1 files changed, 23 insertions, 25 deletions

diff --git a/indra/newview/llsecapi.cpp b/indra/newview/llsecapi.cpp
index 89b799f297..43bb7b1596 100644
--- a/indra/newview/llsecapi.cpp
+++ b/indra/newview/llsecapi.cpp
@@ -3,30 +3,25 @@
  * @brief Security API for services such as certificate handling
  * secure local storage, etc.
  *
- * $LicenseInfo:firstyear=2009&license=viewergpl$
- * 
- * Copyright (c) 2009, Linden Research, Inc.
- * 
+ * $LicenseInfo:firstyear=2009&license=viewerlgpl$
  * Second Life Viewer Source Code
- * The source code in this file ("Source Code") is provided by Linden Lab
- * to you under the terms of the GNU General Public License, version 2.0
- * ("GPL"), unless you have obtained a separate licensing agreement
- * ("Other License"), formally executed by you and Linden Lab.  Terms of
- * the GPL can be found in doc/GPL-license.txt in this distribution, or
- * online at http://secondlife.com/developers/opensource/gplv2
+ * Copyright (C) 2010, Linden Research, Inc.
+ * 
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation;
+ * version 2.1 of the License only.
  * 
- * There are special exceptions to the terms and conditions of the GPL as
- * it is applied to this Source Code. View the full text of the exception
- * in the file doc/FLOSS-exception.txt in this software distribution, or
- * online at http://secondlife.com/developers/opensource/flossexception
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
  * 
- * By copying, modifying or distributing this software, you acknowledge
- * that you have read and understood your obligations described above,
- * and agree to abide by those obligations.
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  * 
- * ALL LINDEN LAB SOURCE CODE IS PROVIDED "AS IS." LINDEN LAB MAKES NO
- * WARRANTIES, EXPRESS, IMPLIED OR OTHERWISE, REGARDING ITS ACCURACY,
- * COMPLETENESS OR PERFORMANCE.
+ * Linden Research, Inc., 945 Battery Street, San Francisco, CA  94111  USA
  * $/LicenseInfo$
  */
 
@@ -59,7 +54,7 @@ void initializeSecHandler()
 	gSecAPIHandler = gHandlerMap[BASIC_SECHANDLER];
 
 	// initialize all SecAPIHandlers
-	LLProtectedDataException ex = LLProtectedDataException("");
+	std::string exception_msg;
 	std::map<std::string, LLPointer<LLSecAPIHandler> >::const_iterator itr;
 	for(itr = gHandlerMap.begin(); itr != gHandlerMap.end(); ++itr)
 	{
@@ -70,12 +65,12 @@ void initializeSecHandler()
 		}
 		catch (LLProtectedDataException e)
 		{
-			ex = e;
+			exception_msg = e.getMessage();
 		}
 	}
-	if (ex.getMessage().length() > 0 )  // an exception was thrown.
+	if (!exception_msg.empty())  // an exception was thrown.
 	{
-		throw ex;
+		throw LLProtectedDataException(exception_msg.c_str());
 	}
 
 }
@@ -121,7 +116,10 @@ int secapiSSLCertVerifyCallback(X509_STORE_CTX *ctx, void *param)
 	validation_params[CERT_HOSTNAME] = uri.hostName();
 	try
 	{
-		chain->validate(VALIDATION_POLICY_SSL, store, validation_params);
+		// we rely on libcurl to validate the hostname, as libcurl does more extensive validation
+		// leaving our hostname validation call mechanism for future additions with respect to
+		// OS native (Mac keyring, windows CAPI) validation.
+		store->validate(VALIDATION_POLICY_SSL & (~VALIDATION_POLICY_HOSTNAME), chain, validation_params);
 	}
 	catch (LLCertValidationTrustException& cert_exception)
 	{