From d307843dd431de86e6d4c4f3e6fe8eaf946354d4 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Tue, 23 Nov 2021 17:39:37 -0800 Subject: SL-16388 Viewer MFA Implementation We now present MFA errors to the user during login and prompt them for an authentication token. --- indra/newview/llstartup.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index f22be6481a..228d64c17b 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -1117,10 +1117,10 @@ bool idle_startup() } else { - if (reason_response != "tos") + if (reason_response != "tos" && reason_response != "mfa_challenge") { - // Don't pop up a notification in the TOS case because - // LLFloaterTOS::onCancel() already scolded the user. + // Don't pop up a notification in the TOS or MFA cases because + // the specialized floater has already scolded the user. std::string error_code; if(response.has("errorcode")) { -- cgit v1.2.3 From 6d177898a9a5883ad7939be162e51d9a61d0e0b1 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Mon, 13 Dec 2021 14:58:38 -0800 Subject: SL-16501 SLMFAHash is now saved client side --- indra/newview/llstartup.cpp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 228d64c17b..05d17b47bc 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3605,6 +3605,11 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } + if(response.has("slmfa_hash")) + { + gSavedPerAccountSettings.setString("SLMFAHash", response["slmfa_hash"]); + } + bool success = false; // JC: gesture loading done below, when we have an asset system // in place. Don't delete/clear gUserCredentials until then. -- cgit v1.2.3 From 96a6d21086353639d48befa20d86c97d2fd2dddb Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Fri, 14 Jan 2022 22:24:52 -0800 Subject: SL-16514 store mfa hash in protected data using LLSecAPIBasicHandler --- indra/newview/llstartup.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 8e81843153..956ed2d212 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -133,6 +133,7 @@ #include "llproxy.h" #include "llproductinforequest.h" #include "llqueryflags.h" +#include "llsecapi.h" #include "llselectmgr.h" #include "llsky.h" #include "llstatview.h" @@ -3599,7 +3600,9 @@ bool process_login_success_response() if(response.has("slmfa_hash")) { - gSavedPerAccountSettings.setString("SLMFAHash", response["slmfa_hash"]); + LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); + std::string grid(LLGridManager::getInstance()->getGridId()); + basic_secure_store->setProtectedData("slmfa_hash", grid, response["slmfa_hash"]); } bool success = false; -- cgit v1.2.3 From 8422183958a54e49c230bf85743336e0dd4dff71 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Fri, 4 Feb 2022 14:03:05 -0800 Subject: Related to fix for SL-16792, standardize on naming the filed simply mfa_hash end-to-end to avoid confusion --- indra/newview/llstartup.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 956ed2d212..b85c01a1f0 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3598,11 +3598,11 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } - if(response.has("slmfa_hash")) + if(response.has("mfa_hash")) { LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); - basic_secure_store->setProtectedData("slmfa_hash", grid, response["slmfa_hash"]); + basic_secure_store->setProtectedData("mfa_hash", grid, response["mfa_hash"]); } bool success = false; -- cgit v1.2.3 From 40b80251e48d5f0ae3695d9019261f9e472f3e16 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Mon, 7 Mar 2022 00:15:59 -0800 Subject: SL-16825 saving of mfa_hash data now obeys the 'Remember Me' setting --- indra/newview/llstartup.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index b85c01a1f0..27ec8214f6 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3598,7 +3598,7 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } - if(response.has("mfa_hash")) + if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser")) { LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); -- cgit v1.2.3 From 87b494f585f14d6ecc8dbe2d0ce26ab79b62ce30 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Tue, 8 Mar 2022 17:29:45 -0800 Subject: Oops, forgot the other half of SL-16825 fix. need to check both "RememberUser" and "RememberPassword" settings --- indra/newview/llstartup.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index d625ef2539..64e6042047 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3617,7 +3617,9 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } - if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser")) + + // Only save mfa_hash for future logins if the user wants their info remembered. + if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser") && gSavedSettings.getBOOL("RememberPassword")) { LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); -- cgit v1.2.3 From 6bdd744d78f2040767abe57afcb06f8a55a9dd83 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Wed, 9 Mar 2022 14:13:02 -0800 Subject: SL-17019 mfa_hash should get saved per-username --- indra/newview/llstartup.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 64e6042047..e7a1622332 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3621,9 +3621,9 @@ bool process_login_success_response() // Only save mfa_hash for future logins if the user wants their info remembered. if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser") && gSavedSettings.getBOOL("RememberPassword")) { - LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); - basic_secure_store->setProtectedData("mfa_hash", grid, response["mfa_hash"]); + std::string user_id(gUserCredential->userID()); + gSecAPIHandler->addToProtectedMap("mfa_hash", grid, user_id, response["mfa_hash"]); } bool success = false; -- cgit v1.2.3 From 3feb92046ff226c6d65a90ae948a0390e768ed48 Mon Sep 17 00:00:00 2001 From: Andrey Kleshchev Date: Thu, 24 Mar 2022 18:47:08 +0200 Subject: SL-16831 Viewer stalls for 10 seconds before displaying a login failure # Conflicts: # indra/newview/llstartup.cpp --- indra/newview/llstartup.cpp | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index e7a1622332..3f825e4e43 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -2354,8 +2354,31 @@ void show_release_notes_if_required() && gSavedSettings.getBOOL("UpdaterShowReleaseNotes") && !gSavedSettings.getBOOL("FirstLoginThisInstall")) { - LLSD info(LLAppViewer::instance()->getViewerInfo()); - LLWeb::loadURLInternal(info["VIEWER_RELEASE_NOTES_URL"]); + +#if LL_RELEASE_FOR_DOWNLOAD + if (!gSavedSettings.getBOOL("CmdLineSkipUpdater") + && !LLAppViewer::instance()->isUpdaterMissing()) + { + // Instantiate a "relnotes" listener which assumes any arriving event + // is the release notes URL string. Since "relnotes" is an + // LLEventMailDrop, this listener will be invoked whether or not the + // URL has already been posted. If so, it will fire immediately; + // otherwise it will fire whenever the URL is (later) posted. Either + // way, it will display the release notes as soon as the URL becomes + // available. + LLEventPumps::instance().obtain("relnotes").listen( + "showrelnotes", + [](const LLSD& url) { + LLWeb::loadURLInternal(url.asString()); + return false; + }); + } + else +#endif // LL_RELEASE_FOR_DOWNLOAD + { + LLSD info(LLAppViewer::instance()->getViewerInfo()); + LLWeb::loadURLInternal(info["VIEWER_RELEASE_NOTES_URL"]); + } release_notes_shown = true; } } -- cgit v1.2.3 From 372a04dd51939d658cef93076651527318a89e33 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Mon, 25 Apr 2022 12:35:07 -0700 Subject: Fix for SL-17223 save mfa_hash protected store immediately so it doesn't get lost in case of crash --- indra/newview/llstartup.cpp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 8b4c91615c..9a191b31bb 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3671,6 +3671,8 @@ bool process_login_success_response() std::string grid(LLGridManager::getInstance()->getGridId()); std::string user_id(gUserCredential->userID()); gSecAPIHandler->addToProtectedMap("mfa_hash", grid, user_id, response["mfa_hash"]); + // TODO(brad) - related to SL-17223 consider building a better interface that sync's automatically + gSecAPIHandler->syncProtectedMap(); } bool success = false; -- cgit v1.2.3