Bug 1935611 - Fix libyuv/libpng link failed for loongarch64. r=glandium,tnikkel,ng
[gecko.git] / security / manager / ssl / CommonSocketControl.h
blobca0bf2bcf7d3a8a274517cec2a82fde45db93e8b
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #ifndef CommonSocketControl_h
8 #define CommonSocketControl_h
10 #include "CertVerifier.h"
11 #include "TransportSecurityInfo.h"
12 #include "mozilla/Maybe.h"
13 #include "mozilla/net/SSLTokensCache.h"
14 #include "nsIInterfaceRequestor.h"
15 #include "nsITLSSocketControl.h"
16 #include "nsSocketTransportService2.h"
18 #if defined(MOZ_DIAGNOSTIC_ASSERT_ENABLED)
19 # include "prthread.h"
20 # define COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD() \
21 MOZ_DIAGNOSTIC_ASSERT(mOwningThread == PR_GetCurrentThread())
22 #else
23 # define COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD() \
24 do { \
25 } while (false)
26 #endif
28 // CommonSocketControl is the base class that implements nsITLSSocketControl.
29 // Various concrete TLS socket control implementations inherit from this class.
30 // Currently these implementations consist of NSSSocketControl (a socket
31 // control for NSS) and QuicSocketControl (a socket control for quic).
32 // NB: these classes must only be used on the socket thread (the one exception
33 // being tests that incidentally use CommonSocketControl on the main thread
34 // (and only the main thread)). This is enforced via the macro
35 // COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD() that should be called at the
36 // beginning of every function in this class and all subclasses.
37 class CommonSocketControl : public nsITLSSocketControl {
38 public:
39 NS_DECL_THREADSAFE_ISUPPORTS
40 NS_DECL_NSITLSSOCKETCONTROL
42 CommonSocketControl(const nsCString& aHostName, int32_t aPort,
43 uint32_t aProviderFlags);
45 // Use "errorCode" 0 to indicate success.
46 virtual void SetCertVerificationResult(PRErrorCode errorCode) {
47 MOZ_ASSERT_UNREACHABLE("Subclasses must override this.");
50 const nsACString& GetHostName() {
51 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
52 return mHostName;
54 int32_t GetPort() {
55 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
56 return mPort;
58 void SetMadeOCSPRequests(bool aMadeOCSPRequests) {
59 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
60 mMadeOCSPRequests = aMadeOCSPRequests;
62 bool GetMadeOCSPRequests() {
63 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
64 return mMadeOCSPRequests;
66 void SetUsedPrivateDNS(bool aUsedPrivateDNS) {
67 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
68 mUsedPrivateDNS = aUsedPrivateDNS;
70 bool GetUsedPrivateDNS() {
71 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
72 return mUsedPrivateDNS;
75 void SetServerCert(const nsCOMPtr<nsIX509Cert>& aServerCert,
76 mozilla::psm::EVStatus aEVStatus);
77 already_AddRefed<nsIX509Cert> GetServerCert() {
78 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
79 return do_AddRef(mServerCert);
81 bool HasServerCert() {
82 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
83 return mServerCert != nullptr;
85 void SetStatusErrorBits(const nsCOMPtr<nsIX509Cert>& cert,
86 nsITransportSecurityInfo::OverridableErrorCategory
87 overridableErrorCategory);
88 bool HasUserOverriddenCertificateError() {
89 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
90 return mOverridableErrorCategory.isSome() &&
91 *mOverridableErrorCategory !=
92 nsITransportSecurityInfo::OverridableErrorCategory::ERROR_UNSET;
94 void SetSucceededCertChain(nsTArray<nsTArray<uint8_t>>&& certList);
95 void SetFailedCertChain(nsTArray<nsTArray<uint8_t>>&& certList);
96 void SetIsBuiltCertChainRootBuiltInRoot(
97 bool aIsBuiltCertChainRootBuiltInRoot) {
98 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
99 mIsBuiltCertChainRootBuiltInRoot = aIsBuiltCertChainRootBuiltInRoot;
101 void SetCertificateTransparencyStatus(
102 uint16_t aCertificateTransparencyStatus) {
103 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
104 mCertificateTransparencyStatus = aCertificateTransparencyStatus;
106 void SetOriginAttributes(const mozilla::OriginAttributes& aOriginAttributes) {
107 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
108 mOriginAttributes = aOriginAttributes;
110 mozilla::OriginAttributes& GetOriginAttributes() {
111 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
112 return mOriginAttributes;
115 void SetSecurityState(uint32_t aSecurityState) {
116 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
117 mSecurityState = aSecurityState;
119 void SetResumed(bool aResumed) {
120 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
121 mResumed = aResumed;
124 uint32_t GetProviderFlags() const {
125 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
126 return mProviderFlags;
128 void SetSSLVersionUsed(uint16_t version) {
129 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
130 mSSLVersionUsed = version;
132 void SetSessionCacheInfo(mozilla::net::SessionCacheInfo&& aInfo) {
133 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
134 mSessionCacheInfo.reset();
135 mSessionCacheInfo.emplace(std::move(aInfo));
137 void RebuildCertificateInfoFromSSLTokenCache();
138 void SetCanceled(PRErrorCode errorCode);
139 bool IsCanceled() {
140 COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
141 return mCanceled;
143 int32_t GetErrorCode();
145 protected:
146 virtual ~CommonSocketControl() = default;
148 nsCString mHostName;
149 int32_t mPort;
150 mozilla::OriginAttributes mOriginAttributes;
152 bool mCanceled;
153 mozilla::Maybe<mozilla::net::SessionCacheInfo> mSessionCacheInfo;
154 bool mHandshakeCompleted;
155 bool mJoined;
156 bool mSentClientCert;
157 bool mFailedVerification;
158 uint16_t mSSLVersionUsed;
159 uint32_t mProviderFlags;
161 // Fields used to build a TransportSecurityInfo
162 uint32_t mSecurityState;
163 PRErrorCode mErrorCode;
164 // Peer cert chain for failed connections.
165 nsTArray<RefPtr<nsIX509Cert>> mFailedCertChain;
166 nsCOMPtr<nsIX509Cert> mServerCert;
167 nsTArray<RefPtr<nsIX509Cert>> mSucceededCertChain;
168 mozilla::Maybe<uint16_t> mCipherSuite;
169 mozilla::Maybe<nsCString> mKeaGroupName;
170 mozilla::Maybe<nsCString> mSignatureSchemeName;
171 mozilla::Maybe<uint16_t> mProtocolVersion;
172 uint16_t mCertificateTransparencyStatus;
173 mozilla::Maybe<bool> mIsAcceptedEch;
174 mozilla::Maybe<bool> mIsDelegatedCredential;
175 mozilla::Maybe<nsITransportSecurityInfo::OverridableErrorCategory>
176 mOverridableErrorCategory;
177 bool mMadeOCSPRequests;
178 bool mUsedPrivateDNS;
179 mozilla::Maybe<bool> mIsEV;
180 bool mNPNCompleted;
181 nsCString mNegotiatedNPN;
182 bool mResumed;
183 bool mIsBuiltCertChainRootBuiltInRoot;
184 nsCString mPeerId;
186 #if defined(MOZ_DIAGNOSTIC_ASSERT_ENABLED)
187 const PRThread* mOwningThread;
188 #endif
191 #endif // CommonSocketControl_h