mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 700659 - Slay nsHashSets in security. r=kaie
This commit is contained in:
Nathan Froyd
parent
6ce6f62be8
commit
46a7258f3c
@ -63,7 +63,6 @@
|
|||||||
|
|
||||||
#include "nsXPIDLString.h"
|
#include "nsXPIDLString.h"
|
||||||
#include "nsReadableUtils.h"
|
#include "nsReadableUtils.h"
|
||||||
#include "nsHashSets.h"
|
|
||||||
#include "nsCRT.h"
|
#include "nsCRT.h"
|
||||||
#include "nsAutoPtr.h"
|
#include "nsAutoPtr.h"
|
||||||
#include "nsPrintfCString.h"
|
#include "nsPrintfCString.h"
|
||||||
@ -1798,7 +1797,7 @@ nsSSLIOLayerHelpers::rememberTolerantSite(nsNSSSocketInfo *socketInfo)
|
|||||||
getSiteKey(socketInfo, key);
|
getSiteKey(socketInfo, key);
|
||||||
|
|
||||||
MutexAutoLock lock(*mutex);
|
MutexAutoLock lock(*mutex);
|
||||||
nsSSLIOLayerHelpers::mTLSTolerantSites->Put(key);
|
nsSSLIOLayerHelpers::mTLSTolerantSites->PutEntry(key);
|
||||||
}
|
}
|
||||||
|
|
||||||
static PRStatus PR_CALLBACK
|
static PRStatus PR_CALLBACK
|
||||||
@ -2139,10 +2138,10 @@ bool nsSSLIOLayerHelpers::nsSSLIOLayerInitialized = false;
|
|||||||
PRDescIdentity nsSSLIOLayerHelpers::nsSSLIOLayerIdentity;
|
PRDescIdentity nsSSLIOLayerHelpers::nsSSLIOLayerIdentity;
|
||||||
PRIOMethods nsSSLIOLayerHelpers::nsSSLIOLayerMethods;
|
PRIOMethods nsSSLIOLayerHelpers::nsSSLIOLayerMethods;
|
||||||
Mutex *nsSSLIOLayerHelpers::mutex = nsnull;
|
Mutex *nsSSLIOLayerHelpers::mutex = nsnull;
|
||||||
nsCStringHashSet *nsSSLIOLayerHelpers::mTLSIntolerantSites = nsnull;
|
nsTHashtable<nsCStringHashKey> *nsSSLIOLayerHelpers::mTLSIntolerantSites = nsnull;
|
||||||
nsCStringHashSet *nsSSLIOLayerHelpers::mTLSTolerantSites = nsnull;
|
nsTHashtable<nsCStringHashKey> *nsSSLIOLayerHelpers::mTLSTolerantSites = nsnull;
|
||||||
nsPSMRememberCertErrorsTable *nsSSLIOLayerHelpers::mHostsWithCertErrors = nsnull;
|
nsPSMRememberCertErrorsTable *nsSSLIOLayerHelpers::mHostsWithCertErrors = nsnull;
|
||||||
nsCStringHashSet *nsSSLIOLayerHelpers::mRenegoUnrestrictedSites = nsnull;
|
nsTHashtable<nsCStringHashKey> *nsSSLIOLayerHelpers::mRenegoUnrestrictedSites = nsnull;
|
||||||
bool nsSSLIOLayerHelpers::mTreatUnsafeNegotiationAsBroken = false;
|
bool nsSSLIOLayerHelpers::mTreatUnsafeNegotiationAsBroken = false;
|
||||||
PRInt32 nsSSLIOLayerHelpers::mWarnLevelMissingRFC5746 = 1;
|
PRInt32 nsSSLIOLayerHelpers::mWarnLevelMissingRFC5746 = 1;
|
||||||
|
|
||||||
@ -2341,13 +2340,13 @@ nsresult nsSSLIOLayerHelpers::Init()
|
|||||||
|
|
||||||
mutex = new Mutex("nsSSLIOLayerHelpers.mutex");
|
mutex = new Mutex("nsSSLIOLayerHelpers.mutex");
|
||||||
|
|
||||||
mTLSIntolerantSites = new nsCStringHashSet();
|
mTLSIntolerantSites = new nsTHashtable<nsCStringHashKey>();
|
||||||
if (!mTLSIntolerantSites)
|
if (!mTLSIntolerantSites)
|
||||||
return NS_ERROR_OUT_OF_MEMORY;
|
return NS_ERROR_OUT_OF_MEMORY;
|
||||||
|
|
||||||
mTLSIntolerantSites->Init(1);
|
mTLSIntolerantSites->Init(1);
|
||||||
|
|
||||||
mTLSTolerantSites = new nsCStringHashSet();
|
mTLSTolerantSites = new nsTHashtable<nsCStringHashKey>();
|
||||||
if (!mTLSTolerantSites)
|
if (!mTLSTolerantSites)
|
||||||
return NS_ERROR_OUT_OF_MEMORY;
|
return NS_ERROR_OUT_OF_MEMORY;
|
||||||
|
|
||||||
@ -2356,7 +2355,7 @@ nsresult nsSSLIOLayerHelpers::Init()
|
|||||||
// the rate of hashtable array reallocation.
|
// the rate of hashtable array reallocation.
|
||||||
mTLSTolerantSites->Init(16);
|
mTLSTolerantSites->Init(16);
|
||||||
|
|
||||||
mRenegoUnrestrictedSites = new nsCStringHashSet();
|
mRenegoUnrestrictedSites = new nsTHashtable<nsCStringHashKey>();
|
||||||
if (!mRenegoUnrestrictedSites)
|
if (!mRenegoUnrestrictedSites)
|
||||||
return NS_ERROR_OUT_OF_MEMORY;
|
return NS_ERROR_OUT_OF_MEMORY;
|
||||||
|
|
||||||
@ -2376,13 +2375,13 @@ void nsSSLIOLayerHelpers::addIntolerantSite(const nsCString &str)
|
|||||||
MutexAutoLock lock(*mutex);
|
MutexAutoLock lock(*mutex);
|
||||||
// Remember intolerant site only if it is not known as tolerant
|
// Remember intolerant site only if it is not known as tolerant
|
||||||
if (!mTLSTolerantSites->Contains(str))
|
if (!mTLSTolerantSites->Contains(str))
|
||||||
nsSSLIOLayerHelpers::mTLSIntolerantSites->Put(str);
|
nsSSLIOLayerHelpers::mTLSIntolerantSites->PutEntry(str);
|
||||||
}
|
}
|
||||||
|
|
||||||
void nsSSLIOLayerHelpers::removeIntolerantSite(const nsCString &str)
|
void nsSSLIOLayerHelpers::removeIntolerantSite(const nsCString &str)
|
||||||
{
|
{
|
||||||
MutexAutoLock lock(*mutex);
|
MutexAutoLock lock(*mutex);
|
||||||
nsSSLIOLayerHelpers::mTLSIntolerantSites->Remove(str);
|
nsSSLIOLayerHelpers::mTLSIntolerantSites->RemoveEntry(str);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool nsSSLIOLayerHelpers::isKnownAsIntolerantSite(const nsCString &str)
|
bool nsSSLIOLayerHelpers::isKnownAsIntolerantSite(const nsCString &str)
|
||||||
@ -2400,7 +2399,7 @@ void nsSSLIOLayerHelpers::setRenegoUnrestrictedSites(const nsCString &str)
|
|||||||
mRenegoUnrestrictedSites = nsnull;
|
mRenegoUnrestrictedSites = nsnull;
|
||||||
}
|
}
|
||||||
|
|
||||||
mRenegoUnrestrictedSites = new nsCStringHashSet();
|
mRenegoUnrestrictedSites = new nsTHashtable<nsCStringHashKey>();
|
||||||
if (!mRenegoUnrestrictedSites)
|
if (!mRenegoUnrestrictedSites)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
@ -2411,7 +2410,7 @@ void nsSSLIOLayerHelpers::setRenegoUnrestrictedSites(const nsCString &str)
|
|||||||
while (toker.hasMoreTokens()) {
|
while (toker.hasMoreTokens()) {
|
||||||
const nsCSubstring &host = toker.nextToken();
|
const nsCSubstring &host = toker.nextToken();
|
||||||
if (!host.IsEmpty()) {
|
if (!host.IsEmpty()) {
|
||||||
mRenegoUnrestrictedSites->Put(host);
|
mRenegoUnrestrictedSites->PutEntry(host);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -59,6 +59,7 @@
|
|||||||
#include "nsAutoPtr.h"
|
#include "nsAutoPtr.h"
|
||||||
#include "nsNSSCertificate.h"
|
#include "nsNSSCertificate.h"
|
||||||
#include "nsDataHashtable.h"
|
#include "nsDataHashtable.h"
|
||||||
|
#include "nsTHashtable.h"
|
||||||
|
|
||||||
namespace mozilla {
|
namespace mozilla {
|
||||||
|
|
||||||
@ -232,8 +233,6 @@ private:
|
|||||||
void destructorSafeDestroyNSSReference();
|
void destructorSafeDestroyNSSReference();
|
||||||
};
|
};
|
||||||
|
|
||||||
class nsCStringHashSet;
|
|
||||||
|
|
||||||
class nsSSLStatus;
|
class nsSSLStatus;
|
||||||
class nsNSSSocketInfo;
|
class nsNSSSocketInfo;
|
||||||
|
|
||||||
@ -270,11 +269,11 @@ public:
|
|||||||
static PRIOMethods nsSSLIOLayerMethods;
|
static PRIOMethods nsSSLIOLayerMethods;
|
||||||
|
|
||||||
static mozilla::Mutex *mutex;
|
static mozilla::Mutex *mutex;
|
||||||
static nsCStringHashSet *mTLSIntolerantSites;
|
static nsTHashtable<nsCStringHashKey> *mTLSIntolerantSites;
|
||||||
static nsCStringHashSet *mTLSTolerantSites;
|
static nsTHashtable<nsCStringHashKey> *mTLSTolerantSites;
|
||||||
static nsPSMRememberCertErrorsTable* mHostsWithCertErrors;
|
static nsPSMRememberCertErrorsTable* mHostsWithCertErrors;
|
||||||
|
|
||||||
static nsCStringHashSet *mRenegoUnrestrictedSites;
|
static nsTHashtable<nsCStringHashKey> *mRenegoUnrestrictedSites;
|
||||||
static bool mTreatUnsafeNegotiationAsBroken;
|
static bool mTreatUnsafeNegotiationAsBroken;
|
||||||
static PRInt32 mWarnLevelMissingRFC5746;
|
static PRInt32 mWarnLevelMissingRFC5746;
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user