From 27c206b4351ae6e681d851a41356d90612fdaaa8 Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Sun, 12 Apr 2015 19:57:48 -1000 Subject: [PATCH] Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler --- security/apps/AppSignatureVerification.cpp | 26 +++++++++-------- .../certverifier/NSSCertDBTrustDomain.cpp | 28 +++++++------------ security/certverifier/NSSCertDBTrustDomain.h | 2 -- security/certverifier/OCSPRequestor.cpp | 22 +++++++++------ .../ssl/src/SSLServerCertVerification.cpp | 6 ++-- security/manager/ssl/src/ScopedNSSTypes.h | 3 ++ security/manager/ssl/src/nsCrypto.cpp | 5 +--- security/manager/ssl/src/nsNSSCertificate.cpp | 6 ++-- security/manager/ssl/src/nsNSSIOLayer.cpp | 6 ++-- 9 files changed, 51 insertions(+), 53 deletions(-) diff --git a/security/apps/AppSignatureVerification.cpp b/security/apps/AppSignatureVerification.cpp index 9cc76a9eb36..0c53e23c785 100644 --- a/security/apps/AppSignatureVerification.cpp +++ b/security/apps/AppSignatureVerification.cpp @@ -6,12 +6,12 @@ #include "nsNSSCertificateDB.h" -#include "pkix/pkix.h" -#include "pkix/pkixnss.h" -#include "pkix/ScopedPtr.h" -#include "mozilla/RefPtr.h" -#include "CryptoTask.h" #include "AppTrustDomain.h" +#include "base64.h" +#include "certdb.h" +#include "CryptoTask.h" +#include "mozilla/RefPtr.h" +#include "mozilla/UniquePtr.h" #include "nsComponentManagerUtils.h" #include "nsCOMPtr.h" #include "nsDataSignatureVerifier.h" @@ -24,16 +24,16 @@ #include "nsNetUtil.h" #include "nsNSSCertificate.h" #include "nsProxyRelease.h" +#include "nssb64.h" #include "NSSCertDBTrustDomain.h" #include "nsString.h" #include "nsTHashtable.h" - -#include "base64.h" -#include "certdb.h" -#include "nssb64.h" -#include "secmime.h" #include "plstr.h" #include "prlog.h" +#include "pkix/pkix.h" +#include "pkix/pkixnss.h" +#include "secmime.h" + using namespace mozilla::pkix; using namespace mozilla; @@ -807,8 +807,10 @@ VerifySignedManifest(AppTrustedRoot aTrustedRoot, } // Get base64 encoded string from manifest buffer digest - ScopedPtr base64EncDigest(NSSBase64_EncodeItem(nullptr, - nullptr, 0, const_cast(&manifestCalculatedDigest.get()))); + UniquePtr + base64EncDigest(NSSBase64_EncodeItem(nullptr, nullptr, 0, + const_cast(&manifestCalculatedDigest.get())), + PORT_Free); if (NS_WARN_IF(!base64EncDigest)) { return NS_ERROR_OUT_OF_MEMORY; } diff --git a/security/certverifier/NSSCertDBTrustDomain.cpp b/security/certverifier/NSSCertDBTrustDomain.cpp index af1f66b30bd..095e1ebd2d6 100644 --- a/security/certverifier/NSSCertDBTrustDomain.cpp +++ b/security/certverifier/NSSCertDBTrustDomain.cpp @@ -18,13 +18,11 @@ #include "pk11pub.h" #include "pkix/pkix.h" #include "pkix/pkixnss.h" -#include "pkix/ScopedPtr.h" #include "prerror.h" #include "prmem.h" #include "prprf.h" #include "ScopedNSSTypes.h" #include "secerr.h" -#include "secmod.h" using namespace mozilla; using namespace mozilla::pkix; @@ -39,14 +37,6 @@ namespace mozilla { namespace psm { const char BUILTIN_ROOTS_MODULE_DEFAULT_NAME[] = "Builtin Roots Module"; -void PORT_Free_string(char* str) { PORT_Free(str); } - -namespace { - -typedef ScopedPtr ScopedSECMODModule; - -} // unnamed namespace - NSSCertDBTrustDomain::NSSCertDBTrustDomain(SECTrustType certDBTrustType, OCSPFetching ocspFetching, OCSPCache& ocspCache, @@ -831,14 +821,15 @@ LoadLoadableRoots(/*optional*/ const char* dir, const char* modNameUTF8) return SECFailure; } - ScopedPtr fullLibraryPath( - PR_GetLibraryName(dir, "nssckbi")); + UniquePtr + fullLibraryPath(PR_GetLibraryName(dir, "nssckbi"), PR_FreeLibraryName); if (!fullLibraryPath) { return SECFailure; } - ScopedPtr escaped_fullLibraryPath( - nss_addEscape(fullLibraryPath.get(), '\"')); + UniquePtr + escaped_fullLibraryPath(nss_addEscape(fullLibraryPath.get(), '\"'), + PORT_Free); if (!escaped_fullLibraryPath) { return SECFailure; } @@ -847,9 +838,10 @@ LoadLoadableRoots(/*optional*/ const char* dir, const char* modNameUTF8) int modType; SECMOD_DeleteModule(modNameUTF8, &modType); - ScopedPtr pkcs11ModuleSpec( - PR_smprintf("name=\"%s\" library=\"%s\"", modNameUTF8, - escaped_fullLibraryPath.get())); + UniquePtr + pkcs11ModuleSpec(PR_smprintf("name=\"%s\" library=\"%s\"", modNameUTF8, + escaped_fullLibraryPath.get()), + PR_smprintf_free); if (!pkcs11ModuleSpec) { return SECFailure; } @@ -965,7 +957,7 @@ SaveIntermediateCerts(const ScopedCERTCertList& certList) // We have found a signer cert that we want to remember. char* nickname = DefaultServerNicknameForCert(node->cert); if (nickname && *nickname) { - ScopedPtr slot(PK11_GetInternalKeySlot()); + ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot()); if (slot) { PK11_ImportCert(slot.get(), node->cert, CK_INVALID_HANDLE, nickname, false); diff --git a/security/certverifier/NSSCertDBTrustDomain.h b/security/certverifier/NSSCertDBTrustDomain.h index 0ddf4d4fea8..2cd33ab9317 100644 --- a/security/certverifier/NSSCertDBTrustDomain.h +++ b/security/certverifier/NSSCertDBTrustDomain.h @@ -20,8 +20,6 @@ void DisableMD5(); extern const char BUILTIN_ROOTS_MODULE_DEFAULT_NAME[]; -void PORT_Free_string(char* str); - // The dir parameter is the path to the directory containing the NSS builtin // roots module. Usually this is the same as the path to the other NSS shared // libraries. If it is null then the (library) path will be searched. diff --git a/security/certverifier/OCSPRequestor.cpp b/security/certverifier/OCSPRequestor.cpp index 5073dd56b89..653240b8c9f 100644 --- a/security/certverifier/OCSPRequestor.cpp +++ b/security/certverifier/OCSPRequestor.cpp @@ -9,36 +9,42 @@ #include #include "mozilla/Base64.h" +#include "mozilla/Scoped.h" #include "nsIURLParser.h" #include "nsNSSCallbacks.h" #include "nsNetCID.h" #include "nsServiceManagerUtils.h" -#include "pkix/ScopedPtr.h" #include "secerr.h" #ifdef PR_LOGGING extern PRLogModuleInfo* gCertVerifierLog; #endif -namespace mozilla { namespace psm { - -using mozilla::pkix::ScopedPtr; +namespace mozilla { void ReleaseHttpServerSession(nsNSSHttpServerSession* httpServerSession) { delete httpServerSession; } -typedef ScopedPtr - ScopedHTTPServerSession; void ReleaseHttpRequestSession(nsNSSHttpRequestSession* httpRequestSession) { httpRequestSession->Release(); } -typedef ScopedPtr - ScopedHTTPRequestSession; + +MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedHTTPServerSession, + nsNSSHttpServerSession, + ReleaseHttpServerSession) + +MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedHTTPRequestSession, + nsNSSHttpRequestSession, + ReleaseHttpRequestSession) + +} // namespace mozilla + +namespace mozilla { namespace psm { static nsresult AppendEscapedBase64Item(const SECItem* encodedRequest, nsACString& path) diff --git a/security/manager/ssl/src/SSLServerCertVerification.cpp b/security/manager/ssl/src/SSLServerCertVerification.cpp index c61b4d44fd7..3fe64522ef0 100644 --- a/security/manager/ssl/src/SSLServerCertVerification.cpp +++ b/security/manager/ssl/src/SSLServerCertVerification.cpp @@ -98,7 +98,6 @@ #include "pkix/pkix.h" #include "pkix/pkixnss.h" -#include "pkix/ScopedPtr.h" #include "CertVerifier.h" #include "CryptoTask.h" #include "ExtendedValidation.h" @@ -114,6 +113,7 @@ #include "mozilla/Mutex.h" #include "mozilla/Telemetry.h" #include "mozilla/net/DNS.h" +#include "mozilla/UniquePtr.h" #include "mozilla/unused.h" #include "nsIThreadPool.h" #include "nsNetUtil.h" @@ -876,8 +876,8 @@ GatherBaselineRequirementsTelemetry(const ScopedCERTCertList& certList) return; } CERTCertificate* cert = endEntityNode->cert; - mozilla::pkix::ScopedPtr commonName( - CERT_GetCommonName(&cert->subject)); + UniquePtr + commonName(CERT_GetCommonName(&cert->subject), PORT_Free); // This only applies to certificates issued by authorities in our root // program. bool isBuiltIn = false; diff --git a/security/manager/ssl/src/ScopedNSSTypes.h b/security/manager/ssl/src/ScopedNSSTypes.h index 2da2c186473..7859a3221c3 100644 --- a/security/manager/ssl/src/ScopedNSSTypes.h +++ b/security/manager/ssl/src/ScopedNSSTypes.h @@ -28,6 +28,7 @@ #include "secpkcs7.h" #include "secport.h" #include "prerror.h" +#include "secmod.h" namespace mozilla { @@ -334,6 +335,8 @@ MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedSECKEYPublicKey, MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedSECAlgorithmID, SECAlgorithmID, internal::SECOID_DestroyAlgorithmID_true) +MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedSECMODModule, SECMODModule, + SECMOD_DestroyModule) } // namespace mozilla diff --git a/security/manager/ssl/src/nsCrypto.cpp b/security/manager/ssl/src/nsCrypto.cpp index 62d3e3dc500..e61b7a47b89 100644 --- a/security/manager/ssl/src/nsCrypto.cpp +++ b/security/manager/ssl/src/nsCrypto.cpp @@ -9,10 +9,7 @@ #include "nsNSSComponent.h" #include "nsNativeCharsetUtils.h" #include "nsServiceManagerUtils.h" -#include "pkix/ScopedPtr.h" -#include "secmod.h" - -typedef mozilla::pkix::ScopedPtr ScopedSECMODModule; +#include "ScopedNSSTypes.h" // QueryInterface implementation for nsPkcs11 NS_INTERFACE_MAP_BEGIN(nsPkcs11) diff --git a/security/manager/ssl/src/nsNSSCertificate.cpp b/security/manager/ssl/src/nsNSSCertificate.cpp index 9088b9e793c..19ab24a93c9 100644 --- a/security/manager/ssl/src/nsNSSCertificate.cpp +++ b/security/manager/ssl/src/nsNSSCertificate.cpp @@ -10,9 +10,9 @@ #include "prprf.h" #include "CertVerifier.h" #include "ExtendedValidation.h" +#include "mozilla/UniquePtr.h" #include "pkix/pkixnss.h" #include "pkix/pkixtypes.h" -#include "pkix/ScopedPtr.h" #include "nsNSSComponent.h" // for PIPNSS string bundle calls. #include "nsCOMPtr.h" #include "nsIMutableArray.h" @@ -534,8 +534,8 @@ nsNSSCertificate::GetWindowTitle(nsAString& aWindowTitle) return NS_ERROR_FAILURE; } - mozilla::pkix::ScopedPtr - commonName(CERT_GetCommonName(&mCert->subject)); + UniquePtr + commonName(CERT_GetCommonName(&mCert->subject), PORT_Free); const char* titleOptions[] = { mCert->nickname, diff --git a/security/manager/ssl/src/nsNSSIOLayer.cpp b/security/manager/ssl/src/nsNSSIOLayer.cpp index 489461c9749..083f9705552 100644 --- a/security/manager/ssl/src/nsNSSIOLayer.cpp +++ b/security/manager/ssl/src/nsNSSIOLayer.cpp @@ -6,12 +6,12 @@ #include "nsNSSIOLayer.h" -#include "pkix/ScopedPtr.h" #include "pkix/pkixtypes.h" #include "nsNSSComponent.h" #include "mozilla/BinarySearch.h" #include "mozilla/Casting.h" #include "mozilla/DebugOnly.h" +#include "mozilla/UniquePtr.h" #include "mozilla/Telemetry.h" #include "prlog.h" @@ -2313,8 +2313,8 @@ ClientAuthDataRunnable::RunOnTargetThread() NS_ASSERTION(nicknames->numnicknames == NumberOfCerts, "nicknames->numnicknames != NumberOfCerts"); // Get CN and O of the subject and O of the issuer - mozilla::pkix::ScopedPtr ccn( - CERT_GetCommonName(&mServerCert->subject)); + UniquePtr + ccn(CERT_GetCommonName(&mServerCert->subject), PORT_Free); NS_ConvertUTF8toUTF16 cn(ccn.get()); int32_t port;