Id rather than sha1 hash, since that is rarely used in modern
certs. The previous form was storing trusted certs using an empty sha1
hash value as the key, which meant most certificates matched... not good.
Modify the LLCertException to pass certificate information back as
LLSD rather than an LLPointer<LLCertificate>, because when the
exception is being thown from the certificate constructor that results
in one of a couple of other exceptions (even refcounting won't save
you when the problem is that the thing you're pointing to never
finished coming into being properly).
Update the certificates in the llsechandler_basic_test to modern
conventions, and extend the classes to allow for an optional
validation date so that the test can use a fixed date. Also make all
the certificates include the plain text form for ease of reference.
Specifically, change the ptr_t typedefs for these LLCore classes to use
IntrusivePtr rather than directly using boost::intrusive_ptr. This allows us
to use a simple ptr_t(raw ptr) constructor rather than having to remember to
code ptr_t(raw ptr, false) everywhere. In fact, the latter form is now invalid:
remove the now-extraneous 'false' constructor parameters.
* Additional error checking in http handlers.
* Uniform log spam for http errors.
* Switch to using constants for http heads and status codes.
* Fixed bugs in incorrectly checking if parsing LLSD xml resulted in an error.
* Reduced spam regarding LLSD parsing errors in the default completedRaw http handler. It should not longer be necessary to short-circuit completedRaw to avoid spam.
* Ported over a few bug fixes from the server code.
* Switch mode http status codes to use S32 instead of U32.
* Ported LLSD::asStringRef from server code; avoids copying strings all over the place.
* Ported server change to LLSD::asBinary; this always returns a reference now instead of copying the entire binary blob.
* Ported server pretty notation format (and pretty binary format) to llsd serialization.
* The new LLCurl::Responder API no longer has two error handlers to choose from. Overriding the following methods have been deprecated:
** error - use httpFailure
** errorWithContent - use httpFailure
** result - use httpSuccess
** completed - use httpCompleted
** completedHeader - no longer necessary; call getResponseHeaders() from a completion method to obtain these headers.
* In order to 'catch' a completed http request, override one of these methods:
** httpSuccess - Called for any 2xx status code.
** httpFailure - Called for any non-2xx status code.
** httpComplete - Called for all status codes. Default implementation is to call either httpSuccess or httpFailure.
* It is recommended to keep these methods protected/private in order to avoid triggering of these methods without using a 'push' method (see below).
* Uniform error handling should followed whenever possible by calling a variant of this during httpFailure:
** llwarns << dumpResponse() << llendl;
* Be sure to include LOG_CLASS(your_class_name) in your class in order for the log entry to give more context.
* In order to 'push' a result into the responder, you should no longer call error, errorWithContent, result, or completed.
* Nor should you directly call httpSuccess/Failure/Completed (unless passing a message up to a parent class).
* Instead, you can set the internal content of a responder and trigger a corresponding method using the following methods:
** successResult - Sets results and calls httpSuccess
** failureResult - Sets results and calls httpFailure
** completedResult - Sets results and calls httpCompleted
* To obtain information about a the response from a reponder method, use the following getters:
** getStatus - HTTP status code
** getReason - Reason string
** getContent - Content (Parsed body LLSD)
** getResponseHeaders - Response Headers (LLSD map)
** getHTTPMethod - HTTP method of the request
** getURL - URL of the request
* It is still possible to override completeRaw if you want to manipulate data directly out of LLPumpIO.
* See indra/llmessage/llcurl.h for more information.
Made the socks proxy start first in llstartup.cpp
Moved initialization of the proxy to before the HTTP table fetch
Added Doxygen comments to LLProxy methods.
Removed call to applyProxySettings in llxmlrpctransaction.cpp since the ctor of LLCurlEasyRequest will apply the proxy settings.
DEV-50166 - LLBasicCertificateChain::validate calls in log
Added caching of certificates that have been validated.
The sha1 hash for the certificate is stored and is associated
with the from and to times. When the certificate is validated,
the code determines whether the certificate has successfully
been validated before by looking for it in the cache, and then
checks the date of the cert. If that is successful,
the validation calls with success.
Otherwise, it proceeds to do a full validation of the certificate.
Andrey Kleshchev