Package org.mozilla.jss.nss
Class BadCertHandler
- java.lang.Object
-
- org.mozilla.jss.nss.BadCertHandler
-
- All Implemented Interfaces:
java.lang.Runnable
public abstract class BadCertHandler extends java.lang.Object implements java.lang.Runnable
BadAuthHandler interface enables arbitrary certificate authentication from a NSS cert auth hook. Notably, the return code from check should be a PRErrorCode, else 0. This will be used by NSS to determine the alert to send when closing the connection (in the event of an error). The concern here is that, when this is invoked synchronously, we're called from NSS as called by Java. Certain operations may or may not succeed or work as expected (such as raising an exception, acquiring locks already held, etc.).
-
-
Field Summary
Fields Modifier and Type Field Description int
error
When invoked via run(), the error code to pass to the check operation.boolean
finished
Whether or not the check operation has been executed yet, when invoked via run().int
result
When invoked via run(), the result of the check operation.
-
Constructor Summary
Constructors Constructor Description BadCertHandler(SSLFDProxy fd, int error)
Constructor to store SSLFDProxy, error information.
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract int
check(SSLFDProxy fd, int error)
Returns the PRErrorCode the error validating certificate auth, else 0.void
run()
-
-
-
Field Detail
-
error
public int error
When invoked via run(), the error code to pass to the check operation.
-
result
public int result
When invoked via run(), the result of the check operation.
-
finished
public boolean finished
Whether or not the check operation has been executed yet, when invoked via run().
-
-
Constructor Detail
-
BadCertHandler
public BadCertHandler(SSLFDProxy fd, int error)
Constructor to store SSLFDProxy, error information. This is useful for implementations which expect to be used via the Runnable interface, instead of called via the synchronous certificate authentication hook in NSS.
-
-
Method Detail
-
check
public abstract int check(SSLFDProxy fd, int error)
Returns the PRErrorCode the error validating certificate auth, else 0. Note that it is up to the implementer to fetch the certificates (via SSL.PeerCertificateChain(ssl_fd)) and validate them properly. Note that returning 0 here means SECis returned
-
run
public void run()
- Specified by:
run
in interfacejava.lang.Runnable
-
-