Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-04 04:58:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 762301, Don't retry after TLS-intolerance if TLS is the only enabled protocol, r=honzab

Browse Source
This commit is contained in:
Kai Engert 2012-06-13 13:39:23 +02:00
parent b25c366a91
commit 14673863b8
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
security/manager/ssl/src/nsNSSIOLayer.cpp
View File

@ -611,7 +611,9 @@ nsSSLIOLayerHelpers::getSiteKey(nsNSSSocketInfo *socketInfo, nsCSubstring &key)
}
// Call this function to report a site that is possibly TLS intolerant.
// This function will return true, if the given socket is currently using TLS.
// This function will return true, if the given socket is currently using TLS,
// and it's allowed to retry. Retrying only makes sense if an older
// protocol is enabled.
bool
nsSSLIOLayerHelpers::rememberPossibleTLSProblemSite(nsNSSSocketInfo *socketInfo)
{
@ -631,6 +633,9 @@ nsSSLIOLayerHelpers::rememberPossibleTLSProblemSite(nsNSSSocketInfo *socketInfo)
// Add this site to the list of TLS intolerant sites.
addIntolerantSite(key);
}
else {
return false; // doesn't make sense to retry
}
return socketInfo->IsTLSEnabled();
}