From 39c828fdf2704e23461de9f73e2f535d1f12ef7d Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 13 May 2015 18:02:56 -0700 Subject: [PATCH] Bug 1164373 - Remove two static constructors involving PR_NewLogModule(). r=froydnj. --- netwerk/dns/GetAddrInfo.cpp | 13 ++++++-- .../boot/src/PublicKeyPinningService.cpp | 33 +++++++++++-------- .../src/RootCertificateTelemetryUtils.cpp | 15 ++++++--- 3 files changed, 39 insertions(+), 22 deletions(-) diff --git a/netwerk/dns/GetAddrInfo.cpp b/netwerk/dns/GetAddrInfo.cpp index 41cb4767731..458e8fd369b 100644 --- a/netwerk/dns/GetAddrInfo.cpp +++ b/netwerk/dns/GetAddrInfo.cpp @@ -23,11 +23,18 @@ #endif #include "prlog.h" -static PRLogModuleInfo *gGetAddrInfoLog = PR_NewLogModule("GetAddrInfo"); + +static PRLogModuleInfo* +GetAddrInfoLog() +{ + static PRLogModuleInfo* sGetAddrInfoLog = PR_NewLogModule("GetAddrInfo"); + return sGetAddrInfoLog; +} + #define LOG(msg, ...) \ - PR_LOG(gGetAddrInfoLog, PR_LOG_DEBUG, ("[DNS]: " msg, ##__VA_ARGS__)) + PR_LOG(GetAddrInfoLog(), PR_LOG_DEBUG, ("[DNS]: " msg, ##__VA_ARGS__)) #define LOG_WARNING(msg, ...) \ - PR_LOG(gGetAddrInfoLog, PR_LOG_WARNING, ("[DNS]: " msg, ##__VA_ARGS__)) + PR_LOG(GetAddrInfoLog(), PR_LOG_WARNING, ("[DNS]: " msg, ##__VA_ARGS__)) #if DNSQUERY_AVAILABLE // There is a bug in windns.h where the type of parameter ppQueryResultsSet for diff --git a/security/manager/boot/src/PublicKeyPinningService.cpp b/security/manager/boot/src/PublicKeyPinningService.cpp index bbdb3319fa1..afa08369a6e 100644 --- a/security/manager/boot/src/PublicKeyPinningService.cpp +++ b/security/manager/boot/src/PublicKeyPinningService.cpp @@ -23,8 +23,13 @@ using namespace mozilla; using namespace mozilla::pkix; using namespace mozilla::psm; -PRLogModuleInfo* gPublicKeyPinningLog = - PR_NewLogModule("PublicKeyPinningService"); +static PRLogModuleInfo* +PublicKeyPinningLog() +{ + static PRLogModuleInfo* sPublicKeyPinningLog = + PR_NewLogModule("PublicKeyPinningService"); + return sPublicKeyPinningLog; +} /** Computes in the location specified by base64Out the SHA256 digest @@ -59,7 +64,7 @@ EvalCertWithHashType(const CERTCertificate* cert, SECOidTag hashType, { certMatchesPinset = false; if (!fingerprints && !dynamicFingerprints) { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: No hashes found for hash type: %d\n", hashType)); return NS_ERROR_INVALID_ARG; } @@ -67,7 +72,7 @@ EvalCertWithHashType(const CERTCertificate* cert, SECOidTag hashType, nsAutoCString base64Out; nsresult rv = GetBase64HashSPKI(cert, hashType, base64Out); if (NS_FAILED(rv)) { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: GetBase64HashSPKI failed!\n")); return rv; } @@ -75,7 +80,7 @@ EvalCertWithHashType(const CERTCertificate* cert, SECOidTag hashType, if (fingerprints) { for (size_t i = 0; i < fingerprints->size; i++) { if (base64Out.Equals(fingerprints->data[i])) { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: found pin base_64 ='%s'\n", base64Out.get())); certMatchesPinset = true; return NS_OK; @@ -85,7 +90,7 @@ EvalCertWithHashType(const CERTCertificate* cert, SECOidTag hashType, if (dynamicFingerprints) { for (size_t i = 0; i < dynamicFingerprints->Length(); i++) { if (base64Out.Equals((*dynamicFingerprints)[i])) { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: found pin base_64 ='%s'\n", base64Out.get())); certMatchesPinset = true; return NS_OK; @@ -126,9 +131,9 @@ EvalChainWithHashType(const CERTCertList* certList, SECOidTag hashType, for (node = CERT_LIST_HEAD(certList); !CERT_LIST_END(node, certList); node = CERT_LIST_NEXT(node)) { currentCert = node->cert; - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: certArray subject: '%s'\n", currentCert->subjectName)); - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: certArray issuer: '%s'\n", currentCert->issuerName)); nsresult rv = EvalCertWithHashType(currentCert, hashType, fingerprints, dynamicFingerprints, @@ -140,7 +145,7 @@ EvalChainWithHashType(const CERTCertList* certList, SECOidTag hashType, return NS_OK; } } - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, ("pkpin: no matches found\n")); + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: no matches found\n")); return NS_OK; } @@ -212,7 +217,7 @@ FindPinningInformation(const char* hostname, mozilla::pkix::Time time, char *evalPart; // Notice how the (xx = strchr) prevents pins for unqualified domain names. while (!foundEntry && (evalPart = strchr(evalHost, '.'))) { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: Querying pinsets for host: '%s'\n", evalHost)); // Attempt dynamic pins first nsresult rv; @@ -225,7 +230,7 @@ FindPinningInformation(const char* hostname, mozilla::pkix::Time time, return rv; } if (found && (evalHost == hostname || includeSubdomains)) { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: Found dyn match for host: '%s'\n", evalHost)); dynamicFingerprints = pinArray; return NS_OK; @@ -237,7 +242,7 @@ FindPinningInformation(const char* hostname, mozilla::pkix::Time time, sizeof(TransportSecurityPreload), TransportSecurityPreloadCompare); if (foundEntry) { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: Found pinset for host: '%s'\n", evalHost)); if (evalHost != hostname) { if (!foundEntry->mIncludeSubdomains) { @@ -246,7 +251,7 @@ FindPinningInformation(const char* hostname, mozilla::pkix::Time time, } } } else { - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: Didn't find pinset for host: '%s'\n", evalHost)); } // Add one for '.' @@ -335,7 +340,7 @@ CheckPinsForHostname(const CERTCertList* certList, const char* hostname, } } - PR_LOG(gPublicKeyPinningLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningLog(), PR_LOG_DEBUG, ("pkpin: Pin check %s for %s host '%s' (mode=%s)\n", enforceTestModeResult ? "passed" : "failed", staticFingerprints->mIsMoz ? "mozilla" : "non-mozilla", diff --git a/security/manager/boot/src/RootCertificateTelemetryUtils.cpp b/security/manager/boot/src/RootCertificateTelemetryUtils.cpp index 6addc4fa044..c474f1ab96b 100644 --- a/security/manager/boot/src/RootCertificateTelemetryUtils.cpp +++ b/security/manager/boot/src/RootCertificateTelemetryUtils.cpp @@ -17,10 +17,15 @@ #define UNKNOWN_ROOT 0 #define HASH_FAILURE -1 -namespace mozilla { namespace psm { +namespace mozilla { namespace psm { -PRLogModuleInfo* gPublicKeyPinningTelemetryLog = - PR_NewLogModule("PublicKeyPinningTelemetryService"); +static PRLogModuleInfo* +PublicKeyPinningTelemetryLog() +{ + static PRLogModuleInfo* sPublicKeyPinningTelemetryLog = + PR_NewLogModule("PublicKeyPinningTelemetryService"); + return sPublicKeyPinningTelemetryLog; +} // Used in the BinarySearch method, this does a memcmp between the pointer // provided to its construtor and whatever the binary search is looking for. @@ -60,7 +65,7 @@ RootCABinNumber(const SECItem* cert) // Compare against list of stored hashes size_t idx; - PR_LOG(gPublicKeyPinningTelemetryLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningTelemetryLog(), PR_LOG_DEBUG, ("pkpinTelem: First bytes %02hx %02hx %02hx %02hx\n", digest.get().data[0], digest.get().data[1], digest.get().data[2], digest.get().data[3])); @@ -69,7 +74,7 @@ RootCABinNumber(const SECItem* cert) reinterpret_cast(digest.get().data), digest.get().len), &idx)) { - PR_LOG(gPublicKeyPinningTelemetryLog, PR_LOG_DEBUG, + PR_LOG(PublicKeyPinningTelemetryLog(), PR_LOG_DEBUG, ("pkpinTelem: Telemetry index was %lu, bin is %d\n", idx, ROOT_TABLE[idx].binNumber)); return (int32_t) ROOT_TABLE[idx].binNumber;