aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region
diff options
context:
space:
mode:
authordiva2009-04-14 22:24:26 +0000
committerdiva2009-04-14 22:24:26 +0000
commite3d4814971ecfb6242395942bdbf449ce55ab6b1 (patch)
tree0d14310aa319ce4ddcc1805125c0903f473bd624 /OpenSim/Region
parentFix a test-breakage introduced in r9144 (diff)
downloadopensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.zip
opensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.tar.gz
opensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.tar.bz2
opensim-SC_OLD-e3d4814971ecfb6242395942bdbf449ce55ab6b1.tar.xz
One less vulnerability in the HG: detecting foreign users trying to come in with local user IDs. If that happened by accident, too bad, foreign user can't come in with that ID. This test is a consequence of not having truly global names yet.
Diffstat (limited to 'OpenSim/Region')
-rw-r--r--OpenSim/Region/Communications/Hypergrid/HGGridServices.cs14
1 files changed, 13 insertions, 1 deletions
diff --git a/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs b/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs
index 955dd05..632ea83 100644
--- a/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs
+++ b/OpenSim/Region/Communications/Hypergrid/HGGridServices.cs
@@ -745,9 +745,21 @@ namespace OpenSim.Region.Communications.Hypergrid
745 m_log.Debug("[HGrid]: home_address: " + userData.UserHomeAddress + 745 m_log.Debug("[HGrid]: home_address: " + userData.UserHomeAddress +
746 "; home_port: " + userData.UserHomePort + "; remoting: " + userData.UserHomeRemotingPort); 746 "; home_port: " + userData.UserHomePort + "; remoting: " + userData.UserHomeRemotingPort);
747 747
748
749 XmlRpcResponse resp = new XmlRpcResponse(); 748 XmlRpcResponse resp = new XmlRpcResponse();
750 749
750 // Let's check if someone is trying to get in with a stolen local identity.
751 // The need for this test is a consequence of not having truly global names :-/
752 CachedUserInfo uinfo = m_userProfileCache.GetUserDetails(userData.ID);
753 if ((uinfo != null) && !(uinfo.UserProfile is ForeignUserProfileData))
754 {
755 m_log.WarnFormat("[HGrid]: Foreign user trying to get in with local identity. Access denied.");
756 Hashtable respdata = new Hashtable();
757 respdata["success"] = "FALSE";
758 respdata["reason"] = "Foreign user has the same ID as a local user.";
759 resp.Value = respdata;
760 return resp;
761 }
762
751 if (!RegionLoginsEnabled) 763 if (!RegionLoginsEnabled)
752 { 764 {
753 m_log.InfoFormat( 765 m_log.InfoFormat(