wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 957667: Decouple OCSP stapling pref from the OCSP fetching pref, and couple the OCSP required pref to the OCSP fetching pref, r=keeler

Browse Source 
--HG--
extra : rebase_source : 86cb86f76f4def579fcf07e479025852849c34f8
extra : source : 08115711a4e6e77971c9e872fb6c68e88ac9693e
This commit is contained in:
Brian Smith 2014-01-08 08:51:06 -08:00
parent 225d0f3c9e
commit 4268442c28
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
security/manager/ssl/src/nsNSSComponent.cpp
View File

@ -1001,11 +1001,15 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting)
bool crlDownloading = Preferences::GetBool("security.CRL_download.enabled", bool crlDownloading = Preferences::GetBool("security.CRL_download.enabled",
false); false);
// This preference controls whether we do OCSP fetching and does not affect
// OCSP stapling.
// 0 = disabled, 1 = enabled // 0 = disabled, 1 = enabled
int32_t ocspEnabled = Preferences::GetInt("security.OCSP.enabled", int32_t ocspEnabled = Preferences::GetInt("security.OCSP.enabled",
OCSP_ENABLED_DEFAULT); OCSP_ENABLED_DEFAULT);
bool ocspRequired = Preferences::GetBool("security.OCSP.require", false); bool ocspRequired = ocspEnabled &&
Preferences::GetBool("security.OCSP.require", false);
// We measure the setting of the pref at startup only to minimize noise by // We measure the setting of the pref at startup only to minimize noise by
// addons that may muck with the settings, though it probably doesn't matter. // addons that may muck with the settings, though it probably doesn't matter.
@ -1019,9 +1023,6 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting)
bool ocspStaplingEnabled = Preferences::GetBool("security.ssl.enable_ocsp_stapling", bool ocspStaplingEnabled = Preferences::GetBool("security.ssl.enable_ocsp_stapling",
true); true);
if (!ocspEnabled) {
ocspStaplingEnabled = false;
}
PublicSSLState()->SetOCSPOptions(ocspEnabled, ocspStaplingEnabled); PublicSSLState()->SetOCSPOptions(ocspEnabled, ocspStaplingEnabled);
PrivateSSLState()->SetOCSPOptions(ocspEnabled, ocspStaplingEnabled); PrivateSSLState()->SetOCSPOptions(ocspEnabled, ocspStaplingEnabled);