From ac64fe03d8992a041933c303fa12933393cf1713 Mon Sep 17 00:00:00 2001
From: Diva Canto
Date: Fri, 27 Apr 2012 09:59:46 -0700
Subject: Amend to last commit: account for the existence of proxies.

---
 .../Server/Handlers/Map/MapAddServerConnector.cs   | 35 ++++++++++++++++++++--
 bin/Robust.HG.ini.example                          |  3 ++
 bin/Robust.ini.example                             |  4 +++
 3 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs b/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs
index c87de92..cc7ef9d 100644
--- a/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs
+++ b/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs
@@ -78,7 +78,8 @@ namespace OpenSim.Server.Handlers.MapImage
             else
                 m_log.InfoFormat("[MAP IMAGE HANDLER]: GridService check is OFF");
 
-            server.AddStreamHandler(new MapServerPostHandler(m_MapService, m_GridService));
+            bool proxy = serverConfig.GetBoolean("HasProxy", false);
+            server.AddStreamHandler(new MapServerPostHandler(m_MapService, m_GridService, proxy));
 
         }
     }
@@ -88,12 +89,14 @@ namespace OpenSim.Server.Handlers.MapImage
         private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
         private IMapImageService m_MapService;
         private IGridService m_GridService;
+        bool m_Proxy;
 
-        public MapServerPostHandler(IMapImageService service, IGridService grid) :
+        public MapServerPostHandler(IMapImageService service, IGridService grid, bool proxy) :
             base("POST", "/map")
         {
             m_MapService = service;
             m_GridService = grid;
+            m_Proxy = proxy;
         }
 
         public override byte[] Handle(string path, Stream requestData, IOSHttpRequest httpRequest, IOSHttpResponse httpResponse)
@@ -129,7 +132,7 @@ namespace OpenSim.Server.Handlers.MapImage
                     GridRegion r = m_GridService.GetRegionByPosition(UUID.Zero, x * (int)Constants.RegionSize, y * (int)Constants.RegionSize);
                     if (r != null)
                     {
-                        if (r.ExternalEndPoint.Address != httpRequest.RemoteIPEndPoint.Address)
+                        if (r.ExternalEndPoint.Address != GetCallerIP(httpRequest))
                         {
                             m_log.WarnFormat("[MAP IMAGE HANDLER]: IP address {0} may be rogue", httpRequest.RemoteIPEndPoint.Address);
                             return FailureResult("IP address of caller does not match IP address of registered region");
@@ -221,5 +224,31 @@ namespace OpenSim.Server.Handlers.MapImage
 
             return ms.ToArray();
         }
+
+        private System.Net.IPAddress GetCallerIP(IOSHttpRequest request)
+        {
+            if (!m_Proxy)
+                return request.RemoteIPEndPoint.Address;
+
+            // We're behind a proxy
+            string xff = "X-Forwarded-For";
+            string xffValue = request.Headers[xff.ToLower()];
+            if (xffValue == null || (xffValue != null && xffValue == string.Empty))
+                xffValue = request.Headers[xff];
+
+            if (xffValue == null || (xffValue != null && xffValue == string.Empty))
+            {
+                m_log.WarnFormat("[MAP IMAGE HANDLER]: No XFF header");
+                return request.RemoteIPEndPoint.Address;
+            }
+
+            System.Net.IPEndPoint ep = Util.GetClientIPFromXFF(xffValue);
+            if (ep != null)
+                return ep.Address;
+
+            // Oops
+            return request.RemoteIPEndPoint.Address;
+        }
+
     }
 }
diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example
index 1b5d37c..be75407 100644
--- a/bin/Robust.HG.ini.example
+++ b/bin/Robust.HG.ini.example
@@ -283,6 +283,9 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
 	; If for some reason you have the AddMapTile service outside the firewall (e.g. 8002),
 	; you may want to set this. Otherwise, don't set it, because it's already protected.
 	; GridService = "OpenSim.Services.GridService.dll:GridService"
+	;
+    ; Additionally, if you run this server behind a proxy, set this to true
+    ; HasProxy = false
 
 [GridInfoService]
     ; These settings are used to return information on a get_grid_info call.
diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example
index 40b8d83..582af27 100644
--- a/bin/Robust.ini.example
+++ b/bin/Robust.ini.example
@@ -258,6 +258,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
 	; If for some reason you have the AddMapTile service outside the firewall (e.g. 8002),
 	; you may want to set this. Otherwise, don't set it, because it's already protected.
 	; GridService = "OpenSim.Services.GridService.dll:GridService"
+	;
+    ; Additionally, if you run this server behind a proxy, set this to true
+    ; HasProxy = false
+
 
 
 [GridInfoService]
-- 
cgit v1.1