aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region/CoreModules/Hypergrid
diff options
context:
space:
mode:
authordiva2009-04-14 19:35:35 +0000
committerdiva2009-04-14 19:35:35 +0000
commit0413d052a3ec541164049e7d39278c57fb92ed06 (patch)
tree9a58c9c51487278d67e1ad9b3a60668769434001 /OpenSim/Region/CoreModules/Hypergrid
parent* Make archiver tests pump the asset server manually instead of starting the ... (diff)
downloadopensim-SC_OLD-0413d052a3ec541164049e7d39278c57fb92ed06.zip
opensim-SC_OLD-0413d052a3ec541164049e7d39278c57fb92ed06.tar.gz
opensim-SC_OLD-0413d052a3ec541164049e7d39278c57fb92ed06.tar.bz2
opensim-SC_OLD-0413d052a3ec541164049e7d39278c57fb92ed06.tar.xz
Adds session authentication upon NewUserConnections. Adds user key authentication (in safemode only) upon CreateChildAgents. All of this for Hypergrid users too. This addresses assorted spoofing vulnerabilities.
Diffstat (limited to 'OpenSim/Region/CoreModules/Hypergrid')
-rw-r--r--OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs2
-rw-r--r--OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs3
2 files changed, 3 insertions, 2 deletions
diff --git a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs
index 3675583..f0d70a7 100644
--- a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs
+++ b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneInventoryModule.cs
@@ -93,7 +93,7 @@ namespace OpenSim.Region.CoreModules.Hypergrid
93 93
94 m_inventoryService = new HGInventoryService(m_inventoryBase, 94 m_inventoryService = new HGInventoryService(m_inventoryBase,
95 ((AssetServerBase)m_scene.CommsManager.AssetCache.AssetServer).AssetProviderPlugin, 95 ((AssetServerBase)m_scene.CommsManager.AssetCache.AssetServer).AssetProviderPlugin,
96 (UserManagerBase)m_scene.CommsManager.UserService, m_scene.CommsManager.HttpServer, 96 (UserManagerBase)m_scene.CommsManager.UserAdminService, m_scene.CommsManager.HttpServer,
97 m_scene.CommsManager.NetworkServersInfo.InventoryURL); 97 m_scene.CommsManager.NetworkServersInfo.InventoryURL);
98 98
99 AddHttpHandlers(m_scene.CommsManager.HttpServer); 99 AddHttpHandlers(m_scene.CommsManager.HttpServer);
diff --git a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs
index f0e957b..c458b89 100644
--- a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs
+++ b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs
@@ -104,11 +104,12 @@ namespace OpenSim.Region.CoreModules.Hypergrid
104 IHttpServer httpServer = m_firstScene.CommsManager.HttpServer; 104 IHttpServer httpServer = m_firstScene.CommsManager.HttpServer;
105 105
106 //TODO: fix the casting of the user service, maybe by registering the userManagerBase with scenes, or refactoring so we just need a IUserService reference 106 //TODO: fix the casting of the user service, maybe by registering the userManagerBase with scenes, or refactoring so we just need a IUserService reference
107 m_loginService = new HGLoginAuthService((UserManagerBase)m_firstScene.CommsManager.UserService, welcomeMessage, m_firstScene.CommsManager.InterServiceInventoryService, m_firstScene.CommsManager.NetworkServersInfo, authenticate, rootFolder, this); 107 m_loginService = new HGLoginAuthService((UserManagerBase)m_firstScene.CommsManager.UserAdminService, welcomeMessage, m_firstScene.CommsManager.InterServiceInventoryService, m_firstScene.CommsManager.NetworkServersInfo, authenticate, rootFolder, this);
108 108
109 httpServer.AddXmlRPCHandler("hg_login", m_loginService.XmlRpcLoginMethod); 109 httpServer.AddXmlRPCHandler("hg_login", m_loginService.XmlRpcLoginMethod);
110 httpServer.AddXmlRPCHandler("hg_new_auth_key", m_loginService.XmlRpcGenerateKeyMethod); 110 httpServer.AddXmlRPCHandler("hg_new_auth_key", m_loginService.XmlRpcGenerateKeyMethod);
111 httpServer.AddXmlRPCHandler("hg_verify_auth_key", m_loginService.XmlRpcVerifyKeyMethod); 111 httpServer.AddXmlRPCHandler("hg_verify_auth_key", m_loginService.XmlRpcVerifyKeyMethod);
112 httpServer.AddXmlRPCHandler("check_auth_session", m_loginService.XmlRPCCheckAuthSession);
112 113
113 } 114 }
114 } 115 }