Don't feed empty, non-working callback to CURL

indra/llmessage/llhttpclient.cpp

@@ -42,8 +42,6 @@
 
 
 const F32 HTTP_REQUEST_EXPIRY_SECS = 60.0f;
-LLURLRequest::SSLCertVerifyCallback LLHTTPClient::mCertVerifyCallback = NULL;
-
 ////////////////////////////////////////////////////////////////////////////
 
 // Responder class moved to LLCurl
@@ -206,11 +204,6 @@ namespace
 	LLPumpIO* theClientPump = NULL;
 }
 
-void LLHTTPClient::setCertVerifyCallback(LLURLRequest::SSLCertVerifyCallback callback)
-{
-	LLHTTPClient::mCertVerifyCallback = callback;
-}
-
 static void request(
 	const std::string& url,
 	LLURLRequest::ERequestAction method,
@@ -234,7 +227,7 @@ static void request(
 		return ;
 	}
 
-	req->setSSLVerifyCallback(LLHTTPClient::getCertVerifyCallback(), (void *)req);
+	req->checkRootCertificate(true);
 
 	
 	lldebugs << LLURLRequest::actionAsVerb(method) << " " << url << " "

indra/llmessage/llhttpclient.h

@@ -153,12 +153,6 @@ public:
 		///< for testing
 	static LLPumpIO &getPump();
 		///< Hippo special
-
-	static void setCertVerifyCallback(LLURLRequest::SSLCertVerifyCallback callback);
-	static  LLURLRequest::SSLCertVerifyCallback getCertVerifyCallback() { return mCertVerifyCallback; }
-
-protected:
-	static LLURLRequest::SSLCertVerifyCallback mCertVerifyCallback;
 };
 
 #endif // LL_LLHTTPCLIENT_H

indra/llmessage/llurlrequest.cpp

@@ -100,37 +100,6 @@ LLURLRequestDetail::~LLURLRequestDetail()
 	mLastRead = NULL;
 }
 
-void LLURLRequest::setSSLVerifyCallback(SSLCertVerifyCallback callback, void *param)
-{
-	mDetail->mSSLVerifyCallback = callback;
-	mDetail->mCurlRequest->setSSLCtxCallback(LLURLRequest::_sslCtxCallback, (void *)this);
-	mDetail->mCurlRequest->setopt(CURLOPT_SSL_VERIFYPEER, true);
-	mDetail->mCurlRequest->setopt(CURLOPT_SSL_VERIFYHOST, 2);	
-}
-
-
-// _sslCtxFunction
-// Callback function called when an SSL Context is created via CURL
-// used to configure the context for custom cert validation
-
-CURLcode LLURLRequest::_sslCtxCallback(CURL * curl, void *sslctx, void *param)
-{	
-	LLURLRequest *req = (LLURLRequest *)param;
-	if(req == NULL || req->mDetail->mSSLVerifyCallback == NULL)
-	{
-		SSL_CTX_set_cert_verify_callback((SSL_CTX *)sslctx, NULL, NULL);
-		return CURLE_OK;
-	}
-	SSL_CTX * ctx = (SSL_CTX *) sslctx;
-	// disable any default verification for server certs
-	SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
-	// set the verification callback.
-	SSL_CTX_set_cert_verify_callback(ctx, req->mDetail->mSSLVerifyCallback, (void *)req);
-	// the calls are void
-	return CURLE_OK;
-	
-}
-
 /**
  * class LLURLRequest
  */
@@ -196,6 +165,13 @@ void LLURLRequest::addHeader(const char* header)
 	mDetail->mCurlRequest->slist_append(header);
 }
 
+void LLURLRequest::checkRootCertificate(bool check)
+{
+	mDetail->mCurlRequest->setopt(CURLOPT_SSL_VERIFYPEER, (check? TRUE : FALSE));
+	mDetail->mCurlRequest->setoptString(CURLOPT_ENCODING, "");
+}
+
+
 void LLURLRequest::setBodyLimit(U32 size)
 {
 	mDetail->mBodyLimit = size;

indra/llmessage/llurlrequest.h

@@ -143,7 +143,7 @@ public:
 	 * Set whether request will check that remote server
 	 * certificates are signed by a known root CA when using HTTPS.
 	 */
-	void setSSLVerifyCallback(SSLCertVerifyCallback callback, void * param);
+	void checkRootCertificate(bool check);
 
 	
 	/**
@@ -226,8 +226,6 @@ protected:
 	 S32 mRequestTransferedBytes;
 	 S32 mResponseTransferedBytes;
 
-	static CURLcode _sslCtxCallback(CURL * curl, void *sslctx, void *param);
-	
 private:
 	/** 
 	 * @brief Initialize the object. Called during construction.

indra/newview/hipporestrequest.cpp

@@ -256,7 +256,7 @@ static void request(const std::string &url,
 	LLPumpIO::chain_t chain;
 
 	LLURLRequest *req = new LLURLRequest(method, url);
-	req->setSSLVerifyCallback(LLHTTPClient::getCertVerifyCallback(), (void *)req);
+	req->checkRootCertificate(true);
 
 	/*
 	// Insert custom headers if the caller sent any