aleajactaest/khanat-opennel-code
1
0
Fork 0
mirror of https://port.numenaute.org/aleajactaest/khanat-opennel-code.git synced 2024-09-19 19:20:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Changed: Keep track of HSTS header and rewrite http to https as needed

Browse source 
--HG--
branch : develop
This commit is contained in:
Nimetu 2017-07-11 22:23:38 +03:00
parent 63138ba784
commit 71d969c40b
6 changed files with 387 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
code/nel/include/nel/gui/group_html.h
View file

@ -793,7 +793,7 @@ namespace NLGUI
void doBrowseLocalFile(const std::string &filename);
// load remote content using either GET or POST
void doBrowseRemoteUrl(const std::string &url, const std::string &referer, bool doPost = false, const SFormFields &formfields = SFormFields());
void doBrowseRemoteUrl(std::string url, const std::string &referer, bool doPost = false, const SFormFields &formfields = SFormFields());
// render html string as new browser page
bool renderHtmlString(const std::string &html);
@ -861,7 +861,7 @@ namespace NLGUI
// BnpDownload system
void initBnpDownload();
void checkBnpDownload();
bool addBnpDownload(const std::string &url, const std::string &action, const std::string &script, const std::string &md5sum);
bool addBnpDownload(std::string url, const std::string &action, const std::string &script, const std::string &md5sum);
std::string localBnpName(const std::string &url);
void releaseDownloads();

73
code/nel/include/nel/gui/http_hsts.h Normal file
View file

@ -0,0 +1,73 @@
// Ryzom - MMORPG Framework <http://dev.ryzom.com/projects/ryzom/>
// Copyright (C) 2010 Winch Gate Property Limited
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
#ifndef CL_HTTP_HSTS_H
#define CL_HTTP_HSTS_H
#include "nel/misc/types_nl.h"
namespace NLGUI
{
// ********************************************************************************
struct SHSTSObject
{
public:
SHSTSObject(uint64 expires = 0, bool includeSubDomains = false)
: Expires(expires)
, IncludeSubDomains(includeSubDomains)
{ }
uint64 Expires;
bool IncludeSubDomains;
};
/**
* Keeping track of HSTS header
* \author Meelis Mägi (nimetu)
* \date 2017
*/
class CStrictTransportSecurity
{
public:
typedef std::map<std::string, SHSTSObject> THSTSObject;
static CStrictTransportSecurity* getInstance();
static void release();
public:
bool isSecureHost(const std::string &domain) const;
// ************************************************************************
void init(const std::string& fname);
void save();
void erase(const std::string &domain);
void set(const std::string &domain, uint64 expires, bool includeSubDomains);
bool get(const std::string &domain, SHSTSObject &hsts) const;
void setFromHeader(const std::string &domain, const std::string &header);
void serial(NLMISC::IStream& f);
private:
static CStrictTransportSecurity* instance;
~CStrictTransportSecurity();
std::string _Filename;
THSTSObject _Domains;
};
}
#endif

66
code/nel/src/gui/group_html.cpp
View file

@ -46,6 +46,7 @@
#include "nel/misc/big_file.h"
#include "nel/gui/url_parser.h"
#include "nel/gui/http_cache.h"
#include "nel/gui/http_hsts.h"
#include "nel/gui/curl_certificates.h"
using namespace std;
@ -71,6 +72,26 @@ namespace NLGUI
CGroupHTML::SWebOptions CGroupHTML::options;
// Return URL with https is host is in HSTS list
static std::string upgradeInsecureUrl(const std::string &url)
{
if (toLower(url.substr(0, 7)) != "http://") {
return url;
}
CUrlParser uri(url);
if (!CStrictTransportSecurity::getInstance()->isSecureHost(uri.host)){
return url;
}
#ifdef LOG_DL
nlwarning("HSTS url : '%s', using https", url.c_str());
#endif
uri.scheme = "https";
return uri.toString();
}
// Active cURL www transfer
class CCurlWWWData
{
@ -149,6 +170,27 @@ namespace NLGUI
return "";
}
bool hasHSTSHeader()
{
// ignore header if not secure connection
if (toLower(Url.substr(0, 8)) != "https://")
{
return false;
}
return HeadersRecv.count("strict-transport-security") > 0;
}
const std::string getHSTSHeader()
{
if (hasHSTSHeader())
{
return HeadersRecv["strict-transport-security"];
}
return "";
}
public:
CURL *Request;
@ -406,7 +448,7 @@ namespace NLGUI
// Add a image download request in the multi_curl
void CGroupHTML::addImageDownload(const string &url, CViewBase *img, const CStyleParams &style, TImageType type)
{
string finalUrl = getAbsoluteUrl(url);
string finalUrl = upgradeInsecureUrl(getAbsoluteUrl(url));
// Search if we are not already downloading this url.
for(uint i = 0; i < Curls.size(); i++)
@ -421,7 +463,7 @@ namespace NLGUI
}
}
// use requested url for local name
// use requested url for local name (cache)
string dest = localImageName(url);
#ifdef LOG_DL
nlwarning("add to download '%s' dest '%s' img %p", finalUrl.c_str(), dest.c_str(), img);
@ -467,8 +509,10 @@ namespace NLGUI
}
// Add a bnp download request in the multi_curl, return true if already downloaded
bool CGroupHTML::addBnpDownload(const string &url, const string &action, const string &script, const string &md5sum)
bool CGroupHTML::addBnpDownload(string url, const string &action, const string &script, const string &md5sum)
{
url = upgradeInsecureUrl(getAbsoluteUrl(url));
// Search if we are not already downloading this url.
for(uint i = 0; i < Curls.size(); i++)
{
@ -577,6 +621,12 @@ namespace NLGUI
#ifdef LOG_DL
nlwarning("(%s) web transfer '%p' completed with status %d, http %d, url (len %d) '%s'", _Id.c_str(), _CurlWWW->Request, res, code, _CurlWWW->Url.size(), _CurlWWW->Url.c_str());
#endif
// save HSTS header from all requests regardless of HTTP code
if (res == CURLE_OK && _CurlWWW->hasHSTSHeader())
{
CUrlParser uri(_CurlWWW->Url);
CStrictTransportSecurity::getInstance()->setFromHeader(uri.host, _CurlWWW->getHSTSHeader());
}
if (res != CURLE_OK)
{
@ -663,6 +713,12 @@ namespace NLGUI
#endif
curl_multi_remove_handle(MultiCurl, it->data->Request);
// save HSTS header from all requests regardless of HTTP code
if (res == CURLE_OK && it->data->hasHSTSHeader())
{
CStrictTransportSecurity::getInstance()->setFromHeader(uri.host, it->data->getHSTSHeader());
}
string tmpfile = it->dest + ".tmp";
if(res != CURLE_OK || r < 200 || r >= 300 || (!it->md5sum.empty() && (it->md5sum != getMD5(tmpfile).toString())))
{
@ -5239,7 +5295,7 @@ namespace NLGUI
}
// ***************************************************************************
void CGroupHTML::doBrowseRemoteUrl(const std::string &url, const std::string &referer, bool doPost, const SFormFields &formfields)
void CGroupHTML::doBrowseRemoteUrl(std::string url, const std::string &referer, bool doPost, const SFormFields &formfields)
{
// Stop previous request and remove content
stopBrowse ();
@ -5253,6 +5309,8 @@ namespace NLGUI
else
setTitle (_TitlePrefix + " - " + CI18N::get("uiPleaseWait"));
url = upgradeInsecureUrl(url);
#if LOG_DL
nlwarning("(%s) browse url (trusted=%s) '%s', referer='%s', post='%s', nb form values %d",
_Id.c_str(), (_TrustedDomain ? "true" :"false"), url.c_str(), referer.c_str(), (doPost ? "true" : "false"), formfields.Values.size());

245
code/nel/src/gui/http_hsts.cpp Normal file
View file

@ -0,0 +1,245 @@
// Ryzom - MMORPG Framework <http://dev.ryzom.com/projects/ryzom/>
// Copyright (C) 2010 Winch Gate Property Limited
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
#include "stdpch.h"
#include "nel/gui/http_hsts.h"
using namespace std;
using namespace NLMISC;
#ifdef DEBUG_NEW
#define new DEBUG_NEW
#endif
namespace NLGUI {
CStrictTransportSecurity* CStrictTransportSecurity::instance = NULL;
CStrictTransportSecurity* CStrictTransportSecurity::getInstance()
{
if (!instance)
{
instance= new CStrictTransportSecurity();
}
return instance;
}
void CStrictTransportSecurity::release()
{
delete instance;
instance = NULL;
}
CStrictTransportSecurity::~CStrictTransportSecurity()
{
save();
}
// ************************************************************************
bool CStrictTransportSecurity::isSecureHost(const std::string &domain) const
{
SHSTSObject hsts;
if (get(domain, hsts))
{
time_t currentTime;
time(&currentTime);
return (hsts.Expires < currentTime);
}
return false;
}
// ************************************************************************
void CStrictTransportSecurity::erase(const std::string &domain)
{
if (_Domains.count(domain) > 0)
{
_Domains.erase(domain);
}
}
void CStrictTransportSecurity::set(const std::string &domain, uint64 expires, bool includeSubDomains)
{
if (expires == 0)
{
erase(domain);
return;
}
_Domains[domain].Expires = expires;
_Domains[domain].IncludeSubDomains = includeSubDomains;
}
bool CStrictTransportSecurity::get(const std::string &domain, SHSTSObject &hsts) const
{
if (domain.empty() || _Domains.empty())
return false;
if (_Domains.count(domain) > 0)
{
hsts = _Domains.at(domain);
return true;
}
size_t firstOf = domain.find_first_of(".");
size_t lastOf = domain.find_last_of(".");
while(firstOf != lastOf)
{
std::string tmp;
tmp = domain.substr(firstOf+1);
if (_Domains.count(tmp))
{
if (_Domains.at(tmp).IncludeSubDomains)
{
hsts = _Domains.at(tmp);
return true;
}
return false;
}
firstOf = domain.find_first_of(".", firstOf + 1);
}
return false;
}
void CStrictTransportSecurity::init(const std::string &fname)
{
_Domains.clear();
_Filename = fname;
if (_Filename.empty() || !CFile::fileExists(_Filename))
{
return;
}
CIFile in;
if (!in.open(_Filename))
{
nlwarning("Unable to open %s for reading", _Filename.c_str());
return;
}
serial(in);
}
void CStrictTransportSecurity::save()
{
if (_Filename.empty())
return;
if (_Domains.empty())
{
CFile::deleteFile(_Filename);
return;
}
COFile out;
if (!out.open(_Filename))
{
nlwarning("Unable to open %s for writing", _Filename.c_str());
return;
}
serial(out);
out.close();
}
void CStrictTransportSecurity::serial(NLMISC::IStream& f)
{
try
{
f.serialVersion(1);
// HSTS
f.serialCheck(NELID("STSH"));
if (f.isReading())
{
uint32 nbItems;
f.serial(nbItems);
for(uint32 k = 0; k < nbItems; ++k)
{
std::string domain;
f.serial(domain);
f.serial(_Domains[domain].Expires);
f.serial(_Domains[domain].IncludeSubDomains);
}
}
else
{
uint32 nbItems = _Domains.size();
f.serial(nbItems);
for (THSTSObject::iterator it = _Domains.begin(); it != _Domains.end(); ++it)
{
std::string domain(it->first);
f.serial(domain);
f.serial(_Domains[domain].Expires);
f.serial(_Domains[domain].IncludeSubDomains);
}
}
}
catch (...)
{
_Domains.clear();
nlwarning("Invalid HTST file format (%s)", _Filename.c_str());
}
}
// ***************************************************************************
void CStrictTransportSecurity::setFromHeader(const std::string &domain, const std::string &header)
{
// max-age=<seconds>; includeSubdomains; preload;
std::vector<std::string> elements;
NLMISC::splitString(toLower(header), ";", elements);
if (elements.empty()) return;
time_t currentTime;
time(&currentTime);
uint64 expire = 0;
bool includeSubDomains = false;
for(uint i=0; i< elements.size(); ++i)
{
std::string str(trim(elements[i]));
if (str.substr(0, 8) == "max-age=")
{
uint64 ttl;
if (fromString(str.substr(8), ttl))
{
if (ttl > 0)
{
expire = currentTime + ttl;
}
}
}
else if (str == "includesubdomains")
{
includeSubDomains = true;
}
}
if (expire == 0)
{
erase(domain);
}
else
{
set(domain, expire, includeSubDomains);
}
}
}

3
code/ryzom/client/src/init.cpp
View file

@ -69,6 +69,7 @@
#include "interface_v3/sbrick_manager.h"
#include "nel/gui/widget_manager.h"
#include "nel/gui/http_cache.h"
#include "nel/gui/http_hsts.h"
//
#include "gabarit.h"
#include "hair_set.h"
@ -1370,6 +1371,8 @@ void prelogInit()
CHttpCache::getInstance()->setCacheIndex("cache/cache.index");
CHttpCache::getInstance()->init();
CStrictTransportSecurity::getInstance()->init("save/hsts-list.save");
// Register the reflected classes
registerInterfaceElements();

2
code/ryzom/client/src/release.cpp
View file

@ -95,6 +95,7 @@
#include "nel/gui/lua_manager.h"
#include "item_group_manager.h"
#include "nel/gui/http_cache.h"
#include "nel/gui/http_hsts.h"
///////////
// USING //
@ -688,6 +689,7 @@ void release()
CViewRenderer::release();
CIXml::releaseLibXml();
CHttpCache::release();
CStrictTransportSecurity::release();
#if FINAL_VERSION
// openURL ("http://www.ryzomcore.org/exit/");