Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler
authorBrian Smith <brian@briansmith.org>
Sun, 12 Apr 2015 19:57:48 -1000
changeset 257862 0511335a89fdad7bab8806a06512e5b05b38932a
parent 257861 5fdc7a8a42698c38e70ed8d9ed445b83d170b835
child 257863 4fc4587d02bf9537fafa195472352af6de9815ee
push id8007
push userraliiev@mozilla.com
push dateMon, 11 May 2015 19:23:16 +0000
treeherdermozilla-aurora@e2ce1aac996e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1153737
milestone40.0a1
Bug 1153737: Avoid unnecessary uses of mozilla::pkix::ScopedPtr, r=keeler
security/apps/AppSignatureVerification.cpp
security/certverifier/NSSCertDBTrustDomain.cpp
security/certverifier/NSSCertDBTrustDomain.h
security/certverifier/OCSPRequestor.cpp
security/manager/ssl/src/SSLServerCertVerification.cpp
security/manager/ssl/src/ScopedNSSTypes.h
security/manager/ssl/src/nsCrypto.cpp
security/manager/ssl/src/nsNSSCertificate.cpp
security/manager/ssl/src/nsNSSIOLayer.cpp
--- a/security/apps/AppSignatureVerification.cpp
+++ b/security/apps/AppSignatureVerification.cpp
@@ -1,44 +1,44 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsNSSCertificateDB.h"
 
-#include "pkix/pkix.h"
-#include "pkix/pkixnss.h"
-#include "pkix/ScopedPtr.h"
+#include "AppTrustDomain.h"
+#include "base64.h"
+#include "certdb.h"
+#include "CryptoTask.h"
 #include "mozilla/RefPtr.h"
-#include "CryptoTask.h"
-#include "AppTrustDomain.h"
+#include "mozilla/UniquePtr.h"
 #include "nsComponentManagerUtils.h"
 #include "nsCOMPtr.h"
 #include "nsDataSignatureVerifier.h"
 #include "nsHashKeys.h"
 #include "nsIFile.h"
 #include "nsIFileStreams.h"
 #include "nsIInputStream.h"
 #include "nsIStringEnumerator.h"
 #include "nsIZipReader.h"
 #include "nsNetUtil.h"
 #include "nsNSSCertificate.h"
 #include "nsProxyRelease.h"
+#include "nssb64.h"
 #include "NSSCertDBTrustDomain.h"
 #include "nsString.h"
 #include "nsTHashtable.h"
-
-#include "base64.h"
-#include "certdb.h"
-#include "nssb64.h"
-#include "secmime.h"
 #include "plstr.h"
 #include "prlog.h"
+#include "pkix/pkix.h"
+#include "pkix/pkixnss.h"
+#include "secmime.h"
+
 
 using namespace mozilla::pkix;
 using namespace mozilla;
 using namespace mozilla::psm;
 
 #ifdef PR_LOGGING
 extern PRLogModuleInfo* gPIPNSSLog;
 #endif
@@ -802,18 +802,20 @@ VerifySignedManifest(AppTrustedRoot aTru
   rv = manifestCalculatedDigest.DigestBuf(SEC_OID_SHA1,
                                           manifestBuffer.data,
                                           manifestBuffer.len - 1); // buffer is null terminated
   if (NS_WARN_IF(NS_FAILED(rv))) {
     return rv;
   }
 
   // Get base64 encoded string from manifest buffer digest
-  ScopedPtr<char, PORT_Free_string> base64EncDigest(NSSBase64_EncodeItem(nullptr,
-    nullptr, 0, const_cast<SECItem*>(&manifestCalculatedDigest.get())));
+  UniquePtr<char, void(&)(void*)>
+    base64EncDigest(NSSBase64_EncodeItem(nullptr, nullptr, 0,
+                      const_cast<SECItem*>(&manifestCalculatedDigest.get())),
+                    PORT_Free);
   if (NS_WARN_IF(!base64EncDigest)) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   // Calculate SHA1 digest of the base64 encoded string
   Digest doubleDigest;
   rv = doubleDigest.DigestBuf(SEC_OID_SHA1,
                               reinterpret_cast<uint8_t*>(base64EncDigest.get()),
--- a/security/certverifier/NSSCertDBTrustDomain.cpp
+++ b/security/certverifier/NSSCertDBTrustDomain.cpp
@@ -13,45 +13,35 @@
 #include "certdb.h"
 #include "nsNSSCertificate.h"
 #include "nss.h"
 #include "NSSErrorsService.h"
 #include "nsServiceManagerUtils.h"
 #include "pk11pub.h"
 #include "pkix/pkix.h"
 #include "pkix/pkixnss.h"
-#include "pkix/ScopedPtr.h"
 #include "prerror.h"
 #include "prmem.h"
 #include "prprf.h"
 #include "ScopedNSSTypes.h"
 #include "secerr.h"
-#include "secmod.h"
 
 using namespace mozilla;
 using namespace mozilla::pkix;
 
 #ifdef PR_LOGGING
 extern PRLogModuleInfo* gCertVerifierLog;
 #endif
 
 static const uint64_t ServerFailureDelaySeconds = 5 * 60;
 
 namespace mozilla { namespace psm {
 
 const char BUILTIN_ROOTS_MODULE_DEFAULT_NAME[] = "Builtin Roots Module";
 
-void PORT_Free_string(char* str) { PORT_Free(str); }
-
-namespace {
-
-typedef ScopedPtr<SECMODModule, SECMOD_DestroyModule> ScopedSECMODModule;
-
-} // unnamed namespace
-
 NSSCertDBTrustDomain::NSSCertDBTrustDomain(SECTrustType certDBTrustType,
                                            OCSPFetching ocspFetching,
                                            OCSPCache& ocspCache,
              /*optional but shouldn't be*/ void* pinArg,
                                            CertVerifier::OcspGetConfig ocspGETConfig,
                                            CertVerifier::PinningMode pinningMode,
                                            unsigned int minRSABits,
                               /*optional*/ const char* hostname,
@@ -826,35 +816,37 @@ LoadLoadableRoots(/*optional*/ const cha
 {
   PR_ASSERT(modNameUTF8);
 
   if (!modNameUTF8) {
     PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
     return SECFailure;
   }
 
-  ScopedPtr<char, PR_FreeLibraryName> fullLibraryPath(
-    PR_GetLibraryName(dir, "nssckbi"));
+  UniquePtr<char, void(&)(char*)>
+    fullLibraryPath(PR_GetLibraryName(dir, "nssckbi"), PR_FreeLibraryName);
   if (!fullLibraryPath) {
     return SECFailure;
   }
 
-  ScopedPtr<char, PORT_Free_string> escaped_fullLibraryPath(
-    nss_addEscape(fullLibraryPath.get(), '\"'));
+  UniquePtr<char, void(&)(void*)>
+    escaped_fullLibraryPath(nss_addEscape(fullLibraryPath.get(), '\"'),
+                            PORT_Free);
   if (!escaped_fullLibraryPath) {
     return SECFailure;
   }
 
   // If a module exists with the same name, delete it.
   int modType;
   SECMOD_DeleteModule(modNameUTF8, &modType);
 
-  ScopedPtr<char, PR_smprintf_free> pkcs11ModuleSpec(
-    PR_smprintf("name=\"%s\" library=\"%s\"", modNameUTF8,
-                escaped_fullLibraryPath.get()));
+  UniquePtr<char, void(&)(char*)>
+    pkcs11ModuleSpec(PR_smprintf("name=\"%s\" library=\"%s\"", modNameUTF8,
+                                 escaped_fullLibraryPath.get()),
+                     PR_smprintf_free);
   if (!pkcs11ModuleSpec) {
     return SECFailure;
   }
 
   ScopedSECMODModule rootsModule(SECMOD_LoadUserModule(pkcs11ModuleSpec.get(),
                                                        nullptr, false));
   if (!rootsModule) {
     return SECFailure;
@@ -960,17 +952,17 @@ SaveIntermediateCerts(const ScopedCERTCe
     if (node->cert->isperm) {
       // We don't need to remember certs already stored in perm db.
       continue;
     }
 
     // We have found a signer cert that we want to remember.
     char* nickname = DefaultServerNicknameForCert(node->cert);
     if (nickname && *nickname) {
-      ScopedPtr<PK11SlotInfo, PK11_FreeSlot> slot(PK11_GetInternalKeySlot());
+      ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot());
       if (slot) {
         PK11_ImportCert(slot.get(), node->cert, CK_INVALID_HANDLE,
                         nickname, false);
       }
     }
     PR_FREEIF(nickname);
   }
 }
--- a/security/certverifier/NSSCertDBTrustDomain.h
+++ b/security/certverifier/NSSCertDBTrustDomain.h
@@ -15,18 +15,16 @@
 namespace mozilla { namespace psm {
 
 SECStatus InitializeNSS(const char* dir, bool readOnly);
 
 void DisableMD5();
 
 extern const char BUILTIN_ROOTS_MODULE_DEFAULT_NAME[];
 
-void PORT_Free_string(char* str);
-
 // The dir parameter is the path to the directory containing the NSS builtin
 // roots module. Usually this is the same as the path to the other NSS shared
 // libraries. If it is null then the (library) path will be searched.
 //
 // The modNameUTF8 parameter should usually be
 // BUILTIN_ROOTS_MODULE_DEFAULT_NAME.
 SECStatus LoadLoadableRoots(/*optional*/ const char* dir,
                             const char* modNameUTF8);
--- a/security/certverifier/OCSPRequestor.cpp
+++ b/security/certverifier/OCSPRequestor.cpp
@@ -4,46 +4,52 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "OCSPRequestor.h"
 
 #include <limits>
 
 #include "mozilla/Base64.h"
+#include "mozilla/Scoped.h"
 #include "nsIURLParser.h"
 #include "nsNSSCallbacks.h"
 #include "nsNetCID.h"
 #include "nsServiceManagerUtils.h"
-#include "pkix/ScopedPtr.h"
 #include "secerr.h"
 
 #ifdef PR_LOGGING
 extern PRLogModuleInfo* gCertVerifierLog;
 #endif
 
-namespace mozilla { namespace psm {
-
-using mozilla::pkix::ScopedPtr;
+namespace mozilla {
 
 void
 ReleaseHttpServerSession(nsNSSHttpServerSession* httpServerSession)
 {
   delete httpServerSession;
 }
-typedef ScopedPtr<nsNSSHttpServerSession, ReleaseHttpServerSession>
-  ScopedHTTPServerSession;
 
 void
 ReleaseHttpRequestSession(nsNSSHttpRequestSession* httpRequestSession)
 {
   httpRequestSession->Release();
 }
-typedef ScopedPtr<nsNSSHttpRequestSession, ReleaseHttpRequestSession>
-  ScopedHTTPRequestSession;
+
+MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedHTTPServerSession,
+                                          nsNSSHttpServerSession,
+                                          ReleaseHttpServerSession)
+
+MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedHTTPRequestSession,
+                                          nsNSSHttpRequestSession,
+                                          ReleaseHttpRequestSession)
+
+} // namespace mozilla
+
+namespace mozilla { namespace psm {
 
 static nsresult
 AppendEscapedBase64Item(const SECItem* encodedRequest, nsACString& path)
 {
   nsresult rv;
   nsDependentCSubstring requestAsSubstring(
     reinterpret_cast<const char*>(encodedRequest->data), encodedRequest->len);
   nsCString base64Request;
--- a/security/manager/ssl/src/SSLServerCertVerification.cpp
+++ b/security/manager/ssl/src/SSLServerCertVerification.cpp
@@ -93,32 +93,32 @@
 // socket for which we are validating the cert.
 
 #include "SSLServerCertVerification.h"
 
 #include <cstring>
 
 #include "pkix/pkix.h"
 #include "pkix/pkixnss.h"
-#include "pkix/ScopedPtr.h"
 #include "CertVerifier.h"
 #include "CryptoTask.h"
 #include "ExtendedValidation.h"
 #include "NSSCertDBTrustDomain.h"
 #include "nsIBadCertListener2.h"
 #include "nsICertOverrideService.h"
 #include "nsISiteSecurityService.h"
 #include "nsNSSComponent.h"
 #include "nsNSSIOLayer.h"
 #include "nsNSSShutDown.h"
 
 #include "mozilla/Assertions.h"
 #include "mozilla/Mutex.h"
 #include "mozilla/Telemetry.h"
 #include "mozilla/net/DNS.h"
+#include "mozilla/UniquePtr.h"
 #include "mozilla/unused.h"
 #include "nsIThreadPool.h"
 #include "nsNetUtil.h"
 #include "nsXPCOMCIDInternal.h"
 #include "nsComponentManagerUtils.h"
 #include "nsServiceManagerUtils.h"
 #include "PSMRunnable.h"
 #include "RootCertificateTelemetryUtils.h"
@@ -871,18 +871,18 @@ GatherBaselineRequirementsTelemetry(cons
   CERTCertListNode* rootNode = CERT_LIST_TAIL(certList);
   PR_ASSERT(!(CERT_LIST_END(endEntityNode, certList) ||
               CERT_LIST_END(rootNode, certList)));
   if (CERT_LIST_END(endEntityNode, certList) ||
       CERT_LIST_END(rootNode, certList)) {
     return;
   }
   CERTCertificate* cert = endEntityNode->cert;
-  mozilla::pkix::ScopedPtr<char, PORT_Free_string> commonName(
-    CERT_GetCommonName(&cert->subject));
+  UniquePtr<char, void(&)(void*)>
+    commonName(CERT_GetCommonName(&cert->subject), PORT_Free);
   // This only applies to certificates issued by authorities in our root
   // program.
   bool isBuiltIn = false;
   SECStatus rv = IsCertBuiltInRoot(rootNode->cert, isBuiltIn);
   if (rv != SECSuccess || !isBuiltIn) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
            ("BR telemetry: '%s' not a built-in root (or IsCertBuiltInRoot "
             "failed)\n", commonName.get()));
--- a/security/manager/ssl/src/ScopedNSSTypes.h
+++ b/security/manager/ssl/src/ScopedNSSTypes.h
@@ -23,16 +23,17 @@
 #include "keyhi.h"
 #include "cryptohi.h"
 #include "pk11pub.h"
 #include "pkcs12.h"
 #include "sechash.h"
 #include "secpkcs7.h"
 #include "secport.h"
 #include "prerror.h"
+#include "secmod.h"
 
 namespace mozilla {
 
 // It is very common to cast between char* and uint8_t* when doing crypto stuff.
 // Here, we provide more type-safe wrappers around reinterpret_cast so you don't
 // shoot yourself in the foot by reinterpret_casting completely unrelated types.
 
 inline char *
@@ -329,13 +330,15 @@ MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLAT
                                           SECKEYEncryptedPrivateKeyInfo,
                                           internal::SECKEYEncryptedPrivateKeyInfo_true)
 MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedSECKEYPublicKey,
                                           SECKEYPublicKey,
                                           SECKEY_DestroyPublicKey)
 MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedSECAlgorithmID,
                                           SECAlgorithmID,
                                           internal::SECOID_DestroyAlgorithmID_true)
+MOZ_TYPE_SPECIFIC_SCOPED_POINTER_TEMPLATE(ScopedSECMODModule, SECMODModule,
+                                          SECMOD_DestroyModule)
 
 
 } // namespace mozilla
 
 #endif // mozilla_ScopedNSSTypes_h
--- a/security/manager/ssl/src/nsCrypto.cpp
+++ b/security/manager/ssl/src/nsCrypto.cpp
@@ -4,20 +4,17 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsCrypto.h"
 
 #include "nsNSSComponent.h"
 #include "nsNativeCharsetUtils.h"
 #include "nsServiceManagerUtils.h"
-#include "pkix/ScopedPtr.h"
-#include "secmod.h"
-
-typedef mozilla::pkix::ScopedPtr<SECMODModule, SECMOD_DestroyModule> ScopedSECMODModule;
+#include "ScopedNSSTypes.h"
 
 // QueryInterface implementation for nsPkcs11
 NS_INTERFACE_MAP_BEGIN(nsPkcs11)
   NS_INTERFACE_MAP_ENTRY(nsIPKCS11)
   NS_INTERFACE_MAP_ENTRY(nsISupports)
 NS_INTERFACE_MAP_END
 
 NS_IMPL_ADDREF(nsPkcs11)
--- a/security/manager/ssl/src/nsNSSCertificate.cpp
+++ b/security/manager/ssl/src/nsNSSCertificate.cpp
@@ -5,19 +5,19 @@
 
 #include "nsNSSCertificate.h"
 
 #include "prmem.h"
 #include "prerror.h"
 #include "prprf.h"
 #include "CertVerifier.h"
 #include "ExtendedValidation.h"
+#include "mozilla/UniquePtr.h"
 #include "pkix/pkixnss.h"
 #include "pkix/pkixtypes.h"
-#include "pkix/ScopedPtr.h"
 #include "nsNSSComponent.h" // for PIPNSS string bundle calls.
 #include "nsCOMPtr.h"
 #include "nsIMutableArray.h"
 #include "nsNSSCertValidity.h"
 #include "nsPKCS12Blob.h"
 #include "nsPK11TokenDB.h"
 #include "nsIX509Cert.h"
 #include "nsIClassInfoImpl.h"
@@ -529,18 +529,18 @@ nsNSSCertificate::GetWindowTitle(nsAStri
 
   aWindowTitle.Truncate();
 
   if (!mCert) {
     NS_ERROR("Somehow got nullptr for mCert in nsNSSCertificate.");
     return NS_ERROR_FAILURE;
   }
 
-  mozilla::pkix::ScopedPtr<char, mozilla::psm::PORT_Free_string>
-    commonName(CERT_GetCommonName(&mCert->subject));
+  UniquePtr<char, void(&)(void*)>
+    commonName(CERT_GetCommonName(&mCert->subject), PORT_Free);
 
   const char* titleOptions[] = {
     mCert->nickname,
     commonName.get(),
     mCert->subjectName,
     mCert->emailAddr
   };
 
--- a/security/manager/ssl/src/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
@@ -1,22 +1,22 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
  *
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsNSSIOLayer.h"
 
-#include "pkix/ScopedPtr.h"
 #include "pkix/pkixtypes.h"
 #include "nsNSSComponent.h"
 #include "mozilla/BinarySearch.h"
 #include "mozilla/Casting.h"
 #include "mozilla/DebugOnly.h"
+#include "mozilla/UniquePtr.h"
 #include "mozilla/Telemetry.h"
 
 #include "prlog.h"
 #include "prmem.h"
 #include "prnetdb.h"
 #include "nsIPrefService.h"
 #include "nsIClientAuthDialogs.h"
 #include "nsClientAuthRemember.h"
@@ -2308,18 +2308,18 @@ ClientAuthDataRunnable::RunOnTargetThrea
 
       if (!nicknames) {
         goto loser;
       }
 
       NS_ASSERTION(nicknames->numnicknames == NumberOfCerts, "nicknames->numnicknames != NumberOfCerts");
 
       // Get CN and O of the subject and O of the issuer
-      mozilla::pkix::ScopedPtr<char, PORT_Free_string> ccn(
-        CERT_GetCommonName(&mServerCert->subject));
+      UniquePtr<char, void(&)(void*)>
+        ccn(CERT_GetCommonName(&mServerCert->subject), PORT_Free);
       NS_ConvertUTF8toUTF16 cn(ccn.get());
 
       int32_t port;
       mSocketInfo->GetPort(&port);
 
       nsString cn_host_port;
       if (ccn && strcmp(ccn.get(), hostname) == 0) {
         cn_host_port.Append(cn);