summaryrefslogtreecommitdiffstats
path: root/netwerk/base
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-09-01 23:45:10 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-09-01 23:45:10 +0200
commit1425f020c47b3cbe134f71717299714aead28502 (patch)
tree47c50413b1bb972617454b100f60c10a4516ca36 /netwerk/base
parent69627ad410935edf4a74a4d4678105d51a662263 (diff)
downloadUXP-1425f020c47b3cbe134f71717299714aead28502.tar
UXP-1425f020c47b3cbe134f71717299714aead28502.tar.gz
UXP-1425f020c47b3cbe134f71717299714aead28502.tar.lz
UXP-1425f020c47b3cbe134f71717299714aead28502.tar.xz
UXP-1425f020c47b3cbe134f71717299714aead28502.zip
Remove support for TLS session caches in TLSServerSocket.
This resolves #738
Diffstat (limited to 'netwerk/base')
-rw-r--r--netwerk/base/TLSServerSocket.cpp16
-rw-r--r--netwerk/base/nsITLSServerSocket.idl9
2 files changed, 2 insertions, 23 deletions
diff --git a/netwerk/base/TLSServerSocket.cpp b/netwerk/base/TLSServerSocket.cpp
index 257a7f5da..97c7f5423 100644
--- a/netwerk/base/TLSServerSocket.cpp
+++ b/netwerk/base/TLSServerSocket.cpp
@@ -52,12 +52,12 @@ TLSServerSocket::SetSocketDefaults()
SSL_OptionSet(mFD, SSL_SECURITY, true);
SSL_OptionSet(mFD, SSL_HANDSHAKE_AS_CLIENT, false);
SSL_OptionSet(mFD, SSL_HANDSHAKE_AS_SERVER, true);
-
+ SSL_OptionSet(mFD, SSL_NO_CACHE, true);
+
// We don't currently notify the server API consumer of renegotiation events
// (to revalidate peer certs, etc.), so disable it for now.
SSL_OptionSet(mFD, SSL_ENABLE_RENEGOTIATION, SSL_RENEGOTIATE_NEVER);
- SetSessionCache(true);
SetSessionTickets(true);
SetRequestClientCertificate(REQUEST_NEVER);
@@ -172,18 +172,6 @@ TLSServerSocket::SetServerCert(nsIX509Cert* aCert)
}
NS_IMETHODIMP
-TLSServerSocket::SetSessionCache(bool aEnabled)
-{
- // If AsyncListen was already called (and set mListener), it's too late to set
- // this.
- if (NS_WARN_IF(mListener)) {
- return NS_ERROR_IN_PROGRESS;
- }
- SSL_OptionSet(mFD, SSL_NO_CACHE, !aEnabled);
- return NS_OK;
-}
-
-NS_IMETHODIMP
TLSServerSocket::SetSessionTickets(bool aEnabled)
{
// If AsyncListen was already called (and set mListener), it's too late to set
diff --git a/netwerk/base/nsITLSServerSocket.idl b/netwerk/base/nsITLSServerSocket.idl
index 57485357f..dce54ffe7 100644
--- a/netwerk/base/nsITLSServerSocket.idl
+++ b/netwerk/base/nsITLSServerSocket.idl
@@ -20,15 +20,6 @@ interface nsITLSServerSocket : nsIServerSocket
attribute nsIX509Cert serverCert;
/**
- * setSessionCache
- *
- * Whether the server should use a session cache. Defaults to true. This
- * should be set before calling |asyncListen| if you wish to change the
- * default.
- */
- void setSessionCache(in boolean aSessionCache);
-
- /**
* setSessionTickets
*
* Whether the server should support session tickets. Defaults to true. This