diff options
author | Andrey Kleshchev <andreykproductengine@lindenlab.com> | 2021-01-20 20:19:28 +0200 |
---|---|---|
committer | Andrey Kleshchev <andreykproductengine@lindenlab.com> | 2021-01-25 21:13:47 +0200 |
commit | 0d324bb24db49f6f28d7e7f14fd69e7676de8fe6 (patch) | |
tree | 613a01566303343b0621183937c697bb1e738326 /indra | |
parent | 83127d22992e055b40298724d0cac0de108b6116 (diff) |
SL-12422 Clear cert cache to enshure there is no carry-over between failed logins
Diffstat (limited to 'indra')
-rw-r--r-- | indra/newview/llsecapi.h | 4 | ||||
-rw-r--r-- | indra/newview/llsechandler_basic.h | 5 | ||||
-rw-r--r-- | indra/newview/llstartup.cpp | 5 |
3 files changed, 12 insertions, 2 deletions
diff --git a/indra/newview/llsecapi.h b/indra/newview/llsecapi.h index 14059f828a..3a7b06c55a 100644 --- a/indra/newview/llsecapi.h +++ b/indra/newview/llsecapi.h @@ -264,7 +264,9 @@ public: virtual void validate(int validation_policy, LLPointer<LLCertificateChain> cert_chain, const LLSD& validation_params) =0; - + + // Clear cache if any + virtual void clearSertCache()=0; }; diff --git a/indra/newview/llsechandler_basic.h b/indra/newview/llsechandler_basic.h index 0bc7f5230f..3bfac3f056 100644 --- a/indra/newview/llsechandler_basic.h +++ b/indra/newview/llsechandler_basic.h @@ -177,7 +177,10 @@ public: virtual void validate(int validation_policy, LLPointer<LLCertificateChain> ca_chain, const LLSD& validation_params); - + + // Clears cache of certs validated agains store + virtual void clearSertCache() { mTrustedCertCache.clear(); } + protected: std::vector<LLPointer<LLCertificate> > mCerts; diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 17777c3ceb..194702e43e 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -2824,6 +2824,11 @@ void reset_login() // Hide any other stuff LLFloaterReg::hideVisibleInstances(); LLStartUp::setStartupState( STATE_BROWSER_INIT ); + + // Clear any verified certs and verify them again on next login + // to ensure cert matches server instead of just getting reused + LLPointer<LLCertificateStore> store = gSecAPIHandler->getCertificateStore(""); + store->clearSertCache(); } //--------------------------------------------------------------------------- |