зеркало из https://github.com/mozilla/gecko-dev.git
146 строки
5.4 KiB
Plaintext
146 строки
5.4 KiB
Plaintext
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "nsISupports.idl"
|
|
|
|
interface nsIProxyInfo;
|
|
interface nsITLSSocketControl;
|
|
[ptr] native PRFileDescStar(struct PRFileDesc);
|
|
native OriginAttributes(mozilla::OriginAttributes);
|
|
[ref] native const_OriginAttributesRef(const mozilla::OriginAttributes);
|
|
|
|
%{ C++
|
|
#include "mozilla/BasePrincipal.h"
|
|
%}
|
|
|
|
/**
|
|
* nsISocketProvider
|
|
*/
|
|
[scriptable, uuid(508d5469-9e1e-4a08-b5b0-7cfebba1e51a)]
|
|
interface nsISocketProvider : nsISupports
|
|
{
|
|
/**
|
|
* newSocket
|
|
*
|
|
* @param aFamily
|
|
* The address family for this socket (PR_AF_INET or PR_AF_INET6).
|
|
* @param aHost
|
|
* The origin hostname for this connection.
|
|
* @param aPort
|
|
* The origin port for this connection.
|
|
* @param aProxyHost
|
|
* If non-null, the proxy hostname for this connection.
|
|
* @param aProxyPort
|
|
* The proxy port for this connection.
|
|
* @param aFlags
|
|
* Control flags that govern this connection (see below.)
|
|
* @param aTlsFlags
|
|
* An opaque flags for non-standard behavior of the TLS system.
|
|
* It is unlikely this will need to be set outside of telemetry
|
|
* studies relating to the TLS implementation.
|
|
* @param aFileDesc
|
|
* The resulting PRFileDesc.
|
|
* @param aTLSSocketControl
|
|
* TLS socket control object that should be associated with
|
|
* aFileDesc, if applicable.
|
|
*/
|
|
[noscript]
|
|
void newSocket(in long aFamily,
|
|
in string aHost,
|
|
in long aPort,
|
|
in nsIProxyInfo aProxy,
|
|
in const_OriginAttributesRef aOriginAttributes,
|
|
in unsigned long aFlags,
|
|
in unsigned long aTlsFlags,
|
|
out PRFileDescStar aFileDesc,
|
|
out nsITLSSocketControl aTLSSocketControl);
|
|
|
|
/**
|
|
* addToSocket
|
|
*
|
|
* This function is called to allow the socket provider to layer a
|
|
* PRFileDesc on top of another PRFileDesc. For example, SSL via a SOCKS
|
|
* proxy.
|
|
*
|
|
* Parameters are the same as newSocket with the exception of aFileDesc,
|
|
* which is an in-param instead.
|
|
*/
|
|
[noscript]
|
|
void addToSocket(in long aFamily,
|
|
in string aHost,
|
|
in long aPort,
|
|
in nsIProxyInfo aProxy,
|
|
in const_OriginAttributesRef aOriginAttributes,
|
|
in unsigned long aFlags,
|
|
in unsigned long aTlsFlags,
|
|
in PRFileDescStar aFileDesc,
|
|
out nsITLSSocketControl aTLSSocketControl);
|
|
|
|
/**
|
|
* PROXY_RESOLVES_HOST
|
|
*
|
|
* This flag is set if the proxy is to perform hostname resolution instead
|
|
* of the client. When set, the hostname parameter passed when in this
|
|
* interface will be used instead of the address structure passed for a
|
|
* later connect et al. request.
|
|
*/
|
|
const long PROXY_RESOLVES_HOST = 1 << 0;
|
|
|
|
/**
|
|
* When setting this flag, the socket will not apply any
|
|
* credentials when establishing a connection. For example,
|
|
* an SSL connection would not send any client-certificates
|
|
* if this flag is set.
|
|
*/
|
|
const long ANONYMOUS_CONNECT = 1 << 1;
|
|
|
|
/**
|
|
* If set, indicates that the connection was initiated from a source
|
|
* defined as being private in the sense of Private Browsing. Generally,
|
|
* there should be no state shared between connections that are private
|
|
* and those that are not; it is OK for multiple private connections
|
|
* to share state with each other, and it is OK for multiple non-private
|
|
* connections to share state with each other.
|
|
*/
|
|
const unsigned long NO_PERMANENT_STORAGE = 1 << 2;
|
|
|
|
/**
|
|
* If set, do not use newer protocol features that might have interop problems
|
|
* on the Internet. Intended only for use with critical infra like the updater.
|
|
* default is false.
|
|
*/
|
|
const unsigned long BE_CONSERVATIVE = 1 << 3;
|
|
|
|
/**
|
|
* This is used for a temporary workaround for a web-compat issue. The flag is
|
|
* only set on CORS preflight request to allowed sending client certificates
|
|
* on a connection for an anonymous request.
|
|
*/
|
|
const long ANONYMOUS_CONNECT_ALLOW_CLIENT_CERT = 1 << 4;
|
|
|
|
/**
|
|
* If set, indicates that this is a speculative connection.
|
|
*/
|
|
const unsigned long IS_SPECULATIVE_CONNECTION = 1 << 5;
|
|
|
|
/**
|
|
* If set, do not send an ECH extension (whether GREASE or 'real').
|
|
* Currently false by default and is set when retrying failed connections.
|
|
*/
|
|
const unsigned long DONT_TRY_ECH = (1 << 10);
|
|
|
|
/**
|
|
* If set, indicates that the connection is a retry.
|
|
*/
|
|
const unsigned long IS_RETRY = (1 << 11);
|
|
|
|
/**
|
|
* If set, indicates that the connection used a privacy-preserving DNS
|
|
* transport such as DoH, DoQ or similar. Currently this field is
|
|
* set only when DoH is used via the TRR.
|
|
*/
|
|
const unsigned long USED_PRIVATE_DNS = (1 << 12);
|
|
};
|