Bug 402726, Allow to view cert on SSL protocol errors

r=rrelyea, r=neil, r=gavin, a=dsicore
2007-11-20 17:59:34 +00:00 · 2007-11-20 17:59:34 +00:00 · 92b8bf0ce7
--- a/browser/base/content/pageinfo/security.js
+++ b/browser/base/content/pageinfo/security.js
@ -77,15 +77,24 @@ var security = {
      var issuerName =
        this.mapIssuerOrganization(cert.issuerOrganization) || cert.issuerName;

-      return {
+      var retval = {
        hostName : hName,
        cAName : issuerName,
-        encryptionAlgorithm : status.cipherName,
-        encryptionStrength : status.secretKeyLength,
+        encryptionAlgorithm : undefined,
+        encryptionStrength : undefined,
        isBroken : isBroken,
        cert : cert,
        fullLocation : gWindow.location
      };
+
+      try {
+        retval.encryptionAlgorithm = status.cipherName;
+        retval.encryptionStrength = status.secretKeyLength;
+      }
+      catch (e) {
+      }
+
+      return retval;
    } else {
      return {
        hostName : hName,
--- a/security/manager/ssl/src/nsNSSCallbacks.cpp
+++ b/security/manager/ssl/src/nsNSSCallbacks.cpp
@ -853,20 +853,20 @@ SECStatus PR_CALLBACK AuthCertificateCallback(void* client_data, PRFileDesc* fd,

      CERT_DestroyCertList(certList);
    }
-    else {
-      // The connection will be terminated, let's provide a minimal SSLStatus
-      // to the caller that contains at least the cert and its status.
-      nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret;

-      nsCOMPtr<nsSSLStatus> status;
-      infoObject->GetSSLStatus(getter_AddRefs(status));
-      if (!status) {
-        status = new nsSSLStatus();
-        infoObject->SetSSLStatus(status);
-      }
-      if (status) {
-        status->mServerCert = new nsNSSCertificate(serverCert);
-      }
+    // The connection may get terminated, for example, if the server requires
+    // a client cert. Let's provide a minimal SSLStatus
+    // to the caller that contains at least the cert and its status.
+    nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret;
+
+    nsCOMPtr<nsSSLStatus> status;
+    infoObject->GetSSLStatus(getter_AddRefs(status));
+    if (!status) {
+      status = new nsSSLStatus();
+      infoObject->SetSSLStatus(status);
+    }
+    if (status) {
+      status->mServerCert = new nsNSSCertificate(serverCert);
    }
  }

--- a/suite/browser/pageinfo/security.js
+++ b/suite/browser/pageinfo/security.js
@ -83,15 +83,24 @@ var security = {
      issuerName = this.mapIssuerOrganization(cert.issuerOrganization);
      if (!issuerName) issuerName = cert.issuerName;

-      return {
+      var retval = {
        hostName : hName,
        cAName : issuerName,
-        encryptionAlgorithm : status.cipherName,
-        encryptionStrength : status.secretKeyLength,
+        encryptionAlgorithm : undefined,
+        encryptionStrength : undefined,
        isBroken : isBroken,
        cert : cert,
        fullLocation : gWindow.location
      };
+
+      try {
+        retval.encryptionAlgorithm = status.cipherName;
+        retval.encryptionStrength = status.secretKeyLength;
+      }
+      catch (e) {
+      }
+
+      return retval;
    } else {
      return {
        hostName : hName,