Bug 1120393 - Serialize/deserialize nsITransportSecurity.errorCode. r=keeler
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Fri, 16 Jan 2015 21:48:38 +0900
changeset 224244 b6da326356fb42ddeef4becd000a06a5619c8456
parent 224243 b616c5f1c041d0e35bd59c1e898bb0f13c597067
child 224245 48b98d0a4fa480bff7dad3cbe4f38590e9ce3e5f
push id28122
push userkwierso@gmail.com
push dateSat, 17 Jan 2015 01:33:15 +0000
treeherdermozilla-central@369a8f14ccf8 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1120393
milestone38.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1120393 - Serialize/deserialize nsITransportSecurity.errorCode. r=keeler
security/manager/ssl/src/TransportSecurityInfo.cpp
--- a/security/manager/ssl/src/TransportSecurityInfo.cpp
+++ b/security/manager/ssl/src/TransportSecurityInfo.cpp
@@ -17,16 +17,17 @@
 #include "nsIObjectInputStream.h"
 #include "nsIObjectOutputStream.h"
 #include "nsNSSCertHelper.h"
 #include "nsIProgrammingLanguage.h"
 #include "nsIArray.h"
 #include "nsComponentManagerUtils.h"
 #include "nsReadableUtils.h"
 #include "nsServiceManagerUtils.h"
+#include "nsXULAppAPI.h"
 #include "PSMRunnable.h"
 
 #include "secerr.h"
 
 //#define DEBUG_SSL_VERBOSE //Enable this define to get minimal 
                             //reports when doing SSL read/write
                             
 //#define DUMP_BUFFER  //Enable this define along with
@@ -229,21 +230,25 @@ formatOverridableCertErrorMessage(nsISSL
 //      nsNSSSocketInfo::Write().
 nsresult
 TransportSecurityInfo::formatErrorMessage(MutexAutoLock const & proofOfLock, 
                                           PRErrorCode errorCode,
                                           SSLErrorMessageType errorMessageType,
                                           bool wantsHtml, bool suppressPort443, 
                                           nsString &result)
 {
+  result.Truncate();
   if (errorCode == 0) {
-    result.Truncate();
     return NS_OK;
   }
 
+  if (XRE_GetProcessType() != GeckoProcessType_Default) {
+    return NS_ERROR_UNEXPECTED;
+  }
+
   nsresult rv;
   NS_ConvertASCIItoUTF16 hostNameU(mHostName);
   NS_ASSERTION(errorMessageType != OverridableCertErrorMessage || 
                 (mSSLStatus && mSSLStatus->HasServerCert() &&
                  mSSLStatus->mHaveCertErrorBits),
                 "GetErrorLogMessage called for cert error without cert");
   if (errorMessageType == OverridableCertErrorMessage && 
       mSSLStatus && mSSLStatus->HasServerCert()) {
@@ -291,18 +296,18 @@ TransportSecurityInfo::GetInterface(cons
   }
   return rv;
 }
 
 // This is a new magic value. However, it re-uses the first 4 bytes
 // of the previous value. This is so when older versions attempt to
 // read a newer serialized TransportSecurityInfo, they will actually
 // fail and return NS_ERROR_FAILURE instead of silently failing.
-#define TRANSPORTSECURITYINFOMAGIC { 0xa9863a23, 0x328f, 0x45ab, \
-  { 0xa8, 0xa4, 0x35, 0x18, 0x80, 0x04, 0x77, 0x8d } }
+#define TRANSPORTSECURITYINFOMAGIC { 0xa9863a23, 0x1faa, 0x4169, \
+  { 0xb0, 0xd2, 0x81, 0x29, 0xec, 0x7c, 0xb1, 0xde } }
 static NS_DEFINE_CID(kTransportSecurityInfoMagic, TRANSPORTSECURITYINFOMAGIC);
 
 NS_IMETHODIMP
 TransportSecurityInfo::Write(nsIObjectOutputStream* stream)
 {
   nsresult rv = stream->WriteID(kTransportSecurityInfoMagic);
   if (NS_FAILED(rv)) {
     return rv;
@@ -317,22 +322,28 @@ TransportSecurityInfo::Write(nsIObjectOu
   rv = stream->Write32(mSubRequestsBrokenSecurity);
   if (NS_FAILED(rv)) {
     return rv;
   }
   rv = stream->Write32(mSubRequestsNoSecurity);
   if (NS_FAILED(rv)) {
     return rv;
   }
-  // XXX: uses nsNSSComponent string bundles off the main thread
-  rv = formatErrorMessage(lock, mErrorCode, mErrorMessageType, true, true,
-                          mErrorMessageCached);
+  rv = stream->Write32(static_cast<uint32_t>(mErrorCode));
   if (NS_FAILED(rv)) {
     return rv;
   }
+  if (mErrorMessageCached.IsEmpty()) {
+    // XXX: uses nsNSSComponent string bundles off the main thread
+    rv = formatErrorMessage(lock, mErrorCode, mErrorMessageType,
+                            true, true, mErrorMessageCached);
+    if (NS_FAILED(rv)) {
+      return rv;
+    }
+  }
   rv = stream->WriteWStringZ(mErrorMessageCached.get());
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   // For successful connections and for connections with overridable errors,
   // mSSLStatus will be non-null. However, for connections with non-overridable
   // errors, it will be null.
@@ -389,23 +400,29 @@ TransportSecurityInfo::Read(nsIObjectInp
   if (NS_FAILED(rv)) {
     return rv;
   }
   if (subRequestsNoSecurity >
       static_cast<uint32_t>(std::numeric_limits<int32_t>::max())) {
     return NS_ERROR_UNEXPECTED;
   }
   mSubRequestsNoSecurity = subRequestsNoSecurity;
+  uint32_t errorCode;
+  rv = stream->Read32(&errorCode);
+  if (NS_FAILED(rv)) {
+    return rv;
+  }
+  // PRErrorCode will be a negative value
+  mErrorCode = static_cast<PRErrorCode>(errorCode);
+
   rv = stream->ReadString(mErrorMessageCached);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
-  mErrorCode = 0;
-
   // For successful connections and for connections with overridable errors,
   // mSSLStatus will be non-null. For connections with non-overridable errors,
   // it will be null.
   nsCOMPtr<nsISupports> supports;
   rv = NS_ReadOptionalObject(stream, true, getter_AddRefs(supports));
   if (NS_FAILED(rv)) {
     return rv;
   }