The Tor Browser / file comparison

comparison: security/manager/ssl/src/nsSSLStatus.cpp

security/manager/ssl/src/nsSSLStatus.cpp

branch
TOR_BUG_9701
changeset 15
b8a032363ba2
equal deleted inserted replaced
-1:000000000000 0:749d54835d41
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 *
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 #include "nsSSLStatus.h"
8 #include "plstr.h"
9 #include "nsIClassInfoImpl.h"
10 #include "nsIIdentityInfo.h"
11 #include "nsIProgrammingLanguage.h"
12 #include "nsIObjectOutputStream.h"
13 #include "nsIObjectInputStream.h"
14
15 NS_IMETHODIMP
16 nsSSLStatus::GetServerCert(nsIX509Cert** _result)
17 {
18 NS_ASSERTION(_result, "non-NULL destination required");
19
20 *_result = mServerCert;
21 NS_IF_ADDREF(*_result);
22
23 return NS_OK;
24 }
25
26 NS_IMETHODIMP
27 nsSSLStatus::GetKeyLength(uint32_t* _result)
28 {
29 NS_ASSERTION(_result, "non-NULL destination required");
30 if (!mHaveKeyLengthAndCipher)
31 return NS_ERROR_NOT_AVAILABLE;
32
33 *_result = mKeyLength;
34
35 return NS_OK;
36 }
37
38 NS_IMETHODIMP
39 nsSSLStatus::GetSecretKeyLength(uint32_t* _result)
40 {
41 NS_ASSERTION(_result, "non-NULL destination required");
42 if (!mHaveKeyLengthAndCipher)
43 return NS_ERROR_NOT_AVAILABLE;
44
45 *_result = mSecretKeyLength;
46
47 return NS_OK;
48 }
49
50 NS_IMETHODIMP
51 nsSSLStatus::GetCipherName(char** _result)
52 {
53 NS_ASSERTION(_result, "non-NULL destination required");
54 if (!mHaveKeyLengthAndCipher)
55 return NS_ERROR_NOT_AVAILABLE;
56
57 *_result = ToNewCString(mCipherName);
58
59 return NS_OK;
60 }
61
62 NS_IMETHODIMP
63 nsSSLStatus::GetIsDomainMismatch(bool* _result)
64 {
65 NS_ASSERTION(_result, "non-NULL destination required");
66
67 *_result = mHaveCertErrorBits && mIsDomainMismatch;
68
69 return NS_OK;
70 }
71
72 NS_IMETHODIMP
73 nsSSLStatus::GetIsNotValidAtThisTime(bool* _result)
74 {
75 NS_ASSERTION(_result, "non-NULL destination required");
76
77 *_result = mHaveCertErrorBits && mIsNotValidAtThisTime;
78
79 return NS_OK;
80 }
81
82 NS_IMETHODIMP
83 nsSSLStatus::GetIsUntrusted(bool* _result)
84 {
85 NS_ASSERTION(_result, "non-NULL destination required");
86
87 *_result = mHaveCertErrorBits && mIsUntrusted;
88
89 return NS_OK;
90 }
91
92 NS_IMETHODIMP
93 nsSSLStatus::GetIsExtendedValidation(bool* aIsEV)
94 {
95 NS_ENSURE_ARG_POINTER(aIsEV);
96 *aIsEV = false;
97
98 #ifdef MOZ_NO_EV_CERTS
99 return NS_OK;
100 #else
101 nsCOMPtr<nsIX509Cert> cert = mServerCert;
102 nsresult rv;
103 nsCOMPtr<nsIIdentityInfo> idinfo = do_QueryInterface(cert, &rv);
104
105 // mServerCert should never be null when this method is called because
106 // nsSSLStatus objects always have mServerCert set right after they are
107 // constructed and before they are returned. GetIsExtendedValidation should
108 // only be called in the chrome process (in e10s), and mServerCert will always
109 // implement nsIIdentityInfo in the chrome process.
110 if (!idinfo) {
111 NS_ERROR("nsSSLStatus has null mServerCert or was called in the content "
112 "process");
113 return NS_ERROR_UNEXPECTED;
114 }
115
116 // Never allow bad certs for EV, regardless of overrides.
117 if (mHaveCertErrorBits) {
118 return NS_OK;
119 }
120
121 return idinfo->GetIsExtendedValidation(aIsEV);
122 #endif
123 }
124
125 NS_IMETHODIMP
126 nsSSLStatus::Read(nsIObjectInputStream* stream)
127 {
128 nsCOMPtr<nsISupports> cert;
129 nsresult rv = stream->ReadObject(true, getter_AddRefs(cert));
130 NS_ENSURE_SUCCESS(rv, rv);
131
132 mServerCert = do_QueryInterface(cert);
133 if (!mServerCert)
134 return NS_NOINTERFACE;
135
136 rv = stream->Read32(&mKeyLength);
137 NS_ENSURE_SUCCESS(rv, rv);
138 rv = stream->Read32(&mSecretKeyLength);
139 NS_ENSURE_SUCCESS(rv, rv);
140 rv = stream->ReadCString(mCipherName);
141 NS_ENSURE_SUCCESS(rv, rv);
142
143 rv = stream->ReadBoolean(&mIsDomainMismatch);
144 NS_ENSURE_SUCCESS(rv, rv);
145 rv = stream->ReadBoolean(&mIsNotValidAtThisTime);
146 NS_ENSURE_SUCCESS(rv, rv);
147 rv = stream->ReadBoolean(&mIsUntrusted);
148 NS_ENSURE_SUCCESS(rv, rv);
149
150 rv = stream->ReadBoolean(&mHaveKeyLengthAndCipher);
151 NS_ENSURE_SUCCESS(rv, rv);
152 rv = stream->ReadBoolean(&mHaveCertErrorBits);
153 NS_ENSURE_SUCCESS(rv, rv);
154
155 return NS_OK;
156 }
157
158 NS_IMETHODIMP
159 nsSSLStatus::Write(nsIObjectOutputStream* stream)
160 {
161 nsresult rv = stream->WriteCompoundObject(mServerCert,
162 NS_GET_IID(nsIX509Cert),
163 true);
164 NS_ENSURE_SUCCESS(rv, rv);
165
166 rv = stream->Write32(mKeyLength);
167 NS_ENSURE_SUCCESS(rv, rv);
168 rv = stream->Write32(mSecretKeyLength);
169 NS_ENSURE_SUCCESS(rv, rv);
170 rv = stream->WriteStringZ(mCipherName.get());
171 NS_ENSURE_SUCCESS(rv, rv);
172
173 rv = stream->WriteBoolean(mIsDomainMismatch);
174 NS_ENSURE_SUCCESS(rv, rv);
175 rv = stream->WriteBoolean(mIsNotValidAtThisTime);
176 NS_ENSURE_SUCCESS(rv, rv);
177 rv = stream->WriteBoolean(mIsUntrusted);
178 NS_ENSURE_SUCCESS(rv, rv);
179
180 rv = stream->WriteBoolean(mHaveKeyLengthAndCipher);
181 NS_ENSURE_SUCCESS(rv, rv);
182 rv = stream->WriteBoolean(mHaveCertErrorBits);
183 NS_ENSURE_SUCCESS(rv, rv);
184
185 return NS_OK;
186 }
187
188 NS_IMETHODIMP
189 nsSSLStatus::GetInterfaces(uint32_t *count, nsIID * **array)
190 {
191 *count = 0;
192 *array = nullptr;
193 return NS_OK;
194 }
195
196 NS_IMETHODIMP
197 nsSSLStatus::GetHelperForLanguage(uint32_t language, nsISupports **_retval)
198 {
199 *_retval = nullptr;
200 return NS_OK;
201 }
202
203 NS_IMETHODIMP
204 nsSSLStatus::GetContractID(char * *aContractID)
205 {
206 *aContractID = nullptr;
207 return NS_OK;
208 }
209
210 NS_IMETHODIMP
211 nsSSLStatus::GetClassDescription(char * *aClassDescription)
212 {
213 *aClassDescription = nullptr;
214 return NS_OK;
215 }
216
217 NS_IMETHODIMP
218 nsSSLStatus::GetClassID(nsCID * *aClassID)
219 {
220 *aClassID = (nsCID*) nsMemory::Alloc(sizeof(nsCID));
221 if (!*aClassID)
222 return NS_ERROR_OUT_OF_MEMORY;
223 return GetClassIDNoAlloc(*aClassID);
224 }
225
226 NS_IMETHODIMP
227 nsSSLStatus::GetImplementationLanguage(uint32_t *aImplementationLanguage)
228 {
229 *aImplementationLanguage = nsIProgrammingLanguage::CPLUSPLUS;
230 return NS_OK;
231 }
232
233 NS_IMETHODIMP
234 nsSSLStatus::GetFlags(uint32_t *aFlags)
235 {
236 *aFlags = 0;
237 return NS_OK;
238 }
239
240 static NS_DEFINE_CID(kSSLStatusCID, NS_SSLSTATUS_CID);
241
242 NS_IMETHODIMP
243 nsSSLStatus::GetClassIDNoAlloc(nsCID *aClassIDNoAlloc)
244 {
245 *aClassIDNoAlloc = kSSLStatusCID;
246 return NS_OK;
247 }
248
249 nsSSLStatus::nsSSLStatus()
250 : mKeyLength(0), mSecretKeyLength(0)
251 , mIsDomainMismatch(false)
252 , mIsNotValidAtThisTime(false)
253 , mIsUntrusted(false)
254 , mHaveKeyLengthAndCipher(false)
255 , mHaveCertErrorBits(false)
256 {
257 mCipherName = "";
258 }
259
260 NS_IMPL_ISUPPORTS(nsSSLStatus, nsISSLStatus, nsISerializable, nsIClassInfo)
261
262 nsSSLStatus::~nsSSLStatus()
263 {
264 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial