From 1955b797598d61548521c444ea8d3721fd5435ba Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Thu, 19 Aug 2010 18:55:30 -0700 Subject: Partial rewrite of client IP verification. Not completely finished yet, and untested. Committing to move to my other computer. --- .../Services/HypergridService/UserAgentService.cs | 44 ++++++++++++++++------ 1 file changed, 32 insertions(+), 12 deletions(-) (limited to 'OpenSim/Services/HypergridService/UserAgentService.cs') diff --git a/OpenSim/Services/HypergridService/UserAgentService.cs b/OpenSim/Services/HypergridService/UserAgentService.cs index 181d7f2..6b14e21 100644 --- a/OpenSim/Services/HypergridService/UserAgentService.cs +++ b/OpenSim/Services/HypergridService/UserAgentService.cs @@ -131,10 +131,11 @@ namespace OpenSim.Services.HypergridService return home; } - public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, out string reason) + public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, IPEndPoint clientIP, out string reason) { - m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} to grid {2}", - agentCircuit.firstname, agentCircuit.lastname, gatekeeper.ExternalHostName +":"+ gatekeeper.HttpPort); + m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} (@{2}) to grid {3}", + agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "(stored IP)" : clientIP.ToString()), + gatekeeper.ExternalHostName +":"+ gatekeeper.HttpPort); // Take the IP address + port of the gatekeeper (reg) plus the info of finalDestination GridRegion region = new GridRegion(gatekeeper); @@ -149,11 +150,12 @@ namespace OpenSim.Services.HypergridService //bool success = m_GatekeeperConnector.CreateAgent(region, agentCircuit, (uint)Constants.TeleportFlags.ViaLogin, out reason); bool success = false; + string myExternalIP = string.Empty; string gridName = "http://" + gatekeeper.ExternalHostName + ":" + gatekeeper.HttpPort; if (m_GridName == gridName) success = m_GatekeeperService.LoginAgent(agentCircuit, finalDestination, out reason); else - success = m_GatekeeperConnector.CreateAgent(region, agentCircuit, (uint)Constants.TeleportFlags.ViaLogin, out reason); + success = m_GatekeeperConnector.CreateAgent(region, agentCircuit, (uint)Constants.TeleportFlags.ViaLogin, out myExternalIP, out reason); if (!success) { @@ -167,15 +169,25 @@ namespace OpenSim.Services.HypergridService return false; } + // else set the IP addresses associated with this client + if (clientIP != null) + m_TravelingAgents[agentCircuit.SessionID].ClientIPAddress = clientIP.ToString(); + m_TravelingAgents[agentCircuit.SessionID].MyIpAddress = myExternalIP; return true; } - public void SetClientToken(UUID sessionID, string token) + public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, out string reason) + { + reason = string.Empty; + return LoginAgentToGrid(agentCircuit, gatekeeper, finalDestination, null, out reason); + } + + private void SetClientIP(UUID sessionID, string ip) { if (m_TravelingAgents.ContainsKey(sessionID)) { - m_log.DebugFormat("[USER AGENT SERVICE]: Setting token {0} for session {1}", token, sessionID); - m_TravelingAgents[sessionID].ClientToken = token; + m_log.DebugFormat("[USER AGENT SERVICE]: Setting IP {0} for session {1}", ip, sessionID); + m_TravelingAgents[sessionID].ClientIPAddress = ip; } } @@ -196,7 +208,7 @@ namespace OpenSim.Services.HypergridService travel.GridExternalName = "http://" + region.ExternalHostName + ":" + region.HttpPort; travel.ServiceToken = agentCircuit.ServiceSessionID; if (old != null) - travel.ClientToken = old.ClientToken; + travel.ClientIPAddress = old.ClientIPAddress; return old; } @@ -233,15 +245,22 @@ namespace OpenSim.Services.HypergridService return travel.GridExternalName == thisGridExternalName; } - public bool VerifyClient(UUID sessionID, string token) + public bool VerifyClient(UUID sessionID, string reportedIP) { if (m_BypassClientVerification) return true; - m_log.DebugFormat("[USER AGENT SERVICE]: Verifying Client session {0} with token {1}", sessionID, token); + m_log.DebugFormat("[USER AGENT SERVICE]: Verifying Client session {0} with reported IP {1}.", + sessionID, reportedIP); if (m_TravelingAgents.ContainsKey(sessionID)) - return m_TravelingAgents[sessionID].ClientToken == token; + { + m_log.DebugFormat("[USER AGENT SERVICE]: Comparing with login IP {0} and MyIP {1}", + m_TravelingAgents[sessionID].ClientIPAddress, m_TravelingAgents[sessionID].MyIpAddress); + + return m_TravelingAgents[sessionID].ClientIPAddress == reportedIP || + m_TravelingAgents[sessionID].MyIpAddress == reportedIP; // NATed + } return false; } @@ -266,7 +285,8 @@ namespace OpenSim.Services.HypergridService public UUID UserID; public string GridExternalName = string.Empty; public string ServiceToken = string.Empty; - public string ClientToken = string.Empty; + public string ClientIPAddress = string.Empty; // as seen from this user agent service + public string MyIpAddress = string.Empty; // the user agent service's external IP, as seen from the next gatekeeper } } -- cgit v1.1 From a39ea07158756a76757d4b616c60cbcedf06f268 Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Thu, 19 Aug 2010 19:54:40 -0700 Subject: Finished implementing ViaLogin vs ViaHGLogin. Removed lookup on myipaddress.com. Also removed client IP verification upon UDP connection that had been left there -- we can't do that in general. --- OpenSim/Services/HypergridService/UserAgentService.cs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'OpenSim/Services/HypergridService/UserAgentService.cs') diff --git a/OpenSim/Services/HypergridService/UserAgentService.cs b/OpenSim/Services/HypergridService/UserAgentService.cs index 6b14e21..8c3be70 100644 --- a/OpenSim/Services/HypergridService/UserAgentService.cs +++ b/OpenSim/Services/HypergridService/UserAgentService.cs @@ -134,7 +134,7 @@ namespace OpenSim.Services.HypergridService public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, IPEndPoint clientIP, out string reason) { m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} (@{2}) to grid {3}", - agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "(stored IP)" : clientIP.ToString()), + agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "stored IP" : clientIP.Address.ToString()), gatekeeper.ExternalHostName +":"+ gatekeeper.HttpPort); // Take the IP address + port of the gatekeeper (reg) plus the info of finalDestination @@ -169,9 +169,10 @@ namespace OpenSim.Services.HypergridService return false; } + m_log.DebugFormat("[USER AGENT SERVICE]: Gatekeeper sees me as {0}", myExternalIP); // else set the IP addresses associated with this client if (clientIP != null) - m_TravelingAgents[agentCircuit.SessionID].ClientIPAddress = clientIP.ToString(); + m_TravelingAgents[agentCircuit.SessionID].ClientIPAddress = clientIP.Address.ToString(); m_TravelingAgents[agentCircuit.SessionID].MyIpAddress = myExternalIP; return true; } -- cgit v1.1