From e0a06f641668cd5c25a7854af2faf8a61c4053ee Mon Sep 17 00:00:00 2001 From: Dr Scofield Date: Tue, 5 May 2009 16:17:52 +0000 Subject: - moving banned check and public/private check to Scene.NewUserConnection() - adding reason reporting this enforces estate bans very early on and prevents us from circulating client objects that we'd then have to retract once we realize that the client is not allowed into the region --- .../Hypergrid/HGStandaloneLoginModule.cs | 3 +- .../InterGrid/OpenGridProtocolModule.cs | 10 +- .../Interregion/LocalInterregionComms.cs | 7 +- .../Interregion/RESTInterregionComms.cs | 17 ++- .../Framework/Interfaces/IInterregionComms.cs | 2 +- .../Hypergrid/HGSceneCommunicationService.cs | 7 +- OpenSim/Region/Framework/Scenes/Scene.cs | 159 ++++++++++----------- .../Framework/Scenes/SceneCommunicationService.cs | 11 +- .../Framework/Scenes/Tests/ScenePresenceTests.cs | 9 +- 9 files changed, 122 insertions(+), 103 deletions(-) (limited to 'OpenSim/Region') diff --git a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs index f21ce0f..a5101d0 100644 --- a/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs +++ b/OpenSim/Region/CoreModules/Hypergrid/HGStandaloneLoginModule.cs @@ -160,8 +160,9 @@ namespace OpenSim.Region.CoreModules.Hypergrid } } - public bool NewUserConnection(ulong regionHandle, AgentCircuitData agent) + public bool NewUserConnection(ulong regionHandle, AgentCircuitData agent, out string reason) { + reason = String.Empty; return true; } diff --git a/OpenSim/Region/CoreModules/InterGrid/OpenGridProtocolModule.cs b/OpenSim/Region/CoreModules/InterGrid/OpenGridProtocolModule.cs index ad91d63..5278b74 100644 --- a/OpenSim/Region/CoreModules/InterGrid/OpenGridProtocolModule.cs +++ b/OpenSim/Region/CoreModules/InterGrid/OpenGridProtocolModule.cs @@ -545,7 +545,15 @@ namespace OpenSim.Region.CoreModules.InterGrid homeScene.CommsManager.UserProfileCacheService.PreloadUserCache(userProfile); // Call 'new user' event handler - homeScene.NewUserConnection(agentData); + string reason; + if (!homeScene.NewUserConnection(agentData, out reason)) + { + responseMap["connect"] = OSD.FromBoolean(false); + responseMap["message"] = OSD.FromString(String.Format("Connection refused: {0}", reason)); + m_log.ErrorFormat("[OGP]: rez_avatar/request failed: {0}", reason); + return responseMap; + } + //string raCap = string.Empty; diff --git a/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/LocalInterregionComms.cs b/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/LocalInterregionComms.cs index b94efa7..bdf2280 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/LocalInterregionComms.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/LocalInterregionComms.cs @@ -24,6 +24,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +using System; using System.Collections.Generic; using System.Reflection; using log4net; @@ -112,19 +113,19 @@ namespace OpenSim.Region.CoreModules.ServiceConnectors.Interregion * Agent-related communications */ - public bool SendCreateChildAgent(ulong regionHandle, AgentCircuitData aCircuit) + public bool SendCreateChildAgent(ulong regionHandle, AgentCircuitData aCircuit, out string reason) { foreach (Scene s in m_sceneList) { if (s.RegionInfo.RegionHandle == regionHandle) { // m_log.DebugFormat("[LOCAL COMMS]: Found region {0} to send SendCreateChildAgent", regionHandle); - s.NewUserConnection(aCircuit); - return true; + return s.NewUserConnection(aCircuit, out reason); } } // m_log.DebugFormat("[LOCAL COMMS]: Did not find region {0} for SendCreateChildAgent", regionHandle); + reason = "Did not find region."; return false; } diff --git a/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/RESTInterregionComms.cs b/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/RESTInterregionComms.cs index 7fafb6e..80dced7 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/RESTInterregionComms.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectors/Interregion/RESTInterregionComms.cs @@ -140,10 +140,10 @@ namespace OpenSim.Region.CoreModules.ServiceConnectors.Interregion * Agent-related communications */ - public bool SendCreateChildAgent(ulong regionHandle, AgentCircuitData aCircuit) + public bool SendCreateChildAgent(ulong regionHandle, AgentCircuitData aCircuit, out string reason) { // Try local first - if (m_localBackend.SendCreateChildAgent(regionHandle, aCircuit)) + if (m_localBackend.SendCreateChildAgent(regionHandle, aCircuit, out reason)) return true; // else do the remote thing @@ -154,7 +154,7 @@ namespace OpenSim.Region.CoreModules.ServiceConnectors.Interregion { m_regionClient.SendUserInformation(regInfo, aCircuit); - return m_regionClient.DoCreateChildAgentCall(regInfo, aCircuit, "None"); + return m_regionClient.DoCreateChildAgentCall(regInfo, aCircuit, "None", out reason); } //else // m_log.Warn("[REST COMMS]: Region not found " + regionHandle); @@ -431,12 +431,19 @@ namespace OpenSim.Region.CoreModules.ServiceConnectors.Interregion return; } + OSDMap resp = new OSDMap(2); + string reason = String.Empty; + // This is the meaning of POST agent m_regionClient.AdjustUserInformation(aCircuit); - bool result = m_localBackend.SendCreateChildAgent(regionhandle, aCircuit); + bool result = m_localBackend.SendCreateChildAgent(regionhandle, aCircuit, out reason); + + resp["reason"] = OSD.FromString(reason); + resp["success"] = OSD.FromBoolean(result); + // TODO: add reason if not String.Empty? responsedata["int_response_code"] = 200; - responsedata["str_response_string"] = result.ToString(); + responsedata["str_response_string"] = OSDParser.SerializeJsonString(resp); } protected virtual void DoAgentPut(Hashtable request, Hashtable responsedata) diff --git a/OpenSim/Region/Framework/Interfaces/IInterregionComms.cs b/OpenSim/Region/Framework/Interfaces/IInterregionComms.cs index b5a9395..95b1079 100644 --- a/OpenSim/Region/Framework/Interfaces/IInterregionComms.cs +++ b/OpenSim/Region/Framework/Interfaces/IInterregionComms.cs @@ -38,7 +38,7 @@ namespace OpenSim.Region.Framework.Interfaces #region Agents - bool SendCreateChildAgent(ulong regionHandle, AgentCircuitData aCircuit); + bool SendCreateChildAgent(ulong regionHandle, AgentCircuitData aCircuit, out string reason); /// /// Full child agent update. diff --git a/OpenSim/Region/Framework/Scenes/Hypergrid/HGSceneCommunicationService.cs b/OpenSim/Region/Framework/Scenes/Hypergrid/HGSceneCommunicationService.cs index dcebce5..542e7d0 100644 --- a/OpenSim/Region/Framework/Scenes/Hypergrid/HGSceneCommunicationService.cs +++ b/OpenSim/Region/Framework/Scenes/Hypergrid/HGSceneCommunicationService.cs @@ -180,10 +180,13 @@ namespace OpenSim.Region.Framework.Scenes.Hypergrid agentCircuit.CapsPath = CapsUtil.GetRandomCapsObjectPath(); } + string reason = String.Empty; + //if (!m_commsProvider.InterRegion.InformRegionOfChildAgent(reg.RegionHandle, agentCircuit)) - if (!m_interregionCommsOut.SendCreateChildAgent(reg.RegionHandle, agentCircuit)) + if (!m_interregionCommsOut.SendCreateChildAgent(reg.RegionHandle, agentCircuit, out reason)) { - avatar.ControllingClient.SendTeleportFailed("Destination is not accepting teleports."); + avatar.ControllingClient.SendTeleportFailed(String.Format("Destination is not accepting teleports: {0}", + reason)); return; } diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs index a516a5a..77ca3bc 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.cs @@ -1859,87 +1859,46 @@ namespace OpenSim.Region.Framework.Scenes public override void AddNewClient(IClientAPI client) { - bool welcome = true; - - if (m_regInfo.EstateSettings.IsBanned(client.AgentId) && (!Permissions.IsGod(client.AgentId))) - { - m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user is on the banlist", - client.AgentId, client.FirstName, client.LastName, RegionInfo.RegionName); - client.SendAlertMessage("Denied access to region " + RegionInfo.RegionName + ". You have been banned from that region."); - welcome = false; - } - else if (!m_regInfo.EstateSettings.PublicAccess && !m_regInfo.EstateSettings.HasAccess(client.AgentId) && !Permissions.IsGod(client.AgentId)) - { - m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access", - client.AgentId, client.FirstName, client.LastName, RegionInfo.RegionName); - client.SendAlertMessage("Denied access to private region " + RegionInfo.RegionName + ". You do not have access to this region."); - welcome = false; - } + SubscribeToClientEvents(client); + ScenePresence presence; - if (!welcome) + if (m_restorePresences.ContainsKey(client.AgentId)) { - try - { - IEventQueue eq = RequestModuleInterface(); - if (eq != null) - { - eq.DisableSimulator(RegionInfo.RegionHandle, client.AgentId); - } - else - client.SendShutdownConnectionNotice(); - - client.Close(false); - CapsModule.RemoveCapsHandler(client.AgentId); - m_authenticateHandler.RemoveCircuit(client.CircuitCode); - } - catch (Exception e) + m_log.DebugFormat("[SCENE]: Restoring agent {0} {1} in {2}", client.Name, client.AgentId, RegionInfo.RegionName); + + presence = m_restorePresences[client.AgentId]; + m_restorePresences.Remove(client.AgentId); + + // This is one of two paths to create avatars that are + // used. This tends to get called more in standalone + // than grid, not really sure why, but as such needs + // an explicity appearance lookup here. + AvatarAppearance appearance = null; + GetAvatarAppearance(client, out appearance); + presence.Appearance = appearance; + + presence.initializeScenePresence(client, RegionInfo, this); + + m_sceneGraph.AddScenePresence(presence); + + lock (m_restorePresences) { - m_log.DebugFormat("[SCENE]: Exception while closing unwelcome client {0} {1}: {2}", client.FirstName, client.LastName, e.Message); + Monitor.PulseAll(m_restorePresences); } } else { - SubscribeToClientEvents(client); - ScenePresence presence; - - if (m_restorePresences.ContainsKey(client.AgentId)) - { - m_log.DebugFormat("[SCENE]: Restoring agent {0} {1} in {2}", client.Name, client.AgentId, RegionInfo.RegionName); - - presence = m_restorePresences[client.AgentId]; - m_restorePresences.Remove(client.AgentId); - - // This is one of two paths to create avatars that are - // used. This tends to get called more in standalone - // than grid, not really sure why, but as such needs - // an explicity appearance lookup here. - AvatarAppearance appearance = null; - GetAvatarAppearance(client, out appearance); - presence.Appearance = appearance; - - presence.initializeScenePresence(client, RegionInfo, this); - - m_sceneGraph.AddScenePresence(presence); - - lock (m_restorePresences) - { - Monitor.PulseAll(m_restorePresences); - } - } - else - { - m_log.DebugFormat( - "[SCENE]: Adding new child agent for {0} in {1}", - client.Name, RegionInfo.RegionName); - - CommsManager.UserProfileCacheService.AddNewUser(client.AgentId); - - CreateAndAddScenePresence(client); - } - - m_LastLogin = Environment.TickCount; - EventManager.TriggerOnNewClient(client); + m_log.DebugFormat( + "[SCENE]: Adding new child agent for {0} in {1}", + client.Name, RegionInfo.RegionName); + + CommsManager.UserProfileCacheService.AddNewUser(client.AgentId); + + CreateAndAddScenePresence(client); } + + m_LastLogin = Environment.TickCount; + EventManager.TriggerOnNewClient(client); } protected virtual void SubscribeToClientEvents(IClientAPI client) @@ -2404,7 +2363,8 @@ namespace OpenSim.Region.Framework.Scenes /// public void HandleNewUserConnection(AgentCircuitData agent) { - NewUserConnection(agent); + string reason; + NewUserConnection(agent, out reason); } /// @@ -2415,10 +2375,36 @@ namespace OpenSim.Region.Framework.Scenes /// /// /// - public bool NewUserConnection(AgentCircuitData agent) + /// + public bool NewUserConnection(AgentCircuitData agent, out string reason) { bool goodUserConnection = AuthenticateUser(agent); + reason = String.Empty; + + if (goodUserConnection && + m_regInfo.EstateSettings.IsBanned(agent.AgentID) && + (!Permissions.IsGod(agent.AgentID))) + { + m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user is on the banlist", + agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName); + reason = String.Format("Denied access to region {0}: You have been banned from that region.", + RegionInfo.RegionName); + goodUserConnection = false; + } + else if (goodUserConnection && + !m_regInfo.EstateSettings.PublicAccess && + !m_regInfo.EstateSettings.HasAccess(agent.AgentID) && + !Permissions.IsGod(agent.AgentID)) + { + m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access", + agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName); + reason = String.Format("Denied access to private region {0}: You are not on the access list for that region.", + RegionInfo.RegionName); + goodUserConnection = false; + } + + if (goodUserConnection) { CapsModule.NewUserConnection(agent); @@ -2431,7 +2417,7 @@ namespace OpenSim.Region.Framework.Scenes agent.AgentID, RegionInfo.RegionName); sp.AdjustKnownSeeds(); - + return true; } @@ -2440,13 +2426,13 @@ namespace OpenSim.Region.Framework.Scenes "[CONNECTION BEGIN]: Region {0} told of incoming client {1} {2} {3} (circuit code {4})", RegionInfo.RegionName, agent.firstname, agent.lastname, agent.AgentID, agent.circuitcode); - if (m_regInfo.EstateSettings.IsBanned(agent.AgentID)) - { - m_log.WarnFormat( - "[CONNECTION BEGIN]: Incoming user {0} at {1} is on the region banlist", - agent.AgentID, RegionInfo.RegionName); - //return false; - } + // if (m_regInfo.EstateSettings.IsBanned(agent.AgentID)) + // { + // m_log.WarnFormat( + // "[CONNECTION BEGIN]: Incoming user {0} at {1} is on the region banlist", + // agent.AgentID, RegionInfo.RegionName); + // //return false; + // } CapsModule.AddCapsHandler(agent.AgentID); @@ -2481,7 +2467,12 @@ namespace OpenSim.Region.Framework.Scenes } else { - m_log.WarnFormat("[CONNECTION BEGIN]: failed to authenticate user {0} {1}. Denying connection.", agent.firstname, agent.lastname); + m_log.WarnFormat("[CONNECTION BEGIN]: failed to authenticate user {0} {1}: {2}. Denying connection.", + agent.firstname, agent.lastname, reason); + if (String.IsNullOrEmpty(reason)) + { + reason = String.Format("Failed to authenticate user {0} {1}, access denied.", agent.firstname, agent.lastname); + } return false; } } diff --git a/OpenSim/Region/Framework/Scenes/SceneCommunicationService.cs b/OpenSim/Region/Framework/Scenes/SceneCommunicationService.cs index 2fe005d..0699552 100644 --- a/OpenSim/Region/Framework/Scenes/SceneCommunicationService.cs +++ b/OpenSim/Region/Framework/Scenes/SceneCommunicationService.cs @@ -296,8 +296,10 @@ namespace OpenSim.Region.Framework.Scenes string capsPath = "http://" + reg.ExternalHostName + ":" + reg.HttpPort + "/CAPS/" + a.CapsPath + "0000/"; + string reason = String.Empty; + //bool regionAccepted = m_commsProvider.InterRegion.InformRegionOfChildAgent(reg.RegionHandle, a); - bool regionAccepted = m_interregionCommsOut.SendCreateChildAgent(reg.RegionHandle, a); + bool regionAccepted = m_interregionCommsOut.SendCreateChildAgent(reg.RegionHandle, a, out reason); if (regionAccepted && newAgent) { @@ -785,11 +787,14 @@ namespace OpenSim.Region.Framework.Scenes agentCircuit.CapsPath = CapsUtil.GetRandomCapsObjectPath(); } + string reason = String.Empty; + // Let's create an agent there if one doesn't exist yet. //if (!m_commsProvider.InterRegion.InformRegionOfChildAgent(reg.RegionHandle, agentCircuit)) - if (!m_interregionCommsOut.SendCreateChildAgent(reg.RegionHandle, agentCircuit)) + if (!m_interregionCommsOut.SendCreateChildAgent(reg.RegionHandle, agentCircuit, out reason)) { - avatar.ControllingClient.SendTeleportFailed("Destination is not accepting teleports."); + avatar.ControllingClient.SendTeleportFailed(String.Format("Destination is not accepting teleports: {0}", + reason)); return; } diff --git a/OpenSim/Region/Framework/Scenes/Tests/ScenePresenceTests.cs b/OpenSim/Region/Framework/Scenes/Tests/ScenePresenceTests.cs index a26cb94..2903766 100644 --- a/OpenSim/Region/Framework/Scenes/Tests/ScenePresenceTests.cs +++ b/OpenSim/Region/Framework/Scenes/Tests/ScenePresenceTests.cs @@ -115,7 +115,8 @@ namespace OpenSim.Region.Framework.Scenes.Tests agent.startpos = Vector3.Zero; agent.CapsPath = GetRandomCapsObjectPath(); - scene.NewUserConnection(agent); + string reason; + scene.NewUserConnection(agent, out reason); testclient = new TestClient(agent, scene); scene.AddNewClient(testclient); @@ -146,7 +147,8 @@ namespace OpenSim.Region.Framework.Scenes.Tests { Console.WriteLine("Beginning test {0}", MethodBase.GetCurrentMethod()); - scene.NewUserConnection(acd1); + string reason; + scene.NewUserConnection(acd1, out reason); scene.AddNewClient(testclient); ScenePresence presence = scene.GetScenePresence(agent1); @@ -203,7 +205,8 @@ namespace OpenSim.Region.Framework.Scenes.Tests Console.WriteLine("Beginning test {0}", MethodBase.GetCurrentMethod()); // Adding child agent to region 1001 - scene2.NewUserConnection(acd1); + string reason; + scene2.NewUserConnection(acd1, out reason); scene2.AddNewClient(testclient); ScenePresence presence = scene.GetScenePresence(agent1); -- cgit v1.1