mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/netwerk/socket/nsSOCKSSocketProvider.cpp

157 строки
5.0 KiB
C++
Исходник Обычный вид История

a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
Bug 716478 - update licence to MPL 2.
2012-05-21 15:12:37 +04:00
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
#include "nsIServiceManager.h"
Bug 1288308 - Part 2: implement Named Pipe IO layer; r=bagder,mayhemer MozReview-Commit-ID: 85MbD0QFRRq
2016-09-13 11:36:12 +03:00
#include "nsNamedPipeIOLayer.h"
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
#include "nsSOCKSSocketProvider.h"
#include "nsSOCKSIOLayer.h"
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
#include "nsCOMPtr.h"
Bug 780618 - Move all error codes to nsError.h; r=ehsan
2012-07-27 18:03:27 +04:00
#include "nsError.h"
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby
2017-01-12 19:38:48 +03:00
using mozilla::OriginAttributes;
Bug 1315143 - Make OCSP use Origin Attribute framework (Necko). r=mayhemer --HG-- extra : rebase_source : d2766b5629c816bb2dd468308448fee8a6723d0b
2016-11-21 06:43:06 +03:00
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
//////////////////////////////////////////////////////////////////////////
Bug 900908 - Part 3: Change uses of numbered macros in nsIClassInfoImpl.h/nsISupportsImpl.h to the variadic variants. r=froydnj
2014-04-27 11:06:00 +04:00
NS_IMPL_ISUPPORTS(nsSOCKSSocketProvider, nsISocketProvider)
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
Bug 568691 part B - mechanical changes to in-tree binary modules needed to get them building and registering correctly. After this patch, xpcshell appears to work.
2010-06-10 22:11:40 +04:00
nsresult
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
nsSOCKSSocketProvider::CreateV4(nsISupports *aOuter, REFNSIID aIID, void **aResult)
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
{
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
nsresult rv;
nsCOMPtr<nsISocketProvider> inst =
new nsSOCKSSocketProvider(NS_SOCKS_VERSION_4);
if (!inst)
rv = NS_ERROR_OUT_OF_MEMORY;
else
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
rv = inst->QueryInterface(aIID, aResult);
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
return rv;
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
}
Bug 568691 part B - mechanical changes to in-tree binary modules needed to get them building and registering correctly. After this patch, xpcshell appears to work.
2010-06-10 22:11:40 +04:00
nsresult
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
nsSOCKSSocketProvider::CreateV5(nsISupports *aOuter, REFNSIID aIID, void **aResult)
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
{
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
nsresult rv;
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
nsCOMPtr<nsISocketProvider> inst =
new nsSOCKSSocketProvider(NS_SOCKS_VERSION_5);
if (!inst)
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
rv = NS_ERROR_OUT_OF_MEMORY;
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
else
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
rv = inst->QueryInterface(aIID, aResult);
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
return rv;
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
}
Bug 1441327 - Allow for seccomp filtering of socket(AF_INET/AF_INET_6) calls on Linux when using UNIX Domain Sockets for SOCKS Proxy. r=bagder The initialization path for the SOCKS proxy in firefox involves creating a generic AF_INET socket, and then replacing it if the actual configuration requires something else (either AF_INET6 or AF_LOCAL). With syscall filtering configured to return an error in the event of AF_INET or AF_INET6 socket creation, this initialization path fails. We would like this capability so that we can prevent firefox from making network requests outside of the Tor proxy. This patch adds a check in the initial socket creation path to see if the SOCKS proxy host begins with file:// with the assumption that such URIs point to a UNIX Domain Socket (on Linux+macOS only). In that case, we create an AF_LOCAL socket rather than the requested type. A similar check for Windows already exists to determine if the proxy is actually a named pipe. In the subsequent replacing step no work occurs as the passed in socket matches the type we need, so no changes need to be made there. NOTE: With this change there is still a one-time request for an AF_INET6 socket that occurs. This code path exists to determine whether the system supports IPv6; if socket(AF_INET6...) fails then it is assumed that the system does not. However, this check only affects code that is unreachable when using AF_LOCAL sockets so it seems safe leave as it is. However, this does mean that firefox will still be incompatible with seccomp policies which kill the calling thread in the event of a socket(AF_INET6,...) call.
2018-03-07 20:58:00 +03:00
// Per-platform implemenation of OpenTCPSocket helper function
// Different platforms have special cases to handle
#if defined(XP_WIN)
// The proxy host on Windows may be a named pipe uri, in which
// case a named-pipe (rather than a socket) should be returned
static PRFileDesc*
OpenTCPSocket(int32_t family,
nsIProxyInfo *proxy)
{
PRFileDesc* sock = nullptr;
nsAutoCString proxyHost;
proxy->GetHost(proxyHost);
if (IsNamedPipePath(proxyHost)) {
sock = CreateNamedPipeLayer();
} else {
sock = PR_OpenTCPSocket(family);
}
return sock;
}
#elif defined(XP_UNIX)
// The proxy host on UNIX systems may point to a local file uri
// in which case we should create an AF_LOCAL (UNIX Domain) socket
// instead of the requested AF_INET or AF_INET6 socket.
// Normally,this socket would get thrown out and recreated later on
// with the proper family, but we want to do it early here so that
// we can enforce seccomp policy to blacklist socket(AF_INET) calls
// to prevent the content sandbox from creating network requests
static PRFileDesc*
OpenTCPSocket(int32_t family,
nsIProxyInfo *proxy)
{
nsAutoCString proxyHost;
proxy->GetHost(proxyHost);
if (StringBeginsWith(proxyHost, NS_LITERAL_CSTRING("file://"))) {
family = AF_LOCAL;
}
return PR_OpenTCPSocket(family);
}
#else
// Default, pass-through to PR_OpenTCPSocket
static PRFileDesc*
OpenTCPSocket(int32_t family,
nsIProxyInfo*)
{
return PR_OpenTCPSocket(family);
}
#endif
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
NS_IMETHODIMP
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 19:56:38 +04:00
nsSOCKSSocketProvider::NewSocket(int32_t family,
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
const char *host,
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 19:56:38 +04:00
int32_t port,
Bug 1200802 - Accept RFC1929 SOCKS credentials in proxyInfo. r=michal
2015-11-25 00:56:00 +03:00
nsIProxyInfo *proxy,
Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby
2017-01-12 19:38:48 +03:00
const OriginAttributes &originAttributes,
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 19:56:38 +04:00
uint32_t flags,
Bug 1388925 - Add an opaque flags to have a fine-grained control over TLS configurations. r=mcmanus, r=keeler This flags is added in the http channel interface by which developers can control the TLS connections from JavaScript code (e.g. Add-ons). Basically, all the changes accounted for plumbing this TLS flags from JavaScript level to C++ code responsible for calling NSS module. We also added a unit test to make sure that separate connections are created if we use different tlsFlags. Basically we used a concrete set of flag values that covers the edge cases and check the hashkey generated in the connection info. --HG-- rename : netwerk/test/unit/test_separate_connections.js => netwerk/test/unit/test_tls_flags_separate_connections.js
2017-08-16 22:41:16 +03:00
uint32_t tlsFlags,
Bug 722979 - Add privacy status argument to relevant nsIStrictTransportSecurityService methods. r=bsmith sr=biesi
2012-06-30 18:34:17 +04:00
PRFileDesc **result,
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
nsISupports **socksInfo)
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
{
Bug 1441327 - Allow for seccomp filtering of socket(AF_INET/AF_INET_6) calls on Linux when using UNIX Domain Sockets for SOCKS Proxy. r=bagder The initialization path for the SOCKS proxy in firefox involves creating a generic AF_INET socket, and then replacing it if the actual configuration requires something else (either AF_INET6 or AF_LOCAL). With syscall filtering configured to return an error in the event of AF_INET or AF_INET6 socket creation, this initialization path fails. We would like this capability so that we can prevent firefox from making network requests outside of the Tor proxy. This patch adds a check in the initial socket creation path to see if the SOCKS proxy host begins with file:// with the assumption that such URIs point to a UNIX Domain Socket (on Linux+macOS only). In that case, we create an AF_LOCAL socket rather than the requested type. A similar check for Windows already exists to determine if the proxy is actually a named pipe. In the subsequent replacing step no work occurs as the passed in socket matches the type we need, so no changes need to be made there. NOTE: With this change there is still a one-time request for an AF_INET6 socket that occurs. This code path exists to determine whether the system supports IPv6; if socket(AF_INET6...) fails then it is assumed that the system does not. However, this check only affects code that is unreachable when using AF_LOCAL sockets so it seems safe leave as it is. However, this does mean that firefox will still be incompatible with seccomp policies which kill the calling thread in the event of a socket(AF_INET6,...) call.
2018-03-07 20:58:00 +03:00
PRFileDesc *sock = OpenTCPSocket(family, proxy);
if (!sock) {
return NS_ERROR_OUT_OF_MEMORY;
Bug 1288308 - Part 2: implement Named Pipe IO layer; r=bagder,mayhemer MozReview-Commit-ID: 85MbD0QFRRq
2016-09-13 11:36:12 +03:00
}
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
nsresult rv = nsSOCKSIOLayerAddToSocket(family,
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
host,
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
port,
Bug 1200802 - Accept RFC1929 SOCKS credentials in proxyInfo. r=michal
2015-11-25 00:56:00 +03:00
proxy,
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
mVersion,
landing backend changes for bug 134105 "SOCKS5: DNS lookups should occur on proxy, not client side." (remote dns pref disabled by default) patch by malsmith@cs.rmit.edu.au, r=biesi, sr=darin
2004-12-16 05:46:12 +03:00
flags,
Bug 1388925 - Add an opaque flags to have a fine-grained control over TLS configurations. r=mcmanus, r=keeler This flags is added in the http channel interface by which developers can control the TLS connections from JavaScript code (e.g. Add-ons). Basically, all the changes accounted for plumbing this TLS flags from JavaScript level to C++ code responsible for calling NSS module. We also added a unit test to make sure that separate connections are created if we use different tlsFlags. Basically we used a concrete set of flag values that covers the edge cases and check the hashkey generated in the connection info. --HG-- rename : netwerk/test/unit/test_separate_connections.js => netwerk/test/unit/test_tls_flags_separate_connections.js
2017-08-16 22:41:16 +03:00
tlsFlags,
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
sock,
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
socksInfo);
if (NS_SUCCEEDED(rv)) {
*result = sock;
return NS_OK;
}
return NS_ERROR_SOCKET_CREATE_FAILED;
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
}
NS_IMETHODIMP
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 19:56:38 +04:00
nsSOCKSSocketProvider::AddToSocket(int32_t family,
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
const char *host,
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 19:56:38 +04:00
int32_t port,
Bug 1200802 - Accept RFC1929 SOCKS credentials in proxyInfo. r=michal
2015-11-25 00:56:00 +03:00
nsIProxyInfo *proxy,
Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby
2017-01-12 19:38:48 +03:00
const OriginAttributes &originAttributes,
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 19:56:38 +04:00
uint32_t flags,
Bug 1388925 - Add an opaque flags to have a fine-grained control over TLS configurations. r=mcmanus, r=keeler This flags is added in the http channel interface by which developers can control the TLS connections from JavaScript code (e.g. Add-ons). Basically, all the changes accounted for plumbing this TLS flags from JavaScript level to C++ code responsible for calling NSS module. We also added a unit test to make sure that separate connections are created if we use different tlsFlags. Basically we used a concrete set of flag values that covers the edge cases and check the hashkey generated in the connection info. --HG-- rename : netwerk/test/unit/test_separate_connections.js => netwerk/test/unit/test_tls_flags_separate_connections.js
2017-08-16 22:41:16 +03:00
uint32_t tlsFlags,
Bug 722979 - Add privacy status argument to relevant nsIStrictTransportSecurityService methods. r=bsmith sr=biesi
2012-06-30 18:34:17 +04:00
PRFileDesc *sock,
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
nsISupports **socksInfo)
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
{
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
nsresult rv = nsSOCKSIOLayerAddToSocket(family,
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
host,
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
port,
Bug 1200802 - Accept RFC1929 SOCKS credentials in proxyInfo. r=michal
2015-11-25 00:56:00 +03:00
proxy,
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
mVersion,
landing backend changes for bug 134105 "SOCKS5: DNS lookups should occur on proxy, not client side." (remote dns pref disabled by default) patch by malsmith@cs.rmit.edu.au, r=biesi, sr=darin
2004-12-16 05:46:12 +03:00
flags,
Bug 1388925 - Add an opaque flags to have a fine-grained control over TLS configurations. r=mcmanus, r=keeler This flags is added in the http channel interface by which developers can control the TLS connections from JavaScript code (e.g. Add-ons). Basically, all the changes accounted for plumbing this TLS flags from JavaScript level to C++ code responsible for calling NSS module. We also added a unit test to make sure that separate connections are created if we use different tlsFlags. Basically we used a concrete set of flag values that covers the edge cases and check the hashkey generated in the connection info. --HG-- rename : netwerk/test/unit/test_separate_connections.js => netwerk/test/unit/test_tls_flags_separate_connections.js
2017-08-16 22:41:16 +03:00
tlsFlags,
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
sock,
a=brendan@mozilla.org Bug #16103 Support for SOCKS proxies in HTTP, HTTPS, and FTP protocols. Also includes the prefs configuration and UI bits.
2000-07-01 14:25:25 +04:00
socksInfo);
Bug 1378712 - Remove all trailing whitespaces r=Ehsan MozReview-Commit-ID: Kdz2xtTF9EG --HG-- extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
2017-07-06 15:00:35 +03:00
landing patch for bug 205726 "DNS rewrite" r=dougt sr=bryner
2003-09-12 00:32:33 +04:00
if (NS_FAILED(rv))
rv = NS_ERROR_SOCKET_CREATE_FAILED;
return rv;
Preparing for landing of SOCKS support (16103) from justin@ukans.edu Not part of the build.
2000-06-16 21:53:22 +04:00
}