security/manager/ssl/src/TransportSecurityInfo.h@6474c204b198 (annotated)
security/manager/ssl/src/TransportSecurityInfo.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
| michael@0 | 2 | * |
| michael@0 | 3 | * This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 4 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 5 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 6 | |
| michael@0 | 7 | #ifndef _MOZILLA_PSM_TRANSPORTSECURITYINFO_H |
| michael@0 | 8 | #define _MOZILLA_PSM_TRANSPORTSECURITYINFO_H |
| michael@0 | 9 | |
| michael@0 | 10 | #include "certt.h" |
| michael@0 | 11 | #include "mozilla/Mutex.h" |
| michael@0 | 12 | #include "mozilla/RefPtr.h" |
| michael@0 | 13 | #include "nsIInterfaceRequestor.h" |
| michael@0 | 14 | #include "nsITransportSecurityInfo.h" |
| michael@0 | 15 | #include "nsSSLStatus.h" |
| michael@0 | 16 | #include "nsISSLStatusProvider.h" |
| michael@0 | 17 | #include "nsIAssociatedContentSecurity.h" |
| michael@0 | 18 | #include "nsNSSShutDown.h" |
| michael@0 | 19 | #include "nsDataHashtable.h" |
| michael@0 | 20 | |
| michael@0 | 21 | namespace mozilla { namespace psm { |
| michael@0 | 22 | |
| michael@0 | 23 | enum SSLErrorMessageType { |
| michael@0 | 24 | OverridableCertErrorMessage = 1, // for *overridable* certificate errors |
| michael@0 | 25 | PlainErrorMessage = 2 // all other errors (or "no error") |
| michael@0 | 26 | }; |
| michael@0 | 27 | |
| michael@0 | 28 | class TransportSecurityInfo : public nsITransportSecurityInfo, |
| michael@0 | 29 | public nsIInterfaceRequestor, |
| michael@0 | 30 | public nsISSLStatusProvider, |
| michael@0 | 31 | public nsIAssociatedContentSecurity, |
| michael@0 | 32 | public nsISerializable, |
| michael@0 | 33 | public nsIClassInfo, |
| michael@0 | 34 | public nsNSSShutDownObject, |
| michael@0 | 35 | public nsOnPK11LogoutCancelObject |
| michael@0 | 36 | { |
| michael@0 | 37 | public: |
| michael@0 | 38 | TransportSecurityInfo(); |
| michael@0 | 39 | virtual ~TransportSecurityInfo(); |
| michael@0 | 40 | |
| michael@0 | 41 | NS_DECL_THREADSAFE_ISUPPORTS |
| michael@0 | 42 | NS_DECL_NSITRANSPORTSECURITYINFO |
| michael@0 | 43 | NS_DECL_NSIINTERFACEREQUESTOR |
| michael@0 | 44 | NS_DECL_NSISSLSTATUSPROVIDER |
| michael@0 | 45 | NS_DECL_NSIASSOCIATEDCONTENTSECURITY |
| michael@0 | 46 | NS_DECL_NSISERIALIZABLE |
| michael@0 | 47 | NS_DECL_NSICLASSINFO |
| michael@0 | 48 | |
| michael@0 | 49 | nsresult SetSecurityState(uint32_t aState); |
| michael@0 | 50 | nsresult SetShortSecurityDescription(const char16_t *aText); |
| michael@0 | 51 | |
| michael@0 | 52 | const nsACString & GetHostName() const { return mHostName; } |
| michael@0 | 53 | const char * GetHostNameRaw() const { return mHostName.get(); } |
| michael@0 | 54 | |
| michael@0 | 55 | nsresult GetHostName(char **aHostName); |
| michael@0 | 56 | nsresult SetHostName(const char *aHostName); |
| michael@0 | 57 | |
| michael@0 | 58 | int32_t GetPort() const { return mPort; } |
| michael@0 | 59 | nsresult GetPort(int32_t *aPort); |
| michael@0 | 60 | nsresult SetPort(int32_t aPort); |
| michael@0 | 61 | |
| michael@0 | 62 | PRErrorCode GetErrorCode() const; |
| michael@0 | 63 | |
| michael@0 | 64 | void GetErrorLogMessage(PRErrorCode errorCode, |
| michael@0 | 65 | ::mozilla::psm::SSLErrorMessageType errorMessageType, |
| michael@0 | 66 | nsString &result); |
| michael@0 | 67 | |
| michael@0 | 68 | void SetCanceled(PRErrorCode errorCode, |
| michael@0 | 69 | ::mozilla::psm::SSLErrorMessageType errorMessageType); |
| michael@0 | 70 | |
| michael@0 | 71 | /* Set SSL Status values */ |
| michael@0 | 72 | nsresult SetSSLStatus(nsSSLStatus *aSSLStatus); |
| michael@0 | 73 | nsSSLStatus* SSLStatus() { return mSSLStatus; } |
| michael@0 | 74 | void SetStatusErrorBits(nsIX509Cert & cert, uint32_t collected_errors); |
| michael@0 | 75 | |
| michael@0 | 76 | private: |
| michael@0 | 77 | mutable ::mozilla::Mutex mMutex; |
| michael@0 | 78 | |
| michael@0 | 79 | protected: |
| michael@0 | 80 | nsCOMPtr<nsIInterfaceRequestor> mCallbacks; |
| michael@0 | 81 | |
| michael@0 | 82 | private: |
| michael@0 | 83 | uint32_t mSecurityState; |
| michael@0 | 84 | int32_t mSubRequestsBrokenSecurity; |
| michael@0 | 85 | int32_t mSubRequestsNoSecurity; |
| michael@0 | 86 | |
| michael@0 | 87 | PRErrorCode mErrorCode; |
| michael@0 | 88 | ::mozilla::psm::SSLErrorMessageType mErrorMessageType; |
| michael@0 | 89 | nsString mErrorMessageCached; |
| michael@0 | 90 | nsresult formatErrorMessage(::mozilla::MutexAutoLock const & proofOfLock, |
| michael@0 | 91 | PRErrorCode errorCode, |
| michael@0 | 92 | ::mozilla::psm::SSLErrorMessageType errorMessageType, |
| michael@0 | 93 | bool wantsHtml, bool suppressPort443, |
| michael@0 | 94 | nsString &result); |
| michael@0 | 95 | |
| michael@0 | 96 | int32_t mPort; |
| michael@0 | 97 | nsXPIDLCString mHostName; |
| michael@0 | 98 | |
| michael@0 | 99 | /* SSL Status */ |
| michael@0 | 100 | mozilla::RefPtr<nsSSLStatus> mSSLStatus; |
| michael@0 | 101 | |
| michael@0 | 102 | virtual void virtualDestroyNSSReference(); |
| michael@0 | 103 | void destructorSafeDestroyNSSReference(); |
| michael@0 | 104 | }; |
| michael@0 | 105 | |
| michael@0 | 106 | class RememberCertErrorsTable |
| michael@0 | 107 | { |
| michael@0 | 108 | private: |
| michael@0 | 109 | RememberCertErrorsTable(); |
| michael@0 | 110 | |
| michael@0 | 111 | struct CertStateBits |
| michael@0 | 112 | { |
| michael@0 | 113 | bool mIsDomainMismatch; |
| michael@0 | 114 | bool mIsNotValidAtThisTime; |
| michael@0 | 115 | bool mIsUntrusted; |
| michael@0 | 116 | }; |
| michael@0 | 117 | nsDataHashtable<nsCStringHashKey, CertStateBits> mErrorHosts; |
| michael@0 | 118 | |
| michael@0 | 119 | public: |
| michael@0 | 120 | void RememberCertHasError(TransportSecurityInfo * infoobject, |
| michael@0 | 121 | nsSSLStatus * status, |
| michael@0 | 122 | SECStatus certVerificationResult); |
| michael@0 | 123 | void LookupCertErrorBits(TransportSecurityInfo * infoObject, |
| michael@0 | 124 | nsSSLStatus* status); |
| michael@0 | 125 | |
| michael@0 | 126 | static nsresult Init() |
| michael@0 | 127 | { |
| michael@0 | 128 | sInstance = new RememberCertErrorsTable(); |
| michael@0 | 129 | return NS_OK; |
| michael@0 | 130 | } |
| michael@0 | 131 | |
| michael@0 | 132 | static RememberCertErrorsTable & GetInstance() |
| michael@0 | 133 | { |
| michael@0 | 134 | MOZ_ASSERT(sInstance); |
| michael@0 | 135 | return *sInstance; |
| michael@0 | 136 | } |
| michael@0 | 137 | |
| michael@0 | 138 | static void Cleanup() |
| michael@0 | 139 | { |
| michael@0 | 140 | delete sInstance; |
| michael@0 | 141 | sInstance = nullptr; |
| michael@0 | 142 | } |
| michael@0 | 143 | private: |
| michael@0 | 144 | Mutex mMutex; |
| michael@0 | 145 | |
| michael@0 | 146 | static RememberCertErrorsTable * sInstance; |
| michael@0 | 147 | }; |
| michael@0 | 148 | |
| michael@0 | 149 | } } // namespace mozilla::psm |
| michael@0 | 150 | |
| michael@0 | 151 | // 16786594-0296-4471-8096-8f84497ca428 |
| michael@0 | 152 | #define TRANSPORTSECURITYINFO_CID \ |
| michael@0 | 153 | { 0x16786594, 0x0296, 0x4471, \ |
| michael@0 | 154 | { 0x80, 0x96, 0x8f, 0x84, 0x49, 0x7c, 0xa4, 0x28 } } |
| michael@0 | 155 | |
| michael@0 | 156 | #endif /* _MOZILLA_PSM_TRANSPORTSECURITYINFO_H */ |
