diff options
author | Diva Canto | 2011-04-27 07:02:37 -0700 |
---|---|---|
committer | Diva Canto | 2011-04-27 07:02:37 -0700 |
commit | e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f (patch) | |
tree | 3f9b2bc869684c243ecb66ac99e2ce48098ee708 /OpenSim/Services | |
parent | Bump minimum required mono to 2.4.3 from 2.4.2. OpenSim fails at runtime bel... (diff) | |
download | opensim-SC_OLD-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.zip opensim-SC_OLD-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.tar.gz opensim-SC_OLD-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.tar.bz2 opensim-SC_OLD-e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f.tar.xz |
Thank you Snoopy for a patch that adds some filtering to client versions allowed at login and HG-login times. NOTE: additional (optional) configuration variables in [LoginService] and [GatekeeperService]. See .examples.
Diffstat (limited to 'OpenSim/Services')
-rw-r--r-- | OpenSim/Services/HypergridService/GatekeeperService.cs | 39 | ||||
-rw-r--r-- | OpenSim/Services/LLLoginService/LLLoginService.cs | 40 |
2 files changed, 74 insertions, 5 deletions
diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs index b66bfed..9385b8d 100644 --- a/OpenSim/Services/HypergridService/GatekeeperService.cs +++ b/OpenSim/Services/HypergridService/GatekeeperService.cs | |||
@@ -29,6 +29,7 @@ using System; | |||
29 | using System.Collections.Generic; | 29 | using System.Collections.Generic; |
30 | using System.Net; | 30 | using System.Net; |
31 | using System.Reflection; | 31 | using System.Reflection; |
32 | using System.Text.RegularExpressions; | ||
32 | 33 | ||
33 | using OpenSim.Framework; | 34 | using OpenSim.Framework; |
34 | using OpenSim.Services.Interfaces; | 35 | using OpenSim.Services.Interfaces; |
@@ -57,6 +58,9 @@ namespace OpenSim.Services.HypergridService | |||
57 | private static IUserAgentService m_UserAgentService; | 58 | private static IUserAgentService m_UserAgentService; |
58 | private static ISimulationService m_SimulationService; | 59 | private static ISimulationService m_SimulationService; |
59 | 60 | ||
61 | protected string m_AllowedClients = string.Empty; | ||
62 | protected string m_DeniedClients = string.Empty; | ||
63 | |||
60 | private static UUID m_ScopeID; | 64 | private static UUID m_ScopeID; |
61 | private static bool m_AllowTeleportsToAnyRegion; | 65 | private static bool m_AllowTeleportsToAnyRegion; |
62 | private static string m_ExternalName; | 66 | private static string m_ExternalName; |
@@ -104,6 +108,9 @@ namespace OpenSim.Services.HypergridService | |||
104 | else if (simulationService != string.Empty) | 108 | else if (simulationService != string.Empty) |
105 | m_SimulationService = ServerUtils.LoadPlugin<ISimulationService>(simulationService, args); | 109 | m_SimulationService = ServerUtils.LoadPlugin<ISimulationService>(simulationService, args); |
106 | 110 | ||
111 | m_AllowedClients = serverConfig.GetString("AllowedClients", string.Empty); | ||
112 | m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty); | ||
113 | |||
107 | if (m_GridService == null || m_PresenceService == null || m_SimulationService == null) | 114 | if (m_GridService == null || m_PresenceService == null || m_SimulationService == null) |
108 | throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); | 115 | throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function."); |
109 | 116 | ||
@@ -181,8 +188,36 @@ namespace OpenSim.Services.HypergridService | |||
181 | string authURL = string.Empty; | 188 | string authURL = string.Empty; |
182 | if (aCircuit.ServiceURLs.ContainsKey("HomeURI")) | 189 | if (aCircuit.ServiceURLs.ContainsKey("HomeURI")) |
183 | authURL = aCircuit.ServiceURLs["HomeURI"].ToString(); | 190 | authURL = aCircuit.ServiceURLs["HomeURI"].ToString(); |
184 | m_log.DebugFormat("[GATEKEEPER SERVICE]: Request to login foreign agent {0} {1} @ {2} ({3}) at destination {4}", | 191 | m_log.InfoFormat("[GATEKEEPER SERVICE]: Login request for {0} {1} @ {2} ({3}) at {4} using viewer {5}, channel {6}, IP {7}, Mac {8}, Id0 {9}", |
185 | aCircuit.firstname, aCircuit.lastname, authURL, aCircuit.AgentID, destination.RegionName); | 192 | aCircuit.firstname, aCircuit.lastname, authURL, aCircuit.AgentID, destination.RegionName, |
193 | aCircuit.Viewer, aCircuit.Channel, aCircuit.IPAddress, aCircuit.Mac, aCircuit.Id0); | ||
194 | |||
195 | // | ||
196 | // Check client | ||
197 | // | ||
198 | if (m_AllowedClients != string.Empty) | ||
199 | { | ||
200 | Regex arx = new Regex(m_AllowedClients); | ||
201 | Match am = arx.Match(aCircuit.Viewer); | ||
202 | |||
203 | if (!am.Success) | ||
204 | { | ||
205 | m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is not allowed", aCircuit.Viewer); | ||
206 | return false; | ||
207 | } | ||
208 | } | ||
209 | |||
210 | if (m_DeniedClients != string.Empty) | ||
211 | { | ||
212 | Regex drx = new Regex(m_DeniedClients); | ||
213 | Match dm = drx.Match(aCircuit.Viewer); | ||
214 | |||
215 | if (dm.Success) | ||
216 | { | ||
217 | m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is denied", aCircuit.Viewer); | ||
218 | return false; | ||
219 | } | ||
220 | } | ||
186 | 221 | ||
187 | // | 222 | // |
188 | // Authenticate the user | 223 | // Authenticate the user |
diff --git a/OpenSim/Services/LLLoginService/LLLoginService.cs b/OpenSim/Services/LLLoginService/LLLoginService.cs index d364aa4..9bcc3dd 100644 --- a/OpenSim/Services/LLLoginService/LLLoginService.cs +++ b/OpenSim/Services/LLLoginService/LLLoginService.cs | |||
@@ -77,7 +77,11 @@ namespace OpenSim.Services.LLLoginService | |||
77 | protected string m_MapTileURL; | 77 | protected string m_MapTileURL; |
78 | protected string m_SearchURL; | 78 | protected string m_SearchURL; |
79 | 79 | ||
80 | protected string m_AllowedClients; | ||
81 | protected string m_DeniedClients; | ||
82 | |||
80 | IConfig m_LoginServerConfig; | 83 | IConfig m_LoginServerConfig; |
84 | IConfig m_ClientsConfig; | ||
81 | 85 | ||
82 | public LLLoginService(IConfigSource config, ISimulationService simService, ILibraryService libraryService) | 86 | public LLLoginService(IConfigSource config, ISimulationService simService, ILibraryService libraryService) |
83 | { | 87 | { |
@@ -105,7 +109,10 @@ namespace OpenSim.Services.LLLoginService | |||
105 | m_GatekeeperURL = m_LoginServerConfig.GetString("GatekeeperURI", string.Empty); | 109 | m_GatekeeperURL = m_LoginServerConfig.GetString("GatekeeperURI", string.Empty); |
106 | m_MapTileURL = m_LoginServerConfig.GetString("MapTileURL", string.Empty); | 110 | m_MapTileURL = m_LoginServerConfig.GetString("MapTileURL", string.Empty); |
107 | m_SearchURL = m_LoginServerConfig.GetString("SearchURL", string.Empty); | 111 | m_SearchURL = m_LoginServerConfig.GetString("SearchURL", string.Empty); |
108 | 112 | ||
113 | m_AllowedClients = m_LoginServerConfig.GetString("AllowedClients", string.Empty); | ||
114 | m_DeniedClients = m_LoginServerConfig.GetString("DeniedClients", string.Empty); | ||
115 | |||
109 | // These are required; the others aren't | 116 | // These are required; the others aren't |
110 | if (accountService == string.Empty || authService == string.Empty) | 117 | if (accountService == string.Empty || authService == string.Empty) |
111 | throw new Exception("LoginService is missing service specifications"); | 118 | throw new Exception("LoginService is missing service specifications"); |
@@ -215,11 +222,38 @@ namespace OpenSim.Services.LLLoginService | |||
215 | bool success = false; | 222 | bool success = false; |
216 | UUID session = UUID.Random(); | 223 | UUID session = UUID.Random(); |
217 | 224 | ||
218 | m_log.InfoFormat("[LLOGIN SERVICE]: Login request for {0} {1} from {2} with user agent {3} starting in {4}", | 225 | m_log.InfoFormat("[LLOGIN SERVICE]: Login request for {0} {1} at {2} using viewer {3}, channel {4}, IP {5}, Mac {6}, Id0 {7}", |
219 | firstName, lastName, clientIP.Address.ToString(), clientVersion, startLocation); | 226 | firstName, lastName, startLocation, clientVersion, channel, clientIP.Address.ToString(), mac, id0); |
220 | try | 227 | try |
221 | { | 228 | { |
222 | // | 229 | // |
230 | // Check client | ||
231 | // | ||
232 | if (m_AllowedClients != string.Empty) | ||
233 | { | ||
234 | Regex arx = new Regex(m_AllowedClients); | ||
235 | Match am = arx.Match(clientVersion); | ||
236 | |||
237 | if (!am.Success) | ||
238 | { | ||
239 | m_log.InfoFormat("[LLOGIN SERVICE]: Login failed, reason: client {0} is not allowed", clientVersion); | ||
240 | return LLFailedLoginResponse.LoginBlockedProblem; | ||
241 | } | ||
242 | } | ||
243 | |||
244 | if (m_DeniedClients != string.Empty) | ||
245 | { | ||
246 | Regex drx = new Regex(m_DeniedClients); | ||
247 | Match dm = drx.Match(clientVersion); | ||
248 | |||
249 | if (dm.Success) | ||
250 | { | ||
251 | m_log.InfoFormat("[LLOGIN SERVICE]: Login failed, reason: client {0} is denied", clientVersion); | ||
252 | return LLFailedLoginResponse.LoginBlockedProblem; | ||
253 | } | ||
254 | } | ||
255 | |||
256 | // | ||
223 | // Get the account and check that it exists | 257 | // Get the account and check that it exists |
224 | // | 258 | // |
225 | UserAccount account = m_UserAccountService.GetUserAccount(scopeID, firstName, lastName); | 259 | UserAccount account = m_UserAccountService.GetUserAccount(scopeID, firstName, lastName); |