Bug 1368107 - Make SSLErrorMessageType an enum class. r=keeler
Enum classes are safer and nicer.
MozReview-Commit-ID: FDT3Gb1t9w1
--- a/security/manager/ssl/SSLServerCertVerification.cpp
+++ b/security/manager/ssl/SSLServerCertVerification.cpp
@@ -224,17 +224,17 @@ class SSLServerCertVerificationResult :
public:
NS_DECL_NSIRUNNABLE
SSLServerCertVerificationResult(nsNSSSocketInfo* infoObject,
PRErrorCode errorCode,
Telemetry::HistogramID telemetryID = Telemetry::HistogramCount,
uint32_t telemetryValue = -1,
SSLErrorMessageType errorMessageType =
- PlainErrorMessage);
+ SSLErrorMessageType::Plain);
void Dispatch();
private:
const RefPtr<nsNSSSocketInfo> mInfoObject;
public:
const PRErrorCode mErrorCode;
const SSLErrorMessageType mErrorMessageType;
const Telemetry::HistogramID mTelemetryID;
@@ -636,17 +636,17 @@ CertErrorRunnable::CheckCertOverrides()
: mErrorCodeTime ? mErrorCodeTime
: mDefaultErrorCodeToReport;
SSLServerCertVerificationResult* result =
new SSLServerCertVerificationResult(mInfoObject,
errorCodeToReport,
Telemetry::HistogramCount,
-1,
- OverridableCertErrorMessage);
+ SSLErrorMessageType::OverridableCert);
LogInvalidCertError(mInfoObject,
result->mErrorCode,
result->mErrorMessageType);
return result;
}
@@ -1790,17 +1790,17 @@ AuthCertificateHook(void* arg, PRFileDes
return SECFailure;
}
if (runnable->mResult->mErrorCode == 0) {
return SECSuccess; // cert error override occurred.
}
// We must call SetCanceled here to set the error message type
- // in case it isn't PlainErrorMessage, which is what we would
+ // in case it isn't SSLErrorMessageType::Plain, which is what we would
// default to if we just called
// PR_SetError(runnable->mResult->mErrorCode, 0) and returned
// SECFailure without doing this.
socketInfo->SetCanceled(runnable->mResult->mErrorCode,
runnable->mResult->mErrorMessageType);
error = runnable->mResult->mErrorCode;
}
}
--- a/security/manager/ssl/TransportSecurityInfo.cpp
+++ b/security/manager/ssl/TransportSecurityInfo.cpp
@@ -33,23 +33,23 @@
//read/write buffer to a log.
//Uses PR_LOG except on Mac where
//we always write out to our own
//file.
namespace mozilla { namespace psm {
TransportSecurityInfo::TransportSecurityInfo()
- : mMutex("TransportSecurityInfo::mMutex"),
- mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE),
- mSubRequestsBrokenSecurity(0),
- mSubRequestsNoSecurity(0),
- mErrorCode(0),
- mErrorMessageType(PlainErrorMessage),
- mPort(0)
+ : mMutex("TransportSecurityInfo::mMutex")
+ , mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE)
+ , mSubRequestsBrokenSecurity(0)
+ , mSubRequestsNoSecurity(0)
+ , mErrorCode(0)
+ , mErrorMessageType(SSLErrorMessageType::Plain)
+ , mPort(0)
{
}
TransportSecurityInfo::~TransportSecurityInfo()
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown())
return;
@@ -226,21 +226,21 @@ TransportSecurityInfo::formatErrorMessag
return NS_OK;
}
if (!XRE_IsParentProcess()) {
return NS_ERROR_UNEXPECTED;
}
nsresult rv;
- MOZ_ASSERT(errorMessageType != OverridableCertErrorMessage ||
+ MOZ_ASSERT(errorMessageType != SSLErrorMessageType::OverridableCert ||
(mSSLStatus && mSSLStatus->HasServerCert() &&
mSSLStatus->mHaveCertErrorBits),
"formatErrorMessage() called for cert error without cert");
- if (errorMessageType == OverridableCertErrorMessage &&
+ if (errorMessageType == SSLErrorMessageType::OverridableCert &&
mSSLStatus && mSSLStatus->HasServerCert()) {
rv = formatOverridableCertErrorMessage(*mSSLStatus, errorCode,
mHostName, mPort,
suppressPort443,
wantsHtml,
result);
} else {
rv = formatPlainErrorMessage(mHostName, mPort,
--- a/security/manager/ssl/TransportSecurityInfo.h
+++ b/security/manager/ssl/TransportSecurityInfo.h
@@ -20,19 +20,19 @@
#include "nsITransportSecurityInfo.h"
#include "nsNSSShutDown.h"
#include "nsSSLStatus.h"
#include "nsString.h"
#include "pkix/pkixtypes.h"
namespace mozilla { namespace psm {
-enum SSLErrorMessageType {
- OverridableCertErrorMessage = 1, // for *overridable* certificate errors
- PlainErrorMessage = 2 // all other errors (or "no error")
+enum class SSLErrorMessageType {
+ OverridableCert = 1, // for *overridable* certificate errors
+ Plain = 2, // all other errors (or "no error")
};
class TransportSecurityInfo : public nsITransportSecurityInfo,
public nsIInterfaceRequestor,
public nsISSLStatusProvider,
public nsIAssociatedContentSecurity,
public nsISerializable,
public nsIClassInfo,
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -370,17 +370,17 @@ nsNSSSocketInfo::DriveHandshake()
SECStatus rv = SSL_ForceHandshake(mFd);
if (rv != SECSuccess) {
errorCode = PR_GetError();
if (errorCode == PR_WOULD_BLOCK_ERROR) {
return NS_BASE_STREAM_WOULD_BLOCK;
}
- SetCanceled(errorCode, PlainErrorMessage);
+ SetCanceled(errorCode, SSLErrorMessageType::Plain);
return GetXPCOMFromNSSError(errorCode);
}
return NS_OK;
}
NS_IMETHODIMP
nsNSSSocketInfo::IsAcceptableForHost(const nsACString& hostname, bool* _retval)
{
@@ -619,17 +619,17 @@ nsNSSSocketInfo::SetCertVerificationResu
MOZ_ASSERT(mCertVerificationState == waiting_for_cert_verification,
"Invalid state transition to cert_verification_finished");
if (mFd) {
SECStatus rv = SSL_AuthCertificateComplete(mFd, errorCode);
// Only replace errorCode if there was originally no error
if (rv != SECSuccess && errorCode == 0) {
errorCode = PR_GetError();
- errorMessageType = PlainErrorMessage;
+ errorMessageType = SSLErrorMessageType::Plain;
if (errorCode == 0) {
NS_ERROR("SSL_AuthCertificateComplete didn't set error code");
errorCode = PR_INVALID_STATE_ERROR;
}
}
}
if (errorCode) {
@@ -674,17 +674,17 @@ nsHandleSSLError(nsNSSSocketInfo* socket
// SetCanceled()/GetError*().
if (socketInfo->GetErrorCode()) {
// If the socket has been flagged as canceled,
// the code who did was responsible for setting the error code.
return;
}
// We must cancel first, which sets the error code.
- socketInfo->SetCanceled(err, PlainErrorMessage);
+ socketInfo->SetCanceled(err, SSLErrorMessageType::Plain);
nsXPIDLString errorString;
socketInfo->GetErrorLogMessage(err, errtype, errorString);
if (!errorString.IsEmpty()) {
nsContentUtils::LogSimpleConsoleError(errorString, "SSL");
}
}
@@ -1243,19 +1243,18 @@ checkHandshake(int32_t bytesTransfered,
// The socketInfo->GetErrorCode() check is here to ensure we don't try to
// do the synchronous dispatch to the main thread unnecessarily after we've
// already handled a certificate error. (SSLErrorRunnable calls
// nsHandleSSLError, which has logic to avoid replacing the error message,
// so without the !socketInfo->GetErrorCode(), it would just be an
// expensive no-op.)
if (!wantRetry && mozilla::psm::IsNSSErrorCode(err) &&
!socketInfo->GetErrorCode()) {
- RefPtr<SyncRunnableBase> runnable(new SSLErrorRunnable(socketInfo,
- PlainErrorMessage,
- err));
+ RefPtr<SyncRunnableBase> runnable(
+ new SSLErrorRunnable(socketInfo, SSLErrorMessageType::Plain, err));
(void) runnable->DispatchToMainThreadAndWait();
}
} else if (wasReading && 0 == bytesTransfered) {
// zero bytes on reading, socket closed
if (handleHandshakeResultNow) {
wantRetry = retryDueToTLSIntolerance(PR_END_OF_FILE_ERROR, socketInfo);
}
}
@@ -1283,17 +1282,17 @@ checkHandshake(int32_t bytesTransfered,
if (bytesTransfered < 0) {
// Remember that we encountered an error so that getSocketInfoIfRunning
// will correctly cause us to fail if another part of Gecko
// (erroneously) calls an I/O function (PR_Send/PR_Recv/etc.) again on
// this socket. Note that we use the original error because if we use
// PR_CONNECT_RESET_ERROR, we'll repeated try to reconnect.
if (originalError != PR_WOULD_BLOCK_ERROR && !socketInfo->GetErrorCode()) {
- socketInfo->SetCanceled(originalError, PlainErrorMessage);
+ socketInfo->SetCanceled(originalError, SSLErrorMessageType::Plain);
}
PR_SetError(err, 0);
}
return bytesTransfered;
}
} // namespace