diff options
Diffstat (limited to 'OpenSim/Services/HypergridService')
-rw-r--r-- | OpenSim/Services/HypergridService/GatekeeperService.cs | 62 | ||||
-rw-r--r-- | OpenSim/Services/HypergridService/HGAssetService.cs | 26 | ||||
-rw-r--r-- | OpenSim/Services/HypergridService/UserAgentService.cs | 103 |
3 files changed, 177 insertions, 14 deletions
diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs index 47d22b9..0f7d7c6 100644 --- a/OpenSim/Services/HypergridService/GatekeeperService.cs +++ b/OpenSim/Services/HypergridService/GatekeeperService.cs | |||
@@ -58,9 +58,11 @@ namespace OpenSim.Services.HypergridService | |||
58 | private static IUserAgentService m_UserAgentService; | 58 | private static IUserAgentService m_UserAgentService; |
59 | private static ISimulationService m_SimulationService; | 59 | private static ISimulationService m_SimulationService; |
60 | 60 | ||
61 | protected string m_AllowedClients = string.Empty; | 61 | private static string m_AllowedClients = string.Empty; |
62 | protected string m_DeniedClients = string.Empty; | 62 | private static string m_DeniedClients = string.Empty; |
63 | private static bool m_ForeignAgentsAllowed = true; | 63 | private static bool m_ForeignAgentsAllowed = true; |
64 | private static List<string> m_ForeignsAllowedExceptions = new List<string>(); | ||
65 | private static List<string> m_ForeignsDisallowedExceptions = new List<string>(); | ||
64 | 66 | ||
65 | private static UUID m_ScopeID; | 67 | private static UUID m_ScopeID; |
66 | private static bool m_AllowTeleportsToAnyRegion; | 68 | private static bool m_AllowTeleportsToAnyRegion; |
@@ -113,6 +115,9 @@ namespace OpenSim.Services.HypergridService | |||
113 | m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty); | 115 | m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty); |
114 | m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true); | 116 | m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true); |
115 | 117 | ||
118 | LoadDomainExceptionsFromConfig(serverConfig, "AllowExcept", m_ForeignsAllowedExceptions); | ||
119 | LoadDomainExceptionsFromConfig(serverConfig, "DisallowExcept", m_ForeignsDisallowedExceptions); | ||
120 | |||
116 | if (m_GridService == null || m_PresenceService == null || m_SimulationService == null) | 121 | if (m_GridService == null || m_PresenceService == null || m_SimulationService == null) |
117 | throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); | 122 | throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); |
118 | 123 | ||
@@ -125,6 +130,15 @@ namespace OpenSim.Services.HypergridService | |||
125 | { | 130 | { |
126 | } | 131 | } |
127 | 132 | ||
133 | protected void LoadDomainExceptionsFromConfig(IConfig config, string variable, List<string> exceptions) | ||
134 | { | ||
135 | string value = config.GetString(variable, string.Empty); | ||
136 | string[] parts = value.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); | ||
137 | |||
138 | foreach (string s in parts) | ||
139 | exceptions.Add(s.Trim()); | ||
140 | } | ||
141 | |||
128 | public bool LinkRegion(string regionName, out UUID regionID, out ulong regionHandle, out string externalName, out string imageURL, out string reason) | 142 | public bool LinkRegion(string regionName, out UUID regionID, out ulong regionHandle, out string externalName, out string imageURL, out string reason) |
129 | { | 143 | { |
130 | regionID = UUID.Zero; | 144 | regionID = UUID.Zero; |
@@ -260,14 +274,25 @@ namespace OpenSim.Services.HypergridService | |||
260 | m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok"); | 274 | m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok"); |
261 | 275 | ||
262 | // | 276 | // |
263 | // Foreign agents allowed | 277 | // Foreign agents allowed? Exceptions? |
264 | // | 278 | // |
265 | if (account == null && !m_ForeignAgentsAllowed) | 279 | if (account == null) |
266 | { | 280 | { |
267 | reason = "Unauthorized"; | 281 | bool allowed = m_ForeignAgentsAllowed; |
268 | m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1}. Refusing service.", | 282 | |
269 | aCircuit.firstname, aCircuit.lastname); | 283 | if (m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsAllowedExceptions)) |
270 | return false; | 284 | allowed = false; |
285 | |||
286 | if (!m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsDisallowedExceptions)) | ||
287 | allowed = true; | ||
288 | |||
289 | if (!allowed) | ||
290 | { | ||
291 | reason = "Destination does not allow visitors from your world"; | ||
292 | m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1} @ {2}. Refusing service.", | ||
293 | aCircuit.firstname, aCircuit.lastname, aCircuit.ServiceURLs["HomeURI"]); | ||
294 | return false; | ||
295 | } | ||
271 | } | 296 | } |
272 | 297 | ||
273 | // May want to authorize | 298 | // May want to authorize |
@@ -393,6 +418,27 @@ namespace OpenSim.Services.HypergridService | |||
393 | 418 | ||
394 | #region Misc | 419 | #region Misc |
395 | 420 | ||
421 | private bool IsException(AgentCircuitData aCircuit, List<string> exceptions) | ||
422 | { | ||
423 | bool exception = false; | ||
424 | if (exceptions.Count > 0) // we have exceptions | ||
425 | { | ||
426 | // Retrieve the visitor's origin | ||
427 | string userURL = aCircuit.ServiceURLs["HomeURI"].ToString(); | ||
428 | if (!userURL.EndsWith("/")) | ||
429 | userURL += "/"; | ||
430 | |||
431 | if (exceptions.Find(delegate(string s) | ||
432 | { | ||
433 | if (!s.EndsWith("/")) | ||
434 | s += "/"; | ||
435 | return s == userURL; | ||
436 | }) != null) | ||
437 | exception = true; | ||
438 | } | ||
439 | |||
440 | return exception; | ||
441 | } | ||
396 | 442 | ||
397 | #endregion | 443 | #endregion |
398 | } | 444 | } |
diff --git a/OpenSim/Services/HypergridService/HGAssetService.cs b/OpenSim/Services/HypergridService/HGAssetService.cs index db98166..84dec8d 100644 --- a/OpenSim/Services/HypergridService/HGAssetService.cs +++ b/OpenSim/Services/HypergridService/HGAssetService.cs | |||
@@ -58,6 +58,8 @@ namespace OpenSim.Services.HypergridService | |||
58 | 58 | ||
59 | private UserAccountCache m_Cache; | 59 | private UserAccountCache m_Cache; |
60 | 60 | ||
61 | private AssetPermissions m_AssetPerms; | ||
62 | |||
61 | public HGAssetService(IConfigSource config, string configName) : base(config, configName) | 63 | public HGAssetService(IConfigSource config, string configName) : base(config, configName) |
62 | { | 64 | { |
63 | m_log.Debug("[HGAsset Service]: Starting"); | 65 | m_log.Debug("[HGAsset Service]: Starting"); |
@@ -80,6 +82,10 @@ namespace OpenSim.Services.HypergridService | |||
80 | m_HomeURL = assetConfig.GetString("HomeURI", m_HomeURL); | 82 | m_HomeURL = assetConfig.GetString("HomeURI", m_HomeURL); |
81 | 83 | ||
82 | m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService); | 84 | m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService); |
85 | |||
86 | // Permissions | ||
87 | m_AssetPerms = new AssetPermissions(assetConfig); | ||
88 | |||
83 | } | 89 | } |
84 | 90 | ||
85 | #region IAssetService overrides | 91 | #region IAssetService overrides |
@@ -90,6 +96,9 @@ namespace OpenSim.Services.HypergridService | |||
90 | if (asset == null) | 96 | if (asset == null) |
91 | return null; | 97 | return null; |
92 | 98 | ||
99 | if (!m_AssetPerms.AllowedExport(asset.Type)) | ||
100 | return null; | ||
101 | |||
93 | if (asset.Metadata.Type == (sbyte)AssetType.Object) | 102 | if (asset.Metadata.Type == (sbyte)AssetType.Object) |
94 | asset.Data = AdjustIdentifiers(asset.Data); ; | 103 | asset.Data = AdjustIdentifiers(asset.Data); ; |
95 | 104 | ||
@@ -112,16 +121,27 @@ namespace OpenSim.Services.HypergridService | |||
112 | 121 | ||
113 | public override byte[] GetData(string id) | 122 | public override byte[] GetData(string id) |
114 | { | 123 | { |
115 | byte[] data = base.GetData(id); | 124 | AssetBase asset = Get(id); |
125 | |||
126 | if (asset == null) | ||
127 | return null; | ||
116 | 128 | ||
117 | if (data == null) | 129 | if (!m_AssetPerms.AllowedExport(asset.Type)) |
118 | return null; | 130 | return null; |
119 | 131 | ||
120 | return AdjustIdentifiers(data); | 132 | return asset.Data; |
121 | } | 133 | } |
122 | 134 | ||
123 | //public virtual bool Get(string id, Object sender, AssetRetrieved handler) | 135 | //public virtual bool Get(string id, Object sender, AssetRetrieved handler) |
124 | 136 | ||
137 | public override string Store(AssetBase asset) | ||
138 | { | ||
139 | if (!m_AssetPerms.AllowedImport(asset.Type)) | ||
140 | return string.Empty; | ||
141 | |||
142 | return base.Store(asset); | ||
143 | } | ||
144 | |||
125 | public override bool Delete(string id) | 145 | public override bool Delete(string id) |
126 | { | 146 | { |
127 | // NOGO | 147 | // NOGO |
diff --git a/OpenSim/Services/HypergridService/UserAgentService.cs b/OpenSim/Services/HypergridService/UserAgentService.cs index a49993c..56aafe6 100644 --- a/OpenSim/Services/HypergridService/UserAgentService.cs +++ b/OpenSim/Services/HypergridService/UserAgentService.cs | |||
@@ -77,6 +77,10 @@ namespace OpenSim.Services.HypergridService | |||
77 | 77 | ||
78 | protected static bool m_BypassClientVerification; | 78 | protected static bool m_BypassClientVerification; |
79 | 79 | ||
80 | private static Dictionary<int, bool> m_ForeignTripsAllowed = new Dictionary<int, bool>(); | ||
81 | private static Dictionary<int, List<string>> m_TripsAllowedExceptions = new Dictionary<int, List<string>>(); | ||
82 | private static Dictionary<int, List<string>> m_TripsDisallowedExceptions = new Dictionary<int, List<string>>(); | ||
83 | |||
80 | public UserAgentService(IConfigSource config) : this(config, null) | 84 | public UserAgentService(IConfigSource config) : this(config, null) |
81 | { | 85 | { |
82 | } | 86 | } |
@@ -121,6 +125,12 @@ namespace OpenSim.Services.HypergridService | |||
121 | m_PresenceService = ServerUtils.LoadPlugin<IPresenceService>(presenceService, args); | 125 | m_PresenceService = ServerUtils.LoadPlugin<IPresenceService>(presenceService, args); |
122 | m_UserAccountService = ServerUtils.LoadPlugin<IUserAccountService>(userAccountService, args); | 126 | m_UserAccountService = ServerUtils.LoadPlugin<IUserAccountService>(userAccountService, args); |
123 | 127 | ||
128 | m_LevelOutsideContacts = serverConfig.GetInt("LevelOutsideContacts", 0); | ||
129 | |||
130 | LoadTripPermissionsFromConfig(serverConfig, "ForeignTripsAllowed"); | ||
131 | LoadDomainExceptionsFromConfig(serverConfig, "AllowExcept", m_TripsAllowedExceptions); | ||
132 | LoadDomainExceptionsFromConfig(serverConfig, "DisallowExcept", m_TripsDisallowedExceptions); | ||
133 | |||
124 | m_GridName = serverConfig.GetString("ExternalName", string.Empty); | 134 | m_GridName = serverConfig.GetString("ExternalName", string.Empty); |
125 | if (m_GridName == string.Empty) | 135 | if (m_GridName == string.Empty) |
126 | { | 136 | { |
@@ -130,10 +140,43 @@ namespace OpenSim.Services.HypergridService | |||
130 | if (!m_GridName.EndsWith("/")) | 140 | if (!m_GridName.EndsWith("/")) |
131 | m_GridName = m_GridName + "/"; | 141 | m_GridName = m_GridName + "/"; |
132 | 142 | ||
133 | m_LevelOutsideContacts = serverConfig.GetInt("LevelOutsideContacts", 0); | ||
134 | } | 143 | } |
135 | } | 144 | } |
136 | 145 | ||
146 | protected void LoadTripPermissionsFromConfig(IConfig config, string variable) | ||
147 | { | ||
148 | foreach (string keyName in config.GetKeys()) | ||
149 | { | ||
150 | if (keyName.StartsWith(variable + "_Level_")) | ||
151 | { | ||
152 | int level = 0; | ||
153 | if (Int32.TryParse(keyName.Replace(variable + "_Level_", ""), out level)) | ||
154 | m_ForeignTripsAllowed.Add(level, config.GetBoolean(keyName, true)); | ||
155 | } | ||
156 | } | ||
157 | } | ||
158 | |||
159 | protected void LoadDomainExceptionsFromConfig(IConfig config, string variable, Dictionary<int, List<string>> exceptions) | ||
160 | { | ||
161 | foreach (string keyName in config.GetKeys()) | ||
162 | { | ||
163 | if (keyName.StartsWith(variable + "_Level_")) | ||
164 | { | ||
165 | int level = 0; | ||
166 | if (Int32.TryParse(keyName.Replace(variable + "_Level_", ""), out level) && !exceptions.ContainsKey(level)) | ||
167 | { | ||
168 | exceptions.Add(level, new List<string>()); | ||
169 | string value = config.GetString(keyName, string.Empty); | ||
170 | string[] parts = value.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); | ||
171 | |||
172 | foreach (string s in parts) | ||
173 | exceptions[level].Add(s.Trim()); | ||
174 | } | ||
175 | } | ||
176 | } | ||
177 | } | ||
178 | |||
179 | |||
137 | public GridRegion GetHomeRegion(UUID userID, out Vector3 position, out Vector3 lookAt) | 180 | public GridRegion GetHomeRegion(UUID userID, out Vector3 position, out Vector3 lookAt) |
138 | { | 181 | { |
139 | position = new Vector3(128, 128, 0); lookAt = Vector3.UnitY; | 182 | position = new Vector3(128, 128, 0); lookAt = Vector3.UnitY; |
@@ -166,13 +209,39 @@ namespace OpenSim.Services.HypergridService | |||
166 | m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} (@{2}) to grid {3}", | 209 | m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} (@{2}) to grid {3}", |
167 | agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "stored IP" : clientIP.Address.ToString()), gatekeeper.ServerURI); | 210 | agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "stored IP" : clientIP.Address.ToString()), gatekeeper.ServerURI); |
168 | 211 | ||
169 | if (m_UserAccountService.GetUserAccount(UUID.Zero, agentCircuit.AgentID) == null) | 212 | string gridName = gatekeeper.ServerURI; |
213 | |||
214 | UserAccount account = m_UserAccountService.GetUserAccount(UUID.Zero, agentCircuit.AgentID); | ||
215 | if (account == null) | ||
170 | { | 216 | { |
171 | m_log.WarnFormat("[USER AGENT SERVICE]: Someone attempted to lauch a foreign user from here {0} {1}", agentCircuit.firstname, agentCircuit.lastname); | 217 | m_log.WarnFormat("[USER AGENT SERVICE]: Someone attempted to lauch a foreign user from here {0} {1}", agentCircuit.firstname, agentCircuit.lastname); |
172 | reason = "Forbidden to launch your agents from here"; | 218 | reason = "Forbidden to launch your agents from here"; |
173 | return false; | 219 | return false; |
174 | } | 220 | } |
175 | 221 | ||
222 | // Is this user allowed to go there? | ||
223 | if (m_GridName != gridName) | ||
224 | { | ||
225 | if (m_ForeignTripsAllowed.ContainsKey(account.UserLevel)) | ||
226 | { | ||
227 | bool allowed = m_ForeignTripsAllowed[account.UserLevel]; | ||
228 | |||
229 | if (m_ForeignTripsAllowed[account.UserLevel] && IsException(gridName, account.UserLevel, m_TripsAllowedExceptions)) | ||
230 | allowed = false; | ||
231 | |||
232 | if (!m_ForeignTripsAllowed[account.UserLevel] && IsException(gridName, account.UserLevel, m_TripsDisallowedExceptions)) | ||
233 | allowed = true; | ||
234 | |||
235 | if (!allowed) | ||
236 | { | ||
237 | reason = "Your world does not allow you to visit the destination"; | ||
238 | m_log.InfoFormat("[USER AGENT SERVICE]: Agents not permitted to visit {0}. Refusing service.", gridName); | ||
239 | return false; | ||
240 | } | ||
241 | } | ||
242 | } | ||
243 | |||
244 | |||
176 | // Take the IP address + port of the gatekeeper (reg) plus the info of finalDestination | 245 | // Take the IP address + port of the gatekeeper (reg) plus the info of finalDestination |
177 | GridRegion region = new GridRegion(gatekeeper); | 246 | GridRegion region = new GridRegion(gatekeeper); |
178 | region.ServerURI = gatekeeper.ServerURI; | 247 | region.ServerURI = gatekeeper.ServerURI; |
@@ -189,7 +258,6 @@ namespace OpenSim.Services.HypergridService | |||
189 | 258 | ||
190 | bool success = false; | 259 | bool success = false; |
191 | string myExternalIP = string.Empty; | 260 | string myExternalIP = string.Empty; |
192 | string gridName = gatekeeper.ServerURI; | ||
193 | 261 | ||
194 | m_log.DebugFormat("[USER AGENT SERVICE]: this grid: {0}, desired grid: {1}", m_GridName, gridName); | 262 | m_log.DebugFormat("[USER AGENT SERVICE]: this grid: {0}, desired grid: {1}", m_GridName, gridName); |
195 | 263 | ||
@@ -586,6 +654,35 @@ namespace OpenSim.Services.HypergridService | |||
586 | else | 654 | else |
587 | return UUID.Zero; | 655 | return UUID.Zero; |
588 | } | 656 | } |
657 | |||
658 | #region Misc | ||
659 | |||
660 | private bool IsException(string dest, int level, Dictionary<int, List<string>> exceptions) | ||
661 | { | ||
662 | if (!exceptions.ContainsKey(level)) | ||
663 | return false; | ||
664 | |||
665 | bool exception = false; | ||
666 | if (exceptions[level].Count > 0) // we have exceptions | ||
667 | { | ||
668 | string destination = dest; | ||
669 | if (!destination.EndsWith("/")) | ||
670 | destination += "/"; | ||
671 | |||
672 | if (exceptions[level].Find(delegate(string s) | ||
673 | { | ||
674 | if (!s.EndsWith("/")) | ||
675 | s += "/"; | ||
676 | return s == destination; | ||
677 | }) != null) | ||
678 | exception = true; | ||
679 | } | ||
680 | |||
681 | return exception; | ||
682 | } | ||
683 | |||
684 | #endregion | ||
685 | |||
589 | } | 686 | } |
590 | 687 | ||
591 | class TravelingAgentInfo | 688 | class TravelingAgentInfo |