First draft of the inventory service IN connector. Probably won't work yet. But everything of inventory service is now checked in, first draft.

author: diva 2009-06-08 03:16:55 +0000
committer: diva 2009-06-08 03:16:55 +0000
commit: 9216f4b7c2519c4c7aef7961343b5d6e978ae585 (patch)
tree: 0cbd7d32ad19635f5f969f6daa9df9834594cd04
parent: Added more functions to IInventoryService. Unsure about whether all of these ... (diff)
download: opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.zip
opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.tar.gz
opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.tar.bz2
opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.tar.xz
2 files changed, 277 insertions, 0 deletions
diff --git a/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
new file mode 100644
index 0000000..c8d08de
--- /dev/null
+++ b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
@@ -0,0 +1,276 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Net;
+using System.Reflection;
+using log4net;
+using Nini.Config;
+using Nwc.XmlRpc;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
+using OpenSim.Framework;
+using OpenSim.Framework.Servers.HttpServer;
+using OpenSim.Server.Handlers.Base;
+using OpenMetaverse;
+namespace OpenSim.Server.Handlers.Inventory
+{
+    public class InventoryServiceInConnector : ServiceConnector
+    {
+        private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+        private IInventoryService m_InventoryService;
+        private bool m_doLookup = false;
+        //private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs
+        //private AuthedSessionCache m_session_cache = new AuthedSessionCache(INVENTORY_DEFAULT_SESSION_TIME);
+        private string m_userserver_url;
+        public InventoryServiceInConnector(IConfigSource config, IHttpServer server) :
+                base(config, server)
+        {
+            IConfig serverConfig = config.Configs["InventoryService"];
+            if (serverConfig == null)
+                throw new Exception("No section 'InventoryService' in config file");
+            string inventoryService = serverConfig.GetString("LocalServiceModule",
+                    String.Empty);
+            if (inventoryService == String.Empty)
+                throw new Exception("No InventoryService in config file");
+            Object[] args = new Object[] { config };
+            m_InventoryService =
+                    ServerUtils.LoadPlugin<IInventoryService>(inventoryService, args);
+            m_userserver_url = serverConfig.GetString("UserServerURI", String.Empty);
+            m_doLookup = serverConfig.GetBoolean("SessionAuthentication", false);
+            AddHttpHandlers(server);
+        }
+        protected virtual void AddHttpHandlers(IHttpServer m_httpServer)
+        {
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
+                    "POST", "/GetInventory/", GetUserInventory, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/UpdateFolder/", m_InventoryService.UpdateFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/MoveFolder/", m_InventoryService.MoveFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/PurgeFolder/", m_InventoryService.PurgeFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
+                    "POST", "/DeleteItem/", m_InventoryService.DeleteItem, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryItemBase, InventoryItemBase>(
+                    "POST", "/QueryItem/", m_InventoryService.QueryItem, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, InventoryFolderBase>(
+                    "POST", "/QueryFolder/", m_InventoryService.QueryFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, bool>(
+                    "POST", "/CreateInventory/", CreateUsersInventory, CheckTrustSource));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/NewFolder/", m_InventoryService.AddFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<InventoryFolderBase, bool>(
+                    "POST", "/CreateFolder/", m_InventoryService.AddFolder, CheckTrustSource));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
+                    "POST", "/NewItem/", m_InventoryService.AddItem, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+             new RestDeserialiseTrustedHandler<InventoryItemBase, bool>(
+                 "POST", "/AddNewItem/", m_InventoryService.AddItem, CheckTrustSource));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>(
+                    "POST", "/GetItems/", GetFolderItems, CheckTrustSource));
+            // for persistent active gestures
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>
+                    ("POST", "/ActiveGestures/", GetActiveGestures, CheckTrustSource));
+            // WARNING: Root folders no longer just delivers the root and immediate child folders (e.g
+            // system folders such as Objects, Textures), but it now returns the entire inventory skeleton.
+            // It would have been better to rename this request, but complexities in the BaseHttpServer
+            // (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier
+            // to do this for now.
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>>
+                    ("POST", "/RootFolders/", GetInventorySkeleton, CheckTrustSource));
+        }
+        #region Wrappers for converting the Guid parameter
+        public InventoryCollection GetUserInventory(Guid guid)
+        {
+            UUID userID = new UUID(guid);
+            return m_InventoryService.GetUserInventory(userID);
+        }
+        public List<InventoryItemBase> GetFolderItems(Guid folderID)
+        {
+            List<InventoryItemBase> allItems = new List<InventoryItemBase>();
+            List<InventoryItemBase> items = m_InventoryService.GetFolderItems(new UUID(folderID));
+            if (items != null)
+            {
+                allItems.InsertRange(0, items);
+            }
+            return allItems;
+        }
+        public bool CreateUsersInventory(Guid rawUserID)
+        {
+            UUID userID = new UUID(rawUserID);
+            return m_InventoryService.CreateUserInventory(userID);
+        }
+        public List<InventoryItemBase> GetActiveGestures(Guid rawUserID)
+        {
+            UUID userID = new UUID(rawUserID);
+            return m_InventoryService.GetActiveGestures(userID);
+        }
+        public List<InventoryFolderBase> GetInventorySkeleton(Guid rawUserID)
+        {
+            UUID userID = new UUID(rawUserID);
+            return m_InventoryService.GetInventorySkeleton(userID);
+        }
+        #endregion
+        /// <summary>
+        /// Check that the source of an inventory request is one that we trust.
+        /// </summary>
+        /// <param name="peer"></param>
+        /// <returns></returns>
+        public bool CheckTrustSource(IPEndPoint peer)
+        {
+            if (m_doLookup)
+            {
+                m_log.InfoFormat("[INVENTORY IN CONNECTOR]: Checking trusted source {0}", peer);
+                UriBuilder ub = new UriBuilder(m_userserver_url);
+                IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host);
+                foreach (IPAddress uaddr in uaddrs)
+                {
+                    if (uaddr.Equals(peer.Address))
+                    {
+                        return true;
+                    }
+                }
+                m_log.WarnFormat(
+                    "[INVENTORY IN CONNECTOR]: Rejecting request since source {0} was not in the list of trusted sources",
+                    peer);
+                return false;
+            }
+            else
+            {
+                return true;
+            }
+        }
+        /// <summary>
+        /// Check that the source of an inventory request for a particular agent is a current session belonging to
+        /// that agent.
+        /// </summary>
+        /// <param name="session_id"></param>
+        /// <param name="avatar_id"></param>
+        /// <returns></returns>
+        public bool CheckAuthSession(string session_id, string avatar_id)
+        {
+            if (m_doLookup)
+            {
+                m_log.InfoFormat("[INVENTORY IN CONNECTOR]: checking authed session {0} {1}", session_id, avatar_id);
+                //if (m_session_cache.getCachedSession(session_id, avatar_id) == null)
+                //{
+                    // cache miss, ask userserver
+                    Hashtable requestData = new Hashtable();
+                    requestData["avatar_uuid"] = avatar_id;
+                    requestData["session_id"] = session_id;
+                    ArrayList SendParams = new ArrayList();
+                    SendParams.Add(requestData);
+                    XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams);
+                    XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000);
+                    Hashtable responseData = (Hashtable)UserResp.Value;
+                    if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE")
+                    {
+                        m_log.Info("[INVENTORY IN CONNECTOR]: got authed session from userserver");
+                        //// add to cache; the session time will be automatically renewed
+                        //m_session_cache.Add(session_id, avatar_id);
+                        return true;
+                    }
+                //}
+                //else
+                //{
+                //    // cache hits
+                //    m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache");
+                //    return true;
+                //}
+                    m_log.Warn("[INVENTORY IN CONNECTOR]: unknown session_id, request rejected");
+                return false;
+            }
+            else
+            {
+                return true;
+            }
+        }
+    }
+}
diff --git a/prebuild.xml b/prebuild.xml
index 9e6b686..f97bd7a 100644
--- a/prebuild.xml
+++ b/prebuild.xml
@@ -1475,6 +1475,7 @@
      <Reference name="OpenSim.Server.Base"/>
      <Reference name="OpenSim.Services.Base" />
      <Reference name="OpenSim.Services.Interfaces"/>
+      <Reference name="XMLRPC.dll" />
      <Reference name="Nini.dll" />
      <Reference name="log4net.dll"/>
author	diva	2009-06-08 03:16:55 +0000
committer	diva	2009-06-08 03:16:55 +0000
commit	9216f4b7c2519c4c7aef7961343b5d6e978ae585 (patch)
tree	0cbd7d32ad19635f5f969f6daa9df9834594cd04
parent	Added more functions to IInventoryService. Unsure about whether all of these ... (diff)
download	opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.zip opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.tar.gz opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.tar.bz2 opensim-SC_OLD-9216f4b7c2519c4c7aef7961343b5d6e978ae585.tar.xz

diff --git a/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs new file mode 100644 index 0000000..c8d08de --- /dev/null +++ b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
@@ -0,0 +1,276 @@
		1	/*
		2	* Copyright (c) Contributors, http://opensimulator.org/
		3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
		4	*
		5	* Redistribution and use in source and binary forms, with or without
		6	* modification, are permitted provided that the following conditions are met:
		7	* * Redistributions of source code must retain the above copyright
		8	* notice, this list of conditions and the following disclaimer.
		9	* * Redistributions in binary form must reproduce the above copyright
		10	* notice, this list of conditions and the following disclaimer in the
		11	* documentation and/or other materials provided with the distribution.
		12	* * Neither the name of the OpenSimulator Project nor the
		13	* names of its contributors may be used to endorse or promote products
		14	* derived from this software without specific prior written permission.
		15	*
		16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
		17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
		18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
		19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
		20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
		21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
		23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
		24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
		25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		26	*/
		27
		28	using System;
		29	using System.Collections;
		30	using System.Collections.Generic;
		31	using System.Net;
		32	using System.Reflection;
		33	using log4net;
		34	using Nini.Config;
		35	using Nwc.XmlRpc;
		36	using OpenSim.Server.Base;
		37	using OpenSim.Services.Interfaces;
		38	using OpenSim.Framework;
		39	using OpenSim.Framework.Servers.HttpServer;
		40	using OpenSim.Server.Handlers.Base;
		41	using OpenMetaverse;
		42
		43	namespace OpenSim.Server.Handlers.Inventory
		44	{
		45	public class InventoryServiceInConnector : ServiceConnector
		46	{
		47	private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
		48
		49	private IInventoryService m_InventoryService;
		50
		51	private bool m_doLookup = false;
		52
		53	//private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs
		54	//private AuthedSessionCache m_session_cache = new AuthedSessionCache(INVENTORY_DEFAULT_SESSION_TIME);
		55
		56	private string m_userserver_url;
		57
		58	public InventoryServiceInConnector(IConfigSource config, IHttpServer server) :
		59	base(config, server)
		60	{
		61	IConfig serverConfig = config.Configs["InventoryService"];
		62	if (serverConfig == null)
		63	throw new Exception("No section 'InventoryService' in config file");
		64
		65	string inventoryService = serverConfig.GetString("LocalServiceModule",
		66	String.Empty);
		67
		68	if (inventoryService == String.Empty)
		69	throw new Exception("No InventoryService in config file");
		70
		71	Object[] args = new Object[] { config };
		72	m_InventoryService =
		73	ServerUtils.LoadPlugin<IInventoryService>(inventoryService, args);
		74
		75	m_userserver_url = serverConfig.GetString("UserServerURI", String.Empty);
		76	m_doLookup = serverConfig.GetBoolean("SessionAuthentication", false);
		77
		78	AddHttpHandlers(server);
		79	}
		80
		81	protected virtual void AddHttpHandlers(IHttpServer m_httpServer)
		82	{
		83	m_httpServer.AddStreamHandler(
		84	new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
		85	"POST", "/GetInventory/", GetUserInventory, CheckAuthSession));
		86
		87	m_httpServer.AddStreamHandler(
		88	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
		89	"POST", "/UpdateFolder/", m_InventoryService.UpdateFolder, CheckAuthSession));
		90
		91	m_httpServer.AddStreamHandler(
		92	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
		93	"POST", "/MoveFolder/", m_InventoryService.MoveFolder, CheckAuthSession));
		94
		95	m_httpServer.AddStreamHandler(
		96	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
		97	"POST", "/PurgeFolder/", m_InventoryService.PurgeFolder, CheckAuthSession));
		98
		99	m_httpServer.AddStreamHandler(
		100	new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
		101	"POST", "/DeleteItem/", m_InventoryService.DeleteItem, CheckAuthSession));
		102
		103	m_httpServer.AddStreamHandler(
		104	new RestDeserialiseSecureHandler<InventoryItemBase, InventoryItemBase>(
		105	"POST", "/QueryItem/", m_InventoryService.QueryItem, CheckAuthSession));
		106
		107	m_httpServer.AddStreamHandler(
		108	new RestDeserialiseSecureHandler<InventoryFolderBase, InventoryFolderBase>(
		109	"POST", "/QueryFolder/", m_InventoryService.QueryFolder, CheckAuthSession));
		110
		111	m_httpServer.AddStreamHandler(
		112	new RestDeserialiseTrustedHandler<Guid, bool>(
		113	"POST", "/CreateInventory/", CreateUsersInventory, CheckTrustSource));
		114
		115	m_httpServer.AddStreamHandler(
		116	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
		117	"POST", "/NewFolder/", m_InventoryService.AddFolder, CheckAuthSession));
		118
		119	m_httpServer.AddStreamHandler(
		120	new RestDeserialiseTrustedHandler<InventoryFolderBase, bool>(
		121	"POST", "/CreateFolder/", m_InventoryService.AddFolder, CheckTrustSource));
		122
		123	m_httpServer.AddStreamHandler(
		124	new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
		125	"POST", "/NewItem/", m_InventoryService.AddItem, CheckAuthSession));
		126
		127	m_httpServer.AddStreamHandler(
		128	new RestDeserialiseTrustedHandler<InventoryItemBase, bool>(
		129	"POST", "/AddNewItem/", m_InventoryService.AddItem, CheckTrustSource));
		130
		131	m_httpServer.AddStreamHandler(
		132	new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>(
		133	"POST", "/GetItems/", GetFolderItems, CheckTrustSource));
		134
		135	// for persistent active gestures
		136	m_httpServer.AddStreamHandler(
		137	new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>
		138	("POST", "/ActiveGestures/", GetActiveGestures, CheckTrustSource));
		139
		140	// WARNING: Root folders no longer just delivers the root and immediate child folders (e.g
		141	// system folders such as Objects, Textures), but it now returns the entire inventory skeleton.
		142	// It would have been better to rename this request, but complexities in the BaseHttpServer
		143	// (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier
		144	// to do this for now.
		145	m_httpServer.AddStreamHandler(
		146	new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>>
		147	("POST", "/RootFolders/", GetInventorySkeleton, CheckTrustSource));
		148	}
		149
		150	#region Wrappers for converting the Guid parameter
		151
		152	public InventoryCollection GetUserInventory(Guid guid)
		153	{
		154	UUID userID = new UUID(guid);
		155	return m_InventoryService.GetUserInventory(userID);
		156	}
		157
		158	public List<InventoryItemBase> GetFolderItems(Guid folderID)
		159	{
		160	List<InventoryItemBase> allItems = new List<InventoryItemBase>();
		161
		162	List<InventoryItemBase> items = m_InventoryService.GetFolderItems(new UUID(folderID));
		163
		164	if (items != null)
		165	{
		166	allItems.InsertRange(0, items);
		167	}
		168	return allItems;
		169	}
		170
		171	public bool CreateUsersInventory(Guid rawUserID)
		172	{
		173	UUID userID = new UUID(rawUserID);
		174
		175
		176	return m_InventoryService.CreateUserInventory(userID);
		177	}
		178
		179	public List<InventoryItemBase> GetActiveGestures(Guid rawUserID)
		180	{
		181	UUID userID = new UUID(rawUserID);
		182
		183	return m_InventoryService.GetActiveGestures(userID);
		184	}
		185
		186	public List<InventoryFolderBase> GetInventorySkeleton(Guid rawUserID)
		187	{
		188	UUID userID = new UUID(rawUserID);
		189	return m_InventoryService.GetInventorySkeleton(userID);
		190	}
		191
		192	#endregion
		193
		194	/// <summary>
		195	/// Check that the source of an inventory request is one that we trust.
		196	/// </summary>
		197	/// <param name="peer"></param>
		198	/// <returns></returns>
		199	public bool CheckTrustSource(IPEndPoint peer)
		200	{
		201	if (m_doLookup)
		202	{
		203	m_log.InfoFormat("[INVENTORY IN CONNECTOR]: Checking trusted source {0}", peer);
		204	UriBuilder ub = new UriBuilder(m_userserver_url);
		205	IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host);
		206	foreach (IPAddress uaddr in uaddrs)
		207	{
		208	if (uaddr.Equals(peer.Address))
		209	{
		210	return true;
		211	}
		212	}
		213
		214	m_log.WarnFormat(
		215	"[INVENTORY IN CONNECTOR]: Rejecting request since source {0} was not in the list of trusted sources",
		216	peer);
		217
		218	return false;
		219	}
		220	else
		221	{
		222	return true;
		223	}
		224	}
		225
		226	/// <summary>
		227	/// Check that the source of an inventory request for a particular agent is a current session belonging to
		228	/// that agent.
		229	/// </summary>
		230	/// <param name="session_id"></param>
		231	/// <param name="avatar_id"></param>
		232	/// <returns></returns>
		233	public bool CheckAuthSession(string session_id, string avatar_id)
		234	{
		235	if (m_doLookup)
		236	{
		237	m_log.InfoFormat("[INVENTORY IN CONNECTOR]: checking authed session {0} {1}", session_id, avatar_id);
		238
		239	//if (m_session_cache.getCachedSession(session_id, avatar_id) == null)
		240	//{
		241	// cache miss, ask userserver
		242	Hashtable requestData = new Hashtable();
		243	requestData["avatar_uuid"] = avatar_id;
		244	requestData["session_id"] = session_id;
		245	ArrayList SendParams = new ArrayList();
		246	SendParams.Add(requestData);
		247	XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams);
		248	XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000);
		249
		250	Hashtable responseData = (Hashtable)UserResp.Value;
		251	if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE")
		252	{
		253	m_log.Info("[INVENTORY IN CONNECTOR]: got authed session from userserver");
		254	//// add to cache; the session time will be automatically renewed
		255	//m_session_cache.Add(session_id, avatar_id);
		256	return true;
		257	}
		258	//}
		259	//else
		260	//{
		261	// // cache hits
		262	// m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache");
		263	// return true;
		264	//}
		265
		266	m_log.Warn("[INVENTORY IN CONNECTOR]: unknown session_id, request rejected");
		267	return false;
		268	}
		269	else
		270	{
		271	return true;
		272	}
		273	}
		274
		275	}
		276	}


diff --git a/prebuild.xml b/prebuild.xml index 9e6b686..f97bd7a 100644 --- a/prebuild.xml +++ b/prebuild.xml
@@ -1475,6 +1475,7 @@
1475	<Reference name="OpenSim.Server.Base"/>	1475	<Reference name="OpenSim.Server.Base"/>
1476	<Reference name="OpenSim.Services.Base" />	1476	<Reference name="OpenSim.Services.Base" />
1477	<Reference name="OpenSim.Services.Interfaces"/>	1477	<Reference name="OpenSim.Services.Interfaces"/>
		1478	<Reference name="XMLRPC.dll" />
1478	<Reference name="Nini.dll" />	1479	<Reference name="Nini.dll" />
1479	<Reference name="log4net.dll"/>	1480	<Reference name="log4net.dll"/>
1480		1481