Struct xpcom::interfaces::nsICertOverrideService [] [src]

#[repr(C)]

pub struct nsICertOverrideService { /* fields omitted */ }

interface nsICertOverrideService : nsISupports

/**
 * This represents the global list of triples
 *   {host:port, cert-fingerprint, allowed-overrides}
 * that the user wants to accept without further warnings.
 */

Methods

impl nsICertOverrideService
[src]

[src]

Cast this nsICertOverrideService to one of its base interfaces.

impl nsICertOverrideService
[src]

ERROR_UNTRUSTED: i64 = 1
/**
   *  Override Untrusted
   */


ERROR_MISMATCH: i64 = 2
/**
   *  Override hostname Mismatch
   */


ERROR_TIME: i64 = 4
/**
   *  Override Time error
   */

[src]

/**
   *  The given cert should always be accepted for the given hostname:port,
   *  regardless of errors verifying the cert.
   *  Host:Port is a primary key, only one entry per host:port can exist.
   *  The implementation will store a fingerprint of the cert.
   *  The implementation will decide which fingerprint alg is used.
   *
   *  Each override is specific to exactly the errors overridden, so
   *  overriding everything won't match certs at the given host:port
   *  which only exhibit some subset of errors.
   *
   *  @param aHostName The host (punycode) this mapping belongs to
   *  @param aPort The port this mapping belongs to, if it is -1 then it
   *          is internaly treated as 443
   *  @param aCert The cert that should always be accepted
   *  @param aOverrideBits The precise set of errors we want to be overriden
   */

[must_use] void rememberValidityOverride (in ACString aHostName, in int32_t aPort, in nsIX509Cert aCert, in uint32_t aOverrideBits, in boolean aTemporary);

[src]

/**
   *  Certs with the given fingerprint should always be accepted for the
   *  given hostname:port, regardless of errors verifying the cert.
   *  Host:Port is a primary key, only one entry per host:port can exist.
   *  The fingerprint should be an SHA-256 hash of the certificate.
   *
   *  @param aHostName The host (punycode) this mapping belongs to
   *  @param aPort The port this mapping belongs to, if it is -1 then it
   *          is internaly treated as 443
   *  @param aCertFingerprint The cert fingerprint that should be accepted, in
   *          the format 'AA:BB:...' (colon-separated upper-case hex bytes).
   *  @param aOverrideBits The errors we want to be overriden
   */

[must_use] void rememberTemporaryValidityOverrideUsingFingerprint (in ACString aHostName, in int32_t aPort, in ACString aCertFingerprint, in uint32_t aOverrideBits);

[src]

/**
   *  Return whether this host, port, cert triple has a stored override.
   *  If so, the outparams will contain the specific errors that were
   *  overridden, and whether the override is permanent, or only for the current
   *  session.
   *
   *  @param aHostName The host (punycode) this mapping belongs to
   *  @param aPort The port this mapping belongs to, if it is -1 then it
   *         is internally treated as 443
   *  @param aCert The certificate this mapping belongs to
   *  @param aOverrideBits The errors that are currently overridden
   *  @param aIsTemporary Whether the stored override is session-only,
   *         or permanent
   *  @return Whether an override has been stored for this host+port+cert
   */

[must_use] boolean hasMatchingOverride (in ACString aHostName, in int32_t aPort, in nsIX509Cert aCert, out uint32_t aOverrideBits, out boolean aIsTemporary);

[src]

/**
   *  Retrieve the stored override for the given hostname:port.
   *
   *  @param aHostName The host (punycode) whose entry should be tested
   *  @param aPort The port whose entry should be tested, if it is -1 then it
   *          is internaly treated as 443
   *  @param aHashAlg On return value True, the fingerprint hash algorithm
   *                  as an OID value in dotted notation.
   *  @param aFingerprint On return value True, the stored fingerprint
   *  @param aOverrideBits The errors that are currently overriden
   *  @return whether a matching override entry for aHostNameWithPort
   *          and aFingerprint is currently on file
   */

[must_use] boolean getValidityOverride (in ACString aHostName, in int32_t aPort, out ACString aHashAlg, out ACString aFingerprint, out uint32_t aOverrideBits, out boolean aIsTemporary);

[src]

/**
   *  Remove a override for the given hostname:port.
   *
   *  @param aHostName The host (punycode) whose entry should be cleared.
   *  @param aPort The port whose entry should be cleared.
   *               If it is -1, then it is internaly treated as 443.
   *               If it is 0 and aHostName is "all:temporary-certificates",
   *               then all temporary certificates should be cleared.
   */

void clearValidityOverride (in ACString aHostName, in int32_t aPort);

[src]

/**
   *  Is the given cert used in rules?
   *
   *  @param aCert The cert we're looking for
   *  @return how many override entries are currently on file
   *          for the given certificate
   */

[must_use] uint32_t isCertUsedForOverrides (in nsIX509Cert aCert, in boolean aCheckTemporaries, in boolean aCheckPermanents);

Methods from Deref<Target = nsISupports>

[src]

Cast this nsISupports to one of its base interfaces.

[src]

void QueryInterface (in nsIIDRef uuid, [iid_is (uuid), retval] out nsQIResult result);

[src]

[noscript,notxpcom] nsrefcnt AddRef ();

[src]

[noscript,notxpcom] nsrefcnt Release ();

Trait Implementations

impl XpCom for nsICertOverrideService
[src]

IID: nsIID = nsID(3187777095, 8956, 17237, [159, 22, 154, 176, 71, 214, 116, 45])

[src]

Perform a QueryInterface call on this object, attempting to dynamically cast it to the requested interface type. Returns Some(RefPtr) if the cast succeeded, and None otherwise. Read more

impl RefCounted for nsICertOverrideService
[src]

[src]

Increment the reference count.

[src]

Decrement the reference count, potentially freeing backing memory.

impl Deref for nsICertOverrideService
[src]

The resulting type after dereferencing.

[src]

Dereferences the value.