mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-07 12:15:51 +00:00
52 lines
1.5 KiB
JavaScript
52 lines
1.5 KiB
JavaScript
|
|
// Support for making sure we can talk to the invalid cert the server presents
|
|
var CertOverrideListener = function(host, port, bits) {
|
|
this.host = host;
|
|
this.port = port || 443;
|
|
this.bits = bits;
|
|
};
|
|
|
|
CertOverrideListener.prototype = {
|
|
host: null,
|
|
bits: null,
|
|
|
|
getInterface: function(aIID) {
|
|
return this.QueryInterface(aIID);
|
|
},
|
|
|
|
QueryInterface: function(aIID) {
|
|
if (aIID.equals(Ci.nsIBadCertListener2) ||
|
|
aIID.equals(Ci.nsIInterfaceRequestor) ||
|
|
aIID.equals(Ci.nsISupports))
|
|
return this;
|
|
throw Components.results.NS_ERROR_NO_INTERFACE;
|
|
},
|
|
|
|
notifyCertProblem: function(socketInfo, sslStatus, targetHost) {
|
|
var cert = sslStatus.QueryInterface(Ci.nsISSLStatus).serverCert;
|
|
var cos = Cc["@mozilla.org/security/certoverride;1"].
|
|
getService(Ci.nsICertOverrideService);
|
|
cos.rememberValidityOverride(this.host, this.port, cert, this.bits, false);
|
|
dump("Certificate Override in place\n");
|
|
return true;
|
|
},
|
|
};
|
|
|
|
function addCertOverride(host, port, bits) {
|
|
var req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
|
|
.createInstance(Ci.nsIXMLHttpRequest);
|
|
try {
|
|
var url;
|
|
if (port && (port > 0) && (port !== 443)) {
|
|
url = "https://" + host + ":" + port + "/";
|
|
} else {
|
|
url = "https://" + host + "/";
|
|
}
|
|
req.open("GET", url, false);
|
|
req.channel.notificationCallbacks = new CertOverrideListener(host, port, bits);
|
|
req.send(null);
|
|
} catch (e) {
|
|
// This will fail since the server is not trusted yet
|
|
}
|
|
}
|