diff --git a/OpenSim/Region/Application/OpenSimBase.cs b/OpenSim/Region/Application/OpenSimBase.cs index 72de81ee67..6927b9e734 100755 --- a/OpenSim/Region/Application/OpenSimBase.cs +++ b/OpenSim/Region/Application/OpenSimBase.cs @@ -355,7 +355,7 @@ namespace OpenSim // Sure is not the right place for this but do the job... // Must always be called before (all) / the HTTP servers starting for the Certs creation or renewals. - if(startupConfig.GetBoolean("EnbleSelfsignedCertSupport")) + if(startupConfig.GetBoolean("EnableSelfsignedCertSupport")) { if(!File.Exists("SSL\\ssl\\"+ startupConfig.GetString("CertFileName") +".p12") || startupConfig.GetBoolean("CertRenewOnStartup")) { diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index c3a1e540f7..6f8354dec0 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -2481,7 +2481,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api { UserAgentServiceConnector userConnection = new(serverURI); - if (userConnection is not null) + if (userConnection is not null && serverURI.StartsWith("http://")) { userID = userConnection.GetUUID(realFirstName, realLastName); if (!userID.IsZero()) @@ -2490,6 +2490,21 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api return userID.ToString(); } } + else + { + // Override hardcoded http in Util.ParseForeignAvatarName + string SSLserverURI = serverURI.Replace("http://", "https://"); + userConnection = new(SSLserverURI); + if (userConnection is not null) + { + userID = userConnection.GetUUID(realFirstName, realLastName); + if (!userID.IsZero()) + { + userManager.AddUser(userID, realFirstName, realLastName, SSLserverURI); + return userID.ToString(); + } + } + } } catch (Exception /*e*/) { @@ -5561,6 +5576,28 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api return LSL_String.NullKey; } + public LSL_List osGetLinkInventoryKeys(LSL_Integer linkNumber, LSL_Integer type) + { + LSL_List ret = new(); + + SceneObjectPart part = GetSingleLinkPart(linkNumber); + if(part == null) + return ret; + + part.TaskInventory.LockItemsForRead(true); + foreach (KeyValuePair inv in part.TaskInventory) + { + if (inv.Value.Type == type || type == -1 && + (inv.Value.CurrentPermissions + & (uint)(PermissionMask.Copy | PermissionMask.Transfer | PermissionMask.Modify)) + == (uint)(PermissionMask.Copy | PermissionMask.Transfer | PermissionMask.Modify)) + ret.Add(inv.Value.AssetID.ToString()); + } + + part.TaskInventory.LockItemsForRead(false); + return ret; + } + public LSL_Key osGetLinkInventoryItemKey(LSL_Integer linkNumber, LSL_String name) { SceneObjectPart part = GetSingleLinkPart(linkNumber); diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs index dd9bba1c14..604c349976 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs @@ -562,6 +562,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api.Interfaces LSL_Key osGetInventoryLastOwner(LSL_String itemNameOrId); LSL_Key osGetInventoryItemKey(LSL_String name); LSL_Key osGetLinkInventoryKey(LSL_Integer linkNumber, LSL_String name, LSL_Integer type); + LSL_List osGetLinkInventoryKeys(LSL_Integer linkNumber, LSL_Integer type); LSL_Key osGetLinkInventoryItemKey(LSL_Integer linkNumber, LSL_String name); LSL_String osGetInventoryName(LSL_Key itemId); LSL_String osGetLinkInventoryName(LSL_Integer linkNumber, LSL_Key itemId); diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs index b16c905122..3c181623b1 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs @@ -1465,6 +1465,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.ScriptBase { return m_OSSL_Functions.osGetLinkInventoryKey(linkNumber, name, type); } + + [MethodImpl(MethodImplOptions.AggressiveInlining)] + public LSL_List osGetLinkInventoryKeys(LSL_Integer linkNumber, LSL_Integer type) + { + return m_OSSL_Functions.osGetLinkInventoryKeys(linkNumber, type); + } [MethodImpl(MethodImplOptions.AggressiveInlining)] public LSL_Key osGetLinkInventoryItemKey(LSL_Integer linkNumber, LSL_String name) diff --git a/OpenSim/Server/Base/ServicesServerBase.cs b/OpenSim/Server/Base/ServicesServerBase.cs index ca8d02a841..220dad044e 100755 --- a/OpenSim/Server/Base/ServicesServerBase.cs +++ b/OpenSim/Server/Base/ServicesServerBase.cs @@ -133,6 +133,19 @@ namespace OpenSim.Server.Base m_configDirectory = startupConfig.GetString("ConfigDirectory", m_configDirectory); prompt = startupConfig.GetString("Prompt", prompt); + + if(startupConfig.GetBoolean("EnableRobustSelfsignedCertSupport")) + { + if(!File.Exists("SSL\\ssl\\"+ startupConfig.GetString("RobustCertFileName") +".p12") || startupConfig.GetBoolean("RobustCertRenewOnStartup")) + { + Util.CreateOrUpdateSelfsignedCert( + string.IsNullOrEmpty(startupConfig.GetString("RobustCertFileName")) ? "Robust" : startupConfig.GetString("RobustCertFileName"), + string.IsNullOrEmpty(startupConfig.GetString("RobustCertHostName")) ? "localhost" : startupConfig.GetString("RobustCertHostName"), + string.IsNullOrEmpty(startupConfig.GetString("RobustCertHostIp")) ? "127.0.0.1" : startupConfig.GetString("RobustCertHostIp"), + string.IsNullOrEmpty(startupConfig.GetString("RobustCertPassword")) ? string.Empty : startupConfig.GetString("RobustCertPassword") + ); + } + } } // Allow derived classes to load config before the console is opened. ReadConfig(); diff --git a/OpenSim/Services/GridService/HypergridLinker.cs b/OpenSim/Services/GridService/HypergridLinker.cs index d9f5a22e20..ba2dc78c6f 100644 --- a/OpenSim/Services/GridService/HypergridLinker.cs +++ b/OpenSim/Services/GridService/HypergridLinker.cs @@ -617,7 +617,7 @@ namespace OpenSim.Services.GridService } //this should be the prefererred way of setting up hg links now - if (cmdparams[2].StartsWith("http")) + if (cmdparams[2].StartsWith("http") || cmdparams[2].StartsWith("https")) { RunLinkRegionCommand(cmdparams); } @@ -632,7 +632,11 @@ namespace OpenSim.Services.GridService parameters.Insert(3, parts[2]); cmdparams = (string[])parameters.ToArray(typeof(string)); } - cmdparams[2] = "http://" + parts[0] + ':' + parts[1]; + string uri = cmdparams[2].StartsWith("https") + ? "https://" + parts[0] + ':' + parts[1] + : "http://" + parts[0] + ':' + parts[1]; + + cmdparams[2] = uri; RunLinkRegionCommand(cmdparams); } diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index 5d62ad3c4d..e855442c6c 100644 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example @@ -313,28 +313,28 @@ ;; SSL selfsigned certificate settings. ;; Enable selfsigned certificate creation for local and external use. When set to true, will create a folder SSL\ and 2 sub folders SSL\ssl\ and SSL\src\. Next creates and store an RSA private key in SSL\src\ and the derived selfsigned certificate in SSL\ssl\ folder. Is also possible to renew the certificate on every server restart if CertRenewOnStartup is set to true. ;# {EnbleSelfsignedCertSupport} {} {Enable selfsigned certificate creation and renew} {true false} false - ;EnbleSelfsignedCertSupport = true + EnableSelfsignedCertSupport = false ;; Is free... so why not :). Renew the selfsigned certificate on every server startup ? ;# {CertRenewOnStartup} {} {renew the selfsigned certificate on the server startup} {true false} true - ;CertRenewOnStartup = true + CertRenewOnStartup = true ;; Certificate options: ;; Set the certificate file name. the output files extensions are CertFileName.p12 and CertFileName.pfx. ;# {CertFileName} {} {set the certificate file name} {} "OpenSim" - ;CertFileName = "OpenSim" + CertFileName = "OpenSim" ;; Set the certificate password. ;# {CertPassword} {} {set the certificate password} {} "" - ;CertPassword = "mycertpass" + CertPassword = "mycertpass" ;; The certificate host name (domain or IP of this machine CN). ;# {CertHostName} {} {set the certificate host name} {} ${Const|BaseHostname} - ;CertHostName = ${Const|BaseHostname} + CertHostName = ${Const|BaseHostname} ;; The certificate host IP (IP of this machine). ;# {CertHostIp} {} {set the certificate host IP} {} - ;CertHostIp = "127.0.0.1" + CertHostIp = "127.0.0.1" ;; SSL certificate validation options diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini index 69ca1474a9..dd094b19cc 100644 --- a/bin/OpenSimDefaults.ini +++ b/bin/OpenSimDefaults.ini @@ -405,23 +405,23 @@ ; # ; Enable selfsigned certificate creation for local and external use. When set to true, will create a folder SSL\ and 2 sub folders SSL\ssl\ and SSL\src\. Next creates and store an RSA private key in SSL\src\ and the derived selfsigned certificate in SSL\ssl\ folder. Is also possible to renew the certificate on every server restart if CertRenewOnStartup is set to true. - EnbleSelfsignedCertSupport = false + EnableSelfsignedCertSupport = false ; Is free... so why not :). Renew the selfsigned certificate on every server startup ? - ;CertRenewOnStartup = true + CertRenewOnStartup = true ; # Certificate options: ; Set the certificate file name. the output files extensions are CertFileName.p12 and CertFileName.pfx. - ;CertFileName = "OpenSim" + CertFileName = "OpenSim" ; Set the certificate password. - ;CertPassword = "mycertpass" + CertPassword = "mycertpass" ; The certificate host name (domain or IP of this machine CN). - ;CertHostName = ${Const|BaseHostname} + CertHostName = ${Const|BaseHostname} ; The certificate host IP (IP of this machine). - ;CertHostIp = "127.0.0.1" + CertHostIp = "127.0.0.1" ; # ; # SSL certificates validation options diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example index d3bc92fca7..2b7fa6aefe 100644 --- a/bin/Robust.HG.ini.example +++ b/bin/Robust.HG.ini.example @@ -23,9 +23,15 @@ ; * uses to write data. ; * [Const] + ; The domain or IP of the Robust server. + BaseHostname = "127.0.0.1" - ; The URL of the Robust server - BaseURL = "http://127.0.0.1" + ; The http URL of the Robust server. + BaseURL = "http://${Const|BaseHostname}" + + ; The https URL of the Robust server. + ; Use this if you have the SSL enabled. + ; BaseURL = "https://${Const|BaseHostname}" ; The public port of the Robust server PublicPort = "8002" @@ -72,12 +78,32 @@ ; Time stamp commands in history file (default false) ; ConsoleHistoryTimeStamp = false + + ;; SSL selfsigned certificate settings. + ; Enable selfsigned certificate creation for local and external use. When set to true, will create a folder SSL\ and 2 sub folders SSL\ssl\ and SSL\src\. Next creates and store an RSA private key in SSL\src\ and the derived selfsigned certificate in SSL\ssl\ folder. Is also possible to renew the certificate on every server restart if CertRenewOnStartup is set to true. + EnableRobustSelfsignedCertSupport = false + + ; Is free... so why not :). Renew the selfsigned certificate on every server startup ? + RobustCertRenewOnStartup = true + + ;; Certificate options: + ; Set the certificate file name. the output files extensions are CertFileName.p12 and RobustCertFileName.pfx. This must be different than CertFileName in OpenSim.ini + RobustCertFileName = "Robust" + + ; Set the certificate password. + RobustCertPassword = "mycertpass" + + ; The certificate host name (CN). + RobustCertHostName = ${Const|BaseHostname} + + ; The certificate host IP. + RobustCertHostIp = "127.0.0.1" ; peers SSL certificate validation options ; you can allow selfsigned certificates or no official CA with next option set to true NoVerifyCertChain = true ; you can also bypass the hostname or domain verification - NoVerifyCertHostname = true + NoVerifyCertHostname = false ; having both options true does provide encryption but with low security ; set both true if you don't care to use SSL, they are needed to contact regions or grids that do use it. diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index bb8df149a8..6ddfb7bb22 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example @@ -15,8 +15,15 @@ ; * [Const] - ; The URL of the Robust server - BaseURL = "http://127.0.0.1" + ; The domain or IP of the Robust server. + BaseHostname = "127.0.0.1" + + ; The http URL of the Robust server. + BaseURL = "http://${Const|BaseHostname}" + + ; The https URL of the Robust server. + ; Use this if you have the SSL enabled. + ; BaseURL = "https://${Const|BaseHostname}" ; The public port of the Robust server PublicPort = "8002" @@ -64,12 +71,32 @@ ; Time stamp commands in history file (default false) ; ConsoleHistoryTimeStamp = false + + ;; SSL selfsigned certificate settings. + ; Enable selfsigned certificate creation for local and external use. When set to true, will create a folder SSL\ and 2 sub folders SSL\ssl\ and SSL\src\. Next creates and store an RSA private key in SSL\src\ and the derived selfsigned certificate in SSL\ssl\ folder. Is also possible to renew the certificate on every server restart if CertRenewOnStartup is set to true. + EnableRobustSelfsignedCertSupport = false + + ; Is free... so why not :). Renew the selfsigned certificate on every server startup ? + RobustCertRenewOnStartup = true + + ;; Certificate options: + ; Set the certificate file name. the output files extensions are RobustCertFileName.p12 and RobustCertFileName.pfx. + RobustCertFileName = "Robust" + + ; Set the certificate password. + RobustCertPassword = "mycertpass" + + ; The certificate host name (CN). + RobustCertHostName = ${Const|BaseHostname} + + ; The certificate host IP. + RobustCertHostIp = "127.0.0.1" ; peers SSL certificate validation options ; you can allow selfsigned certificates or no official CA with next option set to true NoVerifyCertChain = true ; you can also bypass the hostname or domain verification - NoVerifyCertHostname = true + NoVerifyCertHostname = false ; having both options true does provide encryption but with low security ; set both true if you don't care to use SSL, they are needed to contact regions or grids that do use it.