aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorBlueWall2011-05-01 14:44:09 -0400
committerBlueWall2011-05-05 19:56:54 -0400
commit8ca793875318efc8db3339b25bf7fa5ddeeac218 (patch)
treecc860147bdb35f8b9d52325b7b12c9df383f17cd
parentfix command display for debugging 'emergency-monitoring' (diff)
downloadopensim-SC-8ca793875318efc8db3339b25bf7fa5ddeeac218.zip
opensim-SC-8ca793875318efc8db3339b25bf7fa5ddeeac218.tar.gz
opensim-SC-8ca793875318efc8db3339b25bf7fa5ddeeac218.tar.bz2
opensim-SC-8ca793875318efc8db3339b25bf7fa5ddeeac218.tar.xz
Adding ssl support
Adding ssl support for "Out of Band" applications such as the remote admin module or Robust services
-rw-r--r--OpenSim/Framework/MainServer.cs5
-rw-r--r--OpenSim/Framework/NetworkServersInfo.cs15
-rw-r--r--OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs14
-rw-r--r--OpenSim/Region/ClientStack/RegionApplicationBase.cs16
-rw-r--r--OpenSim/Server/Base/HttpServerBase.cs77
-rw-r--r--bin/OpenSimDefaults.ini14
-rw-r--r--bin/Robust.ini.example21
7 files changed, 160 insertions, 2 deletions
diff --git a/OpenSim/Framework/MainServer.cs b/OpenSim/Framework/MainServer.cs
index 0515b16..a3e0a26 100644
--- a/OpenSim/Framework/MainServer.cs
+++ b/OpenSim/Framework/MainServer.cs
@@ -52,6 +52,11 @@ namespace OpenSim.Framework
52 return GetHttpServer(port,null); 52 return GetHttpServer(port,null);
53 } 53 }
54 54
55 public static void AddHttpServer(BaseHttpServer server)
56 {
57 m_Servers.Add(server.Port, server);
58 }
59
55 public static IHttpServer GetHttpServer(uint port, IPAddress ipaddr) 60 public static IHttpServer GetHttpServer(uint port, IPAddress ipaddr)
56 { 61 {
57 if (port == 0) 62 if (port == 0)
diff --git a/OpenSim/Framework/NetworkServersInfo.cs b/OpenSim/Framework/NetworkServersInfo.cs
index b25f8b9..5bb4111 100644
--- a/OpenSim/Framework/NetworkServersInfo.cs
+++ b/OpenSim/Framework/NetworkServersInfo.cs
@@ -49,6 +49,12 @@ namespace OpenSim.Framework
49 public string HttpSSLCN = ""; 49 public string HttpSSLCN = "";
50 public uint httpSSLPort = 9001; 50 public uint httpSSLPort = 9001;
51 51
52 // "Out of band" managemnt https
53 public bool ssl_listener = false;
54 public uint https_port = 0;
55 public string cert_path = String.Empty;
56 public string cert_pass = String.Empty;
57
52 public string MessagingURL = String.Empty; 58 public string MessagingURL = String.Empty;
53 59
54 public NetworkServersInfo() 60 public NetworkServersInfo()
@@ -86,6 +92,15 @@ namespace OpenSim.Framework
86 secureInventoryServer = config.Configs["Network"].GetBoolean("secure_inventory_server", true); 92 secureInventoryServer = config.Configs["Network"].GetBoolean("secure_inventory_server", true);
87 93
88 MessagingURL = config.Configs["Network"].GetString("messaging_server_url", string.Empty); 94 MessagingURL = config.Configs["Network"].GetString("messaging_server_url", string.Empty);
95
96 // "Out of band management https"
97 ssl_listener = config.Configs["Network"].GetBoolean("https_listener",false);
98 if( ssl_listener)
99 {
100 cert_path = config.Configs["Network"].GetString("cert_path",String.Empty);
101 cert_pass = config.Configs["Network"].GetString("cert_pass",String.Empty);
102 https_port = (uint)config.Configs["Network"].GetInt("https_port", 0);
103 }
89 } 104 }
90 } 105 }
91} 106}
diff --git a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
index ba89e21..598e5d1 100644
--- a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
+++ b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
@@ -32,6 +32,7 @@ using System.Collections.Specialized;
32using System.IO; 32using System.IO;
33using System.Net; 33using System.Net;
34using System.Net.Sockets; 34using System.Net.Sockets;
35using System.Security.Cryptography.X509Certificates;
35using System.Reflection; 36using System.Reflection;
36using System.Globalization; 37using System.Globalization;
37using System.Text; 38using System.Text;
@@ -72,6 +73,7 @@ namespace OpenSim.Framework.Servers.HttpServer
72 protected uint m_port; 73 protected uint m_port;
73 protected uint m_sslport; 74 protected uint m_sslport;
74 protected bool m_ssl; 75 protected bool m_ssl;
76 private X509Certificate2 m_cert;
75 protected bool m_firstcaps = true; 77 protected bool m_firstcaps = true;
76 protected string m_SSLCommonName = ""; 78 protected string m_SSLCommonName = "";
77 79
@@ -123,6 +125,14 @@ namespace OpenSim.Framework.Servers.HttpServer
123 } 125 }
124 } 126 }
125 127
128 public BaseHttpServer(uint port, bool ssl, string CPath, string CPass) : this (port, ssl)
129 {
130 if (m_ssl)
131 {
132 m_cert = new X509Certificate2(CPath, CPass);
133 }
134 }
135
126 /// <summary> 136 /// <summary>
127 /// Add a stream handler to the http server. If the handler already exists, then nothing happens. 137 /// Add a stream handler to the http server. If the handler already exists, then nothing happens.
128 /// </summary> 138 /// </summary>
@@ -1683,6 +1693,7 @@ namespace OpenSim.Framework.Servers.HttpServer
1683 try 1693 try
1684 { 1694 {
1685 //m_httpListener = new HttpListener(); 1695 //m_httpListener = new HttpListener();
1696
1686 NotSocketErrors = 0; 1697 NotSocketErrors = 0;
1687 if (!m_ssl) 1698 if (!m_ssl)
1688 { 1699 {
@@ -1702,6 +1713,9 @@ namespace OpenSim.Framework.Servers.HttpServer
1702 { 1713 {
1703 //m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/"); 1714 //m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/");
1704 //m_httpListener.Prefixes.Add("http://+:" + m_port + "/"); 1715 //m_httpListener.Prefixes.Add("http://+:" + m_port + "/");
1716 m_httpListener2 = CoolHTTPListener.Create(IPAddress.Any, (int)m_port, m_cert);
1717 m_httpListener2.ExceptionThrown += httpServerException;
1718 m_httpListener2.LogWriter = httpserverlog;
1705 } 1719 }
1706 1720
1707 m_httpListener2.RequestReceived += OnRequest; 1721 m_httpListener2.RequestReceived += OnRequest;
diff --git a/OpenSim/Region/ClientStack/RegionApplicationBase.cs b/OpenSim/Region/ClientStack/RegionApplicationBase.cs
index ea1317a..6e3a58e 100644
--- a/OpenSim/Region/ClientStack/RegionApplicationBase.cs
+++ b/OpenSim/Region/ClientStack/RegionApplicationBase.cs
@@ -96,6 +96,22 @@ namespace OpenSim.Region.ClientStack
96 96
97 MainServer.Instance = m_httpServer; 97 MainServer.Instance = m_httpServer;
98 98
99 // "OOB" Server
100 if (m_networkServersInfo.ssl_listener)
101 {
102 BaseHttpServer server = null;
103 server = new BaseHttpServer(
104 m_networkServersInfo.https_port, m_networkServersInfo.ssl_listener, m_networkServersInfo.cert_path,
105 m_networkServersInfo.cert_pass);
106 // Add the server to m_Servers
107 if(server != null)
108 {
109 m_log.InfoFormat("[REGION SERVER]: Starting HTTPS server on port {0}", server.Port);
110 MainServer.AddHttpServer(server);
111 server.Start();
112 }
113 }
114
99 base.StartupSpecific(); 115 base.StartupSpecific();
100 } 116 }
101 117
diff --git a/OpenSim/Server/Base/HttpServerBase.cs b/OpenSim/Server/Base/HttpServerBase.cs
index 9e4593e..bb5ce96 100644
--- a/OpenSim/Server/Base/HttpServerBase.cs
+++ b/OpenSim/Server/Base/HttpServerBase.cs
@@ -97,16 +97,76 @@ namespace OpenSim.Server.Base
97 97
98 if (port == 0) 98 if (port == 0)
99 { 99 {
100 System.Console.WriteLine("Port number not specified or 0, server can't start"); 100
101 Thread.CurrentThread.Abort(); 101 Thread.CurrentThread.Abort();
102 } 102 }
103 //
104 bool ssl_main = networkConfig.GetBoolean("https_main",false);
105 bool ssl_listener = networkConfig.GetBoolean("https_listener",false);
103 106
104 m_consolePort = (uint)networkConfig.GetInt("ConsolePort", 0); 107 m_consolePort = (uint)networkConfig.GetInt("ConsolePort", 0);
105 m_Port = port; 108 m_Port = port;
109 //
110 // This is where to make the servers:
111 //
112 //
113 // Make the base server according to the port, etc.
114 // ADD: Possibility to make main server ssl
115 // Then, check for https settings and ADD a server to
116 // m_Servers
117 //
118 if ( !ssl_main )
119 {
120 m_HttpServer = new BaseHttpServer(port);
106 121
107 m_HttpServer = new BaseHttpServer(port); 122 }
123 else
124 {
125 string cert_path = networkConfig.GetString("cert_path",String.Empty);
126 if ( cert_path == String.Empty )
127 {
128 System.Console.WriteLine("Path to X509 certificate is missing, server can't start.");
129 Thread.CurrentThread.Abort();
130 }
131 string cert_pass = networkConfig.GetString("cert_pass",String.Empty);
132 if ( cert_pass == String.Empty )
133 {
134 System.Console.WriteLine("Password for X509 certificate is missing, server can't start.");
135 Thread.CurrentThread.Abort();
136 }
137 m_HttpServer = new BaseHttpServer(port, ssl_main, cert_path, cert_pass);
138 }
108 139
109 MainServer.Instance = m_HttpServer; 140 MainServer.Instance = m_HttpServer;
141
142 // If https_listener = true, then add an ssl listener on the https_port...
143 if ( ssl_listener == true ) {
144
145 uint https_port = (uint)networkConfig.GetInt("https_port", 0);
146
147 string cert_path = networkConfig.GetString("cert_path",String.Empty);
148 if ( cert_path == String.Empty )
149 {
150 System.Console.WriteLine("Path to X509 certificate is missing, server can't start.");
151 Thread.CurrentThread.Abort();
152 }
153 string cert_pass = networkConfig.GetString("cert_pass",String.Empty);
154 if ( cert_pass == String.Empty )
155 {
156 System.Console.WriteLine("Password for X509 certificate is missing, server can't start.");
157 Thread.CurrentThread.Abort();
158 }
159 // Add our https_server
160 BaseHttpServer server = null;
161 server = new BaseHttpServer(https_port, ssl_listener, cert_path, cert_pass);
162 if (server != null)
163 {
164 m_Log.InfoFormat("[SERVER]: Starting HTTPS server on port {0}", https_port);
165 m_Servers.Add(https_port,server);
166 }
167 else
168 System.Console.WriteLine(String.Format("Failed to start HTTPS server on port {0}",https_port));
169 }
110 } 170 }
111 171
112 protected override void Initialise() 172 protected override void Initialise()
@@ -114,6 +174,19 @@ namespace OpenSim.Server.Base
114 m_Log.InfoFormat("[SERVER]: Starting HTTP server on port {0}", m_HttpServer.Port); 174 m_Log.InfoFormat("[SERVER]: Starting HTTP server on port {0}", m_HttpServer.Port);
115 m_HttpServer.Start(); 175 m_HttpServer.Start();
116 176
177 if (m_Servers.Count > 0)
178 {
179 foreach (BaseHttpServer s in m_Servers.Values)
180 {
181 if (!s.UseSSL)
182 m_Log.InfoFormat("[SERVER]: Starting HTTP server on port {0}", s.Port);
183 else
184 m_Log.InfoFormat("[SERVER]: Starting HTTPS server on port {0}", s.Port);
185
186 s.Start();
187 }
188 }
189
117 if (MainConsole.Instance is RemoteConsole) 190 if (MainConsole.Instance is RemoteConsole)
118 { 191 {
119 if (m_consolePort == 0) 192 if (m_consolePort == 0)
diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini
index 6d2d54d..2e192f1 100644
--- a/bin/OpenSimDefaults.ini
+++ b/bin/OpenSimDefaults.ini
@@ -291,6 +291,20 @@
291 http_listener_sslport = 9001 ; Use this port for SSL connections 291 http_listener_sslport = 9001 ; Use this port for SSL connections
292 http_listener_ssl_cert = "" ; Currently unused, but will be used for OSHttpServer 292 http_listener_ssl_cert = "" ; Currently unused, but will be used for OSHttpServer
293 293
294 ; HTTPS for "Out of band" management applications such as the remote
295 ; admin module
296 ;
297 ; Create https_listener = "True" will create a listener on the port
298 ; specified. Provide the path to your server certificate along with it's
299 ; password
300 ; https_listener = False
301 ; Set our listener to this port
302 ; https_port = 0
303 ; Path to X509 certificate
304 ; cert_path = "path/to/cert.p12"
305 ; Password for cert
306 ; cert_pass = "password"
307
294 ; Hostname to use in llRequestURL/llRequestSecureURL 308 ; Hostname to use in llRequestURL/llRequestSecureURL
295 ; if not defined - default machine name is being used 309 ; if not defined - default machine name is being used
296 ; (on Windows this mean NETBIOS name - useably only inside local network) 310 ; (on Windows this mean NETBIOS name - useably only inside local network)
diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example
index 047e9ee..cc018f8 100644
--- a/bin/Robust.ini.example
+++ b/bin/Robust.ini.example
@@ -21,6 +21,27 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
21[Network] 21[Network]
22 port = 8003 22 port = 8003
23 23
24
25 ; HTTPS for "Out of band" management applications such as the remote admin
26 ; module. May specify https_main = True to make the main http server
27 ; use https or "False" to make the main server HTTP
28 ; https_main = False
29 ;
30 ; Create https_listener = "True" will create a listener on the port
31 ; specified. Provide the path to your server certificate along with it's
32 ; password
33 ; https_listener = False
34 ;
35 ; Set our listener to this port
36 ; https_port = 0
37 ;
38 ; Path to X509 certificate
39 ; cert_path = "path/to/cert.p12"
40 ;
41 ; Password for cert
42 ; cert_pass = "password"
43
44
24; * The following are for the remote console 45; * The following are for the remote console
25; * They have no effect for the local or basic console types 46; * They have no effect for the local or basic console types
26; * Leave commented to diable logins to the console 47; * Leave commented to diable logins to the console