diff --git a/indra/llplugin/llpluginclassmedia.h b/indra/llplugin/llpluginclassmedia.h index adbb93f789..ba76ae4e37 100644 --- a/indra/llplugin/llpluginclassmedia.h +++ b/indra/llplugin/llpluginclassmedia.h @@ -335,7 +335,7 @@ public: // "init_history" message void initializeUrlHistory(const LLSD& url_history); - boost::shared_ptr getSharedPrt() { return boost::dynamic_pointer_cast(shared_from_this()); } // due to enable_shared_from_this + boost::shared_ptr getSharedPtr() { return boost::dynamic_pointer_cast(shared_from_this()); } // due to enable_shared_from_this protected: diff --git a/indra/newview/VIEWER_VERSION.txt b/indra/newview/VIEWER_VERSION.txt index cc81d718c3..32c568aee0 100644 --- a/indra/newview/VIEWER_VERSION.txt +++ b/indra/newview/VIEWER_VERSION.txt @@ -1 +1 @@ -6.5.5 +6.5.6 diff --git a/indra/newview/app_settings/settings.xml b/indra/newview/app_settings/settings.xml index 8771eb5b25..775fcf3754 100644 --- a/indra/newview/app_settings/settings.xml +++ b/indra/newview/app_settings/settings.xml @@ -16826,5 +16826,16 @@ Value 1 + MFAHash + + Comment + Override MFA state hash for authentication + Persist + 0 + Type + String + Value + + diff --git a/indra/newview/llappviewer.cpp b/indra/newview/llappviewer.cpp index 3dd42e9290..c94de31244 100644 --- a/indra/newview/llappviewer.cpp +++ b/indra/newview/llappviewer.cpp @@ -3095,6 +3095,11 @@ bool LLAppViewer::initWindow() return true; } +bool LLAppViewer::isUpdaterMissing() +{ + return mUpdaterNotFound; +} + void LLAppViewer::writeDebugInfo(bool isStatic) { #if LL_WINDOWS && LL_BUGSPLAT diff --git a/indra/newview/llappviewer.h b/indra/newview/llappviewer.h index 0f06889d20..21fa23dfa8 100644 --- a/indra/newview/llappviewer.h +++ b/indra/newview/llappviewer.h @@ -98,7 +98,7 @@ public: bool quitRequested() { return mQuitRequested; } bool logoutRequestSent() { return mLogoutRequestSent; } bool isSecondInstance() { return mSecondInstance; } - bool isUpdaterMissing() { return mUpdaterNotFound; } + bool isUpdaterMissing(); // In use by tests void writeDebugInfo(bool isStatic=true); diff --git a/indra/newview/lllogininstance.cpp b/indra/newview/lllogininstance.cpp index 531f0b172d..a3d0eb5796 100644 --- a/indra/newview/lllogininstance.cpp +++ b/indra/newview/lllogininstance.cpp @@ -61,6 +61,7 @@ #include "lltrans.h" #include +#include #include const S32 LOGIN_MAX_RETRIES = 0; // Viewer should not autmatically retry login @@ -224,8 +225,9 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia request_params["id0"] = mSerialNumber; request_params["host_id"] = gSavedSettings.getString("HostID"); request_params["extended_errors"] = true; // request message_id and message_args + request_params["token"] = ""; - // log request_params _before_ adding the credentials + // log request_params _before_ adding the credentials or sensitive MFA hash data LL_DEBUGS("LLLogin") << "Login parameters: " << LLSDOStreamer(request_params) << LL_ENDL; // Copy the credentials into the request after logging the rest @@ -238,6 +240,33 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia request_params[it->first] = it->second; } + std::string mfa_hash = gSavedSettings.getString("MFAHash"); //non-persistent to enable testing + std::string grid(LLGridManager::getInstance()->getGridId()); + std::string user_id = user_credential->userID(); + if (gSecAPIHandler) + { + if (mfa_hash.empty()) + { + // normal execution, mfa_hash was not set from debug setting so load from protected store + LLSD data_map = gSecAPIHandler->getProtectedData("mfa_hash", grid); + if (data_map.isMap() && data_map.has(user_id)) + { + mfa_hash = data_map[user_id].asString(); + } + } + else + { + // SL-16888 the mfa_hash is being overridden for testing so save it for consistency for future login requests + gSecAPIHandler->addToProtectedMap("mfa_hash", grid, user_id, mfa_hash); + } + } + else + { + LL_WARNS() << "unable to access protected store for mfa_hash" << LL_ENDL; + } + + request_params["mfa_hash"] = mfa_hash; + // Specify desired timeout/retry options LLSD http_params; F32 srv_timeout = llclamp(gSavedSettings.getF32("LoginSRVTimeout"), LOGIN_SRV_TIMEOUT_MIN, LOGIN_SRV_TIMEOUT_MAX); @@ -250,6 +279,11 @@ void LLLoginInstance::constructAuthParams(LLPointer user_credentia mRequestData["params"] = request_params; mRequestData["options"] = requested_options; mRequestData["http_params"] = http_params; +#if LL_RELEASE_FOR_DOWNLOAD + mRequestData["wait_for_updater"] = !gSavedSettings.getBOOL("CmdLineSkipUpdater") && !LLAppViewer::instance()->isUpdaterMissing(); +#else + mRequestData["wait_for_updater"] = false; +#endif } bool LLLoginInstance::handleLoginEvent(const LLSD& event) @@ -406,6 +440,38 @@ void LLLoginInstance::handleLoginFailure(const LLSD& event) boost::bind(&LLLoginInstance::syncWithUpdater, this, resp, _1, _2)); } } + else if(reason_response == "mfa_challenge") + { + LL_DEBUGS("LLLogin") << " MFA challenge" << LL_ENDL; + + if (gViewerWindow) + { + gViewerWindow->setShowProgress(FALSE); + } + + LLSD args(llsd::map( "MESSAGE", LLTrans::getString(response["message_id"]) )); + LLSD payload; + LLNotificationsUtil::add("PromptMFAToken", args, payload, [=](LLSD const & notif, LLSD const & response) { + bool continue_clicked = response["continue"].asBoolean(); + std::string token = response["token"].asString(); + LL_DEBUGS("LLLogin") << "PromptMFAToken: response: " << response << " continue_clicked" << continue_clicked << LL_ENDL; + + // strip out whitespace - SL-17034/BUG-231938 + token = boost::regex_replace(token, boost::regex("\\s"), ""); + + if (continue_clicked && !token.empty()) + { + LL_INFOS("LLLogin") << "PromptMFAToken: token submitted" << LL_ENDL; + + // Set the request data to true and retry login. + mRequestData["params"]["token"] = token; + reconnect(); + } else { + LL_INFOS("LLLogin") << "PromptMFAToken: no token, attemptComplete" << LL_ENDL; + attemptComplete(); + } + }); + } else if( reason_response == "key" || reason_response == "presence" || reason_response == "connect" diff --git a/indra/newview/llpathfindingmanager.cpp b/indra/newview/llpathfindingmanager.cpp index 852b39f442..17b8ec0683 100644 --- a/indra/newview/llpathfindingmanager.cpp +++ b/indra/newview/llpathfindingmanager.cpp @@ -61,7 +61,8 @@ #define CAP_SERVICE_NAVMESH_STATUS "NavMeshGenerationStatus" -#define CAP_SERVICE_OBJECT_LINKSETS "RegionObjects" +#define CAP_SERVICE_GET_OBJECT_LINKSETS "RegionObjects" +#define CAP_SERVICE_SET_OBJECT_LINKSETS "ObjectNavMeshProperties" #define CAP_SERVICE_TERRAIN_LINKSETS "TerrainNavMeshProperties" #define CAP_SERVICE_CHARACTERS "CharacterProperties" @@ -244,7 +245,7 @@ void LLPathfindingManager::requestGetLinksets(request_id_t pRequestId, object_re } else { - std::string objectLinksetsURL = getObjectLinksetsURLForCurrentRegion(); + std::string objectLinksetsURL = getRetrieveObjectLinksetsURLForCurrentRegion(); std::string terrainLinksetsURL = getTerrainLinksetsURLForCurrentRegion(); if (objectLinksetsURL.empty() || terrainLinksetsURL.empty()) { @@ -273,7 +274,7 @@ void LLPathfindingManager::requestSetLinksets(request_id_t pRequestId, const LLP { LLPathfindingObjectListPtr emptyLinksetListPtr; - std::string objectLinksetsURL = getObjectLinksetsURLForCurrentRegion(); + std::string objectLinksetsURL = getChangeObjectLinksetsURLForCurrentRegion(); std::string terrainLinksetsURL = getTerrainLinksetsURLForCurrentRegion(); if (objectLinksetsURL.empty() || terrainLinksetsURL.empty()) { @@ -755,9 +756,14 @@ std::string LLPathfindingManager::getRetrieveNavMeshURLForRegion(LLViewerRegion return getCapabilityURLForRegion(pRegion, CAP_SERVICE_RETRIEVE_NAVMESH); } -std::string LLPathfindingManager::getObjectLinksetsURLForCurrentRegion() const +std::string LLPathfindingManager::getRetrieveObjectLinksetsURLForCurrentRegion() const { - return getCapabilityURLForCurrentRegion(CAP_SERVICE_OBJECT_LINKSETS); + return getCapabilityURLForCurrentRegion(CAP_SERVICE_GET_OBJECT_LINKSETS); +} + +std::string LLPathfindingManager::getChangeObjectLinksetsURLForCurrentRegion() const +{ + return getCapabilityURLForCurrentRegion(CAP_SERVICE_SET_OBJECT_LINKSETS); } std::string LLPathfindingManager::getTerrainLinksetsURLForCurrentRegion() const diff --git a/indra/newview/llpathfindingmanager.h b/indra/newview/llpathfindingmanager.h index a44cd892da..bb44f780c8 100644 --- a/indra/newview/llpathfindingmanager.h +++ b/indra/newview/llpathfindingmanager.h @@ -122,7 +122,8 @@ private: std::string getNavMeshStatusURLForCurrentRegion() const; std::string getNavMeshStatusURLForRegion(LLViewerRegion *pRegion) const; std::string getRetrieveNavMeshURLForRegion(LLViewerRegion *pRegion) const; - std::string getObjectLinksetsURLForCurrentRegion() const; + std::string getRetrieveObjectLinksetsURLForCurrentRegion() const; + std::string getChangeObjectLinksetsURLForCurrentRegion() const; std::string getTerrainLinksetsURLForCurrentRegion() const; std::string getCharactersURLForCurrentRegion() const; std::string getAgentStateURLForRegion(LLViewerRegion *pRegion) const; diff --git a/indra/newview/llsecapi.h b/indra/newview/llsecapi.h index e1320375ab..d8831fee93 100644 --- a/indra/newview/llsecapi.h +++ b/indra/newview/llsecapi.h @@ -485,6 +485,9 @@ public: const std::string& data_id, const std::string& map_elem)=0; + // ensure protected store's map is written to storage + virtual void syncProtectedMap() = 0; + public: virtual LLPointer createCredential(const std::string& grid, const LLSD& identifier, diff --git a/indra/newview/llsechandler_basic.cpp b/indra/newview/llsechandler_basic.cpp index 89c2540bb9..8e8f2f4fe0 100644 --- a/indra/newview/llsechandler_basic.cpp +++ b/indra/newview/llsechandler_basic.cpp @@ -1608,6 +1608,11 @@ void LLSecAPIBasicHandler::removeFromProtectedMap(const std::string& data_type, } } +void LLSecAPIBasicHandler::syncProtectedMap() +{ + // TODO - consider unifing these functions + _writeProtectedData(); +} // // Create a credential object from an identifier and authenticator. credentials are // per grid. diff --git a/indra/newview/llsechandler_basic.h b/indra/newview/llsechandler_basic.h index 17e9f72f07..bd1a8f640c 100644 --- a/indra/newview/llsechandler_basic.h +++ b/indra/newview/llsechandler_basic.h @@ -278,6 +278,9 @@ public: const std::string& data_id, const std::string& map_elem); + // ensure protected store's map is written to storage + virtual void syncProtectedMap(); + // credential management routines virtual LLPointer createCredential(const std::string& grid, diff --git a/indra/newview/llstartup.cpp b/indra/newview/llstartup.cpp index b5ab5c1769..dda2bfa4f1 100644 --- a/indra/newview/llstartup.cpp +++ b/indra/newview/llstartup.cpp @@ -133,6 +133,7 @@ #include "llproxy.h" #include "llproductinforequest.h" #include "llqueryflags.h" +#include "llsecapi.h" #include "llselectmgr.h" #include "llsky.h" #include "llstatview.h" @@ -1135,10 +1136,10 @@ bool idle_startup() } else { - if (reason_response != "tos") + if (reason_response != "tos" && reason_response != "mfa_challenge") { - // Don't pop up a notification in the TOS case because - // LLFloaterTOS::onCancel() already scolded the user. + // Don't pop up a notification in the TOS or MFA cases because + // the specialized floater has already scolded the user. std::string error_code; if(response.has("errorcode")) { @@ -2375,8 +2376,31 @@ void show_release_notes_if_required() && gSavedSettings.getBOOL("UpdaterShowReleaseNotes") && !gSavedSettings.getBOOL("FirstLoginThisInstall")) { - LLSD info(LLAppViewer::instance()->getViewerInfo()); - LLWeb::loadURLInternal(info["VIEWER_RELEASE_NOTES_URL"]); + +#if LL_RELEASE_FOR_DOWNLOAD + if (!gSavedSettings.getBOOL("CmdLineSkipUpdater") + && !LLAppViewer::instance()->isUpdaterMissing()) + { + // Instantiate a "relnotes" listener which assumes any arriving event + // is the release notes URL string. Since "relnotes" is an + // LLEventMailDrop, this listener will be invoked whether or not the + // URL has already been posted. If so, it will fire immediately; + // otherwise it will fire whenever the URL is (later) posted. Either + // way, it will display the release notes as soon as the URL becomes + // available. + LLEventPumps::instance().obtain("relnotes").listen( + "showrelnotes", + [](const LLSD& url) { + LLWeb::loadURLInternal(url.asString()); + return false; + }); + } + else +#endif // LL_RELEASE_FOR_DOWNLOAD + { + LLSD info(LLAppViewer::instance()->getViewerInfo()); + LLWeb::loadURLInternal(info["VIEWER_RELEASE_NOTES_URL"]); + } release_notes_shown = true; } } @@ -3666,6 +3690,17 @@ bool process_login_success_response() LLViewerMedia::getInstance()->openIDSetup(openid_url, openid_token); } + + // Only save mfa_hash for future logins if the user wants their info remembered. + if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser") && gSavedSettings.getBOOL("RememberPassword")) + { + std::string grid(LLGridManager::getInstance()->getGridId()); + std::string user_id(gUserCredential->userID()); + gSecAPIHandler->addToProtectedMap("mfa_hash", grid, user_id, response["mfa_hash"]); + // TODO(brad) - related to SL-17223 consider building a better interface that sync's automatically + gSecAPIHandler->syncProtectedMap(); + } + bool success = false; // JC: gesture loading done below, when we have an asset system // in place. Don't delete/clear gUserCredentials until then. diff --git a/indra/newview/llviewermenufile.cpp b/indra/newview/llviewermenufile.cpp index 28ff69eaf5..f1e2c06e0c 100644 --- a/indra/newview/llviewermenufile.cpp +++ b/indra/newview/llviewermenufile.cpp @@ -255,13 +255,13 @@ void LLFilePickerReplyThread::notify(const std::vector& filenames) LLMediaFilePicker::LLMediaFilePicker(LLPluginClassMedia* plugin, LLFilePicker::ELoadFilter filter, bool get_multiple) : LLFilePickerThread(filter, get_multiple), - mPlugin(plugin->getSharedPrt()) + mPlugin(plugin->getSharedPtr()) { } LLMediaFilePicker::LLMediaFilePicker(LLPluginClassMedia* plugin, LLFilePicker::ESaveFilter filter, const std::string &proposed_name) : LLFilePickerThread(filter, proposed_name), - mPlugin(plugin->getSharedPrt()) + mPlugin(plugin->getSharedPtr()) { } diff --git a/indra/newview/llviewerregion.cpp b/indra/newview/llviewerregion.cpp index 2fb760ed17..f59d53623b 100644 --- a/indra/newview/llviewerregion.cpp +++ b/indra/newview/llviewerregion.cpp @@ -3008,6 +3008,7 @@ void LLViewerRegionImpl::buildCapabilityNames(LLSD& capabilityNames) capabilityNames.append("ObjectAnimation"); capabilityNames.append("ObjectMedia"); capabilityNames.append("ObjectMediaNavigate"); + capabilityNames.append("ObjectNavMeshProperties"); capabilityNames.append("ParcelPropertiesUpdate"); capabilityNames.append("ParcelVoiceInfoRequest"); capabilityNames.append("ProductInfoRequest"); diff --git a/indra/newview/skins/default/xui/en/floater_mfa.xml b/indra/newview/skins/default/xui/en/floater_mfa.xml new file mode 100644 index 0000000000..a649cc6d47 --- /dev/null +++ b/indra/newview/skins/default/xui/en/floater_mfa.xml @@ -0,0 +1,49 @@ + + + + token prompt + + +