1 files changed, 199 insertions, 53 deletions
diff --git a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
index f4ba02f..ca67d84 100644
--- a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
+++ b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
@@ -32,6 +32,7 @@ using System.Collections.Specialized;
 using System.IO;
 using System.Net;
 using System.Net.Sockets;
+using System.Net.Security;
 using System.Security.Cryptography.X509Certificates;
 using System.Reflection;
 using System.Globalization;
@@ -43,10 +44,11 @@ using log4net;
 using Nwc.XmlRpc;
 using OpenMetaverse.StructuredData;
 using CoolHTTPListener = HttpServer.HttpListener;
-using HttpListener=System.Net.HttpListener;
+using HttpListener = System.Net.HttpListener;
-using LogPrio=HttpServer.LogPrio;
+using LogPrio = HttpServer.LogPrio;
 using OpenSim.Framework.Monitoring;
 using System.IO.Compression;
+using System.Security.Cryptography;
 namespace OpenSim.Framework.Servers.HttpServer
 {
@@ -107,19 +109,26 @@ namespace OpenSim.Framework.Servers.HttpServer
            new Dictionary<string, WebSocketRequestDelegate>();
        protected uint m_port;
-        protected uint m_sslport;
        protected bool m_ssl;
        private X509Certificate2 m_cert;
-        protected bool m_firstcaps = true;
        protected string m_SSLCommonName = "";
+        protected List<string> m_certNames = new List<string>();
+        protected List<string> m_certIPs = new List<string>();
+        protected string m_certCN= "";
+        protected RemoteCertificateValidationCallback m_certificateValidationCallback = null;
        protected IPAddress m_listenIPAddress = IPAddress.Any;
        public PollServiceRequestManager PollServiceRequestManager { get; private set; }
+        public string Protocol
+        {
+            get { return m_ssl ? "https://" : "http://"; }
+        }
        public uint SSLPort
        {
-            get { return m_sslport; }
+            get { return m_port; }
        }
        public string SSLCommonName
@@ -148,27 +157,166 @@ namespace OpenSim.Framework.Servers.HttpServer
            m_port = port;
        }
-        public BaseHttpServer(uint port, bool ssl) : this (port)
+        private void load_cert(string CPath, string CPass)
        {
-            m_ssl = ssl;
+            try
+            {
+                 m_cert = new X509Certificate2(CPath, CPass);
+                X509Extension ext = m_cert.Extensions["2.5.29.17"];
+                if(ext != null)
+                {
+                    AsnEncodedData asndata = new AsnEncodedData(ext.Oid, ext.RawData);
+                    string datastr = asndata.Format(true);
+                    string[] lines = datastr.Split(new char[] {'\n','\r'});
+                    foreach(string s in lines)
+                    {
+                        if(String.IsNullOrEmpty(s))
+                            continue;
+                        string[] parts = s.Split(new char[] {'='});
+                        if(String.IsNullOrEmpty(parts[0]))
+                            continue;
+                        string entryName = parts[0].Replace(" ","");
+                        if(entryName == "DNSName")
+                            m_certNames.Add(parts[1]);
+                        else if(entryName == "IPAddress")
+                            m_certIPs.Add(parts[1]);
+                        else if(entryName == "Unknown(135)") // stupid mono
+                        {
+                            try
+                            {
+                                if(parts[1].Length == 8)
+                                {
+                                    long tmp = long.Parse(parts[1], NumberStyles.AllowHexSpecifier);
+                                    tmp = IPAddress.HostToNetworkOrder(tmp);
+                                    tmp = (long)((ulong) tmp >> 32);
+                                    IPAddress ia = new IPAddress(tmp);     
+                                    m_certIPs.Add(ia.ToString());
+                                }
+                            }
+                            catch {}
+                        }
+                    }
+                }
+                m_certCN = m_cert.GetNameInfo(X509NameType.SimpleName, false);
+            }
+            catch
+            {
+                throw new Exception("SSL cert load error");
+            }
        }
-        public BaseHttpServer(uint port, bool ssl, uint sslport, string CN) : this (port, ssl)
+        public BaseHttpServer(uint port, bool ssl, string CN, string CPath, string CPass)
        {
-            if (m_ssl)
+            m_port = port;
+            if (ssl)
            {
-                m_sslport = sslport;
+                if(string.IsNullOrEmpty(CPath))
+                    throw new Exception("invalid main http server cert path");
+                if(Uri.CheckHostName(CN) == UriHostNameType.Unknown)
+                    throw new Exception("invalid main http server CN (ExternalHostName)");
+                m_certNames.Clear();
+                m_certIPs.Clear();
+                m_certCN= "";
+                m_ssl = true;
+                load_cert(CPath, CPass);
+                
+                if(!CheckSSLCertHost(CN))
+                    throw new Exception("invalid main http server CN (ExternalHostName)");
+                m_SSLCommonName = CN;
+                if(m_cert.Issuer == m_cert.Subject )
+                    m_log.Warn("Self signed certificate. Clients need to allow this (some viewers debug option NoVerifySSLcert must be set to true");
            }
+            else
+                m_ssl = false;
        }
-        public BaseHttpServer(uint port, bool ssl, string CPath, string CPass) : this (port, ssl)
+        public BaseHttpServer(uint port, bool ssl, string CPath, string CPass)
        {
-            if (m_ssl)
+            m_port = port;
+            if (ssl)
            {
-                m_cert = new X509Certificate2(CPath, CPass);
+                load_cert(CPath, CPass);
+                if(m_cert.Issuer == m_cert.Subject )
+                    m_log.Warn("Self signed certificate. Http clients need to allow this");
+                m_ssl = true;
+            }
+            else
+                m_ssl = false;
+        }
+                static bool MatchDNS (string hostname, string dns) 
+                { 
+                        int indx = dns.IndexOf ('*'); 
+                        if (indx == -1)
+                                return (String.Compare(hostname, dns, true, CultureInfo.InvariantCulture) == 0); 
+ 
+            int dnslen = dns.Length;
+            dnslen--;
+            if(indx == dnslen)
+                return true; // just * ?
+            if(indx > dnslen - 2)
+                return false; // 2 short ?
+                if (dns[indx + 1] != '.') 
+                        return false; 
+  
+                        int indx2 = dns.IndexOf ('*', indx + 1); 
+                        if (indx2 != -1) 
+                                return false; // there can only be one;
+ 
+                        string end = dns.Substring(indx + 1); 
+            int hostlen = hostname.Length;
+            int endlen = end.Length;
+                        int length = hostlen - endlen; 
+                        if (length <= 0) 
+                                return false; 
+                        if (String.Compare(hostname, length, end, 0, endlen, true, CultureInfo.InvariantCulture) != 0) 
+                                return false; 
+ 
+                        if (indx == 0)
+            { 
+                                indx2 = hostname.IndexOf ('.'); 
+                                return ((indx2 == -1) || (indx2 >= length)); 
+                        } 
+  
+                        string start = dns.Substring (0, indx); 
+                        return (String.Compare (hostname, 0, start, 0, start.Length, true, CultureInfo.InvariantCulture) == 0); 
+                } 
+        public bool CheckSSLCertHost(string hostname)
+        {
+            UriHostNameType htype = Uri.CheckHostName(hostname);
+            if(htype == UriHostNameType.Unknown || htype == UriHostNameType.Basic)
+                return false;
+            if(htype == UriHostNameType.Dns)
+            {
+                foreach(string name in m_certNames)
+                {
+                    if(MatchDNS(hostname, name))
+                        return true;
+                }
+                if(MatchDNS(hostname, m_certCN))
+                    return true;
+            }
+            else
+            {
+                foreach(string ip in m_certIPs)
+                {
+                    if (String.Compare(hostname, ip, true, CultureInfo.InvariantCulture) == 0)
+                        return true;
+                }               
            }
-        }
+            return false;
+        }
        /// <summary>
        /// Add a stream handler to the http server.  If the handler already exists, then nothing happens.
        /// </summary>
@@ -396,12 +544,9 @@ namespace OpenSim.Framework.Servers.HttpServer
                    if (psEvArgs.Request != null)
                    {
                        OSHttpRequest req = new OSHttpRequest(context, request);
-                        Stream requestStream = req.InputStream;
                        string requestBody;
                        Encoding encoding = Encoding.UTF8;
-                        using(StreamReader reader = new StreamReader(requestStream, encoding))
+                        using(StreamReader reader = new StreamReader(req.InputStream, encoding))
                            requestBody = reader.ReadToEnd();
                        Hashtable keysvals = new Hashtable();
@@ -460,7 +605,7 @@ namespace OpenSim.Framework.Servers.HttpServer
            }
            OSHttpResponse resp = new OSHttpResponse(new HttpResponse(context, request),context);
-            resp.ReuseContext = true;
+//            resp.ReuseContext = true;
 //            resp.ReuseContext = false;
            HandleRequest(req, resp);
@@ -496,6 +641,8 @@ namespace OpenSim.Framework.Servers.HttpServer
                    byte[] buffer500 = SendHTML500(response);
                    response.OutputStream.Write(buffer500, 0, buffer500.Length);
                    response.Send();
+                    if(request.InputStream.CanRead) 
+                        request.InputStream.Close();
                }
                catch
                {
@@ -540,7 +687,6 @@ namespace OpenSim.Framework.Servers.HttpServer
 //                    }
 //                }
-                //response.KeepAlive = true;
                response.SendChunked = false;
                string path = request.RawUrl;
@@ -564,11 +710,10 @@ namespace OpenSim.Framework.Servers.HttpServer
                    {
                        //m_log.Debug("[BASE HTTP SERVER]: Found Caps based HTTP Handler");
                        IGenericHTTPHandler HTTPRequestHandler = requestHandler as IGenericHTTPHandler;
-                        Stream requestStream = request.InputStream;
                        string requestBody;
                        Encoding encoding = Encoding.UTF8;
-                        using(StreamReader reader = new StreamReader(requestStream, encoding))
+                        using(StreamReader reader = new StreamReader(request.InputStream, encoding))
                            requestBody = reader.ReadToEnd();
                        Hashtable keysvals = new Hashtable();
@@ -609,7 +754,6 @@ namespace OpenSim.Framework.Servers.HttpServer
                    else
                    {
                        IStreamHandler streamHandler = (IStreamHandler)requestHandler;
                        using (MemoryStream memoryStream = new MemoryStream())
                        {
                            streamHandler.Handle(path, request.InputStream, memoryStream, request, response);
@@ -720,10 +864,6 @@ namespace OpenSim.Framework.Servers.HttpServer
                requestEndTick = Environment.TickCount;
                response.Send();
-                //response.OutputStream.Close();
-                //response.FreeContext();
            }
            catch (SocketException e)
            {
@@ -755,6 +895,9 @@ namespace OpenSim.Framework.Servers.HttpServer
            }
            finally
            {
+                if(request.InputStream.CanRead)
+                    request.InputStream.Close();
                // Every month or so this will wrap and give bad numbers, not really a problem
                // since its just for reporting
                int tickdiff = requestEndTick - requestStartTick;
@@ -1008,12 +1151,13 @@ namespace OpenSim.Framework.Servers.HttpServer
                using (StreamReader reader = new StreamReader(requestStream, Encoding.UTF8))
                    requestBody = reader.ReadToEnd();
-            }
+                }
            finally
            {
-                if (innerStream != null)
+                if (innerStream != null && innerStream.CanRead)
                    innerStream.Dispose();
-                requestStream.Dispose();
+                if (requestStream.CanRead)
+                    requestStream.Dispose();
            }
            //m_log.Debug(requestBody);
@@ -1094,6 +1238,17 @@ namespace OpenSim.Framework.Servers.HttpServer
                        if (gridproxy)
                            xmlRprcRequest.Params.Add("gridproxy");  // Param[4]
+                        // reserve this for
+                        // ... by Fumi.Iseki for DTLNSLMoneyServer
+                        // BUT make its presence possible to detect/parse
+                        string rcn = request.IHttpClientContext.SSLCommonName;
+                        if(!string.IsNullOrWhiteSpace(rcn))
+                        {
+                            rcn = "SSLCN:" + rcn;
+                            xmlRprcRequest.Params.Add(rcn); // Param[4] or Param[5]
+                        }
+                
                        try
                        {
                            xmlRpcResponse = method(xmlRprcRequest, request.RemoteIPEndPoint);
@@ -1265,7 +1420,6 @@ namespace OpenSim.Framework.Servers.HttpServer
                requestBody= reader.ReadToEnd();
            //m_log.DebugFormat("[OGP]: {0}:{1}", request.RawUrl, requestBody);
-            response.KeepAlive = true;
            OSD llsdRequest = null;
            OSD llsdResponse = null;
@@ -1781,20 +1935,13 @@ namespace OpenSim.Framework.Servers.HttpServer
            {
                response.ProtocolVersion = (string)responsedata["http_protocol_version"];
            }
-/*
            if (responsedata.ContainsKey("keepalive"))
            {
                bool keepalive = (bool)responsedata["keepalive"];
                response.KeepAlive = keepalive;
            }
-            if (responsedata.ContainsKey("reusecontext"))
-                response.ReuseContext = (bool) responsedata["reusecontext"];
-*/
-            // disable this things
-            response.KeepAlive = false;
-            response.ReuseContext = false;
            // Cross-Origin Resource Sharing with simple requests
            if (responsedata.ContainsKey("access_control_allow_origin"))
                response.AddHeader("Access-Control-Allow-Origin", (string)responsedata["access_control_allow_origin"]);
@@ -1807,11 +1954,8 @@ namespace OpenSim.Framework.Servers.HttpServer
                contentType = "text/html";
            }
            // The client ignores anything but 200 here for web login, so ensure that this is 200 for that
            response.StatusCode = responsecode;
            if (responsecode == (int)OSHttpStatusCode.RedirectMovedPermanently)
@@ -1821,7 +1965,6 @@ namespace OpenSim.Framework.Servers.HttpServer
            }
            response.AddHeader("Content-Type", contentType);
            if (responsedata.ContainsKey("headers"))
            {
                Hashtable headerdata = (Hashtable)responsedata["headers"];
@@ -1895,7 +2038,7 @@ namespace OpenSim.Framework.Servers.HttpServer
        public void Start()
        {
-            Start(true);
+            Start(true,true);
        }
        /// <summary>
@@ -1905,7 +2048,7 @@ namespace OpenSim.Framework.Servers.HttpServer
        /// If true then poll responses are performed asynchronsly.
        /// Option exists to allow regression tests to perform processing synchronously.
        /// </param>
-        public void Start(bool performPollResponsesAsync)
+        public void Start(bool performPollResponsesAsync, bool runPool)
        {
            m_log.InfoFormat(
                "[BASE HTTP SERVER]: Starting {0} server on port {1}", UseSSL ? "HTTPS" : "HTTP", Port);
@@ -1934,6 +2077,8 @@ namespace OpenSim.Framework.Servers.HttpServer
                    //m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/");
                    //m_httpListener.Prefixes.Add("http://+:" + m_port + "/");
                    m_httpListener2 = CoolHTTPListener.Create(IPAddress.Any, (int)m_port, m_cert);
+                    if(m_certificateValidationCallback != null)
+                        m_httpListener2.CertificateValidationCallback = m_certificateValidationCallback;
                    m_httpListener2.ExceptionThrown += httpServerException;
                    m_httpListener2.LogWriter = httpserverlog;
                }
@@ -1943,9 +2088,11 @@ namespace OpenSim.Framework.Servers.HttpServer
                m_httpListener2.Start(64);
                // Long Poll Service Manager with 3 worker threads a 25 second timeout for no events
+                if(runPool)
-                PollServiceRequestManager = new PollServiceRequestManager(this, performPollResponsesAsync, 2, 25000);
+                {
-                PollServiceRequestManager.Start();
+                    PollServiceRequestManager = new PollServiceRequestManager(this, performPollResponsesAsync, 2, 25000);
+                    PollServiceRequestManager.Start();
+                }
                HTTPDRunning = true;
@@ -1959,7 +2106,7 @@ namespace OpenSim.Framework.Servers.HttpServer
            catch (Exception e)
            {
                m_log.Error("[BASE HTTP SERVER]: Error - " + e.Message);
-                m_log.Error("[BASE HTTP SERVER]: Tip: Do you have permission to listen on port " + m_port + ", " + m_sslport + "?");
+                m_log.Error("[BASE HTTP SERVER]: Tip: Do you have permission to listen on port " + m_port + "?");
                // We want this exception to halt the entire server since in current configurations we aren't too
                // useful without inbound HTTP.
@@ -2125,10 +2272,9 @@ namespace OpenSim.Framework.Servers.HttpServer
            string file = Path.Combine(".", "http_500.html");
            if (!File.Exists(file))
                return getDefaultHTTP500();
+            string result;
-            StreamReader sr = File.OpenText(file);
+            using(StreamReader sr = File.OpenText(file))
-            string result = sr.ReadToEnd();
+                result = sr.ReadToEnd();
-            sr.Close();
            return result;
        }

diff --git a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs index f4ba02f..ca67d84 100644 --- a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs +++ b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
@@ -32,6 +32,7 @@ using System.Collections.Specialized;
32	using System.IO;	32	using System.IO;
33	using System.Net;	33	using System.Net;
34	using System.Net.Sockets;	34	using System.Net.Sockets;
		35	using System.Net.Security;
35	using System.Security.Cryptography.X509Certificates;	36	using System.Security.Cryptography.X509Certificates;
36	using System.Reflection;	37	using System.Reflection;
37	using System.Globalization;	38	using System.Globalization;
@@ -43,10 +44,11 @@ using log4net;
43	using Nwc.XmlRpc;	44	using Nwc.XmlRpc;
44	using OpenMetaverse.StructuredData;	45	using OpenMetaverse.StructuredData;
45	using CoolHTTPListener = HttpServer.HttpListener;	46	using CoolHTTPListener = HttpServer.HttpListener;
46	using HttpListener=System.Net.HttpListener;	47	using HttpListener = System.Net.HttpListener;
47	using LogPrio=HttpServer.LogPrio;	48	using LogPrio = HttpServer.LogPrio;
48	using OpenSim.Framework.Monitoring;	49	using OpenSim.Framework.Monitoring;
49	using System.IO.Compression;	50	using System.IO.Compression;
		51	using System.Security.Cryptography;
50		52
51	namespace OpenSim.Framework.Servers.HttpServer	53	namespace OpenSim.Framework.Servers.HttpServer
52	{	54	{
@@ -107,19 +109,26 @@ namespace OpenSim.Framework.Servers.HttpServer
107	new Dictionary<string, WebSocketRequestDelegate>();	109	new Dictionary<string, WebSocketRequestDelegate>();
108		110
109	protected uint m_port;	111	protected uint m_port;
110	protected uint m_sslport;
111	protected bool m_ssl;	112	protected bool m_ssl;
112	private X509Certificate2 m_cert;	113	private X509Certificate2 m_cert;
113	protected bool m_firstcaps = true;
114	protected string m_SSLCommonName = "";	114	protected string m_SSLCommonName = "";
		115	protected List<string> m_certNames = new List<string>();
		116	protected List<string> m_certIPs = new List<string>();
		117	protected string m_certCN= "";
		118	protected RemoteCertificateValidationCallback m_certificateValidationCallback = null;
115		119
116	protected IPAddress m_listenIPAddress = IPAddress.Any;	120	protected IPAddress m_listenIPAddress = IPAddress.Any;
117		121
118	public PollServiceRequestManager PollServiceRequestManager { get; private set; }	122	public PollServiceRequestManager PollServiceRequestManager { get; private set; }
119		123
		124	public string Protocol
		125	{
		126	get { return m_ssl ? "https://" : "http://"; }
		127	}
		128
120	public uint SSLPort	129	public uint SSLPort
121	{	130	{
122	get { return m_sslport; }	131	get { return m_port; }
123	}	132	}
124		133
125	public string SSLCommonName	134	public string SSLCommonName
@@ -148,27 +157,166 @@ namespace OpenSim.Framework.Servers.HttpServer
148	m_port = port;	157	m_port = port;
149	}	158	}
150		159
151	public BaseHttpServer(uint port, bool ssl) : this (port)	160	private void load_cert(string CPath, string CPass)
152	{	161	{
153	m_ssl = ssl;	162	try
		163	{
		164	m_cert = new X509Certificate2(CPath, CPass);
		165	X509Extension ext = m_cert.Extensions["2.5.29.17"];
		166	if(ext != null)
		167	{
		168	AsnEncodedData asndata = new AsnEncodedData(ext.Oid, ext.RawData);
		169	string datastr = asndata.Format(true);
		170	string[] lines = datastr.Split(new char[] {'\n','\r'});
		171	foreach(string s in lines)
		172	{
		173	if(String.IsNullOrEmpty(s))
		174	continue;
		175	string[] parts = s.Split(new char[] {'='});
		176	if(String.IsNullOrEmpty(parts[0]))
		177	continue;
		178	string entryName = parts[0].Replace(" ","");
		179	if(entryName == "DNSName")
		180	m_certNames.Add(parts[1]);
		181	else if(entryName == "IPAddress")
		182	m_certIPs.Add(parts[1]);
		183	else if(entryName == "Unknown(135)") // stupid mono
		184	{
		185	try
		186	{
		187	if(parts[1].Length == 8)
		188	{
		189	long tmp = long.Parse(parts[1], NumberStyles.AllowHexSpecifier);
		190	tmp = IPAddress.HostToNetworkOrder(tmp);
		191	tmp = (long)((ulong) tmp >> 32);
		192	IPAddress ia = new IPAddress(tmp);
		193	m_certIPs.Add(ia.ToString());
		194	}
		195	}
		196	catch {}
		197	}
		198	}
		199	}
		200	m_certCN = m_cert.GetNameInfo(X509NameType.SimpleName, false);
		201	}
		202	catch
		203	{
		204	throw new Exception("SSL cert load error");
		205	}
154	}	206	}
155		207
156	public BaseHttpServer(uint port, bool ssl, uint sslport, string CN) : this (port, ssl)	208	public BaseHttpServer(uint port, bool ssl, string CN, string CPath, string CPass)
157	{	209	{
158	if (m_ssl)	210	m_port = port;
		211	if (ssl)
159	{	212	{
160	m_sslport = sslport;	213	if(string.IsNullOrEmpty(CPath))
		214	throw new Exception("invalid main http server cert path");
		215
		216	if(Uri.CheckHostName(CN) == UriHostNameType.Unknown)
		217	throw new Exception("invalid main http server CN (ExternalHostName)");
		218
		219	m_certNames.Clear();
		220	m_certIPs.Clear();
		221	m_certCN= "";
		222
		223	m_ssl = true;
		224	load_cert(CPath, CPass);
		225
		226	if(!CheckSSLCertHost(CN))
		227	throw new Exception("invalid main http server CN (ExternalHostName)");
		228
		229	m_SSLCommonName = CN;
		230
		231	if(m_cert.Issuer == m_cert.Subject )
		232	m_log.Warn("Self signed certificate. Clients need to allow this (some viewers debug option NoVerifySSLcert must be set to true");
161	}	233	}
		234	else
		235	m_ssl = false;
162	}	236	}
163		237
164	public BaseHttpServer(uint port, bool ssl, string CPath, string CPass) : this (port, ssl)	238	public BaseHttpServer(uint port, bool ssl, string CPath, string CPass)
165	{	239	{
166	if (m_ssl)	240	m_port = port;
		241	if (ssl)
167	{	242	{
168	m_cert = new X509Certificate2(CPath, CPass);	243	load_cert(CPath, CPass);
		244	if(m_cert.Issuer == m_cert.Subject )
		245	m_log.Warn("Self signed certificate. Http clients need to allow this");
		246	m_ssl = true;
		247	}
		248	else
		249	m_ssl = false;
		250	}
		251
		252	static bool MatchDNS (string hostname, string dns)
		253	{
		254	int indx = dns.IndexOf ('*');
		255	if (indx == -1)
		256	return (String.Compare(hostname, dns, true, CultureInfo.InvariantCulture) == 0);
		257
		258	int dnslen = dns.Length;
		259	dnslen--;
		260	if(indx == dnslen)
		261	return true; // just * ?
		262
		263	if(indx > dnslen - 2)
		264	return false; // 2 short ?
		265
		266	if (dns[indx + 1] != '.')
		267	return false;
		268
		269	int indx2 = dns.IndexOf ('*', indx + 1);
		270	if (indx2 != -1)
		271	return false; // there can only be one;
		272
		273	string end = dns.Substring(indx + 1);
		274	int hostlen = hostname.Length;
		275	int endlen = end.Length;
		276	int length = hostlen - endlen;
		277	if (length <= 0)
		278	return false;
		279
		280	if (String.Compare(hostname, length, end, 0, endlen, true, CultureInfo.InvariantCulture) != 0)
		281	return false;
		282
		283	if (indx == 0)
		284	{
		285	indx2 = hostname.IndexOf ('.');
		286	return ((indx2 == -1) \|\| (indx2 >= length));
		287	}
		288
		289	string start = dns.Substring (0, indx);
		290	return (String.Compare (hostname, 0, start, 0, start.Length, true, CultureInfo.InvariantCulture) == 0);
		291	}
		292
		293	public bool CheckSSLCertHost(string hostname)
		294	{
		295	UriHostNameType htype = Uri.CheckHostName(hostname);
		296
		297	if(htype == UriHostNameType.Unknown \|\| htype == UriHostNameType.Basic)
		298	return false;
		299	if(htype == UriHostNameType.Dns)
		300	{
		301	foreach(string name in m_certNames)
		302	{
		303	if(MatchDNS(hostname, name))
		304	return true;
		305	}
		306	if(MatchDNS(hostname, m_certCN))
		307	return true;
		308	}
		309	else
		310	{
		311	foreach(string ip in m_certIPs)
		312	{
		313	if (String.Compare(hostname, ip, true, CultureInfo.InvariantCulture) == 0)
		314	return true;
		315	}
169	}	316	}
170	}
171		317
		318	return false;
		319	}
172	/// <summary>	320	/// <summary>
173	/// Add a stream handler to the http server. If the handler already exists, then nothing happens.	321	/// Add a stream handler to the http server. If the handler already exists, then nothing happens.
174	/// </summary>	322	/// </summary>
@@ -396,12 +544,9 @@ namespace OpenSim.Framework.Servers.HttpServer
396	if (psEvArgs.Request != null)	544	if (psEvArgs.Request != null)
397	{	545	{
398	OSHttpRequest req = new OSHttpRequest(context, request);	546	OSHttpRequest req = new OSHttpRequest(context, request);
399
400	Stream requestStream = req.InputStream;
401
402	string requestBody;	547	string requestBody;
403	Encoding encoding = Encoding.UTF8;	548	Encoding encoding = Encoding.UTF8;
404	using(StreamReader reader = new StreamReader(requestStream, encoding))	549	using(StreamReader reader = new StreamReader(req.InputStream, encoding))
405	requestBody = reader.ReadToEnd();	550	requestBody = reader.ReadToEnd();
406		551
407	Hashtable keysvals = new Hashtable();	552	Hashtable keysvals = new Hashtable();
@@ -460,7 +605,7 @@ namespace OpenSim.Framework.Servers.HttpServer
460	}	605	}
461		606
462	OSHttpResponse resp = new OSHttpResponse(new HttpResponse(context, request),context);	607	OSHttpResponse resp = new OSHttpResponse(new HttpResponse(context, request),context);
463	resp.ReuseContext = true;	608	// resp.ReuseContext = true;
464	// resp.ReuseContext = false;	609	// resp.ReuseContext = false;
465	HandleRequest(req, resp);	610	HandleRequest(req, resp);
466		611
@@ -496,6 +641,8 @@ namespace OpenSim.Framework.Servers.HttpServer
496	byte[] buffer500 = SendHTML500(response);	641	byte[] buffer500 = SendHTML500(response);
497	response.OutputStream.Write(buffer500, 0, buffer500.Length);	642	response.OutputStream.Write(buffer500, 0, buffer500.Length);
498	response.Send();	643	response.Send();
		644	if(request.InputStream.CanRead)
		645	request.InputStream.Close();
499	}	646	}
500	catch	647	catch
501	{	648	{
@@ -540,7 +687,6 @@ namespace OpenSim.Framework.Servers.HttpServer
540	// }	687	// }
541	// }	688	// }
542		689
543	//response.KeepAlive = true;
544	response.SendChunked = false;	690	response.SendChunked = false;
545		691
546	string path = request.RawUrl;	692	string path = request.RawUrl;
@@ -564,11 +710,10 @@ namespace OpenSim.Framework.Servers.HttpServer
564	{	710	{
565	//m_log.Debug("[BASE HTTP SERVER]: Found Caps based HTTP Handler");	711	//m_log.Debug("[BASE HTTP SERVER]: Found Caps based HTTP Handler");
566	IGenericHTTPHandler HTTPRequestHandler = requestHandler as IGenericHTTPHandler;	712	IGenericHTTPHandler HTTPRequestHandler = requestHandler as IGenericHTTPHandler;
567	Stream requestStream = request.InputStream;
568		713
569	string requestBody;	714	string requestBody;
570	Encoding encoding = Encoding.UTF8;	715	Encoding encoding = Encoding.UTF8;
571	using(StreamReader reader = new StreamReader(requestStream, encoding))	716	using(StreamReader reader = new StreamReader(request.InputStream, encoding))
572	requestBody = reader.ReadToEnd();	717	requestBody = reader.ReadToEnd();
573		718
574	Hashtable keysvals = new Hashtable();	719	Hashtable keysvals = new Hashtable();
@@ -609,7 +754,6 @@ namespace OpenSim.Framework.Servers.HttpServer
609	else	754	else
610	{	755	{
611	IStreamHandler streamHandler = (IStreamHandler)requestHandler;	756	IStreamHandler streamHandler = (IStreamHandler)requestHandler;
612
613	using (MemoryStream memoryStream = new MemoryStream())	757	using (MemoryStream memoryStream = new MemoryStream())
614	{	758	{
615	streamHandler.Handle(path, request.InputStream, memoryStream, request, response);	759	streamHandler.Handle(path, request.InputStream, memoryStream, request, response);
@@ -720,10 +864,6 @@ namespace OpenSim.Framework.Servers.HttpServer
720	requestEndTick = Environment.TickCount;	864	requestEndTick = Environment.TickCount;
721		865
722	response.Send();	866	response.Send();
723
724	//response.OutputStream.Close();
725
726	//response.FreeContext();
727	}	867	}
728	catch (SocketException e)	868	catch (SocketException e)
729	{	869	{
@@ -755,6 +895,9 @@ namespace OpenSim.Framework.Servers.HttpServer
755	}	895	}
756	finally	896	finally
757	{	897	{
		898	if(request.InputStream.CanRead)
		899	request.InputStream.Close();
		900
758	// Every month or so this will wrap and give bad numbers, not really a problem	901	// Every month or so this will wrap and give bad numbers, not really a problem
759	// since its just for reporting	902	// since its just for reporting
760	int tickdiff = requestEndTick - requestStartTick;	903	int tickdiff = requestEndTick - requestStartTick;
@@ -1008,12 +1151,13 @@ namespace OpenSim.Framework.Servers.HttpServer
1008	using (StreamReader reader = new StreamReader(requestStream, Encoding.UTF8))	1151	using (StreamReader reader = new StreamReader(requestStream, Encoding.UTF8))
1009	requestBody = reader.ReadToEnd();	1152	requestBody = reader.ReadToEnd();
1010		1153
1011	}	1154	}
1012	finally	1155	finally
1013	{	1156	{
1014	if (innerStream != null)	1157	if (innerStream != null && innerStream.CanRead)
1015	innerStream.Dispose();	1158	innerStream.Dispose();
1016	requestStream.Dispose();	1159	if (requestStream.CanRead)
		1160	requestStream.Dispose();
1017	}	1161	}
1018		1162
1019	//m_log.Debug(requestBody);	1163	//m_log.Debug(requestBody);
@@ -1094,6 +1238,17 @@ namespace OpenSim.Framework.Servers.HttpServer
1094		1238
1095	if (gridproxy)	1239	if (gridproxy)
1096	xmlRprcRequest.Params.Add("gridproxy"); // Param[4]	1240	xmlRprcRequest.Params.Add("gridproxy"); // Param[4]
		1241
		1242	// reserve this for
		1243	// ... by Fumi.Iseki for DTLNSLMoneyServer
		1244	// BUT make its presence possible to detect/parse
		1245	string rcn = request.IHttpClientContext.SSLCommonName;
		1246	if(!string.IsNullOrWhiteSpace(rcn))
		1247	{
		1248	rcn = "SSLCN:" + rcn;
		1249	xmlRprcRequest.Params.Add(rcn); // Param[4] or Param[5]
		1250	}
		1251
1097	try	1252	try
1098	{	1253	{
1099	xmlRpcResponse = method(xmlRprcRequest, request.RemoteIPEndPoint);	1254	xmlRpcResponse = method(xmlRprcRequest, request.RemoteIPEndPoint);
@@ -1265,7 +1420,6 @@ namespace OpenSim.Framework.Servers.HttpServer
1265	requestBody= reader.ReadToEnd();	1420	requestBody= reader.ReadToEnd();
1266		1421
1267	//m_log.DebugFormat("[OGP]: {0}:{1}", request.RawUrl, requestBody);	1422	//m_log.DebugFormat("[OGP]: {0}:{1}", request.RawUrl, requestBody);
1268	response.KeepAlive = true;
1269		1423
1270	OSD llsdRequest = null;	1424	OSD llsdRequest = null;
1271	OSD llsdResponse = null;	1425	OSD llsdResponse = null;
@@ -1781,20 +1935,13 @@ namespace OpenSim.Framework.Servers.HttpServer
1781	{	1935	{
1782	response.ProtocolVersion = (string)responsedata["http_protocol_version"];	1936	response.ProtocolVersion = (string)responsedata["http_protocol_version"];
1783	}	1937	}
1784	/*	1938
1785	if (responsedata.ContainsKey("keepalive"))	1939	if (responsedata.ContainsKey("keepalive"))
1786	{	1940	{
1787	bool keepalive = (bool)responsedata["keepalive"];	1941	bool keepalive = (bool)responsedata["keepalive"];
1788	response.KeepAlive = keepalive;	1942	response.KeepAlive = keepalive;
1789	}	1943	}
1790		1944
1791	if (responsedata.ContainsKey("reusecontext"))
1792	response.ReuseContext = (bool) responsedata["reusecontext"];
1793	*/
1794	// disable this things
1795	response.KeepAlive = false;
1796	response.ReuseContext = false;
1797
1798	// Cross-Origin Resource Sharing with simple requests	1945	// Cross-Origin Resource Sharing with simple requests
1799	if (responsedata.ContainsKey("access_control_allow_origin"))	1946	if (responsedata.ContainsKey("access_control_allow_origin"))
1800	response.AddHeader("Access-Control-Allow-Origin", (string)responsedata["access_control_allow_origin"]);	1947	response.AddHeader("Access-Control-Allow-Origin", (string)responsedata["access_control_allow_origin"]);
@@ -1807,11 +1954,8 @@ namespace OpenSim.Framework.Servers.HttpServer
1807	contentType = "text/html";	1954	contentType = "text/html";
1808	}	1955	}
1809		1956
1810
1811
1812	// The client ignores anything but 200 here for web login, so ensure that this is 200 for that	1957	// The client ignores anything but 200 here for web login, so ensure that this is 200 for that
1813		1958
1814
1815	response.StatusCode = responsecode;	1959	response.StatusCode = responsecode;
1816		1960
1817	if (responsecode == (int)OSHttpStatusCode.RedirectMovedPermanently)	1961	if (responsecode == (int)OSHttpStatusCode.RedirectMovedPermanently)
@@ -1821,7 +1965,6 @@ namespace OpenSim.Framework.Servers.HttpServer
1821	}	1965	}
1822		1966
1823	response.AddHeader("Content-Type", contentType);	1967	response.AddHeader("Content-Type", contentType);
1824
1825	if (responsedata.ContainsKey("headers"))	1968	if (responsedata.ContainsKey("headers"))
1826	{	1969	{
1827	Hashtable headerdata = (Hashtable)responsedata["headers"];	1970	Hashtable headerdata = (Hashtable)responsedata["headers"];
@@ -1895,7 +2038,7 @@ namespace OpenSim.Framework.Servers.HttpServer
1895		2038
1896	public void Start()	2039	public void Start()
1897	{	2040	{
1898	Start(true);	2041	Start(true,true);
1899	}	2042	}
1900		2043
1901	/// <summary>	2044	/// <summary>
@@ -1905,7 +2048,7 @@ namespace OpenSim.Framework.Servers.HttpServer
1905	/// If true then poll responses are performed asynchronsly.	2048	/// If true then poll responses are performed asynchronsly.
1906	/// Option exists to allow regression tests to perform processing synchronously.	2049	/// Option exists to allow regression tests to perform processing synchronously.
1907	/// </param>	2050	/// </param>
1908	public void Start(bool performPollResponsesAsync)	2051	public void Start(bool performPollResponsesAsync, bool runPool)
1909	{	2052	{
1910	m_log.InfoFormat(	2053	m_log.InfoFormat(
1911	"[BASE HTTP SERVER]: Starting {0} server on port {1}", UseSSL ? "HTTPS" : "HTTP", Port);	2054	"[BASE HTTP SERVER]: Starting {0} server on port {1}", UseSSL ? "HTTPS" : "HTTP", Port);
@@ -1934,6 +2077,8 @@ namespace OpenSim.Framework.Servers.HttpServer
1934	//m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/");	2077	//m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/");
1935	//m_httpListener.Prefixes.Add("http://+:" + m_port + "/");	2078	//m_httpListener.Prefixes.Add("http://+:" + m_port + "/");
1936	m_httpListener2 = CoolHTTPListener.Create(IPAddress.Any, (int)m_port, m_cert);	2079	m_httpListener2 = CoolHTTPListener.Create(IPAddress.Any, (int)m_port, m_cert);
		2080	if(m_certificateValidationCallback != null)
		2081	m_httpListener2.CertificateValidationCallback = m_certificateValidationCallback;
1937	m_httpListener2.ExceptionThrown += httpServerException;	2082	m_httpListener2.ExceptionThrown += httpServerException;
1938	m_httpListener2.LogWriter = httpserverlog;	2083	m_httpListener2.LogWriter = httpserverlog;
1939	}	2084	}
@@ -1943,9 +2088,11 @@ namespace OpenSim.Framework.Servers.HttpServer
1943	m_httpListener2.Start(64);	2088	m_httpListener2.Start(64);
1944		2089
1945	// Long Poll Service Manager with 3 worker threads a 25 second timeout for no events	2090	// Long Poll Service Manager with 3 worker threads a 25 second timeout for no events
1946		2091	if(runPool)
1947	PollServiceRequestManager = new PollServiceRequestManager(this, performPollResponsesAsync, 2, 25000);	2092	{
1948	PollServiceRequestManager.Start();	2093	PollServiceRequestManager = new PollServiceRequestManager(this, performPollResponsesAsync, 2, 25000);
		2094	PollServiceRequestManager.Start();
		2095	}
1949		2096
1950	HTTPDRunning = true;	2097	HTTPDRunning = true;
1951		2098
@@ -1959,7 +2106,7 @@ namespace OpenSim.Framework.Servers.HttpServer
1959	catch (Exception e)	2106	catch (Exception e)
1960	{	2107	{
1961	m_log.Error("[BASE HTTP SERVER]: Error - " + e.Message);	2108	m_log.Error("[BASE HTTP SERVER]: Error - " + e.Message);
1962	m_log.Error("[BASE HTTP SERVER]: Tip: Do you have permission to listen on port " + m_port + ", " + m_sslport + "?");	2109	m_log.Error("[BASE HTTP SERVER]: Tip: Do you have permission to listen on port " + m_port + "?");
1963		2110
1964	// We want this exception to halt the entire server since in current configurations we aren't too	2111	// We want this exception to halt the entire server since in current configurations we aren't too
1965	// useful without inbound HTTP.	2112	// useful without inbound HTTP.
@@ -2125,10 +2272,9 @@ namespace OpenSim.Framework.Servers.HttpServer
2125	string file = Path.Combine(".", "http_500.html");	2272	string file = Path.Combine(".", "http_500.html");
2126	if (!File.Exists(file))	2273	if (!File.Exists(file))
2127	return getDefaultHTTP500();	2274	return getDefaultHTTP500();
2128		2275	string result;
2129	StreamReader sr = File.OpenText(file);	2276	using(StreamReader sr = File.OpenText(file))
2130	string result = sr.ReadToEnd();	2277	result = sr.ReadToEnd();
2131	sr.Close();
2132	return result;	2278	return result;
2133	}	2279	}
2134		2280