Security / Privacy
When a license server is configured with an http:// URL (rather than https://), PostSharp fetches the license lease over plaintext HTTP. The lease request includes the current Windows user name and machine name as query-string parameters, so these identifiers are transmitted in cleartext and are observable by anyone able to sniff the network path between the build machine and the license server.
License-server URL validation currently accepts both http and https schemes without distinction, so an http:// configuration is silently used as-is with no indication that the connection is unencrypted.
Proposed change
- When a license-server URL uses the
http scheme, emit a build warning (a new LicensingMessageSource diagnostic) advising the administrator to use https:// because the request transmits the user and machine names in cleartext.
- Add an MSBuild property (e.g.
PostSharpAllowInsecureLicenseServer, defaults to Warning, when set to Allow suppresses this specific warning, for environments where an internal http:// license server is a deliberate, accepted configuration. The value Error fails the build.
The change is additive and non-breaking: http:// license servers continue to work; the only new behavior is an opt-out-able warning.
Security / Privacy
When a license server is configured with an
http://URL (rather thanhttps://), PostSharp fetches the license lease over plaintext HTTP. The lease request includes the current Windows user name and machine name as query-string parameters, so these identifiers are transmitted in cleartext and are observable by anyone able to sniff the network path between the build machine and the license server.License-server URL validation currently accepts both
httpandhttpsschemes without distinction, so anhttp://configuration is silently used as-is with no indication that the connection is unencrypted.Proposed change
httpscheme, emit a build warning (a newLicensingMessageSourcediagnostic) advising the administrator to usehttps://because the request transmits the user and machine names in cleartext.PostSharpAllowInsecureLicenseServer, defaults toWarning, when set toAllowsuppresses this specific warning, for environments where an internalhttp://license server is a deliberate, accepted configuration. The valueErrorfails the build.The change is additive and non-breaking:
http://license servers continue to work; the only new behavior is an opt-out-able warning.