[Opensim-dev] Validating IP and Region

[Haravikk]

> On 24 Jul 2017, at 08:33, David Saunders <abitar.com at gmail.com> wrote:
> 
>    1> IP's can be dynamic. I ran int o a few grids where the region IP;s would change from time to time.  Setting a callback on each grid was out of the question. No all grid expose there grid service to the wilds of the internet.  And getting a grid operator to run a web script for you is very hard task. 

This is actually my purpose in creating this thread; to discuss making this a standard capability in future so that it's easier to validate whether a request came from where it claims to. IPs being dynamic isn't an issue; it just means that each time the IP changes you need to perform the check again for the new IP, results can still be cached so long as they're only retained for some reasonable period (e.g- 24 hours).

>   So what I did was set up a register script. This script has an hash/password and creates an access key, registers the object with your external service. This is also where I  register the URI for the http server if available. And we pass back a token to use for the next 48 hours or reset to use on any further transactions.  Why ~48 Hours? Well this is when the URL seams to expire and need to be refresh.
> 
> I practice, I have a grid hash and a user hash I use. The Grid hash is for identifying the grid where it being sourced at, and the user hash is the one that get assigned to the creator/owner of the scripts running.  This is still not perfect, you could spoof some items. 

That's a good practice, and what I intend to do for more sensitive web-services, but it means you're implicitly trusting how the user uses their login information. For example, say they use those details with an object, then move that object to another grid, would your service be able to tell the difference between the two?

With a validation callback my service could provide basic confirmation that two objects using the same credentials, in identically named regions, in fact exist on two different grids, and thus treat them differently, block one of them etc. This is what I currently do with Second Life so that I can treat objects differently if they've been copied to the aditi test grid, to avoid data they generate from polluting results for the main grid; for example, if I'm using a web-service to provide visitor tracking, I can avoid seeing results for both agni and aditi being mixed together.

>    What you can do is, set up an external web script that access the region database file pole to see if the ip/region name is valid.

If I understand correctly this is essentially what I'm proposing; the ability to ask a grid if a region exists with the IP address you received a request from. I just need to figure out the best place to put the API call, and what any security implications are, what restrictions might be needed etc., and I can go ahead and start looking into a patch to provide this capability.