OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add MessageKey to section Messaging, a key that prevents injection of 

IM from external sources
avinationmerge
Melanie 2010-12-30 20:57:56 +01:00
parent 98769ed040
commit 24a997eb7c
1 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
OpenSim/Region/CoreModules/Avatar/InstantMessage/MessageTransferModule.cs
View File

@ -47,6 +47,7 @@ namespace OpenSim.Region.CoreModules.Avatar.InstantMessage
private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
private bool m_Enabled = false; private bool m_Enabled = false;
protected string m_MessageKey = String.Empty;
protected List<Scene> m_Scenes = new List<Scene>(); protected List<Scene> m_Scenes = new List<Scene>();
protected Dictionary<UUID, UUID> m_UserRegionMap = new Dictionary<UUID, UUID>(); protected Dictionary<UUID, UUID> m_UserRegionMap = new Dictionary<UUID, UUID>();
@ -66,14 +67,17 @@ namespace OpenSim.Region.CoreModules.Avatar.InstantMessage
public virtual void Initialise(IConfigSource config) public virtual void Initialise(IConfigSource config)
{ {
IConfig cnf = config.Configs["Messaging"]; IConfig cnf = config.Configs["Messaging"];
if (cnf != null && cnf.GetString( if (cnf != null)
"MessageTransferModule", "MessageTransferModule") !=
"MessageTransferModule")
{ {
m_log.Debug("[MESSAGE TRANSFER]: Disabled by configuration"); if (cnf.GetString("MessageTransferModule",
return; "MessageTransferModule") != "MessageTransferModule")
} {
return;
}
m_MessageKey = cnf.GetString("MessageKey", String.Empty);
}
m_log.Debug("[MESSAGE TRANSFER]: Module enabled");
m_Enabled = true; m_Enabled = true;
} }
@ -250,6 +254,19 @@ namespace OpenSim.Region.CoreModules.Avatar.InstantMessage
&& requestData.ContainsKey("position_z") && requestData.ContainsKey("region_id") && requestData.ContainsKey("position_z") && requestData.ContainsKey("region_id")
&& requestData.ContainsKey("binary_bucket")) && requestData.ContainsKey("binary_bucket"))
{ {
if (m_MessageKey != String.Empty)
{
XmlRpcResponse error_resp = new XmlRpcResponse();
Hashtable error_respdata = new Hashtable();
error_respdata["success"] = "FALSE";
error_resp.Value = error_respdata;
if (!requestData.Contains("message_key"))
return error_resp;
if (m_MessageKey != (string)requestData["message_key"])
return error_resp;
}
// Do the easy way of validating the UUIDs // Do the easy way of validating the UUIDs
UUID.TryParse((string)requestData["from_agent_id"], out fromAgentID); UUID.TryParse((string)requestData["from_agent_id"], out fromAgentID);
UUID.TryParse((string)requestData["to_agent_id"], out toAgentID); UUID.TryParse((string)requestData["to_agent_id"], out toAgentID);
@ -681,6 +698,8 @@ namespace OpenSim.Region.CoreModules.Avatar.InstantMessage
gim["position_z"] = msg.Position.Z.ToString(); gim["position_z"] = msg.Position.Z.ToString();
gim["region_id"] = msg.RegionID.ToString(); gim["region_id"] = msg.RegionID.ToString();
gim["binary_bucket"] = Convert.ToBase64String(msg.binaryBucket,Base64FormattingOptions.None); gim["binary_bucket"] = Convert.ToBase64String(msg.binaryBucket,Base64FormattingOptions.None);
if (m_MessageKey != String.Empty)
gim["message_key"] = m_MessageKey;
return gim; return gim;
} }