bug 623921: Out of an abundance of caution back out feature: 592284 - HTTP Syn Retry r=honzab a=backout
authorPatrick McManus <mcmanus@ducksong.com>
Fri, 07 Jan 2011 11:11:22 -0500
changeset 60132 c1b1fde638f90968b9db2224ac83a264df21e3ac
parent 60131 b32d9897178be48df6f5d040619f7dd865ce2663
child 60133 908f598737d76952428b1d62eeacca896a7168fb
push id17876
push usermcmanus@ducksong.com
push dateFri, 07 Jan 2011 18:03:07 +0000
treeherdermozilla-central@c1b1fde638f9 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewershonzab, backout
bugs623921, 592284
milestone2.0b9pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 623921: Out of an abundance of caution back out feature: 592284 - HTTP Syn Retry r=honzab a=backout
modules/libpref/src/init/all.js
netwerk/base/src/nsSocketTransport2.cpp
netwerk/protocol/http/nsAHttpTransaction.h
netwerk/protocol/http/nsHttpConnection.cpp
netwerk/protocol/http/nsHttpConnection.h
netwerk/protocol/http/nsHttpConnectionMgr.cpp
netwerk/protocol/http/nsHttpConnectionMgr.h
netwerk/protocol/http/nsHttpHandler.cpp
netwerk/protocol/http/nsHttpHandler.h
netwerk/protocol/http/nsHttpPipeline.cpp
netwerk/protocol/http/nsHttpTransaction.cpp
--- a/modules/libpref/src/init/all.js
+++ b/modules/libpref/src/init/all.js
@@ -731,21 +731,16 @@ pref("network.http.prompt-temp-redirect"
 // for certain services (i.e. EF for VoIP, AF4x for interactive video,
 // AF3x for broadcast/streaming video, etc)
 
 // default value for HTTP
 // in a DSCP environment this should be 40 (0x28, or AF11), per RFC-4594,
 // Section 4.8 "High-Throughput Data Service Class"
 pref("network.http.qos", 0);
 
-// The number of milliseconds after sending a SYN for an HTTP connection,
-// to wait before trying a different connection. 0 means do not use a second
-// connection.
-pref("network.http.connection-retry-timeout", 250);
-
 // default values for FTP
 // in a DSCP environment this should be 40 (0x28, or AF11), per RFC-4594,
 // Section 4.8 "High-Throughput Data Service Class", and 80 (0x50, or AF22)
 // per Section 4.7 "Low-Latency Data Service Class".
 pref("network.ftp.data.qos", 0);
 pref("network.ftp.control.qos", 0);
 
 // </http>
--- a/netwerk/base/src/nsSocketTransport2.cpp
+++ b/netwerk/base/src/nsSocketTransport2.cpp
@@ -1773,30 +1773,19 @@ nsSocketTransport::GetSecurityCallbacks(
     nsAutoLock lock(mLock);
     NS_IF_ADDREF(*callbacks = mCallbacks);
     return NS_OK;
 }
 
 NS_IMETHODIMP
 nsSocketTransport::SetSecurityCallbacks(nsIInterfaceRequestor *callbacks)
 {
-    nsCOMPtr<nsISupports> secinfo;
-    {
-        nsAutoLock lock(mLock);
-        mCallbacks = callbacks;
-        SOCKET_LOG(("Reset callbacks for secinfo=%p callbacks=%p\n", mSecInfo.get(), mCallbacks.get()));
-
-        secinfo = mSecInfo;
-    }
-
-    // don't call into PSM while holding mLock!!
-    nsCOMPtr<nsISSLSocketControl> secCtrl(do_QueryInterface(secinfo));
-    if (secCtrl)
-        secCtrl->SetNotificationCallbacks(callbacks);
-
+    nsAutoLock lock(mLock);
+    mCallbacks = callbacks;
+    // XXX should we tell PSM about this?
     return NS_OK;
 }
 
 NS_IMETHODIMP
 nsSocketTransport::SetEventSink(nsITransportEventSink *sink,
                                 nsIEventTarget *target)
 {
     nsCOMPtr<nsITransportEventSink> temp;
--- a/netwerk/protocol/http/nsAHttpTransaction.h
+++ b/netwerk/protocol/http/nsAHttpTransaction.h
@@ -39,17 +39,16 @@
 #define nsAHttpTransaction_h__
 
 #include "nsISupports.h"
 
 class nsAHttpConnection;
 class nsAHttpSegmentReader;
 class nsAHttpSegmentWriter;
 class nsIInterfaceRequestor;
-class nsIEventTarget;
 
 //----------------------------------------------------------------------------
 // Abstract base class for a HTTP transaction:
 //
 // A transaction is a "sink" for the response data.  The connection pushes
 // data to the transaction by writing to it.  The transaction supports
 // WriteSegments and may refuse to accept data if its buffers are full (its
 // write function returns NS_BASE_STREAM_WOULD_BLOCK in this case).
@@ -58,18 +57,17 @@ class nsIEventTarget;
 class nsAHttpTransaction : public nsISupports
 {
 public:
     // called by the connection when it takes ownership of the transaction.
     virtual void SetConnection(nsAHttpConnection *) = 0;
 
     // called by the connection to get security callbacks to set on the 
     // socket transport.
-    virtual void GetSecurityCallbacks(nsIInterfaceRequestor **,
-                                      nsIEventTarget **) = 0;
+    virtual void GetSecurityCallbacks(nsIInterfaceRequestor **) = 0;
 
     // called to report socket status (see nsITransportEventSink)
     virtual void OnTransportStatus(nsresult status, PRUint64 progress) = 0;
 
     // called to check the transaction status.
     virtual PRBool   IsDone() = 0;
     virtual nsresult Status() = 0;
 
@@ -85,18 +83,17 @@ public:
                                    PRUint32 count, PRUint32 *countWritten) = 0;
 
     // called to close the transaction
     virtual void Close(nsresult reason) = 0;
 };
 
 #define NS_DECL_NSAHTTPTRANSACTION \
     void SetConnection(nsAHttpConnection *); \
-    void GetSecurityCallbacks(nsIInterfaceRequestor **, \
-                              nsIEventTarget **);       \
+    void GetSecurityCallbacks(nsIInterfaceRequestor **); \
     void OnTransportStatus(nsresult status, PRUint64 progress); \
     PRBool   IsDone(); \
     nsresult Status(); \
     PRUint32 Available(); \
     nsresult ReadSegments(nsAHttpSegmentReader *, PRUint32, PRUint32 *); \
     nsresult WriteSegments(nsAHttpSegmentWriter *, PRUint32, PRUint32 *); \
     void     Close(nsresult reason);
 
--- a/netwerk/protocol/http/nsHttpConnection.cpp
+++ b/netwerk/protocol/http/nsHttpConnection.cpp
@@ -46,103 +46,65 @@
 #include "nsISocketTransportService.h"
 #include "nsISocketTransport.h"
 #include "nsIServiceManager.h"
 #include "nsISSLSocketControl.h"
 #include "nsStringStream.h"
 #include "netCore.h"
 #include "nsNetCID.h"
 #include "nsAutoLock.h"
-#include "nsProxyRelease.h"
 #include "prmem.h"
 
 #ifdef DEBUG
 // defined by the socket transport service while active
 extern PRThread *gSocketThread;
 #endif
 
 static NS_DEFINE_CID(kSocketTransportServiceCID, NS_SOCKETTRANSPORTSERVICE_CID);
 
-
-// Statistics - only update on gSocketThread
-// currently uncollected
-
-static PRUint32 sCreateTransport1 = 0;
-static PRUint32 sCreateTransport2 = 0;
-static PRUint32 sSuccessTransport1 = 0;
-static PRUint32 sSuccessTransport2 = 0;
-static PRUint32 sUnNecessaryTransport2 = 0;
-static PRUint32 sWastedReuseCount = 0;
-
 //-----------------------------------------------------------------------------
 // nsHttpConnection <public>
 //-----------------------------------------------------------------------------
 
 nsHttpConnection::nsHttpConnection()
     : mTransaction(nsnull)
     , mConnInfo(nsnull)
     , mLock(nsnull)
     , mLastReadTime(0)
     , mIdleTimeout(0)
     , mKeepAlive(PR_TRUE) // assume to keep-alive by default
     , mKeepAliveMask(PR_TRUE)
     , mSupportsPipelining(PR_FALSE) // assume low-grade server
     , mIsReused(PR_FALSE)
     , mCompletedSSLConnect(PR_FALSE)
-    , mActivationCount(0)
 {
     LOG(("Creating nsHttpConnection @%x\n", this));
 
     // grab a reference to the handler to ensure that it doesn't go away.
     nsHttpHandler *handler = gHttpHandler;
     NS_ADDREF(handler);
 }
 
 nsHttpConnection::~nsHttpConnection()
 {
     LOG(("Destroying nsHttpConnection @%x\n", this));
-
-    CancelSynTimer();
-    if (mBackupConnection) {
-        gHttpHandler->ReclaimConnection(mBackupConnection);
-        mBackupConnection = nsnull;
-    }
-
-    ReleaseCallbacks();
+ 
     NS_IF_RELEASE(mConnInfo);
+    NS_IF_RELEASE(mTransaction);
 
     if (mLock) {
         PR_DestroyLock(mLock);
         mLock = nsnull;
     }
 
     // release our reference to the handler
     nsHttpHandler *handler = gHttpHandler;
     NS_RELEASE(handler);
 }
 
-void
-nsHttpConnection::ReleaseCallbacks()
-{
-    if (mCallbacks) {
-        nsIInterfaceRequestor *cbs = nsnull;
-        mCallbacks.swap(cbs);
-        NS_ProxyRelease(mCallbackTarget, cbs);
-    }
-}
-
-void
-nsHttpConnection::CancelSynTimer()
-{
-    if (mIdleSynTimer) {
-        mIdleSynTimer->Cancel();
-        mIdleSynTimer = nsnull;
-    }
-}
-
 nsresult
 nsHttpConnection::Init(nsHttpConnectionInfo *info, PRUint16 maxHangTime)
 {
     LOG(("nsHttpConnection::Init [this=%x]\n", this));
 
     NS_ENSURE_ARG_POINTER(info);
     NS_ENSURE_TRUE(!mConnInfo, NS_ERROR_ALREADY_INITIALIZED);
 
@@ -153,146 +115,72 @@ nsHttpConnection::Init(nsHttpConnectionI
     mConnInfo = info;
     NS_ADDREF(mConnInfo);
 
     mMaxHangTime = maxHangTime;
     mLastReadTime = NowInSeconds();
     return NS_OK;
 }
 
-void
-nsHttpConnection::IdleSynTimeout(nsITimer *timer, void *closure)
-{
-    // nsITimer is guaranteed to execute timer on same thread it
-    // was initialized on
-    NS_ABORT_IF_FALSE(PR_GetCurrentThread() == gSocketThread, "wrong thread");
-
-    nsHttpConnection *self = (nsHttpConnection *)closure;
-    NS_ABORT_IF_FALSE(timer == self->mIdleSynTimer, "wrong timer");
-    self->mIdleSynTimer = nsnull;
-
-    if (!self->mSocketTransport) {
-        NS_ABORT_IF_FALSE(self->mSocketTransport1 && !self->mSocketTransport2,
-                          "establishing backup tranport");
-
-        LOG(("SocketTransport hit idle timer - starting backup socket"));
-
-        // if we have already cleared ::CloseTransaction, then we do not
-        // need to create the backup connection
-        if (!self->mTransaction)
-            return;
-
-        gHttpHandler->ConnMgr()->GetConnection(self->mConnInfo,
-                                               self->mSocketCaps,
-                                               getter_AddRefs(
-                                                   self->mBackupConnection));
-        if (!self->mBackupConnection)
-            return;
-        nsresult rv =
-            self->CreateTransport(self->mSocketCaps,
-                                  getter_AddRefs(self->mSocketTransport2),
-                                  getter_AddRefs(self->mSocketIn2),
-                                  getter_AddRefs(self->mSocketOut2));
-        if (NS_SUCCEEDED(rv)) {
-            sCreateTransport2++;
-            self->mTransaction->
-                GetSecurityCallbacks(
-                    getter_AddRefs(self->mCallbacks),
-                    getter_AddRefs(self->mCallbackTarget));
-            self->mSocketOut2->AsyncWait(self, 0, 0, nsnull);
-        }
-    }
-
-    return;
-}
-
 // called on the socket thread
 nsresult
 nsHttpConnection::Activate(nsAHttpTransaction *trans, PRUint8 caps)
 {
     nsresult rv;
 
-    NS_ABORT_IF_FALSE(PR_GetCurrentThread() == gSocketThread, "wrong thread");
     LOG(("nsHttpConnection::Activate [this=%x trans=%x caps=%x]\n",
          this, trans, caps));
 
     NS_ENSURE_ARG_POINTER(trans);
     NS_ENSURE_TRUE(!mTransaction, NS_ERROR_IN_PROGRESS);
 
     // take ownership of the transaction
     mTransaction = trans;
-    mActivationCount++;
-    ReleaseCallbacks();
+    NS_ADDREF(mTransaction);
 
     // set mKeepAlive according to what will be requested
     mKeepAliveMask = mKeepAlive = (caps & NS_HTTP_ALLOW_KEEPALIVE);
 
+    // if we don't have a socket transport then create a new one
+    if (!mSocketTransport) {
+        rv = CreateTransport(caps);
+        if (NS_FAILED(rv))
+            goto loser;
+    }
+
     // need to handle SSL proxy CONNECT if this is the first time.
     if (mConnInfo->UsingSSL() && mConnInfo->UsingHttpProxy() && !mCompletedSSLConnect) {
         rv = SetupSSLProxyConnect();
         if (NS_FAILED(rv))
-            goto failed_activation;
+            goto loser;
     }
 
-    // if we don't have a socket transport then create a new one
-    if (!mSocketTransport) {
-        rv = CreateTransport(caps);
-    }
-    else {
-        NS_ABORT_IF_FALSE(mSocketOut && mSocketIn,
-                          "Socket Transport and SocketOut mismatch");
-        
-        // If this is the first transaction on this connection, but
-        // we already have a socket that means the socket was created
-        // speculatively in the past, not used at that time, and
-        // given to the connection manager.
-        if (mActivationCount == 1) {
-            sWastedReuseCount++;
-            rv = mSocketTransport->SetEventSink(this, nsnull);
-            NS_ENSURE_SUCCESS(rv, rv);
-            rv = mSocketTransport->SetSecurityCallbacks(this);
-            NS_ENSURE_SUCCESS(rv, rv);
-        }
-        rv = mSocketOut->AsyncWait(this, 0, 0, nsnull);
-    }
-    
-failed_activation:
-    if (NS_FAILED(rv)) {
-        mTransaction = nsnull;
-        CancelSynTimer();
-    }
+    // wait for the output stream to be readable
+    rv = mSocketOut->AsyncWait(this, 0, 0, nsnull);
+    if (NS_SUCCEEDED(rv))
+        return rv;
 
+loser:
+    NS_RELEASE(mTransaction);
     return rv;
 }
 
 void
 nsHttpConnection::Close(nsresult reason)
 {
     LOG(("nsHttpConnection::Close [this=%x reason=%x]\n", this, reason));
 
-    NS_ABORT_IF_FALSE(PR_GetCurrentThread() == gSocketThread, "wrong thread");
+    NS_ASSERTION(PR_GetCurrentThread() == gSocketThread, "wrong thread");
 
     if (NS_FAILED(reason)) {
         if (mSocketTransport) {
             mSocketTransport->SetSecurityCallbacks(nsnull);
             mSocketTransport->SetEventSink(nsnull, nsnull);
             mSocketTransport->Close(reason);
         }
-        
-        if (mSocketTransport1) {
-            mSocketTransport1->SetSecurityCallbacks(nsnull);
-            mSocketTransport1->SetEventSink(nsnull, nsnull);
-            mSocketTransport1->Close(reason);
-        }
-        
-        if (mSocketTransport2) {
-            mSocketTransport2->SetSecurityCallbacks(nsnull);
-            mSocketTransport2->SetEventSink(nsnull, nsnull);
-            mSocketTransport2->Close(reason);
-        }
         mKeepAlive = PR_FALSE;
     }
 }
 
 // called on the socket thread
 nsresult
 nsHttpConnection::ProxyStartSSL()
 {
@@ -513,17 +401,17 @@ nsHttpConnection::OnHeadersAvailable(nsA
             NS_ASSERTION(NS_SUCCEEDED(rv), "mSocketOut->AsyncWait failed");
         }
         else {
             LOG(("SSL proxy CONNECT failed!\n"));
             // NOTE: this cast is valid since this connection cannot be
             // processing a transaction pipeline until after the first HTTP/1.1
             // response.
             nsHttpTransaction *trans =
-                     static_cast<nsHttpTransaction *>(mTransaction.get());
+                    static_cast<nsHttpTransaction *>(mTransaction);
             trans->SetSSLConnectFailed();
         }
     }
 
     return NS_OK;
 }
 
 void
@@ -567,61 +455,19 @@ nsHttpConnection::ResumeRecv()
 
 //-----------------------------------------------------------------------------
 // nsHttpConnection <private>
 //-----------------------------------------------------------------------------
 
 nsresult
 nsHttpConnection::CreateTransport(PRUint8 caps)
 {
-    NS_ABORT_IF_FALSE(PR_GetCurrentThread() == gSocketThread, "wrong thread");
-    NS_ABORT_IF_FALSE(!mSocketTransport, "unexpected");
-
     nsresult rv;
-    mSocketCaps = caps;
-    sCreateTransport1++;
-    
-    PRUint16 timeout = gHttpHandler->GetIdleSynTimeout();
-    if (timeout) {
-
-        // Setup the timer that will establish a backup socket
-        // if we do not get a writable event on the main one.
-        // We do this because a lost SYN takes a very long time
-        // to repair at the TCP level.
-        //
-        // Failure to setup the timer is something we can live with,
-        // so don't return an error in that case.
 
-        mIdleSynTimer = do_CreateInstance(NS_TIMER_CONTRACTID, &rv);
-        if (NS_SUCCEEDED(rv))
-            mIdleSynTimer->InitWithFuncCallback(IdleSynTimeout, this,
-                                                timeout,
-                                                nsITimer::TYPE_ONE_SHOT);
-    }
-    
-    rv = CreateTransport(mSocketCaps,
-                         getter_AddRefs(mSocketTransport1),
-                         getter_AddRefs(mSocketIn1),
-                         getter_AddRefs(mSocketOut1));
-    if (NS_FAILED(rv))
-        return rv;
-
-    // wait for the output stream to be readable or timeout to occur
-    return mSocketOut1->AsyncWait(this, 0, 0, nsnull);
-}
-
-nsresult
-nsHttpConnection::CreateTransport(PRUint8 caps,
-                                  nsISocketTransport **sock,
-                                  nsIAsyncInputStream **instream,
-                                  nsIAsyncOutputStream **outstream)
-{
-    NS_ABORT_IF_FALSE(PR_GetCurrentThread() == gSocketThread, "wrong thread");
-
-    nsresult rv;
+    NS_PRECONDITION(!mSocketTransport, "unexpected");
 
     nsCOMPtr<nsISocketTransportService> sts =
             do_GetService(NS_SOCKETTRANSPORTSERVICE_CONTRACTID, &rv);
     if (NS_FAILED(rv)) return rv;
 
     // configure the socket type based on the connection type requested.
     const char* types[1];
 
@@ -663,31 +509,19 @@ nsHttpConnection::CreateTransport(PRUint
     rv = strans->OpenOutputStream(nsITransport::OPEN_UNBUFFERED, 0, 0,
                                   getter_AddRefs(sout));
     if (NS_FAILED(rv)) return rv;
     nsCOMPtr<nsIInputStream> sin;
     rv = strans->OpenInputStream(nsITransport::OPEN_UNBUFFERED, 0, 0,
                                  getter_AddRefs(sin));
     if (NS_FAILED(rv)) return rv;
 
-    strans.forget(sock);
-    CallQueryInterface(sin, instream);
-    CallQueryInterface(sout, outstream);
-
-    return NS_OK;
-}
-
-nsresult
-nsHttpConnection::AssignTransport(nsISocketTransport *sock,
-                                  nsIAsyncOutputStream *outs,
-                                  nsIAsyncInputStream *ins)
-{
-    mSocketTransport = sock;
-    mSocketOut = outs;
-    mSocketIn = ins;
+    mSocketTransport = strans;
+    mSocketIn = do_QueryInterface(sin);
+    mSocketOut = do_QueryInterface(sout);
     return NS_OK;
 }
 
 void
 nsHttpConnection::CloseTransaction(nsAHttpTransaction *trans, nsresult reason)
 {
     LOG(("nsHttpConnection::CloseTransaction[this=%x trans=%x reason=%x]\n",
         this, trans, reason));
@@ -695,17 +529,19 @@ nsHttpConnection::CloseTransaction(nsAHt
     NS_ASSERTION(trans == mTransaction, "wrong transaction");
     NS_ASSERTION(PR_GetCurrentThread() == gSocketThread, "wrong thread");
 
     // mask this error code because its not a real error.
     if (reason == NS_BASE_STREAM_CLOSED)
         reason = NS_OK;
 
     mTransaction->Close(reason);
-    mTransaction = nsnull;
+
+    NS_RELEASE(mTransaction);
+    mTransaction = 0;
 
     if (NS_FAILED(reason))
         Close(reason);
 
     // flag the connection as reused here for convenience sake.  certainly
     // it might be going away instead ;-)
     mIsReused = PR_TRUE;
 }
@@ -906,18 +742,17 @@ nsHttpConnection::SetupSSLProxyConnect()
     request.SetRequestURI(buf);
     request.SetHeader(nsHttp::User_Agent, gHttpHandler->UserAgent());
 
     // send this header for backwards compatibility.
     request.SetHeader(nsHttp::Proxy_Connection, NS_LITERAL_CSTRING("keep-alive"));
 
     // NOTE: this cast is valid since this connection cannot be processing a
     // transaction pipeline until after the first HTTP/1.1 response.
-    nsHttpTransaction *trans =
-        static_cast<nsHttpTransaction *>(mTransaction.get());
+    nsHttpTransaction *trans = static_cast<nsHttpTransaction *>(mTransaction);
     
     val = trans->RequestHead()->PeekHeader(nsHttp::Host);
     if (val) {
         // all HTTP/1.1 requests must include a Host header (even though it
         // may seem redundant in this case; see bug 82388).
         request.SetHeader(nsHttp::Host, nsDependentCString(val));
     }
 
@@ -930,95 +765,16 @@ nsHttpConnection::SetupSSLProxyConnect()
 
     buf.Truncate();
     request.Flatten(buf, PR_FALSE);
     buf.AppendLiteral("\r\n");
 
     return NS_NewCStringInputStream(getter_AddRefs(mSSLProxyConnectStream), buf);
 }
 
-void
-nsHttpConnection::ReleaseBackupTransport(nsISocketTransport *sock,
-                                         nsIAsyncOutputStream *outs,
-                                         nsIAsyncInputStream *ins)
-{
-    // We need to establish a small non-zero idle timeout so the connection
-    // mgr perceives this socket as suitable for persistent connection reuse
-    NS_ABORT_IF_FALSE(sock && outs && ins, "release Backup precond");
-    mBackupConnection->mIdleTimeout = NS_MIN((PRUint16) 5,
-                                             gHttpHandler->IdleTimeout());
-    mBackupConnection->mIsReused = PR_TRUE;
-    nsresult rv = mBackupConnection->AssignTransport(sock, outs, ins);
-    if (NS_SUCCEEDED(rv))
-        rv = gHttpHandler->ReclaimConnection(mBackupConnection);
-    if (NS_FAILED(rv))
-        NS_WARNING("Backup nsHttpConnection could not be reclaimed");
-    mBackupConnection = nsnull;
-}
-
-void
-nsHttpConnection::SelectPrimaryTransport(nsIAsyncOutputStream *out)
-{
-    LOG(("nsHttpConnection::SelectPrimaryTransport(out=%p), mSocketOut1=%p, mSocketOut2=%p, mSocketOut=%p",
-         out, mSocketOut1.get(), mSocketOut2.get(), mSocketOut.get()));
-
-    if (!mSocketOut) {
-        // Setup the Main Socket
-
-        CancelSynTimer();
-
-        if (out == mSocketOut1) {
-            sSuccessTransport1++;
-            mSocketTransport.swap(mSocketTransport1);
-            mSocketOut.swap(mSocketOut1);
-            mSocketIn.swap(mSocketIn1);
-
-            if (mSocketTransport2)
-                sUnNecessaryTransport2++;
-        }
-        else if (out == mSocketOut2) {
-            NS_ABORT_IF_FALSE(mSocketOut1,
-                              "backup socket without primary being tested");
-
-            sSuccessTransport2++;
-            mSocketTransport.swap(mSocketTransport2);
-            mSocketOut.swap(mSocketOut2);
-            mSocketIn.swap(mSocketIn2);
-        }
-        else {
-            NS_ABORT_IF_FALSE(0, "setup on unexpected socket");
-            return;
-        }
-    }
-    else if (out == mSocketOut1) {
-        // Socket2 became the primary socket but Socket1 is now valid - give it
-        // to the connection manager
-
-        ReleaseBackupTransport(mSocketTransport1,
-                               mSocketOut1,
-                               mSocketIn1);
-        sSuccessTransport1++;
-        mSocketTransport1 = nsnull;
-        mSocketOut1 = nsnull;
-        mSocketIn1 = nsnull;
-    }
-    else if (out == mSocketOut2) {
-        // Socket1 became the primary socket but Socket2 is now valid - give it
-        // to the connectionmanager
-
-        ReleaseBackupTransport(mSocketTransport2,
-                               mSocketOut2,
-                               mSocketIn2);
-        sSuccessTransport2++;
-        mSocketTransport2 = nsnull;
-        mSocketOut2 = nsnull;
-        mSocketIn2 = nsnull;
-    }
-}
-
 //-----------------------------------------------------------------------------
 // nsHttpConnection::nsISupports
 //-----------------------------------------------------------------------------
 
 NS_IMPL_THREADSAFE_ISUPPORTS4(nsHttpConnection,
                               nsIInputStreamCallback,
                               nsIOutputStreamCallback,
                               nsITransportEventSink,
@@ -1050,36 +806,28 @@ nsHttpConnection::OnInputStreamReady(nsI
 
 //-----------------------------------------------------------------------------
 // nsHttpConnection::nsIOutputStreamCallback
 //-----------------------------------------------------------------------------
 
 NS_IMETHODIMP
 nsHttpConnection::OnOutputStreamReady(nsIAsyncOutputStream *out)
 {
-    NS_ABORT_IF_FALSE(PR_GetCurrentThread() == gSocketThread, "wrong thread");
-
-    NS_ABORT_IF_FALSE(out == mSocketOut  ||
-                      out == mSocketOut1 ||
-                      out == mSocketOut2    , "unexpected socket");
-    if (out != mSocketOut)
-        SelectPrimaryTransport(out);
+    NS_ASSERTION(out == mSocketOut, "unexpected stream");
+    NS_ASSERTION(PR_GetCurrentThread() == gSocketThread, "wrong thread");
 
     // if the transaction was dropped...
     if (!mTransaction) {
         LOG(("  no transaction; ignoring event\n"));
         return NS_OK;
     }
 
-    if (mSocketOut == out) {
-        NS_ABORT_IF_FALSE(!mIdleSynTimer,"IdleSynTimer should not be set");
-        nsresult rv = OnSocketWritable();
-        if (NS_FAILED(rv))
-            CloseTransaction(mTransaction, rv);
-    }
+    nsresult rv = OnSocketWritable();
+    if (NS_FAILED(rv))
+        CloseTransaction(mTransaction, rv);
 
     return NS_OK;
 }
 
 //-----------------------------------------------------------------------------
 // nsHttpConnection::nsITransportEventSink
 //-----------------------------------------------------------------------------
 
@@ -1102,17 +850,18 @@ nsHttpConnection::OnTransportStatus(nsIT
 NS_IMETHODIMP
 nsHttpConnection::GetInterface(const nsIID &iid, void **result)
 {
     // NOTE: This function is only called on the UI thread via sync proxy from
     //       the socket transport thread.  If that weren't the case, then we'd
     //       have to worry about the possibility of mTransaction going away
     //       part-way through this function call.  See CloseTransaction.
     NS_ASSERTION(PR_GetCurrentThread() != gSocketThread, "wrong thread");
-        
-    nsCOMPtr<nsIInterfaceRequestor> callbacks = mCallbacks;
-    if (!callbacks && mTransaction)
-        mTransaction->GetSecurityCallbacks(getter_AddRefs(callbacks), nsnull);
-    if (callbacks)
-        return callbacks->GetInterface(iid, result);
+ 
+    if (mTransaction) {
+        nsCOMPtr<nsIInterfaceRequestor> callbacks;
+        mTransaction->GetSecurityCallbacks(getter_AddRefs(callbacks));
+        if (callbacks)
+            return callbacks->GetInterface(iid, result);
+    }
 
     return NS_ERROR_NO_INTERFACE;
 }
--- a/netwerk/protocol/http/nsHttpConnection.h
+++ b/netwerk/protocol/http/nsHttpConnection.h
@@ -48,18 +48,16 @@
 #include "prlock.h"
 #include "nsAutoPtr.h"
 
 #include "nsIStreamListener.h"
 #include "nsISocketTransport.h"
 #include "nsIAsyncInputStream.h"
 #include "nsIAsyncOutputStream.h"
 #include "nsIInterfaceRequestor.h"
-#include "nsIEventTarget.h"
-#include "nsITimer.h"
 
 //-----------------------------------------------------------------------------
 // nsHttpConnection - represents a connection to a HTTP server (or proxy)
 //
 // NOTE: this objects lives on the socket thread only.  it should not be
 // accessed from any other thread.
 //-----------------------------------------------------------------------------
 
@@ -128,85 +126,45 @@ public:
     static NS_METHOD ReadFromStream(nsIInputStream *, void *, const char *,
                                     PRUint32, PRUint32, PRUint32 *);
 
 private:
     // called to cause the underlying socket to start speaking SSL
     nsresult ProxyStartSSL();
 
     nsresult CreateTransport(PRUint8 caps);
-    nsresult CreateTransport(PRUint8 caps,
-                             nsISocketTransport **sock,
-                             nsIAsyncInputStream **instream,
-                             nsIAsyncOutputStream **outstream);
-    nsresult AssignTransport(nsISocketTransport *sock,
-                             nsIAsyncOutputStream *outs,
-                             nsIAsyncInputStream *ins);
-
     nsresult OnTransactionDone(nsresult reason);
     nsresult OnSocketWritable();
     nsresult OnSocketReadable();
 
     nsresult SetupSSLProxyConnect();
 
     PRBool   IsAlive();
     PRBool   SupportsPipelining(nsHttpResponseHead *);
     
-    static void  IdleSynTimeout(nsITimer *, void *);
-    void         SelectPrimaryTransport(nsIAsyncOutputStream *out);
-    void         ReleaseBackupTransport(nsISocketTransport *sock,
-                                        nsIAsyncOutputStream *outs,
-                                        nsIAsyncInputStream *ins);
-    void         CancelSynTimer();
-    void         ReleaseCallbacks();
 private:
     nsCOMPtr<nsISocketTransport>    mSocketTransport;
     nsCOMPtr<nsIAsyncInputStream>   mSocketIn;
     nsCOMPtr<nsIAsyncOutputStream>  mSocketOut;
 
     nsresult                        mSocketInCondition;
     nsresult                        mSocketOutCondition;
 
     nsCOMPtr<nsIInputStream>        mSSLProxyConnectStream;
     nsCOMPtr<nsIInputStream>        mRequestStream;
 
-    // mTransaction only points to the HTTP Transaction callbacks if the
-    // transaction is open, otherwise it is null.
-    nsRefPtr<nsAHttpTransaction>    mTransaction;
-
-    // The security callbacks are only stored if we initiate a
-    // backup connection because they need to be proxy released
-    // on the main thread.
-    nsCOMPtr<nsIInterfaceRequestor> mCallbacks;
-    nsCOMPtr<nsIEventTarget>        mCallbackTarget;
-
+    nsAHttpTransaction             *mTransaction; // hard ref
     nsHttpConnectionInfo           *mConnInfo;    // hard ref
 
     PRLock                         *mLock;
 
     PRUint32                        mLastReadTime;
     PRUint16                        mMaxHangTime;    // max download time before dropping keep-alive status
     PRUint16                        mIdleTimeout;    // value of keep-alive: timeout=
 
     PRPackedBool                    mKeepAlive;
     PRPackedBool                    mKeepAliveMask;
     PRPackedBool                    mSupportsPipelining;
     PRPackedBool                    mIsReused;
     PRPackedBool                    mCompletedSSLConnect;
-
-    PRUint32                        mActivationCount;
-
-    // These items are used to implement a parallel connection opening
-    // attempt when network.http.connection-retry-timeout has expired
-    PRUint8                         mSocketCaps;
-    nsCOMPtr<nsITimer>              mIdleSynTimer;
-    nsRefPtr<nsHttpConnection>      mBackupConnection;
-
-    nsCOMPtr<nsISocketTransport>    mSocketTransport1;
-    nsCOMPtr<nsIAsyncInputStream>   mSocketIn1;
-    nsCOMPtr<nsIAsyncOutputStream>  mSocketOut1;
-
-    nsCOMPtr<nsISocketTransport>    mSocketTransport2;
-    nsCOMPtr<nsIAsyncInputStream>   mSocketIn2;
-    nsCOMPtr<nsIAsyncOutputStream>  mSocketOut2;
 };
 
 #endif // nsHttpConnection_h__
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
@@ -395,40 +395,34 @@ nsHttpConnectionMgr::ProcessOneTransacti
     nsConnectionEntry *ent = (nsConnectionEntry *) data;
 
     if (self->ProcessPendingQForEntry(ent))
         return kHashEnumerateStop;
 
     return kHashEnumerateNext;
 }
 
-// If the global number of idle connections is preventing the opening of
-// new connections to a host without idle connections, then
-// close them regardless of their TTL
 PRIntn
-nsHttpConnectionMgr::PurgeExcessIdleConnectionsCB(nsHashKey *key,
-                                                  void *data, void *closure)
+nsHttpConnectionMgr::PurgeOneIdleConnectionCB(nsHashKey *key, void *data, void *closure)
 {
     nsHttpConnectionMgr *self = (nsHttpConnectionMgr *) closure;
     nsConnectionEntry *ent = (nsConnectionEntry *) data;
 
-    while (self->mNumIdleConns + self->mNumActiveConns + 1 >= self->mMaxConns) {
-        if (!ent->mIdleConns.Length()) {
-            // There are no idle conns left in this connection entry
-            return kHashEnumerateNext;
-        }
+    if (ent->mIdleConns.Length() > 0) {
         nsHttpConnection *conn = ent->mIdleConns[0];
         ent->mIdleConns.RemoveElementAt(0);
         conn->Close(NS_ERROR_ABORT);
         NS_RELEASE(conn);
         self->mNumIdleConns--;
         if (0 == self->mNumIdleConns)
             self->StopPruneDeadConnectionsTimer();
+        return kHashEnumerateStop;
     }
-    return kHashEnumerateStop;
+
+    return kHashEnumerateNext;
 }
 
 PRIntn
 nsHttpConnectionMgr::PruneDeadConnectionsCB(nsHashKey *key, void *data, void *closure)
 {
     nsHttpConnectionMgr *self = (nsHttpConnectionMgr *) closure;
     nsConnectionEntry *ent = (nsConnectionEntry *) data;
 
@@ -593,18 +587,18 @@ nsHttpConnectionMgr::ProcessPendingQForE
 PRBool
 nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 caps)
 {
     nsHttpConnectionInfo *ci = ent->mConnInfo;
 
     LOG(("nsHttpConnectionMgr::AtActiveConnectionLimit [ci=%s caps=%x]\n",
         ci->HashKey().get(), caps));
 
-    // If there are more active connections than the global limit, then we're
-    // done. Purging idle connections won't get us below it.
+    // If we have more active connections than the limit, then we're done --
+    // purging idle connections won't get us below it.
     if (mNumActiveConns >= mMaxConns) {
         LOG(("  num active conns == max conns\n"));
         return PR_TRUE;
     }
 
     nsHttpConnection *conn;
     PRInt32 i, totalCount, persistCount = 0;
     
@@ -632,47 +626,28 @@ nsHttpConnectionMgr::AtActiveConnectionL
     }
 
     // use >= just to be safe
     return (totalCount >= maxConns) || ( (caps & NS_HTTP_ALLOW_KEEPALIVE) &&
                                          (persistCount >= maxPersistConns) );
 }
 
 void
-nsHttpConnectionMgr::GetConnection(nsHttpConnectionInfo *ci,
-                                   PRUint8 caps,
-                                   nsHttpConnection **result)
-{
-    NS_ASSERTION(PR_GetCurrentThread() == gSocketThread, "wrong thread");
-    nsCStringKey key(ci->HashKey());
-    nsConnectionEntry *ent = (nsConnectionEntry *) mCT.Get(&key);
-    if (!ent) return;
-    GetConnection(ent, caps, result);
-}
-
-void
 nsHttpConnectionMgr::GetConnection(nsConnectionEntry *ent, PRUint8 caps,
                                    nsHttpConnection **result)
 {
     LOG(("nsHttpConnectionMgr::GetConnection [ci=%s caps=%x]\n",
         ent->mConnInfo->HashKey().get(), PRUint32(caps)));
 
-    // First, see if an idle persistent connection may be reused instead of
-    // establishing a new socket. We do not need to check the connection limits
-    // yet as they govern the maximum number of open connections and reusing
-    // an old connection never increases that.
-
     *result = nsnull;
 
     nsHttpConnection *conn = nsnull;
 
     if (caps & NS_HTTP_ALLOW_KEEPALIVE) {
-        // search the idle connection list. Each element in the list
-        // has a reference, so if we remove it from the list into a local
-        // ptr, that ptr now owns the reference
+        // search the idle connection list
         while (!conn && (ent->mIdleConns.Length() > 0)) {
             conn = ent->mIdleConns[0];
             // we check if the connection can be reused before even checking if
             // it is a "matching" connection.
             if (!conn->CanReuse()) {
                 LOG(("   dropping stale connection: [conn=%x]\n", conn));
                 conn->Close(NS_ERROR_ABORT);
                 NS_RELEASE(conn);
@@ -692,40 +667,38 @@ nsHttpConnectionMgr::GetConnection(nsCon
     if (!conn) {
         // Check if we need to purge an idle connection. Note that we may have
         // removed one above; if so, this will be a no-op. We do this before
         // checking the active connection limit to catch the case where we do
         // have an idle connection, but the purge timer hasn't fired yet.
         // XXX this just purges a random idle connection.  we should instead
         // enumerate the entire hash table to find the eldest idle connection.
         if (mNumIdleConns && mNumIdleConns + mNumActiveConns + 1 >= mMaxConns)
-            mCT.Enumerate(PurgeExcessIdleConnectionsCB, this);
+            mCT.Enumerate(PurgeOneIdleConnectionCB, this);
 
         // Need to make a new TCP connection. First, we check if we've hit
         // either the maximum connection limit globally or for this particular
         // host or proxy. If we have, we're done.
         if (AtActiveConnectionLimit(ent, caps)) {
             LOG(("  at active connection limit!\n"));
             return;
         }
 
         conn = new nsHttpConnection();
+        if (!conn)
+            return;
         NS_ADDREF(conn);
+
         nsresult rv = conn->Init(ent->mConnInfo, mMaxRequestDelay);
         if (NS_FAILED(rv)) {
             NS_RELEASE(conn);
             return;
         }
     }
 
-    // hold an owning ref to this connection
-    ent->mActiveConns.AppendElement(conn);
-    mNumActiveConns++;
-    NS_ADDREF(conn);
-
     *result = conn;
 }
 
 nsresult
 nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent,
                                          nsAHttpTransaction *trans,
                                          PRUint8 caps,
                                          nsHttpConnection *conn)
@@ -740,16 +713,21 @@ nsHttpConnectionMgr::DispatchTransaction
 
     nsHttpPipeline *pipeline = nsnull;
     if (conn->SupportsPipelining() && (caps & NS_HTTP_ALLOW_PIPELINING)) {
         LOG(("  looking to build pipeline...\n"));
         if (BuildPipeline(ent, trans, &pipeline))
             trans = pipeline;
     }
 
+    // hold an owning ref to this connection
+    ent->mActiveConns.AppendElement(conn);
+    mNumActiveConns++;
+    NS_ADDREF(conn);
+
     // give the transaction the indirect reference to the connection.
     trans->SetConnection(handle);
 
     nsresult rv = conn->Activate(trans, caps);
 
     if (NS_FAILED(rv)) {
         LOG(("  conn->Activate failed [rv=%x]\n", rv));
         ent->mActiveConns.RemoveElement(conn);
@@ -854,16 +832,25 @@ nsHttpConnectionMgr::ProcessNewTransacti
 
         // steal reference from connection handle.
         // XXX prevent SetConnection(nsnull) from calling ReclaimConnection
         conn = handle->mConn;
         handle->mConn = nsnull;
 
         // destroy connection handle.
         trans->SetConnection(nsnull);
+
+        // remove sticky connection from active connection list; we'll add it
+        // right back in DispatchTransaction.
+        if (ent->mActiveConns.RemoveElement(conn))
+            mNumActiveConns--;
+        else {
+            NS_ERROR("sticky connection not found in active list");
+            return NS_ERROR_UNEXPECTED;
+        }
     }
     else
         GetConnection(ent, caps, &conn);
 
     nsresult rv;
     if (!conn) {
         LOG(("  adding transaction to pending queue [trans=%x pending-count=%u]\n",
             trans, ent->mPendingQ.Length()+1));
@@ -1006,45 +993,38 @@ nsHttpConnectionMgr::OnMsgReclaimConnect
     nsHttpConnectionInfo *ci = conn->ConnectionInfo();
     NS_ADDREF(ci);
 
     nsCStringKey key(ci->HashKey());
     nsConnectionEntry *ent = (nsConnectionEntry *) mCT.Get(&key);
 
     NS_ASSERTION(ent, "no connection entry");
     if (ent) {
-        // If the connection is in the active list, remove that entry
-        // and the reference held by the mActiveConns list.
-        // This is never the final reference on conn as the event context
-        // is also holding one that is released at the end of this function.
-        if (ent->mActiveConns.RemoveElement(conn)) {
-            nsHttpConnection *temp = conn;
-            NS_RELEASE(temp);
-            mNumActiveConns--;
-        }
-
+        ent->mActiveConns.RemoveElement(conn);
+        mNumActiveConns--;
         if (conn->CanReuse()) {
             LOG(("  adding connection to idle list\n"));
             // hold onto this connection in the idle list.  we push it to
             // the end of the list so as to ensure that we'll visit older
             // connections first before getting to this one.
-            NS_ADDREF(conn);
             ent->mIdleConns.AppendElement(conn);
             mNumIdleConns++;
             // If the added connection was first idle connection or has shortest
             // time to live among the idle connections, pruning dead
             // connections needs to be done when it can't be reused anymore.
             PRUint32 timeToLive = conn->TimeToLive();
             if(!mTimer || NowInSeconds() + timeToLive < mTimeOfNextWakeUp)
                 PruneDeadConnectionsAfter(timeToLive);
         }
         else {
             LOG(("  connection cannot be reused; closing connection\n"));
             // make sure the connection is closed and release our reference.
             conn->Close(NS_ERROR_ABORT);
+            nsHttpConnection *temp = conn;
+            NS_RELEASE(temp);
         }
     }
  
     OnMsgProcessPendingQ(NS_OK, ci); // releases |ci|
     NS_RELEASE(conn);
 }
 
 void
--- a/netwerk/protocol/http/nsHttpConnectionMgr.h
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h
@@ -132,19 +132,16 @@ public:
     // removes the next transaction for the specified connection from the
     // pending transaction queue.
     void AddTransactionToPipeline(nsHttpPipeline *);
 
     // called to force the transaction queue to be processed once more, giving
     // preference to the specified connection.
     nsresult ProcessPendingQ(nsHttpConnectionInfo *);
 
-    // called to reserve a nshttpconnection object with the manager
-    void GetConnection(nsHttpConnectionInfo *, PRUint8 caps,
-                       nsHttpConnection **);
 private:
     virtual ~nsHttpConnectionMgr();
 
     // nsConnectionEntry
     //
     // mCT maps connection info hash key to nsConnectionEntry object, which
     // contains list of active and idle connections as well as the list of
     // pending transactions.
@@ -204,20 +201,20 @@ private:
 
     PRPackedBool mIsShuttingDown;
 
     //-------------------------------------------------------------------------
     // NOTE: these members are only accessed on the socket transport thread
     //-------------------------------------------------------------------------
 
     static PRIntn ProcessOneTransactionCB(nsHashKey *, void *, void *);
-
+    static PRIntn PurgeOneIdleConnectionCB(nsHashKey *, void *, void *);
     static PRIntn PruneDeadConnectionsCB(nsHashKey *, void *, void *);
     static PRIntn ShutdownPassCB(nsHashKey *, void *, void *);
-    static PRIntn PurgeExcessIdleConnectionsCB(nsHashKey *, void *, void *);
+
     PRBool   ProcessPendingQForEntry(nsConnectionEntry *);
     PRBool   AtActiveConnectionLimit(nsConnectionEntry *, PRUint8 caps);
     void     GetConnection(nsConnectionEntry *, PRUint8 caps, nsHttpConnection **);
     nsresult DispatchTransaction(nsConnectionEntry *, nsAHttpTransaction *,
                                  PRUint8 caps, nsHttpConnection *);
     PRBool   BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **);
     nsresult ProcessNewTransaction(nsHttpTransaction *);
     nsresult EnsureSocketThreadTargetIfOnline();
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@@ -173,17 +173,16 @@ nsHttpHandler::nsHttpHandler()
     , mHttpVersion(NS_HTTP_VERSION_1_1)
     , mProxyHttpVersion(NS_HTTP_VERSION_1_1)
     , mCapabilities(NS_HTTP_ALLOW_KEEPALIVE)
     , mProxyCapabilities(NS_HTTP_ALLOW_KEEPALIVE)
     , mReferrerLevel(0xff) // by default we always send a referrer
     , mIdleTimeout(10)
     , mMaxRequestAttempts(10)
     , mMaxRequestDelay(10)
-    , mIdleSynTimeout(250)
     , mMaxConnections(24)
     , mMaxConnectionsPerServer(8)
     , mMaxPersistentConnectionsPerServer(2)
     , mMaxPersistentConnectionsPerProxy(4)
     , mMaxPipelinedRequests(2)
     , mRedirectionLimit(10)
     , mPhishyUserPassLength(1)
     , mQoSBits(0x00)
@@ -914,22 +913,16 @@ nsHttpHandler::PrefsChanged(nsIPrefBranc
     }
 
     if (PREF_CHANGED(HTTP_PREF("redirection-limit"))) {
         rv = prefs->GetIntPref(HTTP_PREF("redirection-limit"), &val);
         if (NS_SUCCEEDED(rv))
             mRedirectionLimit = (PRUint8) NS_CLAMP(val, 0, 0xff);
     }
 
-    if (PREF_CHANGED(HTTP_PREF("connection-retry-timeout"))) {
-        rv = prefs->GetIntPref(HTTP_PREF("connection-retry-timeout"), &val);
-        if (NS_SUCCEEDED(rv))
-            mIdleSynTimeout = (PRUint16) NS_CLAMP(val, 0, 3000);
-    }
-
     if (PREF_CHANGED(HTTP_PREF("version"))) {
         nsXPIDLCString httpVersion;
         prefs->GetCharPref(HTTP_PREF("version"), getter_Copies(httpVersion));
         if (httpVersion) {
             if (!PL_strcmp(httpVersion, "1.1"))
                 mHttpVersion = NS_HTTP_VERSION_1_1;
             else if (!PL_strcmp(httpVersion, "0.9"))
                 mHttpVersion = NS_HTTP_VERSION_0_9;
--- a/netwerk/protocol/http/nsHttpHandler.h
+++ b/netwerk/protocol/http/nsHttpHandler.h
@@ -102,17 +102,16 @@ public:
     PRBool         SendSecureXSiteReferrer() { return mSendSecureXSiteReferrer; }
     PRUint8        RedirectionLimit()        { return mRedirectionLimit; }
     PRUint16       IdleTimeout()             { return mIdleTimeout; }
     PRUint16       MaxRequestAttempts()      { return mMaxRequestAttempts; }
     const char    *DefaultSocketType()       { return mDefaultSocketType.get(); /* ok to return null */ }
     nsIIDNService *IDNConverter()            { return mIDNConverter; }
     PRUint32       PhishyUserPassLength()    { return mPhishyUserPassLength; }
     PRUint8        GetQoSBits()              { return mQoSBits; }
-    PRUint16       GetIdleSynTimeout()       { return mIdleSynTimeout; }
     
     PRBool         IsPersistentHttpsCachingEnabled() { return mEnablePersistentHttpsCaching; }
 
     PRBool         PromptTempRedirect()      { return mPromptTempRedirect; }
 
     nsHttpAuthCache     *AuthCache() { return &mAuthCache; }
     nsHttpConnectionMgr *ConnMgr()   { return mConnMgr; }
 
@@ -259,17 +258,16 @@ private:
     PRUint8  mProxyHttpVersion;
     PRUint8  mCapabilities;
     PRUint8  mProxyCapabilities;
     PRUint8  mReferrerLevel;
 
     PRUint16 mIdleTimeout;
     PRUint16 mMaxRequestAttempts;
     PRUint16 mMaxRequestDelay;
-    PRUint16 mIdleSynTimeout;
 
     PRUint16 mMaxConnections;
     PRUint8  mMaxConnectionsPerServer;
     PRUint8  mMaxPersistentConnectionsPerServer;
     PRUint8  mMaxPersistentConnectionsPerProxy;
     PRUint8  mMaxPipelinedRequests;
 
     PRUint8  mRedirectionLimit;
--- a/netwerk/protocol/http/nsHttpPipeline.cpp
+++ b/netwerk/protocol/http/nsHttpPipeline.cpp
@@ -305,30 +305,26 @@ nsHttpPipeline::SetConnection(nsAHttpCon
     NS_IF_ADDREF(mConnection = conn);
 
     PRInt32 i, count = mRequestQ.Length();
     for (i=0; i<count; ++i)
         Request(i)->SetConnection(this);
 }
 
 void
-nsHttpPipeline::GetSecurityCallbacks(nsIInterfaceRequestor **result,
-                                     nsIEventTarget        **target)
+nsHttpPipeline::GetSecurityCallbacks(nsIInterfaceRequestor **result)
 {
     NS_ASSERTION(PR_GetCurrentThread() == gSocketThread, "wrong thread");
 
     // return security callbacks from first request
     nsAHttpTransaction *trans = Request(0);
     if (trans)
-        trans->GetSecurityCallbacks(result, target);
-    else {
+        trans->GetSecurityCallbacks(result);
+    else
         *result = nsnull;
-        if (target)
-            *target = nsnull;
-    }
 }
 
 void
 nsHttpPipeline::OnTransportStatus(nsresult status, PRUint64 progress)
 {
     LOG(("nsHttpPipeline::OnStatus [this=%x status=%x progress=%llu]\n",
         this, status, progress));
 
--- a/netwerk/protocol/http/nsHttpTransaction.cpp
+++ b/netwerk/protocol/http/nsHttpTransaction.cpp
@@ -323,22 +323,19 @@ nsHttpTransaction::TakeResponseHead()
 void
 nsHttpTransaction::SetConnection(nsAHttpConnection *conn)
 {
     NS_IF_RELEASE(mConnection);
     NS_IF_ADDREF(mConnection = conn);
 }
 
 void
-nsHttpTransaction::GetSecurityCallbacks(nsIInterfaceRequestor **cb,
-                                        nsIEventTarget        **target)
+nsHttpTransaction::GetSecurityCallbacks(nsIInterfaceRequestor **cb)
 {
     NS_IF_ADDREF(*cb = mCallbacks);
-    if (target)
-        NS_IF_ADDREF(*target = mConsumerTarget);
 }
 
 void
 nsHttpTransaction::OnTransportStatus(nsresult status, PRUint64 progress)
 {
     LOG(("nsHttpTransaction::OnSocketStatus [this=%x status=%x progress=%llu]\n",
         this, status, progress));