tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

QuicSocketControl.cpp (4207B)

      1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
      2 *
      3 * This Source Code Form is subject to the terms of the Mozilla Public
      4 * License, v. 2.0. If a copy of the MPL was not distributed with this
      5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      6 
      7 #include "QuicSocketControl.h"
      8 
      9 #include "Http3Session.h"
     10 #include "SharedCertVerifier.h"
     11 #include "nsISocketProvider.h"
     12 #include "nsIWebProgressListener.h"
     13 #include "nsNSSComponent.h"
     14 #include "nsSocketTransportService2.h"
     15 #include "nsThreadUtils.h"
     16 #include "sslt.h"
     17 #include "ssl.h"
     18 
     19 namespace mozilla {
     20 namespace net {
     21 
     22 QuicSocketControl::QuicSocketControl(const nsCString& aHostName, int32_t aPort,
     23                                     uint32_t aProviderFlags,
     24                                     Http3Session* aHttp3Session)
     25    : CommonSocketControl(aHostName, aPort, aProviderFlags) {
     26  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     27  mHttp3Session = do_GetWeakReference(
     28      static_cast<nsISupportsWeakReference*>(aHttp3Session));
     29 }
     30 
     31 void QuicSocketControl::SetCertVerificationResult(PRErrorCode errorCode) {
     32  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     33 
     34  if (errorCode) {
     35    mFailedVerification = true;
     36    SetCanceled(errorCode);
     37  }
     38 
     39  CallAuthenticated();
     40 }
     41 
     42 NS_IMETHODIMP
     43 QuicSocketControl::GetSSLVersionOffered(int16_t* aSSLVersionOffered) {
     44  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     45  *aSSLVersionOffered = nsITLSSocketControl::TLS_VERSION_1_3;
     46  return NS_OK;
     47 }
     48 
     49 void QuicSocketControl::CallAuthenticated() {
     50  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     51  RefPtr<Http3Session> http3Session = do_QueryReferent(mHttp3Session);
     52  if (http3Session) {
     53    http3Session->Authenticated(GetErrorCode());
     54  }
     55 }
     56 
     57 void QuicSocketControl::HandshakeCompleted() {
     58  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     59  uint32_t state = nsIWebProgressListener::STATE_IS_SECURE;
     60 
     61  // If we're here, the TLS handshake has succeeded. If the overridable error
     62  // category is nonzero, the user has added an override for a certificate
     63  // error.
     64  if (mOverridableErrorCategory.isSome() &&
     65      *mOverridableErrorCategory !=
     66          nsITransportSecurityInfo::OverridableErrorCategory::ERROR_UNSET) {
     67    state |= nsIWebProgressListener::STATE_CERT_USER_OVERRIDDEN;
     68  }
     69 
     70  SetSecurityState(state);
     71  mHandshakeCompleted = true;
     72 }
     73 
     74 void QuicSocketControl::SetNegotiatedNPN(const nsACString& aValue) {
     75  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     76  mNegotiatedNPN = aValue;
     77  mNPNCompleted = true;
     78 }
     79 
     80 void QuicSocketControl::SetInfo(uint16_t aCipherSuite,
     81                                uint16_t aProtocolVersion,
     82                                uint16_t aKeaGroupName,
     83                                uint16_t aSignatureScheme, bool aEchAccepted) {
     84  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     85  SSLCipherSuiteInfo cipherInfo;
     86  if (SSL_GetCipherSuiteInfo(aCipherSuite, &cipherInfo, sizeof cipherInfo) ==
     87      SECSuccess) {
     88    mCipherSuite.emplace(aCipherSuite);
     89    mProtocolVersion.emplace(aProtocolVersion & 0xFF);
     90    mKeaGroupName.emplace(getKeaGroupName(aKeaGroupName));
     91    mSignatureSchemeName.emplace(getSignatureName(aSignatureScheme));
     92    mIsAcceptedEch.emplace(aEchAccepted);
     93  }
     94 }
     95 
     96 NS_IMETHODIMP
     97 QuicSocketControl::GetEchConfig(nsACString& aEchConfig) {
     98  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
     99  aEchConfig = mEchConfig;
    100  return NS_OK;
    101 }
    102 
    103 NS_IMETHODIMP
    104 QuicSocketControl::SetEchConfig(const nsACString& aEchConfig) {
    105  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
    106  mEchConfig = aEchConfig;
    107  RefPtr<Http3Session> http3Session = do_QueryReferent(mHttp3Session);
    108  if (http3Session) {
    109    http3Session->DoSetEchConfig(mEchConfig);
    110  }
    111  return NS_OK;
    112 }
    113 
    114 NS_IMETHODIMP
    115 QuicSocketControl::GetRetryEchConfig(nsACString& aEchConfig) {
    116  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
    117  aEchConfig = mRetryEchConfig;
    118  return NS_OK;
    119 }
    120 
    121 void QuicSocketControl::SetRetryEchConfig(const nsACString& aEchConfig) {
    122  COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
    123  mRetryEchConfig = aEchConfig;
    124 }
    125 
    126 bool QuicSocketControl::IsBuiltCertChainRootBuiltInRoot() const {
    127  return mIsBuiltCertChainRootBuiltInRoot;
    128 }
    129 
    130 }  // namespace net
    131 }  // namespace mozilla