From e4e754ee93de0e0b6fde3b3ccd20085d3d4a09a1 Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Fri, 27 Apr 2012 09:23:56 -0700 Subject: [PATCH] MapImageService: added an additional security check for OSGrid and other grids like it. --- .../Handlers/Map/MapAddServerConnector.cs | 48 +++++++++++++++++-- bin/Robust.HG.ini.example | 4 ++ bin/Robust.ini.example | 4 ++ 3 files changed, 51 insertions(+), 5 deletions(-) diff --git a/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs b/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs index 75dd711ed2..c87de921f4 100644 --- a/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs +++ b/OpenSim/Server/Handlers/Map/MapAddServerConnector.cs @@ -33,17 +33,24 @@ using System.Xml; using Nini.Config; using log4net; +using OpenMetaverse; +using OpenSim.Framework; using OpenSim.Server.Base; using OpenSim.Services.Interfaces; using OpenSim.Framework.Servers.HttpServer; using OpenSim.Server.Handlers.Base; +using GridRegion = OpenSim.Services.Interfaces.GridRegion; + namespace OpenSim.Server.Handlers.MapImage { public class MapAddServiceConnector : ServiceConnector { + private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); + private IMapImageService m_MapService; + private IGridService m_GridService; private string m_ConfigName = "MapImageService"; public MapAddServiceConnector(IConfigSource config, IHttpServer server, string configName) : @@ -53,16 +60,26 @@ namespace OpenSim.Server.Handlers.MapImage if (serverConfig == null) throw new Exception(String.Format("No section {0} in config file", m_ConfigName)); - string gridService = serverConfig.GetString("LocalServiceModule", + string mapService = serverConfig.GetString("LocalServiceModule", String.Empty); - if (gridService == String.Empty) + if (mapService == String.Empty) throw new Exception("No LocalServiceModule in config file"); Object[] args = new Object[] { config }; - m_MapService = ServerUtils.LoadPlugin(gridService, args); + m_MapService = ServerUtils.LoadPlugin(mapService, args); + + string gridService = serverConfig.GetString("GridService", String.Empty); + if (gridService != string.Empty) + m_GridService = ServerUtils.LoadPlugin(gridService, args); + + if (m_GridService != null) + m_log.InfoFormat("[MAP IMAGE HANDLER]: GridService check is ON"); + else + m_log.InfoFormat("[MAP IMAGE HANDLER]: GridService check is OFF"); + + server.AddStreamHandler(new MapServerPostHandler(m_MapService, m_GridService)); - server.AddStreamHandler(new MapServerPostHandler(m_MapService)); } } @@ -70,11 +87,13 @@ namespace OpenSim.Server.Handlers.MapImage { private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); private IMapImageService m_MapService; + private IGridService m_GridService; - public MapServerPostHandler(IMapImageService service) : + public MapServerPostHandler(IMapImageService service, IGridService grid) : base("POST", "/map") { m_MapService = service; + m_GridService = grid; } public override byte[] Handle(string path, Stream requestData, IOSHttpRequest httpRequest, IOSHttpResponse httpResponse) @@ -105,6 +124,25 @@ namespace OpenSim.Server.Handlers.MapImage // if (request.ContainsKey("TYPE")) // type = request["TYPE"].ToString(); + if (m_GridService != null) + { + GridRegion r = m_GridService.GetRegionByPosition(UUID.Zero, x * (int)Constants.RegionSize, y * (int)Constants.RegionSize); + if (r != null) + { + if (r.ExternalEndPoint.Address != httpRequest.RemoteIPEndPoint.Address) + { + m_log.WarnFormat("[MAP IMAGE HANDLER]: IP address {0} may be rogue", httpRequest.RemoteIPEndPoint.Address); + return FailureResult("IP address of caller does not match IP address of registered region"); + } + + } + else + { + m_log.WarnFormat("[MAP IMAGE HANDLER]: IP address {0} may be rogue", httpRequest.RemoteIPEndPoint.Address); + return FailureResult("Region not found at given coordinates"); + } + } + byte[] data = Convert.FromBase64String(request["DATA"].ToString()); string reason = string.Empty; diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example index 4ea5ffd051..1b5d37cf93 100644 --- a/bin/Robust.HG.ini.example +++ b/bin/Robust.HG.ini.example @@ -279,6 +279,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 LocalServiceModule = "OpenSim.Services.MapImageService.dll:MapImageService" ; Set this if you want to change the default ; TilesStoragePath = "maptiles" + ; + ; If for some reason you have the AddMapTile service outside the firewall (e.g. 8002), + ; you may want to set this. Otherwise, don't set it, because it's already protected. + ; GridService = "OpenSim.Services.GridService.dll:GridService" [GridInfoService] ; These settings are used to return information on a get_grid_info call. diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index 69e94a584a..40b8d833bc 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example @@ -254,6 +254,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 LocalServiceModule = "OpenSim.Services.MapImageService.dll:MapImageService" ; Set this if you want to change the default ; TilesStoragePath = "maptiles" + ; + ; If for some reason you have the AddMapTile service outside the firewall (e.g. 8002), + ; you may want to set this. Otherwise, don't set it, because it's already protected. + ; GridService = "OpenSim.Services.GridService.dll:GridService" [GridInfoService]