gecko-dev/security/psm/server/ssldlgs.h

190 строки
7.9 KiB
C

/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
#ifndef __SSM_SSLDLGS_H__
#define __SSM_SSLDLGS_H__
#include "textgen.h"
#include "minihttp.h"
#include "sslconn.h"
#include "certt.h"
/*
* Function: SSMStatus SSM_ServerCertKeywordHandler()
* Purpose: keyword handler for "_server_cert_info"
* performs substitution for cert info data
* syntax: {_server_cert_info cert_format,wrapper}
* cert_format: either simple_cert_format (0) or
* pretty_cert_format (1)
* Arguments and return values:
* - cx: SSMTextGenContext to be manipulated
* - returns: SSM_SUCCESS if successful; error code otherwise
*
*/
SSMStatus SSM_ServerCertKeywordHandler(SSMTextGenContext* cx);
/*
* Function: SSMStatus SSM_FormatCert()
* Purpose: creates a UnicodeString that is used in expanding the keyword
* "_server_cert_info" from the given cert
* this function provides info on hostname, issuer name, and validity
* period. Any UI dialog that uses a subset of this info can use
* this function.
* Arguments and return values
* - cert: server cert to be manipulated
* - fmt: message format (shouldn't be NULL)
* - result: resulting expanded string (shouldn't be NULL)
*
* Note: note that this is very similar to a _Print method. In fact,
* this could be turned into SSMResourceCert_Print() method w/o too many
* changes.
*/
SSMStatus SSM_FormatCert(CERTCertificate* cert, char* fmt,
char** result);
/*
* Function: SSMStatus SSM_HTTPBadClientAuthButtonHandler()
* Purpose: command handler for "BCAButton" (button handling
* for bad client auth dialogs)
* Arguments and return values:
* - req: request object to be manipulated
* - returns: SSM_SUCCESS if successful; error code otherwise
*
* Note: we use this command handler instead of the default handler
* to block the SSL threads while this dialog is up.
*/
SSMStatus SSM_HTTPBadClientAuthButtonHandler(HTTPRequest* req);
/*
* Function: SSMStatus SSM_SSLMakeClientAuthDialog()
* Purpose: generates the client auth cert selection dialog and receives
* a chosen cert nickname from the user
* Arguments and return values:
* - conn: SSL connection object to be manipulated; m_UIInfo.chosenNickname
* will be populated as a result of the dialog
* - returns: SSM_SUCCESS if successful; otherwise error code
*
* Note: (design issue) how do we handle "cancel" event? Do we display the
* "no cert" dialog and exit, or we just exit? Probably we just exit.
*/
SSMStatus SSM_SSLMakeClientAuthDialog(SSMSSLDataConnection* conn);
/*
* Function: SSMStatus SSM_ClientAuthCertListKeywordHandler()
* Purpose: formats the client cert list according to the given format
* for the cert selection dialog
* syntax: {_client_auth_certList prefix,wrapper,suffix}
* where wrapper is for the individual cert
* Arguments and return values:
* - cx: text context to be manipulated
* - returns: SSM_SUCCESS if successful; error code otherwise
*
* Note:
*/
SSMStatus SSM_ClientAuthCertListKeywordHandler(SSMTextGenContext* cx);
/*
* Function: SSMStatus SSM_HTTPClientAuthButtonHandler()
* Purpose: handles the user input for buttons in cert selection dialog
* URL: "CAButton?baseRef=windowclose_doclose_js&target={0}&chosen=0&do_ok={text_ok}" or "CAButton?...&target={0}&do_cancel={text_cancel}", etc.
*/
SSMStatus SSM_HTTPClientAuthButtonHandler(HTTPRequest* req);
SECStatus SSM_SSLMakeCertExpiredDialog(CERTCertificate* cert,
SSMSSLDataConnection* conn);
SECStatus SSM_SSLMakeCertBadDomainDialog(CERTCertificate* cert,
SSMSSLDataConnection* conn);
SSMStatus SSM_ClientAuthCertSelectionButtonHandler(HTTPRequest* req);
SSMStatus SSM_ServerAuthFailureButtonHandler(HTTPRequest* req);
SSMStatus SSM_ServerAuthUnknownIssuerButtonHandler(HTTPRequest* req);
SSMStatus SSM_CurrentTimeKeywordHandler(SSMTextGenContext* cx);
/*
* Function: SSMStatus SSM_ServerAuthDomainKeywordHandler()
* Purpose: formats the domain name mismatch warning string for server auth
* syntax: {_server_cert_domain_info bad_domain_wrapper}
* Arguments and return values
* - cx: text context to be manipulated
* - returns: SSM_SUCCESS if successful; error code otherwise
*
* Note: I wrote a separate keyword handler although there is a generic
* server cert info keyword handler; this is the only place where
* one needs the URL hostname and it turns out to be simpler and more
* efficient to write a separate handler for this purpose
*/
SSMStatus SSM_ServerAuthDomainNameKeywordHandler(SSMTextGenContext* cx);
/*
* Function: SSMStatus SSM_VerifyServerCertKeywordHandler()
* Purpose: handles the nickname substitution for keyword
* "_verify_server_cert"
* Arguments and return values:
* - cx: text context to be manipulated
* - returns: SSM_SUCCESS if successful; error code otherwise
*
* Note: since this only comes from the server auth failure dialog, we know
* beforehand that the cert is bad (thus no need really to verify the
* cert). This might change if we want to print out the nature of the
* error. Also, if we want to consolidate this view cert window
* handling (it's not clear how we can do that because we have different
* certs and different targets for different cases), this function
* may have to be modified.
*/
SSMStatus SSM_VerifyServerCertKeywordHandler(SSMTextGenContext* cx);
/*
* Function: SSMStatus SSM_PrettyFormatCert()
* Purpose: formats the cert info for "View Security Certificate" dialogs
* this function provides info on issuer name, serial number,
* validity period, finger print, and comment. Any dialog that
* needs a subset of the parameters can use this function to format
* the cert
* Arguments and return values:
* - cert: cert to be presented
* - fmt: MessageFormat object
* - result: UnicodeString to be returned as a result of the operation
* - returns: SSM_SUCCESS if successful; error code otherwise
*
* Note: this provides no information on whether the cert is valid or not
* lot of the code is borrowed from CERT_HTMLInfo() from NSS
* we also access lots of internal cert fields but can't help it...
*/
SSMStatus SSM_PrettyFormatCert(CERTCertificate* cert, char* fmt,
char** result, PRBool addIssuerLink);
SECStatus SSM_SSLMakeUnknownIssuerDialog(CERTCertificate* cert,
SSMSSLDataConnection* conn);
SSMStatus SSM_HTTPUnknownIssuerStep1ButtonHandler(HTTPRequest* req);
#endif /* __SSM_SSLDLGS_H__ */