michael@0: /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- michael@0: * michael@0: * This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include "nsISupports.idl" michael@0: michael@0: interface nsIInterfaceRequestor; michael@0: michael@0: %{C++ michael@0: template class nsTArray; michael@0: class nsCString; michael@0: %} michael@0: [ref] native nsCStringTArrayRef(nsTArray); michael@0: michael@0: [scriptable, builtinclass, uuid(4080f700-9c16-4884-8f8d-e28094377084)] michael@0: interface nsISSLSocketControl : nsISupports { michael@0: attribute nsIInterfaceRequestor notificationCallbacks; michael@0: michael@0: void proxyStartSSL(); michael@0: void StartTLS(); michael@0: michael@0: /* NPN (Next Protocol Negotiation) is a mechanism for michael@0: negotiating the protocol to be spoken inside the SSL michael@0: tunnel during the SSL handshake. The NPNList is the list michael@0: of offered client side protocols. setNPNList() needs to michael@0: be called before any data is read or written (including the michael@0: handshake to be setup correctly. The server determines the michael@0: priority when multiple matches occur, but if there is no overlap michael@0: the first protocol in the list is used. */ michael@0: michael@0: [noscript] void setNPNList(in nsCStringTArrayRef aNPNList); michael@0: michael@0: /* negotiatedNPN is '' if no NPN list was provided by the client, michael@0: * or if the server did not select any protocol choice from that michael@0: * list. That also includes the case where the server does not michael@0: * implement NPN. michael@0: * michael@0: * If negotiatedNPN is read before NPN has progressed to the point michael@0: * where this information is available NS_ERROR_NOT_CONNECTED is michael@0: * raised. michael@0: */ michael@0: readonly attribute ACString negotiatedNPN; michael@0: michael@0: /* Determine if a potential SSL connection to hostname:port with michael@0: * a desired NPN negotiated protocol of npnProtocol can use the socket michael@0: * associated with this object instead of making a new one. michael@0: */ michael@0: boolean joinConnection( michael@0: in ACString npnProtocol, /* e.g. "spdy/2" */ michael@0: in ACString hostname, michael@0: in long port); michael@0: michael@0: /* The Key Exchange Algorithm is used when determining whether or michael@0: not to do false start. michael@0: After a handshake is complete it can be read from KEAUsed, michael@0: before a handshake is started it may be set through KEAExpected. michael@0: The values correspond to the SSLKEAType enum in NSS or the michael@0: KEY_EXCHANGE_UNKNOWN constant defined below. michael@0: */ michael@0: michael@0: [infallible] readonly attribute short KEAUsed; michael@0: [infallible] attribute short KEAExpected; michael@0: michael@0: const short KEY_EXCHANGE_UNKNOWN = -1; michael@0: michael@0: /* michael@0: * The original flags from the socket provider. michael@0: */ michael@0: readonly attribute uint32_t providerFlags; michael@0: michael@0: /* These values are defined by TLS. */ michael@0: const short SSL_VERSION_3 = 0x0300; michael@0: const short TLS_VERSION_1 = 0x0301; michael@0: const short TLS_VERSION_1_1 = 0x0302; michael@0: const short TLS_VERSION_1_2 = 0x0303; michael@0: const short SSL_VERSION_UNKNOWN = -1; michael@0: michael@0: [infallible] readonly attribute short SSLVersionUsed; michael@0: }; michael@0: