mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-17 07:15:46 +00:00
bug#107491, r=javi, sr=blizzard Makes error handling more detailed
This commit is contained in:
parent
394905f96f
commit
34cd56f082
@ -150,7 +150,38 @@ AVATemplate=%S = %S
|
||||
SSLDisabled=You cannot connect to %S because SSL is disabled.
|
||||
SSL2Disabled=You cannot connect to %S because SSL version 2 is disabled.
|
||||
SSLNoMatchingCiphers=%S and %S cannot communicate securely because they have no common encryption algorithms.
|
||||
SSLGenericError=You cannot connect to %S because of an unknown SSL error (%S)
|
||||
UsersCertRevoked=Could not establish an encrypted connection with %S because your certificate has been revoked.
|
||||
UsersCertExpired=Could not establish an encrypted connection with %S because your certificate is expired.
|
||||
UsersCertRejected=Could not establish an encrypted connection because your certificate was rejected by %S. Error Code: %S.
|
||||
BadMac=%S received a message with incorrect Message Authentication Code. If the error occurs frequently, contact the website administrator.
|
||||
PeerResetConnection=%S has closed the connection. Error Code: %S
|
||||
HostResetConnection=The current transfer has been cancelled.
|
||||
BadPassword=An incorrect password was provided.
|
||||
BadDatabase=There is a problem with your certificate database [Error Code: %S].
|
||||
BadServer=%S has sent an incorrect or unexpected message. Error Code: %S
|
||||
BadClient=%S has received an incorrect or unexpected message. Error Code: %S
|
||||
SSLGenericError=Error establishing an encrypted connection to %S. Error Code: %S.
|
||||
TimeOut=Connection request timed out.
|
||||
PeersCertUntrusted=Could not establish an encrypted connection because certificate presented by %S is not trusted.
|
||||
PeersCertRevoked=Could not establish an encrypted connection because certificate presented by %S has been revoked.
|
||||
PeersCertExpired=Could not establish an encrypted connection because certificate presented by %S has expired.
|
||||
PeersCertWrongDomain=Could not establish an encrypted connection because certificate presented by %S is for a different domain.
|
||||
PeersCertNoGood=Could not establish an encrypted connection because certificate presented by %S is invalid or corrupted. Error Code: %S
|
||||
CRLExpired=Certificate Revocation List (CRL) from the CA certifying %S is past its Next Update date. Please update the CRL.
|
||||
CRLNotYetValid=Certificate Revocation List (CRL) from the CA certifying %S is not yet valid. Please check your system clock.
|
||||
CRLSigNotValid=Certificate Revocation List (CRL) from the CA certifying %S has an invalid digital signature.
|
||||
CRLSNotValid=Certificate Revocation List (CRL) from the CA certifying %S is not valid.
|
||||
OCSPMalformedRequest=Error trying to validate certificate from %S using OSCP - malformed request.
|
||||
OCSPRequestNeedsSig=Error trying to validate certificate from %S using OSCP - request needs signature.
|
||||
OCSPUnauthorizedReq=Error trying to validate certificate from %S using OSCP - unauthorized request.
|
||||
OCSPServerError=Error trying to validate certificate from %S using OSCP - server error.
|
||||
OCSPTryServerLater=Error trying to validate certificate from %S using OSCP - server is busy. Please try again later.
|
||||
OCSPFutureResponse=Error trying to validate certificate from %S using OSCP - response contains a date which is in the future.
|
||||
OCSPOldResponse=Error trying to validate certificate from %S using OSCP - old response.
|
||||
OCSPCorruptedResponse=Error trying to validate certificate from %S using OSCP - corrupted or unknown response. Error Code: %S.
|
||||
OCSPUnauthorizedResponse=Error trying to validate certificate from %S using OSCP - unauthorized response.
|
||||
OCSPUnknownCert=Error trying to validate certificate from %S using OSCP - unknown certificate.
|
||||
OCSPNoDefaultResponder=Error trying to validate certificate from %S using OSCP - no default responder specified.
|
||||
CertInfoIssuedFor=Issued to:
|
||||
CertInfoIssuedBy=Issued by:
|
||||
CertInfoValid=Valid
|
||||
|
@ -428,8 +428,6 @@ displayAlert(nsXPIDLString formattedString, nsNSSSocketInfo *infoObject)
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
static nsresult
|
||||
nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
|
||||
{
|
||||
@ -439,9 +437,24 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
char buf[80];
|
||||
PR_snprintf(buf, 80, "%ld", err);
|
||||
NS_ConvertASCIItoUCS2 errorCode(buf);
|
||||
|
||||
nsXPIDLCString hostName;
|
||||
socketInfo->GetHostName(getter_Copies(hostName));
|
||||
NS_ConvertASCIItoUCS2 hostNameU(hostName);
|
||||
|
||||
NS_DEFINE_CID(StringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);
|
||||
nsCOMPtr<nsIStringBundleService> service =
|
||||
do_GetService(StringBundleServiceCID, &rv);
|
||||
nsCOMPtr<nsIStringBundle> brandBundle;
|
||||
service->CreateBundle("chrome://global/locale/brand.properties",
|
||||
getter_AddRefs(brandBundle));
|
||||
nsXPIDLString brandShortName;
|
||||
brandBundle->GetStringFromName(NS_LITERAL_STRING("brandShortName").get(),
|
||||
getter_Copies(brandShortName));
|
||||
|
||||
const PRUnichar *params[2];
|
||||
nsXPIDLString formattedString;
|
||||
|
||||
@ -461,37 +474,310 @@ nsHandleSSLError(nsNSSSocketInfo *socketInfo, PRInt32 err)
|
||||
case SSL_ERROR_EXPORT_ONLY_SERVER:
|
||||
case SSL_ERROR_US_ONLY_SERVER:
|
||||
case SSL_ERROR_NO_CYPHER_OVERLAP:
|
||||
{
|
||||
NS_DEFINE_CID(StringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);
|
||||
nsCOMPtr<nsIStringBundleService> service =
|
||||
do_GetService(StringBundleServiceCID, &rv);
|
||||
nsCOMPtr<nsIStringBundle> brandBundle;
|
||||
service->CreateBundle("chrome://global/locale/brand.properties",
|
||||
getter_AddRefs(brandBundle));
|
||||
nsXPIDLString brandShortName;
|
||||
brandBundle->GetStringFromName(NS_LITERAL_STRING("brandShortName").get(),
|
||||
getter_Copies(brandShortName));
|
||||
params[0] = brandShortName.get();
|
||||
params[1] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLNoMatchingCiphers").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
case SSL_ERROR_UNSUPPORTED_VERSION:
|
||||
case SSL_ERROR_UNKNOWN_CIPHER_SUITE:
|
||||
case SSL_ERROR_NO_CIPHERS_SUPPORTED:
|
||||
case SSL_ERROR_FORTEZZA_PQG:
|
||||
params[0] = brandShortName.get();
|
||||
params[1] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLNoMatchingCiphers").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
|
||||
}
|
||||
break;
|
||||
|
||||
//Clients Cert Rejected
|
||||
case SSL_ERROR_REVOKED_CERT_ALERT :
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("UsersCertRevoked").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SSL_ERROR_EXPIRED_CERT_ALERT:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("UsersCertExpired").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SSL_ERROR_BAD_CERT_ALERT:
|
||||
case SSL_ERROR_UNSUPPORTED_CERT_ALERT:
|
||||
case SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT:
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("UsersCertRejected").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//Errors related to Peers Certificate
|
||||
case SEC_ERROR_CRL_EXPIRED:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLExpired").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_CRL_NOT_YET_VALID:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLNotYetValid").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_CRL_INVALID:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLSNotValid").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_CRL_BAD_SIGNATURE:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("CRLSigNotValid").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_MALFORMED_REQUEST:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPMalformedRequest").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_REQUEST_NEEDS_SIG:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPRequestNeedsSig").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPUnauthorizedReq").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_SERVER_ERROR:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPServerError").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_TRY_SERVER_LATER:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPTryServerLater").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_FUTURE_RESPONSE:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPFutureResponse").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_OLD_RESPONSE:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPOldResponse").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE:
|
||||
case SEC_ERROR_OCSP_BAD_HTTP_RESPONSE:
|
||||
case SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS:
|
||||
case SEC_ERROR_OCSP_MALFORMED_RESPONSE:
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPCorruptedResponse").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPUnauthorizedResponse").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_OCSP_UNKNOWN_CERT:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPUnknownCert").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
|
||||
case SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("OCSPNoDefaultResponder").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_REVOKED_CERTIFICATE:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertRevoked").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_UNTRUSTED_CERT:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertUntrusted").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SSL_ERROR_BAD_CERT_DOMAIN:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertWrongDomain").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SEC_ERROR_EXPIRED_CERTIFICATE:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertExpired").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//A generic error handler for peer cert
|
||||
case SEC_ERROR_UNKNOWN_CERT:
|
||||
case SEC_ERROR_BAD_SIGNATURE:
|
||||
case SEC_ERROR_BAD_KEY:
|
||||
case SEC_ERROR_CERT_USAGES_INVALID:
|
||||
case SEC_ERROR_INADEQUATE_KEY_USAGE:
|
||||
case SEC_ERROR_INADEQUATE_CERT_TYPE:
|
||||
case SEC_ERROR_CERT_NOT_IN_NAME_SPACE:
|
||||
case SEC_ERROR_CERT_NOT_VALID:
|
||||
case SEC_ERROR_CERT_ADDR_MISMATCH:
|
||||
case SSL_ERROR_BAD_CERTIFICATE:
|
||||
case SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE:
|
||||
case SSL_ERROR_WRONG_CERTIFICATE:
|
||||
case SSL_ERROR_CERT_KEA_MISMATCH:
|
||||
case SEC_ERROR_EXTENSION_VALUE_INVALID :
|
||||
case SEC_ERROR_EXTENSION_NOT_FOUND:
|
||||
case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeersCertNoGood").get(),
|
||||
params, 2 ,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SSL_ERROR_BAD_MAC_READ:
|
||||
params[0] = brandShortName.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadMac").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
case SSL_ERROR_BAD_MAC_ALERT:
|
||||
params[0] = hostNameU.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadMac").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//Connection Reset by peer
|
||||
case SSL_ERROR_CLOSE_NOTIFY_ALERT:
|
||||
case SSL_ERROR_SOCKET_WRITE_FAILURE:
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("PeerResetConnection").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//Connection reset by host
|
||||
case SEC_ERROR_USER_CANCELLED:
|
||||
case SEC_ERROR_MESSAGE_SEND_ABORTED:
|
||||
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("HostResetConnection").get(),
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//Bad password
|
||||
case SEC_ERROR_BAD_PASSWORD:
|
||||
case SEC_ERROR_RETRY_PASSWORD:
|
||||
nssComponent->GetPIPNSSBundleString(NS_LITERAL_STRING("BadPassword").get(),
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//Bad Database
|
||||
case SEC_ERROR_BAD_DATABASE:
|
||||
case SEC_ERROR_NO_KEY:
|
||||
case SEC_ERROR_CERT_NO_RESPONSE:
|
||||
params[0] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadDatabase").get(),
|
||||
params, 1,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//Malformed or unxepected data or message was received from server
|
||||
case SSL_ERROR_BAD_SERVER:
|
||||
case SSL_ERROR_BAD_BLOCK_PADDING:
|
||||
case SSL_ERROR_RX_RECORD_TOO_LONG:
|
||||
case SSL_ERROR_TX_RECORD_TOO_LONG:
|
||||
case SSL_ERROR_RX_MALFORMED_HELLO_REQUEST:
|
||||
case SSL_ERROR_RX_MALFORMED_SERVER_HELLO:
|
||||
case SSL_ERROR_RX_MALFORMED_CERTIFICATE:
|
||||
case SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH:
|
||||
case SSL_ERROR_RX_MALFORMED_CERT_REQUEST:
|
||||
case SSL_ERROR_RX_MALFORMED_HELLO_DONE:
|
||||
case SSL_ERROR_RX_MALFORMED_FINISHED:
|
||||
case SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER:
|
||||
case SSL_ERROR_RX_MALFORMED_ALERT:
|
||||
case SSL_ERROR_RX_MALFORMED_HANDSHAKE:
|
||||
case SSL_ERROR_RX_MALFORMED_APPLICATION_DATA:
|
||||
case SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST:
|
||||
case SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO:
|
||||
case SSL_ERROR_RX_UNEXPECTED_CERTIFICATE:
|
||||
case SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH:
|
||||
case SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST:
|
||||
case SSL_ERROR_RX_UNEXPECTED_HELLO_DONE:
|
||||
case SSL_ERROR_RX_UNEXPECTED_FINISHED:
|
||||
case SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER:
|
||||
case SSL_ERROR_RX_UNEXPECTED_ALERT:
|
||||
case SSL_ERROR_RX_UNEXPECTED_HANDSHAKE:
|
||||
case SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA:
|
||||
case SSL_ERROR_RX_UNKNOWN_RECORD_TYPE:
|
||||
case SSL_ERROR_RX_UNKNOWN_HANDSHAKE:
|
||||
case SSL_ERROR_RX_UNKNOWN_ALERT:
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadServer").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
//Alert for Malformed or unexpected data or message recieved by server
|
||||
case SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT:
|
||||
case SSL_ERROR_DECOMPRESSION_FAILURE_ALERT:
|
||||
case SSL_ERROR_HANDSHAKE_FAILURE_ALERT:
|
||||
case SSL_ERROR_ILLEGAL_PARAMETER_ALERT:
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("BadClient").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
break;
|
||||
|
||||
default:
|
||||
{
|
||||
char buf[80];
|
||||
PR_snprintf(buf, 80, "%ld", err);
|
||||
NS_ConvertASCIItoUCS2 errorCode(buf);
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLGenericError").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLGenericError").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
rv = displayAlert(formattedString, socketInfo);
|
||||
@ -987,9 +1273,9 @@ nsContinueDespiteCertError(nsNSSSocketInfo *infoObject,
|
||||
}
|
||||
break;
|
||||
default:
|
||||
displayUnknownCertErrorAlert(infoObject, error);
|
||||
rv = NS_ERROR_FAILURE;
|
||||
break;
|
||||
nsHandleSSLError(infoObject,error);
|
||||
retVal = PR_FALSE;
|
||||
|
||||
}
|
||||
if (retVal && addType != nsIBadCertListener::UNINIT_ADD_FLAG) {
|
||||
addCertToDB(peerCert, addType);
|
||||
@ -999,42 +1285,6 @@ nsContinueDespiteCertError(nsNSSSocketInfo *infoObject,
|
||||
return NS_FAILED(rv) ? PR_FALSE : retVal;
|
||||
}
|
||||
|
||||
|
||||
|
||||
nsresult
|
||||
displayUnknownCertErrorAlert(nsNSSSocketInfo *infoObject, int error)
|
||||
{
|
||||
nsresult rv;
|
||||
NS_DEFINE_CID(nssComponentCID, NS_NSSCOMPONENT_CID);
|
||||
nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(nssComponentCID, &rv));
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
nsXPIDLString formattedString;
|
||||
nsXPIDLCString hostName;
|
||||
infoObject->GetHostName(getter_Copies(hostName));
|
||||
NS_ConvertASCIItoUCS2 hostNameU(hostName);
|
||||
const PRUnichar *params[2];
|
||||
char buf[80];
|
||||
PR_snprintf(buf, 80, "%ld", error);
|
||||
NS_ConvertASCIItoUCS2 errorCode(buf);
|
||||
params[0] = hostNameU.get();
|
||||
params[1] = errorCode.get();
|
||||
|
||||
//This is not a very precise String - should add some entry like 'unknown cert
|
||||
//error code etc. ...' in the .property file. Using 'Generic ssl error for now.
|
||||
nssComponent->PIPBundleFormatStringFromName(NS_LITERAL_STRING("SSLGenericError").get(),
|
||||
params, 2,
|
||||
getter_Copies(formattedString));
|
||||
|
||||
rv = displayAlert(formattedString, infoObject);
|
||||
|
||||
//Possibly, in most of the cases, we would never not look into this return
|
||||
//value in the caller
|
||||
return rv;
|
||||
}
|
||||
|
||||
|
||||
|
||||
static SECStatus
|
||||
verifyCertAgain(CERTCertificate *cert,
|
||||
PRFileDesc *sslSocket,
|
||||
|
Loading…
Reference in New Issue
Block a user