[tor-commits] [torbutton/master] Bug 1624: Use nsIDOMCrypto::logout() if available.

mikeperry at torproject.org mikeperry at torproject.org
Sat Mar 12 21:54:09 UTC 2011 

commit c3e547482161b45bfdab76be7471acbc54510ad7
Author: Mike Perry <mikeperry-git at fscked.org>
Date:   Sat Mar 12 13:52:42 2011 -0800

    Bug 1624: Use nsIDOMCrypto::logout() if available.
    
    This is the new official way of clearing SSL Session IDs and other TLS state.
---
 src/chrome/content/torbutton.js |   23 ++++++++++++++++-------
 1 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js
index 3fe8145..5170be1 100644
--- a/src/chrome/content/torbutton.js
+++ b/src/chrome/content/torbutton.js
@@ -1562,13 +1562,22 @@ function torbutton_update_status(mode, force_update) {
         auth.clearAll();
     }
 
-    // This clears the SSL Identifier Cache.
-    // See https://bugzilla.mozilla.org/show_bug.cgi?id=448747 and
-    // http://mxr.mozilla.org/security/source/security/manager/ssl/src/nsNSSComponent.cpp#2134
-    m_tb_prefs.setBoolPref("security.enable_ssl2", 
-            !m_tb_prefs.getBoolPref("security.enable_ssl2"));
-    m_tb_prefs.setBoolPref("security.enable_ssl2", 
-            !m_tb_prefs.getBoolPref("security.enable_ssl2"));
+    try {
+      var secMgr = Cc["@mozilla.org/security/crypto;1"].
+                   getService(Ci.nsIDOMCrypto);
+      secMgr.logout();
+      torbutton_log(3, "nsIDOMCrypto logout succeeded");
+    } catch(e) {
+      torbutton_log(4, "Failed to use nsIDOMCrypto to clear SSL Session ids. Falling back to old method. Error: "+e);
+
+      // This clears the SSL Identifier Cache.
+      // See https://bugzilla.mozilla.org/show_bug.cgi?id=448747 and
+      // http://mxr.mozilla.org/security/source/security/manager/ssl/src/nsNSSComponent.cpp#2134
+      m_tb_prefs.setBoolPref("security.enable_ssl2", 
+          !m_tb_prefs.getBoolPref("security.enable_ssl2"));
+      m_tb_prefs.setBoolPref("security.enable_ssl2", 
+          !m_tb_prefs.getBoolPref("security.enable_ssl2"));
+    }
 
     // This clears the undo tab history.
     var tabs = m_tb_prefs.getIntPref("browser.sessionstore.max_tabs_undo");

More information about the tor-commits mailing list