Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz

2024-09-13 09:24:08 -07:00 · 2015-01-23 06:17:00 +01:00 · 2015-01-23 06:17:00 +01:00 · cd4a17333c
commit cd4a17333c
parent e48aac3863
6 changed files with 31 additions and 33 deletions
--- a/security/certverifier/CertVerifier.cpp
+++ b/security/certverifier/CertVerifier.cpp
@ -32,13 +32,13 @@ namespace mozilla { namespace psm {
 const CertVerifier::Flags CertVerifier::FLAG_LOCAL_ONLY = 1;
 const CertVerifier::Flags CertVerifier::FLAG_MUST_BE_EV = 2;

-CertVerifier::CertVerifier(ocsp_download_config odc,
-                           ocsp_strict_config osc,
-                           ocsp_get_config ogc,
+CertVerifier::CertVerifier(OcspDownloadConfig odc,
+                           OcspStrictConfig osc,
+                           OcspGetConfig ogc,
                           PinningMode pinningMode)
-  : mOCSPDownloadEnabled(odc == ocsp_on)
-  , mOCSPStrict(osc == ocsp_strict)
-  , mOCSPGETEnabled(ogc == ocsp_get_enabled)
+  : mOCSPDownloadEnabled(odc == ocspOn)
+  , mOCSPStrict(osc == ocspStrict)
+  , mOCSPGETEnabled(ogc == ocspGetEnabled)
  , mPinningMode(pinningMode)
 {
 }
@ -205,8 +205,8 @@ CertVerifier::VerifyCert(CERTCertificate* cert, SECCertificateUsage usage,
    : !mOCSPStrict              ? NSSCertDBTrustDomain::FetchOCSPForDVSoftFail
                                : NSSCertDBTrustDomain::FetchOCSPForDVHardFail;

-  ocsp_get_config ocspGETConfig = mOCSPGETEnabled ? ocsp_get_enabled
-                                                  : ocsp_get_disabled;
+  OcspGetConfig ocspGETConfig = mOCSPGETEnabled ? ocspGetEnabled
+                                                : ocspGetDisabled;

  Input stapledOCSPResponseInput;
  const Input* stapledOCSPResponse = nullptr;
--- a/security/certverifier/CertVerifier.h
+++ b/security/certverifier/CertVerifier.h
@ -65,16 +65,14 @@ public:
    pinningEnforceTestMode = 3
  };

-  enum missing_cert_download_config { missing_cert_download_off = 0, missing_cert_download_on };
-  enum crl_download_config { crl_local_only = 0, crl_download_allowed };
-  enum ocsp_download_config { ocsp_off = 0, ocsp_on };
-  enum ocsp_strict_config { ocsp_relaxed = 0, ocsp_strict };
-  enum ocsp_get_config { ocsp_get_disabled = 0, ocsp_get_enabled = 1 };
+  enum OcspDownloadConfig { ocspOff = 0, ocspOn };
+  enum OcspStrictConfig { ocspRelaxed = 0, ocspStrict };
+  enum OcspGetConfig { ocspGetDisabled = 0, ocspGetEnabled = 1 };

  bool IsOCSPDownloadEnabled() const { return mOCSPDownloadEnabled; }

-  CertVerifier(ocsp_download_config odc, ocsp_strict_config osc,
-               ocsp_get_config ogc, PinningMode pinningMode);
+  CertVerifier(OcspDownloadConfig odc, OcspStrictConfig osc,
+               OcspGetConfig ogc, PinningMode pinningMode);
  ~CertVerifier();

  void ClearOCSPCache() { mOCSPCache.Clear(); }
--- a/security/certverifier/NSSCertDBTrustDomain.cpp
+++ b/security/certverifier/NSSCertDBTrustDomain.cpp
@ -54,7 +54,7 @@ NSSCertDBTrustDomain::NSSCertDBTrustDomain(SECTrustType certDBTrustType,
                                           OCSPFetching ocspFetching,
                                           OCSPCache& ocspCache,
             /*optional but shouldn't be*/ void* pinArg,
-                                           CertVerifier::ocsp_get_config ocspGETConfig,
+                                           CertVerifier::OcspGetConfig ocspGETConfig,
                                           CertVerifier::PinningMode pinningMode,
                                           bool forEV,
                              /*optional*/ const char* hostname,
@ -570,7 +570,7 @@ NSSCertDBTrustDomain::CheckRevocation(EndEntityOrCA endEntityOrCA,
    const SECItem* responseSECItem =
      DoOCSPRequest(arena.get(), url, &ocspRequestItem,
                    OCSPFetchingTypeToTimeoutTime(mOCSPFetching),
-                    mOCSPGetConfig == CertVerifier::ocsp_get_enabled);
+                    mOCSPGetConfig == CertVerifier::ocspGetEnabled);
    if (!responseSECItem) {
      rv = MapPRErrorCodeToResult(PR_GetError());
    } else if (response.Init(responseSECItem->data, responseSECItem->len)
--- a/security/certverifier/NSSCertDBTrustDomain.h
+++ b/security/certverifier/NSSCertDBTrustDomain.h
@ -54,7 +54,7 @@ public:

  NSSCertDBTrustDomain(SECTrustType certDBTrustType, OCSPFetching ocspFetching,
                       OCSPCache& ocspCache, void* pinArg,
-                       CertVerifier::ocsp_get_config ocspGETConfig,
+                       CertVerifier::OcspGetConfig ocspGETConfig,
                       CertVerifier::PinningMode pinningMode,
                       bool forEV,
          /*optional*/ const char* hostname = nullptr,
@ -116,7 +116,7 @@ private:
  const OCSPFetching mOCSPFetching;
  OCSPCache& mOCSPCache; // non-owning!
  void* mPinArg; // non-owning!
-  const CertVerifier::ocsp_get_config mOCSPGetConfig;
+  const CertVerifier::OcspGetConfig mOCSPGetConfig;
  CertVerifier::PinningMode mPinningMode;
  const unsigned int mMinimumNonECCBits;
  const char* mHostname; // non-owning - only used for pinning checks
--- a/security/manager/ssl/src/SharedCertVerifier.h
+++ b/security/manager/ssl/src/SharedCertVerifier.h
@ -19,8 +19,8 @@ protected:
 public:
  NS_INLINE_DECL_THREADSAFE_REFCOUNTING(SharedCertVerifier)

-  SharedCertVerifier(ocsp_download_config odc, ocsp_strict_config osc,
-                     ocsp_get_config ogc, PinningMode pinningMode)
+  SharedCertVerifier(OcspDownloadConfig odc, OcspStrictConfig osc,
+                     OcspGetConfig ogc, PinningMode pinningMode)
    : mozilla::psm::CertVerifier(odc, osc, ogc, pinningMode)
  {
  }
--- a/security/manager/ssl/src/nsNSSComponent.cpp
+++ b/security/manager/ssl/src/nsNSSComponent.cpp
@ -183,9 +183,9 @@ bool EnsureNSSInitialized(EnsureNSSOperator op)
 }

 static void
-GetOCSPBehaviorFromPrefs(/*out*/ CertVerifier::ocsp_download_config* odc,
-                         /*out*/ CertVerifier::ocsp_strict_config* osc,
-                         /*out*/ CertVerifier::ocsp_get_config* ogc,
+GetOCSPBehaviorFromPrefs(/*out*/ CertVerifier::OcspDownloadConfig* odc,
+                         /*out*/ CertVerifier::OcspStrictConfig* osc,
+                         /*out*/ CertVerifier::OcspGetConfig* ogc,
                         const MutexAutoLock& /*proofOfLock*/)
 {
  MOZ_ASSERT(NS_IsMainThread());
@ -195,17 +195,17 @@ GetOCSPBehaviorFromPrefs(/*out*/ CertVerifier::ocsp_download_config* odc,

  // 0 = disabled, otherwise enabled
  *odc = Preferences::GetInt("security.OCSP.enabled", 1)
-       ? CertVerifier::ocsp_on
-       : CertVerifier::ocsp_off;
+       ? CertVerifier::ocspOn
+       : CertVerifier::ocspOff;

  *osc = Preferences::GetBool("security.OCSP.require", false)
-       ? CertVerifier::ocsp_strict
-       : CertVerifier::ocsp_relaxed;
+       ? CertVerifier::ocspStrict
+       : CertVerifier::ocspRelaxed;

  // XXX: Always use POST for OCSP; see bug 871954 for undoing this.
  *ogc = Preferences::GetBool("security.OCSP.GET.enabled", false)
-       ? CertVerifier::ocsp_get_enabled
-       : CertVerifier::ocsp_get_disabled;
+       ? CertVerifier::ocspGetEnabled
+       : CertVerifier::ocspGetDisabled;

  SSL_ClearSessionCache();
 }
@ -875,9 +875,9 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting,
    pinningMode = CertVerifier::pinningDisabled;
  }

-  CertVerifier::ocsp_download_config odc;
-  CertVerifier::ocsp_strict_config osc;
-  CertVerifier::ocsp_get_config ogc;
+  CertVerifier::OcspDownloadConfig odc;
+  CertVerifier::OcspStrictConfig osc;
+  CertVerifier::OcspGetConfig ogc;

  GetOCSPBehaviorFromPrefs(&odc, &osc, &ogc, lock);
  mDefaultCertVerifier = new SharedCertVerifier(odc, osc, ogc, pinningMode);