nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Backed out 4 changesets (bug 1510569) for causing build bustage on a CLOSED TREE

Browse source 
Backed out changeset eae555c11f25 (bug 1510569)
Backed out changeset 2fb8938d16db (bug 1510569)
Backed out changeset b480af862022 (bug 1510569)
Backed out changeset 642cd6323cdc (bug 1510569)
This commit is contained in:
Oana Pop Rus 2019-08-21 22:55:43 +03:00
parent cd1c868537
commit 3223cd3dc2
25 changed files with 260 additions and 485 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

1
browser/base/content/test/performance/browser_startup_content.js
View file

@ -49,6 +49,7 @@ const whitelist = {
"resource://gre/modules/ActorManagerChild.jsm",
"resource://gre/modules/E10SUtils.jsm",
"resource://gre/modules/Readerable.jsm",
"resource://gre/modules/WebProgressChild.jsm",
// Telemetry
"resource://gre/modules/TelemetryController.jsm", // bug 1470339

7
devtools/client/responsive/browser/tunnel.js
View file

@ -103,6 +103,7 @@ function tunnelToInnerBrowser(outer, inner) {
onLocationChange: (webProgress, request, location, flags) => {
if (webProgress && webProgress.isTopLevel) {
inner._securityUI = outer._securityUI;
inner._documentURI = outer._documentURI;
inner._documentContentType = outer._documentContentType;
inner._contentTitle = outer._contentTitle;
@ -116,10 +117,6 @@ function tunnelToInnerBrowser(outer, inner) {
}
},
// We do not need an onSecurityChange handler since the remote security UI
// has been copied from the inner (remote) browser to the outer (non-remote)
// browser and they share it.
QueryInterface: ChromeUtils.generateQI([
Ci.nsISupportsWeakReference,
Ci.nsIWebProgressListener,
@ -467,6 +464,8 @@ MessageManagerTunnel.prototype = {
"Link:AddFeed",
"Link:AddSearch",
"PageStyle:StyleSheets",
// Messages sent to RemoteWebProgress.jsm
"Content:SecurityChange",
// Messages sent to browser.js
"DOMTitleChanged",
"ImageDocumentLoaded",

15
dom/interfaces/base/nsIBrowser.idl
View file

@ -5,7 +5,6 @@
interface nsIContentSecurityPolicy;
interface nsIPrincipal;
interface nsITransportSecurityInfo;
interface nsIURI;
interface nsIWebProgress;
interface nsIReferrerInfo;
@ -165,18 +164,4 @@ interface nsIBrowser : nsISupports
in boolean aHasRequestContextID,
in uint64_t aRequestContextID,
in AString aContentType);
/**
* Called by Gecko when a security chang event needs to update the event
* state stored in the security UI object stored in the parent process.
*
* @param aSecurityInfo the transport security information from the content
* process
* @param aState the flags from the OnSecurityChange event that triggered
* this method, as outlined in nsIWebProgressListener
* @param aIsSecureContext whether or not the context is secure
*/
void updateSecurityUIForSecurityChange(in nsITransportSecurityInfo aSecurityInfo,
in uint32_t aState,
in boolean aIsSecureContext);
};

94
dom/ipc/BrowserChild.cpp
View file

@ -526,20 +526,23 @@ nsresult BrowserChild::Init(mozIDOMWindowProxy* aParent,
nsCOMPtr<nsIDocShell> docShell = do_GetInterface(WebNavigation());
MOZ_ASSERT(docShell);
const uint32_t notifyMask =
nsIWebProgress::NOTIFY_STATE_ALL | nsIWebProgress::NOTIFY_PROGRESS |
nsIWebProgress::NOTIFY_STATUS | nsIWebProgress::NOTIFY_LOCATION |
nsIWebProgress::NOTIFY_REFRESH | nsIWebProgress::NOTIFY_CONTENT_BLOCKING;
mStatusFilter = new nsBrowserStatusFilter();
RefPtr<nsIEventTarget> eventTarget =
TabGroup()->EventTargetFor(TaskCategory::Network);
mStatusFilter->SetTarget(eventTarget);
nsresult rv =
mStatusFilter->AddProgressListener(this, nsIWebProgress::NOTIFY_ALL);
nsresult rv = mStatusFilter->AddProgressListener(this, notifyMask);
NS_ENSURE_SUCCESS(rv, rv);
{
nsCOMPtr<nsIWebProgress> webProgress = do_QueryInterface(docShell);
rv = webProgress->AddProgressListener(mStatusFilter,
nsIWebProgress::NOTIFY_ALL);
rv = webProgress->AddProgressListener(mStatusFilter, notifyMask);
NS_ENSURE_SUCCESS(rv, rv);
}
@ -669,7 +672,6 @@ NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(BrowserChild)
NS_INTERFACE_MAP_ENTRY(nsISupportsWeakReference)
NS_INTERFACE_MAP_ENTRY(nsITooltipListener)
NS_INTERFACE_MAP_ENTRY(nsIWebProgressListener)
NS_INTERFACE_MAP_ENTRY(nsIWebProgressListener2)
NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIBrowserChild)
NS_INTERFACE_MAP_END
@ -3592,12 +3594,31 @@ NS_IMETHODIMP BrowserChild::OnLocationChange(nsIWebProgress* aWebProgress,
locationChangeData->charsetAutodetected() =
docShell->GetCharsetAutodetected();
locationChangeData->contentPrincipal() = document->NodePrincipal();
locationChangeData->contentStoragePrincipal() =
document->EffectiveStoragePrincipal();
locationChangeData->csp() = document->GetCsp();
locationChangeData->contentBlockingAllowListPrincipal() =
MOZ_TRY(PrincipalToPrincipalInfo(
document->EffectiveStoragePrincipal(),
&locationChangeData->contentStoragePrincipal(), false));
MOZ_TRY(PrincipalToPrincipalInfo(document->NodePrincipal(),
&locationChangeData->contentPrincipal(),
false));
nsIPrincipal* contentBlockingAllowListPrincipal =
document->GetContentBlockingAllowListPrincipal();
if (contentBlockingAllowListPrincipal) {
PrincipalInfo principalInfo;
MOZ_TRY(PrincipalToPrincipalInfo(contentBlockingAllowListPrincipal,
&principalInfo, false));
locationChangeData->contentBlockingAllowListPrincipal() = principalInfo;
} else {
locationChangeData->contentBlockingAllowListPrincipal() = void_t();
}
if (const nsCOMPtr<nsIContentSecurityPolicy> csp = document->GetCsp()) {
locationChangeData->csp().emplace();
MOZ_TRY(CSPToCSPInfo(csp, &locationChangeData->csp().ref()));
}
locationChangeData->referrerInfo() = document->ReferrerInfo();
locationChangeData->isSyntheticDocument() = document->IsSyntheticDocument();
@ -3659,59 +3680,8 @@ NS_IMETHODIMP BrowserChild::OnStatusChange(nsIWebProgress* aWebProgress,
NS_IMETHODIMP BrowserChild::OnSecurityChange(nsIWebProgress* aWebProgress,
nsIRequest* aRequest,
uint32_t aState) {
if (!IPCOpen() || !mShouldSendWebProgressEventsToParent) {
return NS_OK;
}
Maybe<WebProgressData> webProgressData;
RequestData requestData;
MOZ_TRY(PrepareProgressListenerData(aWebProgress, aRequest, webProgressData,
requestData));
Maybe<WebProgressSecurityChangeData> securityChangeData;
if (aWebProgress && webProgressData->isTopLevel()) {
nsCOMPtr<nsIDocShell> docShell = do_GetInterface(WebNavigation());
if (!docShell) {
return NS_OK;
}
nsCOMPtr<nsITransportSecurityInfo> securityInfo;
{
nsCOMPtr<nsISecureBrowserUI> securityUI;
MOZ_TRY(docShell->GetSecurityUI(getter_AddRefs(securityUI)));
if (securityUI) {
MOZ_TRY(securityUI->GetSecInfo(getter_AddRefs(securityInfo)));
}
}
bool isSecureContext = false;
{
nsCOMPtr<nsPIDOMWindowOuter> outerWindow = do_GetInterface(docShell);
if (!outerWindow) {
return NS_OK;
}
if (nsPIDOMWindowInner* window = outerWindow->GetCurrentInnerWindow()) {
isSecureContext = window->IsSecureContext();
} else {
return NS_OK;
}
}
securityChangeData.emplace();
securityChangeData->securityInfo() = securityInfo.forget();
securityChangeData->isSecureContext() = isSecureContext;
}
Unused << SendOnSecurityChange(webProgressData, requestData, aState,
securityChangeData);
return NS_OK;
return NS_ERROR_NOT_IMPLEMENTED;
}
NS_IMETHODIMP BrowserChild::OnContentBlockingEvent(nsIWebProgress* aWebProgress,
nsIRequest* aRequest,
uint32_t aEvent) {

53
dom/ipc/BrowserParent.cpp
View file

@ -2497,17 +2497,33 @@ mozilla::ipc::IPCResult BrowserParent::RecvOnLocationChange(
aCanGoForward);
if (aWebProgressData && aWebProgressData->isTopLevel()) {
nsCOMPtr<nsIContentSecurityPolicy> csp;
if (aLocationChangeData->csp().isSome()) {
csp = CSPInfoToCSP(aLocationChangeData->csp().ref(), nullptr, nullptr);
}
nsCOMPtr<nsIPrincipal> contentPrincipal =
PrincipalInfoToPrincipal(aLocationChangeData->contentPrincipal());
nsCOMPtr<nsIPrincipal> contentStoragePrincipal = PrincipalInfoToPrincipal(
aLocationChangeData->contentStoragePrincipal());
nsCOMPtr<nsIPrincipal> contentBlockingAllowListPrincipal;
if (aLocationChangeData->contentBlockingAllowListPrincipal().type() ==
OptionalPrincipalInfo::TPrincipalInfo) {
contentBlockingAllowListPrincipal = PrincipalInfoToPrincipal(
aLocationChangeData->contentBlockingAllowListPrincipal()
.get_PrincipalInfo());
}
nsCOMPtr<nsIReferrerInfo> referrerInfo =
aLocationChangeData->referrerInfo();
Unused << browser->SetIsNavigating(aLocationChangeData->isNavigating());
Unused << browser->UpdateForLocationChange(
aLocation, aLocationChangeData->charset(),
aLocationChangeData->mayEnableCharacterEncodingMenu(),
aLocationChangeData->charsetAutodetected(),
aLocationChangeData->documentURI(), aLocationChangeData->title(),
aLocationChangeData->contentPrincipal(),
aLocationChangeData->contentStoragePrincipal(),
aLocationChangeData->contentBlockingAllowListPrincipal(),
aLocationChangeData->csp(), aLocationChangeData->referrerInfo(),
contentPrincipal, contentStoragePrincipal,
contentBlockingAllowListPrincipal, csp, referrerInfo,
aLocationChangeData->isSyntheticDocument(),
aWebProgressData->innerDOMWindowID(),
aLocationChangeData->requestContextID().isSome(),
@ -2545,35 +2561,6 @@ mozilla::ipc::IPCResult BrowserParent::RecvOnStatusChange(
return IPC_OK();
}
mozilla::ipc::IPCResult BrowserParent::RecvOnSecurityChange(
const Maybe<WebProgressData>& aWebProgressData,
const RequestData& aRequestData, const uint32_t aState,
const Maybe<WebProgressSecurityChangeData>& aSecurityChangeData) {
nsCOMPtr<nsIBrowser> browser;
nsCOMPtr<nsIWebProgress> manager;
nsCOMPtr<nsIWebProgressListener> managerAsListener;
if (!GetWebProgressListener(getter_AddRefs(browser), getter_AddRefs(manager),
getter_AddRefs(managerAsListener))) {
return IPC_OK();
}
nsCOMPtr<nsIWebProgress> webProgress;
nsCOMPtr<nsIRequest> request;
ReconstructWebProgressAndRequest(manager, aWebProgressData, aRequestData,
getter_AddRefs(webProgress),
getter_AddRefs(request));
if (aWebProgressData && aWebProgressData->isTopLevel()) {
Unused << browser->UpdateSecurityUIForSecurityChange(
aSecurityChangeData->securityInfo(), aState,
aSecurityChangeData->isSecureContext());
}
Unused << managerAsListener->OnSecurityChange(webProgress, request, aState);
return IPC_OK();
}
mozilla::ipc::IPCResult BrowserParent::RecvOnContentBlockingEvent(
const Maybe<WebProgressData>& aWebProgressData,
const RequestData& aRequestData, const uint32_t& aEvent) {

5
dom/ipc/BrowserParent.h
View file

@ -311,11 +311,6 @@ class BrowserParent final : public PBrowserParent,
const RequestData& aRequestData, const nsresult aStatus,
const nsString& aMessage);
mozilla::ipc::IPCResult RecvOnSecurityChange(
const Maybe<WebProgressData>& aWebProgressData,
const RequestData& aRequestData, const uint32_t aState,
const Maybe<WebProgressSecurityChangeData>& aSecurityChangeData);
mozilla::ipc::IPCResult RecvOnContentBlockingEvent(
const Maybe<WebProgressData>& aWebProgressData,
const RequestData& aRequestData, const uint32_t& aEvent);

21
dom/ipc/PBrowser.ipdl
View file

@ -30,7 +30,6 @@ include PBackgroundSharedTypes;
include "mozilla/GfxMessageUtils.h";
include "mozilla/layers/LayersMessageUtils.h";
include "mozilla/ipc/TransportSecurityInfoUtils.h";
using mozilla::gfx::Matrix4x4 from "mozilla/gfx/Matrix.h";
using mozilla::gfx::MaybeMatrix4x4 from "mozilla/gfx/Matrix.h";
@ -92,7 +91,6 @@ using mozilla::ScrollAxis from "mozilla/PresShellForwards.h";
using mozilla::ScrollFlags from "mozilla/PresShellForwards.h";
using struct InputFormData from "mozilla/dom/SessionStoreMessageUtils.h";
using struct CollectedInputDataValue from "mozilla/dom/SessionStoreMessageUtils.h";
using refcounted class nsITransportSecurityInfo from "nsITransportSecurityInfo.h";
namespace mozilla {
namespace dom {
@ -144,6 +142,7 @@ struct WebProgressStateChangeData
nsIURI documentURI;
};
struct WebProgressLocationChangeData
{
bool isNavigating;
@ -154,20 +153,14 @@ struct WebProgressLocationChangeData
nsString title;
nsString charset;
nsIURI documentURI;
nsIPrincipal contentPrincipal;
nsIPrincipal contentStoragePrincipal;
nsIPrincipal contentBlockingAllowListPrincipal;
nsIContentSecurityPolicy csp;
PrincipalInfo contentPrincipal;
PrincipalInfo contentStoragePrincipal;
OptionalPrincipalInfo contentBlockingAllowListPrincipal;
CSPInfo? csp;
nsIReferrerInfo referrerInfo;
uint64_t? requestContextID;
};
struct WebProgressSecurityChangeData
{
nsITransportSecurityInfo securityInfo;
bool isSecureContext;
};
/**
* A PBrowser manages a maximal locally connected subtree of BrowsingContexts
* in a content process.
@ -607,10 +600,6 @@ parent:
RequestData aRequestData, nsresult aStatus,
nsString aMessage);
async OnSecurityChange(WebProgressData? aWebProgressData,
RequestData aRequestData, uint32_t aState,
WebProgressSecurityChangeData? aSecurityChangeData);
async OnContentBlockingEvent(WebProgressData? aWebProgressData,
RequestData aRequestData, uint32_t aEvent);

112
ipc/glue/TransportSecurityInfoUtils.cpp
View file

@ -1,112 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "TransportSecurityInfoUtils.h"
#include "ipc/IPCMessageUtils.h"
#include "mozilla/psm/TransportSecurityInfo.h"
namespace IPC {
void ParamTraits<nsITransportSecurityInfo*>::Write(
Message* aMsg, nsITransportSecurityInfo* aParam) {
bool nonNull = !!aParam;
WriteParam(aMsg, nonNull);
if (!nonNull) {
return;
}
aParam->SerializeToIPC(aMsg);
}
bool ParamTraits<nsITransportSecurityInfo*>::Read(
const Message* aMsg, PickleIterator* aIter,
RefPtr<nsITransportSecurityInfo>* aResult) {
*aResult = nullptr;
bool nonNull = false;
if (!ReadParam(aMsg, aIter, &nonNull)) {
return false;
}
if (!nonNull) {
return true;
}
RefPtr<nsITransportSecurityInfo> info =
new mozilla::psm::TransportSecurityInfo();
if (!info->DeserializeFromIPC(aMsg, aIter)) {
return false;
}
*aResult = info.forget();
return true;
}
void ParamTraits<nsIX509Cert*>::Write(Message* aMsg, nsIX509Cert* aParam) {
bool nonNull = !!aParam;
WriteParam(aMsg, nonNull);
if (!nonNull) {
return;
}
aParam->SerializeToIPC(aMsg);
}
bool ParamTraits<nsIX509Cert*>::Read(const Message* aMsg, PickleIterator* aIter,
RefPtr<nsIX509Cert>* aResult) {
*aResult = nullptr;
bool nonNull = false;
if (!ReadParam(aMsg, aIter, &nonNull)) {
return false;
}
if (!nonNull) {
return true;
}
RefPtr<nsIX509Cert> cert = new nsNSSCertificate();
if (!cert->DeserializeFromIPC(aMsg, aIter)) {
return false;
}
*aResult = cert.forget();
return true;
}
void ParamTraits<nsIX509CertList*>::Write(Message* aMsg,
nsIX509CertList* aParam) {
bool nonNull = !!aParam;
WriteParam(aMsg, nonNull);
if (!nonNull) {
return;
}
aParam->SerializeToIPC(aMsg);
}
bool ParamTraits<nsIX509CertList*>::Read(const Message* aMsg,
PickleIterator* aIter,
RefPtr<nsIX509CertList>* aResult) {
bool nonNull = false;
if (!ReadParam(aMsg, aIter, &nonNull)) {
return false;
}
if (!nonNull) {
*aResult = nullptr;
return true;
}
RefPtr<nsIX509CertList> certList = new nsNSSCertList();
if (!certList->DeserializeFromIPC(aMsg, aIter)) {
return false;
}
*aResult = certList.forget();
return true;
}
} // namespace IPC

36
ipc/glue/TransportSecurityInfoUtils.h
View file

@ -1,36 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_ipc_TransportSecurityInfoUtils_h
#define mozilla_ipc_TransportSecurityInfoUtils_h
#include "nsCOMPtr.h"
#include "nsITransportSecurityInfo.h"
namespace IPC {
template <>
struct ParamTraits<nsITransportSecurityInfo*> {
static void Write(Message* aMsg, nsITransportSecurityInfo* aParam);
static bool Read(const Message* aMsg, PickleIterator* aIter,
RefPtr<nsITransportSecurityInfo>* aResult);
};
template <>
struct ParamTraits<nsIX509Cert*> {
static void Write(Message* aMsg, nsIX509Cert* aCert);
static bool Read(const Message* aMsg, PickleIterator* aIter,
RefPtr<nsIX509Cert>* aResult);
};
template <>
struct ParamTraits<nsIX509CertList*> {
static void Write(Message* aMsg, nsIX509CertList* aCertList);
static bool Read(const Message* aMsg, PickleIterator* aIter,
RefPtr<nsIX509CertList>* aResult);
};
} // namespace IPC
#endif // mozilla_ipc_TransportSecurityInfoUtils_h

2
ipc/glue/moz.build
View file

@ -47,7 +47,6 @@ EXPORTS.mozilla.ipc += [
'Shmem.h',
'TaskFactory.h',
'Transport.h',
'TransportSecurityInfoUtils.h',
'URIUtils.h',
'WindowsMessageLoop.h',
]
@ -168,7 +167,6 @@ UNIFIED_SOURCES += [
'SharedMemory.cpp',
'Shmem.cpp',
'StringUtil.cpp',
'TransportSecurityInfoUtils.cpp',
'URIUtils.cpp',
]

16
netwerk/socket/nsITransportSecurityInfo.idl
View file

@ -9,16 +9,6 @@
interface nsIX509Cert;
interface nsIX509CertList;
%{ C++
namespace IPC {
class Message;
}
class PickleIterator;
%}
[ptr] native IpcMessagePtr(IPC::Message);
[ptr] native PickleIteratorPtr(PickleIterator);
[builtinclass, scriptable, uuid(216112d3-28bc-4671-b057-f98cc09ba1ea)]
interface nsITransportSecurityInfo : nsISupports {
readonly attribute unsigned long securityState;
@ -81,10 +71,4 @@ interface nsITransportSecurityInfo : nsISupports {
*/
[must_use]
readonly attribute boolean isExtendedValidation;
[notxpcom, noscript]
void SerializeToIPC(in IpcMessagePtr aMsg);
[notxpcom, noscript]
bool DeserializeFromIPC([const] in IpcMessagePtr aMsg, in PickleIteratorPtr aIter);
};

2
security/apps/moz.build
View file

@ -12,8 +12,6 @@ UNIFIED_SOURCES += [
'AppTrustDomain.cpp',
]
include('/ipc/chromium/chromium-config.mozbuild')
FINAL_LIBRARY = 'xul'
LOCAL_INCLUDES += [

2
security/certverifier/moz.build
View file

@ -55,8 +55,6 @@ CXXFLAGS += [
'-Wno-unused-parameter',
]
include('/ipc/chromium/chromium-config.mozbuild')
FINAL_LIBRARY = 'xul'
if CONFIG['CC_TYPE'] == 'clang-cl':

2
security/certverifier/tests/gtest/moz.build
View file

@ -13,6 +13,4 @@ LOCAL_INCLUDES += [
'/security/manager/ssl',
]
include('/ipc/chromium/chromium-config.mozbuild')
FINAL_LIBRARY = 'xul-gtest'

63
security/manager/ssl/TransportSecurityInfo.cpp
View file

@ -8,7 +8,6 @@
#include "DateTimeFormat.h"
#include "PSMRunnable.h"
#include "ipc/IPCMessageUtils.h"
#include "mozilla/Casting.h"
#include "nsComponentManagerUtils.h"
#include "nsIArray.h"
@ -158,8 +157,6 @@ TransportSecurityInfo::GetInterface(const nsIID& uuid, void** result) {
}
static NS_DEFINE_CID(kTransportSecurityInfoMagic, TRANSPORTSECURITYINFOMAGIC);
// NB: Any updates (except disk-only fields) must be kept in sync with
// |SerializeToIPC|.
NS_IMETHODIMP
TransportSecurityInfo::Write(nsIObjectOutputStream* aStream) {
nsresult rv = aStream->WriteID(kTransportSecurityInfoMagic);
@ -384,8 +381,6 @@ nsresult TransportSecurityInfo::ReadSSLStatus(nsIObjectInputStream* aStream) {
return rv;
}
// NB: Any updates (except disk-only fields) must be kept in sync with
// |DeserializeFromIPC|.
NS_IMETHODIMP
TransportSecurityInfo::Read(nsIObjectInputStream* aStream) {
nsID id;
@ -547,64 +542,6 @@ TransportSecurityInfo::Read(nsIObjectInputStream* aStream) {
#undef CHILD_DIAGNOSTIC_ASSERT
void TransportSecurityInfo::SerializeToIPC(IPC::Message* aMsg) {
MutexAutoLock guard(mMutex);
int32_t errorCode = static_cast<int32_t>(mErrorCode);
WriteParam(aMsg, mSecurityState);
WriteParam(aMsg, errorCode);
WriteParam(aMsg, mServerCert);
WriteParam(aMsg, mCipherSuite);
WriteParam(aMsg, mProtocolVersion);
WriteParam(aMsg, mIsDomainMismatch);
WriteParam(aMsg, mIsNotValidAtThisTime);
WriteParam(aMsg, mIsUntrusted);
WriteParam(aMsg, mIsEV);
WriteParam(aMsg, mHasIsEVStatus);
WriteParam(aMsg, mHaveCipherSuiteAndProtocol);
WriteParam(aMsg, mHaveCertErrorBits);
WriteParam(aMsg, mCertificateTransparencyStatus);
WriteParam(aMsg, mKeaGroup);
WriteParam(aMsg, mSignatureSchemeName);
WriteParam(aMsg, mSucceededCertChain);
WriteParam(aMsg, mFailedCertChain);
}
bool TransportSecurityInfo::DeserializeFromIPC(const IPC::Message* aMsg,
PickleIterator* aIter) {
MutexAutoLock guard(mMutex);
int32_t errorCode = 0;
if (!ReadParam(aMsg, aIter, &mSecurityState) ||
!ReadParam(aMsg, aIter, &errorCode) ||
!ReadParam(aMsg, aIter, &mServerCert) ||
!ReadParam(aMsg, aIter, &mCipherSuite) ||
!ReadParam(aMsg, aIter, &mProtocolVersion) ||
!ReadParam(aMsg, aIter, &mIsDomainMismatch) ||
!ReadParam(aMsg, aIter, &mIsNotValidAtThisTime) ||
!ReadParam(aMsg, aIter, &mIsUntrusted) ||
!ReadParam(aMsg, aIter, &mIsEV) ||
!ReadParam(aMsg, aIter, &mHasIsEVStatus) ||
!ReadParam(aMsg, aIter, &mHaveCipherSuiteAndProtocol) ||
!ReadParam(aMsg, aIter, &mHaveCertErrorBits) ||
!ReadParam(aMsg, aIter, &mCertificateTransparencyStatus) ||
!ReadParam(aMsg, aIter, &mKeaGroup) ||
!ReadParam(aMsg, aIter, &mSignatureSchemeName) ||
!ReadParam(aMsg, aIter, &mSucceededCertChain) ||
!ReadParam(aMsg, aIter, &mFailedCertChain)) {
return false;
}
mErrorCode = static_cast<PRErrorCode>(errorCode);
if (mErrorCode != 0) {
mCanceled = true;
}
return true;
}
NS_IMETHODIMP
TransportSecurityInfo::GetInterfaces(nsTArray<nsIID>& array) {
array.Clear();

3
security/manager/ssl/TransportSecurityInfo.h
View file

@ -14,14 +14,13 @@
#include "mozilla/BasePrincipal.h"
#include "mozilla/Mutex.h"
#include "mozilla/RefPtr.h"
#include "mozilla/ipc/TransportSecurityInfoUtils.h"
#include "mozpkix/pkixtypes.h"
#include "nsDataHashtable.h"
#include "nsIClassInfo.h"
#include "nsIInterfaceRequestor.h"
#include "nsITransportSecurityInfo.h"
#include "nsNSSCertificate.h"
#include "nsString.h"
#include "mozpkix/pkixtypes.h"
namespace mozilla {
namespace psm {

1
security/manager/ssl/moz.build
View file

@ -84,7 +84,6 @@ EXPORTS.mozilla += [
EXPORTS.mozilla.psm += [
'PSMContentListener.h',
'TransportSecurityInfo.h',
]
EXPORTS.ipc += [

14
security/manager/ssl/nsIX509Cert.idl
View file

@ -12,18 +12,10 @@ interface nsIASN1Object;
interface nsICertVerificationListener;
%{ C++
namespace IPC {
class Message;
}
class PickleIterator;
/* forward declaration */
typedef struct CERTCertificateStr CERTCertificate;
%}
[ptr] native CERTCertificatePtr(CERTCertificate);
[ptr] native IpcMessagePtr(IPC::Message);
[ptr] native PickleIteratorPtr(PickleIterator);
/**
* This represents a X.509 certificate.
@ -243,10 +235,4 @@ interface nsIX509Cert : nsISupports {
*/
[must_use]
void markForPermDeletion();
[notxpcom, noscript]
void SerializeToIPC(in IpcMessagePtr aMsg);
[notxpcom, noscript]
bool DeserializeFromIPC([const] in IpcMessagePtr aMsg, in PickleIteratorPtr aIter);
};

12
security/manager/ssl/nsIX509CertList.idl
View file

@ -8,16 +8,9 @@ interface nsISimpleEnumerator;
interface nsIX509Cert;
%{C++
namespace IPC {
class Message;
}
class PickleIterator;
class nsNSSCertList;
%}
[ptr] native nsNSSCertListPtr(nsNSSCertList);
[ptr] native IpcMessagePtr(IPC::Message);
[ptr] native PickleIteratorPtr(PickleIterator);
[scriptable, builtinclass, uuid(ae74cda5-cd2f-473f-96f5-f0b7fff62c68)]
interface nsIX509CertList : nsISupports {
@ -49,11 +42,6 @@ interface nsIX509CertList : nsISupports {
[must_use]
ACString asPKCS7Blob();
[notxpcom, noscript]
void SerializeToIPC(in IpcMessagePtr aMsg);
[notxpcom, noscript]
bool DeserializeFromIPC([const] in IpcMessagePtr aMsg, in PickleIteratorPtr aIter);
};
%{C++

76
security/manager/ssl/nsNSSCertificate.cpp
View file

@ -941,8 +941,6 @@ nsNSSCertList::AsPKCS7Blob(/*out*/ nsACString& result) {
return NS_OK;
}
// NB: Any updates (except disk-only fields) must be kept in sync with
// |SerializeToIPC|.
NS_IMETHODIMP
nsNSSCertList::Write(nsIObjectOutputStream* aStream) {
// Write the length of the list
@ -967,8 +965,6 @@ nsNSSCertList::Write(nsIObjectOutputStream* aStream) {
return rv;
}
// NB: Any updates (except disk-only fields) must be kept in sync with
// |DeserializeFromIPC|.
NS_IMETHODIMP
nsNSSCertList::Read(nsIObjectInputStream* aStream) {
uint32_t certListLen;
@ -996,35 +992,6 @@ nsNSSCertList::Read(nsIObjectInputStream* aStream) {
return NS_OK;
}
void nsNSSCertList::SerializeToIPC(IPC::Message* aMsg) {
const size_t certCount = static_cast<size_t>(mCerts.size());
WriteParam(aMsg, certCount);
for (const auto& certRef : mCerts) {
RefPtr<nsIX509Cert> cert = nsNSSCertificate::Create(certRef.get());
MOZ_RELEASE_ASSERT(cert);
WriteParam(aMsg, cert);
}
}
bool nsNSSCertList::DeserializeFromIPC(const IPC::Message* aMsg,
PickleIterator* aIter) {
size_t count = 0;
if (!ReadParam(aMsg, aIter, &count)) {
return false;
}
for (size_t i = 0; i < count; i++) {
RefPtr<nsIX509Cert> cert;
if (!ReadParam(aMsg, aIter, &cert) || !cert || NS_FAILED(AddCert(cert))) {
return false;
}
}
return true;
}
NS_IMETHODIMP
nsNSSCertList::GetEnumerator(nsISimpleEnumerator** _retval) {
nsCOMPtr<nsISimpleEnumerator> enumerator(new nsNSSCertListEnumerator(mCerts));
@ -1230,8 +1197,6 @@ nsNSSCertListEnumerator::GetNext(nsISupports** _retval) {
return NS_OK;
}
// NB: Any updates (except disk-only fields) must be kept in sync with
// |SerializeToIPC|.
NS_IMETHODIMP
nsNSSCertificate::Write(nsIObjectOutputStream* aStream) {
NS_ENSURE_STATE(mCert);
@ -1248,8 +1213,6 @@ nsNSSCertificate::Write(nsIObjectOutputStream* aStream) {
AsBytes(MakeSpan(mCert->derCert.data, mCert->derCert.len)));
}
// NB: Any updates (except disk-only fields) must be kept in sync with
// |DeserializeFromIPC|.
NS_IMETHODIMP
nsNSSCertificate::Read(nsIObjectInputStream* aStream) {
NS_ENSURE_STATE(!mCert);
@ -1280,45 +1243,6 @@ nsNSSCertificate::Read(nsIObjectInputStream* aStream) {
return NS_OK;
}
void nsNSSCertificate::SerializeToIPC(IPC::Message* aMsg) {
bool hasCert = static_cast<bool>(mCert);
WriteParam(aMsg, hasCert);
if (!hasCert) {
return;
}
const nsDependentCSubstring certBytes(
reinterpret_cast<char*>(mCert->derCert.data), mCert->derCert.len);
WriteParam(aMsg, certBytes);
}
bool nsNSSCertificate::DeserializeFromIPC(const IPC::Message* aMsg,
PickleIterator* aIter) {
bool hasCert = false;
if (!ReadParam(aMsg, aIter, &hasCert)) {
return false;
}
if (!hasCert) {
return true;
}
nsCString derBytes;
if (!ReadParam(aMsg, aIter, &derBytes)) {
return false;
}
if (derBytes.Length() == 0) {
return false;
}
// NSS accepts a |char*| here, but doesn't modify the contents of the array
// and casts it back to an |unsigned char*|.
return InitFromDER(const_cast<char*>(derBytes.get()), derBytes.Length());
}
NS_IMETHODIMP
nsNSSCertificate::GetInterfaces(nsTArray<nsIID>& array) {
array.Clear();

6
toolkit/content/browser-child.js
View file

@ -10,6 +10,12 @@ ChromeUtils.defineModuleGetter(
"resource://gre/modules/BrowserUtils.jsm"
);
const { WebProgressChild } = ChromeUtils.import(
"resource://gre/modules/WebProgressChild.jsm"
);
this.WebProgress = new WebProgressChild(this);
try {
docShell
.QueryInterface(Ci.nsIInterfaceRequestor)

12
toolkit/content/widgets/browser-custom-element.js
View file

@ -1264,6 +1264,8 @@
this.messageManager.addMessageListener("DOMTitleChanged", this);
this.messageManager.addMessageListener("ImageDocumentLoaded", this);
// browser-child messages, such as Content:LocationChange, are handled in
// RemoteWebProgress, ensure it is loaded and ready.
let jsm = "resource://gre/modules/RemoteWebProgress.jsm";
let { RemoteWebProgressManager } = ChromeUtils.import(jsm, {});
@ -1512,16 +1514,6 @@
}
}
updateSecurityUIForSecurityChange(aSecurityInfo, aState, aIsSecureContext) {
if (this.isRemoteBrowser && this.messageManager) {
// Invoking this getter triggers the generation of the underlying object,
// which we need to access with ._securityUI, because .securityUI returns
// a wrapper that makes _update inaccessible.
void this.securityUI;
this._securityUI._update(aSecurityInfo, aState, aIsSecureContext);
}
}
updateSecurityUIForContentBlockingEvent(aEvent) {
if (this.isRemoteBrowser && this.messageManager) {
// Invoking this getter triggers the generation of the underlying object,

79
toolkit/modules/RemoteWebProgress.jsm
View file

@ -5,11 +5,17 @@
var EXPORTED_SYMBOLS = ["RemoteWebProgressManager"];
const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
const RemoteWebProgress = Components.Constructor(
"@mozilla.org/dom/remote-web-progress;1",
"nsIRemoteWebProgress",
"init"
);
const RemoteWebProgressRequest = Components.Constructor(
"@mozilla.org/dom/remote-web-progress-request;1",
"nsIRemoteWebProgressRequest",
"init"
);
class RemoteWebProgressManager {
constructor(aBrowser) {
@ -23,7 +29,16 @@ class RemoteWebProgressManager {
}
swapBrowser(aBrowser) {
if (this._messageManager) {
this._messageManager.removeMessageListener(
"Content:SecurityChange",
this
);
}
this._browser = aBrowser;
this._messageManager = aBrowser.messageManager;
this._messageManager.addMessageListener("Content:SecurityChange", this);
}
swapListeners(aOtherRemoteWebProgressManager) {
@ -54,6 +69,20 @@ class RemoteWebProgressManager {
);
}
_fixSecInfo(aSecInfo) {
let deserialized = null;
if (aSecInfo) {
let helper = Cc["@mozilla.org/network/serialization-helper;1"].getService(
Ci.nsISerializationHelper
);
deserialized = helper.deserializeObject(aSecInfo);
deserialized.QueryInterface(Ci.nsITransportSecurityInfo);
}
return deserialized;
}
setCurrentURI(aURI) {
// This function is simpler than nsDocShell::SetCurrentURI since
// it doesn't have to deal with child docshells.
@ -154,6 +183,56 @@ class RemoteWebProgressManager {
aEvent
);
}
receiveMessage(aMessage) {
let json = aMessage.json;
let webProgress = null;
let isTopLevel = json.webProgress && json.webProgress.isTopLevel;
// The top-level WebProgress is always the same, but because we don't
// really have a concept of subframes/content we always create a new object
// for those.
if (json.webProgress) {
webProgress = isTopLevel
? this._topLevelWebProgress
: new RemoteWebProgress(this, isTopLevel);
webProgress.update(
json.webProgress.DOMWindowID,
0,
json.webProgress.loadType,
json.webProgress.isLoadingDocument
);
webProgress.QueryInterface(Ci.nsIWebProgress);
}
// The WebProgressRequest object however is always dynamic.
let request = null;
if (json.requestURI) {
request = new RemoteWebProgressRequest(
Services.io.newURI(json.requestURI),
Services.io.newURI(json.originalRequestURI)
);
request = request.QueryInterface(Ci.nsIRequest);
}
switch (aMessage.name) {
case "Content:SecurityChange":
let state = json.state;
if (isTopLevel) {
let secInfo = this._fixSecInfo(json.secInfo);
let isSecureContext = json.isSecureContext;
// Invoking this getter triggers the generation of the underlying object,
// which we need to access with ._securityUI, because .securityUI returns
// a wrapper that makes _update inaccessible.
void this._browser.securityUI;
this._browser._securityUI._update(secInfo, state, isSecureContext);
}
this.onSecurityChange(webProgress, request, state);
break;
}
}
}
RemoteWebProgressManager.prototype.QueryInterface = ChromeUtils.generateQI([

110
toolkit/modules/WebProgressChild.jsm Normal file
View file

@ -0,0 +1,110 @@
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
"use strict";
var EXPORTED_SYMBOLS = ["WebProgressChild"];
const { XPCOMUtils } = ChromeUtils.import(
"resource://gre/modules/XPCOMUtils.jsm"
);
XPCOMUtils.defineLazyServiceGetter(
this,
"serializationHelper",
"@mozilla.org/network/serialization-helper;1",
"nsISerializationHelper"
);
class WebProgressChild {
constructor(mm) {
this.mm = mm;
// NOTIFY_PROGRESS, NOTIFY_STATE_ALL, NOTIFY_STATUS, NOTIFY_LOCATION, NOTIFY_REFRESH, and
// NOTIFY_CONTENT_BLOCKING are handled by PBrowser.
let notifyCode =
Ci.nsIWebProgress.NOTIFY_ALL &
~Ci.nsIWebProgress.NOTIFY_STATE_ALL &
~Ci.nsIWebProgress.NOTIFY_PROGRESS &
~Ci.nsIWebProgress.NOTIFY_STATUS &
~Ci.nsIWebProgress.NOTIFY_LOCATION &
~Ci.nsIWebProgress.NOTIFY_REFRESH &
~Ci.nsIWebProgress.NOTIFY_CONTENT_BLOCKING;
this._filter = Cc[
"@mozilla.org/appshell/component/browser-status-filter;1"
].createInstance(Ci.nsIWebProgress);
this._filter.addProgressListener(this, notifyCode);
this._filter.target = this.mm.tabEventTarget;
let webProgress = this.mm.docShell
.QueryInterface(Ci.nsIInterfaceRequestor)
.getInterface(Ci.nsIWebProgress);
webProgress.addProgressListener(this._filter, notifyCode);
}
_requestSpec(aRequest, aPropertyName) {
if (!aRequest || !(aRequest instanceof Ci.nsIChannel)) {
return null;
}
return aRequest[aPropertyName].spec;
}
_setupJSON(aWebProgress, aRequest) {
if (aWebProgress) {
let domWindowID = null;
try {
domWindowID = aWebProgress.DOMWindowID;
} catch (e) {
// The DOM Window ID getters above may throw if the inner or outer
// windows aren't created yet or are destroyed at the time we're making
// this call but that isn't fatal so ignore the exceptions here.
}
aWebProgress = {
isTopLevel: aWebProgress.isTopLevel,
isLoadingDocument: aWebProgress.isLoadingDocument,
loadType: aWebProgress.loadType,
DOMWindowID: domWindowID,
};
}
return {
webProgress: aWebProgress || null,
requestURI: this._requestSpec(aRequest, "URI"),
originalRequestURI: this._requestSpec(aRequest, "originalURI"),
};
}
_send(name, data) {
this.mm.sendAsyncMessage(name, data);
}
getSecInfoAsString() {
let secInfo = this.mm.docShell.securityUI.secInfo;
if (secInfo) {
return serializationHelper.serializeToString(secInfo);
}
return null;
}
onSecurityChange(aWebProgress, aRequest, aState) {
let json = this._setupJSON(aWebProgress, aRequest);
json.state = aState;
if (aWebProgress.isTopLevel) {
json.secInfo = this.getSecInfoAsString();
json.isSecureContext = this.mm.content.isSecureContext;
}
this._send("Content:SecurityChange", json);
}
}
WebProgressChild.prototype.QueryInterface = ChromeUtils.generateQI([
"nsIWebProgressListener",
"nsISupportsWeakReference",
]);

1
toolkit/modules/moz.build
View file

@ -229,6 +229,7 @@ EXTRA_JS_MODULES += [
'Troubleshoot.jsm',
'UpdateUtils.jsm',
'WebChannel.jsm',
'WebProgressChild.jsm',
'ZipUtils.jsm',
]