summaryrefslogtreecommitdiff
path: root/netwerk
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-06-20 19:11:09 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-06-20 19:14:58 +0200
commit7d3b69729b68d80e7b301e7e1fd05e68e13cc133 (patch)
treec54c93de5921a6abd0439affbbc878ed9f6e43da /netwerk
parent5c0b3b7d3224778c9421f8dcd7f8dd1d09f62675 (diff)
downloaduxp-7d3b69729b68d80e7b301e7e1fd05e68e13cc133.tar.gz
Fix SSL status ambiguity.
- Adds CipherSuite string with the full suite - Changes CipherName to be the actual cipher name instead of the (erroneous) full suite like Firefox does.
Diffstat (limited to 'netwerk')
-rw-r--r--netwerk/base/TLSServerSocket.cpp10
-rw-r--r--netwerk/base/TLSServerSocket.h1
-rw-r--r--netwerk/base/nsITLSServerSocket.idl12
3 files changed, 20 insertions, 3 deletions
diff --git a/netwerk/base/TLSServerSocket.cpp b/netwerk/base/TLSServerSocket.cpp
index b32a9a1887..257a7f5da5 100644
--- a/netwerk/base/TLSServerSocket.cpp
+++ b/netwerk/base/TLSServerSocket.cpp
@@ -419,6 +419,13 @@ TLSServerConnectionInfo::GetCipherName(nsACString& aCipherName)
}
NS_IMETHODIMP
+TLSServerConnectionInfo::GetCipherSuite(nsACString& aCipherSuite)
+{
+ aCipherSuite.Assign(mCipherSuite);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
TLSServerConnectionInfo::GetKeyLength(uint32_t* aKeyLength)
{
if (NS_WARN_IF(!aKeyLength)) {
@@ -490,7 +497,8 @@ TLSServerConnectionInfo::HandshakeCallback(PRFileDesc* aFD)
if (NS_FAILED(rv)) {
return rv;
}
- mCipherName.Assign(cipherInfo.cipherSuiteName);
+ mCipherName.Assign(cipherInfo.symCipherName);
+ mCipherSuite.Assign(cipherInfo.cipherSuiteName);
mKeyLength = cipherInfo.effectiveKeyBits;
mMacLength = cipherInfo.macBits;
diff --git a/netwerk/base/TLSServerSocket.h b/netwerk/base/TLSServerSocket.h
index 9fb57e0cc2..fd47fc9189 100644
--- a/netwerk/base/TLSServerSocket.h
+++ b/netwerk/base/TLSServerSocket.h
@@ -68,6 +68,7 @@ private:
nsCOMPtr<nsIX509Cert> mPeerCert;
int16_t mTlsVersionUsed;
nsCString mCipherName;
+ nsCString mCipherSuite;
uint32_t mKeyLength;
uint32_t mMacLength;
// lock protects access to mSecurityObserver
diff --git a/netwerk/base/nsITLSServerSocket.idl b/netwerk/base/nsITLSServerSocket.idl
index 9a03c2ead7..57485357f5 100644
--- a/netwerk/base/nsITLSServerSocket.idl
+++ b/netwerk/base/nsITLSServerSocket.idl
@@ -94,7 +94,7 @@ interface nsITLSServerSocket : nsIServerSocket
* method of the security observer has been called (see
* |nsITLSServerSecurityObserver| below).
*/
-[scriptable, uuid(19668ea4-e5ad-4182-9698-7e890d48f327)]
+[scriptable, uuid(205e273d-2439-449b-bfc5-fc555c87dbc4)]
interface nsITLSClientStatus : nsISupports
{
/**
@@ -125,11 +125,19 @@ interface nsITLSClientStatus : nsISupports
/**
* cipherName
*
+ * Name of the symetric cipher used, such as
+ * "AES-GCM" or "CAMELLIA".
+ */
+ readonly attribute ACString cipherName;
+
+ /**
+ * cipherSuite
+ *
* Name of the cipher suite used, such as
* "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256".
* See security/nss/lib/ssl/sslinfo.c for the possible values.
*/
- readonly attribute ACString cipherName;
+ readonly attribute ACString cipherSuite;
/**
* keyLength