Bug 1368107 - Make SSLErrorMessageType an enum class. r?keeler draft
authorCykesiopka <cykesiopka.bmo@gmail.com>
Sat, 27 May 2017 01:10:39 +0800
changeset 585203 5c9b7fbfde99cbad377f127be1f891248ab1d0a9
parent 585202 c890f24fe4572a45fab19499b1975516f6ae0f04
child 630668 a150e1ae9fb7826f5b401c3968dd3354fbf9853b
push id61050
push usercykesiopka.bmo@gmail.com
push dateFri, 26 May 2017 17:11:08 +0000
reviewerskeeler
bugs1368107
milestone55.0a1
Bug 1368107 - Make SSLErrorMessageType an enum class. r?keeler Enum classes are safer and nicer. MozReview-Commit-ID: FDT3Gb1t9w1
security/manager/ssl/SSLServerCertVerification.cpp
security/manager/ssl/TransportSecurityInfo.cpp
security/manager/ssl/TransportSecurityInfo.h
security/manager/ssl/nsNSSIOLayer.cpp
--- a/security/manager/ssl/SSLServerCertVerification.cpp
+++ b/security/manager/ssl/SSLServerCertVerification.cpp
@@ -224,17 +224,17 @@ class SSLServerCertVerificationResult : 
 public:
   NS_DECL_NSIRUNNABLE
 
   SSLServerCertVerificationResult(nsNSSSocketInfo* infoObject,
                                   PRErrorCode errorCode,
                                   Telemetry::HistogramID telemetryID = Telemetry::HistogramCount,
                                   uint32_t telemetryValue = -1,
                                   SSLErrorMessageType errorMessageType =
-                                      PlainErrorMessage);
+                                    SSLErrorMessageType::Plain);
 
   void Dispatch();
 private:
   const RefPtr<nsNSSSocketInfo> mInfoObject;
 public:
   const PRErrorCode mErrorCode;
   const SSLErrorMessageType mErrorMessageType;
   const Telemetry::HistogramID mTelemetryID;
@@ -636,17 +636,17 @@ CertErrorRunnable::CheckCertOverrides()
                                 : mErrorCodeTime     ? mErrorCodeTime
                                 : mDefaultErrorCodeToReport;
 
   SSLServerCertVerificationResult* result =
     new SSLServerCertVerificationResult(mInfoObject,
                                         errorCodeToReport,
                                         Telemetry::HistogramCount,
                                         -1,
-                                        OverridableCertErrorMessage);
+                                        SSLErrorMessageType::OverridableCert);
 
   LogInvalidCertError(mInfoObject,
                       result->mErrorCode,
                       result->mErrorMessageType);
 
   return result;
 }
 
@@ -1790,17 +1790,17 @@ AuthCertificateHook(void* arg, PRFileDes
         return SECFailure;
       }
 
       if (runnable->mResult->mErrorCode == 0) {
         return SECSuccess; // cert error override occurred.
       }
 
       // We must call SetCanceled here to set the error message type
-      // in case it isn't PlainErrorMessage, which is what we would
+      // in case it isn't SSLErrorMessageType::Plain, which is what we would
       // default to if we just called
       // PR_SetError(runnable->mResult->mErrorCode, 0) and returned
       // SECFailure without doing this.
       socketInfo->SetCanceled(runnable->mResult->mErrorCode,
                               runnable->mResult->mErrorMessageType);
       error = runnable->mResult->mErrorCode;
     }
   }
--- a/security/manager/ssl/TransportSecurityInfo.cpp
+++ b/security/manager/ssl/TransportSecurityInfo.cpp
@@ -33,23 +33,23 @@
                        //read/write buffer to a log.
                        //Uses PR_LOG except on Mac where
                        //we always write out to our own
                        //file.
 
 namespace mozilla { namespace psm {
 
 TransportSecurityInfo::TransportSecurityInfo()
-  : mMutex("TransportSecurityInfo::mMutex"),
-    mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE),
-    mSubRequestsBrokenSecurity(0),
-    mSubRequestsNoSecurity(0),
-    mErrorCode(0),
-    mErrorMessageType(PlainErrorMessage),
-    mPort(0)
+  : mMutex("TransportSecurityInfo::mMutex")
+  , mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE)
+  , mSubRequestsBrokenSecurity(0)
+  , mSubRequestsNoSecurity(0)
+  , mErrorCode(0)
+  , mErrorMessageType(SSLErrorMessageType::Plain)
+  , mPort(0)
 {
 }
 
 TransportSecurityInfo::~TransportSecurityInfo()
 {
   nsNSSShutDownPreventionLock locker;
   if (isAlreadyShutDown())
     return;
@@ -226,21 +226,21 @@ TransportSecurityInfo::formatErrorMessag
     return NS_OK;
   }
 
   if (!XRE_IsParentProcess()) {
     return NS_ERROR_UNEXPECTED;
   }
 
   nsresult rv;
-  MOZ_ASSERT(errorMessageType != OverridableCertErrorMessage ||
+  MOZ_ASSERT(errorMessageType != SSLErrorMessageType::OverridableCert ||
                (mSSLStatus && mSSLStatus->HasServerCert() &&
                 mSSLStatus->mHaveCertErrorBits),
              "formatErrorMessage() called for cert error without cert");
-  if (errorMessageType == OverridableCertErrorMessage &&
+  if (errorMessageType == SSLErrorMessageType::OverridableCert &&
       mSSLStatus && mSSLStatus->HasServerCert()) {
     rv = formatOverridableCertErrorMessage(*mSSLStatus, errorCode,
                                            mHostName, mPort,
                                            suppressPort443,
                                            wantsHtml,
                                            result);
   } else {
     rv = formatPlainErrorMessage(mHostName, mPort, 
--- a/security/manager/ssl/TransportSecurityInfo.h
+++ b/security/manager/ssl/TransportSecurityInfo.h
@@ -20,19 +20,19 @@
 #include "nsITransportSecurityInfo.h"
 #include "nsNSSShutDown.h"
 #include "nsSSLStatus.h"
 #include "nsString.h"
 #include "pkix/pkixtypes.h"
 
 namespace mozilla { namespace psm {
 
-enum SSLErrorMessageType {
-  OverridableCertErrorMessage  = 1, // for *overridable* certificate errors
-  PlainErrorMessage = 2             // all other errors (or "no error")
+enum class SSLErrorMessageType {
+  OverridableCert = 1, // for *overridable* certificate errors
+  Plain = 2,           // all other errors (or "no error")
 };
 
 class TransportSecurityInfo : public nsITransportSecurityInfo,
                               public nsIInterfaceRequestor,
                               public nsISSLStatusProvider,
                               public nsIAssociatedContentSecurity,
                               public nsISerializable,
                               public nsIClassInfo,
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -370,17 +370,17 @@ nsNSSSocketInfo::DriveHandshake()
   SECStatus rv = SSL_ForceHandshake(mFd);
 
   if (rv != SECSuccess) {
     errorCode = PR_GetError();
     if (errorCode == PR_WOULD_BLOCK_ERROR) {
       return NS_BASE_STREAM_WOULD_BLOCK;
     }
 
-    SetCanceled(errorCode, PlainErrorMessage);
+    SetCanceled(errorCode, SSLErrorMessageType::Plain);
     return GetXPCOMFromNSSError(errorCode);
   }
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsNSSSocketInfo::IsAcceptableForHost(const nsACString& hostname, bool* _retval)
 {
@@ -619,17 +619,17 @@ nsNSSSocketInfo::SetCertVerificationResu
   MOZ_ASSERT(mCertVerificationState == waiting_for_cert_verification,
              "Invalid state transition to cert_verification_finished");
 
   if (mFd) {
     SECStatus rv = SSL_AuthCertificateComplete(mFd, errorCode);
     // Only replace errorCode if there was originally no error
     if (rv != SECSuccess && errorCode == 0) {
       errorCode = PR_GetError();
-      errorMessageType = PlainErrorMessage;
+      errorMessageType = SSLErrorMessageType::Plain;
       if (errorCode == 0) {
         NS_ERROR("SSL_AuthCertificateComplete didn't set error code");
         errorCode = PR_INVALID_STATE_ERROR;
       }
     }
   }
 
   if (errorCode) {
@@ -674,17 +674,17 @@ nsHandleSSLError(nsNSSSocketInfo* socket
   // SetCanceled()/GetError*().
   if (socketInfo->GetErrorCode()) {
     // If the socket has been flagged as canceled,
     // the code who did was responsible for setting the error code.
     return;
   }
 
   // We must cancel first, which sets the error code.
-  socketInfo->SetCanceled(err, PlainErrorMessage);
+  socketInfo->SetCanceled(err, SSLErrorMessageType::Plain);
   nsXPIDLString errorString;
   socketInfo->GetErrorLogMessage(err, errtype, errorString);
 
   if (!errorString.IsEmpty()) {
     nsContentUtils::LogSimpleConsoleError(errorString, "SSL");
   }
 }
 
@@ -1243,19 +1243,18 @@ checkHandshake(int32_t bytesTransfered, 
     // The socketInfo->GetErrorCode() check is here to ensure we don't try to
     // do the synchronous dispatch to the main thread unnecessarily after we've
     // already handled a certificate error. (SSLErrorRunnable calls
     // nsHandleSSLError, which has logic to avoid replacing the error message,
     // so without the !socketInfo->GetErrorCode(), it would just be an
     // expensive no-op.)
     if (!wantRetry && mozilla::psm::IsNSSErrorCode(err) &&
         !socketInfo->GetErrorCode()) {
-      RefPtr<SyncRunnableBase> runnable(new SSLErrorRunnable(socketInfo,
-                                                             PlainErrorMessage,
-                                                             err));
+      RefPtr<SyncRunnableBase> runnable(
+        new SSLErrorRunnable(socketInfo, SSLErrorMessageType::Plain, err));
       (void) runnable->DispatchToMainThreadAndWait();
     }
   } else if (wasReading && 0 == bytesTransfered) {
     // zero bytes on reading, socket closed
     if (handleHandshakeResultNow) {
       wantRetry = retryDueToTLSIntolerance(PR_END_OF_FILE_ERROR, socketInfo);
     }
   }
@@ -1283,17 +1282,17 @@ checkHandshake(int32_t bytesTransfered, 
 
   if (bytesTransfered < 0) {
     // Remember that we encountered an error so that getSocketInfoIfRunning
     // will correctly cause us to fail if another part of Gecko
     // (erroneously) calls an I/O function (PR_Send/PR_Recv/etc.) again on
     // this socket. Note that we use the original error because if we use
     // PR_CONNECT_RESET_ERROR, we'll repeated try to reconnect.
     if (originalError != PR_WOULD_BLOCK_ERROR && !socketInfo->GetErrorCode()) {
-      socketInfo->SetCanceled(originalError, PlainErrorMessage);
+      socketInfo->SetCanceled(originalError, SSLErrorMessageType::Plain);
     }
     PR_SetError(err, 0);
   }
 
   return bytesTransfered;
 }
 
 } // namespace