From 5ceb315e3463eaa50abf43a4c07cb37d9486b1fd Mon Sep 17 00:00:00 2001 From: Melanie Thielker Date: Wed, 1 Feb 2017 15:30:17 +0000 Subject: Secure sim stats with an (optional) password. There is way too much in these stats to expose them to the world, at least for some of us. --- OpenSim/Framework/Monitoring/StatsManager.cs | 13 +++++++++++++ OpenSim/Region/Application/OpenSim.cs | 1 + OpenSim/Region/Application/OpenSimBase.cs | 2 ++ 3 files changed, 16 insertions(+) diff --git a/OpenSim/Framework/Monitoring/StatsManager.cs b/OpenSim/Framework/Monitoring/StatsManager.cs index 55c3276..a6b341f 100644 --- a/OpenSim/Framework/Monitoring/StatsManager.cs +++ b/OpenSim/Framework/Monitoring/StatsManager.cs @@ -47,6 +47,8 @@ namespace OpenSim.Framework.Monitoring // Subcommand used to list other stats. public const string ListSubCommand = "list"; + public static string StatsPassword { get; set; } + // All subcommands public static HashSet SubCommands = new HashSet { AllSubCommand, ListSubCommand }; @@ -302,6 +304,17 @@ namespace OpenSim.Framework.Monitoring int response_code = 200; string contenttype = "text/json"; + if (StatsPassword != String.Empty && (!request.ContainsKey("pass") || request["pass"].ToString() != StatsPassword)) + { + responsedata["int_response_code"] = response_code; + responsedata["content_type"] = "text/plain"; + responsedata["keepalive"] = false; + responsedata["str_response_string"] = "Access denied"; + responsedata["access_control_allow_origin"] = "*"; + + return responsedata; + } + string pCategoryName = StatsManager.AllSubCommand; string pContainerName = StatsManager.AllSubCommand; string pStatName = StatsManager.AllSubCommand; diff --git a/OpenSim/Region/Application/OpenSim.cs b/OpenSim/Region/Application/OpenSim.cs index 8022b1e..58178bc 100644 --- a/OpenSim/Region/Application/OpenSim.cs +++ b/OpenSim/Region/Application/OpenSim.cs @@ -211,6 +211,7 @@ namespace OpenSim if (managedStatsURI != String.Empty) { string urlBase = String.Format("/{0}/", managedStatsURI); + StatsManager.StatsPassword = managedStatsPassword; MainServer.Instance.AddHTTPHandler(urlBase, StatsManager.HandleStatsRequest); m_log.InfoFormat("[OPENSIM] Enabling remote managed stats fetch. URL = {0}", urlBase); } diff --git a/OpenSim/Region/Application/OpenSimBase.cs b/OpenSim/Region/Application/OpenSimBase.cs index b33e2c2..34a9246 100644 --- a/OpenSim/Region/Application/OpenSimBase.cs +++ b/OpenSim/Region/Application/OpenSimBase.cs @@ -88,6 +88,7 @@ namespace OpenSim public string userStatsURI = String.Empty; public string managedStatsURI = String.Empty; + public string managedStatsPassword = String.Empty; protected bool m_autoCreateClientStack = true; @@ -239,6 +240,7 @@ namespace OpenSim m_permsModules = new List(permissionModules.Split(',')); managedStatsURI = startupConfig.GetString("ManagedStatsRemoteFetchURI", String.Empty); + managedStatsPassword = startupConfig.GetString("ManagedStatsRemoteFetchPassword", String.Empty); } // Load the simulation data service -- cgit v1.1