From adfccd0ee02fd3276c6ff35cf3e590c66d46b202 Mon Sep 17 00:00:00 2001 From: Justin Clarke Casey Date: Sat, 9 Aug 2008 17:09:37 +0000 Subject: * Add line to log notifying of inventory -> user grid server trust failure * add code comments --- OpenSim/Framework/Servers/RestSessionService.cs | 15 ++++++++++++- .../Grid/InventoryServer/GridInventoryService.cs | 25 +++++++++++++++++++--- 2 files changed, 36 insertions(+), 4 deletions(-) diff --git a/OpenSim/Framework/Servers/RestSessionService.cs b/OpenSim/Framework/Servers/RestSessionService.cs index 3c79844..1ed349f 100644 --- a/OpenSim/Framework/Servers/RestSessionService.cs +++ b/OpenSim/Framework/Servers/RestSessionService.cs @@ -150,7 +150,9 @@ namespace OpenSim.Framework.Servers private RestDeserialiseMethod m_method; private CheckIdentityMethod m_smethod; - public RestDeserialiseSecureHandler(string httpMethod, string path, RestDeserialiseMethod method, CheckIdentityMethod smethod) + public RestDeserialiseSecureHandler( + string httpMethod, string path, + RestDeserialiseMethod method, CheckIdentityMethod smethod) : base(httpMethod, path) { m_smethod = smethod; @@ -186,7 +188,18 @@ namespace OpenSim.Framework.Servers public class RestDeserialiseTrustedHandler : BaseRequestHandler, IStreamHandler where TRequest : new() { + /// + /// The operation to perform once trust has been established. + /// + /// + /// + /// + /// private RestDeserialiseMethod m_method; + + /// + /// The method used to check whether a request is trusted. + /// private CheckTrustedSourceMethod m_tmethod; public RestDeserialiseTrustedHandler(string httpMethod, string path, RestDeserialiseMethod method, CheckTrustedSourceMethod tmethod) diff --git a/OpenSim/Grid/InventoryServer/GridInventoryService.cs b/OpenSim/Grid/InventoryServer/GridInventoryService.cs index 46841c3..643cf4d 100644 --- a/OpenSim/Grid/InventoryServer/GridInventoryService.cs +++ b/OpenSim/Grid/InventoryServer/GridInventoryService.cs @@ -66,11 +66,16 @@ namespace OpenSim.Grid.InventoryServer m_userserver_url = userserver_url; } + /// + /// Check that the source of an inventory request is one that we trust. + /// + /// + /// public bool CheckTrustSource(IPEndPoint peer) { if (m_doLookup) { - m_log.InfoFormat("[GRID AGENT INVENTORY]: checking trusted source {0}", peer.ToString()); + m_log.InfoFormat("[GRID AGENT INVENTORY]: Checking trusted source {0}", peer); UriBuilder ub = new UriBuilder(m_userserver_url); IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host); foreach (IPAddress uaddr in uaddrs) @@ -79,7 +84,12 @@ namespace OpenSim.Grid.InventoryServer { return true; } - } + } + + m_log.WarnFormat( + "[GRID AGENT INVENTORY]: Rejecting request since source {0} was not in the list of trusted sources", + peer); + return false; } else @@ -88,11 +98,19 @@ namespace OpenSim.Grid.InventoryServer } } + /// + /// Check that the source of an inventory request for a particular agent is a current session belonging to + /// that agent. + /// + /// + /// + /// public bool CheckAuthSession(string session_id, string avatar_id) { if (m_doLookup) { m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id); + if (m_session_cache.getCachedSession(session_id, avatar_id) == null) { // cache miss, ask userserver @@ -119,7 +137,8 @@ namespace OpenSim.Grid.InventoryServer m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache"); return true; } - m_log.Info("[GRID AGENT INVENTORY]: unknown session_id, request rejected"); + + m_log.Warn("[GRID AGENT INVENTORY]: unknown session_id, request rejected"); return false; } else -- cgit v1.1