/// <summary> /// Initializes a new instance of the <see cref="OpenSim.Framework.OutboundUrlFilter"/> class. /// </summary> /// <param name="name">Name of the filter for logging purposes.</param> /// <param name="config">Filter configuration</param> public OutboundUrlFilter(string name, IConfigSource config) { Name = name; string configBlacklist = "0.0.0.0/8|10.0.0.0/8|100.64.0.0/10|127.0.0.0/8|169.254.0.0/16|172.16.0.0/12|192.0.0.0/24|192.0.2.0/24|192.88.99.0/24|192.168.0.0/16|198.18.0.0/15|198.51.100.0/24|203.0.113.0/24|224.0.0.0/4|240.0.0.0/4|255.255.255.255/32"; string configBlacklistExceptions = ""; IConfig networkConfig = config.Configs["Network"]; if (networkConfig != null) { configBlacklist = networkConfig.GetString("OutboundDisallowForUserScripts", configBlacklist); configBlacklistExceptions = networkConfig.GetString("OutboundDisallowForUserScriptsExcept", configBlacklistExceptions); } m_log.DebugFormat( "[OUTBOUND URL FILTER]: OutboundDisallowForUserScripts for {0} is [{1}]", Name, configBlacklist); m_log.DebugFormat( "[OUTBOUND URL FILTER]: OutboundDisallowForUserScriptsExcept for {0} is [{1}]", Name, configBlacklistExceptions); OutboundUrlFilter.ParseConfigList( configBlacklist, Name, out m_blacklistNetworks, out m_blacklistEndPoints); OutboundUrlFilter.ParseConfigList( configBlacklistExceptions, Name, out m_blacklistExceptionNetworks, out m_blacklistExceptionEndPoints); }
/// <summary> /// Checks whether the given url is allowed by the filter. /// </summary> /// <returns></returns> public bool CheckAllowed(Uri url) { bool allowed = true; // Check that we are permitted to make calls to this endpoint. bool foundIpv4Address = false; IPAddress[] addresses = Dns.GetHostAddresses(url.Host); foreach (IPAddress addr in addresses) { if (addr.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork) { // m_log.DebugFormat("[OUTBOUND URL FILTER]: Found address [{0}]", addr); foundIpv4Address = true; // Check blacklist if (OutboundUrlFilter.IsInNetwork(addr, url.Port, m_blacklistNetworks, m_blacklistEndPoints, Name)) { // m_log.DebugFormat("[OUTBOUND URL FILTER]: Found [{0}] in blacklist for {1}", url, Name); // Check blacklist exceptions allowed = OutboundUrlFilter.IsInNetwork( addr, url.Port, m_blacklistExceptionNetworks, m_blacklistExceptionEndPoints, Name); // if (allowed) // m_log.DebugFormat("[OUTBOUND URL FILTER]: Found [{0}] in whitelist for {1}", url, Name); } } // Found at least one address in a blacklist and not a blacklist exception if (!allowed) { return(false); } // else // m_log.DebugFormat("[OUTBOUND URL FILTER]: URL [{0}] not in blacklist for {1}", url, Name); } // We do not know how to handle IPv6 securely yet. if (!foundIpv4Address) { return(false); } // m_log.DebugFormat("[OUTBOUND URL FILTER]: Allowing request [{0}]", url); return(allowed); }
public void Initialise(IConfigSource config) { m_outboundUrlFilter = new OutboundUrlFilter("Script dynamic texture image module", config); m_proxyurl = config.Configs["Startup"].GetString("HttpProxy"); m_proxyexcepts = config.Configs["Startup"].GetString("HttpProxyExceptions"); }
public void Initialise(IConfigSource config) { m_proxyurl = config.Configs["Startup"].GetString("HttpProxy"); m_proxyexcepts = config.Configs["Startup"].GetString("HttpProxyExceptions"); m_outboundUrlFilter = new OutboundUrlFilter("Script HTTP request module", config); int maxThreads = 15; IConfig httpConfig = config.Configs["HttpRequestModule"]; if (httpConfig != null) { maxThreads = httpConfig.GetInt("MaxPoolThreads", maxThreads); } m_pendingRequests = new Dictionary<UUID, HttpRequestClass>(); // First instance sets this up for all sims if (ThreadPool == null) { STPStartInfo startInfo = new STPStartInfo(); startInfo.IdleTimeout = 20000; startInfo.MaxWorkerThreads = maxThreads; startInfo.MinWorkerThreads = 1; startInfo.ThreadPriority = ThreadPriority.BelowNormal; startInfo.StartSuspended = true; startInfo.ThreadPoolName = "ScriptsHttpReq"; ThreadPool = new SmartThreadPool(startInfo); ThreadPool.Start(); } }
public void Initialise(IConfigSource config) { m_proxyurl = config.Configs["Startup"].GetString("HttpProxy"); m_proxyexcepts = config.Configs["Startup"].GetString("HttpProxyExceptions"); m_outboundUrlFilter = new OutboundUrlFilter("Script HTTP request module", config); m_pendingRequests = new Dictionary<UUID, HttpRequestClass>(); }