Bug 1542835 - Expose SSLChannelInfo.resumed on nsISSLSocketControl, r=keeler,mayhemer
authorMichal Novotny <michal.novotny@gmail.com>
Sat, 13 Apr 2019 09:58:00 +0000
changeset 469399 aad1c782f75344b91db649f459dab7691d6a8942
parent 469398 cade5cf8a0ed653fae2b81f9de8219df426a847c
child 469400 b60534ec20b8bc628b691d72f4c3100b4f31b97f
push id35865
push userapavel@mozilla.com
push dateSat, 13 Apr 2019 21:44:49 +0000
treeherdermozilla-central@2c3837b46068 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler, mayhemer
bugs1542835, 1500533
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1542835 - Expose SSLChannelInfo.resumed on nsISSLSocketControl, r=keeler,mayhemer This patch adds resumed attribute to nsISSLSocketControl, which is needed in tests that check SSL resumption (e.g. bug 1500533). Differential Revision: https://phabricator.services.mozilla.com/D26597
netwerk/socket/nsISSLSocketControl.idl
security/manager/ssl/nsNSSCallbacks.cpp
security/manager/ssl/nsNSSIOLayer.cpp
security/manager/ssl/nsNSSIOLayer.h
--- a/netwerk/socket/nsISSLSocketControl.idl
+++ b/netwerk/socket/nsISSLSocketControl.idl
@@ -168,10 +168,15 @@ interface nsISSLSocketControl : nsISuppo
      */
     attribute ACString esniTxt;
 
     /**
      * If the server certificate is present, serverCertIsBuiltInRoot is true if
      * the root certificate for the server certificate is built in.
      */
     readonly attribute boolean serverRootCertIsBuiltInRoot;
+
+    /**
+     * True iff the connection was resumed using the resumption token.
+     */
+    readonly attribute boolean resumed;
 };
 
--- a/security/manager/ssl/nsNSSCallbacks.cpp
+++ b/security/manager/ssl/nsNSSCallbacks.cpp
@@ -689,16 +689,17 @@ static nsCString getSignatureName(uint32
 static void PreliminaryHandshakeDone(PRFileDesc* fd) {
   nsNSSSocketInfo* infoObject = (nsNSSSocketInfo*)fd->higher->secret;
   if (!infoObject) return;
 
   SSLChannelInfo channelInfo;
   if (SSL_GetChannelInfo(fd, &channelInfo, sizeof(channelInfo)) == SECSuccess) {
     infoObject->SetSSLVersionUsed(channelInfo.protocolVersion);
     infoObject->SetEarlyDataAccepted(channelInfo.earlyDataAccepted);
+    infoObject->SetResumed(channelInfo.resumed);
 
     SSLCipherSuiteInfo cipherInfo;
     if (SSL_GetCipherSuiteInfo(channelInfo.cipherSuite, &cipherInfo,
                                sizeof cipherInfo) == SECSuccess) {
       /* Set the Status information */
       infoObject->mHaveCipherSuiteAndProtocol = true;
       infoObject->mCipherSuite = channelInfo.cipherSuite;
       infoObject->mProtocolVersion = channelInfo.protocolVersion & 0xFF;
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -124,16 +124,17 @@ nsNSSSocketInfo::nsNSSSocketInfo(SharedS
       mFalseStartCallbackCalled(false),
       mFalseStarted(false),
       mIsFullHandshake(false),
       mHandshakeCompleted(false),
       mJoined(false),
       mSentClientCert(false),
       mNotedTimeUntilReady(false),
       mFailedVerification(false),
+      mResumed(false),
       mIsShortWritePending(false),
       mShortWritePendingByte(0),
       mShortWriteOriginalAmount(-1),
       mKEAUsed(nsISSLSocketControl::KEY_EXCHANGE_UNKNOWN),
       mKEAKeyBits(0),
       mSSLVersionUsed(nsISSLSocketControl::SSL_VERSION_UNKNOWN),
       mMACAlgorithmUsed(nsISSLSocketControl::SSL_MAC_UNKNOWN),
       mBypassAuthentication(false),
@@ -369,16 +370,24 @@ nsNSSSocketInfo::GetEarlyDataAccepted(bo
   *aAccepted = mEarlyDataAccepted;
   return NS_OK;
 }
 
 void nsNSSSocketInfo::SetEarlyDataAccepted(bool aAccepted) {
   mEarlyDataAccepted = aAccepted;
 }
 
+NS_IMETHODIMP
+nsNSSSocketInfo::GetResumed(bool* aResumed) {
+  *aResumed = mResumed;
+  return NS_OK;
+}
+
+void nsNSSSocketInfo::SetResumed(bool aResumed) { mResumed = aResumed; }
+
 bool nsNSSSocketInfo::GetDenyClientCert() { return mDenyClientCert; }
 
 void nsNSSSocketInfo::SetDenyClientCert(bool aDenyClientCert) {
   mDenyClientCert = aDenyClientCert;
 }
 
 NS_IMETHODIMP
 nsNSSSocketInfo::DriveHandshake() {
--- a/security/manager/ssl/nsNSSIOLayer.h
+++ b/security/manager/ssl/nsNSSIOLayer.h
@@ -54,16 +54,18 @@ class nsNSSSocketInfo final : public moz
   void SetTLSVersionRange(SSLVersionRange range) { mTLSVersionRange = range; }
   SSLVersionRange GetTLSVersionRange() const { return mTLSVersionRange; };
 
   PRStatus CloseSocketAndDestroy();
 
   void SetNegotiatedNPN(const char* value, uint32_t length);
   void SetEarlyDataAccepted(bool aAccepted);
 
+  void SetResumed(bool aResumed);
+
   void SetHandshakeCompleted();
   bool IsHandshakeCompleted() const { return mHandshakeCompleted; }
   void NoteTimeUntilReady();
 
   void SetFalseStartCallbackCalled() { mFalseStartCallbackCalled = true; }
   void SetFalseStarted() { mFalseStarted = true; }
 
   // Note that this is only valid *during* a handshake; at the end of the
@@ -176,16 +178,17 @@ class nsNSSSocketInfo final : public moz
   bool mFalseStartCallbackCalled;
   bool mFalseStarted;
   bool mIsFullHandshake;
   bool mHandshakeCompleted;
   bool mJoined;
   bool mSentClientCert;
   bool mNotedTimeUntilReady;
   bool mFailedVerification;
+  mozilla::Atomic<bool, mozilla::Relaxed> mResumed;
 
   // True when SSL layer has indicated an "SSL short write", i.e. need
   // to call on send one or more times to push all pending data to write.
   bool mIsShortWritePending;
 
   // These are only valid if mIsShortWritePending is true.
   //
   // Value of the last byte pending from the SSL short write that needs