From df7e5dd1dc491e6f2a8bcff44d75f8e2113b8b6f Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Wed, 20 Jan 2010 15:48:13 -0500 Subject: DEV-35248: Allow NoVerifySSLCert to uniformly disable verification Introduce static LLCurl SSL verification flag, default 'true', accessed by LLCurl::setSSLVerify() and getSSLVerify(). Make LLCurl::Easy::prepRequest() check LLCurl::getSSLVerify() instead of unconditionally setting CURLOPT_SSL_VERIFYPEER 'true'. Also set CURLOPT_SSL_VERIFYHOST to match. Make LLXMLRPCTransaction::Impl::init() examine LLCurl::getSSLVerify(), instead of directly examining gSavedSettings.getBOOL("NoVerifySSLCert"). Make LLURLRequest::checkRootCertificate() set CURLOPT_SSL_VERIFYHOST as well as CURLOPT_SSL_VERIFYPEER. Make request() in llhttpclient.cpp (used by LLHTTPClient::getByteRange(), head(), get(), getHeaderOnly(), put(), post(), postRaw(), postFile(), del(), move()) pass LLCurl::getSSLVerify() to checkRootCertificate(), rather than constant 'true'. Make LLAppViewer::mainLoop() call LLCurl::setSSLVerify(! gSavedSettings.getBOOL("NoVerifySSLCert")) at the same time it calls LLCurl::setCAFile(), a comparable bit of static setup. --- indra/llmessage/llcurl.cpp | 20 ++++++++++++++++++-- indra/llmessage/llcurl.h | 11 +++++++++++ indra/llmessage/llhttpclient.cpp | 2 +- indra/llmessage/llurlrequest.cpp | 1 + indra/newview/llappviewer.cpp | 4 ++-- indra/newview/llxmlrpctransaction.cpp | 5 ++--- 6 files changed, 35 insertions(+), 8 deletions(-) diff --git a/indra/llmessage/llcurl.cpp b/indra/llmessage/llcurl.cpp index dc02367a62..024e17a777 100644 --- a/indra/llmessage/llcurl.cpp +++ b/indra/llmessage/llcurl.cpp @@ -89,6 +89,10 @@ S32 gCurlMultiCount = 0; std::vector LLCurl::sSSLMutex; std::string LLCurl::sCAPath; std::string LLCurl::sCAFile; +// Verify SSL certificates by default (matches libcurl default). The ability +// to alter this flag is only to allow us to suppress verification if it's +// broken for some reason. +bool LLCurl::sSSLVerify = true; //static void LLCurl::setCAPath(const std::string& path) @@ -102,6 +106,18 @@ void LLCurl::setCAFile(const std::string& file) sCAFile = file; } +//static +void LLCurl::setSSLVerify(bool verify) +{ + sSSLVerify = verify; +} + +//static +bool LLCurl::getSSLVerify() +{ + return sSSLVerify; +} + //static std::string LLCurl::getVersionString() { @@ -465,7 +481,8 @@ void LLCurl::Easy::prepRequest(const std::string& url, setErrorBuffer(); setCA(); - setopt(CURLOPT_SSL_VERIFYPEER, true); + setopt(CURLOPT_SSL_VERIFYPEER, LLCurl::getSSLVerify()); + setopt(CURLOPT_SSL_VERIFYHOST, LLCurl::getSSLVerify()? 2 : 0); setopt(CURLOPT_TIMEOUT, CURL_REQUEST_TIMEOUT); setoptString(CURLOPT_URL, url); @@ -1044,4 +1061,3 @@ void LLCurl::cleanupClass() #endif curl_global_cleanup(); } - diff --git a/indra/llmessage/llcurl.h b/indra/llmessage/llcurl.h index 1bc1767966..caf02cccd9 100644 --- a/indra/llmessage/llcurl.h +++ b/indra/llmessage/llcurl.h @@ -157,6 +157,16 @@ public: */ static const std::string& getCAPath() { return sCAPath; } + /** + * @ brief Set flag controlling whether to verify HTTPS certs. + */ + static void setSSLVerify(bool verify); + + /** + * @ brief Get flag controlling whether to verify HTTPS certs. + */ + static bool getSSLVerify(); + /** * @ brief Initialize LLCurl class */ @@ -182,6 +192,7 @@ public: private: static std::string sCAPath; static std::string sCAFile; + static bool sSSLVerify; }; namespace boost diff --git a/indra/llmessage/llhttpclient.cpp b/indra/llmessage/llhttpclient.cpp index 12ecbb36eb..dd56e18caf 100644 --- a/indra/llmessage/llhttpclient.cpp +++ b/indra/llmessage/llhttpclient.cpp @@ -222,7 +222,7 @@ static void request( LLPumpIO::chain_t chain; LLURLRequest* req = new LLURLRequest(method, url); - req->checkRootCertificate(true); + req->checkRootCertificate(LLCurl::getSSLVerify()); lldebugs << LLURLRequest::actionAsVerb(method) << " " << url << " " diff --git a/indra/llmessage/llurlrequest.cpp b/indra/llmessage/llurlrequest.cpp index 81b7761ed5..4e7ceff984 100644 --- a/indra/llmessage/llurlrequest.cpp +++ b/indra/llmessage/llurlrequest.cpp @@ -163,6 +163,7 @@ void LLURLRequest::setBodyLimit(U32 size) void LLURLRequest::checkRootCertificate(bool check) { mDetail->mCurlRequest->setopt(CURLOPT_SSL_VERIFYPEER, (check? TRUE : FALSE)); + mDetail->mCurlRequest->setopt(CURLOPT_SSL_VERIFYHOST, (check? 2 : 0)); mDetail->mCurlRequest->setoptString(CURLOPT_ENCODING, ""); } diff --git a/indra/newview/llappviewer.cpp b/indra/newview/llappviewer.cpp index 638a8f759d..0e248ff88b 100644 --- a/indra/newview/llappviewer.cpp +++ b/indra/newview/llappviewer.cpp @@ -926,7 +926,6 @@ bool LLAppViewer::mainLoop() { LLMemType mt1(LLMemType::MTYPE_MAIN); mMainloopTimeout = new LLWatchdogTimeout(); - // *FIX:Mani - Make this a setting, once new settings exist in this branch. //------------------------------------------- // Run main loop until time to quit @@ -936,12 +935,13 @@ bool LLAppViewer::mainLoop() gServicePump = new LLPumpIO(gAPRPoolp); LLHTTPClient::setPump(*gServicePump); LLCurl::setCAFile(gDirUtilp->getCAFile()); + LLCurl::setSSLVerify(! gSavedSettings.getBOOL("NoVerifySSLCert")); // Note: this is where gLocalSpeakerMgr and gActiveSpeakerMgr used to be instantiated. LLVoiceChannel::initClass(); LLVoiceClient::init(gServicePump); - + LLTimer frameTimer,idleTimer; LLTimer debugTime; LLViewerJoystick* joystick(LLViewerJoystick::getInstance()); diff --git a/indra/newview/llxmlrpctransaction.cpp b/indra/newview/llxmlrpctransaction.cpp index 70859e8ea5..c19be37e75 100644 --- a/indra/newview/llxmlrpctransaction.cpp +++ b/indra/newview/llxmlrpctransaction.cpp @@ -252,9 +252,8 @@ void LLXMLRPCTransaction::Impl::init(XMLRPC_REQUEST request, bool useGzip) // mCurlRequest->setopt(CURLOPT_VERBOSE, 1); // usefull for debugging mCurlRequest->setopt(CURLOPT_NOSIGNAL, 1); mCurlRequest->setWriteCallback(&curlDownloadCallback, (void*)this); - BOOL vefifySSLCert = !gSavedSettings.getBOOL("NoVerifySSLCert"); - mCurlRequest->setopt(CURLOPT_SSL_VERIFYPEER, vefifySSLCert); - mCurlRequest->setopt(CURLOPT_SSL_VERIFYHOST, vefifySSLCert ? 2 : 0); + mCurlRequest->setopt(CURLOPT_SSL_VERIFYPEER, LLCurl::getSSLVerify()); + mCurlRequest->setopt(CURLOPT_SSL_VERIFYHOST, LLCurl::getSSLVerify() ? 2 : 0); // Be a little impatient about establishing connections. mCurlRequest->setopt(CURLOPT_CONNECTTIMEOUT, 40L); -- cgit v1.2.3 From 362f288bc6c08f5f345b0b676ca5e3e1fae53c07 Mon Sep 17 00:00:00 2001 From: Loren Shih Date: Wed, 20 Jan 2010 15:57:51 -0500 Subject: EXT-4544 : Take out favorites autopopulation code Removed autopopulation code. This has been in viewer2 for months but actually is buggy itself (i.e. didn't actually autopopulate new accounts most of the time) so it didn't manifest until recently. --- indra/newview/llstartup.cpp | 59 --------------------------------------------- 1 file changed, 59 deletions(-) diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 88b4c34e2b..6b816f8786 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -307,59 +307,6 @@ void update_texture_fetch() gTextureList.updateImages(0.10f); } -//Copies landmarks from the "Library" to "My Favorites" -void populate_favorites_bar() -{ - //*TODO consider extending LLInventoryModel::findCategoryUUIDForType(...) to support both root's - LLInventoryModel::cat_array_t* lib_cats = NULL; - LLInventoryModel::item_array_t* lib_items = NULL; - gInventory.getDirectDescendentsOf(gInventory.getLibraryRootFolderID(), lib_cats, lib_items); - if (!lib_cats) return; - - LLUUID lib_landmarks(LLUUID::null); - S32 count = lib_cats->count(); - for(S32 i = 0; i < count; ++i) - { - if(lib_cats->get(i)->getPreferredType() == LLFolderType::FT_LANDMARK) - { - lib_landmarks = lib_cats->get(i)->getUUID(); - break; - } - } - if (lib_landmarks.isNull()) - { - llerror("Library inventory is missing Landmarks", 0); - return; - } - - LLInventoryModel::cat_array_t* lm_cats = NULL; - LLInventoryModel::item_array_t* lm_items = NULL; - gInventory.getDirectDescendentsOf(lib_landmarks, lm_cats, lm_items); - if (!lm_items) return; - - const LLUUID favorites_id = gInventory.findCategoryUUIDForType(LLFolderType::FT_FAVORITE); - if (favorites_id.isNull()) - { - llerror("My Inventory is missing My Favorites", 0); - return; - } - - S32 lm_count = lm_items->count(); - for (S32 i = 0; i < lm_count; ++i) - { - LLInventoryItem* item = lm_items->get(i); - if (item->getUUID().isNull()) continue; - - copy_inventory_item(gAgent.getID(), - item->getPermissions().getOwner(), - item->getUUID(), - favorites_id, - std::string(), - LLPointer(NULL)); - } -} - - // Returns false to skip other idle processing. Should only return // true when all initialization done. bool idle_startup() @@ -1705,12 +1652,6 @@ bool idle_startup() llinfos << "Creating Inventory Views" << llendl; LLFloaterReg::getInstance("inventory"); - //default initial content for Favorites Bar - if (gAgent.isFirstLogin()) - { - populate_favorites_bar(); - } - LLStartUp::setStartupState( STATE_MISC ); return FALSE; } -- cgit v1.2.3 From 4ff75762d1965457ba5e4e2d952defe81f85d149 Mon Sep 17 00:00:00 2001 From: Rick Pasetto Date: Wed, 20 Jan 2010 14:46:15 -0800 Subject: FIX EXT-4052: Make sure bounceback url has a scheme Review #83 The function LLMediaEntry::checkCandidateURL() assumes the URL passed in at least has a scheme part (i.e. a ":"). This fixes the bounceBack code to assure that. --- indra/newview/llvovolume.cpp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/indra/newview/llvovolume.cpp b/indra/newview/llvovolume.cpp index d5dd19e470..295c0c8010 100644 --- a/indra/newview/llvovolume.cpp +++ b/indra/newview/llvovolume.cpp @@ -1852,12 +1852,22 @@ void LLVOVolume::mediaNavigateBounceBack(U8 texture_index) if (mep && impl) { std::string url = mep->getCurrentURL(); + // Look for a ":", if not there, assume "http://" + if (!url.empty() && std::string::npos == url.find(':')) + { + url = "http://" + url; + } // If the url we're trying to "bounce back" to is either empty or not // allowed by the whitelist, try the home url. If *that* doesn't work, // set the media as failed and unload it if (url.empty() || !mep->checkCandidateUrl(url)) { url = mep->getHomeURL(); + // Look for a ":", if not there, assume "http://" + if (!url.empty() && std::string::npos == url.find(':')) + { + url = "http://" + url; + } } if (url.empty() || !mep->checkCandidateUrl(url)) { -- cgit v1.2.3 From 56f97bce04c6b14460aba207108b06a67040c4d9 Mon Sep 17 00:00:00 2001 From: Tofu Linden Date: Wed, 20 Jan 2010 15:02:54 -0800 Subject: DEV-45319 breed a good openal for voice+audio (second try) --- install.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install.xml b/install.xml index 5069e44d46..d8b9a4289d 100644 --- a/install.xml +++ b/install.xml @@ -1159,9 +1159,9 @@ anguage Infrstructure (CLI) international standard linux md5sum - c8223e9454223e3d519fe40d71c3ddd2 + 75a7004ab14bea46594b1c652f1a6040 url - http://s3.amazonaws.com/viewer-source-downloads/install_pkgs/openal-linux-20091216-56cc0386.tar.bz2 + http://s3.amazonaws.com/viewer-source-downloads/install_pkgs/openal-linux-20100120-3ad86a1c.tar.bz2 linux64 -- cgit v1.2.3 From 20af2d325a4340aca997efbea752849e9f15d041 Mon Sep 17 00:00:00 2001 From: Monroe Linden Date: Wed, 20 Jan 2010 15:17:48 -0800 Subject: New mac build of llqtwebkit to fix EXT-4169. This build is based on: Commit 16264ea12f1320e25f3d4fad3a9ddd4d3f8d2e68 of http://qt.gitorious.org/~girish/qt/girishs-qt/commits/lindenqt Revision 24ce3025f844 of https://hg.lindenlab.com/monroe/llqtwebkit-4.6/ --- install.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install.xml b/install.xml index d8b9a4289d..226d0d3551 100644 --- a/install.xml +++ b/install.xml @@ -948,9 +948,9 @@ anguage Infrstructure (CLI) international standard darwin md5sum - 2eb58f544c0d912aa382de2c947be7f1 + d97d843704514ae1b5f153fab2931920 url - http://s3.amazonaws.com/viewer-source-downloads/install_pkgs/llqtwebkit-4.6-darwin-20100104.tar.bz2 + http://s3.amazonaws.com/viewer-source-downloads/install_pkgs/llqtwebkit-4.6-darwin-20100120.tar.bz2 linux -- cgit v1.2.3 From 622f8b59ceb286f955351b6185a98919f03ed136 Mon Sep 17 00:00:00 2001 From: Callum Prentice Date: Wed, 20 Jan 2010 15:27:58 -0800 Subject: Fix for EXT-4169 - drop down menus do not working in LLQtWebKit with Qt 4.6 --- install.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install.xml b/install.xml index 5069e44d46..30cff85669 100644 --- a/install.xml +++ b/install.xml @@ -962,9 +962,9 @@ anguage Infrstructure (CLI) international standard windows md5sum - c41be1ba9728555ae5a2d2151c96dfe1 + 18c1a4059bad1504a457e70c8c218033 url - http://s3.amazonaws.com/viewer-source-downloads/install_pkgs/llqtwebkit-windows-qt4.6-20100115.tar.bz2 + http://viewer-source-downloads.s3.amazonaws.com/install_pkgs/llqtwebkit-windows-qt4.6-20100120.tar.bz2 -- cgit v1.2.3 From 8841ad4794bb0bfab7b9273284781afb1b9a39c6 Mon Sep 17 00:00:00 2001 From: Rick Pasetto Date: Wed, 20 Jan 2010 15:37:33 -0800 Subject: Bump up URL entry max to 1024 (approved by Richard) --- indra/newview/skins/default/xui/en/floater_media_browser.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indra/newview/skins/default/xui/en/floater_media_browser.xml b/indra/newview/skins/default/xui/en/floater_media_browser.xml index 4b280ac59f..70dac7e41c 100644 --- a/indra/newview/skins/default/xui/en/floater_media_browser.xml +++ b/indra/newview/skins/default/xui/en/floater_media_browser.xml @@ -80,7 +80,7 @@ height="20" layout="topleft" left_pad="5" - max_chars="255" + max_chars="1024" name="address" top_delta="0" width="540"> -- cgit v1.2.3 From 417f0ede41d1dcfed45ae56f515f2ea6d63e599f Mon Sep 17 00:00:00 2001 From: Tofu Linden Date: Wed, 20 Jan 2010 15:59:26 -0800 Subject: EXT-4388 Crash in octree line segment intersection code (more accurately, it was - I believe - reading over the end of a buffer in the pick-mask lookup) reviewed by qarl. --- indra/llrender/llimagegl.cpp | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/indra/llrender/llimagegl.cpp b/indra/llrender/llimagegl.cpp index d873005fd9..cd493481d5 100644 --- a/indra/llrender/llimagegl.cpp +++ b/indra/llrender/llimagegl.cpp @@ -1736,12 +1736,25 @@ BOOL LLImageGL::getMask(const LLVector2 &tc) if (u < 0.f || u > 1.f || v < 0.f || v > 1.f) { - llerrs << "WTF?" << llendl; + LL_WARNS_ONCE("render") << "Ugh, u/v out of range in image mask pick" << LL_ENDL; + u = v = 0.f; + llassert(false); } S32 x = (S32)(u * width); S32 y = (S32)(v * height); + if (x >= width) + { + LL_WARNS_ONCE("render") << "Ooh, width overrun on pick mask read, that coulda been bad." << LL_ENDL; + x = llmax(0, width-1); + } + if (y >= height) + { + LL_WARNS_ONCE("render") << "Ooh, height overrun on pick mask read, that woulda been bad." << LL_ENDL; + y = llmax(0, height-1); + } + S32 idx = y*width+x; S32 offset = idx%8; -- cgit v1.2.3 From c044459ead019425c78c6499d8a9cae2bbadd580 Mon Sep 17 00:00:00 2001 From: "Karl Stiefvater (qarl)" Date: Wed, 20 Jan 2010 18:38:26 -0600 Subject: EXT-4198 Screen goes fuzzy after inactivity move disconnect rendering into render_ui code reviewed by davep --- indra/newview/llviewerdisplay.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/indra/newview/llviewerdisplay.cpp b/indra/newview/llviewerdisplay.cpp index 7b9b12108d..ba256d70e8 100644 --- a/indra/newview/llviewerdisplay.cpp +++ b/indra/newview/llviewerdisplay.cpp @@ -483,7 +483,6 @@ void display(BOOL rebuild, F32 zoom_factor, int subfield, BOOL for_snapshot) { LLAppViewer::instance()->pingMainloopTimeout("Display:Disconnected"); render_ui(); - render_disconnected_background(); } ////////////////////////// @@ -1141,6 +1140,10 @@ void render_ui(F32 zoom_factor, int subfield) render_ui_3d(); LLGLState::checkStates(); } + else + { + render_disconnected_background(); + } render_ui_2d(); LLGLState::checkStates(); -- cgit v1.2.3 From b7742d52d9014c16068b7c64abf4f71c346fb11d Mon Sep 17 00:00:00 2001 From: Rick Pasetto Date: Wed, 20 Jan 2010 17:40:36 -0800 Subject: FIX EXT-4273: Made text widget one pixel wider: that's all it took to get the entire string to fit --- indra/newview/skins/default/xui/en/floater_buy_currency.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indra/newview/skins/default/xui/en/floater_buy_currency.xml b/indra/newview/skins/default/xui/en/floater_buy_currency.xml index d202bf1b9f..8f67f564a2 100644 --- a/indra/newview/skins/default/xui/en/floater_buy_currency.xml +++ b/indra/newview/skins/default/xui/en/floater_buy_currency.xml @@ -304,7 +304,7 @@ Re-enter amount to see the latest exchange rate. Date: Thu, 21 Jan 2010 11:07:20 +0000 Subject: EXT-2151: Add the final (publicly-viewable) Search URL. --- indra/newview/app_settings/settings.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indra/newview/app_settings/settings.xml b/indra/newview/app_settings/settings.xml index 53ac1dc0b9..00d3b6a798 100644 --- a/indra/newview/app_settings/settings.xml +++ b/indra/newview/app_settings/settings.xml @@ -3629,7 +3629,7 @@ Type String Value - http://int.searchwww-phx0.damballah.lindenlab.com/viewer/[CATEGORY]?q=[QUERY]&p=[AUTH_TOKEN]&r=[MATURITY]&lang=[LANGUAGE]&g=[GODLIKE]&sid=[SESSION_ID]&rid=[REGION_ID]&pid=[PARCEL_ID] + http://search.secondlife.com/viewer/[CATEGORY]?q=[QUERY]&p=[AUTH_TOKEN]&r=[MATURITY]&lang=[LANGUAGE]&g=[GODLIKE]&sid=[SESSION_ID]&rid=[REGION_ID]&pid=[PARCEL_ID] HighResSnapshot -- cgit v1.2.3