OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add mac banning 

Signed-off-by: UbitUmarov <ajlduarte@sapo.pt>
0.9.1.0-post-fixes
Vincent Sylvester 2018-04-24 20:57:38 +02:00 committed by UbitUmarov
parent 102fbf8422
commit 6e3f934c4b
2 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
OpenSim/Services/HypergridService/GatekeeperService.cs
View File

@ -62,6 +62,7 @@ namespace OpenSim.Services.HypergridService
private static string m_AllowedClients = string.Empty;
private static string m_DeniedClients = string.Empty;
private static string m_DeniedMacs = string.Empty;
private static bool m_ForeignAgentsAllowed = true;
private static List<string> m_ForeignsAllowedExceptions = new List<string>();
private static List<string> m_ForeignsDisallowedExceptions = new List<string>();
@ -137,6 +138,8 @@ namespace OpenSim.Services.HypergridService
config, "AllowedClients", possibleAccessControlConfigSections, string.Empty);
m_DeniedClients = Util.GetConfigVarFromSections<string>(
config, "DeniedClients", possibleAccessControlConfigSections, string.Empty);
m_DeniedMacs = Util.GetConfigVarFromSections<string>(
config, "DeniedMacs", possibleAccessControlConfigSections, string.Empty);
m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true);
LoadDomainExceptionsFromConfig(serverConfig, "AllowExcept", m_ForeignsAllowedExceptions);
@ -275,6 +278,8 @@ namespace OpenSim.Services.HypergridService
(source == null) ? "Unknown" : string.Format("{0} ({1}){2}", source.RegionName, source.RegionID, (source.RawServerURI == null) ? "" : " @ " + source.ServerURI));
string curViewer = Util.GetViewerName(aCircuit);
string curMac = aCircuit.Mac.ToString();
//
// Check client
@ -304,6 +309,17 @@ namespace OpenSim.Services.HypergridService
return false;
}
}
if (m_DeniedMacs != string.Empty)
{
m_log.InfoFormat("[GATEKEEPER SERVICE]: Checking users Mac {0} against list of denied macs {1} ...", curMac, m_DeniedMacs);
if (m_DeniedMacs.Contains(curMac))
{
reason = "Login failed: client with Mac " + curMac + " is denied";
m_log.InfoFormat("[GATEKEEPER SERVICE]: Login failed, reason: client with mac {0} is denied", curMac);
return false;
}
}
//
// Authenticate the user

16
OpenSim/Services/LLLoginService/LLLoginService.cs
View File

@ -88,6 +88,7 @@ namespace OpenSim.Services.LLLoginService
protected string m_AvatarPicker;
protected string m_AllowedClients;
protected string m_DeniedClients;
protected string m_DeniedMacs;
protected string m_MessageUrl;
protected string m_DSTZone;
protected bool m_allowDuplicatePresences = false;
@ -134,6 +135,8 @@ namespace OpenSim.Services.LLLoginService
config, "AllowedClients", possibleAccessControlConfigSections, string.Empty);
m_DeniedClients = Util.GetConfigVarFromSections<string>(
config, "DeniedClients", possibleAccessControlConfigSections, string.Empty);
m_DeniedMacs = Util.GetConfigVarFromSections<string>(
config, "DeniedMacs", possibleAccessControlConfigSections, string.Empty);
m_MessageUrl = m_LoginServerConfig.GetString("MessageUrl", string.Empty);
m_DSTZone = m_LoginServerConfig.GetString("DSTZone", "America/Los_Angeles;Pacific Standard Time");
@ -290,6 +293,8 @@ namespace OpenSim.Services.LLLoginService
m_log.InfoFormat("[LLOGIN SERVICE]: Login request for {0} {1} at {2} using viewer {3}, channel {4}, IP {5}, Mac {6}, Id0 {7}, Possible LibOMVGridProxy: {8} ",
firstName, lastName, startLocation, clientVersion, channel, clientIP.Address.ToString(), mac, id0, LibOMVclient.ToString());
string curMac = mac.ToString();
try
{
@ -323,6 +328,17 @@ namespace OpenSim.Services.LLLoginService
return LLFailedLoginResponse.LoginBlockedProblem;
}
}
if (m_DeniedMacs != string.Empty)
{
m_log.InfoFormat("[LLOGIN SERVICE]: Checking users Mac {0} against list of denied macs {1} ...", curMac, m_DeniedMacs);
if (m_DeniedMacs.Contains(curMac))
{
m_log.InfoFormat("[LLOGIN SERVICE]: Login failed, reason: client with mac {0} is denied", curMac);
return LLFailedLoginResponse.LoginBlockedProblem;
}
}
//
// Get the account and check that it exists