Bug 1055238 - Add nsNSSCertListFakeTransport so nsIX509CertList can survive the child process. r=rbarnes, a=bajaj
authorDavid Keeler <dkeeler@mozilla.com>
Tue, 16 Sep 2014 15:49:37 -0700
changeset 225010 ecad53dd6555545ae7f1a734f12ccff292918f81
parent 225009 4b841e30bcd7e444a9925b0484ba5cece49accf8
child 225011 5bf0e57cf5e273ab948c74204c043c9fd0b8f3fe
push id3979
push userraliiev@mozilla.com
push dateMon, 13 Oct 2014 16:35:44 +0000
treeherdermozilla-beta@30f2cc610691 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrbarnes, bajaj
bugs1055238
milestone34.0a2
Bug 1055238 - Add nsNSSCertListFakeTransport so nsIX509CertList can survive the child process. r=rbarnes, a=bajaj
security/manager/ssl/src/nsNSSCertificateFakeTransport.cpp
security/manager/ssl/src/nsNSSCertificateFakeTransport.h
security/manager/ssl/src/nsNSSModule.cpp
--- a/security/manager/ssl/src/nsNSSCertificateFakeTransport.cpp
+++ b/security/manager/ssl/src/nsNSSCertificateFakeTransport.cpp
@@ -1,16 +1,16 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsNSSCertificateFakeTransport.h"
 
-#include "nsCOMPtr.h"
+#include "nsIClassInfoImpl.h"
 #include "nsIObjectInputStream.h"
 #include "nsIObjectOutputStream.h"
 #include "nsIProgrammingLanguage.h"
 #include "nsISupportsPrimitives.h"
 #include "nsNSSCertificate.h"
 #include "nsString.h"
 #include "nsXPIDLString.h"
 
@@ -390,8 +390,108 @@ nsNSSCertificateFakeTransport::ExportAsC
 }
 
 NS_IMETHODIMP
 nsNSSCertificateFakeTransport::MarkForPermDeletion()
 {
   NS_NOTREACHED("Unimplemented on content process");
   return NS_ERROR_NOT_IMPLEMENTED;
 }
+
+NS_IMPL_CLASSINFO(nsNSSCertListFakeTransport,
+                  nullptr,
+                  // inferred from nsIX509Cert
+                  nsIClassInfo::THREADSAFE,
+                  NS_X509CERTLIST_CID)
+
+NS_IMPL_ISUPPORTS_CI(nsNSSCertListFakeTransport,
+                     nsIX509CertList,
+                     nsISerializable)
+
+nsNSSCertListFakeTransport::nsNSSCertListFakeTransport()
+{
+}
+
+nsNSSCertListFakeTransport::~nsNSSCertListFakeTransport()
+{
+}
+
+NS_IMETHODIMP
+nsNSSCertListFakeTransport::AddCert(nsIX509Cert* aCert)
+{
+  NS_NOTREACHED("Unimplemented on content process");
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+nsNSSCertListFakeTransport::DeleteCert(nsIX509Cert* aCert)
+{
+  NS_NOTREACHED("Unimplemented on content process");
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+void*
+nsNSSCertListFakeTransport::GetRawCertList()
+{
+  NS_NOTREACHED("Unimplemented on content process");
+  return nullptr;
+}
+
+NS_IMETHODIMP
+nsNSSCertListFakeTransport::GetEnumerator(nsISimpleEnumerator**)
+{
+  NS_NOTREACHED("Unimplemented on content process");
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP
+nsNSSCertListFakeTransport::Equals(nsIX509CertList*, bool*)
+{
+  NS_NOTREACHED("Unimplemented on content process");
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+// NB: This serialization must match that of nsNSSCertList.
+NS_IMETHODIMP
+nsNSSCertListFakeTransport::Write(nsIObjectOutputStream* aStream)
+{
+  uint32_t certListLen = mFakeCertList.length();
+  // Write the length of the list
+  nsresult rv = aStream->Write32(certListLen);
+  if (NS_FAILED(rv)) {
+    return rv;
+  }
+
+  for (size_t i = 0; i < certListLen; i++) {
+    nsCOMPtr<nsIX509Cert> cert = mFakeCertList[i];
+    nsCOMPtr<nsISerializable> serializableCert = do_QueryInterface(cert);
+    rv = aStream->WriteCompoundObject(serializableCert,
+                                      NS_GET_IID(nsIX509Cert), true);
+    if (NS_FAILED(rv)) {
+      break;
+    }
+  }
+
+  return rv;
+}
+
+NS_IMETHODIMP
+nsNSSCertListFakeTransport::Read(nsIObjectInputStream* aStream)
+{
+  uint32_t certListLen;
+  nsresult rv = aStream->Read32(&certListLen);
+  if (NS_FAILED(rv)) {
+    return rv;
+  }
+
+  for (uint32_t i = 0; i < certListLen; i++) {
+    nsCOMPtr<nsISupports> certSupports;
+    rv = aStream->ReadObject(true, getter_AddRefs(certSupports));
+    if (NS_FAILED(rv)) {
+      break;
+    }
+
+    nsCOMPtr<nsIX509Cert> cert = do_QueryInterface(certSupports);
+    mFakeCertList.append(cert);
+  }
+
+  return rv;
+}
--- a/security/manager/ssl/src/nsNSSCertificateFakeTransport.h
+++ b/security/manager/ssl/src/nsNSSCertificateFakeTransport.h
@@ -1,19 +1,22 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef nsNSSCertificateFakeTransport_h
 #define nsNSSCertificateFakeTransport_h
 
+#include "mozilla/Vector.h"
+#include "nsCOMPtr.h"
 #include "nsIClassInfo.h"
 #include "nsISerializable.h"
 #include "nsIX509Cert.h"
+#include "nsIX509CertList.h"
 #include "secitem.h"
 
 class nsNSSCertificateFakeTransport : public nsIX509Cert,
                                       public nsISerializable,
                                       public nsIClassInfo
 {
 public:
   NS_DECL_THREADSAFE_ISUPPORTS
@@ -25,9 +28,26 @@ public:
 
 protected:
   virtual ~nsNSSCertificateFakeTransport();
 
 private:
   SECItem* mCertSerialization;
 };
 
+class nsNSSCertListFakeTransport : public nsIX509CertList,
+                                   public nsISerializable
+{
+public:
+  NS_DECL_THREADSAFE_ISUPPORTS
+  NS_DECL_NSIX509CERTLIST
+  NS_DECL_NSISERIALIZABLE
+
+  nsNSSCertListFakeTransport();
+
+protected:
+  virtual ~nsNSSCertListFakeTransport();
+
+private:
+  mozilla::Vector<nsCOMPtr<nsIX509Cert> > mFakeCertList;
+};
+
 #endif // nsNSSCertificateFakeTransport_h
--- a/security/manager/ssl/src/nsNSSModule.cpp
+++ b/security/manager/ssl/src/nsNSSModule.cpp
@@ -179,17 +179,19 @@ NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEn
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsPK11TokenDB)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsPKCS11ModuleDB)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nssEnsure, PSMContentListener, init)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_BYPROCESS(nssEnsureOnChromeOnly,
                                              nsNSSCertificate,
                                              nsNSSCertificateFakeTransport)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsNSSCertificateDB)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsNSSCertCache)
-NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsNSSCertList)
+NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_BYPROCESS(nssEnsureOnChromeOnly,
+                                             nsNSSCertList,
+                                             nsNSSCertListFakeTransport)
 #ifdef MOZ_XUL
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCertTree)
 #endif
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsPkcs11)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCertPicker)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nssEnsure, nsNTLMAuthModule, InitTest)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCryptoHash)
 NS_NSS_GENERIC_FACTORY_CONSTRUCTOR(nssEnsure, nsCryptoHMAC)