зеркало из https://github.com/mozilla/gecko-dev.git
Use user prefs for determining whether to enable SSL2/SSL3/TLS. Also, remove now-unused pref service stuff from nsSecureBrowserUIImpl. r=javi.
This commit is contained in:
Родитель
17d186f8a7
Коммит
9b4cb2b2d8
|
@ -107,6 +107,10 @@ nsNSSComponent::~nsNSSComponent()
|
|||
|
||||
mCertContentListener = nsnull;
|
||||
}
|
||||
if (mPref)
|
||||
mPref->UnregisterCallback("security.", nsNSSComponent::PrefChangedCallback,
|
||||
(void*) this);
|
||||
|
||||
if (mNSSInitialized)
|
||||
NSS_Shutdown();
|
||||
}
|
||||
|
@ -366,10 +370,20 @@ nsNSSComponent::InitializeNSS()
|
|||
NSS_SetDomesticPolicy();
|
||||
// SSL_EnableCipher(SSL_RSA_WITH_NULL_MD5, SSL_ALLOWED);
|
||||
|
||||
// XXX should use prefs
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SSL2, PR_TRUE);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SSL3, PR_TRUE);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_TLS, PR_TRUE);
|
||||
mPref = do_GetService(NS_PREF_CONTRACTID);
|
||||
|
||||
// Register a callback so we can inform NSS when these prefs change
|
||||
mPref->RegisterCallback("security.", nsNSSComponent::PrefChangedCallback,
|
||||
(void*) this);
|
||||
|
||||
PRBool enabled;
|
||||
mPref->GetBoolPref("security.enable_ssl2", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SSL2, enabled);
|
||||
mPref->GetBoolPref("security.enable_ssl3", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SSL3, enabled);
|
||||
mPref->GetBoolPref("security.enable_tls", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
|
||||
|
||||
PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS Initialization done\n"));
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -472,6 +486,31 @@ nsNSSComponent::RandomUpdate(void *entropy, PRInt32 bufLen)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
int
|
||||
nsNSSComponent::PrefChangedCallback(const char* aPrefName, void* data)
|
||||
{
|
||||
nsNSSComponent* nss = NS_STATIC_CAST(nsNSSComponent*, data);
|
||||
if (nss)
|
||||
nss->PrefChanged(aPrefName);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void
|
||||
nsNSSComponent::PrefChanged(const char* prefName)
|
||||
{
|
||||
PRBool enabled;
|
||||
if (!nsCRT::strcmp(prefName, "security.enable_ssl2")) {
|
||||
mPref->GetBoolPref("security.enable_ssl2", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SSL2, enabled);
|
||||
} else if (!nsCRT::strcmp(prefName, "security.enable_ssl3")) {
|
||||
mPref->GetBoolPref("security.enable_ssl3", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_SSL3, enabled);
|
||||
} else if (!nsCRT::strcmp(prefName, "security.enable_tls")) {
|
||||
mPref->GetBoolPref("security.enable_tls", &enabled);
|
||||
SSL_OptionSetDefault(SSL_ENABLE_TLS, enabled);
|
||||
}
|
||||
}
|
||||
|
||||
static const char *kNSSDialogsContractId = NS_NSSDIALOGS_CONTRACTID;
|
||||
|
||||
nsresult
|
||||
|
|
|
@ -33,6 +33,7 @@
|
|||
#include "nsIEntropyCollector.h"
|
||||
#include "nsString.h"
|
||||
#include "nsIStringBundle.h"
|
||||
#include "nsIPref.h"
|
||||
|
||||
#include "nsNSSHelper.h"
|
||||
|
||||
|
@ -102,9 +103,12 @@ private:
|
|||
nsresult ConfigureInternalPKCS11Token();
|
||||
char * GetPK11String(const PRUnichar *name, PRUint32 len);
|
||||
nsresult RegisterCertContentListener();
|
||||
static int PrefChangedCallback(const char* aPrefName, void* data);
|
||||
void PrefChanged(const char* aPrefName);
|
||||
|
||||
nsCOMPtr<nsIStringBundle> mPIPNSSBundle;
|
||||
nsCOMPtr<nsIURIContentListener> mCertContentListener;
|
||||
nsCOMPtr<nsIPref> mPref;
|
||||
static PRBool mNSSInitialized;
|
||||
};
|
||||
|
||||
|
|
|
@ -59,16 +59,12 @@
|
|||
#include "nsIURI.h"
|
||||
#include "nsISecurityEventSink.h"
|
||||
#include "nsIPrompt.h"
|
||||
#include "nsIPref.h"
|
||||
#include "nsIFormSubmitObserver.h"
|
||||
#include "nsNSSHelper.h"
|
||||
|
||||
#include "nsINSSDialogs.h"
|
||||
|
||||
static NS_DEFINE_CID(kCStringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);
|
||||
static NS_DEFINE_CID(kPrefCID, NS_PREF_CID);
|
||||
|
||||
#define INSECURE_SUBMIT_PREF "security.warn_submit_insecure"
|
||||
|
||||
#if defined(PR_LOGGING)
|
||||
//
|
||||
|
@ -118,9 +114,6 @@ nsSecureBrowserUIImpl::Init(nsIDOMWindowInternal *window,
|
|||
mSecurityButton = button;
|
||||
mWindow = window;
|
||||
|
||||
mPref = do_GetService(kPrefCID, &rv);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
nsCOMPtr<nsIStringBundleService> service(do_GetService(kCStringBundleServiceCID, &rv));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
|
@ -280,7 +273,7 @@ nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
|
|||
{
|
||||
nsresult res = NS_OK;
|
||||
|
||||
if (!aRequest || !mPref)
|
||||
if (!aRequest)
|
||||
return NS_ERROR_NULL_POINTER;
|
||||
|
||||
// Get the channel from the request...
|
||||
|
|
|
@ -36,7 +36,6 @@
|
|||
#include "nsIStringBundle.h"
|
||||
#include "nsISecureBrowserUI.h"
|
||||
#include "nsIDocShell.h"
|
||||
#include "nsIPref.h"
|
||||
#include "nsIWebProgressListener.h"
|
||||
#include "nsIFormSubmitObserver.h"
|
||||
#include "nsIURI.h"
|
||||
|
@ -72,7 +71,6 @@ protected:
|
|||
nsCOMPtr<nsIDOMWindowInternal> mWindow;
|
||||
nsCOMPtr<nsIDOMElement> mSecurityButton;
|
||||
nsCOMPtr<nsIDocumentLoaderObserver> mOldWebShellObserver;
|
||||
nsCOMPtr<nsIPref> mPref;
|
||||
nsCOMPtr<nsIStringBundle> mStringBundle;
|
||||
nsCOMPtr<nsIURI> mCurrentURI;
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче