1 /* vim:set ts=2 sw=2 et cindent: */
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3  * License, v. 2.0. If a copy of the MPL was not distributed with this
4  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 
6 #ifndef mozilla_net_TLSServerSocket_h
7 #define mozilla_net_TLSServerSocket_h
8 
9 #include "nsITLSServerSocket.h"
10 #include "nsServerSocket.h"
11 #include "nsString.h"
12 #include "mozilla/Mutex.h"
13 #include "seccomon.h"
14 
15 namespace mozilla {
16 namespace net {
17 
18 class TLSServerSocket final : public nsServerSocket, public nsITLSServerSocket {
19  public:
20   NS_DECL_ISUPPORTS_INHERITED
21   NS_FORWARD_NSISERVERSOCKET(nsServerSocket::)
22   NS_DECL_NSITLSSERVERSOCKET
23 
24   // Override methods from nsServerSocket
25   virtual void CreateClientTransport(PRFileDesc* clientFD,
26                                      const NetAddr& clientAddr) override;
27   virtual nsresult SetSocketDefaults() override;
28   virtual nsresult OnSocketListen() override;
29 
30   TLSServerSocket() = default;
31 
32  private:
33   virtual ~TLSServerSocket() = default;
34 
35   static SECStatus AuthCertificateHook(void* arg, PRFileDesc* fd,
36                                        PRBool checksig, PRBool isServer);
37 
38   nsCOMPtr<nsIX509Cert> mServerCert;
39 };
40 
41 class TLSServerConnectionInfo : public nsITLSServerConnectionInfo,
42                                 public nsITLSClientStatus {
43   friend class TLSServerSocket;
44 
45  public:
46   NS_DECL_THREADSAFE_ISUPPORTS
47   NS_DECL_NSITLSSERVERCONNECTIONINFO
48   NS_DECL_NSITLSCLIENTSTATUS
49 
50   TLSServerConnectionInfo() = default;
51 
52  private:
53   virtual ~TLSServerConnectionInfo();
54 
55   static void HandshakeCallback(PRFileDesc* aFD, void* aArg);
56   nsresult HandshakeCallback(PRFileDesc* aFD);
57 
58   RefPtr<TLSServerSocket> mServerSocket;
59   // Weak ref to the transport, to avoid cycles since the transport holds a
60   // reference to the TLSServerConnectionInfo object.  This is not handed out to
61   // anyone, and is only used in HandshakeCallback to close the transport in
62   // case of an error.  After this, it's set to nullptr.
63   nsISocketTransport* mTransport{nullptr};
64   nsCOMPtr<nsIX509Cert> mPeerCert;
65   int16_t mTlsVersionUsed{TLS_VERSION_UNKNOWN};
66   nsCString mCipherName;
67   uint32_t mKeyLength{0};
68   uint32_t mMacLength{0};
69   // lock protects access to mSecurityObserver
70   mozilla::Mutex mLock{"TLSServerConnectionInfo.mLock"};
71   nsCOMPtr<nsITLSServerSecurityObserver> mSecurityObserver;
72 };
73 
74 }  // namespace net
75 }  // namespace mozilla
76 
77 #endif  // mozilla_net_TLSServerSocket_h
78