From 464fa45ec90767af13bd8edcc7c67de4ec3db6a7 Mon Sep 17 00:00:00 2001 From: E. Allen Soard Date: Fri, 8 Apr 2011 18:30:20 -0700 Subject: Implimented HTTP_VERIFY_CERT for llHttpRequest --- .../Scripting/HttpRequest/ScriptsHttpRequests.cs | 34 ++++++++++++++++++++-- 1 file changed, 31 insertions(+), 3 deletions(-) (limited to 'OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs') diff --git a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs index d78931a..a37c781 100644 --- a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs +++ b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs @@ -29,8 +29,10 @@ using System; using System.Collections.Generic; using System.IO; using System.Net; +using System.Net.Security; using System.Text; using System.Threading; +using System.Security.Cryptography.X509Certificates; using Nini.Config; using OpenMetaverse; using OpenSim.Framework; @@ -84,6 +86,7 @@ using OpenSim.Region.Framework.Scenes; namespace OpenSim.Region.CoreModules.Scripting.HttpRequest { + public class HttpRequestModule : IRegionModule, IHttpRequestModule { private object HttpListLock = new object(); @@ -100,8 +103,23 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest public HttpRequestModule() { + ServicePointManager.ServerCertificateValidationCallback +=ValidateServerCertificate; } + public static bool ValidateServerCertificate( + object sender, + X509Certificate certificate, + X509Chain chain, + SslPolicyErrors sslPolicyErrors) + { + HttpWebRequest Request = (HttpWebRequest)sender; + + if(Request.Headers.Get("NoVerifyCert") != null) + { + return true; + } + return chain.Build(new X509Certificate2(certificate)); + } #region IHttpRequestModule Members public UUID MakeHttpRequest(string url, string parameters, string body) @@ -141,8 +159,7 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest break; case (int)HttpRequestConstants.HTTP_VERIFY_CERT: - - // TODO implement me + htc.HttpVerifyCert = (int.Parse(parms[i + 1]) != 0); break; } } @@ -282,7 +299,7 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest public string HttpMethod = "GET"; public string HttpMIMEType = "text/plain;charset=utf-8"; public int HttpTimeout; - // public bool HttpVerifyCert = true; // not implemented + public bool HttpVerifyCert = true; // not implemented private Thread httpThread; // Request info @@ -344,6 +361,17 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest Request.Method = HttpMethod; Request.ContentType = HttpMIMEType; + if(!HttpVerifyCert) + { + // Connection Group Name is probably not used so we hijack it to identify + // a desired security exception +// Request.ConnectionGroupName="NoVerify"; + Request.Headers.Add("NoVerifyCert" , "true"); + } +// else +// { +// Request.ConnectionGroupName="Verify"; +// } if (proxyurl != null && proxyurl.Length > 0) { if (proxyexcepts != null && proxyexcepts.Length > 0) -- cgit v1.1 From 3a98fb080a751d21999bb2baa769462426b5d776 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Mon, 11 Apr 2011 22:29:08 +0100 Subject: minor: adjust some spacing and indentation --- .../Scripting/HttpRequest/ScriptsHttpRequests.cs | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs') diff --git a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs index a37c781..23e15ef 100644 --- a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs +++ b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs @@ -86,7 +86,6 @@ using OpenSim.Region.Framework.Scenes; namespace OpenSim.Region.CoreModules.Scripting.HttpRequest { - public class HttpRequestModule : IRegionModule, IHttpRequestModule { private object HttpListLock = new object(); @@ -114,10 +113,11 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest { HttpWebRequest Request = (HttpWebRequest)sender; - if(Request.Headers.Get("NoVerifyCert") != null) + if (Request.Headers.Get("NoVerifyCert") != null) { return true; } + return chain.Build(new X509Certificate2(certificate)); } #region IHttpRequestModule Members @@ -206,7 +206,7 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest * Not sure how important ordering is is here - the next first * one completed in the list is returned, based soley on its list * position, not the order in which the request was started or - * finsihed. I thought about setting up a queue for this, but + * finished. I thought about setting up a queue for this, but * it will need some refactoring and this works 'enough' right now */ @@ -254,8 +254,8 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest m_scene.RegisterModuleInterface(this); - m_proxyurl = config.Configs["Startup"].GetString("HttpProxy"); - m_proxyexcepts = config.Configs["Startup"].GetString("HttpProxyExceptions"); + m_proxyurl = config.Configs["Startup"].GetString("HttpProxy"); + m_proxyexcepts = config.Configs["Startup"].GetString("HttpProxyExceptions"); m_pendingRequests = new Dictionary(); } @@ -363,10 +363,10 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest if(!HttpVerifyCert) { - // Connection Group Name is probably not used so we hijack it to identify - // a desired security exception -// Request.ConnectionGroupName="NoVerify"; - Request.Headers.Add("NoVerifyCert" , "true"); + // We could hijack Connection Group Name to identify + // a desired security exception. But at the moment we'll use a dummy header instead. +// Request.ConnectionGroupName = "NoVerify"; + Request.Headers.Add("NoVerifyCert", "true"); } // else // { @@ -464,4 +464,4 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest } } } -} +} \ No newline at end of file -- cgit v1.1 From 64dc7e9f141fd0f168ed90c11f932a8bdb077dc7 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Mon, 11 Apr 2011 22:35:07 +0100 Subject: minor: remove now inaccurate comment --- OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs') diff --git a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs index 23e15ef..4c8424d 100644 --- a/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs +++ b/OpenSim/Region/CoreModules/Scripting/HttpRequest/ScriptsHttpRequests.cs @@ -299,7 +299,7 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest public string HttpMethod = "GET"; public string HttpMIMEType = "text/plain;charset=utf-8"; public int HttpTimeout; - public bool HttpVerifyCert = true; // not implemented + public bool HttpVerifyCert = true; private Thread httpThread; // Request info -- cgit v1.1