From 207c3d1e71b00bdba4dabd63d7274e8f4a395a59 Mon Sep 17 00:00:00 2001
From: Adil El Farissi <144741970+AdilElFarissi@users.noreply.github.com>
Date: Fri, 26 Apr 2024 06:12:29 +0000
Subject: [PATCH] Revert some default params and fixes to SSL support

---
 OpenSim/Region/Application/ConfigurationLoader.cs  |  2 +-
 .../CoreModules/Scripting/LSLHttp/UrlModule.cs     |  5 ++++-
 OpenSim/Server/Base/ServicesServerBase.cs          |  4 ++--
 OpenSim/Tools/Configger/ConfigurationLoader.cs     |  2 +-
 bin/OpenSim.ini.example                            | 14 +++++++-------
 bin/OpenSimDefaults.ini                            |  4 ++--
 6 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/OpenSim/Region/Application/ConfigurationLoader.cs b/OpenSim/Region/Application/ConfigurationLoader.cs
index 66e46cb087..a13a34d09b 100644
--- a/OpenSim/Region/Application/ConfigurationLoader.cs
+++ b/OpenSim/Region/Application/ConfigurationLoader.cs
@@ -285,7 +285,7 @@ namespace OpenSim
             Uri configUri;
 
             return Uri.TryCreate(file, UriKind.Absolute,
-                    out configUri) && configUri.Scheme == Uri.UriSchemeHttp;
+                    out configUri) && (configUri.Scheme == Uri.UriSchemeHttp || configUri.Scheme == Uri.UriSchemeHttps);
         }
 
         /// <summary>
diff --git a/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs b/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs
index 2428e660dd..9f1e462014 100644
--- a/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs
+++ b/OpenSim/Region/CoreModules/Scripting/LSLHttp/UrlModule.cs
@@ -92,6 +92,7 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp
         protected bool m_enabled = false;
         protected string m_ErrorStr;
         protected uint m_HttpsPort = 0;
+        protected uint m_HttpPort = 0;
         protected IHttpServer m_HttpServer = null;
         protected IHttpServer m_HttpsServer = null;
 
@@ -134,6 +135,8 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp
 
                 bool ssl_enabled = config.Configs["Network"].GetBoolean("https_listener", false);
 
+                m_HttpPort = (uint)config.Configs["Network"].GetInt("http_listener_port", 9000);
+
                 if (ssl_enabled)
                     m_HttpsPort = (uint)config.Configs["Network"].GetInt("https_port", (int)m_HttpsPort);
             }
@@ -180,7 +183,7 @@ namespace OpenSim.Region.CoreModules.Scripting.LSLHttp
             {
                 // There can only be one
                 //
-                m_HttpServer = MainServer.Instance;
+                m_HttpServer = MainServer.GetHttpServer(m_HttpPort);
                 //
                 // We can use the https if it is enabled
                 if (m_HttpsPort > 0)
diff --git a/OpenSim/Server/Base/ServicesServerBase.cs b/OpenSim/Server/Base/ServicesServerBase.cs
index 220dad044e..402f853a34 100755
--- a/OpenSim/Server/Base/ServicesServerBase.cs
+++ b/OpenSim/Server/Base/ServicesServerBase.cs
@@ -339,7 +339,7 @@ namespace OpenSim.Server.Base
             Uri configUri;
 
             return Uri.TryCreate(file, UriKind.Absolute,
-                    out configUri) && configUri.Scheme == Uri.UriSchemeHttp;
+                    out configUri) && (configUri.Scheme == Uri.UriSchemeHttp || configUri.Scheme == Uri.UriSchemeHttps);
         }
 
         IConfigSource ReadConfigSource(string iniFile)
@@ -352,7 +352,7 @@ namespace OpenSim.Server.Base
             try
             {
                 if (Uri.TryCreate(iniFile, UriKind.Absolute, out configUri) &&
-                    configUri.Scheme == Uri.UriSchemeHttp)
+                    (configUri.Scheme == Uri.UriSchemeHttp || configUri.Scheme == Uri.UriSchemeHttps))
                 {
                     XmlReader r = XmlReader.Create(iniFile);
                     s = new XmlConfigSource(r);
diff --git a/OpenSim/Tools/Configger/ConfigurationLoader.cs b/OpenSim/Tools/Configger/ConfigurationLoader.cs
index f23c80a7b0..7889e52048 100644
--- a/OpenSim/Tools/Configger/ConfigurationLoader.cs
+++ b/OpenSim/Tools/Configger/ConfigurationLoader.cs
@@ -201,7 +201,7 @@ namespace OpenSim.Tools.Configger
             Uri configUri;
 
             return Uri.TryCreate(file, UriKind.Absolute,
-                    out configUri) && configUri.Scheme == Uri.UriSchemeHttp;
+                    out configUri) && (configUri.Scheme == Uri.UriSchemeHttp || configUri.Scheme == Uri.UriSchemeHttps);
         }
 
         /// <summary>
diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example
index e855442c6c..9f226fd993 100644
--- a/bin/OpenSim.ini.example
+++ b/bin/OpenSim.ini.example
@@ -52,7 +52,7 @@
     ;# {BaseHostname} {} {BaseHostname} {"example.com" "127.0.0.1"} "127.0.0.1"
     BaseHostname = "127.0.0.1"
 
-    ;# {BaseURL} {} {BaseURL} {"http://${Const|BaseHostname}} "http://${Const|BaseHostname}"
+    ;# {BaseURL} {} {BaseURL} {"http://${Const|BaseHostname"}} "http://${Const|BaseHostname}"
     BaseURL = http://${Const|BaseHostname}
 
     ; If you run a grid, several services should not be availble to world, access to them should be blocked on firewall
@@ -328,9 +328,9 @@
 	;# {CertPassword} {} {set the certificate password} {} ""
 	CertPassword = "mycertpass"
 	
-	;; The certificate host name (domain or IP of this machine CN).
-	;# {CertHostName} {} {set the certificate host name} {} ${Const|BaseHostname}
-	CertHostName = ${Const|BaseHostname}
+	;; The certificate host name (domain or IP of this machine CN). Must be the same as "ExternalHostName" in Regions.ini
+	;# {CertHostName} {} {set the certificate host name} {} "myRegionsExternalHostName"
+	CertHostName = "myRegionsExternalHostName"
 	
 	;; The certificate host IP (IP of this machine).
 	;# {CertHostIp} {} {set the certificate host IP} {}
@@ -344,7 +344,7 @@
 
     ;; you can also bypass the hostname or domain verification
     ;# {NoVerifyCertHostname} {} {do not verify SSL Cert name versus peer name} {true false} true
-    ; NoVerifyCertHostname = false
+    ; NoVerifyCertHostname = true
     ;; having both options true does provide encryption but with low security
     ;; set both true if you don't care to use SSL, they are needed to contact regions or grids that do use it.
     
@@ -445,7 +445,7 @@
     ;;
     ;; If set to false, then, in theory, the server never carries out
     ;; permission checks (allowing anybody to copy
-    ;; any item, etc.  This may not yet be implemented uniformally.
+    ;; any item, etc).  This may not yet be implemented uniformally.
     ;; If set to true, then all permissions checks are carried out
     ; serverside_object_permissions = true
 
@@ -618,7 +618,7 @@
     ; currently if using ssl, regions ExternalHostName must the the same and equal to http_listener_cn
     ; this may be removed in future
     ;# {http_listener_cn}{} {main server ssl externalHostName} {} ""
-    ;http_listener_cn = ${Const|BaseHostname}
+    ;http_listener_cn = "myRegionsExternalHostName"
 
     ; the path for the certificate path
     ;# {http_listener_cert_path}{} {main server ssl certificate file path} {} ""
diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini
index dd094b19cc..559f0dc678 100644
--- a/bin/OpenSimDefaults.ini
+++ b/bin/OpenSimDefaults.ini
@@ -417,8 +417,8 @@
 	; Set the certificate password.
 	CertPassword = "mycertpass"
 	
-	; The certificate host name (domain or IP of this machine CN).
-	CertHostName = ${Const|BaseHostname}
+	; The certificate host name (domain or IP of this machine CN). Must be the same as "ExternalHostName" in Regions.ini
+	CertHostName = "myRegionsExternalHostName"
 	
 	; The certificate host IP (IP of this machine).
 	CertHostIp = "127.0.0.1"