Patches #9143 and #9144 (Mantis #1723)

Changes the permissions module to make scripts permissive only when intended Adds security checks to asset transfers to prevent hacked clients fron requesting script sources. Adds security checks to llClientView to verify all aspects of ownership and permissions for inventory based script retrieval.
author: Melanie Thielker 2008-07-12 06:24:43 +0000
committer: Melanie Thielker 2008-07-12 06:24:43 +0000
commit: f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f (patch)
tree: c844e2aa064ef816bd2c5cb787af7812cbf04d5a
parent: Passes prim physical status to mesher from physics plugins (diff)
download: opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.zip
opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.tar.gz
opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.tar.bz2
opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.tar.xz
3 files changed, 68 insertions, 2 deletions
diff --git a/OpenSim/Framework/Communications/Cache/AssetCache.cs b/OpenSim/Framework/Communications/Cache/AssetCache.cs
index d0bcc98..90b0a10 100644
--- a/OpenSim/Framework/Communications/Cache/AssetCache.cs
+++ b/OpenSim/Framework/Communications/Cache/AssetCache.cs
@@ -445,7 +445,10 @@ namespace OpenSim.Framework.Communications.Cache
                        req.NumPackets = CalculateNumPackets(assetInf.Data);
                        RequestedAssets.Remove(assetInf.FullID);
-                        AssetRequests.Add(req);
+                        // If it's a direct request for a script, drop it
+                        // because it's a hacked client
+                        if(req.AssetRequestSource != 2 || assetInf.Type != 10)
+                            AssetRequests.Add(req);
                    }
                }
            }
@@ -609,6 +612,10 @@ namespace OpenSim.Framework.Communications.Cache
                return;
            }
+            // Scripts cannot be retrieved by direct request
+            if (transferRequest.TransferInfo.SourceType == 2 && asset.Type == 10)
+                return;
            // The asset is knosn to exist and is in our cache, so add it to the AssetRequests list
            AssetRequest req = new AssetRequest();
            req.RequestUser = userInfo;
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
index 8293319..7f95ddd 100644
--- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
+++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
@@ -5110,6 +5110,65 @@ namespace OpenSim.Region.ClientStack.LindenUDP
                    case PacketType.TransferRequest:
                        //Console.WriteLine("ClientView.ProcessPackets.cs:ProcessInPacket() - Got transfer request");
                        TransferRequestPacket transfer = (TransferRequestPacket)Pack;
+                        // Validate inventory transfers
+                        // Has to be done here, because AssetCache can't do it
+                        //
+                        if (transfer.TransferInfo.SourceType == 3)
+                        {
+                            LLUUID taskID = null;
+                            LLUUID itemID = null;
+                            LLUUID requestID = null;
+                            taskID = new LLUUID(transfer.TransferInfo.Params, 48);
+                            itemID = new LLUUID(transfer.TransferInfo.Params, 64);
+                            requestID = new LLUUID(transfer.TransferInfo.Params, 80);
+                            if (!(((Scene)m_scene).ExternalChecks.ExternalChecksBypassPermissions()))
+                            {
+                                if(taskID != LLUUID.Zero) // Prim
+                                {
+                                    SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID);
+                                    if(part == null)
+                                        break;
+                                    if(part.OwnerID != AgentId)
+                                        break;
+                                    if((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
+                                        break;
+                                    TaskInventoryItem ti = part.GetInventoryItem(itemID);
+                                    if(ti == null)
+                                        break;
+                                    if(ti.OwnerID != AgentId)
+                                        break;
+                                    if((ti.OwnerMask & ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer))
+                                        break;
+                                    if(ti.AssetID != requestID)
+                                        break;
+                                }
+                                else // Agent
+                                {
+                                    CachedUserInfo userInfo = ((Scene)m_scene).CommsManager.UserProfileCacheService.GetUserDetails(AgentId);
+                                    if(userInfo == null)
+                                        break;
+                                    if(userInfo.RootFolder == null)
+                                        break;
+                                    InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(itemID);
+                                    if(assetRequestItem == null)
+                                        return;
+                                    if((assetRequestItem.CurrentPermissions & ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify| (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer))
+                                        break;
+                                    if(assetRequestItem.AssetID != requestID)
+                                        break;
+                                }
+                            }
+                        }
                        m_assetCache.AddAssetRequest(this, transfer);
                        /* RequestAsset = OnRequestAsset;
                         if (RequestAsset != null)
diff --git a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs
index f571408..41bb610 100644
--- a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs
@@ -602,7 +602,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions
                DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
                if (m_bypassPermissions) return m_bypassPermissionsValue;
-                return true;
+                return false;
            }
            private bool CanEditNotecard(LLUUID notecard, LLUUID objectID, LLUUID user, Scene scene)
author	Melanie Thielker	2008-07-12 06:24:43 +0000
committer	Melanie Thielker	2008-07-12 06:24:43 +0000
commit	f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f (patch)
tree	c844e2aa064ef816bd2c5cb787af7812cbf04d5a
parent	Passes prim physical status to mesher from physics plugins (diff)
download	opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.zip opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.tar.gz opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.tar.bz2 opensim-SC_OLD-f629fdb88d35d1c2f0a3ce97fdd7d9acdc25e11f.tar.xz

diff --git a/OpenSim/Framework/Communications/Cache/AssetCache.cs b/OpenSim/Framework/Communications/Cache/AssetCache.cs index d0bcc98..90b0a10 100644 --- a/OpenSim/Framework/Communications/Cache/AssetCache.cs +++ b/OpenSim/Framework/Communications/Cache/AssetCache.cs
@@ -445,7 +445,10 @@ namespace OpenSim.Framework.Communications.Cache
445	req.NumPackets = CalculateNumPackets(assetInf.Data);	445	req.NumPackets = CalculateNumPackets(assetInf.Data);
446		446
447	RequestedAssets.Remove(assetInf.FullID);	447	RequestedAssets.Remove(assetInf.FullID);
448	AssetRequests.Add(req);	448	// If it's a direct request for a script, drop it
		449	// because it's a hacked client
		450	if(req.AssetRequestSource != 2 \|\| assetInf.Type != 10)
		451	AssetRequests.Add(req);
449	}	452	}
450	}	453	}
451	}	454	}
@@ -609,6 +612,10 @@ namespace OpenSim.Framework.Communications.Cache
609	return;	612	return;
610	}	613	}
611		614
		615	// Scripts cannot be retrieved by direct request
		616	if (transferRequest.TransferInfo.SourceType == 2 && asset.Type == 10)
		617	return;
		618
612	// The asset is knosn to exist and is in our cache, so add it to the AssetRequests list	619	// The asset is knosn to exist and is in our cache, so add it to the AssetRequests list
613	AssetRequest req = new AssetRequest();	620	AssetRequest req = new AssetRequest();
614	req.RequestUser = userInfo;	621	req.RequestUser = userInfo;


diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index 8293319..7f95ddd 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
@@ -5110,6 +5110,65 @@ namespace OpenSim.Region.ClientStack.LindenUDP
5110	case PacketType.TransferRequest:	5110	case PacketType.TransferRequest:
5111	//Console.WriteLine("ClientView.ProcessPackets.cs:ProcessInPacket() - Got transfer request");	5111	//Console.WriteLine("ClientView.ProcessPackets.cs:ProcessInPacket() - Got transfer request");
5112	TransferRequestPacket transfer = (TransferRequestPacket)Pack;	5112	TransferRequestPacket transfer = (TransferRequestPacket)Pack;
		5113	// Validate inventory transfers
		5114	// Has to be done here, because AssetCache can't do it
		5115	//
		5116	if (transfer.TransferInfo.SourceType == 3)
		5117	{
		5118	LLUUID taskID = null;
		5119	LLUUID itemID = null;
		5120	LLUUID requestID = null;
		5121	taskID = new LLUUID(transfer.TransferInfo.Params, 48);
		5122	itemID = new LLUUID(transfer.TransferInfo.Params, 64);
		5123	requestID = new LLUUID(transfer.TransferInfo.Params, 80);
		5124	if (!(((Scene)m_scene).ExternalChecks.ExternalChecksBypassPermissions()))
		5125	{
		5126	if(taskID != LLUUID.Zero) // Prim
		5127	{
		5128	SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID);
		5129	if(part == null)
		5130	break;
		5131
		5132	if(part.OwnerID != AgentId)
		5133	break;
		5134
		5135	if((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
		5136	break;
		5137
		5138	TaskInventoryItem ti = part.GetInventoryItem(itemID);
		5139	if(ti == null)
		5140	break;
		5141
		5142	if(ti.OwnerID != AgentId)
		5143	break;
		5144
		5145	if((ti.OwnerMask & ((uint)PermissionMask.Modify\| (uint)PermissionMask.Copy \| (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify\| (uint)PermissionMask.Copy \| (uint)PermissionMask.Transfer))
		5146	break;
		5147
		5148	if(ti.AssetID != requestID)
		5149	break;
		5150	}
		5151	else // Agent
		5152	{
		5153	CachedUserInfo userInfo = ((Scene)m_scene).CommsManager.UserProfileCacheService.GetUserDetails(AgentId);
		5154	if(userInfo == null)
		5155	break;
		5156
		5157	if(userInfo.RootFolder == null)
		5158	break;
		5159
		5160	InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(itemID);
		5161	if(assetRequestItem == null)
		5162	return;
		5163
		5164	if((assetRequestItem.CurrentPermissions & ((uint)PermissionMask.Modify\| (uint)PermissionMask.Copy \| (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify\| (uint)PermissionMask.Copy \| (uint)PermissionMask.Transfer))
		5165	break;
		5166	if(assetRequestItem.AssetID != requestID)
		5167	break;
		5168	}
		5169	}
		5170	}
		5171
5113	m_assetCache.AddAssetRequest(this, transfer);	5172	m_assetCache.AddAssetRequest(this, transfer);
5114	/* RequestAsset = OnRequestAsset;	5173	/* RequestAsset = OnRequestAsset;
5115	if (RequestAsset != null)	5174	if (RequestAsset != null)


diff --git a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs index f571408..41bb610 100644 --- a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs
@@ -602,7 +602,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions
602	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	602	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
603	if (m_bypassPermissions) return m_bypassPermissionsValue;	603	if (m_bypassPermissions) return m_bypassPermissionsValue;
604		604
605	return true;	605	return false;
606	}	606	}
607		607
608	private bool CanEditNotecard(LLUUID notecard, LLUUID objectID, LLUUID user, Scene scene)	608	private bool CanEditNotecard(LLUUID notecard, LLUUID objectID, LLUUID user, Scene scene)