SL-13835 SSL verification should not crash on invalid certificate

author: Andrey Kleshchev <andreykproductengine@lindenlab.com> 2020-08-21 20:14:26 +0300
committer: Andrey Kleshchev <andreykproductengine@lindenlab.com> 2020-08-21 20:14:35 +0300
commit: b856745048212175eac19536e40cf563b874f6b4 (patch)
tree: 793da82ea3bbcd4ce565e545e24420c401a37804 /indra/newview/llsechandler_basic.cpp
parent: f72b5b8fd829a266316de743432545430810affb (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/indra/newview/llsechandler_basic.cpp b/indra/newview/llsechandler_basic.cpp
index 8e52480644..8a922aee4f 100644
--- a/indra/newview/llsechandler_basic.cpp
+++ b/indra/newview/llsechandler_basic.cpp
@@ -78,14 +78,16 @@ LLBasicCertificate::LLBasicCertificate(const std::string& pem_cert,
 	BIO * pem_bio = BIO_new_mem_buf((void*)pem_cert.c_str(), pem_cert.length());
 	if(pem_bio == NULL)
 	{
-		LL_ERRS("SECAPI") << "Could not allocate an openssl memory BIO." << LL_ENDL;
+        LL_WARNS("SECAPI") << "Could not allocate an openssl memory BIO." << LL_ENDL;
+        LLTHROW(LLAllocationCertException(LLSD::emptyMap()));
 	}
 	mCert = NULL;
 	PEM_read_bio_X509(pem_bio, &mCert, 0, NULL);
 	BIO_free(pem_bio);
 	if (!mCert)
 	{
-		LL_ERRS("SECAPI") << "Could not decode certificate to x509." << LL_ENDL;
+        LL_WARNS("SECAPI") << "Could not decode certificate to x509." << LL_ENDL;
+        LLTHROW(LLInvalidCertificate(LLSD::emptyMap()));
 	}
 }
author	Andrey Kleshchev <andreykproductengine@lindenlab.com>	2020-08-21 20:14:26 +0300
committer	Andrey Kleshchev <andreykproductengine@lindenlab.com>	2020-08-21 20:14:35 +0300
commit	b856745048212175eac19536e40cf563b874f6b4 (patch)
tree	793da82ea3bbcd4ce565e545e24420c401a37804 /indra/newview/llsechandler_basic.cpp
parent	f72b5b8fd829a266316de743432545430810affb (diff)