mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:18:48 +00:00
roytam1
eeee2498f7
- Bug 1153978 - Part 1: Separate buildIdOp from AsmJSCacheOps. r=jandem,bz (3e2b2c2754) - Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir. r=areinald (5698ee5709) - Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald (81fad0767b) - Bug 1201935 - Allow reading from TmpD in OS X content processes. r=smichaud (d67de1d8da) - Bug 1237847 - [e10s] Null deref crash when running test_pluginstream_newstream.html; r=bobowen (c61e5fa268) - Add a helper function for iterating indirect layer trees. (bug 1245765 part 1, r=mattwoodrow) (9fcc19e731) - Propagate D3D9 device resets to remote layers. (bug 1245765 part 2, r=mattwoodrow) (15ab24ebd6) - Don't propagate simulated device resets to child processes. (bug 1245765 part 3, r=mattwoodrow) (fe0986532c) - Fix async drawing when we lose the D3D11 device. (bug 1245765 part 4, r=mattwoodrow) (fcf9e1a009) - Factor compositor initialization out of LayerManagerComposite. (bug 1245765 part 6, r=mattwoodrow) (7af570b6fc) - Bug 1232042: Execute an additional present for D3D11 on the compositor thread when a WM_PAINT event has returned. r=jrmuizel (ac14c78377) - Handle device resets by recreating the compositor, rather than the compositor IPDL stack. (bug 1245765 part 7, r=mattwoodrow) (87292d6e2b) - Ensure that content processes recreate rendering devices. (bug 1245765 part 8, r=mattwoodrow) (8c4e712c6e) - Invalidate layers when starting a transaction on a stale device. (bug 1245765 part 9, r=mattwoodrow) (330efa7199) - Bug 1041599 - Maintain a single volume control session between browser, content, and plugins on Windows. r=aklotz (bdab2a3b35) - align more tests (c6445e1646) - Bug 1241646 - remove unused token arguments from nsIX509CertDB r=keeler (13e50d449c) - Bug 1064402 - Part 1: Remove Import button in Servers tab of the Certificate Manager. r=keeler (181a5a0be2) - Bug 1064402 - Part 2: Remove nsIX509CertDB.importServerCertificate() and nsIX509Cert::SERVER_CERT support in importCertsFromFile(). r=keeler (a4ee6e83f4) - Bug 1130418 - Remove broken e-mail cert trust editing UI. r=emk (d8dca873c1) - Bug 1243182 - Enable eslint "space-infix-ops" rule for PSM. r=keeler (9f5110213f) - Bug 1244245 - Enable eslint "curly" rule for PSM. r=keeler (09b4d913ab) - Bug 1246365 - Enable eslint "comma-spacing" and "semi" rules for PSM. r=keeler (e85d033547) - bug 1246765 - remove unnecessary resource://app/ registration from getHSTSPreloadList.js r=Cykesiopka DONTBUILD NPOTB (e4eb6d1a1e) - Bug 1249595 - Enable 11 more ESLint rules for PSM. r=keeler (7daa42685a) - Bug 1224968 - Support public key input to unbreak periodic HPKP updates. r=keeler (a14415f3c3) - Bug 1229284 - Remove support for SHA-1 hashes in genHPKPStaticPins.js. r=keeler (2e54ef3566) - Bug 1197607, Automated hsts & hpkp updates are failing on mozilla-central, mozilla-aurora, mozilla-esr38, r=cykesiopka (8754cce3ba) - Bug 1224481 - Comment out CA certs removed in NSS 3.21 in PreloadedHPKPins.json to keep periodic Static HPKP updates working. r=dkeeler (6680c85a1b) - bug 1232766 - update the preloaded pinset for Google domains r=rbarnes (83697d274b) - Bug 1250254 - Enable ESLint "no-throw-literal" rule for PSM. r=dkeeler (300ef6f5b8) - Bug 1256088 - Merge mock app-info implementation into AppInfo.jsm. r=gps (e38ae85b3d) - Bug 1153978 - Part 0: Separate nsIPlatformInfo from nsIXULAppInfo. r=jst,gps (2f4eef64c1) - Bug 1153978 - Part 2: Clear pending exception thrown from XDR related APIs when ignoring ReadCachedScript failure. r=bz (09f06d4c74) - Bug 1153978 - Part 3: Use the build id instead of the XDR_BYTECODE_VERSION constant. r=jandem (2e8e01f534) - bug 1241317 - gather telemetry on prevalence of FIPS r=jcj r=vladan (905485c911) - Bug 1220237 - Remove uses of nsIEnumerator from PSM. r=keeler (6b17abd967) - bug 1239455 - rework telemetry for SHA-1 certificates to reflect possible policy states r=Cykesiopka,mgoodwin,rbarnes (95fb0f63ab) - Bug 1247847 - Use smart pointers in nsNSSCertHelper.cpp to manage NSS resources. r=keeler (56140f95c4) - Bug 1248874 - Replace Scoped.h templates used only by PSM in ScopedNSSTypes.h with UniquePtr equivalents. r=dkeeler (1cedc01ab9) - Bug 1016555 - Disable OCSP checking for certificates covered by OneCRL r=keeler (3dc16a87d6) - Bug 1227970 - Perform preference checks to allow OCSP Bypass for OneCRL via Kinto r=keeler (58136eb9e5) - Bug 1219482: Replace PRLogModuleInfo with LazyLogModule in security subdirectory.r=nfroyd (896838cc5d) - Bug 1226928 - remove Wshadow warning in ScopedNSSTypes, r=keeler (52ccbac1bc) - Bug 1226928 - signature verification for content-signing, r=keeler,mayhemer (5f589bf0e0) - Bug 1250256 - Partially clean up nsSDR.cpp. r=keeler (665c582a90) - bug 1241650 - remove nsIX509CertDB.findCertNicknames r=mgoodwin (bf0c26772b) - Bug 1250258 - Partially clean up nsNSSCertificateDB.cpp import methods. r=keeler (693e213484) - Bug 1204202 - Package Universal CRT DLLs for VS2015. r=glandium,ehsan (9b9e1e4057) - bug 496234 - add test vectors from RFC 1320 for md4 implementation r=mayhemer (6526e81ec7) - bug 1228175 - fix IsCertBuiltInRoot r=Cykesiopka,mgoodwin (13bdaf7bb3) - bug 1240118 - add functionality to treat a test certificate as a built-in root r=mgoodwin (bf31c4365b) - Bug 1245649: Turn on valid-typeof, no-invalid-regexp, no-empty-pattern and no-empty-character-class. r=felipe (f637f26dc7) - Bug 1245916: Add additional default globals. r=felipe (229e39bbbe) - Bug 1251011 - Enable ESLint "no-undef" rule for PSM. r=keeler r=mossop (a6e17d09aa) - Bug 1243636. Switch to gfx::CriticalSection (a4d6172870) - Bug 1137561 part.1 Implement WinTextEventDispatcherListener as a singleton class for using TextEventDispatcher at handling native keyboard and IME events r=m_kato (f4582070b0) - Bug 1137572 part.1 TextEventDispatcher should manage its input transaction type r=smaug (ccafc27024) - Bug 1137572 part.2 Add nsIWidget::GetNativeTextEventDispatcherListener() for TextEventDispatcher::NotifyIME() r=smaug, sr=smaug (21571501e8) - Bug 1137572 part.3 Use pseudo IME context when TextEventDispatcher has input transaction which is not for native event handler r=smaug (40be7193b1) - Bug 1137572 part.4 TextEventDispatcher::DispatchInputEvent() should decide if dispatches events with nsIWidget::DispatchInputEvent() with input transaction type r=smaug (ae71f47af2) - Bug 1137572 part.5 Implement TextEventDispatcher::SetPendingComposition() for some platforms whose clause information may overlap each other or the order may not be from start to the end r=smaug (fd046de0fc) - Bug 1137572 part.6 TextEventDispatcher::DispatchKeyboardEventInternal() should copy mNativeKeyEvent when it's in native text input transaction r=smaug (eb17ab1738) - Bug 1137572 part.7 Add TextEventDispatcherListener::WillDispatchKeyboardEvent() for easier to maintain r=smaug (e66759a731) - Bug 1137572 part.8 Callers of methods to dispatch composition events of TextEventDispatcher should be able to specify specific time/timeStamp r=smaug (2cdfd2f3d4) - Bug 1137572 part.9 TextEventDispatcher should not allow WillDispatchKeyboardEvent() modifies unexpected members of WidgetKeyboardEvent r=smaug (94f97ff72d) - Bug 1137561 part.2 Make TSFTextStore use TextEventDispatcher r=m_kato (5b0d92117d) - Bug 1137561 part.3 Make IMMHandler use TextEventDispatcher r=m_kato (2b5ef42de7) - Bug 1137561 part.4 Make NativeKey use TextEventDispatcher r=m_kato (e98eb8b72f) - Bug 1137561 part.5 TextEventDispatcher should decide if keypress events should be fired for specific keys r=m_kato (b5ad4d702c)
238 lines
8.1 KiB
C++
238 lines
8.1 KiB
C++
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "nsUsageArrayHelper.h"
|
|
|
|
#include "mozilla/Assertions.h"
|
|
#include "nsCOMPtr.h"
|
|
#include "nsComponentManagerUtils.h"
|
|
#include "nsDateTimeFormatCID.h"
|
|
#include "nsIDateTimeFormat.h"
|
|
#include "nsNSSCertificate.h"
|
|
#include "nsReadableUtils.h"
|
|
#include "nsServiceManagerUtils.h"
|
|
#include "nspr.h"
|
|
#include "pkix/pkixnss.h"
|
|
#include "secerr.h"
|
|
|
|
using namespace mozilla;
|
|
using namespace mozilla::psm;
|
|
|
|
extern LazyLogModule gPIPNSSLog;
|
|
|
|
static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID); // XXX? needed?::
|
|
|
|
nsUsageArrayHelper::nsUsageArrayHelper(CERTCertificate *aCert)
|
|
:mCert(aCert)
|
|
{
|
|
nsNSSShutDownPreventionLock locker;
|
|
defaultcertdb = CERT_GetDefaultCertDB();
|
|
nssComponent = do_GetService(kNSSComponentCID, &m_rv);
|
|
}
|
|
|
|
namespace {
|
|
|
|
// Some validation errors are non-fatal in that, we should keep checking the
|
|
// cert for other usages after receiving them; i.e. they are errors that NSS
|
|
// returns when a certificate isn't valid for a particular usage, but which
|
|
// don't indicate that the certificate is invalid for ANY usage. Others errors
|
|
// (e.g. revocation) are fatal, and we should immediately stop validation of
|
|
// the cert when we encounter them.
|
|
bool
|
|
isFatalError(uint32_t checkResult)
|
|
{
|
|
return checkResult != nsIX509Cert::VERIFIED_OK &&
|
|
checkResult != nsIX509Cert::USAGE_NOT_ALLOWED &&
|
|
checkResult != nsIX509Cert::ISSUER_NOT_TRUSTED &&
|
|
checkResult != nsIX509Cert::ISSUER_UNKNOWN;
|
|
}
|
|
|
|
} // unnamed namespace
|
|
|
|
// Validates the certificate for the given usage. If the certificate is valid
|
|
// for the given usage, aCounter is incremented, a string description of the
|
|
// usage is appended to outUsages, and nsNSSCertificate::VERIFIED_OK is
|
|
// returned. Otherwise, if validation failed, one of the other "Constants for
|
|
// certificate verification results" in nsIX509Cert is returned.
|
|
uint32_t
|
|
nsUsageArrayHelper::check(uint32_t previousCheckResult,
|
|
const char *suffix,
|
|
CertVerifier * certVerifier,
|
|
SECCertificateUsage aCertUsage,
|
|
mozilla::pkix::Time time,
|
|
CertVerifier::Flags flags,
|
|
uint32_t &aCounter,
|
|
char16_t **outUsages)
|
|
{
|
|
if (!aCertUsage) {
|
|
MOZ_CRASH("caller should have supplied non-zero aCertUsage");
|
|
}
|
|
|
|
if (isFatalError(previousCheckResult)) {
|
|
return previousCheckResult;
|
|
}
|
|
|
|
nsAutoCString typestr;
|
|
switch (aCertUsage) {
|
|
case certificateUsageSSLClient:
|
|
typestr = "VerifySSLClient";
|
|
break;
|
|
case certificateUsageSSLServer:
|
|
typestr = "VerifySSLServer";
|
|
break;
|
|
case certificateUsageEmailSigner:
|
|
typestr = "VerifyEmailSigner";
|
|
break;
|
|
case certificateUsageEmailRecipient:
|
|
typestr = "VerifyEmailRecip";
|
|
break;
|
|
case certificateUsageObjectSigner:
|
|
typestr = "VerifyObjSign";
|
|
break;
|
|
case certificateUsageSSLCA:
|
|
typestr = "VerifySSLCA";
|
|
break;
|
|
case certificateUsageVerifyCA:
|
|
typestr = "VerifyCAVerifier";
|
|
break;
|
|
case certificateUsageStatusResponder:
|
|
typestr = "VerifyStatusResponder";
|
|
break;
|
|
default:
|
|
MOZ_CRASH("unknown cert usage passed to check()");
|
|
}
|
|
|
|
ScopedCERTCertList unusedBuiltChain;
|
|
SECStatus rv = certVerifier->VerifyCert(mCert, aCertUsage, time,
|
|
nullptr /*XXX:wincx*/,
|
|
nullptr /*hostname*/,
|
|
unusedBuiltChain, flags);
|
|
|
|
if (rv == SECSuccess) {
|
|
typestr.Append(suffix);
|
|
nsAutoString verifyDesc;
|
|
m_rv = nssComponent->GetPIPNSSBundleString(typestr.get(), verifyDesc);
|
|
if (NS_SUCCEEDED(m_rv)) {
|
|
outUsages[aCounter++] = ToNewUnicode(verifyDesc);
|
|
}
|
|
return nsIX509Cert::VERIFIED_OK;
|
|
}
|
|
|
|
PRErrorCode error = PR_GetError();
|
|
|
|
uint32_t result = nsIX509Cert::NOT_VERIFIED_UNKNOWN;
|
|
verifyFailed(&result, error);
|
|
|
|
// USAGE_NOT_ALLOWED is the weakest non-fatal error; let all other errors
|
|
// override it.
|
|
if (result == nsIX509Cert::USAGE_NOT_ALLOWED &&
|
|
previousCheckResult != nsIX509Cert::VERIFIED_OK) {
|
|
result = previousCheckResult;
|
|
}
|
|
|
|
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
|
|
("error validating certificate for usage %s: %s (%d) -> %ud \n",
|
|
typestr.get(), PR_ErrorToName(error), (int) error, (int) result));
|
|
|
|
return result;
|
|
}
|
|
|
|
|
|
// Maps the error code to one of the Constants for certificate verification
|
|
// results" in nsIX509Cert.
|
|
void
|
|
nsUsageArrayHelper::verifyFailed(uint32_t *_verified, int err)
|
|
{
|
|
switch (err) {
|
|
/* For these cases, verify only failed for the particular usage */
|
|
case SEC_ERROR_INADEQUATE_KEY_USAGE:
|
|
case SEC_ERROR_INADEQUATE_CERT_TYPE:
|
|
case SEC_ERROR_CA_CERT_INVALID:
|
|
case mozilla::pkix::MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY:
|
|
case mozilla::pkix::MOZILLA_PKIX_ERROR_INADEQUATE_KEY_SIZE:
|
|
case mozilla::pkix::MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA:
|
|
*_verified = nsNSSCertificate::USAGE_NOT_ALLOWED; break;
|
|
/* These are the cases that have individual error messages */
|
|
case SEC_ERROR_REVOKED_CERTIFICATE:
|
|
*_verified = nsNSSCertificate::CERT_REVOKED; break;
|
|
case SEC_ERROR_EXPIRED_CERTIFICATE:
|
|
*_verified = nsNSSCertificate::CERT_EXPIRED; break;
|
|
case SEC_ERROR_UNTRUSTED_CERT:
|
|
*_verified = nsNSSCertificate::CERT_NOT_TRUSTED; break;
|
|
case SEC_ERROR_UNTRUSTED_ISSUER:
|
|
*_verified = nsNSSCertificate::ISSUER_NOT_TRUSTED; break;
|
|
case SEC_ERROR_UNKNOWN_ISSUER:
|
|
*_verified = nsNSSCertificate::ISSUER_UNKNOWN; break;
|
|
case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
|
|
// XXX are there other error for this?
|
|
*_verified = nsNSSCertificate::INVALID_CA; break;
|
|
case SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED:
|
|
*_verified = nsNSSCertificate::SIGNATURE_ALGORITHM_DISABLED; break;
|
|
default:
|
|
*_verified = nsNSSCertificate::NOT_VERIFIED_UNKNOWN; break;
|
|
}
|
|
}
|
|
|
|
nsresult
|
|
nsUsageArrayHelper::GetUsagesArray(const char *suffix,
|
|
bool localOnly,
|
|
uint32_t outArraySize,
|
|
uint32_t *_verified,
|
|
uint32_t *_count,
|
|
char16_t **outUsages)
|
|
{
|
|
nsNSSShutDownPreventionLock locker;
|
|
if (NS_FAILED(m_rv))
|
|
return m_rv;
|
|
|
|
NS_ENSURE_TRUE(nssComponent, NS_ERROR_NOT_AVAILABLE);
|
|
|
|
if (outArraySize < max_returned_out_array_size)
|
|
return NS_ERROR_FAILURE;
|
|
|
|
RefPtr<SharedCertVerifier> certVerifier(GetDefaultCertVerifier());
|
|
NS_ENSURE_TRUE(certVerifier, NS_ERROR_UNEXPECTED);
|
|
|
|
uint32_t &count = *_count;
|
|
count = 0;
|
|
|
|
mozilla::pkix::Time now(mozilla::pkix::Now());
|
|
|
|
CertVerifier::Flags flags = localOnly ? CertVerifier::FLAG_LOCAL_ONLY : 0;
|
|
|
|
// The following list of checks must be < max_returned_out_array_size
|
|
|
|
uint32_t result;
|
|
result = check(nsIX509Cert::VERIFIED_OK, suffix, certVerifier,
|
|
certificateUsageSSLClient, now, flags, count, outUsages);
|
|
result = check(result, suffix, certVerifier,
|
|
certificateUsageSSLServer, now, flags, count, outUsages);
|
|
result = check(result, suffix, certVerifier,
|
|
certificateUsageEmailSigner, now, flags, count, outUsages);
|
|
result = check(result, suffix, certVerifier,
|
|
certificateUsageEmailRecipient, now, flags, count, outUsages);
|
|
result = check(result, suffix, certVerifier,
|
|
certificateUsageObjectSigner, now, flags, count, outUsages);
|
|
result = check(result, suffix, certVerifier,
|
|
certificateUsageSSLCA, now, flags, count, outUsages);
|
|
result = check(result, suffix, certVerifier,
|
|
certificateUsageStatusResponder, now, flags, count, outUsages);
|
|
|
|
if (isFatalError(result) || count == 0) {
|
|
MOZ_ASSERT(result != nsIX509Cert::VERIFIED_OK);
|
|
|
|
// Clear the output usage strings in the case where we encountered a fatal
|
|
// error after we already successfully validated the cert for some usages.
|
|
for (uint32_t i = 0; i < count; ++i) {
|
|
delete outUsages[i];
|
|
outUsages[i] = nullptr;
|
|
}
|
|
count = 0;
|
|
*_verified = result;
|
|
} else {
|
|
*_verified = nsNSSCertificate::VERIFIED_OK;
|
|
}
|
|
return NS_OK;
|
|
}
|