From a7db55717b8faf05a14f0d9b2fa5e4c2db2d1397 Mon Sep 17 00:00:00 2001 From: MW Date: Fri, 25 Jul 2008 17:59:34 +0000 Subject: [PATCH] enabled a config option to inventory server to be able to stop it doing the SessionId lookup to the user server. As this ties a inventory server to one userserver/grid. doing the look up is still enabled by default. --- OpenSim/Framework/InventoryConfig.cs | 6 ++ .../InventoryServer/GridInventoryService.cs | 77 ++++++++++++------- OpenSim/Grid/InventoryServer/Main.cs | 1 + 3 files changed, 57 insertions(+), 27 deletions(-) diff --git a/OpenSim/Framework/InventoryConfig.cs b/OpenSim/Framework/InventoryConfig.cs index 9f182b340c..66719c65cc 100644 --- a/OpenSim/Framework/InventoryConfig.cs +++ b/OpenSim/Framework/InventoryConfig.cs @@ -44,6 +44,7 @@ namespace OpenSim.Framework public string UserRecvKey = String.Empty; public string UserSendKey = String.Empty; public string UserServerURL = String.Empty; + public bool SessionLookUp = true; public InventoryConfig(string description, string filename) { @@ -71,6 +72,8 @@ namespace OpenSim.Framework "Database Connect String", "", false); configMember.addConfigurationOption("http_port", ConfigurationOption.ConfigurationTypes.TYPE_UINT32, "Http Listener port", DefaultHttpPort.ToString(), false); + configMember.addConfigurationOption("session_lookup", ConfigurationOption.ConfigurationTypes.TYPE_BOOLEAN, + "Enable Session lookup security", "True", false); } public bool handleIncomingConfiguration(string configuration_key, object configuration_result) @@ -98,6 +101,9 @@ namespace OpenSim.Framework case "http_port": HttpPort = (uint) configuration_result; break; + case "session_lookup": + SessionLookUp = (bool)configuration_result; + break; } return true; diff --git a/OpenSim/Grid/InventoryServer/GridInventoryService.cs b/OpenSim/Grid/InventoryServer/GridInventoryService.cs index 63eeced885..46841c338a 100644 --- a/OpenSim/Grid/InventoryServer/GridInventoryService.cs +++ b/OpenSim/Grid/InventoryServer/GridInventoryService.cs @@ -47,6 +47,13 @@ namespace OpenSim.Grid.InventoryServer /// public class GridInventoryService : InventoryServiceBase { + private bool m_doLookup = false; + + public bool DoLookup + { + get { return m_doLookup; } + set { m_doLookup = value; } + } private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs @@ -61,48 +68,64 @@ namespace OpenSim.Grid.InventoryServer public bool CheckTrustSource(IPEndPoint peer) { - m_log.InfoFormat("[GRID AGENT INVENTORY]: checking trusted source {0}", peer.ToString()); - UriBuilder ub = new UriBuilder(m_userserver_url); - IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host); - foreach (IPAddress uaddr in uaddrs) { - if (uaddr.Equals(peer.Address)) { - return true; + if (m_doLookup) + { + m_log.InfoFormat("[GRID AGENT INVENTORY]: checking trusted source {0}", peer.ToString()); + UriBuilder ub = new UriBuilder(m_userserver_url); + IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host); + foreach (IPAddress uaddr in uaddrs) + { + if (uaddr.Equals(peer.Address)) + { + return true; + } } + return false; + } + else + { + return true; } - return false; } public bool CheckAuthSession(string session_id, string avatar_id) { - m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id); - if (m_session_cache.getCachedSession(session_id, avatar_id) == null) + if (m_doLookup) { - // cache miss, ask userserver - Hashtable requestData = new Hashtable(); - requestData["avatar_uuid"] = avatar_id; - requestData["session_id"] = session_id; - ArrayList SendParams = new ArrayList(); - SendParams.Add(requestData); - XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams); - XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000); - - Hashtable responseData = (Hashtable)UserResp.Value; - if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE") + m_log.InfoFormat("[GRID AGENT INVENTORY]: checking authed session {0} {1}", session_id, avatar_id); + if (m_session_cache.getCachedSession(session_id, avatar_id) == null) { - m_log.Info("[GRID AGENT INVENTORY]: got authed session from userserver"); - // add to cache; the session time will be automatically renewed - m_session_cache.Add(session_id, avatar_id); + // cache miss, ask userserver + Hashtable requestData = new Hashtable(); + requestData["avatar_uuid"] = avatar_id; + requestData["session_id"] = session_id; + ArrayList SendParams = new ArrayList(); + SendParams.Add(requestData); + XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams); + XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000); + + Hashtable responseData = (Hashtable)UserResp.Value; + if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE") + { + m_log.Info("[GRID AGENT INVENTORY]: got authed session from userserver"); + // add to cache; the session time will be automatically renewed + m_session_cache.Add(session_id, avatar_id); + return true; + } + } + else + { + // cache hits + m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache"); return true; } + m_log.Info("[GRID AGENT INVENTORY]: unknown session_id, request rejected"); + return false; } else { - // cache hits - m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache"); return true; } - m_log.Info("[GRID AGENT INVENTORY]: unknown session_id, request rejected"); - return false; } public override void RequestInventoryForUser(LLUUID userID, InventoryReceiptCallback callback) diff --git a/OpenSim/Grid/InventoryServer/Main.cs b/OpenSim/Grid/InventoryServer/Main.cs index 138aa1a823..67889acbd7 100644 --- a/OpenSim/Grid/InventoryServer/Main.cs +++ b/OpenSim/Grid/InventoryServer/Main.cs @@ -72,6 +72,7 @@ namespace OpenSim.Grid.InventoryServer //m_inventoryService = new GridInventoryService(); m_inventoryService = new GridInventoryService(m_config.UserServerURL); + m_inventoryService.DoLookup = m_config.SessionLookUp; m_inventoryService.AddPlugin(m_config.DatabaseProvider, m_config.DatabaseConnect); m_log.Info("[" + LogName + "]: Starting HTTP server ...");