aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Services
diff options
context:
space:
mode:
authorDiva Canto2011-04-27 07:02:37 -0700
committerDiva Canto2011-04-27 07:02:37 -0700
commite0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f (patch)
tree3f9b2bc869684c243ecb66ac99e2ce48098ee708 /OpenSim/Services
parentBump minimum required mono to 2.4.3 from 2.4.2. OpenSim fails at runtime bel... (diff)
downloadopensim-SC-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.zip
opensim-SC-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.tar.gz
opensim-SC-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.tar.bz2
opensim-SC-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.tar.xz
Thank you Snoopy for a patch that adds some filtering to client versions allowed at login and HG-login times. NOTE: additional (optional) configuration variables in [LoginService] and [GatekeeperService]. See .examples.
Diffstat (limited to 'OpenSim/Services')
-rw-r--r--OpenSim/Services/HypergridService/GatekeeperService.cs39
-rw-r--r--OpenSim/Services/LLLoginService/LLLoginService.cs40
2 files changed, 74 insertions, 5 deletions
diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs
index b66bfed..9385b8d 100644
--- a/OpenSim/Services/HypergridService/GatekeeperService.cs
+++ b/OpenSim/Services/HypergridService/GatekeeperService.cs
@@ -29,6 +29,7 @@ using System;
29using System.Collections.Generic; 29using System.Collections.Generic;
30using System.Net; 30using System.Net;
31using System.Reflection; 31using System.Reflection;
32using System.Text.RegularExpressions;
32 33
33using OpenSim.Framework; 34using OpenSim.Framework;
34using OpenSim.Services.Interfaces; 35using OpenSim.Services.Interfaces;
@@ -57,6 +58,9 @@ namespace OpenSim.Services.HypergridService
57 private static IUserAgentService m_UserAgentService; 58 private static IUserAgentService m_UserAgentService;
58 private static ISimulationService m_SimulationService; 59 private static ISimulationService m_SimulationService;
59 60
61 protected string m_AllowedClients = string.Empty;
62 protected string m_DeniedClients = string.Empty;
63
60 private static UUID m_ScopeID; 64 private static UUID m_ScopeID;
61 private static bool m_AllowTeleportsToAnyRegion; 65 private static bool m_AllowTeleportsToAnyRegion;
62 private static string m_ExternalName; 66 private static string m_ExternalName;
@@ -104,6 +108,9 @@ namespace OpenSim.Services.HypergridService
104 else if (simulationService != string.Empty) 108 else if (simulationService != string.Empty)
105 m_SimulationService = ServerUtils.LoadPlugin<ISimulationService>(simulationService, args); 109 m_SimulationService = ServerUtils.LoadPlugin<ISimulationService>(simulationService, args);
106 110
111 m_AllowedClients = serverConfig.GetString("AllowedClients", string.Empty);
112 m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty);
113
107 if (m_GridService == null || m_PresenceService == null || m_SimulationService == null) 114 if (m_GridService == null || m_PresenceService == null || m_SimulationService == null)
108 throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); 115 throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function.");
109 116
@@ -181,8 +188,36 @@ namespace OpenSim.Services.HypergridService
181 string authURL = string.Empty; 188 string authURL = string.Empty;
182 if (aCircuit.ServiceURLs.ContainsKey("HomeURI")) 189 if (aCircuit.ServiceURLs.ContainsKey("HomeURI"))
183 authURL = aCircuit.ServiceURLs["HomeURI"].ToString(); 190 authURL = aCircuit.ServiceURLs["HomeURI"].ToString();
184 m_log.DebugFormat("[GATEKEEPER SERVICE]: Request to login foreign agent {0} {1} @ {2} ({3}) at destination {4}", 191 m_log.InfoFormat("[GATEKEEPER SERVICE]: Login request for {0} {1} @ {2} ({3}) at {4} using viewer {5}, channel {6}, IP {7}, Mac {8}, Id0 {9}",
185 aCircuit.firstname, aCircuit.lastname, authURL, aCircuit.AgentID, destination.RegionName); 192 aCircuit.firstname, aCircuit.lastname, authURL, aCircuit.AgentID, destination.RegionName,
193 aCircuit.Viewer, aCircuit.Channel, aCircuit.IPAddress, aCircuit.Mac, aCircuit.Id0);
194
195 //
196 // Check client
197 //
198 if (m_AllowedClients != string.Empty)
199 {
200 Regex arx = new Regex(m_AllowedClients);
201 Match am = arx.Match(aCircuit.Viewer);
202
203 if (!am.Success)
204 {
205 m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is not allowed", aCircuit.Viewer);
206 return false;
207 }
208 }
209
210 if (m_DeniedClients != string.Empty)
211 {
212 Regex drx = new Regex(m_DeniedClients);
213 Match dm = drx.Match(aCircuit.Viewer);
214
215 if (dm.Success)
216 {
217 m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is denied", aCircuit.Viewer);
218 return false;
219 }
220 }
186 221
187 // 222 //
188 // Authenticate the user 223 // Authenticate the user
diff --git a/OpenSim/Services/LLLoginService/LLLoginService.cs b/OpenSim/Services/LLLoginService/LLLoginService.cs
index d364aa4..9bcc3dd 100644
--- a/OpenSim/Services/LLLoginService/LLLoginService.cs
+++ b/OpenSim/Services/LLLoginService/LLLoginService.cs
@@ -77,7 +77,11 @@ namespace OpenSim.Services.LLLoginService
77 protected string m_MapTileURL; 77 protected string m_MapTileURL;
78 protected string m_SearchURL; 78 protected string m_SearchURL;
79 79
80 protected string m_AllowedClients;
81 protected string m_DeniedClients;
82
80 IConfig m_LoginServerConfig; 83 IConfig m_LoginServerConfig;
84 IConfig m_ClientsConfig;
81 85
82 public LLLoginService(IConfigSource config, ISimulationService simService, ILibraryService libraryService) 86 public LLLoginService(IConfigSource config, ISimulationService simService, ILibraryService libraryService)
83 { 87 {
@@ -105,7 +109,10 @@ namespace OpenSim.Services.LLLoginService
105 m_GatekeeperURL = m_LoginServerConfig.GetString("GatekeeperURI", string.Empty); 109 m_GatekeeperURL = m_LoginServerConfig.GetString("GatekeeperURI", string.Empty);
106 m_MapTileURL = m_LoginServerConfig.GetString("MapTileURL", string.Empty); 110 m_MapTileURL = m_LoginServerConfig.GetString("MapTileURL", string.Empty);
107 m_SearchURL = m_LoginServerConfig.GetString("SearchURL", string.Empty); 111 m_SearchURL = m_LoginServerConfig.GetString("SearchURL", string.Empty);
108 112
113 m_AllowedClients = m_LoginServerConfig.GetString("AllowedClients", string.Empty);
114 m_DeniedClients = m_LoginServerConfig.GetString("DeniedClients", string.Empty);
115
109 // These are required; the others aren't 116 // These are required; the others aren't
110 if (accountService == string.Empty || authService == string.Empty) 117 if (accountService == string.Empty || authService == string.Empty)
111 throw new Exception("LoginService is missing service specifications"); 118 throw new Exception("LoginService is missing service specifications");
@@ -215,11 +222,38 @@ namespace OpenSim.Services.LLLoginService
215 bool success = false; 222 bool success = false;
216 UUID session = UUID.Random(); 223 UUID session = UUID.Random();
217 224
218 m_log.InfoFormat("[LLOGIN SERVICE]: Login request for {0} {1} from {2} with user agent {3} starting in {4}", 225 m_log.InfoFormat("[LLOGIN SERVICE]: Login request for {0} {1} at {2} using viewer {3}, channel {4}, IP {5}, Mac {6}, Id0 {7}",
219 firstName, lastName, clientIP.Address.ToString(), clientVersion, startLocation); 226 firstName, lastName, startLocation, clientVersion, channel, clientIP.Address.ToString(), mac, id0);
220 try 227 try
221 { 228 {
222 // 229 //
230 // Check client
231 //
232 if (m_AllowedClients != string.Empty)
233 {
234 Regex arx = new Regex(m_AllowedClients);
235 Match am = arx.Match(clientVersion);
236
237 if (!am.Success)
238 {
239 m_log.InfoFormat("[LLOGIN SERVICE]: Login failed, reason: client {0} is not allowed", clientVersion);
240 return LLFailedLoginResponse.LoginBlockedProblem;
241 }
242 }
243
244 if (m_DeniedClients != string.Empty)
245 {
246 Regex drx = new Regex(m_DeniedClients);
247 Match dm = drx.Match(clientVersion);
248
249 if (dm.Success)
250 {
251 m_log.InfoFormat("[LLOGIN SERVICE]: Login failed, reason: client {0} is denied", clientVersion);
252 return LLFailedLoginResponse.LoginBlockedProblem;
253 }
254 }
255
256 //
223 // Get the account and check that it exists 257 // Get the account and check that it exists
224 // 258 //
225 UserAccount account = m_UserAccountService.GetUserAccount(scopeID, firstName, lastName); 259 UserAccount account = m_UserAccountService.GetUserAccount(scopeID, firstName, lastName);