Add support to disable ignoring SSL errors (#129)

* Add support to disable ignoring SSL errors * Cant use ctor injection of IConfiguration * Remove unnecessary changes * PR feedback * Default `Server:IgnoreSslErrors` to false
reportportal · Mar 16, 2023 · fd1d99d · fd1d99d
1 parent 26b3c41
commit fd1d99d
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 16 deletions.
diff --git a/docs/Configuration.md b/docs/Configuration.md
@@ -33,7 +33,16 @@ It's easier to define some property in any textual file. Agent finds all these f
 ## Environment variables
 Sometimes it's useful to specify configuration properties via environment variables. To specify `Section1:PropertyAbc` property just set environment variable with `ReportPortal_Section1_PropertyAbc` or `ReportPortal__Section1__PropertyAbc` name. We provide ability use `_` or `__` as a delimiter of nested variables. In case if you decided to use `_` as a delimiter, variable names should be started from `RP_` or `ReportPortal_`. Otherwise, variable names should be started from `RP__` or `ReportPortal__`. Variable names are case-insensitive.
 
+# General
+
+`Server:Project` - the name of your (pre-existing) project in ReportPortal server.
+
 # HTTP
+
+`Server:Url` - url to your ReportPortal server, including protocol and ports, e.g. `https://reportportal.example.com` or `https://reportportal.example.com:8080`.
+`Server:Authentication:Uuid` - access token to submit results to ReportPortal. You can find this in your user profile.
+`Server:IgnoreSslErrors` - ignores SSL / TLS errors. Defaults to `false`. This can be helpful when using self-signed certificates, however this can make the connection susceptible to [man-in-the-middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) attacks.
+
 ## Proxy
 `Server:Proxy:Url` - url to proxy server to be used for http requests like `http://myproxy.corp:8080`.
 `Server:Proxy:Username`, `Server:Proxy:Domain` and `Server:Proxy:Password` to specify credentials for proxy server which require authorization.

diff --git a/src/ReportPortal.Shared/Extensibility/Embedded/Analytics/AnalyticsReportEventsObserver.cs b/src/ReportPortal.Shared/Extensibility/Embedded/Analytics/AnalyticsReportEventsObserver.cs
@@ -1,9 +1,11 @@
 using ReportPortal.Shared.Extensibility.ReportEvents;
 using ReportPortal.Shared.Internal.Logging;
 using System;
+using System.Net;
 using System.Net.Http;
 using System.Reflection;
 using System.Threading.Tasks;
+using ReportPortal.Shared.Configuration;
 
 namespace ReportPortal.Shared.Extensibility.Embedded.Analytics
 {
@@ -24,18 +26,10 @@ public class AnalyticsReportEventsObserver : IReportEventsObserver, IDisposable
 
         private readonly string _platformVersion;
 
-        private readonly HttpClient _httpClient;
+        private HttpClient _httpClient;
+        private readonly object _httpClientLock = new object();
 
-        public AnalyticsReportEventsObserver() : this(new HttpClientHandler
-        {
-#if !NET462
-            ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { return true; }
-#endif
-        })
-        {
-        }
-
-        public AnalyticsReportEventsObserver(HttpMessageHandler httpHandler)
+        public AnalyticsReportEventsObserver()
         {
             _clientId = Guid.NewGuid().ToString();
 
@@ -47,7 +41,10 @@ public AnalyticsReportEventsObserver(HttpMessageHandler httpHandler)
 #else
             _platformVersion = AppDomain.CurrentDomain.SetupInformation.TargetFrameworkName;
 #endif
+        }
 
+        public AnalyticsReportEventsObserver(HttpMessageHandler httpHandler) : this()
+        {
             _httpClient = new HttpClient(httpHandler)
             {
                 BaseAddress = new Uri(BASE_URI)
@@ -103,6 +100,39 @@ public void Initialize(IReportEventsSource reportEventsSource)
 
         private Task _sendGaUsageTask;
 
+        HttpClient GetHttpClient(IConfiguration configuration)
+        {
+            if (_httpClient != null) 
+                return _httpClient;
+
+            lock (_httpClientLock)
+            {
+                if (_httpClient != null) 
+                    return _httpClient;
+
+                var handler = new HttpClientHandler();
+                var ignoreSslErrors = configuration.GetValue<bool>("Server:IgnoreSslErrors", false);
+
+#if NET462
+                if (ignoreSslErrors)
+                {
+                    ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
+                }
+#else
+                if (ignoreSslErrors) 
+                {
+                    handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => true;
+                }
+#endif
+                _httpClient = new HttpClient(handler)
+                {
+                    BaseAddress = new Uri(BASE_URI)
+                };
+            }
+
+            return _httpClient;
+        }
+
         private void ReportEventsSource_OnBeforeLaunchStarting(Reporter.ILaunchReporter launchReporter, ReportEvents.EventArgs.BeforeLaunchStartingEventArgs args)
         {
             if (args.Configuration.GetValue("Analytics:Enabled", true))
@@ -112,12 +142,14 @@ private void ReportEventsSource_OnBeforeLaunchStarting(Reporter.ILaunchReporter
 
                 var requestData = $"/collect?v=1&tid={MEASUREMENT_ID}&cid={_clientId}&t=event&ec={category}&ea=Start launch&el={label}";
 
+                var httpClient = GetHttpClient(args.Configuration);
+
                 // schedule tracking request
                 _sendGaUsageTask = Task.Run(async () =>
                 {
                     try
                     {
-                        using (var response = await _httpClient.PostAsync(requestData, null))
+                        using (var response = await httpClient.PostAsync(requestData, null))
                         {
                             response.EnsureSuccessStatusCode();
                         }

diff --git a/src/ReportPortal.Shared/Reporter/Http/HttpClientHandlerFactory.cs b/src/ReportPortal.Shared/Reporter/Http/HttpClientHandlerFactory.cs
@@ -36,11 +36,19 @@ public virtual HttpClientHandler Create()
 
             httpClientHandler.Proxy = GetProxy();
 
-#if NETSTANDARD2_0
-            httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { return true; };
-#else
-            ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
+            var ignoreSslErrors = Configuration.GetValue<bool>("Server:IgnoreSslErrors", false);
+
+#if NET462
+            if (ignoreSslErrors)
+            {
+                ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
+            }
             ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;
+#else
+            if (ignoreSslErrors)            
+            {
+                httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { return true; };
+            }
 #endif
 
             return httpClientHandler;