aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Grid
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/Grid')
-rw-r--r--OpenSim/Grid/InventoryServer/GridInventoryService.cs41
-rw-r--r--OpenSim/Grid/InventoryServer/Main.cs39
-rw-r--r--OpenSim/Grid/UserServer/Main.cs1
-rw-r--r--OpenSim/Grid/UserServer/UserManager.cs39
4 files changed, 101 insertions, 19 deletions
diff --git a/OpenSim/Grid/InventoryServer/GridInventoryService.cs b/OpenSim/Grid/InventoryServer/GridInventoryService.cs
index 5388263..78f33a3 100644
--- a/OpenSim/Grid/InventoryServer/GridInventoryService.cs
+++ b/OpenSim/Grid/InventoryServer/GridInventoryService.cs
@@ -26,12 +26,15 @@
26 */ 26 */
27 27
28using System; 28using System;
29using System.Collections;
29using System.Collections.Generic; 30using System.Collections.Generic;
30using System.Reflection; 31using System.Reflection;
31using System.Threading; 32using System.Threading;
33using System.Net;
32 34
33using libsecondlife; 35using libsecondlife;
34using log4net; 36using log4net;
37using Nwc.XmlRpc;
35 38
36using OpenSim.Framework; 39using OpenSim.Framework;
37using OpenSim.Framework.Communications; 40using OpenSim.Framework.Communications;
@@ -46,6 +49,44 @@ namespace OpenSim.Grid.InventoryServer
46 private static readonly ILog m_log 49 private static readonly ILog m_log
47 = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); 50 = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
48 51
52 private string m_userserver_url;
53
54 public GridInventoryService(string userserver_url)
55 {
56 m_userserver_url = userserver_url;
57 }
58
59 public bool CheckTrustSource(IPEndPoint peer)
60 {
61 m_log.InfoFormat("[GRID AGENT INVENTORY]: checking trusted source {0}", peer.ToString());
62 UriBuilder ub = new UriBuilder(m_userserver_url);
63 if (ub.Host == peer.Address.ToString())
64 {
65 return true;
66 }
67 return false;
68 }
69
70 public bool CheckAuthSession(string session_id, string avatar_id)
71 {
72 m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id);
73 Hashtable requestData = new Hashtable();
74 requestData["avatar_uuid"] = avatar_id;
75 requestData["session_id"] = session_id;
76 ArrayList SendParams = new ArrayList();
77 SendParams.Add(requestData);
78 XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams);
79 XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000);
80
81 Hashtable responseData = (Hashtable)UserResp.Value;
82
83 if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE")
84 {
85 return true;
86 }
87 return false;
88 }
89
49 public override void RequestInventoryForUser(LLUUID userID, InventoryReceiptCallback callback) 90 public override void RequestInventoryForUser(LLUUID userID, InventoryReceiptCallback callback)
50 { 91 {
51 } 92 }
diff --git a/OpenSim/Grid/InventoryServer/Main.cs b/OpenSim/Grid/InventoryServer/Main.cs
index 2ab1916..138aa1a 100644
--- a/OpenSim/Grid/InventoryServer/Main.cs
+++ b/OpenSim/Grid/InventoryServer/Main.cs
@@ -70,7 +70,8 @@ namespace OpenSim.Grid.InventoryServer
70 70
71 m_config = new InventoryConfig(LogName, (Path.Combine(Util.configDir(), "InventoryServer_Config.xml"))); 71 m_config = new InventoryConfig(LogName, (Path.Combine(Util.configDir(), "InventoryServer_Config.xml")));
72 72
73 m_inventoryService = new GridInventoryService(); 73 //m_inventoryService = new GridInventoryService();
74 m_inventoryService = new GridInventoryService(m_config.UserServerURL);
74 m_inventoryService.AddPlugin(m_config.DatabaseProvider, m_config.DatabaseConnect); 75 m_inventoryService.AddPlugin(m_config.DatabaseProvider, m_config.DatabaseConnect);
75 76
76 m_log.Info("[" + LogName + "]: Starting HTTP server ..."); 77 m_log.Info("[" + LogName + "]: Starting HTTP server ...");
@@ -85,36 +86,36 @@ namespace OpenSim.Grid.InventoryServer
85 protected void AddHttpHandlers() 86 protected void AddHttpHandlers()
86 { 87 {
87 m_httpServer.AddStreamHandler( 88 m_httpServer.AddStreamHandler(
88 new RestDeserialiseHandler<Guid, InventoryCollection>( 89 new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
89 "POST", "/GetInventory/", m_inventoryService.GetUserInventory)); 90 "POST", "/GetInventory/", m_inventoryService.GetUserInventory, m_inventoryService.CheckAuthSession));
90 91
91 m_httpServer.AddStreamHandler( 92 m_httpServer.AddStreamHandler(
92 new RestDeserialiseHandler<Guid, bool>( 93 new RestDeserialiseTrustedHandler<Guid, bool>(
93 "POST", "/CreateInventory/", m_inventoryService.CreateUsersInventory)); 94 "POST", "/CreateInventory/", m_inventoryService.CreateUsersInventory, m_inventoryService.CheckTrustSource));
94 95
95 m_httpServer.AddStreamHandler( 96 m_httpServer.AddStreamHandler(
96 new RestDeserialiseHandler<InventoryFolderBase, bool>( 97 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
97 "POST", "/NewFolder/", m_inventoryService.AddFolder)); 98 "POST", "/NewFolder/", m_inventoryService.AddFolder, m_inventoryService.CheckAuthSession));
98 99
99 m_httpServer.AddStreamHandler( 100 m_httpServer.AddStreamHandler(
100 new RestDeserialiseHandler<InventoryFolderBase, bool>( 101 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
101 "POST", "/UpdateFolder/", m_inventoryService.UpdateFolder)); 102 "POST", "/UpdateFolder/", m_inventoryService.UpdateFolder, m_inventoryService.CheckAuthSession));
102 103
103 m_httpServer.AddStreamHandler( 104 m_httpServer.AddStreamHandler(
104 new RestDeserialiseHandler<InventoryFolderBase, bool>( 105 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
105 "POST", "/MoveFolder/", m_inventoryService.MoveFolder)); 106 "POST", "/MoveFolder/", m_inventoryService.MoveFolder, m_inventoryService.CheckAuthSession));
106 107
107 m_httpServer.AddStreamHandler( 108 m_httpServer.AddStreamHandler(
108 new RestDeserialiseHandler<InventoryFolderBase, bool>( 109 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
109 "POST", "/PurgeFolder/", m_inventoryService.PurgeFolder)); 110 "POST", "/PurgeFolder/", m_inventoryService.PurgeFolder, m_inventoryService.CheckAuthSession));
110 111
111 m_httpServer.AddStreamHandler( 112 m_httpServer.AddStreamHandler(
112 new RestDeserialiseHandler<InventoryItemBase, bool>( 113 new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
113 "POST", "/NewItem/", m_inventoryService.AddItem)); 114 "POST", "/NewItem/", m_inventoryService.AddItem, m_inventoryService.CheckAuthSession));
114 115
115 m_httpServer.AddStreamHandler( 116 m_httpServer.AddStreamHandler(
116 new RestDeserialiseHandler<InventoryItemBase, bool>( 117 new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
117 "POST", "/DeleteItem/", m_inventoryService.DeleteItem)); 118 "POST", "/DeleteItem/", m_inventoryService.DeleteItem, m_inventoryService.CheckAuthSession));
118 119
119 // WARNING: Root folders no longer just delivers the root and immediate child folders (e.g 120 // WARNING: Root folders no longer just delivers the root and immediate child folders (e.g
120 // system folders such as Objects, Textures), but it now returns the entire inventory skeleton. 121 // system folders such as Objects, Textures), but it now returns the entire inventory skeleton.
@@ -122,8 +123,8 @@ namespace OpenSim.Grid.InventoryServer
122 // (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier 123 // (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier
123 // to do this for now. 124 // to do this for now.
124 m_httpServer.AddStreamHandler( 125 m_httpServer.AddStreamHandler(
125 new RestDeserialiseHandler<Guid, List<InventoryFolderBase>> 126 new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>>
126 ("POST", "/RootFolders/", m_inventoryService.GetInventorySkeleton)); 127 ("POST", "/RootFolders/", m_inventoryService.GetInventorySkeleton, m_inventoryService.CheckTrustSource));
127 } 128 }
128 129
129 private void Work() 130 private void Work()
diff --git a/OpenSim/Grid/UserServer/Main.cs b/OpenSim/Grid/UserServer/Main.cs
index c7011a9..30a41f4 100644
--- a/OpenSim/Grid/UserServer/Main.cs
+++ b/OpenSim/Grid/UserServer/Main.cs
@@ -142,6 +142,7 @@ namespace OpenSim.Grid.UserServer
142 m_httpServer.AddXmlRPCHandler("update_user_current_region", m_userManager.XmlRPCAtRegion); 142 m_httpServer.AddXmlRPCHandler("update_user_current_region", m_userManager.XmlRPCAtRegion);
143 m_httpServer.AddXmlRPCHandler("logout_of_simulator", m_userManager.XmlRPCLogOffUserMethodUUID); 143 m_httpServer.AddXmlRPCHandler("logout_of_simulator", m_userManager.XmlRPCLogOffUserMethodUUID);
144 m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", m_userManager.XmlRPCGetAgentMethodUUID); 144 m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", m_userManager.XmlRPCGetAgentMethodUUID);
145 m_httpServer.AddXmlRPCHandler("check_auth_session", m_userManager.XmlRPCCheckAuthSession);
145 // Message Server ---> User Server 146 // Message Server ---> User Server
146 m_httpServer.AddXmlRPCHandler("register_messageserver", m_messagesService.XmlRPCRegisterMessageServer); 147 m_httpServer.AddXmlRPCHandler("register_messageserver", m_messagesService.XmlRPCRegisterMessageServer);
147 m_httpServer.AddXmlRPCHandler("agent_change_region", m_messagesService.XmlRPCUserMovedtoRegion); 148 m_httpServer.AddXmlRPCHandler("agent_change_region", m_messagesService.XmlRPCUserMovedtoRegion);
diff --git a/OpenSim/Grid/UserServer/UserManager.cs b/OpenSim/Grid/UserServer/UserManager.cs
index ff62d78..a43ade1 100644
--- a/OpenSim/Grid/UserServer/UserManager.cs
+++ b/OpenSim/Grid/UserServer/UserManager.cs
@@ -457,6 +457,45 @@ namespace OpenSim.Grid.UserServer
457 return response; 457 return response;
458 } 458 }
459 459
460 public XmlRpcResponse XmlRPCCheckAuthSession(XmlRpcRequest request)
461 {
462 XmlRpcResponse response = new XmlRpcResponse();
463 Hashtable requestData = (Hashtable)request.Params[0];
464 UserProfileData userProfile;
465
466 string authed = "FALSE";
467 if (requestData.Contains("avatar_uuid") && requestData.Contains("session_id"))
468 {
469 LLUUID guess_aid = LLUUID.Zero;
470 LLUUID guess_sid = LLUUID.Zero;
471
472 Helpers.TryParse((string)requestData["avatar_uuid"], out guess_aid);
473 if (guess_aid == LLUUID.Zero)
474 {
475 return CreateUnknownUserErrorResponse();
476 }
477 Helpers.TryParse((string)requestData["session_id"], out guess_sid);
478 if (guess_sid == LLUUID.Zero)
479 {
480 return CreateUnknownUserErrorResponse();
481 }
482 userProfile = GetUserProfile(guess_aid);
483 if (userProfile != null && userProfile.CurrentAgent != null && userProfile.CurrentAgent.SessionID == guess_sid)
484 {
485 authed = "TRUE";
486 }
487 m_log.InfoFormat("[UserManager]: CheckAuthSession TRUE for user {0}", guess_aid);
488 }
489 else
490 {
491 m_log.InfoFormat("[UserManager]: CheckAuthSession FALSE");
492 return CreateUnknownUserErrorResponse();
493 }
494 Hashtable responseData = new Hashtable();
495 responseData["auth_session"] = authed;
496 response.Value = responseData;
497 return response;
498 }
460 499
461 public XmlRpcResponse XmlRpcResponseXmlRPCUpdateUserProfile(XmlRpcRequest request) 500 public XmlRpcResponse XmlRpcResponseXmlRPCUpdateUserProfile(XmlRpcRequest request)
462 { 501 {