1 files changed, 276 insertions, 0 deletions
diff --git a/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
new file mode 100644
index 0000000..c8d08de
--- /dev/null
+++ b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
@@ -0,0 +1,276 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Net;
+using System.Reflection;
+using log4net;
+using Nini.Config;
+using Nwc.XmlRpc;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
+using OpenSim.Framework;
+using OpenSim.Framework.Servers.HttpServer;
+using OpenSim.Server.Handlers.Base;
+using OpenMetaverse;
+namespace OpenSim.Server.Handlers.Inventory
+{
+    public class InventoryServiceInConnector : ServiceConnector
+    {
+        private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+        private IInventoryService m_InventoryService;
+        private bool m_doLookup = false;
+        //private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs
+        //private AuthedSessionCache m_session_cache = new AuthedSessionCache(INVENTORY_DEFAULT_SESSION_TIME);
+        private string m_userserver_url;
+        public InventoryServiceInConnector(IConfigSource config, IHttpServer server) :
+                base(config, server)
+        {
+            IConfig serverConfig = config.Configs["InventoryService"];
+            if (serverConfig == null)
+                throw new Exception("No section 'InventoryService' in config file");
+            string inventoryService = serverConfig.GetString("LocalServiceModule",
+                    String.Empty);
+            if (inventoryService == String.Empty)
+                throw new Exception("No InventoryService in config file");
+            Object[] args = new Object[] { config };
+            m_InventoryService =
+                    ServerUtils.LoadPlugin<IInventoryService>(inventoryService, args);
+            m_userserver_url = serverConfig.GetString("UserServerURI", String.Empty);
+            m_doLookup = serverConfig.GetBoolean("SessionAuthentication", false);
+            AddHttpHandlers(server);
+        }
+        protected virtual void AddHttpHandlers(IHttpServer m_httpServer)
+        {
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
+                    "POST", "/GetInventory/", GetUserInventory, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/UpdateFolder/", m_InventoryService.UpdateFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/MoveFolder/", m_InventoryService.MoveFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/PurgeFolder/", m_InventoryService.PurgeFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
+                    "POST", "/DeleteItem/", m_InventoryService.DeleteItem, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryItemBase, InventoryItemBase>(
+                    "POST", "/QueryItem/", m_InventoryService.QueryItem, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, InventoryFolderBase>(
+                    "POST", "/QueryFolder/", m_InventoryService.QueryFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, bool>(
+                    "POST", "/CreateInventory/", CreateUsersInventory, CheckTrustSource));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
+                    "POST", "/NewFolder/", m_InventoryService.AddFolder, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<InventoryFolderBase, bool>(
+                    "POST", "/CreateFolder/", m_InventoryService.AddFolder, CheckTrustSource));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
+                    "POST", "/NewItem/", m_InventoryService.AddItem, CheckAuthSession));
+            m_httpServer.AddStreamHandler(
+             new RestDeserialiseTrustedHandler<InventoryItemBase, bool>(
+                 "POST", "/AddNewItem/", m_InventoryService.AddItem, CheckTrustSource));
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>(
+                    "POST", "/GetItems/", GetFolderItems, CheckTrustSource));
+            // for persistent active gestures
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>
+                    ("POST", "/ActiveGestures/", GetActiveGestures, CheckTrustSource));
+            // WARNING: Root folders no longer just delivers the root and immediate child folders (e.g
+            // system folders such as Objects, Textures), but it now returns the entire inventory skeleton.
+            // It would have been better to rename this request, but complexities in the BaseHttpServer
+            // (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier
+            // to do this for now.
+            m_httpServer.AddStreamHandler(
+                new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>>
+                    ("POST", "/RootFolders/", GetInventorySkeleton, CheckTrustSource));
+        }
+        #region Wrappers for converting the Guid parameter
+        public InventoryCollection GetUserInventory(Guid guid)
+        {
+            UUID userID = new UUID(guid);
+            return m_InventoryService.GetUserInventory(userID);
+        }
+        public List<InventoryItemBase> GetFolderItems(Guid folderID)
+        {
+            List<InventoryItemBase> allItems = new List<InventoryItemBase>();
+            List<InventoryItemBase> items = m_InventoryService.GetFolderItems(new UUID(folderID));
+            if (items != null)
+            {
+                allItems.InsertRange(0, items);
+            }
+            return allItems;
+        }
+        public bool CreateUsersInventory(Guid rawUserID)
+        {
+            UUID userID = new UUID(rawUserID);
+            return m_InventoryService.CreateUserInventory(userID);
+        }
+        public List<InventoryItemBase> GetActiveGestures(Guid rawUserID)
+        {
+            UUID userID = new UUID(rawUserID);
+            return m_InventoryService.GetActiveGestures(userID);
+        }
+        public List<InventoryFolderBase> GetInventorySkeleton(Guid rawUserID)
+        {
+            UUID userID = new UUID(rawUserID);
+            return m_InventoryService.GetInventorySkeleton(userID);
+        }
+        #endregion
+        /// <summary>
+        /// Check that the source of an inventory request is one that we trust.
+        /// </summary>
+        /// <param name="peer"></param>
+        /// <returns></returns>
+        public bool CheckTrustSource(IPEndPoint peer)
+        {
+            if (m_doLookup)
+            {
+                m_log.InfoFormat("[INVENTORY IN CONNECTOR]: Checking trusted source {0}", peer);
+                UriBuilder ub = new UriBuilder(m_userserver_url);
+                IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host);
+                foreach (IPAddress uaddr in uaddrs)
+                {
+                    if (uaddr.Equals(peer.Address))
+                    {
+                        return true;
+                    }
+                }
+                m_log.WarnFormat(
+                    "[INVENTORY IN CONNECTOR]: Rejecting request since source {0} was not in the list of trusted sources",
+                    peer);
+                return false;
+            }
+            else
+            {
+                return true;
+            }
+        }
+        /// <summary>
+        /// Check that the source of an inventory request for a particular agent is a current session belonging to
+        /// that agent.
+        /// </summary>
+        /// <param name="session_id"></param>
+        /// <param name="avatar_id"></param>
+        /// <returns></returns>
+        public bool CheckAuthSession(string session_id, string avatar_id)
+        {
+            if (m_doLookup)
+            {
+                m_log.InfoFormat("[INVENTORY IN CONNECTOR]: checking authed session {0} {1}", session_id, avatar_id);
+                //if (m_session_cache.getCachedSession(session_id, avatar_id) == null)
+                //{
+                    // cache miss, ask userserver
+                    Hashtable requestData = new Hashtable();
+                    requestData["avatar_uuid"] = avatar_id;
+                    requestData["session_id"] = session_id;
+                    ArrayList SendParams = new ArrayList();
+                    SendParams.Add(requestData);
+                    XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams);
+                    XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000);
+                    Hashtable responseData = (Hashtable)UserResp.Value;
+                    if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE")
+                    {
+                        m_log.Info("[INVENTORY IN CONNECTOR]: got authed session from userserver");
+                        //// add to cache; the session time will be automatically renewed
+                        //m_session_cache.Add(session_id, avatar_id);
+                        return true;
+                    }
+                //}
+                //else
+                //{
+                //    // cache hits
+                //    m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache");
+                //    return true;
+                //}
+                    m_log.Warn("[INVENTORY IN CONNECTOR]: unknown session_id, request rejected");
+                return false;
+            }
+            else
+            {
+                return true;
+            }
+        }
+    }
+}

diff --git a/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs new file mode 100644 index 0000000..c8d08de --- /dev/null +++ b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
@@ -0,0 +1,276 @@
	1	/*
	2	* Copyright (c) Contributors, http://opensimulator.org/
	3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions are met:
	7	* * Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* * Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	* * Neither the name of the OpenSimulator Project nor the
	13	* names of its contributors may be used to endorse or promote products
	14	* derived from this software without specific prior written permission.
	15	*
	16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
	17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
	20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
	25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	26	*/
	27
	28	using System;
	29	using System.Collections;
	30	using System.Collections.Generic;
	31	using System.Net;
	32	using System.Reflection;
	33	using log4net;
	34	using Nini.Config;
	35	using Nwc.XmlRpc;
	36	using OpenSim.Server.Base;
	37	using OpenSim.Services.Interfaces;
	38	using OpenSim.Framework;
	39	using OpenSim.Framework.Servers.HttpServer;
	40	using OpenSim.Server.Handlers.Base;
	41	using OpenMetaverse;
	42
	43	namespace OpenSim.Server.Handlers.Inventory
	44	{
	45	public class InventoryServiceInConnector : ServiceConnector
	46	{
	47	private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
	48
	49	private IInventoryService m_InventoryService;
	50
	51	private bool m_doLookup = false;
	52
	53	//private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs
	54	//private AuthedSessionCache m_session_cache = new AuthedSessionCache(INVENTORY_DEFAULT_SESSION_TIME);
	55
	56	private string m_userserver_url;
	57
	58	public InventoryServiceInConnector(IConfigSource config, IHttpServer server) :
	59	base(config, server)
	60	{
	61	IConfig serverConfig = config.Configs["InventoryService"];
	62	if (serverConfig == null)
	63	throw new Exception("No section 'InventoryService' in config file");
	64
	65	string inventoryService = serverConfig.GetString("LocalServiceModule",
	66	String.Empty);
	67
	68	if (inventoryService == String.Empty)
	69	throw new Exception("No InventoryService in config file");
	70
	71	Object[] args = new Object[] { config };
	72	m_InventoryService =
	73	ServerUtils.LoadPlugin<IInventoryService>(inventoryService, args);
	74
	75	m_userserver_url = serverConfig.GetString("UserServerURI", String.Empty);
	76	m_doLookup = serverConfig.GetBoolean("SessionAuthentication", false);
	77
	78	AddHttpHandlers(server);
	79	}
	80
	81	protected virtual void AddHttpHandlers(IHttpServer m_httpServer)
	82	{
	83	m_httpServer.AddStreamHandler(
	84	new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
	85	"POST", "/GetInventory/", GetUserInventory, CheckAuthSession));
	86
	87	m_httpServer.AddStreamHandler(
	88	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
	89	"POST", "/UpdateFolder/", m_InventoryService.UpdateFolder, CheckAuthSession));
	90
	91	m_httpServer.AddStreamHandler(
	92	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
	93	"POST", "/MoveFolder/", m_InventoryService.MoveFolder, CheckAuthSession));
	94
	95	m_httpServer.AddStreamHandler(
	96	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
	97	"POST", "/PurgeFolder/", m_InventoryService.PurgeFolder, CheckAuthSession));
	98
	99	m_httpServer.AddStreamHandler(
	100	new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
	101	"POST", "/DeleteItem/", m_InventoryService.DeleteItem, CheckAuthSession));
	102
	103	m_httpServer.AddStreamHandler(
	104	new RestDeserialiseSecureHandler<InventoryItemBase, InventoryItemBase>(
	105	"POST", "/QueryItem/", m_InventoryService.QueryItem, CheckAuthSession));
	106
	107	m_httpServer.AddStreamHandler(
	108	new RestDeserialiseSecureHandler<InventoryFolderBase, InventoryFolderBase>(
	109	"POST", "/QueryFolder/", m_InventoryService.QueryFolder, CheckAuthSession));
	110
	111	m_httpServer.AddStreamHandler(
	112	new RestDeserialiseTrustedHandler<Guid, bool>(
	113	"POST", "/CreateInventory/", CreateUsersInventory, CheckTrustSource));
	114
	115	m_httpServer.AddStreamHandler(
	116	new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
	117	"POST", "/NewFolder/", m_InventoryService.AddFolder, CheckAuthSession));
	118
	119	m_httpServer.AddStreamHandler(
	120	new RestDeserialiseTrustedHandler<InventoryFolderBase, bool>(
	121	"POST", "/CreateFolder/", m_InventoryService.AddFolder, CheckTrustSource));
	122
	123	m_httpServer.AddStreamHandler(
	124	new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
	125	"POST", "/NewItem/", m_InventoryService.AddItem, CheckAuthSession));
	126
	127	m_httpServer.AddStreamHandler(
	128	new RestDeserialiseTrustedHandler<InventoryItemBase, bool>(
	129	"POST", "/AddNewItem/", m_InventoryService.AddItem, CheckTrustSource));
	130
	131	m_httpServer.AddStreamHandler(
	132	new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>(
	133	"POST", "/GetItems/", GetFolderItems, CheckTrustSource));
	134
	135	// for persistent active gestures
	136	m_httpServer.AddStreamHandler(
	137	new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>
	138	("POST", "/ActiveGestures/", GetActiveGestures, CheckTrustSource));
	139
	140	// WARNING: Root folders no longer just delivers the root and immediate child folders (e.g
	141	// system folders such as Objects, Textures), but it now returns the entire inventory skeleton.
	142	// It would have been better to rename this request, but complexities in the BaseHttpServer
	143	// (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier
	144	// to do this for now.
	145	m_httpServer.AddStreamHandler(
	146	new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>>
	147	("POST", "/RootFolders/", GetInventorySkeleton, CheckTrustSource));
	148	}
	149
	150	#region Wrappers for converting the Guid parameter
	151
	152	public InventoryCollection GetUserInventory(Guid guid)
	153	{
	154	UUID userID = new UUID(guid);
	155	return m_InventoryService.GetUserInventory(userID);
	156	}
	157
	158	public List<InventoryItemBase> GetFolderItems(Guid folderID)
	159	{
	160	List<InventoryItemBase> allItems = new List<InventoryItemBase>();
	161
	162	List<InventoryItemBase> items = m_InventoryService.GetFolderItems(new UUID(folderID));
	163
	164	if (items != null)
	165	{
	166	allItems.InsertRange(0, items);
	167	}
	168	return allItems;
	169	}
	170
	171	public bool CreateUsersInventory(Guid rawUserID)
	172	{
	173	UUID userID = new UUID(rawUserID);
	174
	175
	176	return m_InventoryService.CreateUserInventory(userID);
	177	}
	178
	179	public List<InventoryItemBase> GetActiveGestures(Guid rawUserID)
	180	{
	181	UUID userID = new UUID(rawUserID);
	182
	183	return m_InventoryService.GetActiveGestures(userID);
	184	}
	185
	186	public List<InventoryFolderBase> GetInventorySkeleton(Guid rawUserID)
	187	{
	188	UUID userID = new UUID(rawUserID);
	189	return m_InventoryService.GetInventorySkeleton(userID);
	190	}
	191
	192	#endregion
	193
	194	/// <summary>
	195	/// Check that the source of an inventory request is one that we trust.
	196	/// </summary>
	197	/// <param name="peer"></param>
	198	/// <returns></returns>
	199	public bool CheckTrustSource(IPEndPoint peer)
	200	{
	201	if (m_doLookup)
	202	{
	203	m_log.InfoFormat("[INVENTORY IN CONNECTOR]: Checking trusted source {0}", peer);
	204	UriBuilder ub = new UriBuilder(m_userserver_url);
	205	IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host);
	206	foreach (IPAddress uaddr in uaddrs)
	207	{
	208	if (uaddr.Equals(peer.Address))
	209	{
	210	return true;
	211	}
	212	}
	213
	214	m_log.WarnFormat(
	215	"[INVENTORY IN CONNECTOR]: Rejecting request since source {0} was not in the list of trusted sources",
	216	peer);
	217
	218	return false;
	219	}
	220	else
	221	{
	222	return true;
	223	}
	224	}
	225
	226	/// <summary>
	227	/// Check that the source of an inventory request for a particular agent is a current session belonging to
	228	/// that agent.
	229	/// </summary>
	230	/// <param name="session_id"></param>
	231	/// <param name="avatar_id"></param>
	232	/// <returns></returns>
	233	public bool CheckAuthSession(string session_id, string avatar_id)
	234	{
	235	if (m_doLookup)
	236	{
	237	m_log.InfoFormat("[INVENTORY IN CONNECTOR]: checking authed session {0} {1}", session_id, avatar_id);
	238
	239	//if (m_session_cache.getCachedSession(session_id, avatar_id) == null)
	240	//{
	241	// cache miss, ask userserver
	242	Hashtable requestData = new Hashtable();
	243	requestData["avatar_uuid"] = avatar_id;
	244	requestData["session_id"] = session_id;
	245	ArrayList SendParams = new ArrayList();
	246	SendParams.Add(requestData);
	247	XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams);
	248	XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000);
	249
	250	Hashtable responseData = (Hashtable)UserResp.Value;
	251	if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE")
	252	{
	253	m_log.Info("[INVENTORY IN CONNECTOR]: got authed session from userserver");
	254	//// add to cache; the session time will be automatically renewed
	255	//m_session_cache.Add(session_id, avatar_id);
	256	return true;
	257	}
	258	//}
	259	//else
	260	//{
	261	// // cache hits
	262	// m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache");
	263	// return true;
	264	//}
	265
	266	m_log.Warn("[INVENTORY IN CONNECTOR]: unknown session_id, request rejected");
	267	return false;
	268	}
	269	else
	270	{
	271	return true;
	272	}
	273	}
	274
	275	}
	276	}