From d307843dd431de86e6d4c4f3e6fe8eaf946354d4 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Tue, 23 Nov 2021 17:39:37 -0800 Subject: SL-16388 Viewer MFA Implementation We now present MFA errors to the user during login and prompt them for an authentication token. --- indra/newview/llstartup.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index f22be6481a..228d64c17b 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -1117,10 +1117,10 @@ bool idle_startup() } else { - if (reason_response != "tos") + if (reason_response != "tos" && reason_response != "mfa_challenge") { - // Don't pop up a notification in the TOS case because - // LLFloaterTOS::onCancel() already scolded the user. + // Don't pop up a notification in the TOS or MFA cases because + // the specialized floater has already scolded the user. std::string error_code; if(response.has("errorcode")) { -- cgit v1.3 From 6d177898a9a5883ad7939be162e51d9a61d0e0b1 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Mon, 13 Dec 2021 14:58:38 -0800 Subject: SL-16501 SLMFAHash is now saved client side --- indra/newview/app_settings/settings_per_account.xml | 11 +++++++++++ indra/newview/lllogininstance.cpp | 2 +- indra/newview/llstartup.cpp | 5 +++++ indra/newview/tests/lllogininstance_test.cpp | 1 + 4 files changed, 18 insertions(+), 1 deletion(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/app_settings/settings_per_account.xml b/indra/newview/app_settings/settings_per_account.xml index 537744b44c..d7d008689c 100644 --- a/indra/newview/app_settings/settings_per_account.xml +++ b/indra/newview/app_settings/settings_per_account.xml @@ -436,5 +436,16 @@ Value 2 + SLMFAHash + + Comment + MFA state hash for authentication + Persist + 1 + Type + String + Value + + diff --git a/indra/newview/lllogininstance.cpp b/indra/newview/lllogininstance.cpp index 553a8c91ff..f19569d429 100644 --- a/indra/newview/lllogininstance.cpp +++ b/indra/newview/lllogininstance.cpp @@ -228,7 +228,7 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia request_params["host_id"] = gSavedSettings.getString("HostID"); request_params["extended_errors"] = true; // request message_id and message_args request_params["token"] = ""; - request_params["slmfa_hash"] = ""; + request_params["slmfa_hash"] = gSavedPerAccountSettings.getString("SLMFAHash"); // log request_params _before_ adding the credentials LL_DEBUGS("LLLogin") << "Login parameters: " << LLSDOStreamer(request_params) << LL_ENDL; diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 228d64c17b..05d17b47bc 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3605,6 +3605,11 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } + if(response.has("slmfa_hash")) + { + gSavedPerAccountSettings.setString("SLMFAHash", response["slmfa_hash"]); + } + bool success = false; // JC: gesture loading done below, when we have an asset system // in place. Don't delete/clear gUserCredentials until then. diff --git a/indra/newview/tests/lllogininstance_test.cpp b/indra/newview/tests/lllogininstance_test.cpp index 8d1956957c..43f0e89222 100644 --- a/indra/newview/tests/lllogininstance_test.cpp +++ b/indra/newview/tests/lllogininstance_test.cpp @@ -190,6 +190,7 @@ std::string LLGridManager::getAppSLURLBase(const std::string& grid_name) //----------------------------------------------------------------------------- #include "../llviewercontrol.h" LLControlGroup gSavedSettings("Global"); +LLControlGroup gSavedPerAccountSettings("PerAccount"); LLControlGroup::LLControlGroup(const std::string& name) : LLInstanceTracker(name){} -- cgit v1.3 From 96a6d21086353639d48befa20d86c97d2fd2dddb Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Fri, 14 Jan 2022 22:24:52 -0800 Subject: SL-16514 store mfa hash in protected data using LLSecAPIBasicHandler --- indra/newview/app_settings/settings_per_account.xml | 2 +- indra/newview/lllogininstance.cpp | 15 ++++++++++++--- indra/newview/llstartup.cpp | 5 ++++- indra/newview/tests/lllogininstance_test.cpp | 9 +++++++++ 4 files changed, 26 insertions(+), 5 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/app_settings/settings_per_account.xml b/indra/newview/app_settings/settings_per_account.xml index d7d008689c..7d4af7db7f 100644 --- a/indra/newview/app_settings/settings_per_account.xml +++ b/indra/newview/app_settings/settings_per_account.xml @@ -441,7 +441,7 @@ Comment MFA state hash for authentication Persist - 1 + 0 Type String Value diff --git a/indra/newview/lllogininstance.cpp b/indra/newview/lllogininstance.cpp index 902510c294..a4c001ad8b 100644 --- a/indra/newview/lllogininstance.cpp +++ b/indra/newview/lllogininstance.cpp @@ -228,11 +228,20 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia request_params["host_id"] = gSavedSettings.getString("HostID"); request_params["extended_errors"] = true; // request message_id and message_args request_params["token"] = ""; - request_params["slmfa_hash"] = gSavedPerAccountSettings.getString("SLMFAHash"); - // log request_params _before_ adding the credentials + // log request_params _before_ adding the credentials or sensitive MFA hash data LL_DEBUGS("LLLogin") << "Login parameters: " << LLSDOStreamer(request_params) << LL_ENDL; + std::string slmfa_hash = gSavedPerAccountSettings.getString("SLMFAHash"); //non-persistent to enable testing + if(slmfa_hash.empty()) + { + LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); + std::string grid(LLGridManager::getInstance()->getGridId()); + slmfa_hash = basic_secure_store->getProtectedData("slmfa_hash", grid).asString(); + } + + request_params["slmfa_hash"] = slmfa_hash; + // Copy the credentials into the request after logging the rest LLSD credentials(user_credential->getLoginParams()); for (LLSD::map_const_iterator it = credentials.beginMap(); @@ -417,7 +426,7 @@ void LLLoginInstance::handleLoginFailure(const LLSD& event) LLSD data(LLSD::emptyMap()); data["message"] = message_response; - data["reply_pump"] = MFA_REPLY_PUMP; + data["reply_pump"] = MFA_REPLY_PUMP if (gViewerWindow) { gViewerWindow->setShowProgress(FALSE); diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 8e81843153..956ed2d212 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -133,6 +133,7 @@ #include "llproxy.h" #include "llproductinforequest.h" #include "llqueryflags.h" +#include "llsecapi.h" #include "llselectmgr.h" #include "llsky.h" #include "llstatview.h" @@ -3599,7 +3600,9 @@ bool process_login_success_response() if(response.has("slmfa_hash")) { - gSavedPerAccountSettings.setString("SLMFAHash", response["slmfa_hash"]); + LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); + std::string grid(LLGridManager::getInstance()->getGridId()); + basic_secure_store->setProtectedData("slmfa_hash", grid, response["slmfa_hash"]); } bool success = false; diff --git a/indra/newview/tests/lllogininstance_test.cpp b/indra/newview/tests/lllogininstance_test.cpp index 43f0e89222..9253516411 100644 --- a/indra/newview/tests/lllogininstance_test.cpp +++ b/indra/newview/tests/lllogininstance_test.cpp @@ -186,6 +186,15 @@ std::string LLGridManager::getAppSLURLBase(const std::string& grid_name) { return "myappslurl"; } +std::string LLGridManager::getGridId(const std::string& grid) +{ + return std::string(); +} + +LLPointer getSecHandler(const std::string& handler_type) +{ + return nullptr; +} //----------------------------------------------------------------------------- #include "../llviewercontrol.h" -- cgit v1.3 From 8422183958a54e49c230bf85743336e0dd4dff71 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Fri, 4 Feb 2022 14:03:05 -0800 Subject: Related to fix for SL-16792, standardize on naming the filed simply mfa_hash end-to-end to avoid confusion --- indra/newview/app_settings/settings_per_account.xml | 2 +- indra/newview/lllogininstance.cpp | 8 ++++---- indra/newview/llstartup.cpp | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/app_settings/settings_per_account.xml b/indra/newview/app_settings/settings_per_account.xml index 7d4af7db7f..c45e841b94 100644 --- a/indra/newview/app_settings/settings_per_account.xml +++ b/indra/newview/app_settings/settings_per_account.xml @@ -436,7 +436,7 @@ Value 2 - SLMFAHash + MFAHash Comment MFA state hash for authentication diff --git a/indra/newview/lllogininstance.cpp b/indra/newview/lllogininstance.cpp index 2b1dbc869a..06dbf97e51 100644 --- a/indra/newview/lllogininstance.cpp +++ b/indra/newview/lllogininstance.cpp @@ -230,15 +230,15 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia // log request_params _before_ adding the credentials or sensitive MFA hash data LL_DEBUGS("LLLogin") << "Login parameters: " << LLSDOStreamer(request_params) << LL_ENDL; - std::string slmfa_hash = gSavedPerAccountSettings.getString("SLMFAHash"); //non-persistent to enable testing - if(slmfa_hash.empty()) + std::string mfa_hash = gSavedPerAccountSettings.getString("MFAHash"); //non-persistent to enable testing + if(mfa_hash.empty()) { LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); - slmfa_hash = basic_secure_store->getProtectedData("slmfa_hash", grid).asString(); + mfa_hash = basic_secure_store->getProtectedData("mfa_hash", grid).asString(); } - request_params["slmfa_hash"] = slmfa_hash; + request_params["mfa_hash"] = mfa_hash; // Copy the credentials into the request after logging the rest LLSD credentials(user_credential->getLoginParams()); diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 956ed2d212..b85c01a1f0 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3598,11 +3598,11 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } - if(response.has("slmfa_hash")) + if(response.has("mfa_hash")) { LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); - basic_secure_store->setProtectedData("slmfa_hash", grid, response["slmfa_hash"]); + basic_secure_store->setProtectedData("mfa_hash", grid, response["mfa_hash"]); } bool success = false; -- cgit v1.3 From 40b80251e48d5f0ae3695d9019261f9e472f3e16 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Mon, 7 Mar 2022 00:15:59 -0800 Subject: SL-16825 saving of mfa_hash data now obeys the 'Remember Me' setting --- indra/newview/llstartup.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index b85c01a1f0..27ec8214f6 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3598,7 +3598,7 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } - if(response.has("mfa_hash")) + if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser")) { LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); -- cgit v1.3 From 87b494f585f14d6ecc8dbe2d0ce26ab79b62ce30 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Tue, 8 Mar 2022 17:29:45 -0800 Subject: Oops, forgot the other half of SL-16825 fix. need to check both "RememberUser" and "RememberPassword" settings --- indra/newview/llstartup.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index d625ef2539..64e6042047 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3617,7 +3617,9 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } - if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser")) + + // Only save mfa_hash for future logins if the user wants their info remembered. + if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser") && gSavedSettings.getBOOL("RememberPassword")) { LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); -- cgit v1.3 From 6bdd744d78f2040767abe57afcb06f8a55a9dd83 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Wed, 9 Mar 2022 14:13:02 -0800 Subject: SL-17019 mfa_hash should get saved per-username --- indra/newview/app_settings/settings.xml | 11 ++++++ .../newview/app_settings/settings_per_account.xml | 11 ------ indra/newview/lllogininstance.cpp | 39 +++++++++++++--------- indra/newview/llstartup.cpp | 4 +-- indra/newview/tests/lllogininstance_test.cpp | 11 +++--- 5 files changed, 43 insertions(+), 33 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/app_settings/settings.xml b/indra/newview/app_settings/settings.xml index 6c36fa6f09..7d39a54c1d 100644 --- a/indra/newview/app_settings/settings.xml +++ b/indra/newview/app_settings/settings.xml @@ -16815,5 +16815,16 @@ Value 1 + MFAHash + + Comment + Override MFA state hash for authentication + Persist + 0 + Type + String + Value + + diff --git a/indra/newview/app_settings/settings_per_account.xml b/indra/newview/app_settings/settings_per_account.xml index c45e841b94..537744b44c 100644 --- a/indra/newview/app_settings/settings_per_account.xml +++ b/indra/newview/app_settings/settings_per_account.xml @@ -436,16 +436,5 @@ Value 2 - MFAHash - - Comment - MFA state hash for authentication - Persist - 0 - Type - String - Value - - diff --git a/indra/newview/lllogininstance.cpp b/indra/newview/lllogininstance.cpp index fd186fcddc..2335674501 100644 --- a/indra/newview/lllogininstance.cpp +++ b/indra/newview/lllogininstance.cpp @@ -230,34 +230,43 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia // log request_params _before_ adding the credentials or sensitive MFA hash data LL_DEBUGS("LLLogin") << "Login parameters: " << LLSDOStreamer(request_params) << LL_ENDL; - std::string mfa_hash = gSavedPerAccountSettings.getString("MFAHash"); //non-persistent to enable testing - LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); + // Copy the credentials into the request after logging the rest + LLSD credentials(user_credential->getLoginParams()); + for (LLSD::map_const_iterator it = credentials.beginMap(); + it != credentials.endMap(); + it++ + ) + { + request_params[it->first] = it->second; + } + + std::string mfa_hash = gSavedSettings.getString("MFAHash"); //non-persistent to enable testing std::string grid(LLGridManager::getInstance()->getGridId()); - if (basic_secure_store) + std::string user_id = user_credential->userID(); + if (gSecAPIHandler) { if (mfa_hash.empty()) { - mfa_hash = basic_secure_store->getProtectedData("mfa_hash", grid).asString(); + // normal execution, mfa_hash was not set from debug setting so load from protected store + LLSD data_map = gSecAPIHandler->getProtectedData("mfa_hash", grid); + if (data_map.isMap() && data_map.has(user_id)) + { + mfa_hash = data_map[user_id].asString(); + } } else { // SL-16888 the mfa_hash is being overridden for testing so save it for consistency for future login requests - basic_secure_store->setProtectedData("mfa_hash", grid, mfa_hash); + gSecAPIHandler->addToProtectedMap("mfa_hash", grid, user_id, mfa_hash); } } - - request_params["mfa_hash"] = mfa_hash; - - // Copy the credentials into the request after logging the rest - LLSD credentials(user_credential->getLoginParams()); - for (LLSD::map_const_iterator it = credentials.beginMap(); - it != credentials.endMap(); - it++ - ) + else { - request_params[it->first] = it->second; + LL_WARNS() << "unable to access protected store for mfa_hash" << LL_ENDL; } + request_params["mfa_hash"] = mfa_hash; + // Specify desired timeout/retry options LLSD http_params; F32 srv_timeout = llclamp(gSavedSettings.getF32("LoginSRVTimeout"), LOGIN_SRV_TIMEOUT_MIN, LOGIN_SRV_TIMEOUT_MAX); diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 64e6042047..e7a1622332 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3621,9 +3621,9 @@ bool process_login_success_response() // Only save mfa_hash for future logins if the user wants their info remembered. if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser") && gSavedSettings.getBOOL("RememberPassword")) { - LLPointer basic_secure_store = getSecHandler(BASIC_SECHANDLER); std::string grid(LLGridManager::getInstance()->getGridId()); - basic_secure_store->setProtectedData("mfa_hash", grid, response["mfa_hash"]); + std::string user_id(gUserCredential->userID()); + gSecAPIHandler->addToProtectedMap("mfa_hash", grid, user_id, response["mfa_hash"]); } bool success = false; diff --git a/indra/newview/tests/lllogininstance_test.cpp b/indra/newview/tests/lllogininstance_test.cpp index 9253516411..a8f57f975a 100644 --- a/indra/newview/tests/lllogininstance_test.cpp +++ b/indra/newview/tests/lllogininstance_test.cpp @@ -191,15 +191,14 @@ std::string LLGridManager::getGridId(const std::string& grid) return std::string(); } -LLPointer getSecHandler(const std::string& handler_type) -{ - return nullptr; -} +//LLPointer getSecHandler(const std::string& handler_type) +//{ +// return nullptr; +//} //----------------------------------------------------------------------------- #include "../llviewercontrol.h" LLControlGroup gSavedSettings("Global"); -LLControlGroup gSavedPerAccountSettings("PerAccount"); LLControlGroup::LLControlGroup(const std::string& name) : LLInstanceTracker(name){} @@ -236,6 +235,8 @@ LLAppViewer * LLAppViewer::sInstance = 0; static std::string gTOSType; static LLEventPump * gTOSReplyPump = NULL; +LLPointer gSecAPIHandler; + //static LLFloater* LLFloaterReg::showInstance(const std::string& name, const LLSD& key, BOOL focus) { -- cgit v1.3 From 3feb92046ff226c6d65a90ae948a0390e768ed48 Mon Sep 17 00:00:00 2001 From: Andrey Kleshchev Date: Thu, 24 Mar 2022 18:47:08 +0200 Subject: SL-16831 Viewer stalls for 10 seconds before displaying a login failure # Conflicts: # indra/newview/llstartup.cpp --- indra/newview/lllogininstance.cpp | 5 +++++ indra/newview/llstartup.cpp | 27 ++++++++++++++++++++-- indra/viewer_components/login/lllogin.cpp | 37 ++++++++++++++++++++++--------- 3 files changed, 56 insertions(+), 13 deletions(-) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/lllogininstance.cpp b/indra/newview/lllogininstance.cpp index 523d39da58..267f1d03ea 100644 --- a/indra/newview/lllogininstance.cpp +++ b/indra/newview/lllogininstance.cpp @@ -280,6 +280,11 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia mRequestData["params"] = request_params; mRequestData["options"] = requested_options; mRequestData["http_params"] = http_params; +#if LL_RELEASE_FOR_DOWNLOAD + mRequestData["wait_for_updater"] = !gSavedSettings.getBOOL("CmdLineSkipUpdater") && !LLAppViewer::instance()->isUpdaterMissing(); +#else + mRequestData["wait_for_updater"] = false; +#endif } bool LLLoginInstance::handleLoginEvent(const LLSD& event) diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index e7a1622332..3f825e4e43 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -2354,8 +2354,31 @@ void show_release_notes_if_required() && gSavedSettings.getBOOL("UpdaterShowReleaseNotes") && !gSavedSettings.getBOOL("FirstLoginThisInstall")) { - LLSD info(LLAppViewer::instance()->getViewerInfo()); - LLWeb::loadURLInternal(info["VIEWER_RELEASE_NOTES_URL"]); + +#if LL_RELEASE_FOR_DOWNLOAD + if (!gSavedSettings.getBOOL("CmdLineSkipUpdater") + && !LLAppViewer::instance()->isUpdaterMissing()) + { + // Instantiate a "relnotes" listener which assumes any arriving event + // is the release notes URL string. Since "relnotes" is an + // LLEventMailDrop, this listener will be invoked whether or not the + // URL has already been posted. If so, it will fire immediately; + // otherwise it will fire whenever the URL is (later) posted. Either + // way, it will display the release notes as soon as the URL becomes + // available. + LLEventPumps::instance().obtain("relnotes").listen( + "showrelnotes", + [](const LLSD& url) { + LLWeb::loadURLInternal(url.asString()); + return false; + }); + } + else +#endif // LL_RELEASE_FOR_DOWNLOAD + { + LLSD info(LLAppViewer::instance()->getViewerInfo()); + LLWeb::loadURLInternal(info["VIEWER_RELEASE_NOTES_URL"]); + } release_notes_shown = true; } } diff --git a/indra/viewer_components/login/lllogin.cpp b/indra/viewer_components/login/lllogin.cpp index 168880dc12..5d50d1e182 100644 --- a/indra/viewer_components/login/lllogin.cpp +++ b/indra/viewer_components/login/lllogin.cpp @@ -251,20 +251,35 @@ void LLLogin::Impl::loginCoro(std::string uri, LLSD login_params) // Since sSyncPoint is an LLEventMailDrop, we DEFINITELY want to // consume the posted event. LLCoros::OverrideConsuming oc(true); - // Timeout should produce the isUndefined() object passed here. - LL_DEBUGS("LLLogin") << "Login failure, waiting for sync from updater" << LL_ENDL; - LLSD updater = llcoro::suspendUntilEventOnWithTimeout(sSyncPoint, 10, LLSD()); - if (updater.isUndefined()) - { - LL_WARNS("LLLogin") << "Failed to hear from updater, proceeding with fail.login" - << LL_ENDL; - } - else + LLSD responses(mAuthResponse["responses"]); + LLSD updater; + + if (printable_params["wait_for_updater"].asBoolean()) { - LL_DEBUGS("LLLogin") << "Got responses from updater and login.cgi" << LL_ENDL; + std::string reason_response = responses["data"]["reason"].asString(); + // Timeout should produce the isUndefined() object passed here. + if (reason_response == "update") + { + LL_INFOS("LLLogin") << "Login failure, waiting for sync from updater" << LL_ENDL; + updater = llcoro::suspendUntilEventOnWithTimeout(sSyncPoint, 10, LLSD()); + } + else + { + LL_DEBUGS("LLLogin") << "Login failure, waiting for sync from updater" << LL_ENDL; + updater = llcoro::suspendUntilEventOnWithTimeout(sSyncPoint, 3, LLSD()); + } + if (updater.isUndefined()) + { + LL_WARNS("LLLogin") << "Failed to hear from updater, proceeding with fail.login" + << LL_ENDL; + } + else + { + LL_DEBUGS("LLLogin") << "Got responses from updater and login.cgi" << LL_ENDL; + } } + // Let the fail.login handler deal with empty updater response. - LLSD responses(mAuthResponse["responses"]); responses["updater"] = updater; sendProgressEvent("offline", "fail.login", responses); } -- cgit v1.3 From 372a04dd51939d658cef93076651527318a89e33 Mon Sep 17 00:00:00 2001 From: Brad Kittenbrink Date: Mon, 25 Apr 2022 12:35:07 -0700 Subject: Fix for SL-17223 save mfa_hash protected store immediately so it doesn't get lost in case of crash --- indra/newview/llsecapi.h | 3 +++ indra/newview/llsechandler_basic.cpp | 5 +++++ indra/newview/llsechandler_basic.h | 3 +++ indra/newview/llstartup.cpp | 2 ++ 4 files changed, 13 insertions(+) (limited to 'indra/newview/llstartup.cpp') diff --git a/indra/newview/llsecapi.h b/indra/newview/llsecapi.h index e1320375ab..d8831fee93 100644 --- a/indra/newview/llsecapi.h +++ b/indra/newview/llsecapi.h @@ -485,6 +485,9 @@ public: const std::string& data_id, const std::string& map_elem)=0; + // ensure protected store's map is written to storage + virtual void syncProtectedMap() = 0; + public: virtual LLPointer createCredential(const std::string& grid, const LLSD& identifier, diff --git a/indra/newview/llsechandler_basic.cpp b/indra/newview/llsechandler_basic.cpp index 6b06abaf99..d0da3387ec 100644 --- a/indra/newview/llsechandler_basic.cpp +++ b/indra/newview/llsechandler_basic.cpp @@ -1608,6 +1608,11 @@ void LLSecAPIBasicHandler::removeFromProtectedMap(const std::string& data_type, } } +void LLSecAPIBasicHandler::syncProtectedMap() +{ + // TODO - consider unifing these functions + _writeProtectedData(); +} // // Create a credential object from an identifier and authenticator. credentials are // per grid. diff --git a/indra/newview/llsechandler_basic.h b/indra/newview/llsechandler_basic.h index 17e9f72f07..bd1a8f640c 100644 --- a/indra/newview/llsechandler_basic.h +++ b/indra/newview/llsechandler_basic.h @@ -278,6 +278,9 @@ public: const std::string& data_id, const std::string& map_elem); + // ensure protected store's map is written to storage + virtual void syncProtectedMap(); + // credential management routines virtual LLPointer createCredential(const std::string& grid, diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index 8b4c91615c..9a191b31bb 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -3671,6 +3671,8 @@ bool process_login_success_response() std::string grid(LLGridManager::getInstance()->getGridId()); std::string user_id(gUserCredential->userID()); gSecAPIHandler->addToProtectedMap("mfa_hash", grid, user_id, response["mfa_hash"]); + // TODO(brad) - related to SL-17223 consider building a better interface that sync's automatically + gSecAPIHandler->syncProtectedMap(); } bool success = false; -- cgit v1.3