The Tor Browser / file revision

security/manager/ssl/src/nsSSLStatus.cpp@6474c204b198

security/manager/ssl/src/nsSSLStatus.cpp

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-

     2  *

     3  * This Source Code Form is subject to the terms of the Mozilla Public

     4  * License, v. 2.0. If a copy of the MPL was not distributed with this

     5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     6 

     7 #include "nsSSLStatus.h"

     8 #include "plstr.h"

     9 #include "nsIClassInfoImpl.h"

    10 #include "nsIIdentityInfo.h"

    11 #include "nsIProgrammingLanguage.h"

    12 #include "nsIObjectOutputStream.h"

    13 #include "nsIObjectInputStream.h"

    14 

    15 NS_IMETHODIMP

    16 nsSSLStatus::GetServerCert(nsIX509Cert** _result)

    17 {

    18   NS_ASSERTION(_result, "non-NULL destination required");

    19 

    20   *_result = mServerCert;

    21   NS_IF_ADDREF(*_result);

    22 

    23   return NS_OK;

    24 }

    25 

    26 NS_IMETHODIMP

    27 nsSSLStatus::GetKeyLength(uint32_t* _result)

    28 {

    29   NS_ASSERTION(_result, "non-NULL destination required");

    30   if (!mHaveKeyLengthAndCipher)

    31     return NS_ERROR_NOT_AVAILABLE;

    32 

    33   *_result = mKeyLength;

    34 

    35   return NS_OK;

    36 }

    37 

    38 NS_IMETHODIMP

    39 nsSSLStatus::GetSecretKeyLength(uint32_t* _result)

    40 {

    41   NS_ASSERTION(_result, "non-NULL destination required");

    42   if (!mHaveKeyLengthAndCipher)

    43     return NS_ERROR_NOT_AVAILABLE;

    44 

    45   *_result = mSecretKeyLength;

    46 

    47   return NS_OK;

    48 }

    49 

    50 NS_IMETHODIMP

    51 nsSSLStatus::GetCipherName(char** _result)

    52 {

    53   NS_ASSERTION(_result, "non-NULL destination required");

    54   if (!mHaveKeyLengthAndCipher)

    55     return NS_ERROR_NOT_AVAILABLE;

    56 

    57   *_result = ToNewCString(mCipherName);

    58 

    59   return NS_OK;

    60 }

    61 

    62 NS_IMETHODIMP

    63 nsSSLStatus::GetIsDomainMismatch(bool* _result)

    64 {

    65   NS_ASSERTION(_result, "non-NULL destination required");

    66 

    67   *_result = mHaveCertErrorBits && mIsDomainMismatch;

    68 

    69   return NS_OK;

    70 }

    71 

    72 NS_IMETHODIMP

    73 nsSSLStatus::GetIsNotValidAtThisTime(bool* _result)

    74 {

    75   NS_ASSERTION(_result, "non-NULL destination required");

    76 

    77   *_result = mHaveCertErrorBits && mIsNotValidAtThisTime;

    78 

    79   return NS_OK;

    80 }

    81 

    82 NS_IMETHODIMP

    83 nsSSLStatus::GetIsUntrusted(bool* _result)

    84 {

    85   NS_ASSERTION(_result, "non-NULL destination required");

    86 

    87   *_result = mHaveCertErrorBits && mIsUntrusted;

    88 

    89   return NS_OK;

    90 }

    91 

    92 NS_IMETHODIMP

    93 nsSSLStatus::GetIsExtendedValidation(bool* aIsEV)

    94 {

    95   NS_ENSURE_ARG_POINTER(aIsEV);

    96   *aIsEV = false;

    97 

    98 #ifdef MOZ_NO_EV_CERTS

    99   return NS_OK;

   100 #else

   101   nsCOMPtr<nsIX509Cert> cert = mServerCert;

   102   nsresult rv;

   103   nsCOMPtr<nsIIdentityInfo> idinfo = do_QueryInterface(cert, &rv);

   104 

   105   // mServerCert should never be null when this method is called because

   106   // nsSSLStatus objects always have mServerCert set right after they are

   107   // constructed and before they are returned. GetIsExtendedValidation should

   108   // only be called in the chrome process (in e10s), and mServerCert will always

   109   // implement nsIIdentityInfo in the chrome process.

   110   if (!idinfo) {

   111     NS_ERROR("nsSSLStatus has null mServerCert or was called in the content "

   112              "process");

   113     return NS_ERROR_UNEXPECTED;

   114   }

   115 

   116   // Never allow bad certs for EV, regardless of overrides.

   117   if (mHaveCertErrorBits) {

   118     return NS_OK;

   119   }

   120 

   121   return idinfo->GetIsExtendedValidation(aIsEV);

   122 #endif

   123 }

   124 

   125 NS_IMETHODIMP

   126 nsSSLStatus::Read(nsIObjectInputStream* stream)

   127 {

   128   nsCOMPtr<nsISupports> cert;

   129   nsresult rv = stream->ReadObject(true, getter_AddRefs(cert));

   130   NS_ENSURE_SUCCESS(rv, rv);

   131 

   132   mServerCert = do_QueryInterface(cert);

   133   if (!mServerCert)

   134     return NS_NOINTERFACE;

   135 

   136   rv = stream->Read32(&mKeyLength);

   137   NS_ENSURE_SUCCESS(rv, rv);

   138   rv = stream->Read32(&mSecretKeyLength);

   139   NS_ENSURE_SUCCESS(rv, rv);

   140   rv = stream->ReadCString(mCipherName);

   141   NS_ENSURE_SUCCESS(rv, rv);

   142 

   143   rv = stream->ReadBoolean(&mIsDomainMismatch);

   144   NS_ENSURE_SUCCESS(rv, rv);

   145   rv = stream->ReadBoolean(&mIsNotValidAtThisTime);

   146   NS_ENSURE_SUCCESS(rv, rv);

   147   rv = stream->ReadBoolean(&mIsUntrusted);

   148   NS_ENSURE_SUCCESS(rv, rv);

   149 

   150   rv = stream->ReadBoolean(&mHaveKeyLengthAndCipher);

   151   NS_ENSURE_SUCCESS(rv, rv);

   152   rv = stream->ReadBoolean(&mHaveCertErrorBits);

   153   NS_ENSURE_SUCCESS(rv, rv);

   154 

   155   return NS_OK;

   156 }

   157 

   158 NS_IMETHODIMP

   159 nsSSLStatus::Write(nsIObjectOutputStream* stream)

   160 {

   161   nsresult rv = stream->WriteCompoundObject(mServerCert,

   162                                             NS_GET_IID(nsIX509Cert),

   163                                             true);

   164   NS_ENSURE_SUCCESS(rv, rv);

   165 

   166   rv = stream->Write32(mKeyLength);

   167   NS_ENSURE_SUCCESS(rv, rv);

   168   rv = stream->Write32(mSecretKeyLength);

   169   NS_ENSURE_SUCCESS(rv, rv);

   170   rv = stream->WriteStringZ(mCipherName.get());

   171   NS_ENSURE_SUCCESS(rv, rv);

   172 

   173   rv = stream->WriteBoolean(mIsDomainMismatch);

   174   NS_ENSURE_SUCCESS(rv, rv);

   175   rv = stream->WriteBoolean(mIsNotValidAtThisTime);

   176   NS_ENSURE_SUCCESS(rv, rv);

   177   rv = stream->WriteBoolean(mIsUntrusted);

   178   NS_ENSURE_SUCCESS(rv, rv);

   179 

   180   rv = stream->WriteBoolean(mHaveKeyLengthAndCipher);

   181   NS_ENSURE_SUCCESS(rv, rv);

   182   rv = stream->WriteBoolean(mHaveCertErrorBits);

   183   NS_ENSURE_SUCCESS(rv, rv);

   184 

   185   return NS_OK;

   186 }

   187 

   188 NS_IMETHODIMP

   189 nsSSLStatus::GetInterfaces(uint32_t *count, nsIID * **array)

   190 {

   191   *count = 0;

   192   *array = nullptr;

   193   return NS_OK;

   194 }

   195 

   196 NS_IMETHODIMP

   197 nsSSLStatus::GetHelperForLanguage(uint32_t language, nsISupports **_retval)

   198 {

   199   *_retval = nullptr;

   200   return NS_OK;

   201 }

   202 

   203 NS_IMETHODIMP

   204 nsSSLStatus::GetContractID(char * *aContractID)

   205 {

   206   *aContractID = nullptr;

   207   return NS_OK;

   208 }

   209 

   210 NS_IMETHODIMP

   211 nsSSLStatus::GetClassDescription(char * *aClassDescription)

   212 {

   213   *aClassDescription = nullptr;

   214   return NS_OK;

   215 }

   216 

   217 NS_IMETHODIMP

   218 nsSSLStatus::GetClassID(nsCID * *aClassID)

   219 {

   220   *aClassID = (nsCID*) nsMemory::Alloc(sizeof(nsCID));

   221   if (!*aClassID)

   222     return NS_ERROR_OUT_OF_MEMORY;

   223   return GetClassIDNoAlloc(*aClassID);

   224 }

   225 

   226 NS_IMETHODIMP

   227 nsSSLStatus::GetImplementationLanguage(uint32_t *aImplementationLanguage)

   228 {

   229   *aImplementationLanguage = nsIProgrammingLanguage::CPLUSPLUS;

   230   return NS_OK;

   231 }

   232 

   233 NS_IMETHODIMP

   234 nsSSLStatus::GetFlags(uint32_t *aFlags)

   235 {

   236   *aFlags = 0;

   237   return NS_OK;

   238 }

   239 

   240 static NS_DEFINE_CID(kSSLStatusCID, NS_SSLSTATUS_CID);

   241 

   242 NS_IMETHODIMP

   243 nsSSLStatus::GetClassIDNoAlloc(nsCID *aClassIDNoAlloc)

   244 {

   245   *aClassIDNoAlloc = kSSLStatusCID;

   246   return NS_OK;

   247 }

   248 

   249 nsSSLStatus::nsSSLStatus()

   250 : mKeyLength(0), mSecretKeyLength(0)

   251 , mIsDomainMismatch(false)

   252 , mIsNotValidAtThisTime(false)

   253 , mIsUntrusted(false)

   254 , mHaveKeyLengthAndCipher(false)

   255 , mHaveCertErrorBits(false)

   256 {

   257   mCipherName = "";

   258 }

   259 

   260 NS_IMPL_ISUPPORTS(nsSSLStatus, nsISSLStatus, nsISerializable, nsIClassInfo)

   261 

   262 nsSSLStatus::~nsSSLStatus()

   263 {

   264 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial