From 56dcb4e2835d67d152fcbbe41eb301dae4d398ee Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Wed, 4 Mar 2015 17:29:13 +0000 Subject: Add outbound URL filter to llHttpRequest() and osSetDynamicTextureURL*() script functions. This is to address an issue where HTTP script functions could make calls to localhost and other endpoints inside the simulator's LAN. By default, calls to all private addresses are now blocked as per http://en.wikipedia.org/wiki/Reserved_IP_addresses If you require exceptions to this, configure [Network] OutboundDisallowForUserScriptsExcept in OpenSim.ini --- bin/LukeSkywalker.IPNetwork.dll | Bin 0 -> 18432 bytes bin/OpenSim.ini.example | 26 ++++++++++++++++++++++++++ bin/OpenSimDefaults.ini | 20 ++++++++++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 bin/LukeSkywalker.IPNetwork.dll (limited to 'bin') diff --git a/bin/LukeSkywalker.IPNetwork.dll b/bin/LukeSkywalker.IPNetwork.dll new file mode 100644 index 0000000..25bcc2f Binary files /dev/null and b/bin/LukeSkywalker.IPNetwork.dll differ diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index 39ee520..9945d31 100644 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example @@ -486,6 +486,32 @@ ;; the region ports use UDP. ; http_listener_port = 9000 + ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. + ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. + ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. + ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. + ; + ; You can whitelist individual endpoints by IP or FQDN, e.g. + ; + ; OutboundDisallowForUserScriptsExcept = 192.168.1.3:8003 + ; + ; You can specify multiple addresses by separating them with a bar. For example, + ; + ; OutboundDisallowForUserScriptsExcept = 192.168.1.3:8003|myinternalserver:8000 + ; + ; If an address if given without a port number then port 80 is assumed + ; + ; You can also specify a network range in CIDR notation to whitelist, e.g. + ; + ; OutboundDisallowForUserScriptsExcept = 192.168.1.0/24 + ; + ; to whitelist all ports on addresses 192.168.1.0 to 192.168.1.255 + ; To specify an individual IP address use the /32 netmask + ; + ; OutboundDisallowForUserScriptsExcept = 192.168.1.2/32 + ; + ; See http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation for more information on CIDR notation + ;# {ExternalHostNameForLSL} {} {Hostname to use for HTTP-IN URLs. This should be reachable from the internet.} {} ;; Hostname to use in llRequestURL/llRequestSecureURL ;; if not defined - default machine name is being used diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini index aa5b7e5..77b07f4 100644 --- a/bin/OpenSimDefaults.ini +++ b/bin/OpenSimDefaults.ini @@ -492,6 +492,26 @@ ; (on Windows this mean NETBIOS name - useably only inside local network) ; ExternalHostNameForLSL=127.0.0.1 + ; Disallow the following address ranges for user scripting calls (e.g. llHttpRequest()) + ; This is based on http://en.wikipedia.org/wiki/Reserved_IP_addresses + ; This stops users making HTTP calls to machines in the simulator's local network. + ; If you need to allow some LAN calls we recommend you use OutboundDisallowForUserScriptsExcept documented in OpenSim.ini.example + ; If you override OutboundDisallowForUserScripts directly you need to be very careful. + ; + ; Network ranges are specified in CIDR notation (http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation) with multiple entries separated by | + ; To specify an individual IP address use the /32 netmask (e.g. 192.168.1.3/32) + ; You can also specify individual : endpoints (e.g. 192.168.1.3:8003) + ; If an address if given without a port number then port 80 is assumed. + OutboundDisallowForUserScripts = 0.0.0.0/8|10.0.0.0/8|100.64.0.0/10|127.0.0.0/8|169.254.0.0/16|172.16.0.0/12|192.0.0.0/24|192.0.2.0/24|192.88.99.0/24|192.168.0.0/16|198.18.0.0/15|198.51.100.0/24|203.0.113.0/24|224.0.0.0/4|240.0.0.0/4|255.255.255.255/32 + ; + ; You can also prevent all user script outgoing calls with the following override in OpenSim.ini + ; + ; OutboundDisallowForUserScripts = 0.0.0.0/0 + ; + ; You can also disable the blacklist entirely with an empty entry + ; + ; OutboundDisallowForUserScripts = "" + ; What is reported as the "X-Secondlife-Shard" ; Defaults to the user server url if not set ; The old default is "OpenSim", set here for compatibility -- cgit v1.1