LCOV - code coverage report
Current view: directory - security/manager/ssl/src - nsCertOverrideService.h (source / functions) Found Hit Coverage
Test: app.info Lines: 33 0 0.0 %
Date: 2012-06-02 Functions: 10 0 0.0 %

       1                 : /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
       2                 :  *
       3                 :  * ***** BEGIN LICENSE BLOCK *****
       4                 :  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
       5                 :  *
       6                 :  * The contents of this file are subject to the Mozilla Public License Version
       7                 :  * 1.1 (the "License"); you may not use this file except in compliance with
       8                 :  * the License. You may obtain a copy of the License at
       9                 :  * http://www.mozilla.org/MPL/
      10                 :  *
      11                 :  * Software distributed under the License is distributed on an "AS IS" basis,
      12                 :  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
      13                 :  * for the specific language governing rights and limitations under the
      14                 :  * License.
      15                 :  *
      16                 :  * The Original Code is mozilla.org code.
      17                 :  *
      18                 :  * The Initial Developer of the Original Code is
      19                 :  * Red Hat, Inc.
      20                 :  * Portions created by the Initial Developer are Copyright (C) 2006
      21                 :  * the Initial Developer. All Rights Reserved.
      22                 :  *
      23                 :  * Contributor(s):
      24                 :  *   Kai Engert <kengert@redhat.com>
      25                 :  *   Ehsan Akhgari <ehsan.akhgari@gmail.com>
      26                 :  *
      27                 :  * Alternatively, the contents of this file may be used under the terms of
      28                 :  * either the GNU General Public License Version 2 or later (the "GPL"), or
      29                 :  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
      30                 :  * in which case the provisions of the GPL or the LGPL are applicable instead
      31                 :  * of those above. If you wish to allow use of your version of this file only
      32                 :  * under the terms of either the GPL or the LGPL, and not to allow others to
      33                 :  * use your version of this file under the terms of the MPL, indicate your
      34                 :  * decision by deleting the provisions above and replace them with the notice
      35                 :  * and other provisions required by the GPL or the LGPL. If you do not delete
      36                 :  * the provisions above, a recipient may use your version of this file under
      37                 :  * the terms of any one of the MPL, the GPL or the LGPL.
      38                 :  *
      39                 :  * ***** END LICENSE BLOCK ***** */
      40                 : 
      41                 : #ifndef __NSCERTOVERRIDESERVICE_H__
      42                 : #define __NSCERTOVERRIDESERVICE_H__
      43                 : 
      44                 : #include "mozilla/ReentrantMonitor.h"
      45                 : #include "nsICertOverrideService.h"
      46                 : #include "nsTHashtable.h"
      47                 : #include "nsIObserver.h"
      48                 : #include "nsString.h"
      49                 : #include "nsIFile.h"
      50                 : #include "secoidt.h"
      51                 : #include "nsWeakReference.h"
      52                 : 
      53                 : class nsCertOverride
      54               0 : {
      55                 : public:
      56                 : 
      57                 :   enum OverrideBits { ob_None=0, ob_Untrusted=1, ob_Mismatch=2,
      58                 :                       ob_Time_error=4 };
      59                 : 
      60               0 :   nsCertOverride()
      61                 :   :mPort(-1)
      62               0 :   ,mOverrideBits(ob_None)
      63                 :   {
      64               0 :   }
      65                 : 
      66                 :   nsCertOverride(const nsCertOverride &other)
      67                 :   {
      68                 :     this->operator=(other);
      69                 :   }
      70                 : 
      71               0 :   nsCertOverride &operator=(const nsCertOverride &other)
      72                 :   {
      73               0 :     mAsciiHost = other.mAsciiHost;
      74               0 :     mPort = other.mPort;
      75               0 :     mIsTemporary = other.mIsTemporary;
      76               0 :     mFingerprintAlgOID = other.mFingerprintAlgOID;
      77               0 :     mFingerprint = other.mFingerprint;
      78               0 :     mOverrideBits = other.mOverrideBits;
      79               0 :     mDBKey = other.mDBKey;
      80               0 :     mCert = other.mCert;
      81               0 :     return *this;
      82                 :   }
      83                 : 
      84                 :   nsCString mAsciiHost;
      85                 :   PRInt32 mPort;
      86                 :   bool mIsTemporary; // true: session only, false: stored on disk
      87                 :   nsCString mFingerprint;
      88                 :   nsCString mFingerprintAlgOID;
      89                 :   OverrideBits mOverrideBits;
      90                 :   nsCString mDBKey;
      91                 :   nsCOMPtr <nsIX509Cert> mCert;
      92                 : 
      93                 :   static void convertBitsToString(OverrideBits ob, nsACString &str);
      94                 :   static void convertStringToBits(const nsACString &str, OverrideBits &ob);
      95                 : };
      96                 : 
      97                 : 
      98                 : // hash entry class
      99                 : class nsCertOverrideEntry : public PLDHashEntryHdr
     100                 : {
     101                 :   public:
     102                 :     // Hash methods
     103                 :     typedef const char* KeyType;
     104                 :     typedef const char* KeyTypePointer;
     105                 : 
     106                 :     // do nothing with aHost - we require mHead to be set before we're live!
     107               0 :     nsCertOverrideEntry(KeyTypePointer aHostWithPortUTF8)
     108               0 :     {
     109               0 :     }
     110                 : 
     111               0 :     nsCertOverrideEntry(const nsCertOverrideEntry& toCopy)
     112               0 :     {
     113               0 :       mSettings = toCopy.mSettings;
     114               0 :       mHostWithPort = toCopy.mHostWithPort;
     115               0 :     }
     116                 : 
     117               0 :     ~nsCertOverrideEntry()
     118               0 :     {
     119               0 :     }
     120                 : 
     121                 :     KeyType GetKey() const
     122                 :     {
     123                 :       return HostWithPortPtr();
     124                 :     }
     125                 : 
     126                 :     KeyTypePointer GetKeyPointer() const
     127                 :     {
     128                 :       return HostWithPortPtr();
     129                 :     }
     130                 : 
     131               0 :     bool KeyEquals(KeyTypePointer aKey) const
     132                 :     {
     133               0 :       return !strcmp(HostWithPortPtr(), aKey);
     134                 :     }
     135                 : 
     136               0 :     static KeyTypePointer KeyToPointer(KeyType aKey)
     137                 :     {
     138               0 :       return aKey;
     139                 :     }
     140                 : 
     141               0 :     static PLDHashNumber HashKey(KeyTypePointer aKey)
     142                 :     {
     143                 :       // PL_DHashStringKey doesn't use the table parameter, so we can safely
     144                 :       // pass nsnull
     145               0 :       return PL_DHashStringKey(nsnull, aKey);
     146                 :     }
     147                 : 
     148                 :     enum { ALLOW_MEMMOVE = false };
     149                 : 
     150                 :     // get methods
     151                 :     inline const nsCString &HostWithPort() const { return mHostWithPort; }
     152                 : 
     153               0 :     inline KeyTypePointer HostWithPortPtr() const
     154                 :     {
     155               0 :       return mHostWithPort.get();
     156                 :     }
     157                 : 
     158                 :     nsCertOverride mSettings;
     159                 :     nsCString mHostWithPort;
     160                 : };
     161                 : 
     162                 : class nsCertOverrideService : public nsICertOverrideService
     163                 :                             , public nsIObserver
     164                 :                             , public nsSupportsWeakReference
     165                 : {
     166                 : public:
     167                 :   NS_DECL_ISUPPORTS
     168                 :   NS_DECL_NSICERTOVERRIDESERVICE
     169                 :   NS_DECL_NSIOBSERVER
     170                 : 
     171                 :   nsCertOverrideService();
     172                 :   ~nsCertOverrideService();
     173                 : 
     174                 :   nsresult Init();
     175                 :   void RemoveAllTemporaryOverrides();
     176                 : 
     177                 :   typedef void 
     178                 :   (*PR_CALLBACK CertOverrideEnumerator)(const nsCertOverride &aSettings,
     179                 :                                         void *aUserData);
     180                 : 
     181                 :   // aCert == null: return all overrides
     182                 :   // aCert != null: return overrides that match the given cert
     183                 :   nsresult EnumerateCertOverrides(nsIX509Cert *aCert,
     184                 :                                   CertOverrideEnumerator enumerator,
     185                 :                                   void *aUserData);
     186                 : 
     187                 :     // Concates host name and the port number. If the port number is -1 then
     188                 :     // port 443 is automatically used. This method ensures there is always a port
     189                 :     // number separated with colon.
     190                 :     static void GetHostWithPort(const nsACString & aHostName, PRInt32 aPort, nsACString& _retval);
     191                 : 
     192                 : protected:
     193                 :     mozilla::ReentrantMonitor monitor;
     194                 :     nsCOMPtr<nsIFile> mSettingsFile;
     195                 :     nsTHashtable<nsCertOverrideEntry> mSettingsTable;
     196                 : 
     197                 :     SECOidTag mOidTagForStoringNewHashes;
     198                 :     nsCString mDottedOidForStoringNewHashes;
     199                 : 
     200                 :     void RemoveAllFromMemory();
     201                 :     nsresult Read();
     202                 :     nsresult Write();
     203                 :     nsresult AddEntryToList(const nsACString &host, PRInt32 port,
     204                 :                             nsIX509Cert *aCert,
     205                 :                             const bool aIsTemporary,
     206                 :                             const nsACString &algo_oid, 
     207                 :                             const nsACString &fingerprint,
     208                 :                             nsCertOverride::OverrideBits ob,
     209                 :                             const nsACString &dbKey);
     210                 : };
     211                 : 
     212                 : #define NS_CERTOVERRIDE_CID { /* 67ba681d-5485-4fff-952c-2ee337ffdcd6 */ \
     213                 :     0x67ba681d,                                                        \
     214                 :     0x5485,                                                            \
     215                 :     0x4fff,                                                            \
     216                 :     {0x95, 0x2c, 0x2e, 0xe3, 0x37, 0xff, 0xdc, 0xd6}                   \
     217                 :   }
     218                 : 
     219                 : #endif

Generated by: LCOV version 1.7