merge from viewer-public

author: Tofu Linden <tofu.linden@lindenlab.com> 2010-05-21 10:34:33 +0100
committer: Tofu Linden <tofu.linden@lindenlab.com> 2010-05-21 10:34:33 +0100
commit: 4bfe01fc3cea4b1534015931b077a2290b742324 (patch)
tree: 83475cd13d1dae8ccc4595f11ce1ae1d47f3fa94 /indra/newview/llsecapi.cpp
parent: b8921bc1b378d4bc0a84e2f0c9e1783c61340e0d (diff)
parent: 9eaf8eaf729193542f2b766eba5cbc624806a53f (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/indra/newview/llsecapi.cpp b/indra/newview/llsecapi.cpp
index 89b799f297..1caeec5b04 100644
--- a/indra/newview/llsecapi.cpp
+++ b/indra/newview/llsecapi.cpp
@@ -121,7 +121,10 @@ int secapiSSLCertVerifyCallback(X509_STORE_CTX *ctx, void *param)
 	validation_params[CERT_HOSTNAME] = uri.hostName();
 	try
 	{
-		chain->validate(VALIDATION_POLICY_SSL, store, validation_params);
+		// we rely on libcurl to validate the hostname, as libcurl does more extensive validation
+		// leaving our hostname validation call mechanism for future additions with respect to
+		// OS native (Mac keyring, windows CAPI) validation.
+		chain->validate(VALIDATION_POLICY_SSL & (~VALIDATION_POLICY_HOSTNAME), store, validation_params);
 	}
 	catch (LLCertValidationTrustException& cert_exception)
 	{
author	Tofu Linden <tofu.linden@lindenlab.com>	2010-05-21 10:34:33 +0100
committer	Tofu Linden <tofu.linden@lindenlab.com>	2010-05-21 10:34:33 +0100
commit	4bfe01fc3cea4b1534015931b077a2290b742324 (patch)
tree	83475cd13d1dae8ccc4595f11ce1ae1d47f3fa94 /indra/newview/llsecapi.cpp
parent	b8921bc1b378d4bc0a84e2f0c9e1783c61340e0d (diff)
parent	9eaf8eaf729193542f2b766eba5cbc624806a53f (diff)