diff options
| author | Roxie Linden <roxie@lindenlab.com> | 2010-05-24 13:59:10 -0700 |
|---|---|---|
| committer | Roxie Linden <roxie@lindenlab.com> | 2010-05-24 13:59:10 -0700 |
| commit | 1ad46b5cd0fcac0d3224d37d555092258593eabd (patch) | |
| tree | 5bc8367b34ab8b6cc41d16e852cdff494f1fad62 /indra/newview/llsecapi.h | |
| parent | 0c55c8a0b8fa7befcb5303bf5858501ff7bb872e (diff) | |
DEV-50173 - investigate certificate code performance
DEV-50166 - LLBasicCertificateChain::validate calls in log
Added caching of certificates that have been validated.
The sha1 hash for the certificate is stored and is associated
with the from and to times. When the certificate is validated,
the code determines whether the certificate has successfully
been validated before by looking for it in the cache, and then
checks the date of the cert. If that is successful,
the validation calls with success.
Otherwise, it proceeds to do a full validation of the certificate.
Diffstat (limited to 'indra/newview/llsecapi.h')
| -rw-r--r-- | indra/newview/llsecapi.h | 31 |
1 files changed, 15 insertions, 16 deletions
diff --git a/indra/newview/llsecapi.h b/indra/newview/llsecapi.h index 59a1e1eff0..5a1a3879d4 100644 --- a/indra/newview/llsecapi.h +++ b/indra/newview/llsecapi.h @@ -154,7 +154,7 @@ public: // return an LLSD object containing information about the certificate // such as its name, signature, expiry time, serial number - virtual LLSD getLLSD() const=0; + virtual void getLLSD(LLSD& llsd)=0; // return an openSSL X509 struct for the certificate virtual X509* getOpenSSLX509() const=0; @@ -231,6 +231,18 @@ public: virtual LLPointer<LLCertificate> erase(iterator cert)=0; }; +// class LLCertificateChain +// Class representing a chain of certificates in order, with the +// first element being the child cert. +class LLCertificateChain : virtual public LLCertificateVector +{ + +public: + LLCertificateChain() {} + + virtual ~LLCertificateChain() {} + +}; // class LLCertificateStore // represents a store of certificates, typically a store of root CA @@ -250,30 +262,17 @@ public: // return the store id virtual std::string storeId() const=0; -}; - -// class LLCertificateChain -// Class representing a chain of certificates in order, with the -// first element being the child cert. -class LLCertificateChain : virtual public LLCertificateVector -{ - -public: - LLCertificateChain() {} - virtual ~LLCertificateChain() {} - // validate a certificate chain given the params. // Will throw exceptions on error virtual void validate(int validation_policy, - LLPointer<LLCertificateStore> ca_store, + LLPointer<LLCertificateChain> cert_chain, const LLSD& validation_params) =0; + }; - - inline bool operator==(const LLCertificateVector::iterator& _lhs, const LLCertificateVector::iterator& _rhs) { |