From e0576b56d376d6bc7b9c5c3818acbdbcdb0dc56f Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Wed, 27 Apr 2011 07:02:37 -0700 Subject: Thank you Snoopy for a patch that adds some filtering to client versions allowed at login and HG-login times. NOTE: additional (optional) configuration variables in [LoginService] and [GatekeeperService]. See .examples. --- bin/Robust.HG.ini.example | 33 ++++++++++++++++++++++++ bin/Robust.ini.example | 17 +++++++++++++ bin/config-include/StandaloneCommon.ini.example | 34 +++++++++++++++++++++++++ 3 files changed, 84 insertions(+) (limited to 'bin') diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example index f2f2a66..572497c 100644 --- a/bin/Robust.HG.ini.example +++ b/bin/Robust.HG.ini.example @@ -197,6 +197,23 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 SRV_AssetServerURI = "http://127.0.0.1:8002" SRV_ProfileServerURI = "http://127.0.0.1:8002/user" + ;; Regular expressions for controlling which client versions are accepted/denied. + ;; An empty string means nothing is checked. + ;; + ;; Example 1: allow only these 3 types of clients (any version of them) + ;; AllowedClients = "Imprudence|Hippo|Second Life" + ;; + ;; Example 2: allow all clients except these + ;; DeniedClients = "Twisted|Crawler|Cryolife|FuckLife|StreetLife|GreenLife|AntiLife|KORE-Phaze|Synlyfe|Purple Second Life|SecondLi |Emerald" + ;; + ;; Note that these are regular expressions, so every character counts. + ;; Also note that this is very weak security and should not be trusted as a reliable means + ;; for keeping bad clients out; modified clients can fake their identifiers. + ;; + ;; + ;AllowedClients = "" + ;DeniedClients = "" + [GridInfoService] ; These settings are used to return information on a get_grid_info call. ; Client launcher scripts and third-party clients make use of this to @@ -256,6 +273,22 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 ; If you run this gatekeeper server behind a proxy, set this to true ; HasProxy = false + ;; Regular expressions for controlling which client versions are accepted/denied. + ;; An empty string means nothing is checked. + ;; + ;; Example 1: allow only these 3 types of clients (any version of them) + ;; AllowedClients = "Imprudence|Hippo|Second Life" + ;; + ;; Example 2: allow all clients except these + ;; DeniedClients = "Twisted|Crawler|Cryolife|FuckLife|StreetLife|GreenLife|AntiLife|KORE-Phaze|Synlyfe|Purple Second Life|SecondLi |Emerald" + ;; + ;; Note that these are regular expressions, so every character counts. + ;; Also note that this is very weak security and should not be trusted as a reliable means + ;; for keeping bad clients out; modified clients can fake their identifiers. + ;; + ;; + ;AllowedClients = "" + ;DeniedClients = "" [UserAgentService] LocalServiceModule = "OpenSim.Services.HypergridService.dll:UserAgentService" diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index aef0596..047e9ee 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example @@ -176,6 +176,23 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 ; If you run this login server behind a proxy, set this to true ; HasProxy = false + ;; Regular expressions for controlling which client versions are accepted/denied. + ;; An empty string means nothing is checked. + ;; + ;; Example 1: allow only these 3 types of clients (any version of them) + ;; AllowedClients = "Imprudence|Hippo|Second Life" + ;; + ;; Example 2: allow all clients except these + ;; DeniedClients = "Twisted|Crawler|Cryolife|FuckLife|StreetLife|GreenLife|AntiLife|KORE-Phaze|Synlyfe|Purple Second Life|SecondLi |Emerald" + ;; + ;; Note that these are regular expressions, so every character counts. + ;; Also note that this is very weak security and should not be trusted as a reliable means + ;; for keeping bad clients out; modified clients can fake their identifiers. + ;; + ;; + ;AllowedClients = "" + ;DeniedClients = "" + [GridInfoService] ; These settings are used to return information on a get_grid_info call. ; Client launcher scripts and third-party clients make use of this to diff --git a/bin/config-include/StandaloneCommon.ini.example b/bin/config-include/StandaloneCommon.ini.example index dcebd63..67efa11 100644 --- a/bin/config-include/StandaloneCommon.ini.example +++ b/bin/config-include/StandaloneCommon.ini.example @@ -83,6 +83,23 @@ SRV_AssetServerURI = "http://127.0.0.1:9000" SRV_ProfileServerURI = "http://127.0.0.1:9000" + ;; Regular expressions for controlling which client versions are accepted/denied. + ;; An empty string means nothing is checked. + ;; + ;; Example 1: allow only these 3 types of clients (any version of them) + ;; AllowedClients = "Imprudence|Hippo|Second Life" + ;; + ;; Example 2: allow all clients except these + ;; DeniedClients = "Twisted|Crawler|Cryolife|FuckLife|StreetLife|GreenLife|AntiLife|KORE-Phaze|Synlyfe|Purple Second Life|SecondLi |Emerald" + ;; + ;; Note that these are regular expressions, so every character counts. + ;; Also note that this is very weak security and should not be trusted as a reliable means + ;; for keeping bad clients out; modified clients can fake their identifiers. + ;; + ;; + ;AllowedClients = "" + ;DeniedClients = "" + [GatekeeperService] ExternalName = "http://127.0.0.1:9000" @@ -90,6 +107,23 @@ ; If false, HG TPs happen only to the Default regions specified in [GridService] section AllowTeleportsToAnyRegion = true + ;; Regular expressions for controlling which client versions are accepted/denied. + ;; An empty string means nothing is checked. + ;; + ;; Example 1: allow only these 3 types of clients (any version of them) + ;; AllowedClients = "Imprudence|Hippo|Second Life" + ;; + ;; Example 2: allow all clients except these + ;; DeniedClients = "Twisted|Crawler|Cryolife|FuckLife|StreetLife|GreenLife|AntiLife|KORE-Phaze|Synlyfe|Purple Second Life|SecondLi |Emerald" + ;; + ;; Note that these are regular expressions, so every character counts. + ;; Also note that this is very weak security and should not be trusted as a reliable means + ;; for keeping bad clients out; modified clients can fake their identifiers. + ;; + ;; + ;AllowedClients = "" + ;DeniedClients = "" + [GridInfoService] ; These settings are used to return information on a get_grid_info call. ; Client launcher scripts and third-party clients make use of this to -- cgit v1.1