зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1715142 - clear the TLS session cache in SetDisableAllSecurityChecksAndLetAttackersInterceptMyData r=rmf
Previously, SetDisableAllSecurityChecksAndLetAttackersInterceptMyData would only work as expected if another operation happened to clear the TLS session cache (namely, changing a preference that caused nsNSSComponent to change its TLS options and clear the TLS session cache). This patch ensures that this function works without relying on such coincidences. Differential Revision: https://phabricator.services.mozilla.com/D117495
This commit is contained in:
Родитель
6862151ddf
Коммит
6c87c3560b
|
@ -827,8 +827,18 @@ nsCertOverrideService::
|
|||
return NS_ERROR_NOT_AVAILABLE;
|
||||
}
|
||||
|
||||
MutexAutoLock lock(mMutex);
|
||||
mDisableAllSecurityCheck = aDisable;
|
||||
{
|
||||
MutexAutoLock lock(mMutex);
|
||||
mDisableAllSecurityCheck = aDisable;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsINSSComponent> nss(do_GetService(PSM_COMPONENT_CONTRACTID));
|
||||
if (nss) {
|
||||
nss->ClearSSLExternalAndInternalSessionCache();
|
||||
} else {
|
||||
return NS_ERROR_NOT_AVAILABLE;
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче