Don't feed empty, non-working callback to CURL

Cherry-Pick of 96a4e16a Conflicts: indra/llmessage/llurlrequest.cpp indra/llmessage/llurlrequest.h indra/newview/hipporestrequest.cpp Clear reasons for conflicts, resolved.
2012-08-07 16:48:22 +02:00
parent 35a53ef1d7
commit 36ff4dcd11
5 changed files with 10 additions and 51 deletions
--- a/indra/llmessage/llhttpclient.cpp
+++ b/indra/llmessage/llhttpclient.cpp
@@ -41,8 +41,6 @@


 const F32 HTTP_REQUEST_EXPIRY_SECS = 60.0f;
-LLURLRequest::SSLCertVerifyCallback LLHTTPClient::mCertVerifyCallback = NULL;
-
 ////////////////////////////////////////////////////////////////////////////

 // Responder class moved to LLCurl
@@ -205,11 +203,6 @@ namespace
 	LLPumpIO* theClientPump = NULL;
 }

-void LLHTTPClient::setCertVerifyCallback(LLURLRequest::SSLCertVerifyCallback callback)
-{
-	LLHTTPClient::mCertVerifyCallback = callback;
-}
-
 static void request(
 	const std::string& url,
 	LLURLRequest::ERequestAction method,
@@ -244,7 +237,7 @@ static void request(
 		return ;
 	}

-	req->setSSLVerifyCallback(LLHTTPClient::getCertVerifyCallback(), (void *)req);
+	req->checkRootCertificate(true);

 	
 	lldebugs << LLURLRequest::actionAsVerb(method) << " " << url << " "
--- a/indra/llmessage/llhttpclient.h
+++ b/indra/llmessage/llhttpclient.h
@@ -155,12 +155,6 @@ public:
 		///< for testing
 	static LLPumpIO &getPump();
 		///< Hippo special
-
-	static void setCertVerifyCallback(LLURLRequest::SSLCertVerifyCallback callback);
-	static  LLURLRequest::SSLCertVerifyCallback getCertVerifyCallback() { return mCertVerifyCallback; }
-
-protected:
-	static LLURLRequest::SSLCertVerifyCallback mCertVerifyCallback;
 };

 #endif // LL_LLHTTPCLIENT_H
--- a/indra/llmessage/llurlrequest.cpp
+++ b/indra/llmessage/llurlrequest.cpp
@@ -91,39 +91,6 @@ LLURLRequestDetail::~LLURLRequestDetail()
 	mLastRead = NULL;
 }

-void LLURLRequest::setSSLVerifyCallback(SSLCertVerifyCallback callback, void *param)
-{
-	LLMemType m1(LLMemType::MTYPE_IO_URL_REQUEST);
-	mDetail->mSSLVerifyCallback = callback;
-	AICurlEasyRequest_wat curlEasyRequest_w(*mDetail->mCurlEasyRequest);
-	curlEasyRequest_w->setSSLCtxCallback(LLURLRequest::_sslCtxCallback, (void *)this);
-	curlEasyRequest_w->setopt(CURLOPT_SSL_VERIFYPEER, true);
-	curlEasyRequest_w->setopt(CURLOPT_SSL_VERIFYHOST, 2);	
-}
-
-
-// _sslCtxFunction
-// Callback function called when an SSL Context is created via CURL
-// used to configure the context for custom cert validation
-
-CURLcode LLURLRequest::_sslCtxCallback(CURL * curl, void *sslctx, void *param)
-{	
-	LLURLRequest *req = (LLURLRequest *)param;
-	if(req == NULL || req->mDetail->mSSLVerifyCallback == NULL)
-	{
-		SSL_CTX_set_cert_verify_callback((SSL_CTX *)sslctx, NULL, NULL);
-		return CURLE_OK;
-	}
-	SSL_CTX * ctx = (SSL_CTX *) sslctx;
-	// disable any default verification for server certs
-	SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
-	// set the verification callback.
-	SSL_CTX_set_cert_verify_callback(ctx, req->mDetail->mSSLVerifyCallback, (void *)req);
-	// the calls are void
-	return CURLE_OK;
-	
-}
-
 /**
 * class LLURLRequest
 */
@@ -195,6 +162,13 @@ void LLURLRequest::addHeader(const char* header)
 	curlEasyRequest_w->addHeader(header);
 }

+void LLURLRequest::checkRootCertificate(bool check)
+{
+	mDetail->mCurlRequest->setopt(CURLOPT_SSL_VERIFYPEER, (check? TRUE : FALSE));
+	mDetail->mCurlRequest->setoptString(CURLOPT_ENCODING, "");
+}
+
+
 void LLURLRequest::setBodyLimit(U32 size)
 {
 	mDetail->mBodyLimit = size;
--- a/indra/llmessage/llurlrequest.h
+++ b/indra/llmessage/llurlrequest.h
@@ -142,7 +142,7 @@ public:
 	 * Set whether request will check that remote server
 	 * certificates are signed by a known root CA when using HTTPS.
 	 */
-	void setSSLVerifyCallback(SSLCertVerifyCallback callback, void * param);
+	void checkRootCertificate(bool check);

 	
 	/**
@@ -227,8 +227,6 @@ protected:
 	 S32 mRequestTransferedBytes;
 	 S32 mResponseTransferedBytes;

-	static CURLcode _sslCtxCallback(CURL * curl, void *sslctx, void *param);
-	
 	// mRemoved is used instead of changing mState directly, because I'm not convinced the latter is atomic.
 	// Set to false before adding curl request and then only tested.
 	// Reset in removed_from_multi_handle (by another thread), this is thread-safe.
--- a/indra/newview/hipporestrequest.cpp
+++ b/indra/newview/hipporestrequest.cpp
@@ -268,7 +268,7 @@ static void request(const std::string &url,
 		llwarns << "Failed to create LLURLRequest: " << error.what() << llendl;
 		return;
 	}
-	req->setSSLVerifyCallback(LLHTTPClient::getCertVerifyCallback(), (void *)req);
+	req->checkRootCertificate(true);

 	/*
 	// Insert custom headers if the caller sent any