mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:18:48 +00:00
roytam1
c7dc12e90f
- Bug 1251253 - prevent null pointer dereference of |aContext| in CacheStorageService::DoomStorageEntries. r=mayhemer (35b449c612)
- Bug 1260498 - Make test_rel_preconnect work in e10s mode. r=mcmanus (e6823ce4c4)
- Bug 1016628 - Add prefetch abilities to the predictor. r=mayhemer (53ab180c97)
- Bug 1258482 - FileList should contain only Files, not Directories, r=smaug (ff78125454)
- Bug 1258694 - Implement Directory::GetFiles(), r=smaug (305784524e)
- Bug 1263992 - patch 1 - Remove DirectoryType enum, r=smaug (89e1a59041)
- Bug 1263992 - patch 2 - Support the creation of directories from FileSystemTasks, r=smaug (c569092cef)
- Bug 1243586 - Implement Upgrade-Insecure-Requests HTTP Request Header Field. r=rbarnes (4b8a84c656)
- Bug 1262572 - http 0.9 telemetry. r=hurley (6006881336)
- Bug 587177 - Update all comments before SetOriginalURI to reflect reality, r=mcmanus (b2fedb0728)
- Bug 1261632 - Assert that OnStopRequest is called only once. r=michal (c35b1922b9)
- Bug 1232422 - Convert 5 tests within netwerk/test to use AsyncOpen2 (r=mcmanus) (4af8d43814)
- Bug 831450 - No Range Requests against weak Etag r=mayhemer (9b4a159e1e)
- Bug 1214277 - Avoid bypassing opening a cache entry for possibly intercepted channels; r=mcmanus (c5b0de6990)
- partial apply Bug 1234369 - Convert 25 tests within netwerk/test to use AsyncOpen2 (1b81d5a303)
- Bug 299031 - heuristic cache rule for 410 should be longer r=mayhemer (848834fc31)
- Bug 1121447 - trust cache less for error codes r=mayhemer (0424fec819)
- Bug 1125916 - Check whether loadInfo and loadContext match. r=sicking, r=jduell (6740850922)
- Bug 1258778 - Purge the skia glyph cache when receiving a low memory notice. r=erahm (633c60b0c6)
- Bug 1125916 - Add SEC_FORCE_PRIVATE_BROWSING to LoadInfo. r=sicking, r=jduell (10b5a1cacb)
- Bug 1105556 - test fixes. r=sicking, ckerschb (845d0dbd65)
- Bug 1258481 - Use RegionBuilder for nsRegion IPC. r=jrmuizel (616c279297)
- Bug 1014691 - Fix an include-what-you-use error in TestCompositor.cpp. r=kats (2797f83f1d)
- Bug 1256408 - Add graphics microbenchmarking. r=mstange (49b11b051b)
- Bug 1258481 - Add a RegionBuilder for accumulating rects. r=jrmuizel (acd79192db)
- Track whether or not remote layers have acknowledged compositor changes. (bug 1256517 part 1, r=mattwoodrow) (e3cc77ed41)
- Move compositable field out of individual compositable ops. (bug 1256517 part 2, r=mattwoodrow) (1d4a063df3)
- Bug 1241058: Assure several operations properly operate on the current group target. r=jrmuizel (6119e2b4db)
- Bug 1247700: Avoid crash from invalid fonts. r=bas (c4c2799b94)
- Bug 1242421 - remove useless null check. r=roc@ocallahan.org (44faf6556d)
- Add instrumentation for when content processes fail to acquire D3D11 devices. (bug 1247539, r=milan) (bd9265d78e)
- Make access to gfxWindowsPlatform D3D11 devices thread-safe. (bug 1258174, r=bas) (032e74b163)
- Disable device access on textures created against stale layers. (bug 1256517 part 3, r=nical) (ffcebbdee6)
- Block compositable updates from stale layers. (bug 1256517 part 4, r=mattwoodrow,nical) (fc83339f2d)
- Fix build bustage for bug 1256517 r=broken tree (3952871373)
- Bug 1256678 - Replace DrawTargetCairo::FillGlyphs crashes with other crashes - r=bobowen (b7245ba436)
- Bug 1120485. Log CloseHandle error reason during MessageChannel shutdown failure. r=milan (2f81d9c2aa)
- Bug 1242448 - Ensure the tile pool does not hold textures during shutdown. r=edwin (d31c304258)
- Bug 1258851 - Propagate the isScrollbarContainer layer flag to the compositor. r=mattwoodrow (b9906d7557)
- Bug 1260391: Transfer |CompositableOperation| in |AsyncChildMessageData|, r=dvander (1def34c5f8)
- Bug 1252324 - add DrawTarget API for 3D transforms for use in layers. r=jrmuizel (bc80529422)
- Bug 1255342 - implement DrawTargetCairo::LockBits for Cairo Win32 surfaces. r=sotaro (6f5661691b)
- Bug 1263480 - Don't let cairo go into an error state when DrawSurface is called with an empty destination rectangle. r=lsalzman (4300940101)
- Bug 1251241 - return from DrawTargetCairo::FillGlyphs if |aFont| is ullptr. r=roc (bb92f95ccd)
- Bug 1255320 - Create DrawTarget with DIB as similar DrawTarget r=jrmuizel (03f1da030d)
- Bug 1215265 - Put shutting down gfx ipdl protocols for child processes behind a pref. r=sotaro (aa781b37f9)
- Bug 1262898: Keep the GeckoChildProcessHost alive for the lifetime of the CompositorBridge and ImageBridge parent actors. r=jimm r=nical (dcca3b54e1)
- Bug 1251619: Remove unused gfxPlatform::CreateDrawTargetForUpdateSurface r=mchang (b29565995e)
- Bug 1255973 - Remove redundant overrides from gfxPlatform subclasses. r=jfkthame (d45f8a6640)
- Bug 1259466. Rename layers.offmainthreadcomposition.enabled. r=milan We would rather people not use this pref. (f362da1bd3)
- Bug 881609: Call InitLayersAccelerationPrefs only once. r=nrc (faed10a0d4)
- Bug 1209780. Mark some DrawResult's as unused in layout/svg. r=seth (48192d6b34)
- Bug 1251115 - Fix incorrect rendering result while mask path is not resolvable; r=mstange (a52b478fdf)
- Bug 1228354 - Part1 - Support luminance mask mode. r=mstange r=bas (b03abbe8a6)
- Bug 1228354 - Part2. Add test case for mask-mode. r=heycam (6bea36a70c)
- Bug 1259802: Add type replacement annotations to simplify rust binding generation for nsStyleStruct.h, r=bholley (48c13e62f2)
- Bug 1261754 - Part 1: Improve static assertions for style struct bits. r=dholbert (2ce6d994a5)
- Bug 1261552 - Reimplement default placement-new for style structs. r=heycam (db9d7782e2)
- Bug 1261552 - Introduce StaticPresData and hoist some shared functionality into it. r=heycam (adf2e16b4d)
- Bug 1226627 - Truncate the result in ZoomText/UnZoomText rather than rounding it for better performance. r=roc (f1d1084ba1)
- Bug 1247777 - Part1: parse and compute -webkit-text-fill-color property. r=heycam (fc4161355c)
- Bug 1247777 - Part2: implement -webkit-text-fill-color rendering. r=jfkthame (0f30da9c5b)
- Bug 1247777 - Part3: reftests for -webkit-text-fill-color. r=jfkthame Add this test into web-platform-tests. (02e41db8cc)
- Bug 1043461 - Followup to ensure we still test custom property position when the UA style sheet doesn't have custom properties in it. r=dholbert (48df73d684)
- Bug 1247777 - Part4.1: replace windows-style line endings with unix-style line endings. r=bz (be8ba60960)
- Bug 1247777 - Part4.2: add compatible webkit prefixed properties in CSS properties ordering check test. r=bz (7b78825e14)
- Bug 1261552 - Introduce StyleStructContext, and make all style struct constructors take it. r=heycam (65b3966841)
- Bug 1258017 - Use an nsCOMPtr to hold onto the nsIStyleRule. r=dbaron (e88d7e368f)
- Bug 1258017 - Use a RefPtr to hold onto the parent style context. r=dbaron (6a7289ca43)
- Bug 1258017 - Redesign and simplify rule tree GC. r=dbaron (3bf60a9b04)
- Bug 1253149 - Remove the #ifdef __cplusplus bits from ServoBindings.h. r=SimonSapin (bf2b18a470)
- Bug 1251496 - Forward stylesheet management to RawServoStyleSet. r=heycam (0a3aa90b2d)
- Bug 1260310 - Generalize nsStyleContext to support resolving styles from either nsRuleNode or ServoComputedValues. r=heycam (82b6d5d008)
- Bug 1258017 - Cleanup fixes for trunk. r=me (674a65815a)
- Bug 1236400 part 1: Add internal enum values to represent "display: -webkit-box" & "display: -webkit-inline-box". r=mats (509c94da15)
- Bug 1236400 part 2: Extend NeedsAnonFlexOrGridItem() & related code to wrap all inline-level -webkit-box children in an anonymous flex item. r=mats (dc11b9b09f)
- Bug 1236400 part 3: If webkit prefix support is enabled, skip CSS Parser code that converts "display: -webkit-box" directly to "display: flex". r=mats (e09b459124)
- Bug 1236400 part 4: Add reftests to test how non-block-level content gets wrapped inside a -webkit-box. (no review) (46e4d8cb07)
- Bug 1261754 - Part 2: Make quotes computed values shareable between different structs. r=dholbert (a78e43b706)
- Bug 1261754 - Part 3: Move quotes from nsStyleQuotes to nsStyleList and delete nsStyleQuotes. r=dholbert (fdcd9aaa3f)
- Bug 1209273 - Part 1: Support for adjust-color CSS property. r=dbaron (818a7fe0ff)
- Bug 1209273 - Part 2: Force printing background if color-adjust: exact. r=dbaron (ffd52c0dbc)
- Bug 1261754 - Part 4: Move image-rendering from nsStyleSVG to nsStyleVisibility. r=dholbert (ee8372fb94)
- Bug 1261754 - Part 5: Move text-rendering from nsStyleSVG to nsStyleText. r=dholbert (c13a11313d)
- Bug 1261754 - Part 6: Move vertical-align from nsStyleTextReset to nsStyleDisplay. r=dholbert (d374b3700b)
- Bug 1261754 - Part 7: Move pointer-events from nsStyleVisibility to nsStyleUserInterface. r=dholbert (8693251243)
- Bug 1261754 - Part 8: Move box-shadow from nsStyleBorder to a new nsStyleEffects struct. r=dholbert (8263476827)
- Bug 1261754 - Part 9: Move clip from nsStyleDisplay to nsStyleEffects. r=dholbert (5418597309)
- Bug 1261754 - Part 10: Move mix-blend-mode from nsStyleDisplay to nsStyleEffects. r=dholbert (ebae613929)
- Bug 1261754 - Part 11: Move opacity from nsStyleDisplay to nsStyleEffects. r=dholbert (589292af44)
- Bug 1187851 patch 6 - Make dynamic changes to filter change fixed position containing block for descendants. r=roc (003a3aa6ce)
- Bug 1261754 - Part 12: Move filter from nsStyleSVGReset to nsStyleEffects. r=dholbert (78d87914f9)
- Bug 1259513: Make gfxContext constructor private, use a utility function that can return nullptr. r=bas,lsalzman (43df6e429f)
- Bug 1259785: Do a proper flush when taking a snapshot so our dependent targets and command lists get appropriately cleared. r=jrmuizel (9f7372cce1)
- Bug 1251431 - Part 1: Allow usage of an A8 source pattern to MaskSurface for D2D 1.1 Moz2D backend. r=jwatt (632eb6d2da)
- Bug 1251431 - Part 2: Do not apply the device transform when drawing to an already intermediate surface. r=jwatt (3a24f4a5c6)
- Bug 1251431 - GCC compilation fixup. (2356f0a58c)
- Bug 1238328: Purge stored command lists by calling EndDraw/BeginDraw on a regular basis when they're used. r=jrmuizel (33f47b281f)
- Bug 1246641: Also execute an occasional EndDraw for CommandLists used by non-operator OVER drawing. r=jrmuizel (b3e03ad111)
- Bug 1258168: Push ClearType compatible clipping layers when the last pushed layer was marked as opaque. r=jrmuizel (bd069ad7b6)
- Bug 1264736: Crash sooner if we can't get a valid command list, at least in nightly/aurora. r=bas (fb4bb56815)
- Bug 1255438 - create nsI{Mutable,}Array directly; r=keeler (1b802b23b7)
- Bug 1255438 - fix OS X warning bustage and reopen this CLOSED TREE; r=me (07a05910a6)
- bug 1197314: Remove PR_snprintf calls in security/manager/ssl/ r=keeler (f2271aad87)
- Bug 1258298 - Switch more Scoped.h templates in PSM to UniquePtr equivalents. r=keeler (2ee1a85d8e)
- Bug 1191414 - gather telemetry on usage of <keygen>. r=keeler,r=vladan (150bad38a1)
- Bug 1260644 - Use UniquePLArenaPool to manage PLArenaPools in PSM. r=keeler (9e8ad9c0d4)
- Bug 1247250 - Enable TLS 1.3 anti-downgrade on non-secure fallback. r=keeler (7a950b427a)
- Bug 1215796 - Remove the static fallback whitelist. r=keeler (fa55b5920b)
- bug 1254667 - change certificate verification SHA1 policy to "allow or locally-installed roots" r=jcj (5d0bb9e8b1)
- bug 1245280 - add policy mechanism to optionally enforce BRs for falling back to subject CN r=Cykesiopka,mgoodwin (ecd4f2180a)
- Bug 1254653 - Add telemetry to measure how often we encounter EV certificates r=keeler (9da287b490)
- Bug 1259909 - Obviate char PORT_Free() calls in PSM. r=keeler (b7ba2a47da)
- Bug 1252882 - Add a Content Signature Service r=keeler,r=franziskus,r=Cykesiopka (8b806022a0)
- Bug 1255784 - u2f tests should use SpecialPowers.pushPrefEnv, r=jjones (839a58476f)
- Bug 1244960 - Complete FIDO u2f NSSToken (Part 1). r=keeler, r=baku (3d64aa2b7c)
- Bug 1244960 - FIDO u2f NSSToken (Part 2): Use Attestation Certificates. r=keeler (aee3ffc830)
- Bug 1244960 - FIDO u2f NSSToken (Part 3): Review updates. r=keeler (b2f81c2b72)
- Bug 1244960 - FIDO u2f NSSToken (Part 4): Correct FacetID base algorithm. r=keeler (9e70506580)
- Bug 1244960 - FIDO u2f NSSToken (Part 5): Review updates. r=keeler (62a28f2502)
- Bug 1231643 - Part 1. Create skia-A8-surface for mask composition when backendtype of the source DrawTarget is CG; r=mstange (dd03d86f55)
- Bug 1244598 - Move resource files of w3c-css/masking into ./support subdir. r=dbaron (4c9e789191)
- Bug 1243675 - Part 1. Add mask-image property reftest. r=dbaron (18e5dfa90b)
- Bug 1243675 - Part 2. Add mask-clip property reftest. r=dbaron (ddf834d408)
- Bug 1243675 - Part 3. Add mask-position property reftest. r=dbaron (68cae7c7e6)
- Bug 1243675 - Part 4. Add mask-repeat property reftest. r=dbaron (0a3ed45377)
- Bug 1243675 - Part 5. Add mask-origin property reftest. r=dbaron (f5785145a7)
- Bug 1243675 - Part 6. Add mask-size property reftest. r=dbaron (1ab2040973)
- Bug 1231643 - Part 2. Enable mask-composite reftest; r=dbaron (8c3b863d97)
- Bug 1263622 - Fixed nsNSSComponent.cpp compilation on mingw. r=dkeeler,ted (0e651c0211)
- Bug 1266249 - Remove mHasCachedOutline. r=dbaron (c46459acf2)
- Bug 1235634 - Construct nsNSSShutdownList::singleton lazily on first use r=keeler (1b53753c2e)
- Bug 1262645 - Address misc issues with nsGetUserCertChoice(). r=keeler (ec675be29a)
- Bug 1238001 - Allow TLS info to be updated on renegotiation, r=keeler (a2ec0c8a07)
- Bug 1201437 - Add new WebProgress state flag for user-overridden cert. r=keeler (0b9edbc8d8)
- Bug 1201437 - Make cert override tests check for STATE_CERT_USER_OVERRIDDEN. r=keeler (5246515084)
- bug 1261936 - stop using the subject common name in certificate verification error messages r=Cykesiopka (982cf43a11)
- bug 1230234 - fix a leak in client auth certificate handling r=Cykesiopka (6e83f81218)
- Bug 1260643 - Convert most uses of ScopedCERTCertificate in PSM to UniqueCERTCertificate. r=keeler (806b895c41)
- Bug 1207137 - Set a security state flag when weak crypto override is needed. r=keeler Bug 1254306 - Do not check the fallback limit version for the RC4 fallback. r=keeler (8b5cb7101f)
- Bug 1253010 - part 3 - create all nsIDateTimeFormat instances directly; r=smontagu (c1aa5d1d62)
- Bug 1260310 - Create servo style contexts from ServoStyleSet. r=heycam (05f876eb13)
- Bug 759568 - Part 1. Parse background-clip:text; r=dholbert r=heycam (d013b8fd84)
- Bug 1251995 part 6 - Use struct to pass params for nsTextFrame::PainText* functions. r=jfkthame (3b9c163eab)
- Bug 759568 - Part 2. Render background-clip:text; r=jfkthame (e534e048bf)
- Bug 759568 - Part 4. mochitest for background-clip:text; r=heycom (3e548ebf99)
- Bug 759568 - Part 5. reftest for background-clip:text; r=dbaron (43d2915305)
- Bug 759568 - Part 6. Remove unused nsDisplayList::mVisibleRect; r=jfkthame (960a85de40)
- Bug 1264910 - Simplify pref callback register/unregister in nsLayoutUtils. r=dholbert (f50219f117)
- Bug 1097499 part 1 - Control support of 'text-combine-upright: digits' via a separate pref. r=heycam (37df36e815)
- Bug 1261062 - When constraining the displayport by the max texture size, maintain the relative distribution of the margins. r=dvander (9a9423bdf1)
- Bug 1246290 - Add a pref to allow disabling APZ on documents which have scroll-linked effects. r=botond (781b63c578)
- Bug 1263347 - When checking if displayport changes should schedule a paint, make sure to use the proper displayport. r=mstange (998f59843e)
- Bug 1097499 part 15 - Add reftests for text-combine-upright. r=jfkthame (843bea00bc)
- Bug 1097499 followup - Fix metadata of tests submitted to w3c. DONTBUILD (e671b5b38b)
- Bug 1097499 followup 2 - Fix metadata of tests submitted to w3c. DONTBUILD (abf0895450)
- Bug 1097499 part 2 - Add a macro to simplify usage of nsStyleContext::GetUniqueStyleData. r=heycam (10486f1f24)
- Bug 1097499 part 3 - Add a separate anonbox for text nodes. r=heycam (7dd4347215)
- Bug 1097499 part 4 - Adjust computed value of writing-mode on text frames when text-combine-upright is used. r=heycam (c193f14b27)
- Bug 1097499 part 5 - Layout text combine upright. r=jfkthame (c21422930b)
- Bug 1097499 part 6 - Inherit move direction from parent for horizontal-in-vertical text. r=jfkthame (cf436b8494)
- Bug 1097499 part 7 - Add reverse function of GetFullWidth. r=emk (32d02e7437)
- Bug 1097499 part 8 - Move CountGraphemeClusters to mozilla::unicode. r=emk (e2b8942e53)
- Bug 1156588 - Add crashtest. (237adb0604)
- Bug 1234622. Tweak how nsDocumentViewer::FindContainerView finds the parent presshell. r=bz (d1e76ae2e9)
- Bug 1245978 part 1: Make nsDocumentViewer::CreateStyleSet directly return the thing it creates. r=heycam (ede16260a4)
- Bug 1245978 part 2: Drop redundant 'virtual' keyword from NS_DECL_NSIDOCUMENTVIEWERPRINT macro (which already includes 'override' keyword). r=heycam (42b8962e4f)
- Bug 1183879 - Soften "non-subdocument frame" warning to also allow dummy nsFrames, which exist while subdocument is loading. r=dholbert (6ebcb53421)
- Bug 1259246. Move nsIPresShell::GetRealPrimaryFrameFor to nsLayoutUtils::GetRealPrimaryFrameFor. r=dholbert (d3efd2f03a)
- Bug 645647 part 1 - Don't let empty bullet frames block suppressing white-space in intrinsic size calculations. r=dholbert (2ce0a86bfb)
- Bug 645647 part 2 - Reftests. (496e491990)
- Bug 645647 part 3 - Remove unused trailingTextFrame member. r=dholbert (bd26ea25e6)
- Bug 645647 part 4 - Add an 'm' prefix to some members to follow our naming conventions. r=dholbert (fe3c5240c9)
- Bug 1097499 part 9 - Transform full-width characters to non-full-width correspondents for combined text. r=jfkthame (5b1eafe2a7)
- Bug 1097499 part 10 - Add fwid/hwid/twid/qwid font feature support to gfx. r=jfkthame (682698dd38)
- Bug 1097499 part 11 - Set width variant for text-combined frame. r=jfkthame (937f61e0e9)
- Bug 1097499 part 12 - Handle spacing sensibly for text-combine-upright. r=jfkthame (9ae1ab2941)
- Bug 1220438 - Correct baseline offset computation of text decoration for vertical-rl. r=jfkthame (10ad32d702)
- Bug 1258636 part 1 - Use structs to pass params for decoration-related functions in nsCSSRendering. r=jfkthame (deef7071f1)
- Bug 1258636 part 2 - Use struct to pass params for nsTextFrame::PaintDecorationLine. r=jfkthame (df5bde2547)
- Bug 1229743 part 1 - Simplify text decoration handling code with lambda function and range-based for loop. r=jfkthame (51cd3ea4ca)
- Bug 1229743 part 2 - Fix up decoration rect computation for vertical-rl and sideways-lr. r=jfkthame (0113279f53)
- Bug 1251995 part 7 - Use struct to pass params for nsTextFrame::Paint*Shadow functions. r=jfkthame (e81ba231aa)
- Bug 759568 - Part 3. Render text-selection beneath background image; r=jfkthame (e6757762ff)
- Bug 1097499 part 13 - Draw decoration line properly for text-combine-upright. r=jfkthame (8f4be7f987)
- Bug 1264120. Remove usage of nsAutoPtr from gfx/src. r=jfkthame (6831454d8c)
- Bug 1119619 - Allow font-selection to fall back to an alternative face within the same family if the first-found face was not Regular, to handle cases where some styled faces have a reduced character set. r=m_kato (d8851b2877)
- Bug 1243226 - relax the limit on fontconfig generics. r=heycam, a=me (05df737d0e)
- Bug 1245811 - part 1 (based on patch by Andrew Comminos) - Replace gfxPlatformFontList::FindFamily with FindAndAddFamilies to allow for the possibility of the implementation returning multiple font families (e.g. when fontconfig has 'prefer' aliases). r=karlt (2bef9fafb0)
- Bug 1245811 - part 2 (based on patch by Andrew Comminos) - Let gfxFcPlatformFontList return multiple families for a given name once fontconfig substitutions have been applied. r=karlt (1ffb425a0e)
- Bug 1265452 - Remove use of nsAutoPtr from gfx/thebes. r=jrmuizel (d02c913ad5)
- Bug 1265459 - Replace uses of nsAutoPtr<gfxTextRun> with UniquePtr, and let MakeTextRun and similar methods return a UniquePtr. r=jrmuizel (da32e376b7)
- Bug 1097499 part 14 - Draw emphasis marks properly for text-combine-upright. r=jfkthame (c9115615c6)
- Bug 1097499 part 16 - Enable text-combine-upright by default. r=jfkthame (b616987f95)
- Bug 1261699 - preserve user fontconfig autohint settings in Cairo glyph rendering options. r=jfkthame (3e46dff5ff)
- Bug 1216001 - Fix a typo that eliminated a possible paint optimization. r=xidorn (6a350cadb7)
- Bug 1261568 - part1: take -webkit-text-fill-color into consideration while (d49cf427ab)
- Bug 1261568 - part2.1: update manifest before adding test. r=jgraham Bug 1261568 - part2.2: add reftest. r=jfkthame (ef3c22cfb4)
1097 lines
31 KiB
C++
1097 lines
31 KiB
C++
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "TransportSecurityInfo.h"
|
|
|
|
#include "pkix/pkixtypes.h"
|
|
#include "nsNSSComponent.h"
|
|
#include "nsIWebProgressListener.h"
|
|
#include "nsNSSCertificate.h"
|
|
#include "nsIX509CertValidity.h"
|
|
#include "nsIDateTimeFormat.h"
|
|
#include "nsICertOverrideService.h"
|
|
#include "nsIObjectInputStream.h"
|
|
#include "nsIObjectOutputStream.h"
|
|
#include "nsNSSCertHelper.h"
|
|
#include "nsIArray.h"
|
|
#include "nsComponentManagerUtils.h"
|
|
#include "nsReadableUtils.h"
|
|
#include "nsServiceManagerUtils.h"
|
|
#include "nsXULAppAPI.h"
|
|
#include "PSMRunnable.h"
|
|
#include "mozilla/net/DNS.h"
|
|
|
|
#include "secerr.h"
|
|
|
|
//#define DEBUG_SSL_VERBOSE //Enable this define to get minimal
|
|
//reports when doing SSL read/write
|
|
|
|
//#define DUMP_BUFFER //Enable this define along with
|
|
//DEBUG_SSL_VERBOSE to dump SSL
|
|
//read/write buffer to a log.
|
|
//Uses PR_LOG except on Mac where
|
|
//we always write out to our own
|
|
//file.
|
|
|
|
namespace mozilla { namespace psm {
|
|
|
|
TransportSecurityInfo::TransportSecurityInfo()
|
|
: mMutex("TransportSecurityInfo::mMutex"),
|
|
mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE),
|
|
mSubRequestsBrokenSecurity(0),
|
|
mSubRequestsNoSecurity(0),
|
|
mErrorCode(0),
|
|
mErrorMessageType(PlainErrorMessage),
|
|
mPort(0)
|
|
{
|
|
}
|
|
|
|
TransportSecurityInfo::~TransportSecurityInfo()
|
|
{
|
|
nsNSSShutDownPreventionLock locker;
|
|
if (isAlreadyShutDown())
|
|
return;
|
|
|
|
shutdown(calledFromObject);
|
|
}
|
|
|
|
void
|
|
TransportSecurityInfo::virtualDestroyNSSReference()
|
|
{
|
|
}
|
|
|
|
NS_IMPL_ISUPPORTS(TransportSecurityInfo,
|
|
nsITransportSecurityInfo,
|
|
nsIInterfaceRequestor,
|
|
nsISSLStatusProvider,
|
|
nsIAssociatedContentSecurity,
|
|
nsISerializable,
|
|
nsIClassInfo)
|
|
|
|
nsresult
|
|
TransportSecurityInfo::SetHostName(const char* host)
|
|
{
|
|
mHostName.Adopt(host ? NS_strdup(host) : 0);
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
TransportSecurityInfo::GetHostName(char **host)
|
|
{
|
|
*host = (mHostName) ? NS_strdup(mHostName) : nullptr;
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
TransportSecurityInfo::SetPort(int32_t aPort)
|
|
{
|
|
mPort = aPort;
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
TransportSecurityInfo::GetPort(int32_t *aPort)
|
|
{
|
|
*aPort = mPort;
|
|
return NS_OK;
|
|
}
|
|
|
|
PRErrorCode
|
|
TransportSecurityInfo::GetErrorCode() const
|
|
{
|
|
MutexAutoLock lock(mMutex);
|
|
|
|
return mErrorCode;
|
|
}
|
|
|
|
void
|
|
TransportSecurityInfo::SetCanceled(PRErrorCode errorCode,
|
|
SSLErrorMessageType errorMessageType)
|
|
{
|
|
MutexAutoLock lock(mMutex);
|
|
|
|
mErrorCode = errorCode;
|
|
mErrorMessageType = errorMessageType;
|
|
mErrorMessageCached.Truncate();
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetSecurityState(uint32_t* state)
|
|
{
|
|
*state = mSecurityState;
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
TransportSecurityInfo::SetSecurityState(uint32_t aState)
|
|
{
|
|
mSecurityState = aState;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetCountSubRequestsBrokenSecurity(
|
|
int32_t *aSubRequestsBrokenSecurity)
|
|
{
|
|
*aSubRequestsBrokenSecurity = mSubRequestsBrokenSecurity;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::SetCountSubRequestsBrokenSecurity(
|
|
int32_t aSubRequestsBrokenSecurity)
|
|
{
|
|
mSubRequestsBrokenSecurity = aSubRequestsBrokenSecurity;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetCountSubRequestsNoSecurity(
|
|
int32_t *aSubRequestsNoSecurity)
|
|
{
|
|
*aSubRequestsNoSecurity = mSubRequestsNoSecurity;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::SetCountSubRequestsNoSecurity(
|
|
int32_t aSubRequestsNoSecurity)
|
|
{
|
|
mSubRequestsNoSecurity = aSubRequestsNoSecurity;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::Flush()
|
|
{
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetErrorMessage(char16_t** aText)
|
|
{
|
|
NS_ENSURE_ARG_POINTER(aText);
|
|
*aText = nullptr;
|
|
|
|
if (!NS_IsMainThread()) {
|
|
NS_ERROR("nsNSSSocketInfo::GetErrorMessage called off the main thread");
|
|
return NS_ERROR_NOT_SAME_THREAD;
|
|
}
|
|
|
|
MutexAutoLock lock(mMutex);
|
|
|
|
if (mErrorMessageCached.IsEmpty()) {
|
|
nsresult rv = formatErrorMessage(lock,
|
|
mErrorCode, mErrorMessageType,
|
|
true, true, mErrorMessageCached);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
}
|
|
|
|
*aText = ToNewUnicode(mErrorMessageCached);
|
|
return *aText ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
|
|
}
|
|
|
|
void
|
|
TransportSecurityInfo::GetErrorLogMessage(PRErrorCode errorCode,
|
|
SSLErrorMessageType errorMessageType,
|
|
nsString &result)
|
|
{
|
|
if (!NS_IsMainThread()) {
|
|
NS_ERROR("nsNSSSocketInfo::GetErrorLogMessage called off the main thread");
|
|
return;
|
|
}
|
|
|
|
MutexAutoLock lock(mMutex);
|
|
(void) formatErrorMessage(lock, errorCode, errorMessageType,
|
|
false, false, result);
|
|
}
|
|
|
|
static nsresult
|
|
formatPlainErrorMessage(nsXPIDLCString const & host, int32_t port,
|
|
PRErrorCode err,
|
|
bool suppressPort443,
|
|
nsString &returnedMessage);
|
|
|
|
static nsresult
|
|
formatOverridableCertErrorMessage(nsISSLStatus & sslStatus,
|
|
PRErrorCode errorCodeToReport,
|
|
const nsXPIDLCString & host, int32_t port,
|
|
bool suppressPort443,
|
|
bool wantsHtml,
|
|
nsString & returnedMessage);
|
|
|
|
// XXX: uses nsNSSComponent string bundles off the main thread when called by
|
|
// nsNSSSocketInfo::Write().
|
|
nsresult
|
|
TransportSecurityInfo::formatErrorMessage(MutexAutoLock const & proofOfLock,
|
|
PRErrorCode errorCode,
|
|
SSLErrorMessageType errorMessageType,
|
|
bool wantsHtml, bool suppressPort443,
|
|
nsString &result)
|
|
{
|
|
result.Truncate();
|
|
if (errorCode == 0) {
|
|
return NS_OK;
|
|
}
|
|
|
|
if (!XRE_IsParentProcess()) {
|
|
return NS_ERROR_UNEXPECTED;
|
|
}
|
|
|
|
nsresult rv;
|
|
NS_ConvertASCIItoUTF16 hostNameU(mHostName);
|
|
NS_ASSERTION(errorMessageType != OverridableCertErrorMessage ||
|
|
(mSSLStatus && mSSLStatus->HasServerCert() &&
|
|
mSSLStatus->mHaveCertErrorBits),
|
|
"GetErrorLogMessage called for cert error without cert");
|
|
if (errorMessageType == OverridableCertErrorMessage &&
|
|
mSSLStatus && mSSLStatus->HasServerCert()) {
|
|
rv = formatOverridableCertErrorMessage(*mSSLStatus, errorCode,
|
|
mHostName, mPort,
|
|
suppressPort443,
|
|
wantsHtml,
|
|
result);
|
|
} else {
|
|
rv = formatPlainErrorMessage(mHostName, mPort,
|
|
errorCode,
|
|
suppressPort443,
|
|
result);
|
|
}
|
|
|
|
if (NS_FAILED(rv)) {
|
|
result.Truncate();
|
|
}
|
|
|
|
return rv;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetErrorCode(int32_t* state)
|
|
{
|
|
*state = GetErrorCode();
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetInterface(const nsIID & uuid, void * *result)
|
|
{
|
|
if (!NS_IsMainThread()) {
|
|
NS_ERROR("nsNSSSocketInfo::GetInterface called off the main thread");
|
|
return NS_ERROR_NOT_SAME_THREAD;
|
|
}
|
|
|
|
nsresult rv;
|
|
if (!mCallbacks) {
|
|
nsCOMPtr<nsIInterfaceRequestor> ir = new PipUIContext();
|
|
rv = ir->GetInterface(uuid, result);
|
|
} else {
|
|
rv = mCallbacks->GetInterface(uuid, result);
|
|
}
|
|
return rv;
|
|
}
|
|
|
|
// This is a new magic value. However, it re-uses the first 4 bytes
|
|
// of the previous value. This is so when older versions attempt to
|
|
// read a newer serialized TransportSecurityInfo, they will actually
|
|
// fail and return NS_ERROR_FAILURE instead of silently failing.
|
|
#define TRANSPORTSECURITYINFOMAGIC { 0xa9863a23, 0xa940, 0x4002, \
|
|
{ 0x94, 0x3c, 0x43, 0xc4, 0x67, 0x38, 0x8f, 0x3d } }
|
|
static NS_DEFINE_CID(kTransportSecurityInfoMagic, TRANSPORTSECURITYINFOMAGIC);
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::Write(nsIObjectOutputStream* stream)
|
|
{
|
|
nsresult rv = stream->WriteID(kTransportSecurityInfoMagic);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
MutexAutoLock lock(mMutex);
|
|
|
|
rv = stream->Write32(mSecurityState);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
rv = stream->Write32(mSubRequestsBrokenSecurity);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
rv = stream->Write32(mSubRequestsNoSecurity);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
rv = stream->Write32(static_cast<uint32_t>(mErrorCode));
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
if (mErrorMessageCached.IsEmpty()) {
|
|
// XXX: uses nsNSSComponent string bundles off the main thread
|
|
rv = formatErrorMessage(lock, mErrorCode, mErrorMessageType,
|
|
true, true, mErrorMessageCached);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
}
|
|
rv = stream->WriteWStringZ(mErrorMessageCached.get());
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
// For successful connections and for connections with overridable errors,
|
|
// mSSLStatus will be non-null. However, for connections with non-overridable
|
|
// errors, it will be null.
|
|
nsCOMPtr<nsISerializable> serializable(mSSLStatus);
|
|
rv = NS_WriteOptionalCompoundObject(stream,
|
|
serializable,
|
|
NS_GET_IID(nsISSLStatus),
|
|
true);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
rv = NS_WriteOptionalCompoundObject(stream,
|
|
mFailedCertChain,
|
|
NS_GET_IID(nsIX509CertList),
|
|
true);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::Read(nsIObjectInputStream* stream)
|
|
{
|
|
nsID id;
|
|
nsresult rv = stream->ReadID(&id);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
if (!id.Equals(kTransportSecurityInfoMagic)) {
|
|
return NS_ERROR_UNEXPECTED;
|
|
}
|
|
|
|
MutexAutoLock lock(mMutex);
|
|
|
|
rv = stream->Read32(&mSecurityState);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
uint32_t subRequestsBrokenSecurity;
|
|
rv = stream->Read32(&subRequestsBrokenSecurity);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
if (subRequestsBrokenSecurity >
|
|
static_cast<uint32_t>(std::numeric_limits<int32_t>::max())) {
|
|
return NS_ERROR_UNEXPECTED;
|
|
}
|
|
mSubRequestsBrokenSecurity = subRequestsBrokenSecurity;
|
|
uint32_t subRequestsNoSecurity;
|
|
rv = stream->Read32(&subRequestsNoSecurity);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
if (subRequestsNoSecurity >
|
|
static_cast<uint32_t>(std::numeric_limits<int32_t>::max())) {
|
|
return NS_ERROR_UNEXPECTED;
|
|
}
|
|
mSubRequestsNoSecurity = subRequestsNoSecurity;
|
|
uint32_t errorCode;
|
|
rv = stream->Read32(&errorCode);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
// PRErrorCode will be a negative value
|
|
mErrorCode = static_cast<PRErrorCode>(errorCode);
|
|
|
|
rv = stream->ReadString(mErrorMessageCached);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
|
|
// For successful connections and for connections with overridable errors,
|
|
// mSSLStatus will be non-null. For connections with non-overridable errors,
|
|
// it will be null.
|
|
nsCOMPtr<nsISupports> supports;
|
|
rv = NS_ReadOptionalObject(stream, true, getter_AddRefs(supports));
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
mSSLStatus = reinterpret_cast<nsSSLStatus*>(supports.get());
|
|
|
|
nsCOMPtr<nsISupports> failedCertChainSupports;
|
|
rv = NS_ReadOptionalObject(stream, true, getter_AddRefs(failedCertChainSupports));
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
mFailedCertChain = do_QueryInterface(failedCertChainSupports);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetInterfaces(uint32_t *count, nsIID * **array)
|
|
{
|
|
*count = 0;
|
|
*array = nullptr;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetScriptableHelper(nsIXPCScriptable **_retval)
|
|
{
|
|
*_retval = nullptr;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetContractID(char * *aContractID)
|
|
{
|
|
*aContractID = nullptr;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetClassDescription(char * *aClassDescription)
|
|
{
|
|
*aClassDescription = nullptr;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetClassID(nsCID * *aClassID)
|
|
{
|
|
*aClassID = (nsCID*) moz_xmalloc(sizeof(nsCID));
|
|
if (!*aClassID)
|
|
return NS_ERROR_OUT_OF_MEMORY;
|
|
return GetClassIDNoAlloc(*aClassID);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetFlags(uint32_t *aFlags)
|
|
{
|
|
*aFlags = 0;
|
|
return NS_OK;
|
|
}
|
|
|
|
static NS_DEFINE_CID(kNSSSocketInfoCID, TRANSPORTSECURITYINFO_CID);
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetClassIDNoAlloc(nsCID *aClassIDNoAlloc)
|
|
{
|
|
*aClassIDNoAlloc = kNSSSocketInfoCID;
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
TransportSecurityInfo::GetSSLStatus(nsISSLStatus** _result)
|
|
{
|
|
NS_ENSURE_ARG_POINTER(_result);
|
|
|
|
*_result = mSSLStatus;
|
|
NS_IF_ADDREF(*_result);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
TransportSecurityInfo::SetSSLStatus(nsSSLStatus *aSSLStatus)
|
|
{
|
|
mSSLStatus = aSSLStatus;
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
/* Formats an error message for non-certificate-related SSL errors
|
|
* and non-overridable certificate errors (both are of type
|
|
* PlainErrormMessage). Use formatOverridableCertErrorMessage
|
|
* for overridable cert errors.
|
|
*/
|
|
static nsresult
|
|
formatPlainErrorMessage(const nsXPIDLCString &host, int32_t port,
|
|
PRErrorCode err,
|
|
bool suppressPort443,
|
|
nsString &returnedMessage)
|
|
{
|
|
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
|
|
|
const char16_t *params[1];
|
|
nsresult rv;
|
|
|
|
nsCOMPtr<nsINSSComponent> component = do_GetService(kNSSComponentCID, &rv);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
if (host.Length())
|
|
{
|
|
nsString hostWithPort;
|
|
|
|
// For now, hide port when it's 443 and we're reporting the error.
|
|
// In the future a better mechanism should be used
|
|
// to make a decision about showing the port number, possibly by requiring
|
|
// the context object to implement a specific interface.
|
|
// The motivation is that Mozilla browser would like to hide the port number
|
|
// in error pages in the common case.
|
|
|
|
hostWithPort.AssignASCII(host);
|
|
if (!suppressPort443 || port != 443) {
|
|
hostWithPort.Append(':');
|
|
hostWithPort.AppendInt(port);
|
|
}
|
|
params[0] = hostWithPort.get();
|
|
|
|
nsString formattedString;
|
|
rv = component->PIPBundleFormatStringFromName("SSLConnectionErrorPrefix",
|
|
params, 1,
|
|
formattedString);
|
|
if (NS_SUCCEEDED(rv))
|
|
{
|
|
returnedMessage.Append(formattedString);
|
|
returnedMessage.AppendLiteral("\n\n");
|
|
}
|
|
}
|
|
|
|
nsString explanation;
|
|
rv = nsNSSErrors::getErrorMessageFromCode(err, component, explanation);
|
|
if (NS_SUCCEEDED(rv))
|
|
returnedMessage.Append(explanation);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
static void
|
|
AppendErrorTextUntrusted(PRErrorCode errTrust,
|
|
const nsString &host,
|
|
nsIX509Cert* ix509,
|
|
nsINSSComponent *component,
|
|
nsString &returnedMessage)
|
|
{
|
|
const char* errorID = nullptr;
|
|
const char* errorID2 = nullptr;
|
|
const char* errorID3 = nullptr;
|
|
bool isSelfSigned;
|
|
if (NS_SUCCEEDED(ix509->GetIsSelfSigned(&isSelfSigned)) && isSelfSigned) {
|
|
errorID = "certErrorTrust_SelfSigned";
|
|
}
|
|
|
|
if (!errorID) {
|
|
switch (errTrust) {
|
|
case SEC_ERROR_UNKNOWN_ISSUER:
|
|
errorID = "certErrorTrust_UnknownIssuer";
|
|
errorID2 = "certErrorTrust_UnknownIssuer2";
|
|
errorID3 = "certErrorTrust_UnknownIssuer3";
|
|
break;
|
|
case SEC_ERROR_CA_CERT_INVALID:
|
|
errorID = "certErrorTrust_CaInvalid";
|
|
break;
|
|
case SEC_ERROR_UNTRUSTED_ISSUER:
|
|
errorID = "certErrorTrust_Issuer";
|
|
break;
|
|
case SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED:
|
|
errorID = "certErrorTrust_SignatureAlgorithmDisabled";
|
|
break;
|
|
case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
|
|
errorID = "certErrorTrust_ExpiredIssuer";
|
|
break;
|
|
case SEC_ERROR_UNTRUSTED_CERT:
|
|
default:
|
|
errorID = "certErrorTrust_Untrusted";
|
|
break;
|
|
}
|
|
}
|
|
|
|
const char* errorIDs[] = { errorID, errorID2, errorID3 };
|
|
for (size_t i = 0; i < ArrayLength(errorIDs); i++) {
|
|
if (!errorIDs[i]) {
|
|
break;
|
|
}
|
|
|
|
nsString formattedString;
|
|
nsresult rv = component->GetPIPNSSBundleString(errorIDs[i], formattedString);
|
|
if (NS_SUCCEEDED(rv)) {
|
|
returnedMessage.Append(formattedString);
|
|
returnedMessage.Append('\n');
|
|
}
|
|
}
|
|
}
|
|
|
|
// Returns the number of dNSName or iPAddress entries encountered in the
|
|
// subject alternative name extension of the certificate.
|
|
// Returns zero if the extension is not present, could not be decoded, or if it
|
|
// does not contain any dNSName or iPAddress entries.
|
|
static uint32_t
|
|
GetSubjectAltNames(CERTCertificate* nssCert, nsString& allNames)
|
|
{
|
|
allNames.Truncate();
|
|
|
|
ScopedAutoSECItem altNameExtension;
|
|
SECStatus rv = CERT_FindCertExtension(nssCert, SEC_OID_X509_SUBJECT_ALT_NAME,
|
|
&altNameExtension);
|
|
if (rv != SECSuccess) {
|
|
return 0;
|
|
}
|
|
UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
|
|
if (!arena) {
|
|
return 0;
|
|
}
|
|
CERTGeneralName* sanNameList(CERT_DecodeAltNameExtension(arena.get(),
|
|
&altNameExtension));
|
|
if (!sanNameList) {
|
|
return 0;
|
|
}
|
|
|
|
uint32_t nameCount = 0;
|
|
CERTGeneralName* current = sanNameList;
|
|
do {
|
|
nsAutoString name;
|
|
switch (current->type) {
|
|
case certDNSName:
|
|
{
|
|
nsDependentCSubstring nameFromCert(reinterpret_cast<char*>
|
|
(current->name.other.data),
|
|
current->name.other.len);
|
|
// dNSName fields are defined as type IA5String and thus should
|
|
// be limited to ASCII characters.
|
|
if (IsASCII(nameFromCert)) {
|
|
name.Assign(NS_ConvertASCIItoUTF16(nameFromCert));
|
|
if (!allNames.IsEmpty()) {
|
|
allNames.AppendLiteral(", ");
|
|
}
|
|
++nameCount;
|
|
allNames.Append(name);
|
|
}
|
|
}
|
|
break;
|
|
|
|
case certIPAddress:
|
|
{
|
|
// According to DNS.h, this includes space for the null-terminator
|
|
char buf[net::kNetAddrMaxCStrBufSize] = {0};
|
|
PRNetAddr addr;
|
|
memset(&addr, 0, sizeof(addr));
|
|
if (current->name.other.len == 4) {
|
|
addr.inet.family = PR_AF_INET;
|
|
memcpy(&addr.inet.ip, current->name.other.data, current->name.other.len);
|
|
PR_NetAddrToString(&addr, buf, sizeof(buf));
|
|
name.AssignASCII(buf);
|
|
} else if (current->name.other.len == 16) {
|
|
addr.ipv6.family = PR_AF_INET6;
|
|
memcpy(&addr.ipv6.ip, current->name.other.data, current->name.other.len);
|
|
PR_NetAddrToString(&addr, buf, sizeof(buf));
|
|
name.AssignASCII(buf);
|
|
} else {
|
|
/* invalid IP address */
|
|
}
|
|
if (!name.IsEmpty()) {
|
|
if (!allNames.IsEmpty()) {
|
|
allNames.AppendLiteral(", ");
|
|
}
|
|
++nameCount;
|
|
allNames.Append(name);
|
|
}
|
|
break;
|
|
}
|
|
|
|
default: // all other types of names are ignored
|
|
break;
|
|
}
|
|
current = CERT_GetNextGeneralName(current);
|
|
} while (current != sanNameList); // double linked
|
|
|
|
return nameCount;
|
|
}
|
|
|
|
static nsresult
|
|
AppendErrorTextMismatch(const nsString& host, nsIX509Cert* ix509,
|
|
nsINSSComponent* component, bool wantsHtml,
|
|
nsString& returnedMessage)
|
|
{
|
|
// Prepare a default "not valid for <hostname>" string in case anything
|
|
// goes wrong (or in case the certificate is not valid for any hostnames).
|
|
nsAutoString notValidForHostnameString;
|
|
const char16_t* params[1];
|
|
params[0] = host.get();
|
|
nsresult rv = component->PIPBundleFormatStringFromName(
|
|
"certErrorMismatch", params, 1, notValidForHostnameString);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
notValidForHostnameString.Append('\n');
|
|
|
|
UniqueCERTCertificate nssCert(ix509->GetCert());
|
|
if (!nssCert) {
|
|
returnedMessage.Append(notValidForHostnameString);
|
|
return NS_OK;
|
|
}
|
|
|
|
nsAutoString allNames;
|
|
uint32_t nameCount = GetSubjectAltNames(nssCert.get(), allNames);
|
|
if (nameCount == 0) {
|
|
returnedMessage.Append(notValidForHostnameString);
|
|
} else if (nameCount > 1) {
|
|
nsString message;
|
|
rv = component->GetPIPNSSBundleString("certErrorMismatchMultiple", message);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
returnedMessage.Append(message);
|
|
returnedMessage.AppendLiteral("\n ");
|
|
returnedMessage.Append(allNames);
|
|
returnedMessage.AppendLiteral(" \n");
|
|
} else if (nameCount == 1) {
|
|
params[0] = allNames.get();
|
|
|
|
const char* stringID = wantsHtml ? "certErrorMismatchSingle2"
|
|
: "certErrorMismatchSinglePlain";
|
|
nsAutoString formattedString;
|
|
rv = component->PIPBundleFormatStringFromName(stringID, params, 1,
|
|
formattedString);
|
|
if (NS_FAILED(rv)) {
|
|
return rv;
|
|
}
|
|
returnedMessage.Append(formattedString);
|
|
returnedMessage.Append('\n');
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
static void
|
|
GetDateBoundary(nsIX509Cert* ix509,
|
|
nsString &formattedDate,
|
|
nsString &nowDate,
|
|
bool &trueExpired_falseNotYetValid)
|
|
{
|
|
trueExpired_falseNotYetValid = true;
|
|
formattedDate.Truncate();
|
|
|
|
PRTime notAfter, notBefore, timeToUse;
|
|
nsCOMPtr<nsIX509CertValidity> validity;
|
|
nsresult rv;
|
|
|
|
rv = ix509->GetValidity(getter_AddRefs(validity));
|
|
if (NS_FAILED(rv))
|
|
return;
|
|
|
|
rv = validity->GetNotAfter(¬After);
|
|
if (NS_FAILED(rv))
|
|
return;
|
|
|
|
rv = validity->GetNotBefore(¬Before);
|
|
if (NS_FAILED(rv))
|
|
return;
|
|
|
|
PRTime now = PR_Now();
|
|
if (now > notAfter) {
|
|
timeToUse = notAfter;
|
|
} else {
|
|
timeToUse = notBefore;
|
|
trueExpired_falseNotYetValid = false;
|
|
}
|
|
|
|
nsCOMPtr<nsIDateTimeFormat> dateTimeFormat = nsIDateTimeFormat::Create();
|
|
if (!dateTimeFormat) {
|
|
return;
|
|
}
|
|
|
|
dateTimeFormat->FormatPRTime(nullptr, kDateFormatLong, kTimeFormatNoSeconds,
|
|
timeToUse, formattedDate);
|
|
dateTimeFormat->FormatPRTime(nullptr, kDateFormatLong, kTimeFormatNoSeconds,
|
|
now, nowDate);
|
|
}
|
|
|
|
static void
|
|
AppendErrorTextTime(nsIX509Cert* ix509,
|
|
nsINSSComponent *component,
|
|
nsString &returnedMessage)
|
|
{
|
|
nsAutoString formattedDate, nowDate;
|
|
bool trueExpired_falseNotYetValid;
|
|
GetDateBoundary(ix509, formattedDate, nowDate, trueExpired_falseNotYetValid);
|
|
|
|
const char16_t *params[2];
|
|
params[0] = formattedDate.get(); // might be empty, if helper function had a problem
|
|
params[1] = nowDate.get();
|
|
|
|
const char *key = trueExpired_falseNotYetValid ?
|
|
"certErrorExpiredNow" : "certErrorNotYetValidNow";
|
|
nsresult rv;
|
|
nsString formattedString;
|
|
rv = component->PIPBundleFormatStringFromName(
|
|
key,
|
|
params,
|
|
ArrayLength(params),
|
|
formattedString);
|
|
if (NS_SUCCEEDED(rv))
|
|
{
|
|
returnedMessage.Append(formattedString);
|
|
returnedMessage.Append('\n');
|
|
}
|
|
}
|
|
|
|
static void
|
|
AppendErrorTextCode(PRErrorCode errorCodeToReport,
|
|
nsINSSComponent *component,
|
|
nsString &returnedMessage)
|
|
{
|
|
const char *codeName = nsNSSErrors::getDefaultErrorStringName(errorCodeToReport);
|
|
if (codeName)
|
|
{
|
|
nsCString error_id(codeName);
|
|
NS_ConvertASCIItoUTF16 idU(error_id);
|
|
|
|
const char16_t *params[1];
|
|
params[0] = idU.get();
|
|
|
|
nsString formattedString;
|
|
nsresult rv;
|
|
rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix2",
|
|
params, 1,
|
|
formattedString);
|
|
if (NS_SUCCEEDED(rv)) {
|
|
returnedMessage.Append('\n');
|
|
returnedMessage.Append(formattedString);
|
|
returnedMessage.Append('\n');
|
|
}
|
|
else {
|
|
returnedMessage.AppendLiteral(" (");
|
|
returnedMessage.Append(idU);
|
|
returnedMessage.Append(')');
|
|
}
|
|
}
|
|
}
|
|
|
|
/* Formats an error message for overridable certificate errors (of type
|
|
* OverridableCertErrorMessage). Use formatPlainErrorMessage to format
|
|
* non-overridable cert errors and non-cert-related errors.
|
|
*/
|
|
static nsresult
|
|
formatOverridableCertErrorMessage(nsISSLStatus & sslStatus,
|
|
PRErrorCode errorCodeToReport,
|
|
const nsXPIDLCString & host, int32_t port,
|
|
bool suppressPort443,
|
|
bool wantsHtml,
|
|
nsString & returnedMessage)
|
|
{
|
|
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
|
|
|
const char16_t *params[1];
|
|
nsresult rv;
|
|
nsAutoString hostWithPort;
|
|
nsAutoString hostWithoutPort;
|
|
|
|
// For now, hide port when it's 443 and we're reporting the error.
|
|
// In the future a better mechanism should be used
|
|
// to make a decision about showing the port number, possibly by requiring
|
|
// the context object to implement a specific interface.
|
|
// The motivation is that Mozilla browser would like to hide the port number
|
|
// in error pages in the common case.
|
|
|
|
hostWithoutPort.AppendASCII(host);
|
|
if (suppressPort443 && port == 443) {
|
|
params[0] = hostWithoutPort.get();
|
|
} else {
|
|
hostWithPort.AppendASCII(host);
|
|
hostWithPort.Append(':');
|
|
hostWithPort.AppendInt(port);
|
|
params[0] = hostWithPort.get();
|
|
}
|
|
|
|
nsCOMPtr<nsINSSComponent> component = do_GetService(kNSSComponentCID, &rv);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
returnedMessage.Truncate();
|
|
rv = component->PIPBundleFormatStringFromName("certErrorIntro", params, 1,
|
|
returnedMessage);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
returnedMessage.AppendLiteral("\n\n");
|
|
|
|
RefPtr<nsIX509Cert> ix509;
|
|
rv = sslStatus.GetServerCert(getter_AddRefs(ix509));
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
bool isUntrusted;
|
|
rv = sslStatus.GetIsUntrusted(&isUntrusted);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
if (isUntrusted) {
|
|
AppendErrorTextUntrusted(errorCodeToReport, hostWithoutPort, ix509,
|
|
component, returnedMessage);
|
|
}
|
|
|
|
bool isDomainMismatch;
|
|
rv = sslStatus.GetIsDomainMismatch(&isDomainMismatch);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
if (isDomainMismatch) {
|
|
rv = AppendErrorTextMismatch(hostWithoutPort, ix509, component, wantsHtml,
|
|
returnedMessage);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
}
|
|
|
|
bool isNotValidAtThisTime;
|
|
rv = sslStatus.GetIsNotValidAtThisTime(&isNotValidAtThisTime);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
if (isNotValidAtThisTime) {
|
|
AppendErrorTextTime(ix509, component, returnedMessage);
|
|
}
|
|
|
|
AppendErrorTextCode(errorCodeToReport, component, returnedMessage);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
// RememberCertErrorsTable
|
|
|
|
/*static*/ RememberCertErrorsTable*
|
|
RememberCertErrorsTable::sInstance = nullptr;
|
|
|
|
RememberCertErrorsTable::RememberCertErrorsTable()
|
|
: mErrorHosts()
|
|
, mMutex("RememberCertErrorsTable::mMutex")
|
|
{
|
|
}
|
|
|
|
static nsresult
|
|
GetHostPortKey(TransportSecurityInfo* infoObject, nsAutoCString &result)
|
|
{
|
|
nsresult rv;
|
|
|
|
result.Truncate();
|
|
|
|
nsXPIDLCString hostName;
|
|
rv = infoObject->GetHostName(getter_Copies(hostName));
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
int32_t port;
|
|
rv = infoObject->GetPort(&port);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
result.Assign(hostName);
|
|
result.Append(':');
|
|
result.AppendInt(port);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
void
|
|
RememberCertErrorsTable::RememberCertHasError(TransportSecurityInfo* infoObject,
|
|
nsSSLStatus* status,
|
|
SECStatus certVerificationResult)
|
|
{
|
|
nsresult rv;
|
|
|
|
nsAutoCString hostPortKey;
|
|
rv = GetHostPortKey(infoObject, hostPortKey);
|
|
if (NS_FAILED(rv))
|
|
return;
|
|
|
|
if (certVerificationResult != SECSuccess) {
|
|
NS_ASSERTION(status,
|
|
"Must have nsSSLStatus object when remembering flags");
|
|
|
|
if (!status)
|
|
return;
|
|
|
|
CertStateBits bits;
|
|
bits.mIsDomainMismatch = status->mIsDomainMismatch;
|
|
bits.mIsNotValidAtThisTime = status->mIsNotValidAtThisTime;
|
|
bits.mIsUntrusted = status->mIsUntrusted;
|
|
|
|
MutexAutoLock lock(mMutex);
|
|
mErrorHosts.Put(hostPortKey, bits);
|
|
}
|
|
else {
|
|
MutexAutoLock lock(mMutex);
|
|
mErrorHosts.Remove(hostPortKey);
|
|
}
|
|
}
|
|
|
|
void
|
|
RememberCertErrorsTable::LookupCertErrorBits(TransportSecurityInfo* infoObject,
|
|
nsSSLStatus* status)
|
|
{
|
|
// Get remembered error bits from our cache, because of SSL session caching
|
|
// the NSS library potentially hasn't notified us for this socket.
|
|
if (status->mHaveCertErrorBits)
|
|
// Rather do not modify bits if already set earlier
|
|
return;
|
|
|
|
nsresult rv;
|
|
|
|
nsAutoCString hostPortKey;
|
|
rv = GetHostPortKey(infoObject, hostPortKey);
|
|
if (NS_FAILED(rv))
|
|
return;
|
|
|
|
CertStateBits bits;
|
|
{
|
|
MutexAutoLock lock(mMutex);
|
|
if (!mErrorHosts.Get(hostPortKey, &bits))
|
|
// No record was found, this host had no cert errors
|
|
return;
|
|
}
|
|
|
|
// This host had cert errors, update the bits correctly
|
|
status->mHaveCertErrorBits = true;
|
|
status->mIsDomainMismatch = bits.mIsDomainMismatch;
|
|
status->mIsNotValidAtThisTime = bits.mIsNotValidAtThisTime;
|
|
status->mIsUntrusted = bits.mIsUntrusted;
|
|
}
|
|
|
|
void
|
|
TransportSecurityInfo::SetStatusErrorBits(nsNSSCertificate* cert,
|
|
uint32_t collected_errors)
|
|
{
|
|
MutexAutoLock lock(mMutex);
|
|
|
|
if (!mSSLStatus) {
|
|
mSSLStatus = new nsSSLStatus();
|
|
}
|
|
|
|
mSSLStatus->SetServerCert(cert, nsNSSCertificate::ev_status_invalid);
|
|
|
|
mSSLStatus->mHaveCertErrorBits = true;
|
|
mSSLStatus->mIsDomainMismatch =
|
|
collected_errors & nsICertOverrideService::ERROR_MISMATCH;
|
|
mSSLStatus->mIsNotValidAtThisTime =
|
|
collected_errors & nsICertOverrideService::ERROR_TIME;
|
|
mSSLStatus->mIsUntrusted =
|
|
collected_errors & nsICertOverrideService::ERROR_UNTRUSTED;
|
|
|
|
RememberCertErrorsTable::GetInstance().RememberCertHasError(this,
|
|
mSSLStatus,
|
|
SECFailure);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
TransportSecurityInfo::GetFailedCertChain(nsIX509CertList** _result)
|
|
{
|
|
NS_ASSERTION(_result, "non-NULL destination required");
|
|
|
|
*_result = mFailedCertChain;
|
|
NS_IF_ADDREF(*_result);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
TransportSecurityInfo::SetFailedCertChain(ScopedCERTCertList& certList)
|
|
{
|
|
nsNSSShutDownPreventionLock lock;
|
|
if (isAlreadyShutDown()) {
|
|
return NS_ERROR_NOT_AVAILABLE;
|
|
}
|
|
|
|
nsCOMPtr<nsIX509CertList> comCertList;
|
|
// nsNSSCertList takes ownership of certList
|
|
mFailedCertChain = new nsNSSCertList(certList, lock);
|
|
|
|
return NS_OK;
|
|
}
|
|
|
|
} } // namespace mozilla::psm
|