Bug 624514: Make PSM access the network.ntlm.send-lm-response pref only on the main thread, r=honzab
authorBrian Smith <bsmith@mozilla.com>
Fri, 18 Jan 2013 16:06:12 -0800
changeset 119319 46726c3ab4e19add734d113e443ab6f73d059b12
parent 119318 3bf0fc40df43a48e7053e1853c70ed3fef94ec93
child 119320 c30b94cd9c76099cd7327080040e390cbb0717ad
push id24195
push userMs2ger@gmail.com
push dateSat, 19 Jan 2013 16:10:11 +0000
treeherdermozilla-central@02e12a80aef9 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewershonzab
bugs624514
milestone21.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 624514: Make PSM access the network.ntlm.send-lm-response pref only on the main thread, r=honzab
security/manager/ssl/src/nsNSSComponent.cpp
security/manager/ssl/src/nsNTLMAuthModule.cpp
security/manager/ssl/src/nsNTLMAuthModule.h
--- a/security/manager/ssl/src/nsNSSComponent.cpp
+++ b/security/manager/ssl/src/nsNSSComponent.cpp
@@ -37,16 +37,17 @@
 #include "nsIDOMWindow.h"
 #include "nsIDOMWindowCollection.h"
 #include "nsIDOMSmartCardEvent.h"
 #include "nsIDOMCrypto.h"
 #include "nsThreadUtils.h"
 #include "nsCRT.h"
 #include "nsCRLInfo.h"
 #include "nsCertOverrideService.h"
+#include "nsNTLMAuthModule.h"
 
 #include "nsIWindowWatcher.h"
 #include "nsIPrompt.h"
 #include "nsCertificatePrincipal.h"
 #include "nsReadableUtils.h"
 #include "nsIDateTimeFormat.h"
 #include "prtypes.h"
 #include "nsIEntropyCollector.h"
@@ -1909,16 +1910,20 @@ nsNSSComponent::Init()
                                         getter_Copies(result));
   }
 
   if (!mPrefBranch) {
     mPrefBranch = do_GetService(NS_PREFSERVICE_CONTRACTID);
     NS_ASSERTION(mPrefBranch, "Unable to get pref service");
   }
 
+  bool sendLM = false;
+  mPrefBranch->GetBoolPref("network.ntlm.send-lm-response", &sendLM);
+  nsNTLMAuthModule::SetSendLM(sendLM);
+
   // Do that before NSS init, to make sure we won't get unloaded.
   RegisterObservers();
 
   rv = InitializeNSS(true); // ok to show a warning box on failure
   if (NS_FAILED(rv)) {
     PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("Unable to Initialize NSS.\n"));
 
     DeregisterObservers();
@@ -2241,16 +2246,20 @@ nsNSSComponent::Observe(nsISupports *aSu
     } else if (prefName.Equals("security.OCSP.enabled")
                || prefName.Equals("security.CRL_download.enabled")
                || prefName.Equals("security.fresh_revocation_info.require")
                || prefName.Equals("security.missing_cert_download.enabled")
                || prefName.Equals("security.first_network_revocation_method")
                || prefName.Equals("security.OCSP.require")) {
       MutexAutoLock lock(mutex);
       setValidationOptions(mPrefBranch);
+    } else if (prefName.Equals("network.ntlm.send-lm-response")) {
+      bool sendLM = false;
+      mPrefBranch->GetBoolPref("network.ntlm.send-lm-response", &sendLM);
+      nsNTLMAuthModule::SetSendLM(sendLM);
     } else {
       /* Look through the cipher table and set according to pref setting */
       for (CipherPref* cp = CipherPrefs; cp->pref; ++cp) {
         if (prefName.Equals(cp->pref)) {
           mPrefBranch->GetBoolPref(cp->pref, &enabled);
           SSL_CipherPrefSetDefault(cp->id, enabled);
           clearSessionCache = true;
           break;
--- a/security/manager/ssl/src/nsNTLMAuthModule.cpp
+++ b/security/manager/ssl/src/nsNTLMAuthModule.cpp
@@ -1,28 +1,20 @@
 /* vim:set ts=2 sw=2 et cindent: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "prlog.h"
 
-#include <stdlib.h>
-#include "nsIPrefService.h"
-#include "nsIPrefBranch.h"
-#include "nsServiceManagerUtils.h"
-#include "nsCOMPtr.h"
+#include "nsNTLMAuthModule.h"
 #include "nsNSSShutDown.h"
-#include "nsNTLMAuthModule.h"
 #include "nsNativeCharsetUtils.h"
-#include "nsReadableUtils.h"
-#include "nsString.h"
 #include "prsystem.h"
-#include "nss.h"
-#include "pk11func.h"
+#include "pk11pub.h"
 #include "md4.h"
 #include "mozilla/Likely.h"
 
 #ifdef PR_LOGGING
 static PRLogModuleInfo *
 GetNTLMLog()
 {
   static PRLogModuleInfo *sNTLMLog;
@@ -100,25 +92,22 @@ static const char NTLM_TYPE3_MARKER[] = 
 #define LM_HASH_LEN 16
 #define LM_RESP_LEN 24
 
 #define NTLM_HASH_LEN 16
 #define NTLM_RESP_LEN 24
 
 //-----------------------------------------------------------------------------
 
-static bool SendLM()
+static bool sendLM = false;
+
+/*static*/ void
+nsNTLMAuthModule::SetSendLM(bool newSendLM)
 {
-  nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
-  if (!prefs)
-    return false;
-
-  bool val;
-  nsresult rv = prefs->GetBoolPref("network.ntlm.send-lm-response", &val);
-  return NS_SUCCEEDED(rv) && val;
+  sendLM = newSendLM;
 }
 
 //-----------------------------------------------------------------------------
 
 #ifdef PR_LOGGING
 
 /**
  * Prints a description of flags to the NSPR Log, if enabled.
@@ -686,17 +675,17 @@ GenerateType3Msg(const nsString &domain,
     NTLM_Hash(password, ntlmHash);
     LM_Response(ntlmHash, sessionHash, ntlmResp);
   }
   else
   {
     NTLM_Hash(password, ntlmHash);
     LM_Response(ntlmHash, msg.challenge, ntlmResp);
 
-    if (SendLM())
+    if (sendLM)
     {
       uint8_t lmHash[LM_HASH_LEN];
       LM_Hash(password, lmHash);
       LM_Response(lmHash, msg.challenge, lmResp);
     }
     else
     {
       // According to http://davenport.sourceforge.net/ntlm.html#ntlmVersion2,
--- a/security/manager/ssl/src/nsNTLMAuthModule.h
+++ b/security/manager/ssl/src/nsNTLMAuthModule.h
@@ -15,16 +15,17 @@ public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSIAUTHMODULE
 
   nsNTLMAuthModule() {}
   virtual ~nsNTLMAuthModule();
 
   nsresult InitTest();
 
+  static void SetSendLM(bool sendLM);
 private:
   nsString mDomain;
   nsString mUsername;
   nsString mPassword;
 };
 
 #define NS_NTLMAUTHMODULE_CLASSNAME \
   "nsNTLMAuthModule"