diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-06-20 19:11:09 +0200 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-06-20 19:14:58 +0200 |
commit | 7d3b69729b68d80e7b301e7e1fd05e68e13cc133 (patch) | |
tree | c54c93de5921a6abd0439affbbc878ed9f6e43da /netwerk/base | |
parent | 5c0b3b7d3224778c9421f8dcd7f8dd1d09f62675 (diff) | |
download | UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar.gz UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar.lz UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar.xz UXP-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.zip |
Fix SSL status ambiguity.
- Adds CipherSuite string with the full suite
- Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.
Diffstat (limited to 'netwerk/base')
-rw-r--r-- | netwerk/base/TLSServerSocket.cpp | 10 | ||||
-rw-r--r-- | netwerk/base/TLSServerSocket.h | 1 | ||||
-rw-r--r-- | netwerk/base/nsITLSServerSocket.idl | 12 |
3 files changed, 20 insertions, 3 deletions
diff --git a/netwerk/base/TLSServerSocket.cpp b/netwerk/base/TLSServerSocket.cpp index b32a9a188..257a7f5da 100644 --- a/netwerk/base/TLSServerSocket.cpp +++ b/netwerk/base/TLSServerSocket.cpp @@ -419,6 +419,13 @@ TLSServerConnectionInfo::GetCipherName(nsACString& aCipherName) } NS_IMETHODIMP +TLSServerConnectionInfo::GetCipherSuite(nsACString& aCipherSuite) +{ + aCipherSuite.Assign(mCipherSuite); + return NS_OK; +} + +NS_IMETHODIMP TLSServerConnectionInfo::GetKeyLength(uint32_t* aKeyLength) { if (NS_WARN_IF(!aKeyLength)) { @@ -490,7 +497,8 @@ TLSServerConnectionInfo::HandshakeCallback(PRFileDesc* aFD) if (NS_FAILED(rv)) { return rv; } - mCipherName.Assign(cipherInfo.cipherSuiteName); + mCipherName.Assign(cipherInfo.symCipherName); + mCipherSuite.Assign(cipherInfo.cipherSuiteName); mKeyLength = cipherInfo.effectiveKeyBits; mMacLength = cipherInfo.macBits; diff --git a/netwerk/base/TLSServerSocket.h b/netwerk/base/TLSServerSocket.h index 9fb57e0cc..fd47fc918 100644 --- a/netwerk/base/TLSServerSocket.h +++ b/netwerk/base/TLSServerSocket.h @@ -68,6 +68,7 @@ private: nsCOMPtr<nsIX509Cert> mPeerCert; int16_t mTlsVersionUsed; nsCString mCipherName; + nsCString mCipherSuite; uint32_t mKeyLength; uint32_t mMacLength; // lock protects access to mSecurityObserver diff --git a/netwerk/base/nsITLSServerSocket.idl b/netwerk/base/nsITLSServerSocket.idl index 9a03c2ead..57485357f 100644 --- a/netwerk/base/nsITLSServerSocket.idl +++ b/netwerk/base/nsITLSServerSocket.idl @@ -94,7 +94,7 @@ interface nsITLSServerSocket : nsIServerSocket * method of the security observer has been called (see * |nsITLSServerSecurityObserver| below). */ -[scriptable, uuid(19668ea4-e5ad-4182-9698-7e890d48f327)] +[scriptable, uuid(205e273d-2439-449b-bfc5-fc555c87dbc4)] interface nsITLSClientStatus : nsISupports { /** @@ -125,11 +125,19 @@ interface nsITLSClientStatus : nsISupports /** * cipherName * + * Name of the symetric cipher used, such as + * "AES-GCM" or "CAMELLIA". + */ + readonly attribute ACString cipherName; + + /** + * cipherSuite + * * Name of the cipher suite used, such as * "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256". * See security/nss/lib/ssl/sslinfo.c for the possible values. */ - readonly attribute ACString cipherName; + readonly attribute ACString cipherSuite; /** * keyLength |