From 66d74e76b19a6586991fdada2661514143d9585b Mon Sep 17 00:00:00 2001
From: BlueWall
Date: Sun, 3 Mar 2013 09:40:44 -0500
Subject: Add method to remove JsonRpc Handlers from the server
---
OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs | 6 ++++++
OpenSim/Framework/Servers/HttpServer/Interfaces/IHttpServer.cs | 2 ++
2 files changed, 8 insertions(+)
diff --git a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
index 70c531c..58312ab 100644
--- a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
+++ b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs
@@ -1912,6 +1912,12 @@ namespace OpenSim.Framework.Servers.HttpServer
m_rpcHandlers.Remove(method);
}
+ public void RemoveJsonRPCHandler(string method)
+ {
+ lock(jsonRpcHandlers)
+ jsonRpcHandlers.Remove(method);
+ }
+
public bool RemoveLLSDHandler(string path, LLSDMethod handler)
{
lock (m_llsdHandlers)
diff --git a/OpenSim/Framework/Servers/HttpServer/Interfaces/IHttpServer.cs b/OpenSim/Framework/Servers/HttpServer/Interfaces/IHttpServer.cs
index 71ca3ff..d162bc1 100644
--- a/OpenSim/Framework/Servers/HttpServer/Interfaces/IHttpServer.cs
+++ b/OpenSim/Framework/Servers/HttpServer/Interfaces/IHttpServer.cs
@@ -140,6 +140,8 @@ namespace OpenSim.Framework.Servers.HttpServer
void RemoveStreamHandler(string httpMethod, string path);
void RemoveXmlRPCHandler(string method);
+
+ void RemoveJsonRPCHandler(string method);
string GetHTTP404(string host);
--
cgit v1.1
From 7556b42d7a208e3e7dfc23550293bad243533328 Mon Sep 17 00:00:00 2001
From: teravus
Date: Mon, 4 Mar 2013 21:26:26 -0500
Subject: * Update LibOMV to f8f8e616b37a7ea22b7922b2331999bc06725bf9 * Add
zero length blocks to the new packet blocks to remain compatible with older
viewers and avoid a NullRef when _packets_.cs calls the Length parameter..
which adds up the Length property all of the blocks.
---
.../Region/ClientStack/Linden/UDP/LLClientView.cs | 6 ++++--
bin/OpenMetaverse.StructuredData.dll | Bin 102400 -> 114688 bytes
bin/OpenMetaverse.dll | Bin 1765376 -> 1925120 bytes
bin/OpenMetaverseTypes.dll | Bin 114688 -> 122880 bytes
4 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/OpenSim/Region/ClientStack/Linden/UDP/LLClientView.cs b/OpenSim/Region/ClientStack/Linden/UDP/LLClientView.cs
index 5675870..6742d99 100644
--- a/OpenSim/Region/ClientStack/Linden/UDP/LLClientView.cs
+++ b/OpenSim/Region/ClientStack/Linden/UDP/LLClientView.cs
@@ -790,7 +790,8 @@ namespace OpenSim.Region.ClientStack.LindenUDP
handshake.RegionInfo3.ColoName = Utils.EmptyBytes;
handshake.RegionInfo3.ProductName = Util.StringToBytes256(regionInfo.RegionType);
handshake.RegionInfo3.ProductSKU = Utils.EmptyBytes;
-
+ handshake.RegionInfo4 = new RegionHandshakePacket.RegionInfo4Block[0];
+
OutPacket(handshake, ThrottleOutPacketType.Task);
}
@@ -3571,6 +3572,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP
avp.Sender.IsTrial = false;
avp.Sender.ID = agentID;
+ avp.AppearanceData = new AvatarAppearancePacket.AppearanceDataBlock[0];
//m_log.DebugFormat("[CLIENT]: Sending appearance for {0} to {1}", agentID.ToString(), AgentId.ToString());
OutPacket(avp, ThrottleOutPacketType.Task);
}
@@ -4192,7 +4194,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP
pack.Stat = stats.StatsBlock;
pack.Header.Reliable = false;
-
+ pack.RegionInfo = new SimStatsPacket.RegionInfoBlock[0];
OutPacket(pack, ThrottleOutPacketType.Task);
}
diff --git a/bin/OpenMetaverse.StructuredData.dll b/bin/OpenMetaverse.StructuredData.dll
index 5c0b3c6..c7216ce 100755
Binary files a/bin/OpenMetaverse.StructuredData.dll and b/bin/OpenMetaverse.StructuredData.dll differ
diff --git a/bin/OpenMetaverse.dll b/bin/OpenMetaverse.dll
index 511096e..3e210ba 100755
Binary files a/bin/OpenMetaverse.dll and b/bin/OpenMetaverse.dll differ
diff --git a/bin/OpenMetaverseTypes.dll b/bin/OpenMetaverseTypes.dll
index 8bc8885..6cc4c5a 100755
Binary files a/bin/OpenMetaverseTypes.dll and b/bin/OpenMetaverseTypes.dll differ
--
cgit v1.1
From 69fbcdf14c00fc882477b18af962a932db0d54ee Mon Sep 17 00:00:00 2001
From: teravus
Date: Tue, 5 Mar 2013 00:04:09 -0500
Subject: * Add a Max Payload size property to the Websocket Server Handler.
If you would like to restrict the maximum packet size, (and therefore protect
against Memory DOSing) then you should set this. I defaulted it to 40MB.
This means that in theory, a malicious user could connect and send a packet
that claims that the payload is up to 40 mb (even if it doesn't actually turn
out to be 40mb. More testing needs to be done on it where the packets are
maliciously malformed.
---
.../Servers/HttpServer/WebsocketServerHandler.cs | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs b/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs
index bb8825b..ee96b47 100644
--- a/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs
+++ b/OpenSim/Framework/Servers/HttpServer/WebsocketServerHandler.cs
@@ -108,6 +108,7 @@ namespace OpenSim.Framework.Servers.HttpServer
private int _bufferLength;
private bool _closing;
private bool _upgraded;
+ private int _maxPayloadBytes = 41943040;
private const string HandshakeAcceptText =
"HTTP/1.1 101 Switching Protocols\r\n" +
@@ -196,6 +197,15 @@ namespace OpenSim.Framework.Servers.HttpServer
}
///
+ /// Max Payload Size in bytes. Defaults to 40MB, but could be set upon connection before calling handshake and upgrade.
+ ///
+ public int MaxPayloadSize
+ {
+ get { return _maxPayloadBytes; }
+ set { _maxPayloadBytes = value; }
+ }
+
+ ///
/// This triggers the websocket start the upgrade process
///
public void HandshakeAndUpgrade()
@@ -367,7 +377,12 @@ namespace OpenSim.Framework.Servers.HttpServer
if (headerread)
{
_socketState.FrameComplete = false;
-
+ if (pheader.PayloadLen > (ulong) _maxPayloadBytes)
+ {
+ Close("Invalid Payload size");
+
+ return;
+ }
if (pheader.PayloadLen > 0)
{
if ((int) pheader.PayloadLen > _bufferPosition - offset)
--
cgit v1.1