From 47f5d499f613df5046998b2d6b717161b306c966 Mon Sep 17 00:00:00 2001 From: ZappoMan Date: Thu, 16 Oct 2014 15:26:01 -0700 Subject: [PATCH 1/4] small optimization --- interface/src/renderer/Model.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/interface/src/renderer/Model.cpp b/interface/src/renderer/Model.cpp index 1228a458b2..3800e78008 100644 --- a/interface/src/renderer/Model.cpp +++ b/interface/src/renderer/Model.cpp @@ -1563,6 +1563,11 @@ int Model::renderMeshes(RenderMode mode, bool translucent, float alphaThreshold, } QVector& list = *whichList; + // If this list has nothing to render, then don't bother proceeding. This saves us on binding to programs + if (list.size() == 0) { + return 0; + } + ProgramObject* program = &_program; Locations* locations = &_locations; ProgramObject* skinProgram = &_skinProgram; From 843a64eeee6600d77356983c85ea67a7079bcee6 Mon Sep 17 00:00:00 2001 From: Sam Gateau Date: Thu, 16 Oct 2014 16:15:01 -0700 Subject: [PATCH 2/4] Check for msdev version and appropriate window sdk --- CMakeLists.txt | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 62cdc925f3..b421040a50 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -20,8 +20,13 @@ if (WIN32) # set path for Microsoft SDKs # if get build error about missing 'glu32' this path is likely wrong # Uncomment the line with 8.1 if running Windows 8.1 - #set(CMAKE_PREFIX_PATH ${CMAKE_PREFIX_PATH} "C:\\Program Files (x86)\\Windows Kits\\8.1\\Lib\\winv6.3\\um\\x86") - set(CMAKE_PREFIX_PATH ${CMAKE_PREFIX_PATH} "C:\\Program Files\\Microsoft SDKs\\Windows\\v7.1 ") + if (MSVC10) + set(WINDOW_SDK_PATH "C:\\Program Files\\Microsoft SDKs\\Windows\\v7.1 ") + elseif (MSVC12) + set(WINDOW_SDK_PATH "C:\\Program Files (x86)\\Windows Kits\\8.1\\Lib\\winv6.3\\um\\x86 ") + endif () + message (WINDOW_SDK_PATH= ${WINDOW_SDK_PATH}) + set(CMAKE_PREFIX_PATH ${CMAKE_PREFIX_PATH} ${WINDOW_SDK_PATH}) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /MP") elseif (CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX) #SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wno-long-long -pedantic") From c44a59203253adaae3db03a21f40776b2f5e8e55 Mon Sep 17 00:00:00 2001 From: Andrew Meadows Date: Thu, 16 Oct 2014 16:21:59 -0700 Subject: [PATCH 3/4] longer lengths for experimental hair --- interface/src/Hair.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/interface/src/Hair.h b/interface/src/Hair.h index 036d137cd3..f2b5ebde6a 100644 --- a/interface/src/Hair.h +++ b/interface/src/Hair.h @@ -26,7 +26,7 @@ const int HAIR_CONSTRAINTS = 2; const int DEFAULT_HAIR_STRANDS = 20; const int DEFAULT_HAIR_LINKS = 10; const float DEFAULT_HAIR_RADIUS = 0.15f; -const float DEFAULT_HAIR_LINK_LENGTH = 0.04f; +const float DEFAULT_HAIR_LINK_LENGTH = 0.07f; const float DEFAULT_HAIR_THICKNESS = 0.025f; class Hair { From d00e11541e8fd2f149b353ab516807bbe23aefec Mon Sep 17 00:00:00 2001 From: Stephen Birarda Date: Fri, 17 Oct 2014 09:39:04 -0700 Subject: [PATCH 4/4] fix for pub key format returned to data-server --- domain-server/src/DomainServer.cpp | 95 +++++++++++++++--------------- 1 file changed, 48 insertions(+), 47 deletions(-) diff --git a/domain-server/src/DomainServer.cpp b/domain-server/src/DomainServer.cpp index 74bb3b6a2b..ec8b0e0ebe 100644 --- a/domain-server/src/DomainServer.cpp +++ b/domain-server/src/DomainServer.cpp @@ -11,6 +11,7 @@ #include #include +#include #include #include @@ -619,56 +620,56 @@ bool DomainServer::shouldAllowConnectionFromNode(const QString& username, ALLOWED_USERS_SETTINGS_KEYPATH); static QStringList allowedUsers = allowedUsersVariant ? allowedUsersVariant->toStringList() : QStringList(); + // we always let in a user who is sending a packet from our local socket or from the localhost address + if (senderSockAddr.getAddress() != LimitedNodeList::getInstance()->getLocalSockAddr().getAddress() + && senderSockAddr.getAddress() != QHostAddress::LocalHost) { + return true; + } + if (allowedUsers.count() > 0) { - // this is an agent, we need to ask them to provide us with their signed username to see if they are allowed in - // we always let in a user who is sending a packet from our local socket or from the localhost address - - if (senderSockAddr.getAddress() != LimitedNodeList::getInstance()->getLocalSockAddr().getAddress() - && senderSockAddr.getAddress() != QHostAddress::LocalHost) { - if (allowedUsers.contains(username)) { - // it's possible this user can be allowed to connect, but we need to check their username signature - - QByteArray publicKeyArray = _userPublicKeys.value(username); - if (!publicKeyArray.isEmpty()) { - // if we do have a public key for the user, check for a signature match - - const unsigned char* publicKeyData = reinterpret_cast(publicKeyArray.constData()); - - // first load up the public key into an RSA struct - RSA* rsaPublicKey = d2i_RSAPublicKey(NULL, &publicKeyData, publicKeyArray.size()); - - if (rsaPublicKey) { - QByteArray decryptedArray(RSA_size(rsaPublicKey), 0); - int decryptResult = RSA_public_decrypt(usernameSignature.size(), - reinterpret_cast(usernameSignature.constData()), - reinterpret_cast(decryptedArray.data()), - rsaPublicKey, RSA_PKCS1_PADDING); - - if (decryptResult != -1) { - if (username == decryptedArray) { - qDebug() << "Username signature matches for" << username << "- allowing connection."; - - // free up the public key before we return - RSA_free(rsaPublicKey); - - return true; - } else { - qDebug() << "Username signature did not match for" << username << "- denying connection."; - } - } else { - qDebug() << "Couldn't decrypt user signature for" << username << "- denying connection."; - } - - // free up the public key, we don't need it anymore - RSA_free(rsaPublicKey); - } else { - // we can't let this user in since we couldn't convert their public key to an RSA key we could use - qDebug() << "Couldn't convert data to RSA key for" << username << "- denying connection."; - } - } + if (allowedUsers.contains(username)) { + // it's possible this user can be allowed to connect, but we need to check their username signature - requestUserPublicKey(username); + QByteArray publicKeyArray = _userPublicKeys.value(username); + if (!publicKeyArray.isEmpty()) { + // if we do have a public key for the user, check for a signature match + + const unsigned char* publicKeyData = reinterpret_cast(publicKeyArray.constData()); + + // first load up the public key into an RSA struct + RSA* rsaPublicKey = d2i_RSA_PUBKEY(NULL, &publicKeyData, publicKeyArray.size()); + + if (rsaPublicKey) { + QByteArray decryptedArray(RSA_size(rsaPublicKey), 0); + int decryptResult = RSA_public_decrypt(usernameSignature.size(), + reinterpret_cast(usernameSignature.constData()), + reinterpret_cast(decryptedArray.data()), + rsaPublicKey, RSA_PKCS1_PADDING); + + if (decryptResult != -1) { + if (username == decryptedArray) { + qDebug() << "Username signature matches for" << username << "- allowing connection."; + + // free up the public key before we return + RSA_free(rsaPublicKey); + + return true; + } else { + qDebug() << "Username signature did not match for" << username << "- denying connection."; + } + } else { + qDebug() << "Couldn't decrypt user signature for" << username << "- denying connection."; + } + + // free up the public key, we don't need it anymore + RSA_free(rsaPublicKey); + } else { + // we can't let this user in since we couldn't convert their public key to an RSA key we could use + qDebug() << "Couldn't convert data to RSA key for" << username << "- denying connection."; + } } + + requestUserPublicKey(username); } } else { // since we have no allowed user list, let them all in