From bf8b2891bffeea5f5ef92690fa3452b52bf4c7ad Mon Sep 17 00:00:00 2001 From: callum Date: Thu, 3 Mar 2011 13:14:21 -0800 Subject: SOCIAL-510 FIX SL Profile Pages Seem to be Ignoring Assets (New version of LLQtWebKit and now load CA.pem) See also SOCIAL-569 [VWR-24426] SSL Handshake Failed Error when accessing web-based content on development viewers using recent Webkit 4.7 --- indra/newview/llviewermedia.cpp | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) (limited to 'indra/newview/llviewermedia.cpp') diff --git a/indra/newview/llviewermedia.cpp b/indra/newview/llviewermedia.cpp index 900081b8c6..b0da5056f7 100644 --- a/indra/newview/llviewermedia.cpp +++ b/indra/newview/llviewermedia.cpp @@ -1833,17 +1833,10 @@ bool LLViewerMediaImpl::initializePlugin(const std::string& media_type) media_source->ignore_ssl_cert_errors(true); } - // NOTE: Removed as per STORM-927 - SSL handshake failed - setting local self-signed certs like this - // seems to screw things up big time. For now, devs will need to add these certs locally and Qt will pick them up. -// // start by assuming the default CA file will be used -// std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "lindenlab.pem" ); -// // default turned off so pick up the user specified path -// if( ! gSavedSettings.getBOOL("BrowserUseDefaultCAFile")) -// { -// ca_path = gSavedSettings.getString("BrowserCAFilePath"); -// } -// // set the path to the CA.pem file -// media_source->addCertificateFilePath( ca_path ); + // the correct way to deal with certs it to load ours from CA.pem and append them to the ones + // Qt/WebKit loads from your system location. + std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "CA.pem" ); + media_source->addCertificateFilePath( ca_path ); media_source->proxy_setup(gSavedSettings.getBOOL("BrowserProxyEnabled"), gSavedSettings.getString("BrowserProxyAddress"), gSavedSettings.getS32("BrowserProxyPort")); -- cgit v1.2.3 From 0aaa829b477ed5953bd6783f38112c35154bacc9 Mon Sep 17 00:00:00 2001 From: callum Date: Fri, 4 Mar 2011 15:34:27 -0800 Subject: SOCIAL-510 FIX (#2) SL Profile Pages Seem to be Ignoring Assets (New version of LLQtWebKit and now load CA.pem) See also SOCIAL-569 [VWR-24426] SSL Handshake Failed Error when accessing web-based content on development viewers using recent Webkit 4.7 --- indra/newview/llviewermedia.cpp | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'indra/newview/llviewermedia.cpp') diff --git a/indra/newview/llviewermedia.cpp b/indra/newview/llviewermedia.cpp index b0da5056f7..78ed35c29a 100644 --- a/indra/newview/llviewermedia.cpp +++ b/indra/newview/llviewermedia.cpp @@ -59,6 +59,7 @@ #include "lluuid.h" #include "llkeyboard.h" #include "llmutelist.h" +#include "llappviewer.h" //#include "llfirstuse.h" #include "llwindow.h" @@ -1833,10 +1834,26 @@ bool LLViewerMediaImpl::initializePlugin(const std::string& media_type) media_source->ignore_ssl_cert_errors(true); } - // the correct way to deal with certs it to load ours from CA.pem and append them to the ones - // Qt/WebKit loads from your system location. + + // HACK: This is absurd but it'll do for now until we can + // find out what's wrong with Qt SSL certs +#if (defined(LL_WINDOWS) ) + // Always do this for Windows platforms std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "CA.pem" ); media_source->addCertificateFilePath( ca_path ); +#elif (defined(LL_DARWIN) ) + // get Mac OS X version numbers + S32 os_major_version = LLAppViewer::instance()->getOSInfo().mMajorVer; + S32 os_minor_version = LLAppViewer::instance()->getOSInfo().mMinorVer; + llinfos << "OS version is " << os_major_version << " --- " << os_minor_version << llendl; + + // Only do this for Leopard (10.5.x) - not Snow Leopard (10.6.x) + if ( os_major_version == 5 ) + { + std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "CA.pem" ); + media_source->addCertificateFilePath( ca_path ); + } +#endif media_source->proxy_setup(gSavedSettings.getBOOL("BrowserProxyEnabled"), gSavedSettings.getString("BrowserProxyAddress"), gSavedSettings.getS32("BrowserProxyPort")); -- cgit v1.2.3 From cd01bdfffdac92ae7b6098668e187d22b7d823f0 Mon Sep 17 00:00:00 2001 From: Leyla Farazha Date: Fri, 4 Mar 2011 15:57:54 -0800 Subject: SOCIAL-643 As a user, I would like to be able to browse and purchase from the marketplace from within the viewer by logging in only once, and with no appreciable delay --- indra/newview/llviewermedia.cpp | 51 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) (limited to 'indra/newview/llviewermedia.cpp') diff --git a/indra/newview/llviewermedia.cpp b/indra/newview/llviewermedia.cpp index b0da5056f7..82c5b8240e 100644 --- a/indra/newview/llviewermedia.cpp +++ b/indra/newview/llviewermedia.cpp @@ -59,6 +59,7 @@ #include "lluuid.h" #include "llkeyboard.h" #include "llmutelist.h" +#include "llpanelprofile.h" //#include "llfirstuse.h" #include "llwindow.h" @@ -292,6 +293,43 @@ public: }; +class LLViewerMediaWebProfileResponder : public LLHTTPClient::Responder +{ +LOG_CLASS(LLViewerMediaWebProfileResponder); +public: + LLViewerMediaWebProfileResponder(std::string host) + { + mHost = host; + } + + ~LLViewerMediaWebProfileResponder() + { + } + + /* virtual */ void completedHeader(U32 status, const std::string& reason, const LLSD& content) + { + LL_WARNS("MediaAuth") << "status = " << status << ", reason = " << reason << LL_ENDL; + LL_WARNS("MediaAuth") << content << LL_ENDL; + + std::string cookie = content["set-cookie"].asString(); + + LLViewerMedia::getCookieStore()->setCookiesFromHost(cookie, mHost); + } + + void completedRaw( + U32 status, + const std::string& reason, + const LLChannelDescriptors& channels, + const LLIOPipe::buffer_ptr_t& buffer) + { + // This is just here to disable the default behavior (attempting to parse the response as llsd). + // We don't care about the content of the response, only the set-cookie header. + } + + std::string mHost; +}; + + LLPluginCookieStore *LLViewerMedia::sCookieStore = NULL; LLURL LLViewerMedia::sOpenIDURL; std::string LLViewerMedia::sOpenIDCookie; @@ -1351,6 +1389,19 @@ void LLViewerMedia::setOpenIDCookie() // *HACK: Doing this here is nasty, find a better way. LLWebSharing::instance().setOpenIDCookie(sOpenIDCookie); + + // Do a web profile get so we can store the cookie + LLSD headers = LLSD::emptyMap(); + headers["Accept"] = "*/*"; + headers["Cookie"] = sOpenIDCookie; + headers["User-Agent"] = getCurrentUserAgent(); + + std::string profile_url = getProfileURL(""); + LLURL raw_profile_url( profile_url.c_str() ); + + LLHTTPClient::get(profile_url, + new LLViewerMediaWebProfileResponder(raw_profile_url.getAuthority()), + headers); } } -- cgit v1.2.3 From 22c75fb3850234588da6cf043b98a450cede3c91 Mon Sep 17 00:00:00 2001 From: callum Date: Fri, 4 Mar 2011 17:05:29 -0800 Subject: SOCIAL-510 FIX (#3) SL Profile Pages Seem to be Ignoring Assets (New CA.pem with Equifax cert in it) See also SOCIAL-569 [VWR-24426] SSL Handshake Failed Error when accessing web-based content on development viewers using recent Webkit 4.7 --- indra/newview/llviewermedia.cpp | 26 ++++++-------------------- 1 file changed, 6 insertions(+), 20 deletions(-) (limited to 'indra/newview/llviewermedia.cpp') diff --git a/indra/newview/llviewermedia.cpp b/indra/newview/llviewermedia.cpp index 78ed35c29a..f775337fac 100644 --- a/indra/newview/llviewermedia.cpp +++ b/indra/newview/llviewermedia.cpp @@ -1834,26 +1834,12 @@ bool LLViewerMediaImpl::initializePlugin(const std::string& media_type) media_source->ignore_ssl_cert_errors(true); } - - // HACK: This is absurd but it'll do for now until we can - // find out what's wrong with Qt SSL certs -#if (defined(LL_WINDOWS) ) - // Always do this for Windows platforms - std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "CA.pem" ); - media_source->addCertificateFilePath( ca_path ); -#elif (defined(LL_DARWIN) ) - // get Mac OS X version numbers - S32 os_major_version = LLAppViewer::instance()->getOSInfo().mMajorVer; - S32 os_minor_version = LLAppViewer::instance()->getOSInfo().mMinorVer; - llinfos << "OS version is " << os_major_version << " --- " << os_minor_version << llendl; - - // Only do this for Leopard (10.5.x) - not Snow Leopard (10.6.x) - if ( os_major_version == 5 ) - { - std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "CA.pem" ); - media_source->addCertificateFilePath( ca_path ); - } -#endif + // the correct way to deal with certs it to load ours from CA.pem and append them to the ones + // Qt/WebKit loads from your system location. + // Note: This needs the new CA.pem file with the Equifax Secure Certificate Authority + // cert at the bottom: (MIIDIDCCAomgAwIBAgIENd70zzANBg) + std::string ca_path = gDirUtilp->getExpandedFilename( LL_PATH_APP_SETTINGS, "CA.pem" ); + media_source->addCertificateFilePath( ca_path ); media_source->proxy_setup(gSavedSettings.getBOOL("BrowserProxyEnabled"), gSavedSettings.getString("BrowserProxyAddress"), gSavedSettings.getS32("BrowserProxyPort")); -- cgit v1.2.3