aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region/CoreModules/Scripting/HttpRequest
diff options
context:
space:
mode:
authorUbitUmarov2018-09-08 04:46:02 +0100
committerUbitUmarov2018-09-08 04:46:02 +0100
commit0d93d5ce69e658476d3f810d525df22348799d59 (patch)
tree7dcdbe5fb30735896f344d6b3b2add2b80a165fa /OpenSim/Region/CoreModules/Scripting/HttpRequest
parenta few changes to ScriptSleep() functions (diff)
downloadopensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.zip
opensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.tar.gz
opensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.tar.bz2
opensim-SC-0d93d5ce69e658476d3f810d525df22348799d59.tar.xz
fix script secure llhttlrequest
Diffstat (limited to 'OpenSim/Region/CoreModules/Scripting/HttpRequest')
-rw-r--r--OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs84
1 files changed, 43 insertions, 41 deletions
diff --git a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs
index e7f0aec..3d3a768 100644
--- a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs
+++ b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs
@@ -110,49 +110,8 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest
110 110
111 public HttpRequestModule() 111 public HttpRequestModule()
112 { 112 {
113// ServicePointManager.ServerCertificateValidationCallback +=ValidateServerCertificate;
114 } 113 }
115 114
116 public static bool ValidateServerCertificate(
117 object sender,
118 X509Certificate certificate,
119 X509Chain chain,
120 SslPolicyErrors sslPolicyErrors)
121 {
122 // If this is a web request we need to check the headers first
123 // We may want to ignore SSL
124 if (sender is HttpWebRequest)
125 {
126 HttpWebRequest Request = (HttpWebRequest)sender;
127 ServicePoint sp = Request.ServicePoint;
128
129 // We don't case about encryption, get out of here
130 if (Request.Headers.Get("NoVerifyCert") != null)
131 {
132 return true;
133 }
134
135 // If there was an upstream cert verification error, bail
136 if ((((int)sslPolicyErrors) & ~4) != 0)
137 return false;
138
139 // Check for policy and execute it if defined
140#pragma warning disable 0618
141 if (ServicePointManager.CertificatePolicy != null)
142 {
143 return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, Request, 0);
144 }
145#pragma warning restore 0618
146
147 return true;
148 }
149
150 // If it's not HTTP, trust .NET to check it
151 if ((((int)sslPolicyErrors) & ~4) != 0)
152 return false;
153
154 return true;
155 }
156 #region IHttpRequestModule Members 115 #region IHttpRequestModule Members
157 116
158 public UUID MakeHttpRequest(string url, string parameters, string body) 117 public UUID MakeHttpRequest(string url, string parameters, string body)
@@ -522,6 +481,47 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest
522 return null; 481 return null;
523 } 482 }
524 483
484 public static bool ValidateServerCertificate(
485 object sender,
486 X509Certificate certificate,
487 X509Chain chain,
488 SslPolicyErrors sslPolicyErrors)
489 {
490 // If this is a web request we need to check the headers first
491 // We may want to ignore SSL
492 if (sender is HttpWebRequest)
493 {
494 HttpWebRequest Request = (HttpWebRequest)sender;
495 ServicePoint sp = Request.ServicePoint;
496
497 // We don't case about encryption, get out of here
498 if (Request.Headers.Get("NoVerifyCert") != null)
499 {
500 return true;
501 }
502
503 // If there was an upstream cert verification error, bail
504 if ((((int)sslPolicyErrors) & ~4) != 0)
505 return false;
506
507 // Check for policy and execute it if defined
508#pragma warning disable 0618
509 if (ServicePointManager.CertificatePolicy != null)
510 {
511 return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, Request, 0);
512 }
513#pragma warning restore 0618
514
515 return true;
516 }
517
518 // If it's not HTTP, trust .NET to check it
519 if ((((int)sslPolicyErrors) & ~4) != 0)
520 return false;
521
522 return true;
523 }
524
525 /* 525 /*
526 * TODO: More work on the response codes. Right now 526 * TODO: More work on the response codes. Right now
527 * returning 200 for success or 499 for exception 527 * returning 200 for success or 499 for exception
@@ -538,6 +538,8 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest
538 try 538 try
539 { 539 {
540 Request = (HttpWebRequest)WebRequest.Create(Url); 540 Request = (HttpWebRequest)WebRequest.Create(Url);
541 Request.ServerCertificateValidationCallback = ValidateServerCertificate;
542
541 Request.AllowAutoRedirect = false; 543 Request.AllowAutoRedirect = false;
542 Request.KeepAlive = false; 544 Request.KeepAlive = false;
543 545