* This update makes configuring SSL a little easier on Windows XP. It also makes it possible to run a HTTPS server on the region. It also has a junk Certification authority for test purposes.

* There are still a lot of things that are hard coded to use http. They need to be fixed. * Also includes directions * A standard junk PEM file to append to app_settings/CA.pem in the client so SSL will work
author: Teravus Ovares 2008-09-14 18:39:17 +0000
committer: Teravus Ovares 2008-09-14 18:39:17 +0000
commit: dbbbec48dfbc51f30953d8a46f4fc8f192bd277c (patch)
tree: 218f93b95724e8bdc9a9c6e986268f2101c1eb6e /OpenSim
parent: Added some further clipping to color- and alpha-values. (diff)
download: opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.zip
opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.tar.gz
opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.tar.bz2
opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.tar.xz
4 files changed, 193 insertions, 7 deletions
diff --git a/OpenSim/Framework/NetworkServersInfo.cs b/OpenSim/Framework/NetworkServersInfo.cs
index 43ec11e..9f3014d 100644
--- a/OpenSim/Framework/NetworkServersInfo.cs
+++ b/OpenSim/Framework/NetworkServersInfo.cs
@@ -49,6 +49,9 @@ namespace OpenSim.Framework
        public string UserRecvKey = String.Empty;
        public string UserSendKey = String.Empty;
        public string UserURL = String.Empty;
+        public bool HttpUsesSSL = false;
+        public string HttpSSLCN = "";
+        public uint httpSSLPort = 9001;
        public NetworkServersInfo()
@@ -78,6 +81,10 @@ namespace OpenSim.Framework
            HttpListenerPort =
                (uint) config.Configs["Network"].GetInt("http_listener_port", (int) DefaultHttpListenerPort);
+            httpSSLPort =
+                (uint)config.Configs["Network"].GetInt("http_listener_sslport", ((int)DefaultHttpListenerPort+1));
+            HttpUsesSSL = config.Configs["Network"].GetBoolean("http_listener_ssl", false);
+            HttpSSLCN = config.Configs["Network"].GetString("http_listener_cn", "");
            RemotingListenerPort =
                (uint) config.Configs["Network"].GetInt("remoting_listener_port", (int) RemotingListenerPort);
            GridURL =
diff --git a/OpenSim/Framework/Servers/BaseHttpServer.cs b/OpenSim/Framework/Servers/BaseHttpServer.cs
index 181eb92..6cf6744 100644
--- a/OpenSim/Framework/Servers/BaseHttpServer.cs
+++ b/OpenSim/Framework/Servers/BaseHttpServer.cs
@@ -26,12 +26,14 @@
 */
 using System;
+using System.Diagnostics;
 using System.Collections;
 using System.Collections.Generic;
 using System.IO;
 using System.Net;
 using System.Net.Sockets;
 using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
 using System.Text;
 using System.Threading;
 using System.Xml;
@@ -39,6 +41,7 @@ using OpenMetaverse.StructuredData;
 using log4net;
 using Nwc.XmlRpc;
 namespace OpenSim.Framework.Servers
 {
    public class BaseHttpServer
@@ -55,9 +58,14 @@ namespace OpenSim.Framework.Servers
        protected Dictionary<string, IHttpAgentHandler> m_agentHandlers = new Dictionary<string, IHttpAgentHandler>();
        protected uint m_port;
+        protected uint m_sslport;
        protected bool m_ssl = false;
        protected bool m_firstcaps = true;
+        public uint SSLPort
+        {
+            get { return m_sslport; }
+        }
        public uint Port
        {
            get { return m_port; }
@@ -72,8 +80,124 @@ namespace OpenSim.Framework.Servers
        {
            m_ssl = ssl;
            m_port = port;
+            
+        }
+        public BaseHttpServer(uint port, bool ssl, uint sslport, string CN)
+        {
+            m_ssl = ssl;
+            m_port = port;
+            if (m_ssl)
+            {
+                bool result = SetupSsl((int)sslport, CN);
+                m_sslport = sslport;
+            }
+        }
+        
+        
+        public bool SetupSsl(int port, string CN)
+        {
+            string searchCN = Environment.MachineName.ToUpper();
+            
+            if (CN.Length > 0)
+                searchCN = CN.ToUpper();
+            Type t = Type.GetType("Mono.Runtime");
+            if (t != null)
+            {
+                // TODO Mono User Friendly HTTPS setup
+                // if this doesn't exist, then mono people can still manually use httpcfg
+            }
+            else
+            {
+                // Windows.
+                // Search through the store for a certificate with a Common name specified in OpenSim.ini.
+                // We need to find it's hash so we can pass it to httpcfg
+                X509Store store = new X509Store(StoreLocation.LocalMachine);
+                //Use the first cert to configure Ssl
+                store.Open(OpenFlags.ReadOnly);
+                //Assumption is we have certs. If not then this call will fail :(
+                try
+                {
+                    bool found = false;
+                    //X509Certificate2.CreateFromCertFile("testCert.cer");
+                    foreach (X509Certificate2 cert in store.Certificates)
+                    {
+                        String certHash = cert.GetCertHashString();
+                        //Only install certs issued for the machine and has the name as the machine name
+                        if (cert.Subject.ToUpper().IndexOf(searchCN) >= 0)
+                        {
+                            string httpcfgparams = String.Format("set ssl -i 0.0.0.0:{1} -c \"MY\" -h {0}", certHash, port);
+                            try
+                            {
+                                found = true;
+                                ExecuteHttpcfgCommand(httpcfgparams);
+ 
+                                break;
+                            }
+                            catch (Exception e)
+                            {
+                                m_log.WarnFormat("[HTTPS]: Automatic HTTPS setup failed.  Do you have httpcfg.exe in your path?  If not, you can download it in the windowsXP Service Pack 2 Support Tools, here: http://www.microsoft.com/downloads/details.aspx?FamilyID=49ae8576-9bb9-4126-9761-ba8011fabf38&displaylang=en.  When you get it installed type, httpcfg {0}", httpcfgparams);
+                                return false;
+                            }
+                        }
+                    }
+                    if (!found)
+                    {
+                        m_log.WarnFormat("[HTTPS]: We didn't find a certificate that matched the common name {0}.  Automatic HTTPS setup failed, you may have certificate errors.  To fix this, make sure you generate a certificate request(CSR) using OpenSSL or the IIS snap-in with the common name you specified in opensim.ini. Then get it signed by a certification authority or sign it yourself with OpenSSL and the junkCA.  Finally, be sure to import the cert to the 'MY' store(StoreLocation.LocalMachine)", searchCN);
+                        return false;
+                    }
+                }
+                catch (Exception e)
+                {
+                    m_log.WarnFormat("[HTTPS]: We didn't any certificates in your LocalMachine certificate store.  Automatic HTTPS setup failed, you may have certificate errors.  To fix this, make sure you generate a certificate request(CSR) using OpenSSL or the IIS snap-inwith the common name you specified in opensim.ini. Then get it signed by a certification authority or sign it yourself with OpenSSL and the junkCA.  Finally, be sure to import the cert to the 'MY' store(StoreLocation.LocalMachine). The configured common name is {0}", searchCN);
+                    return false;
+                }
+                finally
+                {
+                    if (store != null)
+                    {
+                        store.Close();
+                    }
+                }
+            }
+            return true;
        }
+        private void ExecuteHttpcfgCommand(string p)
+        {
+            
+            string file = "httpcfg";
+            ProcessStartInfo info = new ProcessStartInfo(file, p);
+            // Redirect output so we can read it.
+            info.RedirectStandardOutput = true;
+            // To redirect, we must not use shell execute.
+            info.UseShellExecute = false;
+            // Create and execute the process.
+            Process httpcfgprocess = Process.Start(info);
+            httpcfgprocess.Start();
+            string result = httpcfgprocess.StandardOutput.ReadToEnd();
+            if (result.Contains("HttpSetServiceConfiguration completed with"))
+            {
+                //success
+            
+            }
+            else
+            {
+                //fail
+                m_log.WarnFormat("[HTTPS]:Error binding certificate with the requested port.  Message:{0}", result);
+            }
+            
+        }
        /// <summary>
        /// Add a stream handler to the http server.  If the handler already exists, then nothing happens.
        /// </summary>
@@ -907,7 +1031,8 @@ namespace OpenSim.Framework.Servers
                }
                else
                {
-                    m_httpListener.Prefixes.Add("https://+:" + m_port + "/");
+                    m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/");
+                    m_httpListener.Prefixes.Add("http://+:" + m_port + "/");
                }
                m_httpListener.Start();
@@ -921,7 +1046,7 @@ namespace OpenSim.Framework.Servers
            catch (Exception e)
            {
                m_log.Warn("[HTTPD]: Error - " + e.Message);
-                m_log.Warn("Tip: Do you have permission to listen on port " + m_port + "?");
+                m_log.Warn("Tip: Do you have permission to listen on port " + m_port + "," + m_sslport + "?");
            }
        }
diff --git a/OpenSim/Region/ClientStack/RegionApplicationBase.cs b/OpenSim/Region/ClientStack/RegionApplicationBase.cs
index 8bb35c1..469c084 100644
--- a/OpenSim/Region/ClientStack/RegionApplicationBase.cs
+++ b/OpenSim/Region/ClientStack/RegionApplicationBase.cs
@@ -81,7 +81,12 @@ namespace OpenSim.Region.ClientStack
            Initialize();
-            m_httpServer = new BaseHttpServer(m_httpServerPort);
+            m_httpServer = new BaseHttpServer(m_httpServerPort,m_networkServersInfo.HttpUsesSSL,m_networkServersInfo.httpSSLPort, m_networkServersInfo.HttpSSLCN);
+            if (m_networkServersInfo.HttpUsesSSL && (m_networkServersInfo.HttpListenerPort == m_networkServersInfo.httpSSLPort))
+            {
+                m_log.Error("[HTTP]: HTTP Server config failed.   HTTP Server and HTTPS server must be on different ports");
+            }
            m_log.Info("[REGION]: Starting HTTP server");
diff --git a/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs b/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs
index 6e37b95..68f35e8 100644
--- a/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs
+++ b/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs
@@ -86,6 +86,9 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
        private Dictionary<UUID, OGPState> m_OGPState = new Dictionary<UUID, OGPState>();
        private string LastNameSuffix = "_EXTERNAL";
        private string FirstNamePrefix = "";
+        private string httpsCN = "";
+        private bool httpSSL = false;
+        private uint httpsslport = 0;
        #region IRegionModule Members
@@ -93,6 +96,7 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
        {
            bool enabled = false;
            IConfig cfg = null;
+            IConfig httpcfg = null;
            try
            {
                cfg = config.Configs["OpenGridProtocol"];
@@ -100,6 +104,16 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
            {
                enabled = false;
            }
+            try
+            {
+                httpcfg = config.Configs["Network"];
+            }
+            catch (NullReferenceException)
+            {
+               
+            }
            if (cfg != null)
            {
                enabled = cfg.GetBoolean("ogp_enabled", false);
@@ -139,6 +153,20 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
                    }
                }
            }
+            lock (m_scene)
+            {
+                if (m_scene.Count == 1)
+                {
+                    if (httpcfg != null)
+                    {
+                        httpSSL = httpcfg.GetBoolean("http_listener_ssl", false);
+                        httpsCN = httpcfg.GetString("http_listener_cn", scene.RegionInfo.ExternalHostName);
+                        if (httpsCN.Length == 0)
+                            httpsCN = scene.RegionInfo.ExternalHostName;
+                        httpsslport = (uint)httpcfg.GetInt("http_listener_sslport",((int)scene.RegionInfo.HttpPort + 1));
+                    }
+                }
+            }
            // Of interest to this module potentially
            //scene.EventManager.OnNewClient += OnNewClient;
            //scene.EventManager.OnGridInstantMessageToFriendsModule += OnGridInstantMessage;
@@ -371,14 +399,35 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
            // Get a reference to the user's cap so we can pull out the Caps Object Path
            OpenSim.Framework.Communications.Capabilities.Caps userCap = homeScene.GetCapsHandlerForUser(agentData.AgentID);
+            string rezHttpProtocol = "http://";
+            string regionCapsHttpProtocol = "http://";
+            string httpaddr = reg.ExternalHostName;
+            string urlport = reg.HttpPort.ToString();
+            if (httpSSL)
+            {
+                rezHttpProtocol = "https://";
+                urlport = httpsslport.ToString();
+                if (httpsCN.Length > 0)
+                    httpaddr = httpsCN;
+            }
+            
+            // Be warned that the two following lines assume http not 
+            // https since region caps are not implemented in https currently
            // DEPRECIATED
-            responseMap["seed_capability"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");
+            responseMap["seed_capability"] = LLSD.FromString(regionCapsHttpProtocol + httpaddr + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");
            
            // REPLACEMENT
-            responseMap["region_seed_capability"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");
+            responseMap["region_seed_capability"] = LLSD.FromString(regionCapsHttpProtocol + httpaddr + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");
            
-            responseMap["rez_avatar/rez"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + rezAvatarPath);
+            responseMap["rez_avatar/rez"] = LLSD.FromString(rezHttpProtocol + httpaddr + ":" + urlport + rezAvatarPath);
-            responseMap["rez_avatar/derez"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + derezAvatarPath);
+            responseMap["rez_avatar/derez"] = LLSD.FromString(rezHttpProtocol + httpaddr + ":" + urlport + derezAvatarPath);
            // Add the user to the list of CAPS that are outstanding.
            // well allow the caps hosts in this dictionary
author	Teravus Ovares	2008-09-14 18:39:17 +0000
committer	Teravus Ovares	2008-09-14 18:39:17 +0000
commit	dbbbec48dfbc51f30953d8a46f4fc8f192bd277c (patch)
tree	218f93b95724e8bdc9a9c6e986268f2101c1eb6e /OpenSim
parent	Added some further clipping to color- and alpha-values. (diff)
download	opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.zip opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.tar.gz opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.tar.bz2 opensim-SC_OLD-dbbbec48dfbc51f30953d8a46f4fc8f192bd277c.tar.xz

diff --git a/OpenSim/Framework/NetworkServersInfo.cs b/OpenSim/Framework/NetworkServersInfo.cs index 43ec11e..9f3014d 100644 --- a/OpenSim/Framework/NetworkServersInfo.cs +++ b/OpenSim/Framework/NetworkServersInfo.cs
@@ -49,6 +49,9 @@ namespace OpenSim.Framework
49	public string UserRecvKey = String.Empty;	49	public string UserRecvKey = String.Empty;
50	public string UserSendKey = String.Empty;	50	public string UserSendKey = String.Empty;
51	public string UserURL = String.Empty;	51	public string UserURL = String.Empty;
		52	public bool HttpUsesSSL = false;
		53	public string HttpSSLCN = "";
		54	public uint httpSSLPort = 9001;
52		55
53		56
54	public NetworkServersInfo()	57	public NetworkServersInfo()
@@ -78,6 +81,10 @@ namespace OpenSim.Framework
78		81
79	HttpListenerPort =	82	HttpListenerPort =
80	(uint) config.Configs["Network"].GetInt("http_listener_port", (int) DefaultHttpListenerPort);	83	(uint) config.Configs["Network"].GetInt("http_listener_port", (int) DefaultHttpListenerPort);
		84	httpSSLPort =
		85	(uint)config.Configs["Network"].GetInt("http_listener_sslport", ((int)DefaultHttpListenerPort+1));
		86	HttpUsesSSL = config.Configs["Network"].GetBoolean("http_listener_ssl", false);
		87	HttpSSLCN = config.Configs["Network"].GetString("http_listener_cn", "");
81	RemotingListenerPort =	88	RemotingListenerPort =
82	(uint) config.Configs["Network"].GetInt("remoting_listener_port", (int) RemotingListenerPort);	89	(uint) config.Configs["Network"].GetInt("remoting_listener_port", (int) RemotingListenerPort);
83	GridURL =	90	GridURL =


diff --git a/OpenSim/Framework/Servers/BaseHttpServer.cs b/OpenSim/Framework/Servers/BaseHttpServer.cs index 181eb92..6cf6744 100644 --- a/OpenSim/Framework/Servers/BaseHttpServer.cs +++ b/OpenSim/Framework/Servers/BaseHttpServer.cs
@@ -26,12 +26,14 @@
26	*/	26	*/
27		27
28	using System;	28	using System;
		29	using System.Diagnostics;
29	using System.Collections;	30	using System.Collections;
30	using System.Collections.Generic;	31	using System.Collections.Generic;
31	using System.IO;	32	using System.IO;
32	using System.Net;	33	using System.Net;
33	using System.Net.Sockets;	34	using System.Net.Sockets;
34	using System.Reflection;	35	using System.Reflection;
		36	using System.Security.Cryptography.X509Certificates;
35	using System.Text;	37	using System.Text;
36	using System.Threading;	38	using System.Threading;
37	using System.Xml;	39	using System.Xml;
@@ -39,6 +41,7 @@ using OpenMetaverse.StructuredData;
39	using log4net;	41	using log4net;
40	using Nwc.XmlRpc;	42	using Nwc.XmlRpc;
41		43
		44
42	namespace OpenSim.Framework.Servers	45	namespace OpenSim.Framework.Servers
43	{	46	{
44	public class BaseHttpServer	47	public class BaseHttpServer
@@ -55,9 +58,14 @@ namespace OpenSim.Framework.Servers
55	protected Dictionary<string, IHttpAgentHandler> m_agentHandlers = new Dictionary<string, IHttpAgentHandler>();	58	protected Dictionary<string, IHttpAgentHandler> m_agentHandlers = new Dictionary<string, IHttpAgentHandler>();
56		59
57	protected uint m_port;	60	protected uint m_port;
		61	protected uint m_sslport;
58	protected bool m_ssl = false;	62	protected bool m_ssl = false;
59	protected bool m_firstcaps = true;	63	protected bool m_firstcaps = true;
60		64
		65	public uint SSLPort
		66	{
		67	get { return m_sslport; }
		68	}
61	public uint Port	69	public uint Port
62	{	70	{
63	get { return m_port; }	71	get { return m_port; }
@@ -72,8 +80,124 @@ namespace OpenSim.Framework.Servers
72	{	80	{
73	m_ssl = ssl;	81	m_ssl = ssl;
74	m_port = port;	82	m_port = port;
		83
		84	}
		85
		86	public BaseHttpServer(uint port, bool ssl, uint sslport, string CN)
		87	{
		88	m_ssl = ssl;
		89	m_port = port;
		90	if (m_ssl)
		91	{
		92	bool result = SetupSsl((int)sslport, CN);
		93	m_sslport = sslport;
		94	}
		95	}
		96
		97
		98
		99	public bool SetupSsl(int port, string CN)
		100	{
		101	string searchCN = Environment.MachineName.ToUpper();
		102
		103	if (CN.Length > 0)
		104	searchCN = CN.ToUpper();
		105
		106	Type t = Type.GetType("Mono.Runtime");
		107	if (t != null)
		108	{
		109	// TODO Mono User Friendly HTTPS setup
		110	// if this doesn't exist, then mono people can still manually use httpcfg
		111	}
		112	else
		113	{
		114	// Windows.
		115	// Search through the store for a certificate with a Common name specified in OpenSim.ini.
		116	// We need to find it's hash so we can pass it to httpcfg
		117	X509Store store = new X509Store(StoreLocation.LocalMachine);
		118	//Use the first cert to configure Ssl
		119	store.Open(OpenFlags.ReadOnly);
		120	//Assumption is we have certs. If not then this call will fail :(
		121	try
		122	{
		123	bool found = false;
		124	//X509Certificate2.CreateFromCertFile("testCert.cer");
		125
		126	foreach (X509Certificate2 cert in store.Certificates)
		127	{
		128	String certHash = cert.GetCertHashString();
		129	//Only install certs issued for the machine and has the name as the machine name
		130	if (cert.Subject.ToUpper().IndexOf(searchCN) >= 0)
		131	{
		132	string httpcfgparams = String.Format("set ssl -i 0.0.0.0:{1} -c \"MY\" -h {0}", certHash, port);
		133	try
		134	{
		135	found = true;
		136
		137	ExecuteHttpcfgCommand(httpcfgparams);
		138
		139	break;
		140	}
		141	catch (Exception e)
		142	{
		143	m_log.WarnFormat("[HTTPS]: Automatic HTTPS setup failed. Do you have httpcfg.exe in your path? If not, you can download it in the windowsXP Service Pack 2 Support Tools, here: http://www.microsoft.com/downloads/details.aspx?FamilyID=49ae8576-9bb9-4126-9761-ba8011fabf38&displaylang=en. When you get it installed type, httpcfg {0}", httpcfgparams);
		144	return false;
		145	}
		146	}
		147	}
		148
		149	if (!found)
		150	{
		151	m_log.WarnFormat("[HTTPS]: We didn't find a certificate that matched the common name {0}. Automatic HTTPS setup failed, you may have certificate errors. To fix this, make sure you generate a certificate request(CSR) using OpenSSL or the IIS snap-in with the common name you specified in opensim.ini. Then get it signed by a certification authority or sign it yourself with OpenSSL and the junkCA. Finally, be sure to import the cert to the 'MY' store(StoreLocation.LocalMachine)", searchCN);
		152	return false;
		153	}
		154
		155	}
		156	catch (Exception e)
		157	{
		158	m_log.WarnFormat("[HTTPS]: We didn't any certificates in your LocalMachine certificate store. Automatic HTTPS setup failed, you may have certificate errors. To fix this, make sure you generate a certificate request(CSR) using OpenSSL or the IIS snap-inwith the common name you specified in opensim.ini. Then get it signed by a certification authority or sign it yourself with OpenSSL and the junkCA. Finally, be sure to import the cert to the 'MY' store(StoreLocation.LocalMachine). The configured common name is {0}", searchCN);
		159	return false;
		160	}
		161	finally
		162	{
		163	if (store != null)
		164	{
		165	store.Close();
		166	}
		167	}
		168	}
		169	return true;
75	}	170	}
76		171
		172	private void ExecuteHttpcfgCommand(string p)
		173	{
		174
		175	string file = "httpcfg";
		176
		177	ProcessStartInfo info = new ProcessStartInfo(file, p);
		178	// Redirect output so we can read it.
		179	info.RedirectStandardOutput = true;
		180	// To redirect, we must not use shell execute.
		181	info.UseShellExecute = false;
		182
		183	// Create and execute the process.
		184	Process httpcfgprocess = Process.Start(info);
		185	httpcfgprocess.Start();
		186	string result = httpcfgprocess.StandardOutput.ReadToEnd();
		187	if (result.Contains("HttpSetServiceConfiguration completed with"))
		188	{
		189	//success
		190
		191	}
		192	else
		193	{
		194	//fail
		195	m_log.WarnFormat("[HTTPS]:Error binding certificate with the requested port. Message:{0}", result);
		196	}
		197
		198	}
		199
		200
77	/// <summary>	201	/// <summary>
78	/// Add a stream handler to the http server. If the handler already exists, then nothing happens.	202	/// Add a stream handler to the http server. If the handler already exists, then nothing happens.
79	/// </summary>	203	/// </summary>
@@ -907,7 +1031,8 @@ namespace OpenSim.Framework.Servers
907	}	1031	}
908	else	1032	else
909	{	1033	{
910	m_httpListener.Prefixes.Add("https://+:" + m_port + "/");	1034	m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/");
		1035	m_httpListener.Prefixes.Add("http://+:" + m_port + "/");
911	}	1036	}
912	m_httpListener.Start();	1037	m_httpListener.Start();
913		1038
@@ -921,7 +1046,7 @@ namespace OpenSim.Framework.Servers
921	catch (Exception e)	1046	catch (Exception e)
922	{	1047	{
923	m_log.Warn("[HTTPD]: Error - " + e.Message);	1048	m_log.Warn("[HTTPD]: Error - " + e.Message);
924	m_log.Warn("Tip: Do you have permission to listen on port " + m_port + "?");	1049	m_log.Warn("Tip: Do you have permission to listen on port " + m_port + "," + m_sslport + "?");
925	}	1050	}
926	}	1051	}
927		1052


diff --git a/OpenSim/Region/ClientStack/RegionApplicationBase.cs b/OpenSim/Region/ClientStack/RegionApplicationBase.cs index 8bb35c1..469c084 100644 --- a/OpenSim/Region/ClientStack/RegionApplicationBase.cs +++ b/OpenSim/Region/ClientStack/RegionApplicationBase.cs
@@ -81,7 +81,12 @@ namespace OpenSim.Region.ClientStack
81		81
82	Initialize();	82	Initialize();
83		83
84	m_httpServer = new BaseHttpServer(m_httpServerPort);	84	m_httpServer = new BaseHttpServer(m_httpServerPort,m_networkServersInfo.HttpUsesSSL,m_networkServersInfo.httpSSLPort, m_networkServersInfo.HttpSSLCN);
		85	if (m_networkServersInfo.HttpUsesSSL && (m_networkServersInfo.HttpListenerPort == m_networkServersInfo.httpSSLPort))
		86	{
		87	m_log.Error("[HTTP]: HTTP Server config failed. HTTP Server and HTTPS server must be on different ports");
		88	}
		89
85		90
86	m_log.Info("[REGION]: Starting HTTP server");	91	m_log.Info("[REGION]: Starting HTTP server");
87		92


diff --git a/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs b/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs index 6e37b95..68f35e8 100644 --- a/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs +++ b/OpenSim/Region/Environment/Modules/InterGrid/OpenGridProtocolModule.cs
@@ -86,6 +86,9 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
86	private Dictionary<UUID, OGPState> m_OGPState = new Dictionary<UUID, OGPState>();	86	private Dictionary<UUID, OGPState> m_OGPState = new Dictionary<UUID, OGPState>();
87	private string LastNameSuffix = "_EXTERNAL";	87	private string LastNameSuffix = "_EXTERNAL";
88	private string FirstNamePrefix = "";	88	private string FirstNamePrefix = "";
		89	private string httpsCN = "";
		90	private bool httpSSL = false;
		91	private uint httpsslport = 0;
89		92
90	#region IRegionModule Members	93	#region IRegionModule Members
91		94
@@ -93,6 +96,7 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
93	{	96	{
94	bool enabled = false;	97	bool enabled = false;
95	IConfig cfg = null;	98	IConfig cfg = null;
		99	IConfig httpcfg = null;
96	try	100	try
97	{	101	{
98	cfg = config.Configs["OpenGridProtocol"];	102	cfg = config.Configs["OpenGridProtocol"];
@@ -100,6 +104,16 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
100	{	104	{
101	enabled = false;	105	enabled = false;
102	}	106	}
		107
		108	try
		109	{
		110	httpcfg = config.Configs["Network"];
		111	}
		112	catch (NullReferenceException)
		113	{
		114
		115	}
		116
103	if (cfg != null)	117	if (cfg != null)
104	{	118	{
105	enabled = cfg.GetBoolean("ogp_enabled", false);	119	enabled = cfg.GetBoolean("ogp_enabled", false);
@@ -139,6 +153,20 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
139	}	153	}
140	}	154	}
141	}	155	}
		156	lock (m_scene)
		157	{
		158	if (m_scene.Count == 1)
		159	{
		160	if (httpcfg != null)
		161	{
		162	httpSSL = httpcfg.GetBoolean("http_listener_ssl", false);
		163	httpsCN = httpcfg.GetString("http_listener_cn", scene.RegionInfo.ExternalHostName);
		164	if (httpsCN.Length == 0)
		165	httpsCN = scene.RegionInfo.ExternalHostName;
		166	httpsslport = (uint)httpcfg.GetInt("http_listener_sslport",((int)scene.RegionInfo.HttpPort + 1));
		167	}
		168	}
		169	}
142	// Of interest to this module potentially	170	// Of interest to this module potentially
143	//scene.EventManager.OnNewClient += OnNewClient;	171	//scene.EventManager.OnNewClient += OnNewClient;
144	//scene.EventManager.OnGridInstantMessageToFriendsModule += OnGridInstantMessage;	172	//scene.EventManager.OnGridInstantMessageToFriendsModule += OnGridInstantMessage;
@@ -371,14 +399,35 @@ namespace OpenSim.Region.Environment.Modules.InterGrid
371	// Get a reference to the user's cap so we can pull out the Caps Object Path	399	// Get a reference to the user's cap so we can pull out the Caps Object Path
372	OpenSim.Framework.Communications.Capabilities.Caps userCap = homeScene.GetCapsHandlerForUser(agentData.AgentID);	400	OpenSim.Framework.Communications.Capabilities.Caps userCap = homeScene.GetCapsHandlerForUser(agentData.AgentID);
373		401
		402	string rezHttpProtocol = "http://";
		403	string regionCapsHttpProtocol = "http://";
		404	string httpaddr = reg.ExternalHostName;
		405	string urlport = reg.HttpPort.ToString();
		406
		407
		408	if (httpSSL)
		409	{
		410	rezHttpProtocol = "https://";
		411
		412	urlport = httpsslport.ToString();
		413
		414	if (httpsCN.Length > 0)
		415	httpaddr = httpsCN;
		416	}
		417
		418
		419	// Be warned that the two following lines assume http not
		420	// https since region caps are not implemented in https currently
		421
374	// DEPRECIATED	422	// DEPRECIATED
375	responseMap["seed_capability"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");	423	responseMap["seed_capability"] = LLSD.FromString(regionCapsHttpProtocol + httpaddr + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");
376		424
377	// REPLACEMENT	425	// REPLACEMENT
378	responseMap["region_seed_capability"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");	426	responseMap["region_seed_capability"] = LLSD.FromString(regionCapsHttpProtocol + httpaddr + ":" + reg.HttpPort + "/CAPS/" + userCap.CapsObjectPath + "0000/");
		427
379		428
380	responseMap["rez_avatar/rez"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + rezAvatarPath);	429	responseMap["rez_avatar/rez"] = LLSD.FromString(rezHttpProtocol + httpaddr + ":" + urlport + rezAvatarPath);
381	responseMap["rez_avatar/derez"] = LLSD.FromString("http://" + reg.ExternalHostName + ":" + reg.HttpPort + derezAvatarPath);	430	responseMap["rez_avatar/derez"] = LLSD.FromString(rezHttpProtocol + httpaddr + ":" + urlport + derezAvatarPath);
382		431
383	// Add the user to the list of CAPS that are outstanding.	432	// Add the user to the list of CAPS that are outstanding.
384	// well allow the caps hosts in this dictionary	433	// well allow the caps hosts in this dictionary