diff --git a/security/manager/ssl/src/nsNSSIOLayer.cpp b/security/manager/ssl/src/nsNSSIOLayer.cpp index 74d652131e6..3af7ae55b85 100644 --- a/security/manager/ssl/src/nsNSSIOLayer.cpp +++ b/security/manager/ssl/src/nsNSSIOLayer.cpp @@ -1210,9 +1210,9 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo) .forgetIntolerance(socketInfo->GetHostName(), socketInfo->GetPort()); return false; - } else if ((err == SSL_ERROR_NO_CYPHER_OVERLAP || - err == PR_END_OF_FILE_ERROR) && - nsNSSComponent::AreAnyWeakCiphersEnabled()) { + } + if ((err == SSL_ERROR_NO_CYPHER_OVERLAP || err == PR_END_OF_FILE_ERROR) && + nsNSSComponent::AreAnyWeakCiphersEnabled()) { if (socketInfo->SharedState().IOLayerHelpers() .rememberStrongCiphersFailed(socketInfo->GetHostName(), socketInfo->GetPort(), err)) { diff --git a/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp b/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp index 45d64a4115b..537e324a477 100644 --- a/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp +++ b/security/manager/ssl/tests/gtest/TLSIntoleranceTest.cpp @@ -33,7 +33,11 @@ TEST_F(TLSIntoleranceTest, Test_Full_Fallback_Process) ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_2, range.max); ASSERT_EQ(StrongCipherStatusUnknown, strongCipherStatus); - ASSERT_TRUE(helpers.rememberStrongCiphersFailed(HOST, PORT, 0)); + ASSERT_TRUE( + helpers.rememberStrongCiphersFailed( + HOST, PORT, SSL_ERROR_NO_CYPHER_OVERLAP)); + ASSERT_EQ(SSL_ERROR_NO_CYPHER_OVERLAP, + helpers.getIntoleranceReason(HOST, PORT)); } {