mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

bug 262116 make disk cache serialize/deserialize the security info, if present 

also make nsNSSSocketInfo serializable
PSM part: r=kaie sr=darin
rest: r+sr=darin
This commit is contained in:
cbiesinger%gmx.at 2007-11-30 18:06:26 +00:00
Родитель 0c05865e5a
Коммит 060a9e8af7
18 изменённых файлов: 638 добавлений и 78 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
netwerk/base/src/Makefile.in
Просмотреть файл

@ -91,6 +91,8 @@ CPPSRCS = \
nsURLHelper.cpp \
nsURLParsers.cpp \
nsNetStrings.cpp \
nsBase64Encoder.cpp \
nsSerializationHelper.cpp \
$(NULL)
ifeq ($(MOZ_WIDGET_TOOLKIT),os2)

100
netwerk/base/src/nsBase64Encoder.cpp Normal file
Просмотреть файл

@ -0,0 +1,100 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is a base64 encoder stream.
*
* The Initial Developer of the Original Code is
* Google Inc.
* Portions created by the Initial Developer are Copyright (C) 2007
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Christian Biesinger <cbiesinger@web.de> (Initial author)
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#include "nsBase64Encoder.h"
#include "plbase64.h"
#include "prmem.h"
NS_IMPL_ISUPPORTS1(nsBase64Encoder, nsIOutputStream)
NS_IMETHODIMP
nsBase64Encoder::Close()
{
return NS_OK;
}
NS_IMETHODIMP
nsBase64Encoder::Flush()
{
return NS_OK;
}
NS_IMETHODIMP
nsBase64Encoder::Write(const char* aBuf, PRUint32 aCount, PRUint32* _retval)
{
mData.Append(aBuf, aCount);
*_retval = aCount;
return NS_OK;
}
NS_IMETHODIMP
nsBase64Encoder::WriteFrom(nsIInputStream* aStream, PRUint32 aCount,
PRUint32* _retval)
{
return NS_ERROR_NOT_IMPLEMENTED;
}
NS_IMETHODIMP
nsBase64Encoder::WriteSegments(nsReadSegmentFun aReader,
void* aClosure,
PRUint32 aCount,
PRUint32* _retval)
{
return NS_ERROR_NOT_IMPLEMENTED;
}
NS_IMETHODIMP
nsBase64Encoder::IsNonBlocking(PRBool* aNonBlocking)
{
*aNonBlocking = PR_FALSE;
return NS_OK;
}
nsresult
nsBase64Encoder::Finish(nsCSubstring& result)
{
char* b64 = PL_Base64Encode(mData.get(), mData.Length(), nsnull);
if (!b64)
return NS_ERROR_OUT_OF_MEMORY;
result.Assign(b64);
PR_Free(b64);
// Free unneeded memory and allow reusing the object
mData.Truncate();
return NS_OK;
}

64
netwerk/base/src/nsBase64Encoder.h Normal file
Просмотреть файл

@ -0,0 +1,64 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is a base64 encoder stream.
*
* The Initial Developer of the Original Code is
* Google Inc.
* Portions created by the Initial Developer are Copyright (C) 2007
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Christian Biesinger <cbiesinger@web.de> (Initial author)
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#ifndef NSBASE64ENCODER_H_
#define NSBASE64ENCODER_H_
#include "nsIOutputStream.h"
#include "nsString.h"
/**
* A base64 encoder. Usage: Instantiate class, write to it using
* Write(), then call Finish() to get the base64-encoded data.
*/
class nsBase64Encoder : public nsIOutputStream {
public:
nsBase64Encoder() {}
NS_DECL_ISUPPORTS
NS_DECL_NSIOUTPUTSTREAM
nsresult Finish(nsCSubstring& _result);
private:
~nsBase64Encoder() {}
/// The data written to this stream. nsCString can deal fine with
/// binary data.
nsCString mData;
};
#endif

93
netwerk/base/src/nsSerializationHelper.cpp Normal file
Просмотреть файл

@ -0,0 +1,93 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is mozilla.org networking code.
*
* The Initial Developer of the Original Code is
* Google Inc.
* Portions created by the Initial Developer are Copyright (C) 2007
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Christian Biesinger <cbiesinger@web.de> (Initial author)
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#include "nsSerializationHelper.h"
#include "plbase64.h"
#include "prmem.h"
#include "nsISerializable.h"
#include "nsIObjectOutputStream.h"
#include "nsIObjectInputStream.h"
#include "nsString.h"
#include "nsBase64Encoder.h"
#include "nsAutoPtr.h"
#include "nsComponentManagerUtils.h"
#include "nsStringStream.h"
nsresult
NS_SerializeToString(nsISerializable* obj, nsCSubstring& str)
{
nsRefPtr<nsBase64Encoder> stream(new nsBase64Encoder());
if (!stream)
return NS_ERROR_OUT_OF_MEMORY;
nsCOMPtr<nsIObjectOutputStream> objstream =
do_CreateInstance("@mozilla.org/binaryoutputstream;1");
if (!objstream)
return NS_ERROR_OUT_OF_MEMORY;
objstream->SetOutputStream(stream);
nsresult rv =
objstream->WriteCompoundObject(obj, NS_GET_IID(nsISupports), PR_TRUE);
NS_ENSURE_SUCCESS(rv, rv);
return stream->Finish(str);
}
nsresult
NS_DeserializeObject(const nsCSubstring& str, nsISupports** obj)
{
// Base64 maps 3 binary bytes -> 4 ASCII bytes, so this calculation gives us
// the right size. Compare also the comment in plbase64.h.
PRUint32 size = (str.Length() * 3) / 4;
char* buf = PL_Base64Decode(str.BeginReading(), str.Length(), nsnull);
if (!buf)
return NS_ERROR_OUT_OF_MEMORY;
nsCOMPtr<nsIInputStream> stream;
nsresult rv = NS_NewCStringInputStream(getter_AddRefs(stream),
Substring(buf, buf + size));
PR_Free(buf);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIObjectInputStream> objstream =
do_CreateInstance("@mozilla.org/binaryinputstream;1");
if (!objstream)
return NS_ERROR_OUT_OF_MEMORY;
objstream->SetInputStream(stream);
return objstream->ReadObject(PR_TRUE, obj);
}

62
netwerk/base/src/nsSerializationHelper.h Normal file
Просмотреть файл

@ -0,0 +1,62 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is mozilla.org networking code.
*
* The Initial Developer of the Original Code is
* Google Inc.
* Portions created by the Initial Developer are Copyright (C) 2007
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Christian Biesinger <cbiesinger@web.de> (Initial author)
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/** @file
* Helper functions for (de)serializing objects to/from ASCII strings.
*/
#ifndef NSSERIALIZATIONHELPER_H_
#define NSSERIALIZATIONHELPER_H_
#include "nsStringFwd.h"
class nsISerializable;
class nsISupports;
/**
* Serialize an object to an ASCII string.
*/
nsresult NS_SerializeToString(nsISerializable* obj,
nsCSubstring& str);
/**
* Deserialize an object.
*/
nsresult NS_DeserializeObject(const nsCSubstring& str,
nsISupports** obj);
#endif

10
netwerk/cache/src/nsCacheEntry.cpp поставляемый
Просмотреть файл

@ -154,15 +154,6 @@ nsCacheEntry::TouchMetaData()
}
nsresult
nsCacheEntry::GetSecurityInfo( nsISupports ** result)
{
NS_ENSURE_ARG_POINTER(result);
NS_IF_ADDREF(*result = mSecurityInfo);
return NS_OK;
}
/**
* cache entry states
* 0 descriptors (new entry)
@ -554,4 +545,3 @@ nsCacheEntryHashTable::ClearEntry(PLDHashTable * /* table */,
{
((nsCacheEntryHashTableEntry *)hashEntry)->cacheEntry = 0;
}

3
netwerk/cache/src/nsCacheEntry.h поставляемый
Просмотреть файл

@ -128,7 +128,7 @@ public:
/**
* Security Info accessors
*/
nsresult GetSecurityInfo( nsISupports ** result);
nsISupports* SecurityInfo() { return mSecurityInfo; }
void SetSecurityInfo( nsISupports * info) { mSecurityInfo = info; }
@ -339,4 +339,3 @@ private:
};
#endif // _nsCacheEntry_h_

4
netwerk/cache/src/nsCacheEntryDescriptor.cpp поставляемый
Просмотреть файл

@ -361,7 +361,9 @@ nsCacheEntryDescriptor::GetSecurityInfo(nsISupports ** result)
nsCacheServiceAutoLock lock;
if (!mCacheEntry) return NS_ERROR_NOT_AVAILABLE;
return mCacheEntry->GetSecurityInfo(result);
*result = mCacheEntry->SecurityInfo();
NS_IF_ADDREF(*result);
return NS_OK;
}

25
netwerk/cache/src/nsDiskCacheEntry.cpp поставляемый
Просмотреть файл

@ -46,6 +46,8 @@
#include "nsCache.h"
#include "nsISerializable.h"
#include "nsSerializationHelper.h"
/******************************************************************************
* nsDiskCacheEntry
@ -80,7 +82,15 @@ nsDiskCacheEntry::CreateCacheEntry(nsCacheDevice * device)
delete entry;
return nsnull;
}
// Restore security info, if present
const char* info = entry->GetMetaDataElement("security-info");
if (info) {
nsCOMPtr<nsISupports> infoObj;
NS_DeserializeObject(nsDependentCString(info), getter_AddRefs(infoObj));
entry->SetSecurityInfo(infoObj);
}
return entry;
}
@ -95,7 +105,16 @@ CreateDiskCacheEntry(nsDiskCacheBinding * binding,
{
nsCacheEntry * entry = binding->mCacheEntry;
if (!entry) return nsnull;
// Store security info, if it is serializable
nsCOMPtr<nsISerializable> serializable =
do_QueryInterface(entry->SecurityInfo());
if (serializable) {
nsCString info;
NS_SerializeToString(serializable, info);
entry->SetMetaDataElement("security-info", info.get());
}
PRUint32 keySize = entry->Key()->Length() + 1;
PRUint32 metaSize = entry->MetaDataSize();
PRUint32 size = sizeof(nsDiskCacheEntry) + keySize + metaSize;
@ -116,7 +135,7 @@ CreateDiskCacheEntry(nsDiskCacheBinding * binding,
diskEntry->mMetaDataSize = metaSize;
memcpy(diskEntry->Key(), entry->Key()->get(),keySize);
nsresult rv = entry->FlattenMetaData(diskEntry->MetaData(), metaSize);
if (NS_FAILED(rv)) {
delete [] (char *)diskEntry;

3
netwerk/socket/base/nsISSLSocketControl.idl
Просмотреть файл

@ -42,10 +42,9 @@
interface nsIInterfaceRequestor;
[scriptable, uuid(8b3e8488-1dd2-11b2-b547-956290be347c)]
[scriptable, uuid(a092097c-8386-4f1b-97b1-90eb70008c2d)]
interface nsISSLSocketControl : nsISupports {
attribute nsIInterfaceRequestor notificationCallbacks;
attribute boolean forceHandshake; /* obsolete, unused */
void proxyStartSSL();
void StartTLS();

6
security/manager/ssl/src/nsNSSCallbacks.cpp
Просмотреть файл

@ -770,8 +770,7 @@ void PR_CALLBACK HandshakeCallback(PRFileDesc* fd, void* client_data) {
infoObject->SetShortSecurityDescription(shortDesc.get());
/* Set the SSL Status information */
nsCOMPtr<nsSSLStatus> status;
infoObject->GetSSLStatus(getter_AddRefs(status));
nsRefPtr<nsSSLStatus> status = infoObject->SSLStatus();
if (!status) {
status = new nsSSLStatus();
infoObject->SetSSLStatus(status);
@ -859,8 +858,7 @@ SECStatus PR_CALLBACK AuthCertificateCallback(void* client_data, PRFileDesc* fd,
// to the caller that contains at least the cert and its status.
nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret;
nsCOMPtr<nsSSLStatus> status;
infoObject->GetSSLStatus(getter_AddRefs(status));
nsRefPtr<nsSSLStatus> status = infoObject->SSLStatus();
if (!status) {
status = new nsSSLStatus();
infoObject->SetSSLStatus(status);

149
security/manager/ssl/src/nsNSSIOLayer.cpp
Просмотреть файл

@ -60,6 +60,8 @@
#include "nsIClientAuthDialogs.h"
#include "nsICertOverrideService.h"
#include "nsIBadCertListener2.h"
#include "nsIObjectInputStream.h"
#include "nsIObjectOutputStream.h"
#include "nsRecentBadCerts.h"
#include "nsXPIDLString.h"
@ -78,6 +80,8 @@
#include "nsIDocShell.h"
#include "nsISecureBrowserUI.h"
#include "nsProxyRelease.h"
#include "nsIClassInfoImpl.h"
#include "nsIProgrammingLanguage.h"
#include "ssl.h"
#include "secerr.h"
@ -203,8 +207,7 @@ nsNSSSocketInfo::nsNSSSocketInfo()
mHandshakeInProgress(PR_FALSE),
mAllowTLSIntoleranceTimeout(PR_TRUE),
mHandshakeStartTime(0),
mPort(0),
mCAChain(nsnull)
mPort(0)
{
mThreadData = new nsSSLSocketThreadData;
}
@ -217,32 +220,21 @@ nsNSSSocketInfo::~nsNSSSocketInfo()
if (isAlreadyShutDown())
return;
destructorSafeDestroyNSSReference();
shutdown(calledFromObject);
}
void nsNSSSocketInfo::virtualDestroyNSSReference()
{
destructorSafeDestroyNSSReference();
}
void nsNSSSocketInfo::destructorSafeDestroyNSSReference()
{
if (isAlreadyShutDown())
return;
if (mCAChain) {
CERT_DestroyCertList(mCAChain);
mCAChain = nsnull;
}
}
NS_IMPL_THREADSAFE_ISUPPORTS5(nsNSSSocketInfo,
NS_IMPL_THREADSAFE_ISUPPORTS7(nsNSSSocketInfo,
nsITransportSecurityInfo,
nsISSLSocketControl,
nsIInterfaceRequestor,
nsISSLStatusProvider,
nsIIdentityInfo)
nsIIdentityInfo,
nsISerializable,
nsIClassInfo)
nsresult
nsNSSSocketInfo::GetHandshakePending(PRBool *aHandshakePending)
@ -443,20 +435,6 @@ NS_IMETHODIMP nsNSSSocketInfo::GetInterface(const nsIID & uuid, void * *result)
return rv;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetForceHandshake(PRBool* forceHandshake)
{
*forceHandshake = PR_FALSE;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::SetForceHandshake(PRBool forceHandshake)
{
(void)forceHandshake;
return NS_OK;
}
nsresult
nsNSSSocketInfo::GetForSTARTTLS(PRBool* aForSTARTTLS)
{
@ -483,6 +461,95 @@ nsNSSSocketInfo::StartTLS()
return ActivateSSL();
}
NS_IMETHODIMP
nsNSSSocketInfo::Write(nsIObjectOutputStream* stream) {
stream->WriteCompoundObject(NS_ISUPPORTS_CAST(nsIX509Cert*, mCert),
NS_GET_IID(nsISupports), PR_TRUE);
stream->Write32(mSecurityState);
stream->WriteWStringZ(mShortDesc.get());
stream->WriteWStringZ(mErrorMessage.get());
stream->WriteCompoundObject(NS_ISUPPORTS_CAST(nsISSLStatus*, mSSLStatus),
NS_GET_IID(nsISupports), PR_TRUE);
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::Read(nsIObjectInputStream* stream) {
nsCOMPtr<nsISupports> obj;
stream->ReadObject(PR_TRUE, getter_AddRefs(obj));
mCert = reinterpret_cast<nsNSSCertificate*>(obj.get());
stream->Read32(&mSecurityState);
stream->ReadString(mShortDesc);
stream->ReadString(mErrorMessage);
stream->ReadObject(PR_TRUE, getter_AddRefs(obj));
mSSLStatus = reinterpret_cast<nsSSLStatus*>(obj.get());
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetInterfaces(PRUint32 *count, nsIID * **array)
{
*count = 0;
*array = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetHelperForLanguage(PRUint32 language, nsISupports **_retval)
{
*_retval = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetContractID(char * *aContractID)
{
*aContractID = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetClassDescription(char * *aClassDescription)
{
*aClassDescription = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetClassID(nsCID * *aClassID)
{
*aClassID = (nsCID*) nsMemory::Alloc(sizeof(nsCID));
if (!*aClassID)
return NS_ERROR_OUT_OF_MEMORY;
return GetClassIDNoAlloc(*aClassID);
}
NS_IMETHODIMP
nsNSSSocketInfo::GetImplementationLanguage(PRUint32 *aImplementationLanguage)
{
*aImplementationLanguage = nsIProgrammingLanguage::CPLUSPLUS;
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::GetFlags(PRUint32 *aFlags)
{
*aFlags = 0;
return NS_OK;
}
static NS_DEFINE_CID(kNSSSocketInfoCID, NS_NSSSOCKETINFO_CID);
NS_IMETHODIMP
nsNSSSocketInfo::GetClassIDNoAlloc(nsCID *aClassIDNoAlloc)
{
*aClassIDNoAlloc = kNSSSocketInfoCID;
return NS_OK;
}
nsresult nsNSSSocketInfo::ActivateSSL()
{
nsNSSShutDownPreventionLock locker;
@ -532,26 +599,13 @@ nsresult nsNSSSocketInfo::GetSSLStatus(nsISupports** _result)
{
NS_ENSURE_ARG_POINTER(_result);
*_result = mSSLStatus;
*_result = NS_ISUPPORTS_CAST(nsISSLStatus*, mSSLStatus);
NS_IF_ADDREF(*_result);
return NS_OK;
}
nsresult nsNSSSocketInfo::RememberCAChain(CERTCertList *aCertList)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return NS_ERROR_NOT_AVAILABLE;
if (mCAChain) {
CERT_DestroyCertList(mCAChain);
}
mCAChain = aCertList;
return NS_OK;
}
nsresult nsNSSSocketInfo::SetSSLStatus(nsISSLStatus *aSSLStatus)
nsresult nsNSSSocketInfo::SetSSLStatus(nsSSLStatus *aSSLStatus)
{
mSSLStatus = aSSLStatus;
@ -2696,8 +2750,7 @@ nsNSSBadCertHandler(void *arg, PRFileDesc *sslSocket)
return SECFailure;
}
nsCOMPtr<nsSSLStatus> status;
infoObject->GetSSLStatus(getter_AddRefs(status));
nsRefPtr<nsSSLStatus> status = infoObject->SSLStatus();
if (!status) {
status = new nsSSLStatus();
infoObject->SetSSLStatus(status);

20
security/manager/ssl/src/nsNSSIOLayer.h
Просмотреть файл

@ -49,7 +49,7 @@
#include "nsIInterfaceRequestorUtils.h"
#include "nsITransportSecurityInfo.h"
#include "nsISSLSocketControl.h"
#include "nsISSLStatus.h"
#include "nsSSLStatus.h"
#include "nsISSLStatusProvider.h"
#include "nsIIdentityInfo.h"
#include "nsXPIDLString.h"
@ -127,6 +127,8 @@ class nsNSSSocketInfo : public nsITransportSecurityInfo,
public nsIInterfaceRequestor,
public nsISSLStatusProvider,
public nsIIdentityInfo,
public nsISerializable,
public nsIClassInfo,
public nsNSSShutDownObject,
public nsOnPK11LogoutCancelObject
{
@ -140,6 +142,8 @@ public:
NS_DECL_NSIINTERFACEREQUESTOR
NS_DECL_NSISSLSTATUSPROVIDER
NS_DECL_NSIIDENTITYINFO
NS_DECL_NSISERIALIZABLE
NS_DECL_NSICLASSINFO
nsresult SetSecurityState(PRUint32 aState);
nsresult SetShortSecurityDescription(const PRUnichar *aText);
@ -181,7 +185,8 @@ public:
nsresult RememberCAChain(CERTCertList *aCertList);
/* Set SSL Status values */
nsresult SetSSLStatus(nsISSLStatus *aSSLStatus);
nsresult SetSSLStatus(nsSSLStatus *aSSLStatus);
nsSSLStatus* SSLStatus() { return mSSLStatus; }
PRStatus CloseSocketAndDestroy();
@ -205,10 +210,9 @@ protected:
PRIntervalTime mHandshakeStartTime;
PRInt32 mPort;
nsXPIDLCString mHostName;
CERTCertList *mCAChain;
/* SSL Status */
nsCOMPtr<nsISSLStatus> mSSLStatus;
nsRefPtr<nsSSLStatus> mSSLStatus;
nsresult ActivateSSL();
@ -266,5 +270,11 @@ nsresult nsSSLIOLayerAddToSocket(PRInt32 family,
nsresult nsSSLIOLayerFreeTLSIntolerantSites();
nsresult displayUnknownCertErrorAlert(nsNSSSocketInfo *infoObject, int error);
// 16786594-0296-4471-8096-8f84497ca428
#define NS_NSSSOCKETINFO_CID \
{ 0x16786594, 0x0296, 0x4471, \
{ 0x80, 0x96, 0x8f, 0x84, 0x49, 0x7c, 0xa4, 0x28 } }
#endif /* _NSNSSIOLAYER_H */

18
security/manager/ssl/src/nsNSSModule.cpp
Просмотреть файл

@ -76,6 +76,8 @@
#include "nsCertOverrideService.h"
#include "nsRandomGenerator.h"
#include "nsRecentBadCerts.h"
#include "nsSSLStatus.h"
#include "nsNSSIOLayer.h"
// We must ensure that the nsNSSComponent has been loaded before
// creating any other components.
@ -199,6 +201,8 @@ NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsDataSignatureVerifier)
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_INIT(PR_FALSE, nsCertOverrideService, Init)
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsRandomGenerator)
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_INIT(PR_FALSE, nsRecentBadCertsService, Init)
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsSSLStatus)
NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(PR_FALSE, nsNSSSocketInfo)
static NS_METHOD RegisterPSMContentListeners(
nsIComponentManager *aCompMgr,
@ -482,6 +486,20 @@ static const nsModuleComponentInfo components[] =
NS_RECENTBADCERTS_CID,
NS_RECENTBADCERTS_CONTRACTID,
nsRecentBadCertsServiceConstructor
},
{
"SSL Status object",
NS_SSLSTATUS_CID,
nsnull,
nsSSLStatusConstructor
},
{
"NSS Socket Info",
NS_NSSSOCKETINFO_CID,
nsnull,
nsNSSSocketInfoConstructor
}
};

3
security/manager/ssl/src/nsRecentBadCerts.cpp
Просмотреть файл

@ -41,6 +41,7 @@
#include "nsIX509Cert.h"
#include "nsSSLStatus.h"
#include "nsCOMPtr.h"
#include "nsAutoPtr.h"
#include "nsNSSCertificate.h"
#include "nsCRT.h"
#include "nsPromiseFlatString.h"
@ -85,7 +86,7 @@ nsRecentBadCertsService::GetRecentBadCert(const nsAString & aHostNameWithPort,
return NS_ERROR_INVALID_ARG;
*aStatus = nsnull;
nsCOMPtr<nsSSLStatus> status = new nsSSLStatus();
nsRefPtr<nsSSLStatus> status = new nsSSLStatus();
if (!status)
return NS_ERROR_OUT_OF_MEMORY;

132
security/manager/ssl/src/nsSSLStatus.cpp
Просмотреть файл

@ -39,6 +39,10 @@
#include "nsSSLStatus.h"
#include "plstr.h"
#include "nsIClassInfoImpl.h"
#include "nsIProgrammingLanguage.h"
#include "nsIObjectOutputStream.h"
#include "nsIObjectInputStream.h"
NS_IMETHODIMP
nsSSLStatus::GetServerCert(nsIX509Cert** _result)
@ -123,6 +127,132 @@ nsSSLStatus::GetIsUntrusted(PRBool* _result)
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::Read(nsIObjectInputStream* stream)
{
nsCOMPtr<nsISupports> cert;
nsresult rv = stream->ReadObject(PR_TRUE, getter_AddRefs(cert));
NS_ENSURE_SUCCESS(rv, rv);
mServerCert = do_QueryInterface(cert);
if (!mServerCert)
return NS_NOINTERFACE;
rv = stream->Read32(&mKeyLength);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->Read32(&mSecretKeyLength);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->ReadCString(mCipherName);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->ReadBoolean(&mIsDomainMismatch);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->ReadBoolean(&mIsNotValidAtThisTime);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->ReadBoolean(&mIsUntrusted);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->ReadBoolean(&mHaveKeyLengthAndCipher);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->ReadBoolean(&mHaveCertStatus);
NS_ENSURE_SUCCESS(rv, rv);
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::Write(nsIObjectOutputStream* stream)
{
nsresult rv = stream->WriteCompoundObject(mServerCert,
NS_GET_IID(nsIX509Cert),
PR_TRUE);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->Write32(mKeyLength);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->Write32(mSecretKeyLength);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->WriteStringZ(mCipherName.get());
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->WriteBoolean(mIsDomainMismatch);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->WriteBoolean(mIsNotValidAtThisTime);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->WriteBoolean(mIsUntrusted);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->WriteBoolean(mHaveKeyLengthAndCipher);
NS_ENSURE_SUCCESS(rv, rv);
rv = stream->WriteBoolean(mHaveCertStatus);
NS_ENSURE_SUCCESS(rv, rv);
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::GetInterfaces(PRUint32 *count, nsIID * **array)
{
*count = 0;
*array = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::GetHelperForLanguage(PRUint32 language, nsISupports **_retval)
{
*_retval = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::GetContractID(char * *aContractID)
{
*aContractID = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::GetClassDescription(char * *aClassDescription)
{
*aClassDescription = nsnull;
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::GetClassID(nsCID * *aClassID)
{
*aClassID = (nsCID*) nsMemory::Alloc(sizeof(nsCID));
if (!*aClassID)
return NS_ERROR_OUT_OF_MEMORY;
return GetClassIDNoAlloc(*aClassID);
}
NS_IMETHODIMP
nsSSLStatus::GetImplementationLanguage(PRUint32 *aImplementationLanguage)
{
*aImplementationLanguage = nsIProgrammingLanguage::CPLUSPLUS;
return NS_OK;
}
NS_IMETHODIMP
nsSSLStatus::GetFlags(PRUint32 *aFlags)
{
*aFlags = 0;
return NS_OK;
}
static NS_DEFINE_CID(kSSLStatusCID, NS_SSLSTATUS_CID);
NS_IMETHODIMP
nsSSLStatus::GetClassIDNoAlloc(nsCID *aClassIDNoAlloc)
{
*aClassIDNoAlloc = kSSLStatusCID;
return NS_OK;
}
nsSSLStatus::nsSSLStatus()
: mKeyLength(0), mSecretKeyLength(0)
, mIsDomainMismatch(PR_FALSE)
@ -133,7 +263,7 @@ nsSSLStatus::nsSSLStatus()
{
}
NS_IMPL_THREADSAFE_ISUPPORTS1(nsSSLStatus, nsISSLStatus)
NS_IMPL_THREADSAFE_ISUPPORTS3(nsSSLStatus, nsISSLStatus, nsISerializable, nsIClassInfo)
nsSSLStatus::~nsSSLStatus()
{

16
security/manager/ssl/src/nsSSLStatus.h
Просмотреть файл

@ -37,18 +37,27 @@
*
* ***** END LICENSE BLOCK ***** */
#ifndef _NSSSLSTATUS_H
#define _NSSSLSTATUS_H
#include "nsISSLStatus.h"
#include "nsAutoPtr.h"
#include "nsXPIDLString.h"
#include "nsIX509Cert.h"
#include "nsISerializable.h"
#include "nsIClassInfo.h"
class nsSSLStatus
: public nsISSLStatus
, public nsISerializable
, public nsIClassInfo
{
public:
NS_DECL_ISUPPORTS
NS_DECL_NSISSLSTATUS
NS_DECL_NSISERIALIZABLE
NS_DECL_NSICLASSINFO
nsSSLStatus();
virtual ~nsSSLStatus();
@ -67,3 +76,10 @@ public:
PRBool mHaveKeyLengthAndCipher;
PRBool mHaveCertStatus;
};
// 2c3837af-8b85-4a68-b0d8-0aed88985b32
#define NS_SSLSTATUS_CID \
{ 0x2c3837af, 0x8b85, 0x4a68, \
{ 0xb0, 0xd8, 0x0a, 0xed, 0x88, 0x98, 0x5b, 0x32 } }
#endif

6
xpcom/io/nsBinaryStream.cpp
Просмотреть файл

@ -689,6 +689,11 @@ nsBinaryInputStream::ReadString(nsAString& aString)
rv = Read32(&length);
if (NS_FAILED(rv)) return rv;
if (length == 0) {
aString.Truncate();
return NS_OK;
}
// pre-allocate output buffer, and get direct access to buffer...
if (!EnsureStringLength(aString, length))
return NS_ERROR_OUT_OF_MEMORY;
@ -800,4 +805,3 @@ nsBinaryInputStream::PutBuffer(char* aBuffer, PRUint32 aLength)
if (mBufferAccess)
mBufferAccess->PutBuffer(aBuffer, aLength);
}