More HG 2.0: access control at the Gatekeeper. \o/
parent
ebd99c9e3e
commit
48f4b32d7f
|
@ -58,9 +58,11 @@ namespace OpenSim.Services.HypergridService
|
|||
private static IUserAgentService m_UserAgentService;
|
||||
private static ISimulationService m_SimulationService;
|
||||
|
||||
protected string m_AllowedClients = string.Empty;
|
||||
protected string m_DeniedClients = string.Empty;
|
||||
private static string m_AllowedClients = string.Empty;
|
||||
private static string m_DeniedClients = string.Empty;
|
||||
private static bool m_ForeignAgentsAllowed = true;
|
||||
private static List<string> m_ForeignsAllowedExceptions = new List<string>();
|
||||
private static List<string> m_ForeignsDisallowedExceptions = new List<string>();
|
||||
|
||||
private static UUID m_ScopeID;
|
||||
private static bool m_AllowTeleportsToAnyRegion;
|
||||
|
@ -113,6 +115,9 @@ namespace OpenSim.Services.HypergridService
|
|||
m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty);
|
||||
m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true);
|
||||
|
||||
LoadDomainExceptionsFromConfig(serverConfig, "AllowExcept", m_ForeignsAllowedExceptions);
|
||||
LoadDomainExceptionsFromConfig(serverConfig, "DisallowExcept", m_ForeignsDisallowedExceptions);
|
||||
|
||||
if (m_GridService == null || m_PresenceService == null || m_SimulationService == null)
|
||||
throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function.");
|
||||
|
||||
|
@ -125,6 +130,15 @@ namespace OpenSim.Services.HypergridService
|
|||
{
|
||||
}
|
||||
|
||||
protected void LoadDomainExceptionsFromConfig(IConfig config, string variable, List<string> exceptions)
|
||||
{
|
||||
string value = config.GetString(variable, string.Empty);
|
||||
string[] parts = value.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
|
||||
|
||||
foreach (string s in parts)
|
||||
exceptions.Add(s.Trim());
|
||||
}
|
||||
|
||||
public bool LinkRegion(string regionName, out UUID regionID, out ulong regionHandle, out string externalName, out string imageURL, out string reason)
|
||||
{
|
||||
regionID = UUID.Zero;
|
||||
|
@ -260,14 +274,25 @@ namespace OpenSim.Services.HypergridService
|
|||
m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok");
|
||||
|
||||
//
|
||||
// Foreign agents allowed
|
||||
// Foreign agents allowed? Exceptions?
|
||||
//
|
||||
if (account == null && !m_ForeignAgentsAllowed)
|
||||
if (account == null)
|
||||
{
|
||||
reason = "Unauthorized";
|
||||
m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1}. Refusing service.",
|
||||
aCircuit.firstname, aCircuit.lastname);
|
||||
return false;
|
||||
bool allowed = m_ForeignAgentsAllowed;
|
||||
|
||||
if (m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsAllowedExceptions))
|
||||
allowed = false;
|
||||
|
||||
if (!m_ForeignAgentsAllowed && IsException(aCircuit, m_ForeignsDisallowedExceptions))
|
||||
allowed = true;
|
||||
|
||||
if (!allowed)
|
||||
{
|
||||
reason = "Destination does not allow visitors from your world";
|
||||
m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1} @ {2}. Refusing service.",
|
||||
aCircuit.firstname, aCircuit.lastname, aCircuit.ServiceURLs["HomeURI"]);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// May want to authorize
|
||||
|
@ -393,6 +418,27 @@ namespace OpenSim.Services.HypergridService
|
|||
|
||||
#region Misc
|
||||
|
||||
private bool IsException(AgentCircuitData aCircuit, List<string> exceptions)
|
||||
{
|
||||
bool exception = false;
|
||||
if (exceptions.Count > 0) // we have exceptions
|
||||
{
|
||||
// Retrieve the visitor's origin
|
||||
string userURL = aCircuit.ServiceURLs["HomeURI"].ToString();
|
||||
if (!userURL.EndsWith("/"))
|
||||
userURL += "/";
|
||||
|
||||
if (exceptions.Find(delegate(string s)
|
||||
{
|
||||
if (!s.EndsWith("/"))
|
||||
s += "/";
|
||||
return s == userURL;
|
||||
}) != null)
|
||||
exception = true;
|
||||
}
|
||||
|
||||
return exception;
|
||||
}
|
||||
|
||||
#endregion
|
||||
}
|
||||
|
|
|
@ -396,6 +396,18 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
|
|||
;AllowedClients = ""
|
||||
;DeniedClients = ""
|
||||
|
||||
;; Are foreign visitors allowed?
|
||||
;ForeignAgentsAllowed = true
|
||||
;;
|
||||
;; If ForeignAgentsAllowed is true, make exceptions using AllowExcept.
|
||||
;; Leave blank or commented for no exceptions.
|
||||
; AllowExcept = "http://griefer.com:8002, http://enemy.com:8002"
|
||||
;;
|
||||
;; If ForeignAgentsAllowed is false, make exceptions using DisallowExcept
|
||||
;; Leave blank or commented for no exceptions.
|
||||
; DisallowExcept = "http://myfriendgrid.com:8002, http://myboss.com:8002"
|
||||
|
||||
|
||||
[UserAgentService]
|
||||
LocalServiceModule = "OpenSim.Services.HypergridService.dll:UserAgentService"
|
||||
;; for the service
|
||||
|
|
|
@ -164,8 +164,17 @@
|
|||
;AllowedClients = ""
|
||||
;DeniedClients = ""
|
||||
|
||||
;; Are foreign visitors allowed
|
||||
;; Are foreign visitors allowed?
|
||||
;ForeignAgentsAllowed = true
|
||||
;;
|
||||
;; If ForeignAgentsAllowed is true, make exceptions using AllowExcept.
|
||||
;; Leave blank or commented for no exceptions.
|
||||
; AllowExcept = "http://griefer.com:8002, http://enemy.com:8002"
|
||||
;;
|
||||
;; If ForeignAgentsAllowed is false, make exceptions using DisallowExcept
|
||||
;; Leave blank or commented for no exceptions.
|
||||
; DisallowExcept = "http://myfriendgrid.com:8002, http://myboss.com:8002"
|
||||
|
||||
|
||||
[FreeswitchService]
|
||||
;; If FreeSWITCH is not being used then you don't need to set any of these parameters
|
||||
|
|
Loading…
Reference in New Issue