From 3340a579e72f1248bb092a705db068027e46ef75 Mon Sep 17 00:00:00 2001
From: Justin Clarke Casey
Date: Fri, 24 Oct 2008 21:22:54 +0000
Subject: * Stop creating a circuit if the client fails authentication (i.e.
the region server wasn't told that it was coming) * This moves authentication
from the client thread (where failure was difficult to detect) to the
particular thread handling that packet * I've kept the authentication outside
of the crucial clientCircuits lock (though any delay here is probably swamped
by the other delays associated with login) * Also added more to the unit test
to ensure this doesn't regress
---
.../Region/ClientStack/LindenUDP/LLPacketServer.cs | 72 +++++++++++++++-------
1 file changed, 51 insertions(+), 21 deletions(-)
(limited to 'OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs')
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
index 5d3dba0..e3a02bc 100644
--- a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
+++ b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
@@ -27,6 +27,8 @@
using System.Net;
using System.Net.Sockets;
+using System.Reflection;
+using log4net;
using OpenMetaverse;
using OpenMetaverse.Packets;
using OpenSim.Framework;
@@ -36,8 +38,8 @@ namespace OpenSim.Region.ClientStack.LindenUDP
{
public class LLPacketServer
{
- //private static readonly log4net.ILog m_log
- // = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
+ private static readonly log4net.ILog m_log
+ = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
protected readonly ILLClientStackNetworkHandler m_networkHandler;
protected IScene m_scene;
@@ -87,49 +89,77 @@ namespace OpenSim.Region.ClientStack.LindenUDP
///
protected virtual IClientAPI CreateNewCircuit(EndPoint remoteEP, UseCircuitCodePacket initialcirpack,
ClientManager clientManager, IScene scene, AssetCache assetCache,
- LLPacketServer packServer, AgentCircuitManager authenSessions,
+ LLPacketServer packServer, AuthenticateResponse sessionInfo,
UUID agentId, UUID sessionId, uint circuitCode, EndPoint proxyEP)
{
return
new LLClientView(
- remoteEP, scene, assetCache, packServer, authenSessions, agentId, sessionId, circuitCode, proxyEP,
+ remoteEP, scene, assetCache, packServer, sessionInfo, agentId, sessionId, circuitCode, proxyEP,
m_userSettings);
}
///
+ /// Check whether a given client is authorized to connect
+ ///
+ ///
+ ///
+ ///
+ public virtual bool IsClientAuthorized(
+ UseCircuitCodePacket useCircuit, AgentCircuitManager circuitManager, out AuthenticateResponse sessionInfo)
+ {
+ UUID agentId = useCircuit.CircuitCode.ID;
+ UUID sessionId = useCircuit.CircuitCode.SessionID;
+ uint circuitCode = useCircuit.CircuitCode.Code;
+
+ sessionInfo = circuitManager.AuthenticateSession(sessionId, agentId, circuitCode);
+
+ if (!sessionInfo.Authorised)
+ return false;
+
+ return true;
+ }
+
+ ///
/// Add a new client circuit
///
///
///
///
- ///
+ ///
///
///
/// true if a new circuit was created, false if a circuit with the given circuit code already existed
- ///
- public virtual bool AddNewClient(EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,
- AgentCircuitManager circuitManager, EndPoint proxyEP)
+ ///
+ public virtual bool AddNewClient(
+ EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,
+ AuthenticateResponse sessionInfo, EndPoint proxyEP)
{
IClientAPI newuser;
-
- if (m_scene.ClientManager.TryGetClient(useCircuit.CircuitCode.Code, out newuser))
+ uint circuitCode = useCircuit.CircuitCode.Code;
+
+ if (m_scene.ClientManager.TryGetClient(circuitCode, out newuser))
{
+ // The circuit is already known to the scene. This not actually a problem since this will currently
+ // occur if a client is crossing borders (hence upgrading its circuit). However, we shouldn't
+ // really by trying to add a new client if this is the case.
return false;
}
- else
- {
- newuser = CreateNewCircuit(epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this,
- circuitManager, useCircuit.CircuitCode.ID,
- useCircuit.CircuitCode.SessionID, useCircuit.CircuitCode.Code, proxyEP);
+
+ UUID agentId = useCircuit.CircuitCode.ID;
+ UUID sessionId = useCircuit.CircuitCode.SessionID;
+
+ newuser
+ = CreateNewCircuit(
+ epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this, sessionInfo,
+ agentId, sessionId, circuitCode, proxyEP);
- m_scene.ClientManager.Add(useCircuit.CircuitCode.Code, newuser);
+ m_scene.ClientManager.Add(circuitCode, newuser);
- newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;
- newuser.OnLogout += LogoutHandler;
- newuser.OnConnectionClosed += CloseClient;
+ newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;
+ newuser.OnLogout += LogoutHandler;
+ newuser.OnConnectionClosed += CloseClient;
- return true;
- }
+ return true;
}
public void LogoutHandler(IClientAPI client)
--
cgit v1.1