The prldap_tsd_destroy() function (which is called when a
thread exits) was not freeing the information contained within
the PRLDAP_ErrorInfo structure. Added prldap_free_errorinfo()
and a way to determine if that thread-private data looks like
error information (the plei_magic field). At the moment, only
one kind of thread-private data is stored anyway (the error
information).
The prldap_allocate_map() function, which is called when a new
LDAP session is created, was blindly setting the thread-private
error information pointer to NULL. But if a different thread
created or used an LDAP session than called ldap_unbind(), old
error information may have been left in memory. Now the error
info. pointer is reset and reused, which was the original goal.
[@nsAboutProtocolHandler:122]] This is a regression fix from the fix
for bug 163225. The assertions never made sense and now they are
exposed. r=bzbarsky, sr=darin
- make TLS intolerant server detection over proxies work
(this bug 87902)
- on connection failure, only retry without TLS when it is really
likely to help (bug 149910)
- remove obsolete workarounds in SSL i/o layer
(see removed comments in patch)
- avoid to confuse programmers reading code,
by renaming TLSStepUp (which means something else)
to the correct term STARTTLS (what the code is actually doing).
(As suggested by nelsonb)
- If an invalid or expired etc. server certificate is presented,
a warning is shown. If the user decides to cancel,
network activity should stop immediately.
(we currently warn multiple times) (bug 87209)
r=javi/darin/ducarroz/dmose sr=alecf
Added two new libssldap public functions: ldapssl_set_option() and
ldapssl_get_option().
Also fixed a bug in ldapsinit:do_ldapssl_connect() that sometimes
caused PR_Close() to be called twice on an SSL file descriptor
if an error occurred (once in do_ldapssl_connect() itself and
once in the libprldap close function that is called from
do_ldapssl_connect()).
Also updated the NSPR and NSS "error code to string" mapping
tables that are used by ldapssl_err2string().
Also fixed a bug in common.c:ldaptool_print_lderror (LDAP command
line tools) where we did not check for SSL errors when the
error code was "can't connect." We were only checking on
"server down" errors.
Changes:
* Added EXTRA_COMPONENTS variable to build. Use it to automagically install files into the components dir.
* Added SYSINSTALL variable. Use it install files onto the system.
* Move mozilla-config generation from configure to makefiles
* mozilla-config will now generate paths based upon the MRE-based directory layout.
* Generate mozilla script from template
The installation heirarchy currently looks like:
$prefix -> /bin/mozilla
/bin/mozilla-config
/include/mozilla-ver/*
/lib/mozilla-ver (mozappdir)
/components
/res
/defaults
/chrome
There is preliminary build support for MRE dirs as well though the component manager hasn't had MRE support added yet.
$prefix -> /lib/mre/mre-ver (mredir)
/components