diff options
Diffstat (limited to 'indra/newview/llsecapi.cpp')
| -rw-r--r-- | indra/newview/llsecapi.cpp | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/indra/newview/llsecapi.cpp b/indra/newview/llsecapi.cpp index 89b799f297..6389fd292c 100644 --- a/indra/newview/llsecapi.cpp +++ b/indra/newview/llsecapi.cpp @@ -59,7 +59,7 @@ void initializeSecHandler() gSecAPIHandler = gHandlerMap[BASIC_SECHANDLER]; // initialize all SecAPIHandlers - LLProtectedDataException ex = LLProtectedDataException(""); + std::string exception_msg; std::map<std::string, LLPointer<LLSecAPIHandler> >::const_iterator itr; for(itr = gHandlerMap.begin(); itr != gHandlerMap.end(); ++itr) { @@ -70,12 +70,12 @@ void initializeSecHandler() } catch (LLProtectedDataException e) { - ex = e; + exception_msg = e.getMessage(); } } - if (ex.getMessage().length() > 0 ) // an exception was thrown. + if (!exception_msg.empty()) // an exception was thrown. { - throw ex; + throw LLProtectedDataException(exception_msg.c_str()); } } @@ -121,7 +121,10 @@ int secapiSSLCertVerifyCallback(X509_STORE_CTX *ctx, void *param) validation_params[CERT_HOSTNAME] = uri.hostName(); try { - chain->validate(VALIDATION_POLICY_SSL, store, validation_params); + // we rely on libcurl to validate the hostname, as libcurl does more extensive validation + // leaving our hostname validation call mechanism for future additions with respect to + // OS native (Mac keyring, windows CAPI) validation. + store->validate(VALIDATION_POLICY_SSL & (~VALIDATION_POLICY_HOSTNAME), chain, validation_params); } catch (LLCertValidationTrustException& cert_exception) { |