Merge branch 'avination' into careminster

Conflicts:
	OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs
avinationmerge
Melanie 2012-07-29 16:11:20 +01:00
commit e012c81d7c
5 changed files with 62 additions and 5 deletions

View File

@ -492,6 +492,8 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver
return null;
}
return account;
/*
try
{
string encpass = Util.Md5Hash(pass);
@ -512,6 +514,7 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver
m_log.ErrorFormat("[INVENTORY ARCHIVER]: Could not authenticate password, {0}", e.Message);
return null;
}
*/
}
/// <summary>

View File

@ -80,7 +80,7 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp
/// <summary>
/// Maximum number of external urls that can be set up by this module.
/// </summary>
private int m_TotalUrls = 5000;
private int m_TotalUrls = 15000;
private uint https_port = 0;
private IHttpServer m_HttpServer = null;

View File

@ -3817,6 +3817,9 @@ namespace OpenSim.Region.Framework.Scenes
if (p == null)
return;
ControllingClient.SendTakeControls(controls, false, false);
ControllingClient.SendTakeControls(controls, true, false);
ScriptControllers obj = new ScriptControllers();
obj.ignoreControls = ScriptControlled.CONTROL_ZERO;
obj.eventControls = ScriptControlled.CONTROL_ZERO;

View File

@ -1027,7 +1027,7 @@ namespace OpenSim.Region.Physics.OdePlugin
{
d.AABB aabb;
d.GeomGetAABB(g2, out aabb);
float tmp = vtmp.Z - sz * .25f;
float tmp = vtmp.Z - sz * .18f;
if (aabb.MaxZ < tmp)
{
@ -1057,7 +1057,7 @@ namespace OpenSim.Region.Physics.OdePlugin
{
d.AABB aabb;
d.GeomGetAABB(g1, out aabb);
float tmp = vtmp.Z - sz * .25f;
float tmp = vtmp.Z - sz * .18f;
if (aabb.MaxZ < tmp)
{

View File

@ -3315,8 +3315,6 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
{
// Unregister controls from Presence
presence.UnRegisterControlEventsToScript(m_host.LocalId, m_item.ItemID);
// Remove Take Control permission.
m_item.PermsMask &= ~ScriptBaseClass.PERMISSION_TAKE_CONTROLS;
}
}
}
@ -11471,6 +11469,59 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
if (userAgent != null)
httpHeaders["User-Agent"] = userAgent;
// See if the URL contains any header hacks
string[] urlParts = url.Split(new char[] {'\n'});
if (urlParts.Length > 1)
{
// Iterate the passed headers and parse them
for (int i = 1 ; i < urlParts.Length ; i++ )
{
// The rest of those would be added to the body in SL.
// Let's not do that.
if (urlParts[i] == String.Empty)
break;
// See if this could be a valid header
string[] headerParts = urlParts[i].Split(new char[] {':'}, 2);
if (headerParts.Length != 2)
continue;
string headerName = headerParts[0].Trim();
string headerValue = headerParts[1].Trim();
// Filter out headers that could be used to abuse
// another system or cloak the request
if (headerName.ToLower() == "x-secondlife-shard" ||
headerName.ToLower() == "x-secondlife-object-name" ||
headerName.ToLower() == "x-secondlife-object-key" ||
headerName.ToLower() == "x-secondlife-region" ||
headerName.ToLower() == "x-secondlife-local-position" ||
headerName.ToLower() == "x-secondlife-local-velocity" ||
headerName.ToLower() == "x-secondlife-local-rotation" ||
headerName.ToLower() == "x-secondlife-owner-name" ||
headerName.ToLower() == "x-secondlife-owner-key" ||
headerName.ToLower() == "connection" ||
headerName.ToLower() == "content-length" ||
headerName.ToLower() == "from" ||
headerName.ToLower() == "host" ||
headerName.ToLower() == "proxy-authorization" ||
headerName.ToLower() == "referer" ||
headerName.ToLower() == "trailer" ||
headerName.ToLower() == "transfer-encoding" ||
headerName.ToLower() == "via" ||
headerName.ToLower() == "authorization")
continue;
httpHeaders[headerName] = headerValue;
}
// Finally, strip any protocol specifier from the URL
url = urlParts[0].Trim();
int idx = url.IndexOf(" HTTP/");
if (idx != -1)
url = url.Substring(0, idx);
}
string authregex = @"^(https?:\/\/)(\w+):(\w+)@(.*)$";
Regex r = new Regex(authregex);
int[] gnums = r.GetGroupNumbers();