PageRenderTime 17ms CodeModel.GetById 11ms app.highlight 3ms RepoModel.GetById 1ms app.codeStats 1ms

/security/manager/ssl/src/nsCERTValInParamWrapper.h

http://github.com/zpao/v8monkey
C Header | 102 lines | 31 code | 9 blank | 62 comment | 0 complexity | 95d6acaeb03cf46cc7b7acc77a0ec881 MD5 | raw file
  1/* ***** BEGIN LICENSE BLOCK *****
  2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3 *
  4 * The contents of this file are subject to the Mozilla Public License Version
  5 * 1.1 (the "License"); you may not use this file except in compliance with
  6 * the License. You may obtain a copy of the License at
  7 * http://www.mozilla.org/MPL/
  8 *
  9 * Software distributed under the License is distributed on an "AS IS" basis,
 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 11 * for the specific language governing rights and limitations under the
 12 * License.
 13 *
 14 * The Original Code is mozilla.org code.
 15 *
 16 * The Initial Developer of the Original Code is
 17 * Red Hat, Inc.
 18 * Portions created by the Initial Developer are Copyright (C) 2011
 19 * the Initial Developer. All Rights Reserved.
 20 *
 21 * Contributor(s):
 22 *   Kai Engert <kengert@redhat.com>
 23 *
 24 * Alternatively, the contents of this file may be used under the terms of
 25 * either the GNU General Public License Version 2 or later (the "GPL"), or
 26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 27 * in which case the provisions of the GPL or the LGPL are applicable instead
 28 * of those above. If you wish to allow use of your version of this file only
 29 * under the terms of either the GPL or the LGPL, and not to allow others to
 30 * use your version of this file under the terms of the MPL, indicate your
 31 * decision by deleting the provisions above and replace them with the notice
 32 * and other provisions required by the GPL or the LGPL. If you do not delete
 33 * the provisions above, a recipient may use your version of this file under
 34 * the terms of any one of the MPL, the GPL or the LGPL.
 35 *
 36 * ***** END LICENSE BLOCK ***** */
 37
 38#ifndef _nsCERTValInParamWrapper_H
 39#define _nsCERTValInParamWrapper_H
 40
 41#include "nsISupports.h"
 42#include "cert.h"
 43
 44/*
 45 * This is a wrapper around type
 46 * CERTValInParam is a nested input parameter type for CERT_PKIXVerifyCert.
 47 * The values inside this type depend on application preferences,
 48 * as a consequence it's expensive to construct this object.
 49 * (and we shall avoid to access prefs from secondary threads anyway).
 50 * We want to create an instance of that input type once, and use as long as possible.
 51 * Every time the preferences change, we will create a new default object.
 52 *
 53 * A race is possible between "verification function is active and object in use"
 54 * and "must switch to new defaults".
 55 *
 56 * The global default object may be replaced at any time with a new object.
 57 * The contents of inner CERTValInParam are supposed to be stable (const).
 58 *
 59 * In order to protect against the race, we use a reference counted wrapper.
 60 * Each user of a foreign nsCERTValInParamWrapper object
 61 * (e.g. the current global default object)
 62 * must use nsRefPtr<nsCERTValInParamWrapper> = other-object
 63 * prior to calling CERT_PKIXVerifyCert.
 64 * 
 65 * This guarantees the object will still be alive after the call,
 66 * and if the default object has been replaced in the meantime,
 67 * the reference counter will go to zero, and the old default
 68 * object will get destroyed automatically.
 69 */
 70class nsCERTValInParamWrapper
 71{
 72 public:
 73    NS_IMETHOD_(nsrefcnt) AddRef();
 74    NS_IMETHOD_(nsrefcnt) Release();
 75
 76public:
 77  nsCERTValInParamWrapper();
 78  virtual ~nsCERTValInParamWrapper();
 79
 80  enum missing_cert_download_config { missing_cert_download_off = 0, missing_cert_download_on };
 81  enum crl_download_config { crl_local_only = 0, crl_download_allowed };
 82  enum ocsp_download_config { ocsp_off = 0, ocsp_on };
 83  enum ocsp_strict_config { ocsp_relaxed = 0, ocsp_strict };
 84  enum any_revo_fresh_config { any_revo_relaxed = 0, any_revo_strict };
 85
 86  nsresult Construct(missing_cert_download_config ac, crl_download_config cdc,
 87                     ocsp_download_config odc, ocsp_strict_config osc,
 88                     any_revo_fresh_config arfc,
 89                     const char *firstNetworkRevocationMethod);
 90
 91private:
 92  nsAutoRefCnt mRefCnt;
 93  NS_DECL_OWNINGTHREAD
 94  bool mAlreadyConstructed;
 95  CERTValInParam *mCVIN;
 96  CERTRevocationFlags *mRev;
 97  
 98public:
 99  CERTValInParam *GetRawPointerForNSS() { return mCVIN; }
100};
101
102#endif