From 3340a579e72f1248bb092a705db068027e46ef75 Mon Sep 17 00:00:00 2001
From: Justin Clarke Casey
Date: Fri, 24 Oct 2008 21:22:54 +0000
Subject: * Stop creating a circuit if the client fails authentication (i.e.
 the region server wasn't told that it was coming) * This moves authentication
 from the client thread (where failure was difficult to detect) to the
 particular thread handling that packet * I've kept the authentication outside
 of the crucial clientCircuits lock (though any delay here is probably swamped
 by the other delays associated with login) * Also added more to the unit test
 to ensure this doesn't regress

---
 .../Region/ClientStack/LindenUDP/LLPacketServer.cs | 72 +++++++++++++++-------
 1 file changed, 51 insertions(+), 21 deletions(-)

(limited to 'OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs')

diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
index 5d3dba0..e3a02bc 100644
--- a/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
+++ b/OpenSim/Region/ClientStack/LindenUDP/LLPacketServer.cs
@@ -27,6 +27,8 @@
 
 using System.Net;
 using System.Net.Sockets;
+using System.Reflection;
+using log4net;
 using OpenMetaverse;
 using OpenMetaverse.Packets;
 using OpenSim.Framework;
@@ -36,8 +38,8 @@ namespace OpenSim.Region.ClientStack.LindenUDP
 {
     public class LLPacketServer
     {
-        //private static readonly log4net.ILog m_log
-        //    = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
+        private static readonly log4net.ILog m_log
+            = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
 
         protected readonly ILLClientStackNetworkHandler m_networkHandler;
         protected IScene m_scene;
@@ -87,49 +89,77 @@ namespace OpenSim.Region.ClientStack.LindenUDP
         /// <returns></returns>
         protected virtual IClientAPI CreateNewCircuit(EndPoint remoteEP, UseCircuitCodePacket initialcirpack,
                                                       ClientManager clientManager, IScene scene, AssetCache assetCache,
-                                                      LLPacketServer packServer, AgentCircuitManager authenSessions,
+                                                      LLPacketServer packServer, AuthenticateResponse sessionInfo,
                                                       UUID agentId, UUID sessionId, uint circuitCode, EndPoint proxyEP)
         {
             return
                 new LLClientView(
-                     remoteEP, scene, assetCache, packServer, authenSessions, agentId, sessionId, circuitCode, proxyEP,
+                     remoteEP, scene, assetCache, packServer, sessionInfo, agentId, sessionId, circuitCode, proxyEP,
                      m_userSettings);
         }
 
         /// <summary>
+        /// Check whether a given client is authorized to connect
+        /// </summary>
+        /// <param name="useCircuit"></param>
+        /// <param name="circuitManager"></param>
+        /// <returns></returns>
+        public virtual bool IsClientAuthorized(
+            UseCircuitCodePacket useCircuit, AgentCircuitManager circuitManager, out AuthenticateResponse sessionInfo)
+        {
+            UUID agentId = useCircuit.CircuitCode.ID;
+            UUID sessionId = useCircuit.CircuitCode.SessionID;
+            uint circuitCode = useCircuit.CircuitCode.Code;
+
+            sessionInfo = circuitManager.AuthenticateSession(sessionId, agentId, circuitCode); 
+
+            if (!sessionInfo.Authorised)
+                return false;  
+            
+            return true;
+        }
+
+        /// <summary>
         /// Add a new client circuit
         /// </summary>
         /// <param name="epSender"></param>
         /// <param name="useCircuit"></param>
         /// <param name="assetCache"></param>
-        /// <param name="circuitManager"></param>
+        /// <param name="sessionInfo"></param>
         /// <param name="proxyEP"></param>
         /// <returns>
         /// true if a new circuit was created, false if a circuit with the given circuit code already existed
-        /// </returns>
-        public virtual bool AddNewClient(EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,
-                                         AgentCircuitManager circuitManager, EndPoint proxyEP)
+        /// </returns>        
+        public virtual bool AddNewClient(
+            EndPoint epSender, UseCircuitCodePacket useCircuit, AssetCache assetCache,
+            AuthenticateResponse sessionInfo, EndPoint proxyEP)
         {
             IClientAPI newuser;
-
-            if (m_scene.ClientManager.TryGetClient(useCircuit.CircuitCode.Code, out newuser))
+            uint circuitCode = useCircuit.CircuitCode.Code;
+            
+            if (m_scene.ClientManager.TryGetClient(circuitCode, out newuser))
             {
+                // The circuit is already known to the scene.  This not actually a problem since this will currently
+                // occur if a client is crossing borders (hence upgrading its circuit).  However, we shouldn't 
+                // really by trying to add a new client if this is the case.
                 return false;
             }
-            else
-            {
-                newuser = CreateNewCircuit(epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this,
-                                           circuitManager, useCircuit.CircuitCode.ID,
-                                           useCircuit.CircuitCode.SessionID, useCircuit.CircuitCode.Code, proxyEP);
+            
+            UUID agentId = useCircuit.CircuitCode.ID;
+            UUID sessionId = useCircuit.CircuitCode.SessionID;
+            
+            newuser 
+                = CreateNewCircuit(
+                    epSender, useCircuit, m_scene.ClientManager, m_scene, assetCache, this, sessionInfo, 
+                    agentId, sessionId, circuitCode, proxyEP);
 
-                m_scene.ClientManager.Add(useCircuit.CircuitCode.Code, newuser);
+            m_scene.ClientManager.Add(circuitCode, newuser);
 
-                newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;
-                newuser.OnLogout += LogoutHandler;
-                newuser.OnConnectionClosed += CloseClient;
+            newuser.OnViewerEffect += m_scene.ClientManager.ViewerEffectHandler;
+            newuser.OnLogout += LogoutHandler;
+            newuser.OnConnectionClosed += CloseClient;
 
-                return true;
-            }
+            return true;
         }
 
         public void LogoutHandler(IClientAPI client)
-- 
cgit v1.1