Difference between revisions of "LSL Protocol/Restrained Love Relay/Other Implementations/Felis Darwin's Amethyst Plugin"

From Second Life Wiki
Jump to navigation Jump to search
(→‎Current Source Code: Update to v0.5)
Line 70: Line 70:
list secowners = [];
list secowners = [];


key setby = NULL_KEY; //== Who set the RLV Relay status?
key setby = nullkey; //== Who set the RLV Relay status?


integer lockstatus; //== Has the collar been locked by the RLV plugin?
integer lockstatus; //== Has the collar been locked by the RLV plugin?
Line 98: Line 98:
   
   
list lRestrictions; // restrictions currently applied (without the "=n" part)
list lRestrictions; // restrictions currently applied (without the "=n" part)
key kSource;        // UUID of the object I'm commanded by, always equal to NULL_KEY if lRestrictions is empty, always set if not
key kSource;        // UUID of the object I'm commanded by, always equal to nullkey if lRestrictions is empty, always set if not
key kController;    // UUID of the person controlling the object, if passed to us by the !who command
key kController;    // UUID of the person controlling the object, if passed to us by the !who command


Line 136: Line 136:
ack(string cmd_id, key id, string cmd, string ack)
ack(string cmd_id, key id, string cmd, string ack)
{
{
     if(id != NULL_KEY)
     if(id != nullkey)
         llShout(-1812221819, cmd_id + "," + (string)id + "," + cmd + "," + ack);
         llShout(-1812221819, cmd_id + "," + (string)id + "," + cmd + "," + ack);
}
}
Line 145: Line 145:
{
{
     if (nMode == 0) return "RLV Relay is OFF";  
     if (nMode == 0) return "RLV Relay is OFF";  
     if (nMode == 1) return "RLV Relay is ON (permission needed)";  
     if (nMode == 1) return "RLV Relay is ON (permission needed)";
     return "RLV Relay is ON (auto-accept)";  
     if (nMode == 2) return "RLV Relay is ON (auto-accept)";
    return "RLV Relay is ON (owners + whitelist only)";
}
}
   
   
Line 157: Line 158:
{
{
     // are we not under command by any object but were we forced to sit on this object recently?
     // are we not under command by any object but were we forced to sit on this object recently?
     if (id != NULL_KEY && (kSource == id || ((kSource == NULL_KEY) && (id == lastForceSitDestination) && (lastForceSitTime + MAX_TIME_AUTOACCEPT_AFTER_FORCESIT > llGetUnixTime()))))
     if (id != nullkey && (kSource == id || ((kSource == nullkey) && (id == lastForceSitDestination) && (lastForceSitTime + MAX_TIME_AUTOACCEPT_AFTER_FORCESIT > llGetUnixTime()))))
     {
     {
         return TRUE;
         return TRUE;
Line 193: Line 194:
     if (object_owner==llGetOwner ()        // IF I am the owner of the object
     if (object_owner==llGetOwner ()        // IF I am the owner of the object
       || object_owner==parcel_owner        // OR its owner is the same as the parcel I'm on
       || object_owner==parcel_owner        // OR its owner is the same as the parcel I'm on
       || (object_owner==ownerkey && ownerkey != NULL_KEY) //== Is this my owner's stuff?
       || (object_owner==ownerkey && ownerkey != nullkey) //== Is this my owner's stuff?
       || ~llListFindList(secowners, [object_owner]) //== ...or my owners' stuff?
       || ~llListFindList(secowners, [object_owner]) //== ...or my owners' stuff?
       || (object_group==parcel_group && object_group != NULL_KEY)      // OR its group is the same as the parcel I'm on
       || (object_group==parcel_group && object_group != nullkey)      // OR its group is the same as the parcel I'm on
     )
     )
     {
     {
Line 252: Line 253:
integer tryToGluePendingCommands(key id, string commands)
integer tryToGluePendingCommands(key id, string commands)
{
{
     if (kSource == NULL_KEY && (sPendingId == id) && (sPendingTime + PERMISSION_DIALOG_TIMEOUT > llGetUnixTime()) && llGetFreeMemory() > 500)
     if (kSource == nullkey && (sPendingId == id) && (sPendingTime + PERMISSION_DIALOG_TIMEOUT > llGetUnixTime()) && llGetFreeMemory() > 500)
     {
     {
         debug("Gluing " + sPendingMessage + " with " + commands);
         debug("Gluing " + sPendingMessage + " with " + commands);
Line 270: Line 271:
     // extract the commands-part
     // extract the commands-part
     list tokens = llParseString2List (message, [","], []);
     list tokens = llParseString2List (message, [","], []);
     if (llGetListLength (tokens) < 3 || nMode == 0 || ~llListFindList(WhiteBlack, ["-"+(string)llGetOwnerKey(id)]) || ~llListFindList(WhiteBlack, ["-"+(string)kController]))
     if (llGetListLength (tokens) < 3 || nMode == 0 || ~llListFindList(WhiteBlack, ["-"+(string)llGetOwnerKey(id)]) || ~llListFindList(WhiteBlack, ["-"+(string)kController]) || (nMode == 3 && llGetOwnerKey(id) != ownerkey && !~llListFindList(secowners, [llGetOwnerKey(id)]) && !~llListFindList(WhiteBlack,[llGetOwnerKey(id)])))
     {
     {
         kController = NULL_KEY;
         kController = nullkey;
         return FALSE;
         return FALSE;
     }
     }
Line 415: Line 416:
             if(~llSubStringIndex(ownerexcept,behav)) //== Handle owner exceptions
             if(~llSubStringIndex(ownerexcept,behav)) //== Handle owner exceptions
             {
             {
                 if(ownerkey != NULL_KEY)
                 if(ownerkey != nullkey)
                     llOwnerSay("@"+behav+":"+(string)ownerkey+"=add");
                     llOwnerSay("@"+behav+":"+(string)ownerkey+"=add");
                 if(secaccess || ownerkey == NULL_KEY)
                 if(secaccess || ownerkey == nullkey)
                 {
                 {
                     integer i;
                     integer i;
Line 426: Line 427:
         }
         }


         if(kSource == NULL_KEY)
         if(kSource == nullkey)
         {
         {
             llSetTimerEvent(2.0);
             llSetTimerEvent(2.0);
Line 433: Line 434:
         }
         }
                  
                  
         kSource=id; // we know that kSource is either NULL_KEY or id already
         kSource=id; // we know that kSource is either nullkey or id already
     }
     }
     else if (param=="y" || param=="rem") // remove from lRestrictions
     else if (param=="y" || param=="rem") // remove from lRestrictions
Line 509: Line 510:
     {
     {
         ack(cmd_id, id, command, "ok");
         ack(cmd_id, id, command, "ok");
         kSource = NULL_KEY; //== So only one release message is sent
         kSource = nullkey; //== So only one release message is sent
         releaseRestrictions();
         releaseRestrictions();
     }
     }
Line 536: Line 537:
     ack("Relay Release Notification", kSource, "!release", "ok");
     ack("Relay Release Notification", kSource, "!release", "ok");


     kSource=NULL_KEY;
     kSource=nullkey;
     if(!lockstatus)
     if(!lockstatus)
         llOwnerSay("@detach=y");
         llOwnerSay("@detach=y");
Line 555: Line 556:
     ack("Relay Release Notification", sPendingId, "!release", "ok");
     ack("Relay Release Notification", sPendingId, "!release", "ok");


     llMessageLinked(LINK_SET, 356, nullstr, NULL_KEY);
     llMessageLinked(LINK_SET, 356, nullstr, nullkey);


     if(kController != NULL_KEY && sPendingId != NULL_KEY)
     if(kController != nullkey && sPendingId != nullkey)
         llDialog(kController, llKey2Name(llGetOwner()) +" has not accepted your attempt to control their viewer via Restrained Life.", [], 99);
         llDialog(kController, llKey2Name(llGetOwner()) +" has not accepted your attempt to control their viewer via Restrained Life.", [], 99);


     sPendingId = NULL_KEY;
     sPendingId = nullkey;
     sPendingName = "";
     sPendingName = "";
     sPendingMessage = "";
     sPendingMessage = "";
     kController = NULL_KEY;
     kController = nullkey;
}
}
   
   
Line 574: Line 575:
     debug("RLV Plugin Free Memory at "+ (string)llGetFreeMemory());
     debug("RLV Plugin Free Memory at "+ (string)llGetFreeMemory());
     nMode=1;
     nMode=1;
     kSource=NULL_KEY;
     kSource=nullkey;
     lRestrictions=[];
     lRestrictions=[];
     sPendingId=NULL_KEY;
     sPendingId=nullkey;
     sPendingName="";
     sPendingName="";
     sPendingMessage="";
     sPendingMessage="";
Line 615: Line 616:
{
{
     loginWaitingForPong = FALSE;
     loginWaitingForPong = FALSE;
     if (kSource != NULL_KEY)
     if (kSource != nullkey)
     {
     {
         ack("ping", kSource, "ping", "ping");
         ack("ping", kSource, "ping", "ping");
Line 630: Line 631:
     string cmd = llList2String(templist, 0);
     string cmd = llList2String(templist, 0);


     if(cmd == "relay" && (id == ownerkey || (llListFindList(secowners, [id]) > -1 && (ownerkey == NULL_KEY || secaccess)) || (id == llGetOwner() && (setby == NULL_KEY || setby == llGetOwner() || (setby != ownerkey && llListFindList(secowners, [setby]) <= -1)))))
     if(cmd == "relay" && (id == ownerkey || (llListFindList(secowners, [id]) > -1 && (ownerkey == nullkey || secaccess)) || (id == llGetOwner() && (setby == nullkey || setby == llGetOwner() || (setby != ownerkey && llListFindList(secowners, [setby]) <= -1)))))
     {
     {
         integer change = 0;
         integer change = 0;
Line 637: Line 638:
         string third = llList2String(templist, 2);
         string third = llList2String(templist, 2);
          
          
         if(kSource != NULL_KEY && id == llGetOwner())
         if(kSource != nullkey && id == llGetOwner())
         {
         {
             llOwnerSay("You cannot change relay modes while the relay is locked.");
             llOwnerSay("You cannot change relay modes while the relay is locked.");
Line 657: Line 658:
         }
         }
          
          
         else if((secaccess || id == ownerkey || (id == llGetOwner() && kSource == NULL_KEY)) && second == "ping")
         else if((secaccess || id == ownerkey || (id == llGetOwner() && kSource == nullkey)) && second == "ping")
         {
         {
             if(third == "off" || (third == "" && !noping))
             if(third == "off" || (third == "" && !noping))
Line 684: Line 685:
         {
         {
             nMode = 1;
             nMode = 1;
            change = 1; 
        }
        if(second == "owner" || second == "wl")
        {
            nMode = 3;
             change = 1;   
             change = 1;   
         }
         }
Line 690: Line 696:
         {
         {
             nMode++;
             nMode++;
             if(nMode > 2) nMode = 0;
             if(nMode > 3) nMode = 0;
             change = 1;   
             change = 1;   
         }
         }
Line 702: Line 708:
         if(change)
         if(change)
         {
         {
             setby = NULL_KEY;
             setby = nullkey;
             if (nMode == 0)
             if (nMode == 0)
             {
             {
Line 711: Line 717:
             {
             {
                 llSetTimerEvent((float)PING_INTERVAL);
                 llSetTimerEvent((float)PING_INTERVAL);
                 if(nMode == 2) setby = id;
                 if(nMode >= 2) setby = id;
             }
             }
             if(id == llGetOwner())
             if(id == llGetOwner())
Line 813: Line 819:
     attach(key id)
     attach(key id)
     {
     {
         if(id == NULL_KEY)
         if(id == nullkey)
             llOwnerSay("@clear");   
             llOwnerSay("@clear");   
     }
     }
Line 864: Line 870:
         }
         }
          
          
         if(sPendingId != NULL_KEY && sPendingTime + PERMISSION_DIALOG_TIMEOUT <= llGetUnixTime())
         if(sPendingId != nullkey && sPendingTime + PERMISSION_DIALOG_TIMEOUT <= llGetUnixTime())
         {
         {
             llDialog(llGetOwner(),"Request to control your viewer by "+ sPendingName +" automatically denied due to timeout.", ["OK"], -1812220409);
             llDialog(llGetOwner(),"Request to control your viewer by "+ sPendingName +" automatically denied due to timeout.", ["OK"], -1812220409);
             sPendingId = NULL_KEY;
             sPendingId = nullkey;
             sPendingName = "";
             sPendingName = "";
             sPendingMessage = "";
             sPendingMessage = "";
Line 875: Line 881:
             pingWorldObjectIfUnderRestrictions();  
             pingWorldObjectIfUnderRestrictions();  
   
   
         if (!loginPendingForceSit && !loginWaitingForPong && sPendingId == NULL_KEY)
         if (!loginPendingForceSit && !loginWaitingForPong && sPendingId == nullkey)
         {
         {
             timerTickCounter = -1;
             timerTickCounter = -1;
Line 909: Line 915:
             debug("Got message (active world object " + (string) kSource + "): name=" + name+ "; id=" + (string) id + "; message=" + message);
             debug("Got message (active world object " + (string) kSource + "): name=" + name+ "; id=" + (string) id + "; message=" + message);
   
   
             if (kSource != NULL_KEY && kSource != id)
             if (kSource != nullkey && kSource != id)
             {
             {
                 debug("already used by another object => reject");
                 debug("already used by another object => reject");
Line 915: Line 921:
             }
             }
              
              
             if(!loginPendingForceSit && sPendingId == NULL_KEY)
             if(!loginPendingForceSit && sPendingId == nullkey)
             {
             {
                 llSetTimerEvent(0.0);
                 llSetTimerEvent(0.0);
Line 933: Line 939:
         else if (channel==-1812220409 && id == llGetOwner())
         else if (channel==-1812220409 && id == llGetOwner())
         {
         {
             if (sPendingId!=NULL_KEY)
             if (sPendingId!=nullkey)
             {                 
             {                 
                 if (message=="Yes" || message == "Always") // pending request authorized => process it
                 if (message=="Yes" || message == "Always") // pending request authorized => process it
Line 946: Line 952:
                  
                  
                 //== Process Blacklist entry
                 //== Process Blacklist entry
                 if(kController == NULL_KEY) kController = llGetOwnerKey(sPendingId);
                 if(kController == nullkey) kController = llGetOwnerKey(sPendingId);
                 if(message == "Never") WhiteBlack += ["-"+(string)llGetOwnerKey(kController)];
                 if(message == "Never") WhiteBlack += ["-"+(string)llGetOwnerKey(kController)];
   
   
                 // clear pending request
                 // clear pending request
                 sPendingName="";
                 sPendingName="";
                 sPendingId=NULL_KEY;
                 sPendingId=nullkey;
                 sPendingMessage="";
                 sPendingMessage="";
             }
             }

Revision as of 21:37, 18 June 2009

This is an Amethyst Plugin implementation of the Restrained Life Relay, meant for use in Amethyst collars. At the moment this plugin may nullify commands issued by the standard Amethyst Restrained Life Plugin. However, it will instruct the Amethyst RLV plugin to re-issue its restrictions once the relay is no longer active. (Collar v6.7 and above)

This version adds a few important things to the Reference Implementation, like periodically pinging the restraining object and fixing a loophole in the "ask" mode that could allow items to restrict you even if you hadn't approved them yet. This is a work in progress. Eventually it will have most of the features suggested by Marine in the original Reference Implementation document.

Current Changelog

NOTE: NOT COMPLETE. I added a bunch of features like "!who" and "!handover" and forgot to note them. Briefly, these are: !who support, !handover support, and a new "owner + whitelist" mode in which the relay ONLY responds to objects owned by the sub's owner(s) and anybody they have on their whitelist.


  v0.4:
  
- Implemented changes to bring the relay up to 1040 spec:

 + Added a more complete fix to an exploit allowing devices to force the user to speak on the public channel
 + Made sure the distance check fails when the controlling object has been de-rezzed/removed
 +  Stopped groupless objects from immediately passing the trustworthy check on groupless land
 + Added support for the "!who" metacommand (tells you who is in control of the device), and updated the user dialog messages accordingly
 + Added support fo the "!handover" metacommand (allows devices to "hand over" controlled residents)
- Rewrote the rememberForceSit command to use less resources.

- Removed the "!mode" metacommand I had proposed because 1) nobody used it, and 2) there were compilation errors (due to too many else/ifs) otherwise

- Went through the script and combined a number of if statements so as to reduce memory useage and overhead

- Removed a number of global variables and replaced them with the values they previously held. Examples are the command prefix variables (PREFIX_RL_COMMAND, etc.) and the mode variables (MODE_OFF, MODE_ASK, MODE_AUTO).  This has reduced memory useage a bit, and has allowed me to cram in more features.
- Objects owned by your owners (primary or secondary) are now automatically considered "trustworthy", thus bypassing the annoying "this object is not owned by the parcel owner blah blah" security message.
- Added in a whitelist/blacklist feature.  When you are presented with a prompt to approve a control request from an object you will notice two additional buttons, "Always" and "Never".  This will add the CONTROLLER of the object (who is pushing the buttons, so to speak) to the white/blacklist if that information is known. (It will mention "so and so using X" if this is the case)  If the controller ISN'T known then clicking either of these buttons will add the OWNER of the object to the white/blacklist.
- Removed the as-yet unused "deny restrictions" list to make room for the above feature.  If I figure out a way to fit it in while keeping the script compilable I'll do it.


   v0.3:
   
    - Upgraded implementation version to 1.021. (Was already compliant in v0.2, but the version reply is now updated)
    
    - Modified the "Send IM" exception so that it is now generalized and will work for any specified restriction.  Currently it has been expanded to include the "Teleport Request"/tplure restriction.
    - Added in a means of disallowing certain restrictions, beyond just the "stripping" deny mode.  The list (denyRestrictions) takes strings, and checks each restriction to see if it contains that string.  If it does, the restriction is denied.  (e.g. the entry "tp" would prohibit all tp-related restrictions like accepttp, tploc, tplure, sittp, etc.) Adding "=force" to the end of an entry will limit it to only work on "force" commands, e.g. "detach:skirt=force" or even "detach=force".
   - Removed the "stripping" deny mode, as the above method will handle the same thing.
   
   - Got rid of the separate list for restriction exceptions, originally added as a means of saving available memory.  The code will now simply ignore exceptions if it runs to low on memory (and will notify the wearer of this).
   - Added a means to turn off the "ping" requirement

Current Source Code

<lsl>

//== RestrainedLife Viewer Relay Script //== by Felis Darwin //== Based on Reference Implementation by Marine Kelley

integer DEBUG = FALSE;

// --------------------------------------------------- // Amethyst Plugin Variables // ---------------------------------------------------

key nullkey = NULL_KEY; string nullstr = "";

integer secaccess=0; //== Do secondary owners have access to the RL functions?

// Internal variables key ownerkey = nullkey; list secowners = [];

key setby = nullkey; //== Who set the RLV Relay status?

integer lockstatus; //== Has the collar been locked by the RLV plugin?

string ownerexcept = "@sendim @tplure"; //== List of restrictions owner (not wearer) will always be exempt from

// --------------------------------------------------- // Constants // ---------------------------------------------------

integer RLVRS_PROTOCOL_VERSION = 1040; // version of the protocol, stated on the specification page string RLVRS_IMPL_VERSION = "Felis Darwin's implementation, Amethyst Plugin version";

integer MAX_TIME_AUTOACCEPT_AFTER_FORCESIT = 60; // seconds

integer PERMISSION_DIALOG_TIMEOUT = 30;

integer LOGIN_DELAY_WAIT_FOR_PONG = 20;

integer PING_INTERVAL = 60; //== Time between pings, and time waiting for force-sit

// --------------------------------------------------- // Variables // ---------------------------------------------------

integer nMode;

list lRestrictions; // restrictions currently applied (without the "=n" part) key kSource; // UUID of the object I'm commanded by, always equal to nullkey if lRestrictions is empty, always set if not key kController; // UUID of the person controlling the object, if passed to us by the !who command

list WhiteBlack = []; //== A combined white/black list of residents. Whitelisting exempts them from ask mode. Blacklisting prevents their objects from even interacting with you.

string sPendingName; // name of initiator of pending request (first request of a session in mode 1) key sPendingId; // UUID of initiator of pending request (first request of a session in mode 1) string sPendingMessage; // message of pending request (first request of a session in mode 1) integer sPendingTime;

// used on login integer timerTickCounter; // count the number of time events on login (forceSit has to be delayed a bit) integer loginWaitingForPong; integer loginPendingForceSit;

integer noping = 0;

key lastForceSitDestination; integer lastForceSitTime;

integer stop = 0; //== Allows the relay to stop mid-command execution if directed to by another command

// --------------------------------------------------- // Low Level Communication // ---------------------------------------------------


debug(string x) {

   if (DEBUG)
   {
       llOwnerSay("DEBUG: " + x);
   }

}

// acknowledge or reject ack(string cmd_id, key id, string cmd, string ack) {

   if(id != nullkey)
       llShout(-1812221819, cmd_id + "," + (string)id + "," + cmd + "," + ack);

}


// get current mode as string string getModeDescription() {

   if (nMode == 0) return "RLV Relay is OFF"; 
   if (nMode == 1) return "RLV Relay is ON (permission needed)";
   if (nMode == 2) return "RLV Relay is ON (auto-accept)"; 
   return "RLV Relay is ON (owners + whitelist only)";

}

// --------------------------------------------------- // Permission Handling // ---------------------------------------------------

// are we already under command by this object? integer isObjectKnow(key id) {

   // are we not under command by any object but were we forced to sit on this object recently?
   if (id != nullkey && (kSource == id || ((kSource == nullkey) && (id == lastForceSitDestination) && (lastForceSitTime + MAX_TIME_AUTOACCEPT_AFTER_FORCESIT > llGetUnixTime()))))
   {
       return TRUE;
   }

   return FALSE;

}


// check whether the object is in llSay distance. // The specification requires llSay instead of llShout or llRegionSay // to be used to limit the range. But this has to be checked here again // because the objects are not trustworthy. integer isObjectNear(key id) {

   vector myPosition = llGetRootPosition();
   list temp = llGetObjectDetails(id, ([OBJECT_POS]));
   vector objPosition = llList2Vector(temp,0);
   if(temp == []) objPosition = <1000.0, 1000.0, -1000.0>;
   float distance = llVecDist(objPosition, myPosition);
   return distance <= 100;

}

// do a basic check on the identity of the object trying to issue a command integer isObjectIdentityTrustworthy(key id) {

   key parcel_owner=llList2Key (llGetParcelDetails (llGetPos (), [PARCEL_DETAILS_OWNER]), 0);
   key parcel_group=llList2Key (llGetParcelDetails (llGetPos (), [PARCEL_DETAILS_GROUP]), 0);
   key object_owner=llGetOwnerKey(id);
   key object_group=llList2Key (llGetObjectDetails (id, [OBJECT_GROUP]), 0);

   debug("owner= " + (string) parcel_owner + " / " + (string) object_owner);
   debug("group= " + (string) parcel_group + " / " + (string) object_group);

   if (object_owner==llGetOwner ()        // IF I am the owner of the object
     || object_owner==parcel_owner        // OR its owner is the same as the parcel I'm on
     || (object_owner==ownerkey && ownerkey != nullkey) //== Is this my owner's stuff?
     || ~llListFindList(secowners, [object_owner]) //== ...or my owners' stuff?
     || (object_group==parcel_group && object_group != nullkey)       // OR its group is the same as the parcel I'm on
   )
   {
       return TRUE;
   }
   return FALSE;

}


// Is this a simple request for information or a meta command like !release? integer isSimpleRequest(list list_of_commands) {

   integer len = llGetListLength(list_of_commands);
   integer i;

   debug("Checking simplicity of commands...");

   // now check every single atomic command
   for (i=0; i < len; ++i)
   {
       string command = llList2String(list_of_commands, i);
       if (!isSimpleAtomicCommand(command))
       {
          debug("Command "+ command +" fails simplicity check.");
          return FALSE;
       }
   }

   // all atomic commands passed the test
   return TRUE;

}

// is this a simple atmar command // (a command which only queries some information or releases restrictions) // (e. g.: cmd ends with "=" and a number (@version, @getoutfit, @getattach) or is a !-meta-command) integer isSimpleAtomicCommand(string cmd) {

   // check right hand side of the "=" - sign
   integer index = llSubStringIndex (cmd, "=");
   // check for a number after the "="
   string param = llGetSubString (cmd, index + 1, -1);
   if ((((((integer)param!=0 || param=="0") && llSubStringIndex(param, "n") <= -1 && llSubStringIndex(param, "add")<= -1) || param == "y" || param == "rem")  && index > -1) || llSubStringIndex(cmd, "!") == 0 || cmd == "@clear") // is it an integer (channel number)?
   {
       return TRUE;
   }

   // this one is not "simple".
   return FALSE;

}

// If we already have commands from this object pending // because of a permission request dialog, just add the // new commands at the end. // Note: We use a timeout here because the player may // have "ignored" the dialog. integer tryToGluePendingCommands(key id, string commands) {

   if (kSource == nullkey && (sPendingId == id) && (sPendingTime + PERMISSION_DIALOG_TIMEOUT > llGetUnixTime()) && llGetFreeMemory() > 500)
   {
       debug("Gluing " + sPendingMessage + " with " + commands);
       sPendingMessage = (sPendingMessage="") + sPendingMessage + "|" + commands;
       return TRUE;
   }
   return FALSE;

}

// verifies the permission. This includes mode // (off, permission, auto) of the relay and the // identity of the object (owned by parcel people). integer verifyPermission(key id, string name, string message) {

   debug("Verifying permission for command "+ message);
   
   // extract the commands-part
   list tokens = llParseString2List (message, [","], []);
   if (llGetListLength (tokens) < 3 || nMode == 0 || ~llListFindList(WhiteBlack, ["-"+(string)llGetOwnerKey(id)]) || ~llListFindList(WhiteBlack, ["-"+(string)kController]) || (nMode == 3 && llGetOwnerKey(id) != ownerkey && !~llListFindList(secowners, [llGetOwnerKey(id)]) && !~llListFindList(WhiteBlack,[llGetOwnerKey(id)])))
   {
       kController = nullkey;
       return FALSE;
   }
   string commands = llList2String(tokens, 2);
   list list_of_commands = llParseString2List(commands, ["|"], []);

   // accept harmless commands silently
   if (isSimpleRequest(list_of_commands) || ~llListFindList(WhiteBlack, [llGetOwnerKey(id)]))
   {
       debug("simple command or Owner in Whitelist, executing.");
       return TRUE;
   }

   // if we are already having a pending permission-dialog request for THIS object,
   // just add the new commands at the end of the pending command list.
   if (tryToGluePendingCommands(id, commands))
   {
       debug("Appending to store of commands pending approval.");
       return FALSE; //== Glue the commands and process them later
   }

   // check whether this object belongs here
   integer trustworthy = isObjectIdentityTrustworthy(id);
   string warning = "";
   if (!trustworthy)
   {
       warning = "\n\nWARNING: This object is not owned by the people owning this parcel. Unless you know the owner, you should deny this request.";
   }

   // ask in permission-request-mode and/OR in case the object identity is suspisous.
   if ((nMode == 1 || !trustworthy))
   {
       sPendingId=id;
       sPendingName=name;
       sPendingMessage=message;
       sPendingTime = llGetUnixTime();
       
       list opts = ["Yes", "No"];
       
       llSetTimerEvent(2.0);
               
       if(llKey2Name(llGetOwnerKey(id)) != "")
       {
           name += " (owned by "+llKey2Name(llGetOwnerKey(id))+")";
           opts += ["Never", "Always"];
       }
           
       if(llKey2Name(kController) != "")
       {
           name = llKey2Name(kController) +", using "+ name +",";
           opts += ["Never"];
       }
       
       llDialog (llGetOwner(), name + " would like control your viewer." + warning + ".\n\nDo you accept ?", llList2List(opts,0,3), -1812220409);
       debug("Asking for permission");
       return FALSE;
   }
   return TRUE;

}


// --------------------------------------------------- // Executing of commands // ---------------------------------------------------

// execute a non-parsed message // this command could be denied here for policy reasons, (if it were implemenetd) // but this time there will be an acknowledgement execute(string name, key id, string message) {

   integer sentRLV=0;
   stop = 0;
   
   list tokens=llParseString2List (message, [","], []);
   if (llGetListLength (tokens)==3) // this is a normal command
   {
       string cmd_id=llList2String (tokens, 0); // CheckAttach
       key target=llList2Key (tokens, 1); // UUID
       if (target==llGetOwner ()) // talking to me ?
       {
           list list_of_commands=llParseString2List (llList2String (tokens, 2), ["|"], []);
           integer len=llGetListLength (list_of_commands);
           integer i;
           string command;
           string prefix;
           for (i=0; i<len; ++i) // execute every command one by one
           {
               if(stop) return;
               
               // a command is a RL command if it starts with '@' or a metacommand if it starts with '!'
               command=llList2String (list_of_commands, i);
               prefix=llGetSubString (command, 0, 0);
               
               if(command == "@clear")
               {
                   releaseRestrictions();
                   ack(cmd_id, id, command, "ok");   
               }
               else if (prefix=="@") // this is a RL command
               {
                   executeRLVCommand(cmd_id, id, command);
                   sentRLV=1;
               }
               else if (prefix=="!") // this is a metacommand, aimed at the relay itself
               {
                   executeMetaCommand(cmd_id, id, command);
               }
           }
       }
   }

}

// executes a command for the restrained life viewer // with some additinal magic like book keeping executeRLVCommand(string cmd_id, string id, string command) {

   // we need to know whether whether is a rule or a simple command
   list tokens_command=llParseString2List (command, ["="], []);
   string behav=llList2String (tokens_command, 0); // @getattach:skull
   string param=llList2String (tokens_command, 1); // 2222
   integer ind=llListFindList (lRestrictions, [behav]);

   debug("behav = "+ behav +"; param=" + param);
   
   //== Stop the public chat exploits.
   if((~llSubStringIndex(behav, "@get") || ~llSubStringIndex(behav, "@findfolder") || ~llSubStringIndex(behav, "@version")) && (integer)param <= 0)
   {
       ack(cmd_id, id, command, "ko");
       return;   
   } 
   if (param=="n" || param=="add") // add to lRestrictions
   {
       if (ind<0)
       {
           if(~llSubStringIndex(behav, ":") && llGetFreeMemory() <= 1024)
           {
               llOwnerSay("Relay is running dangerously low on memory; some restrictions will not be processed.");
           }
           else
               lRestrictions = (lRestrictions=[]) + lRestrictions + [behav];
               
           if(~llSubStringIndex(ownerexcept,behav)) //== Handle owner exceptions
           {
               if(ownerkey != nullkey)
                   llOwnerSay("@"+behav+":"+(string)ownerkey+"=add");
               if(secaccess || ownerkey == nullkey)
               {
                   integer i;
                   for(i = 0; i < llGetListLength(secowners); i++)
                       llOwnerSay("@"+behav+":"+llList2String(secowners,i)+"=add");
               }
           }
       }
       if(kSource == nullkey)
       {
           llSetTimerEvent(2.0);
           if(!lockstatus)
               llOwnerSay("@detach=n");
       }
               
       kSource=id; // we know that kSource is either nullkey or id already
   }
   else if (param=="y" || param=="rem") // remove from lRestrictions
   {
       if (ind>-1)
               lRestrictions=llDeleteSubList ((lRestrictions=[]) + lRestrictions, ind, ind);
               
       //== Unlisted Owner Exceptions are NEVER removed, for safety
       //==  Nor is the public chat exploit fixer
       else if(~llSubStringIndex(behav, ownerkey) || behav == "@a-relay")
       {
           ack(cmd_id, id, command, "ko");
           return;
       }
       
       if (llGetListLength (lRestrictions) == 0 && !lockstatus)
           llOwnerSay("@detach=y");
       
   }

   rememberForceSit(command);
   if(llGetListLength(lRestrictions) == 1)
       llOwnerSay("@a-relay=n");
   llOwnerSay(command); // execute command
   ack(cmd_id, id, command, "ok"); // acknowledge

}


// remembers the time and object if this command is a force sit rememberForceSit(string command) {

// list tokens_command=llParseString2List (command, ["="], []); // string behav=llList2String (tokens_command, 0); // @sit:<uuid> // string param=llList2String (tokens_command, 1); // force

   command = llStringTrim(command, STRING_TRIM);
   string param = llGetSubString(command, -6, -1);

// if (param != "force")

   if (param != "=force")
       return;

// tokens_command=llParseString2List(behav, [":"], []); // behav=llList2String (tokens_command, 0); // @sit // param=llList2String (tokens_command, 1); // <uuid>

   string behav = llGetSubString(command, 0, 4);
   param = llGetSubString(command, 5, 40);
   debug("'force'-command:" + behav + "/" + param);
   

// if (behav != "@sit")

   if(behav != "@sit:")
       return;
   
   
   lastForceSitDestination = (key) param;
   lastForceSitTime = llGetUnixTime();
   debug("remembered force sit");

}

// executes a meta command which is handled by the relay itself executeMetaCommand(string cmd_id, string id, string command) {

   if (command=="!version") // checking relay version
   {
       ack(cmd_id, id, command, (string)RLVRS_PROTOCOL_VERSION);
   }
   else if (command == "!implversion") // checking relay version
   {
       ack(cmd_id, id, command, RLVRS_IMPL_VERSION);
   }
   else if (command=="!release") // release all the restrictions (end session)
   {
       ack(cmd_id, id, command, "ok");
       kSource = nullkey; //== So only one release message is sent
       releaseRestrictions();
   }
   //== We don't need to do this because any sent restriction automatically does the same thing    

// else if (command == "!pong") // loginWaitingForPong = FALSE;

   if (llGetSubString(command,0,4) == "!who/")
   {
       kController = (key)llGetSubString(command, 5, -1);
   }
   if (llGetSubString(command,0,9) == "!handover/")
   {
       list tokens = llParseString2List(command, ["/"], []);
       if(!llList2Integer(tokens, 2))
           releaseRestrictions();
       kSource = llList2Key(tokens,1);
       pingWorldObjectIfUnderRestrictions();
   }

}

// lift all the restrictions (called by !release and by turning the relay off) releaseRestrictions () {

   ack("Relay Release Notification", kSource, "!release", "ok");
   kSource=nullkey;
   if(!lockstatus)
       llOwnerSay("@detach=y");
   integer i;
   integer len=llGetListLength (lRestrictions);
   for (i=0; i<len; ++i)
   {
       llOwnerSay(llList2String (lRestrictions, i)+"=y");
       
       if(~llSubStringIndex(ownerexcept,llList2String(lRestrictions,i)))
           llOwnerSay("@clear="+llGetSubString(llList2String(lRestrictions, i),1,-1));
   }
   lRestrictions = [];
   loginPendingForceSit = FALSE;
   loginWaitingForPong = FALSE;
   llSetTimerEvent(0.0);
   ack("Relay Release Notification", sPendingId, "!release", "ok");
   llMessageLinked(LINK_SET, 356, nullstr, nullkey);
   if(kController != nullkey && sPendingId != nullkey)
       llDialog(kController, llKey2Name(llGetOwner()) +" has not accepted your attempt to control their viewer via Restrained Life.", [], 99);
   sPendingId = nullkey;
   sPendingName = "";
   sPendingMessage = "";
   kController = nullkey;

}


// --------------------------------------------------- // initialisation and login handling // ---------------------------------------------------

init() {

   debug("RLV Plugin Free Memory at "+ (string)llGetFreeMemory());
   nMode=1;
   kSource=nullkey;
   lRestrictions=[];
   sPendingId=nullkey;
   sPendingName="";
   sPendingMessage="";
   llListen (-1812221819, "", "", "");
   llListen (-1812220409, "", llGetOwner(), "");
   llOwnerSay (getModeDescription());

}

// sends the known restrictions (again) to the RL-viewer // (call this functions on login) reinforceKnownRestrictions() {

   integer i;
   integer len=llGetListLength(lRestrictions);
   string restr;
   
   if(len > 0)
   {
       llOwnerSay("@a-relay=n");
       llOwnerSay("@detach=n");
   }
   
   debug("kSource=" + (string) kSource);
   for (i=0; i<len; ++i)
   {
       restr=llList2String(lRestrictions, i);
       debug("restr=" + restr);
       llOwnerSay(restr+"=n");
       if (restr=="@unsit")
       {
           loginPendingForceSit = TRUE;
       }
   }

}

// send a ping request and start a timer pingWorldObjectIfUnderRestrictions() {

   loginWaitingForPong = FALSE;
   if (kSource != nullkey)
   {
       ack("ping", kSource, "ping", "ping");
       timerTickCounter = 0;
       llSetTimerEvent(1.0);
       loginWaitingForPong = TRUE;
   }

}

// Handle commands HandleCommand(string message, key id) {

   list templist = llParseString2List(llToLower(message), [" "], []);
   string cmd = llList2String(templist, 0);
   if(cmd == "relay" && (id == ownerkey || (llListFindList(secowners, [id]) > -1 && (ownerkey == nullkey || secaccess)) || (id == llGetOwner() && (setby == nullkey || setby == llGetOwner() || (setby != ownerkey && llListFindList(secowners, [setby]) <= -1)))))
   {
       integer change = 0;
       
       string second = llList2String(templist, 1);
       string third = llList2String(templist, 2);
       
       if(kSource != nullkey && id == llGetOwner())
       {
           llOwnerSay("You cannot change relay modes while the relay is locked.");
           return;   
       }
       
       if(id == ownerkey && (second == "secondaries" || second == "sec"))
       {
           if(third == "on" || third == "auto" || (third == "" && !secaccess))
           {
               secaccess = 1;
               llWhisper(0, "Secondary owners can now adjust Restrained Life Relay settings.");
           }
           else
           {
               secaccess = 0;
               llWhisper(0, "Secondary owners cannot adjust Restrained Life Relay settings.");
           }
       }
       
       else if((secaccess || id == ownerkey || (id == llGetOwner() && kSource == nullkey)) && second == "ping")
       {
           if(third == "off" || (third == "" && !noping))
           {
               noping = 1;
               llWhisper(0,"Restrained Life Relay no longer requires regular object communication.  CAUTION: Relay will NOT detect if the control object has crashed or been removed, and that instance will continue to enforce the last known restrictions until the wearer logs off.");
           }
           else
           {
               noping = 0;
               llWhisper(0,"Restrained Life Relay now requires regular object communication."); 
           }  
       }
       
       if(second == "on" || second == "auto")
       {
           nMode = 2;
           change = 1;
       }
       if(second == "off")
       {
           nMode = 0;
           change = 1;   
       }
       if(second == "ask")
       {
           nMode = 1;
           change = 1;   
       }
       if(second == "owner" || second == "wl")
       {
           nMode = 3;
           change = 1;   
       }
       
       if(second == "" || second == "mode")
       {
           nMode++;
           if(nMode > 3) nMode = 0;
           change = 1;   
       }
       
       if(second == "wbclear")
       {
           WhiteBlack = [];
           llWhisper(0,"Relay Whitelist and Blacklist cleared.");
       }
       
       if(change)
       {
           setby = nullkey;
           if (nMode == 0)
           {
               llSetTimerEvent(0.0);
               releaseRestrictions();
           }
           else
           {
               llSetTimerEvent((float)PING_INTERVAL);
               if(nMode >= 2) setby = id;
           }
           if(id == llGetOwner())
               llOwnerSay(getModeDescription());   
           else
               llSay(0, getModeDescription());
               
           llMessageLinked(LINK_THIS, 63, nullstr, nullstr);
       }
   }
   else if(cmd == "relay" && id == llGetOwner())
   {
       llOwnerSay("Sorry, only your owner can deactivate the relay once they enable it.");   
   }

}

default {

   state_entry()
   {
       // Request owner list from the collar
       llMessageLinked(LINK_THIS, 47, nullstr, nullstr);
       // Reset the plugin list
       llMessageLinked(LINK_THIS, 62, nullstr, nullstr);
       init();
   }
   
   // Handle messages from the collar script
   link_message(integer sender, integer num, string str, key id)
   {
       if(num == 47)
       {
           list templist = llParseString2List(str, [","], []);
           integer x;
           integer count = llGetListLength(templist);
           
           // Handle owner list reply
           ownerkey = id;
           secowners = [];
           for(x=0;x<count;x++)
           {
               secowners = secowners + [ (key)llList2String(templist, x) ];
           }
       }
       // Prefixless commands
       else if(num == 48 || num == 828)
       {
           if(llSubStringIndex(id,"|") != -1) //== Strip out the combo info from the 828 reply
               id = (key)(llGetSubString(id,0,35));   
           // Handle Commands on the public or alternate channel
           HandleCommand(str, id);
       }
       else if(num == 33 && id != nullkey)
       {
           // Collar script is giving us an owner
           ownerkey = id;
       }
       else if(num == 34 && id != nullkey)
       {
           // Collar script is giving us a secondary owner
           secowners = secowners + [ id ];
       }
       else if(num == 35)
       {
           // Collar script is clearing owners
           ownerkey = nullkey;
           secowners = [];
       }
       else if(num == 36)
       {
           // Collar script is clearing secondary owners
           secowners = [];
       }
       // Handle plugin update
       else if(num == 62)
       {
           string buttons = "Relay Mode";
           
           if(str == nullstr && (id == nullstr || id == nullkey))
           {
               // Add for owner and owners (key)
               llMessageLinked(LINK_SET, 62, "Relay Sec", buttons);
               // Add for sub and unowned sub (key)
               llMessageLinked(LINK_SET, 63, buttons, nullstr);
           }
       }
       else if(num == 65)
       {
           lockstatus = (integer)str;  
       }
       else if(num == 66) //== Safeword, unlock
       {
           releaseRestrictions();
           nMode = 0;
           llOwnerSay(getModeDescription());
       }
       else if(num == 355)
           reinforceKnownRestrictions();
   }
   
   attach(key id)
   {
       if(id == nullkey)
           llOwnerSay("@clear");   
   }
   
   on_rez(integer start_param)
   {
       // relogging, we must refresh the viewer and ping the object if any
       // if mode is not OFF, fire all the stored restrictions
       if (nMode)
       {
           reinforceKnownRestrictions();
           pingWorldObjectIfUnderRestrictions();
       }
       // remind the current mode to the user
       llOwnerSay(getModeDescription());
   }


   timer()
   {
       timerTickCounter++;   
       
       debug("timer (" + (string) timerTickCounter + "): waiting for pong: " + (string) loginWaitingForPong + " pendingForceSit: " + (string) loginPendingForceSit);
       if (loginWaitingForPong && (timerTickCounter >= LOGIN_DELAY_WAIT_FOR_PONG))
       {
           llWhisper(0, "Lucky Day: " + llKey2Name(llGetOwner()) + " is freed because the device is not available or is not responding to pings.");
           loginWaitingForPong = FALSE;
           loginPendingForceSit = FALSE;
           releaseRestrictions();
       }

       if (loginPendingForceSit)
       {
           integer agentInfo = llGetAgentInfo(llGetOwner());
           if (agentInfo & AGENT_SITTING)
           {
               loginPendingForceSit = FALSE;
               debug("is sitting now");
           }
           else if (timerTickCounter >= PING_INTERVAL) //== Force Sit check
           {
               llWhisper(0, "Lucky Day: " + llKey2Name(llGetOwner()) + " is freed because sitting down again was not possible.");
               loginPendingForceSit = FALSE;
               releaseRestrictions();
           }
           else if(!loginWaitingForPong)
           {
                llOwnerSay ("@sittp=y,sit:"+(string)lastForceSitDestination+"=force");
           }
       }
       
       if(sPendingId != nullkey && sPendingTime + PERMISSION_DIALOG_TIMEOUT <= llGetUnixTime())
       {
           llDialog(llGetOwner(),"Request to control your viewer by "+ sPendingName +" automatically denied due to timeout.", ["OK"], -1812220409);
           sPendingId = nullkey;
           sPendingName = "";
           sPendingMessage = "";
       }  

       if(timerTickCounter == 0 && !noping)
           pingWorldObjectIfUnderRestrictions(); 

       if (!loginPendingForceSit && !loginWaitingForPong && sPendingId == nullkey)
       {
           timerTickCounter = -1;
           if(!noping)
           {
               llSetTimerEvent((float)PING_INTERVAL);
               return;
           }
           llSetTimerEvent(0.0);
       }
   }

   listen(integer channel, string name, key id, string message)
   {
       if (channel==-1812221819)
       {
           debug("LISTEN: " + message);
           
           //=== ALWAYS accept a lone "!release" command, no matter the distance
           list tokens = llCSV2List(message);
           if (!(llGetListLength(tokens) == 3 && llList2String(tokens, 1) == llGetOwner()) || (!isObjectNear(id) && llGetSubString(message, -9, -1) != ",!release"))
           {
              return;
           }
           tokens = [];

           if (nMode== 0)
           {
               debug("deactivated - ignoring commands");
               return; // mode is 0 (off) => reject
           }

           debug("Got message (active world object " + (string) kSource + "): name=" + name+ "; id=" + (string) id + "; message=" + message);

           if (kSource != nullkey && kSource != id)
           {
               debug("already used by another object => reject");
               return;
           }
           
           if(!loginPendingForceSit && sPendingId == nullkey)
           {
               llSetTimerEvent(0.0);
               llSetTimerEvent((float)PING_INTERVAL);
           }

           loginWaitingForPong = FALSE; // whatever the message, it is for me => it satisfies the ping request

// timerTickCounter = -1;

           if (!isObjectKnow(id))
               if(!verifyPermission(id, name, message))
                   return;

           debug("Executing: " + (string) kSource);
           execute(name, id, message);
       }
       else if (channel==-1812220409 && id == llGetOwner())
       {
           if (sPendingId!=nullkey)
           {                
               if (message=="Yes" || message == "Always") // pending request authorized => process it
               {
                   //== Process Whitelist entry
                   if(message == "Always") WhiteBlack += [llGetOwnerKey(sPendingId)];
                   debug("Got approval of restrictions from wearer");
                   execute(sPendingName, sPendingId, sPendingMessage);
               }
               else if(kSource == sPendingId)
                   releaseRestrictions();
               
               //== Process Blacklist entry
               if(kController == nullkey) kController = llGetOwnerKey(sPendingId);
               if(message == "Never") WhiteBlack += ["-"+(string)llGetOwnerKey(kController)];

               // clear pending request
               sPendingName="";
               sPendingId=nullkey;
               sPendingMessage="";
           }
       }
   }
   
   changed(integer change)
   {
       if (change & CHANGED_OWNER) 
       {
            llResetScript();
       }
   }

}

</lsl>