aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework
diff options
context:
space:
mode:
authorUbitUmarov2016-12-07 13:30:07 +0000
committerUbitUmarov2016-12-07 13:30:07 +0000
commit3a81642d979a84c5c2e666cb500e080d56f887ed (patch)
tree0f3302d414792ef3b3cb2046595561373f1ba19b /OpenSim/Framework
parentadd SSL certs validation options for robust to allow simple certificates, pos... (diff)
downloadopensim-SC-3a81642d979a84c5c2e666cb500e080d56f887ed.zip
opensim-SC-3a81642d979a84c5c2e666cb500e080d56f887ed.tar.gz
opensim-SC-3a81642d979a84c5c2e666cb500e080d56f887ed.tar.bz2
opensim-SC-3a81642d979a84c5c2e666cb500e080d56f887ed.tar.xz
add SSL certs validation options for regions to allow simple encriptation without any peer autentification using simple homemade (or even shared) certs.
Diffstat (limited to 'OpenSim/Framework')
-rw-r--r--OpenSim/Framework/Servers/BaseOpenSimServer.cs30
1 files changed, 29 insertions, 1 deletions
diff --git a/OpenSim/Framework/Servers/BaseOpenSimServer.cs b/OpenSim/Framework/Servers/BaseOpenSimServer.cs
index 1d4deac..541b658 100644
--- a/OpenSim/Framework/Servers/BaseOpenSimServer.cs
+++ b/OpenSim/Framework/Servers/BaseOpenSimServer.cs
@@ -33,6 +33,9 @@ using System.Text;
33using System.Text.RegularExpressions; 33using System.Text.RegularExpressions;
34using System.Threading; 34using System.Threading;
35using System.Timers; 35using System.Timers;
36using System.Net;
37using System.Net.Security;
38using System.Security.Cryptography.X509Certificates;
36using log4net; 39using log4net;
37using log4net.Appender; 40using log4net.Appender;
38using log4net.Core; 41using log4net.Core;
@@ -85,7 +88,27 @@ namespace OpenSim.Framework.Servers
85 // Random uuid for private data 88 // Random uuid for private data
86 m_osSecret = UUID.Random().ToString(); 89 m_osSecret = UUID.Random().ToString();
87 } 90 }
88 91
92 private static bool m_NoVerifyCertChain = false;
93 private static bool m_NoVerifyCertHostname = false;
94
95 public static bool ValidateServerCertificate(
96 object sender,
97 X509Certificate certificate,
98 X509Chain chain,
99 SslPolicyErrors sslPolicyErrors)
100 {
101 if (m_NoVerifyCertChain)
102 sslPolicyErrors &= ~SslPolicyErrors.RemoteCertificateChainErrors;
103
104 if (m_NoVerifyCertHostname)
105 sslPolicyErrors &= ~SslPolicyErrors.RemoteCertificateNameMismatch;
106
107 if (sslPolicyErrors == SslPolicyErrors.None)
108 return true;
109
110 return false;
111 }
89 /// <summary> 112 /// <summary>
90 /// Must be overriden by child classes for their own server specific startup behaviour. 113 /// Must be overriden by child classes for their own server specific startup behaviour.
91 /// </summary> 114 /// </summary>
@@ -96,6 +119,11 @@ namespace OpenSim.Framework.Servers
96 RegisterCommonComponents(Config); 119 RegisterCommonComponents(Config);
97 120
98 IConfig startupConfig = Config.Configs["Startup"]; 121 IConfig startupConfig = Config.Configs["Startup"];
122
123 m_NoVerifyCertChain = startupConfig.GetBoolean("NoVerifyCertChain", m_NoVerifyCertChain);
124 m_NoVerifyCertHostname = startupConfig.GetBoolean("NoVerifyCertHostname", m_NoVerifyCertHostname);
125 ServicePointManager.ServerCertificateValidationCallback = ValidateServerCertificate;
126
99 int logShowStatsSeconds = startupConfig.GetInt("LogShowStatsSeconds", m_periodDiagnosticTimerMS / 1000); 127 int logShowStatsSeconds = startupConfig.GetInt("LogShowStatsSeconds", m_periodDiagnosticTimerMS / 1000);
100 m_periodDiagnosticTimerMS = logShowStatsSeconds * 1000; 128 m_periodDiagnosticTimerMS = logShowStatsSeconds * 1000;
101 m_periodicDiagnosticsTimer.Elapsed += new ElapsedEventHandler(LogDiagnostics); 129 m_periodicDiagnosticsTimer.Elapsed += new ElapsedEventHandler(LogDiagnostics);