diff options
author | Justin Clarke Casey | 2008-08-09 17:09:37 +0000 |
---|---|---|
committer | Justin Clarke Casey | 2008-08-09 17:09:37 +0000 |
commit | adfccd0ee02fd3276c6ff35cf3e590c66d46b202 (patch) | |
tree | 43af7083fc9ee84357c4e367bab57efb4d228554 /OpenSim | |
parent | * Shielded against various forms of Malformed data crashes - if there is an e... (diff) | |
download | opensim-SC_OLD-adfccd0ee02fd3276c6ff35cf3e590c66d46b202.zip opensim-SC_OLD-adfccd0ee02fd3276c6ff35cf3e590c66d46b202.tar.gz opensim-SC_OLD-adfccd0ee02fd3276c6ff35cf3e590c66d46b202.tar.bz2 opensim-SC_OLD-adfccd0ee02fd3276c6ff35cf3e590c66d46b202.tar.xz |
* Add line to log notifying of inventory -> user grid server trust failure
* add code comments
Diffstat (limited to 'OpenSim')
-rw-r--r-- | OpenSim/Framework/Servers/RestSessionService.cs | 15 | ||||
-rw-r--r-- | OpenSim/Grid/InventoryServer/GridInventoryService.cs | 25 |
2 files changed, 36 insertions, 4 deletions
diff --git a/OpenSim/Framework/Servers/RestSessionService.cs b/OpenSim/Framework/Servers/RestSessionService.cs index 3c79844..1ed349f 100644 --- a/OpenSim/Framework/Servers/RestSessionService.cs +++ b/OpenSim/Framework/Servers/RestSessionService.cs | |||
@@ -150,7 +150,9 @@ namespace OpenSim.Framework.Servers | |||
150 | private RestDeserialiseMethod<TRequest, TResponse> m_method; | 150 | private RestDeserialiseMethod<TRequest, TResponse> m_method; |
151 | private CheckIdentityMethod m_smethod; | 151 | private CheckIdentityMethod m_smethod; |
152 | 152 | ||
153 | public RestDeserialiseSecureHandler(string httpMethod, string path, RestDeserialiseMethod<TRequest, TResponse> method, CheckIdentityMethod smethod) | 153 | public RestDeserialiseSecureHandler( |
154 | string httpMethod, string path, | ||
155 | RestDeserialiseMethod<TRequest, TResponse> method, CheckIdentityMethod smethod) | ||
154 | : base(httpMethod, path) | 156 | : base(httpMethod, path) |
155 | { | 157 | { |
156 | m_smethod = smethod; | 158 | m_smethod = smethod; |
@@ -186,7 +188,18 @@ namespace OpenSim.Framework.Servers | |||
186 | public class RestDeserialiseTrustedHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler | 188 | public class RestDeserialiseTrustedHandler<TRequest, TResponse> : BaseRequestHandler, IStreamHandler |
187 | where TRequest : new() | 189 | where TRequest : new() |
188 | { | 190 | { |
191 | /// <summary> | ||
192 | /// The operation to perform once trust has been established. | ||
193 | /// </summary> | ||
194 | /// <param name="httpMethod"></param> | ||
195 | /// <param name="path"></param> | ||
196 | /// <param name="method"></param> | ||
197 | /// <param name="tmethod"></param> | ||
189 | private RestDeserialiseMethod<TRequest, TResponse> m_method; | 198 | private RestDeserialiseMethod<TRequest, TResponse> m_method; |
199 | |||
200 | /// <summary> | ||
201 | /// The method used to check whether a request is trusted. | ||
202 | /// </summary> | ||
190 | private CheckTrustedSourceMethod m_tmethod; | 203 | private CheckTrustedSourceMethod m_tmethod; |
191 | 204 | ||
192 | public RestDeserialiseTrustedHandler(string httpMethod, string path, RestDeserialiseMethod<TRequest, TResponse> method, CheckTrustedSourceMethod tmethod) | 205 | public RestDeserialiseTrustedHandler(string httpMethod, string path, RestDeserialiseMethod<TRequest, TResponse> method, CheckTrustedSourceMethod tmethod) |
diff --git a/OpenSim/Grid/InventoryServer/GridInventoryService.cs b/OpenSim/Grid/InventoryServer/GridInventoryService.cs index 46841c3..643cf4d 100644 --- a/OpenSim/Grid/InventoryServer/GridInventoryService.cs +++ b/OpenSim/Grid/InventoryServer/GridInventoryService.cs | |||
@@ -66,11 +66,16 @@ namespace OpenSim.Grid.InventoryServer | |||
66 | m_userserver_url = userserver_url; | 66 | m_userserver_url = userserver_url; |
67 | } | 67 | } |
68 | 68 | ||
69 | /// <summary> | ||
70 | /// Check that the source of an inventory request is one that we trust. | ||
71 | /// </summary> | ||
72 | /// <param name="peer"></param> | ||
73 | /// <returns></returns> | ||
69 | public bool CheckTrustSource(IPEndPoint peer) | 74 | public bool CheckTrustSource(IPEndPoint peer) |
70 | { | 75 | { |
71 | if (m_doLookup) | 76 | if (m_doLookup) |
72 | { | 77 | { |
73 | m_log.InfoFormat("[GRID AGENT INVENTORY]: checking trusted source {0}", peer.ToString()); | 78 | m_log.InfoFormat("[GRID AGENT INVENTORY]: Checking trusted source {0}", peer); |
74 | UriBuilder ub = new UriBuilder(m_userserver_url); | 79 | UriBuilder ub = new UriBuilder(m_userserver_url); |
75 | IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host); | 80 | IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host); |
76 | foreach (IPAddress uaddr in uaddrs) | 81 | foreach (IPAddress uaddr in uaddrs) |
@@ -79,7 +84,12 @@ namespace OpenSim.Grid.InventoryServer | |||
79 | { | 84 | { |
80 | return true; | 85 | return true; |
81 | } | 86 | } |
82 | } | 87 | } |
88 | |||
89 | m_log.WarnFormat( | ||
90 | "[GRID AGENT INVENTORY]: Rejecting request since source {0} was not in the list of trusted sources", | ||
91 | peer); | ||
92 | |||
83 | return false; | 93 | return false; |
84 | } | 94 | } |
85 | else | 95 | else |
@@ -88,11 +98,19 @@ namespace OpenSim.Grid.InventoryServer | |||
88 | } | 98 | } |
89 | } | 99 | } |
90 | 100 | ||
101 | /// <summary> | ||
102 | /// Check that the source of an inventory request for a particular agent is a current session belonging to | ||
103 | /// that agent. | ||
104 | /// </summary> | ||
105 | /// <param name="session_id"></param> | ||
106 | /// <param name="avatar_id"></param> | ||
107 | /// <returns></returns> | ||
91 | public bool CheckAuthSession(string session_id, string avatar_id) | 108 | public bool CheckAuthSession(string session_id, string avatar_id) |
92 | { | 109 | { |
93 | if (m_doLookup) | 110 | if (m_doLookup) |
94 | { | 111 | { |
95 | m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id); | 112 | m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id); |
113 | |||
96 | if (m_session_cache.getCachedSession(session_id, avatar_id) == null) | 114 | if (m_session_cache.getCachedSession(session_id, avatar_id) == null) |
97 | { | 115 | { |
98 | // cache miss, ask userserver | 116 | // cache miss, ask userserver |
@@ -119,7 +137,8 @@ namespace OpenSim.Grid.InventoryServer | |||
119 | m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache"); | 137 | m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache"); |
120 | return true; | 138 | return true; |
121 | } | 139 | } |
122 | m_log.Info("[GRID AGENT INVENTORY]: unknown session_id, request rejected"); | 140 | |
141 | m_log.Warn("[GRID AGENT INVENTORY]: unknown session_id, request rejected"); | ||
123 | return false; | 142 | return false; |
124 | } | 143 | } |
125 | else | 144 | else |