aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Services
diff options
context:
space:
mode:
authorDiva Canto2012-09-21 21:03:14 -0700
committerDiva Canto2012-09-21 21:03:14 -0700
commit48f4b32d7f23c2d7a52db355017c8b2bb57b55fa (patch)
treeed64af8f3eb3842b75b4b645b3900cad033aa406 /OpenSim/Services
parentMerge branch 'master' of ssh://opensimulator.org/var/git/opensim (diff)
downloadopensim-SC-48f4b32d7f23c2d7a52db355017c8b2bb57b55fa.zip
opensim-SC-48f4b32d7f23c2d7a52db355017c8b2bb57b55fa.tar.gz
opensim-SC-48f4b32d7f23c2d7a52db355017c8b2bb57b55fa.tar.bz2
opensim-SC-48f4b32d7f23c2d7a52db355017c8b2bb57b55fa.tar.xz
More HG 2.0: access control at the Gatekeeper. \o/
Diffstat (limited to 'OpenSim/Services')
-rw-r--r--OpenSim/Services/HypergridService/GatekeeperService.cs62
1 files changed, 54 insertions, 8 deletions
diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs
index 47d22b9..0f7d7c6 100644
--- a/OpenSim/Services/HypergridService/GatekeeperService.cs
+++ b/OpenSim/Services/HypergridService/GatekeeperService.cs
@@ -58,9 +58,11 @@ namespace OpenSim.Services.HypergridService
58 private static IUserAgentService m_UserAgentService; 58 private static IUserAgentService m_UserAgentService;
59 private static ISimulationService m_SimulationService; 59 private static ISimulationService m_SimulationService;
60 60
61 protected string m_AllowedClients = string.Empty; 61 private static string m_AllowedClients = string.Empty;
62 protected string m_DeniedClients = string.Empty; 62 private static string m_DeniedClients = string.Empty;
63 private static bool m_ForeignAgentsAllowed = true; 63 private static bool m_ForeignAgentsAllowed = true;
64 private static List<string> m_ForeignsAllowedExceptions = new List<string>();
65 private static List<string> m_ForeignsDisallowedExceptions = new List<string>();
64 66
65 private static UUID m_ScopeID; 67 private static UUID m_ScopeID;
66 private static bool m_AllowTeleportsToAnyRegion; 68 private static bool m_AllowTeleportsToAnyRegion;
@@ -113,6 +115,9 @@ namespace OpenSim.Services.HypergridService
113 m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty); 115 m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty);
114 m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true); 116 m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true);
115 117
118 LoadDomainExceptionsFromConfig(serverConfig, "AllowExcept", m_ForeignsAllowedExceptions);
119 LoadDomainExceptionsFromConfig(serverConfig, "DisallowExcept", m_ForeignsDisallowedExceptions);
120
116 if (m_GridService == null || m_PresenceService == null || m_SimulationService == null) 121 if (m_GridService == null || m_PresenceService == null || m_SimulationService == null)
117 throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); 122 throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function.");
118 123
@@ -125,6 +130,15 @@ namespace OpenSim.Services.HypergridService
125 { 130 {
126 } 131 }
127 132
133 protected void LoadDomainExceptionsFromConfig(IConfig config, string variable, List<string> exceptions)
134 {
135 string value = config.GetString(variable, string.Empty);
136 string[] parts = value.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
137
138 foreach (string s in parts)
139 exceptions.Add(s.Trim());
140 }
141
128 public bool LinkRegion(string regionName, out UUID regionID, out ulong regionHandle, out string externalName, out string imageURL, out string reason) 142 public bool LinkRegion(string regionName, out UUID regionID, out ulong regionHandle, out string externalName, out string imageURL, out string reason)
129 { 143 {
130 regionID = UUID.Zero; 144 regionID = UUID.Zero;
@@ -260,14 +274,25 @@ namespace OpenSim.Services.HypergridService
260 m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok"); 274 m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok");
261 275
262 // 276 //
263 // Foreign agents allowed 277 // Foreign agents allowed? Exceptions?
264 // 278 //
265 if (account == null && !m_ForeignAgentsAllowed) 279 if (account == null)
266 { 280 {
267 reason = "Unauthorized"; 281 bool allowed = m_ForeignAgentsAllowed;
268 m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1}. Refusing service.", 282
269 aCircuit.firstname, aCircuit.lastname); 283 if (m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsAllowedExceptions))
270 return false; 284 allowed = false;
285
286 if (!m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsDisallowedExceptions))
287 allowed = true;
288
289 if (!allowed)
290 {
291 reason = "Destination does not allow visitors from your world";
292 m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1} @ {2}. Refusing service.",
293 aCircuit.firstname, aCircuit.lastname, aCircuit.ServiceURLs["HomeURI"]);
294 return false;
295 }
271 } 296 }
272 297
273 // May want to authorize 298 // May want to authorize
@@ -393,6 +418,27 @@ namespace OpenSim.Services.HypergridService
393 418
394 #region Misc 419 #region Misc
395 420
421 private bool IsException(AgentCircuitData aCircuit, List<string> exceptions)
422 {
423 bool exception = false;
424 if (exceptions.Count > 0) // we have exceptions
425 {
426 // Retrieve the visitor's origin
427 string userURL = aCircuit.ServiceURLs["HomeURI"].ToString();
428 if (!userURL.EndsWith("/"))
429 userURL += "/";
430
431 if (exceptions.Find(delegate(string s)
432 {
433 if (!s.EndsWith("/"))
434 s += "/";
435 return s == userURL;
436 }) != null)
437 exception = true;
438 }
439
440 return exception;
441 }
396 442
397 #endregion 443 #endregion
398 } 444 }