mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-10 03:45:46 +00:00
Backed out changeset 4bae3ec53322 (bug 769288)
This commit is contained in:
parent
b1cbd89808
commit
4d7f30e2f8
@ -15,7 +15,6 @@ public:
|
||||
: mCondition(NS_OK)
|
||||
, mPollFlags(0)
|
||||
, mPollTimeout(UINT16_MAX)
|
||||
, mIsPrivate(false)
|
||||
{}
|
||||
|
||||
//
|
||||
@ -43,8 +42,6 @@ public:
|
||||
//
|
||||
uint16_t mPollTimeout;
|
||||
|
||||
bool mIsPrivate;
|
||||
|
||||
//
|
||||
// called to service a socket
|
||||
//
|
||||
|
@ -2206,7 +2206,6 @@ NS_IMETHODIMP
|
||||
nsSocketTransport::SetConnectionFlags(uint32_t value)
|
||||
{
|
||||
mConnectionFlags = value;
|
||||
mIsPrivate = value & nsISocketTransport::NO_PERMANENT_STORAGE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
@ -23,7 +23,15 @@
|
||||
#include "mozilla/Services.h"
|
||||
#include "mozilla/Preferences.h"
|
||||
#include "mozilla/Likely.h"
|
||||
#include "mozilla/PublicSSL.h"
|
||||
|
||||
|
||||
// XXX: There is no good header file to put these in. :(
|
||||
namespace mozilla { namespace psm {
|
||||
|
||||
void InitializeSSLServerCertVerificationThreads();
|
||||
void StopSSLServerCertVerificationThreads();
|
||||
|
||||
} } // namespace mozilla::psm
|
||||
|
||||
using namespace mozilla;
|
||||
|
||||
@ -461,7 +469,6 @@ nsSocketTransportService::Init()
|
||||
nsCOMPtr<nsIObserverService> obsSvc = services::GetObserverService();
|
||||
if (obsSvc) {
|
||||
obsSvc->AddObserver(this, "profile-initial-state", false);
|
||||
obsSvc->AddObserver(this, "last-pb-context-exited", false);
|
||||
}
|
||||
|
||||
mInitialized = true;
|
||||
@ -509,7 +516,6 @@ nsSocketTransportService::Shutdown()
|
||||
nsCOMPtr<nsIObserverService> obsSvc = services::GetObserverService();
|
||||
if (obsSvc) {
|
||||
obsSvc->RemoveObserver(this, "profile-initial-state");
|
||||
obsSvc->RemoveObserver(this, "last-pb-context-exited");
|
||||
}
|
||||
|
||||
mozilla::net::NetworkActivityMonitor::Shutdown();
|
||||
@ -877,35 +883,9 @@ nsSocketTransportService::Observe(nsISupports *subject,
|
||||
|
||||
return net::NetworkActivityMonitor::Init(blipInterval);
|
||||
}
|
||||
|
||||
if (!strcmp(topic, "last-pb-context-exited")) {
|
||||
nsCOMPtr<nsIRunnable> ev =
|
||||
NS_NewRunnableMethod(this,
|
||||
&nsSocketTransportService::ClosePrivateConnections);
|
||||
nsresult rv = Dispatch(ev, nsIEventTarget::DISPATCH_NORMAL);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
void
|
||||
nsSocketTransportService::ClosePrivateConnections()
|
||||
{
|
||||
for (int32_t i = mActiveCount - 1; i >= 0; --i) {
|
||||
if (mActiveList[i].mHandler->mIsPrivate) {
|
||||
DetachSocket(mActiveList, &mActiveList[i]);
|
||||
}
|
||||
}
|
||||
for (int32_t i = mIdleCount - 1; i >= 0; --i) {
|
||||
if (mIdleList[i].mHandler->mIsPrivate) {
|
||||
DetachSocket(mIdleList, &mIdleList[i]);
|
||||
}
|
||||
}
|
||||
|
||||
mozilla::ClearPrivateSSLState();
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsSocketTransportService::GetSendBufferSize(int32_t *value)
|
||||
{
|
||||
|
@ -183,8 +183,6 @@ private:
|
||||
void ProbeMaxCount();
|
||||
#endif
|
||||
bool mProbedMaxCount;
|
||||
|
||||
void ClosePrivateConnections();
|
||||
};
|
||||
|
||||
extern nsSocketTransportService *gSocketTransportService;
|
||||
|
@ -98,11 +98,5 @@ EXPORTS += \
|
||||
ScopedNSSTypes.h \
|
||||
$(NULL)
|
||||
|
||||
EXPORTS_NAMESPACES = mozilla
|
||||
|
||||
EXPORTS_mozilla += \
|
||||
PublicSSL.h \
|
||||
$(NULL)
|
||||
|
||||
include $(topsrcdir)/config/rules.mk
|
||||
|
||||
|
@ -1,23 +0,0 @@
|
||||
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
/* vim: set ts=2 et sw=2 tw=80: */
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#ifndef mozilla_SSL_h
|
||||
#define mozilla_SSL_h
|
||||
|
||||
namespace mozilla {
|
||||
|
||||
void ClearPrivateSSLState();
|
||||
|
||||
namespace psm {
|
||||
|
||||
void InitializeSSLServerCertVerificationThreads();
|
||||
void StopSSLServerCertVerificationThreads();
|
||||
|
||||
} //namespace psm
|
||||
} // namespace mozilla
|
||||
|
||||
#endif
|
||||
|
@ -12,50 +12,8 @@
|
||||
#include "mozilla/Services.h"
|
||||
#include "nsThreadUtils.h"
|
||||
#include "nsCRT.h"
|
||||
#include "nsServiceManagerUtils.h"
|
||||
#include "nsRecentBadCerts.h"
|
||||
#include "PSMRunnable.h"
|
||||
#include "PublicSSL.h"
|
||||
#include "ssl.h"
|
||||
|
||||
using mozilla::psm::SyncRunnableBase;
|
||||
|
||||
namespace {
|
||||
|
||||
class CertOverrideClearer : public SyncRunnableBase
|
||||
{
|
||||
public:
|
||||
void RunOnTargetThread() {
|
||||
nsCOMPtr<nsICertOverrideService> icos = do_GetService(NS_CERTOVERRIDE_CONTRACTID);
|
||||
if (icos) {
|
||||
icos->ClearValidityOverride(
|
||||
NS_LITERAL_CSTRING("all:temporary-certificates"),
|
||||
0);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
} // anonymous namespace
|
||||
|
||||
namespace mozilla {
|
||||
|
||||
void ClearPrivateSSLState()
|
||||
{
|
||||
SSL_ClearSessionCache();
|
||||
|
||||
nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
|
||||
if (certdb) {
|
||||
nsCOMPtr<nsIRecentBadCerts> badCerts;
|
||||
certdb->GetRecentBadCerts(true, getter_AddRefs(badCerts));
|
||||
if (badCerts) {
|
||||
badCerts->ResetStoredCerts();
|
||||
}
|
||||
}
|
||||
|
||||
RefPtr<CertOverrideClearer> runnable = new CertOverrideClearer;
|
||||
runnable->DispatchToMainThreadAndWait();
|
||||
}
|
||||
|
||||
namespace psm {
|
||||
|
||||
namespace {
|
||||
|
@ -11,6 +11,8 @@
|
||||
#include "nsNSSIOLayer.h"
|
||||
|
||||
class nsClientAuthRememberService;
|
||||
class nsIRecentBadCertsService;
|
||||
class nsICertOverrideService;
|
||||
class nsIObserver;
|
||||
|
||||
namespace mozilla {
|
||||
|
@ -124,6 +124,7 @@ nsCertOverrideService::Init()
|
||||
if (observerService) {
|
||||
observerService->AddObserver(this, "profile-before-change", true);
|
||||
observerService->AddObserver(this, "profile-do-change", true);
|
||||
observerService->AddObserver(this, "last-pb-context-exited", true);
|
||||
// simulate a profile change so we read the current profile's settings file
|
||||
Observe(nullptr, "profile-do-change", nullptr);
|
||||
}
|
||||
@ -168,6 +169,10 @@ nsCertOverrideService::Observe(nsISupports *,
|
||||
}
|
||||
Read();
|
||||
|
||||
} else if (!nsCRT::strcmp(aTopic, "last-pb-context-exited")) {
|
||||
ClearValidityOverride(
|
||||
NS_LITERAL_CSTRING("all:temporary-certificates"),
|
||||
0);
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
|
@ -56,7 +56,6 @@ static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
|
||||
NS_IMPL_THREADSAFE_ISUPPORTS2(nsNSSCertificateDB, nsIX509CertDB, nsIX509CertDB2)
|
||||
|
||||
nsNSSCertificateDB::nsNSSCertificateDB()
|
||||
: mBadCertsLock("nsNSSCertificateDB::mBadCertsLock")
|
||||
{
|
||||
}
|
||||
|
||||
@ -1651,10 +1650,11 @@ nsNSSCertificateDB::GetCerts(nsIX509CertList **_retval)
|
||||
NS_IMETHODIMP
|
||||
nsNSSCertificateDB::GetRecentBadCerts(bool isPrivate, nsIRecentBadCerts** result)
|
||||
{
|
||||
MutexAutoLock lock(mBadCertsLock);
|
||||
MOZ_ASSERT(NS_IsMainThread(), "RecentBadCerts should only be obtained on the main thread");
|
||||
if (isPrivate) {
|
||||
if (!mPrivateRecentBadCerts) {
|
||||
mPrivateRecentBadCerts = new nsRecentBadCerts;
|
||||
mPrivateRecentBadCerts->InitPrivateBrowsingObserver();
|
||||
}
|
||||
NS_ADDREF(*result = mPrivateRecentBadCerts);
|
||||
} else {
|
||||
|
@ -8,7 +8,6 @@
|
||||
#include "nsIX509CertDB.h"
|
||||
#include "nsIX509CertDB2.h"
|
||||
#include "mozilla/RefPtr.h"
|
||||
#include "mozilla/Mutex.h"
|
||||
#include "certt.h"
|
||||
|
||||
class nsCString;
|
||||
@ -17,7 +16,6 @@ class nsRecentBadCerts;
|
||||
|
||||
class nsNSSCertificateDB : public nsIX509CertDB, public nsIX509CertDB2
|
||||
{
|
||||
typedef mozilla::Mutex Mutex;
|
||||
public:
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSIX509CERTDB
|
||||
@ -53,7 +51,6 @@ private:
|
||||
nsresult handleCACertDownload(nsIArray *x509Certs,
|
||||
nsIInterfaceRequestor *ctx);
|
||||
|
||||
Mutex mBadCertsLock;
|
||||
mozilla::RefPtr<nsRecentBadCerts> mPublicRecentBadCerts;
|
||||
mozilla::RefPtr<nsRecentBadCerts> mPrivateRecentBadCerts;
|
||||
};
|
||||
|
@ -2138,6 +2138,7 @@ nsNSSComponent::RandomUpdate(void *entropy, int32_t bufLen)
|
||||
#define PROFILE_CHANGE_TEARDOWN_VETO_TOPIC "profile-change-teardown-veto"
|
||||
#define PROFILE_BEFORE_CHANGE_TOPIC "profile-before-change"
|
||||
#define PROFILE_DO_CHANGE_TOPIC "profile-do-change"
|
||||
#define LEAVE_PRIVATE_BROWSING_TOPIC "last-pb-context-exited"
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic,
|
||||
@ -2285,6 +2286,9 @@ nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic,
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("receiving network restore topic\n"));
|
||||
DoProfileChangeNetRestore();
|
||||
}
|
||||
else if (nsCRT::strcmp(aTopic, LEAVE_PRIVATE_BROWSING_TOPIC) == 0) {
|
||||
SSL_ClearSessionCache();
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
@ -2384,6 +2388,7 @@ nsNSSComponent::RegisterObservers()
|
||||
observerService->AddObserver(this, PROFILE_DO_CHANGE_TOPIC, false);
|
||||
observerService->AddObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC, false);
|
||||
observerService->AddObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC, false);
|
||||
observerService->AddObserver(this, LEAVE_PRIVATE_BROWSING_TOPIC, false);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
@ -2409,6 +2414,7 @@ nsNSSComponent::DeregisterObservers()
|
||||
observerService->RemoveObserver(this, PROFILE_DO_CHANGE_TOPIC);
|
||||
observerService->RemoveObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC);
|
||||
observerService->RemoveObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC);
|
||||
observerService->RemoveObserver(this, LEAVE_PRIVATE_BROWSING_TOPIC);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -22,8 +22,9 @@
|
||||
|
||||
using namespace mozilla;
|
||||
|
||||
NS_IMPL_THREADSAFE_ISUPPORTS1(nsRecentBadCerts,
|
||||
nsIRecentBadCerts)
|
||||
NS_IMPL_THREADSAFE_ISUPPORTS2(nsRecentBadCerts,
|
||||
nsIRecentBadCerts,
|
||||
nsIObserver)
|
||||
|
||||
nsRecentBadCerts::nsRecentBadCerts()
|
||||
:monitor("nsRecentBadCerts.monitor")
|
||||
@ -35,6 +36,24 @@ nsRecentBadCerts::~nsRecentBadCerts()
|
||||
{
|
||||
}
|
||||
|
||||
void
|
||||
nsRecentBadCerts::InitPrivateBrowsingObserver()
|
||||
{
|
||||
nsCOMPtr<nsIObserverService> obsSvc = mozilla::services::GetObserverService();
|
||||
obsSvc->AddObserver(this, "last-pb-context-exited", false);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsRecentBadCerts::Observe(nsISupports *aSubject,
|
||||
const char *aTopic,
|
||||
const PRUnichar *aData)
|
||||
{
|
||||
if (!nsCRT::strcmp(aTopic, "last-pb-context-exited")) {
|
||||
ResetStoredCerts();
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsRecentBadCerts::GetRecentBadCert(const nsAString & aHostNameWithPort,
|
||||
nsISSLStatus **aStatus)
|
||||
|
@ -11,6 +11,7 @@
|
||||
#include "mozilla/ReentrantMonitor.h"
|
||||
|
||||
#include "nsIRecentBadCertsService.h"
|
||||
#include "nsIObserver.h"
|
||||
#include "nsTHashtable.h"
|
||||
#include "nsString.h"
|
||||
#include "cert.h"
|
||||
@ -55,14 +56,18 @@ private:
|
||||
};
|
||||
|
||||
class nsRecentBadCerts MOZ_FINAL : public nsIRecentBadCerts
|
||||
, public nsIObserver
|
||||
{
|
||||
public:
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSIRECENTBADCERTS
|
||||
NS_DECL_NSIOBSERVER
|
||||
|
||||
nsRecentBadCerts();
|
||||
~nsRecentBadCerts();
|
||||
|
||||
void InitPrivateBrowsingObserver();
|
||||
|
||||
protected:
|
||||
mozilla::ReentrantMonitor monitor;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user