aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorJustin Clark-Casey (justincc)2011-10-08 01:23:26 +0100
committerJustin Clark-Casey (justincc)2011-10-08 01:23:26 +0100
commit4073cd6ced525cb36e4335e79e3f94ad4872b263 (patch)
tree58fae0e9d6211967fe084c0d6e96cb58fb59717b
parentGo back to lying that sim fps is 55 when it's actually locked at a maximum of... (diff)
downloadopensim-SC_OLD-4073cd6ced525cb36e4335e79e3f94ad4872b263.zip
opensim-SC_OLD-4073cd6ced525cb36e4335e79e3f94ad4872b263.tar.gz
opensim-SC_OLD-4073cd6ced525cb36e4335e79e3f94ad4872b263.tar.bz2
opensim-SC_OLD-4073cd6ced525cb36e4335e79e3f94ad4872b263.tar.xz
Add option to allow only explicitly listed IPs to access RemoteAdmin facilities.
Also adds password check to some functions where this was missing and fixes some parameter checking. This is a patch from http://opensimulator.org/mantis/view.php?id=5715 with a few small unrelated spacing tweaks from me. Thanks Michelle Argus.
-rw-r--r--OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs240
-rw-r--r--bin/OpenSim.ini.example4
-rw-r--r--bin/OpenSimDefaults.ini4
3 files changed, 124 insertions, 124 deletions
diff --git a/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs b/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs
index 70b7d88..d26662f 100644
--- a/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs
+++ b/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs
@@ -67,21 +67,11 @@ namespace OpenSim.ApplicationPlugins.RemoteController
67 private IConfig m_config; 67 private IConfig m_config;
68 private IConfigSource m_configSource; 68 private IConfigSource m_configSource;
69 private string m_requiredPassword = String.Empty; 69 private string m_requiredPassword = String.Empty;
70 private List<string> m_accessIP;
70 71
71 private string m_name = "RemoteAdminPlugin"; 72 private string m_name = "RemoteAdminPlugin";
72 private string m_version = "0.0"; 73 private string m_version = "0.0";
73 74
74 //guard for XmlRpc-related methods
75 private void FailIfRemoteAdminDisabled(string requestName)
76 {
77 if (m_config == null)
78 {
79 string errorMessage = String.Format("[RADMIN] {0}: Remote admin request denied! Please set [RemoteAdmin]enabled=true in OpenSim.ini in order to enable remote admin functionality", requestName);
80 m_log.Error(errorMessage);
81 throw new ApplicationException(errorMessage);
82 }
83 }
84
85 public string Version 75 public string Version
86 { 76 {
87 get { return m_version; } 77 get { return m_version; }
@@ -115,6 +105,20 @@ namespace OpenSim.ApplicationPlugins.RemoteController
115 m_requiredPassword = m_config.GetString("access_password", String.Empty); 105 m_requiredPassword = m_config.GetString("access_password", String.Empty);
116 int port = m_config.GetInt("port", 0); 106 int port = m_config.GetInt("port", 0);
117 107
108 string accessIP = m_config.GetString("access_ip_addresses", String.Empty);
109 m_accessIP = new List<string>();
110 if (accessIP != String.Empty)
111 {
112 string[] ips = accessIP.Split(new char[] { ',' });
113 foreach (string ip in ips)
114 {
115 string current = ip.Trim();
116
117 if (current != String.Empty)
118 m_accessIP.Add(current);
119 }
120 }
121
118 m_application = openSim; 122 m_application = openSim;
119 string bind_ip_address = m_config.GetString("bind_ip_address", "0.0.0.0"); 123 string bind_ip_address = m_config.GetString("bind_ip_address", "0.0.0.0");
120 IPAddress ipaddr = IPAddress.Parse(bind_ip_address); 124 IPAddress ipaddr = IPAddress.Parse(bind_ip_address);
@@ -189,6 +193,31 @@ namespace OpenSim.ApplicationPlugins.RemoteController
189 } 193 }
190 } 194 }
191 195
196 private void FailIfRemoteAdminDisabled(string requestName)
197 {
198 if (m_config == null)
199 {
200 string errorMessage = String.Format("[RADMIN] {0}: Remote admin request denied! Please set [RemoteAdmin] enabled=true in OpenSim.ini in order to enable remote admin functionality", requestName);
201 m_log.Error(errorMessage);
202 throw new ApplicationException(errorMessage);
203 }
204 }
205
206 private void FailIfRemoteAdminNotAllowed(string password, string check_ip_address)
207 {
208 if (m_accessIP.Count > 0 && !m_accessIP.Contains(check_ip_address))
209 {
210 m_log.WarnFormat("[RADMIN]: Unauthorized acess blocked from IP {0}", check_ip_address);
211 throw new Exception("not authorized");
212 }
213
214 if (m_requiredPassword != String.Empty && password != m_requiredPassword)
215 {
216 m_log.WarnFormat("[RADMIN]: Wrong password, blocked access from IP {0}", check_ip_address);
217 throw new Exception("wrong password");
218 }
219 }
220
192 public XmlRpcResponse XmlRpcRestartMethod(XmlRpcRequest request, IPEndPoint remoteClient) 221 public XmlRpcResponse XmlRpcRestartMethod(XmlRpcRequest request, IPEndPoint remoteClient)
193 { 222 {
194 XmlRpcResponse response = new XmlRpcResponse(); 223 XmlRpcResponse response = new XmlRpcResponse();
@@ -201,11 +230,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
201 m_log.Info("[RADMIN]: Request to restart Region."); 230 m_log.Info("[RADMIN]: Request to restart Region.");
202 CheckStringParameters(request, new string[] {"password", "regionID"}); 231 CheckStringParameters(request, new string[] {"password", "regionID"});
203 232
204 if (m_requiredPassword != String.Empty && 233 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
205 (!requestData.Contains("password") || (string) requestData["password"] != m_requiredPassword))
206 {
207 throw new Exception("wrong password");
208 }
209 234
210 UUID regionID = new UUID((string) requestData["regionID"]); 235 UUID regionID = new UUID((string) requestData["regionID"]);
211 236
@@ -256,9 +281,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
256 281
257 CheckStringParameters(request, new string[] {"password", "message"}); 282 CheckStringParameters(request, new string[] {"password", "message"});
258 283
259 if (m_requiredPassword != String.Empty && 284 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
260 (!requestData.Contains("password") || (string) requestData["password"] != m_requiredPassword))
261 throw new Exception("wrong password");
262 285
263 string message = (string) requestData["message"]; 286 string message = (string) requestData["message"];
264 m_log.InfoFormat("[RADMIN]: Broadcasting: {0}", message); 287 m_log.InfoFormat("[RADMIN]: Broadcasting: {0}", message);
@@ -309,9 +332,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
309 332
310 CheckStringParameters(request, new string[] {"password", "filename", "regionid"}); 333 CheckStringParameters(request, new string[] {"password", "filename", "regionid"});
311 334
312 if (m_requiredPassword != String.Empty && 335 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
313 (!requestData.Contains("password") || (string) requestData["password"] != m_requiredPassword))
314 throw new Exception("wrong password");
315 336
316 string file = (string) requestData["filename"]; 337 string file = (string) requestData["filename"];
317 UUID regionID = (UUID) (string) requestData["regionid"]; 338 UUID regionID = (UUID) (string) requestData["regionid"];
@@ -374,9 +395,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
374 395
375 CheckStringParameters(request, new string[] { "password", "filename", "regionid" }); 396 CheckStringParameters(request, new string[] { "password", "filename", "regionid" });
376 397
377 if (m_requiredPassword != String.Empty && 398 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
378 (!requestData.Contains("password") || (string)requestData["password"] != m_requiredPassword))
379 throw new Exception("wrong password");
380 399
381 string file = (string)requestData["filename"]; 400 string file = (string)requestData["filename"];
382 UUID regionID = (UUID)(string)requestData["regionid"]; 401 UUID regionID = (UUID)(string)requestData["regionid"];
@@ -424,9 +443,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
424 { 443 {
425 Hashtable requestData = (Hashtable) request.Params[0]; 444 Hashtable requestData = (Hashtable) request.Params[0];
426 445
427 if (m_requiredPassword != String.Empty && 446 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
428 (!requestData.Contains("password") || (string) requestData["password"] != m_requiredPassword))
429 throw new Exception("wrong password");
430 447
431 responseData["accepted"] = true; 448 responseData["accepted"] = true;
432 response.Value = responseData; 449 response.Value = responseData;
@@ -578,9 +595,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
578 }); 595 });
579 CheckIntegerParams(request, new string[] {"region_x", "region_y", "listen_port"}); 596 CheckIntegerParams(request, new string[] {"region_x", "region_y", "listen_port"});
580 597
581 // check password 598 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
582 if (!String.IsNullOrEmpty(m_requiredPassword) &&
583 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
584 599
585 // check whether we still have space left (iff we are using limits) 600 // check whether we still have space left (iff we are using limits)
586 if (m_regionLimit != 0 && m_application.SceneManager.Scenes.Count >= m_regionLimit) 601 if (m_regionLimit != 0 && m_application.SceneManager.Scenes.Count >= m_regionLimit)
@@ -842,6 +857,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
842 public XmlRpcResponse XmlRpcDeleteRegionMethod(XmlRpcRequest request, IPEndPoint remoteClient) 857 public XmlRpcResponse XmlRpcDeleteRegionMethod(XmlRpcRequest request, IPEndPoint remoteClient)
843 { 858 {
844 m_log.Info("[RADMIN]: DeleteRegion: new request"); 859 m_log.Info("[RADMIN]: DeleteRegion: new request");
860
845 XmlRpcResponse response = new XmlRpcResponse(); 861 XmlRpcResponse response = new XmlRpcResponse();
846 Hashtable responseData = new Hashtable(); 862 Hashtable responseData = new Hashtable();
847 863
@@ -852,6 +868,8 @@ namespace OpenSim.ApplicationPlugins.RemoteController
852 Hashtable requestData = (Hashtable) request.Params[0]; 868 Hashtable requestData = (Hashtable) request.Params[0];
853 CheckStringParameters(request, new string[] {"password", "region_name"}); 869 CheckStringParameters(request, new string[] {"password", "region_name"});
854 870
871 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
872
855 Scene scene = null; 873 Scene scene = null;
856 string regionName = (string) requestData["region_name"]; 874 string regionName = (string) requestData["region_name"];
857 if (!m_application.SceneManager.TryGetScene(regionName, out scene)) 875 if (!m_application.SceneManager.TryGetScene(regionName, out scene))
@@ -921,6 +939,8 @@ namespace OpenSim.ApplicationPlugins.RemoteController
921 Hashtable requestData = (Hashtable) request.Params[0]; 939 Hashtable requestData = (Hashtable) request.Params[0];
922 CheckStringParameters(request, new string[] {"password"}); 940 CheckStringParameters(request, new string[] {"password"});
923 941
942 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
943
924 if (requestData.ContainsKey("region_id") && 944 if (requestData.ContainsKey("region_id") &&
925 !String.IsNullOrEmpty((string) requestData["region_id"])) 945 !String.IsNullOrEmpty((string) requestData["region_id"]))
926 { 946 {
@@ -1015,6 +1035,8 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1015 Hashtable requestData = (Hashtable) request.Params[0]; 1035 Hashtable requestData = (Hashtable) request.Params[0];
1016 CheckStringParameters(request, new string[] {"password", "region_name"}); 1036 CheckStringParameters(request, new string[] {"password", "region_name"});
1017 1037
1038 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
1039
1018 Scene scene = null; 1040 Scene scene = null;
1019 string regionName = (string) requestData["region_name"]; 1041 string regionName = (string) requestData["region_name"];
1020 if (!m_application.SceneManager.TryGetScene(regionName, out scene)) 1042 if (!m_application.SceneManager.TryGetScene(regionName, out scene))
@@ -1128,9 +1150,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1128 }); 1150 });
1129 CheckIntegerParams(request, new string[] {"start_region_x", "start_region_y"}); 1151 CheckIntegerParams(request, new string[] {"start_region_x", "start_region_y"});
1130 1152
1131 // check password 1153 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
1132 if (!String.IsNullOrEmpty(m_requiredPassword) &&
1133 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
1134 1154
1135 // do the job 1155 // do the job
1136 string firstName = (string) requestData["user_firstname"]; 1156 string firstName = (string) requestData["user_firstname"];
@@ -1238,6 +1258,8 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1238 // check completeness 1258 // check completeness
1239 CheckStringParameters(request, new string[] {"password", "user_firstname", "user_lastname"}); 1259 CheckStringParameters(request, new string[] {"password", "user_firstname", "user_lastname"});
1240 1260
1261 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
1262
1241 string firstName = (string) requestData["user_firstname"]; 1263 string firstName = (string) requestData["user_firstname"];
1242 string lastName = (string) requestData["user_lastname"]; 1264 string lastName = (string) requestData["user_lastname"];
1243 1265
@@ -1322,7 +1344,6 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1322 /// </description></item> 1344 /// </description></item>
1323 /// </list> 1345 /// </list>
1324 /// </remarks> 1346 /// </remarks>
1325
1326 public XmlRpcResponse XmlRpcUpdateUserAccountMethod(XmlRpcRequest request, IPEndPoint remoteClient) 1347 public XmlRpcResponse XmlRpcUpdateUserAccountMethod(XmlRpcRequest request, IPEndPoint remoteClient)
1327 { 1348 {
1328 m_log.Info("[RADMIN]: UpdateUserAccount: new request"); 1349 m_log.Info("[RADMIN]: UpdateUserAccount: new request");
@@ -1344,9 +1365,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1344 "password", "user_firstname", 1365 "password", "user_firstname",
1345 "user_lastname"}); 1366 "user_lastname"});
1346 1367
1347 // check password 1368 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
1348 if (!String.IsNullOrEmpty(m_requiredPassword) &&
1349 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
1350 1369
1351 // do the job 1370 // do the job
1352 string firstName = (string) requestData["user_firstname"]; 1371 string firstName = (string) requestData["user_firstname"];
@@ -1462,7 +1481,6 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1462 /// file, or pre-existing in the user database. 1481 /// file, or pre-existing in the user database.
1463 /// This should probably get moved into somewhere more core eventually. 1482 /// This should probably get moved into somewhere more core eventually.
1464 /// </summary> 1483 /// </summary>
1465
1466 private void UpdateUserAppearance(Hashtable responseData, Hashtable requestData, UUID userid) 1484 private void UpdateUserAppearance(Hashtable responseData, Hashtable requestData, UUID userid)
1467 { 1485 {
1468 m_log.DebugFormat("[RADMIN]: updateUserAppearance"); 1486 m_log.DebugFormat("[RADMIN]: updateUserAppearance");
@@ -1544,7 +1562,6 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1544 /// ratified, or an appropriate default value has been adopted. The intended prototype 1562 /// ratified, or an appropriate default value has been adopted. The intended prototype
1545 /// is known to exist, as is the target avatar. 1563 /// is known to exist, as is the target avatar.
1546 /// </summary> 1564 /// </summary>
1547
1548 private void EstablishAppearance(UUID destination, UUID source) 1565 private void EstablishAppearance(UUID destination, UUID source)
1549 { 1566 {
1550 m_log.DebugFormat("[RADMIN]: Initializing inventory for {0} from {1}", destination, source); 1567 m_log.DebugFormat("[RADMIN]: Initializing inventory for {0} from {1}", destination, source);
@@ -1612,7 +1629,6 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1612 /// worn or attached to the Clothing inventory folder of the receiving avatar. 1629 /// worn or attached to the Clothing inventory folder of the receiving avatar.
1613 /// In parallel the avatar wearables and attachments are updated. 1630 /// In parallel the avatar wearables and attachments are updated.
1614 /// </summary> 1631 /// </summary>
1615
1616 private void CopyWearablesAndAttachments(UUID destination, UUID source, AvatarAppearance avatarAppearance) 1632 private void CopyWearablesAndAttachments(UUID destination, UUID source, AvatarAppearance avatarAppearance)
1617 { 1633 {
1618 IInventoryService inventoryService = m_application.SceneManager.CurrentOrFirstScene.InventoryService; 1634 IInventoryService inventoryService = m_application.SceneManager.CurrentOrFirstScene.InventoryService;
@@ -1642,7 +1658,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1642 AvatarWearable[] wearables = avatarAppearance.Wearables; 1658 AvatarWearable[] wearables = avatarAppearance.Wearables;
1643 AvatarWearable wearable; 1659 AvatarWearable wearable;
1644 1660
1645 for (int i=0; i<wearables.Length; i++) 1661 for (int i = 0; i<wearables.Length; i++)
1646 { 1662 {
1647 wearable = wearables[i]; 1663 wearable = wearables[i];
1648 if (wearable[0].ItemID != UUID.Zero) 1664 if (wearable[0].ItemID != UUID.Zero)
@@ -1745,15 +1761,12 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1745 } 1761 }
1746 } 1762 }
1747 } 1763 }
1748
1749
1750 } 1764 }
1751 1765
1752 /// <summary> 1766 /// <summary>
1753 /// This method is called by establishAppearance to copy inventory folders to make 1767 /// This method is called by establishAppearance to copy inventory folders to make
1754 /// copies of Clothing and Bodyparts inventory folders and attaches worn attachments 1768 /// copies of Clothing and Bodyparts inventory folders and attaches worn attachments
1755 /// </summary> 1769 /// </summary>
1756
1757 private void CopyInventoryFolders(UUID destination, UUID source, AssetType assetType, Dictionary<UUID,UUID> inventoryMap, 1770 private void CopyInventoryFolders(UUID destination, UUID source, AssetType assetType, Dictionary<UUID,UUID> inventoryMap,
1758 AvatarAppearance avatarAppearance) 1771 AvatarAppearance avatarAppearance)
1759 { 1772 {
@@ -1788,9 +1801,12 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1788 { 1801 {
1789 destinationFolder = new InventoryFolderBase(); 1802 destinationFolder = new InventoryFolderBase();
1790 destinationFolder.ID = UUID.Random(); 1803 destinationFolder.ID = UUID.Random();
1791 if (assetType == AssetType.Clothing) { 1804 if (assetType == AssetType.Clothing)
1805 {
1792 destinationFolder.Name = "Clothing"; 1806 destinationFolder.Name = "Clothing";
1793 } else { 1807 }
1808 else
1809 {
1794 destinationFolder.Name = "Body Parts"; 1810 destinationFolder.Name = "Body Parts";
1795 } 1811 }
1796 destinationFolder.Owner = destination; 1812 destinationFolder.Owner = destination;
@@ -1806,7 +1822,6 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1806 1822
1807 foreach (InventoryFolderBase folder in folders) 1823 foreach (InventoryFolderBase folder in folders)
1808 { 1824 {
1809
1810 extraFolder = new InventoryFolderBase(); 1825 extraFolder = new InventoryFolderBase();
1811 extraFolder.ID = UUID.Random(); 1826 extraFolder.ID = UUID.Random();
1812 extraFolder.Name = folder.Name; 1827 extraFolder.Name = folder.Name;
@@ -1864,7 +1879,6 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1864 /// <summary> 1879 /// <summary>
1865 /// Apply next owner permissions. 1880 /// Apply next owner permissions.
1866 /// </summary> 1881 /// </summary>
1867
1868 private void ApplyNextOwnerPermissions(InventoryItemBase item) 1882 private void ApplyNextOwnerPermissions(InventoryItemBase item)
1869 { 1883 {
1870 if (item.InvType == (int)InventoryType.Object && (item.CurrentPermissions & 7) != 0) 1884 if (item.InvType == (int)InventoryType.Object && (item.CurrentPermissions & 7) != 0)
@@ -2257,18 +2271,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2257 { 2271 {
2258 Hashtable requestData = (Hashtable) request.Params[0]; 2272 Hashtable requestData = (Hashtable) request.Params[0];
2259 2273
2260 // check completeness 2274 CheckStringParameters(request, new string[] {
2261 foreach (string parameter in new string[] {"password", "filename"}) 2275 "password", "filename"});
2262 {
2263 if (!requestData.Contains(parameter))
2264 throw new Exception(String.Format("missing parameter {0}", parameter));
2265 if (String.IsNullOrEmpty((string) requestData[parameter]))
2266 throw new Exception(String.Format("parameter {0} is empty", parameter));
2267 }
2268 2276
2269 // check password 2277 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2270 if (!String.IsNullOrEmpty(m_requiredPassword) &&
2271 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
2272 2278
2273 string filename = (string) requestData["filename"]; 2279 string filename = (string) requestData["filename"];
2274 Scene scene = null; 2280 Scene scene = null;
@@ -2374,18 +2380,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2374 { 2380 {
2375 Hashtable requestData = (Hashtable) request.Params[0]; 2381 Hashtable requestData = (Hashtable) request.Params[0];
2376 2382
2377 // check completeness 2383 CheckStringParameters(request, new string[] {
2378 foreach (string p in new string[] {"password", "filename"}) 2384 "password", "filename"});
2379 {
2380 if (!requestData.Contains(p))
2381 throw new Exception(String.Format("missing parameter {0}", p));
2382 if (String.IsNullOrEmpty((string) requestData[p]))
2383 throw new Exception(String.Format("parameter {0} is empty"));
2384 }
2385 2385
2386 // check password 2386 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2387 if (!String.IsNullOrEmpty(m_requiredPassword) &&
2388 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
2389 2387
2390 string filename = (string) requestData["filename"]; 2388 string filename = (string) requestData["filename"];
2391 Scene scene = null; 2389 Scene scene = null;
@@ -2431,11 +2429,16 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2431 { 2429 {
2432 scene.EventManager.OnOarFileSaved += RemoteAdminOarSaveCompleted; 2430 scene.EventManager.OnOarFileSaved += RemoteAdminOarSaveCompleted;
2433 archiver.ArchiveRegion(filename, options); 2431 archiver.ArchiveRegion(filename, options);
2434 lock (m_saveOarLock) Monitor.Wait(m_saveOarLock,5000); 2432
2433 lock (m_saveOarLock)
2434 Monitor.Wait(m_saveOarLock,5000);
2435
2435 scene.EventManager.OnOarFileSaved -= RemoteAdminOarSaveCompleted; 2436 scene.EventManager.OnOarFileSaved -= RemoteAdminOarSaveCompleted;
2436 } 2437 }
2437 else 2438 else
2439 {
2438 throw new Exception("Archiver module not present for scene"); 2440 throw new Exception("Archiver module not present for scene");
2441 }
2439 2442
2440 responseData["saved"] = true; 2443 responseData["saved"] = true;
2441 2444
@@ -2476,18 +2479,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2476 { 2479 {
2477 Hashtable requestData = (Hashtable) request.Params[0]; 2480 Hashtable requestData = (Hashtable) request.Params[0];
2478 2481
2479 // check completeness 2482 CheckStringParameters(request, new string[] {
2480 foreach (string p in new string[] {"password", "filename"}) 2483 "password", "filename"});
2481 {
2482 if (!requestData.Contains(p))
2483 throw new Exception(String.Format("missing parameter {0}", p));
2484 if (String.IsNullOrEmpty((string) requestData[p]))
2485 throw new Exception(String.Format("parameter {0} is empty"));
2486 }
2487 2484
2488 // check password 2485 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2489 if (!String.IsNullOrEmpty(m_requiredPassword) &&
2490 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
2491 2486
2492 string filename = (string) requestData["filename"]; 2487 string filename = (string) requestData["filename"];
2493 if (requestData.Contains("region_uuid")) 2488 if (requestData.Contains("region_uuid"))
@@ -2495,6 +2490,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2495 UUID region_uuid = (UUID) (string) requestData["region_uuid"]; 2490 UUID region_uuid = (UUID) (string) requestData["region_uuid"];
2496 if (!m_application.SceneManager.TrySetCurrentScene(region_uuid)) 2491 if (!m_application.SceneManager.TrySetCurrentScene(region_uuid))
2497 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString())); 2492 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString()));
2493
2498 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_uuid.ToString()); 2494 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_uuid.ToString());
2499 } 2495 }
2500 else if (requestData.Contains("region_name")) 2496 else if (requestData.Contains("region_name"))
@@ -2502,6 +2498,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2502 string region_name = (string) requestData["region_name"]; 2498 string region_name = (string) requestData["region_name"];
2503 if (!m_application.SceneManager.TrySetCurrentScene(region_name)) 2499 if (!m_application.SceneManager.TrySetCurrentScene(region_name))
2504 throw new Exception(String.Format("failed to switch to region {0}", region_name)); 2500 throw new Exception(String.Format("failed to switch to region {0}", region_name));
2501
2505 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_name); 2502 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_name);
2506 } 2503 }
2507 else throw new Exception("neither region_name nor region_uuid given"); 2504 else throw new Exception("neither region_name nor region_uuid given");
@@ -2560,18 +2557,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2560 { 2557 {
2561 Hashtable requestData = (Hashtable) request.Params[0]; 2558 Hashtable requestData = (Hashtable) request.Params[0];
2562 2559
2563 // check completeness 2560 CheckStringParameters(request, new string[] {
2564 foreach (string p in new string[] {"password", "filename"}) 2561 "password", "filename"});
2565 {
2566 if (!requestData.Contains(p))
2567 throw new Exception(String.Format("missing parameter {0}", p));
2568 if (String.IsNullOrEmpty((string) requestData[p]))
2569 throw new Exception(String.Format("parameter {0} is empty"));
2570 }
2571 2562
2572 // check password 2563 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2573 if (!String.IsNullOrEmpty(m_requiredPassword) &&
2574 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
2575 2564
2576 string filename = (string) requestData["filename"]; 2565 string filename = (string) requestData["filename"];
2577 if (requestData.Contains("region_uuid")) 2566 if (requestData.Contains("region_uuid"))
@@ -2646,17 +2635,17 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2646 2635
2647 Hashtable requestData = (Hashtable) request.Params[0]; 2636 Hashtable requestData = (Hashtable) request.Params[0];
2648 2637
2649 // check completeness 2638 CheckStringParameters(request, new string[] {
2650 if (!requestData.Contains("password")) 2639 "password"});
2651 throw new Exception(String.Format("missing required parameter")); 2640
2652 if (!String.IsNullOrEmpty(m_requiredPassword) && 2641 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2653 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
2654 2642
2655 if (requestData.Contains("region_uuid")) 2643 if (requestData.Contains("region_uuid"))
2656 { 2644 {
2657 UUID region_uuid = (UUID) (string) requestData["region_uuid"]; 2645 UUID region_uuid = (UUID) (string) requestData["region_uuid"];
2658 if (!m_application.SceneManager.TrySetCurrentScene(region_uuid)) 2646 if (!m_application.SceneManager.TrySetCurrentScene(region_uuid))
2659 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString())); 2647 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString()));
2648
2660 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_uuid.ToString()); 2649 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_uuid.ToString());
2661 } 2650 }
2662 else if (requestData.Contains("region_name")) 2651 else if (requestData.Contains("region_name"))
@@ -2664,6 +2653,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2664 string region_name = (string) requestData["region_name"]; 2653 string region_name = (string) requestData["region_name"];
2665 if (!m_application.SceneManager.TrySetCurrentScene(region_name)) 2654 if (!m_application.SceneManager.TrySetCurrentScene(region_name))
2666 throw new Exception(String.Format("failed to switch to region {0}", region_name)); 2655 throw new Exception(String.Format("failed to switch to region {0}", region_name));
2656
2667 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_name); 2657 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_name);
2668 } 2658 }
2669 else throw new Exception("neither region_name nor region_uuid given"); 2659 else throw new Exception("neither region_name nor region_uuid given");
@@ -2685,6 +2675,7 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2685 } 2675 }
2686 2676
2687 m_log.Info("[RADMIN]: Query XML Administrator Request complete"); 2677 m_log.Info("[RADMIN]: Query XML Administrator Request complete");
2678
2688 return response; 2679 return response;
2689 } 2680 }
2690 2681
@@ -2703,14 +2694,11 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2703 2694
2704 Hashtable requestData = (Hashtable) request.Params[0]; 2695 Hashtable requestData = (Hashtable) request.Params[0];
2705 2696
2706 // check completeness 2697 CheckStringParameters(request, new string[] {
2707 if (!requestData.Contains("password")) 2698 "password", "command"});
2708 throw new Exception(String.Format("missing required parameter")); 2699
2709 if (!String.IsNullOrEmpty(m_requiredPassword) && 2700 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2710 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password");
2711 2701
2712 if (!requestData.Contains("command"))
2713 throw new Exception(String.Format("missing required parameter"));
2714 MainConsole.Instance.RunCommand(requestData["command"].ToString()); 2702 MainConsole.Instance.RunCommand(requestData["command"].ToString());
2715 2703
2716 response.Value = responseData; 2704 response.Value = responseData;
@@ -2744,10 +2732,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2744 2732
2745 Hashtable requestData = (Hashtable) request.Params[0]; 2733 Hashtable requestData = (Hashtable) request.Params[0];
2746 2734
2747 if (!requestData.Contains("password")) 2735 CheckStringParameters(request, new string[] {
2748 throw new Exception(String.Format("missing required parameter")); 2736 "password"});
2749 if (!String.IsNullOrEmpty(m_requiredPassword) && 2737
2750 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password"); 2738 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2751 2739
2752 if (requestData.Contains("region_uuid")) 2740 if (requestData.Contains("region_uuid"))
2753 { 2741 {
@@ -2761,12 +2749,14 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2761 string region_name = (string) requestData["region_name"]; 2749 string region_name = (string) requestData["region_name"];
2762 if (!m_application.SceneManager.TrySetCurrentScene(region_name)) 2750 if (!m_application.SceneManager.TrySetCurrentScene(region_name))
2763 throw new Exception(String.Format("failed to switch to region {0}", region_name)); 2751 throw new Exception(String.Format("failed to switch to region {0}", region_name));
2752
2764 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_name); 2753 m_log.InfoFormat("[RADMIN]: Switched to region {0}", region_name);
2765 } 2754 }
2766 else throw new Exception("neither region_name nor region_uuid given"); 2755 else throw new Exception("neither region_name nor region_uuid given");
2767 2756
2768 Scene scene = m_application.SceneManager.CurrentScene; 2757 Scene scene = m_application.SceneManager.CurrentScene;
2769 scene.RegionInfo.EstateSettings.EstateAccess = new UUID[]{}; 2758 scene.RegionInfo.EstateSettings.EstateAccess = new UUID[]{};
2759
2770 if (scene.RegionInfo.Persistent) 2760 if (scene.RegionInfo.Persistent)
2771 scene.RegionInfo.EstateSettings.Save(); 2761 scene.RegionInfo.EstateSettings.Save();
2772 } 2762 }
@@ -2801,10 +2791,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2801 2791
2802 Hashtable requestData = (Hashtable) request.Params[0]; 2792 Hashtable requestData = (Hashtable) request.Params[0];
2803 2793
2804 if (!requestData.Contains("password")) 2794 CheckStringParameters(request, new string[] {
2805 throw new Exception(String.Format("missing required parameter")); 2795 "password"});
2806 if (!String.IsNullOrEmpty(m_requiredPassword) && 2796
2807 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password"); 2797 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2808 2798
2809 if (requestData.Contains("region_uuid")) 2799 if (requestData.Contains("region_uuid"))
2810 { 2800 {
@@ -2888,10 +2878,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2888 2878
2889 Hashtable requestData = (Hashtable) request.Params[0]; 2879 Hashtable requestData = (Hashtable) request.Params[0];
2890 2880
2891 if (!requestData.Contains("password")) 2881 CheckStringParameters(request, new string[] {
2892 throw new Exception(String.Format("missing required parameter")); 2882 "password"});
2893 if (!String.IsNullOrEmpty(m_requiredPassword) && 2883
2894 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password"); 2884 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2895 2885
2896 if (requestData.Contains("region_uuid")) 2886 if (requestData.Contains("region_uuid"))
2897 { 2887 {
@@ -2975,10 +2965,10 @@ namespace OpenSim.ApplicationPlugins.RemoteController
2975 2965
2976 Hashtable requestData = (Hashtable) request.Params[0]; 2966 Hashtable requestData = (Hashtable) request.Params[0];
2977 2967
2978 if (!requestData.Contains("password")) 2968 CheckStringParameters(request, new string[] {
2979 throw new Exception(String.Format("missing required parameter")); 2969 "password"});
2980 if (!String.IsNullOrEmpty(m_requiredPassword) && 2970
2981 (string) requestData["password"] != m_requiredPassword) throw new Exception("wrong password"); 2971 FailIfRemoteAdminNotAllowed((string)requestData["password"], remoteClient.Address.ToString());
2982 2972
2983 if (requestData.Contains("region_uuid")) 2973 if (requestData.Contains("region_uuid"))
2984 { 2974 {
@@ -3192,7 +3182,9 @@ namespace OpenSim.ApplicationPlugins.RemoteController
3192 bool success = false; 3182 bool success = false;
3193 if (authenticationService != null) 3183 if (authenticationService != null)
3194 success = authenticationService.SetPassword(account.PrincipalID, password); 3184 success = authenticationService.SetPassword(account.PrincipalID, password);
3195 if (!success) { 3185
3186 if (!success)
3187 {
3196 m_log.WarnFormat("[RADMIN]: Unable to set password for account {0} {1}.", 3188 m_log.WarnFormat("[RADMIN]: Unable to set password for account {0} {1}.",
3197 firstName, lastName); 3189 firstName, lastName);
3198 return false; 3190 return false;
@@ -3206,4 +3198,4 @@ namespace OpenSim.ApplicationPlugins.RemoteController
3206 } 3198 }
3207 } 3199 }
3208 } 3200 }
3209} 3201} \ No newline at end of file
diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example
index d795952..d7c3a64 100644
--- a/bin/OpenSim.ini.example
+++ b/bin/OpenSim.ini.example
@@ -405,6 +405,10 @@
405 ;; the "password" parameter) 405 ;; the "password" parameter)
406 ; access_password = "" 406 ; access_password = ""
407 407
408 ;# List the IP addresses allowed to call RemoteAdmin
409 ;; access_ip_addresses = 0.0.0.0, 0.0.0.0 ...
410 ; access_ip_addresses =
411
408 ;# {create_region_enable_voice} {enabled:true} {Enable voice for newly created regions?} {true false} false 412 ;# {create_region_enable_voice} {enabled:true} {Enable voice for newly created regions?} {true false} false
409 ;; set this variable to true if you want the create_region XmlRpc 413 ;; set this variable to true if you want the create_region XmlRpc
410 ;; call to unconditionally enable voice on all parcels for a newly 414 ;; call to unconditionally enable voice on all parcels for a newly
diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini
index c4f5592..a2542da 100644
--- a/bin/OpenSimDefaults.ini
+++ b/bin/OpenSimDefaults.ini
@@ -802,6 +802,10 @@
802 ; This password is required to make any XMLRPC call (should be set as the "password" parameter) 802 ; This password is required to make any XMLRPC call (should be set as the "password" parameter)
803 access_password = unknown 803 access_password = unknown
804 804
805 ; List the IP addresses allowed to call RemoteAdmin
806 ; access_ip_addresses = 0.0.0.0, 0.0.0.0 ...
807 ; access_ip_addresses =
808
805 ; set this variable to true if you want the create_region XmlRpc 809 ; set this variable to true if you want the create_region XmlRpc
806 ; call to unconditionally enable voice on all parcels for a newly 810 ; call to unconditionally enable voice on all parcels for a newly
807 ; created region [default: false] 811 ; created region [default: false]