diff options
| author | Andrey Lihatskiy <alihatskiy@productengine.com> | 2020-09-28 22:33:51 +0300 |
|---|---|---|
| committer | Andrey Lihatskiy <alihatskiy@productengine.com> | 2020-09-28 22:33:51 +0300 |
| commit | 4e43097c77a5efc1353eec13cdcb0f2c3e3bca92 (patch) | |
| tree | 5417b02fd09c31c52c79d5e52e5323364673bf91 /indra/newview/llsechandler_basic.cpp | |
| parent | 54beabc63665b3b431e901f36ea695712ca7e6bb (diff) | |
| parent | bac6652cdcd2d8333df04c3ebd3a6a7b752328b3 (diff) | |
Merge branch 'master' into DRTVWR-518-ui
# Conflicts:
# indra/newview/llfloaterbuycurrency.cpp
# indra/newview/llinventorybridge.cpp
# indra/newview/llinventorypanel.h
# indra/newview/skins/default/xui/en/floater_buy_currency.xml
Diffstat (limited to 'indra/newview/llsechandler_basic.cpp')
| -rw-r--r-- | indra/newview/llsechandler_basic.cpp | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/indra/newview/llsechandler_basic.cpp b/indra/newview/llsechandler_basic.cpp index 55e49100c3..737ef30ada 100644 --- a/indra/newview/llsechandler_basic.cpp +++ b/indra/newview/llsechandler_basic.cpp @@ -78,16 +78,16 @@ LLBasicCertificate::LLBasicCertificate(const std::string& pem_cert, BIO * pem_bio = BIO_new_mem_buf((void*)pem_cert.c_str(), pem_cert.length()); if(pem_bio == NULL) { - LL_WARNS("SECAPI") << "Could not allocate an openssl memory BIO." << LL_ENDL; - LLTHROW(LLInvalidCertificate(LLSD::emptyMap())); + LL_WARNS("SECAPI") << "Could not allocate an openssl memory BIO." << LL_ENDL; + LLTHROW(LLAllocationCertException(LLSD::emptyMap())); } mCert = NULL; PEM_read_bio_X509(pem_bio, &mCert, 0, NULL); BIO_free(pem_bio); if (!mCert) { - LL_WARNS("SECAPI") << "Could not decode certificate to x509." << LL_ENDL; - LLTHROW(LLInvalidCertificate(LLSD::emptyMap())); + LL_WARNS("SECAPI") << "Could not decode certificate to x509." << LL_ENDL; + LLTHROW(LLInvalidCertificate(LLSD::emptyMap())); } } @@ -924,9 +924,13 @@ void _validateCert(int validation_policy, LLTHROW(LLCertKeyUsageValidationException(current_cert_info)); } // only validate EKU if the cert has it - if(current_cert_info.has(CERT_EXTENDED_KEY_USAGE) && current_cert_info[CERT_EXTENDED_KEY_USAGE].isArray() && - (!_LLSDArrayIncludesValue(current_cert_info[CERT_EXTENDED_KEY_USAGE], - LLSD((std::string)CERT_EKU_SERVER_AUTH)))) + if(current_cert_info.has(CERT_EXTENDED_KEY_USAGE) + && current_cert_info[CERT_EXTENDED_KEY_USAGE].isArray() + && (!_LLSDArrayIncludesValue(current_cert_info[CERT_EXTENDED_KEY_USAGE], + LLSD((std::string)CERT_EKU_TLS_SERVER_AUTH))) + && (!_LLSDArrayIncludesValue(current_cert_info[CERT_EXTENDED_KEY_USAGE], + LLSD((std::string)CERT_EKU_SERVER_AUTH))) + ) { LLTHROW(LLCertKeyUsageValidationException(current_cert_info)); } |