tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

SSLTokensCache.h (4112B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 #ifndef SSLTokensCache_h_
      6 #define SSLTokensCache_h_
      7 
      8 #include "CertVerifier.h"  // For EVStatus
      9 #include "mozilla/Maybe.h"
     10 #include "mozilla/StaticMutex.h"
     11 #include "mozilla/StaticPrefs_network.h"
     12 #include "mozilla/StaticPtr.h"
     13 #include "nsClassHashtable.h"
     14 #include "nsIMemoryReporter.h"
     15 #include "nsITransportSecurityInfo.h"
     16 #include "nsTArray.h"
     17 #include "nsTHashMap.h"
     18 #include "nsXULAppAPI.h"
     19 
     20 class CommonSocketControl;
     21 
     22 namespace mozilla {
     23 namespace net {
     24 
     25 struct SessionCacheInfo {
     26  SessionCacheInfo Clone() const;
     27 
     28  psm::EVStatus mEVStatus = psm::EVStatus::NotEV;
     29  uint16_t mCertificateTransparencyStatus =
     30      nsITransportSecurityInfo::CERTIFICATE_TRANSPARENCY_NOT_APPLICABLE;
     31  nsTArray<uint8_t> mServerCertBytes;
     32  Maybe<nsTArray<nsTArray<uint8_t>>> mSucceededCertChainBytes;
     33  Maybe<bool> mIsBuiltCertChainRootBuiltInRoot;
     34  nsITransportSecurityInfo::OverridableErrorCategory mOverridableErrorCategory;
     35  Maybe<nsTArray<nsTArray<uint8_t>>> mHandshakeCertificatesBytes;
     36 };
     37 
     38 class SSLTokensCache : public nsIMemoryReporter {
     39 public:
     40  NS_DECL_THREADSAFE_ISUPPORTS
     41  NS_DECL_NSIMEMORYREPORTER
     42 
     43  friend class ExpirationComparator;
     44 
     45  static nsresult Init();
     46  static nsresult Shutdown();
     47 
     48  static nsresult Put(const nsACString& aKey, const uint8_t* aToken,
     49                      uint32_t aTokenLen, CommonSocketControl* aSocketControl);
     50  static nsresult Put(const nsACString& aKey, const uint8_t* aToken,
     51                      uint32_t aTokenLen, CommonSocketControl* aSocketControl,
     52                      PRUint32 aExpirationTime);
     53  static nsresult Get(const nsACString& aKey, nsTArray<uint8_t>& aToken,
     54                      SessionCacheInfo& aResult, uint64_t* aTokenId = nullptr);
     55  static nsresult Remove(const nsACString& aKey, uint64_t aId);
     56  static nsresult RemoveAll(const nsACString& aKey);
     57  static void Clear();
     58 
     59 private:
     60  SSLTokensCache();
     61  virtual ~SSLTokensCache();
     62 
     63  nsresult RemoveLocked(const nsACString& aKey, uint64_t aId);
     64  nsresult RemovAllLocked(const nsACString& aKey);
     65  nsresult GetLocked(const nsACString& aKey, nsTArray<uint8_t>& aToken,
     66                     SessionCacheInfo& aResult, uint64_t* aTokenId);
     67 
     68  void EvictIfNecessary();
     69  void LogStats();
     70 
     71  size_t SizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const;
     72 
     73  static mozilla::StaticRefPtr<SSLTokensCache> gInstance;
     74  static StaticMutex sLock MOZ_UNANNOTATED;
     75  static uint64_t sRecordId;
     76 
     77  uint32_t mCacheSize{0};  // Actual cache size in bytes
     78 
     79  class TokenCacheRecord {
     80   public:
     81    ~TokenCacheRecord();
     82 
     83    uint32_t Size() const;
     84    void Reset();
     85 
     86    nsCString mKey;
     87    PRUint32 mExpirationTime = 0;
     88    nsTArray<uint8_t> mToken;
     89    SessionCacheInfo mSessionCacheInfo;
     90    // An unique id to identify the record. Mostly used when we want to remove a
     91    // record from TokenCacheEntry.
     92    uint64_t mId = 0;
     93  };
     94 
     95  class TokenCacheEntry {
     96   public:
     97    uint32_t Size() const;
     98    // Add a record into |mRecords|. To make sure |mRecords| is sorted, we
     99    // iterate |mRecords| everytime to find a right place to insert the new
    100    // record.
    101    void AddRecord(UniquePtr<TokenCacheRecord>&& aRecord,
    102                   nsTArray<TokenCacheRecord*>& aExpirationArray);
    103    // This function returns the first record in |mRecords|.
    104    const UniquePtr<TokenCacheRecord>& Get();
    105    UniquePtr<TokenCacheRecord> RemoveWithId(uint64_t aId);
    106    uint32_t RecordCount() const { return mRecords.Length(); }
    107    const nsTArray<UniquePtr<TokenCacheRecord>>& Records() { return mRecords; }
    108 
    109   private:
    110    // The records in this array are ordered by the expiration time.
    111    nsTArray<UniquePtr<TokenCacheRecord>> mRecords;
    112  };
    113 
    114  void OnRecordDestroyed(TokenCacheRecord* aRec);
    115 
    116  nsClassHashtable<nsCStringHashKey, TokenCacheEntry> mTokenCacheRecords;
    117  nsTArray<TokenCacheRecord*> mExpirationArray;
    118 };
    119 
    120 }  // namespace net
    121 }  // namespace mozilla
    122 
    123 #endif  // SSLTokensCache_h_