diff options
| author | Andrey Kleshchev <andreykproductengine@lindenlab.com> | 2020-09-11 16:31:15 +0300 |
|---|---|---|
| committer | Andrey Kleshchev <andreykproductengine@lindenlab.com> | 2020-09-11 16:32:19 +0300 |
| commit | 8c8eac256bdb51fdf9e6e297280b2017d26c3588 (patch) | |
| tree | a679d8fb8fc171ab3f4c09500238112acad8f836 /indra/llcorehttp | |
| parent | 45758daa8a1f388f5881f5025063e13b10ff7721 (diff) | |
SL-13927 Turn SSL verification On for all SL services in viewer
Diffstat (limited to 'indra/llcorehttp')
| -rw-r--r-- | indra/llcorehttp/httpoptions.cpp | 11 | ||||
| -rw-r--r-- | indra/llcorehttp/httpoptions.h | 11 |
2 files changed, 20 insertions, 2 deletions
diff --git a/indra/llcorehttp/httpoptions.cpp b/indra/llcorehttp/httpoptions.cpp index df5aa52fa9..c6365e5091 100644 --- a/indra/llcorehttp/httpoptions.cpp +++ b/indra/llcorehttp/httpoptions.cpp @@ -32,6 +32,7 @@ namespace LLCore { + bool HttpOptions::sDefaultVerifyPeer = false; HttpOptions::HttpOptions() : mWantHeaders(false), @@ -43,7 +44,7 @@ HttpOptions::HttpOptions() : mMaxRetryBackoff(HTTP_RETRY_BACKOFF_MAX_DEFAULT), mUseRetryAfter(HTTP_USE_RETRY_AFTER_DEFAULT), mFollowRedirects(true), - mVerifyPeer(false), + mVerifyPeer(sDefaultVerifyPeer), mVerifyHost(false), mDNSCacheTimeout(-1L), mNoBody(false) @@ -122,7 +123,15 @@ void HttpOptions::setHeadersOnly(bool nobody) { mNoBody = nobody; if (mNoBody) + { setWantHeaders(true); + setSSLVerifyPeer(false); + } +} + +void HttpOptions::setDefaultSSLVerifyPeer(bool verify) +{ + sDefaultVerifyPeer = verify; } } // end namespace LLCore diff --git a/indra/llcorehttp/httpoptions.h b/indra/llcorehttp/httpoptions.h index 8a6de61b04..41f71896b0 100644 --- a/indra/llcorehttp/httpoptions.h +++ b/indra/llcorehttp/httpoptions.h @@ -143,7 +143,7 @@ public: /// Instructs the LLCore::HTTPRequest to verify that the exchanged security /// certificate is authentic. - /// Default: false + /// Default: sDefaultVerifyPeer void setSSLVerifyPeer(bool verify); bool getSSLVerifyPeer() const { @@ -177,6 +177,13 @@ public: { return mNoBody; } + + /// Sets default behavior for verifying that the name in the + /// security certificate matches the name of the host contacted. + /// Defaults false if not set, but should be set according to + /// viewer's initialization options and command argunments, see + /// NoVerifySSLCert + static void setDefaultSSLVerifyPeer(bool verify); protected: bool mWantHeaders; @@ -192,6 +199,8 @@ protected: bool mVerifyHost; int mDNSCacheTimeout; bool mNoBody; + + static bool sDefaultVerifyPeer; }; // end class HttpOptions |