Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
Reason:
secapiSSLCertVerifyCallback() seems to be called simultaneously by multiple threads,
which causes a race condition in LLRefCount::ref/unref() methods.
The reference counter in LLSecAPIBasicHandler::mStore goes to zero, and the object gets destroyed.
Fix:
Derive LLCertificateStore from LLThreadSafeRefCount instead of LLRefCount,
which should fix the race condition.
Note:
The LLThreadSafeRefCount constructor is private, so we have to wrap instances of the class with LLPointer.
|
|
|
|
|
|
Checker: FORWARD_NULL
Function: LLBasicCertificateVector::insert(LLCertificateVector::iterator, LLPointer<LLCertificate>)
File: /indra/newview/llsechandler_basic.cpp
|
|
|
|
|
|
|
|
|
|
DEV-50166 - LLBasicCertificateChain::validate calls in log
Added caching of certificates that have been validated.
The sha1 hash for the certificate is stored and is associated
with the from and to times. When the certificate is validated,
the code determines whether the certificate has successfully
been validated before by looking for it in the cache, and then
checks the date of the cert. If that is successful,
the validation calls with success.
Otherwise, it proceeds to do a full validation of the certificate.
|
|
|
|
CR: Karina
|
|
|
|
|
|
|
|
Added authority key identifier/subject key identifier checking.
Whenever a new cert was created, a new private key was also
created. Typically you get a new key identifier with
that private key which is written to the child cert. The
child cert can then find the appropriate parent cert
for validation via subject key identifier.
|
|
|
|
|
|
|
|
certificate notification code
-r 118191
ignore-dead-branch
|
|
secapi stuff as well as certificate handling stuff.
Grid manager as well
|
|
svn merge -c112450 svn+ssh://svn.lindenlab.com/svn/linden/branches/giab-viewer/giab-viewer-1 giab-viewer-1-23
svn merge -c112913 svn+ssh://svn.lindenlab.com/svn/linden/branches/giab-viewer/giab-viewer-1 giab-viewer-1-23
|