Bug 807757 part PSM - Remove nsIProfileChangeStatus and related veto notifications from PSM r=bsmith
authorBenjamin Smedberg <benjamin@smedbergs.us>
Thu, 13 Dec 2012 12:20:00 -0500
changeset 125903 6b34780b29a617c0e46a2c095344a92a5b5b964b
parent 125902 c3dd1c70b31053aa55213da2497609079b25a6e4
child 125904 1b416c9255ef85eef66d2cfaeb43bf9c47a21462
push id2151
push userlsblakk@mozilla.com
push dateTue, 19 Feb 2013 18:06:57 +0000
treeherdermozilla-beta@4952e88741ec [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbsmith
bugs807757
milestone20.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 807757 part PSM - Remove nsIProfileChangeStatus and related veto notifications from PSM r=bsmith
security/manager/locales/en-US/chrome/pipnss/pipnss.properties
security/manager/ssl/src/nsNSSComponent.cpp
security/manager/ssl/src/nsNSSComponent.h
--- a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
+++ b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties
@@ -344,18 +344,16 @@ CrlImportFailureExpired=A more recent ve
 CrlImportFailureBadSignature=CRL has an invalid Signature.
 CrlImportFailureInvalid=New CRL has an invalid format.
 CrlImportFailureOld=New CRL is older than the current one.
 CrlImportFailureNotYetValid=The CRL is not yet valid. You might want to check your system clock.
 CrlImportFailureNetworkProblem=Download of the CRL failed due to Network problems.
 CrlImportFailureReasonUnknown=Error Importing CRL to local Database. Error Code: 
 CrlImportFailure2=Please ask your system administrator for assistance.
 NSSInitProblemX=Could not initialize the application's security component. The most likely cause is problems with files in your application's profile directory. Please check that this directory has no read/write restrictions and your hard disk is not full or close to full. It is recommended that you exit the application and fix the problem. If you continue to use this session, you might see incorrect application behaviour when accessing security features.
-ProfileSwitchSocketsStillActive=The operation cannot be completed because of an internal failure. A secure network communication has not been cleaned up correctly.
-ProfileSwitchCryptoUIActive=This operation is impossible at the current time. Please complete the operation that requests your attention in one of the other open windows.
 VerifyExpired=<Expired>
 VerifyRevoked=<Revoked>
 VerifyNotTrusted=<Not Trusted>
 VerifyIssuerNotTrusted=<Issuer Not Trusted>
 VerifyIssuerUnknown=<Issuer Unknown>
 VerifyInvalidCA=<Invalid CA>
 VerifyDisabledAlgorithm=<Signature Algorithm Not Secure>
 VerifyUnknown=<Unknown>
--- a/security/manager/ssl/src/nsNSSComponent.cpp
+++ b/security/manager/ssl/src/nsNSSComponent.cpp
@@ -19,17 +19,16 @@
 #include "nsIStreamListener.h"
 #include "nsIStringBundle.h"
 #include "nsIDirectoryService.h"
 #include "nsIDOMNode.h"
 #include "nsCURILoader.h"
 #include "nsDirectoryServiceDefs.h"
 #include "nsIX509Cert.h"
 #include "nsIX509CertDB.h"
-#include "nsIProfileChangeStatus.h"
 #include "nsNSSCertificate.h"
 #include "nsNSSHelper.h"
 #include "nsSmartCardMonitor.h"
 #include "prlog.h"
 #include "nsIPrefService.h"
 #include "nsIPrefBranch.h"
 #include "nsIDateTimeFormat.h"
 #include "nsDateTimeFormatCID.h"
@@ -1826,26 +1825,25 @@ nsNSSComponent::InitializeNSS(bool showW
     if (showWarningBox) {
       ShowAlertFromStringBundle("NSSInitProblemX");
     }
   }
 
   return NS_OK;
 }
 
-nsresult
+void
 nsNSSComponent::ShutdownNSS()
 {
   // Can be called both during init and profile change,
   // needs mutex protection.
   
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent::ShutdownNSS\n"));
 
   MutexAutoLock lock(mutex);
-  nsresult rv = NS_OK;
 
   if (hashTableCerts) {
     PL_HashTableEnumerateEntries(hashTableCerts, certHashtable_clearEntry, 0);
     PL_HashTableDestroy(hashTableCerts);
     hashTableCerts = nullptr;
   }
 
   if (mNSSInitialized) {
@@ -1863,24 +1861,21 @@ nsNSSComponent::ShutdownNSS()
     SSL_ClearSessionCache();
     UnloadLoadableRoots();
     CleanupIdentityInfo();
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("evaporating psm resources\n"));
     mShutdownObjectList->evaporateAllNSSResources();
     EnsureNSSInitialized(nssShutdown);
     if (SECSuccess != ::NSS_Shutdown()) {
       PR_LOG(gPIPNSSLog, PR_LOG_ALWAYS, ("NSS SHUTDOWN FAILURE\n"));
-      rv = NS_ERROR_FAILURE;
     }
     else {
       PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("NSS shutdown =====>> OK <<=====\n"));
     }
   }
-
-  return rv;
 }
  
 NS_IMETHODIMP
 nsNSSComponent::Init()
 {
   // No mutex protection.
   // Assume Init happens before any concurrency on "this" can start.
 
@@ -2128,50 +2123,41 @@ nsNSSComponent::RandomUpdate(void *entro
       return NS_ERROR_NOT_INITIALIZED;
 
   PK11_RandomUpdate(entropy, bufLen);
   return NS_OK;
 }
 
 #define PROFILE_CHANGE_NET_TEARDOWN_TOPIC "profile-change-net-teardown"
 #define PROFILE_CHANGE_NET_RESTORE_TOPIC "profile-change-net-restore"
-#define PROFILE_APPROVE_CHANGE_TOPIC "profile-approve-change"
 #define PROFILE_CHANGE_TEARDOWN_TOPIC "profile-change-teardown"
-#define PROFILE_CHANGE_TEARDOWN_VETO_TOPIC "profile-change-teardown-veto"
 #define PROFILE_BEFORE_CHANGE_TOPIC "profile-before-change"
 #define PROFILE_DO_CHANGE_TOPIC "profile-do-change"
 
 NS_IMETHODIMP
 nsNSSComponent::Observe(nsISupports *aSubject, const char *aTopic, 
                         const PRUnichar *someData)
 {
-  if (nsCRT::strcmp(aTopic, PROFILE_APPROVE_CHANGE_TOPIC) == 0) {
-    DoProfileApproveChange(aSubject);
-  }
-  else if (nsCRT::strcmp(aTopic, PROFILE_CHANGE_TEARDOWN_TOPIC) == 0) {
+  if (nsCRT::strcmp(aTopic, PROFILE_CHANGE_TEARDOWN_TOPIC) == 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("in PSM code, receiving change-teardown\n"));
     DoProfileChangeTeardown(aSubject);
   }
-  else if (nsCRT::strcmp(aTopic, PROFILE_CHANGE_TEARDOWN_VETO_TOPIC) == 0) {
-    mShutdownObjectList->allowUI();
-  }
   else if (nsCRT::strcmp(aTopic, PROFILE_BEFORE_CHANGE_TOPIC) == 0) {
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("receiving profile change topic\n"));
     DoProfileBeforeChange(aSubject);
   }
   else if (nsCRT::strcmp(aTopic, PROFILE_DO_CHANGE_TOPIC) == 0) {
     if (someData && NS_LITERAL_STRING("startup").Equals(someData)) {
       // The application is initializing against a known profile directory for
       // the first time during process execution.
       // However, earlier code execution might have already triggered NSS init.
       // We must ensure that NSS gets shut down prior to any attempt to init
       // it again. We use the same cleanup functionality used when switching
       // profiles. The order of function calls must correspond to the order
       // of notifications sent by Profile Manager (nsProfile).
-      DoProfileApproveChange(aSubject);
       DoProfileChangeNetTeardown();
       DoProfileChangeTeardown(aSubject);
       DoProfileBeforeChange(aSubject);
       DoProfileChangeNetRestore();
     }
   
     bool needsInit = true;
 
@@ -2183,20 +2169,16 @@ nsNSSComponent::Observe(nsISupports *aSu
         // no need to do it again
         needsInit = false;
       }
     }
     
     if (needsInit) {
       if (NS_FAILED(InitializeNSS(false))) { // do not show a warning box on failure
         PR_LOG(gPIPNSSLog, PR_LOG_ERROR, ("Unable to Initialize NSS after profile switch.\n"));
-        nsCOMPtr<nsIProfileChangeStatus> status = do_QueryInterface(aSubject);
-        if (status) {
-          status->ChangeFailed();
-        }
       }
     }
 
     InitializeCRLUpdateTimer();
   }
   else if (nsCRT::strcmp(aTopic, NS_XPCOM_SHUTDOWN_OBSERVER_ID) == 0) {
 
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent: XPCom shutdown observed\n"));
@@ -2372,19 +2354,17 @@ nsNSSComponent::RegisterObservers()
     // Once we are loaded, don't allow being removed from memory.
     // This makes sense, as initializing NSS is expensive.
 
     // By using false for parameter ownsWeak in AddObserver,
     // we make sure that we won't get unloaded until the application shuts down.
 
     observerService->AddObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID, false);
 
-    observerService->AddObserver(this, PROFILE_APPROVE_CHANGE_TOPIC, false);
     observerService->AddObserver(this, PROFILE_CHANGE_TEARDOWN_TOPIC, false);
-    observerService->AddObserver(this, PROFILE_CHANGE_TEARDOWN_VETO_TOPIC, false);
     observerService->AddObserver(this, PROFILE_BEFORE_CHANGE_TOPIC, false);
     observerService->AddObserver(this, PROFILE_DO_CHANGE_TOPIC, false);
     observerService->AddObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC, false);
     observerService->AddObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC, false);
   }
   return NS_OK;
 }
 
@@ -2397,19 +2377,17 @@ nsNSSComponent::DeregisterObservers()
   nsCOMPtr<nsIObserverService> observerService(do_GetService("@mozilla.org/observer-service;1"));
   NS_ASSERTION(observerService, "could not get observer service");
   if (observerService) {
     mObserversRegistered = false;
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("nsNSSComponent: removing observers\n"));
 
     observerService->RemoveObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID);
 
-    observerService->RemoveObserver(this, PROFILE_APPROVE_CHANGE_TOPIC);
     observerService->RemoveObserver(this, PROFILE_CHANGE_TEARDOWN_TOPIC);
-    observerService->RemoveObserver(this, PROFILE_CHANGE_TEARDOWN_VETO_TOPIC);
     observerService->RemoveObserver(this, PROFILE_BEFORE_CHANGE_TOPIC);
     observerService->RemoveObserver(this, PROFILE_DO_CHANGE_TOPIC);
     observerService->RemoveObserver(this, PROFILE_CHANGE_NET_TEARDOWN_TOPIC);
     observerService->RemoveObserver(this, PROFILE_CHANGE_NET_RESTORE_TOPIC);
   }
   return NS_OK;
 }
 
@@ -2439,61 +2417,28 @@ nsNSSComponent::RememberCert(CERTCertifi
   
   if (!PL_HashTableAdd(hashTableCerts, (void*)&myDupCert->certKey, myDupCert)) {
     CERT_DestroyCertificate(myDupCert);
   }
   
   return NS_OK;
 }
 
-static const char PROFILE_SWITCH_CRYPTO_UI_ACTIVE[] =
-                        "ProfileSwitchCryptoUIActive";
-static const char PROFILE_SWITCH_SOCKETS_STILL_ACTIVE[] =
-                        "ProfileSwitchSocketsStillActive";
-
-void
-nsNSSComponent::DoProfileApproveChange(nsISupports* aSubject)
-{
-  if (mShutdownObjectList->isUIActive()) {
-    ShowAlertFromStringBundle(PROFILE_SWITCH_CRYPTO_UI_ACTIVE);
-    nsCOMPtr<nsIProfileChangeStatus> status = do_QueryInterface(aSubject);
-    if (status) {
-      status->VetoChange();
-    }
-  }
-}
-
 void
 nsNSSComponent::DoProfileChangeNetTeardown()
 {
   if (mCertVerificationThread)
     mCertVerificationThread->requestExit();
   mIsNetworkDown = true;
 }
 
 void
 nsNSSComponent::DoProfileChangeTeardown(nsISupports* aSubject)
 {
-  bool callVeto = false;
-
-  if (!mShutdownObjectList->ifPossibleDisallowUI()) {
-    callVeto = true;
-    ShowAlertFromStringBundle(PROFILE_SWITCH_CRYPTO_UI_ACTIVE);
-  }
-  else if (mShutdownObjectList->areSSLSocketsActive()) {
-    callVeto = true;
-    ShowAlertFromStringBundle(PROFILE_SWITCH_SOCKETS_STILL_ACTIVE);
-  }
-
-  if (callVeto) {
-    nsCOMPtr<nsIProfileChangeStatus> status = do_QueryInterface(aSubject);
-    if (status) {
-      status->VetoChange();
-    }
-  }
+  mShutdownObjectList->ifPossibleDisallowUI();
 }
 
 void
 nsNSSComponent::DoProfileBeforeChange(nsISupports* aSubject)
 {
   NS_ASSERTION(mIsNetworkDown, "nsNSSComponent relies on profile manager to wait for synchronous shutdown of all network activity");
 
   bool needsCleanup = true;
@@ -2507,22 +2452,17 @@ nsNSSComponent::DoProfileBeforeChange(ns
       // multiple times.
       needsCleanup = false;
     }
   }
     
   StopCRLUpdateTimer();
 
   if (needsCleanup) {
-    if (NS_FAILED(ShutdownNSS())) {
-      nsCOMPtr<nsIProfileChangeStatus> status = do_QueryInterface(aSubject);
-      if (status) {
-        status->ChangeFailed();
-      }
-    }
+    ShutdownNSS();
   }
   mShutdownObjectList->allowUI();
 }
 
 void
 nsNSSComponent::DoProfileChangeNetRestore()
 {
   /* XXX this doesn't work well, since nothing expects null pointers */
--- a/security/manager/ssl/src/nsNSSComponent.h
+++ b/security/manager/ssl/src/nsNSSComponent.h
@@ -262,17 +262,17 @@ public:
 
   NS_IMETHOD GetDefaultCERTValInParam(
                   mozilla::RefPtr<nsCERTValInParamWrapper> &out);
   NS_IMETHOD GetDefaultCERTValInParamLocalOnly(
                   mozilla::RefPtr<nsCERTValInParamWrapper> &out);
 private:
 
   nsresult InitializeNSS(bool showWarningBox);
-  nsresult ShutdownNSS();
+  void ShutdownNSS();
 
 #ifdef XP_MACOSX
   void TryCFM2MachOMigration(nsIFile *cfmPath, nsIFile *machoPath);
 #endif
   
   void InstallLoadableRoots();
   void UnloadLoadableRoots();
   void LaunchSmartCardThreads();
@@ -286,17 +286,16 @@ private:
   nsresult DeregisterObservers();
   nsresult DownloadCrlSilently();
   nsresult PostCRLImportEvent(const nsCSubstring &urlString, nsIStreamListener *psmDownloader);
   nsresult getParamsForNextCrlToDownload(nsAutoString *url, PRTime *time, nsAutoString *key);
   nsresult DispatchEventToWindow(nsIDOMWindow *domWin, const nsAString &eventType, const nsAString &token);
 
   // Methods that we use to handle the profile change notifications (and to
   // synthesize a full profile change when we're just doing a profile startup):
-  void DoProfileApproveChange(nsISupports* aSubject);
   void DoProfileChangeNetTeardown();
   void DoProfileChangeTeardown(nsISupports* aSubject);
   void DoProfileBeforeChange(nsISupports* aSubject);
   void DoProfileChangeNetRestore();
   
   Mutex mutex;
   
   nsCOMPtr<nsIScriptSecurityManager> mScriptSecurityManager;