diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-06-20 19:11:09 +0200 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-06-20 19:14:58 +0200 |
commit | 7d3b69729b68d80e7b301e7e1fd05e68e13cc133 (patch) | |
tree | c54c93de5921a6abd0439affbbc878ed9f6e43da /security | |
parent | 5c0b3b7d3224778c9421f8dcd7f8dd1d09f62675 (diff) | |
download | UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar.gz UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar.lz UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar.xz UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.zip |
Fix SSL status ambiguity.
- Adds CipherSuite string with the full suite
- Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.
Diffstat (limited to 'security')
-rw-r--r-- | security/manager/ssl/TransportSecurityInfo.cpp | 4 | ||||
-rw-r--r-- | security/manager/ssl/nsISSLStatus.idl | 3 | ||||
-rw-r--r-- | security/manager/ssl/nsSSLStatus.cpp | 19 | ||||
-rw-r--r-- | security/manager/ssl/nsSSLStatus.h | 5 |
4 files changed, 25 insertions, 6 deletions
diff --git a/security/manager/ssl/TransportSecurityInfo.cpp b/security/manager/ssl/TransportSecurityInfo.cpp index 101e2332c..fe39f4017 100644 --- a/security/manager/ssl/TransportSecurityInfo.cpp +++ b/security/manager/ssl/TransportSecurityInfo.cpp @@ -304,8 +304,8 @@ TransportSecurityInfo::GetInterface(const nsIID & uuid, void * *result) // of the previous value. This is so when older versions attempt to // read a newer serialized TransportSecurityInfo, they will actually // fail and return NS_ERROR_FAILURE instead of silently failing. -#define TRANSPORTSECURITYINFOMAGIC { 0xa9863a23, 0x1faa, 0x4169, \ - { 0xb0, 0xd2, 0x81, 0x29, 0xec, 0x7c, 0xb1, 0xde } } +#define TRANSPORTSECURITYINFOMAGIC { 0xa9863a23, 0xa940, 0x4002, \ + { 0x94, 0x3c, 0x43, 0xc4, 0x67, 0x38, 0x8f, 0x3d } } static NS_DEFINE_CID(kTransportSecurityInfoMagic, TRANSPORTSECURITYINFOMAGIC); NS_IMETHODIMP diff --git a/security/manager/ssl/nsISSLStatus.idl b/security/manager/ssl/nsISSLStatus.idl index 52cb1df30..d8b5c2164 100644 --- a/security/manager/ssl/nsISSLStatus.idl +++ b/security/manager/ssl/nsISSLStatus.idl @@ -8,11 +8,12 @@ interface nsIX509Cert; -[scriptable, uuid(fa9ba95b-ca3b-498a-b889-7c79cf28fee8)] +[scriptable, uuid(5415626b-2930-440e-bfc5-55c87dbc4511)] interface nsISSLStatus : nsISupports { readonly attribute nsIX509Cert serverCert; readonly attribute ACString cipherName; + readonly attribute ACString cipherSuite; readonly attribute unsigned long keyLength; readonly attribute unsigned long secretKeyLength; [must_use] diff --git a/security/manager/ssl/nsSSLStatus.cpp b/security/manager/ssl/nsSSLStatus.cpp index 7f9915cb2..b2453d271 100644 --- a/security/manager/ssl/nsSSLStatus.cpp +++ b/security/manager/ssl/nsSSLStatus.cpp @@ -72,7 +72,24 @@ nsSSLStatus::GetCipherName(nsACString& aCipherName) return NS_ERROR_FAILURE; } - aCipherName.Assign(cipherInfo.cipherSuiteName); + aCipherName.Assign(cipherInfo.symCipherName); + return NS_OK; +} + +NS_IMETHODIMP +nsSSLStatus::GetCipherSuite(nsACString& aCipherSuite) +{ + if (!mHaveCipherSuiteAndProtocol) { + return NS_ERROR_NOT_AVAILABLE; + } + + SSLCipherSuiteInfo cipherInfo; + if (SSL_GetCipherSuiteInfo(mCipherSuite, &cipherInfo, + sizeof(cipherInfo)) != SECSuccess) { + return NS_ERROR_FAILURE; + } + + aCipherSuite.Assign(cipherInfo.cipherSuiteName); return NS_OK; } diff --git a/security/manager/ssl/nsSSLStatus.h b/security/manager/ssl/nsSSLStatus.h index 74f9d0f01..acba1cb30 100644 --- a/security/manager/ssl/nsSSLStatus.h +++ b/security/manager/ssl/nsSSLStatus.h @@ -69,8 +69,9 @@ private: nsCOMPtr<nsIX509Cert> mServerCert; }; +// 600cd77a-e45c-4184-bfc5-55c87dbc4511 #define NS_SSLSTATUS_CID \ -{ 0xe2f14826, 0x9e70, 0x4647, \ - { 0xb2, 0x3f, 0x10, 0x10, 0xf5, 0x12, 0x46, 0x28 } } +{ 0x600cd77a, 0xe45c, 0x4184, \ + { 0xbf, 0xc5, 0x55, 0xc8, 0x7d, 0xbc, 0x45, 0x11 } } #endif |