merge from viewer-public

author: Tofu Linden <tofu.linden@lindenlab.com> 2010-05-21 10:34:33 +0100
committer: Tofu Linden <tofu.linden@lindenlab.com> 2010-05-21 10:34:33 +0100
commit: 57602c9c77cb594a81a5f803382c1786435e38ab (patch)
tree: 83475cd13d1dae8ccc4595f11ce1ae1d47f3fa94 /indra/newview/llsecapi.cpp
parent: f9eb0588436ca79b0286051f2bcfba0c9785ffef (diff)
parent: 9eaf8eaf729193542f2b766eba5cbc624806a53f (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/indra/newview/llsecapi.cpp b/indra/newview/llsecapi.cpp
index 89b799f297..1caeec5b04 100644
--- a/indra/newview/llsecapi.cpp
+++ b/indra/newview/llsecapi.cpp
@@ -121,7 +121,10 @@ int secapiSSLCertVerifyCallback(X509_STORE_CTX *ctx, void *param)
 	validation_params[CERT_HOSTNAME] = uri.hostName();
 	try
 	{
-		chain->validate(VALIDATION_POLICY_SSL, store, validation_params);
+		// we rely on libcurl to validate the hostname, as libcurl does more extensive validation
+		// leaving our hostname validation call mechanism for future additions with respect to
+		// OS native (Mac keyring, windows CAPI) validation.
+		chain->validate(VALIDATION_POLICY_SSL & (~VALIDATION_POLICY_HOSTNAME), store, validation_params);
 	}
 	catch (LLCertValidationTrustException& cert_exception)
 	{
author	Tofu Linden <tofu.linden@lindenlab.com>	2010-05-21 10:34:33 +0100
committer	Tofu Linden <tofu.linden@lindenlab.com>	2010-05-21 10:34:33 +0100
commit	57602c9c77cb594a81a5f803382c1786435e38ab (patch)
tree	83475cd13d1dae8ccc4595f11ce1ae1d47f3fa94 /indra/newview/llsecapi.cpp
parent	f9eb0588436ca79b0286051f2bcfba0c9785ffef (diff)
parent	9eaf8eaf729193542f2b766eba5cbc624806a53f (diff)