diff --git a/code/nel/src/misc/common.cpp b/code/nel/src/misc/common.cpp index 55b8e0d62..5954ac9c9 100644 --- a/code/nel/src/misc/common.cpp +++ b/code/nel/src/misc/common.cpp @@ -806,7 +806,7 @@ bool launchProgram(const std::string &programName, const std::string &arguments, #ifdef NL_OS_MAC // special OS X case with bundles - if (toLower(programName).find(".app") != std::string::npos) + if (toLower(CFile::getExtension(programName)) == ".app") { // we need to open bundles with "open" command std::string command = NLMISC::toString("open \"%s\"", programName.c_str()); @@ -914,15 +914,17 @@ bool launchProgramArray (const std::string &programName, const std::vector files; @@ -303,10 +289,6 @@ int main(int argc, char **argv) #else // TODO for Linux : splashscreen - - // Delete the .sh file because it s not useful anymore - if (NLMISC::CFile::fileExists("updt_nl.sh")) - NLMISC::CFile::deleteFile("updt_nl.sh"); #endif // initialize patch manager and set the ryzom full path, before it's used diff --git a/code/ryzom/client/src/http_client_curl.cpp b/code/ryzom/client/src/http_client_curl.cpp index ecbfd065b..0c433a598 100644 --- a/code/ryzom/client/src/http_client_curl.cpp +++ b/code/ryzom/client/src/http_client_curl.cpp @@ -61,21 +61,31 @@ bool CCurlHttpClient::authenticate(const std::string &user, const std::string &p const char *CAFilename = "ssl_ca_cert.pem"; // this is the certificate "Thawte Server CA" +// *************************************************************************** static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm) { + // look for certificate in search paths string path = CPath::lookup(CAFilename); nldebug("Cert path '%s'", path.c_str()); + if (path.empty()) + { + nlwarning("Unable to find %s", CAFilename); + return CURLE_SSL_CACERT; + } + CIFile file; - if (!file.open(CAFilename)) + // open certificate + if (!file.open(path)) { - nlwarning("Unable to open %s", CAFilename); + nlwarning("Unable to open %s", path.c_str()); return CURLE_SSL_CACERT; } CURLcode res = CURLE_OK; + // load certificate content into memory std::vector buffer(file.getFileSize()); file.serialBuffer(&buffer[0], file.getFileSize()); @@ -84,25 +94,33 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm) if (bio) { + // get a pointer to the X509 certificate store (which may be empty!) + X509_STORE *store = SSL_CTX_get_cert_store((SSL_CTX *)sslctx); + // use it to read the PEM formatted certificate from memory into an X509 // structure that SSL can use - X509 *cert = NULL; - PEM_read_bio_X509(bio, &cert, 0, NULL); + STACK_OF(X509_INFO) *info = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL); - if (cert) + if (info) { - // get a pointer to the X509 certificate store (which may be empty!) - X509_STORE *store = SSL_CTX_get_cert_store((SSL_CTX *)sslctx); - - // add our certificate to this store - if (X509_STORE_add_cert(store, cert) == 0) + // iterate over all entries from the PEM file, add them to the x509_store one by one + for (sint i = 0; i < sk_X509_INFO_num(info); ++i) { - nlwarning("Error adding certificate"); - res = CURLE_SSL_CACERT; + X509_INFO *itmp = sk_X509_INFO_value(info, i); + + if (itmp->x509) + { + // add our certificate to this store + if (X509_STORE_add_cert(store, itmp->x509) == 0) + { + nlwarning("Error adding certificate"); + res = CURLE_SSL_CACERT; + } + } } - // decrease reference counts - X509_free(cert); + // cleanup + sk_X509_INFO_pop_free(info, X509_INFO_free); } else { @@ -113,9 +131,14 @@ static CURLcode sslctx_function(CURL *curl, void *sslctx, void *parm) // decrease reference counts BIO_free(bio); } + else + { + nlwarning("Unable to allocate BIO buffer for certificates"); + res = CURLE_SSL_CACERT; + } // all set to go - return CURLE_OK ; + return res; } // *************************************************************************** @@ -125,7 +148,10 @@ bool CCurlHttpClient::verifyServer(bool verify) curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYPEER, verify ? 1 : 0); curl_easy_setopt(_Curl, CURLOPT_SSLCERTTYPE, "PEM"); // would allow to provide the CA in memory instead of using CURLOPT_CAINFO, but needs to include and link OpenSSL - curl_easy_setopt(_Curl, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function); + if (curl_easy_setopt(_Curl, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function) == CURLE_NOT_BUILT_IN) + { + nlwarning("Unable to support CURLOPT_SSL_CTX_FUNCTION, curl not compiled with OpenSSL ?"); + } // don't use that anymore, because CA can't be loaded from BNP and doesn't support UTF-8 under Windows // curl_easy_setopt(_Curl, CURLOPT_CAINFO, path.c_str()); curl_easy_setopt(_Curl, CURLOPT_CAPATH, NULL); @@ -181,7 +207,7 @@ bool CCurlHttpClient::sendRequest(const std::string& methodWB, const std::string curl_easy_getinfo(_Curl, CURLINFO_RESPONSE_CODE, &r); if (verbose) { - nldebug("%u", r); + nldebug("%u", (uint)r); } return true; diff --git a/code/ryzom/client/src/login_patch.cpp b/code/ryzom/client/src/login_patch.cpp index 8208d6e28..20bfcbed0 100644 --- a/code/ryzom/client/src/login_patch.cpp +++ b/code/ryzom/client/src/login_patch.cpp @@ -171,7 +171,7 @@ CPatchManager::CPatchManager() : State("t_state"), DataScanState("t_data_scan_st ForceRemovePatchCategories.push_back("main_exedll_linux32"); ForceRemovePatchCategories.push_back("main_exedll_linux64"); ForceRemovePatchCategories.push_back("main_exedll_osx"); -#elif defined(NL_OS_APPLE) +#elif defined(NL_OS_MAC) ForceRemovePatchCategories.push_back("main_exedll_win32"); ForceRemovePatchCategories.push_back("main_exedll_win64"); ForceRemovePatchCategories.push_back("main_exedll_linux32"); @@ -195,6 +195,12 @@ void CPatchManager::setClientRootPath(const std::string& clientRootPath) ClientRootPath = CPath::standardizePath(clientRootPath); ClientPatchPath = CPath::standardizePath(ClientRootPath + "unpack"); + // Delete the .sh file because it's not useful anymore + std::string fullUpdateBatchFilename = ClientRootPath + UpdateBatchFilename; + + if (NLMISC::CFile::fileExists(fullUpdateBatchFilename)) + NLMISC::CFile::deleteFile(fullUpdateBatchFilename); + WritableClientDataPath = CPath::standardizePath(ClientRootPath + "data"); #ifdef NL_OS_MAC diff --git a/code/ryzom/client/unix/upgd_nl.sh b/code/ryzom/client/unix/upgd_nl.sh new file mode 100644 index 000000000..6c44db85b --- /dev/null +++ b/code/ryzom/client/unix/upgd_nl.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +if [ -z "$ROOTPATH" ] +then + echo "upgd_nl.sh can only be launched from updt_nl.sh" + exit 1 +fi + +# executable flag for all executables +chmod +x "$ROOTPATH/ryzom_client" +chmod +x "$ROOTPATH/crash_report" +chmod +x "$ROOTPATH/ryzom_client_patcher" +chmod +x "$ROOTPATH/ryzom_configuration" + +exit 0 diff --git a/code/ryzom/tools/client/client_patcher/main.cpp b/code/ryzom/tools/client/client_patcher/main.cpp index 7575e8fe8..f03943345 100644 --- a/code/ryzom/tools/client/client_patcher/main.cpp +++ b/code/ryzom/tools/client/client_patcher/main.cpp @@ -137,6 +137,7 @@ struct CClientPatcherTranslations : public NLMISC::CI18N::ILoadProxy "TheSagaOfRyzom [Ryzom]\n" "uiErrPatchApply [Error: Patch process ended but the patch has not been successfully applied.]\n" "uiErrChecking [Error: Patch files failed - checking.]\n" + "uiByte [B]\n" "uiKb [KiB]\n" "uiMb [MiB]\n" "uiLoginGetFile [Getting File:]\n"