Merge with develop

--HG--
branch : compatibility-develop

code/nel/include/nel/gui/curl_certificates.h

@@ -27,9 +27,6 @@ namespace NLGUI
 	class CCurlCertificates
 	{
 	public:
-		// check if compiled with OpenSSL backend
-		static void init(CURL *curl);
-
 		// allow to use custom PEM certificates
 		static void addCertificateFile(const std::string &cert);
 

code/nel/include/nel/gui/group_html.h

@@ -66,8 +66,6 @@ namespace NLGUI
 			std::vector< std::string > trustedDomains;
 			/// Maximum concurrent MultiCurl connections per CGroupHTML instance
 			sint32 curlMaxConnections;
-			/// cacert.pem location
-			std::string curlCABundle;
 
 			SWebOptions(): curlMaxConnections(2)
 			{

code/nel/src/gui/curl_certificates.cpp

@@ -40,29 +40,43 @@ namespace NLGUI
 	class SX509Certificates
 	{
 	public:
-		std::vector<X509 *> CertList;
-		std::vector<std::string> FilesList;
+		struct CertEntry
+		{
+			X509 *cert;
+			std::string name;
+			std::string file;
+
+			bool operator == (const std::string &str)
+			{
+				return file == str;
+			}
+		};
+
+		std::vector<CertEntry> CertList;
 
 		bool isUsingOpenSSLBackend;
 		bool isInitialized;
 
 		SX509Certificates():isUsingOpenSSLBackend(false), isInitialized(false)
 		{
+			init();
 		}
 
 		~SX509Certificates()
 		{
 			for (uint i = 0; i < CertList.size(); ++i)
 			{
-				X509_free(CertList[i]);
+				X509_free(CertList[i].cert);
 			}
 
 			CertList.clear();
 		}
 
-		void init(CURL *curl)
+		void init()
 		{
-			if (isInitialized) return;
+			// init CURL
+			CURL *curl = curl_easy_init();
+			if (!curl) return;
 
 			// get information on CURL
 			curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
@@ -98,9 +112,39 @@ namespace NLGUI
 				isUsingOpenSSLBackend = false;
 			}
 
+			// clean up CURL
+			curl_easy_cleanup(curl);
+
 			isInitialized = true;
 		}
 
+		static std::string getCertName(X509 *cert)
+		{
+			// NULL certificate
+			if (!cert) return "";
+
+			X509_NAME *subject = X509_get_subject_name(cert);
+
+			std::string name;
+			unsigned char *tmp = NULL;
+
+			// construct a multiline string with name
+			for (int j = 0, jlen = X509_NAME_entry_count(subject); j < jlen; ++j)
+			{
+				X509_NAME_ENTRY *e = X509_NAME_get_entry(subject, j);
+				ASN1_STRING *d = X509_NAME_ENTRY_get_data(e);
+
+				if (ASN1_STRING_to_UTF8(&tmp, d) > 0)
+				{
+					name += NLMISC::toString("%s\n", tmp);
+
+					OPENSSL_free(tmp);
+				}
+			}
+
+			return name;
+		}
+
 #ifdef NL_OS_WINDOWS
 		void addCertificatesFrom(LPCSTR root)
 		{
@@ -114,38 +158,36 @@ namespace NLGUI
 				{
 					x509 = NULL;
 					x509 = d2i_X509(NULL, (const unsigned char **)&pContext->pbCertEncoded, pContext->cbCertEncoded);
+
 					if (x509)
 					{
-						CertList.push_back(x509);
+						CertEntry entry;
+						entry.cert = x509;
+						entry.file = root;
+						entry.name = getCertName(x509);
+
+						CertList.push_back(entry);
 					}
 				}
+
 				CertFreeCertificateContext(pContext);
 				CertCloseStore(hStore, 0);
 			}
 
 			// this is called before debug context is set and log ends up in log.log
-			nlinfo("Loaded %d certificates from '%s' certificate store", (int)CertList.size(), root);
+			//nlinfo("Loaded %d certificates from '%s' certificate store", (int)CertList.size(), root);
 		}
 #endif
 
 		void addCertificatesFromFile(const std::string &cert)
 		{
-			if (!isUsingOpenSSLBackend) return;
-
-			if (!isInitialized)
-			{
-				nlwarning("You MUST call NLGUI::CCurlCertificates::init before adding new certificates");
-				return;
-			}
+			if (!isInitialized || !isUsingOpenSSLBackend) return;
 
 			// this file was already loaded
-			if (std::find(FilesList.begin(), FilesList.end(), cert) != FilesList.end()) return;
-
-			FilesList.push_back(cert);
+			if (std::find(CertList.begin(), CertList.end(), cert) != CertList.end()) return;
 
 			// look for certificate in search paths
 			string path = CPath::lookup(cert, false);
-			nlinfo("Cert path '%s'", path.c_str());
 
 			if (path.empty())
 			{
@@ -153,6 +195,8 @@ namespace NLGUI
 				return;
 			}
 
+			nlinfo("CURL CA bundle '%s'", path.c_str());
+
 			CIFile file;
 
 			// open certificate
@@ -184,7 +228,12 @@ namespace NLGUI
 
 						if (itmp && itmp->x509)
 						{
-							CertList.push_back(X509_dup(itmp->x509));
+							CertEntry entry;
+							entry.cert = X509_dup(itmp->x509);
+							entry.file = cert;
+							entry.name = getCertName(entry.cert);
+
+							CertList.push_back(entry);
 						}
 					}
 
@@ -224,27 +273,10 @@ namespace NLGUI
 
 				for (uint i = 0, ilen = x509CertListManager.CertList.size(); i < ilen; ++i)
 				{
-					X509_NAME *subject = X509_get_subject_name(x509CertListManager.CertList[i]);
-
-					std::string name;
-					unsigned char *tmp = NULL;
-
-					// construct a multiline string with name
-					for (int j = 0, jlen = X509_NAME_entry_count(subject); j < jlen; ++j)
-					{
-						X509_NAME_ENTRY *e = X509_NAME_get_entry(subject, j);
-						ASN1_STRING *d = X509_NAME_ENTRY_get_data(e);
-
-						if (ASN1_STRING_to_UTF8(&tmp, d) > 0)
-						{
-							name += NLMISC::toString("%s\n", tmp);
-
-							OPENSSL_free(tmp);
-						}
-					}
+					SX509Certificates::CertEntry entry = x509CertListManager.CertList[i];
 
 					// add our certificate to this store
-					if (X509_STORE_add_cert(x509store, x509CertListManager.CertList[i]) == 0)
+					if (X509_STORE_add_cert(x509store, entry.cert) == 0)
 					{
 						uint errCode = ERR_get_error();
 
@@ -252,13 +284,13 @@ namespace NLGUI
 						if (ERR_GET_LIB(errCode) != ERR_LIB_X509 || ERR_GET_REASON(errCode) != X509_R_CERT_ALREADY_IN_HASH_TABLE)
 						{
 							ERR_error_string_n(errCode, errorBuffer, 1024);
-							nlwarning("Error adding certificate %s: %s", name.c_str(), errorBuffer);
+							nlwarning("Error adding certificate %s: %s", entry.name.c_str(), errorBuffer);
 							res = CURLE_SSL_CACERT;
 						}
 					}
 					else
 					{
-						nldebug("Added certificate %s", name.c_str());
+						nldebug("Added certificate %s", entry.name.c_str());
 					}
 				}
 			}
@@ -275,13 +307,6 @@ namespace NLGUI
 		return res;
 	}
 
-	// ***************************************************************************
-	// static
-	void CCurlCertificates::init(CURL *curl)
-	{
-		x509CertListManager.init(curl);
-	}
-
 	// ***************************************************************************
 	// static
 	void CCurlCertificates::addCertificateFile(const std::string &cert)
@@ -294,7 +319,7 @@ namespace NLGUI
 	void CCurlCertificates::useCertificates(CURL *curl)
 	{
 		// CURL must be valid, using OpenSSL backend and certificates must be loaded, else return
-		if (!curl || !x509CertListManager.isUsingOpenSSLBackend || x509CertListManager.CertList.empty()) return;
+		if (!curl || !x509CertListManager.isInitialized || !x509CertListManager.isUsingOpenSSLBackend || x509CertListManager.CertList.empty()) return;
 
 		curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
 

code/nel/src/gui/group_html.cpp

@@ -398,12 +398,6 @@ namespace NLGUI
 		// https://
 		if (toLower(download.url.substr(0, 8)) == "https://")
 		{
-			// check if compiled with OpenSSL backend
-			CCurlCertificates::init(curl);
-
-			// specify custom CA certs
-			CCurlCertificates::addCertificateFile(options.curlCABundle);
-
 			// if supported, use custom SSL context function to load certificates
 			CCurlCertificates::useCertificates(curl);
 		}
@@ -5412,12 +5406,6 @@ namespace NLGUI
 		// https://
 		if (toLower(url.substr(0, 8)) == "https://")
 		{
-			// check if compiled with OpenSSL backend
-			CCurlCertificates::init(curl);
-
-			// specify custom CA certs
-			CCurlCertificates::addCertificateFile(options.curlCABundle);
-
 			// if supported, use custom SSL context function to load certificates
 			CCurlCertificates::useCertificates(curl);
 		}

code/ryzom/client/src/http_client_curl.cpp

@@ -71,9 +71,6 @@ bool CCurlHttpClient::verifyServer(bool verify)
 	curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYHOST, verify ? 2 : 0);
 	curl_easy_setopt(_Curl, CURLOPT_SSL_VERIFYPEER, verify ? 1 : 0);
 
-	// check if compiled with OpenSSL backend
-	NLGUI::CCurlCertificates::init(_Curl);
-
 	// specify custom CA certs
 	NLGUI::CCurlCertificates::addCertificateFile(CAFilename);
 

code/ryzom/client/src/interface_v3/interface_manager.cpp

@@ -113,6 +113,8 @@
 #include "nel/gui/lua_helper.h"
 using namespace NLGUI;
 #include "nel/gui/lua_ihm.h"
+#include "nel/gui/curl_certificates.h"
+
 #include "lua_ihm_ryzom.h"
 
 #include "add_on_manager.h"
@@ -471,15 +473,11 @@ CInterfaceManager::CInterfaceManager()
 	CGroupHTML::options.appName = getUserAgentName();
 	CGroupHTML::options.appVersion = getUserAgentVersion();
 	CGroupHTML::options.curlMaxConnections = ClientCfg.CurlMaxConnections;
+
 	if (!ClientCfg.CurlCABundle.empty())
 	{
-		string filename = CPath::lookup(ClientCfg.CurlCABundle, false);
-		if (!filename.empty())
-		{
-			filename = CPath::getFullPath(filename, false);
-			CGroupHTML::options.curlCABundle = filename;
-			nlinfo("curl ca bundle '%s'", filename.c_str());
-		}
+		// specify custom CA certs, lookup will be made in this function
+		NLGUI::CCurlCertificates::addCertificateFile(ClientCfg.CurlCABundle);
 	}
 
 	NLGUI::CDBManager::getInstance()->resizeBanks( NB_CDB_BANKS );

code/ryzom/server/src/ai_service/ai_bot.cpp

@@ -88,7 +88,6 @@ void CSpawnBot::setVisualPropertiesName()
 			return;
 		// the npc name is displayed as a fauna
 	}
-
 	
 	CVisualPropertiesInterface::setName(dataSetRow(), name);
 }

code/ryzom/server/src/ai_service/ai_grp_npc.h

@@ -190,7 +190,7 @@ public:
 	uint32 getAggroDist() { return _AggroDist; }
 	
 	uint32& despawnTime() { return _DespawnTime; }
-	uint32& respawnTime() { return _RespawnTime; }		
+	uint32& respawnTime() { return _RespawnTime; }
 	
 	AITYPES::CPropertySetWithExtraList<TAllianceId>& faction() { return _faction; }
 	AITYPES::CPropertySetWithExtraList<TAllianceId>& ennemyFaction() { return _ennemyFaction; }

code/ryzom/server/src/ai_service/ai_script_comp.h

@@ -56,9 +56,7 @@ public:
 
 	static	CFightScriptCompReader	*getScriptReader	(const std::string &str);
 	
-	static	CFightScriptComp	*createScriptComp	(const std::string &str)
-protected:
-private:
+	static	CFightScriptComp	*createScriptComp(const std::string &str);
 };
 
 
@@ -74,8 +72,6 @@ public:
 	typedef	CHashMap<std::string, NLMISC::CSmartPtr<CFightScriptCompReader> >	TFightScriptMap;
 
 	static	TFightScriptMap	_ScriptCompList;
-protected:	
-private:
 };
 
 
@@ -116,7 +112,7 @@ public:
 	CFightSelectFilterReader()			{}
 	virtual ~CFightSelectFilterReader()	{}
 
-	CFightScriptComp	*create	(const	std::string	&inStr)
+	CFightScriptComp	*create(const	std::string	&inStr);
 	std::string	getName	()	const
 	{
 		return	std::string("SELECT");

code/ryzom/server/src/ai_service/event_reaction.h

@@ -90,7 +90,7 @@ public:
 	// the following routine shouldn't be needed it should be superceded by a better alternative
 	// in the event manager
 	template <class TState>
-	bool testCompatibility(const CStateInstance *stateInstance, const TState *state) const
+	bool testCompatibility(CStateInstance	*const	stateInstance, const	TState	*const	state) const;
 
 protected:
 	// protected data ---------------------------------------------------

code/ryzom/server/src/ai_service/event_reaction_include.h

@@ -28,7 +28,7 @@
 #include "continent.h"*/
 
 template <class TState>
-bool CAIEventReaction::testCompatibility(const CStateInstance *stateInstance, const TState *state) const
+bool	CAIEventReaction::testCompatibility(CStateInstance	*const	stateInstance, const	TState	*const	state) const
 {
 	if	(!stateInstance)
 		return false;

code/ryzom/server/src/ai_service/fx_entity.h

@@ -32,7 +32,7 @@ public:
 	NLMISC::CEntityId const& id() const;
 	bool spawn();
 	void despawn();
-	bool update() { }
+	bool update() { return false; }
 	void set(std::string const& prop, std::string const& value, bool reportChange=false) { }
 	std::string get(std::string const& prop);
 	std::string getIndexString() const { return _EntityId.toString(); }