summaryrefslogtreecommitdiff
path: root/indra/llcorehttp
diff options
context:
space:
mode:
Diffstat (limited to 'indra/llcorehttp')
-rw-r--r--indra/llcorehttp/_httpoprequest.cpp4
-rw-r--r--indra/llcorehttp/httpoptions.cpp11
-rw-r--r--indra/llcorehttp/httpoptions.h11
3 files changed, 22 insertions, 4 deletions
diff --git a/indra/llcorehttp/_httpoprequest.cpp b/indra/llcorehttp/_httpoprequest.cpp
index 408adbde2b..7bea8e9f9c 100644
--- a/indra/llcorehttp/_httpoprequest.cpp
+++ b/indra/llcorehttp/_httpoprequest.cpp
@@ -1017,8 +1017,8 @@ CURLcode HttpOpRequest::curlSslCtxCallback(CURL *curl, void *sslctx, void *userd
}
else
{
- // disable any default verification for server certs
- // Ex: setting urls (assume non-SL) for parcel media in LLFloaterURLEntry
+ // disable any default verification for server certs
+ // Ex: setting urls (assume non-SL) for parcel media in LLFloaterURLEntry
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
}
// set the verification callback.
diff --git a/indra/llcorehttp/httpoptions.cpp b/indra/llcorehttp/httpoptions.cpp
index df5aa52fa9..c6365e5091 100644
--- a/indra/llcorehttp/httpoptions.cpp
+++ b/indra/llcorehttp/httpoptions.cpp
@@ -32,6 +32,7 @@
namespace LLCore
{
+ bool HttpOptions::sDefaultVerifyPeer = false;
HttpOptions::HttpOptions() :
mWantHeaders(false),
@@ -43,7 +44,7 @@ HttpOptions::HttpOptions() :
mMaxRetryBackoff(HTTP_RETRY_BACKOFF_MAX_DEFAULT),
mUseRetryAfter(HTTP_USE_RETRY_AFTER_DEFAULT),
mFollowRedirects(true),
- mVerifyPeer(false),
+ mVerifyPeer(sDefaultVerifyPeer),
mVerifyHost(false),
mDNSCacheTimeout(-1L),
mNoBody(false)
@@ -122,7 +123,15 @@ void HttpOptions::setHeadersOnly(bool nobody)
{
mNoBody = nobody;
if (mNoBody)
+ {
setWantHeaders(true);
+ setSSLVerifyPeer(false);
+ }
+}
+
+void HttpOptions::setDefaultSSLVerifyPeer(bool verify)
+{
+ sDefaultVerifyPeer = verify;
}
} // end namespace LLCore
diff --git a/indra/llcorehttp/httpoptions.h b/indra/llcorehttp/httpoptions.h
index 8a6de61b04..41f71896b0 100644
--- a/indra/llcorehttp/httpoptions.h
+++ b/indra/llcorehttp/httpoptions.h
@@ -143,7 +143,7 @@ public:
/// Instructs the LLCore::HTTPRequest to verify that the exchanged security
/// certificate is authentic.
- /// Default: false
+ /// Default: sDefaultVerifyPeer
void setSSLVerifyPeer(bool verify);
bool getSSLVerifyPeer() const
{
@@ -177,6 +177,13 @@ public:
{
return mNoBody;
}
+
+ /// Sets default behavior for verifying that the name in the
+ /// security certificate matches the name of the host contacted.
+ /// Defaults false if not set, but should be set according to
+ /// viewer's initialization options and command argunments, see
+ /// NoVerifySSLCert
+ static void setDefaultSSLVerifyPeer(bool verify);
protected:
bool mWantHeaders;
@@ -192,6 +199,8 @@ protected:
bool mVerifyHost;
int mDNSCacheTimeout;
bool mNoBody;
+
+ static bool sDefaultVerifyPeer;
}; // end class HttpOptions