summaryrefslogtreecommitdiff
path: root/indra/newview/llsecapi.h
AgeCommit message (Collapse)Author
2024-04-29#824 Process source files in bulk: replace tabs with spaces, convert CRLF to ↵Andrey Lihatskiy
LF, and trim trailing whitespaces as needed
2022-04-25Fix for SL-17223 save mfa_hash protected store immediately so it doesn't get ↵Brad Kittenbrink
lost in case of crash
2021-10-14Merge branch 'master' into DRTVWR-545-maint-mixAndrey Lihatskiy
2021-09-03SL-15902 Cleanup gSecAPIHandlerMnikolenko ProductEngine
2021-05-27SL-15211 Update OpenSSL libraryAndrey Kleshchev
2021-01-25SL-12422 Clear cert cache to enshure there is no carry-over between failed ↵Andrey Kleshchev
logins
2020-09-05Merge branch 'marchcat/SL-13910' into DRTVWR-503-maintAndrey Lihatskiy
2020-09-05SL-13910 Moved the LLCertException constructor to .cppAndrey Lihatskiy
2020-09-04SL-13910 Added the TLS Web Server Authentication certificate checkAndrey Lihatskiy
2020-08-21SL-13835 SSL verification should not crash on invalid certificateAndrey Kleshchev
2020-01-08SL-12486 Size check fixandreykproductengine
2020-01-07SL-12486 Better data deletionandreykproductengine
2019-08-09SL-9699 Login selectionandreykproductengine
2017-04-14Change certificate store infrastructure to key off of the Subject KeyOz Linden
Id rather than sha1 hash, since that is rarely used in modern certs. The previous form was storing trusted certs using an empty sha1 hash value as the key, which meant most certificates matched... not good. Modify the LLCertException to pass certificate information back as LLSD rather than an LLPointer<LLCertificate>, because when the exception is being thown from the certificate constructor that results in one of a couple of other exceptions (even refcounting won't save you when the problem is that the thing you're pointing to never finished coming into being properly). Update the certificates in the llsechandler_basic_test to modern conventions, and extend the classes to allow for an optional validation date so that the test can use a fixed date. Also make all the certificates include the plain text form for ease of reference.
2016-07-19MAINT-5011: Introduce LLException base class for viewer exceptions.Nat Goodspeed
This also introduces LLContinueError for exceptions which should interrupt some part of viewer processing (e.g. the current coroutine) but should attempt to let the viewer session proceed. Derive all existing viewer exception classes from LLException rather than from std::runtime_error or std::logic_error. Use BOOST_THROW_EXCEPTION() rather than plain 'throw' to enrich the thrown exception with source file, line number and containing function.
2016-07-19DRTVWR-418: Remove rogue getMessage() from llsecapi.h exceptions.Nat Goodspeed
The LLProtectedDataException and LLCertException exception classes didn't used to be derived from std::exception, so they followed their own getMessage() convention instead of the standard what() convention. Now that they're derived from std::exception, remove getMessage() and change its few consumers to use what() instead. Thanks NickyD for suggesting.
2016-07-14MAINT-5011: Per NickyD, make LLCertException::getMessage() const.Nat Goodspeed
Also getCert(). Also LLProtectedDataException::getMessage().
2016-07-13MAINT-5011: Derive remaining exception classes from std::exception.Nat Goodspeed
In particular: NotImplemented in llhttpnode.cpp RelocateError in llupdateinstaller.cpp LLProtectedDataException, LLCertException and subclasses in llsecapi.h Had to add no-throw destructor overrides to LLCertException and subclasses because otherwise clang complains that the implicitly-generated destructor's exception specification is more lax than the base class's.
2016-04-04merge with 4.0.3-releaseOz Linden
2015-11-10remove execute permission from many files that should not have itOz Linden
2015-09-14MAINT-5507: Remove HTTPClient and related cruft.Rider Linden
2013-07-18SH-4297 WIP interesting: viewer-interesting starts loading cached scene lateRichard Linden
dependency cleanup - removed a lot of unecessary includes
2013-06-05merge with viewer-releaseRichard Linden
2013-03-29Update Mac and Windows breakpad builds to latestGraham Madarasz
2011-09-13STORM-1562 Potential fix for crash in LLCurl::run -- make sure all ref ↵Dave Parks
counted members of llsecapi are thread safe
2011-08-18Merge.Logan Dethrow
2011-08-09STORM-1546 FIXED Fixed a crash caused by a race condition in LLRefCount.Vadim ProductEngine
Reason: secapiSSLCertVerifyCallback() seems to be called simultaneously by multiple threads, which causes a race condition in LLRefCount::ref/unref() methods. The reference counter in LLSecAPIBasicHandler::mStore goes to zero, and the object gets destroyed. Fix: Derive LLCertificateStore from LLThreadSafeRefCount instead of LLRefCount, which should fix the race condition. Note: The LLThreadSafeRefCount constructor is private, so we have to wrap instances of the class with LLPointer.
2011-06-28STORM-1112 More cleanup of SOCKS 5 proxy code.Logan Dethrow
Renamed llsocks5.cpp to llproxy.cpp.
2010-08-13Change license from GPL to LGPL (version 2.1)Oz Linden
2010-05-24DEV-50173 - investigate certificate code performanceRoxie Linden
DEV-50166 - LLBasicCertificateChain::validate calls in log Added caching of certificates that have been validated. The sha1 hash for the certificate is stored and is associated with the from and to times. When the certificate is validated, the code determines whether the certificate has successfully been validated before by looking for it in the cache, and then checks the date of the cert. If that is successful, the validation calls with success. Otherwise, it proceeds to do a full validation of the certificate.
2010-04-22DEV-49332 - cryptic error message when typing in single username when ↵Roxie Linden
logging into maingrid. Needs to be changed when IE is checked in, of course. Now we check the expected credential formats for a given grid against the format that is typed in, and throw an error if it's invalid.
2010-04-07Re-insert backed out SLE checkin so we can fix itRoxie Linden
2010-04-07Backed out changeset 63b699f90efdTofu Linden
2009-12-08DEV-42996 GIAB: configuring via CLI tools corrupts viewer certsRoxie Linden
Added authority key identifier/subject key identifier checking. Whenever a new cert was created, a new private key was also created. Typically you get a new key identifier with that private key which is written to the child cert. The child cert can then find the appropriate parent cert for validation via subject key identifier.
2009-10-15MAC Address Change no longer causes viewer to die cr:RoxieKaren Lahey
2009-07-09DEV-34822Roxanne Skelly
svn merge -c120157 svn+ssh://svn.lindenlab.com/svn/linden/branches/giab-viewer/giab-viewer-2
2009-07-08DEV-34822 - merge with 1.23Roxanne Skelly
certificate notification code -r 118191 ignore-dead-branch
2010-02-01Merge giab-viewer-trunk 2497, general merge of moreRoxie Linden
secapi stuff as well as certificate handling stuff. Grid manager as well
2009-07-03Initial secapi mergeRoxanne Skelly
svn merge -c112450 svn+ssh://svn.lindenlab.com/svn/linden/branches/giab-viewer/giab-viewer-1 giab-viewer-1-23 svn merge -c112913 svn+ssh://svn.lindenlab.com/svn/linden/branches/giab-viewer/giab-viewer-1 giab-viewer-1-23