recover regions main http server ssl suport. Using a PKCS12 cert file, and not certs store for now. Option http_listener_cn, cert CN need to the same as external IP. Self sign certs do seem to work, but the viewers option NoVerifySLLCert needs to be set true. CA check is not done but they do check the IP

author: UbitUmarov 2016-10-06 21:35:11 +0100
committer: UbitUmarov 2016-10-06 21:35:11 +0100
commit: b51739e23ecc071a107755c7613ff274f65c3a64 (patch)
tree: f86af87ea451271a06acc62e769e97ea33cd9bd9 /OpenSim/Region/Application
parent: Merge branch 'master' into httptests (diff)
download: opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.zip
opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.tar.gz
opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.tar.bz2
opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.tar.xz
2 files changed, 33 insertions, 7 deletions
diff --git a/OpenSim/Region/Application/OpenSimBase.cs b/OpenSim/Region/Application/OpenSimBase.cs
index 52ded3d..62abf8e 100644
--- a/OpenSim/Region/Application/OpenSimBase.cs
+++ b/OpenSim/Region/Application/OpenSimBase.cs
@@ -351,7 +351,18 @@ namespace OpenSim
            if (startupConfig == null || startupConfig.GetBoolean("JobEngineEnabled", true))
                WorkManager.JobEngine.Start();
-            m_httpServerPort = m_networkServersInfo.HttpListenerPort;
+           
+            if(m_networkServersInfo.HttpUsesSSL)
+            {
+                m_httpServerSSL = true;
+                m_httpServerPort = m_networkServersInfo.httpSSLPort;
+            }
+            else
+            {
+                m_httpServerSSL = false;
+                m_httpServerPort = m_networkServersInfo.HttpListenerPort;
+            }
            SceneManager.OnRestartSim += HandleRestartRegion;
            // Only enable the watchdogs when all regions are ready.  Otherwise we get false positives when cpu is
@@ -404,7 +415,18 @@ namespace OpenSim
            // set initial ServerURI
            regionInfo.HttpPort = m_httpServerPort;
-            regionInfo.ServerURI = "http://" + regionInfo.ExternalHostName + ":" + regionInfo.HttpPort.ToString() + "/";
+            if(m_httpServerSSL)
+            {
+                if(m_networkServersInfo.HttpSSLCN != regionInfo.ExternalHostName)
+                    throw new Exception("main http cert CN doesn't match region External IP");
+                regionInfo.ServerURI = "https://" + regionInfo.ExternalHostName +
+                         ":" + regionInfo.HttpPort.ToString() + "/";
+            }
+            else
+                regionInfo.ServerURI = "http://" + regionInfo.ExternalHostName +
+                         ":" + regionInfo.HttpPort.ToString() + "/";
            
            regionInfo.osSecret = m_osSecret;
            
diff --git a/OpenSim/Region/Application/RegionApplicationBase.cs b/OpenSim/Region/Application/RegionApplicationBase.cs
index ba92fd6..603f139 100644
--- a/OpenSim/Region/Application/RegionApplicationBase.cs
+++ b/OpenSim/Region/Application/RegionApplicationBase.cs
@@ -50,6 +50,7 @@ namespace OpenSim
        protected Dictionary<EndPoint, uint> m_clientCircuits = new Dictionary<EndPoint, uint>();
        protected NetworkServersInfo m_networkServersInfo;
        protected uint m_httpServerPort;
+        protected bool m_httpServerSSL;
        protected ISimulationDataService m_simulationDataService;
        protected IEstateDataService m_estateDataService;
@@ -70,15 +71,18 @@ namespace OpenSim
            m_httpServer 
                = new BaseHttpServer(
-                    m_httpServerPort, m_networkServersInfo.HttpUsesSSL, m_networkServersInfo.httpSSLPort, 
+                    m_httpServerPort, m_networkServersInfo.HttpUsesSSL,
-                    m_networkServersInfo.HttpSSLCN);
+                        m_networkServersInfo.httpSSLPort, m_networkServersInfo.HttpSSLCN,
-            
+                        m_networkServersInfo.HttpSSLCertPath, m_networkServersInfo.HttpSSLCNCertPass);
+/* why this? we only run one            
            if (m_networkServersInfo.HttpUsesSSL && (m_networkServersInfo.HttpListenerPort == m_networkServersInfo.httpSSLPort))
            {
                m_log.Error("[REGION SERVER]: HTTP Server config failed.   HTTP Server and HTTPS server must be on different ports");
            }
+*/
-            m_log.InfoFormat("[REGION SERVER]: Starting HTTP server on port {0}", m_httpServerPort);
+            m_log.InfoFormat("[REGION SERVER]: Starting HTTP{0} server on port {1}",
+                    m_networkServersInfo.HttpUsesSSL ? "S" : "", m_httpServerPort);
            m_httpServer.Start();
            MainServer.AddHttpServer(m_httpServer);
author	UbitUmarov	2016-10-06 21:35:11 +0100
committer	UbitUmarov	2016-10-06 21:35:11 +0100
commit	b51739e23ecc071a107755c7613ff274f65c3a64 (patch)
tree	f86af87ea451271a06acc62e769e97ea33cd9bd9 /OpenSim/Region/Application
parent	Merge branch 'master' into httptests (diff)
download	opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.zip opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.tar.gz opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.tar.bz2 opensim-SC-b51739e23ecc071a107755c7613ff274f65c3a64.tar.xz

diff --git a/OpenSim/Region/Application/OpenSimBase.cs b/OpenSim/Region/Application/OpenSimBase.cs index 52ded3d..62abf8e 100644 --- a/OpenSim/Region/Application/OpenSimBase.cs +++ b/OpenSim/Region/Application/OpenSimBase.cs
@@ -351,7 +351,18 @@ namespace OpenSim
351	if (startupConfig == null \|\| startupConfig.GetBoolean("JobEngineEnabled", true))	351	if (startupConfig == null \|\| startupConfig.GetBoolean("JobEngineEnabled", true))
352	WorkManager.JobEngine.Start();	352	WorkManager.JobEngine.Start();
353		353
354	m_httpServerPort = m_networkServersInfo.HttpListenerPort;	354
		355	if(m_networkServersInfo.HttpUsesSSL)
		356	{
		357	m_httpServerSSL = true;
		358	m_httpServerPort = m_networkServersInfo.httpSSLPort;
		359	}
		360	else
		361	{
		362	m_httpServerSSL = false;
		363	m_httpServerPort = m_networkServersInfo.HttpListenerPort;
		364	}
		365
355	SceneManager.OnRestartSim += HandleRestartRegion;	366	SceneManager.OnRestartSim += HandleRestartRegion;
356		367
357	// Only enable the watchdogs when all regions are ready. Otherwise we get false positives when cpu is	368	// Only enable the watchdogs when all regions are ready. Otherwise we get false positives when cpu is
@@ -404,7 +415,18 @@ namespace OpenSim
404		415
405	// set initial ServerURI	416	// set initial ServerURI
406	regionInfo.HttpPort = m_httpServerPort;	417	regionInfo.HttpPort = m_httpServerPort;
407	regionInfo.ServerURI = "http://" + regionInfo.ExternalHostName + ":" + regionInfo.HttpPort.ToString() + "/";	418	if(m_httpServerSSL)
		419	{
		420	if(m_networkServersInfo.HttpSSLCN != regionInfo.ExternalHostName)
		421	throw new Exception("main http cert CN doesn't match region External IP");
		422
		423	regionInfo.ServerURI = "https://" + regionInfo.ExternalHostName +
		424	":" + regionInfo.HttpPort.ToString() + "/";
		425	}
		426	else
		427	regionInfo.ServerURI = "http://" + regionInfo.ExternalHostName +
		428	":" + regionInfo.HttpPort.ToString() + "/";
		429
408		430
409	regionInfo.osSecret = m_osSecret;	431	regionInfo.osSecret = m_osSecret;
410		432


diff --git a/OpenSim/Region/Application/RegionApplicationBase.cs b/OpenSim/Region/Application/RegionApplicationBase.cs index ba92fd6..603f139 100644 --- a/OpenSim/Region/Application/RegionApplicationBase.cs +++ b/OpenSim/Region/Application/RegionApplicationBase.cs
@@ -50,6 +50,7 @@ namespace OpenSim
50	protected Dictionary<EndPoint, uint> m_clientCircuits = new Dictionary<EndPoint, uint>();	50	protected Dictionary<EndPoint, uint> m_clientCircuits = new Dictionary<EndPoint, uint>();
51	protected NetworkServersInfo m_networkServersInfo;	51	protected NetworkServersInfo m_networkServersInfo;
52	protected uint m_httpServerPort;	52	protected uint m_httpServerPort;
		53	protected bool m_httpServerSSL;
53	protected ISimulationDataService m_simulationDataService;	54	protected ISimulationDataService m_simulationDataService;
54	protected IEstateDataService m_estateDataService;	55	protected IEstateDataService m_estateDataService;
55		56
@@ -70,15 +71,18 @@ namespace OpenSim
70		71
71	m_httpServer	72	m_httpServer
72	= new BaseHttpServer(	73	= new BaseHttpServer(
73	m_httpServerPort, m_networkServersInfo.HttpUsesSSL, m_networkServersInfo.httpSSLPort,	74	m_httpServerPort, m_networkServersInfo.HttpUsesSSL,
74	m_networkServersInfo.HttpSSLCN);	75	m_networkServersInfo.httpSSLPort, m_networkServersInfo.HttpSSLCN,
75		76	m_networkServersInfo.HttpSSLCertPath, m_networkServersInfo.HttpSSLCNCertPass);
		77
		78	/* why this? we only run one
76	if (m_networkServersInfo.HttpUsesSSL && (m_networkServersInfo.HttpListenerPort == m_networkServersInfo.httpSSLPort))	79	if (m_networkServersInfo.HttpUsesSSL && (m_networkServersInfo.HttpListenerPort == m_networkServersInfo.httpSSLPort))
77	{	80	{
78	m_log.Error("[REGION SERVER]: HTTP Server config failed. HTTP Server and HTTPS server must be on different ports");	81	m_log.Error("[REGION SERVER]: HTTP Server config failed. HTTP Server and HTTPS server must be on different ports");
79	}	82	}
80		83	*/
81	m_log.InfoFormat("[REGION SERVER]: Starting HTTP server on port {0}", m_httpServerPort);	84	m_log.InfoFormat("[REGION SERVER]: Starting HTTP{0} server on port {1}",
		85	m_networkServersInfo.HttpUsesSSL ? "S" : "", m_httpServerPort);
82	m_httpServer.Start();	86	m_httpServer.Start();
83		87
84	MainServer.AddHttpServer(m_httpServer);	88	MainServer.AddHttpServer(m_httpServer);