e19defde36
This currently prints caps requests received and handled, so that overload of received compared to handled or deadlock can be detected. This involves making BaseStreamHandler and BaseOutputStream record the ints, which means inheritors should subclass ProcessRequest() instead of Handle() However, existing inheriting classes overriding Handle() will still work, albeit without stats recording. "show caps" becomes "show caps list" to disambiguate between show caps commands
328 lines
11 KiB
C#
328 lines
11 KiB
C#
/*
|
|
* Copyright (c) Contributors, http://opensimulator.org/
|
|
* See CONTRIBUTORS.TXT for a full list of copyright holders.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions are met:
|
|
* * Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* * Neither the name of the OpenSimulator Project nor the
|
|
* names of its contributors may be used to endorse or promote products
|
|
* derived from this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
|
|
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
|
|
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
|
|
using Nini.Config;
|
|
using log4net;
|
|
using System;
|
|
using System.Reflection;
|
|
using System.IO;
|
|
using System.Net;
|
|
using System.Text;
|
|
using System.Text.RegularExpressions;
|
|
using System.Xml;
|
|
using System.Xml.Serialization;
|
|
using System.Collections.Generic;
|
|
using OpenSim.Server.Base;
|
|
using OpenSim.Services.Interfaces;
|
|
using OpenSim.Framework;
|
|
using OpenSim.Framework.Servers.HttpServer;
|
|
using OpenMetaverse;
|
|
|
|
namespace OpenSim.Server.Handlers.Authentication
|
|
{
|
|
public class AuthenticationServerPostHandler : BaseStreamHandler
|
|
{
|
|
private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
|
|
|
|
private IAuthenticationService m_AuthenticationService;
|
|
|
|
private bool m_AllowGetAuthInfo = false;
|
|
private bool m_AllowSetAuthInfo = false;
|
|
private bool m_AllowSetPassword = false;
|
|
|
|
public AuthenticationServerPostHandler(IAuthenticationService service) :
|
|
this(service, null) {}
|
|
|
|
public AuthenticationServerPostHandler(IAuthenticationService service, IConfig config) :
|
|
base("POST", "/auth")
|
|
{
|
|
m_AuthenticationService = service;
|
|
|
|
if (config != null)
|
|
{
|
|
m_AllowGetAuthInfo = config.GetBoolean("AllowGetAuthInfo", m_AllowGetAuthInfo);
|
|
m_AllowSetAuthInfo = config.GetBoolean("AllowSetAuthInfo", m_AllowSetAuthInfo);
|
|
m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
|
|
}
|
|
}
|
|
|
|
protected override byte[] ProcessRequest(string path, Stream request,
|
|
IOSHttpRequest httpRequest, IOSHttpResponse httpResponse)
|
|
{
|
|
string[] p = SplitParams(path);
|
|
|
|
if (p.Length > 0)
|
|
{
|
|
switch (p[0])
|
|
{
|
|
case "plain":
|
|
StreamReader sr = new StreamReader(request);
|
|
string body = sr.ReadToEnd();
|
|
sr.Close();
|
|
|
|
return DoPlainMethods(body);
|
|
case "crypt":
|
|
byte[] buffer = new byte[request.Length];
|
|
long length = request.Length;
|
|
if (length > 16384)
|
|
length = 16384;
|
|
request.Read(buffer, 0, (int)length);
|
|
|
|
return DoEncryptedMethods(buffer);
|
|
}
|
|
}
|
|
return new byte[0];
|
|
}
|
|
|
|
private byte[] DoPlainMethods(string body)
|
|
{
|
|
Dictionary<string, object> request =
|
|
ServerUtils.ParseQueryString(body);
|
|
|
|
int lifetime = 30;
|
|
|
|
if (request.ContainsKey("LIFETIME"))
|
|
{
|
|
lifetime = Convert.ToInt32(request["LIFETIME"].ToString());
|
|
if (lifetime > 30)
|
|
lifetime = 30;
|
|
}
|
|
|
|
if (!request.ContainsKey("METHOD"))
|
|
return FailureResult();
|
|
if (!request.ContainsKey("PRINCIPAL"))
|
|
return FailureResult();
|
|
|
|
string method = request["METHOD"].ToString();
|
|
|
|
UUID principalID;
|
|
string token;
|
|
|
|
if (!UUID.TryParse(request["PRINCIPAL"].ToString(), out principalID))
|
|
return FailureResult();
|
|
|
|
switch (method)
|
|
{
|
|
case "authenticate":
|
|
if (!request.ContainsKey("PASSWORD"))
|
|
return FailureResult();
|
|
|
|
token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
|
|
|
|
if (token != String.Empty)
|
|
return SuccessResult(token);
|
|
return FailureResult();
|
|
|
|
case "setpassword":
|
|
if (!m_AllowSetPassword)
|
|
return FailureResult();
|
|
|
|
if (!request.ContainsKey("PASSWORD"))
|
|
return FailureResult();
|
|
|
|
if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
|
|
return SuccessResult();
|
|
else
|
|
return FailureResult();
|
|
|
|
case "verify":
|
|
if (!request.ContainsKey("TOKEN"))
|
|
return FailureResult();
|
|
|
|
if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
|
|
return SuccessResult();
|
|
|
|
return FailureResult();
|
|
|
|
case "release":
|
|
if (!request.ContainsKey("TOKEN"))
|
|
return FailureResult();
|
|
|
|
if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
|
|
return SuccessResult();
|
|
|
|
return FailureResult();
|
|
|
|
case "getauthinfo":
|
|
if (m_AllowGetAuthInfo)
|
|
return GetAuthInfo(principalID);
|
|
|
|
break;
|
|
|
|
case "setauthinfo":
|
|
if (m_AllowSetAuthInfo)
|
|
return SetAuthInfo(principalID, request);
|
|
|
|
break;
|
|
}
|
|
|
|
return FailureResult();
|
|
}
|
|
|
|
private byte[] DoEncryptedMethods(byte[] ciphertext)
|
|
{
|
|
return new byte[0];
|
|
}
|
|
|
|
private byte[] SuccessResult()
|
|
{
|
|
XmlDocument doc = new XmlDocument();
|
|
|
|
XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
|
|
"", "");
|
|
|
|
doc.AppendChild(xmlnode);
|
|
|
|
XmlElement rootElement = doc.CreateElement("", "ServerResponse",
|
|
"");
|
|
|
|
doc.AppendChild(rootElement);
|
|
|
|
XmlElement result = doc.CreateElement("", "Result", "");
|
|
result.AppendChild(doc.CreateTextNode("Success"));
|
|
|
|
rootElement.AppendChild(result);
|
|
|
|
return DocToBytes(doc);
|
|
}
|
|
|
|
byte[] GetAuthInfo(UUID principalID)
|
|
{
|
|
AuthInfo info = m_AuthenticationService.GetAuthInfo(principalID);
|
|
|
|
if (info != null)
|
|
{
|
|
Dictionary<string, object> result = new Dictionary<string, object>();
|
|
result["result"] = info.ToKeyValuePairs();
|
|
|
|
return ResultToBytes(result);
|
|
}
|
|
else
|
|
{
|
|
return FailureResult();
|
|
}
|
|
}
|
|
|
|
byte[] SetAuthInfo(UUID principalID, Dictionary<string, object> request)
|
|
{
|
|
AuthInfo existingInfo = m_AuthenticationService.GetAuthInfo(principalID);
|
|
|
|
if (existingInfo == null)
|
|
return FailureResult();
|
|
|
|
if (request.ContainsKey("AccountType"))
|
|
existingInfo.AccountType = request["AccountType"].ToString();
|
|
|
|
if (request.ContainsKey("PasswordHash"))
|
|
existingInfo.PasswordHash = request["PasswordHash"].ToString();
|
|
|
|
if (request.ContainsKey("PasswordSalt"))
|
|
existingInfo.PasswordSalt = request["PasswordSalt"].ToString();
|
|
|
|
if (request.ContainsKey("WebLoginKey"))
|
|
existingInfo.WebLoginKey = request["WebLoginKey"].ToString();
|
|
|
|
if (!m_AuthenticationService.SetAuthInfo(existingInfo))
|
|
{
|
|
m_log.ErrorFormat(
|
|
"[AUTHENTICATION SERVER POST HANDLER]: Authentication info store failed for account {0} {1} {2}",
|
|
existingInfo.PrincipalID);
|
|
|
|
return FailureResult();
|
|
}
|
|
|
|
return SuccessResult();
|
|
}
|
|
|
|
private byte[] FailureResult()
|
|
{
|
|
XmlDocument doc = new XmlDocument();
|
|
|
|
XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
|
|
"", "");
|
|
|
|
doc.AppendChild(xmlnode);
|
|
|
|
XmlElement rootElement = doc.CreateElement("", "ServerResponse",
|
|
"");
|
|
|
|
doc.AppendChild(rootElement);
|
|
|
|
XmlElement result = doc.CreateElement("", "Result", "");
|
|
result.AppendChild(doc.CreateTextNode("Failure"));
|
|
|
|
rootElement.AppendChild(result);
|
|
|
|
return DocToBytes(doc);
|
|
}
|
|
|
|
private byte[] SuccessResult(string token)
|
|
{
|
|
XmlDocument doc = new XmlDocument();
|
|
|
|
XmlNode xmlnode = doc.CreateNode(XmlNodeType.XmlDeclaration,
|
|
"", "");
|
|
|
|
doc.AppendChild(xmlnode);
|
|
|
|
XmlElement rootElement = doc.CreateElement("", "ServerResponse",
|
|
"");
|
|
|
|
doc.AppendChild(rootElement);
|
|
|
|
XmlElement result = doc.CreateElement("", "Result", "");
|
|
result.AppendChild(doc.CreateTextNode("Success"));
|
|
|
|
rootElement.AppendChild(result);
|
|
|
|
XmlElement t = doc.CreateElement("", "Token", "");
|
|
t.AppendChild(doc.CreateTextNode(token));
|
|
|
|
rootElement.AppendChild(t);
|
|
|
|
return DocToBytes(doc);
|
|
}
|
|
|
|
private byte[] DocToBytes(XmlDocument doc)
|
|
{
|
|
MemoryStream ms = new MemoryStream();
|
|
XmlTextWriter xw = new XmlTextWriter(ms, null);
|
|
xw.Formatting = Formatting.Indented;
|
|
doc.WriteTo(xw);
|
|
xw.Flush();
|
|
|
|
return ms.GetBuffer();
|
|
}
|
|
|
|
private byte[] ResultToBytes(Dictionary<string, object> result)
|
|
{
|
|
string xmlString = ServerUtils.BuildXmlResponse(result);
|
|
return Util.UTF8NoBomEncoding.GetBytes(xmlString);
|
|
}
|
|
}
|
|
}
|