Id rather than sha1 hash, since that is rarely used in modern
certs. The previous form was storing trusted certs using an empty sha1
hash value as the key, which meant most certificates matched... not good.
Modify the LLCertException to pass certificate information back as
LLSD rather than an LLPointer<LLCertificate>, because when the
exception is being thown from the certificate constructor that results
in one of a couple of other exceptions (even refcounting won't save
you when the problem is that the thing you're pointing to never
finished coming into being properly).
Update the certificates in the llsechandler_basic_test to modern
conventions, and extend the classes to allow for an optional
validation date so that the test can use a fixed date. Also make all
the certificates include the plain text form for ease of reference.
Initial change made LLControlVariable::mPersist an enum, but retained
bool/BOOL public API. setPersist(true) set one value, setPersist(false) set
another, forcePersist() set the third. Per code review, expose enum to public,
make setPersist() (and LLControlVariable constructor, and LLControlGroup::
declareControl(), and all the LLControlGroup::declareMumble() methods, and all
the unit-test dummy declareMumble() method bodies) accept that enum. Remove
forcePersist(). Fix calls to LLControlGroup::declareMumble() accordingly.
Also rename PERSIST_YES to PERSIST_NONDFT, also per code review.
LLControlGroup::declareControl(), declareString() etc. etc. all used to return
BOOL -- which no one ever examines because it unconditionally returned TRUE.
Make it return the (possibly new) LLControlVariable* instead.
DEV-50166 - LLBasicCertificateChain::validate calls in log
Added caching of certificates that have been validated.
The sha1 hash for the certificate is stored and is associated
with the from and to times. When the certificate is validated,
the code determines whether the certificate has successfully
been validated before by looking for it in the cache, and then
checks the date of the cert. If that is successful,
the validation calls with success.
Otherwise, it proceeds to do a full validation of the certificate.
Ansariel