зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1097622 - Rename (mE|e)rrorCodeExpired variables to (mE|e)rrorCodeTime. r=dkeeler
This commit is contained in:
Cykesiopka
Родитель
daec70e513
Коммит
37b3759ab9
|
|
@ -265,14 +265,14 @@ class CertErrorRunnable : public SyncRunnableBase
|
||||||
uint32_t collectedErrors,
|
uint32_t collectedErrors,
|
||||||
PRErrorCode errorCodeTrust,
|
PRErrorCode errorCodeTrust,
|
||||||
PRErrorCode errorCodeMismatch,
|
PRErrorCode errorCodeMismatch,
|
||||||
PRErrorCode errorCodeExpired,
|
PRErrorCode errorCodeTime,
|
||||||
uint32_t providerFlags)
|
uint32_t providerFlags)
|
||||||
: mFdForLogging(fdForLogging), mCert(cert), mInfoObject(infoObject),
|
: mFdForLogging(fdForLogging), mCert(cert), mInfoObject(infoObject),
|
||||||
mDefaultErrorCodeToReport(defaultErrorCodeToReport),
|
mDefaultErrorCodeToReport(defaultErrorCodeToReport),
|
||||||
mCollectedErrors(collectedErrors),
|
mCollectedErrors(collectedErrors),
|
||||||
mErrorCodeTrust(errorCodeTrust),
|
mErrorCodeTrust(errorCodeTrust),
|
||||||
mErrorCodeMismatch(errorCodeMismatch),
|
mErrorCodeMismatch(errorCodeMismatch),
|
||||||
mErrorCodeExpired(errorCodeExpired),
|
mErrorCodeTime(errorCodeTime),
|
||||||
mProviderFlags(providerFlags)
|
mProviderFlags(providerFlags)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
@ -289,7 +289,7 @@ private:
|
||||||
const uint32_t mCollectedErrors;
|
const uint32_t mCollectedErrors;
|
||||||
const PRErrorCode mErrorCodeTrust;
|
const PRErrorCode mErrorCodeTrust;
|
||||||
const PRErrorCode mErrorCodeMismatch;
|
const PRErrorCode mErrorCodeMismatch;
|
||||||
const PRErrorCode mErrorCodeExpired;
|
const PRErrorCode mErrorCodeTime;
|
||||||
const uint32_t mProviderFlags;
|
const uint32_t mProviderFlags;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -325,14 +325,14 @@ DetermineCertOverrideErrors(CERTCertificate* cert, const char* hostName,
|
||||||
/*out*/ uint32_t& collectedErrors,
|
/*out*/ uint32_t& collectedErrors,
|
||||||
/*out*/ PRErrorCode& errorCodeTrust,
|
/*out*/ PRErrorCode& errorCodeTrust,
|
||||||
/*out*/ PRErrorCode& errorCodeMismatch,
|
/*out*/ PRErrorCode& errorCodeMismatch,
|
||||||
/*out*/ PRErrorCode& errorCodeExpired)
|
/*out*/ PRErrorCode& errorCodeTime)
|
||||||
{
|
{
|
||||||
MOZ_ASSERT(cert);
|
MOZ_ASSERT(cert);
|
||||||
MOZ_ASSERT(hostName);
|
MOZ_ASSERT(hostName);
|
||||||
MOZ_ASSERT(collectedErrors == 0);
|
MOZ_ASSERT(collectedErrors == 0);
|
||||||
MOZ_ASSERT(errorCodeTrust == 0);
|
MOZ_ASSERT(errorCodeTrust == 0);
|
||||||
MOZ_ASSERT(errorCodeMismatch == 0);
|
MOZ_ASSERT(errorCodeMismatch == 0);
|
||||||
MOZ_ASSERT(errorCodeExpired == 0);
|
MOZ_ASSERT(errorCodeTime == 0);
|
||||||
|
|
||||||
// Assumes the error prioritization described in mozilla::pkix's
|
// Assumes the error prioritization described in mozilla::pkix's
|
||||||
// BuildForward function. Also assumes that CheckCertHostname was only
|
// BuildForward function. Also assumes that CheckCertHostname was only
|
||||||
|
|
@ -359,10 +359,10 @@ DetermineCertOverrideErrors(CERTCertificate* cert, const char* hostName,
|
||||||
}
|
}
|
||||||
if (validity == secCertTimeExpired) {
|
if (validity == secCertTimeExpired) {
|
||||||
collectedErrors |= nsICertOverrideService::ERROR_TIME;
|
collectedErrors |= nsICertOverrideService::ERROR_TIME;
|
||||||
errorCodeExpired = SEC_ERROR_EXPIRED_CERTIFICATE;
|
errorCodeTime = SEC_ERROR_EXPIRED_CERTIFICATE;
|
||||||
} else if (validity == secCertTimeNotValidYet) {
|
} else if (validity == secCertTimeNotValidYet) {
|
||||||
collectedErrors |= nsICertOverrideService::ERROR_TIME;
|
collectedErrors |= nsICertOverrideService::ERROR_TIME;
|
||||||
errorCodeExpired =
|
errorCodeTime =
|
||||||
mozilla::pkix::MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE;
|
mozilla::pkix::MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
@ -371,7 +371,7 @@ DetermineCertOverrideErrors(CERTCertificate* cert, const char* hostName,
|
||||||
case SEC_ERROR_EXPIRED_CERTIFICATE:
|
case SEC_ERROR_EXPIRED_CERTIFICATE:
|
||||||
case mozilla::pkix::MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE:
|
case mozilla::pkix::MOZILLA_PKIX_ERROR_NOT_YET_VALID_CERTIFICATE:
|
||||||
collectedErrors = nsICertOverrideService::ERROR_TIME;
|
collectedErrors = nsICertOverrideService::ERROR_TIME;
|
||||||
errorCodeExpired = defaultErrorCodeToReport;
|
errorCodeTime = defaultErrorCodeToReport;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case SSL_ERROR_BAD_CERT_DOMAIN:
|
case SSL_ERROR_BAD_CERT_DOMAIN:
|
||||||
|
|
@ -504,8 +504,8 @@ CertErrorRunnable::CheckCertOverrides()
|
||||||
uint32_t probeValue = MapCertErrorToProbeValue(mErrorCodeMismatch);
|
uint32_t probeValue = MapCertErrorToProbeValue(mErrorCodeMismatch);
|
||||||
Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue);
|
Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue);
|
||||||
}
|
}
|
||||||
if (mErrorCodeExpired != 0) {
|
if (mErrorCodeTime != 0) {
|
||||||
uint32_t probeValue = MapCertErrorToProbeValue(mErrorCodeExpired);
|
uint32_t probeValue = MapCertErrorToProbeValue(mErrorCodeTime);
|
||||||
Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue);
|
Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -547,7 +547,7 @@ CertErrorRunnable::CheckCertOverrides()
|
||||||
// pick the error code to report by priority
|
// pick the error code to report by priority
|
||||||
PRErrorCode errorCodeToReport = mErrorCodeTrust ? mErrorCodeTrust
|
PRErrorCode errorCodeToReport = mErrorCodeTrust ? mErrorCodeTrust
|
||||||
: mErrorCodeMismatch ? mErrorCodeMismatch
|
: mErrorCodeMismatch ? mErrorCodeMismatch
|
||||||
: mErrorCodeExpired ? mErrorCodeExpired
|
: mErrorCodeTime ? mErrorCodeTime
|
||||||
: mDefaultErrorCodeToReport;
|
: mDefaultErrorCodeToReport;
|
||||||
|
|
||||||
SSLServerCertVerificationResult* result =
|
SSLServerCertVerificationResult* result =
|
||||||
|
|
@ -591,11 +591,11 @@ CreateCertErrorRunnable(CertVerifier& certVerifier,
|
||||||
uint32_t collected_errors = 0;
|
uint32_t collected_errors = 0;
|
||||||
PRErrorCode errorCodeTrust = 0;
|
PRErrorCode errorCodeTrust = 0;
|
||||||
PRErrorCode errorCodeMismatch = 0;
|
PRErrorCode errorCodeMismatch = 0;
|
||||||
PRErrorCode errorCodeExpired = 0;
|
PRErrorCode errorCodeTime = 0;
|
||||||
if (DetermineCertOverrideErrors(cert, infoObject->GetHostNameRaw(), now,
|
if (DetermineCertOverrideErrors(cert, infoObject->GetHostNameRaw(), now,
|
||||||
defaultErrorCodeToReport, collected_errors,
|
defaultErrorCodeToReport, collected_errors,
|
||||||
errorCodeTrust, errorCodeMismatch,
|
errorCodeTrust, errorCodeMismatch,
|
||||||
errorCodeExpired) != SECSuccess) {
|
errorCodeTime) != SECSuccess) {
|
||||||
// Attempt to enforce that if DetermineCertOverrideErrors failed,
|
// Attempt to enforce that if DetermineCertOverrideErrors failed,
|
||||||
// PR_SetError was set with a non-overridable error. This is because if we
|
// PR_SetError was set with a non-overridable error. This is because if we
|
||||||
// return from CreateCertErrorRunnable without calling
|
// return from CreateCertErrorRunnable without calling
|
||||||
|
|
@ -628,7 +628,7 @@ CreateCertErrorRunnable(CertVerifier& certVerifier,
|
||||||
static_cast<nsIX509Cert*>(nssCert.get()),
|
static_cast<nsIX509Cert*>(nssCert.get()),
|
||||||
infoObject, defaultErrorCodeToReport,
|
infoObject, defaultErrorCodeToReport,
|
||||||
collected_errors, errorCodeTrust,
|
collected_errors, errorCodeTrust,
|
||||||
errorCodeMismatch, errorCodeExpired,
|
errorCodeMismatch, errorCodeTime,
|
||||||
providerFlags);
|
providerFlags);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче