From e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Wed, 27 Apr 2011 07:02:37 -0700 Subject: Thank you Snoopy for a patch that adds some filtering to client versions allowed at login and HG-login times. NOTE: additional (optional) configuration variables in [LoginService] and [GatekeeperService]. See .examples. --- OpenSim/Services/LLLoginService/LLLoginService.cs | 40 +++++++++++++++++++++-- 1 file changed, 37 insertions(+), 3 deletions(-) (limited to 'OpenSim/Services/LLLoginService') diff --git a/OpenSim/Services/LLLoginService/LLLoginService.cs b/OpenSim/Services/LLLoginService/LLLoginService.cs index d364aa4..9bcc3dd 100644 --- a/OpenSim/Services/LLLoginService/LLLoginService.cs +++ b/OpenSim/Services/LLLoginService/LLLoginService.cs @@ -77,7 +77,11 @@ namespace OpenSim.Services.LLLoginService protected string m_MapTileURL; protected string m_SearchURL; + protected string m_AllowedClients; + protected string m_DeniedClients; + IConfig m_LoginServerConfig; + IConfig m_ClientsConfig; public LLLoginService(IConfigSource config, ISimulationService simService, ILibraryService libraryService) { @@ -105,7 +109,10 @@ namespace OpenSim.Services.LLLoginService m_GatekeeperURL = m_LoginServerConfig.GetString("GatekeeperURI", string.Empty); m_MapTileURL = m_LoginServerConfig.GetString("MapTileURL", string.Empty); m_SearchURL = m_LoginServerConfig.GetString("SearchURL", string.Empty); - + + m_AllowedClients = m_LoginServerConfig.GetString("AllowedClients", string.Empty); + m_DeniedClients = m_LoginServerConfig.GetString("DeniedClients", string.Empty); + // These are required; the others aren't if (accountService == string.Empty || authService == string.Empty) throw new Exception("LoginService is missing service specifications"); @@ -215,11 +222,38 @@ namespace OpenSim.Services.LLLoginService bool success = false; UUID session = UUID.Random(); - m_log.InfoFormat("[LLOGIN SERVICE]: Login request for {0} {1} from {2} with user agent {3} starting in {4}", - firstName, lastName, clientIP.Address.ToString(), clientVersion, startLocation); + m_log.InfoFormat("[LLOGIN SERVICE]: Login request for {0} {1} at {2} using viewer {3}, channel {4}, IP {5}, Mac {6}, Id0 {7}", + firstName, lastName, startLocation, clientVersion, channel, clientIP.Address.ToString(), mac, id0); try { // + // Check client + // + if (m_AllowedClients != string.Empty) + { + Regex arx = new Regex(m_AllowedClients); + Match am = arx.Match(clientVersion); + + if (!am.Success) + { + m_log.InfoFormat("[LLOGIN SERVICE]: Login failed, reason: client {0} is not allowed", clientVersion); + return LLFailedLoginResponse.LoginBlockedProblem; + } + } + + if (m_DeniedClients != string.Empty) + { + Regex drx = new Regex(m_DeniedClients); + Match dm = drx.Match(clientVersion); + + if (dm.Success) + { + m_log.InfoFormat("[LLOGIN SERVICE]: Login failed, reason: client {0} is denied", clientVersion); + return LLFailedLoginResponse.LoginBlockedProblem; + } + } + + // // Get the account and check that it exists // UserAccount account = m_UserAccountService.GetUserAccount(scopeID, firstName, lastName); -- cgit v1.1