1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
/* vim:set ts=2 sw=2 et cindent: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_net_TLSServerSocket_h
#define mozilla_net_TLSServerSocket_h
#include "nsITLSServerSocket.h"
#include "nsServerSocket.h"
#include "nsString.h"
#include "mozilla/Mutex.h"
#include "seccomon.h"
namespace mozilla {
namespace net {
class TLSServerSocket final : public nsServerSocket, public nsITLSServerSocket {
public:
NS_DECL_ISUPPORTS_INHERITED
NS_FORWARD_NSISERVERSOCKET(nsServerSocket::)
NS_DECL_NSITLSSERVERSOCKET
// Override methods from nsServerSocket
virtual void CreateClientTransport(PRFileDesc* clientFD,
const NetAddr& clientAddr) override;
virtual nsresult SetSocketDefaults() override;
virtual nsresult OnSocketListen() override;
TLSServerSocket() = default;
private:
virtual ~TLSServerSocket() = default;
static SECStatus AuthCertificateHook(void* arg, PRFileDesc* fd,
PRBool checksig, PRBool isServer);
nsCOMPtr<nsIX509Cert> mServerCert;
};
class TLSServerConnectionInfo : public nsITLSServerConnectionInfo,
public nsITLSClientStatus,
public nsIInterfaceRequestor {
friend class TLSServerSocket;
public:
NS_DECL_THREADSAFE_ISUPPORTS
NS_DECL_NSITLSSERVERCONNECTIONINFO
NS_DECL_NSITLSCLIENTSTATUS
NS_DECL_NSIINTERFACEREQUESTOR
TLSServerConnectionInfo() = default;
private:
virtual ~TLSServerConnectionInfo();
static void HandshakeCallback(PRFileDesc* aFD, void* aArg);
nsresult HandshakeCallback(PRFileDesc* aFD);
RefPtr<TLSServerSocket> mServerSocket;
// Weak ref to the transport, to avoid cycles since the transport holds a
// reference to the TLSServerConnectionInfo object. This is not handed out to
// anyone, and is only used in HandshakeCallback to close the transport in
// case of an error. After this, it's set to nullptr.
nsISocketTransport* mTransport{nullptr};
nsCOMPtr<nsIX509Cert> mPeerCert;
int16_t mTlsVersionUsed{TLS_VERSION_UNKNOWN};
nsCString mCipherName;
uint32_t mKeyLength{0};
uint32_t mMacLength{0};
// lock protects access to mSecurityObserver
mozilla::Mutex mLock{"TLSServerConnectionInfo.mLock"};
nsCOMPtr<nsITLSServerSecurityObserver> mSecurityObserver
MOZ_GUARDED_BY(mLock);
};
} // namespace net
} // namespace mozilla
#endif // mozilla_net_TLSServerSocket_h
|