From 1955b797598d61548521c444ea8d3721fd5435ba Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Thu, 19 Aug 2010 18:55:30 -0700 Subject: Partial rewrite of client IP verification. Not completely finished yet, and untested. Committing to move to my other computer. --- .../Hypergrid/GatekeeperServiceConnector.cs | 44 ++++++++++++ .../Hypergrid/UserAgentServiceConnector.cs | 7 ++ .../Simulation/SimulationServiceConnector.cs | 83 +++++++++++++++------- .../Services/HypergridService/UserAgentService.cs | 44 ++++++++---- OpenSim/Services/Interfaces/IGatekeeperService.cs | 6 +- OpenSim/Services/LLLoginService/LLLoginService.cs | 6 +- 6 files changed, 144 insertions(+), 46 deletions(-) (limited to 'OpenSim/Services') diff --git a/OpenSim/Services/Connectors/Hypergrid/GatekeeperServiceConnector.cs b/OpenSim/Services/Connectors/Hypergrid/GatekeeperServiceConnector.cs index c426bba..291dd73 100644 --- a/OpenSim/Services/Connectors/Hypergrid/GatekeeperServiceConnector.cs +++ b/OpenSim/Services/Connectors/Hypergrid/GatekeeperServiceConnector.cs @@ -38,6 +38,7 @@ using GridRegion = OpenSim.Services.Interfaces.GridRegion; using OpenMetaverse; using OpenMetaverse.Imaging; +using OpenMetaverse.StructuredData; using Nwc.XmlRpc; using log4net; @@ -268,5 +269,48 @@ namespace OpenSim.Services.Connectors.Hypergrid return null; } + public bool CreateAgent(GridRegion destination, AgentCircuitData aCircuit, uint flags, out string myipaddress, out string reason) + { + HttpWebRequest AgentCreateRequest = null; + myipaddress = String.Empty; + reason = String.Empty; + + if (SendRequest(destination, aCircuit, flags, out reason, out AgentCreateRequest)) + { + string response = GetResponse(AgentCreateRequest, out reason); + bool success = true; + UnpackResponse(response, out success, out reason, out myipaddress); + return success; + } + + return false; + } + + protected void UnpackResponse(string response, out bool result, out string reason, out string ipaddress) + { + result = true; + reason = string.Empty; + ipaddress = string.Empty; + + if (!String.IsNullOrEmpty(response)) + { + try + { + // we assume we got an OSDMap back + OSDMap r = Util.GetOSDMap(response); + result = r["success"].AsBoolean(); + reason = r["reason"].AsString(); + ipaddress = r["your_ip"].AsString(); + } + catch (NullReferenceException e) + { + m_log.InfoFormat("[GATEKEEPER SERVICE CONNECTOR]: exception on UnpackResponse of DoCreateChildAgentCall {0}", e.Message); + reason = "Internal error"; + result = false; + } + } + } + + } } diff --git a/OpenSim/Services/Connectors/Hypergrid/UserAgentServiceConnector.cs b/OpenSim/Services/Connectors/Hypergrid/UserAgentServiceConnector.cs index 69dff3c..c1e5949 100644 --- a/OpenSim/Services/Connectors/Hypergrid/UserAgentServiceConnector.cs +++ b/OpenSim/Services/Connectors/Hypergrid/UserAgentServiceConnector.cs @@ -73,6 +73,13 @@ namespace OpenSim.Services.Connectors.Hypergrid { } + public bool LoginAgentToGrid(AgentCircuitData agent, GridRegion gatekeeper, GridRegion finalDestination, IPEndPoint ipaddress, out string reason) + { + // not available over remote calls + reason = "Method not available over remote calls"; + return false; + } + public bool LoginAgentToGrid(AgentCircuitData aCircuit, GridRegion gatekeeper, GridRegion destination, out string reason) { reason = String.Empty; diff --git a/OpenSim/Services/Connectors/Simulation/SimulationServiceConnector.cs b/OpenSim/Services/Connectors/Simulation/SimulationServiceConnector.cs index 6244565..2b96b96 100644 --- a/OpenSim/Services/Connectors/Simulation/SimulationServiceConnector.cs +++ b/OpenSim/Services/Connectors/Simulation/SimulationServiceConnector.cs @@ -77,8 +77,26 @@ namespace OpenSim.Services.Connectors.Simulation public bool CreateAgent(GridRegion destination, AgentCircuitData aCircuit, uint flags, out string reason) { + HttpWebRequest AgentCreateRequest = null; reason = String.Empty; + if (SendRequest(destination, aCircuit, flags, out reason, out AgentCreateRequest)) + { + string response = GetResponse(AgentCreateRequest, out reason); + bool success = true; + UnpackResponse(response, out success, out reason); + return success; + } + + return false; + } + + + protected bool SendRequest(GridRegion destination, AgentCircuitData aCircuit, uint flags, out string reason, out HttpWebRequest AgentCreateRequest) + { + reason = String.Empty; + AgentCreateRequest = null; + if (destination == null) { reason = "Destination is null"; @@ -101,7 +119,7 @@ namespace OpenSim.Services.Connectors.Simulation //Console.WriteLine(" >>> DoCreateChildAgentCall <<< " + uri); - HttpWebRequest AgentCreateRequest = (HttpWebRequest)WebRequest.Create(uri); + AgentCreateRequest = (HttpWebRequest)WebRequest.Create(uri); AgentCreateRequest.Method = "POST"; AgentCreateRequest.ContentType = "application/json"; AgentCreateRequest.Timeout = 10000; @@ -134,7 +152,7 @@ namespace OpenSim.Services.Connectors.Simulation AgentCreateRequest.ContentLength = buffer.Length; //Count bytes to send os = AgentCreateRequest.GetRequestStream(); os.Write(buffer, 0, strBuffer.Length); //Send it - m_log.InfoFormat("[REMOTE SIMULATION CONNECTOR]: Posted CreateAgent request to remote sim {0}, region {1}, x={2} y={3}", + m_log.InfoFormat("[REMOTE SIMULATION CONNECTOR]: Posted CreateAgent request to remote sim {0}, region {1}, x={2} y={3}", uri, destination.RegionName, destination.RegionLocX, destination.RegionLocY); } //catch (WebException ex) @@ -150,11 +168,18 @@ namespace OpenSim.Services.Connectors.Simulation os.Close(); } + return true; + } + + protected string GetResponse(HttpWebRequest AgentCreateRequest, out string reason) + { // Let's wait for the response //m_log.Info("[REMOTE SIMULATION CONNECTOR]: Waiting for a reply after DoCreateChildAgentCall"); + reason = string.Empty; WebResponse webResponse = null; StreamReader sr = null; + string response = string.Empty; try { webResponse = AgentCreateRequest.GetResponse(); @@ -166,37 +191,15 @@ namespace OpenSim.Services.Connectors.Simulation { sr = new StreamReader(webResponse.GetResponseStream()); - string response = sr.ReadToEnd().Trim(); + response = sr.ReadToEnd().Trim(); m_log.InfoFormat("[REMOTE SIMULATION CONNECTOR]: DoCreateChildAgentCall reply was {0} ", response); - - if (!String.IsNullOrEmpty(response)) - { - try - { - // we assume we got an OSDMap back - OSDMap r = Util.GetOSDMap(response); - bool success = r["success"].AsBoolean(); - reason = r["reason"].AsString(); - return success; - } - catch (NullReferenceException e) - { - m_log.InfoFormat("[REMOTE SIMULATION CONNECTOR]: exception on reply of DoCreateChildAgentCall {0}", e.Message); - - // check for old style response - if (response.ToLower().StartsWith("true")) - return true; - - return false; - } - } } } catch (WebException ex) { m_log.InfoFormat("[REMOTE SIMULATION CONNECTOR]: exception on reply of DoCreateChildAgentCall {0}", ex.Message); reason = "Destination did not reply"; - return false; + return string.Empty; } finally { @@ -204,7 +207,33 @@ namespace OpenSim.Services.Connectors.Simulation sr.Close(); } - return true; + return response; + } + + protected void UnpackResponse(string response, out bool result, out string reason) + { + result = true; + reason = string.Empty; + if (!String.IsNullOrEmpty(response)) + { + try + { + // we assume we got an OSDMap back + OSDMap r = Util.GetOSDMap(response); + result = r["success"].AsBoolean(); + reason = r["reason"].AsString(); + } + catch (NullReferenceException e) + { + m_log.InfoFormat("[REMOTE SIMULATION CONNECTOR]: exception on reply of DoCreateChildAgentCall {0}", e.Message); + + // check for old style response + if (response.ToLower().StartsWith("true")) + result = true; + + result = false; + } + } } protected virtual OSDMap PackCreateAgentArguments(AgentCircuitData aCircuit, GridRegion destination, uint flags) diff --git a/OpenSim/Services/HypergridService/UserAgentService.cs b/OpenSim/Services/HypergridService/UserAgentService.cs index 181d7f2..6b14e21 100644 --- a/OpenSim/Services/HypergridService/UserAgentService.cs +++ b/OpenSim/Services/HypergridService/UserAgentService.cs @@ -131,10 +131,11 @@ namespace OpenSim.Services.HypergridService return home; } - public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, out string reason) + public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, IPEndPoint clientIP, out string reason) { - m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} to grid {2}", - agentCircuit.firstname, agentCircuit.lastname, gatekeeper.ExternalHostName +":"+ gatekeeper.HttpPort); + m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} (@{2}) to grid {3}", + agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "(stored IP)" : clientIP.ToString()), + gatekeeper.ExternalHostName +":"+ gatekeeper.HttpPort); // Take the IP address + port of the gatekeeper (reg) plus the info of finalDestination GridRegion region = new GridRegion(gatekeeper); @@ -149,11 +150,12 @@ namespace OpenSim.Services.HypergridService //bool success = m_GatekeeperConnector.CreateAgent(region, agentCircuit, (uint)Constants.TeleportFlags.ViaLogin, out reason); bool success = false; + string myExternalIP = string.Empty; string gridName = "http://" + gatekeeper.ExternalHostName + ":" + gatekeeper.HttpPort; if (m_GridName == gridName) success = m_GatekeeperService.LoginAgent(agentCircuit, finalDestination, out reason); else - success = m_GatekeeperConnector.CreateAgent(region, agentCircuit, (uint)Constants.TeleportFlags.ViaLogin, out reason); + success = m_GatekeeperConnector.CreateAgent(region, agentCircuit, (uint)Constants.TeleportFlags.ViaLogin, out myExternalIP, out reason); if (!success) { @@ -167,15 +169,25 @@ namespace OpenSim.Services.HypergridService return false; } + // else set the IP addresses associated with this client + if (clientIP != null) + m_TravelingAgents[agentCircuit.SessionID].ClientIPAddress = clientIP.ToString(); + m_TravelingAgents[agentCircuit.SessionID].MyIpAddress = myExternalIP; return true; } - public void SetClientToken(UUID sessionID, string token) + public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, out string reason) + { + reason = string.Empty; + return LoginAgentToGrid(agentCircuit, gatekeeper, finalDestination, null, out reason); + } + + private void SetClientIP(UUID sessionID, string ip) { if (m_TravelingAgents.ContainsKey(sessionID)) { - m_log.DebugFormat("[USER AGENT SERVICE]: Setting token {0} for session {1}", token, sessionID); - m_TravelingAgents[sessionID].ClientToken = token; + m_log.DebugFormat("[USER AGENT SERVICE]: Setting IP {0} for session {1}", ip, sessionID); + m_TravelingAgents[sessionID].ClientIPAddress = ip; } } @@ -196,7 +208,7 @@ namespace OpenSim.Services.HypergridService travel.GridExternalName = "http://" + region.ExternalHostName + ":" + region.HttpPort; travel.ServiceToken = agentCircuit.ServiceSessionID; if (old != null) - travel.ClientToken = old.ClientToken; + travel.ClientIPAddress = old.ClientIPAddress; return old; } @@ -233,15 +245,22 @@ namespace OpenSim.Services.HypergridService return travel.GridExternalName == thisGridExternalName; } - public bool VerifyClient(UUID sessionID, string token) + public bool VerifyClient(UUID sessionID, string reportedIP) { if (m_BypassClientVerification) return true; - m_log.DebugFormat("[USER AGENT SERVICE]: Verifying Client session {0} with token {1}", sessionID, token); + m_log.DebugFormat("[USER AGENT SERVICE]: Verifying Client session {0} with reported IP {1}.", + sessionID, reportedIP); if (m_TravelingAgents.ContainsKey(sessionID)) - return m_TravelingAgents[sessionID].ClientToken == token; + { + m_log.DebugFormat("[USER AGENT SERVICE]: Comparing with login IP {0} and MyIP {1}", + m_TravelingAgents[sessionID].ClientIPAddress, m_TravelingAgents[sessionID].MyIpAddress); + + return m_TravelingAgents[sessionID].ClientIPAddress == reportedIP || + m_TravelingAgents[sessionID].MyIpAddress == reportedIP; // NATed + } return false; } @@ -266,7 +285,8 @@ namespace OpenSim.Services.HypergridService public UUID UserID; public string GridExternalName = string.Empty; public string ServiceToken = string.Empty; - public string ClientToken = string.Empty; + public string ClientIPAddress = string.Empty; // as seen from this user agent service + public string MyIpAddress = string.Empty; // the user agent service's external IP, as seen from the next gatekeeper } } diff --git a/OpenSim/Services/Interfaces/IGatekeeperService.cs b/OpenSim/Services/Interfaces/IGatekeeperService.cs index 2d397bc..aac8293 100644 --- a/OpenSim/Services/Interfaces/IGatekeeperService.cs +++ b/OpenSim/Services/Interfaces/IGatekeeperService.cs @@ -48,13 +48,15 @@ namespace OpenSim.Services.Interfaces /// public interface IUserAgentService { + // called by login service only + bool LoginAgentToGrid(AgentCircuitData agent, GridRegion gatekeeper, GridRegion finalDestination, IPEndPoint clientIP, out string reason); + // called by simulators bool LoginAgentToGrid(AgentCircuitData agent, GridRegion gatekeeper, GridRegion finalDestination, out string reason); - void SetClientToken(UUID sessionID, string token); void LogoutAgent(UUID userID, UUID sessionID); GridRegion GetHomeRegion(UUID userID, out Vector3 position, out Vector3 lookAt); bool AgentIsComingHome(UUID sessionID, string thisGridExternalName); bool VerifyAgent(UUID sessionID, string token); - bool VerifyClient(UUID sessionID, string token); + bool VerifyClient(UUID sessionID, string reportedIP); } } diff --git a/OpenSim/Services/LLLoginService/LLLoginService.cs b/OpenSim/Services/LLLoginService/LLLoginService.cs index 4b7cb5d..b740297 100644 --- a/OpenSim/Services/LLLoginService/LLLoginService.cs +++ b/OpenSim/Services/LLLoginService/LLLoginService.cs @@ -755,12 +755,8 @@ namespace OpenSim.Services.LLLoginService private bool LaunchAgentIndirectly(GridRegion gatekeeper, GridRegion destination, AgentCircuitData aCircuit, IPEndPoint clientIP, out string reason) { m_log.Debug("[LLOGIN SERVICE] Launching agent at " + destination.RegionName); - if (m_UserAgentService.LoginAgentToGrid(aCircuit, gatekeeper, destination, out reason)) - { - IPAddress addr = NetworkUtil.GetExternalIPOf(clientIP.Address); - m_UserAgentService.SetClientToken(aCircuit.SessionID, addr.ToString() /* clientIP.Address.ToString() */); + if (m_UserAgentService.LoginAgentToGrid(aCircuit, gatekeeper, destination, clientIP, out reason)) return true; - } return false; } -- cgit v1.1 From a39ea07158756a76757d4b616c60cbcedf06f268 Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Thu, 19 Aug 2010 19:54:40 -0700 Subject: Finished implementing ViaLogin vs ViaHGLogin. Removed lookup on myipaddress.com. Also removed client IP verification upon UDP connection that had been left there -- we can't do that in general. --- .../Services/HypergridService/GatekeeperService.cs | 28 ++++++++++++++-------- .../Services/HypergridService/UserAgentService.cs | 5 ++-- 2 files changed, 21 insertions(+), 12 deletions(-) (limited to 'OpenSim/Services') diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs index 6f041da..3f5c4f1 100644 --- a/OpenSim/Services/HypergridService/GatekeeperService.cs +++ b/OpenSim/Services/HypergridService/GatekeeperService.cs @@ -225,17 +225,23 @@ namespace OpenSim.Services.HypergridService // May want to authorize + bool isFirstLogin = false; // - // Login the presence + // Login the presence, if it's not there yet (by the login service) // - if (!m_PresenceService.LoginAgent(aCircuit.AgentID.ToString(), aCircuit.SessionID, aCircuit.SecureSessionID)) - { - reason = "Unable to login presence"; - m_log.InfoFormat("[GATEKEEPER SERVICE]: Presence login failed for foreign agent {0} {1}. Refusing service.", - aCircuit.firstname, aCircuit.lastname); - return false; - } - m_log.DebugFormat("[GATEKEEPER SERVICE]: Login presence ok"); + PresenceInfo presence = m_PresenceService.GetAgent(aCircuit.SessionID); + if (presence != null) // it has been placed there by the login service + isFirstLogin = true; + + else + if (!m_PresenceService.LoginAgent(aCircuit.AgentID.ToString(), aCircuit.SessionID, aCircuit.SecureSessionID)) + { + reason = "Unable to login presence"; + m_log.InfoFormat("[GATEKEEPER SERVICE]: Presence login failed for foreign agent {0} {1}. Refusing service.", + aCircuit.firstname, aCircuit.lastname); + return false; + } + m_log.DebugFormat("[GATEKEEPER SERVICE]: Login presence ok"); // // Get the region @@ -274,7 +280,9 @@ namespace OpenSim.Services.HypergridService // // Finally launch the agent at the destination // - return m_SimulationService.CreateAgent(destination, aCircuit, (uint)Constants.TeleportFlags.ViaLogin, out reason); + Constants.TeleportFlags loginFlag = isFirstLogin ? Constants.TeleportFlags.ViaLogin : Constants.TeleportFlags.ViaHGLogin; + m_log.DebugFormat("[GATEKEEPER SERVICE]: launching agent {0}", loginFlag); + return m_SimulationService.CreateAgent(destination, aCircuit, (uint)loginFlag, out reason); } protected bool Authenticate(AgentCircuitData aCircuit) diff --git a/OpenSim/Services/HypergridService/UserAgentService.cs b/OpenSim/Services/HypergridService/UserAgentService.cs index 6b14e21..8c3be70 100644 --- a/OpenSim/Services/HypergridService/UserAgentService.cs +++ b/OpenSim/Services/HypergridService/UserAgentService.cs @@ -134,7 +134,7 @@ namespace OpenSim.Services.HypergridService public bool LoginAgentToGrid(AgentCircuitData agentCircuit, GridRegion gatekeeper, GridRegion finalDestination, IPEndPoint clientIP, out string reason) { m_log.DebugFormat("[USER AGENT SERVICE]: Request to login user {0} {1} (@{2}) to grid {3}", - agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "(stored IP)" : clientIP.ToString()), + agentCircuit.firstname, agentCircuit.lastname, ((clientIP == null) ? "stored IP" : clientIP.Address.ToString()), gatekeeper.ExternalHostName +":"+ gatekeeper.HttpPort); // Take the IP address + port of the gatekeeper (reg) plus the info of finalDestination @@ -169,9 +169,10 @@ namespace OpenSim.Services.HypergridService return false; } + m_log.DebugFormat("[USER AGENT SERVICE]: Gatekeeper sees me as {0}", myExternalIP); // else set the IP addresses associated with this client if (clientIP != null) - m_TravelingAgents[agentCircuit.SessionID].ClientIPAddress = clientIP.ToString(); + m_TravelingAgents[agentCircuit.SessionID].ClientIPAddress = clientIP.Address.ToString(); m_TravelingAgents[agentCircuit.SessionID].MyIpAddress = myExternalIP; return true; } -- cgit v1.1