From 086c044dc34dfc0f74fbe41f4ecb402b2cd34884 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 03:13:33 +0200
Subject: Merging upstream version 125.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 netwerk/protocol/http/nsHttpConnectionMgr.cpp | 56 +++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

(limited to 'netwerk/protocol/http/nsHttpConnectionMgr.cpp')

diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
index 2e937d0f2a..c7c385a42a 100644
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
@@ -3821,6 +3821,62 @@ void nsHttpConnectionMgr::DecrementNumIdleConns() {
   ConditionallyStopPruneDeadConnectionsTimer();
 }
 
+// A structure used to marshall objects necessary for ServerCertificateHashaes
+class nsStoreServerCertHashesData : public ARefBase {
+ public:
+  nsStoreServerCertHashesData(
+      nsHttpConnectionInfo* aConnInfo, bool aNoSpdy, bool aNoHttp3,
+      nsTArray<RefPtr<nsIWebTransportHash>>&& aServerCertHashes)
+      : mConnInfo(aConnInfo),
+        mNoSpdy(aNoSpdy),
+        mNoHttp3(aNoHttp3),
+        mServerCertHashes(std::move(aServerCertHashes)) {}
+
+  NS_INLINE_DECL_THREADSAFE_REFCOUNTING(nsStoreServerCertHashesData, override)
+
+  RefPtr<nsHttpConnectionInfo> mConnInfo;
+  bool mNoSpdy;
+  bool mNoHttp3;
+  nsTArray<RefPtr<nsIWebTransportHash>> mServerCertHashes;
+
+ private:
+  virtual ~nsStoreServerCertHashesData() = default;
+};
+
+// The connection manager needs to know the hashes used for a WebTransport
+// connection authenticated with serverCertHashes
+nsresult nsHttpConnectionMgr::StoreServerCertHashes(
+    nsHttpConnectionInfo* aConnInfo, bool aNoSpdy, bool aNoHttp3,
+    nsTArray<RefPtr<nsIWebTransportHash>>&& aServerCertHashes) {
+  RefPtr<nsHttpConnectionInfo> ci = aConnInfo->Clone();
+  RefPtr<nsStoreServerCertHashesData> data = new nsStoreServerCertHashesData(
+      ci, aNoSpdy, aNoHttp3, std::move(aServerCertHashes));
+  return PostEvent(&nsHttpConnectionMgr::OnMsgStoreServerCertHashes, 0, data);
+}
+
+void nsHttpConnectionMgr::OnMsgStoreServerCertHashes(int32_t, ARefBase* param) {
+  MOZ_ASSERT(OnSocketThread(), "not on socket thread");
+
+  nsStoreServerCertHashesData* data =
+      static_cast<nsStoreServerCertHashesData*>(param);
+
+  bool isWildcard;
+  ConnectionEntry* connEnt = GetOrCreateConnectionEntry(
+      data->mConnInfo, true, data->mNoSpdy, data->mNoHttp3, &isWildcard);
+  MOZ_ASSERT(!isWildcard, "No webtransport with wildcard");
+  connEnt->SetServerCertHashes(std::move(data->mServerCertHashes));
+}
+
+const nsTArray<RefPtr<nsIWebTransportHash>>*
+nsHttpConnectionMgr::GetServerCertHashes(nsHttpConnectionInfo* aConnInfo) {
+  ConnectionEntry* connEnt = mCT.GetWeak(aConnInfo->HashKey());
+  if (!connEnt) {
+    MOZ_ASSERT(0);
+    return nullptr;
+  }
+  return &connEnt->GetServerCertHashes();
+}
+
 void nsHttpConnectionMgr::CheckTransInPendingQueue(nsHttpTransaction* aTrans) {
 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
   // We only do this check on socket thread. When this function is called on
-- 
cgit v1.2.3