wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 832848: Removed unused site identity block tooltip logic from PSM, r=dolske

Browse Source 
--HG--
extra : rebase_source : 1793e526272622d811e45d0f4b2f0460471f4501
This commit is contained in:
Brian Smith 2013-02-02 17:21:45 -08:00
parent 2e1dbcc094
commit 3657897948
11 changed files with 77 additions and 233 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
dom/ipc/TabParent.cpp
View File

@ -538,13 +538,6 @@ TabParent::SetDocShell(nsIDocShell *aDocShell)
return NS_OK;
}
NS_IMETHODIMP
TabParent::GetTooltipText(nsAString & aTooltipText)
{
aTooltipText.Truncate();
return NS_OK;
}
PDocumentRendererParent*
TabParent::AllocPDocumentRenderer(const nsRect& documentRect,
const gfxMatrix& transform,

3
netwerk/base/public/nsISecureBrowserUI.idl
View File

@ -10,14 +10,13 @@ interface nsIDOMWindow;
interface nsIDOMElement;
interface nsIDocShell;
[scriptable, uuid(e97e5688-add2-4a1d-acae-396d7702e382)]
[scriptable, uuid(62f6c5be-ea8c-4fab-8e5c-d1580b50ec3f)]
interface nsISecureBrowserUI : nsISupports
{
void init(in nsIDOMWindow window);
void setDocShell(in nsIDocShell docShell);
readonly attribute unsigned long state;
readonly attribute AString tooltipText;
};
%{C++

3
netwerk/socket/nsITransportSecurityInfo.idl
View File

@ -6,10 +6,9 @@
#include "nsISupports.idl"
[scriptable, uuid(0d0a6b62-d4a9-402e-a197-6bc6e358fec9)]
[scriptable, uuid(8813d03b-e76c-4240-9691-d327d9b91e88)]
interface nsITransportSecurityInfo : nsISupports {
readonly attribute unsigned long securityState;
readonly attribute wstring shortSecurityDescription;
readonly attribute wstring errorMessage;
};

97
security/manager/boot/src/nsSecureBrowserUIImpl.cpp
View File

@ -48,8 +48,6 @@
using namespace mozilla;
#define SECURITY_STRING_BUNDLE_URL "chrome://pipnss/locale/security.properties"
#define IS_SECURE(state) ((state & 0xFFFF) == STATE_IS_SECURE)
#if defined(PR_LOGGING)
@ -191,17 +189,6 @@ nsSecureBrowserUIImpl::Init(nsIDOMWindow *aWindow)
mWindow = do_GetWeakReference(pwin, &rv);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIStringBundleService> service(do_GetService(NS_STRINGBUNDLE_CONTRACTID, &rv));
if (NS_FAILED(rv)) return rv;
// We do not need to test for mStringBundle here...
// Anywhere we use it, we will test before using. Some
// embedded users of PSM may want to reuse our
// nsSecureBrowserUIImpl implementation without the
// bundle.
service->CreateBundle(SECURITY_STRING_BUNDLE_URL, getter_AddRefs(mStringBundle));
// hook up to the form post notifications:
nsCOMPtr<nsIObserverService> svc(do_GetService("@mozilla.org/observer-service;1", &rv));
if (NS_SUCCEEDED(rv)) {
@ -337,36 +324,6 @@ nsSecureBrowserUIImpl::SetDocShell(nsIDocShell *aDocShell)
return rv;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::GetTooltipText(nsAString& aText)
{
lockIconState state;
nsXPIDLString tooltip;
{
ReentrantMonitorAutoEnter lock(mReentrantMonitor);
state = mNotifiedSecurityState;
tooltip = mInfoTooltip;
}
if (state == lis_mixed_security)
{
GetBundleString(NS_LITERAL_STRING("SecurityButtonMixedContentTooltipText").get(),
aText);
}
else if (!tooltip.IsEmpty())
{
aText = tooltip;
}
else
{
GetBundleString(NS_LITERAL_STRING("SecurityButtonTooltipText").get(),
aText);
}
return NS_OK;
}
NS_IMETHODIMP
nsSecureBrowserUIImpl::Observe(nsISupports*, const char*,
const PRUnichar*)
@ -504,7 +461,6 @@ void nsSecureBrowserUIImpl::ResetStateTracking()
{
ReentrantMonitorAutoEnter lock(mReentrantMonitor);
mInfoTooltip.Truncate();
mDocumentRequestsInProgress = 0;
if (mTransferringRequests.ops) {
PL_DHashTableFinish(&mTransferringRequests);
@ -528,9 +484,6 @@ nsSecureBrowserUIImpl::EvaluateAndUpdateSecurityState(nsIRequest* aRequest, nsIS
bool updateStatus = false;
nsCOMPtr<nsISSLStatus> temp_SSLStatus;
bool updateTooltip = false;
nsXPIDLString temp_InfoTooltip;
temp_NewToplevelSecurityState = GetSecurityStateFromSecurityInfo(info);
PR_LOG(gSecureDocLog, PR_LOG_DEBUG,
@ -550,14 +503,6 @@ nsSecureBrowserUIImpl::EvaluateAndUpdateSecurityState(nsIRequest* aRequest, nsIS
}
}
if (info) {
nsCOMPtr<nsITransportSecurityInfo> secInfo(do_QueryInterface(info));
if (secInfo) {
updateTooltip = true;
secInfo->GetShortSecurityDescription(getter_Copies(temp_InfoTooltip));
}
}
// assume temp_NewToplevelSecurityState was set in this scope!
// see code that is directly above
@ -569,9 +514,6 @@ nsSecureBrowserUIImpl::EvaluateAndUpdateSecurityState(nsIRequest* aRequest, nsIS
if (updateStatus) {
mSSLStatus = temp_SSLStatus;
}
if (updateTooltip) {
mInfoTooltip = temp_InfoTooltip;
}
PR_LOG(gSecureDocLog, PR_LOG_DEBUG,
("SecureUI:%p: remember securityInfo %p\n", this,
info));
@ -588,8 +530,7 @@ nsSecureBrowserUIImpl::EvaluateAndUpdateSecurityState(nsIRequest* aRequest, nsIS
mRestoreSubrequests = false;
}
return UpdateSecurityState(aRequest, withNewLocation,
updateStatus, updateTooltip);
return UpdateSecurityState(aRequest, withNewLocation, updateStatus);
}
void
@ -1311,7 +1252,7 @@ nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
}
if (temp_NewToplevelSecurityStateKnown)
return UpdateSecurityState(aRequest, false, false, false);
return UpdateSecurityState(aRequest, false, false);
}
return NS_OK;
@ -1331,8 +1272,7 @@ void nsSecureBrowserUIImpl::ObtainEventSink(nsIChannel *channel,
nsresult nsSecureBrowserUIImpl::UpdateSecurityState(nsIRequest* aRequest,
bool withNewLocation,
bool withUpdateStatus,
bool withUpdateTooltip)
bool withUpdateStatus)
{
lockIconState warnSecurityState = lis_no_security;
nsresult rv = NS_OK;
@ -1340,7 +1280,7 @@ nsresult nsSecureBrowserUIImpl::UpdateSecurityState(nsIRequest* aRequest,
// both parameters are both input and outout
bool flagsChanged = UpdateMyFlags(warnSecurityState);
if (flagsChanged || withNewLocation || withUpdateStatus || withUpdateTooltip)
if (flagsChanged || withNewLocation || withUpdateStatus)
rv = TellTheWorld(warnSecurityState, aRequest);
return rv;
@ -1407,7 +1347,6 @@ bool nsSecureBrowserUIImpl::UpdateMyFlags(lockIconState &warnSecurityState)
if (lis_no_security == newSecurityState)
{
mSSLStatus = nullptr;
mInfoTooltip.Truncate();
}
}
@ -1547,7 +1486,7 @@ nsSecureBrowserUIImpl::OnLocationChange(nsIWebProgress* aWebProgress,
}
if (temp_NewToplevelSecurityStateKnown)
return UpdateSecurityState(aRequest, true, false, false);
return UpdateSecurityState(aRequest, true, false);
return NS_OK;
}
@ -1637,32 +1576,6 @@ nsSecureBrowserUIImpl::IsURLJavaScript(nsIURI* aURL, bool* value)
return aURL->SchemeIs("javascript", value);
}
void
nsSecureBrowserUIImpl::GetBundleString(const PRUnichar* name,
nsAString &outString)
{
nsCOMPtr<nsIStringBundle> temp_StringBundle;
{
ReentrantMonitorAutoEnter lock(mReentrantMonitor);
temp_StringBundle = mStringBundle;
}
if (temp_StringBundle && name) {
PRUnichar *ptrv = nullptr;
if (NS_SUCCEEDED(temp_StringBundle->GetStringFromName(name,
&ptrv)))
outString = ptrv;
else
outString.SetLength(0);
nsMemory::Free(ptrv);
} else {
outString.SetLength(0);
}
}
nsresult
nsSecureBrowserUIImpl::CheckPost(nsIURI *formURL, nsIURI *actionURL, bool *okayToPost)
{

8
security/manager/boot/src/nsSecureBrowserUIImpl.h
View File

@ -8,13 +8,11 @@
#include "mozilla/ReentrantMonitor.h"
#include "nsCOMPtr.h"
#include "nsXPIDLString.h"
#include "nsString.h"
#include "nsIObserver.h"
#include "nsIDOMElement.h"
#include "nsIDOMWindow.h"
#include "nsIDOMHTMLFormElement.h"
#include "nsIStringBundle.h"
#include "nsISecureBrowserUI.h"
#include "nsIDocShell.h"
#include "nsIDocShellTreeItem.h"
@ -69,7 +67,6 @@ protected:
nsWeakPtr mWindow;
nsWeakPtr mDocShell;
nsCOMPtr<nsINetUtil> mIOService;
nsCOMPtr<nsIStringBundle> mStringBundle;
nsCOMPtr<nsIURI> mCurrentURI;
nsCOMPtr<nsISecurityEventSink> mToplevelEventSink;
@ -89,7 +86,6 @@ protected:
bool mNewToplevelSecurityStateKnown;
bool mIsViewSource;
nsXPIDLString mInfoTooltip;
int32_t mDocumentRequestsInProgress;
int32_t mSubRequestsBrokenSecurity;
int32_t mSubRequestsNoSecurity;
@ -103,7 +99,7 @@ protected:
static already_AddRefed<nsISupports> ExtractSecurityInfo(nsIRequest* aRequest);
nsresult MapInternalToExternalState(uint32_t* aState, lockIconState lock, bool ev);
nsresult UpdateSecurityState(nsIRequest* aRequest, bool withNewLocation,
bool withUpdateStatus, bool withUpdateTooltip);
bool withUpdateStatus);
bool UpdateMyFlags(lockIconState &warnSecurityState);
nsresult TellTheWorld(lockIconState warnSecurityState,
nsIRequest* aRequest);
@ -118,8 +114,6 @@ protected:
nsCOMPtr<nsISSLStatus> mSSLStatus;
nsCOMPtr<nsISupports> mCurrentToplevelSecurityInfo;
void GetBundleString(const PRUnichar* name, nsAString &outString);
nsresult CheckPost(nsIURI *formURI, nsIURI *actionURL, bool *okayToPost);
nsresult IsURLHTTPS(nsIURI* aURL, bool *value);
nsresult IsURLJavaScript(nsIURI* aURL, bool *value);

1
security/manager/locales/en-US/chrome/pipnss/pipnss.properties
View File

@ -3,7 +3,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SignedBy=Authenticated by %S
CertPassPrompt=Please enter the master password for the %S.
# the following strings have special requirements:
# they must fit in a 32 or 64 byte buffer after being translated

3
security/manager/locales/en-US/chrome/pipnss/security.properties
View File

@ -1,10 +1,7 @@
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
Title=Security Warning
PostToInsecureFromSecureMessage=Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.##Are you sure you want to continue sending this information?##
SecurityButtonTooltipText=Displays security information about the current page
SecurityButtonMixedContentTooltipText=Warning: Contains unauthenticated content
Continue=Continue

1
security/manager/locales/en-US/chrome/pippki/pippki.properties
View File

@ -3,7 +3,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SignedBy=Authenticated by %S
CertPassPrompt=Please enter the Personal Security Password for the PSM Private Keys security device.
#These are for dialogs

24
security/manager/ssl/src/TransportSecurityInfo.cpp
View File

@ -175,25 +175,6 @@ TransportSecurityInfo::Flush()
return NS_OK;
}
NS_IMETHODIMP
TransportSecurityInfo::GetShortSecurityDescription(PRUnichar** aText)
{
if (mShortDesc.IsEmpty())
*aText = nullptr;
else {
*aText = ToNewUnicode(mShortDesc);
NS_ENSURE_TRUE(*aText, NS_ERROR_OUT_OF_MEMORY);
}
return NS_OK;
}
nsresult
TransportSecurityInfo::SetShortSecurityDescription(const PRUnichar* aText)
{
mShortDesc.Assign(aText);
return NS_OK;
}
NS_IMETHODIMP
TransportSecurityInfo::GetErrorMessage(PRUnichar** aText)
{
@ -358,7 +339,7 @@ TransportSecurityInfo::Write(nsIObjectOutputStream* stream)
uint32_t version = 3;
stream->Write32(version | 0xFFFF0000);
stream->Write32(mSecurityState);
stream->WriteWStringZ(mShortDesc.get());
stream->WriteWStringZ(EmptyString().get());
// XXX: uses nsNSSComponent string bundles off the main thread
nsresult rv = formatErrorMessage(lock,
@ -459,7 +440,8 @@ TransportSecurityInfo::Read(nsIObjectInputStream* stream)
mSecurityState = version;
version = 1;
}
stream->ReadString(mShortDesc);
nsAutoString dummyShortDesc;
stream->ReadString(dummyShortDesc);
stream->ReadString(mErrorMessageCached);
mErrorCode = 0;

1
security/manager/ssl/src/TransportSecurityInfo.h
View File

@ -90,7 +90,6 @@ private:
uint32_t mSecurityState;
int32_t mSubRequestsBrokenSecurity;
int32_t mSubRequestsNoSecurity;
nsString mShortDesc;
PRErrorCode mErrorCode;
::mozilla::psm::SSLErrorMessageType mErrorMessageType;

162
security/manager/ssl/src/nsNSSCallbacks.cpp
View File

@ -826,10 +826,8 @@ PK11PasswordPrompt(PK11SlotInfo* slot, PRBool retry, void* arg)
void HandshakeCallback(PRFileDesc* fd, void* client_data) {
nsNSSShutDownPreventionLock locker;
int32_t sslStatus;
char* signer = nullptr;
char* cipherName = nullptr;
int32_t keyLength;
nsresult rv;
int32_t encryptBits;
nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret;
@ -847,7 +845,7 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
ioLayerHelpers.rememberTolerantSite(infoObject);
if (SECSuccess != SSL_SecurityStatus(fd, &sslStatus, &cipherName, &keyLength,
&encryptBits, &signer, nullptr)) {
&encryptBits, nullptr, nullptr)) {
return;
}
@ -883,116 +881,88 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
}
}
ScopedCERTCertificate serverCert(SSL_PeerCertificate(fd));
const char* caName = nullptr; // caName is a pointer only, no ownership
char* certOrgName = CERT_GetOrgName(&serverCert->issuer);
caName = certOrgName ? certOrgName : signer;
const char* verisignName = "Verisign, Inc.";
// If the CA name is RSA Data Security, then change the name to the real
// name of the company i.e. VeriSign, Inc.
if (nsCRT::strcmp((const char*)caName, "RSA Data Security, Inc.") == 0) {
caName = verisignName;
infoObject->SetSecurityState(secStatus);
/* Set the SSL Status information */
RefPtr<nsSSLStatus> status(infoObject->SSLStatus());
if (!status) {
status = new nsSSLStatus();
infoObject->SetSSLStatus(status);
}
nsAutoString shortDesc;
const PRUnichar* formatStrings[1] = { ToNewUnicode(NS_ConvertUTF8toUTF16(caName)) };
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
if (NS_SUCCEEDED(rv)) {
rv = nssComponent->PIPBundleFormatStringFromName("SignedBy",
formatStrings, 1,
shortDesc);
RememberCertErrorsTable::GetInstance().LookupCertErrorBits(infoObject,
status);
nsMemory::Free(const_cast<PRUnichar*>(formatStrings[0]));
RefPtr<nsNSSCertificate> nssc(nsNSSCertificate::Create(serverCert));
nsCOMPtr<nsIX509Cert> prevcert;
infoObject->GetPreviousCert(getter_AddRefs(prevcert));
nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*) fd->higher->secret;
infoObject->SetSecurityState(secStatus);
infoObject->SetShortSecurityDescription(shortDesc.get());
/* Set the SSL Status information */
RefPtr<nsSSLStatus> status(infoObject->SSLStatus());
if (!status) {
status = new nsSSLStatus();
infoObject->SetSSLStatus(status);
bool equals_previous = false;
if (prevcert && nssc) {
nsresult rv = nssc->Equals(prevcert, &equals_previous);
if (NS_FAILED(rv)) {
equals_previous = false;
}
}
RememberCertErrorsTable::GetInstance().LookupCertErrorBits(infoObject,
status);
if (serverCert) {
RefPtr<nsNSSCertificate> nssc(nsNSSCertificate::Create(serverCert));
nsCOMPtr<nsIX509Cert> prevcert;
infoObject->GetPreviousCert(getter_AddRefs(prevcert));
bool equals_previous = false;
if (prevcert && nssc) {
nsresult rv = nssc->Equals(prevcert, &equals_previous);
if (NS_FAILED(rv)) {
equals_previous = false;
}
}
if (equals_previous) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
("HandshakeCallback using PREV cert %p\n", prevcert.get()));
status->mServerCert = prevcert;
}
else {
if (status->mServerCert) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
("HandshakeCallback KEEPING cert %p\n", status->mServerCert.get()));
}
else {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
("HandshakeCallback using NEW cert %p\n", nssc.get()));
status->mServerCert = nssc;
}
}
if (equals_previous) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
("HandshakeCallback using PREV cert %p\n", prevcert.get()));
status->mServerCert = prevcert;
}
else {
if (status->mServerCert) {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
("HandshakeCallback KEEPING cert %p\n", status->mServerCert.get()));
}
else {
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
("HandshakeCallback using NEW cert %p\n", nssc.get()));
status->mServerCert = nssc;
}
}
status->mHaveKeyLengthAndCipher = true;
status->mKeyLength = keyLength;
status->mSecretKeyLength = encryptBits;
status->mCipherName.Assign(cipherName);
status->mHaveKeyLengthAndCipher = true;
status->mKeyLength = keyLength;
status->mSecretKeyLength = encryptBits;
status->mCipherName.Assign(cipherName);
// Get the NPN value.
SSLNextProtoState state;
unsigned char npnbuf[256];
unsigned int npnlen;
// Get the NPN value.
SSLNextProtoState state;
unsigned char npnbuf[256];
unsigned int npnlen;
if (SSL_GetNextProto(fd, &state, npnbuf, &npnlen, 256) == SECSuccess) {
if (state == SSL_NEXT_PROTO_NEGOTIATED)
infoObject->SetNegotiatedNPN(reinterpret_cast<char *>(npnbuf), npnlen);
else
infoObject->SetNegotiatedNPN(nullptr, 0);
mozilla::Telemetry::Accumulate(Telemetry::SSL_NPN_TYPE, state);
}
if (SSL_GetNextProto(fd, &state, npnbuf, &npnlen, 256) == SECSuccess) {
if (state == SSL_NEXT_PROTO_NEGOTIATED)
infoObject->SetNegotiatedNPN(reinterpret_cast<char *>(npnbuf), npnlen);
else
infoObject->SetNegotiatedNPN(nullptr, 0);
SSLChannelInfo channelInfo;
if (SSL_GetChannelInfo(fd, &channelInfo, sizeof(channelInfo)) == SECSuccess) {
// Get the protocol version for telemetry
// 0=ssl3, 1=tls1, 2=tls1.1, 3=tls1.2
unsigned int versionEnum = channelInfo.protocolVersion & 0xFF;
Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_VERSION, versionEnum);
SSLCipherSuiteInfo cipherInfo;
if (SSL_GetCipherSuiteInfo(channelInfo.cipherSuite, &cipherInfo,
sizeof (cipherInfo)) == SECSuccess) {
// keyExchange null=0, rsa=1, dh=2, fortezza=3, ecdh=4
Telemetry::Accumulate(Telemetry::SSL_KEY_EXCHANGE_ALGORITHM,
cipherInfo.keaType);
}
}
infoObject->SetHandshakeCompleted(isResumedSession);
mozilla::Telemetry::Accumulate(Telemetry::SSL_NPN_TYPE, state);
}
else
infoObject->SetNegotiatedNPN(nullptr, 0);
SSLChannelInfo channelInfo;
if (SSL_GetChannelInfo(fd, &channelInfo, sizeof(channelInfo)) == SECSuccess) {
// Get the protocol version for telemetry
// 0=ssl3, 1=tls1, 2=tls1.1, 3=tls1.2
unsigned int versionEnum = channelInfo.protocolVersion & 0xFF;
Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_VERSION, versionEnum);
SSLCipherSuiteInfo cipherInfo;
if (SSL_GetCipherSuiteInfo(channelInfo.cipherSuite, &cipherInfo,
sizeof (cipherInfo)) == SECSuccess) {
// keyExchange null=0, rsa=1, dh=2, fortezza=3, ecdh=4
Telemetry::Accumulate(Telemetry::SSL_KEY_EXCHANGE_ALGORITHM,
cipherInfo.keaType);
}
}
infoObject->SetHandshakeCompleted(isResumedSession);
PORT_Free(cipherName);
PR_FREEIF(certOrgName);
PR_Free(signer);
}
struct OCSPDefaultResponders {