public ThreatLevel GetThreatLevelForUrl(string URL)
{
IWCCertificate cert = CertificateVerification.GetCertificateByUrl(URL);
if (cert != null)
{
return(cert.ThreatLevel);
}
return(m_untrustedConnectionsDefaultTrust);
}
/// <summary>
/// Add a certificate for the given connection
/// </summary>
/// <param name="module"></param>
/// <param name="cmds"></param>
private void AddIWCConnection(string module, string[] cmds)
{
string Url = MainConsole.Instance.CmdPrompt("Url to the connection");
//Be user friendly, add the http:// if needed as well as the final /
Url = (Url.StartsWith("http://") || Url.StartsWith("https://")) ? Url : "http://" + Url;
Url = Url.EndsWith("/") ? Url + "iwcconnection" : Url + "/iwcconnection";
IWCCertificate con = FindConnectionByURL(Url);
if (con != null)
{
if (con.Active)
{
m_log.Warn("A connection to this server already exists.");
}
else
{
string activate = MainConsole.Instance.CmdPrompt("A connection to this server already exists, do you wish to active it?");
if (activate == "yes" || activate == "true")
{
TryAddConnection(con);
}
}
return;
}
con = new IWCCertificate();
con.Connection = new IWCConnection();
con.Connection.RecieverURL = Url;
IHttpServer server = m_registry.RequestModuleInterface <ISimulationBase>().GetHttpServer(0);
con.Connection.SenderURL = server.HostName + ":" + server.Port + "/iwcconnection";
string timeUntilExpires = MainConsole.Instance.CmdPrompt("Time until the connection expires (ends, in days)");
string trustLevel = MainConsole.Instance.CmdPrompt("Trust level of this connection");
int timeInDays = int.Parse(timeUntilExpires);
string UserName = MainConsole.Instance.CmdPrompt("User Name for this connection (can be blank)");
string Password = MainConsole.Instance.CmdPrompt("Password for this connection");
//Build the certificate
if (UserName == "")
{
UserName = UUID.Random().ToString();
}
con.Connection.UserName = UserName;
con.Connection.Password = Password;
con.ValidUntil = DateTime.Now.AddDays(timeInDays);
//Add the certificate now
CertificateVerification.AddCertificate(con);
con.ThreatLevel = (ThreatLevel)Enum.Parse(typeof(ThreatLevel), trustLevel);
TryAddConnection(con);
}
/// <summary>
/// This is a request to remove the remote host from our list of current connections.
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
private byte[] Delete(OSDMap request)
{
IWCConnection Certificate = new IWCConnection();
//Pull the connection info out of the request
Certificate.FromOSD(request);
//Make sure that they are verified to connect
if (!CertificateVerification.VerifyConnection(Certificate))
{
return(FailureResult());
}
//Remove them from our list of connections
CertificateVerification.RemoveCertificate(Certificate);
return(SuccessfulResult());
}
public GridRegion GetRegionForGrid(string regionName, string Url)
{
IWCCertificate c = FindConnectionByURL(Url);
if (c != null)
{
//If we are already connected, the grid services are together, so we already know of the region if it exists, therefore, it does not exist
return(null);
}
else
{
c = new IWCCertificate();
c.Connection = new IWCConnection();
//Build the certificate
c.ValidUntil = DateTime.Now.AddDays(1); //One day for now...
c.ThreatLevel = m_untrustedConnectionsDefaultTrust; //Least amount of our trust for them
//Be user friendly, add the http:// if needed as well as the final /
Url = (Url.StartsWith("http://") || Url.StartsWith("https://")) ? Url : "http://" + Url;
Url = Url.EndsWith("/") ? Url + "iwcconnection" : Url + "/iwcconnection";
c.Connection.RecieverURL = Url;
IHttpServer server = m_registry.RequestModuleInterface <ISimulationBase>().GetHttpServer(0);
c.Connection.SenderURL = server.HostName + ":" + server.Port + "/iwcconnection";
c.Connection.UserName = c.Connection.SenderURL;
//Add the certificate now
CertificateVerification.AddCertificate(c);
TryAddConnection(c);
IGridService gridService = m_registry.RequestModuleInterface <IGridService>();
if (gridService != null)
{
List <GridRegion> regions = gridService.GetRegionsByName(UUID.Zero, regionName, 1);
if (regions != null && regions.Count > 0)
{
return(regions[0]);
}
}
}
return(null);
}
/// <summary>
/// This is the initial request to join this host
/// We need to verify passwords and add sessionHashes to our database
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
private byte[] Query(OSDMap requestMap)
{
IWCConnection incomingConnectionRequest = new IWCConnection();
//Pull the connection info out of the request
incomingConnectionRequest.FromOSD(requestMap);
IWCCertificate incomingCertificate = null;
//Lets make sure that they are allowed to connect to us
if (!CertificateVerification.VerifyConnection(incomingConnectionRequest))
{
//Make sure the other host is not trying to spoof one of our certificates
if (CertificateVerification.GetCertificateByUserName(incomingConnectionRequest.UserName) != null)
{
//SPOOF! XXXXXX
return(FailureResult());
}
//This is an untrusted connection otherwise
if (!IWC.m_allowUntrustedConnections)
{
return(FailureResult()); //We don't allow them
}
}
else
{
incomingCertificate = CertificateVerification.GetCertificateByUserName(incomingConnectionRequest.UserName);
}
if (incomingCertificate == null)
{
incomingCertificate = new IWCCertificate();
incomingCertificate.Connection = new IWCConnection(incomingConnectionRequest);
//Got to flip the URLs so that we send to the right place later
incomingCertificate.Connection.RecieverURL = incomingCertificate.Connection.SenderURL;
//And add our SenderURL to the connection
IHttpServer server = IWC.Registry.RequestModuleInterface <ISimulationBase> ().GetHttpServer(0);
incomingCertificate.Connection.SenderURL = server.HostName + ":" + server.Port + "/iwcconnection";
//If we don't know it, its the default trust level
incomingCertificate.ThreatLevel = IWC.m_untrustedConnectionsDefaultTrust;
incomingCertificate.Active = true;
incomingCertificate.ValidUntil = DateTime.Now.AddDays(1);
}
//Update them in the database so that they can connect again later
CertificateVerification.AddCertificate(incomingCertificate);
//Read the URLs they sent to us
IWC.ParseIWCCertificateForURLs(incomingCertificate);
//Now send them back some URLs as well
IWC.BuildSecureUrlsForConnection(incomingCertificate);
//Fix the SecureURLs
incomingConnectionRequest.SecureUrls = incomingCertificate.Connection.SecureUrls;
OSDMap result = incomingConnectionRequest.ToOSD(false);
result["Result"] = "Successful";
m_log.WarnFormat("[IWC]: {0} successfully connected to us.", incomingConnectionRequest.SenderURL);
return(Return(result));
}
