Skip to content
Snippets Groups Projects
Select Git revision
  • main default protected
  • next protected
  • UI-EvenMoreTweaks
  • merge/materials_featurette protected
  • merge/webrtc protected
  • darl/linux-sh-installer
  • xenhat/maint/bolt
  • xenhat/features/cinematic-mode-new
  • screensquare
  • ssestuff
  • spdlog
  • 7.1.7.2486-beta
  • 7.1.4.2442-beta
  • 7.1.4.2413-beta
  • 7.1.3.2338-beta
  • 7.1.3.2332-beta
  • 7.1.2.2304-beta
  • 7.1.1.2251-beta
  • 7.0.1.2244-beta
  • 7.0.1.2240-beta
  • 7.0.1.2230-beta
  • 7.0.1.2206-beta
22 results
Compare
user avatar
DEV-35248: Allow NoVerifySSLCert to uniformly disable verification
Nat Goodspeed authored 
Introduce static LLCurl SSL verification flag, default 'true', accessed by
LLCurl::setSSLVerify() and getSSLVerify().
Make LLCurl::Easy::prepRequest() check LLCurl::getSSLVerify() instead of
unconditionally setting CURLOPT_SSL_VERIFYPEER 'true'. Also set
CURLOPT_SSL_VERIFYHOST to match.
Make LLXMLRPCTransaction::Impl::init() examine LLCurl::getSSLVerify(), instead
of directly examining gSavedSettings.getBOOL("NoVerifySSLCert").
Make LLURLRequest::checkRootCertificate() set CURLOPT_SSL_VERIFYHOST as well
as CURLOPT_SSL_VERIFYPEER.
Make request() in llhttpclient.cpp (used by LLHTTPClient::getByteRange(),
head(), get(), getHeaderOnly(), put(), post(), postRaw(), postFile(), del(),
move()) pass LLCurl::getSSLVerify() to checkRootCertificate(), rather than
constant 'true'.
Make LLAppViewer::mainLoop() call
    LLCurl::setSSLVerify(! gSavedSettings.getBOOL("NoVerifySSLCert"))
at the same time it calls LLCurl::setCAFile(), a comparable bit of static
setup.
df7e5dd1
History
user avatar df7e5dd1
History
Name Last commit Last update
doc
etc
indra
scripts
.hgignore
install.xml