bug 912582 - false start rc4 and rsa accomodations need exact principal matches r=dkeeler
authorPatrick McManus <mcmanus@ducksong.com>
Wed, 04 Sep 2013 17:01:02 -0400
changeset 145502 8628391a5a8bd2eafede7e31257be60ff9c661ba
parent 145501 b5d62f5c733c1b2da7e1f79979303c45fb37dc57
child 145503 7ccebf05488c23702234daffaae17676aa3af4a7
push id33302
push usermcmanus@ducksong.com
push dateWed, 04 Sep 2013 21:01:18 +0000
treeherdermozilla-inbound@8628391a5a8b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersdkeeler
bugs912582
milestone26.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 912582 - false start rc4 and rsa accomodations need exact principal matches r=dkeeler
netwerk/protocol/http/nsHttpChannel.cpp
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -719,24 +719,27 @@ nsHttpChannel::RetrieveSSLOptions()
         return;
 
     nsCOMPtr<nsIPermissionManager> permMgr =
         do_GetService(NS_PERMISSIONMANAGER_CONTRACTID);
     if (!permMgr)
         return;
 
     uint32_t perm;
-    nsresult rv = permMgr->TestPermissionFromPrincipal(principal,
-                                                       "falsestart-rsa", &perm);
+    nsresult rv = permMgr->TestExactPermissionFromPrincipal(principal,
+                                                            "falsestart-rsa",
+                                                            &perm);
     if (NS_SUCCEEDED(rv) && perm == nsIPermissionManager::ALLOW_ACTION) {
         LOG(("nsHttpChannel::RetrieveSSLOptions [this=%p] "
              "falsestart-rsa permission found\n", this));
         mCaps |= NS_HTTP_ALLOW_RSA_FALSESTART;
     }
-    rv = permMgr->TestPermissionFromPrincipal(principal, "falsestart-rc4", &perm);
+    rv = permMgr->TestExactPermissionFromPrincipal(principal,
+                                                   "falsestart-rc4",
+                                                   &perm);
     if (NS_SUCCEEDED(rv) && perm == nsIPermissionManager::ALLOW_ACTION) {
         LOG(("nsHttpChannel::RetrieveSSLOptions [this=%p] "
              "falsestart-rc4 permission found\n", this));
         mCaps |= NS_HTTP_ALLOW_RC4_FALSESTART;
     }
 }
 
 nsresult