diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 02d0464fcb52..9d3524bcdf2f 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -450,6 +450,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm", ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.jsm", RemoteSettings: "resource://services-settings/remote-settings.js", + RemoteSecuritySettings: "resource://gre/modules/psm/RemoteSecuritySettings.jsm", RFPHelper: "resource://gre/modules/RFPHelper.jsm", SafeBrowsing: "resource://gre/modules/SafeBrowsing.jsm", Sanitizer: "resource:///modules/Sanitizer.jsm", @@ -1822,6 +1823,10 @@ BrowserGlue.prototype = { Services.tm.idleDispatchToMainThread(() => { RemoteSettings.init(); }); + + Services.tm.idleDispatchToMainThread(() => { + RemoteSecuritySettings.init(); + }); }, _onQuitRequest: function BG__onQuitRequest(aCancelQuit, aQuitType) { diff --git a/security/manager/ssl/RemoteSecuritySettings.jsm b/security/manager/ssl/RemoteSecuritySettings.jsm index 7cc3081e4490..8077c326202b 100644 --- a/security/manager/ssl/RemoteSecuritySettings.jsm +++ b/security/manager/ssl/RemoteSecuritySettings.jsm @@ -6,7 +6,9 @@ const EXPORTED_SYMBOLS = ["RemoteSecuritySettings"]; const {RemoteSettings} = ChromeUtils.import("resource://services-settings/remote-settings.js"); +ChromeUtils.defineModuleGetter(this, "BlocklistClients", "resource://services-common/blocklist-clients.js"); +const {AppConstants} = ChromeUtils.import("resource://gre/modules/AppConstants.jsm"); const {Services} = ChromeUtils.import("resource://gre/modules/Services.jsm"); const {XPCOMUtils} = ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); const {X509} = ChromeUtils.import("resource://gre/modules/psm/X509.jsm", null); @@ -93,6 +95,19 @@ class CertInfo { CertInfo.prototype.QueryInterface = ChromeUtils.generateQI([Ci.nsICertInfo]); this.RemoteSecuritySettings = class RemoteSecuritySettings { + /** + * Initialize the clients (cheap instantiation) and setup their sync event. + * This static method is called from BrowserGlue.jsm soon after startup. + */ + static init() { + // In Bug 1543598, the OneCRL and Pinning clients will be moved in this module. + BlocklistClients.initialize(); + + if (AppConstants.MOZ_NEW_CERT_STORAGE) { + new RemoteSecuritySettings(); + } + } + constructor() { this.client = RemoteSettings(Services.prefs.getCharPref(INTERMEDIATES_COLLECTION_PREF), { bucketNamePref: INTERMEDIATES_BUCKET_PREF, diff --git a/services/common/blocklist-clients.js b/services/common/blocklist-clients.js index 12a70171f4f1..198609d0d976 100644 --- a/services/common/blocklist-clients.js +++ b/services/common/blocklist-clients.js @@ -184,7 +184,6 @@ async function updatePinningList({ data: { current: records } }) { var OneCRLBlocklistClient; var PinningBlocklistClient; -var RemoteSecuritySettingsClient; function initialize(options = {}) { const { verifySignature = true } = options; @@ -205,21 +204,6 @@ function initialize(options = {}) { PinningBlocklistClient.verifySignature = verifySignature; PinningBlocklistClient.on("sync", updatePinningList); - if (AppConstants.MOZ_NEW_CERT_STORAGE) { - const { RemoteSecuritySettings } = ChromeUtils.import("resource://gre/modules/psm/RemoteSecuritySettings.jsm"); - - // In Bug 1526018 this will move into its own service, as it's not quite like - // the others. - RemoteSecuritySettingsClient = new RemoteSecuritySettings(); - RemoteSecuritySettingsClient.verifySignature = verifySignature; - - return { - OneCRLBlocklistClient, - PinningBlocklistClient, - RemoteSecuritySettingsClient, - }; - } - return { OneCRLBlocklistClient, PinningBlocklistClient, diff --git a/toolkit/mozapps/extensions/Blocklist.jsm b/toolkit/mozapps/extensions/Blocklist.jsm index 39fc90217657..f72bde6ce9fb 100644 --- a/toolkit/mozapps/extensions/Blocklist.jsm +++ b/toolkit/mozapps/extensions/Blocklist.jsm @@ -19,11 +19,6 @@ ChromeUtils.defineModuleGetter(this, "AddonManager", "resource://gre/modules/AddonManager.jsm"); ChromeUtils.defineModuleGetter(this, "AddonManagerPrivate", "resource://gre/modules/AddonManager.jsm"); -// The remote settings updater is the new system in charge of fetching remote data -// securely and efficiently. It will replace the current XML-based system. -// See Bug 1257565 and Bug 1252456. -ChromeUtils.defineModuleGetter(this, "BlocklistClients", - "resource://services-common/blocklist-clients.js"); ChromeUtils.defineModuleGetter(this, "CertUtils", "resource://gre/modules/CertUtils.jsm"); ChromeUtils.defineModuleGetter(this, "FileUtils", @@ -2561,10 +2556,6 @@ let BlocklistRS = { ExtensionBlocklistRS._onUpdate(); PluginBlocklistRS._onUpdate(); }, - - initializeClients() { - BlocklistClients.initialize(); - }, }; const kSharedAPIs = [ @@ -2586,12 +2577,6 @@ let Blocklist = { Services.prefs.addObserver("extensions.blocklist.", this); Services.prefs.addObserver(PREF_EM_LOGGING_ENABLED, this); - // Instantiate Remote Settings clients for blocklists. - // Their initialization right here serves two purposes: - // - Make sure they are instantiated (it's cheap) in order to be included in the synchronization process; - // - Ensure that onecrl and other consumers in there are loaded. - // Ideally, this should happen only when BlocklistRS is initialized. - BlocklistRS.initializeClients(); // Define forwarding functions: for (let k of kSharedAPIs) { this[k] = (...args) => this._impl[k](...args);