Backed out changeset 1b424433d213 (bug 1316261) for frequent leaks on Linux x64 asan. r=backout on a CLOSED TREE
authorSebastian Hengst <archaeopteryx@coole-files.de>
Thu, 17 Nov 2016 22:53:12 +0100
changeset 356642 4ae2ca71ea3f13b5fb419abca01de6750fbc7bb8
parent 356641 71bc47320df4f7bebe98849a7e625a60f7c584a2
child 356643 9c19af220675497140cd32e6ad421f12e27e8d58
push id6586
push userarchaeopteryx@coole-files.de
push dateThu, 17 Nov 2016 21:54:08 +0000
treeherdermozilla-beta@4ae2ca71ea3f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbackout
bugs1316261
milestone51.0
backs out1b424433d2134cf61688d0702fa3a4684b46353b
Backed out changeset 1b424433d213 (bug 1316261) for frequent leaks on Linux x64 asan. r=backout on a CLOSED TREE
config/external/nss/nss.symbols
media/mtransport/transportlayerdtls.cpp
--- a/config/external/nss/nss.symbols
+++ b/config/external/nss/nss.symbols
@@ -682,17 +682,16 @@ SSL_PeerStapledOCSPResponses
 SSL_ResetHandshake
 SSL_SetCanFalseStartCallback
 SSL_SetDowngradeCheckVersion
 SSL_SetNextProtoNego
 SSL_SetPKCS11PinArg
 SSL_SetSockPeerID
 SSL_SetSRTPCiphers
 SSL_SetStapledOCSPResponses
-SSL_SetTrustAnchors
 SSL_SetURL
 SSL_ShutdownServerSessionIDCache
 SSL_SNISocketConfigHook
 SSL_VersionRangeGet
 SSL_VersionRangeGetDefault
 SSL_VersionRangeGetSupported
 SSL_VersionRangeSet
 SSL_VersionRangeSetDefault
--- a/media/mtransport/transportlayerdtls.cpp
+++ b/media/mtransport/transportlayerdtls.cpp
@@ -509,23 +509,16 @@ bool TransportLayerDtls::Setup() {
     rv = SSL_ConfigSecureServer(ssl_fd, identity_->cert(),
                                 identity_->privkey(),
                                 identity_->auth_type());
     if (rv != SECSuccess) {
       MOZ_MTLOG(ML_ERROR, "Couldn't set identity");
       return false;
     }
 
-    UniqueCERTCertList zero_certs(CERT_NewCertList());
-    rv = SSL_SetTrustAnchors(ssl_fd.get(), zero_certs.get());
-    if (rv != SECSuccess) {
-      MOZ_MTLOG(ML_ERROR, "Couldn't set trust anchors");
-      return false;
-    }
-
     // Insist on a certificate from the client
     rv = SSL_OptionSet(ssl_fd, SSL_REQUEST_CERTIFICATE, PR_TRUE);
     if (rv != SECSuccess) {
       MOZ_MTLOG(ML_ERROR, "Couldn't request certificate");
       return false;
     }
 
     rv = SSL_OptionSet(ssl_fd, SSL_REQUIRE_CERTIFICATE, PR_TRUE);