KotJohansson/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 14:30:27 +00:00
Code Issues Projects Releases Wiki Activity
Files
master
palemoon27/security/manager/tools/makeCNNICHashes.js
T
roytam1 21c98793d3 import changes from `dev' branch of rmottola/Arctic-Fox: 
- Bug 1244883 - Add Nightly-/Aurora-only crash for AsyncTransactionWaiter timeouts - r=nical (132b2ceff9)
- Bug 1148978 - Trigger paints when moving plugin windows around on the browser main thread. r=mattwoodrow (c75ce5ec09)
- Dedent some functions. (bug 1254899 part 1, r=jrmuizel) (c84fb419c7)
- Refactor acceleration pref initialization. (bug 1254899 part 2, r=jrmuizel) (29a164c70e)
- Remove NS_NATIVE_GRAPHIC on Windows. (bug 1266536, r=jimm) (84011349d1)
- Bug 1267253 - Delete gfxWindowsPlatform::RenderMode and replace it with a check against the default backend. r=bas (93cb6e503e)
- Introduce gfxConfig, a manager for graphics feature settings. (bug 1254899 part 3, r=milan) (97498ca46a)
- Bug 1262187: Allow D3D9 if D3D11 failed, behind the pref, but on by default. r=bas (8163e28b26)
- Bug 1178376 - Optionally fade in new progressively painted tiles r=nical (777bf1799d)
- Bug 1178376 - Allow progressive painting when low-precision tiles are disabled r=BenWa (3b8d84e19c)
- Bug 1178376 - Put progressive paint status in tile updates r=nical (935d3b46ed)
- Bug 1251778: Attempt to avoid presenting when the window is still resizing. r=jrmuizel (32b194a6f7)
- Hoist mWidget into the Compositor base class. (bug 1264545 part 1, r=nical) (aca26ec343)
- Lift compositor-accessed methods from nsIWidget into CompositorWidgetProxy. (bug 1264545 part 2, r=jimm) (609a23157a)
- Rename FeatureStatus::Crashed to CrashedInHandler. (bug 1254899 part 4, r=milan) (0eae23a3fd)
- Move DeviceInitData from gfxWindowsPlatform to gfxPlatforn. (bug 1254899 part 5, r=milan) (e31540ba18)
- Merge gfxWindowsPlatform::mAcceleration into gfxConfig. (bug 1254899 part 6, r=milan) (9d45cc8b87)
- Add another feature state for blacklisting and environment decisions. (bug 1254899 part 7, r=milan) (e7eee53cfb)
- Give FeatureState a public interface. (bug 1254899 part 8, r=milan) (52d8e7f355)
- Replace gfxWindowsPlatform::mD3D11Status with gfxConfig. (bug 1254899 part 9, r=jrmuizel) (90dc658b53)
- Replace gfxWindowsPlatform::mD2D1Status with gfxConfig. (bug 1254899 part 10, r=milan) (eb9474f309)
- Fix assertion failure in gfxConfig. (bug 1269565, r=milan) (0eb738ce66)
- Add gfxConfig to nsIGfxInfo, for about:support access. (bug 1254899 part 11, r=jrmuizel) (e770240152)
- Change Compositor::GetWidget to return a CompositorWidgetProxy. (bug 1264545 part 3, r=jimm) (fdf1d96255)
- Bug 1251778 - Followup: Remove unreferenced local variable. r=bustage (27579f5542)
- Use CompositorWidgetProxy in place of nsIWidget in the compositor. (bug 1264545 part 4, r=jimm) (80def1c2eb)
- Use CompositorWidgetProxy in place of nsIWidget in CompositorBridgeParent. (bug 1264545 part 5, r=jimm,kats) (67d0e1ef7d)
- Move CompositorWidgetProxy inheritance out of nsIWidget. (bug 1264545 part 6, r=jimm) (61075722c5)
- Bug 1251894 - In CompositorD3D11::CreateTexture, copy as much as the render target allows. r=bas (bf5fc6baa2)
- Bug 1266444: It is OK for us not to have texture sharing. r=jrmuizel (0b1885f89d)
- Bug 1266396 - Make TextureClient more robust against racy shutdown situations. r=Bas (b1d7f54643)
- Fix test bustage due to platform line-endings. Bug 1222624 (10b8cf3592)
- More test bustage from bug 1222624 (763c4c0bb9)
- Backed out 4 changesets (bug 1222624) to fix bug 1249572 (7ba3d433d0)
- Bug 1268230 - RunTime.cpp and ScriptLoader do not have to use MainThreadStopSyncLoopRunnable, r=khuey (88499a3982)
- Bug 1037725 - Add warning message in the console when worker spawn over limit. r=khuey (8af94dbc1d)
- Bug 1047663 - Disabling the cache in a tab should also disable it for all workers in that tab;r=khuey (5411d81682)
- Bug 1253793 Update ScriptLoader assertion to handle cancelation case. r=khuey (18c78d5651)
- Bug 1245768 - Implement a test for the correct error management when worker imports 3rd party scripts, r=bz (c1d3f290a9)
- Bug 1249673. Muted errors should be turned into NetworkError DOMExceptions when returning from importScripts on workers, instead of becoming NS_ERROR_FAILURE. r=baku (0358282cbe)
- Bug 1265405 - Add a dictionary to specify how PeriodicWave should be normalized (or not); r=smaug …normalized (or not); r=smaugu (201213146c)
- Bug 1251082. Restore comments in PageTransitionEvent.webidl that got lost when nsIDOMPageTransitionEvent.idl was migrated to webidl. r=bz The mentioned migration happened in http://hg.mozilla.org/mozilla-central/rev/e6377ca32f3d from bug 1031051. (2dfa309056)
- Bug 1266178 Make ServiceWorkerClient not assert if the document doesn't have an outer window. r=ehsan (eafb169c91)
- Bug 1259164 - Set ServiceWorkerMessageEvent.origin correctly when calling ServiceWorkerClient.postMessage(); r=bkelly (caeb65d10e)
- Bug 1246319 P1 Dedupe service worker registrar entries. r=baku (b76deef941)
- Bug 1246319 P2 Verify entries are deduped from the ServiceWorkerRegistrar. r=baku (8a4e348d6e)
- Bug 1246319 P3 Fix service worker registry value update. r=bz (14abf6b6ce)
- Bug 1247970 - Remove principal spec from service worker registrar file. r=baku (3c30130700)
- Bug 1249438 P1 Move guts of RegisterServiceWorker() into a protected method that can be tested in gtest. r=baku (488243196d)
- Bug 1249438 P2 Modify existing gtest to use RegisterServiceWorkerInternal. r=baku (e86c66891d)
- Bug 1249438 P3 Add a gtest that registers duplicate service worker registrations. r=baku (35e269f9af)
- Bug 1226443 P6 Ignore update() called during top level service worker script evaluation. r=ehsan (dcb9d02553)
- Bug 1241725 - about:serviceworkers "Active Cache Name" UUID should not contain null bytes, r=bkelly (4cddea6a67)
- Bug 1221852 - SharedWorker.port should be always not null, r=smaug (a9800274dc)
- Bug 1261428: Clean up a bit more. r=bz (4977e3d7a5)
- Bug 890284. Stop splitting textnodes in the XML content sink. r=peterv (a46dfca1cf)
- Bug 1211708 Allow themes to specify XBL bindings even in unprivileged documents r=sicking (82cf1a4023)
- Bug 915962 - Part 1: Allow pressing space to scroll the document if an editable element or form control is not focused; r=roc (cdb934af03)
- Bug 915962 - Part 2: Add a test case for pressing space when a tabindex=-1 and a button element is focused; r=roc (17dcf5cfd0)
- Bug 915962 - Part 3: Do not crash when pressing the space bar without having an element focused; r=roc (2161e62bc3)
- Bug 1180761, cancel the event earlier so that space doesn't trigger checkbox change and scroll, r=neil (2425cb76ad)
- Bug 1259182 - Shrink keyCodeData. r=bz. (737204af84)
- Bug 1193567 - Check result of ReadID in nsXBLPrototypeBinding::Read(). r=wchen (c9b1c35bf3)
- Bug 1173344 - Remove an intermediary root from nsXBLProtoImplField's FieldGetterImpl; r=jandem (5f42dd2e48)
- Bug 1207494 - Part 14: Remove use of expression closure from dom/xbl/. r=bz (21c7d3825f)
- align tests (fe34b613d3)
- Bug 1223702 - Fix some errors about wifi direct. r=hchang (568d86054a)
- Bug 1166274 - Part 1: Handle the callback and IPC message of setStaticIpMode correctly. r=vchang (8fb8d7f3b7)
- Bug 1133665 - [Flame][Wifi] The SSID that has set to be binded with MAC address is not hightlighted when user taps it. r=hchang (3165471d13)
- Bug 1207494 - Part 13: Remove use of expression closure from dom/wifi/. r=henry (dd9ad23a8a)
- Bug 1251856 - Disable U2F in all releases (fix for 1231681). r=baku (24ada10566)
- align tests (dae9ecd0ee)
- var-let (11a3cb0878)
- Bug 1184822 - Use classId to get provider. r=fabrice (1288eccd06)
- Bug 1247410 - "test for _nomap ids does not work correctly". r=dougt (f736a04f08)
- Bug 1035097 - Changed the type from 'radio' to 'radioType'. r=jdm (f9a0079152)
- Bug 1177871 - Add a timeout to XHR request of WifiGeoPositionProvider. r=jdm (2f6aa87c20)
- align code to 978593 with POST and location structure (d8ba75a759)
- Bug 1230685 - Replace function declarations with add_task statements in test_storage_value_array.js and test_unicode.js. r=mak (9822bf2215)
- Bug 1230683 - Replace try/catch with Assert.throws in test_storage_connection.js. r=mak (1c993fc37e)
- Bug 655722 - Rewrite _buildGUIDMap in the sync bookmark engine to use PlacesUtils.promiseBookmarksTree. r=mak (3795d26af0)
- Bug 1251057 - enable debug logging for rest.js requests and responses. r=adw (1062bcd113)
- Bug 503515 - Try and ensure exported certificates include an extension by default. r=keeler (505967ab7f)
- Bug 1017616 - Filter out some more unnecessary characters when exporting certs. r=keeler (e95838e362)
- Bug 1241614 - don't overflow:auto the container, use em to size the dialog to avoid hidpi visibility issues, r=dolske,ttaubert (8bd6c2b35b)
- Bug 1266851. Make <xmp> and <listing> use HTMLPreElement as their primary interface, per <whatwg/html#1015>.  r=peterv (6be7f9d6e9)
- Bug 1262184 - Block embed content loading when child of media element; r=bz (a297eeb378)
- Bug 1263696 - Block embed content loading when ancestor of object element with content; r=bz (89c143cbfe)
- Bug 1266077. Fix <base> href getter to follow the spec; it should be using the fallback base URI to resolve against, not the document URI. r=bkelly (e757b23a14)
- Bug 1168079 nsTextEditRules::CollapseSelectionToTrailingBRIfNeeded() should ensure that there is a selection before calling nsEditor::GetStartNodeAndOffset() r=ehsan (6c283bf3a7)
- Bug 898321 - Return success from nsTableEditor::GetCellAt if frame not found; r=ehsan (0d09143b95)
- Bug 387687 - wrap quotes in plain text replies to window. r=masayuki (ca51437018)
- Bug 1247483 - Only replace nodes in nsHTMLEditor::ReplaceOrphanedStructure if all nodes in node list are descendants of replacement node. r=ehsan (8416037da2)
- bug 1266496 - fire some selection events for proxied accessibles r=davidb (8806de7dd9)
- bug 1266518 - add a new event message for AccSelChangeEvents r=davidb (46af183cab)
- Bug 953265: Adjust Opus bitrate in WebRTC to pass >8KHz audio, and comment r=bwc (b0be6a326e)
- Bug 1221473: Do not treat answer as authoritative wrt payload types. r=drno (d27409209e)
- Bug 1241321 - No RTCP stats for audio streams. r=rjesup (ec0222694e)
- bug 1250492 - use tl::Max instead of std::max to get rid of a static constructor r=jesup (3cebbc8969)
- Bug 1254187: Fix maxBitrate to respect simulcast. r=jesup (e569e54b57)
- Bug 1158931 - Fix static assertion compilation error; r=snorp (eb27881746)
- No bug, fix WebrtcMediaCodecVP8VideoCodec.cpp warnings (a983544581)
- Bug 1252737 - use size_t instead of uint32_t for InitEncode(). r=jesup (57c3abc9fa)
- Bug 1208371 - Never send more than one disabled frame in a row to the WebRTC encoder. r=jesup (ec0c28822b)
- Bug 1208371 - Do image format conversion async in MediaPipeline. r=jesup (032efec783)
- Bug 1266685 - Don't pass too many frames to the MediaPipelineTransmit VideoFrameConverter. r=jesup (21774a8d25)
- Bug 1266644 - Rename StreamBuffer to StreamTracks. r=jesup r=pehrsons (21906fe1f7)
- Bug 1208371 - Don't treat audio chunks as mutable in MediaPipeline. r=padenot (3878ef4332)
- Bug 1246310 - Let MediaPipelineReceive tracks start at 0. r=jesup (b468ff8d48)
- Bug 1266644 - Rename DOMMediaStream:: CreateXXXStream to DOMMediaStream:: CreateXXXStreamAsInput. r=jesup r=pehrsons (fe4b6d70bc)
- Bug 1234578: Add an assertion. r=drno, a=abillings (f1a2c8d841)
- bug 1250492 - include sstream in SdpMediaSection.h instead of iostream r=jesup (110b5c2eca)
- Bug 1264470 - a=identity is a long attribute, r=bwc (5848194fe9)
- Bug 1256750: Remove unnecessary sscanf_s parameter on windows, and fix format string everywhere else. r=jesup (371c0db476)
- Bug 1204082 - try strtoull instead. r=mt (a0313aa87c)
- Bug 1113443 - reject each media type with approriate default. r=bwc (a72ff312d1)
- Bug 1095793 - use mid if provided to place candidate in msection. r=bwc (2c29b21fac)
- Bug 1252699 - Set WEBRTC_DETECT_ARM_NEON when optional neon is requested. r=jesup (722e2043a5)
- Bug 1229475 - webrtc: Call opus tonality_analysis_init. r=jesup (1cf8cc2cd7)
- Bug 1254876: assert windows recording is shut down r=pkerr (1f2cb69073)
- Bug 1227481 - added a memset on aec. r=jesup (532026ce20)
- Bug 1254507 - Fix leak in WebRTC DesktopApplication class. r=jesup (54da72aeb4)
- Bug 1196542 - share only windows with non-zero area. r=pkerr (94595ec463)
- Bug 1202087 - Filter out non-shareable application for win8 or greater. r=jesup (d989956802)
- Bug 1216529 - WebRTC: Request camera permission before accessing camera APIs. r=gcp (24b6699226)
- Bug 1237630 - Part 1: Video freeze from WebRTC sender. r=rjesup (02daa8b5b7)
- Bug 1237630 - Part 2: remove LOG statement generating a now defunct error condition. r=rjesup (c6002ef12f)
- Bug 1248335: avoid using SvcInternal structure entirely, as system-vpx may not have it r=pkerr (ef9b21f20c)
- Bug 1234571: unregister encoded-frame callback when releasing codec databases r=pkerr (321bd5166b)
- Bug 820972 - Comment out colorTable[] because we don't need it. r=jesup. (60b10803d5)
- cleanup and missing test stuff (e2be0331d9)
- Merge remote-tracking branch 'upstream/dev' into winbuild (3a3bb0b315)
- layout/media: fix export symbol list, fix build bustage (f9f5bfe14c)
2024-09-10 22:30:49 +08:00

267 lines
9.2 KiB
JavaScript
Raw Permalink Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
"use strict";
// How to run this file:
// 1. [obtain CNNIC-issued certificates to be whitelisted]
// 2. [obtain firefox source code]
// 3. [build/obtain firefox binaries]
// 4. run `[path to]/run-mozilla.sh [path to]/xpcshell makeCNNICHashes.js \
// [path to]/intermediatesFile
// [path to]/certlist'
// Where |intermediatesFile| is a file containing PEM encoded intermediate
// certificates that the certificates in |certlist| may be issued by.
// where certlist is a file containing a list of paths to certificates to
// be included in the whitelist
var Cc = Components.classes;
var Ci = Components.interfaces;
var Cu = Components.utils;
var gCertDB = Cc["@mozilla.org/security/x509certdb;1"]
.getService(Ci.nsIX509CertDB);
var { NetUtil } = Cu.import("resource://gre/modules/NetUtil.jsm", {});
var { Services } = Cu.import("resource://gre/modules/Services.jsm", {});
const HEADER = "// This Source Code Form is subject to the terms of the Mozilla Public\n" +
"// License, v. 2.0. If a copy of the MPL was not distributed with this\n" +
"// file, You can obtain one at http://mozilla.org/MPL/2.0/.\n" +
"//\n" +
"//***************************************************************************\n" +
"// This file was automatically generated by makeCNNICHashes.js. It shouldn't\n" +
"// need to be manually edited.\n" +
"//***************************************************************************\n" +
"\n";
const PREAMBLE = "#define CNNIC_WHITELIST_HASH_LEN 32\n\n" +
"struct WhitelistedCNNICHash {\n" +
" const uint8_t hash[CNNIC_WHITELIST_HASH_LEN];\n" +
"};\n\n" +
"static const struct WhitelistedCNNICHash WhitelistedCNNICHashes[] = {\n";
const POSTAMBLE = "};\n";
function writeString(fos, string) {
fos.write(string, string.length);
}
// fingerprint is in the form "00:11:22:..."
function hexSlice(fingerprint, start, end) {
let hexBytes = fingerprint.split(":");
let ret = "";
for (let i = start; i < end; i++) {
let hex = hexBytes[i];
ret += "0x" + hex;
if (i < end - 1) {
ret += ", ";
}
}
return ret;
}
// Write the C++ header file
function writeHashes(certs, lastValidTime, fos) {
writeString(fos, HEADER);
writeString(fos, `// This file may be removed after ${new Date(lastValidTime)}\n\n`);
writeString(fos, PREAMBLE);
certs.forEach(function(cert) {
writeString(fos, " {\n");
writeString(fos, " { " + hexSlice(cert.sha256Fingerprint, 0, 16) + ",\n");
writeString(fos, " " + hexSlice(cert.sha256Fingerprint, 16, 32) + " },\n");
writeString(fos, " },\n");
});
writeString(fos, POSTAMBLE);
}
function readFileContents(file) {
let fstream = Cc["@mozilla.org/network/file-input-stream;1"]
.createInstance(Ci.nsIFileInputStream);
fstream.init(file, -1, 0, 0);
let data = NetUtil.readInputStreamToString(fstream, fstream.available());
fstream.close();
return data;
}
function relativePathToFile(path) {
let currentDirectory = Cc["@mozilla.org/file/directory_service;1"]
.getService(Ci.nsIProperties)
.get("CurWorkD", Ci.nsILocalFile);
let file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile);
file.initWithPath(currentDirectory.path + "/" + path);
return file;
}
function pathToFile(path) {
let file = relativePathToFile(path);
if (!file.exists()) {
// Fall back to trying absolute path
file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile);
file.initWithPath(path);
}
return file;
}
// punt on dealing with leap-years
const sixYearsInMilliseconds = 6 * 366 * 24 * 60 * 60 * 1000;
function loadCertificates(certFile) {
let nowInMilliseconds = (new Date()).getTime();
// months are 0-indexed, so April is month 3 :(
let april1InMilliseconds = (new Date(2015, 3, 1)).getTime();
let latestNotAfter = nowInMilliseconds;
let certs = [];
let certMap = {};
let invalidCerts = [];
let paths = readFileContents(certFile).split("\n");
for (let path of paths) {
if (!path) {
continue;
}
let certData = readFileContents(pathToFile(path));
let cert = null;
try {
cert = gCertDB.constructX509FromBase64(certData);
} catch (e) {}
if (!cert) {
cert = gCertDB.constructX509(certData, certData.length);
}
// Don't add multiple copies of any particular certificate.
if (cert.sha256Fingerprint in certMap) {
continue;
}
certMap[cert.sha256Fingerprint] = true;
// If we can't verify the certificate, don't include it. Unfortunately, if
// a CNNIC-issued certificate wasn't previously on the whitelist but it
// otherwise verifies successfully, verifyCertNow will return
// SEC_ERROR_REVOKED_CERTIFICATE, so we count that as verifying
// successfully. If the certificate is later revoked by CNNIC, the user
// will see that when they attempt to connect to a site using it and we do
// normal revocation checking.
let errorCode = gCertDB.verifyCertNow(cert, 2 /* SSL Server */,
Ci.nsIX509CertDB.LOCAL_ONLY, null,
{}, {});
if (errorCode != 0 &&
errorCode != -8180 /* SEC_ERROR_REVOKED_CERTIFICATE */) {
continue;
}
let durationMilliseconds = (cert.validity.notAfter - cert.validity.notBefore) / 1000;
let notBeforeMilliseconds = cert.validity.notBefore / 1000;
let notAfterMilliseconds = cert.validity.notAfter / 1000;
// Only consider certificates that were issued before 1 April 2015, haven't
// expired, and have a validity period shorter than 6 years (there is a
// delegated OCSP responder certificate with a validity period of 6 years
// that should be on the whitelist).
if (notBeforeMilliseconds < april1InMilliseconds &&
notAfterMilliseconds > nowInMilliseconds &&
durationMilliseconds < sixYearsInMilliseconds) {
certs.push(cert);
if (notAfterMilliseconds > latestNotAfter) {
latestNotAfter = notAfterMilliseconds;
}
}
if (durationMilliseconds >= sixYearsInMilliseconds) {
invalidCerts.push(cert);
}
}
return { certs: certs,
lastValidTime: latestNotAfter,
invalidCerts: invalidCerts };
}
// Expects something like "00:11:22:...", returns a string of bytes.
function hexToBinaryString(hexString) {
let hexBytes = hexString.split(":");
let result = "";
for (let hexByte of hexBytes) {
result += String.fromCharCode(parseInt(hexByte, 16));
}
return result;
}
function compareCertificatesByHash(certA, certB) {
let aBin = hexToBinaryString(certA.sha256Fingerprint);
let bBin = hexToBinaryString(certB.sha256Fingerprint);
if (aBin < bBin) {
return -1;
}
if (aBin > bBin) {
return 1;
}
return 0;
}
function certToPEM(cert) {
let der = cert.getRawDER({});
let derString = '';
for (let i = 0; i < der.length; i++) {
derString += String.fromCharCode(der[i]);
}
let base64Lines = btoa(derString).replace(/(.{64})/g, "$1\n");
let output = "-----BEGIN CERTIFICATE-----\n";
for (let line of base64Lines.split("\n")) {
if (line.length > 0) {
output += line + "\n";
}
}
output += "-----END CERTIFICATE-----";
return output;
}
function loadIntermediates(intermediatesFile) {
let pem = readFileContents(intermediatesFile);
let intermediates = [];
let currentPEM = "";
for (let line of pem.split("\r\n")) {
if (line == "-----END CERTIFICATE-----") {
if (currentPEM) {
intermediates.push(gCertDB.constructX509FromBase64(currentPEM));
}
currentPEM = "";
continue;
}
if (line != "-----BEGIN CERTIFICATE-----") {
currentPEM += line;
}
}
return intermediates;
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
if (arguments.length != 2) {
throw new Error("Usage: makeCNNICHashes.js <PEM intermediates file> " +
"<path to list of certificates>");
}
Services.prefs.setIntPref("security.OCSP.enabled", 0);
var intermediatesFile = pathToFile(arguments[0]);
var intermediates = loadIntermediates(intermediatesFile);
var certFile = pathToFile(arguments[1]);
var { certs, lastValidTime, invalidCerts } = loadCertificates(certFile);
dump("The following certificates were not included due to overlong validity periods:\n");
for (let cert of invalidCerts) {
dump(certToPEM(cert) + "\n");
}
// Sort the key hashes to allow for binary search.
certs.sort(compareCertificatesByHash);
// Write the output file.
var outFile = relativePathToFile("CNNICHashWhitelist.inc");
if (!outFile.exists()) {
outFile.create(Ci.nsIFile.NORMAL_FILE_TYPE, 0644);
}
var outStream = Cc["@mozilla.org/network/file-output-stream;1"]
.createInstance(Ci.nsIFileOutputStream);
outStream.init(outFile, -1, 0, 0);
writeHashes(certs, lastValidTime, outStream);
outStream.close();
Reference in New Issue View Git Blame Copy Permalink