Remove long unused UntrustedWebRequest class

This purports to check web requests but doesn't appear to actually do that.
author: Justin Clark-Casey (justincc) 2014-02-27 22:58:44 +0000
committer: Justin Clark-Casey (justincc) 2014-02-27 22:58:44 +0000
commit: 94ad69faf2620a520176b672e3c3fe5c4f0b32d6 (patch)
tree: bf1eaf152f3f1c8e26c887c47dc0bb5cf2f19019 /OpenSim/Framework/UntrustedWebRequest.cs
parent: refactor: More consistently use using construct within WebUtil to match other... (diff)
download: opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.zip
opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.tar.gz
opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.tar.bz2
opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.tar.xz
1 files changed, 0 insertions, 230 deletions
diff --git a/OpenSim/Framework/UntrustedWebRequest.cs b/OpenSim/Framework/UntrustedWebRequest.cs
deleted file mode 100644
index e6411cc..0000000
--- a/OpenSim/Framework/UntrustedWebRequest.cs
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * Copyright (c) Contributors, http://opensimulator.org/
- * See CONTRIBUTORS.TXT for a full list of copyright holders.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *     * Redistributions of source code must retain the above copyright
- *       notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above copyright
- *       notice, this list of conditions and the following disclaimer in the
- *       documentation and/or other materials provided with the distribution.
- *     * Neither the name of the OpenSimulator Project nor the
- *       names of its contributors may be used to endorse or promote products
- *       derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-using System;
-using System.Collections.Generic;
-using System.IO;
-using System.Net;
-using System.Net.Security;
-using System.Text;
-using log4net;
-namespace OpenSim.Framework
-{
-    /// <summary>
-    /// Used for requests to untrusted endpoints that may potentially be
-    /// malicious
-    /// </summary>
-    public static class UntrustedHttpWebRequest
-    {
-        /// <summary>Setting this to true will allow HTTP connections to localhost</summary>
-        private const bool DEBUG = true;
-        private static readonly ILog m_log =
-                LogManager.GetLogger(
-                System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
-        private static readonly ICollection<string> allowableSchemes = new List<string> { "http", "https" };
-        /// <summary>
-        /// Creates an HttpWebRequest that is hardened against malicious
-        /// endpoints after ensuring the given Uri is safe to retrieve
-        /// </summary>
-        /// <param name="uri">Web location to request</param>
-        /// <returns>A hardened HttpWebRequest if the uri was determined to be safe</returns>
-        /// <exception cref="ArgumentNullException">If uri is null</exception>
-        /// <exception cref="ArgumentException">If uri is unsafe</exception>
-        public static HttpWebRequest Create(Uri uri)
-        {
-            return Create(uri, DEBUG, 1000 * 5, 1000 * 20, 10);
-        }
-        /// <summary>
-        /// Creates an HttpWebRequest that is hardened against malicious
-        /// endpoints after ensuring the given Uri is safe to retrieve
-        /// </summary>
-        /// <param name="uri">Web location to request</param>
-        /// <param name="allowLoopback">True to allow connections to localhost, otherwise false</param>
-        /// <param name="readWriteTimeoutMS">Read write timeout, in milliseconds</param>
-        /// <param name="timeoutMS">Connection timeout, in milliseconds</param>
-        /// <param name="maximumRedirects">Maximum number of allowed redirects</param>
-        /// <returns>A hardened HttpWebRequest if the uri was determined to be safe</returns>
-        /// <exception cref="ArgumentNullException">If uri is null</exception>
-        /// <exception cref="ArgumentException">If uri is unsafe</exception>
-        public static HttpWebRequest Create(Uri uri, bool allowLoopback, int readWriteTimeoutMS, int timeoutMS, int maximumRedirects)
-        {
-            if (uri == null)
-                throw new ArgumentNullException("uri");
-            if (!IsUriAllowable(uri, allowLoopback))
-                throw new ArgumentException("Uri " + uri + " was rejected");
-            HttpWebRequest httpWebRequest = (HttpWebRequest)HttpWebRequest.Create(uri);
-            httpWebRequest.MaximumAutomaticRedirections = maximumRedirects;
-            httpWebRequest.ReadWriteTimeout = readWriteTimeoutMS;
-            httpWebRequest.Timeout = timeoutMS;
-            httpWebRequest.KeepAlive = false;
-            return httpWebRequest;
-        }
-        public static string PostToUntrustedUrl(Uri url, string data)
-        {
-            try
-            {
-                byte[] requestData = System.Text.Encoding.UTF8.GetBytes(data);
-                HttpWebRequest request = Create(url);
-                request.Method = "POST";
-                request.ContentLength = requestData.Length;
-                request.ContentType = "application/x-www-form-urlencoded";
-                using (Stream requestStream = request.GetRequestStream())
-                    requestStream.Write(requestData, 0, requestData.Length);
-                using (WebResponse response = request.GetResponse())
-                {
-                    using (Stream responseStream = response.GetResponseStream())
-                        return responseStream.GetStreamString();
-                }
-            }
-            catch (Exception ex)
-            {
-                m_log.Warn("POST to untrusted URL " + url + " failed: " + ex.Message);
-                return null;
-            }
-        }
-        public static string GetUntrustedUrl(Uri url)
-        {
-            try
-            {
-                HttpWebRequest request = Create(url);
-                using (WebResponse response = request.GetResponse())
-                {
-                    using (Stream responseStream = response.GetResponseStream())
-                        return responseStream.GetStreamString();
-                }
-            }
-            catch (Exception ex)
-            {
-                m_log.Warn("GET from untrusted URL " + url + " failed: " + ex.Message);
-                return null;
-            }
-        }
-        /// <summary>
-        /// Determines whether a URI is allowed based on scheme and host name.
-        /// No requireSSL check is done here
-        /// </summary>
-        /// <param name="allowLoopback">True to allow loopback addresses to be used</param>
-        /// <param name="uri">The URI to test for whether it should be allowed.</param>
-        /// <returns>
-        ///     <c>true</c> if [is URI allowable] [the specified URI]; otherwise, <c>false</c>.
-        /// </returns>
-        private static bool IsUriAllowable(Uri uri, bool allowLoopback)
-        {
-            if (!allowableSchemes.Contains(uri.Scheme))
-            {
-                m_log.WarnFormat("Rejecting URL {0} because it uses a disallowed scheme.", uri);
-                return false;
-            }
-            // Try to interpret the hostname as an IP address so we can test for internal
-            // IP address ranges.  Note that IP addresses can appear in many forms 
-            // (e.g. http://127.0.0.1, http://2130706433, http://0x0100007f, http://::1
-            // So we convert them to a canonical IPAddress instance, and test for all
-            // non-routable IP ranges: 10.*.*.*, 127.*.*.*, ::1
-            // Note that Uri.IsLoopback is very unreliable, not catching many of these variants.
-            IPAddress hostIPAddress;
-            if (IPAddress.TryParse(uri.DnsSafeHost, out hostIPAddress))
-            {
-                byte[] addressBytes = hostIPAddress.GetAddressBytes();
-                // The host is actually an IP address.
-                switch (hostIPAddress.AddressFamily)
-                {
-                    case System.Net.Sockets.AddressFamily.InterNetwork:
-                        if (!allowLoopback && (addressBytes[0] == 127 || addressBytes[0] == 10))
-                        {
-                            m_log.WarnFormat("Rejecting URL {0} because it is a loopback address.", uri);
-                            return false;
-                        }
-                        break;
-                    case System.Net.Sockets.AddressFamily.InterNetworkV6:
-                        if (!allowLoopback && IsIPv6Loopback(hostIPAddress))
-                        {
-                            m_log.WarnFormat("Rejecting URL {0} because it is a loopback address.", uri);
-                            return false;
-                        }
-                        break;
-                    default:
-                        m_log.WarnFormat("Rejecting URL {0} because it does not use an IPv4 or IPv6 address.", uri);
-                        return false;
-                }
-            }
-            else
-            {
-                // The host is given by name.  We require names to contain periods to
-                // help make sure it's not an internal address.
-                if (!allowLoopback && !uri.Host.Contains("."))
-                {
-                    m_log.WarnFormat("Rejecting URL {0} because it does not contain a period in the host name.", uri);
-                    return false;
-                }
-            }
-            return true;
-        }
-        /// <summary>
-        /// Determines whether an IP address is the IPv6 equivalent of "localhost/127.0.0.1".
-        /// </summary>
-        /// <param name="ip">The ip address to check.</param>
-        /// <returns>
-        ///     <c>true</c> if this is a loopback IP address; <c>false</c> otherwise.
-        /// </returns>
-        private static bool IsIPv6Loopback(IPAddress ip)
-        {
-            if (ip == null)
-                throw new ArgumentNullException("ip");
-            byte[] addressBytes = ip.GetAddressBytes();
-            for (int i = 0; i < addressBytes.Length - 1; i++)
-            {
-                if (addressBytes[i] != 0)
-                    return false;
-            }
-            if (addressBytes[addressBytes.Length - 1] != 1)
-                return false;
-            return true;
-        }
-    }
-}
author	Justin Clark-Casey (justincc)	2014-02-27 22:58:44 +0000
committer	Justin Clark-Casey (justincc)	2014-02-27 22:58:44 +0000
commit	94ad69faf2620a520176b672e3c3fe5c4f0b32d6 (patch)
tree	bf1eaf152f3f1c8e26c887c47dc0bb5cf2f19019 /OpenSim/Framework/UntrustedWebRequest.cs
parent	refactor: More consistently use using construct within WebUtil to match other... (diff)
download	opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.zip opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.tar.gz opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.tar.bz2 opensim-SC_OLD-94ad69faf2620a520176b672e3c3fe5c4f0b32d6.tar.xz

diff --git a/OpenSim/Framework/UntrustedWebRequest.cs b/OpenSim/Framework/UntrustedWebRequest.cs deleted file mode 100644 index e6411cc..0000000 --- a/OpenSim/Framework/UntrustedWebRequest.cs +++ /dev/null
@@ -1,230 +0,0 @@
1	/*
2	* Copyright (c) Contributors, http://opensimulator.org/
3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
4	*
5	* Redistribution and use in source and binary forms, with or without
6	* modification, are permitted provided that the following conditions are met:
7	* * Redistributions of source code must retain the above copyright
8	* notice, this list of conditions and the following disclaimer.
9	* * Redistributions in binary form must reproduce the above copyright
10	* notice, this list of conditions and the following disclaimer in the
11	* documentation and/or other materials provided with the distribution.
12	* * Neither the name of the OpenSimulator Project nor the
13	* names of its contributors may be used to endorse or promote products
14	* derived from this software without specific prior written permission.
15	*
16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26	*/
27
28	using System;
29	using System.Collections.Generic;
30	using System.IO;
31	using System.Net;
32	using System.Net.Security;
33	using System.Text;
34	using log4net;
35
36	namespace OpenSim.Framework
37	{
38	/// <summary>
39	/// Used for requests to untrusted endpoints that may potentially be
40	/// malicious
41	/// </summary>
42	public static class UntrustedHttpWebRequest
43	{
44	/// <summary>Setting this to true will allow HTTP connections to localhost</summary>
45	private const bool DEBUG = true;
46
47	private static readonly ILog m_log =
48	LogManager.GetLogger(
49	System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
50
51	private static readonly ICollection<string> allowableSchemes = new List<string> { "http", "https" };
52
53	/// <summary>
54	/// Creates an HttpWebRequest that is hardened against malicious
55	/// endpoints after ensuring the given Uri is safe to retrieve
56	/// </summary>
57	/// <param name="uri">Web location to request</param>
58	/// <returns>A hardened HttpWebRequest if the uri was determined to be safe</returns>
59	/// <exception cref="ArgumentNullException">If uri is null</exception>
60	/// <exception cref="ArgumentException">If uri is unsafe</exception>
61	public static HttpWebRequest Create(Uri uri)
62	{
63	return Create(uri, DEBUG, 1000 * 5, 1000 * 20, 10);
64	}
65
66	/// <summary>
67	/// Creates an HttpWebRequest that is hardened against malicious
68	/// endpoints after ensuring the given Uri is safe to retrieve
69	/// </summary>
70	/// <param name="uri">Web location to request</param>
71	/// <param name="allowLoopback">True to allow connections to localhost, otherwise false</param>
72	/// <param name="readWriteTimeoutMS">Read write timeout, in milliseconds</param>
73	/// <param name="timeoutMS">Connection timeout, in milliseconds</param>
74	/// <param name="maximumRedirects">Maximum number of allowed redirects</param>
75	/// <returns>A hardened HttpWebRequest if the uri was determined to be safe</returns>
76	/// <exception cref="ArgumentNullException">If uri is null</exception>
77	/// <exception cref="ArgumentException">If uri is unsafe</exception>
78	public static HttpWebRequest Create(Uri uri, bool allowLoopback, int readWriteTimeoutMS, int timeoutMS, int maximumRedirects)
79	{
80	if (uri == null)
81	throw new ArgumentNullException("uri");
82
83	if (!IsUriAllowable(uri, allowLoopback))
84	throw new ArgumentException("Uri " + uri + " was rejected");
85
86	HttpWebRequest httpWebRequest = (HttpWebRequest)HttpWebRequest.Create(uri);
87	httpWebRequest.MaximumAutomaticRedirections = maximumRedirects;
88	httpWebRequest.ReadWriteTimeout = readWriteTimeoutMS;
89	httpWebRequest.Timeout = timeoutMS;
90	httpWebRequest.KeepAlive = false;
91
92	return httpWebRequest;
93	}
94
95	public static string PostToUntrustedUrl(Uri url, string data)
96	{
97	try
98	{
99	byte[] requestData = System.Text.Encoding.UTF8.GetBytes(data);
100
101	HttpWebRequest request = Create(url);
102	request.Method = "POST";
103	request.ContentLength = requestData.Length;
104	request.ContentType = "application/x-www-form-urlencoded";
105
106	using (Stream requestStream = request.GetRequestStream())
107	requestStream.Write(requestData, 0, requestData.Length);
108
109	using (WebResponse response = request.GetResponse())
110	{
111	using (Stream responseStream = response.GetResponseStream())
112	return responseStream.GetStreamString();
113	}
114	}
115	catch (Exception ex)
116	{
117	m_log.Warn("POST to untrusted URL " + url + " failed: " + ex.Message);
118	return null;
119	}
120	}
121
122	public static string GetUntrustedUrl(Uri url)
123	{
124	try
125	{
126	HttpWebRequest request = Create(url);
127
128	using (WebResponse response = request.GetResponse())
129	{
130	using (Stream responseStream = response.GetResponseStream())
131	return responseStream.GetStreamString();
132	}
133	}
134	catch (Exception ex)
135	{
136	m_log.Warn("GET from untrusted URL " + url + " failed: " + ex.Message);
137	return null;
138	}
139	}
140
141	/// <summary>
142	/// Determines whether a URI is allowed based on scheme and host name.
143	/// No requireSSL check is done here
144	/// </summary>
145	/// <param name="allowLoopback">True to allow loopback addresses to be used</param>
146	/// <param name="uri">The URI to test for whether it should be allowed.</param>
147	/// <returns>
148	/// <c>true</c> if [is URI allowable] [the specified URI]; otherwise, <c>false</c>.
149	/// </returns>
150	private static bool IsUriAllowable(Uri uri, bool allowLoopback)
151	{
152	if (!allowableSchemes.Contains(uri.Scheme))
153	{
154	m_log.WarnFormat("Rejecting URL {0} because it uses a disallowed scheme.", uri);
155	return false;
156	}
157
158	// Try to interpret the hostname as an IP address so we can test for internal
159	// IP address ranges. Note that IP addresses can appear in many forms
160	// (e.g. http://127.0.0.1, http://2130706433, http://0x0100007f, http://::1
161	// So we convert them to a canonical IPAddress instance, and test for all
162	// non-routable IP ranges: 10..., 127..., ::1
163	// Note that Uri.IsLoopback is very unreliable, not catching many of these variants.
164	IPAddress hostIPAddress;
165	if (IPAddress.TryParse(uri.DnsSafeHost, out hostIPAddress))
166	{
167	byte[] addressBytes = hostIPAddress.GetAddressBytes();
168
169	// The host is actually an IP address.
170	switch (hostIPAddress.AddressFamily)
171	{
172	case System.Net.Sockets.AddressFamily.InterNetwork:
173	if (!allowLoopback && (addressBytes[0] == 127 \|\| addressBytes[0] == 10))
174	{
175	m_log.WarnFormat("Rejecting URL {0} because it is a loopback address.", uri);
176	return false;
177	}
178	break;
179	case System.Net.Sockets.AddressFamily.InterNetworkV6:
180	if (!allowLoopback && IsIPv6Loopback(hostIPAddress))
181	{
182	m_log.WarnFormat("Rejecting URL {0} because it is a loopback address.", uri);
183	return false;
184	}
185	break;
186	default:
187	m_log.WarnFormat("Rejecting URL {0} because it does not use an IPv4 or IPv6 address.", uri);
188	return false;
189	}
190	}
191	else
192	{
193	// The host is given by name. We require names to contain periods to
194	// help make sure it's not an internal address.
195	if (!allowLoopback && !uri.Host.Contains("."))
196	{
197	m_log.WarnFormat("Rejecting URL {0} because it does not contain a period in the host name.", uri);
198	return false;
199	}
200	}
201
202	return true;
203	}
204
205	/// <summary>
206	/// Determines whether an IP address is the IPv6 equivalent of "localhost/127.0.0.1".
207	/// </summary>
208	/// <param name="ip">The ip address to check.</param>
209	/// <returns>
210	/// <c>true</c> if this is a loopback IP address; <c>false</c> otherwise.
211	/// </returns>
212	private static bool IsIPv6Loopback(IPAddress ip)
213	{
214	if (ip == null)
215	throw new ArgumentNullException("ip");
216
217	byte[] addressBytes = ip.GetAddressBytes();
218	for (int i = 0; i < addressBytes.Length - 1; i++)
219	{
220	if (addressBytes[i] != 0)
221	return false;
222	}
223
224	if (addressBytes[addressBytes.Length - 1] != 1)
225	return false;
226
227	return true;
228	}
229	}
230	}