Bug 1851294 - Add nsITLSSocketControl.asyncStartTLS r=jschanck,necko-reviewers,kershaw

valenting · valenting · commit 05684b05da02 · 2024-04-19T09:42:41.000Z
Thunderbird uses nsITLSSocketControl.startTLS to drive the XMPP connection, but since we started enforcing proper thread safety in bug 1847260, it's asserting when called on the main thread. This patch marks StartTLS and proxyStartTLS as [noscript] and adds asyncStartTLS. This new method dispatches a runnable to the socket thread to call startTLS, then resolves (or rejects with the nsresult as an arg) on the main thread. Differential Revision: https://phabricator.services.mozilla.com/D207692
diff --git a/netwerk/base/FuzzySocketControl.cpp b/netwerk/base/FuzzySocketControl.cpp
@@ -123,6 +123,12 @@ FuzzySocketControl::ProxyStartSSL() { return NS_OK; }
 NS_IMETHODIMP
 FuzzySocketControl::StartTLS() { return NS_OK; }
 
+NS_IMETHODIMP
+FuzzySocketControl::AsyncStartTLS(JSContext* aCx,
+                                  mozilla::dom::Promise** aPromise) {
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 FuzzySocketControl::SetNPNList(nsTArray<nsCString>& protocolArray) {
   return NS_OK;
diff --git a/security/manager/ssl/CommonSocketControl.cpp b/security/manager/ssl/CommonSocketControl.cpp
@@ -124,6 +124,12 @@ CommonSocketControl::ProxyStartSSL(void) { return NS_ERROR_NOT_IMPLEMENTED; }
 NS_IMETHODIMP
 CommonSocketControl::StartTLS(void) { return NS_ERROR_NOT_IMPLEMENTED; }
 
+NS_IMETHODIMP
+CommonSocketControl::AsyncStartTLS(JSContext* aCx,
+                                   mozilla::dom::Promise** aPromise) {
+  return NS_ERROR_NOT_IMPLEMENTED;
+}
+
 NS_IMETHODIMP
 CommonSocketControl::SetNPNList(nsTArray<nsCString>& aNPNList) {
   return NS_ERROR_NOT_IMPLEMENTED;
diff --git a/security/manager/ssl/NSSSocketControl.cpp b/security/manager/ssl/NSSSocketControl.cpp
@@ -11,6 +11,7 @@
 #include "nsISocketProvider.h"
 #include "secerr.h"
 #include "mozilla/Base64.h"
+#include "mozilla/dom/Promise.h"
 #include "nsNSSCallbacks.h"
 
 using namespace mozilla;
@@ -292,6 +293,53 @@ NSSSocketControl::StartTLS() {
   return ActivateSSL();
 }
 
+NS_IMETHODIMP
+NSSSocketControl::AsyncStartTLS(JSContext* aCx,
+                                mozilla::dom::Promise** aPromise) {
+  MOZ_RELEASE_ASSERT(NS_IsMainThread());
+  NS_ENSURE_ARG_POINTER(aCx);
+  NS_ENSURE_ARG_POINTER(aPromise);
+
+  nsIGlobalObject* globalObject = xpc::CurrentNativeGlobal(aCx);
+  if (!globalObject) {
+    return NS_ERROR_UNEXPECTED;
+  }
+
+  ErrorResult result;
+  RefPtr<mozilla::dom::Promise> promise =
+      mozilla::dom::Promise::Create(globalObject, result);
+  if (result.Failed()) {
+    return result.StealNSResult();
+  }
+
+  nsCOMPtr<nsIEventTarget> target(
+      do_GetService(NS_SOCKETTRANSPORTSERVICE_CONTRACTID));
+  if (!target) {
+    return NS_ERROR_UNEXPECTED;
+  }
+
+  nsCOMPtr<nsIRunnable> runnable(NS_NewRunnableFunction(
+      "AsyncStartTLS::StartTLS", [promise, self = RefPtr{this}]() {
+        nsresult rv = self->StartTLS();
+        NS_DispatchToMainThread(
+            NS_NewRunnableFunction("AsyncStartTLS::Resolve", [rv, promise]() {
+              if (NS_FAILED(rv)) {
+                promise->MaybeReject(rv);
+              } else {
+                promise->MaybeResolveWithUndefined();
+              }
+            }));
+      }));
+
+  nsresult rv = target->Dispatch(runnable, NS_DISPATCH_NORMAL);
+  if (NS_FAILED(rv)) {
+    return rv;
+  }
+
+  promise.forget(aPromise);
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 NSSSocketControl::SetNPNList(nsTArray<nsCString>& protocolArray) {
   COMMON_SOCKET_CONTROL_ASSERT_ON_OWNING_THREAD();
diff --git a/security/manager/ssl/NSSSocketControl.h b/security/manager/ssl/NSSSocketControl.h
@@ -51,6 +51,8 @@ class NSSSocketControl final : public CommonSocketControl {
   // From nsITLSSocketControl.
   NS_IMETHOD ProxyStartSSL(void) override;
   NS_IMETHOD StartTLS(void) override;
+  NS_IMETHOD AsyncStartTLS(JSContext* aCx,
+                           mozilla::dom::Promise** aPromise) override;
   NS_IMETHOD SetNPNList(nsTArray<nsCString>& aNPNList) override;
   NS_IMETHOD GetAlpnEarlySelection(nsACString& _retval) override;
   NS_IMETHOD GetEarlyDataAccepted(bool* aEarlyDataAccepted) override;
diff --git a/security/manager/ssl/nsITLSSocketControl.idl b/security/manager/ssl/nsITLSSocketControl.idl
@@ -23,8 +23,15 @@ interface nsIX509Cert;
 // thread (except for asyncGetSecurityInfo);
 [scriptable, builtinclass, uuid(418265c8-654e-4fbb-ba62-4eed27de1f03)]
 interface nsITLSSocketControl : nsISupports {
-    void proxyStartSSL();
-    void StartTLS();
+    [noscript] void proxyStartSSL();
+    [noscript] void StartTLS();
+
+    /**
+     * Calls StartTLS on the socket thread, and resolves with the nsresult
+     * return value of that call.
+     */
+    [implicit_jscontext,must_use]
+    Promise asyncStartTLS();
 
     /* NPN (Next Protocol Negotiation) is a mechanism for
        negotiating the protocol to be spoken inside the SSL
