diff options
author | UbitUmarov | 2018-09-08 04:46:02 +0100 |
---|---|---|
committer | UbitUmarov | 2018-09-08 04:46:02 +0100 |
commit | 0d93d5ce69e658476d3f810d525df22348799d59 (patch) | |
tree | 7dcdbe5fb30735896f344d6b3b2add2b80a165fa /OpenSim/Region/CoreModules/Scripting/HttpRequest | |
parent | a few changes to ScriptSleep() functions (diff) | |
download | opensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.zip opensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.tar.gz opensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.tar.bz2 opensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.tar.xz |
fix script secure llhttlrequest
Diffstat (limited to 'OpenSim/Region/CoreModules/Scripting/HttpRequest')
-rw-r--r-- | OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs | 84 |
1 files changed, 43 insertions, 41 deletions
diff --git a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs index e7f0aec..3d3a768 100644 --- a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs +++ b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs | |||
@@ -110,49 +110,8 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest | |||
110 | 110 | ||
111 | public HttpRequestModule() | 111 | public HttpRequestModule() |
112 | { | 112 | { |
113 | // ServicePointManager.ServerCertificateValidationCallback +=ValidateServerCertificate; | ||
114 | } | 113 | } |
115 | 114 | ||
116 | public static bool ValidateServerCertificate( | ||
117 | object sender, | ||
118 | X509Certificate certificate, | ||
119 | X509Chain chain, | ||
120 | SslPolicyErrors sslPolicyErrors) | ||
121 | { | ||
122 | // If this is a web request we need to check the headers first | ||
123 | // We may want to ignore SSL | ||
124 | if (sender is HttpWebRequest) | ||
125 | { | ||
126 | HttpWebRequest Request = (HttpWebRequest)sender; | ||
127 | ServicePoint sp = Request.ServicePoint; | ||
128 | |||
129 | // We don't case about encryption, get out of here | ||
130 | if (Request.Headers.Get("NoVerifyCert") != null) | ||
131 | { | ||
132 | return true; | ||
133 | } | ||
134 | |||
135 | // If there was an upstream cert verification error, bail | ||
136 | if ((((int)sslPolicyErrors) & ~4) != 0) | ||
137 | return false; | ||
138 | |||
139 | // Check for policy and execute it if defined | ||
140 | #pragma warning disable 0618 | ||
141 | if (ServicePointManager.CertificatePolicy != null) | ||
142 | { | ||
143 | return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, Request, 0); | ||
144 | } | ||
145 | #pragma warning restore 0618 | ||
146 | |||
147 | return true; | ||
148 | } | ||
149 | |||
150 | // If it's not HTTP, trust .NET to check it | ||
151 | if ((((int)sslPolicyErrors) & ~4) != 0) | ||
152 | return false; | ||
153 | |||
154 | return true; | ||
155 | } | ||
156 | #region IHttpRequestModule Members | 115 | #region IHttpRequestModule Members |
157 | 116 | ||
158 | public UUID MakeHttpRequest(string url, string parameters, string body) | 117 | public UUID MakeHttpRequest(string url, string parameters, string body) |
@@ -522,6 +481,47 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest | |||
522 | return null; | 481 | return null; |
523 | } | 482 | } |
524 | 483 | ||
484 | public static bool ValidateServerCertificate( | ||
485 | object sender, | ||
486 | X509Certificate certificate, | ||
487 | X509Chain chain, | ||
488 | SslPolicyErrors sslPolicyErrors) | ||
489 | { | ||
490 | // If this is a web request we need to check the headers first | ||
491 | // We may want to ignore SSL | ||
492 | if (sender is HttpWebRequest) | ||
493 | { | ||
494 | HttpWebRequest Request = (HttpWebRequest)sender; | ||
495 | ServicePoint sp = Request.ServicePoint; | ||
496 | |||
497 | // We don't case about encryption, get out of here | ||
498 | if (Request.Headers.Get("NoVerifyCert") != null) | ||
499 | { | ||
500 | return true; | ||
501 | } | ||
502 | |||
503 | // If there was an upstream cert verification error, bail | ||
504 | if ((((int)sslPolicyErrors) & ~4) != 0) | ||
505 | return false; | ||
506 | |||
507 | // Check for policy and execute it if defined | ||
508 | #pragma warning disable 0618 | ||
509 | if (ServicePointManager.CertificatePolicy != null) | ||
510 | { | ||
511 | return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, Request, 0); | ||
512 | } | ||
513 | #pragma warning restore 0618 | ||
514 | |||
515 | return true; | ||
516 | } | ||
517 | |||
518 | // If it's not HTTP, trust .NET to check it | ||
519 | if ((((int)sslPolicyErrors) & ~4) != 0) | ||
520 | return false; | ||
521 | |||
522 | return true; | ||
523 | } | ||
524 | |||
525 | /* | 525 | /* |
526 | * TODO: More work on the response codes. Right now | 526 | * TODO: More work on the response codes. Right now |
527 | * returning 200 for success or 499 for exception | 527 | * returning 200 for success or 499 for exception |
@@ -538,6 +538,8 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest | |||
538 | try | 538 | try |
539 | { | 539 | { |
540 | Request = (HttpWebRequest)WebRequest.Create(Url); | 540 | Request = (HttpWebRequest)WebRequest.Create(Url); |
541 | Request.ServerCertificateValidationCallback = ValidateServerCertificate; | ||
542 | |||
541 | Request.AllowAutoRedirect = false; | 543 | Request.AllowAutoRedirect = false; |
542 | Request.KeepAlive = false; | 544 | Request.KeepAlive = false; |
543 | 545 | ||