nsresult
nsDOMStorageDBWrapper::SetSecure(DOMStorageImpl* aStorage,
const nsAString& aKey,
const bool aSecure)
{
IMPL_FORWARDER(SetSecure(aStorage, aKey, aSecure));
}
int ssl_client_handshake(struct Client *cptr) {
char *str;
int err;
cptr->ssl = (struct SSL*)SSL_new (ctx); CHK_NULL(cptr->ssl);
SSL_set_fd ((SSL*)cptr->ssl, cptr->fd);
set_blocking(cptr->fd);
err = SSL_connect ((SSL*)cptr->ssl);
set_non_blocking(cptr->fd);
if ((err)==-1) {
irclog(L_NOTICE,"Could connect to %s:Error in SSL_connect()",
get_client_name(cptr, TRUE));
return 0;
}
/* Following two steps are optional and not required for
data exchange to be successful. */
/* Get the cipher - opt */
set_blocking(cptr->fd);
irclog (L_NOTICE,"SSL connection using %s", SSL_get_cipher ((SSL*)cptr->ssl));
SetSecure(cptr);
/* Get server's certificate (note: beware of dynamic allocation) - opt */
cptr->client_cert = (struct X509*)SSL_get_peer_certificate ((SSL *)cptr->ssl);
set_non_blocking(cptr->fd);
if (cptr->client_cert != NULL)
{
irclog (L_NOTICE,"Server certificate:");
str = X509_NAME_oneline (X509_get_subject_name ((X509*)cptr->client_cert),0,0);
CHK_NULL(str);
irclog (L_NOTICE, "\t subject: %s", str);
// Free (str);
free (str);
str = X509_NAME_oneline (X509_get_issuer_name ((X509*)cptr->client_cert),0,0);
CHK_NULL(str);
irclog (L_NOTICE, "\t issuer: %s", str);
// Free (str);
free (str);
/* We could do all sorts of certificate verification stuff here before
deallocating the certificate. */
X509_free ((X509*)cptr->client_cert);
}
else
irclog (L_NOTICE, "Server does not have certificate.");
return 1;
}
NS_IMETHODIMP
nsDOMStorageItem::SetSecure(PRBool aSecure)
{
if (!mStorage->CacheStoragePermissions() || !IsCallerSecure()) {
return NS_ERROR_DOM_INVALID_ACCESS_ERR;
}
if (mStorage->UseDB()) {
nsresult rv = mStorage->SetSecure(mKey, aSecure);
NS_ENSURE_SUCCESS(rv, rv);
}
mSecure = aSecure;
return NS_OK;
}
void VHTTPCookie::FromString (const XBOX::VString& inString)
{
XBOX::VectorOfVString stringValues;
XBOX::VString string;
XBOX::VString nameString;
XBOX::VString valueString;
Clear();
inString.GetSubStrings (CHAR_SEMICOLON, stringValues, false, true);
for (VectorOfVString::iterator it = stringValues.begin(); it != stringValues.end(); ++it)
{
sLONG pos = 0;
string.FromString (*it);
if ((pos = HTTPTools::FindASCIICString (string, "secure")) == 1)
{
SetSecure (true);
}
else if ((pos = HTTPTools::FindASCIICString (string, "httpOnly")) == 1)
{
SetHttpOnly (true);
}
else if ((pos = HTTPTools::FindASCIICString (string, "version")) == 1)
{
SetVersion (1);
}
else if ((pos = HTTPTools::FindASCIICString (string, "max-age")) == 1)
{
HTTPTools::ExtractFieldNameValue (string, nameString, valueString);
fMaxAge = valueString.GetLong();
}
else if ((pos = HTTPTools::FindASCIICString (string, "expires")) == 1)
{
XBOX::VTime curTime;
XBOX::VTime expiresTime;
XBOX::VTime::Now (curTime);
HTTPTools::ExtractFieldNameValue (string, nameString, valueString);
expiresTime.FromRfc822String (valueString);
if (expiresTime.GetMilliseconds() > curTime.GetMilliseconds())
fMaxAge = (expiresTime.GetMilliseconds() - curTime.GetMilliseconds()) / 1000;
}
else if ((pos = HTTPTools::FindASCIICString (string, "path")) == 1)
{
HTTPTools::ExtractFieldNameValue (string, nameString, fPath);
}
else if ((pos = HTTPTools::FindASCIICString (string, "domain")) == 1)
{
HTTPTools::ExtractFieldNameValue (string, nameString, fDomain);
}
else if ((pos = HTTPTools::FindASCIICString (string, "comment")) == 1)
{
HTTPTools::ExtractFieldNameValue (string, nameString, fComment);
}
else if ((pos = HTTPTools::FindASCIICString (string, "=")))
{
HTTPTools::ExtractFieldNameValue (string, fName, fValue);
}
}
}
int ssl_handshake(struct Client *cptr) {
char *str;
int err;
cptr->ssl = (struct SSL*) SSL_new (ctx);
// cptr->use_ssl=1;
CHK_NULL (cptr->ssl);
SSL_set_fd ((SSL *)cptr->ssl, cptr->fd);
set_non_blocking(cptr->fd);
err = ircd_SSL_accept (cptr, cptr->fd);
if ((err)==-1) {
irclog(L_ERROR,"Lost connection to %s:Error in SSL_accept()",
get_client_name(cptr, TRUE));
SSL_shutdown((SSL *)cptr->ssl);
SSL_free((SSL *)cptr->ssl);
cptr->ssl = NULL;
return 0;
}
/* Get the cipher - opt */
SetSecure(cptr);
irclog (L_DEBUG, "SSL connection using %s", SSL_get_cipher ((SSL *)cptr->ssl));
/* Get client's certificate (note: beware of dynamic
* allocation) - opt */
cptr->client_cert = (struct X509*)SSL_get_peer_certificate ((SSL *)cptr->ssl);
if (cptr->client_cert != NULL)
{
irclog (L_DEBUG,"Client certificate:");
str = X509_NAME_oneline (X509_get_subject_name ((X509*)cptr->client_cert), 0, 0);
CHK_NULL (str);
irclog (L_DEBUG, "\t subject: %s", str);
// Bejvavalo
// Free (str);
free(str);
str = X509_NAME_oneline (X509_get_issuer_name ((X509*)cptr->client_cert), 0, 0);
CHK_NULL (str);
irclog (L_DEBUG, "\t issuer: %s", str);
// Bejvavalo
// Free (str);
free(str);
/* We could do all sorts of certificate
* verification stuff here before
* deallocating the certificate. */
X509_free ((X509*)cptr->client_cert);
}
else
irclog (L_DEBUG, "Client does not have certificate.");
return 1;
}
