Bug 700659 - Slay nsHashSets in security. r=kaie
authorNathan Froyd <froydnj@mozilla.com>
Tue, 08 Nov 2011 15:24:09 -0500
changeset 87742 b85b6482eb6553dadb72fe60fb50dbc2d44c8695
parent 87741 a41cc70ce9c247aefcdf500dee25f20849e23432
child 87743 3f98fc956d257f86f9e0e37ec98e91eba36e15b1
push id22143
push userphilringnalda@gmail.com
push dateSun, 26 Feb 2012 23:12:35 +0000
treeherdermozilla-central@b98fc24ac54b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskaie
bugs700659
milestone13.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 700659 - Slay nsHashSets in security. r=kaie
security/manager/ssl/src/nsNSSIOLayer.cpp
security/manager/ssl/src/nsNSSIOLayer.h
--- a/security/manager/ssl/src/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
@@ -58,17 +58,16 @@
 #include "nsClientAuthRemember.h"
 #include "nsICertOverrideService.h"
 #include "nsISSLErrorListener.h"
 #include "nsIObjectInputStream.h"
 #include "nsIObjectOutputStream.h"
 
 #include "nsXPIDLString.h"
 #include "nsReadableUtils.h"
-#include "nsHashSets.h"
 #include "nsCRT.h"
 #include "nsAutoPtr.h"
 #include "nsPrintfCString.h"
 #include "SSLServerCertVerification.h"
 #include "nsNSSShutDown.h"
 #include "nsSSLStatus.h"
 #include "nsNSSCertHelper.h"
 #include "nsNSSCleaner.h"
@@ -1793,17 +1792,17 @@ nsSSLIOLayerHelpers::rememberTolerantSit
 {
   if (!socketInfo->IsTLSEnabled())
     return;
 
   nsCAutoString key;
   getSiteKey(socketInfo, key);
 
   MutexAutoLock lock(*mutex);
-  nsSSLIOLayerHelpers::mTLSTolerantSites->Put(key);
+  nsSSLIOLayerHelpers::mTLSTolerantSites->PutEntry(key);
 }
 
 static PRStatus PR_CALLBACK
 nsSSLIOLayerClose(PRFileDesc *fd)
 {
   nsNSSShutDownPreventionLock locker;
   if (!fd)
     return PR_FAILURE;
@@ -2134,20 +2133,20 @@ nsSSLIOLayerPoll(PRFileDesc * fd, PRInt1
                                     (void*)fd, (int) result));
   return result;
 }
 
 bool nsSSLIOLayerHelpers::nsSSLIOLayerInitialized = false;
 PRDescIdentity nsSSLIOLayerHelpers::nsSSLIOLayerIdentity;
 PRIOMethods nsSSLIOLayerHelpers::nsSSLIOLayerMethods;
 Mutex *nsSSLIOLayerHelpers::mutex = nsnull;
-nsCStringHashSet *nsSSLIOLayerHelpers::mTLSIntolerantSites = nsnull;
-nsCStringHashSet *nsSSLIOLayerHelpers::mTLSTolerantSites = nsnull;
+nsTHashtable<nsCStringHashKey> *nsSSLIOLayerHelpers::mTLSIntolerantSites = nsnull;
+nsTHashtable<nsCStringHashKey> *nsSSLIOLayerHelpers::mTLSTolerantSites = nsnull;
 nsPSMRememberCertErrorsTable *nsSSLIOLayerHelpers::mHostsWithCertErrors = nsnull;
-nsCStringHashSet *nsSSLIOLayerHelpers::mRenegoUnrestrictedSites = nsnull;
+nsTHashtable<nsCStringHashKey> *nsSSLIOLayerHelpers::mRenegoUnrestrictedSites = nsnull;
 bool nsSSLIOLayerHelpers::mTreatUnsafeNegotiationAsBroken = false;
 PRInt32 nsSSLIOLayerHelpers::mWarnLevelMissingRFC5746 = 1;
 
 static PRIntn _PSM_InvalidInt(void)
 {
     PR_ASSERT(!"I/O method is invalid");
     PR_SetError(PR_INVALID_METHOD_ERROR, 0);
     return -1;
@@ -2336,32 +2335,32 @@ nsresult nsSSLIOLayerHelpers::Init()
     nsSSLIOLayerMethods.close = nsSSLIOLayerClose;
     nsSSLIOLayerMethods.write = nsSSLIOLayerWrite;
     nsSSLIOLayerMethods.read = nsSSLIOLayerRead;
     nsSSLIOLayerMethods.poll = nsSSLIOLayerPoll;
   }
 
   mutex = new Mutex("nsSSLIOLayerHelpers.mutex");
 
-  mTLSIntolerantSites = new nsCStringHashSet();
+  mTLSIntolerantSites = new nsTHashtable<nsCStringHashKey>();
   if (!mTLSIntolerantSites)
     return NS_ERROR_OUT_OF_MEMORY;
 
   mTLSIntolerantSites->Init(1);
 
-  mTLSTolerantSites = new nsCStringHashSet();
+  mTLSTolerantSites = new nsTHashtable<nsCStringHashKey>();
   if (!mTLSTolerantSites)
     return NS_ERROR_OUT_OF_MEMORY;
 
   // Initialize the tolerant site hashtable to 16 items at the start seems
   // reasonable as most servers are TLS tolerant. We just want to lower 
   // the rate of hashtable array reallocation.
   mTLSTolerantSites->Init(16);
 
-  mRenegoUnrestrictedSites = new nsCStringHashSet();
+  mRenegoUnrestrictedSites = new nsTHashtable<nsCStringHashKey>();
   if (!mRenegoUnrestrictedSites)
     return NS_ERROR_OUT_OF_MEMORY;
 
   mRenegoUnrestrictedSites->Init(1);
 
   mTreatUnsafeNegotiationAsBroken = false;
   
   mHostsWithCertErrors = new nsPSMRememberCertErrorsTable();
@@ -2371,23 +2370,23 @@ nsresult nsSSLIOLayerHelpers::Init()
   return NS_OK;
 }
 
 void nsSSLIOLayerHelpers::addIntolerantSite(const nsCString &str)
 {
   MutexAutoLock lock(*mutex);
   // Remember intolerant site only if it is not known as tolerant
   if (!mTLSTolerantSites->Contains(str))
-    nsSSLIOLayerHelpers::mTLSIntolerantSites->Put(str);
+    nsSSLIOLayerHelpers::mTLSIntolerantSites->PutEntry(str);
 }
 
 void nsSSLIOLayerHelpers::removeIntolerantSite(const nsCString &str)
 {
   MutexAutoLock lock(*mutex);
-  nsSSLIOLayerHelpers::mTLSIntolerantSites->Remove(str);
+  nsSSLIOLayerHelpers::mTLSIntolerantSites->RemoveEntry(str);
 }
 
 bool nsSSLIOLayerHelpers::isKnownAsIntolerantSite(const nsCString &str)
 {
   MutexAutoLock lock(*mutex);
   return mTLSIntolerantSites->Contains(str);
 }
 
@@ -2395,28 +2394,28 @@ void nsSSLIOLayerHelpers::setRenegoUnres
 {
   MutexAutoLock lock(*mutex);
   
   if (mRenegoUnrestrictedSites) {
     delete mRenegoUnrestrictedSites;
     mRenegoUnrestrictedSites = nsnull;
   }
 
-  mRenegoUnrestrictedSites = new nsCStringHashSet();
+  mRenegoUnrestrictedSites = new nsTHashtable<nsCStringHashKey>();
   if (!mRenegoUnrestrictedSites)
     return;
   
   mRenegoUnrestrictedSites->Init(1);
   
   nsCCharSeparatedTokenizer toker(str, ',');
 
   while (toker.hasMoreTokens()) {
     const nsCSubstring &host = toker.nextToken();
     if (!host.IsEmpty()) {
-      mRenegoUnrestrictedSites->Put(host);
+      mRenegoUnrestrictedSites->PutEntry(host);
     }
   }
 }
 
 bool nsSSLIOLayerHelpers::isRenegoUnrestrictedSite(const nsCString &str)
 {
   MutexAutoLock lock(*mutex);
   return mRenegoUnrestrictedSites->Contains(str);
--- a/security/manager/ssl/src/nsNSSIOLayer.h
+++ b/security/manager/ssl/src/nsNSSIOLayer.h
@@ -54,16 +54,17 @@
 #include "nsISSLStatusProvider.h"
 #include "nsIAssociatedContentSecurity.h"
 #include "nsXPIDLString.h"
 #include "nsNSSShutDown.h"
 #include "nsIClientAuthDialogs.h"
 #include "nsAutoPtr.h"
 #include "nsNSSCertificate.h"
 #include "nsDataHashtable.h"
+#include "nsTHashtable.h"
 
 namespace mozilla {
 
 class MutexAutoLock;
 
 namespace psm {
 
 enum SSLErrorMessageType {
@@ -227,18 +228,16 @@ protected:
   bool      mJoined;
   bool      mSentClientCert;
 
 private:
   virtual void virtualDestroyNSSReference();
   void destructorSafeDestroyNSSReference();
 };
 
-class nsCStringHashSet;
-
 class nsSSLStatus;
 class nsNSSSocketInfo;
 
 class nsPSMRememberCertErrorsTable
 {
 private:
   struct CertStateBits
   {
@@ -265,21 +264,21 @@ public:
   static nsresult Init();
   static void Cleanup();
 
   static bool nsSSLIOLayerInitialized;
   static PRDescIdentity nsSSLIOLayerIdentity;
   static PRIOMethods nsSSLIOLayerMethods;
 
   static mozilla::Mutex *mutex;
-  static nsCStringHashSet *mTLSIntolerantSites;
-  static nsCStringHashSet *mTLSTolerantSites;
+  static nsTHashtable<nsCStringHashKey> *mTLSIntolerantSites;
+  static nsTHashtable<nsCStringHashKey> *mTLSTolerantSites;
   static nsPSMRememberCertErrorsTable* mHostsWithCertErrors;
 
-  static nsCStringHashSet *mRenegoUnrestrictedSites;
+  static nsTHashtable<nsCStringHashKey> *mRenegoUnrestrictedSites;
   static bool mTreatUnsafeNegotiationAsBroken;
   static PRInt32 mWarnLevelMissingRFC5746;
 
   static void setTreatUnsafeNegotiationAsBroken(bool broken);
   static bool treatUnsafeNegotiationAsBroken();
 
   static void setWarnLevelMissingRFC5746(PRInt32 level);
   static PRInt32 getWarnLevelMissingRFC5746();