From 0413d052a3ec541164049e7d39278c57fb92ed06 Mon Sep 17 00:00:00 2001
From: diva
Date: Tue, 14 Apr 2009 19:35:35 +0000
Subject: Adds session authentication upon NewUserConnections. Adds user key
 authentication (in safemode only) upon CreateChildAgents. All of this for
 Hypergrid users too. This addresses assorted spoofing vulnerabilities.

---
 OpenSim/Framework/Communications/UserManagerBase.cs | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'OpenSim/Framework/Communications/UserManagerBase.cs')

diff --git a/OpenSim/Framework/Communications/UserManagerBase.cs b/OpenSim/Framework/Communications/UserManagerBase.cs
index 155f5cd..1115041 100644
--- a/OpenSim/Framework/Communications/UserManagerBase.cs
+++ b/OpenSim/Framework/Communications/UserManagerBase.cs
@@ -839,6 +839,21 @@ namespace OpenSim.Framework.Communications
             }
         }
 
+        public bool VerifySession(UUID userID, UUID sessionID)
+        {
+            UserProfileData userProfile = GetUserProfile(userID);
+
+            if (userProfile != null && userProfile.CurrentAgent != null)
+            {
+                m_log.DebugFormat("[USERAUTH]: Verifying session {0} for {1}; current  session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID);
+                if (userProfile.CurrentAgent.SessionID == sessionID)
+                {
+                    return true;
+                }
+            }
+            return false;
+        }
+
         #endregion
     }
 }
-- 
cgit v1.1