summaryrefslogtreecommitdiff
path: root/indra/newview
diff options
context:
space:
mode:
authorRoxie Linden <roxie@lindenlab.com>2010-05-24 16:21:29 -0700
committerRoxie Linden <roxie@lindenlab.com>2010-05-24 16:21:29 -0700
commit32ad37b3f7ca48564bd15de2664f323ad4a2d367 (patch)
treeb12d39a82ff0b9548f294f122ac904d78ae2bfac /indra/newview
parenta7d1c68c787fcccf888632b9787c4cc9b30393f7 (diff)
Few more touchups for the cert performance code
Diffstat (limited to 'indra/newview')
-rw-r--r--indra/newview/llsechandler_basic.cpp5
-rw-r--r--indra/newview/tests/llsechandler_basic_test.cpp10
2 files changed, 11 insertions, 4 deletions
diff --git a/indra/newview/llsechandler_basic.cpp b/indra/newview/llsechandler_basic.cpp
index a81cde3126..5f24d4398a 100644
--- a/indra/newview/llsechandler_basic.cpp
+++ b/indra/newview/llsechandler_basic.cpp
@@ -1006,7 +1006,7 @@ void LLBasicCertificateStore::validate(int validation_policy,
const LLSD& validation_params)
{
- if(size() < 1)
+ if(cert_chain->size() < 1)
{
throw LLCertException(NULL, "No certs in chain");
}
@@ -1160,9 +1160,8 @@ void LLBasicCertificateStore::validate(int validation_policy,
}
if (validation_policy & VALIDATION_POLICY_TRUSTED)
{
- LLPointer<LLCertificate> untrusted_ca_cert = (*this)[size()-1];
// we reached the end without finding a trusted cert.
- throw LLCertValidationTrustException((*this)[size()-1]);
+ throw LLCertValidationTrustException((*cert_chain)[cert_chain->size()-1]);
}
mTrustedCertCache[sha1_hash] = std::pair<LLDate, LLDate>(from_time, to_time);
diff --git a/indra/newview/tests/llsechandler_basic_test.cpp b/indra/newview/tests/llsechandler_basic_test.cpp
index dfbd596d39..df0673a159 100644
--- a/indra/newview/tests/llsechandler_basic_test.cpp
+++ b/indra/newview/tests/llsechandler_basic_test.cpp
@@ -963,8 +963,15 @@ namespace tut
// basic failure cases
test_chain = new LLBasicCertificateChain(NULL);
- //validate with only the child cert
+ //validate with only the child cert in chain, but child cert was previously
+ // trusted
test_chain->add(new LLBasicCertificate(mX509ChildCert));
+
+ // validate without the trust flag.
+ test_store->validate(VALIDATION_POLICY_TRUSTED, test_chain, validation_params);
+
+ // Validate with child cert but no parent, and no parent in CA store
+ test_store = new LLBasicCertificateStore("mycertstore.pem");
ensure_throws("no CA, with only a child cert",
LLCertValidationTrustException,
(*test_chain)[0],
@@ -1033,6 +1040,7 @@ namespace tut
test_chain = new LLBasicCertificateChain(NULL);
test_chain->add(new LLBasicCertificate(mX509TestCert));
+ test_store = new LLBasicCertificateStore("mycertstore.pem");
ensure_throws("Cert doesn't have ku",
LLCertKeyUsageValidationException,
(*test_chain)[0],