From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:33:14 +0200 Subject: Adding upstream version 115.7.0esr. Signed-off-by: Daniel Baumann --- security/nss/gtests/ssl_gtest/nss_policy.h | 107 +++++++++++++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100644 security/nss/gtests/ssl_gtest/nss_policy.h (limited to 'security/nss/gtests/ssl_gtest/nss_policy.h') diff --git a/security/nss/gtests/ssl_gtest/nss_policy.h b/security/nss/gtests/ssl_gtest/nss_policy.h new file mode 100644 index 0000000000..ceab03becc --- /dev/null +++ b/security/nss/gtests/ssl_gtest/nss_policy.h @@ -0,0 +1,107 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef nss_policy_h_ +#define nss_policy_h_ + +#include "prtypes.h" +#include "secoid.h" +#include "nss.h" + +namespace nss_test { + +// container class to hold all a temp policy +class NssPolicy { + public: + NssPolicy() : oid_(SEC_OID_UNKNOWN), set_(0), clear_(0) {} + NssPolicy(SECOidTag _oid, PRUint32 _set, PRUint32 _clear) + : oid_(_oid), set_(_set), clear_(_clear) {} + NssPolicy(const NssPolicy &p) + : oid_(p.oid_), set_(p.set_), clear_(p.clear_) {} + // clone the current policy for this oid + NssPolicy(SECOidTag _oid) : oid_(_oid), set_(0), clear_(0) { + NSS_GetAlgorithmPolicy(_oid, &set_); + clear_ = ~set_; + } + SECOidTag oid(void) const { return oid_; } + PRUint32 set(void) const { return set_; } + PRUint32 clear(void) const { return clear_; } + operator bool() const { return oid_ != SEC_OID_UNKNOWN; } + + private: + SECOidTag oid_; + PRUint32 set_; + PRUint32 clear_; +}; + +// container class to hold a temp option +class NssOption { + public: + NssOption() : id_(-1), value_(0) {} + NssOption(PRInt32 _id, PRInt32 _value) : id_(_id), value_(_value) {} + NssOption(const NssOption &o) : id_(o.id_), value_(o.value_) {} + // clone the current option for this id + NssOption(PRInt32 _id) : id_(_id), value_(0) { NSS_OptionGet(id_, &value_); } + PRInt32 id(void) const { return id_; } + PRInt32 value(void) const { return value_; } + operator bool() const { return id_ != -1; } + + private: + PRInt32 id_; + PRInt32 value_; +}; + +// set the policy indicated in NssPolicy and restor the old policy +// when we go out of scope +class NssManagePolicy { + public: + NssManagePolicy(const NssPolicy &p, const NssOption &o) + : policy_(p), save_policy_(~(PRUint32)0), option_(o), save_option_(0) { + if (p) { + (void)NSS_GetAlgorithmPolicy(p.oid(), &save_policy_); + (void)NSS_SetAlgorithmPolicy(p.oid(), p.set(), p.clear()); + } + if (o) { + (void)NSS_OptionGet(o.id(), &save_option_); + (void)NSS_OptionSet(o.id(), o.value()); + } + } + ~NssManagePolicy() { + if (policy_) { + (void)NSS_SetAlgorithmPolicy(policy_.oid(), save_policy_, ~save_policy_); + } + if (option_) { + (void)NSS_OptionSet(option_.id(), save_option_); + } + } + + private: + NssPolicy policy_; + PRUint32 save_policy_; + NssOption option_; + PRInt32 save_option_; +}; + +// wrapping PRFileDesc this way ensures that tests that attempt to access +// PRFileDesc always correctly apply +// the policy that was bound to that socket with TlsAgent::SetPolicy(). +class NssManagedFileDesc { + public: + NssManagedFileDesc(PRFileDesc *fd, const NssPolicy &policy, + const NssOption &option) + : fd_(fd), managed_policy_(policy, option) {} + PRFileDesc *get(void) const { return fd_; } + operator PRFileDesc *() const { return fd_; } + bool operator==(PRFileDesc *fd) const { return fd_ == fd; } + + private: + PRFileDesc *fd_; + NssManagePolicy managed_policy_; +}; + +} // namespace nss_test + +#endif -- cgit v1.2.3