From fd1d99dda5c0e6351de96bff206339d9570c469a Mon Sep 17 00:00:00 2001 From: Matt Richardson Date: Fri, 17 Mar 2023 09:39:18 +1100 Subject: [PATCH] Add support to disable ignoring SSL errors (#129) * Add support to disable ignoring SSL errors * Cant use ctor injection of IConfiguration * Remove unnecessary changes * PR feedback * Default `Server:IgnoreSslErrors` to false --- docs/Configuration.md | 9 +++ .../AnalyticsReportEventsObserver.cs | 56 +++++++++++++++---- .../Reporter/Http/HttpClientHandlerFactory.cs | 16 ++++-- 3 files changed, 65 insertions(+), 16 deletions(-) diff --git a/docs/Configuration.md b/docs/Configuration.md index 9832a0af..c1918897 100644 --- a/docs/Configuration.md +++ b/docs/Configuration.md @@ -33,7 +33,16 @@ It's easier to define some property in any textual file. Agent finds all these f ## Environment variables Sometimes it's useful to specify configuration properties via environment variables. To specify `Section1:PropertyAbc` property just set environment variable with `ReportPortal_Section1_PropertyAbc` or `ReportPortal__Section1__PropertyAbc` name. We provide ability use `_` or `__` as a delimiter of nested variables. In case if you decided to use `_` as a delimiter, variable names should be started from `RP_` or `ReportPortal_`. Otherwise, variable names should be started from `RP__` or `ReportPortal__`. Variable names are case-insensitive. +# General + +`Server:Project` - the name of your (pre-existing) project in ReportPortal server. + # HTTP + +`Server:Url` - url to your ReportPortal server, including protocol and ports, e.g. `https://reportportal.example.com` or `https://reportportal.example.com:8080`. +`Server:Authentication:Uuid` - access token to submit results to ReportPortal. You can find this in your user profile. +`Server:IgnoreSslErrors` - ignores SSL / TLS errors. Defaults to `false`. This can be helpful when using self-signed certificates, however this can make the connection susceptible to [man-in-the-middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) attacks. + ## Proxy `Server:Proxy:Url` - url to proxy server to be used for http requests like `http://myproxy.corp:8080`. `Server:Proxy:Username`, `Server:Proxy:Domain` and `Server:Proxy:Password` to specify credentials for proxy server which require authorization. diff --git a/src/ReportPortal.Shared/Extensibility/Embedded/Analytics/AnalyticsReportEventsObserver.cs b/src/ReportPortal.Shared/Extensibility/Embedded/Analytics/AnalyticsReportEventsObserver.cs index c0dea671..badf62ac 100644 --- a/src/ReportPortal.Shared/Extensibility/Embedded/Analytics/AnalyticsReportEventsObserver.cs +++ b/src/ReportPortal.Shared/Extensibility/Embedded/Analytics/AnalyticsReportEventsObserver.cs @@ -1,9 +1,11 @@ using ReportPortal.Shared.Extensibility.ReportEvents; using ReportPortal.Shared.Internal.Logging; using System; +using System.Net; using System.Net.Http; using System.Reflection; using System.Threading.Tasks; +using ReportPortal.Shared.Configuration; namespace ReportPortal.Shared.Extensibility.Embedded.Analytics { @@ -24,18 +26,10 @@ public class AnalyticsReportEventsObserver : IReportEventsObserver, IDisposable private readonly string _platformVersion; - private readonly HttpClient _httpClient; + private HttpClient _httpClient; + private readonly object _httpClientLock = new object(); - public AnalyticsReportEventsObserver() : this(new HttpClientHandler - { -#if !NET462 - ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { return true; } -#endif - }) - { - } - - public AnalyticsReportEventsObserver(HttpMessageHandler httpHandler) + public AnalyticsReportEventsObserver() { _clientId = Guid.NewGuid().ToString(); @@ -47,7 +41,10 @@ public AnalyticsReportEventsObserver(HttpMessageHandler httpHandler) #else _platformVersion = AppDomain.CurrentDomain.SetupInformation.TargetFrameworkName; #endif + } + public AnalyticsReportEventsObserver(HttpMessageHandler httpHandler) : this() + { _httpClient = new HttpClient(httpHandler) { BaseAddress = new Uri(BASE_URI) @@ -103,6 +100,39 @@ public void Initialize(IReportEventsSource reportEventsSource) private Task _sendGaUsageTask; + HttpClient GetHttpClient(IConfiguration configuration) + { + if (_httpClient != null) + return _httpClient; + + lock (_httpClientLock) + { + if (_httpClient != null) + return _httpClient; + + var handler = new HttpClientHandler(); + var ignoreSslErrors = configuration.GetValue("Server:IgnoreSslErrors", false); + +#if NET462 + if (ignoreSslErrors) + { + ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; + } +#else + if (ignoreSslErrors) + { + handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true; + } +#endif + _httpClient = new HttpClient(handler) + { + BaseAddress = new Uri(BASE_URI) + }; + } + + return _httpClient; + } + private void ReportEventsSource_OnBeforeLaunchStarting(Reporter.ILaunchReporter launchReporter, ReportEvents.EventArgs.BeforeLaunchStartingEventArgs args) { if (args.Configuration.GetValue("Analytics:Enabled", true)) @@ -112,12 +142,14 @@ private void ReportEventsSource_OnBeforeLaunchStarting(Reporter.ILaunchReporter var requestData = $"/collect?v=1&tid={MEASUREMENT_ID}&cid={_clientId}&t=event&ec={category}&ea=Start launch&el={label}"; + var httpClient = GetHttpClient(args.Configuration); + // schedule tracking request _sendGaUsageTask = Task.Run(async () => { try { - using (var response = await _httpClient.PostAsync(requestData, null)) + using (var response = await httpClient.PostAsync(requestData, null)) { response.EnsureSuccessStatusCode(); } diff --git a/src/ReportPortal.Shared/Reporter/Http/HttpClientHandlerFactory.cs b/src/ReportPortal.Shared/Reporter/Http/HttpClientHandlerFactory.cs index be29c8fb..83960814 100644 --- a/src/ReportPortal.Shared/Reporter/Http/HttpClientHandlerFactory.cs +++ b/src/ReportPortal.Shared/Reporter/Http/HttpClientHandlerFactory.cs @@ -36,11 +36,19 @@ public virtual HttpClientHandler Create() httpClientHandler.Proxy = GetProxy(); -#if NETSTANDARD2_0 - httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { return true; }; -#else - ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; + var ignoreSslErrors = Configuration.GetValue("Server:IgnoreSslErrors", false); + +#if NET462 + if (ignoreSslErrors) + { + ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; + } ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12; +#else + if (ignoreSslErrors) + { + httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { return true; }; + } #endif return httpClientHandler;