diff options
author | diva | 2009-04-14 22:24:26 +0000 |
---|---|---|
committer | diva | 2009-04-14 22:24:26 +0000 |
commit | e3d4814971ecfb6242395942bdbf449ce55ab6b1 (patch) | |
tree | 0d14310aa319ce4ddcc1805125c0903f473bd624 /OpenSim/Region | |
parent | Fix a test-breakage introduced in r9144 (diff) | |
download | opensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.zip opensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.tar.gz opensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.tar.bz2 opensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.tar.xz |
One less vulnerability in the HG: detecting foreign users trying to come in with local user IDs. If that happened by accident, too bad, foreign user can't come in with that ID. This test is a consequence of not having truly global names yet.
Diffstat (limited to 'OpenSim/Region')
-rw-r--r-- | OpenSim/Region/Communications/Hypergrid/HGGridServices.cs | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs b/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs index 955dd05..632ea83 100644 --- a/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs +++ b/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs | |||
@@ -745,9 +745,21 @@ namespace OpenSim.Region.Communications.Hypergrid | |||
745 | m_log.Debug("[HGrid]: home_address: " + userData.UserHomeAddress + | 745 | m_log.Debug("[HGrid]: home_address: " + userData.UserHomeAddress + |
746 | "; home_port: " + userData.UserHomePort + "; remoting: " + userData.UserHomeRemotingPort); | 746 | "; home_port: " + userData.UserHomePort + "; remoting: " + userData.UserHomeRemotingPort); |
747 | 747 | ||
748 | |||
749 | XmlRpcResponse resp = new XmlRpcResponse(); | 748 | XmlRpcResponse resp = new XmlRpcResponse(); |
750 | 749 | ||
750 | // Let's check if someone is trying to get in with a stolen local identity. | ||
751 | // The need for this test is a consequence of not having truly global names :-/ | ||
752 | CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userData.ID); | ||
753 | if ((uinfo != null) && !(uinfo.UserProfile is ForeignUserProfileData)) | ||
754 | { | ||
755 | m_log.WarnFormat("[HGrid]: Foreign user trying to get in with local identity. Access denied."); | ||
756 | Hashtable respdata = new Hashtable(); | ||
757 | respdata["success"] = "FALSE"; | ||
758 | respdata["reason"] = "Foreign user has the same ID as a local user."; | ||
759 | resp.Value = respdata; | ||
760 | return resp; | ||
761 | } | ||
762 | |||
751 | if (!RegionLoginsEnabled) | 763 | if (!RegionLoginsEnabled) |
752 | { | 764 | { |
753 | m_log.InfoFormat( | 765 | m_log.InfoFormat( |