From 134f86e8d5c414409631b25b8c6f0ee45fbd8631 Mon Sep 17 00:00:00 2001 From: David Walter Seikel Date: Thu, 3 Nov 2016 21:44:39 +1000 Subject: Initial update to OpenSim 0.8.2.1 source code. --- .../Services/HypergridService/GatekeeperService.cs | 121 +++++++++++++++++---- 1 file changed, 97 insertions(+), 24 deletions(-) (limited to 'OpenSim/Services/HypergridService/GatekeeperService.cs') diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs index 7b84d55..8e10125 100644 --- a/OpenSim/Services/HypergridService/GatekeeperService.cs +++ b/OpenSim/Services/HypergridService/GatekeeperService.cs @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) Contributors, http://opensimulator.org/ * See CONTRIBUTORS.TXT for a full list of copyright holders. * @@ -58,6 +58,7 @@ namespace OpenSim.Services.HypergridService private static IUserAgentService m_UserAgentService; private static ISimulationService m_SimulationService; private static IGridUserService m_GridUserService; + private static IBansService m_BansService; private static string m_AllowedClients = string.Empty; private static string m_DeniedClients = string.Empty; @@ -87,6 +88,7 @@ namespace OpenSim.Services.HypergridService string presenceService = serverConfig.GetString("PresenceService", String.Empty); string simulationService = serverConfig.GetString("SimulationService", String.Empty); string gridUserService = serverConfig.GetString("GridUserService", String.Empty); + string bansService = serverConfig.GetString("BansService", String.Empty); // These are mandatory, the others aren't if (gridService == string.Empty || presenceService == string.Empty) @@ -96,7 +98,9 @@ namespace OpenSim.Services.HypergridService UUID.TryParse(scope, out m_ScopeID); //m_WelcomeMessage = serverConfig.GetString("WelcomeMessage", "Welcome to OpenSim!"); m_AllowTeleportsToAnyRegion = serverConfig.GetBoolean("AllowTeleportsToAnyRegion", true); - m_ExternalName = serverConfig.GetString("ExternalName", string.Empty); + m_ExternalName = Util.GetConfigVarFromSections(config, "GatekeeperURI", + new string[] { "Startup", "Hypergrid", "GatekeeperService" }, String.Empty); + m_ExternalName = serverConfig.GetString("ExternalName", m_ExternalName); if (m_ExternalName != string.Empty && !m_ExternalName.EndsWith("/")) m_ExternalName = m_ExternalName + "/"; @@ -119,14 +123,19 @@ namespace OpenSim.Services.HypergridService m_UserAgentService = ServerUtils.LoadPlugin(homeUsersService, args); if (gridUserService != string.Empty) m_GridUserService = ServerUtils.LoadPlugin(gridUserService, args); + if (bansService != string.Empty) + m_BansService = ServerUtils.LoadPlugin(bansService, args); if (simService != null) m_SimulationService = simService; else if (simulationService != string.Empty) m_SimulationService = ServerUtils.LoadPlugin(simulationService, args); - m_AllowedClients = serverConfig.GetString("AllowedClients", string.Empty); - m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty); + string[] possibleAccessControlConfigSections = new string[] { "AccessControl", "GatekeeperService" }; + m_AllowedClients = Util.GetConfigVarFromSections( + config, "AllowedClients", possibleAccessControlConfigSections, string.Empty); + m_DeniedClients = Util.GetConfigVarFromSections( + config, "DeniedClients", possibleAccessControlConfigSections, string.Empty); m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true); LoadDomainExceptionsFromConfig(serverConfig, "AllowExcept", m_ForeignsAllowedExceptions); @@ -165,7 +174,7 @@ namespace OpenSim.Services.HypergridService m_log.DebugFormat("[GATEKEEPER SERVICE]: Request to link to {0}", (regionName == string.Empty)? "default region" : regionName); if (!m_AllowTeleportsToAnyRegion || regionName == string.Empty) { - List defs = m_GridService.GetDefaultRegions(m_ScopeID); + List defs = m_GridService.GetDefaultHypergridRegions(m_ScopeID); if (defs != null && defs.Count > 0) { region = defs[0]; @@ -198,41 +207,75 @@ namespace OpenSim.Services.HypergridService return true; } - public GridRegion GetHyperlinkRegion(UUID regionID) + public GridRegion GetHyperlinkRegion(UUID regionID, UUID agentID, string agentHomeURI, out string message) { - m_log.DebugFormat("[GATEKEEPER SERVICE]: Request to get hyperlink region {0}", regionID); + message = null; if (!m_AllowTeleportsToAnyRegion) + { // Don't even check the given regionID + m_log.DebugFormat( + "[GATEKEEPER SERVICE]: Returning gateway region {0} {1} @ {2} to user {3}{4} as teleporting to arbitrary regions is not allowed.", + m_DefaultGatewayRegion.RegionName, + m_DefaultGatewayRegion.RegionID, + m_DefaultGatewayRegion.ServerURI, + agentID, + agentHomeURI == null ? "" : " @ " + agentHomeURI); + + message = "Teleporting to the default region."; return m_DefaultGatewayRegion; + } GridRegion region = m_GridService.GetRegionByUUID(m_ScopeID, regionID); + + if (region == null) + { + m_log.DebugFormat( + "[GATEKEEPER SERVICE]: Could not find region with ID {0} as requested by user {1}{2}. Returning null.", + regionID, agentID, (agentHomeURI == null) ? "" : " @ " + agentHomeURI); + + message = "The teleport destination could not be found."; + return null; + } + + m_log.DebugFormat( + "[GATEKEEPER SERVICE]: Returning region {0} {1} @ {2} to user {3}{4}.", + region.RegionName, + region.RegionID, + region.ServerURI, + agentID, + agentHomeURI == null ? "" : " @ " + agentHomeURI); + return region; } #region Login Agent - public bool LoginAgent(AgentCircuitData aCircuit, GridRegion destination, out string reason) + public bool LoginAgent(GridRegion source, AgentCircuitData aCircuit, GridRegion destination, out string reason) { reason = string.Empty; string authURL = string.Empty; if (aCircuit.ServiceURLs.ContainsKey("HomeURI")) authURL = aCircuit.ServiceURLs["HomeURI"].ToString(); - m_log.InfoFormat("[GATEKEEPER SERVICE]: Login request for {0} {1} @ {2} ({3}) at {4} using viewer {5}, channel {6}, IP {7}, Mac {8}, Id0 {9} Teleport Flags {10}", - aCircuit.firstname, aCircuit.lastname, authURL, aCircuit.AgentID, destination.RegionName, - aCircuit.Viewer, aCircuit.Channel, aCircuit.IPAddress, aCircuit.Mac, aCircuit.Id0, aCircuit.teleportFlags.ToString()); - + + m_log.InfoFormat("[GATEKEEPER SERVICE]: Login request for {0} {1} @ {2} ({3}) at {4} using viewer {5}, channel {6}, IP {7}, Mac {8}, Id0 {9}, Teleport Flags: {10}. From region {11}", + aCircuit.firstname, aCircuit.lastname, authURL, aCircuit.AgentID, destination.RegionID, + aCircuit.Viewer, aCircuit.Channel, aCircuit.IPAddress, aCircuit.Mac, aCircuit.Id0, (TeleportFlags)aCircuit.teleportFlags, + (source == null) ? "Unknown" : string.Format("{0} ({1}){2}", source.RegionName, source.RegionID, (source.RawServerURI == null) ? "" : " @ " + source.ServerURI)); + + string curViewer = Util.GetViewerName(aCircuit); + // // Check client // if (m_AllowedClients != string.Empty) { Regex arx = new Regex(m_AllowedClients); - Match am = arx.Match(aCircuit.Viewer); + Match am = arx.Match(curViewer); if (!am.Success) { - m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is not allowed", aCircuit.Viewer); + m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is not allowed", curViewer); return false; } } @@ -240,11 +283,11 @@ namespace OpenSim.Services.HypergridService if (m_DeniedClients != string.Empty) { Regex drx = new Regex(m_DeniedClients); - Match dm = drx.Match(aCircuit.Viewer); + Match dm = drx.Match(curViewer); if (dm.Success) { - m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is denied", aCircuit.Viewer); + m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client {0} is denied", curViewer); return false; } } @@ -285,17 +328,16 @@ namespace OpenSim.Services.HypergridService } } } - m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok"); // // Foreign agents allowed? Exceptions? // - if (account == null) + if (account == null) { bool allowed = m_ForeignAgentsAllowed; if (m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsAllowedExceptions)) - allowed = false; + allowed = false; if (!m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsDisallowedExceptions)) allowed = true; @@ -309,6 +351,20 @@ namespace OpenSim.Services.HypergridService } } + // + // Is the user banned? + // This uses a Ban service that's more powerful than the configs + // + string uui = (account != null ? aCircuit.AgentID.ToString() : Util.ProduceUserUniversalIdentifier(aCircuit)); + if (m_BansService != null && m_BansService.IsBanned(uui, aCircuit.IPAddress, aCircuit.Id0, authURL)) + { + reason = "You are banned from this world"; + m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: user {0} is banned", uui); + return false; + } + + m_log.DebugFormat("[GATEKEEPER SERVICE]: User {0} is ok", aCircuit.Name); + bool isFirstLogin = false; // // Login the presence, if it's not there yet (by the login service) @@ -326,7 +382,8 @@ namespace OpenSim.Services.HypergridService aCircuit.firstname, aCircuit.lastname); return false; } - m_log.DebugFormat("[GATEKEEPER SERVICE]: Login presence ok"); + + m_log.DebugFormat("[GATEKEEPER SERVICE]: Login presence {0} is ok", aCircuit.Name); // Also login foreigners with GridUser service if (m_GridUserService != null && account == null) @@ -357,7 +414,9 @@ namespace OpenSim.Services.HypergridService reason = "Destination region not found"; return false; } - m_log.DebugFormat("[GATEKEEPER SERVICE]: destination ok: {0}", destination.RegionName); + + m_log.DebugFormat( + "[GATEKEEPER SERVICE]: Destination {0} is ok for {1}", destination.RegionName, aCircuit.Name); // // Adjust the visible name @@ -374,7 +433,7 @@ namespace OpenSim.Services.HypergridService try { Uri uri = new Uri(aCircuit.ServiceURLs["HomeURI"].ToString()); - aCircuit.lastname = "@" + uri.Host; // + ":" + uri.Port; + aCircuit.lastname = "@" + uri.Authority; } catch { @@ -391,8 +450,16 @@ namespace OpenSim.Services.HypergridService // Preserve our TeleportFlags we have gathered so-far loginFlag |= (Constants.TeleportFlags) aCircuit.teleportFlags; - m_log.DebugFormat("[GATEKEEPER SERVICE]: launching agent {0}", loginFlag); - return m_SimulationService.CreateAgent(destination, aCircuit, (uint)loginFlag, out reason); + m_log.DebugFormat("[GATEKEEPER SERVICE]: Launching {0}, Teleport Flags: {1}", aCircuit.Name, loginFlag); + + EntityTransferContext ctx = new EntityTransferContext(); + + if (!m_SimulationService.QueryAccess( + destination, aCircuit.AgentID, aCircuit.ServiceURLs["HomeURI"].ToString(), + true, aCircuit.startpos, new List(), ctx, out reason)) + return false; + + return m_SimulationService.CreateAgent(source, destination, aCircuit, (uint)loginFlag, out reason); } protected bool Authenticate(AgentCircuitData aCircuit) @@ -400,6 +467,12 @@ namespace OpenSim.Services.HypergridService if (!CheckAddress(aCircuit.ServiceSessionID)) return false; + if (string.IsNullOrEmpty(aCircuit.IPAddress)) + { + m_log.DebugFormat("[GATEKEEPER SERVICE]: Agent did not provide a client IP address."); + return false; + } + string userURL = string.Empty; if (aCircuit.ServiceURLs.ContainsKey("HomeURI")) userURL = aCircuit.ServiceURLs["HomeURI"].ToString(); -- cgit v1.1