/security/manager/ssl/src/nsCERTValInParamWrapper.h

http://github.com/zpao/v8monkey · C Header · 102 lines · 31 code · 9 blank · 62 comment · 0 complexity · 95d6acaeb03cf46cc7b7acc77a0ec881 MD5 · raw file

  1. /* ***** BEGIN LICENSE BLOCK *****
  2. * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3. *
  4. * The contents of this file are subject to the Mozilla Public License Version
  5. * 1.1 (the "License"); you may not use this file except in compliance with
  6. * the License. You may obtain a copy of the License at
  7. * http://www.mozilla.org/MPL/
  8. *
  9. * Software distributed under the License is distributed on an "AS IS" basis,
  10. * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  11. * for the specific language governing rights and limitations under the
  12. * License.
  13. *
  14. * The Original Code is mozilla.org code.
  15. *
  16. * The Initial Developer of the Original Code is
  17. * Red Hat, Inc.
  18. * Portions created by the Initial Developer are Copyright (C) 2011
  19. * the Initial Developer. All Rights Reserved.
  20. *
  21. * Contributor(s):
  22. * Kai Engert <kengert@redhat.com>
  23. *
  24. * Alternatively, the contents of this file may be used under the terms of
  25. * either the GNU General Public License Version 2 or later (the "GPL"), or
  26. * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  27. * in which case the provisions of the GPL or the LGPL are applicable instead
  28. * of those above. If you wish to allow use of your version of this file only
  29. * under the terms of either the GPL or the LGPL, and not to allow others to
  30. * use your version of this file under the terms of the MPL, indicate your
  31. * decision by deleting the provisions above and replace them with the notice
  32. * and other provisions required by the GPL or the LGPL. If you do not delete
  33. * the provisions above, a recipient may use your version of this file under
  34. * the terms of any one of the MPL, the GPL or the LGPL.
  35. *
  36. * ***** END LICENSE BLOCK ***** */
  37. #ifndef _nsCERTValInParamWrapper_H
  38. #define _nsCERTValInParamWrapper_H
  39. #include "nsISupports.h"
  40. #include "cert.h"
  41. /*
  42. * This is a wrapper around type
  43. * CERTValInParam is a nested input parameter type for CERT_PKIXVerifyCert.
  44. * The values inside this type depend on application preferences,
  45. * as a consequence it's expensive to construct this object.
  46. * (and we shall avoid to access prefs from secondary threads anyway).
  47. * We want to create an instance of that input type once, and use as long as possible.
  48. * Every time the preferences change, we will create a new default object.
  49. *
  50. * A race is possible between "verification function is active and object in use"
  51. * and "must switch to new defaults".
  52. *
  53. * The global default object may be replaced at any time with a new object.
  54. * The contents of inner CERTValInParam are supposed to be stable (const).
  55. *
  56. * In order to protect against the race, we use a reference counted wrapper.
  57. * Each user of a foreign nsCERTValInParamWrapper object
  58. * (e.g. the current global default object)
  59. * must use nsRefPtr<nsCERTValInParamWrapper> = other-object
  60. * prior to calling CERT_PKIXVerifyCert.
  61. *
  62. * This guarantees the object will still be alive after the call,
  63. * and if the default object has been replaced in the meantime,
  64. * the reference counter will go to zero, and the old default
  65. * object will get destroyed automatically.
  66. */
  67. class nsCERTValInParamWrapper
  68. {
  69. public:
  70. NS_IMETHOD_(nsrefcnt) AddRef();
  71. NS_IMETHOD_(nsrefcnt) Release();
  72. public:
  73. nsCERTValInParamWrapper();
  74. virtual ~nsCERTValInParamWrapper();
  75. enum missing_cert_download_config { missing_cert_download_off = 0, missing_cert_download_on };
  76. enum crl_download_config { crl_local_only = 0, crl_download_allowed };
  77. enum ocsp_download_config { ocsp_off = 0, ocsp_on };
  78. enum ocsp_strict_config { ocsp_relaxed = 0, ocsp_strict };
  79. enum any_revo_fresh_config { any_revo_relaxed = 0, any_revo_strict };
  80. nsresult Construct(missing_cert_download_config ac, crl_download_config cdc,
  81. ocsp_download_config odc, ocsp_strict_config osc,
  82. any_revo_fresh_config arfc,
  83. const char *firstNetworkRevocationMethod);
  84. private:
  85. nsAutoRefCnt mRefCnt;
  86. NS_DECL_OWNINGTHREAD
  87. bool mAlreadyConstructed;
  88. CERTValInParam *mCVIN;
  89. CERTRevocationFlags *mRev;
  90. public:
  91. CERTValInParam *GetRawPointerForNSS() { return mCVIN; }
  92. };
  93. #endif