Backed out changeset 4bae3ec53322 (bug 769288)

2024-10-10 03:45:46 +00:00 · 2012-12-08 00:21:51 -05:00 · 2012-12-08 00:21:51 -05:00 · 4d7f30e2f8
commit 4d7f30e2f8
parent b1cbd89808
14 changed files with 50 additions and 113 deletions
--- a/netwerk/base/public/nsASocketHandler.h
+++ b/netwerk/base/public/nsASocketHandler.h
@ -15,7 +15,6 @@ public:
        : mCondition(NS_OK)
        , mPollFlags(0)
        , mPollTimeout(UINT16_MAX)
-        , mIsPrivate(false)
        {}

    //
@ -43,8 +42,6 @@ public:
    //
    uint16_t mPollTimeout;

-    bool mIsPrivate;
-
    //
    // called to service a socket
    // 
--- a/netwerk/base/src/nsSocketTransport2.cpp
+++ b/netwerk/base/src/nsSocketTransport2.cpp
@ -2206,7 +2206,6 @@ NS_IMETHODIMP
 nsSocketTransport::SetConnectionFlags(uint32_t value)
 {
    mConnectionFlags = value;
-    mIsPrivate = value & nsISocketTransport::NO_PERMANENT_STORAGE;
    return NS_OK;
 }

--- a/netwerk/base/src/nsSocketTransportService2.cpp
+++ b/netwerk/base/src/nsSocketTransportService2.cpp
@ -23,7 +23,15 @@
 #include "mozilla/Services.h"
 #include "mozilla/Preferences.h"
 #include "mozilla/Likely.h"
-#include "mozilla/PublicSSL.h"
+
+
+// XXX: There is no good header file to put these in. :(
+namespace mozilla { namespace psm {
+
+void InitializeSSLServerCertVerificationThreads();
+void StopSSLServerCertVerificationThreads();
+
+} } // namespace mozilla::psm

 using namespace mozilla;

@ -461,7 +469,6 @@ nsSocketTransportService::Init()
    nsCOMPtr<nsIObserverService> obsSvc = services::GetObserverService();
    if (obsSvc) {
        obsSvc->AddObserver(this, "profile-initial-state", false);
-        obsSvc->AddObserver(this, "last-pb-context-exited", false);
    }

    mInitialized = true;
@ -509,7 +516,6 @@ nsSocketTransportService::Shutdown()
    nsCOMPtr<nsIObserverService> obsSvc = services::GetObserverService();
    if (obsSvc) {
        obsSvc->RemoveObserver(this, "profile-initial-state");
-        obsSvc->RemoveObserver(this, "last-pb-context-exited");
    }

    mozilla::net::NetworkActivityMonitor::Shutdown();
@ -877,35 +883,9 @@ nsSocketTransportService::Observe(nsISupports *subject,

        return net::NetworkActivityMonitor::Init(blipInterval);
    }
-
-    if (!strcmp(topic, "last-pb-context-exited")) {
-        nsCOMPtr<nsIRunnable> ev =
-          NS_NewRunnableMethod(this,
-                               &nsSocketTransportService::ClosePrivateConnections);
-        nsresult rv = Dispatch(ev, nsIEventTarget::DISPATCH_NORMAL);
-        NS_ENSURE_SUCCESS(rv, rv);
-    }
-
    return NS_OK;
 }

-void
-nsSocketTransportService::ClosePrivateConnections()
-{
-    for (int32_t i = mActiveCount - 1; i >= 0; --i) {
-        if (mActiveList[i].mHandler->mIsPrivate) {
-            DetachSocket(mActiveList, &mActiveList[i]);
-        }
-    }
-    for (int32_t i = mIdleCount - 1; i >= 0; --i) {
-        if (mIdleList[i].mHandler->mIsPrivate) {
-            DetachSocket(mIdleList, &mIdleList[i]);
-        }
-    }
-
-    mozilla::ClearPrivateSSLState();
-}
-
 NS_IMETHODIMP
 nsSocketTransportService::GetSendBufferSize(int32_t *value)
 {
--- a/netwerk/base/src/nsSocketTransportService2.h
+++ b/netwerk/base/src/nsSocketTransportService2.h
@ -183,8 +183,6 @@ private:
    void ProbeMaxCount();
 #endif
    bool mProbedMaxCount;
-
-    void ClosePrivateConnections();
 };

 extern nsSocketTransportService *gSocketTransportService;
--- a/security/manager/ssl/src/Makefile.in
+++ b/security/manager/ssl/src/Makefile.in
@ -98,11 +98,5 @@ EXPORTS += \
  ScopedNSSTypes.h \
  $(NULL)

-EXPORTS_NAMESPACES = mozilla
-
-EXPORTS_mozilla += \
-  PublicSSL.h \
-  $(NULL)
-
 include $(topsrcdir)/config/rules.mk

--- a/security/manager/ssl/src/PublicSSL.h
+++ b/security/manager/ssl/src/PublicSSL.h
@ -1,23 +0,0 @@
-/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef mozilla_SSL_h
-#define mozilla_SSL_h
-
-namespace mozilla {
-
-void ClearPrivateSSLState();
-
-namespace psm {
-
-void InitializeSSLServerCertVerificationThreads();
-void StopSSLServerCertVerificationThreads();
-
-} //namespace psm
-} // namespace mozilla
-
-#endif
-
--- a/security/manager/ssl/src/SharedSSLState.cpp
+++ b/security/manager/ssl/src/SharedSSLState.cpp
@ -12,50 +12,8 @@
 #include "mozilla/Services.h"
 #include "nsThreadUtils.h"
 #include "nsCRT.h"
-#include "nsServiceManagerUtils.h"
-#include "nsRecentBadCerts.h"
-#include "PSMRunnable.h"
-#include "PublicSSL.h"
-#include "ssl.h"
-
-using mozilla::psm::SyncRunnableBase;
-
-namespace {
-
-class CertOverrideClearer : public SyncRunnableBase
-{
-public:
-  void RunOnTargetThread() {
-    nsCOMPtr<nsICertOverrideService> icos = do_GetService(NS_CERTOVERRIDE_CONTRACTID);
-    if (icos) {
-      icos->ClearValidityOverride(
-        NS_LITERAL_CSTRING("all:temporary-certificates"),
-        0);
-    }
-  }
-};
-
-} // anonymous namespace

 namespace mozilla {
-
-void ClearPrivateSSLState()
-{
-  SSL_ClearSessionCache();
-
-  nsCOMPtr<nsIX509CertDB> certdb = do_GetService(NS_X509CERTDB_CONTRACTID);
-  if (certdb) {
-    nsCOMPtr<nsIRecentBadCerts> badCerts;
-    certdb->GetRecentBadCerts(true, getter_AddRefs(badCerts));
-    if (badCerts) {
-      badCerts->ResetStoredCerts();
-    }
-  }
-
-  RefPtr<CertOverrideClearer> runnable = new CertOverrideClearer;
-  runnable->DispatchToMainThreadAndWait();
-}
-
 namespace psm {

 namespace {
--- a/security/manager/ssl/src/SharedSSLState.h
+++ b/security/manager/ssl/src/SharedSSLState.h
@ -11,6 +11,8 @@
 #include "nsNSSIOLayer.h"

 class nsClientAuthRememberService;
+class nsIRecentBadCertsService;
+class nsICertOverrideService;
 class nsIObserver;

 namespace mozilla {
--- a/security/manager/ssl/src/nsCertOverrideService.cpp
+++ b/security/manager/ssl/src/nsCertOverrideService.cpp
@ -124,6 +124,7 @@ nsCertOverrideService::Init()
  if (observerService) {
    observerService->AddObserver(this, "profile-before-change", true);
    observerService->AddObserver(this, "profile-do-change", true);
+    observerService->AddObserver(this, "last-pb-context-exited", true);
    // simulate a profile change so we read the current profile's settings file
    Observe(nullptr, "profile-do-change", nullptr);
  }
@ -168,6 +169,10 @@ nsCertOverrideService::Observe(nsISupports     *,
    }
    Read();

+  } else if (!nsCRT::strcmp(aTopic, "last-pb-context-exited")) {
+    ClearValidityOverride(
+        NS_LITERAL_CSTRING("all:temporary-certificates"),
+        0);
  }

  return NS_OK;
--- a/security/manager/ssl/src/nsNSSCertificateDB.cpp
+++ b/security/manager/ssl/src/nsNSSCertificateDB.cpp
@ -56,7 +56,6 @@ static NS_DEFINE_CID(kNSSComponentCID, NS_NSSCOMPONENT_CID);
 NS_IMPL_THREADSAFE_ISUPPORTS2(nsNSSCertificateDB, nsIX509CertDB, nsIX509CertDB2)

 nsNSSCertificateDB::nsNSSCertificateDB()
-: mBadCertsLock("nsNSSCertificateDB::mBadCertsLock")
 {
 }

@ -1651,10 +1650,11 @@ nsNSSCertificateDB::GetCerts(nsIX509CertList **_retval)
 NS_IMETHODIMP
 nsNSSCertificateDB::GetRecentBadCerts(bool isPrivate, nsIRecentBadCerts** result)
 {
-  MutexAutoLock lock(mBadCertsLock);
+  MOZ_ASSERT(NS_IsMainThread(), "RecentBadCerts should only be obtained on the main thread");
  if (isPrivate) {
    if (!mPrivateRecentBadCerts) {
      mPrivateRecentBadCerts = new nsRecentBadCerts;
+      mPrivateRecentBadCerts->InitPrivateBrowsingObserver();
    }
    NS_ADDREF(*result = mPrivateRecentBadCerts);
  } else {
--- a/security/manager/ssl/src/nsNSSCertificateDB.h
+++ b/security/manager/ssl/src/nsNSSCertificateDB.h
@ -8,7 +8,6 @@
 #include "nsIX509CertDB.h"
 #include "nsIX509CertDB2.h"
 #include "mozilla/RefPtr.h"
-#include "mozilla/Mutex.h"
 #include "certt.h"

 class nsCString;
@ -17,7 +16,6 @@ class nsRecentBadCerts;

 class nsNSSCertificateDB : public nsIX509CertDB, public nsIX509CertDB2
 {
-  typedef mozilla::Mutex Mutex;
 public:
  NS_DECL_ISUPPORTS
  NS_DECL_NSIX509CERTDB
@ -53,7 +51,6 @@ private:
  nsresult handleCACertDownload(nsIArray *x509Certs, 
                                nsIInterfaceRequestor *ctx);

-  Mutex mBadCertsLock;
  mozilla::RefPtr<nsRecentBadCerts> mPublicRecentBadCerts;
  mozilla::RefPtr<nsRecentBadCerts> mPrivateRecentBadCerts;
 };
--- a/security/manager/ssl/src/nsNSSComponent.cpp
+++ b/security/manager/ssl/src/nsNSSComponent.cpp
@ -2138,6 +2138,7 @@ nsNSSComponent::RandomUpdate(void *entropy, int32_t bufLen)
 #define PROFILE_CHANGE_TEARDOWN_VETO_TOPIC "profile-change-teardown-veto"
 #define PROFILE_BEFORE_CHANGE_TOPIC "profile-before-change"
 #define PROFILE_DO_CHANGE_TOPIC "profile-do-change"
+#define LEAVE_PRIVATE_BROWSING_TOPIC "last-pb-context-exited"

 NS_IMETHODIMP
 nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic, 
@ -2285,6 +2286,9 @@ nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic,
    PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("receiving network restore topic\n"));
    DoProfileChangeNetRestore();
  }
+  else if (nsCRT::strcmp(aTopic, LEAVE_PRIVATE_BROWSING_TOPIC) == 0) {
+    SSL_ClearSessionCache();
+  }

  return NS_OK;
 }
@ -2384,6 +2388,7 @@ nsNSSComponent::RegisterObservers()
    observerService->AddObserver(this, PROFILE_DO_CHANGE_TOPIC, false);
    observerService->AddObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC, false);
    observerService->AddObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC, false);
+    observerService->AddObserver(this, LEAVE_PRIVATE_BROWSING_TOPIC, false);
  }
  return NS_OK;
 }
@ -2409,6 +2414,7 @@ nsNSSComponent::DeregisterObservers()
    observerService->RemoveObserver(this, PROFILE_DO_CHANGE_TOPIC);
    observerService->RemoveObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC);
    observerService->RemoveObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC);
+    observerService->RemoveObserver(this, LEAVE_PRIVATE_BROWSING_TOPIC);
  }
  return NS_OK;
 }
--- a/security/manager/ssl/src/nsRecentBadCerts.cpp
+++ b/security/manager/ssl/src/nsRecentBadCerts.cpp
@ -22,8 +22,9 @@

 using namespace mozilla;

-NS_IMPL_THREADSAFE_ISUPPORTS1(nsRecentBadCerts,
-                              nsIRecentBadCerts)
+NS_IMPL_THREADSAFE_ISUPPORTS2(nsRecentBadCerts,
+                              nsIRecentBadCerts,
+                              nsIObserver)

 nsRecentBadCerts::nsRecentBadCerts()
 :monitor("nsRecentBadCerts.monitor")
@ -35,6 +36,24 @@ nsRecentBadCerts::~nsRecentBadCerts()
 {
 }

+void
+nsRecentBadCerts::InitPrivateBrowsingObserver()
+{
+  nsCOMPtr<nsIObserverService> obsSvc = mozilla::services::GetObserverService();
+  obsSvc->AddObserver(this, "last-pb-context-exited", false);
+}
+
+NS_IMETHODIMP
+nsRecentBadCerts::Observe(nsISupports     *aSubject,
+                          const char      *aTopic,
+                          const PRUnichar *aData)
+{
+  if (!nsCRT::strcmp(aTopic, "last-pb-context-exited")) {
+    ResetStoredCerts();
+  }
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 nsRecentBadCerts::GetRecentBadCert(const nsAString & aHostNameWithPort, 
                                   nsISSLStatus **aStatus)
--- a/security/manager/ssl/src/nsRecentBadCerts.h
+++ b/security/manager/ssl/src/nsRecentBadCerts.h
@ -11,6 +11,7 @@
 #include "mozilla/ReentrantMonitor.h"

 #include "nsIRecentBadCertsService.h"
+#include "nsIObserver.h"
 #include "nsTHashtable.h"
 #include "nsString.h"
 #include "cert.h"
@ -55,14 +56,18 @@ private:
 };

 class nsRecentBadCerts MOZ_FINAL : public nsIRecentBadCerts
+                                 , public nsIObserver
 {
 public:
  NS_DECL_ISUPPORTS
  NS_DECL_NSIRECENTBADCERTS
+  NS_DECL_NSIOBSERVER

  nsRecentBadCerts();
  ~nsRecentBadCerts();

+  void InitPrivateBrowsingObserver();
+
 protected:
    mozilla::ReentrantMonitor monitor;