5. We don't really want to store this in a table. | ||
29 | // But this is the necessary information for securing clients | ||
30 | // coming home. | ||
31 | // | ||
32 | protected static Dictionary<UUID, IPEndPoint> m_ClientEndPoints = new Dictionary<UUID, IPEndPoint>(); | ||
33 | |||
34 | public HomeUsersSecurityService(IConfigSource config) | ||
35 | { | ||
36 | m_log.DebugFormat("[HOME USERS SECURITY]: Starting..."); | ||
37 | } | ||
38 | |||
39 | public void SetEndPoint(UUID sessionID, IPEndPoint ep) | ||
40 | { | ||
41 | m_log.DebugFormat("[HOME USERS SECURITY]: Set EndPoint {0} for session {1}", ep.ToString(), sessionID); | ||
42 | |||
43 | lock (m_ClientEndPoints) | ||
44 | m_ClientEndPoints[sessionID] = ep; | ||
45 | } | ||
46 | |||
47 | public IPEndPoint GetEndPoint(UUID sessionID) | ||
48 | { | ||
49 | lock (m_ClientEndPoints) | ||
50 | if (m_ClientEndPoints.ContainsKey(sessionID)) | ||
51 | { | ||
52 | m_log.DebugFormat("[HOME USERS SECURITY]: Get EndPoint {0} for session {1}", m_ClientEndPoints[sessionID].ToString(), sessionID); | ||
53 | return m_ClientEndPoints[sessionID]; | ||
54 | } | ||
55 | |||
56 | return null; | ||
57 | } | ||
58 | |||
59 | public void RemoveEndPoint(UUID sessionID) | ||
60 | { | ||
61 | m_log.DebugFormat("[HOME USERS SECURITY]: Remove EndPoint for session {0}", sessionID); | ||
62 | lock (m_ClientEndPoints) | ||
63 | if (m_ClientEndPoints.ContainsKey(sessionID)) | ||
64 | m_ClientEndPoints.Remove(sessionID); | ||
65 | } | ||
66 | } | ||
67 | } | ||
diff --git a/OpenSim/Services/Interfaces/IGatekeeperService.cs b/OpenSim/Services/Interfaces/IGatekeeperService.cs index 59e0f82..5b5c9d1 100644 --- a/OpenSim/Services/Interfaces/IGatekeeperService.cs +++ b/OpenSim/Services/Interfaces/IGatekeeperService.cs | |||
@@ -26,6 +26,7 @@ | |||
26 | */ | 26 | */ |
27 | 27 | ||
28 | using System; | 28 | using System; |
29 | using System.Net; | ||
29 | using System.Collections.Generic; | 30 | using System.Collections.Generic; |
30 | 31 | ||
31 | using OpenSim.Framework; | 32 | using OpenSim.Framework; |
@@ -43,4 +44,14 @@ namespace OpenSim.Services.Interfaces | |||
43 | GridRegion GetHomeRegion(UUID userID, out Vector3 position, out Vector3 lookAt); | 44 | GridRegion GetHomeRegion(UUID userID, out Vector3 position, out Vector3 lookAt); |
44 | 45 | ||
45 | } | 46 | } |
47 | |||
48 | /// <summary> | ||
49 | /// HG1.5 only | ||
50 | /// </summary> | ||
51 | public interface IHomeUsersSecurityService | ||
52 | { | ||
53 | void SetEndPoint(UUID sessionID, IPEndPoint ep); | ||
54 | IPEndPoint GetEndPoint(UUID sessionID); | ||
55 | void RemoveEndPoint(UUID sessionID); | ||
56 | } | ||
46 | } | 57 | } |
diff --git a/OpenSim/Services/Interfaces/IHypergridService.cs b/OpenSim/Services/Interfaces/IHypergridService.cs index dd3c053..86ef1b4 100644 --- a/OpenSim/Services/Interfaces/IHypergridService.cs +++ b/OpenSim/Services/Interfaces/IHypergridService.cs | |||
@@ -43,6 +43,7 @@ namespace OpenSim.Services.Interfaces | |||
43 | GridRegion GetRegionByName(string name); | 43 | GridRegion GetRegionByName(string name); |
44 | List<GridRegion> GetRegionsByName(string name); | 44 | List<GridRegion> GetRegionsByName(string name); |
45 | List<GridRegion> GetRegionRange(int xmin, int xmax, int ymin, int ymax); | 45 | List<GridRegion> GetRegionRange(int xmin, int xmax, int ymin, int ymax); |
46 | |||
46 | } | 47 | } |
47 | 48 | ||
48 | } | 49 | } |