Merge branch 'DRTVWR-519' of https://bitbucket.org/lindenlab/viewer

2021-06-15 12:04:03 +02:00 · 2021-06-15 12:04:03 +02:00 · 8e2adbcde7
parent 2f228886d6 6baaef4ee2
commit 8e2adbcde7
3 changed files with 17 additions and 5 deletions
--- a/doc/contributions.txt
+++ b/doc/contributions.txt
@ -232,6 +232,10 @@ Ansariel Hiller
 	SL-14940
 	SL-14941
 	SL-3136
+	SL-15200
+	SL-15226
+	SL-15227
+	SL-15398
 Aralara Rajal
 Arare Chantilly
 	CHUIBUG-191
--- a/indra/llfilesystem/lldiskcache.cpp
+++ b/indra/llfilesystem/lldiskcache.cpp
@ -66,9 +66,9 @@ LLDiskCache::LLDiskCache(const std::string cache_dir,
 // WARNING: purge() is called by LLPurgeDiskCacheThread. As such it must
 // NOT touch any LLDiskCache data without introducing and locking a mutex!

-// Interaction through the filesystem itself should be safe. Let’s say thread
+// Interaction through the filesystem itself should be safe. Let’s say thread
 // A is accessing the cache file for reading/writing and thread B is trimming
-// the cache. Let’s also assume using llifstream to open a file and
+// the cache. Let’s also assume using llifstream to open a file and
 // boost::filesystem::remove are not atomic (which will be pretty much the
 // case).

--- a/indra/newview/llsechandler_basic.cpp
+++ b/indra/newview/llsechandler_basic.cpp
@ -923,11 +923,19 @@ void _validateCert(int validation_policy,
 	}
 	if (validation_policy & VALIDATION_POLICY_SSL_KU)
 	{
+		// This stanza of code was changed 2021-06-09 as per details in SL-15370.
+		// Brief summary: a renewed certificate from Akamai only contains the
+		// 'Digital Signature' field and not the 'Key Encipherment' one. This code 
+		// used to look for both and throw an exception at startup (ignored) and 
+		// (for example) when buying L$ in the Viewer (fails with a UI message
+		// and an entry in the Viewer log). This modified code removes the second 
+		// check for the 'Key Encipherment' field. If Akamai can provide a 
+		// replacement certificate that has both fields, then this modified code 
+		// will not be required.
 		if (current_cert_info.has(CERT_KEY_USAGE) && current_cert_info[CERT_KEY_USAGE].isArray() &&
-			(!(_LLSDArrayIncludesValue(current_cert_info[CERT_KEY_USAGE], 
-									   LLSD((std::string)CERT_KU_DIGITAL_SIGNATURE))) ||
 			!(_LLSDArrayIncludesValue(current_cert_info[CERT_KEY_USAGE], 
-									  LLSD((std::string)CERT_KU_KEY_ENCIPHERMENT)))))
+									   LLSD((std::string)CERT_KU_DIGITAL_SIGNATURE)))
+			)
 		{
 			LLTHROW(LLCertKeyUsageValidationException(current_cert_info));
 		}