Bug 1265164 - Always use nsCOMPtrs with getNSSDialogs(). r=keeler
MozReview-Commit-ID: 430uuWHIZjC
--- a/security/manager/ssl/nsCertPicker.cpp
+++ b/security/manager/ssl/nsCertPicker.cpp
@@ -1,29 +1,31 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsCertPicker.h"
-#include "pkix/pkixtypes.h"
-#include "nsMemory.h"
+
+#include "ScopedNSSTypes.h"
+#include "cert.h"
+#include "mozilla/RefPtr.h"
#include "nsCOMPtr.h"
-#include "nsXPIDLString.h"
+#include "nsICertPickDialogs.h"
+#include "nsIInterfaceRequestor.h"
#include "nsIServiceManager.h"
+#include "nsMemory.h"
+#include "nsNSSCertHelper.h"
+#include "nsNSSCertificate.h"
#include "nsNSSComponent.h"
-#include "nsNSSCertificate.h"
+#include "nsNSSHelper.h"
+#include "nsNSSShutDown.h"
#include "nsReadableUtils.h"
-#include "nsICertPickDialogs.h"
-#include "nsNSSShutDown.h"
-#include "nsNSSCertHelper.h"
-#include "nsNSSHelper.h"
-#include "ScopedNSSTypes.h"
-
-#include "cert.h"
+#include "nsString.h"
+#include "pkix/pkixtypes.h"
using namespace mozilla;
NS_IMPL_ISUPPORTS(nsCertPicker, nsIUserCertPicker)
nsCertPicker::nsCertPicker()
{
}
@@ -159,28 +161,25 @@ NS_IMETHODIMP nsCertPicker::PickByUsage(
certDetailsList[CertsToUse] = nullptr;
}
++CertsToUse;
}
}
if (CertsToUse) {
- nsICertPickDialogs *dialogs = nullptr;
- rv = getNSSDialogs((void**)&dialogs,
- NS_GET_IID(nsICertPickDialogs),
- NS_CERTPICKDIALOGS_CONTRACTID);
+ nsCOMPtr<nsICertPickDialogs> dialogs;
+ rv = getNSSDialogs(getter_AddRefs(dialogs), NS_GET_IID(nsICertPickDialogs),
+ NS_CERTPICKDIALOGS_CONTRACTID);
if (NS_SUCCEEDED(rv)) {
// Show the cert picker dialog and get the index of the selected cert.
rv = dialogs->PickCertificate(ctx, (const char16_t**)certNicknameList,
(const char16_t**)certDetailsList,
CertsToUse, &selectedIndex, canceled);
-
- NS_RELEASE(dialogs);
}
}
int32_t i;
for (i = 0; i < CertsToUse; ++i) {
free(certNicknameList[i]);
free(certDetailsList[i]);
}
--- a/security/manager/ssl/nsKeygenHandler.cpp
+++ b/security/manager/ssl/nsKeygenHandler.cpp
@@ -294,17 +294,17 @@ uint32_t MapGenMechToAlgoMech(uint32_t m
nsresult
GetSlotWithMechanism(uint32_t aMechanism, nsIInterfaceRequestor* m_ctx,
PK11SlotInfo** aSlot, nsNSSShutDownPreventionLock& /*proofOfLock*/)
{
PK11SlotList * slotList = nullptr;
char16_t** tokenNameList = nullptr;
- nsITokenDialogs * dialogs;
+ nsCOMPtr<nsITokenDialogs> dialogs;
char16_t *unicodeTokenChosen;
PK11SlotListElement *slotElement, *tmpSlot;
uint32_t numSlots = 0, i = 0;
bool canceled;
nsresult rv = NS_OK;
*aSlot = nullptr;
@@ -345,30 +345,30 @@ GetSlotWithMechanism(uint32_t aMechanism
// OOM. adjust numSlots so we don't free unallocated memory.
numSlots = i;
PK11_FreeSlotListElement(slotList, slotElement);
rv = NS_ERROR_OUT_OF_MEMORY;
goto loser;
}
}
- /* Throw up the token list dialog and get back the token */
- rv = getNSSDialogs((void**)&dialogs,
- NS_GET_IID(nsITokenDialogs),
- NS_TOKENDIALOGS_CONTRACTID);
+ // Throw up the token list dialog and get back the token.
+ rv = getNSSDialogs(getter_AddRefs(dialogs), NS_GET_IID(nsITokenDialogs),
+ NS_TOKENDIALOGS_CONTRACTID);
- if (NS_FAILED(rv)) goto loser;
+ if (NS_FAILED(rv)) {
+ goto loser;
+ }
if (!tokenNameList || !*tokenNameList) {
rv = NS_ERROR_OUT_OF_MEMORY;
} else {
rv = dialogs->ChooseToken(m_ctx, (const char16_t**)tokenNameList,
numSlots, &unicodeTokenChosen, &canceled);
}
- NS_RELEASE(dialogs);
if (NS_FAILED(rv)) goto loser;
if (canceled) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
// Get the slot //
slotElement = PK11_GetFirstSafe(slotList);
nsAutoString tokenStr(unicodeTokenChosen);
while (slotElement) {
@@ -471,17 +471,17 @@ nsKeygenFormProcessor::GetPublicKey(cons
SECKEYPublicKey *publicKey = nullptr;
CERTSubjectPublicKeyInfo *spkInfo = nullptr;
SECStatus srv = SECFailure;
SECItem spkiItem;
SECItem pkacItem;
SECItem signedItem;
CERTPublicKeyAndChallenge pkac;
pkac.challenge.data = nullptr;
- nsIGeneratingKeypairInfoDialogs * dialogs;
+ nsCOMPtr<nsIGeneratingKeypairInfoDialogs> dialogs;
nsKeygenThread *KeygenRunnable = 0;
nsCOMPtr<nsIKeygenThread> runnable;
// permanent and sensitive flags for keygen
PK11AttrFlags attrFlags = PK11_ATTR_TOKEN | PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE;
UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
if (!arena) {
@@ -578,17 +578,17 @@ nsKeygenFormProcessor::GetPublicKey(cons
if (NS_FAILED(rv))
goto loser;
srv = PK11_Authenticate(slot, true, m_ctx);
if (srv != SECSuccess) {
goto loser;
}
- rv = getNSSDialogs((void**)&dialogs,
+ rv = getNSSDialogs(getter_AddRefs(dialogs),
NS_GET_IID(nsIGeneratingKeypairInfoDialogs),
NS_GENERATINGKEYPAIRINFODIALOGS_CONTRACTID);
if (NS_SUCCEEDED(rv)) {
KeygenRunnable = new nsKeygenThread();
NS_IF_ADDREF(KeygenRunnable);
}
@@ -596,24 +596,22 @@ nsKeygenFormProcessor::GetPublicKey(cons
rv = NS_OK;
privateKey = PK11_GenerateKeyPairWithFlags(slot, keyGenMechanism, params,
&publicKey, attrFlags, m_ctx);
} else {
KeygenRunnable->SetParams( slot, attrFlags, nullptr, 0,
keyGenMechanism, params, m_ctx );
runnable = do_QueryInterface(KeygenRunnable);
-
if (runnable) {
rv = dialogs->DisplayGeneratingKeypairInfo(m_ctx, runnable);
// We call join on the thread so we can be sure that no
// simultaneous access to the passed parameters will happen.
KeygenRunnable->Join();
- NS_RELEASE(dialogs);
if (NS_SUCCEEDED(rv)) {
PK11SlotInfo *used_slot = nullptr;
rv = KeygenRunnable->ConsumeResult(&used_slot, &privateKey, &publicKey);
if (NS_SUCCEEDED(rv) && used_slot) {
PK11_FreeSlot(used_slot);
}
}
}
--- a/security/manager/ssl/nsKeygenHandler.h
+++ b/security/manager/ssl/nsKeygenHandler.h
@@ -1,20 +1,25 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-#ifndef _NSKEYGENHANDLER_H_
-#define _NSKEYGENHANDLER_H_
-// Form Processor
+#ifndef nsKeygenHandler_h
+#define nsKeygenHandler_h
+
+#include "keythi.h"
+#include "nsCOMPtr.h"
+#include "nsError.h"
#include "nsIFormProcessor.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsNSSShutDown.h"
#include "nsTArray.h"
-#include "nsNSSShutDown.h"
+#include "secmodt.h"
nsresult GetSlotWithMechanism(uint32_t mechanism,
nsIInterfaceRequestor* ctx,
PK11SlotInfo** retSlot,
nsNSSShutDownPreventionLock& /*proofOfLock*/);
#define DEFAULT_RSA_KEYGEN_PE 65537L
#define DEFAULT_RSA_KEYGEN_ALG SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION
@@ -68,9 +73,9 @@ private:
int size;
} SECKeySizeChoiceInfo;
enum { number_of_key_size_choices = 2 };
SECKeySizeChoiceInfo mSECKeySizeChoiceList[number_of_key_size_choices];
};
-#endif //_NSKEYGENHANDLER_H_
+#endif // nsKeygenHandler_h
--- a/security/manager/ssl/nsNSSCallbacks.cpp
+++ b/security/manager/ssl/nsNSSCallbacks.cpp
@@ -669,19 +669,19 @@ ShowProtectedAuthPrompt(PK11SlotInfo* sl
if (!NS_IsMainThread()) {
NS_ERROR("ShowProtectedAuthPrompt called off the main thread");
return nullptr;
}
char* protAuthRetVal = nullptr;
// Get protected auth dialogs
- nsITokenDialogs* dialogs = 0;
- nsresult nsrv = getNSSDialogs((void**)&dialogs,
- NS_GET_IID(nsITokenDialogs),
+ nsCOMPtr<nsITokenDialogs> dialogs;
+ nsresult nsrv = getNSSDialogs(getter_AddRefs(dialogs),
+ NS_GET_IID(nsITokenDialogs),
NS_TOKENDIALOGS_CONTRACTID);
if (NS_SUCCEEDED(nsrv))
{
nsProtectedAuthThread* protectedAuthRunnable = new nsProtectedAuthThread();
if (protectedAuthRunnable)
{
NS_ADDREF(protectedAuthRunnable);
@@ -705,25 +705,22 @@ ShowProtectedAuthPrompt(PK11SlotInfo* sl
protAuthRetVal = ToNewCString(nsDependentCString(PK11_PW_AUTHENTICATED));
break;
case SECWouldBlock:
protAuthRetVal = ToNewCString(nsDependentCString(PK11_PW_RETRY));
break;
default:
protAuthRetVal = nullptr;
break;
-
}
}
}
NS_RELEASE(protectedAuthRunnable);
}
-
- NS_RELEASE(dialogs);
}
return protAuthRetVal;
}
class PK11PasswordPromptRunnable : public SyncRunnableBase
, public nsNSSShutDownObject
{
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -2062,38 +2062,43 @@ getNSSDialogs(void** _result, REFNSIID a
return rv;
}
nsresult
setPassword(PK11SlotInfo* slot, nsIInterfaceRequestor* ctx,
nsNSSShutDownPreventionLock& /*proofOfLock*/)
{
- nsresult rv = NS_OK;
+ MOZ_ASSERT(slot);
+ MOZ_ASSERT(ctx);
+ NS_ENSURE_ARG_POINTER(slot);
+ NS_ENSURE_ARG_POINTER(ctx);
if (PK11_NeedUserInit(slot)) {
- nsITokenPasswordDialogs* dialogs;
+ nsCOMPtr<nsITokenPasswordDialogs> dialogs;
+ nsresult rv = getNSSDialogs(getter_AddRefs(dialogs),
+ NS_GET_IID(nsITokenPasswordDialogs),
+ NS_TOKENPASSWORDSDIALOG_CONTRACTID);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+
bool canceled;
NS_ConvertUTF8toUTF16 tokenName(PK11_GetTokenName(slot));
-
- rv = getNSSDialogs((void**)&dialogs,
- NS_GET_IID(nsITokenPasswordDialogs),
- NS_TOKENPASSWORDSDIALOG_CONTRACTID);
-
- if (NS_FAILED(rv)) goto loser;
+ rv = dialogs->SetPassword(ctx, tokenName.get(), &canceled);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
- rv = dialogs->SetPassword(ctx, tokenName.get(), &canceled);
-
- NS_RELEASE(dialogs);
- if (NS_FAILED(rv)) goto loser;
+ if (canceled) {
+ return NS_ERROR_NOT_AVAILABLE;
+ }
+ }
- if (canceled) { rv = NS_ERROR_NOT_AVAILABLE; goto loser; }
- }
- loser:
- return rv;
+ return NS_OK;
}
namespace mozilla {
namespace psm {
nsresult
InitializeCipherSuite()
{
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -2244,17 +2244,17 @@ ClientAuthDataRunnable::RunOnTargetThrea
hasRemembered = false;
}
}
}
}
if (!hasRemembered) {
// user selects a cert to present
- nsIClientAuthDialogs* dialogs = nullptr;
+ nsCOMPtr<nsIClientAuthDialogs> dialogs;
int32_t selectedIndex = -1;
char16_t** certNicknameList = nullptr;
char16_t** certDetailsList = nullptr;
// find all user certs that are for SSL
// note that we are allowing expired certs in this list
certList = CERT_FindUserCertsByUsage(CERT_GetDefaultCertDB(),
certUsageSSLClient, false,
@@ -2358,33 +2358,32 @@ ClientAuthDataRunnable::RunOnTargetThrea
free(certNicknameList[CertsToUse]);
continue;
}
++CertsToUse;
}
// Throw up the client auth dialog and get back the index of the selected cert
- nsresult rv = getNSSDialogs((void**)&dialogs,
- NS_GET_IID(nsIClientAuthDialogs),
- NS_CLIENTAUTHDIALOGS_CONTRACTID);
+ nsresult rv = getNSSDialogs(getter_AddRefs(dialogs),
+ NS_GET_IID(nsIClientAuthDialogs),
+ NS_CLIENTAUTHDIALOGS_CONTRACTID);
if (NS_FAILED(rv)) {
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(CertsToUse, certNicknameList);
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(CertsToUse, certDetailsList);
goto loser;
}
rv = dialogs->ChooseCertificate(mSocketInfo, cn_host_port.get(),
org.get(), issuer.get(),
(const char16_t**)certNicknameList,
(const char16_t**)certDetailsList,
CertsToUse, &selectedIndex, &canceled);
- NS_RELEASE(dialogs);
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(CertsToUse, certNicknameList);
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(CertsToUse, certDetailsList);
if (NS_FAILED(rv)) goto loser;
// even if the user has canceled, we want to remember that, to avoid repeating prompts
bool wantRemember = false;
mSocketInfo->GetRememberClientAuthCertificate(&wantRemember);
--- a/security/manager/ssl/nsNSSIOLayer.h
+++ b/security/manager/ssl/nsNSSIOLayer.h
@@ -1,25 +1,26 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-#ifndef _NSNSSIOLAYER_H
-#define _NSNSSIOLAYER_H
+#ifndef nsNSSIOLayer_h
+#define nsNSSIOLayer_h
#include "TransportSecurityInfo.h"
-#include "nsISSLSocketControl.h"
+#include "mozilla/TimeStamp.h"
+#include "nsCOMPtr.h"
+#include "nsDataHashtable.h"
#include "nsIClientAuthDialogs.h"
#include "nsIProxyInfo.h"
+#include "nsISSLSocketControl.h"
#include "nsNSSCertificate.h"
-#include "nsDataHashtable.h"
#include "nsTHashtable.h"
-#include "mozilla/TimeStamp.h"
#include "sslt.h"
namespace mozilla {
namespace psm {
class SharedSSLState;
} // namespace psm
} // namespace mozilla
@@ -257,9 +258,9 @@ nsresult nsSSLIOLayerAddToSocket(int32_t
PRFileDesc* fd,
nsISupports** securityInfo,
bool forSTARTTLS,
uint32_t flags);
nsresult nsSSLIOLayerFreeTLSIntolerantSites();
nsresult displayUnknownCertErrorAlert(nsNSSSocketInfo* infoObject, int error);
-#endif /* _NSNSSIOLAYER_H */
+#endif // nsNSSIOLayer_h