aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
-rw-r--r--OpenSim/Framework/InventoryConfig.cs6
-rw-r--r--OpenSim/Grid/InventoryServer/GridInventoryService.cs77
-rw-r--r--OpenSim/Grid/InventoryServer/Main.cs1
3 files changed, 57 insertions, 27 deletions
diff --git a/OpenSim/Framework/InventoryConfig.cs b/OpenSim/Framework/InventoryConfig.cs
index 9f182b3..66719c6 100644
--- a/OpenSim/Framework/InventoryConfig.cs
+++ b/OpenSim/Framework/InventoryConfig.cs
@@ -44,6 +44,7 @@ namespace OpenSim.Framework
44 public string UserRecvKey = String.Empty; 44 public string UserRecvKey = String.Empty;
45 public string UserSendKey = String.Empty; 45 public string UserSendKey = String.Empty;
46 public string UserServerURL = String.Empty; 46 public string UserServerURL = String.Empty;
47 public bool SessionLookUp = true;
47 48
48 public InventoryConfig(string description, string filename) 49 public InventoryConfig(string description, string filename)
49 { 50 {
@@ -71,6 +72,8 @@ namespace OpenSim.Framework
71 "Database Connect String", "", false); 72 "Database Connect String", "", false);
72 configMember.addConfigurationOption("http_port", ConfigurationOption.ConfigurationTypes.TYPE_UINT32, 73 configMember.addConfigurationOption("http_port", ConfigurationOption.ConfigurationTypes.TYPE_UINT32,
73 "Http Listener port", DefaultHttpPort.ToString(), false); 74 "Http Listener port", DefaultHttpPort.ToString(), false);
75 configMember.addConfigurationOption("session_lookup", ConfigurationOption.ConfigurationTypes.TYPE_BOOLEAN,
76 "Enable Session lookup security", "True", false);
74 } 77 }
75 78
76 public bool handleIncomingConfiguration(string configuration_key, object configuration_result) 79 public bool handleIncomingConfiguration(string configuration_key, object configuration_result)
@@ -98,6 +101,9 @@ namespace OpenSim.Framework
98 case "http_port": 101 case "http_port":
99 HttpPort = (uint) configuration_result; 102 HttpPort = (uint) configuration_result;
100 break; 103 break;
104 case "session_lookup":
105 SessionLookUp = (bool)configuration_result;
106 break;
101 } 107 }
102 108
103 return true; 109 return true;
diff --git a/OpenSim/Grid/InventoryServer/GridInventoryService.cs b/OpenSim/Grid/InventoryServer/GridInventoryService.cs
index 63eeced..46841c3 100644
--- a/OpenSim/Grid/InventoryServer/GridInventoryService.cs
+++ b/OpenSim/Grid/InventoryServer/GridInventoryService.cs
@@ -47,6 +47,13 @@ namespace OpenSim.Grid.InventoryServer
47 /// </summary> 47 /// </summary>
48 public class GridInventoryService : InventoryServiceBase 48 public class GridInventoryService : InventoryServiceBase
49 { 49 {
50 private bool m_doLookup = false;
51
52 public bool DoLookup
53 {
54 get { return m_doLookup; }
55 set { m_doLookup = value; }
56 }
50 private static readonly ILog m_log 57 private static readonly ILog m_log
51 = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); 58 = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
52 private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs 59 private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs
@@ -61,48 +68,64 @@ namespace OpenSim.Grid.InventoryServer
61 68
62 public bool CheckTrustSource(IPEndPoint peer) 69 public bool CheckTrustSource(IPEndPoint peer)
63 { 70 {
64 m_log.InfoFormat("[GRID AGENT INVENTORY]: checking trusted source {0}", peer.ToString()); 71 if (m_doLookup)
65 UriBuilder ub = new UriBuilder(m_userserver_url); 72 {
66 IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host); 73 m_log.InfoFormat("[GRID AGENT INVENTORY]: checking trusted source {0}", peer.ToString());
67 foreach (IPAddress uaddr in uaddrs) { 74 UriBuilder ub = new UriBuilder(m_userserver_url);
68 if (uaddr.Equals(peer.Address)) { 75 IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host);
69 return true; 76 foreach (IPAddress uaddr in uaddrs)
77 {
78 if (uaddr.Equals(peer.Address))
79 {
80 return true;
81 }
70 } 82 }
83 return false;
84 }
85 else
86 {
87 return true;
71 } 88 }
72 return false;
73 } 89 }
74 90
75 public bool CheckAuthSession(string session_id, string avatar_id) 91 public bool CheckAuthSession(string session_id, string avatar_id)
76 { 92 {
77 m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id); 93 if (m_doLookup)
78 if (m_session_cache.getCachedSession(session_id, avatar_id) == null)
79 { 94 {
80 // cache miss, ask userserver 95 m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id);
81 Hashtable requestData = new Hashtable(); 96 if (m_session_cache.getCachedSession(session_id, avatar_id) == null)
82 requestData["avatar_uuid"] = avatar_id; 97 {
83 requestData["session_id"] = session_id; 98 // cache miss, ask userserver
84 ArrayList SendParams = new ArrayList(); 99 Hashtable requestData = new Hashtable();
85 SendParams.Add(requestData); 100 requestData["avatar_uuid"] = avatar_id;
86 XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams); 101 requestData["session_id"] = session_id;
87 XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000); 102 ArrayList SendParams = new ArrayList();
88 103 SendParams.Add(requestData);
89 Hashtable responseData = (Hashtable)UserResp.Value; 104 XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams);
90 if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE") 105 XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000);
106
107 Hashtable responseData = (Hashtable)UserResp.Value;
108 if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE")
109 {
110 m_log.Info("[GRID AGENT INVENTORY]: got authed session from userserver");
111 // add to cache; the session time will be automatically renewed
112 m_session_cache.Add(session_id, avatar_id);
113 return true;
114 }
115 }
116 else
91 { 117 {
92 m_log.Info("[GRID AGENT INVENTORY]: got authed session from userserver"); 118 // cache hits
93 // add to cache; the session time will be automatically renewed 119 m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache");
94 m_session_cache.Add(session_id, avatar_id);
95 return true; 120 return true;
96 } 121 }
122 m_log.Info("[GRID AGENT INVENTORY]: unknown session_id, request rejected");
123 return false;
97 } 124 }
98 else 125 else
99 { 126 {
100 // cache hits
101 m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache");
102 return true; 127 return true;
103 } 128 }
104 m_log.Info("[GRID AGENT INVENTORY]: unknown session_id, request rejected");
105 return false;
106 } 129 }
107 130
108 public override void RequestInventoryForUser(LLUUID userID, InventoryReceiptCallback callback) 131 public override void RequestInventoryForUser(LLUUID userID, InventoryReceiptCallback callback)
diff --git a/OpenSim/Grid/InventoryServer/Main.cs b/OpenSim/Grid/InventoryServer/Main.cs
index 138aa1a..67889ac 100644
--- a/OpenSim/Grid/InventoryServer/Main.cs
+++ b/OpenSim/Grid/InventoryServer/Main.cs
@@ -72,6 +72,7 @@ namespace OpenSim.Grid.InventoryServer
72 72
73 //m_inventoryService = new GridInventoryService(); 73 //m_inventoryService = new GridInventoryService();
74 m_inventoryService = new GridInventoryService(m_config.UserServerURL); 74 m_inventoryService = new GridInventoryService(m_config.UserServerURL);
75 m_inventoryService.DoLookup = m_config.SessionLookUp;
75 m_inventoryService.AddPlugin(m_config.DatabaseProvider, m_config.DatabaseConnect); 76 m_inventoryService.AddPlugin(m_config.DatabaseProvider, m_config.DatabaseConnect);
76 77
77 m_log.Info("[" + LogName + "]: Starting HTTP server ..."); 78 m_log.Info("[" + LogName + "]: Starting HTTP server ...");