From bc49a0bc5df9e600af1e291fad3719949a592685 Mon Sep 17 00:00:00 2001 From: "Justin Clark-Casey (justincc)" Date: Fri, 6 May 2011 00:09:08 +0100 Subject: [PATCH 1/6] Add "dump asset" command to the asset service for debugging purposes. This command dumps the asset with the given id to a file with the same name. --- OpenSim/Services/AssetService/AssetService.cs | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/OpenSim/Services/AssetService/AssetService.cs b/OpenSim/Services/AssetService/AssetService.cs index e1f90b6e18..25a91f2762 100644 --- a/OpenSim/Services/AssetService/AssetService.cs +++ b/OpenSim/Services/AssetService/AssetService.cs @@ -26,9 +26,12 @@ */ using System; +using System.Collections.Generic; +using System.IO; using System.Reflection; using Nini.Config; using log4net; +using NDesk.Options; using OpenSim.Framework; using OpenSim.Framework.Console; using OpenSim.Data; @@ -60,6 +63,13 @@ namespace OpenSim.Services.AssetService "delete asset", "delete asset ", "Delete asset from database", HandleDeleteAsset); + + MainConsole.Instance.Commands.AddCommand("kfs", false, + "dump asset", + "dump asset ", + "Dump asset to a file", + "The filename is the same as the ID given.", + HandleDumpAsset); if (m_AssetLoader != null) { @@ -189,6 +199,39 @@ namespace OpenSim.Services.AssetService return false; } + + void HandleDumpAsset(string module, string[] args) + { + if (args.Length < 3) + { + MainConsole.Instance.Output("Usage is dump asset "); + return; + } + + string rawAssetId = args[2]; + UUID assetId; + + if (!UUID.TryParse(rawAssetId, out assetId)) + { + MainConsole.Instance.OutputFormat("ERROR: {0} is not a valid ID format", rawAssetId); + return; + } + + AssetBase asset = m_Database.GetAsset(assetId); + if (asset == null) + { + MainConsole.Instance.OutputFormat("ERROR: No asset found with ID {0}", assetId); + return; + } + + using (FileStream fs = new FileStream(rawAssetId, FileMode.CreateNew)) + { + using (BinaryWriter bw = new BinaryWriter(fs)) + { + bw.Write(asset.Data); + } + } + } void HandleShowDigest(string module, string[] args) { From 46baadbb65ac82260f46e580addda2f45efee120 Mon Sep 17 00:00:00 2001 From: "Justin Clark-Casey (justincc)" Date: Fri, 6 May 2011 00:22:19 +0100 Subject: [PATCH 2/6] remove the NDesk.Options using since didn't end up needing it --- OpenSim/Services/AssetService/AssetService.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/OpenSim/Services/AssetService/AssetService.cs b/OpenSim/Services/AssetService/AssetService.cs index 25a91f2762..80d58e18e4 100644 --- a/OpenSim/Services/AssetService/AssetService.cs +++ b/OpenSim/Services/AssetService/AssetService.cs @@ -31,7 +31,6 @@ using System.IO; using System.Reflection; using Nini.Config; using log4net; -using NDesk.Options; using OpenSim.Framework; using OpenSim.Framework.Console; using OpenSim.Data; From 8755a48cde6ee77f421bef07e8b95cf8b68a76ed Mon Sep 17 00:00:00 2001 From: "Justin Clark-Casey (justincc)" Date: Fri, 6 May 2011 00:34:04 +0100 Subject: [PATCH 3/6] fix command display for debugging 'emergency-monitoring' --- .../OptionalModules/Agent/UDP/Linden/LindenUDPInfoModule.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OpenSim/Region/OptionalModules/Agent/UDP/Linden/LindenUDPInfoModule.cs b/OpenSim/Region/OptionalModules/Agent/UDP/Linden/LindenUDPInfoModule.cs index db17d8faf7..bdebbfbb8e 100644 --- a/OpenSim/Region/OptionalModules/Agent/UDP/Linden/LindenUDPInfoModule.cs +++ b/OpenSim/Region/OptionalModules/Agent/UDP/Linden/LindenUDPInfoModule.cs @@ -107,7 +107,7 @@ namespace OpenSim.Region.CoreModules.UDP.Linden scene.AddCommand( this, "emergency-monitoring", - "Go on/off emergency monitoring mode", + "emergency-monitoring", "Go on/off emergency monitoring mode", "Go on/off emergency monitoring mode", EmergencyMonitoring); From 8ca793875318efc8db3339b25bf7fa5ddeeac218 Mon Sep 17 00:00:00 2001 From: BlueWall Date: Sun, 1 May 2011 14:44:09 -0400 Subject: [PATCH 4/6] Adding ssl support Adding ssl support for "Out of Band" applications such as the remote admin module or Robust services --- OpenSim/Framework/MainServer.cs | 5 ++ OpenSim/Framework/NetworkServersInfo.cs | 15 ++++ .../Servers/HttpServer/BaseHttpServer.cs | 14 ++++ .../ClientStack/RegionApplicationBase.cs | 16 ++++ OpenSim/Server/Base/HttpServerBase.cs | 77 ++++++++++++++++++- bin/OpenSimDefaults.ini | 14 ++++ bin/Robust.ini.example | 21 +++++ 7 files changed, 160 insertions(+), 2 deletions(-) diff --git a/OpenSim/Framework/MainServer.cs b/OpenSim/Framework/MainServer.cs index 0515b166e2..a3e0a26bb7 100644 --- a/OpenSim/Framework/MainServer.cs +++ b/OpenSim/Framework/MainServer.cs @@ -52,6 +52,11 @@ namespace OpenSim.Framework return GetHttpServer(port,null); } + public static void AddHttpServer(BaseHttpServer server) + { + m_Servers.Add(server.Port, server); + } + public static IHttpServer GetHttpServer(uint port, IPAddress ipaddr) { if (port == 0) diff --git a/OpenSim/Framework/NetworkServersInfo.cs b/OpenSim/Framework/NetworkServersInfo.cs index b25f8b9f60..5bb4111c90 100644 --- a/OpenSim/Framework/NetworkServersInfo.cs +++ b/OpenSim/Framework/NetworkServersInfo.cs @@ -49,6 +49,12 @@ namespace OpenSim.Framework public string HttpSSLCN = ""; public uint httpSSLPort = 9001; + // "Out of band" managemnt https + public bool ssl_listener = false; + public uint https_port = 0; + public string cert_path = String.Empty; + public string cert_pass = String.Empty; + public string MessagingURL = String.Empty; public NetworkServersInfo() @@ -86,6 +92,15 @@ namespace OpenSim.Framework secureInventoryServer = config.Configs["Network"].GetBoolean("secure_inventory_server", true); MessagingURL = config.Configs["Network"].GetString("messaging_server_url", string.Empty); + + // "Out of band management https" + ssl_listener = config.Configs["Network"].GetBoolean("https_listener",false); + if( ssl_listener) + { + cert_path = config.Configs["Network"].GetString("cert_path",String.Empty); + cert_pass = config.Configs["Network"].GetString("cert_pass",String.Empty); + https_port = (uint)config.Configs["Network"].GetInt("https_port", 0); + } } } } diff --git a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs index ba89e2117b..598e5d17cd 100644 --- a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs +++ b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs @@ -32,6 +32,7 @@ using System.Collections.Specialized; using System.IO; using System.Net; using System.Net.Sockets; +using System.Security.Cryptography.X509Certificates; using System.Reflection; using System.Globalization; using System.Text; @@ -72,6 +73,7 @@ namespace OpenSim.Framework.Servers.HttpServer protected uint m_port; protected uint m_sslport; protected bool m_ssl; + private X509Certificate2 m_cert; protected bool m_firstcaps = true; protected string m_SSLCommonName = ""; @@ -123,6 +125,14 @@ namespace OpenSim.Framework.Servers.HttpServer } } + public BaseHttpServer(uint port, bool ssl, string CPath, string CPass) : this (port, ssl) + { + if (m_ssl) + { + m_cert = new X509Certificate2(CPath, CPass); + } + } + /// /// Add a stream handler to the http server. If the handler already exists, then nothing happens. /// @@ -1683,6 +1693,7 @@ namespace OpenSim.Framework.Servers.HttpServer try { //m_httpListener = new HttpListener(); + NotSocketErrors = 0; if (!m_ssl) { @@ -1702,6 +1713,9 @@ namespace OpenSim.Framework.Servers.HttpServer { //m_httpListener.Prefixes.Add("https://+:" + (m_sslport) + "/"); //m_httpListener.Prefixes.Add("http://+:" + m_port + "/"); + m_httpListener2 = CoolHTTPListener.Create(IPAddress.Any, (int)m_port, m_cert); + m_httpListener2.ExceptionThrown += httpServerException; + m_httpListener2.LogWriter = httpserverlog; } m_httpListener2.RequestReceived += OnRequest; diff --git a/OpenSim/Region/ClientStack/RegionApplicationBase.cs b/OpenSim/Region/ClientStack/RegionApplicationBase.cs index ea1317a19c..6e3a58e63a 100644 --- a/OpenSim/Region/ClientStack/RegionApplicationBase.cs +++ b/OpenSim/Region/ClientStack/RegionApplicationBase.cs @@ -96,6 +96,22 @@ namespace OpenSim.Region.ClientStack MainServer.Instance = m_httpServer; + // "OOB" Server + if (m_networkServersInfo.ssl_listener) + { + BaseHttpServer server = null; + server = new BaseHttpServer( + m_networkServersInfo.https_port, m_networkServersInfo.ssl_listener, m_networkServersInfo.cert_path, + m_networkServersInfo.cert_pass); + // Add the server to m_Servers + if(server != null) + { + m_log.InfoFormat("[REGION SERVER]: Starting HTTPS server on port {0}", server.Port); + MainServer.AddHttpServer(server); + server.Start(); + } + } + base.StartupSpecific(); } diff --git a/OpenSim/Server/Base/HttpServerBase.cs b/OpenSim/Server/Base/HttpServerBase.cs index 9e4593e19e..bb5ce96757 100644 --- a/OpenSim/Server/Base/HttpServerBase.cs +++ b/OpenSim/Server/Base/HttpServerBase.cs @@ -97,16 +97,76 @@ namespace OpenSim.Server.Base if (port == 0) { - System.Console.WriteLine("Port number not specified or 0, server can't start"); + Thread.CurrentThread.Abort(); } + // + bool ssl_main = networkConfig.GetBoolean("https_main",false); + bool ssl_listener = networkConfig.GetBoolean("https_listener",false); m_consolePort = (uint)networkConfig.GetInt("ConsolePort", 0); m_Port = port; + // + // This is where to make the servers: + // + // + // Make the base server according to the port, etc. + // ADD: Possibility to make main server ssl + // Then, check for https settings and ADD a server to + // m_Servers + // + if ( !ssl_main ) + { + m_HttpServer = new BaseHttpServer(port); - m_HttpServer = new BaseHttpServer(port); + } + else + { + string cert_path = networkConfig.GetString("cert_path",String.Empty); + if ( cert_path == String.Empty ) + { + System.Console.WriteLine("Path to X509 certificate is missing, server can't start."); + Thread.CurrentThread.Abort(); + } + string cert_pass = networkConfig.GetString("cert_pass",String.Empty); + if ( cert_pass == String.Empty ) + { + System.Console.WriteLine("Password for X509 certificate is missing, server can't start."); + Thread.CurrentThread.Abort(); + } + m_HttpServer = new BaseHttpServer(port, ssl_main, cert_path, cert_pass); + } MainServer.Instance = m_HttpServer; + + // If https_listener = true, then add an ssl listener on the https_port... + if ( ssl_listener == true ) { + + uint https_port = (uint)networkConfig.GetInt("https_port", 0); + + string cert_path = networkConfig.GetString("cert_path",String.Empty); + if ( cert_path == String.Empty ) + { + System.Console.WriteLine("Path to X509 certificate is missing, server can't start."); + Thread.CurrentThread.Abort(); + } + string cert_pass = networkConfig.GetString("cert_pass",String.Empty); + if ( cert_pass == String.Empty ) + { + System.Console.WriteLine("Password for X509 certificate is missing, server can't start."); + Thread.CurrentThread.Abort(); + } + // Add our https_server + BaseHttpServer server = null; + server = new BaseHttpServer(https_port, ssl_listener, cert_path, cert_pass); + if (server != null) + { + m_Log.InfoFormat("[SERVER]: Starting HTTPS server on port {0}", https_port); + m_Servers.Add(https_port,server); + } + else + System.Console.WriteLine(String.Format("Failed to start HTTPS server on port {0}",https_port)); + } } protected override void Initialise() @@ -114,6 +174,19 @@ namespace OpenSim.Server.Base m_Log.InfoFormat("[SERVER]: Starting HTTP server on port {0}", m_HttpServer.Port); m_HttpServer.Start(); + if (m_Servers.Count > 0) + { + foreach (BaseHttpServer s in m_Servers.Values) + { + if (!s.UseSSL) + m_Log.InfoFormat("[SERVER]: Starting HTTP server on port {0}", s.Port); + else + m_Log.InfoFormat("[SERVER]: Starting HTTPS server on port {0}", s.Port); + + s.Start(); + } + } + if (MainConsole.Instance is RemoteConsole) { if (m_consolePort == 0) diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini index 6d2d54daca..2e192f1178 100644 --- a/bin/OpenSimDefaults.ini +++ b/bin/OpenSimDefaults.ini @@ -291,6 +291,20 @@ http_listener_sslport = 9001 ; Use this port for SSL connections http_listener_ssl_cert = "" ; Currently unused, but will be used for OSHttpServer + ; HTTPS for "Out of band" management applications such as the remote + ; admin module + ; + ; Create https_listener = "True" will create a listener on the port + ; specified. Provide the path to your server certificate along with it's + ; password + ; https_listener = False + ; Set our listener to this port + ; https_port = 0 + ; Path to X509 certificate + ; cert_path = "path/to/cert.p12" + ; Password for cert + ; cert_pass = "password" + ; Hostname to use in llRequestURL/llRequestSecureURL ; if not defined - default machine name is being used ; (on Windows this mean NETBIOS name - useably only inside local network) diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index 047e9eeed6..cc018f8867 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example @@ -21,6 +21,27 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003 [Network] port = 8003 + + ; HTTPS for "Out of band" management applications such as the remote admin + ; module. May specify https_main = True to make the main http server + ; use https or "False" to make the main server HTTP + ; https_main = False + ; + ; Create https_listener = "True" will create a listener on the port + ; specified. Provide the path to your server certificate along with it's + ; password + ; https_listener = False + ; + ; Set our listener to this port + ; https_port = 0 + ; + ; Path to X509 certificate + ; cert_path = "path/to/cert.p12" + ; + ; Password for cert + ; cert_pass = "password" + + ; * The following are for the remote console ; * They have no effect for the local or basic console types ; * Leave commented to diable logins to the console From e4e95706d52fad2bab4a725955449f6bdb523a29 Mon Sep 17 00:00:00 2001 From: BlueWall Date: Mon, 2 May 2011 14:35:44 -0400 Subject: [PATCH 5/6] Add support for llRequestSecureURL() if ssl is enabled --- .../Scripting/LSLHttp/UrlModule.cs | 61 +++++++++++++++++-- 1 file changed, 56 insertions(+), 5 deletions(-) diff --git a/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs b/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs index 9b565ed85b..a552a28912 100644 --- a/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs +++ b/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs @@ -78,7 +78,9 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp private int m_TotalUrls = 100; + private uint https_port = 0; private IHttpServer m_HttpServer = null; + private IHttpServer m_HttpsServer = null; private string m_ExternalHostNameForLSL = ""; @@ -100,6 +102,11 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp public void Initialise(IConfigSource config) { m_ExternalHostNameForLSL = config.Configs["Network"].GetString("ExternalHostNameForLSL", System.Environment.MachineName); + bool ssl_enabled = config.Configs["Network"].GetBoolean("https_listener",false); + if (ssl_enabled) + { + https_port = (uint) config.Configs["Network"].GetInt("https_port",0); + } } public void PostInitialise() @@ -113,6 +120,12 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp // There can only be one // m_HttpServer = MainServer.Instance; + // + // We can use the https if it is enabled + if (https_port > 0) + { + m_HttpsServer = MainServer.GetHttpServer(https_port); + } } scene.RegisterModuleInterface(this); @@ -171,7 +184,40 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp { UUID urlcode = UUID.Random(); - engine.PostScriptEvent(itemID, "http_request", new Object[] { urlcode.ToString(), "URL_REQUEST_DENIED", "" }); + if (m_HttpsServer == null) + { + engine.PostScriptEvent(itemID, "http_request", new Object[] { urlcode.ToString(), "URL_REQUEST_DENIED", "" }); + return urlcode; + } + + lock (m_UrlMap) + { + if (m_UrlMap.Count >= m_TotalUrls) + { + engine.PostScriptEvent(itemID, "http_request", new Object[] { urlcode.ToString(), "URL_REQUEST_DENIED", "" }); + return urlcode; + } + string url = "https://" + m_ExternalHostNameForLSL + ":" + m_HttpsServer.Port.ToString() + "/lslhttps/" + urlcode.ToString() + "/"; + + UrlData urlData = new UrlData(); + urlData.hostID = host.UUID; + urlData.itemID = itemID; + urlData.engine = engine; + urlData.url = url; + urlData.urlcode = urlcode; + urlData.requests = new Dictionary(); + + + m_UrlMap[url] = urlData; + + string uri = "/lslhttps/" + urlcode.ToString() + "/"; + + m_HttpsServer.AddPollServiceHTTPHandler(uri,HandleHttpPoll, + new PollServiceEventArgs(HttpRequestHandler,HasEvents, GetEvents, NoEvents, + urlcode)); + + engine.PostScriptEvent(itemID, "http_request", new Object[] { urlcode.ToString(), "URL_REQUEST_GRANTED", url }); + } return urlcode; } @@ -345,7 +391,7 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp } private Hashtable GetEvents(UUID requestID, UUID sessionID, string request) { - UrlData url = null; + UrlData url = null; RequestData requestData = null; lock (m_RequestMap) @@ -391,11 +437,12 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp lock (request) { string uri = request["uri"].ToString(); - + bool is_ssl = uri.Contains("lslhttps"); + try { Hashtable headers = (Hashtable)request["headers"]; - + // string uri_full = "http://" + m_ExternalHostNameForLSL + ":" + m_HttpServer.Port.ToString() + uri;// "/lslhttp/" + urlcode.ToString() + "/"; int pos1 = uri.IndexOf("/");// /lslhttp @@ -409,7 +456,11 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp pathInfo = uri.Substring(pos3); - UrlData url = m_UrlMap["http://" + m_ExternalHostNameForLSL + ":" + m_HttpServer.Port.ToString() + uri_tmp]; + UrlData url = null; + if (!is_ssl) + url = m_UrlMap["http://" + m_ExternalHostNameForLSL + ":" + m_HttpServer.Port.ToString() + uri_tmp]; + else + url = m_UrlMap["https://" + m_ExternalHostNameForLSL + ":" + m_HttpsServer.Port.ToString() + uri_tmp]; //for llGetHttpHeader support we need to store original URI here //to make x-path-info / x-query-string / x-script-url / x-remote-ip headers From fd44540c023e7df35308a40df9e61d7f9273eba4 Mon Sep 17 00:00:00 2001 From: "Justin Clark-Casey (justincc)" Date: Fri, 6 May 2011 01:06:28 +0100 Subject: [PATCH 6/6] add descriptive explanations for region restart functionality --- .../CoreModules/World/Region/RestartModule.cs | 19 +++++++++++++------ .../Agent/UDP/Linden/LindenUDPInfoModule.cs | 1 - 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/OpenSim/Region/CoreModules/World/Region/RestartModule.cs b/OpenSim/Region/CoreModules/World/Region/RestartModule.cs index ab6a598ace..e983239b4a 100644 --- a/OpenSim/Region/CoreModules/World/Region/RestartModule.cs +++ b/OpenSim/Region/CoreModules/World/Region/RestartModule.cs @@ -64,19 +64,26 @@ namespace OpenSim.Region.CoreModules.World.Region public void AddRegion(Scene scene) { m_Scene = scene; + scene.RegisterModuleInterface(this); MainConsole.Instance.Commands.AddCommand("RestartModule", false, "region restart bluebox", - "region restart bluebox