The Tor Browser: security/manager/ssl/src/nsNSSComponent.cpp@b8a032363ba2 (annotated)

security/manager/ssl/src/nsNSSComponent.cpp@b8a032363ba2 (annotated)

security/manager/ssl/src/nsNSSComponent.cpp

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #ifdef MOZ_LOGGING
 #define FORCE_PR_LOG 1
 #endif
 #include "nsNSSComponent.h"
 #include "ExtendedValidation.h"
 #include "NSSCertDBTrustDomain.h"
 #include "mozilla/Telemetry.h"
 #include "nsCertVerificationThread.h"
 #include "nsAppDirectoryServiceDefs.h"
 #include "nsComponentManagerUtils.h"
 #include "nsDirectoryServiceDefs.h"
 #include "nsICertOverrideService.h"
 #include "mozilla/Preferences.h"
 #include "nsThreadUtils.h"
 #include "mozilla/PublicSSL.h"
 #include "mozilla/StaticPtr.h"
 #ifndef MOZ_DISABLE_CRYPTOLEGACY
 #include "nsIDOMNode.h"
 #include "nsIDOMEvent.h"
 #include "nsIDOMDocument.h"
 #include "nsIDOMWindow.h"
 #include "nsIDOMWindowCollection.h"
 #include "nsIDocument.h"
 #include "nsIDOMSmartCardEvent.h"
 #include "nsSmartCardMonitor.h"
 #include "nsIDOMCryptoLegacy.h"
 #include "nsIPrincipal.h"
 #else
 #include "nsIDOMCrypto.h"
 #endif
 #include "nsCRT.h"
 #include "nsNTLMAuthModule.h"
 #include "nsIFile.h"
 #include "nsIProperties.h"
 #include "nsIWindowWatcher.h"
 #include "nsIPrompt.h"
 #include "nsCertificatePrincipal.h"
 #include "nsIBufEntropyCollector.h"
 #include "nsITokenPasswordDialogs.h"
 #include "nsServiceManagerUtils.h"
 #include "nsNSSShutDown.h"
 #include "GeneratedEvents.h"
 #include "SharedSSLState.h"
 #include "nss.h"
 #include "ssl.h"
 #include "sslproto.h"
 #include "secmod.h"
 #include "secmime.h"
 #include "ocsp.h"
 #include "secerr.h"
 #include "sslerr.h"
 #include "nsXULAppAPI.h"
 #ifdef XP_WIN
 #include "nsILocalFileWin.h"
 #endif
 #include "p12plcy.h"
 using namespace mozilla;
 using namespace mozilla::dom;
 using namespace mozilla::psm;
 #ifdef PR_LOGGING
 PRLogModuleInfo* gPIPNSSLog = nullptr;
 #endif
 int nsNSSComponent::mInstanceCount = 0;
 // XXX tmp callback for slot password
 extern char* pk11PasswordPrompt(PK11SlotInfo* slot, PRBool retry, void* arg);
 #ifndef MOZ_DISABLE_CRYPTOLEGACY
 //This class is used to run the callback code
 //passed to the event handlers for smart card notification
 class nsTokenEventRunnable : public nsIRunnable {
 public:
   nsTokenEventRunnable(const nsAString& aType, const nsAString& aTokenName);
   virtual ~nsTokenEventRunnable();
   NS_IMETHOD Run ();
   NS_DECL_THREADSAFE_ISUPPORTS
 private:
   nsString mType;
   nsString mTokenName;
 };
 // ISuuports implementation for nsTokenEventRunnable
 NS_IMPL_ISUPPORTS(nsTokenEventRunnable, nsIRunnable)
 nsTokenEventRunnable::nsTokenEventRunnable(const nsAString& aType,
                                            const nsAString& aTokenName)
   : mType(aType)
   , mTokenName(aTokenName)
 {
 }
 nsTokenEventRunnable::~nsTokenEventRunnable() { }
 //Implementation that runs the callback passed to
 //crypto.generateCRMFRequest as an event.
 NS_IMETHODIMP
 nsTokenEventRunnable::Run()
 {
   static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
   nsresult rv;
   nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
   if (NS_FAILED(rv))
     return rv;
   return nssComponent->DispatchEvent(mType, mTokenName);
 }
 #endif // MOZ_DISABLE_CRYPTOLEGACY
 bool nsPSMInitPanic::isPanic = false;
 // We must ensure that the nsNSSComponent has been loaded before
 // creating any other components.
 bool EnsureNSSInitialized(EnsureNSSOperator op)
 {
   if (nsPSMInitPanic::GetPanic())
     return false;
   if (GeckoProcessType_Default != XRE_GetProcessType())
   {
     if (op == nssEnsureOnChromeOnly)
     {
       // If the component needs PSM/NSS initialized only on the chrome process,
       // pretend we successfully initiated it but in reality we bypass it.
       // It's up to the programmer to check for process type in such components
       // and take care not to call anything that needs NSS/PSM initiated.
       return true;
     }
     NS_ERROR("Trying to initialize PSM/NSS in a non-chrome process!");
     return false;
   }
   static bool loading = false;
   static int32_t haveLoaded = 0;
   switch (op)
   {
     // In following 4 cases we are protected by monitor of XPCOM component
     // manager - we are inside of do_GetService call for nss component, so it is
     // safe to move with the flags here.
   case nssLoadingComponent:
     if (loading)
       return false; // We are reentered during nss component creation
     loading = true;
     return true;
   case nssInitSucceeded:
     NS_ASSERTION(loading, "Bad call to EnsureNSSInitialized(nssInitSucceeded)");
     loading = false;
     PR_AtomicSet(&haveLoaded, 1);
     return true;
   case nssInitFailed:
     NS_ASSERTION(loading, "Bad call to EnsureNSSInitialized(nssInitFailed)");
     loading = false;
     // no break
   case nssShutdown:
     PR_AtomicSet(&haveLoaded, 0);
     return false;
     // In this case we are called from a component to ensure nss initilization.
     // If the component has not yet been loaded and is not currently loading
     // call do_GetService for nss component to ensure it.
   case nssEnsure:
   case nssEnsureOnChromeOnly:
     // We are reentered during nss component creation or nss component is already up
     if (PR_AtomicAdd(&haveLoaded, 0) || loading)
       return true;
     {
     nsCOMPtr<nsINSSComponent> nssComponent
       = do_GetService(PSM_COMPONENT_CONTRACTID);
     // Nss component failed to initialize, inform the caller of that fact.
     // Flags are appropriately set by component constructor itself.
     if (!nssComponent)
       return false;
     bool isInitialized;
     nsresult rv = nssComponent->IsNSSInitialized(&isInitialized);
     return NS_SUCCEEDED(rv) && isInitialized;
     }
   default:
     NS_ASSERTION(false, "Bad operator to EnsureNSSInitialized");
     return false;
   }
 }
 static void
 SetClassicOCSPBehaviorFromPrefs(/*out*/ CertVerifier::ocsp_download_config* odc,
                                 /*out*/ CertVerifier::ocsp_strict_config* osc,
                                 /*out*/ CertVerifier::ocsp_get_config* ogc,
                                 const MutexAutoLock& /*proofOfLock*/)
 {
   MOZ_ASSERT(NS_IsMainThread());
   MOZ_ASSERT(odc);
   MOZ_ASSERT(osc);
   MOZ_ASSERT(ogc);
   // 0 = disabled, otherwise enabled
   *odc = Preferences::GetInt("security.OCSP.enabled", 1)
        ? CertVerifier::ocsp_on
        : CertVerifier::ocsp_off;
   *osc = Preferences::GetBool("security.OCSP.require", false)
        ? CertVerifier::ocsp_strict
        : CertVerifier::ocsp_relaxed;
   // XXX: Always use POST for OCSP; see bug 871954 for undoing this.
   *ogc = Preferences::GetBool("security.OCSP.GET.enabled", false)
        ? CertVerifier::ocsp_get_enabled
        : CertVerifier::ocsp_get_disabled;
   SetClassicOCSPBehavior(*odc, *osc, *ogc);
   SSL_ClearSessionCache();
 }
 nsNSSComponent::nsNSSComponent()
   :mutex("nsNSSComponent.mutex"),
    mNSSInitialized(false),
 #ifndef MOZ_DISABLE_CRYPTOLEGACY
    mThreadList(nullptr),
 #endif
    mCertVerificationThread(nullptr)
 {
 #ifdef PR_LOGGING
   if (!gPIPNSSLog)
     gPIPNSSLog = PR_NewLogModule("pipnss");
 #endif
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::ctor\n"));
   mObserversRegistered = false;
   NS_ASSERTION( (0 == mInstanceCount), "nsNSSComponent is a singleton, but instantiated multiple times!");
   ++mInstanceCount;
   mShutdownObjectList = nsNSSShutDownList::construct();
   mIsNetworkDown = false;
 }
 void
 nsNSSComponent::deleteBackgroundThreads()
 {
   if (mCertVerificationThread)
   {
     mCertVerificationThread->requestExit();
     delete mCertVerificationThread;
     mCertVerificationThread = nullptr;
   }
 }
 void
 nsNSSComponent::createBackgroundThreads()
 {
   NS_ASSERTION(!mCertVerificationThread,
                "Cert verification thread already created.");
   mCertVerificationThread = new nsCertVerificationThread;
   nsresult rv = mCertVerificationThread->startThread(
     NS_LITERAL_CSTRING("Cert Verify"));
   if (NS_FAILED(rv)) {
     delete mCertVerificationThread;
     mCertVerificationThread = nullptr;
   }
 }
 nsNSSComponent::~nsNSSComponent()
 {
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::dtor\n"));
   deleteBackgroundThreads();
   // All cleanup code requiring services needs to happen in xpcom_shutdown
   ShutdownNSS();
   SharedSSLState::GlobalCleanup();
   RememberCertErrorsTable::Cleanup();
   --mInstanceCount;
   delete mShutdownObjectList;
   // We are being freed, drop the haveLoaded flag to re-enable
   // potential nss initialization later.
   EnsureNSSInitialized(nssShutdown);
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::dtor finished\n"));
 }
 #ifndef MOZ_DISABLE_CRYPTOLEGACY
 NS_IMETHODIMP
 nsNSSComponent::PostEvent(const nsAString& eventType,
                           const nsAString& tokenName)
 {
   nsCOMPtr<nsIRunnable> runnable =
                                new nsTokenEventRunnable(eventType, tokenName);
   return NS_DispatchToMainThread(runnable);
 }
 NS_IMETHODIMP
 nsNSSComponent::DispatchEvent(const nsAString& eventType,
                               const nsAString& tokenName)
 {
   // 'Dispatch' the event to all the windows. 'DispatchEventToWindow()' will
   // first check to see if a given window has requested crypto events.
   nsresult rv;
   nsCOMPtr<nsIWindowWatcher> windowWatcher =
                             do_GetService(NS_WINDOWWATCHER_CONTRACTID, &rv);
   if (NS_FAILED(rv)) {
     return rv;
   }
   nsCOMPtr<nsISimpleEnumerator> enumerator;
   rv = windowWatcher->GetWindowEnumerator(getter_AddRefs(enumerator));
   if (NS_FAILED(rv)) {
     return rv;
   }
   bool hasMoreWindows;
   while (NS_SUCCEEDED(enumerator->HasMoreElements(&hasMoreWindows))
          && hasMoreWindows) {
     nsCOMPtr<nsISupports> supports;
     enumerator->GetNext(getter_AddRefs(supports));
     nsCOMPtr<nsIDOMWindow> domWin(do_QueryInterface(supports));
     if (domWin) {
       nsresult rv2 = DispatchEventToWindow(domWin, eventType, tokenName);
       if (NS_FAILED(rv2)) {
         // return the last failure, don't let a single failure prevent
         // continued delivery of events.
         rv = rv2;
       }
     }
   }
   return rv;
 }
 nsresult
 nsNSSComponent::DispatchEventToWindow(nsIDOMWindow* domWin,
                                       const nsAString& eventType,
                                       const nsAString& tokenName)
 {
   if (!domWin) {
     return NS_OK;
   }
   // first walk the children and dispatch their events
   nsresult rv;
   nsCOMPtr<nsIDOMWindowCollection> frames;
   rv = domWin->GetFrames(getter_AddRefs(frames));
   if (NS_FAILED(rv)) {
     return rv;
   }
   uint32_t length;
   frames->GetLength(&length);
   uint32_t i;
   for (i = 0; i < length; i++) {
     nsCOMPtr<nsIDOMWindow> childWin;
     frames->Item(i, getter_AddRefs(childWin));
     DispatchEventToWindow(childWin, eventType, tokenName);
   }
   // check if we've enabled smart card events on this window
   // NOTE: it's not an error to say that we aren't going to dispatch
   // the event.
   nsCOMPtr<nsIDOMCrypto> crypto;
   domWin->GetCrypto(getter_AddRefs(crypto));
   if (!crypto) {
     return NS_OK; // nope, it doesn't have a crypto property
   }
   bool boolrv;
   crypto->GetEnableSmartCardEvents(&boolrv);
   if (!boolrv) {
     return NS_OK; // nope, it's not enabled.
   }
   // dispatch the event ...
   // find the document
   nsCOMPtr<nsIDOMDocument> doc;
   rv = domWin->GetDocument(getter_AddRefs(doc));
   if (!doc) {
     return NS_FAILED(rv) ? rv : NS_ERROR_FAILURE;
   }
   nsCOMPtr<nsIDocument> d = do_QueryInterface(doc);
   // create the event
   nsCOMPtr<nsIDOMEvent> event;
   NS_NewDOMSmartCardEvent(getter_AddRefs(event), d, nullptr, nullptr);
   nsCOMPtr<nsIDOMSmartCardEvent> smartCardEvent = do_QueryInterface(event);
   rv = smartCardEvent->InitSmartCardEvent(eventType, false, true, tokenName);
   NS_ENSURE_SUCCESS(rv, rv);
   smartCardEvent->SetTrusted(true);
   // Send it
   nsCOMPtr<nsIDOMEventTarget> target = do_QueryInterface(doc, &rv);
   if (NS_FAILED(rv)) {
     return rv;
   }
   return target->DispatchEvent(smartCardEvent, &boolrv);
 }
 #endif // MOZ_DISABLE_CRYPTOLEGACY
 NS_IMETHODIMP
 nsNSSComponent::PIPBundleFormatStringFromName(const char* name,
                                               const char16_t** params,
                                               uint32_t numParams,
                                               nsAString& outString)
 {
   nsresult rv = NS_ERROR_FAILURE;
   if (mPIPNSSBundle && name) {
     nsXPIDLString result;
     rv = mPIPNSSBundle->FormatStringFromName(NS_ConvertASCIItoUTF16(name).get(),
                                              params, numParams,
                                              getter_Copies(result));
     if (NS_SUCCEEDED(rv)) {
       outString = result;
     }
   }
   return rv;
 }
 NS_IMETHODIMP
 nsNSSComponent::GetPIPNSSBundleString(const char* name, nsAString& outString)
 {
   nsresult rv = NS_ERROR_FAILURE;
   outString.SetLength(0);
   if (mPIPNSSBundle && name) {
     nsXPIDLString result;
     rv = mPIPNSSBundle->GetStringFromName(NS_ConvertASCIItoUTF16(name).get(),
                                           getter_Copies(result));
     if (NS_SUCCEEDED(rv)) {
       outString = result;
       rv = NS_OK;
     }
   }
   return rv;
 }
 NS_IMETHODIMP
 nsNSSComponent::NSSBundleFormatStringFromName(const char* name,
                                               const char16_t** params,
                                               uint32_t numParams,
                                               nsAString& outString)
 {
   nsresult rv = NS_ERROR_FAILURE;
   if (mNSSErrorsBundle && name) {
     nsXPIDLString result;
     rv = mNSSErrorsBundle->FormatStringFromName(NS_ConvertASCIItoUTF16(name).get(),
                                                 params, numParams,
                                                 getter_Copies(result));
     if (NS_SUCCEEDED(rv)) {
       outString = result;
     }
   }
   return rv;
 }
 NS_IMETHODIMP
 nsNSSComponent::GetNSSBundleString(const char* name, nsAString& outString)
 {
   nsresult rv = NS_ERROR_FAILURE;
   outString.SetLength(0);
   if (mNSSErrorsBundle && name) {
     nsXPIDLString result;
     rv = mNSSErrorsBundle->GetStringFromName(NS_ConvertASCIItoUTF16(name).get(),
                                              getter_Copies(result));
     if (NS_SUCCEEDED(rv)) {
       outString = result;
       rv = NS_OK;
     }
   }
   return rv;
 }
 #ifndef MOZ_DISABLE_CRYPTOLEGACY
 void
 nsNSSComponent::LaunchSmartCardThreads()
 {
   nsNSSShutDownPreventionLock locker;
   {
     SECMODModuleList* list;
     SECMODListLock* lock = SECMOD_GetDefaultModuleListLock();
     if (!lock) {
         PR_LOG(gPIPNSSLog, PR_LOG_ERROR,
                ("Couldn't get the module list lock, can't launch smart card threads\n"));
         return;
     }
     SECMOD_GetReadLock(lock);
     list = SECMOD_GetDefaultModuleList();
     while (list) {
       SECMODModule* module = list->module;
       LaunchSmartCardThread(module);
       list = list->next;
     }
     SECMOD_ReleaseReadLock(lock);
   }
 }
 NS_IMETHODIMP
 nsNSSComponent::LaunchSmartCardThread(SECMODModule* module)
 {
   SmartCardMonitoringThread* newThread;
   if (SECMOD_HasRemovableSlots(module)) {
     if (!mThreadList) {
       mThreadList = new SmartCardThreadList();
     }
     newThread = new SmartCardMonitoringThread(module);
     // newThread is adopted by the add.
     return mThreadList->Add(newThread);
   }
   return NS_OK;
 }
 NS_IMETHODIMP
 nsNSSComponent::ShutdownSmartCardThread(SECMODModule* module)
 {
   if (!mThreadList) {
     return NS_OK;
   }
   mThreadList->Remove(module);
   return NS_OK;
 }
 void
 nsNSSComponent::ShutdownSmartCardThreads()
 {
   delete mThreadList;
   mThreadList = nullptr;
 }
 #endif // MOZ_DISABLE_CRYPTOLEGACY
 void
 nsNSSComponent::LoadLoadableRoots()
 {
   nsNSSShutDownPreventionLock locker;
   SECMODModule* RootsModule = nullptr;
   // In the past we used SECMOD_AddNewModule to load our module containing
   // root CA certificates. This caused problems, refer to bug 176501.
   // On startup, we fix our database and clean any stored module reference,
   // and will use SECMOD_LoadUserModule to temporarily load it
   // for the session. (This approach requires to clean up
   // using SECMOD_UnloadUserModule at the end of the session.)
   {
     // Find module containing root certs
     SECMODModuleList* list;
     SECMODListLock* lock = SECMOD_GetDefaultModuleListLock();
     if (!lock) {
         PR_LOG(gPIPNSSLog, PR_LOG_ERROR,
                ("Couldn't get the module list lock, can't install loadable roots\n"));
         return;
     }
     SECMOD_GetReadLock(lock);
     list = SECMOD_GetDefaultModuleList();
     while (!RootsModule && list) {
       SECMODModule* module = list->module;
       for (int i=0; i < module->slotCount; i++) {
         PK11SlotInfo* slot = module->slots[i];
         if (PK11_IsPresent(slot)) {
           if (PK11_HasRootCerts(slot)) {
             RootsModule = SECMOD_ReferenceModule(module);
             break;
           }
         }
       }
       list = list->next;
     }
     SECMOD_ReleaseReadLock(lock);
   }
   if (RootsModule) {
     int32_t modType;
     SECMOD_DeleteModule(RootsModule->commonName, &modType);
     SECMOD_DestroyModule(RootsModule);
     RootsModule = nullptr;
   }
   // Find the best Roots module for our purposes.
   // Prefer the application's installation directory,
   // but also ensure the library is at least the version we expect.
   nsresult rv;
   nsAutoString modName;
   rv = GetPIPNSSBundleString("RootCertModuleName", modName);
   if (NS_FAILED(rv)) return;
   nsCOMPtr<nsIProperties> directoryService(do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID));
   if (!directoryService)
     return;
   static const char nss_lib[] = "nss3";
   const char* possible_ckbi_locations[] = {
     nss_lib, // This special value means: search for ckbi in the directory
              // where nss3 is.
     NS_XPCOM_CURRENT_PROCESS_DIR,
     NS_GRE_DIR,
 // This special value means:
       //   search for ckbi in the directories on the shared
       //   library/DLL search path
   };
   for (size_t il = 0; il < sizeof(possible_ckbi_locations)/sizeof(const char*); ++il) {
     nsAutoCString libDir;
     if (possible_ckbi_locations[il]) {
       nsCOMPtr<nsIFile> mozFile;
       if (possible_ckbi_locations[il] == nss_lib) {
         // Get the location of the nss3 library.
         char* nss_path = PR_GetLibraryFilePathname(DLL_PREFIX "nss3" DLL_SUFFIX,
                                                    (PRFuncPtr) NSS_Initialize);
         if (!nss_path) {
           continue;
         }
         // Get the directory containing the nss3 library.
         nsCOMPtr<nsIFile> nssLib(do_CreateInstance(NS_LOCAL_FILE_CONTRACTID, &rv));
         if (NS_SUCCEEDED(rv)) {
           rv = nssLib->InitWithNativePath(nsDependentCString(nss_path));
         }
         PR_Free(nss_path);
         if (NS_SUCCEEDED(rv)) {
           nsCOMPtr<nsIFile> file;
           if (NS_SUCCEEDED(nssLib->GetParent(getter_AddRefs(file)))) {
             mozFile = do_QueryInterface(file);
           }
         }
       } else {
         directoryService->Get( possible_ckbi_locations[il],
                                NS_GET_IID(nsIFile),
                                getter_AddRefs(mozFile));
       }
       if (!mozFile) {
         continue;
       }
       if (NS_FAILED(mozFile->GetNativePath(libDir))) {
         continue;
       }
     }
     NS_ConvertUTF16toUTF8 modNameUTF8(modName);
     if (mozilla::psm::LoadLoadableRoots(
             libDir.Length() > 0 ? libDir.get() : nullptr,
             modNameUTF8.get()) == SECSuccess) {
       break;
     }
   }
 }
 void
 nsNSSComponent::UnloadLoadableRoots()
 {
   nsresult rv;
   nsAutoString modName;
   rv = GetPIPNSSBundleString("RootCertModuleName", modName);
   if (NS_FAILED(rv)) return;
   NS_ConvertUTF16toUTF8 modNameUTF8(modName);
   ::mozilla::psm::UnloadLoadableRoots(modNameUTF8.get());
 }
 nsresult
 nsNSSComponent::ConfigureInternalPKCS11Token()
 {
   nsNSSShutDownPreventionLock locker;
   nsAutoString manufacturerID;
   nsAutoString libraryDescription;
   nsAutoString tokenDescription;
   nsAutoString privateTokenDescription;
   nsAutoString slotDescription;
   nsAutoString privateSlotDescription;
   nsAutoString fips140TokenDescription;
   nsAutoString fips140SlotDescription;
   nsresult rv;
   rv = GetPIPNSSBundleString("ManufacturerID", manufacturerID);
   if (NS_FAILED(rv)) return rv;
   rv = GetPIPNSSBundleString("LibraryDescription", libraryDescription);
   if (NS_FAILED(rv)) return rv;
   rv = GetPIPNSSBundleString("TokenDescription", tokenDescription);
   if (NS_FAILED(rv)) return rv;
   rv = GetPIPNSSBundleString("PrivateTokenDescription", privateTokenDescription);
   if (NS_FAILED(rv)) return rv;
   rv = GetPIPNSSBundleString("SlotDescription", slotDescription);
   if (NS_FAILED(rv)) return rv;
   rv = GetPIPNSSBundleString("PrivateSlotDescription", privateSlotDescription);
   if (NS_FAILED(rv)) return rv;
   rv = GetPIPNSSBundleString("Fips140TokenDescription", fips140TokenDescription);
   if (NS_FAILED(rv)) return rv;
   rv = GetPIPNSSBundleString("Fips140SlotDescription", fips140SlotDescription);
   if (NS_FAILED(rv)) return rv;
   PK11_ConfigurePKCS11(NS_ConvertUTF16toUTF8(manufacturerID).get(),
                        NS_ConvertUTF16toUTF8(libraryDescription).get(),
                        NS_ConvertUTF16toUTF8(tokenDescription).get(),
                        NS_ConvertUTF16toUTF8(privateTokenDescription).get(),
                        NS_ConvertUTF16toUTF8(slotDescription).get(),
                        NS_ConvertUTF16toUTF8(privateSlotDescription).get(),
                        NS_ConvertUTF16toUTF8(fips140TokenDescription).get(),
                        NS_ConvertUTF16toUTF8(fips140SlotDescription).get(),
 , 0);
   return NS_OK;
 }
 nsresult
 nsNSSComponent::InitializePIPNSSBundle()
 {
   // Called during init only, no mutex required.
   nsresult rv;
   nsCOMPtr<nsIStringBundleService> bundleService(do_GetService(NS_STRINGBUNDLE_CONTRACTID, &rv));
   if (NS_FAILED(rv) || !bundleService)
     return NS_ERROR_FAILURE;
   bundleService->CreateBundle("chrome://pipnss/locale/pipnss.properties",
                               getter_AddRefs(mPIPNSSBundle));
   if (!mPIPNSSBundle)
     rv = NS_ERROR_FAILURE;
   bundleService->CreateBundle("chrome://pipnss/locale/nsserrors.properties",
                               getter_AddRefs(mNSSErrorsBundle));
   if (!mNSSErrorsBundle)
     rv = NS_ERROR_FAILURE;
   return rv;
 }
 // Table of pref names and SSL cipher ID
 typedef struct {
   const char* pref;
   long id;
   bool enabledByDefault;
 } CipherPref;
 // Update the switch statement in HandshakeCallback in nsNSSCallbacks.cpp when
 // you add/remove cipher suites here.
 static const CipherPref sCipherPrefs[] = {
  { "security.ssl3.ecdhe_rsa_aes_128_gcm_sha256",
    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, true },
  { "security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256",
    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, true },
  { "security.ssl3.ecdhe_rsa_aes_128_sha",
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, true },
  { "security.ssl3.ecdhe_ecdsa_aes_128_sha",
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, true },
  { "security.ssl3.ecdhe_rsa_aes_256_sha",
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, true },
  { "security.ssl3.ecdhe_ecdsa_aes_256_sha",
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, true },
  { "security.ssl3.ecdhe_rsa_des_ede3_sha",
    TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, true }, // deprecated (3DES)
  { "security.ssl3.dhe_rsa_aes_128_sha",
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA, true },
  { "security.ssl3.dhe_rsa_camellia_128_sha",
    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, true },
  { "security.ssl3.dhe_rsa_aes_256_sha",
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA, true },
  { "security.ssl3.dhe_rsa_camellia_256_sha",
    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, true },
  { "security.ssl3.dhe_rsa_des_ede3_sha",
    TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, true }, // deprecated (3DES)
  { "security.ssl3.dhe_dss_aes_128_sha",
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA, true }, // deprecated (DSS)
  { "security.ssl3.dhe_dss_aes_256_sha",
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA, true }, // deprecated (DSS)
  { "security.ssl3.ecdhe_rsa_rc4_128_sha",
    TLS_ECDHE_RSA_WITH_RC4_128_SHA, true }, // deprecated (RC4)
  { "security.ssl3.ecdhe_ecdsa_rc4_128_sha",
    TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, true }, // deprecated (RC4)
  { "security.ssl3.rsa_aes_128_sha",
    TLS_RSA_WITH_AES_128_CBC_SHA, true }, // deprecated (RSA key exchange)
  { "security.ssl3.rsa_camellia_128_sha",
    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, true }, // deprecated (RSA key exchange)
  { "security.ssl3.rsa_aes_256_sha",
    TLS_RSA_WITH_AES_256_CBC_SHA, true }, // deprecated (RSA key exchange)
  { "security.ssl3.rsa_camellia_256_sha",
    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, true }, // deprecated (RSA key exchange)
  { "security.ssl3.rsa_des_ede3_sha",
    TLS_RSA_WITH_3DES_EDE_CBC_SHA, true }, // deprecated (RSA key exchange, 3DES)
  { "security.ssl3.rsa_rc4_128_sha",
    TLS_RSA_WITH_RC4_128_SHA, true }, // deprecated (RSA key exchange, RC4)
  { "security.ssl3.rsa_rc4_128_md5",
    TLS_RSA_WITH_RC4_128_MD5, true }, // deprecated (RSA key exchange, RC4, HMAC-MD5)
  // All the rest are disabled by default
  { "security.ssl3.rsa_fips_des_ede3_sha",
    SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, false },
  { "security.ssl3.dhe_dss_camellia_256_sha",
    TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, false },
  { "security.ssl3.dhe_dss_camellia_128_sha",
    TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, false },
  { "security.ssl3.rsa_seed_sha",
    TLS_RSA_WITH_SEED_CBC_SHA, false },
  { nullptr, 0 } // end marker
 };
 static const int32_t OCSP_ENABLED_DEFAULT = 1;
 static const bool REQUIRE_SAFE_NEGOTIATION_DEFAULT = false;
 static const bool ALLOW_UNRESTRICTED_RENEGO_DEFAULT = false;
 static const bool FALSE_START_ENABLED_DEFAULT = true;
 static const bool NPN_ENABLED_DEFAULT = true;
 static const bool ALPN_ENABLED_DEFAULT = false;
 static const bool SECURITY_NOCERTDB_DEFAULT = false;
 static const bool DISABLE_SESSION_IDENTIFIERS_DEFAULT = false;
 namespace {
 class CipherSuiteChangeObserver : public nsIObserver
 {
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSIOBSERVER
   virtual ~CipherSuiteChangeObserver() {}
   static nsresult StartObserve();
   static nsresult StopObserve();
 private:
   static StaticRefPtr<CipherSuiteChangeObserver> sObserver;
   CipherSuiteChangeObserver() {}
 };
 NS_IMPL_ISUPPORTS(CipherSuiteChangeObserver, nsIObserver)
 // static
 StaticRefPtr<CipherSuiteChangeObserver> CipherSuiteChangeObserver::sObserver;
 // static
 nsresult
 CipherSuiteChangeObserver::StartObserve()
 {
   NS_ASSERTION(NS_IsMainThread(), "CipherSuiteChangeObserver::StartObserve() can only be accessed in main thread");
   if (!sObserver) {
     nsRefPtr<CipherSuiteChangeObserver> observer = new CipherSuiteChangeObserver();
     nsresult rv = Preferences::AddStrongObserver(observer.get(), "security.");
     if (NS_FAILED(rv)) {
       sObserver = nullptr;
       return rv;
     }
     sObserver = observer;
   }
   return NS_OK;
 }
 // static
 nsresult
 CipherSuiteChangeObserver::StopObserve()
 {
   NS_ASSERTION(NS_IsMainThread(), "CipherSuiteChangeObserver::StopObserve() can only be accessed in main thread");
   if (sObserver) {
     nsresult rv = Preferences::RemoveObserver(sObserver.get(), "security.");
     sObserver = nullptr;
     if (NS_FAILED(rv)) {
       return rv;
     }
   }
   return NS_OK;
 }
 nsresult
 CipherSuiteChangeObserver::Observe(nsISupports* aSubject,
                                    const char* aTopic,
                                    const char16_t* someData)
 {
   NS_ASSERTION(NS_IsMainThread(), "CipherSuiteChangeObserver::Observe can only be accessed in main thread");
   if (nsCRT::strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) {
     NS_ConvertUTF16toUTF8  prefName(someData);
     // Look through the cipher table and set according to pref setting
     for (const CipherPref* cp = sCipherPrefs; cp->pref; ++cp) {
       if (prefName.Equals(cp->pref)) {
         bool cipherEnabled = Preferences::GetBool(cp->pref,
                                                   cp->enabledByDefault);
         SSL_CipherPrefSetDefault(cp->id, cipherEnabled);
         SSL_ClearSessionCache();
         break;
       }
     }
   }
   return NS_OK;
 }
 } // anonymous namespace
 // Caller must hold a lock on nsNSSComponent::mutex when calling this function
 void nsNSSComponent::setValidationOptions(bool isInitialSetting,
                                           const MutexAutoLock& lock)
 {
   // This preference controls whether we do OCSP fetching and does not affect
   // OCSP stapling.
   // 0 = disabled, 1 = enabled
   int32_t ocspEnabled = Preferences::GetInt("security.OCSP.enabled",
                                             OCSP_ENABLED_DEFAULT);
   bool ocspRequired = ocspEnabled &&
     Preferences::GetBool("security.OCSP.require", false);
   // We measure the setting of the pref at startup only to minimize noise by
   // addons that may muck with the settings, though it probably doesn't matter.
   if (isInitialSetting) {
     Telemetry::Accumulate(Telemetry::CERT_OCSP_ENABLED, ocspEnabled);
     Telemetry::Accumulate(Telemetry::CERT_OCSP_REQUIRED, ocspRequired);
   }
 #ifndef NSS_NO_LIBPKIX
   bool crlDownloading = Preferences::GetBool("security.CRL_download.enabled",
                                              false);
   bool aiaDownloadEnabled =
     Preferences::GetBool("security.missing_cert_download.enabled", false);
 #endif
   bool ocspStaplingEnabled = Preferences::GetBool("security.ssl.enable_ocsp_stapling",
                                                   true);
   PublicSSLState()->SetOCSPStaplingEnabled(ocspStaplingEnabled);
   PrivateSSLState()->SetOCSPStaplingEnabled(ocspStaplingEnabled);
   CertVerifier::implementation_config certVerifierImplementation
     = CertVerifier::classic;
   // The mozilla::pkix pref overrides the libpkix pref
   if (Preferences::GetBool("security.use_mozillapkix_verification", true)) {
     certVerifierImplementation = CertVerifier::mozillapkix;
   } else {
 #ifndef NSS_NO_LIBPKIX
   if (Preferences::GetBool("security.use_libpkix_verification", false)) {
     certVerifierImplementation = CertVerifier::libpkix;
   }
 #endif
   }
   if (isInitialSetting) {
     if (certVerifierImplementation == CertVerifier::classic) {
       Telemetry::Accumulate(Telemetry::CERT_VALIDATION_LIBRARY, 1);
 #ifndef NSS_NO_LIBPKIX
     } else if (certVerifierImplementation == CertVerifier::libpkix) {
       Telemetry::Accumulate(Telemetry::CERT_VALIDATION_LIBRARY, 2);
 #endif
     } else if (certVerifierImplementation == CertVerifier::mozillapkix) {
       Telemetry::Accumulate(Telemetry::CERT_VALIDATION_LIBRARY, 3);
     }
   }
   // Default pinning enforcement level is disabled.
   CertVerifier::pinning_enforcement_config
     pinningEnforcementLevel =
       static_cast<CertVerifier::pinning_enforcement_config>
         (Preferences::GetInt("security.cert_pinning.enforcement_level",
                              CertVerifier::pinningDisabled));
   CertVerifier::ocsp_download_config odc;
   CertVerifier::ocsp_strict_config osc;
   CertVerifier::ocsp_get_config ogc;
   SetClassicOCSPBehaviorFromPrefs(&odc, &osc, &ogc, lock);
   mDefaultCertVerifier = new SharedCertVerifier(
       certVerifierImplementation,
 #ifndef NSS_NO_LIBPKIX
       aiaDownloadEnabled ?
         CertVerifier::missing_cert_download_on : CertVerifier::missing_cert_download_off,
       crlDownloading ?
         CertVerifier::crl_download_allowed : CertVerifier::crl_local_only,
 #endif
       odc, osc, ogc, pinningEnforcementLevel);
   // mozilla::pkix has its own OCSP cache, so disable the NSS cache
   // if appropriate.
   if (certVerifierImplementation == CertVerifier::mozillapkix) {
     // Using -1 disables the cache. The other arguments are the default
     // values and aren't exposed by the API.
     CERT_OCSPCacheSettings(-1, 1*60*60L, 24*60*60L);
   } else {
     // Using 1000 enables the cache with the default size of 1000. Again,
     // these values are not exposed by the API.
     CERT_OCSPCacheSettings(1000, 1*60*60L, 24*60*60L);
   }
   CERT_ClearOCSPCache();
 }
 // Enable the TLS versions given in the prefs, defaulting to TLS 1.0 (min) and
 // TLS 1.2 (max) when the prefs aren't set or set to invalid values.
 nsresult
 nsNSSComponent::setEnabledTLSVersions()
 {
   // keep these values in sync with security-prefs.js
   static const int32_t PSM_DEFAULT_MIN_TLS_VERSION = 1;
   static const int32_t PSM_DEFAULT_MAX_TLS_VERSION = 3;
   int32_t minVersion = Preferences::GetInt("security.tls.version.min",
                                            PSM_DEFAULT_MIN_TLS_VERSION);
   int32_t maxVersion = Preferences::GetInt("security.tls.version.max",
                                            PSM_DEFAULT_MAX_TLS_VERSION);
   // 0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, etc.
   minVersion += SSL_LIBRARY_VERSION_3_0;
   maxVersion += SSL_LIBRARY_VERSION_3_0;
   SSLVersionRange range = { (uint16_t) minVersion, (uint16_t) maxVersion };
   if (minVersion != (int32_t) range.min || // prevent truncation
       maxVersion != (int32_t) range.max || // prevent truncation
       SSL_VersionRangeSetDefault(ssl_variant_stream, &range) != SECSuccess) {
     range.min = SSL_LIBRARY_VERSION_3_0 + PSM_DEFAULT_MIN_TLS_VERSION;
     range.max = SSL_LIBRARY_VERSION_3_0 + PSM_DEFAULT_MAX_TLS_VERSION;
     if (SSL_VersionRangeSetDefault(ssl_variant_stream, &range)
           != SECSuccess) {
       return NS_ERROR_UNEXPECTED;
     }
   }
   return NS_OK;
 }
 static nsresult
 GetNSSProfilePath(nsAutoCString& aProfilePath)
 {
   aProfilePath.Truncate();
   const char* dbDirOverride = getenv("MOZPSM_NSSDBDIR_OVERRIDE");
   if (dbDirOverride && strlen(dbDirOverride) > 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
            ("Using specified MOZPSM_NSSDBDIR_OVERRIDE as NSS DB dir: %s\n",
             dbDirOverride));
     aProfilePath.Assign(dbDirOverride);
     return NS_OK;
   }
   nsCOMPtr<nsIFile> profileFile;
   nsresult rv = NS_GetSpecialDirectory(NS_APP_USER_PROFILE_50_DIR,
                                        getter_AddRefs(profileFile));
   if (NS_FAILED(rv)) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR,
            ("Unable to get profile directory - continuing with no NSS DB\n"));
     return NS_OK;
   }
 #if defined(XP_WIN)
   // Native path will drop Unicode characters that cannot be mapped to system's
   // codepage, using short (canonical) path as workaround.
   nsCOMPtr<nsILocalFileWin> profileFileWin(do_QueryInterface(profileFile));
   if (!profileFileWin) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR,
            ("Could not get nsILocalFileWin for profile directory.\n"));
     return NS_ERROR_FAILURE;
   }
   rv = profileFileWin->GetNativeCanonicalPath(aProfilePath);
 #else
   rv = profileFile->GetNativePath(aProfilePath);
 #endif
   if (NS_FAILED(rv)) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR,
            ("Could not get native path for profile directory.\n"));
     return rv;
   }
   return NS_OK;
 }
 nsresult
 nsNSSComponent::InitializeNSS()
 {
   // Can be called both during init and profile change.
   // Needs mutex protection.
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::InitializeNSS\n"));
   static_assert(nsINSSErrorsService::NSS_SEC_ERROR_BASE == SEC_ERROR_BASE &&
                 nsINSSErrorsService::NSS_SEC_ERROR_LIMIT == SEC_ERROR_LIMIT &&
                 nsINSSErrorsService::NSS_SSL_ERROR_BASE == SSL_ERROR_BASE &&
                 nsINSSErrorsService::NSS_SSL_ERROR_LIMIT == SSL_ERROR_LIMIT,
                 "You must update the values in nsINSSErrorsService.idl");
   MutexAutoLock lock(mutex);
   if (mNSSInitialized) {
     PR_ASSERT(!"Trying to initialize NSS twice"); // We should never try to
                                                   // initialize NSS more than
                                                   // once in a process.
     return NS_ERROR_FAILURE;
   }
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS Initialization beginning\n"));
   // The call to ConfigureInternalPKCS11Token needs to be done before NSS is initialized,
   // but affects only static data.
   // If we could assume i18n will not change between profiles, one call per application
   // run were sufficient. As I can't predict what happens in the future, let's repeat
   // this call for every re-init of NSS.
   ConfigureInternalPKCS11Token();
   nsAutoCString profileStr;
   nsresult rv = GetNSSProfilePath(profileStr);
   if (NS_FAILED(rv)) {
     nsPSMInitPanic::SetPanic();
     return NS_ERROR_NOT_AVAILABLE;
   }
   SECStatus init_rv = SECFailure;
   bool nocertdb = Preferences::GetBool("security.nocertdb", SECURITY_NOCERTDB_DEFAULT);
   if (!nocertdb && !profileStr.IsEmpty()) {
     // First try to initialize the NSS DB in read/write mode.
     SECStatus init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false);
     // If that fails, attempt read-only mode.
     if (init_rv != SECSuccess) {
       PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("could not init NSS r/w in %s\n", profileStr.get()));
       init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), true);
     }
     if (init_rv != SECSuccess) {
       PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("could not init in r/o either\n"));
     }
   }
   // If we haven't succeeded in initializing the DB in our profile
   // directory or we don't have a profile at all, or the "security.nocertdb"
   // pref has been set to "true", attempt to initialize with no DB.
   if (nocertdb || init_rv != SECSuccess) {
     init_rv = NSS_NoDB_Init(nullptr);
   }
   if (init_rv != SECSuccess) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("could not initialize NSS - panicking\n"));
     nsPSMInitPanic::SetPanic();
     return NS_ERROR_NOT_AVAILABLE;
   }
   mNSSInitialized = true;
   PK11_SetPasswordFunc(PK11PasswordPrompt);
   SharedSSLState::GlobalInit();
   // Register an observer so we can inform NSS when these prefs change
   Preferences::AddStrongObserver(this, "security.");
   SSL_OptionSetDefault(SSL_ENABLE_SSL2, false);
   SSL_OptionSetDefault(SSL_V2_COMPATIBLE_HELLO, false);
   rv = setEnabledTLSVersions();
   if (NS_FAILED(rv)) {
     nsPSMInitPanic::SetPanic();
     return NS_ERROR_UNEXPECTED;
   }
   DisableMD5();
   // Initialize the certverifier log before calling any functions that library.
   InitCertVerifierLog();
   LoadLoadableRoots();
   bool disableSessionIdentifiers =
     Preferences::GetBool("security.ssl.disable_session_identifiers",
                          DISABLE_SESSION_IDENTIFIERS_DEFAULT);
   SSL_OptionSetDefault(SSL_ENABLE_SESSION_TICKETS, !disableSessionIdentifiers);
   SSL_OptionSetDefault(SSL_NO_CACHE, disableSessionIdentifiers);
   bool requireSafeNegotiation =
     Preferences::GetBool("security.ssl.require_safe_negotiation",
                          REQUIRE_SAFE_NEGOTIATION_DEFAULT);
   SSL_OptionSetDefault(SSL_REQUIRE_SAFE_NEGOTIATION, requireSafeNegotiation);
   bool allowUnrestrictedRenego =
     Preferences::GetBool("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref",
                          ALLOW_UNRESTRICTED_RENEGO_DEFAULT);
   SSL_OptionSetDefault(SSL_ENABLE_RENEGOTIATION,
                        allowUnrestrictedRenego ?
                          SSL_RENEGOTIATE_UNRESTRICTED :
                          SSL_RENEGOTIATE_REQUIRES_XTN);
   SSL_OptionSetDefault(SSL_ENABLE_FALSE_START,
                        Preferences::GetBool("security.ssl.enable_false_start",
                                             FALSE_START_ENABLED_DEFAULT));
   // SSL_ENABLE_NPN and SSL_ENABLE_ALPN also require calling
   // SSL_SetNextProtoNego in order for the extensions to be negotiated.
   // WebRTC does not do that so it will not use NPN or ALPN even when these
   // preferences are true.
   SSL_OptionSetDefault(SSL_ENABLE_NPN,
                        Preferences::GetBool("security.ssl.enable_npn",
                                             NPN_ENABLED_DEFAULT));
   SSL_OptionSetDefault(SSL_ENABLE_ALPN,
                        Preferences::GetBool("security.ssl.enable_alpn",
                                             ALPN_ENABLED_DEFAULT));
   if (NS_FAILED(InitializeCipherSuite())) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("Unable to initialize cipher suite settings\n"));
     return NS_ERROR_FAILURE;
   }
   // dynamic options from prefs
   setValidationOptions(true, lock);
   mHttpForNSS.initTable();
   mHttpForNSS.registerHttpClient();
 #ifndef MOZ_DISABLE_CRYPTOLEGACY
   LaunchSmartCardThreads();
 #endif
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS Initialization done\n"));
   return NS_OK;
 }
 void
 nsNSSComponent::ShutdownNSS()
 {
   // Can be called both during init and profile change,
   // needs mutex protection.
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::ShutdownNSS\n"));
   MutexAutoLock lock(mutex);
   if (mNSSInitialized) {
     mNSSInitialized = false;
     PK11_SetPasswordFunc((PK11PasswordFunc)nullptr);
     mHttpForNSS.unregisterHttpClient();
     Preferences::RemoveObserver(this, "security.");
     if (NS_FAILED(CipherSuiteChangeObserver::StopObserve())) {
       PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("nsNSSComponent::ShutdownNSS cannot stop observing cipher suite change\n"));
     }
 #ifndef MOZ_DISABLE_CRYPTOLEGACY
     ShutdownSmartCardThreads();
 #endif
     SSL_ClearSessionCache();
     UnloadLoadableRoots();
 #ifndef MOZ_NO_EV_CERTS
     CleanupIdentityInfo();
 #endif
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("evaporating psm resources\n"));
     mShutdownObjectList->evaporateAllNSSResources();
     EnsureNSSInitialized(nssShutdown);
     if (SECSuccess != ::NSS_Shutdown()) {
       PR_LOG(gPIPNSSLog, PR_LOG_ALWAYS, ("NSS SHUTDOWN FAILURE\n"));
     }
     else {
       PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS shutdown =====>> OK <<=====\n"));
     }
   }
 }
 static const bool SEND_LM_DEFAULT = false;
 NS_IMETHODIMP
 nsNSSComponent::Init()
 {
   // No mutex protection.
   // Assume Init happens before any concurrency on "this" can start.
   nsresult rv = NS_OK;
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Beginning NSS initialization\n"));
   if (!mShutdownObjectList)
   {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS init, out of memory in constructor\n"));
     return NS_ERROR_OUT_OF_MEMORY;
   }
   rv = InitializePIPNSSBundle();
   if (NS_FAILED(rv)) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("Unable to create pipnss bundle.\n"));
     return rv;
   }
   // Access our string bundles now, this prevents assertions from I/O
   // - nsStandardURL not thread-safe
   // - wrong thread: 'NS_IsMainThread()' in nsIOService.cpp
   // when loading error strings on the SSL threads.
   {
     NS_NAMED_LITERAL_STRING(dummy_name, "dummy");
     nsXPIDLString result;
     mPIPNSSBundle->GetStringFromName(dummy_name.get(),
                                      getter_Copies(result));
     mNSSErrorsBundle->GetStringFromName(dummy_name.get(),
                                         getter_Copies(result));
   }
   bool sendLM = Preferences::GetBool("network.ntlm.send-lm-response",
                                      SEND_LM_DEFAULT);
   nsNTLMAuthModule::SetSendLM(sendLM);
   // Do that before NSS init, to make sure we won't get unloaded.
   RegisterObservers();
   rv = InitializeNSS();
   if (NS_FAILED(rv)) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("Unable to Initialize NSS.\n"));
     DeregisterObservers();
     mPIPNSSBundle = nullptr;
     return rv;
   }
   RememberCertErrorsTable::Init();
   createBackgroundThreads();
   if (!mCertVerificationThread)
   {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS init, could not create threads\n"));
     DeregisterObservers();
     mPIPNSSBundle = nullptr;
     return NS_ERROR_OUT_OF_MEMORY;
   }
   nsCOMPtr<nsIEntropyCollector> ec
       = do_GetService(NS_ENTROPYCOLLECTOR_CONTRACTID);
   nsCOMPtr<nsIBufEntropyCollector> bec;
   if (ec) {
     bec = do_QueryInterface(ec);
   }
   NS_ASSERTION(bec, "No buffering entropy collector.  "
                     "This means no entropy will be collected.");
   if (bec) {
     bec->ForwardTo(this);
   }
   return rv;
 }
 // nsISupports Implementation for the class
 NS_IMPL_ISUPPORTS(nsNSSComponent,
                   nsISignatureVerifier,
                   nsIEntropyCollector,
                   nsINSSComponent,
                   nsIObserver,
                   nsISupportsWeakReference)
 // Callback functions for decoder. For now, use empty/default functions.
 static void
 ContentCallback(void* arg, const char* buf, unsigned long len)
 {
 }
 static PK11SymKey*
 GetDecryptKeyCallback(void* arg, SECAlgorithmID* algid)
 {
   return nullptr;
 }
 static PRBool
 DecryptionAllowedCallback(SECAlgorithmID* algid, PK11SymKey* bulkkey)
 {
   return SECMIME_DecryptionAllowed(algid, bulkkey);
 }
 static void*
 GetPasswordKeyCallback(void* arg, void* handle)
 {
   return nullptr;
 }
 NS_IMETHODIMP
 nsNSSComponent::VerifySignature(const char* aRSABuf, uint32_t aRSABufLen,
                                 const char* aPlaintext, uint32_t aPlaintextLen,
                                 int32_t* aErrorCode,
                                 nsICertificatePrincipal** aPrincipal)
 {
   if (!aPrincipal || !aErrorCode) {
     return NS_ERROR_NULL_POINTER;
   }
   *aErrorCode = 0;
   *aPrincipal = nullptr;
   nsNSSShutDownPreventionLock locker;
   ScopedSEC_PKCS7ContentInfo p7_info;
   unsigned char hash[SHA1_LENGTH];
   SECItem item;
   item.type = siEncodedCertBuffer;
   item.data = (unsigned char*)aRSABuf;
   item.len = aRSABufLen;
   p7_info = SEC_PKCS7DecodeItem(&item,
                                 ContentCallback, nullptr,
                                 GetPasswordKeyCallback, nullptr,
                                 GetDecryptKeyCallback, nullptr,
                                 DecryptionAllowedCallback);
   if (!p7_info) {
     return NS_ERROR_FAILURE;
   }
   // Make sure we call SEC_PKCS7DestroyContentInfo after this point;
   // otherwise we leak data in p7_info
   //-- If a plaintext was provided, hash it.
   SECItem digest;
   digest.data = nullptr;
   digest.len = 0;
   if (aPlaintext) {
     HASHContext* hash_ctxt;
     uint32_t hashLen = 0;
     hash_ctxt = HASH_Create(HASH_AlgSHA1);
     HASH_Begin(hash_ctxt);
     HASH_Update(hash_ctxt,(const unsigned char*)aPlaintext, aPlaintextLen);
     HASH_End(hash_ctxt, hash, &hashLen, SHA1_LENGTH);
     HASH_Destroy(hash_ctxt);
     digest.data = hash;
     digest.len = SHA1_LENGTH;
   }
   //-- Verify signature
   bool rv = SEC_PKCS7VerifyDetachedSignature(p7_info, certUsageObjectSigner,
                                                &digest, HASH_AlgSHA1, false);
   if (!rv) {
     *aErrorCode = PR_GetError();
   }
   // Get the signing cert //
   CERTCertificate* cert = p7_info->content.signedData->signerInfos[0]->cert;
   nsresult rv2 = NS_OK;
   if (cert) {
     // Use |do { } while (0);| as a "more C++-ish" thing than goto;
     // this way we don't have to worry about goto across variable
     // declarations.  We have no loops in this code, so it's OK.
     do {
       nsCOMPtr<nsIX509Cert> pCert = nsNSSCertificate::Create(cert);
       if (!pCert) {
         rv2 = NS_ERROR_OUT_OF_MEMORY;
         break;
       }
       //-- Create a certificate principal with id and organization data
       nsAutoString fingerprint;
       rv2 = pCert->GetSha1Fingerprint(fingerprint);
       if (NS_FAILED(rv2)) {
         break;
       }
       nsAutoString orgName;
       rv2 = pCert->GetOrganization(orgName);
       if (NS_FAILED(rv2)) {
         break;
       }
       nsAutoString subjectName;
       rv2 = pCert->GetSubjectName(subjectName);
       if (NS_FAILED(rv2)) {
         break;
       }
       nsCOMPtr<nsICertificatePrincipal> certPrincipal =
         new nsCertificatePrincipal(NS_ConvertUTF16toUTF8(fingerprint),
                                    NS_ConvertUTF16toUTF8(subjectName),
                                    NS_ConvertUTF16toUTF8(orgName),
                                    pCert);
       certPrincipal.swap(*aPrincipal);
     } while (0);
   }
   return rv2;
 }
 NS_IMETHODIMP
 nsNSSComponent::RandomUpdate(void* entropy, int32_t bufLen)
 {
   nsNSSShutDownPreventionLock locker;
   // Asynchronous event happening often,
   // must not interfere with initialization or profile switch.
   MutexAutoLock lock(mutex);
   if (!mNSSInitialized)
       return NS_ERROR_NOT_INITIALIZED;
   PK11_RandomUpdate(entropy, bufLen);
   return NS_OK;
 }
 static const char* const PROFILE_CHANGE_NET_TEARDOWN_TOPIC
   = "profile-change-net-teardown";
 static const char* const PROFILE_CHANGE_NET_RESTORE_TOPIC
   = "profile-change-net-restore";
 static const char* const PROFILE_CHANGE_TEARDOWN_TOPIC
   = "profile-change-teardown";
 static const char* const PROFILE_BEFORE_CHANGE_TOPIC = "profile-before-change";
 static const char* const PROFILE_DO_CHANGE_TOPIC = "profile-do-change";
 NS_IMETHODIMP
 nsNSSComponent::Observe(nsISupports* aSubject, const char* aTopic,
                         const char16_t* someData)
 {
   if (nsCRT::strcmp(aTopic, PROFILE_CHANGE_TEARDOWN_TOPIC) == 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("in PSM code, receiving change-teardown\n"));
     DoProfileChangeTeardown(aSubject);
   }
   else if (nsCRT::strcmp(aTopic, PROFILE_BEFORE_CHANGE_TOPIC) == 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("receiving profile change topic\n"));
     DoProfileBeforeChange(aSubject);
   }
   else if (nsCRT::strcmp(aTopic, PROFILE_DO_CHANGE_TOPIC) == 0) {
     if (someData && NS_LITERAL_STRING("startup").Equals(someData)) {
       // The application is initializing against a known profile directory for
       // the first time during process execution.
       // However, earlier code execution might have already triggered NSS init.
       // We must ensure that NSS gets shut down prior to any attempt to init
       // it again. We use the same cleanup functionality used when switching
       // profiles. The order of function calls must correspond to the order
       // of notifications sent by Profile Manager (nsProfile).
       DoProfileChangeNetTeardown();
       DoProfileChangeTeardown(aSubject);
       DoProfileBeforeChange(aSubject);
       DoProfileChangeNetRestore();
     }
     bool needsInit = true;
     {
       MutexAutoLock lock(mutex);
       if (mNSSInitialized) {
         // We have already initialized NSS before the profile came up,
         // no need to do it again
         needsInit = false;
       }
     }
     if (needsInit) {
       if (NS_FAILED(InitializeNSS())) {
         PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("Unable to Initialize NSS after profile switch.\n"));
       }
     }
   }
   else if (nsCRT::strcmp(aTopic, NS_XPCOM_SHUTDOWN_OBSERVER_ID) == 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent: XPCom shutdown observed\n"));
     // Cleanup code that requires services, it's too late in destructor.
     nsCOMPtr<nsIEntropyCollector> ec
         = do_GetService(NS_ENTROPYCOLLECTOR_CONTRACTID);
     if (ec) {
       nsCOMPtr<nsIBufEntropyCollector> bec
         = do_QueryInterface(ec);
       if (bec) {
         bec->DontForward();
       }
     }
   }
   else if (nsCRT::strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) {
     nsNSSShutDownPreventionLock locker;
     bool clearSessionCache = true;
     NS_ConvertUTF16toUTF8  prefName(someData);
     if (prefName.Equals("security.tls.version.min") ||
         prefName.Equals("security.tls.version.max")) {
       (void) setEnabledTLSVersions();
     } else if (prefName.Equals("security.ssl.disable_session_identifiers")) {
       bool disableSessionIdentifiers =
         Preferences::GetBool("security.ssl.disable_session_identifiers",
                              DISABLE_SESSION_IDENTIFIERS_DEFAULT);
       SSL_OptionSetDefault(SSL_ENABLE_SESSION_TICKETS, !disableSessionIdentifiers);
       SSL_OptionSetDefault(SSL_NO_CACHE, disableSessionIdentifiers);
     } else if (prefName.Equals("security.ssl.require_safe_negotiation")) {
       bool requireSafeNegotiation =
         Preferences::GetBool("security.ssl.require_safe_negotiation",
                              REQUIRE_SAFE_NEGOTIATION_DEFAULT);
       SSL_OptionSetDefault(SSL_REQUIRE_SAFE_NEGOTIATION, requireSafeNegotiation);
     } else if (prefName.Equals("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref")) {
       bool allowUnrestrictedRenego =
         Preferences::GetBool("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref",
                              ALLOW_UNRESTRICTED_RENEGO_DEFAULT);
       SSL_OptionSetDefault(SSL_ENABLE_RENEGOTIATION,
                            allowUnrestrictedRenego ?
                              SSL_RENEGOTIATE_UNRESTRICTED :
                              SSL_RENEGOTIATE_REQUIRES_XTN);
     } else if (prefName.Equals("security.ssl.enable_false_start")) {
       SSL_OptionSetDefault(SSL_ENABLE_FALSE_START,
                            Preferences::GetBool("security.ssl.enable_false_start",
                                                 FALSE_START_ENABLED_DEFAULT));
     } else if (prefName.Equals("security.ssl.enable_npn")) {
       SSL_OptionSetDefault(SSL_ENABLE_NPN,
                            Preferences::GetBool("security.ssl.enable_npn",
                                                 NPN_ENABLED_DEFAULT));
     } else if (prefName.Equals("security.ssl.enable_alpn")) {
       SSL_OptionSetDefault(SSL_ENABLE_ALPN,
                            Preferences::GetBool("security.ssl.enable_alpn",
                                                 ALPN_ENABLED_DEFAULT));
     } else if (prefName.Equals("security.OCSP.enabled")
                || prefName.Equals("security.CRL_download.enabled")
                || prefName.Equals("security.fresh_revocation_info.require")
                || prefName.Equals("security.missing_cert_download.enabled")
                || prefName.Equals("security.OCSP.require")
                || prefName.Equals("security.OCSP.GET.enabled")
                || prefName.Equals("security.ssl.enable_ocsp_stapling")
                || prefName.Equals("security.use_mozillapkix_verification")
                || prefName.Equals("security.use_libpkix_verification")
                || prefName.Equals("security.cert_pinning.enforcement_level")) {
       MutexAutoLock lock(mutex);
       setValidationOptions(false, lock);
     } else if (prefName.Equals("network.ntlm.send-lm-response")) {
       bool sendLM = Preferences::GetBool("network.ntlm.send-lm-response",
                                          SEND_LM_DEFAULT);
       nsNTLMAuthModule::SetSendLM(sendLM);
       clearSessionCache = false;
     } else {
       clearSessionCache = false;
     }
     if (clearSessionCache)
       SSL_ClearSessionCache();
   }
   else if (nsCRT::strcmp(aTopic, PROFILE_CHANGE_NET_TEARDOWN_TOPIC) == 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("receiving network teardown topic\n"));
     DoProfileChangeNetTeardown();
   }
   else if (nsCRT::strcmp(aTopic, PROFILE_CHANGE_NET_RESTORE_TOPIC) == 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("receiving network restore topic\n"));
     DoProfileChangeNetRestore();
   }
   return NS_OK;
 }
 /*static*/ nsresult
 nsNSSComponent::GetNewPrompter(nsIPrompt** result)
 {
   NS_ENSURE_ARG_POINTER(result);
   *result = nullptr;
   if (!NS_IsMainThread()) {
     NS_ERROR("nsSDRContext::GetNewPrompter called off the main thread");
     return NS_ERROR_NOT_SAME_THREAD;
   }
   nsresult rv;
   nsCOMPtr<nsIWindowWatcher> wwatch(do_GetService(NS_WINDOWWATCHER_CONTRACTID, &rv));
   NS_ENSURE_SUCCESS(rv, rv);
   rv = wwatch->GetNewPrompter(0, result);
   NS_ENSURE_SUCCESS(rv, rv);
   return rv;
 }
 /*static*/ nsresult
 nsNSSComponent::ShowAlertWithConstructedString(const nsString& message)
 {
   nsCOMPtr<nsIPrompt> prompter;
   nsresult rv = GetNewPrompter(getter_AddRefs(prompter));
   if (prompter) {
     nsPSMUITracker tracker;
     if (tracker.isUIForbidden()) {
       NS_WARNING("Suppressing alert because PSM UI is forbidden");
       rv = NS_ERROR_UNEXPECTED;
     } else {
       rv = prompter->Alert(nullptr, message.get());
     }
   }
   return rv;
 }
 NS_IMETHODIMP
 nsNSSComponent::ShowAlertFromStringBundle(const char* messageID)
 {
   nsString message;
   nsresult rv;
   rv = GetPIPNSSBundleString(messageID, message);
   if (NS_FAILED(rv)) {
     NS_ERROR("GetPIPNSSBundleString failed");
     return rv;
   }
   return ShowAlertWithConstructedString(message);
 }
 nsresult nsNSSComponent::LogoutAuthenticatedPK11()
 {
   nsCOMPtr<nsICertOverrideService> icos =
     do_GetService("@mozilla.org/security/certoverride;1");
   if (icos) {
     icos->ClearValidityOverride(
             NS_LITERAL_CSTRING("all:temporary-certificates"),
 );
   }
   nsClientAuthRememberService::ClearAllRememberedDecisions();
   return mShutdownObjectList->doPK11Logout();
 }
 nsresult
 nsNSSComponent::RegisterObservers()
 {
   // Happens once during init only, no mutex protection.
   nsCOMPtr<nsIObserverService> observerService(do_GetService("@mozilla.org/observer-service;1"));
   NS_ASSERTION(observerService, "could not get observer service");
   if (observerService) {
     mObserversRegistered = true;
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent: adding observers\n"));
     // We are a service.
     // Once we are loaded, don't allow being removed from memory.
     // This makes sense, as initializing NSS is expensive.
     // By using false for parameter ownsWeak in AddObserver,
     // we make sure that we won't get unloaded until the application shuts down.
     observerService->AddObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID, false);
     observerService->AddObserver(this, PROFILE_CHANGE_TEARDOWN_TOPIC, false);
     observerService->AddObserver(this, PROFILE_BEFORE_CHANGE_TOPIC, false);
     observerService->AddObserver(this, PROFILE_DO_CHANGE_TOPIC, false);
     observerService->AddObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC, false);
     observerService->AddObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC, false);
   }
   return NS_OK;
 }
 nsresult
 nsNSSComponent::DeregisterObservers()
 {
   if (!mObserversRegistered)
     return NS_OK;
   nsCOMPtr<nsIObserverService> observerService(do_GetService("@mozilla.org/observer-service;1"));
   NS_ASSERTION(observerService, "could not get observer service");
   if (observerService) {
     mObserversRegistered = false;
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent: removing observers\n"));
     observerService->RemoveObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID);
     observerService->RemoveObserver(this, PROFILE_CHANGE_TEARDOWN_TOPIC);
     observerService->RemoveObserver(this, PROFILE_BEFORE_CHANGE_TOPIC);
     observerService->RemoveObserver(this, PROFILE_DO_CHANGE_TOPIC);
     observerService->RemoveObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC);
     observerService->RemoveObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC);
   }
   return NS_OK;
 }
 void
 nsNSSComponent::DoProfileChangeNetTeardown()
 {
   if (mCertVerificationThread)
     mCertVerificationThread->requestExit();
   mIsNetworkDown = true;
 }
 void
 nsNSSComponent::DoProfileChangeTeardown(nsISupports* aSubject)
 {
   mShutdownObjectList->ifPossibleDisallowUI();
 }
 void
 nsNSSComponent::DoProfileBeforeChange(nsISupports* aSubject)
 {
   NS_ASSERTION(mIsNetworkDown, "nsNSSComponent relies on profile manager to wait for synchronous shutdown of all network activity");
   bool needsCleanup = true;
   {
     MutexAutoLock lock(mutex);
     if (!mNSSInitialized) {
       // Make sure we don't try to cleanup if we have already done so.
       // This makes sure we behave safely, in case we are notified
       // multiple times.
       needsCleanup = false;
     }
   }
   if (needsCleanup) {
     ShutdownNSS();
   }
   mShutdownObjectList->allowUI();
 }
 void
 nsNSSComponent::DoProfileChangeNetRestore()
 {
   // XXX this doesn't work well, since nothing expects null pointers
   deleteBackgroundThreads();
   createBackgroundThreads();
   mIsNetworkDown = false;
 }
 NS_IMETHODIMP
 nsNSSComponent::IsNSSInitialized(bool* initialized)
 {
   MutexAutoLock lock(mutex);
   *initialized = mNSSInitialized;
   return NS_OK;
 }
 SharedCertVerifier::~SharedCertVerifier() { }
 TemporaryRef<SharedCertVerifier>
 nsNSSComponent::GetDefaultCertVerifier()
 {
   MutexAutoLock lock(mutex);
   MOZ_ASSERT(mNSSInitialized);
   return mDefaultCertVerifier;
 }
 namespace mozilla { namespace psm {
 TemporaryRef<SharedCertVerifier>
 GetDefaultCertVerifier()
 {
   static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
   nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID));
   RefPtr<SharedCertVerifier> certVerifier;
   if (nssComponent) {
     return nssComponent->GetDefaultCertVerifier();
   }
   return nullptr;
 }
 } } // namespace mozilla::psm
 NS_IMPL_ISUPPORTS(PipUIContext, nsIInterfaceRequestor)
 PipUIContext::PipUIContext()
 {
 }
 PipUIContext::~PipUIContext()
 {
 }
 NS_IMETHODIMP
 PipUIContext::GetInterface(const nsIID& uuid, void** result)
 {
   NS_ENSURE_ARG_POINTER(result);
   *result = nullptr;
   if (!NS_IsMainThread()) {
     NS_ERROR("PipUIContext::GetInterface called off the main thread");
     return NS_ERROR_NOT_SAME_THREAD;
   }
   if (!uuid.Equals(NS_GET_IID(nsIPrompt)))
     return NS_ERROR_NO_INTERFACE;
   nsIPrompt* prompt = nullptr;
   nsresult rv = nsNSSComponent::GetNewPrompter(&prompt);
   *result = prompt;
   return rv;
 }
 nsresult
 getNSSDialogs(void** _result, REFNSIID aIID, const char* contract)
 {
   if (!NS_IsMainThread()) {
     NS_ERROR("getNSSDialogs called off the main thread");
     return NS_ERROR_NOT_SAME_THREAD;
   }
   nsresult rv;
   nsCOMPtr<nsISupports> svc = do_GetService(contract, &rv);
   if (NS_FAILED(rv)) {
     return rv;
   }
   rv = svc->QueryInterface(aIID, _result);
   return rv;
 }
 nsresult
 setPassword(PK11SlotInfo* slot, nsIInterfaceRequestor* ctx)
 {
   nsNSSShutDownPreventionLock locker;
   nsresult rv = NS_OK;
   if (PK11_NeedUserInit(slot)) {
     nsITokenPasswordDialogs* dialogs;
     bool canceled;
     NS_ConvertUTF8toUTF16 tokenName(PK11_GetTokenName(slot));
     rv = getNSSDialogs((void**)&dialogs,
                        NS_GET_IID(nsITokenPasswordDialogs),
                        NS_TOKENPASSWORDSDIALOG_CONTRACTID);
     if (NS_FAILED(rv)) goto loser;
     {
       nsPSMUITracker tracker;
       if (tracker.isUIForbidden()) {
         rv = NS_ERROR_NOT_AVAILABLE;
       }
       else {
         rv = dialogs->SetPassword(ctx,
                                   tokenName.get(),
                                   &canceled);
       }
     }
     NS_RELEASE(dialogs);
     if (NS_FAILED(rv)) goto loser;
     if (canceled) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
   }
  loser:
   return rv;
 }
 namespace mozilla {
 namespace psm {
 nsresult
 InitializeCipherSuite()
 {
   NS_ASSERTION(NS_IsMainThread(), "InitializeCipherSuite() can only be accessed in main thread");
   if (NSS_SetDomesticPolicy() != SECSuccess) {
     return NS_ERROR_FAILURE;
   }
   // Disable any ciphers that NSS might have enabled by default
   for (uint16_t i = 0; i < SSL_NumImplementedCiphers; ++i) {
     uint16_t cipher_id = SSL_ImplementedCiphers[i];
     SSL_CipherPrefSetDefault(cipher_id, false);
   }
   // Now only set SSL/TLS ciphers we knew about at compile time
   for (const CipherPref* cp = sCipherPrefs; cp->pref; ++cp) {
     bool cipherEnabled = Preferences::GetBool(cp->pref, cp->enabledByDefault);
     SSL_CipherPrefSetDefault(cp->id, cipherEnabled);
   }
   // Enable ciphers for PKCS#12
   SEC_PKCS12EnableCipher(PKCS12_RC4_40, 1);
   SEC_PKCS12EnableCipher(PKCS12_RC4_128, 1);
   SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_40, 1);
   SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_128, 1);
   SEC_PKCS12EnableCipher(PKCS12_DES_56, 1);
   SEC_PKCS12EnableCipher(PKCS12_DES_EDE3_168, 1);
   SEC_PKCS12SetPreferredCipher(PKCS12_DES_EDE3_168, 1);
   PORT_SetUCS2_ASCIIConversionFunction(pip_ucs2_ascii_conversion_fn);
   // Observe preference change around cipher suite setting.
   return CipherSuiteChangeObserver::StartObserve();
 }
 } // namespace psm
 } // namespace mozilla

The Tor Browser / annotate

security/manager/ssl/src/nsNSSComponent.cpp@b8a032363ba2 (annotated)

security/manager/ssl/src/nsNSSComponent.cpp