bug 1012853 - kill switch for https proxying r=hurley
authorPatrick McManus <mcmanus@ducksong.com>
Mon, 19 May 2014 16:29:46 -0400
changeset 184022 f5ea20c06879ea9564e5a289dd842bbd506ac7a5
parent 184021 94e3479f64ab3d751ad05b83b7810fd391cc1dd6
child 184023 24ddf040a705131f673b7b6ce7defb811c9b8973
push id26810
push usercbook@mozilla.com
push dateWed, 21 May 2014 11:46:36 +0000
treeherdermozilla-central@50fb8c4db2fd [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewershurley
bugs1012853
milestone32.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 1012853 - kill switch for https proxying r=hurley
modules/libpref/src/init/all.js
netwerk/base/src/nsProtocolProxyService.cpp
netwerk/base/src/nsProtocolProxyService.h
--- a/modules/libpref/src/init/all.js
+++ b/modules/libpref/src/init/all.js
@@ -1415,16 +1415,17 @@ pref("network.proxy.ftp_port",          
 pref("network.proxy.http",                  "");
 pref("network.proxy.http_port",             0);
 pref("network.proxy.ssl",                   "");
 pref("network.proxy.ssl_port",              0);
 pref("network.proxy.socks",                 "");
 pref("network.proxy.socks_port",            0);
 pref("network.proxy.socks_version",         5);
 pref("network.proxy.socks_remote_dns",      false);
+pref("network.proxy.proxy_over_tls",        true);
 pref("network.proxy.no_proxies_on",         "localhost, 127.0.0.1");
 pref("network.proxy.failover_timeout",      1800); // 30 minutes
 pref("network.online",                      true); //online/offline
 #ifdef RELEASE_BUILD
 pref("network.cookie.cookieBehavior",       0); // 0-Accept, 1-dontAcceptForeign, 2-dontUse, 3-limitForeign
 #else
 pref("network.cookie.cookieBehavior",       3); // 0-Accept, 1-dontAcceptForeign, 2-dontUse, 3-limitForeign
 #endif
--- a/netwerk/base/src/nsProtocolProxyService.cpp
+++ b/netwerk/base/src/nsProtocolProxyService.cpp
@@ -378,16 +378,17 @@ nsProtocolProxyService::nsProtocolProxyS
     , mFilters(nullptr)
     , mProxyConfig(PROXYCONFIG_DIRECT)
     , mHTTPProxyPort(-1)
     , mFTPProxyPort(-1)
     , mHTTPSProxyPort(-1)
     , mSOCKSProxyPort(-1)
     , mSOCKSProxyVersion(4)
     , mSOCKSProxyRemoteDNS(false)
+    , mProxyOverTLS(true)
     , mPACMan(nullptr)
     , mSessionStart(PR_Now())
     , mFailedProxyTimeout(30 * 60) // 30 minute default
 {
 }
 
 nsProtocolProxyService::~nsProtocolProxyService()
 {
@@ -523,16 +524,21 @@ nsProtocolProxyService::PrefsChanged(nsI
         else
             mSOCKSProxyVersion = 4;
     }
 
     if (!pref || !strcmp(pref, PROXY_PREF("socks_remote_dns")))
         proxy_GetBoolPref(prefBranch, PROXY_PREF("socks_remote_dns"),
                           mSOCKSProxyRemoteDNS);
 
+    if (!pref || !strcmp(pref, PROXY_PREF("proxy_over_tls"))) {
+        proxy_GetBoolPref(prefBranch, PROXY_PREF("proxy_over_tls"),
+                          mProxyOverTLS);
+    }
+
     if (!pref || !strcmp(pref, PROXY_PREF("failover_timeout")))
         proxy_GetIntPref(prefBranch, PROXY_PREF("failover_timeout"),
                          mFailedProxyTimeout);
 
     if (!pref || !strcmp(pref, PROXY_PREF("no_proxies_on"))) {
         rv = prefBranch->GetCharPref(PROXY_PREF("no_proxies_on"),
                                      getter_Copies(tempString));
         if (NS_SUCCEEDED(rv))
@@ -930,16 +936,21 @@ nsProtocolProxyService::ProcessPACString
         return;
     }
 
     const char *proxies = pacString.get();
 
     nsProxyInfo *pi = nullptr, *first = nullptr, *last = nullptr;
     while (*proxies) {
         proxies = ExtractProxyInfo(proxies, aResolveFlags, &pi);
+        if (pi && !mProxyOverTLS) {
+            delete pi;
+            pi = nullptr;
+        }
+
         if (pi) {
             if (last) {
                 NS_ASSERTION(last->mNext == nullptr, "leaking nsProxyInfo");
                 last->mNext = pi;
             }
             else
                 first = pi;
             last = pi;
--- a/netwerk/base/src/nsProtocolProxyService.h
+++ b/netwerk/base/src/nsProtocolProxyService.h
@@ -350,16 +350,17 @@ protected:
 
     nsCString                    mHTTPSProxyHost;
     int32_t                      mHTTPSProxyPort;
     
     nsCString                    mSOCKSProxyHost;
     int32_t                      mSOCKSProxyPort;
     int32_t                      mSOCKSProxyVersion;
     bool                         mSOCKSProxyRemoteDNS;
+    bool                         mProxyOverTLS;
 
     nsRefPtr<nsPACMan>           mPACMan;  // non-null if we are using PAC
     nsCOMPtr<nsISystemProxySettings> mSystemProxySettings;
 
     PRTime                       mSessionStart;
     nsFailedProxyTable           mFailedProxies;
     int32_t                      mFailedProxyTimeout;