diff options
author | teravus | 2013-10-07 21:35:55 -0500 |
---|---|---|
committer | teravus | 2013-10-07 21:35:55 -0500 |
commit | f76cc6036ebf446553ee5201321879538dafe3b2 (patch) | |
tree | 7e33eee605c3baf04a16422f06ac3986f0f27eaa /OpenSim/Server/Handlers | |
parent | * Added a unique and interesting WebSocket grid login processor by hijacking ... (diff) | |
download | opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.zip opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.tar.gz opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.tar.bz2 opensim-SC_OLD-f76cc6036ebf446553ee5201321879538dafe3b2.tar.xz |
* Added a Basic DOS protection container/base object for the most common HTTP Server handlers. XMLRPC Handler, GenericHttpHandler and <Various>StreamHandler
* Applied the XmlRpcBasicDOSProtector.cs to the login service as both an example, and good practice.
* Applied the BaseStreamHandlerBasicDOSProtector.cs to the friends service as an example of the DOS Protector on StreamHandlers
* Added CircularBuffer, used for CPU and Memory friendly rate monitoring.
* DosProtector has 2 states, 1. Just Check for blocked users and check general velocity, 2. Track velocity per user, It only jumps to 2 if it's getting a lot of requests, and state 1 is about as resource friendly as if it wasn't even there.
Diffstat (limited to 'OpenSim/Server/Handlers')
-rw-r--r-- | OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs | 12 | ||||
-rw-r--r-- | OpenSim/Server/Handlers/Login/LLLoginHandlers.cs | 11 | ||||
-rw-r--r-- | OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs | 15 |
3 files changed, 35 insertions, 3 deletions
diff --git a/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs b/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs index 8b23a83..0bd0235 100644 --- a/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs +++ b/OpenSim/Server/Handlers/Asset/AssetServerGetHandler.cs | |||
@@ -42,14 +42,22 @@ using OpenSim.Framework.Servers.HttpServer; | |||
42 | 42 | ||
43 | namespace OpenSim.Server.Handlers.Asset | 43 | namespace OpenSim.Server.Handlers.Asset |
44 | { | 44 | { |
45 | public class AssetServerGetHandler : BaseStreamHandler | 45 | public class AssetServerGetHandler : BaseStreamHandlerBasicDOSProtector |
46 | { | 46 | { |
47 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 47 | // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
48 | 48 | ||
49 | private IAssetService m_AssetService; | 49 | private IAssetService m_AssetService; |
50 | 50 | ||
51 | public AssetServerGetHandler(IAssetService service) : | 51 | public AssetServerGetHandler(IAssetService service) : |
52 | base("GET", "/assets") | 52 | base("GET", "/assets",new BasicDosProtectorOptions() |
53 | { | ||
54 | AllowXForwardedFor = true, | ||
55 | ForgetTimeSpan = TimeSpan.FromSeconds(2), | ||
56 | MaxRequestsInTimeframe = 5, | ||
57 | ReportingName = "ASSETGETDOSPROTECTOR", | ||
58 | RequestTimeSpan = TimeSpan.FromSeconds(5), | ||
59 | ThrottledAction = ThrottleAction.DoThrottledMethod | ||
60 | }) | ||
53 | { | 61 | { |
54 | m_AssetService = service; | 62 | m_AssetService = service; |
55 | } | 63 | } |
diff --git a/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs b/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs index e4a0ffa..f2a5678 100644 --- a/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs +++ b/OpenSim/Server/Handlers/Login/LLLoginHandlers.cs | |||
@@ -145,6 +145,17 @@ namespace OpenSim.Server.Handlers.Login | |||
145 | return FailedXMLRPCResponse(); | 145 | return FailedXMLRPCResponse(); |
146 | 146 | ||
147 | } | 147 | } |
148 | public XmlRpcResponse HandleXMLRPCLoginBlocked(XmlRpcRequest request, IPEndPoint client) | ||
149 | { | ||
150 | XmlRpcResponse response = new XmlRpcResponse(); | ||
151 | Hashtable resp = new Hashtable(); | ||
152 | |||
153 | resp["reason"] = "presence"; | ||
154 | resp["message"] = "Logins are currently restricted. Please try again later."; | ||
155 | resp["login"] = "false"; | ||
156 | response.Value = resp; | ||
157 | return response; | ||
158 | } | ||
148 | 159 | ||
149 | public XmlRpcResponse HandleXMLRPCSetLoginLevel(XmlRpcRequest request, IPEndPoint remoteClient) | 160 | public XmlRpcResponse HandleXMLRPCSetLoginLevel(XmlRpcRequest request, IPEndPoint remoteClient) |
150 | { | 161 | { |
diff --git a/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs b/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs index 97e8295..f60e892 100644 --- a/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs +++ b/OpenSim/Server/Handlers/Login/LLLoginServiceInConnector.cs | |||
@@ -44,6 +44,7 @@ namespace OpenSim.Server.Handlers.Login | |||
44 | 44 | ||
45 | private ILoginService m_LoginService; | 45 | private ILoginService m_LoginService; |
46 | private bool m_Proxy; | 46 | private bool m_Proxy; |
47 | private BasicDosProtectorOptions m_DosProtectionOptions; | ||
47 | 48 | ||
48 | public LLLoginServiceInConnector(IConfigSource config, IHttpServer server, IScene scene) : | 49 | public LLLoginServiceInConnector(IConfigSource config, IHttpServer server, IScene scene) : |
49 | base(config, server, String.Empty) | 50 | base(config, server, String.Empty) |
@@ -88,6 +89,16 @@ namespace OpenSim.Server.Handlers.Login | |||
88 | throw new Exception(String.Format("No LocalServiceModule for LoginService in config file")); | 89 | throw new Exception(String.Format("No LocalServiceModule for LoginService in config file")); |
89 | 90 | ||
90 | m_Proxy = serverConfig.GetBoolean("HasProxy", false); | 91 | m_Proxy = serverConfig.GetBoolean("HasProxy", false); |
92 | m_DosProtectionOptions = new BasicDosProtectorOptions(); | ||
93 | // Dos Protection Options | ||
94 | m_DosProtectionOptions.AllowXForwardedFor = serverConfig.GetBoolean("DOSAllowXForwardedForHeader", false); | ||
95 | m_DosProtectionOptions.RequestTimeSpan = | ||
96 | TimeSpan.FromMilliseconds(serverConfig.GetInt("DOSRequestTimeFrameMS", 10000)); | ||
97 | m_DosProtectionOptions.MaxRequestsInTimeframe = serverConfig.GetInt("DOSMaxRequestsInTimeFrame", 5); | ||
98 | m_DosProtectionOptions.ForgetTimeSpan = | ||
99 | TimeSpan.FromMilliseconds(serverConfig.GetInt("DOSForgiveClientAfterMS", 120000)); | ||
100 | m_DosProtectionOptions.ReportingName = "LOGINDOSPROTECTION"; | ||
101 | |||
91 | 102 | ||
92 | return loginService; | 103 | return loginService; |
93 | } | 104 | } |
@@ -95,7 +106,9 @@ namespace OpenSim.Server.Handlers.Login | |||
95 | private void InitializeHandlers(IHttpServer server) | 106 | private void InitializeHandlers(IHttpServer server) |
96 | { | 107 | { |
97 | LLLoginHandlers loginHandlers = new LLLoginHandlers(m_LoginService, m_Proxy); | 108 | LLLoginHandlers loginHandlers = new LLLoginHandlers(m_LoginService, m_Proxy); |
98 | server.AddXmlRPCHandler("login_to_simulator", loginHandlers.HandleXMLRPCLogin, false); | 109 | server.AddXmlRPCHandler("login_to_simulator", |
110 | new XmlRpcBasicDOSProtector(loginHandlers.HandleXMLRPCLogin,loginHandlers.HandleXMLRPCLoginBlocked, | ||
111 | m_DosProtectionOptions).Process, false); | ||
99 | server.AddXmlRPCHandler("set_login_level", loginHandlers.HandleXMLRPCSetLoginLevel, false); | 112 | server.AddXmlRPCHandler("set_login_level", loginHandlers.HandleXMLRPCSetLoginLevel, false); |
100 | server.SetDefaultLLSDHandler(loginHandlers.HandleLLSDLogin); | 113 | server.SetDefaultLLSDHandler(loginHandlers.HandleLLSDLogin); |
101 | server.AddWebSocketHandler("/WebSocket/GridLogin", loginHandlers.HandleWebSocketLoginEvents); | 114 | server.AddWebSocketHandler("/WebSocket/GridLogin", loginHandlers.HandleWebSocketLoginEvents); |