fix script secure llhttlrequest

0.9.1.0-post-fixes
UbitUmarov 2018-09-08 04:46:02 +01:00
parent e6615a193d
commit 0d93d5ce69
1 changed files with 43 additions and 41 deletions

View File

@ -110,49 +110,8 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest
public HttpRequestModule() public HttpRequestModule()
{ {
// ServicePointManager.ServerCertificateValidationCallback +=ValidateServerCertificate;
} }
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
// If this is a web request we need to check the headers first
// We may want to ignore SSL
if (sender is HttpWebRequest)
{
HttpWebRequest Request = (HttpWebRequest)sender;
ServicePoint sp = Request.ServicePoint;
// We don't case about encryption, get out of here
if (Request.Headers.Get("NoVerifyCert") != null)
{
return true;
}
// If there was an upstream cert verification error, bail
if ((((int)sslPolicyErrors) & ~4) != 0)
return false;
// Check for policy and execute it if defined
#pragma warning disable 0618
if (ServicePointManager.CertificatePolicy != null)
{
return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, Request, 0);
}
#pragma warning restore 0618
return true;
}
// If it's not HTTP, trust .NET to check it
if ((((int)sslPolicyErrors) & ~4) != 0)
return false;
return true;
}
#region IHttpRequestModule Members #region IHttpRequestModule Members
public UUID MakeHttpRequest(string url, string parameters, string body) public UUID MakeHttpRequest(string url, string parameters, string body)
@ -522,6 +481,47 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest
return null; return null;
} }
public static bool ValidateServerCertificate(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
// If this is a web request we need to check the headers first
// We may want to ignore SSL
if (sender is HttpWebRequest)
{
HttpWebRequest Request = (HttpWebRequest)sender;
ServicePoint sp = Request.ServicePoint;
// We don't case about encryption, get out of here
if (Request.Headers.Get("NoVerifyCert") != null)
{
return true;
}
// If there was an upstream cert verification error, bail
if ((((int)sslPolicyErrors) & ~4) != 0)
return false;
// Check for policy and execute it if defined
#pragma warning disable 0618
if (ServicePointManager.CertificatePolicy != null)
{
return ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, Request, 0);
}
#pragma warning restore 0618
return true;
}
// If it's not HTTP, trust .NET to check it
if ((((int)sslPolicyErrors) & ~4) != 0)
return false;
return true;
}
/* /*
* TODO: More work on the response codes. Right now * TODO: More work on the response codes. Right now
* returning 200 for success or 499 for exception * returning 200 for success or 499 for exception
@ -538,6 +538,8 @@ namespace OpenSim.Region.CoreModules.Scripting.HttpRequest
try try
{ {
Request = (HttpWebRequest)WebRequest.Create(Url); Request = (HttpWebRequest)WebRequest.Create(Url);
Request.ServerCertificateValidationCallback = ValidateServerCertificate;
Request.AllowAutoRedirect = false; Request.AllowAutoRedirect = false;
Request.KeepAlive = false; Request.KeepAlive = false;