From 50eebb5cba3bc4143115fca0e163ebdf3fc4dc60 Mon Sep 17 00:00:00 2001
From: Justin Clark-Casey (justincc)
Date: Thu, 8 Dec 2011 22:00:59 +0000
Subject: Don't reply with an ack packet if the client is not authorized.
---
.../Region/ClientStack/Linden/UDP/LLUDPServer.cs | 71 +++++++++-------------
.../Linden/UDP/Tests/BasicCircuitTests.cs | 5 +-
2 files changed, 31 insertions(+), 45 deletions(-)
diff --git a/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs b/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs
index cef5f74..5610c09 100644
--- a/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs
+++ b/OpenSim/Region/ClientStack/Linden/UDP/LLUDPServer.cs
@@ -905,23 +905,40 @@ namespace OpenSim.Region.ClientStack.LindenUDP
// DateTime startTime = DateTime.Now;
object[] array = (object[])o;
UDPPacketBuffer buffer = (UDPPacketBuffer)array[0];
- UseCircuitCodePacket packet = (UseCircuitCodePacket)array[1];
+ UseCircuitCodePacket uccp = (UseCircuitCodePacket)array[1];
m_log.DebugFormat("[LLUDPSERVER]: Handling UseCircuitCode request from {0}", buffer.RemoteEndPoint);
IPEndPoint remoteEndPoint = (IPEndPoint)buffer.RemoteEndPoint;
- // Begin the process of adding the client to the simulator
- IClientAPI client = AddNewClient((UseCircuitCodePacket)packet, remoteEndPoint);
-
- // Send ack straight away to let the viewer know that the connection is active.
- // The client will be null if it already exists (e.g. if on a region crossing the client sends a use
- // circuit code to the existing child agent. This is not particularly obvious.
- SendAckImmediate(remoteEndPoint, packet.Header.Sequence);
-
- // We only want to send initial data to new clients, not ones which are being converted from child to root.
- if (client != null)
- client.SceneAgent.SendInitialDataToMe();
+ AuthenticateResponse sessionInfo;
+ if (IsClientAuthorized(uccp, out sessionInfo))
+ {
+ // Begin the process of adding the client to the simulator
+ IClientAPI client
+ = AddClient(
+ uccp.CircuitCode.Code,
+ uccp.CircuitCode.ID,
+ uccp.CircuitCode.SessionID,
+ remoteEndPoint,
+ sessionInfo);
+
+ // Send ack straight away to let the viewer know that the connection is active.
+ // The client will be null if it already exists (e.g. if on a region crossing the client sends a use
+ // circuit code to the existing child agent. This is not particularly obvious.
+ SendAckImmediate(remoteEndPoint, uccp.Header.Sequence);
+
+ // We only want to send initial data to new clients, not ones which are being converted from child to root.
+ if (client != null)
+ client.SceneAgent.SendInitialDataToMe();
+ }
+ else
+ {
+ // Don't create clients for unauthorized requesters.
+ m_log.WarnFormat(
+ "[LLUDPSERVER]: Connection request for client {0} connecting with unnotified circuit code {1} from {2}",
+ uccp.CircuitCode.ID, uccp.CircuitCode.Code, remoteEndPoint);
+ }
// m_log.DebugFormat(
// "[LLUDPSERVER]: Handling UseCircuitCode request from {0} took {1}ms",
@@ -972,36 +989,6 @@ namespace OpenSim.Region.ClientStack.LindenUDP
}
///
- /// Add a new client.
- ///
- ///
- ///
- ///
- /// The client that was added or null if the client failed authorization or already existed.
- ///
- private IClientAPI AddNewClient(UseCircuitCodePacket useCircuitCode, IPEndPoint remoteEndPoint)
- {
- UUID agentID = useCircuitCode.CircuitCode.ID;
- UUID sessionID = useCircuitCode.CircuitCode.SessionID;
- uint circuitCode = useCircuitCode.CircuitCode.Code;
-
- AuthenticateResponse sessionInfo;
- if (IsClientAuthorized(useCircuitCode, out sessionInfo))
- {
- return AddClient(circuitCode, agentID, sessionID, remoteEndPoint, sessionInfo);
- }
- else
- {
- // Don't create circuits for unauthorized clients
- m_log.WarnFormat(
- "[LLUDPSERVER]: Connection request for client {0} connecting with unnotified circuit code {1} from {2}",
- useCircuitCode.CircuitCode.ID, useCircuitCode.CircuitCode.Code, remoteEndPoint);
-
- return null;
- }
- }
-
- ///
/// Add a client.
///
///
diff --git a/OpenSim/Region/ClientStack/Linden/UDP/Tests/BasicCircuitTests.cs b/OpenSim/Region/ClientStack/Linden/UDP/Tests/BasicCircuitTests.cs
index 1457194..a575e36 100644
--- a/OpenSim/Region/ClientStack/Linden/UDP/Tests/BasicCircuitTests.cs
+++ b/OpenSim/Region/ClientStack/Linden/UDP/Tests/BasicCircuitTests.cs
@@ -202,10 +202,9 @@ namespace OpenSim.Region.ClientStack.LindenUDP.Tests
ScenePresence sp = scene.GetScenePresence(myAgentUuid);
Assert.That(sp.UUID, Is.EqualTo(myAgentUuid));
- // FIXME: We're still replying to an ack when the client is not authorized, which is not correct behaviour.
- Assert.That(llUdpServer.PacketsSent.Count, Is.EqualTo(2));
+ Assert.That(llUdpServer.PacketsSent.Count, Is.EqualTo(1));
- Packet packet = llUdpServer.PacketsSent[1];
+ Packet packet = llUdpServer.PacketsSent[0];
Assert.That(packet, Is.InstanceOf(typeof(PacketAckPacket)));
PacketAckPacket ackPacket = packet as PacketAckPacket;
--
cgit v1.1