From 5c661baf6c197caef73e6a8fe5a2223d00a2a6ba Mon Sep 17 00:00:00 2001 From: Melanie Thielker Date: Sat, 26 Apr 2014 02:42:30 +0200 Subject: Allow opening a https port using only http so that nginx can be used for ssl --- OpenSim/Framework/NetworkServersInfo.cs | 2 ++ .../Region/ClientStack/RegionApplicationBase.cs | 26 +++++++++++++----- OpenSim/Server/Base/HttpServerBase.cs | 32 ++++++++++++++-------- 3 files changed, 42 insertions(+), 18 deletions(-) diff --git a/OpenSim/Framework/NetworkServersInfo.cs b/OpenSim/Framework/NetworkServersInfo.cs index 4b7d4c7..dfe9695 100644 --- a/OpenSim/Framework/NetworkServersInfo.cs +++ b/OpenSim/Framework/NetworkServersInfo.cs @@ -41,6 +41,7 @@ namespace OpenSim.Framework // "Out of band" managemnt https public bool ssl_listener = false; + public bool ssl_external = false; public uint https_port = 0; public string cert_path = String.Empty; public string cert_pass = String.Empty; @@ -64,6 +65,7 @@ namespace OpenSim.Framework // "Out of band management https" ssl_listener = config.Configs["Network"].GetBoolean("https_listener",false); + ssl_external = config.Configs["Network"].GetBoolean("https_external",false); if( ssl_listener) { cert_path = config.Configs["Network"].GetString("cert_path",String.Empty); diff --git a/OpenSim/Region/ClientStack/RegionApplicationBase.cs b/OpenSim/Region/ClientStack/RegionApplicationBase.cs index 853b72d..287c278 100644 --- a/OpenSim/Region/ClientStack/RegionApplicationBase.cs +++ b/OpenSim/Region/ClientStack/RegionApplicationBase.cs @@ -100,13 +100,25 @@ namespace OpenSim.Region.ClientStack // "OOB" Server if (m_networkServersInfo.ssl_listener) { - BaseHttpServer server = new BaseHttpServer( - m_networkServersInfo.https_port, m_networkServersInfo.ssl_listener, m_networkServersInfo.cert_path, - m_networkServersInfo.cert_pass); + if (!m_networkServersInfo.ssl_external) + { + BaseHttpServer server = new BaseHttpServer( + m_networkServersInfo.https_port, m_networkServersInfo.ssl_listener, m_networkServersInfo.cert_path, + m_networkServersInfo.cert_pass); - m_log.InfoFormat("[REGION SERVER]: Starting HTTPS server on port {0}", server.Port); - MainServer.AddHttpServer(server); - server.Start(); + m_log.InfoFormat("[REGION SERVER]: Starting HTTPS server on port {0}", server.Port); + MainServer.AddHttpServer(server); + server.Start(); + } + else + { + BaseHttpServer server = new BaseHttpServer( + m_networkServersInfo.https_port); + + m_log.InfoFormat("[REGION SERVER]: Starting HTTP server on port {0} for external HTTPS", server.Port); + MainServer.AddHttpServer(server); + server.Start(); + } } base.StartupSpecific(); @@ -132,4 +144,4 @@ namespace OpenSim.Region.ClientStack return physicsPluginManager.GetPhysicsScene(engine, meshEngine, config, osSceneIdentifier); } } -} \ No newline at end of file +} diff --git a/OpenSim/Server/Base/HttpServerBase.cs b/OpenSim/Server/Base/HttpServerBase.cs index 954783c..eed2645 100644 --- a/OpenSim/Server/Base/HttpServerBase.cs +++ b/OpenSim/Server/Base/HttpServerBase.cs @@ -40,7 +40,7 @@ namespace OpenSim.Server.Base { public class HttpServerBase : ServicesServerBase { -// private static readonly ILog m_Log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); + private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); private uint m_consolePort; @@ -69,6 +69,7 @@ namespace OpenSim.Server.Base bool ssl_main = networkConfig.GetBoolean("https_main",false); bool ssl_listener = networkConfig.GetBoolean("https_listener",false); + bool ssl_external = networkConfig.GetBoolean("https_external",false); m_consolePort = (uint)networkConfig.GetInt("ConsolePort", 0); @@ -113,20 +114,29 @@ namespace OpenSim.Server.Base uint https_port = (uint)networkConfig.GetInt("https_port", 0); - string cert_path = networkConfig.GetString("cert_path",String.Empty); - if ( cert_path == String.Empty ) + m_log.WarnFormat("[SSL]: External flag is {0}", ssl_external); + if (!ssl_external) { - System.Console.WriteLine("Path to X509 certificate is missing, server can't start."); - Thread.CurrentThread.Abort(); + string cert_path = networkConfig.GetString("cert_path",String.Empty); + if ( cert_path == String.Empty ) + { + System.Console.WriteLine("Path to X509 certificate is missing, server can't start."); + Thread.CurrentThread.Abort(); + } + string cert_pass = networkConfig.GetString("cert_pass",String.Empty); + if ( cert_pass == String.Empty ) + { + System.Console.WriteLine("Password for X509 certificate is missing, server can't start."); + Thread.CurrentThread.Abort(); + } + + MainServer.AddHttpServer(new BaseHttpServer(https_port, ssl_listener, cert_path, cert_pass)); } - string cert_pass = networkConfig.GetString("cert_pass",String.Empty); - if ( cert_pass == String.Empty ) + else { - System.Console.WriteLine("Password for X509 certificate is missing, server can't start."); - Thread.CurrentThread.Abort(); + m_log.WarnFormat("[SSL]: SSL port is active but no SSL is used because external SSL was requested."); + MainServer.AddHttpServer(new BaseHttpServer(https_port)); } - - MainServer.AddHttpServer(new BaseHttpServer(https_port, ssl_listener, cert_path, cert_pass)); } } -- cgit v1.1